diff --git a/src/conf/https/topo b/src/conf/https/topo new file mode 100644 index 0000000..1e5f37d --- /dev/null +++ b/src/conf/https/topo @@ -0,0 +1,5 @@ +leftSubnet:10.0. +rightSubnet:10.1. +path_0:100,20,4 +path_1:1,20,4 +topoType:MultiIf diff --git a/src/conf/https/xp b/src/conf/https/xp new file mode 100644 index 0000000..c09aff7 --- /dev/null +++ b/src/conf/https/xp @@ -0,0 +1,5 @@ +xpType:https +clientPcap:yes +kpms:fullmesh +kpmc:fullmesh +rmem:300000 300000 300000 diff --git a/src/https.py b/src/https.py new file mode 100644 index 0000000..ba0fc02 --- /dev/null +++ b/src/https.py @@ -0,0 +1,54 @@ +''' +From : +http://code.activestate.com/recipes/442473-simple-http-server-supporting-ssl-secure-communica/ + +SimpleSecureHTTPServer.py - simple HTTP server supporting SSL. + +- replace fpem with the location of your .pem server file. +- the default port is 443. + +usage: python SimpleSecureHTTPServer.py +''' + +import socket, os +from SocketServer import BaseServer +from BaseHTTPServer import HTTPServer +from SimpleHTTPServer import SimpleHTTPRequestHandler +from OpenSSL import SSL + + +class SecureHTTPServer(HTTPServer): + def __init__(self, server_address, HandlerClass): + BaseServer.__init__(self, server_address, HandlerClass) + ctx = SSL.Context(SSL.SSLv23_METHOD) + #server.pem's location (containing the server private key and + #the server certificate). + fpem = os.path.dirname(os.path.abspath(__file__)) + "/server.pem" + ctx.use_privatekey_file (fpem) + ctx.use_certificate_file(fpem) + self.socket = SSL.Connection(ctx, socket.socket(self.address_family, + self.socket_type)) + self.server_bind() + self.server_activate() + + def shutdown_request(self,request): + request.shutdown() + +class SecureHTTPRequestHandler(SimpleHTTPRequestHandler): + def setup(self): + self.connection = self.request + self.rfile = socket._fileobject(self.request, "rb", self.rbufsize) + self.wfile = socket._fileobject(self.request, "wb", self.wbufsize) + + +def test(HandlerClass = SecureHTTPRequestHandler, + ServerClass = SecureHTTPServer): + server_address = ('', 443) # (address, port) + httpd = ServerClass(server_address, HandlerClass) + sa = httpd.socket.getsockname() + print("Serving HTTPS on", sa[0], "port", sa[1], "...") + httpd.serve_forever() + + +if __name__ == '__main__': + test() diff --git a/src/mpExperience.py b/src/mpExperience.py index a76bfd5..c688087 100644 --- a/src/mpExperience.py +++ b/src/mpExperience.py @@ -5,6 +5,7 @@ class MpExperience: NCPV = "ncpv" NC = "nc" NONE = "none" + HTTPS = "https" def __init__(self, xpParam, mpTopo, mpConfig): self.xpParam = xpParam diff --git a/src/mpExperienceHTTPS.py b/src/mpExperienceHTTPS.py new file mode 100644 index 0000000..7b578a5 --- /dev/null +++ b/src/mpExperienceHTTPS.py @@ -0,0 +1,78 @@ +from mpExperience import MpExperience +from mpParamXp import MpParamXp +from mpPvAt import MpPvAt +import os + +class MpExperienceHTTPS(MpExperience): + SERVER_LOG = "https_server.log" + CLIENT_LOG = "https_client.log" + WGET_BIN = "wget" + PING_OUTPUT = "ping.log" + + def __init__(self, xpParamFile, mpTopo, mpConfig): + MpExperience.__init__(self, xpParamFile, mpTopo, mpConfig) + self.loadParam() + self.ping() + MpExperience.classicRun(self) + + def ping(self): + self.mpTopo.commandTo(self.mpConfig.client, "rm " + \ + MpExperienceHTTPS.PING_OUTPUT ) + count = self.xpParam.getParam(MpParamXp.PINGCOUNT) + for i in range(0, self.mpConfig.getClientInterfaceCount()): + cmd = self.pingCommand(self.mpConfig.getClientIP(i), + self.mpConfig.getServerIP(), n = count) + self.mpTopo.commandTo(self.mpConfig.client, cmd) + + def pingCommand(self, fromIP, toIP, n=5): + s = "ping -c " + str(n) + " -I " + fromIP + " " + toIP + \ + " >> " + MpExperienceHTTPS.PING_OUTPUT + print(s) + return s + + def loadParam(self): + """ + todo : param LD_PRELOAD ?? + """ + self.file = self.xpParam.getParam(MpParamXp.HTTPSFILE) + self.random_size = self.xpParam.getParam(MpParamXp.HTTPSRANDOMSIZE) + + def prepare(self): + MpExperience.prepare(self) + self.mpTopo.commandTo(self.mpConfig.client, "rm " + \ + MpExperienceHTTPS.CLIENT_LOG ) + self.mpTopo.commandTo(self.mpConfig.server, "rm " + \ + MpExperienceHTTPS.SERVER_LOG ) + if self.file == "random": + self.mpTopo.commandTo(self.mpConfig.client, + "dd if=/dev/urandom of=random bs=1K count=" + \ + self.random_size) + + def getHTTPSServerCmd(self): + s = "python " + os.path.dirname(os.path.abspath(__file__)) + \ + "/https.py &>" + MpExperienceHTTPS.SERVER_LOG + "&" + print(s) + return s + + def getHTTPSClientCmd(self): + s = MpExperienceHTTPS.WGET_BIN + " https://" + self.mpConfig.getServerIP() + \ + "/" + self.file + " --no-check-certificate &>" + MpExperienceHTTPS.CLIENT_LOG + print(s) + return s + + def clean(self): + MpExperience.clean(self) + if self.file == "random": + self.mpTopo.commandTo(self.mpConfig.client, "rm random*") + #todo use cst + #self.mpTopo.commandTo(self.mpConfig.server, "killall netcat") + + + def run(self): + cmd = self.getHTTPSServerCmd() + self.mpTopo.commandTo(self.mpConfig.server, cmd) + + self.mpTopo.commandTo(self.mpConfig.client, "sleep 2") + cmd = self.getHTTPSClientCmd() + self.mpTopo.commandTo(self.mpConfig.client, cmd) + self.mpTopo.commandTo(self.mpConfig.client, "sleep 2") diff --git a/src/mpParamXp.py b/src/mpParamXp.py index ea57544..ffd9d74 100644 --- a/src/mpParamXp.py +++ b/src/mpParamXp.py @@ -26,6 +26,9 @@ class MpParamXp(MpParam): NCCLIENTPORT = "ncClientPort" CHANGEPV = "changePv" CHANGEPVAT = "changePvAt" + HTTPSFILE = "file" # file to wget, if random : we create a file with random data called random. + HTTPSRANDOMSIZE = "file_size" # if file is set to random, define the size of the random file + # global sysctl sysctlKey = {} @@ -65,6 +68,8 @@ class MpParamXp(MpParam): defaultValue[NCSERVERPORT] = "33666" defaultValue[NCCLIENTPORT] = "33555" defaultValue[CHANGEPV] = "no" + defaultValue[HTTPSFILE] = "random" + defaultValue[HTTPSRANDOMSIZE] = "1024" def __init__(self, paramFile): MpParam.__init__(self, paramFile) diff --git a/src/mpXpRunner.py b/src/mpXpRunner.py index c53f615..2f3f820 100644 --- a/src/mpXpRunner.py +++ b/src/mpXpRunner.py @@ -8,6 +8,7 @@ from mpMininetBuilder import MpMininetBuilder from mpExperiencePing import MpExperiencePing from mpExperienceNCPV import MpExperienceNCPV from mpExperienceNC import MpExperienceNC +from mpExperienceHTTPS import MpExperienceHTTPS from mpExperienceNone import MpExperienceNone from mpExperience import MpExperience from mpECMPSingleInterfaceTopo import MpECMPSingleInterfaceTopo @@ -75,6 +76,9 @@ class MpXpRunner: elif xp == MpExperience.NONE: MpExperienceNone(self.xpParam, self.mpTopo, self.mpTopoConfig) + elif xp == MpExperience.HTTPS: + MpExperienceHTTPS(self.xpParam, self.mpTopo, + self.mpTopoConfig) else: print("Unfound xp type..." + xp) diff --git a/src/server.pem b/src/server.pem new file mode 100644 index 0000000..f17431c --- /dev/null +++ b/src/server.pem @@ -0,0 +1,48 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDJ6Y4ZII7l77iN +HaUbJjYN/Fw5d7LuSXsgaStpSb1Y5T7EP93RdHjQi9LtwBJ4pkRH5KmQsm5IBkLv +gOksbVmss6qXPxuwrMjTa+TZVQZnDKcHqNhEivBCmN13jUGzPfmVPXXtLjPUfP0y +7xeIF8k53QZJxhmr4hBL3kKSVcG+Gq6229cEqRGQJmyquNNSrDN1diZlXIHqRyg1 +8QBKnOD5ETN1zLW5W2d6mL6M71Vm9z2pziVfihWhmxuH4yO83LIswMq8pLZEraSh +Fu85BoOix9w+TOK1S0M+U24OsRyAmbINIWbxhx11KwLXCTf/LLfEU1nXTdz8HYjC +QzPu9qtJAgMBAAECggEADECxD9NK+KcgcufOoiQieZzL1+zsncs1vpTDPqNr6x4W +PgCGLHS99CHYDfdu54VndVlp9M7vJE3E+BXBkKGeJH3Op1j8DC+gDDxq6clgFxbM +eAmF/jrUM6ZlIiEfUIo9QBI3usnn+UgQcWvS6L5QxsMj44wy+JxCUuhM7+ZmWGvY +ctYkhIoe+5mbAn3onIA/4YzFUi8FNL2UhYiBrnO6l6avdgRS7hSZtsR2FQxQifKH +MEy4LsXnVnH6RRcx86iCXtAXqKaq/7PJj9geCmZ7w6oaa2VWUizUl89Pj2ZQvnLH +Z14TTgYkgTXn7ungAKgDeZVbhR6P06gXoDNbXc1fkQKBgQDx5q+yYedJA4GOIe5Y +XmdEFe/n2YsoIW/tJPBuFJKcB1FGf/dwgHoHbJwbM/WA2sSY7nFlb74Yqwuorcen +4Jn1BaGexhj9DMJOMRV9xU3ddouWx3ywpWT0R7cKtc+nPSgYH7wlOEJ+sBwLw1El +VJfI4IjJxXi2E+0aSPyPFjjhvQKBgQDVrjYZAVcGK2hB+tws6UVcbdZDw1jjncp3 +9Aiq/wqnFZYDcdLkYiv+US2RrWdqMPslzhmUpfVvdIMsGtVyR1fJO9G0QEr9XNEv +td4s/kbEi8TsePQA6itDh1I1ujdiCDCIWEiRmcMjSP2j7CTMqWwMuBhAOFIZDahm +NytACGRafQKBgFnpG27bEuNBiVrx46w20n0tBjGP2zg8TWTAcRkJToDt+1iP4cGQ +D0tJJDC8PEj7h00seztvsCFtGfVFOkt8oNzAjhT8nncX0fTMK6fGuS1SjYmqdf8W +SpK9QRya/Sa1BX0J9p2C7rw16wa4PyX37j68rjsIydgrSdqWPEFWyielAoGAdWfg +L4MN9sTY5w/X9BFD3BI5nUfzSjVDrv712EaD6uQwZbofvv6132lpGVbmsHEzPUVt +xsAdB91DyXMA/mZ2tInaoiiFS4q5IXbTGXOpHIsTaz7WCr6fgN4UbJLhpUqMqA2h +6eZLUtLjEjNI0O7yAFcSdA6+BSf89BSx/d/ei90CgYAFkslWND9L6/hW6YnOZwnO +zE155TbA+iN5Sq5FuqfZIRRXU5piN0nLiLfsDmCMitOM2IMDxYKYr6W/E8SEG6Fj +8WIQ7stv8ivmvvMBn9VhSeFY2/1n1bX7X/XzImtkfzmQmmEsYrCwsLUm5SW4rFLZ +6FIaEOzK+Anx3WhH2tLGqA== +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIDTzCCAjegAwIBAgIJAKy2DVlL66fKMA0GCSqGSIb3DQEBCwUAMD4xCzAJBgNV +BAYTAkJFMQwwCgYDVQQIDANMTE4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg +UHR5IEx0ZDAeFw0xNTA4MTMxOTM4MDVaFw0xNjA4MTIxOTM4MDVaMD4xCzAJBgNV +BAYTAkJFMQwwCgYDVQQIDANMTE4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg +UHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnpjhkgjuXv +uI0dpRsmNg38XDl3su5JeyBpK2lJvVjlPsQ/3dF0eNCL0u3AEnimREfkqZCybkgG +Qu+A6SxtWayzqpc/G7CsyNNr5NlVBmcMpweo2ESK8EKY3XeNQbM9+ZU9de0uM9R8 +/TLvF4gXyTndBknGGaviEEveQpJVwb4arrbb1wSpEZAmbKq401KsM3V2JmVcgepH +KDXxAEqc4PkRM3XMtblbZ3qYvozvVWb3PanOJV+KFaGbG4fjI7zcsizAyryktkSt +pKEW7zkGg6LH3D5M4rVLQz5Tbg6xHICZsg0hZvGHHXUrAtcJN/8st8RTWddN3Pwd +iMJDM+72q0kCAwEAAaNQME4wHQYDVR0OBBYEFJl1YmlCXxlJIur6n4XUx+vJ+LxY +MB8GA1UdIwQYMBaAFJl1YmlCXxlJIur6n4XUx+vJ+LxYMAwGA1UdEwQFMAMBAf8w +DQYJKoZIhvcNAQELBQADggEBAFqNf6XzHI5tEdZPZC9CB+WjxtSroH4z31XOSKQG +aHqZKozx51mD911nqsOD286yCslpoA7ZI9YDC/juanVUDA/vmv8WgpjlLqfD4fK/ +V1lvXLb1x4mhyXXV8++1+EcktgGk4G8Z/5Bs8zR5UF2mIXBK/FwcDJt/esWunEse +7KrvtHb9ESZ4mEDfQ6bcYdVg/l+3h7B/4kpP+fC/c7LA632/Z6U+/jYHhj2C2Uhv +6KicgQ6ANB5CkvvJj3wD0eabqlhTL4oXrrpITXHB5MgBMAQWEvh2Dr6FKYe9Te/H +4183fX7arMCQGmzexoreS9mntq55wLPMHoQzHIxh+A/PXmk= +-----END CERTIFICATE-----