def __init__(self, debug=False, cred=None):
"""
Initialize SecureTeaAutoServerPatcher.
Args:
debug (bool): Log on terminal or not
url (str): URL to scan for SSL vulnerabilites
Raises:
None
Returns:
None
"""
# Initialize logger
self.logger = PatchLogger(__name__, debug=debug)
if not utils.check_root():
self.logger.log("Please run as root, exiting.", logtype="error")
sys.exit(0)
if not cred:
self.logger.log("No credentials specified.", logtype="error")
sys.exit(0)
# List of files to patch
self.to_patch = list()
url = cred['url']
apache = int(cred['apache'])
ssh = int(cred['ssh'])
login = int(cred['login'])
sysctl = int(cred['sysctl'])
# Determine which file to patch
if apache == 1:
self.to_patch.append("apache")
if ssh == 1:
self.to_patch.append("ssh")
if login == 1:
self.to_patch.append("login")
if sysctl == 1:
self.to_patch.append("sysctl")
if url and url != "XXXX": # if valid URL
self.url = url
else:
self.url = None
# Create Installer object
self.installer = Installer(debug=debug)
# Create Patcher object
self.patcher = ConfigPatcher(debug=debug, to_patch=self.to_patch)
if self.url:
# Create SSLScanner object
self.ssl_scanner = SSLScanner(debug=debug, url=self.url)
def test_open_json(self, mck_utils, mck_open, mck_open_json):
"""
Test open_json.
"""
# Mock OS
mck_utils.categorize_os.return_value = self.os
# Mock Configuration
mck_open_json.return_value = {
"debian": {
"key": "value"
}
}
# Create Installer object
self.installer = Installer()
res = self.installer.open_json("random")
self.assertEqual(res, {"debian": {"key": "value"}})
def test_install(self, mck_ex_com, mck_open_json, mck_log, mck_utils):
"""
Test install.
"""
# Mock OS
mck_utils.categorize_os.return_value = self.os
# Mock Configuration
mck_open_json.return_value = {
"debian":{
"commands": ["command1"]
}
}
# Create Installer object
self.installer = Installer()
mck_ex_com.return_value = ("output", "")
self.installer.install()
mck_log.assert_called_with('Ouput: output', logtype='info')
def test_execute_command(self, mck_open_json, mck_utils, mck_subprocess):
"""
Test excecute_command.
"""
# Mock OS
mck_utils.categorize_os.return_value = self.os
# Mock Configuration
mck_open_json.return_value = {
"debian":{
"key": "value"
}
}
# Create Installer object
self.installer = Installer()
# Mock return value
mck_subprocess.Popen.return_value.communicate.return_value = (b"output", b"error")
output, error = self.installer.excecute_command("random command")
self.assertEqual(output, "output")
self.assertEqual(error, "error")
class TestInstaller(unittest.TestCase):
"""
Test class for SecureTea Auto Server Patcher Installer.
"""
def setUp(self):
"""
Setup class for TestInstaller.
"""
self.os = "debian"
@patch("securetea.lib.auto_server_patcher.installer.subprocess")
@patch("securetea.lib.auto_server_patcher.installer.utils")
@patch.object(Installer, "open_json")
def test_execute_command(self, mck_open_json, mck_utils, mck_subprocess):
"""
Test excecute_command.
"""
# Mock OS
mck_utils.categorize_os.return_value = self.os
# Mock Configuration
mck_open_json.return_value = {
"debian":{
"key": "value"
}
}
# Create Installer object
self.installer = Installer()
# Mock return value
mck_subprocess.Popen.return_value.communicate.return_value = (b"output", b"error")
output, error = self.installer.excecute_command("random command")
self.assertEqual(output, "output")
self.assertEqual(error, "error")
@patch("securetea.lib.auto_server_patcher.installer.utils")
@patch.object(PatchLogger, "log")
@patch.object(Installer, "open_json")
@patch.object(Installer, "excecute_command")
def test_install(self, mck_ex_com, mck_open_json, mck_log, mck_utils):
"""
Test install.
"""
# Mock OS
mck_utils.categorize_os.return_value = self.os
# Mock Configuration
mck_open_json.return_value = {
"debian":{
"commands": ["command1"]
}
}
# Create Installer object
self.installer = Installer()
mck_ex_com.return_value = ("output", "")
self.installer.install()
mck_log.assert_called_with('Ouput: output', logtype='info')
@patch.object(Installer, "open_json")
@patch("securetea.lib.auto_server_patcher.installer.open")
@patch("securetea.lib.auto_server_patcher.installer.utils")
def test_open_json(self, mck_utils, mck_open, mck_open_json):
"""
Test open_json.
"""
# Mock OS
mck_utils.categorize_os.return_value = self.os
# Mock Configuration
mck_open_json.return_value = {
"debian": {
"key": "value"
}
}
# Create Installer object
self.installer = Installer()
res = self.installer.open_json("random")
self.assertEqual(res, {"debian": {"key": "value"}})
class SecureTeaAutoServerPatcher(object):
"""SecureTeaAutoServerPatcher Class."""
def __init__(self, debug=False, cred=None):
"""
Initialize SecureTeaAutoServerPatcher.
Args:
debug (bool): Log on terminal or not
url (str): URL to scan for SSL vulnerabilites
Raises:
None
Returns:
None
"""
# Initialize logger
self.logger = PatchLogger(__name__, debug=debug)
if not utils.check_root():
self.logger.log("Please run as root, exiting.", logtype="error")
sys.exit(0)
if not cred:
self.logger.log("No credentials specified.", logtype="error")
sys.exit(0)
# List of files to patch
self.to_patch = list()
# Parse arguments
url = cred['url']
if cred['apache']:
apache = 1
else:
apache = 0
if cred['ssh']:
ssh = 1
else:
ssh = 0
if cred['login']:
login = 1
else:
login = 0
if cred['sysctl']:
sysctl = 1
else:
sysctl = 0
# Determine which file to patch
if apache == 1:
self.to_patch.append("apache")
if ssh == 1:
self.to_patch.append("ssh")
if login == 1:
self.to_patch.append("login")
if sysctl == 1:
self.to_patch.append("sysctl")
if url and url != "XXXX": # if valid URL
self.url = url
else:
self.url = None
# Create Installer object
self.installer = Installer(debug=debug)
# Create Patcher object
self.patcher = ConfigPatcher(debug=debug, to_patch=self.to_patch)
if self.url:
# Create SSLScanner object
self.ssl_scanner = SSLScanner(debug=debug, url=self.url)
def start(self):
"""
Start SecureTea Auto Server Patcher.
Args:
None
Raises:
None
Returns:
None
"""
# Start patching configuraton files
self.patcher.patch()
# Start executing configuraton commands
self.installer.install()
if self.url: # if url is provided
# Start SSL scanning
self.ssl_scanner.start_scan()