def test_replay(self): o = dump.Options(server_replay=["nonexistent"], kill=True) tutils.raises(dump.DumpError, dump.DumpMaster, None, o) with tutils.tmpdir() as t: p = os.path.join(t, "rep") self.flowfile(p) o = dump.Options(server_replay=[p], kill=True) o.verbosity = 0 o.flow_detail = 0 m = dump.DumpMaster(None, o) self.cycle(m, b"content") self.cycle(m, b"content") o = dump.Options(server_replay=[p], kill=False) o.verbosity = 0 o.flow_detail = 0 m = dump.DumpMaster(None, o) self.cycle(m, b"nonexistent") o = dump.Options(client_replay=[p], kill=False) o.verbosity = 0 o.flow_detail = 0 m = dump.DumpMaster(None, o)
def test_write(self): with tutils.tmpdir() as d: p = os.path.join(d, "a") self.dummy_cycle( self.mkmaster(None, outfile=(p, "wb"), verbosity=0), 1, "" ) assert len(list(flow.FlowReader(open(p, "rb")).stream())) == 1
def test_with_ca(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") r = certutils.dummy_cert( ca.default_privatekey, ca.default_ca, b"foo.com", [b"one.com", b"two.com", b"*.three.com"] ) assert r.cn == b"foo.com"
def test_with_ca(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") r = certutils.dummy_cert(ca.default_privatekey, ca.default_ca, b"foo.com", [b"one.com", b"two.com", b"*.three.com"]) assert r.cn == b"foo.com"
def test_write(self): with tutils.tmpdir() as d: p = os.path.join(d, "a") self.dummy_cycle( self.mkmaster(None, outfile=(p, "wb"), verbosity=0), 1, b"" ) assert len(list(flow.FlowReader(open(p, "rb")).stream())) == 1
def test_sans(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") c1 = ca.get_cert(b"foo.com", [b"*.bar.com"]) ca.get_cert(b"foo.bar.com", []) # assert c1 == c2 c3 = ca.get_cert(b"bar.com", []) assert not c1 == c3
def test_read(self): with tutils.tmpdir() as t: p = os.path.join(t, "read") self._flowfile(p) assert "GET" in self._dummy_cycle(0, None, "", flow_detail=1, rfile=p) tutils.raises(dump.DumpError, self._dummy_cycle, 0, None, "", verbosity=1, rfile="/nonexistent") tutils.raises(dump.DumpError, self._dummy_cycle, 0, None, "", verbosity=1, rfile="test_dump.py")
def test_create_explicit(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") assert ca.get_cert(b"foo", []) ca2 = certutils.CertStore.from_store(d, "test") assert ca2.get_cert(b"foo", []) assert ca.default_ca.get_serial_number() == ca2.default_ca.get_serial_number()
def test_create_tmp(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") assert ca.get_cert(b"foo.com", []) assert ca.get_cert(b"foo.com", []) assert ca.get_cert(b"*.foo.com", []) r = ca.get_cert(b"*.foo.com", []) assert r[1] == ca.default_privatekey
def test_overrides(self): with tutils.tmpdir() as d: ca1 = certutils.CertStore.from_store(os.path.join(d, "ca1"), "test") ca2 = certutils.CertStore.from_store(os.path.join(d, "ca2"), "test") assert not ca1.default_ca.get_serial_number() == ca2.default_ca.get_serial_number() dc = ca2.get_cert(b"foo.com", [b"sans.example.com"]) dcp = os.path.join(d, "dc") f = open(dcp, "wb") f.write(dc[0].to_pem()) f.close() ca1.add_cert_file(b"foo.com", dcp) ret = ca1.get_cert(b"foo.com", []) assert ret[0].serial == dc[0].serial
def test_overrides(self): with tutils.tmpdir() as d: ca1 = certutils.CertStore.from_store(os.path.join(d, "ca1"), "test") ca2 = certutils.CertStore.from_store(os.path.join(d, "ca2"), "test") assert not ca1.default_ca.get_serial_number( ) == ca2.default_ca.get_serial_number() dc = ca2.get_cert(b"foo.com", [b"sans.example.com"]) dcp = os.path.join(d, "dc") f = open(dcp, "wb") f.write(dc[0].to_pem()) f.close() ca1.add_cert_file(b"foo.com", dcp) ret = ca1.get_cert(b"foo.com", []) assert ret[0].serial == dc[0].serial
def test_read(self): with tutils.tmpdir() as t: p = os.path.join(t, "read") self.flowfile(p) assert "GET" in self.dummy_cycle( self.mkmaster(None, flow_detail=1, rfile=p), 0, "", ) tutils.raises( dump.DumpError, self.mkmaster, None, verbosity=1, rfile="/nonexistent" ) tutils.raises( dump.DumpError, self.mkmaster, None, verbosity=1, rfile="test_dump.py" )
def test_log(self): testval = b"echo!\n" _logfun = tcp.log_ssl_key with tutils.tmpdir() as d: logfile = os.path.join(d, "foo", "bar", "logfile") tcp.log_ssl_key = tcp.SSLKeyLogger(logfile) c = tcp.TCPClient(("127.0.0.1", self.port)) c.connect() c.convert_to_ssl() c.wfile.write(testval) c.wfile.flush() assert c.rfile.readline() == testval c.finish() tcp.log_ssl_key.close() with open(logfile, "rb") as f: assert f.read().count(b"CLIENT_RANDOM") == 2 tcp.log_ssl_key = _logfun
def test_log(self): testval = b"echo!\n" _logfun = tcp.log_ssl_key with tutils.tmpdir() as d: logfile = os.path.join(d, "foo", "bar", "logfile") tcp.log_ssl_key = tcp.SSLKeyLogger(logfile) c = tcp.TCPClient(("127.0.0.1", self.port)) with c.connect(): c.convert_to_ssl() c.wfile.write(testval) c.wfile.flush() assert c.rfile.readline() == testval c.finish() tcp.log_ssl_key.close() with open(logfile, "rb") as f: assert f.read().count(b"CLIENT_RANDOM") == 2 tcp.log_ssl_key = _logfun
def test_replay(self): cs = StringIO() o = dump.Options(server_replay=["nonexistent"], kill=True) tutils.raises(dump.DumpError, dump.DumpMaster, None, o, outfile=cs) with tutils.tmpdir() as t: p = os.path.join(t, "rep") self._flowfile(p) o = dump.Options(server_replay=[p], kill=True) m = dump.DumpMaster(None, o, outfile=cs) self._cycle(m, "content") self._cycle(m, "content") o = dump.Options(server_replay=[p], kill=False) m = dump.DumpMaster(None, o, outfile=cs) self._cycle(m, "nonexistent") o = dump.Options(client_replay=[p], kill=False) m = dump.DumpMaster(None, o, outfile=cs)
def test_expire(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") ca.STORE_CAP = 3 ca.get_cert(b"one.com", []) ca.get_cert(b"two.com", []) ca.get_cert(b"three.com", []) assert (b"one.com", ()) in ca.certs assert (b"two.com", ()) in ca.certs assert (b"three.com", ()) in ca.certs ca.get_cert(b"one.com", []) assert (b"one.com", ()) in ca.certs assert (b"two.com", ()) in ca.certs assert (b"three.com", ()) in ca.certs ca.get_cert(b"four.com", []) assert (b"one.com", ()) not in ca.certs assert (b"two.com", ()) in ca.certs assert (b"three.com", ()) in ca.certs assert (b"four.com", ()) in ca.certs
def test_add_cert(self): with tutils.tmpdir() as d: certutils.CertStore.from_store(d, "test")
def test_sans_change(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") ca.get_cert(b"foo.com", [b"*.bar.com"]) cert, key, chain_file = ca.get_cert(b"foo.bar.com", [b"*.baz.com"]) assert b"*.baz.com" in cert.altnames
def test_create_dhparams(self): with tutils.tmpdir() as d: filename = os.path.join(d, "dhparam.pem") certutils.CertStore.load_dhparam(filename) assert os.path.exists(filename)
def test_create_no_common_name(self): with tutils.tmpdir() as d: ca = certutils.CertStore.from_store(d, "test") assert ca.get_cert(None, [])[0].cn is None
def test_write_append(self): with tutils.tmpdir() as d: p = os.path.join(d, "a.append") self._dummy_cycle(1, None, "", outfile=(p, "wb"), verbosity=0) self._dummy_cycle(1, None, "", outfile=(p, "ab"), verbosity=0) assert len(list(flow.FlowReader(open(p, "rb")).stream())) == 2