def setUp(self): # Setup our user DB self.config = NuauthConf() self.users = USERDB self.userA = self.users[0] self.userB = self.users[1] self.users.install(self.config)
def setUp(self): # Load nuauth nuconfig = NuauthConf() self.nuauth = Nuauth(nuconfig) # Create client self.client = createClientWithCerts()
def setUp(self): startNufw(["-s"]) config = NuauthConf() config["nuauth_log_users"] = '9' config["mysql_prefix_version"] = '1' if POSTGRESQL: config.need_restart = True self.conn = pgdb.connect(host=DB_SERVER, user=DB_USER, password=DB_PASSWORD, database=DB_DBNAME) config["nuauth_user_logs_module"] = '"pgsql"' config["nuauth_user_session_logs_module"] = '"pgsql"' else: self.conn = MySQLdb.Connect(host=DB_SERVER, user=DB_USER, passwd=DB_PASSWORD, db=DB_DBNAME) config["nuauth_user_logs_module"] = '"mysql"' config["nuauth_user_session_logs_module"] = '"mysql"' self.users = USERDB self.user = self.users[0] self.acls = PlaintextAcl() self.acls.addAcl("web", VALID_PORT, self.user.gid, log_prefix=LOG_PREFIX) self.users.install(config) self.acls.install(config) self.nuauth = Nuauth(config) self.start_time = int(time() - 1.1)
def setUp(self): self.port = VALID_PORT self.mark = 1 self.shift = 8 config = NuauthConf() # Userdb self.user = PlaintextUser("guest", "nopassword", 42, 42) self.userdb = PlaintextUserDB() self.userdb.addUser(self.user) self.userdb.install(config) self.acls = PlaintextAcl() self.acls.addAcl("port", self.port, self.user.gid, flags=(self.mark << self.shift)) self.acls.install(config) # Load nuauth config["nuauth_finalize_packet_module"] = '"mark_flag"' config["mark_flag_mark_shift"] = 0 config["mark_flag_flag_shift"] = self.shift config["mark_flag_nbits"] = 16 self.nuauth = Nuauth(config) self.iptables = Iptables() self.nufw = startNufw(["-m"]) self.client = self.user.createClientWithCerts()
def startNuauth(self, dict_args=None): self.cacert = abspath(config.get("test_cert", "cacert")) self.nuconfig = NuauthConf() if dict_args is None: dict_args = dict() for key in dict_args.keys(): self.nuconfig[key] = dict_args[key] self.nuauth = Nuauth(self.nuconfig)
def setUp(self): self.iptables = Iptables() self.port = VALID_PORT self.host = HOST self.cacert = config.get("test_cert", "cacert") self.nuconfig = NuauthConf() self.nuconfig["nuauth_tls_auth_by_cert"] = "0" self.nuauth = Nuauth(self.nuconfig)
def setUp(self): self.iptables = Iptables() self.iptables.command( '-A OUTPUT -p tcp --sport %u -d %s --tcp-flags SYN,ACK SYN,ACK -j NFQUEUE' % (VALID_PORT, HOST)) config = NuauthConf() self.nuauth = Nuauth(config) self.nufw = startNufw()
def setUp(self): self.iptables = Iptables() self.users = USERDB self.host = HOST self.config = NuauthConf() self.acls = self.func_acls() # Start nuauth with new config self.users.install(self.config) self.nufw = startNufw(["-s"])
def startNuauth(self, dict_args=None): self.nuconfig = NuauthConf() self.nuconfig["nuauth_tls_request_cert"] = "2" self.nuconfig["nuauth_tls_crl"] = '"%s"' % abspath( config.get("test_cert", "crl")) if dict_args is None: dict_args = dict() for key in dict_args.keys(): self.nuconfig[key] = dict_args[key] self.nuauth = Nuauth(self.nuconfig)
def setUp(self): # Prepare our new scripts self.script_up = ReplaceFile(SCRIPT_UP, SCRIPT % "UP", MODE) self.script_down = ReplaceFile(SCRIPT_DOWN, SCRIPT % "DOWN", MODE) self.script_up.install() self.script_down.install() # Create nuauth config = NuauthConf() config["nuauth_user_session_logs_module"] = '"script"' self.nuauth = Nuauth(config)
def setUp(self): self.iptables = Iptables() self.users = USERDB self.acls = PlaintextAcl() self.acls.addAcl("web", VALID_PORT, self.users[0].gid + 1) self.config = NuauthConf() self.config["nuauth_packet_timeout"] = "1" self.users.install(self.config) self.acls.install(self.config) self.nufw = startNufw(["-s"])
def setUp(self): self.iptables = Iptables() self.users = USERDB self.config = NuauthConf() self.config["xml_defs_periodfile"] = '"%s"' % os.path.abspath( "../conf/periods.xml") self.acls = PlaintextAcl() # Start nuauth with new config self.users.install(self.config) self.nufw = startNufw(["-s"])
def createClientWithCerts(username=USERNAME, password=PASSWORD, more_args=None): nuconfig = NuauthConf() args = [] cacert = abspath(config.get("test_cert", "cacert")) if not (more_args and "-A" in more_args): args = args + ["-A", cacert] cert = abspath(config.get("test_cert", "user_cert")) if not (more_args and "-C" in more_args): args = args + ["-C", cert] key = abspath(config.get("test_cert", "user_key")) if not (more_args and "-K" in more_args): args = args + ["-K", key] if more_args: args = args + more_args return Client(username, password, CLIENT_IP, more_args=args)
def setUp(self): self.cacert = config.get("test_cert", "cacert") nuconfig = NuauthConf() nuconfig["nuauth_user_session_modify_module"] = "\"session_authtype\"" nuconfig["nuauth_tls_auth_by_cert"] = "0" nuconfig["nuauth_tls_request_cert"] = "0" nuconfig["nuauth_tls_cacert"] = '"%s"' % self.cacert nuconfig["nuauth_tls_key"] = '"%s"' % config.get( "test_cert", "nuauth_key") nuconfig["nuauth_tls_cert"] = '"%s"' % config.get( "test_cert", "nuauth_cert") self.config = nuconfig # Userdb self.user = PlaintextUser("user", "nopassword", 42, 42) self.userdb = PlaintextUserDB() self.userdb.addUser(self.user) self.userdb.install(self.config)
def setUp(self): self.expiration = DURATION self.host = HOST # Setup session_expire library nuconfig = NuauthConf() nuconfig['nuauth_user_session_modify_module'] = '"session_expire"' nuconfig['nuauth_session_duration'] = str(self.expiration) # Install temporary user database self.userdb = PlaintextUserDB() self.userdb.addUser(PlaintextUser(USERNAME, PASSWORD, 42, 42)) self.userdb.install(nuconfig) self.acls = PlaintextAcl() # Start nuauth self.nuauth = Nuauth(nuconfig) # Create client self.client = createClientWithCerts()
def setUp(self): self.nuconfig = NuauthConf() cacert = config.get("test_cert", "cacert") # Userdb self.user = PlaintextUser("user", "nopassword", 42, 42) self.userdb = PlaintextUserDB() self.userdb.addUser(self.user) self.userdb.install(self.nuconfig) # Server self.nuconfig["plaintext_userfile"] = '"%s"' % self.userdb.filename self.nuconfig["nuauth_tls_auth_by_cert"] = "2" self.nuconfig["nuauth_tls_request_cert"] = "2" self.nuconfig["nuauth_tls_cacert"] = '"%s"' % cacert self.nuconfig["nuauth_tls_key"] = '"%s"' % config.get( "test_cert", "nuauth_key") self.nuconfig["nuauth_tls_cert"] = '"%s"' % config.get( "test_cert", "nuauth_cert") self.nuauth = Nuauth(self.nuconfig)
def setUp(self): self.port = VALID_PORT config = NuauthConf() # Userdb self.user = PlaintextUser("visiteur", "nopassword", 42, 42) self.userdb = PlaintextUserDB() self.userdb.addUser(self.user) self.userdb.install(config) self.acls = PlaintextAcl() self.acls.addAcl("web", self.port, self.user.gid) self.acls.install(config) # Load nuauth config["nuauth_do_ip_authentication"] = '1' config["nuauth_ip_authentication_module"] = '"ipauth_guest"' config["ipauth_guest_username"] = '******' % self.user.login self.nuauth = Nuauth(config) self.iptables = Iptables() self.nufw = startNufw()
def setUp(self): self.dst_host = socket.gethostbyname(HOST) self.config = NuauthConf() self.acls = PlaintextAcl() self.acls.addAclFull("web", self.dst_host, VALID_PORT, USERDB[0].gid, 1, period='10 secs' ) self.acls.install(self.config) self.period = PlainPeriodXML() self.period.addPeriod(Period("10 secs", duration = 10)) self.period.install(self.config) self.users = USERDB self.users.install(self.config) self.nuauth = Nuauth(self.config) self.nufw = startNufw() self.iptables = Iptables() self.iptables.flush() self.iptables.command('-I OUTPUT -d %s -p tcp --dport 80 --syn -m state --state NEW -j NFQUEUE' % self.dst_host) self.iptables.command('-I OUTPUT -d %s -p tcp --dport 80 ! --syn -m state --state NEW -j DROP' % self.dst_host)
def setUp(self): self.cacert = config.get("test_cert", "cacert") nuconfig = NuauthConf() nuconfig["nuauth_tls_auth_by_cert"] = "0" nuconfig["nuauth_tls_request_cert"] = "0" self.nuauth = Nuauth(nuconfig)
def setUp(self): config = NuauthConf() self.users = USERDB self.users.install(config) self.nuauth = Nuauth(config)
def setUp(self): # Start nuauth with our config nuconfig = NuauthConf() nuconfig["nuauth_user_check_module"] = '"system"' self.nuauth = Nuauth(nuconfig)
from os.path import basename, realpath from sys import argv, executable from nuauth import Nuauth from nuauth_conf import NuauthConf from plaintext import USERDB, PlaintextAcl from config import config as test_config def datetime2unix(timestamp): tm = timestamp.timetuple() return int(mktime(tm)) POSTGRESQL = False config = NuauthConf() if POSTGRESQL: import pgdb DB_PACKET_TABLE = config["pgsql_table_name"] DB_USER_TABLE = config["pgsql_users_table_name"] DB_SERVER = config["pgsql_server_addr"] DB_USER = config["pgsql_user"] DB_PASSWORD = config["pgsql_passwd"] DB_DBNAME = config["pgsql_db_name"] QUERY_TIMEOUT = test_config.getfloat('test_pgsql', 'query_timeout') else: import MySQLdb DB_PACKET_TABLE = config["mysql_table_name"] DB_USER_TABLE = config["mysql_users_table_name"] DB_SERVER = config["mysql_server_addr"] DB_USER = config["mysql_user"]
def getNuauthConf(): return NuauthConf()