def test_modesOnUNIXSockets(self): """ The logging and stats UNIX sockets that are bound as part of the 'Combined' service hierarchy should have a secure mode specified: only the executing user should be able to open and send to them. """ svc = CalDAVServiceMaker().makeService(self.options) for serviceName in [_CONTROL_SERVICE_NAME]: socketService = svc.getServiceNamed(serviceName) self.assertIsInstance(socketService, GroupOwnedUNIXServer) m = socketService.kwargs.get("mode", 0666) self.assertEquals( m, int("660", 8), "Wrong mode on %s: %s" % (serviceName, oct(m)) ) self.assertEquals(socketService.gid, self.alternateGroup) for serviceName in ["unix-stats"]: socketService = svc.getServiceNamed(serviceName) self.assertIsInstance(socketService, GroupOwnedUNIXServer) m = socketService.kwargs.get("mode", 0666) self.assertEquals( m, int("660", 8), "Wrong mode on %s: %s" % (serviceName, oct(m)) ) self.assertEquals(socketService.gid, self.alternateGroup)
def test_multipleBindAddresses(self): """ Test that the TCPServer and SSLServers are bound to the proper addresses. """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) tcpServers = [] sslServers = [] for s in service.services: if isinstance(s, internet.TCPServer): tcpServers.append(s) elif isinstance(s, internet.SSLServer): sslServers.append(s) self.assertEquals(len(tcpServers), len(config.BindAddresses)) self.assertEquals(len(sslServers), len(config.BindAddresses)) for addr in config.BindAddresses: for s in tcpServers: if s.kwargs["interface"] == addr: tcpServers.remove(s) for s in sslServers: if s.kwargs["interface"] == addr: sslServers.remove(s) self.assertEquals(len(tcpServers), 0) self.assertEquals(len(sslServers), 0)
def test_SSLKeyConfiguration(self): """ Test that the configuration of the SSLServer reflect the config file's SSL Private Key and SSL Certificate """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) sslService = None for s in service.services: if isinstance(s, internet.SSLServer): sslService = s break self.failIf(sslService is None, "No SSL Service found") context = sslService.args[2] self.assertEquals( config.SSLPrivateKey, context.privateKeyFileName ) self.assertEquals( config.SSLCertificate, context.certificateFileName, )
def test_defaultListeners(self): """ Test that the Slave service has sub services with the default TCP and SSL configuration """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) expectedSubServices = dict(( (MaxAcceptTCPServer, config.HTTPPort), (MaxAcceptSSLServer, config.SSLPort), )) configuredSubServices = [(s.__class__, getattr(s, 'args', None)) for s in service.services] checked = 0 for serviceClass, serviceArgs in configuredSubServices: if serviceClass in expectedSubServices: checked += 1 self.assertEquals( serviceArgs[0], dict(expectedSubServices)[serviceClass] ) # TCP+SSL services for IPv4, TCP+SSL services for IPv6. self.assertEquals(checked, 4)
def test_listenBacklog(self): """ Test that the backlog arguments is set in TCPServer and SSLServers """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) for s in service.services: if isinstance(s, (internet.TCPServer, internet.SSLServer)): self.assertEquals(s.kwargs["backlog"], 1024)
def test_singleBindAddresses(self): """ Test that the TCPServer and SSLServers are bound to the proper address """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) for s in service.services: if isinstance(s, (internet.TCPServer, internet.SSLServer)): self.assertEquals(s.kwargs["interface"], "127.0.0.1")
def test_noHTTP(self): """ Test the single service to make sure there is no TCPServer when HTTPPort is not configured """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) self.assertNotIn(internet.TCPServer, [s.__class__ for s in service.services])
def test_noSSL(self): """ Test the single service to make sure there is no SSL Service when SSL is disabled """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) self.assertNotIn(internet.SSLServer, [s.__class__ for s in service.services])
def test_noHTTP(self): """ Test the single service to make sure there is no TCPServer when HTTPPort is not configured """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) self.assertNotIn( internet.TCPServer, [s.__class__ for s in service.services] )
def test_noSSL(self): """ Test the single service to make sure there is no SSL Service when SSL is disabled """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) self.assertNotIn( internet.SSLServer, [s.__class__ for s in service.services] )
def test_SSLKeyConfiguration(self): """ Test that the configuration of the SSLServer reflect the config file's SSL Private Key and SSL Certificate """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) sslService = None for s in service.services: if isinstance(s, internet.SSLServer): sslService = s break self.failIf(sslService is None, "No SSL Service found") context = sslService.args[2] self.assertEquals(config.SSLPrivateKey, context.privateKeyFileName) self.assertEquals( config.SSLCertificate, context.certificateFileName, )
def test_defaultListeners(self): """ Test that the Slave service has sub services with the default TCP and SSL configuration """ # Note: the listeners are bundled within a MultiService named "ConnectionService" service = CalDAVServiceMaker().makeService(self.options) service = service.getServiceNamed(CalDAVService.connectionServiceName) expectedSubServices = dict(( (MaxAcceptTCPServer, config.HTTPPort), (MaxAcceptSSLServer, config.SSLPort), )) configuredSubServices = [(s.__class__, getattr(s, 'args', None)) for s in service.services] checked = 0 for serviceClass, serviceArgs in configuredSubServices: if serviceClass in expectedSubServices: checked += 1 self.assertEquals(serviceArgs[0], dict(expectedSubServices)[serviceClass]) # TCP+SSL services for IPv4, TCP+SSL services for IPv6. self.assertEquals(checked, 4)