Ejemplo n.º 1
0
 def testParse(self, fname='samp1'):
     with open('test/' + fname, "rb") as fp:
         msg = mime.message_from_file(fp)
     self.assertTrue(msg.ismultipart())
     parts = msg.get_payload()
     self.assertTrue(len(parts) == 2)
     txt1 = parts[0].get_payload()
     self.assertTrue(txt1.rstrip() == samp1_txt1, txt1)
     with open('test/missingboundary', "rb") as fp:
         msg = mime.message_from_file(fp)
     # should get no exception as long as we don't try to parse
     # message attachments
     mime.defang(msg, scan_rfc822=False)
     with open('test/missingboundary.out', 'wb') as fp:
         msg.dump(fp)
     with open('test/missingboundary', "rb") as fp:
         msg = mime.message_from_file(fp)
     try:
         mime.defang(msg)
         # python 2.4 doesn't get exceptions on missing boundaries, and
         # if message is modified, output is readable by mail clients
         if sys.hexversion < 0x02040000:
             self.fail(
                 'should get boundary error parsing bad rfc822 attachment')
     except errors.BoundaryError:
         pass
Ejemplo n.º 2
0
 def testCheckAttach(self,fname="test1"):
   # test1 contains a very long filename
   msg = mime.message_from_file(open('test/'+fname,'r'))
   mime.defang(msg,scan_zip=True)
   self.failIf(msg.ismodified())
   msg = mime.message_from_file(open('test/test2','r'))
   rc = mime.check_attachments(msg,self._chk_attach)
   self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF")
   self.assertEquals(rc,Milter.CONTINUE)
Ejemplo n.º 3
0
  def testDefang6(self,vname="virus6",fname='FAX20.exe'):
    msg = mime.message_from_file(open('test/'+vname,"r"))
    mime.defang(msg)
    oname = vname + '.out'
    msg.dump(open('test/'+oname,"w"))
    msg = mime.message_from_file(open('test/'+oname,"r"))
    self.failIf(msg.ismultipart())
    txt2 = msg.get_payload()
    self.failUnless(txt2 == mime.virus_msg % \
	(fname,hostname,None),txt2)
Ejemplo n.º 4
0
 def testDefang6(self, vname="virus6", fname='FAX20.exe'):
     msg = mime.message_from_file(open('test/' + vname, "r"))
     mime.defang(msg)
     oname = vname + '.out'
     msg.dump(open('test/' + oname, "w"))
     msg = mime.message_from_file(open('test/' + oname, "r"))
     self.failIf(msg.ismultipart())
     txt2 = msg.get_payload()
     self.failUnless(txt2 == mime.virus_msg % \
  (fname,hostname,None),txt2)
Ejemplo n.º 5
0
 def testCheckAttach(self, fname="test1"):
     # test1 contains a very long filename
     msg = mime.message_from_file(open('test/' + fname, 'r'))
     mime.defang(msg, scan_zip=True)
     self.failIf(msg.ismodified())
     msg = mime.message_from_file(open('test/test2', 'r'))
     rc = mime.check_attachments(msg, self._chk_attach)
     self.assertEquals(
         self.filename,
         "7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF"
     )
     self.assertEquals(rc, Milter.CONTINUE)
Ejemplo n.º 6
0
  def testDefang(self,vname='virus1',part=1,
	fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
    msg = mime.message_from_file(open('test/'+vname,"r"))
    mime.defang(msg,scan_zip=True)
    self.failUnless(msg.ismodified(),"virus not removed")
    oname = vname + '.out'
    msg.dump(open('test/'+oname,"w"))
    msg = mime.message_from_file(open('test/'+oname,"r"))
    txt2 = msg.get_payload()
    if type(txt2) == list:
      txt2 = txt2[part].get_payload()
    self.failUnless(
      txt2.rstrip()+'\n' == mime.virus_msg % (fname,hostname,None),txt2)
Ejemplo n.º 7
0
 def testDefang6(self, vname="virus6", fname='FAX20.exe'):
     with self.zf.open(vname, "r") as fp:
         msg = mime.message_from_file(fp)
     mime.defang(msg)
     oname = vname + '.out'
     with open('test/' + oname, "wb") as fp:
         msg.dump(fp)
     with open('test/' + oname, "rb") as fp:
         msg = mime.message_from_file(fp)
     self.assertFalse(msg.ismultipart())
     txt2 = msg.get_payload()
     self.assertTrue(txt2 == mime.virus_msg % \
  (fname,hostname,None),txt2)
Ejemplo n.º 8
0
 def testDefang7(self, vname="honey", fname='story[1].scr'):
     msg = mime.message_from_file(open('test/' + vname, "r"))
     mime.defang(msg)
     oname = vname + '.out'
     msg.dump(open('test/' + oname, "w"))
     msg = mime.message_from_file(open('test/' + oname, "r"))
     parts = msg.get_payload()
     txt2 = parts[1].get_payload()
     txt3 = parts[2].get_payload()
     self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \
  (fname,hostname,None),txt2)
     if txt3 != '':
         self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \
      ('story[1].asp',hostname,None),txt3)
Ejemplo n.º 9
0
 def testZip(self, vname="zip1", fname='zip.zip'):
     self.testDefang(vname, 1, 'zip.zip')
     # test scan_zip flag
     msg = mime.message_from_file(open('test/' + vname, "r"))
     mime.defang(msg, scan_zip=False)
     self.failIf(msg.ismodified())
     # test ignoring empty zip (often found in DSNs)
     msg = mime.message_from_file(open('test/zip2', 'r'))
     mime.defang(msg, scan_zip=True)
     self.failIf(msg.ismodified())
     # test corrupt zip (often an EXE named as a ZIP)
     self.testDefang('zip3', 1, 'zip.zip')
     # test zip within zip
     self.testDefang('ziploop', 1, '*****@*****.**')
Ejemplo n.º 10
0
 def testZip(self,vname="zip1",fname='zip.zip'):
   self.testDefang(vname,1,'zip.zip')
   # test scan_zip flag
   msg = mime.message_from_file(open('test/'+vname,"r"))
   mime.defang(msg,scan_zip=False)
   self.failIf(msg.ismodified())
   # test ignoring empty zip (often found in DSNs)
   msg = mime.message_from_file(open('test/zip2','r'))
   mime.defang(msg,scan_zip=True)
   self.failIf(msg.ismodified())
   # test corrupt zip (often an EXE named as a ZIP)
   self.testDefang('zip3',1,'zip.zip')
   # test zip within zip
   self.testDefang('ziploop',1,'*****@*****.**')
Ejemplo n.º 11
0
  def testDefang7(self,vname="honey",fname='story[1].scr'):
    msg = mime.message_from_file(open('test/'+vname,"r"))
    mime.defang(msg)
    oname = vname + '.out'
    msg.dump(open('test/'+oname,"w"))
    msg = mime.message_from_file(open('test/'+oname,"r"))
    parts = msg.get_payload()
    txt2 = parts[1].get_payload()
    txt3 = parts[2].get_payload()
    self.failUnless(txt2.rstrip()+'\n' == mime.virus_msg % \
	(fname,hostname,None),txt2)
    if txt3 != '':
      self.failUnless(txt3.rstrip()+'\n' == mime.virus_msg % \
	  ('story[1].asp',hostname,None),txt3)
Ejemplo n.º 12
0
 def testDefang(self,
                vname='virus1',
                part=1,
                fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
     msg = mime.message_from_file(open('test/' + vname, "r"))
     mime.defang(msg, scan_zip=True)
     self.failUnless(msg.ismodified(), "virus not removed")
     oname = vname + '.out'
     msg.dump(open('test/' + oname, "w"))
     msg = mime.message_from_file(open('test/' + oname, "r"))
     txt2 = msg.get_payload()
     if type(txt2) == list:
         txt2 = txt2[part].get_payload()
     self.failUnless(
         txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None),
         txt2)
Ejemplo n.º 13
0
 def eom(self):
   if not self.fp: return Milter.ACCEPT
   self.fp.seek(0)
   msg = mime.message_from_file(self.fp)
   msg.headerchange = self._headerChange
   if not mime.defang(msg,self.tempname):
     os.remove(self.tempname)
     self.tempname = None	# prevent re-removal
     self.log("eom")
     return Milter.ACCEPT	# no suspicious attachments
   self.log("Temp file:",self.tempname)
   self.tempname = None	# prevent removal of original message copy
   # copy defanged message to a temp file 
   out = tempfile.TemporaryFile()
   try:
     msg.dump(out)
     out.seek(0)
     msg = rfc822.Message(out)
     msg.rewindbody()
     while 1:
       buf = out.read(8192)
       if len(buf) == 0: break
       self.replacebody(buf)	# feed modified message to sendmail
     return Milter.ACCEPT	# ACCEPT modified message
   finally:
     out.close()
   return Milter.TEMPFAIL
Ejemplo n.º 14
0
 def testDefang7(self, vname="honey", fname='story[1].scr'):
     with open('test/' + vname, "rb") as fp:
         msg = mime.message_from_file(fp)
     mime.defang(msg)
     oname = vname + '.out'
     with open('test/' + oname, "wb") as fp:
         msg.dump(fp)
     with open('test/' + oname, "rb") as fp:
         msg = mime.message_from_file(fp)
     parts = msg.get_payload()
     txt2 = parts[1].get_payload()
     txt3 = parts[2].get_payload()
     self.assertTrue(txt2.rstrip()+'\n' == mime.virus_msg % \
  (fname,hostname,None),txt2)
     if txt3 != '':
         self.assertTrue(txt3.rstrip()+'\n' == mime.virus_msg % \
      ('story[1].asp',hostname,None),txt3)
Ejemplo n.º 15
0
 def testParse(self,fname='samp1'):
   msg = mime.message_from_file(open('test/'+fname,"r"))
   self.failUnless(msg.ismultipart())
   parts = msg.get_payload()
   self.failUnless(len(parts) == 2)
   txt1 = parts[0].get_payload()
   self.failUnless(txt1.rstrip() == samp1_txt1,txt1)
   msg = mime.message_from_file(open('test/missingboundary',"r"))
   # should get no exception as long as we don't try to parse
   # message attachments
   mime.defang(msg,scan_rfc822=False)
   msg.dump(open('test/missingboundary.out','w'))
   msg = mime.message_from_file(open('test/missingboundary',"r"))
   try:
     mime.defang(msg)
     # python 2.4 doesn't get exceptions on missing boundaries, and
     # if message is modified, output is readable by mail clients
     if sys.hexversion < 0x02040000:
       self.fail('should get boundary error parsing bad rfc822 attachment')
   except Errors.BoundaryError:
     pass
Ejemplo n.º 16
0
 def testDefang(self,
                vname='virus1',
                part=1,
                fname='LOVE-LETTER-FOR-YOU.TXT.vbs'):
     try:
         with self.zf.open(vname, "r") as fp:
             msg = mime.message_from_file(fp)
     except KeyError:
         with open('test/' + vname, "rb") as fp:
             msg = mime.message_from_file(fp)
     mime.defang(msg, scan_zip=True)
     self.assertTrue(msg.ismodified(), "virus not removed")
     oname = vname + '.out'
     with open('test/' + oname, "wb") as fp:
         msg.dump(fp)
     with open('test/' + oname, "rb") as fp:
         msg = mime.message_from_file(fp)
     txt2 = msg.get_payload()
     if type(txt2) == list:
         txt2 = txt2[part].get_payload()
     self.assertTrue(
         txt2.rstrip() + '\n' == mime.virus_msg % (fname, hostname, None),
         txt2)
Ejemplo n.º 17
0
 def eom(self):
     if not self.fp: return Milter.ACCEPT
     self.fp.seek(0)
     msg = mime.message_from_file(self.fp)
     msg.headerchange = self._headerChange
     if not mime.defang(msg, self.tempname):
         os.remove(self.tempname)
         self.tempname = None  # prevent re-removal
         self.log("eom")
         return Milter.ACCEPT  # no suspicious attachments
     self.log("Temp file:", self.tempname)
     self.tempname = None  # prevent removal of original message copy
     # copy defanged message to a temp file
     with tempfile.TemporaryFile() as out:
         msg.dump(out)
         out.seek(0)
         msg = mime.message_from_file(out)
         fp = BytesIO(msg.as_bytes().split(b'\n\n', 1)[1])
         while 1:
             buf = fp.read(8192)
             if len(buf) == 0: break
             self.replacebody(buf)  # feed modified message to sendmail
         return Milter.ACCEPT  # ACCEPT modified message
     return Milter.TEMPFAIL
Ejemplo n.º 18
0
 def eom(self):
   if not self.fp: return Milter.ACCEPT
   self.fp.seek(0)
   msg = mime.message_from_file(self.fp)
   msg.headerchange = self._headerChange
   if not mime.defang(msg,self.tempname):
     os.remove(self.tempname)
     self.tempname = None	# prevent re-removal
     self.log("eom")
     return Milter.ACCEPT	# no suspicious attachments
   self.log("Temp file:",self.tempname)
   self.tempname = None	# prevent removal of original message copy
   # copy defanged message to a temp file 
   with tempfile.TemporaryFile() as out:
     msg.dump(out)
     out.seek(0)
     msg = mime.message_from_file(out)
     fp = BytesIO(msg.as_bytes().split(b'\n\n',1)[1])
     while 1:
       buf = fp.read(8192)
       if len(buf) == 0: break
       self.replacebody(buf)	# feed modified message to sendmail
     return Milter.ACCEPT	# ACCEPT modified message
   return Milter.TEMPFAIL
Ejemplo n.º 19
0
    self.failIf(msg.ismodified())
    msg = mime.message_from_file(open('test/test2','r'))
    rc = mime.check_attachments(msg,self._chk_attach)
    self.assertEquals(self.filename,"7501'S FOR TWO GOLDEN SOURCES SHIPMENTS FOR TAX & DUTY PURPOSES ONLY.PDF")
    self.assertEquals(rc,Milter.CONTINUE)

  def testHTML(self,fname=""):
    result = StringIO.StringIO()
    filter = mime.HTMLScriptFilter(result)
    msg = """<! Illegal declaration used as comment>
      <![if conditional]> Optional SGML <![endif]>
      <!-- Legal SGML comment -->
    """
    script = "<script lang=javascript> Dangerous script </script>"
    filter.feed(msg + script)
    filter.close()
    #print result.getvalue()
    self.failUnless(result.getvalue() == msg + filter.msg)

def suite(): return unittest.makeSuite(MimeTestCase,'test')

if __name__ == '__main__':
  if len(sys.argv) < 2:
    unittest.main()
  else:
    for fname in sys.argv[1:]:
      fp = open(fname,'r')
      msg = mime.message_from_file(fp)
      mime.defang(msg,scan_zip=True)
      print msg.as_string()
Ejemplo n.º 20
0
        )
        self.assertEquals(rc, Milter.CONTINUE)

    def testHTML(self, fname=""):
        result = StringIO.StringIO()
        filter = mime.HTMLScriptFilter(result)
        msg = """<! Illegal declaration used as comment>
      <![if conditional]> Optional SGML <![endif]>
      <!-- Legal SGML comment -->
    """
        script = "<script lang=javascript> Dangerous script </script>"
        filter.feed(msg + script)
        filter.close()
        #print result.getvalue()
        self.failUnless(result.getvalue() == msg + filter.msg)


def suite():
    return unittest.makeSuite(MimeTestCase, 'test')


if __name__ == '__main__':
    if len(sys.argv) < 2:
        unittest.main()
    else:
        for fname in sys.argv[1:]:
            fp = open(fname, 'r')
            msg = mime.message_from_file(fp)
            mime.defang(msg, scan_zip=True)
            print msg.as_string()