def test_prefix_authorized(self):
recv = mitogen.core.Receiver(self.router)
service = self.klass(self.router)
service.register_prefix('/etc')
recv, msg = self.replyable_msg()
service.fetch(
path='/etc/passwd',
sender=recv.to_sender(),
msg=msg,
)
self._validate_response(recv.get().unpickle())
def test_prefix_authorized_abspath_bad(self):
recv = mitogen.core.Receiver(self.router)
service = self.klass(self.router)
service.register_prefix('/etc')
recv, msg = self.replyable_msg()
service.fetch(
path='/etc/foo/bar/../../../passwd',
sender=recv.to_sender(),
msg=msg,
)
self.assertEquals(None, recv.get().unpickle())
def test_unauthorized(self):
service = self.klass(self.router)
recv, msg = self.replyable_msg()
service.fetch(
path='/etc/shadow',
sender=None,
msg=msg,
)
e = self.assertRaises(mitogen.core.CallError,
lambda: recv.get().unpickle())
expect = service.unregistered_msg % ('/etc/shadow', )
self.assertTrue(expect in e.args[0])
def test_prefix_authorized_abspath_bad(self):
recv = mitogen.core.Receiver(self.router)
service = self.klass(self.router)
service.register_prefix('/etc')
recv, msg = self.replyable_msg()
service.fetch(
path='/etc/../shadow',
sender=recv.to_sender(),
msg=msg,
)
e = self.assertRaises(mitogen.core.CallError,
lambda: recv.get().unpickle())
expect = service.unregistered_msg % ('/etc/../shadow', )
self.assertTrue(expect in e.args[0])