#!/usr/bin/python3
# SPDX-License-Identifier: LGPL-2.1-or-later
-import json, os, socket
+import argparse, json, os, socket, ssl
from http.server import BaseHTTPRequestHandler, HTTPServer
def sd_notify(state: str) -> bool:
length = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(length)
+ # Check optional attribute
+ if auth := self.headers.get("Authorization"):
+ print(f"Authorization: {auth}")
+
# Validate JSON structure
try:
data = json.loads(body)
def log_message(self, fmt, *args):
print(f"{self.address_string()} - {fmt % args}")
-PORT = 8089
+parser = argparse.ArgumentParser()
+parser.add_argument("--port", type=int, default=8089)
+parser.add_argument("--cert", help="TLS certificate file")
+parser.add_argument("--key", help="TLS private key file")
+args = parser.parse_args()
-server = HTTPServer(("", PORT), Handler)
-print(f"Serving on http://localhost:{PORT}/")
+server = HTTPServer(("", args.port), Handler)
+if args.cert and args.key:
+ ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+ ctx.load_cert_chain(args.cert, args.key)
+ server.socket = ctx.wrap_socket(server.socket, server_side=True)
+ print(f"Serving on https://localhost:{args.port}/")
+else:
+ print(f"Serving on http://localhost:{args.port}/")
try:
sd_notify("READY=1")
server.serve_forever()
varlinkctl --more call /run/systemd/report/io.systemd.Basic io.systemd.Facts.Describe {}
# Test HTTP upload (plain http)
+FAKE_SERVER=/usr/lib/systemd/tests/integration-tests/TEST-74-AUX-UTILS/TEST-74-AUX-UTILS.units/fake-report-server.py
+CERTDIR=$(mktemp -d)
+
at_exit() {
set +e
- systemctl stop fake-report-server
+ systemctl stop fake-report-server fake-report-server-tls
+ rm -rf "$CERTDIR"
}
trap at_exit EXIT
-systemd-run -p Type=notify --unit=fake-report-server \
- /usr/lib/systemd/tests/integration-tests/TEST-74-AUX-UTILS/TEST-74-AUX-UTILS.units/fake-report-server.py
+systemd-run -p Type=notify --unit=fake-report-server "$FAKE_SERVER"
systemctl status fake-report-server
"$REPORT" metrics --url=http://localhost:8089/
"$REPORT" facts --url=http://localhost:8089/
+
+# Test HTTPS upload with generated TLS certificates
+openssl req -x509 -newkey rsa:2048 -keyout "$CERTDIR/server.key" -out "$CERTDIR/server.crt" \
+ -days 1 -nodes -subj "/CN=localhost" 2>/dev/null
+
+systemd-run -p Type=notify --unit=fake-report-server-tls \
+ "$FAKE_SERVER" --cert="$CERTDIR/server.crt" --key="$CERTDIR/server.key" --port=8090
+systemctl status fake-report-server-tls
+
+"$REPORT" metrics --url=https://localhost:8090/ --key=- --trust="$CERTDIR/server.crt"
+"$REPORT" facts --url=https://localhost:8090/ --key=- --trust="$CERTDIR/server.crt" \
+ --extra-header='Authorization: Bearer magic string'
projects / thirdparty / systemd.git / commitdiff
