From 80e24b01cd1439e3782d7279d47dc54b5675843d Mon Sep 17 00:00:00 2001
From: Ian Gulliver <flamingcow@gmail.com>
Date: Sun, 3 Apr 2016 12:50:30 -0700
Subject: [PATCH] Client/server pair, not working

---
 certclient.py | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++
 certserver.py | 11 +++++++++--
 2 files changed, 62 insertions(+), 2 deletions(-)
 create mode 100755 certclient.py

diff --git a/certclient.py b/certclient.py
new file mode 100755
index 0000000..b4e391c
--- /dev/null
+++ b/certclient.py
@@ -0,0 +1,53 @@
+#!/usr/bin/python3
+
+import argparse
+import requests
+
+
+parser = argparse.ArgumentParser(description='certclient')
+parser.add_argument(
+    '--ca-cert',
+    dest='ca_cert',
+    action='store',
+    required=True)
+parser.add_argument(
+    '--client-cert',
+    dest='client_cert',
+    action='store',
+    required=True)
+parser.add_argument(
+    '--client-key',
+    dest='client_key',
+    action='store',
+    required=True)
+parser.add_argument(
+    '--server',
+    dest='server',
+    action='store',
+    required=True)
+FLAGS = parser.parse_args()
+
+
+class CertClient(object):
+
+  def __init__(self, server, ca_cert, client_cert, client_key):
+    self._session = requests.Session()
+    self._session.verify = ca_cert
+    self._session.cert = (client_cert, client_key)
+    self._server = server
+
+  def Request(self):
+    self._session.get(self._server)
+
+
+def main():
+  client = CertClient(
+      FLAGS.server,
+      FLAGS.ca_cert,
+      FLAGS.client_cert,
+      FLAGS.client_key)
+  client.Request()
+
+
+if __name__ == '__main__':
+  main()
diff --git a/certserver.py b/certserver.py
index 5a27b71..42a3c85 100755
--- a/certserver.py
+++ b/certserver.py
@@ -7,6 +7,11 @@ import ssl
 
 
 parser = argparse.ArgumentParser(description='certserver')
+parser.add_argument(
+    '--ca-cert',
+    dest='ca_cert',
+    action='store',
+    required=True)
 parser.add_argument(
     '--listen-host',
     dest='listen_host',
@@ -37,12 +42,13 @@ class HTTPServer6(server.HTTPServer):
 
 class CertServer(object):
 
-  def __init__(self, listen_host, listen_port, server_key, server_cert):
+  def __init__(self, listen_host, listen_port, server_key, server_cert, ca_cert):
     self._httpd = HTTPServer6((listen_host, listen_port), server.SimpleHTTPRequestHandler)
     self._httpd.socket = ssl.wrap_socket(
         self._httpd.socket,
         keyfile=server_key,
         certfile=server_cert,
+        ca_certs=ca_cert,
         server_side=True,
         cert_reqs=ssl.CERT_REQUIRED,
         ssl_version=ssl.PROTOCOL_TLSv1_2,
@@ -57,7 +63,8 @@ def main():
       FLAGS.listen_host,
       FLAGS.listen_port,
       FLAGS.server_key,
-      FLAGS.server_cert)
+      FLAGS.server_cert,
+      FLAGS.ca_cert)
   server.Serve()