Tree - source-git/keepalived - CentOS Git server

source-git / keepalived

Files

Commit: 5956c781b055f1c4e79a56666bf0668e1565feb0
Blob Blame History Raw
Needs
=====

  Before trying to compile genhash tool you need to install
  OpenSSL 0.9.6b (http://www.openssl.org).

Installation
============

  Simply 'make' & 'make install'

Utilisation
===========

  The genhash tool give you the ability to generate MD5 digest
  from remote HTTP/HTTPS server connected.

  The global synopsis for the tool is :

  [user@lvs]$ genhash --help
  genhash v1.0.0 (18/11, 2002)
  Usage:
    genhash -s server-address -p port -u url
    genhash -S -s server-address -p port -u url
    genhash -h
    genhash -r

  Commands:
  Either long or short options are allowed.
    genhash --use-ssl         -S       Use SSL connection to remote server.
    genhash --server          -s       Use the specified remote server address.
    genhash --port            -p       Use the specified remote server port.
    genhash --url             -u       Use the specified remote server url.
    genhash --use-virtualhost -V       Use the specified virtualhost in GET query.
    genhash --verbose         -v       Use verbose mode output.
    genhash --help            -h       Display this short inlined help screen.
    genhash --release         -r       Display the release number

  Imagine we have a remote HTTP/HTTPS server owning the IP address 192.168.200.10.
  We want to generate a MD5SUM over the server root url (/).
  To proceed, simply use :

  [user@lvs]$ genhash -s 192.168.200.10 -p 80 -u /
  -----------------------[    HTTP Header Buffer    ]-----------------------
  0000  48 54 54 50 2f 31 2e 31 - 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
  0010  0a 44 61 74 65 3a 20 57 - 65 64 2c 20 32 38 20 4e   .Date: Wed, 28 N
  ..........................................................................
  -----------------------[ HTTP Header Ascii Buffer ]-----------------------
  HTTP/1.1 200 OK
  ..............
  -----------------------[       HTML Buffer        ]-----------------------
  0000  3c 21 44 4f 43 54 59 50 - 45 20 48 54 4d 4c 20 50   <!DOCTYPE HTML P
  0010  55 42 4c 49 43 20 22 2d - 2f 2f 57 33 43 2f 2f 44   UBLIC "-//W3C//D
  ..........................................................................
  -----------------------[    HTML MD5 resulting    ]-----------------------
  0000  ff 20 ad 24 81 f9 7b 17 - 54 ef 3e 12 ec d3 a9 cc   . .$..{.T.>.....
  -----------------------[ HTML MD5 final resulting ]-----------------------
  FF20AD2481F97B1754EF3E12ECD3A9CC

  => So the Hash value generated for the remote HTTP root URL is :
     http://192.168.200.10/ is FF20AD2481F97B1754EF3E12ECD3A9CC

  Genhash can generate hash values over SSL content. Using the same sample
  we will obtain :
  [user@lvs]$ genhash -S -s 192.168.200.10 -p 443 -u /
  -----------------------[    HTTP Header Buffer    ]-----------------------
  0000  48 54 54 50 2f 31 2e 31 - 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
  0010  0a 44 61 74 65 3a 20 57 - 65 64 2c 20 32 38 20 4e   .Date: Wed, 28 N
  ..........................................................................
  -----------------------[ HTTP Header Ascii Buffer ]-----------------------
  HTTP/1.1 200 OK
  ..............
  -----------------------[       HTML Buffer        ]-----------------------
  0000  3c 21 44 4f 43 54 59 50 - 45 20 48 54 4d 4c 20 50   <!DOCTYPE HTML P
  0010  55 42 4c 49 43 20 22 2d - 2f 2f 57 33 43 2f 2f 44   UBLIC "-//W3C//D
  ..........................................................................
  -----------------------[    HTML MD5 resulting    ]-----------------------
  0000  ff 20 ad 24 81 f9 7b 17 - 54 ef 3e 12 ec d3 a9 cc   . .$..{.T.>.....
  -----------------------[ HTML MD5 final resulting ]-----------------------
  FF20AD2481F97B1754EF3E12ECD3A9CC

  => So the Hash value generated for the remote HTTP root URL is :
     https://192.168.200.10/ is FF20AD2481F97B1754EF3E12ECD3A9CC

  => The same as http since the document root is a common location for
     HTTP & HTTPS (in our sample).


  In addition with this SSL support, we have added the capability to use
  specific ssl private key and ssl certificate. Note that the private key
  need to be generated into the PEM format. In our sample we have generated
  the SSL file using the following openssl command lines :

  [user@lvs]$ openssl genrsa -des3 -out ssl.key 1024
    => we use the PEM password : password (really secure :) )
  [user@lvs]$ openssl req -new -key ssl.key -out ssl.csr
  [user@lvs]$ openssl req -x509 -key ssl.key -in ssl.csr -out ssl.crt
  [user@lvs]$ cat ssl.key ssl.crt > ssl.pem

  Then we perform a hash computation using this specific SSL file :

  [user@lvs]$ genhash --use-ssl \
                      --server=192.168.201.100 --port=443 --url=/ \
                      --use-private-key=ssl.pem \
                      --use-password=password \
                      --use-certificate=ssl.crt
  ..........................................................................
  -----------------------[ HTML MD5 final resulting ]-----------------------
  FF20AD2481F97B1754EF3E12ECD3A9CC


Have fun with it !
Alexandre
source-git / keepalived

Source Code

Files
