diff options
Diffstat (limited to 'vnfs/VES5.0/evel/evel-test-collector')
3 files changed, 62 insertions, 1 deletions
diff --git a/vnfs/VES5.0/evel/evel-test-collector/code/collector/collector.py b/vnfs/VES5.0/evel/evel-test-collector/code/collector/collector.py index b9473ae5..58bebc74 100644 --- a/vnfs/VES5.0/evel/evel-test-collector/code/collector/collector.py +++ b/vnfs/VES5.0/evel/evel-test-collector/code/collector/collector.py @@ -38,6 +38,7 @@ import string import json import jsonschema from functools import partial +import ssl _hello_resp = '''\ <html> @@ -407,7 +408,8 @@ USAGE defaults = {'log_file': 'collector.log', 'vel_port': '12233', 'vel_path': '', - 'vel_topic_name': '' + 'vel_topic_name': '', + 'transport_prot': 'http' } overrides = {} config = ConfigParser.SafeConfigParser(defaults) @@ -419,9 +421,16 @@ USAGE log_file = config.get(config_section, 'log_file', vars=overrides) vel_port = config.get(config_section, 'vel_port', vars=overrides) vel_path = config.get(config_section, 'vel_path', vars=overrides) + transport_prot = config.get(config_section, 'protocol', vars=overrides) vel_topic_name = config.get(config_section, 'vel_topic_name', vars=overrides) + + if (transport_prot.lower() != 'http' and transport_prot.lower() != 'https' ): + logger.error('Invalid Transport must be http or https ({0}) ' + 'specified'.format(transport_prot)) + raise RuntimeError('Invalid Transport protcol specified ({0}) ' + 'specified'.format(transport_prot)) global vel_username global vel_password vel_username = config.get(config_section, @@ -457,6 +466,28 @@ USAGE handler = logging.handlers.RotatingFileHandler(log_file, maxBytes=1000000, backupCount=10) + + if (transport_prot.lower() == 'https' ): + transport_prot = transport_prot.lower() + ca_file = config.get(config_section, 'ca_file', vars=overrides) + cert_file = config.get(config_section, 'cert_file', vars=overrides) + key_file = config.get(config_section, 'key_file', vars=overrides) + if not os.path.exists(ca_file): + logger.error('Event Listener SSL CA File ({0}) not found. ' + 'No validation will be undertaken.'.format(ca_file)) + raise RuntimeError('Invalid CA file ({0}) ' + 'specified'.format(ca_file)) + if not os.path.exists(cert_file): + logger.error('Event Listener SSL Certificate File ({0}) not found. ' + 'No validation will be undertaken.'.format(cert_file)) + raise RuntimeError('Invalid Certificate file ({0}) ' + 'specified'.format(cert_file)) + if not os.path.exists(key_file): + logger.error('Event Listener SSL Key File ({0}) not found. ' + 'No validation will be undertaken.'.format(key_file)) + raise RuntimeError('Invalid Key file ({0}) ' + 'specified'.format(key_file)) + if (platform.system() == 'Windows'): date_format = '%Y-%m-%d %H:%M:%S' else: @@ -472,6 +503,7 @@ USAGE # Log the details of the configuration. #---------------------------------------------------------------------- logger.debug('Log file = {0}'.format(log_file)) + logger.debug('Event Listener Transport = {0}'.format(transport_prot)) logger.debug('Event Listener Port = {0}'.format(vel_port)) logger.debug('Event Listener Path = {0}'.format(vel_path)) logger.debug('Event Listener Topic = {0}'.format(vel_topic_name)) @@ -587,6 +619,10 @@ USAGE dispatcher.register('GET', test_control_url, test_control_listener) httpd = make_server('', int(vel_port), dispatcher) + if (transport_prot == 'https' ): + #httpd.socket = ssl.wrap_socket(httpd.socket, server_side=True, ca_certs = "../../../sslcerts/test.ca.pem", certfile="../../../sslcerts/www.testsite.com.crt", keyfile="../../../sslcerts/www.testsite.com.key", cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_TLSv1_2) + logger.debug('Invoking HTTP Secure mode : ca file {0} cert file {1} key file {2} '.format(ca_file,cert_file,key_file)) + httpd.socket = ssl.wrap_socket(httpd.socket, server_side=True, ca_certs=ca_file, certfile=cert_file, keyfile=key_file, cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_TLSv1_2) print('Serving on port {0}...'.format(vel_port)) httpd.serve_forever() diff --git a/vnfs/VES5.0/evel/evel-test-collector/config/collector.conf b/vnfs/VES5.0/evel/evel-test-collector/config/collector.conf index 3e23c594..66544288 100644 --- a/vnfs/VES5.0/evel/evel-test-collector/config/collector.conf +++ b/vnfs/VES5.0/evel/evel-test-collector/config/collector.conf @@ -60,6 +60,11 @@ vel_path = vendor_event_listener/ vel_username = vel_password = vel_topic_name = example_vnf +protocol = HTTP +#protocol = HTTPS +#ca_file = ../../../sslcerts/test.ca.pem +#cert_file = ../../../sslcerts/www.testsite.com.crt +#key_file = ../../../sslcerts/www.testsite.com.key #------------------------------------------------------------------------------ # Settings to be used when running in a windows test environment rather than @@ -96,4 +101,9 @@ vel_path = vel_username = will vel_password = pill vel_topic_name = +protocol = HTTP +#protocol = HTTPS +#ca_file = ../../../sslcerts/test.ca.pem +#cert_file = ../../../sslcerts/www.testsite.com.crt +#key_file = ../../../sslcerts/www.testsite.com.key diff --git a/vnfs/VES5.0/evel/evel-test-collector/docs/ssl_certsample b/vnfs/VES5.0/evel/evel-test-collector/docs/ssl_certsample new file mode 100644 index 00000000..f8281779 --- /dev/null +++ b/vnfs/VES5.0/evel/evel-test-collector/docs/ssl_certsample @@ -0,0 +1,15 @@ +# Generate CA key and certificate +openssl genrsa -des3 -out test.ca.key 8192 +openssl req -new -key test.ca.key -x509 -days 30 -out test.ca.crt + +# Generate server key and certificate +openssl genrsa -out www.testsite.com.key 1024 +openssl req -new -key www.testsite.com.key -out www.testsite.com.csr +openssl x509 -req -days 30 -in www.testsite.com.csr -CA test.ca.crt -CAkey test.ca.key -CAcreateserial -out www.testsite.com.crt + +# Generate client key and certificate +openssl genrsa -out testclient.key 1024 +openssl req -new -key testclient.key -out testclient.csr +openssl x509 -req -days 30 -in testclient.csr -CA test.ca.crt -CAkey test.ca.key -CAcreateserial -out testclient.crt + +openssl pkcs12 -export -clcerts -in testclient.crt -inkey testclient.key -out testclient.p12 |