def testGettingFQDNIfConfigMissing(): fqdn = "opsi.fqdntestcase.invalid" configFilePath = randomString(32) while os.path.exists(configFilePath): configFilePath = randomString(32) with patchAddress(fqdn=fqdn): assert fqdn == getfqdn(conf=configFilePath)
def testWorkingWithManyCredentials(fakeCredentialsBackend, number): backend = fakeCredentialsBackend for _ in range(number): backend.user_setCredentials(username=randomString(12), password=randomString(12)) backend.user_setCredentials(username="******", password='******') credentials = backend.user_getCredentials(username="******") assert 'bla' == credentials['password']
def createActionProcessorUser(self, recreate=True): if not config.get('action_processor', 'create_user'): return run_as_user = config.get('action_processor', 'run_as_user') if run_as_user.lower() == 'system': self._actionProcessorUserName = '' self._actionProcessorUserPassword = '' return if '\\' in run_as_user: logger.warning( "Ignoring domain part of user to run action processor '%s'", run_as_user) run_as_user = run_as_user.split('\\', -1) if not recreate and self._actionProcessorUserName and self._actionProcessorUserPassword and System.existsUser( username=run_as_user): return self._actionProcessorUserName = run_as_user logger.notice(f"Creating local user '{run_as_user}'") self._actionProcessorUserPassword = '******' + str( randomString(16)) + '!/%' secret_filter.add_secrets(self._actionProcessorUserPassword) if System.existsUser(username=run_as_user): System.deleteUser(username=run_as_user) System.createUser(username=run_as_user, password=self._actionProcessorUserPassword, groups=[System.getAdminGroupName()])
def testGettingFQDNIfConfigFileEmpty(tempDir): fqdn = "opsi.fqdntestcase.invalid" with patchAddress(fqdn=fqdn): confPath = os.path.join(tempDir, randomString(8)) with open(confPath, 'w'): pass assert fqdn == getfqdn(conf=confPath)
def __init__(self, packageFile, tempDir=None): self.packageFile = os.path.abspath(forceFilename(packageFile)) if not os.path.exists(self.packageFile): raise IOError(u"Package file '%s' not found" % self.packageFile) tempDir = tempDir or DEFAULT_TMP_DIR self.tempDir = os.path.abspath(forceFilename(tempDir)) if not os.path.isdir(self.tempDir): raise IOError(u"Temporary directory '%s' not found" % self.tempDir) self.clientDataDir = None self.tmpUnpackDir = os.path.join(self.tempDir, u'.opsi.unpack.%s' % randomString(5)) self.packageControlFile = None self.clientDataFiles = []
def testReadingPasswordFromCredentialsfile(filename): password = randomString(32) pwdfile = filename + '.secret' with codecs.open(pwdfile, 'w', 'utf-8') as f: f.write(password + '\n') with open(filename, 'w') as f: f.write('address = https://lullaby.machine.dream:12345/c3\n') f.write('username = hanz\n') f.write('password file = {}\n'.format(pwdfile)) config = readOpsirc(filename) assert len(config) == 3 assert config['address'] == 'https://lullaby.machine.dream:12345/c3' assert config['username'] == 'hanz' assert config['password'] == password
def __init__(self, sessionHandler, name=u'OPSISID', sessionMaxInactiveInterval=120): self.sessionHandler = sessionHandler self.name = forceUnicode(name) self.sessionMaxInactiveInterval = forceInt(sessionMaxInactiveInterval) self.created = time.time() self.lastModified = time.time() self.sessionTimer = None self.uid = randomString(32) self.ip = u'' self.userAgent = u'' self.hostname = u'' self.user = u'' self.password = u'' self.authenticated = False self.postpath = [] self.usageCount = 0 self.usageCountLock = threading.Lock() self.markedForDeletion = False self.deleted = False self.touch()
def inventoryNumber(request): return randomString(request.param)
def pathToTempFile(tempDir): yield os.path.join(tempDir, randomString(8))
def text(): return randomString(24)
def __init__(self, packageSourceDir, tempDir=None, customName=None, customOnly=False, packageFileDestDir=None, format='cpio', compression='gzip', dereference=False): self.packageSourceDir = os.path.abspath( forceFilename(packageSourceDir)) if not os.path.isdir(self.packageSourceDir): raise IOError(u"Package source directory '%s' not found" % self.packageSourceDir) tempDir = tempDir or DEFAULT_TMP_DIR self.tempDir = os.path.abspath(forceFilename(tempDir)) if not os.path.isdir(self.tempDir): raise IOError(u"Temporary directory '%s' not found" % self.tempDir) self.customName = None if customName: self.customName = forcePackageCustomName(customName) self.customOnly = forceBool(customOnly) if format: if format not in (u'cpio', u'tar'): raise ValueError(u"Format '%s' not supported" % format) self.format = format else: self.format = u'cpio' if not compression: self.compression = None else: if compression not in (u'gzip', u'bzip2'): raise ValueError(u"Compression '%s' not supported" % compression) self.compression = compression self.dereference = forceBool(dereference) if not packageFileDestDir: packageFileDestDir = self.packageSourceDir packageFileDestDir = os.path.abspath(forceFilename(packageFileDestDir)) if not os.path.isdir(packageFileDestDir): raise IOError(u"Package destination directory '%s' not found" % packageFileDestDir) packageControlFile = os.path.join(self.packageSourceDir, u'OPSI', u'control') if customName and os.path.exists( os.path.join(self.packageSourceDir, u'OPSI.%s' % customName, u'control')): packageControlFile = os.path.join(self.packageSourceDir, u'OPSI.%s' % customName, u'control') self.packageControlFile = PackageControlFile(packageControlFile) self.packageControlFile.parse() customName = u'' if self.customName: customName = u'~%s' % self.customName self.packageFile = os.path.join( packageFileDestDir, u"%s_%s-%s%s.opsi" % (self.packageControlFile.getProduct().id, self.packageControlFile.getProduct().productVersion, self.packageControlFile.getProduct().packageVersion, customName)) self.tmpPackDir = os.path.join(self.tempDir, u'.opsi.pack.%s' % randomString(5))
def testArchiveCanBeNamed(tempDir): randomName = os.path.join(tempDir, '{0}.tar'.format(randomString(16))) archive, _ = createArchive(tempDir, name=randomName, mode="w") assert os.path.exists(archive.name)
def testExistingArchiveIsImmutable(tempDir): randomName = os.path.join(tempDir, '{0}.tar'.format(randomString(16))) _, options = createArchive(tempDir, name=randomName, mode="w") with pytest.raises(OpsiBackupFileError): OpsiBackupArchive(**options)
def urlopen(self, method, url, body=None, headers={}, retry=True, redirect=True, assert_same_host=True, firstTryTime=None): """ Get a connection from the pool and perform an HTTP request. method HTTP request method (such as GET, POST, PUT, etc.) body Data to send in the request body (useful for creating POST requests, see HTTPConnectionPool.post_url for more convenience). headers Custom headers to send (such as User-Agent, If-None-Match, etc.) retry Retry on connection failure in between self.retryTime seconds redirect Automatically handle redirects (status codes 301, 302, 303, 307), each redirect counts as a retry. """ now = time.time() if not firstTryTime: firstTryTime = now conn = None if assert_same_host and not self.is_same_host(url): host = "%s://%s" % (self.scheme, self.host) if self.port: host = "%s:%d" % (host, self.port) raise HostChangedError( u"Connection pool with host '%s' tried to open a foreign host: %s" % (host, url)) try: conn = self._get_conn() if self.httplibDebugLevel: conn.set_debuglevel(self.httplibDebugLevel) self.num_requests += 1 global totalRequests totalRequests += 1 randomKey = None if isinstance( self, HTTPSConnectionPool ) and self.verifyServerCert and not self.serverVerified: try: logger.info(u"Encoding authorization") randomKey = randomString(32).encode('latin-1') encryptedKey = encryptWithPublicKeyFromX509CertificatePEMFile( randomKey, self.serverCertFile) logger.debug2("Key encrypted...") headers[ 'X-opsi-service-verification-key'] = base64.b64encode( encryptedKey) for key, value in headers.items(): if key.lower() == 'authorization': logger.debug2("Procesing authorization header...") if value.lower().startswith('basic'): value = value[5:].strip() value = base64.b64decode(value).strip() logger.debug2("Decoded authorization header...") encodedAuth = encryptWithPublicKeyFromX509CertificatePEMFile( value, self.serverCertFile) headers[key] = 'Opsi ' + base64.b64encode( encodedAuth) except Exception as error: logger.logException(error, LOG_INFO) logger.critical( u"Cannot verify server based on certificate file {0!r}: {1}", self.serverCertFile, error) randomKey = None logger.debug2("Handing data to connection...") conn.request(method, url, body=body, headers=headers) if self.socketTimeout: conn.sock.settimeout(self.socketTimeout) else: conn.sock.settimeout(None) httplib_response = conn.getresponse() # from_httplib will perform httplib_response.read() which will have # the side effect of letting us use this connection for another # request. response = HTTPResponse.from_httplib(httplib_response) if randomKey: logger.debug2("Checking for random key...") try: key = response.getheader('x-opsi-service-verification-key', None) if not key: raise ValueError( u"HTTP header 'X-opsi-service-verification-key' missing" ) if key.strip() != randomKey.strip(): raise OpsiAuthenticationError( u"opsi-service-verification-key '%s' != '%s'" % (key, randomKey)) self.serverVerified = True logger.notice( u"Service verified by opsi-service-verification-key") except Exception as error: logger.error(u"Service verification failed: {0}", error) raise OpsiServiceVerificationError( u"Service verification failed: %s" % error) if self.serverCertFile and self.peerCertificate: try: certDir = os.path.dirname(self.serverCertFile) if not os.path.exists(certDir): os.makedirs(certDir) with open(self.serverCertFile, 'w') as f: f.write(self.peerCertificate) except Exception as error: logger.error( u"Failed to create server cert file {0!r}: {1}", self.serverCertFile, error) # Put the connection back to be reused if self.reuseConnection: self._put_conn(conn) else: logger.debug(u"Closing connection: {0}", conn) self._put_conn(None) closeConnection(conn) except (SocketTimeout, Empty, HTTPException, SocketError) as error: logger.logException(error, logLevel=LOG_DEBUG) try: logger.debug( u"Request to host {0!r} failed, retry: {1}, firstTryTime: {2}, now: {3}, retryTime: {4}, connectTimeout: {5}, socketTimeout: {6} ({7!r})", self.host, retry, firstTryTime, now, self.retryTime, self.connectTimeout, self.socketTimeout, error) except Exception as loggingError: logger.debug(u"Logging exception failed: {0}", forceUnicode(loggingError)) logger.debug( u"Trying to log again without original exception.") try: logger.debug( u"Request to host {0!r} failed, retry: {1}, firstTryTime: {2}, now: {3}, retryTime: {4}, connectTimeout: {5}, socketTimeout: {6}", self.host, retry, firstTryTime, now, self.retryTime, self.connectTimeout, self.isocketTimeout) except Exception as error: logger.debug(u"Logging message failed: {0!r}", error) logger.warning(u"Logging message failed: {0}", forceUnicode(error)) self._put_conn(None) closeConnection(conn) if retry and (now - firstTryTime < self.retryTime): logger.debug(u"Request to {0!r} failed: {1}", self.host, forceUnicode(error)) logger.debug(u"Waiting before retry...") time.sleep(0.2) return self.urlopen(method, url, body, headers, retry, redirect, assert_same_host, firstTryTime) else: if retry: logger.warning( "Connecting to {0!r} did not succeed after retrying.", self.host) raise except Exception: self._put_conn(None) closeConnection(conn) raise # Handle redirection if redirect and response.status in ( 301, 302, 303, 307) and 'location' in response.headers: logger.info(u"Redirecting %s -> %s" % (url, response.headers.get('location'))) time.sleep(0.1) self._put_conn(None) closeConnection(conn) return self.urlopen(method, url, body, headers, retry, redirect, assert_same_host, firstTryTime) return response
def testRandomStringBuildsStringOutOfGivenCharacters(): assert 5*'a' == randomString(5, characters='a')
def filename(tempDir): return os.path.join(tempDir, randomString(8) + '.conf')
def randomText(request): yield randomString(request.param)
def testRandomStringHasExpectedLength(length): result = randomString(length) assert length == len(result) assert length == len(result.strip())