def setUp(self):
startNufw(["-s"])
config = NuauthConf()
config["nuauth_log_users"] = '9'
config["mysql_prefix_version"] = '1'
if POSTGRESQL:
config.need_restart = True
self.conn = pgdb.connect(host=DB_SERVER,
user=DB_USER,
password=DB_PASSWORD,
database=DB_DBNAME)
config["nuauth_user_logs_module"] = '"pgsql"'
config["nuauth_user_session_logs_module"] = '"pgsql"'
else:
self.conn = MySQLdb.Connect(host=DB_SERVER,
user=DB_USER,
passwd=DB_PASSWORD,
db=DB_DBNAME)
config["nuauth_user_logs_module"] = '"mysql"'
config["nuauth_user_session_logs_module"] = '"mysql"'
self.users = USERDB
self.user = self.users[0]
self.acls = PlaintextAcl()
self.acls.addAcl("web",
VALID_PORT,
self.user.gid,
log_prefix=LOG_PREFIX)
self.users.install(config)
self.acls.install(config)
self.nuauth = Nuauth(config)
self.start_time = int(time() - 1.1)
def setUp(self):
startNufw(["-s"])
config = NuauthConf()
config["nuauth_log_users"] = '9'
config["mysql_prefix_version"] = '1'
if POSTGRESQL:
config.need_restart = True
self.conn = pgdb.connect(
host=DB_SERVER,
user=DB_USER,
password=DB_PASSWORD,
database=DB_DBNAME)
config["nuauth_user_logs_module"] = '"pgsql"'
config["nuauth_user_session_logs_module"] = '"pgsql"'
else:
self.conn = MySQLdb.Connect(
host=DB_SERVER,
user=DB_USER,
passwd=DB_PASSWORD,
db=DB_DBNAME)
config["nuauth_user_logs_module"] = '"mysql"'
config["nuauth_user_session_logs_module"] = '"mysql"'
self.users = USERDB
self.user = self.users[0]
self.acls = PlaintextAcl()
self.acls.addAcl("web", VALID_PORT, self.user.gid, log_prefix=LOG_PREFIX)
self.users.install(config)
self.acls.install(config)
self.nuauth = Nuauth(config)
self.start_time = int(time()-1.1)
def setUp(self):
self.iptables = Iptables()
self.port = VALID_PORT
self.host = HOST
self.cacert = config.get("test_cert", "cacert")
self.nuconfig = NuauthConf()
self.nuconfig["nuauth_tls_auth_by_cert"] = "0"
self.nuauth = Nuauth(self.nuconfig)
def startNuauth(self, dict_args=None):
self.nuconfig = NuauthConf()
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_crl"] = '"%s"' % abspath(
config.get("test_cert", "crl"))
if dict_args is None:
dict_args = dict()
for key in dict_args.keys():
self.nuconfig[key] = dict_args[key]
self.nuauth = Nuauth(self.nuconfig)
class TestClientCertAuth(TestCase):
def setUp(self):
self.nuconfig = NuauthConf()
cacert = config.get("test_cert", "cacert")
# Userdb
self.user = PlaintextUser("user", "nopassword", 42, 42)
self.userdb = PlaintextUserDB()
self.userdb.addUser(self.user)
self.userdb.install(self.nuconfig)
# Server
self.nuconfig["plaintext_userfile"] = '"%s"' % self.userdb.filename
self.nuconfig["nuauth_tls_auth_by_cert"] = "2"
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_cacert"] = '"%s"' % cacert
self.nuconfig["nuauth_tls_key"] = '"%s"' % config.get(
"test_cert", "nuauth_key")
self.nuconfig["nuauth_tls_cert"] = '"%s"' % config.get(
"test_cert", "nuauth_cert")
self.nuauth = Nuauth(self.nuconfig)
def tearDown(self):
self.client.stop()
self.nuauth.stop()
self.userdb.desinstall()
self.nuconfig.desinstall()
def testValidCert(self):
# Client
cacert = config.get("test_cert", "cacert")
cert = config.get("test_cert", "user_cert")
key = config.get("test_cert", "user_key")
args = ["-C", cert, "-K", key, "-A", cacert]
self.client = self.user.createClient(more_args=args)
self.client.password = "******" % self.user.password
self.assert_(connectClient(self.client))
def testInvalidCert(self):
# Expired certificate
cacert = config.get("test_cert", "cacert")
cert = config.get("test_cert", "user_invalid_cert")
key = config.get("test_cert", "user_invalid_key")
args = ["-C", cert, "-K", key, "-A", cacert]
self.client = self.user.createClient(more_args=args)
self.client.password = "******" % self.user.password
self.assert_(not connectClient(self.client))
class TestClientCertAuth(TestCase):
def setUp(self):
self.nuconfig = NuauthConf()
cacert = config.get("test_cert", "cacert")
# Userdb
self.user = PlaintextUser("user", "nopassword", 42, 42)
self.userdb = PlaintextUserDB()
self.userdb.addUser(self.user)
self.userdb.install(self.nuconfig)
# Server
self.nuconfig["plaintext_userfile"] = '"%s"' % self.userdb.filename
self.nuconfig["nuauth_tls_auth_by_cert"] = "2"
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_cacert"] = '"%s"' % cacert
self.nuconfig["nuauth_tls_key"] = '"%s"' % config.get("test_cert", "nuauth_key")
self.nuconfig["nuauth_tls_cert"] = '"%s"' % config.get("test_cert", "nuauth_cert")
self.nuauth = Nuauth(self.nuconfig)
def tearDown(self):
self.client.stop()
self.nuauth.stop()
self.userdb.desinstall()
self.nuconfig.desinstall()
def testValidCert(self):
# Client
cacert = config.get("test_cert", "cacert")
cert = config.get("test_cert", "user_cert")
key = config.get("test_cert", "user_key")
args = ["-C", cert, "-K", key, "-A", cacert]
self.client = self.user.createClient(more_args=args)
self.client.password = "******" % self.user.password
self.assert_(connectClient(self.client))
def testInvalidCert(self):
# Expired certificate
cacert = config.get("test_cert", "cacert")
cert = config.get("test_cert", "user_invalid_cert")
key = config.get("test_cert", "user_invalid_key")
args = ["-C", cert, "-K", key, "-A", cacert]
self.client = self.user.createClient(more_args=args)
self.client.password = "******" % self.user.password
self.assert_(not connectClient(self.client))
def setUp(self):
# Setup our user DB
self.config = NuauthConf()
self.users = USERDB
self.userA = self.users[0]
self.userB = self.users[1]
self.users.install(self.config)
def setUp(self):
# Load nuauth
nuconfig = NuauthConf()
self.nuauth = Nuauth(nuconfig)
# Create client
self.client = createClientWithCerts()
def setUp(self):
self.port = VALID_PORT
self.mark = 1
self.shift = 8
config = NuauthConf()
# Userdb
self.user = PlaintextUser("guest", "nopassword", 42, 42)
self.userdb = PlaintextUserDB()
self.userdb.addUser(self.user)
self.userdb.install(config)
self.acls = PlaintextAcl()
self.acls.addAcl("port",
self.port,
self.user.gid,
flags=(self.mark << self.shift))
self.acls.install(config)
# Load nuauth
config["nuauth_finalize_packet_module"] = '"mark_flag"'
config["mark_flag_mark_shift"] = 0
config["mark_flag_flag_shift"] = self.shift
config["mark_flag_nbits"] = 16
self.nuauth = Nuauth(config)
self.iptables = Iptables()
self.nufw = startNufw(["-m"])
self.client = self.user.createClientWithCerts()
def startNuauth(self, dict_args=None):
self.cacert = abspath(config.get("test_cert", "cacert"))
self.nuconfig = NuauthConf()
if dict_args is None:
dict_args = dict()
for key in dict_args.keys():
self.nuconfig[key] = dict_args[key]
self.nuauth = Nuauth(self.nuconfig)
def startNuauth(self, dict_args=None):
self.nuconfig = NuauthConf()
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_crl"] = '"%s"' % abspath(config.get("test_cert", "crl"))
if dict_args is None:
dict_args = dict()
for key in dict_args.keys():
self.nuconfig[key] = dict_args[key]
self.nuauth = Nuauth(self.nuconfig)
def setUp(self):
self.iptables = Iptables()
self.iptables.command(
'-A OUTPUT -p tcp --sport %u -d %s --tcp-flags SYN,ACK SYN,ACK -j NFQUEUE'
% (VALID_PORT, HOST))
config = NuauthConf()
self.nuauth = Nuauth(config)
self.nufw = startNufw()
def setUp(self):
self.iptables = Iptables()
self.users = USERDB
self.host = HOST
self.config = NuauthConf()
self.acls = self.func_acls()
# Start nuauth with new config
self.users.install(self.config)
self.nufw = startNufw(["-s"])
def setUp(self):
self.iptables = Iptables()
self.users = USERDB
self.config = NuauthConf()
self.config["xml_defs_periodfile"] = '"%s"' % os.path.abspath(
"../conf/periods.xml")
self.acls = PlaintextAcl()
# Start nuauth with new config
self.users.install(self.config)
self.nufw = startNufw(["-s"])
def setUp(self):
self.iptables = Iptables()
self.users = USERDB
self.acls = PlaintextAcl()
self.acls.addAcl("web", VALID_PORT, self.users[0].gid + 1)
self.config = NuauthConf()
self.config["nuauth_packet_timeout"] = "1"
self.users.install(self.config)
self.acls.install(self.config)
self.nufw = startNufw(["-s"])
def setUp(self):
# Prepare our new scripts
self.script_up = ReplaceFile(SCRIPT_UP, SCRIPT % "UP", MODE)
self.script_down = ReplaceFile(SCRIPT_DOWN, SCRIPT % "DOWN", MODE)
self.script_up.install()
self.script_down.install()
# Create nuauth
config = NuauthConf()
config["nuauth_user_session_logs_module"] = '"script"'
self.nuauth = Nuauth(config)
def setUp(self):
self.nuconfig = NuauthConf()
cacert = config.get("test_cert", "cacert")
# Userdb
self.user = PlaintextUser("user", "nopassword", 42, 42)
self.userdb = PlaintextUserDB()
self.userdb.addUser(self.user)
self.userdb.install(self.nuconfig)
# Server
self.nuconfig["plaintext_userfile"] = '"%s"' % self.userdb.filename
self.nuconfig["nuauth_tls_auth_by_cert"] = "2"
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_cacert"] = '"%s"' % cacert
self.nuconfig["nuauth_tls_key"] = '"%s"' % config.get(
"test_cert", "nuauth_key")
self.nuconfig["nuauth_tls_cert"] = '"%s"' % config.get(
"test_cert", "nuauth_cert")
self.nuauth = Nuauth(self.nuconfig)
def createClientWithCerts(username=USERNAME,
password=PASSWORD,
more_args=None):
nuconfig = NuauthConf()
args = []
cacert = abspath(config.get("test_cert", "cacert"))
if not (more_args and "-A" in more_args):
args = args + ["-A", cacert]
cert = abspath(config.get("test_cert", "user_cert"))
if not (more_args and "-C" in more_args):
args = args + ["-C", cert]
key = abspath(config.get("test_cert", "user_key"))
if not (more_args and "-K" in more_args):
args = args + ["-K", key]
if more_args:
args = args + more_args
return Client(username, password, CLIENT_IP, more_args=args)
def setUp(self):
self.cacert = config.get("test_cert", "cacert")
nuconfig = NuauthConf()
nuconfig["nuauth_user_session_modify_module"] = "\"session_authtype\""
nuconfig["nuauth_tls_auth_by_cert"] = "0"
nuconfig["nuauth_tls_request_cert"] = "0"
nuconfig["nuauth_tls_cacert"] = '"%s"' % self.cacert
nuconfig["nuauth_tls_key"] = '"%s"' % config.get(
"test_cert", "nuauth_key")
nuconfig["nuauth_tls_cert"] = '"%s"' % config.get(
"test_cert", "nuauth_cert")
self.config = nuconfig
# Userdb
self.user = PlaintextUser("user", "nopassword", 42, 42)
self.userdb = PlaintextUserDB()
self.userdb.addUser(self.user)
self.userdb.install(self.config)
def setUp(self):
self.nuconfig = NuauthConf()
cacert = config.get("test_cert", "cacert")
# Userdb
self.user = PlaintextUser("user", "nopassword", 42, 42)
self.userdb = PlaintextUserDB()
self.userdb.addUser(self.user)
self.userdb.install(self.nuconfig)
# Server
self.nuconfig["plaintext_userfile"] = '"%s"' % self.userdb.filename
self.nuconfig["nuauth_tls_auth_by_cert"] = "2"
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_cacert"] = '"%s"' % cacert
self.nuconfig["nuauth_tls_key"] = '"%s"' % config.get("test_cert", "nuauth_key")
self.nuconfig["nuauth_tls_cert"] = '"%s"' % config.get("test_cert", "nuauth_cert")
self.nuauth = Nuauth(self.nuconfig)
def setUp(self):
self.expiration = DURATION
self.host = HOST
# Setup session_expire library
nuconfig = NuauthConf()
nuconfig['nuauth_user_session_modify_module'] = '"session_expire"'
nuconfig['nuauth_session_duration'] = str(self.expiration)
# Install temporary user database
self.userdb = PlaintextUserDB()
self.userdb.addUser(PlaintextUser(USERNAME, PASSWORD, 42, 42))
self.userdb.install(nuconfig)
self.acls = PlaintextAcl()
# Start nuauth
self.nuauth = Nuauth(nuconfig)
# Create client
self.client = createClientWithCerts()
def setUp(self):
self.port = VALID_PORT
config = NuauthConf()
# Userdb
self.user = PlaintextUser("visiteur", "nopassword", 42, 42)
self.userdb = PlaintextUserDB()
self.userdb.addUser(self.user)
self.userdb.install(config)
self.acls = PlaintextAcl()
self.acls.addAcl("web", self.port, self.user.gid)
self.acls.install(config)
# Load nuauth
config["nuauth_do_ip_authentication"] = '1'
config["nuauth_ip_authentication_module"] = '"ipauth_guest"'
config["ipauth_guest_username"] = '******' % self.user.login
self.nuauth = Nuauth(config)
self.iptables = Iptables()
self.nufw = startNufw()
def setUp(self):
self.dst_host = socket.gethostbyname(HOST)
self.config = NuauthConf()
self.acls = PlaintextAcl()
self.acls.addAclFull("web", self.dst_host, VALID_PORT, USERDB[0].gid, 1, period='10 secs' )
self.acls.install(self.config)
self.period = PlainPeriodXML()
self.period.addPeriod(Period("10 secs", duration = 10))
self.period.install(self.config)
self.users = USERDB
self.users.install(self.config)
self.nuauth = Nuauth(self.config)
self.nufw = startNufw()
self.iptables = Iptables()
self.iptables.flush()
self.iptables.command('-I OUTPUT -d %s -p tcp --dport 80 --syn -m state --state NEW -j NFQUEUE' % self.dst_host)
self.iptables.command('-I OUTPUT -d %s -p tcp --dport 80 ! --syn -m state --state NEW -j DROP' % self.dst_host)
def setUp(self):
config = NuauthConf()
self.users = USERDB
self.users.install(config)
self.nuauth = Nuauth(config)
class TestTLSNufw(TestCase):
def setUp(self):
self.iptables = Iptables()
self.port = VALID_PORT
self.host = HOST
self.cacert = abspath(config.get("test_cert", "cacert"))
def startNuauth(self, dict_args=None):
self.nuconfig = NuauthConf()
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_crl"] = '"%s"' % abspath(
config.get("test_cert", "crl"))
if dict_args is None:
dict_args = dict()
for key in dict_args.keys():
self.nuconfig[key] = dict_args[key]
self.nuauth = Nuauth(self.nuconfig)
def tearDown(self):
self.nuauth.stop()
self.nuconfig.desinstall()
self.iptables.flush()
def connectNuauthNufw(self):
# Open TCP connection just to connect nufw to nuauth
self.iptables.filterTcp(self.port)
connectTcp(HOST, self.port, 0.100)
# nufw side
# "TLS connection to nuauth can NOT be restored"
def testNufwValidCert(self):
self.startNuauth()
self.nufw = startNufw()
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def testNufwFQDNCheck(self):
self.startNuauth()
self.nufw = startNufw(["-d", "127.0.0.1"])
self.connectNuauthNufw()
self.assert_(not self.nufw_connection_is_established())
self.nufw.stop()
self.nufw = startNufw(["-d", "nuauth.inl.fr"])
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def testNufwIgnoreFQDNCheck(self):
self.startNuauth()
self.nufw = startNufw(["-d", "127.0.0.1"])
self.connectNuauthNufw()
self.assert_(not self.nufw_connection_is_established())
self.nufw.stop()
self.nufw = startNufw(["-d", "127.0.0.1", "-N"])
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def get_tls_cert_invalid(self):
for line in self.nufw.readlines(total_timeout=TIMEOUT):
if line.lower().find('certificate verification failed') >= 0:
return True
return False
def testNufwInvalidCA(self):
self.startNuauth()
invalid_cacert = config.get("test_cert", "invalid_cacert")
self.nufw = startNufw(["-a", invalid_cacert])
self.connectNuauthNufw()
self.assert_(self.get_tls_cert_invalid())
self.nufw.stop()
self.nuauth.stop()
# If NuFW does not run under the strict mode, the provided certificates in svn
# will be accepted and the client will be able to authenticate and then be
# accepted by the firewall. This is what we want to check here
def testNotStrictMode(self):
self.startNuauth()
self.nufw = startNufw(["-s"])
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def testStrictMode(self):
self.startNuauth()
self.nufw = startNufw()
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def nufw_connection_is_established(self):
if self.nufw.is_connected_to_nuauth:
return True
for line in self.nufw.readlines(total_timeout=TIMEOUT):
if line.lower().find("tls connection to nuauth established") >= 0:
return True
if line.lower().find("tls connection to nuauth restored") >= 0:
return True
return False
def getNuauthConf():
return NuauthConf()
class TestTLSNufw(TestCase):
def setUp(self):
self.iptables = Iptables()
self.port = VALID_PORT
self.host = HOST
self.cacert = abspath(config.get("test_cert", "cacert"))
def startNuauth(self, dict_args=None):
self.nuconfig = NuauthConf()
self.nuconfig["nuauth_tls_request_cert"] = "2"
self.nuconfig["nuauth_tls_crl"] = '"%s"' % abspath(config.get("test_cert", "crl"))
if dict_args is None:
dict_args = dict()
for key in dict_args.keys():
self.nuconfig[key] = dict_args[key]
self.nuauth = Nuauth(self.nuconfig)
def tearDown(self):
self.nuauth.stop()
self.nuconfig.desinstall()
self.iptables.flush()
def connectNuauthNufw(self):
# Open TCP connection just to connect nufw to nuauth
self.iptables.filterTcp(self.port)
connectTcp(HOST, self.port, 0.100)
# nufw side
# "TLS connection to nuauth can NOT be restored"
def testNufwValidCert(self):
self.startNuauth()
self.nufw = startNufw()
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def testNufwFQDNCheck(self):
self.startNuauth()
self.nufw = startNufw(["-d", "127.0.0.1"])
self.connectNuauthNufw()
self.assert_(not self.nufw_connection_is_established())
self.nufw.stop()
self.nufw = startNufw(["-d", "nuauth.inl.fr"])
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def testNufwIgnoreFQDNCheck(self):
self.startNuauth()
self.nufw = startNufw(["-d", "127.0.0.1"])
self.connectNuauthNufw()
self.assert_(not self.nufw_connection_is_established())
self.nufw.stop()
self.nufw = startNufw(["-d", "127.0.0.1", "-N"])
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def get_tls_cert_invalid(self):
for line in self.nufw.readlines(total_timeout=TIMEOUT):
if line.lower().find("certificate verification failed") >= 0:
return True
return False
def testNufwInvalidCA(self):
self.startNuauth()
invalid_cacert = config.get("test_cert", "invalid_cacert")
self.nufw = startNufw(["-a", invalid_cacert])
self.connectNuauthNufw()
self.assert_(self.get_tls_cert_invalid())
self.nufw.stop()
self.nuauth.stop()
# If NuFW does not run under the strict mode, the provided certificates in svn
# will be accepted and the client will be able to authenticate and then be
# accepted by the firewall. This is what we want to check here
def testNotStrictMode(self):
self.startNuauth()
self.nufw = startNufw(["-s"])
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def testStrictMode(self):
self.startNuauth()
self.nufw = startNufw()
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
self.nuauth.stop()
def nufw_connection_is_established(self):
if self.nufw.is_connected_to_nuauth:
return True
for line in self.nufw.readlines(total_timeout=TIMEOUT):
if line.lower().find("tls connection to nuauth established") >= 0:
return True
if line.lower().find("tls connection to nuauth restored") >= 0:
return True
return False
def setUp(self):
# Start nuauth with our config
nuconfig = NuauthConf()
nuconfig["nuauth_user_check_module"] = '"system"'
self.nuauth = Nuauth(nuconfig)
class TestClientCert(TestCase):
def setUp(self):
self.iptables = Iptables()
self.port = VALID_PORT
self.host = HOST
self.cacert = config.get("test_cert", "cacert")
self.nuconfig = NuauthConf()
self.nuconfig["nuauth_tls_auth_by_cert"] = "0"
self.nuauth = Nuauth(self.nuconfig)
def tearDown(self):
self.nuauth.stop()
self.nuconfig.desinstall()
self.iptables.flush()
def connectNuauthNufw(self):
# Open TCP connection just to connect nufw to nuauth
self.iptables.filterTcp(self.port)
connectTcp(HOST, self.port, 0.100)
# nufw side
# "TLS connection to nuauth can NOT be restored"
def testValidCert(self):
self.nufw = startNufw()
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
def get_tls_cert_invalid(self):
for line in self.nufw.readlines(total_timeout=TIMEOUT):
if line.lower().find('certificate verification failed') >= 0:
return True
return False
def testInvalidCert(self):
invalid_cacert = config.get("test_cert", "invalid_cacert")
self.nufw = startNufw(["-a", invalid_cacert])
self.connectNuauthNufw()
self.assert_(self.get_tls_cert_invalid())
self.nufw.stop()
# If NuFW does not run under the strict mode, the provided certificates in svn
# will be accepted and the client will be able to authenticate and then be
# accepted by the firewall. This is what we want to check here
def testNotStrictMode(self):
self.nufw = startNufw(["-s"])
self.connectNuauthNufw()
self.assert_(self.nufw_connection_is_established())
self.nufw.stop()
def testStrictMode(self):
self.nufw = startNufw(["-d","127.0.0.1"])
self.connectNuauthNufw()
self.assert_(not self.nufw_connection_is_established())
self.nufw.stop()
def nufw_connection_is_established(self):
if self.nufw.is_connected_to_nuauth:
return True
for line in self.nufw.readlines(total_timeout=TIMEOUT):
if line.lower().find("tls connection to nuauth established") >= 0:
return True
if line.lower().find("tls connection to nuauth restored") >= 0:
return True
return False
def setUp(self):
self.cacert = config.get("test_cert", "cacert")
nuconfig = NuauthConf()
nuconfig["nuauth_tls_auth_by_cert"] = "0"
nuconfig["nuauth_tls_request_cert"] = "0"
self.nuauth = Nuauth(nuconfig)
from os.path import basename, realpath
from sys import argv, executable
from nuauth import Nuauth
from nuauth_conf import NuauthConf
from plaintext import USERDB, PlaintextAcl
from config import config as test_config
def datetime2unix(timestamp):
tm = timestamp.timetuple()
return int(mktime(tm))
POSTGRESQL = False
config = NuauthConf()
if POSTGRESQL:
import pgdb
DB_PACKET_TABLE = config["pgsql_table_name"]
DB_USER_TABLE = config["pgsql_users_table_name"]
DB_SERVER = config["pgsql_server_addr"]
DB_USER = config["pgsql_user"]
DB_PASSWORD = config["pgsql_passwd"]
DB_DBNAME = config["pgsql_db_name"]
QUERY_TIMEOUT = test_config.getfloat('test_pgsql', 'query_timeout')
else:
import MySQLdb
DB_PACKET_TABLE = config["mysql_table_name"]
DB_USER_TABLE = config["mysql_users_table_name"]
DB_SERVER = config["mysql_server_addr"]
DB_USER = config["mysql_user"]