def test_ssl_null_byte(self):
'''Test a null-byte CN cert (CVE-2009-3490)'''
srvkey_pem = 'ssl/badguy.key'
srvcert_pem = 'ssl/badguy-nul-cn.crt'
srv_ca = 'ssl/ca.crt'
ca = os.path.join(self.tempdir, os.path.basename(srv_ca))
shutil.copy(srv_ca, ca)
# We need to add www.bank.com to the hosts file, or w3m errors while
# validating the cert's CN before the NUL byte check
testlib.config_replace(self.hosts_file, "127.0.0.1 www.bank.com", True)
test_str = testlib_httpd.create_html_page(self.html_page)
self._prepare_ssl(srvkey_pem, srvcert_pem)
cmdline = "w3m -dump -o ssl_ca_file=" + ca + " https://www.bank.com/" + \
os.path.basename(self.html_page)
# Make sure w3m detected the NUL byte
child = pexpect.spawn(cmdline)
time.sleep(1.0)
child.expect(".*Bad cert ident.*", timeout=2)
child.sendline('y')
time.sleep(1.0)
child.kill(0)
def test_php(self):
'''Test php (fastcgi)'''
# TODO: figure out why test hangs on dapper and edgy
if self.lsb_release['Release'] < 7.04:
return self._skipped()
if self.lsb_release['Release'] < 7.10:
conf = '''
server.modules += ( "mod_fastcgi" )
fastcgi.server = ( ".php" =>
((
"bin-path" => "/usr/bin/php5-cgi",
"socket" => "/tmp/php.socket",
"max-procs" => 2,
"idle-timeout" => 20,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "4",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => (
"PATH", "SHELL", "USER"
),
"broken-scriptfilename" => "enable"
))
)
'''
testlib.config_replace(self.fastcgi_conf, conf)
self._enable_mod("fastcgi")
test_str = testlib_httpd.create_php_page(self.php_page)
self._test_url("http://localhost/" + \
os.path.basename(self.php_page), test_str)
def _prepare_ssl(self, srvkey, srvcert):
'''Prepare Apache for ssl connections'''
self._enable_mod("ssl")
# copy instead of rename so we don't get invalid cross-device link errors
shutil.copy(srvkey, self.ssl_key)
shutil.copy(srvcert, self.ssl_crt)
if self.lsb_release['Release'] <= 7.04:
testlib.config_replace(self.ports_file, "Listen 443", True)
# create the conffile entry
site_contents = '''
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
</VirtualHost>
'''
testlib.create_fill(self.ssl_site, site_contents)
self._reload()
def _setUp(self, clearlogs = False):
'''Setup'''
self.release = self.lsb_release['Codename']
self.html_page = "/var/www/test.html"
self.php_page = "/var/www/test.php"
self.cgi_page = "/usr/lib/cgi-bin/test-cgi.pl"
self.apache2_default = "/etc/default/apache2"
self.ssl_key = "/etc/ssl/private/server.key"
self.ssl_crt = "/etc/ssl/certs/server.crt"
self.ssl_site = "/etc/apache2/sites-enabled/999-testlib"
self.ports_file = "/etc/apache2/ports.conf"
self.access_log = "/var/log/apache2/access.log"
self.error_log = "/var/log/apache2/error.log"
if not hasattr(self, 'initscript'):
self._set_initscript("/etc/init.d/apache2")
# Dapper's apache2 is disabled by default
if self.lsb_release['Release'] == 6.06:
testlib.config_replace(self.apache2_default, "", append=True)
subprocess.call(['sed', '-i', 's/NO_START=1/NO_START=0/', self.apache2_default])
self._stop()
if clearlogs == True:
self._clearlogs()
self._start()
def setUp(self):
'''Generic test setup'''
self._setUp()
testlib.config_replace(self.nfs_exports,'''#
/tmp localhost(rw,sync,no_subtree_check)
''')
self._restart()
def setUp(self):
'''Set up prior to each test_* function'''
self.tomcat_daemon = testlib.TestDaemon("/etc/init.d/" + exe)
self.users_file = "/etc/" + exe + "/tomcat-users.xml"
self.html_page = "/var/lib/" + exe + "/webapps/ROOT/test.html"
self.webapp_dir = "/var/lib/" + exe + "/webapps"
self.war = ""
self.admin_user = "******"
#self.admin_pass = "******"
self.admin_pass = testlib.random_string(10)
testlib.config_replace(self.users_file, "", True)
self.manager_group = "manager"
if exe in ["tomcat7", "tomcat8"]:
self.manager_group = "manager-gui"
user_config = 's/^<tomcat-users>/<tomcat-users>\\n<role rolename=\"%s\"\/>\\n<user username=\"%s\" password=\"%s\" roles=\"%s\"\/>\\n/' % (
self.manager_group, self.admin_user, self.admin_pass,
self.manager_group)
if exe in ["tomcat8"]:
user_config = 's/^<\/tomcat-users>/<role rolename=\"%s\"\/>\\n<user username=\"%s\" password=\"%s\" roles=\"%s\"\/>\\n<\/tomcat-users>\\n/' % (
self.manager_group, self.admin_user, self.admin_pass,
self.manager_group)
subprocess.call(['sed', '-i', user_config, self.users_file])
subprocess.call(['chgrp', exe, self.users_file])
self.tomcat_daemon.restart()
def test_CVE_2011_3205(self):
'''Test parsing lines > 4096 in length (CVE-2011-3205)'''
longline = "ABCDEF" * 4096
testlib.config_replace(self.gophermap, """Welcome to Pygopherd! You can place your documents
in /var/gopher for future use. You can remove the gophermap
file there to get rid of this message, or you can edit it to
use other things. (You'll need to do at least one of these
two things in order to get your own data to show up!)
%s
Some links to get you started:
1Pygopherd Home /devel/gopher/pygopherd gopher.quux.org 70
1Quux.Org Mega Server / gopher.quux.org 70
1The Gopher Project /Software/Gopher gopher.quux.org 70
1Traditional UMN Home Gopher / gopher.tc.umn.edu 70
Welcome to the world of Gopher and enjoy!
""" %(longline), append=False)
rc, report = testlib.cmd(['squidclient', '-h', '127.0.0.1', '-p', '3128', '-r', "gopher://127.0.0.1"])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
def disable(self):
'''disable apport'''
self.daemon.stop()
rc, report = testlib.cmd(['cat', self.core_pattern])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
self.assertTrue(
report.startswith('c'),
"%s does not start with 'c'\n%s" % (self.core_pattern, report))
# test if enabled=0 disables apport
testlib.config_replace(self.defaults, "", append=True)
subprocess.call(
['sed', '-i', 's/^enabled=.*/enabled=0/g', self.defaults])
self.daemon.start()
rc, report = testlib.cmd(['cat', self.core_pattern])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
self.assertTrue(
report.startswith('c'),
"%s does not start with 'c'\n%s" % (self.core_pattern, report))
def _load_tiff(self, fn):
'''Load tiff file'''
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
source = os.path.join(self.tmpdir, "loader.c")
binary = os.path.join(self.tmpdir, "loader")
tiff = os.path.join(self.tmpdir, os.path.basename(fn))
shutil.copy(fn, tiff)
contents = '''
#include <QtCore/QCoreApplication>
#include <QtGui/QImage>
int main(int argc, char *argv[])
{ QImage img("%s"); }
''' % (tiff)
testlib.config_replace(source, contents)
pkg_config = testlib.get_pkgconfig_flags(['QtGui'])
rc, report = testlib.cmd(['g++', source, '-o', binary] + pkg_config)
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
rc, report = testlib.cmd([binary])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
def test_ssl_null_byte(self):
'''Test a null-byte CN cert (CVE-2009-3490)'''
srvkey_pem = 'ssl/badguy.key'
srvcert_pem = 'ssl/badguy-nul-cn.crt'
# We need to add www.bank.com to the hosts file, of wget dies while
# validating the cert's CN before the NUL byte check
testlib.config_replace(self.hosts_file, "127.0.0.1 www.bank.com", True)
self._prepare_ssl(srvkey_pem, srvcert_pem)
# modern wget now returns 5 on ssl validation errors
if self.lsb_release['Release'] <= 9.10:
expected = 1
else:
expected = 5
# Make sure wget detected the NUL byte
self._test_url_wget(
"https://www.bank.com/",
"ERROR: certificate common name is invalid (contains a NUL character)",
expected=expected)
# Let's try an SSL page without validating the self-signed cert
test_str = testlib_httpd.create_html_page(self.html_page)
self._test_url_wget("https://www.bank.com/" + \
os.path.basename(self.html_page), test_str, extra_opts=['--no-check-certificate'])
def _setUp(self):
'''Common test setup'''
self.htpasswd = "/etc/nagios3/htpasswd.users"
self.nagios_cfg = "/etc/nagios3/nagios.cfg"
self.nagios_cmd = "/var/lib/nagios3/rw/nagios.cmd"
# Make sure we're not running first
self.apachedaemon = testlib.TestDaemon("/etc/init.d/apache2")
self.nagiosdaemon = testlib.TestDaemon("/etc/init.d/nagios3")
rc, result = self.nagiosdaemon.status()
if (rc):
self.nagiosdaemon.stop()
time.sleep(2)
rc, result = self.apachedaemon.status()
if (rc):
self.apachedaemon.stop()
time.sleep(2)
testlib.config_replace(self.htpasswd, "", True)
rc, report = testlib.cmd(
['htpasswd', '-c', '-b', self.htpasswd, 'nagiosadmin', 'ubuntu'])
# Turn on external commands
testlib.config_replace(self.nagios_cfg, "", True)
subprocess.call([
'sed', '-i',
's/^check_external_commands=0/check_external_commands=1/g',
self.nagios_cfg
])
# Fix permissions on command pipe dir (as per /usr/share/doc/nagios3/README.Debian)
subprocess.call(['chmod', 'g+xs', '/var/lib/nagios3/rw'])
subprocess.call(['chmod', 'o+x', '/var/lib/nagios3'])
self._start()
def test_clurgmgrd(self):
'''Test clurgmgrd (rgmanager)'''
testlib.config_replace(self.cluster_conf, self.cluster_contents)
self._restart_cluster()
print ""
print " daemon accepts signals"
pid = open("/var/run/clurgmgrd.pid").read()
rc, report = testlib.cmd(['kill', '-USR1', pid])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
time.sleep(3)
if self.lsb_release['Release'] >= 8.04:
print " CVE-2008-6552"
fn = "/tmp/rgmanager-dump"
result = "Found '%s'" % fn
self.assertFalse(os.path.exists(fn), result)
print " rgmanager-dump"
fn = "/var/log/cluster/rgmanager-dump"
result = "Could not find '%s'" % fn
self.assertTrue(os.path.exists(fn), result)
contents = open(fn).read()
for search in [
'Cluster configuration', 'View-Formation States', 'CMAN'
]:
result = "Couldn't find '%s' in report\n" % search
self.assertTrue(search in contents, result + contents)
def test_cman_tool(self):
'''Test cman_tool'''
testlib.config_replace(self.cluster_conf, self.cluster_contents)
self._restart_cluster()
search_terms = [self.hostname, self.ip]
cmd = ['cman_tool', 'nodes', '-a']
if self.lsb_release['Release'] < 8.04:
cmd.remove('-a')
search_terms.remove(self.ip)
rc, report = testlib.cmd(cmd)
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
for search in search_terms:
result = "Couldn't find '%s' in report\n" % search
self.assertTrue(search in report, result + report)
rc, report = testlib.cmd(['cman_tool', 'status'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
for search in [self.hostname, self.cluster_name, 'Quorum']:
result = "Couldn't find '%s' in report\n" % search
self.assertTrue(search in report, result + report)
def setUp(self):
'''Set up prior to each test_* function'''
self.update_exim4_conf = "/etc/exim4/update-exim4.conf.conf"
self.exim4_conf_template = "/etc/exim4/exim4.conf.template"
self.exim4_passwd = "/etc/exim4/passwd"
self.exim4_trusted = "/etc/exim4/trusted_configs"
self.exim4_spool = "/var/spool/exim4"
self.exim4_hack_conf = "/var/spool/exim4/e.conf"
self.exim4_hack_setuid = "/var/spool/exim4/setuid"
self.exim4_panic_log = "/var/log/exim4/paniclog"
self.had_system_exim4_passwd = False
self.port = 25 # TODO: different port (2525?)
self.domain = "example.com"
testlib.config_replace(self.exim4_trusted, "", append=True)
self.user = testlib.TestUser(lower=True)
self.s = None
# Silently allow for this connection to fail, to handle the
# initial setup of the exim4 server.
try:
self.s = smtplib.SMTP('localhost', port=self.port)
except:
pass
def _prepare_ssl(self, srvkey, srvcert):
'''Prepare Apache for ssl connections'''
self._enable_mod("ssl")
# copy instead of rename so we don't get invalid cross-device link errors
shutil.copy(srvkey, self.ssl_key)
shutil.copy(srvcert, self.ssl_crt)
if self.lsb_release['Release'] <= 7.04:
testlib.config_replace(self.ports_file, "Listen 443", True)
# create the conffile entry
site_contents = '''
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
</VirtualHost>
'''
testlib.create_fill(self.ssl_site, site_contents)
self._reload()
def test_CVE_2010_2810(self):
'''Test CVE-2010-2810'''
self.tempdir = tempfile.mkdtemp()
crash = os.path.join(self.tempdir, "crash.html")
# From scripts/test-lynx.py
contents = '''<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AA%A/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
<a href="http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA">EXPLOIT</a>
'''
testlib.config_replace(crash, contents)
self._lynx_cmd(crash, search='25. http://AAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/')
def _setUp(self):
'''Set up prior to each test_* function'''
self.initscript = "/etc/init.d/cups"
self.url = "http://localhost:631/"
self.pidfile = "/var/run/cups/cupsd.pid"
self.browsed_conf = "/etc/cups/cups-browsed.conf"
testlib.config_replace(
'/etc/cups/passwd.md5',
'''ubuntutest:lp:a20a0d70ab227981fce5bb7a204902e5
''')
self._stop()
self._start()
if self.lsb_release['Release'] >= 13.10:
testlib.config_replace(
self.browsed_conf, '''BrowseRemoteProtocols dnssd cups
BrowseLocalProtocols none
''')
self._stop_browsed()
self._start_browsed()
self.tempdir = ""
self.printers = []
def _setUp(self, clearlogs = False):
'''Setup'''
self.release = self.lsb_release['Codename']
self.html_page = "/var/www/test.html"
self.php_page = "/var/www/test.php"
self.cgi_page = "/usr/lib/cgi-bin/test-cgi.pl"
self.apache2_default = "/etc/default/apache2"
self.ssl_key = "/etc/ssl/private/server.key"
self.ssl_crt = "/etc/ssl/certs/server.crt"
self.ssl_site = "/etc/apache2/sites-enabled/999-testlib"
self.ports_file = "/etc/apache2/ports.conf"
self.access_log = "/var/log/apache2/access.log"
self.error_log = "/var/log/apache2/error.log"
if not hasattr(self, 'initscript'):
self._set_initscript("apache2")
# Dapper's apache2 is disabled by default
if self.lsb_release['Release'] == 6.06:
testlib.config_replace(self.apache2_default, "", append=True)
subprocess.call(['sed', '-i', 's/NO_START=1/NO_START=0/', self.apache2_default])
self._stop()
if clearlogs == True:
self._clearlogs()
self._start()
def test_pam_xauth(self):
'''Test pam_xauth module'''
contents = "session optional pam_xauth.so"
testlib.config_replace(self.pam_su, contents, True)
# Make sure the test user doesn't inherit ours when we su -
if 'XAUTHORITY' in os.environ:
del os.environ['XAUTHORITY']
# Create a bogus xauth file for the first user
rc, report = testlib.cmd(['su', '-', self.user.login, '-c', 'xauth add localhost:0 . 123456'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# Make sure $DISPLAY is set
testlib.config_replace(os.path.join(self.user.home, ".bashrc"), "export DISPLAY=localhost:0", True)
# Do the insanity
rc, report = self._double_su(self.user.login, self.userB.login, self.userB.password, 'xauth list')
self._word_find(report, "123456")
# Validate permissions
rc, report = self._double_su(self.user.login, self.userB.login, self.userB.password, 'ls -al .xauth*')
self._word_find(report, "-rw------- 1 %s %s" % (self.userB.login, self.userB.login))
def test_pam_mail(self):
'''Test pam_mail module'''
testlib.config_replace(self.pam_su, "", True)
subprocess.call(['sed', '-i', 's/pam_mail.so nopen/pam_mail.so standard/', self.pam_su])
# make sure we don't have any mail right now
report = self._get_mail(self.user.login)
self._word_find(report, "You have", invert=True)
self._word_find(report, "No mail.", invert=True)
# Create a bogus mail file
user_mail_file = os.path.join('/var/mail', self.user.login)
testlib.cmd(['touch', user_mail_file])
# We shouldn't have new mail
report = self._get_mail(self.user.login)
self._word_find(report, "You have", invert=True)
self._word_find(report, "No mail.")
# Append to the file to create some new mail
open(user_mail_file,'w').write("Thisisnewmail")
report = self._get_mail(self.user.login)
self._word_find(report, "You have")
self._word_find(report, "No mail.", invert=True)
def test_CVE_2011_3205(self):
'''Test parsing lines > 4096 in length (CVE-2011-3205)'''
longline = "ABCDEF" * 4096
testlib.config_replace(
self.gophermap,
"""Welcome to Pygopherd! You can place your documents
in /var/gopher for future use. You can remove the gophermap
file there to get rid of this message, or you can edit it to
use other things. (You'll need to do at least one of these
two things in order to get your own data to show up!)
%s
Some links to get you started:
1Pygopherd Home /devel/gopher/pygopherd gopher.quux.org 70
1Quux.Org Mega Server / gopher.quux.org 70
1The Gopher Project /Software/Gopher gopher.quux.org 70
1Traditional UMN Home Gopher / gopher.tc.umn.edu 70
Welcome to the world of Gopher and enjoy!
""" % (longline),
append=False)
rc, report = testlib.cmd([
'squidclient', '-h', '127.0.0.1', '-p', '3128', '-r',
"gopher://127.0.0.1"
])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
def setUp(self):
'''Set up prior to each test_* function'''
self.fs_dir = os.path.abspath('.')
testlib_archive.ArchiveCommon._setUp(self)
self.dest_dir = "test-dest"
self.dest_root = os.path.join(self.tempdir, self.dest_dir)
os.mkdir(self.dest_root)
self.rsyncd_default = "/etc/default/rsync"
self.rsyncd_conf = "/etc/rsyncd.conf"
self.rsyncd_secrets = "/etc/rsyncd.secrets"
testlib.config_set(self.rsyncd_default,
'RSYNC_ENABLE',
'true',
spaces=False)
testlib.config_replace(
self.rsyncd_conf, '''[test-module]
path = %s
auth users = *
secrets file = %s
''' % (self.archive_root, self.rsyncd_secrets))
testlib.config_replace(self.rsyncd_secrets, '''gooduser:goodpass
''')
os.chmod(self.rsyncd_secrets, 0700)
self.daemon = testlib.TestDaemon("/etc/init.d/rsync")
self.daemon.force_restart()
time.sleep(1)
def test_cve_2010_2251_3(self):
'''Test CVE-2010-2251, part 3'''
# This test makes sure filenames suggested by the server after a
# redirect are ignored.
bad_file_path = os.path.join(self.tempdir, self.evil_filename)
good_file_path = os.path.join(self.tempdir, "log")
# Add the redirect to the config file
testlib.config_replace(self.default_site, "", append=True)
subprocess.call([
'sed', '-i', "s/DocumentRoot \\(.*\\)/DocumentRoot \\1" +
"\\nRedirectMatch log $1\/" + self.evil_filename + "/",
self.default_site
])
self._reload()
self._download_file_lftp_get1("http://localhost/log",
directory=self.tempdir)
error = "Found the %s file." % bad_file_path
self.assertFalse(os.path.exists(bad_file_path), error)
error = "Didn't find the %s file." % good_file_path
self.assertTrue(os.path.exists(good_file_path), error)
def test_cve_2014_2856(self):
'''Test CVE-2014-2856'''
testlib.config_replace('/etc/cups/cupsd.conf', "", append=True)
subprocess.call([
'sed', '-i', '-r',
"s/^[[:space:]]*Listen[[:space:]]+localhost:631\\>/Port 631/i",
'/etc/cups/cupsd.conf'
])
subprocess.call([
'sed', '-i', '-r',
"s/^[[:space:]]*Order[[:space:]]+allow,deny\\>/Encryption Required/ig",
'/etc/cups/cupsd.conf'
])
self._stop()
self._start()
time.sleep(2)
# This test doesn't work on the loopback interface, so we need
# the real ip.
ip = self._get_my_ip()
url = "http://%s:631/<SCRIPT>alert('document.domain='+document.domain)</SCRIPT>.shtml" % ip
self._test_url(url, '<SCRIPT>alert', invert=True)
self._test_url(url, 'Forbidden')
def setUp(self):
'''Set up prior to each test_* function'''
self.haproxy_default = "/etc/default/haproxy"
self.haproxy_config = "/etc/haproxy/haproxy.cfg"
self.haproxy_daemon = testlib.TestDaemon("/etc/init.d/haproxy")
self.my_ip = self._get_my_ip()
testlib.config_set(self.haproxy_default, "ENABLED", "1", False)
default_config = '''
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend http-in
bind *:8000
default_backend servers
backend servers
server server1 127.0.0.1:80 maxconn 32
server server2 %s:80 maxconn 32
''' % self.my_ip
testlib.config_replace(self.haproxy_config, default_config)
testlib_httpd.HttpdCommon._setUp(self, clearlogs=True)
self.haproxy_daemon.restart()
def setUp(self):
'''Set up prior to each test_* function'''
self.service = 'qrt-script'
self.userA = 'myuser'
self.pwA = 'mypassword'
self.userB = 'myseconduser'
self.pwB = 'anotherpassword'
self.pwC = 'ubuntu'
self.uncrypted = os.path.expanduser(
'~/.local/share/python_keyring/keyring_pass.cfg')
self.crypted = os.path.expanduser(
'~/.local/share/python_keyring/crypted_pass.cfg')
self.old_uncrypted = os.path.expanduser('~/keyring_pass.cfg')
self.old_crypted = os.path.expanduser('~/crypted_pass.cfg')
self.keyring_files = [
self.uncrypted, self.crypted, self.old_uncrypted, self.old_crypted
]
for keyring_file in self.keyring_files:
filename = os.path.expanduser(keyring_file)
if os.path.exists(filename):
testlib.config_replace(filename, "", append=True)
# Erase the new empty file
os.unlink(filename)
def setUp(self):
'''Set up prior to each test_* function'''
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
self.current_dir = os.getcwd()
self.conf = '/etc/devscripts.conf'
# Disable signature verification so we don't need to import key
testlib.config_replace(self.conf, "\nDGET_VERIFY=no\n", True)
def setUp(self):
'''Setup mechanisms'''
ServerCommon._setUp(self)
ServerCommon._restart(self)
self.mycnf = "/etc/mysql/my.cnf"
testlib.config_replace(self.mycnf, "", True)
subprocess.call(['sed', '-i', 's,^\[mysqld\],[mysqld]\\nlog = /var/log/mysql.log\\n,g', self.mycnf])
def pam_krb5_setUp(self):
'''Set up pam with libpam-krb5'''
# Jaunty now has pam-auth-update
if self.lsb_release['Release'] < 9.04:
testlib.config_replace(self.pam_auth, "", True)
# add to the beginning of the pam file.
subprocess.call(
['sed', '-i', '1iauth sufficient pam_krb5.so', self.pam_auth])
def test_cached_sessions_db(self):
'''Test database backed cached session'''
# https://docs.djangoproject.com/en/dev/topics/http/sessions/
# https://docs.djangoproject.com/en/dev/topics/cache/
if testlib.dpkg_compare_installed_version('python-django', 'lt',
'1.2'):
return self._skipped("TODO: cache tests on django 1.1")
# first create a project (which uses a database backed session)
self._add_project()
# now add an app to it
appname = "mycoolsessiontest"
# http://localhost/testlib_django/<appname>/
self._add_app(name=appname)
os.chdir(self.django_project_manage_dir)
print ""
print " createcachetable"
db_table = "testlib-session-cachetable"
rc, report = testlib.cmd(
['python', './manage.py', 'createcachetable', db_table])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
settings = os.path.join(self.django_project_dir, "settings.py")
contents = '''
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.db.DatabaseCache',
'LOCATION': '%s',
}
}
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
''' % db_table
contents = file(settings).read() + contents
open(settings, 'w').write(contents)
testlib.config_replace(settings, contents, append=True)
# remove settings.pyc so it gets updated after the above change. For
# some reason, even a sleep for a couple of seconds isn't good enough
# and we would get races.
os.unlink(settings + "c")
print " update database"
rc, report = testlib.cmd(['python', './manage.py', 'syncdb'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
self._run_tests_on_session_page(appname)
os.chdir(self.current_dir)
def setUp(self):
'''Setup mechanisms'''
DnsmasqCommon._setUp(self)
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
testlib.config_replace(
self.config,
"\ndhcp-range=192.168.0.128,192.168.0.164,255.255.255.0,12h\n",
True)
self.daemon.start()
def setUp(self):
'''Generic test setup'''
self._setUp()
print >>sys.stdout, "\nMount the remote share with:\n$ sudo mount -t nfs %s:/tmp /mnt" % (self.ip)
sys.stdout.flush()
testlib.config_replace(self.nfs_exports,'''#
/tmp *(rw,sync,no_subtree_check)
''')
self._restart()
def setUp(self):
self.tmpdir = ""
self.gemrc_path = os.path.join(os.path.expanduser('~'), '.gemrc')
rc, out = testlib.cmd(
[exe, '-r', 'openssl', '-e', 'puts OpenSSL::SSL::VERIFY_PEER'])
# Make sure that cert verification is done, but don't specify
# ssl_ca_cert to make sure that a default rubygems installation uses
# /etc/ssl/certs/ca-certificates.crt
testlib.config_replace(self.gemrc_path, ":ssl_verify_mode: %s\n" % out)
def setUp(self):
'''Set up prior to each test_* function'''
self.mailman_daemon = testlib.TestDaemon("/etc/init.d/mailman")
self.mailman_cfg = '/etc/mailman/mm_cfg.py'
self.mailman_aliases = '/var/lib/mailman/data/aliases'
self.mailman_pid = '/var/run/mailman/mailman.pid'
self.postfix_daemon = testlib.TestDaemon("/etc/init.d/postfix")
self.postfix_mastercf = '/etc/postfix/master.cf'
self.postfix_maincf = '/etc/postfix/main.cf'
self.postfix_transport = '/etc/postfix/transportqrt'
self.postfix_aliases = '/etc/aliases'
self.apache_pid = "/var/run/apache2.pid"
self.ports_file = "/etc/apache2/ports.conf"
self.default_site = "/etc/apache2/sites-available/default"
self.mailman_site = "/etc/apache2/sites-enabled/mailman"
self.tempdir = tempfile.mkdtemp()
self.cj = cookielib.LWPCookieJar()
self.opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(self.cj))
# Make sure daemons are stopped before we begin
self.postfix_daemon.stop()
self.mailman_daemon.stop()
testlib.config_replace(self.mailman_aliases, "", append=True)
testlib.config_set(self.mailman_cfg,'MTA',"'Postfix'")
subprocess.call(['/usr/lib/mailman/bin/genaliases'], stdout=subprocess.PIPE)
subprocess.call(['chown', 'root:list', self.mailman_aliases])
# Is this a packaging mistake?
subprocess.call(['chown', 'list:list', '/var/lib/mailman/archives/private'])
self._zap_lists()
subprocess.call(['/usr/sbin/newlist', '-q', '*****@*****.**', '*****@*****.**' ,'ubuntu'], stdout=subprocess.PIPE)
self._setUp_postfix()
self._setUp_apache()
self.mailman_daemon.restart()
self.user = testlib.TestUser(lower=True)
self.s = None
# Silently allow for this connection to fail, to handle the
# initial setup of the postfix server.
try:
self.s = smtplib.SMTP('localhost', port=25)
except:
pass
def _setUp_apache(self):
'''Set up Apache'''
# Change the default port, so we can run in a schroot
testlib.config_replace(self.ports_file, "", append=True)
subprocess.call(['sed', '-i', 's/80/8000/g', self.ports_file])
testlib.config_replace(self.default_site, "", append=True)
subprocess.call(['sed', '-i', 's/80/8000/g', self.default_site])
if os.path.exists(self.mailman_site):
os.unlink(self.mailman_site)
if self.lsb_release['Release'] == 6.06:
self._dapper_apache_conf()
else:
os.symlink("/etc/mailman/apache.conf", self.mailman_site)
testlib_httpd.HttpdCommon._setUp(self)
def _setUp(self):
'''Create server configs.'''
# Move listener to localhost:2525
conf_file = '/etc/postfix/master.cf'
lines = open(conf_file)
contents = ''
for cfline in lines:
if cfline.startswith('smtp') and 'smtpd' in cfline and 'inet' in cfline:
contents += '127.0.0.1:2525 inet n - - - - smtpd\n'
else:
contents += "%s\n" % cfline
testlib.config_replace(conf_file, contents, append=False)
conf_file = '/etc/postfix/main.cf'
# Use mbox only
testlib.config_comment(conf_file,'home_mailbox')
testlib.config_set(conf_file,'mailbox_command','procmail -a "$EXTENSION"')
# Turn on sasl
self._setup_sasl("PLAIN")
reply = self._check_auth("PLAIN")
def _setUp_postfix(self):
'''Create Postfix server configs.'''
testlib.config_replace(self.postfix_mastercf, "", append=True)
testlib.config_set(self.postfix_maincf,'mydestination','example.com, localhost.localdomain, localhost')
# Move listener to localhost:25
master = open('/etc/postfix/master.cf.new','w')
for cfline in open(self.postfix_mastercf):
if cfline.startswith('smtp') and 'smtpd' in cfline and 'inet' in cfline:
master.write('127.0.0.1:25 inet n - - - - smtpd\n')
else:
master.write(cfline)
master.write('''mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}''')
master.close()
os.rename('/etc/postfix/master.cf.new',self.postfix_mastercf)
# Use mbox only
testlib.config_comment(self.postfix_maincf,'home_mailbox')
testlib.config_set(self.postfix_maincf,'mailbox_command','procmail -a "$EXTENSION"')
# Config mailman
testlib.config_set(self.postfix_maincf,'relay_domains','lists.example.com')
testlib.config_set(self.postfix_maincf,'transport_maps','hash:%s' % self.postfix_transport)
testlib.config_set(self.postfix_maincf,'mailman_destination_recipient_limit','1')
testlib.config_set(self.postfix_maincf,'alias_maps','hash:%s, hash:%s' % (self.postfix_aliases,self.mailman_aliases))
testlib.config_replace(self.postfix_transport, "lists.example.com mailman:")
subprocess.call(['postmap', self.postfix_transport], stdout=subprocess.PIPE)
testlib.config_replace(self.postfix_aliases, '''mailman: "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join: "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request: "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"''', append=True)
subprocess.call(['chown', 'root:list', self.postfix_aliases])
subprocess.call(['newaliases'])
# Restart server
self.postfix_daemon.restart()
# Postfix exits its init script before the master listener has started
time.sleep(2)
def _setup_sasl(self, mech, other_mech="", force_sasldb=False):
'''Setup sasl for mech'''
conf_file = '/etc/postfix/main.cf'
for field in ['smtpd_sasl_type','smtpd_sasl_local_domain','smtpd_tls_auth_only']:
testlib.config_comment(conf_file,field)
testlib.config_set(conf_file,'smtpd_sasl_path','smtpd')
testlib.config_set(conf_file,'smtpd_sasl_auth_enable','yes')
#testlib.config_set(conf_file,'broken_sasl_auth_clients','yes')
testlib.config_set(conf_file,'smtpd_sasl_authenticated_header','yes')
testlib.config_set(conf_file,'smtpd_tls_loglevel','2')
# setup smtpd.conf and the sasl users
contents = ''
self.assertTrue(mech in ['LOGIN', 'PLAIN', 'CRAM-MD5', 'DIGEST-MD5'], "Invalid mech: %s" % mech)
if not force_sasldb and (mech == "PLAIN" or mech == "LOGIN"):
conf_file = '/etc/default/saslauthd'
testlib.config_set(conf_file, 'START', 'yes', spaces=False)
contents = '''
pwcheck_method: saslauthd
allowanonymouslogin: 0
allowplaintext: 1
mech_list: %s %s
''' % (mech, other_mech)
# attach SASL to postfix chroot
subprocess.call(['mkdir','-p','/var/spool/postfix/var/run/saslauthd'])
subprocess.call(['rm','-rf','/var/run/saslauthd'])
subprocess.call(['ln','-s','/var/spool/postfix/var/run/saslauthd','/var/run/saslauthd'])
subprocess.call(['/etc/init.d/saslauthd', 'stop'], stdout=subprocess.PIPE)
assert subprocess.call(['/etc/init.d/saslauthd', 'start'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) == 0
# Force crackful perms so chroot'd postfix can talk to saslauthd
subprocess.call(['chmod','o+x','/var/spool/postfix/var/run/saslauthd'])
else:
plaintext = "1"
if mech == "LOGIN" or mech == "PLAIN":
plaintext = "0"
contents = '''
pwcheck_method: auxprop
allowanonymouslogin: 0
allowplaintext: %s
mech_list: %s %s
''' % (plaintext, mech, other_mech)
# Add user to sasldb2
testlib.config_replace("/etc/sasldb2", '', append=False)
rc, report = testlib.cmd(['postconf', '-h', 'myhostname'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
child = pexpect.spawn('saslpasswd2 -c -u %s %s' % (report.strip(), self.user.login))
time.sleep(0.2)
child.expect(r'(?i)password', timeout=5)
time.sleep(0.2)
child.sendline(self.user.password)
time.sleep(0.2)
child.expect(r'.*(for verification)', timeout=5)
time.sleep(0.2)
child.sendline(self.user.password)
time.sleep(0.2)
rc = child.expect('\n', timeout=5)
time.sleep(0.2)
self.assertEquals(rc, expected, "passwd returned %d" %(rc))
child.kill(0)
os.chmod("/etc/sasldb2", 0640)
rc, report = testlib.cmd(['chgrp', 'postfix', '/etc/sasldb2'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# Force crackful perms so chroot'd postfix can talk to saslauthd
subprocess.call(['mv', '-f', '/etc/sasldb2', '/var/spool/postfix/etc'])
subprocess.call(['ln', '-s', '/var/spool/postfix/etc/sasldb2', '/etc/sasldb2'])
conf_file = '/etc/postfix/sasl/smtpd.conf'
testlib.config_replace(conf_file, contents, append=False)
# Restart server
self._restart_server()
