def test_constructor(self):
proxy = AVProxy(proxy_file=Test.content[0][0])
assert proxy.get_proxy_url() == self.get_proxy_url(Test.content[0][1])
assert proxy.need_authentication() == False
del proxy
proxy = AVProxy(proxy_file=Test.content[1][0])
assert proxy.get_proxy_url() == self.get_proxy_url(Test.content[1][1])
assert proxy.need_authentication() == False
del proxy
proxy = AVProxy(proxy_file=Test.content[2][0])
assert proxy.get_proxy_url() == self.get_proxy_url(Test.content[2][1])
assert proxy.need_authentication() == True
del proxy
# Bad proxy file
proxy = AVProxy(proxy_file=Test.content[3][0])
assert proxy.get_proxy_url() == None
assert proxy.need_authentication() == False
del proxy
# Non-existent proxy file
proxy = AVProxy(proxy_file="/tmp/as/sdadsa")
assert proxy.get_proxy_url() == None
assert proxy.need_authentication() == False
del proxy
def make_request(self, url):
"""Make a request against the OTX server
Args:
url (str): The url with the request.
Returns:
response_data(json): The OTX response
Raise an exception when something is wrong
"""
proxy = AVProxy()
if proxy is None:
api_log.error("Connection error with AVProxy")
try:
request = urllib2.Request(url)
request.add_header('X-OTX-API-KEY', self.key)
response = proxy.open(request, timeout=20, retries=3)
response_data = json.loads(response.read(), encoding="utf-8")
except urllib2.URLError as err:
if err.code == 403:
raise InvalidAPIKey("Invalid API Key")
elif err.code == 400:
raise BadRequest("Bad Request")
else:
raise Exception(str(err))
except Exception as err:
raise Exception(str(err))
return response_data
def get_message_center_messages():
"""Retrieves the list of messages from the MCServer
Args:
None
Returns:
messag_list: List of messages"""
messages = []
conn_failed = False
try:
# First we need to retrieve the list of tags for the current system.
# If this call fails, we shouldn't make the mcserver request
proxy = AVProxy()
if proxy is None:
app.logger.error("Connection error with AVProxy")
system_tags = get_system_tags()
if len(system_tags) == 0:
return []
revision = get_latest_message_revision()
msg_filter = "filters=%s" % ','.join(system_tags)
if revision is not None:
msg_filter += "&revision=%s" % revision
url = 'https://%s:%s/messages?%s' % (
app.config['MESSAGE_CENTER_SERVER'],
app.config['MESSAGE_CENTER_PORT'], msg_filter)
request = urllib2.Request(url)
response = proxy.open(request, timeout=20, retries=3)
response_data = json.loads(response.read())
response_code = response.getcode()
if response_code != 200:
app.logger.warning("Invalid reponse from the mcserver %s:%s" %
(response_code, response_data))
for field in ['data', 'status', 'signature']:
if field not in response_data:
return []
# Validate the data
if not verify_sign(response_data['signature'], response_data['data']):
app.logger.warning(
"Cannot verify the data comimg from the mcserver")
return [], False
messages = ast.literal_eval(b64decode(response_data['data']))
if 'revision' in response_data:
save_messages_revision(response_data['revision'])
except (URLError, HTTPError):
conn_failed = True
app.logger.error("Cannot connect to the Message Center Server")
except Exception:
import traceback
app.logger.error(
"An error occurred while retrieving the Message Center Server messages: %s"
% str(traceback.format_exc()))
return messages, conn_failed
def test_constructor_5(self):
""" AVProxy: Check non-existent proxy file """
self.mock_read_file.return_value = (False, 'not exist')
proxy = AVProxy(proxy_file=self.fake_proxy_file)
self.assertEqual(None, proxy.get_proxy_url())
self.assertFalse(proxy.need_authentication())
def test_constructor_4(self):
""" AVProxy: Check bad proxy """
self.mock_read_file.return_value = (True, self.bad_proxy)
proxy = AVProxy(proxy_file=self.fake_proxy_file)
self.assertEqual(None, proxy.get_proxy_url())
self.assertFalse(proxy.need_authentication())
def test_constructor_2(self):
""" AVProxy: Check proxy with port """
self.mock_read_file.return_value = (True, self.proxy_with_port)
proxy = AVProxy(proxy_file=self.fake_proxy_file)
self.assertEqual(proxy.get_proxy_url(),
self.get_proxy_url(self.proxy_with_port))
self.assertFalse(proxy.need_authentication())
def test_constructor_1(self):
""" AVProxy: No authentication required """
self.mock_read_file.return_value = (True, self.simple_proxy)
proxy = AVProxy(proxy_file=self.fake_proxy_file)
self.mock_read_file.assert_called_once_with('127.0.0.1',
self.fake_proxy_file)
self.assertEqual(proxy.get_proxy_url(),
self.get_proxy_url(self.simple_proxy))
self.assertFalse(proxy.need_authentication())
def test_no_proxy_connect(self):
# Open connection without proxy
proxy = AVProxy()
# using an url
response = proxy.open("http://python.org")
assert response is not None
del response
# using a request
request = urllib2.Request("http://python.org")
response = proxy.open(request)
assert response is not None
def test_no_proxy_connect_url_aut(self):
""" AVProxy: Bad Proxy with retries """
self.mock_read_file.return_value = (True,
self.proxy_with_port_and_auth)
proxy = AVProxy(proxy_file='auth_proxy')
self.assertRaises((urllib2.URLError, IOError, httplib.HTTPException),
proxy.open,
"http://python.org",
timeout=0.5,
retries=1)
def test_no_proxy_connect_with_request(self, mock_opener):
""" AVProxy: Open connection without proxy using request """
expected_response = 'response OK'
mock_opener.return_value.open.return_value = expected_response
proxy = AVProxy()
request = urllib2.Request("http://python.org")
response = proxy.open(request)
self.assertEqual(expected_response, response)
call_args, _ = mock_opener.return_value.open.call_args
req_obj_from_call = call_args[0]
self.assertEqual({}, req_obj_from_call.headers)
self.assertIsInstance(req_obj_from_call, urllib2.Request)
def __init__(self, key, server="https://otx.alienvault.com/"):
self.key = key
self.server = server
self.url_base = "{}api/v1".format(server)
self.avproxy = AVProxy()
self.pulse_db = PulseDB()
self.pulse_correlation_db = PulseCorrelationDB()
self.date_types = {
"events": "latest_events_call_date",
"subscribed": "latest_subscribed_call_date"
}
self.otx_user_version = self.get_otx_user_version()
def test_no_proxy_connect_with_url(self, mock_opener):
""" AVProxy: Open connection without proxy using url """
expected_response = 'response OK'
mock_opener.return_value.open.return_value = expected_response
proxy = AVProxy()
response = proxy.open("http://python.org", timeout=2)
self.assertEqual(expected_response, response)
call_args, call_kwargs = mock_opener.return_value.open.call_args
req_obj_from_call = call_args[0]
self.assertEqual(AVProxy.USER_AGENT,
req_obj_from_call.get_header('User-agent'))
self.assertIsInstance(req_obj_from_call, urllib2.Request)
self.assertEqual(call_kwargs, {'timeout': 2})
#
import time
import json
import urllib2
import requests
import celery.utils.log
from api.lib.monitors.monitor import (Monitor, MonitorTypes, ComponentTypes)
from ansiblemethods.system.system import get_doctor_data
from db.methods.system import get_systems, get_system_id_from_local, get_system_ip_from_system_id
from apimethods.system.proxy import AVProxy
logger = celery.utils.log.get_logger("celery")
PROXY = AVProxy()
if PROXY is None:
logger.error("Connection error with AVProxy")
class MonitorPlatformTelemetryData(Monitor):
"""
Get platform telemetry data using the AV Doctor.
This basically runs the Doctor on all suitable systems, and delivers the
output data to a server.
"""
def __init__(self):
Monitor.__init__(self, MonitorTypes.MONITOR_PLATFORM_TELEMETRY_DATA)
self.message = 'Platform Telemetry Data Monitor Enabled'
self.__strike_zone_plugins = [
'0005_agent_plugins_exist.plg', '0006_agent_plugins_integrity.plg',
def test_bad_proxy_connect_url_auth(self):
# Open connection through proxy with authentication
proxy = AVProxy(proxy_file=Test.content[2][0])
response = proxy.open("http://python.org", timeout=0.5)
def test_bad_proxy_connect_request(self):
# Open connection through proxy without authentication
proxy = AVProxy(proxy_file=Test.content[0][0])
request = urllib2.Request("http://python.org")
response = proxy.open(request, timeout=1)
def test_no_proxy_connect_retry(self):
# No proxy with retries
proxy = AVProxy()
response = proxy.open("http://python.org", retries=0.5)
assert response is not None
def test_no_proxy_connect_url_aut(self):
# Bad Proxy with retries
proxy = AVProxy(proxy_file=Test.content[2][0])
response = proxy.open("http://python.org", timeout=0.5, retries=1)