def test_ossec_auth_configurations(get_configuration, configure_environment, configure_sockets_environment): """Check that every input message in authd port generates the adequate output Parameters ---------- test_case : list List of test_cases, dict with following keys: - expect: What we are expecting to happen 1. open_error: Should fail when trying to do ssl handshake 2. output: Expects an output message from the manager - ciphers: Value for ssl ciphers - protocol: Value for ssl protocol - input: message that will be tried to send to the manager - output: expected response (if any) """ current_test = get_current_test() test_case = ssl_configuration_tests[current_test]['test_case'] override_wazuh_conf(get_configuration) for config in test_case: address, family, connection_protocol = receiver_sockets_params[0] SSL_socket = SocketController(address, family=family, connection_protocol=connection_protocol, open_at_start=False) ciphers = config['ciphers'] protocol = config['protocol'] SSL_socket.set_ssl_configuration(ciphers=ciphers, connection_protocol=protocol) expect = config['expect'] try: SSL_socket.open() except ssl.SSLError as exception: if expect == 'open_error': # We expected the error here, check message assert config['error'] in str( exception), 'Expected message does not match!' continue else: # We did not expect this error, fail test raise SSL_socket.send(config['input'], size=False) if expect == 'output': # Output is expected expected = config['output'] if expected: response = SSL_socket.receive().decode() assert response, 'Failed connection stage {}: {}'.format( test_case.index(config) + 1, config['stage']) assert response[:len(expected)] == expected, \ 'Failed test case stage {}: {}'.format(test_case.index(config) + 1, config['stage']) return
def create_unix_sockets(request): """Create the specified unix sockets for the tests.""" monitored_sockets_params = getattr(request.module, 'monitored_sockets_params') receiver_sockets_params = getattr(request.module, 'receiver_sockets_params') # Create the unix sockets monitored_sockets, receiver_sockets = list(), list() for path_, protocol in receiver_sockets_params: receiver_sockets.append(SocketController(path=path_, connection_protocol=protocol)) for path_, protocol in monitored_sockets_params: if (path_, protocol) in receiver_sockets_params: monitored_sockets.append( SocketMonitor(path=path_, connection_protocol=protocol, controller=receiver_sockets[receiver_sockets_params.index((path_, protocol))])) else: monitored_sockets.append(SocketMonitor(path=path_, connection_protocol=protocol)) setattr(request.module, 'monitored_sockets', monitored_sockets) setattr(request.module, 'receiver_sockets', receiver_sockets) yield # Close the sockets gracefully for monitored_socket, receiver_socket in zip(monitored_sockets, receiver_sockets): try: monitored_socket.close() receiver_socket.close() except OSError as e: if e.errno == 9: # Do not try to close the socket again if it was reused pass
def test_authd_ssl_certs(get_configuration, generate_ca_certificate): """ """ verify_host = (get_configuration['metadata']['verify_host'] == 'yes') option = get_configuration['metadata']['sim_option'] override_wazuh_conf(get_configuration) address, family, connection_protocol = receiver_sockets_params[0] SSL_socket = SocketController(address, family=family, connection_protocol=connection_protocol, open_at_start=False) if option != 'NO CERT': SSL_socket.set_ssl_configuration(certificate=SSL_AGENT_CERT, keyfile=SSL_AGENT_PRIVATE_KEY) try: SSL_socket.open() if option in ['NO CERT', 'INCORRECT CERT']: raise AssertionError( f'Agent was enable to connect without using any certificate or an incorrect one!' ) except ssl.SSLError as exception: if option in ['NO CERT', 'INCORRECT CERT']: # Expected to happen return else: raise AssertionError( f'Option {option} expected successful socket connection but it failed' ) SSL_socket.send(INPUT_MESSAGE, size=False) try: response = '' timeout = time.time() + 10 while response == '': response = SSL_socket.receive().decode() if time.time() > timeout: raise ConnectionResetError( 'Manager did not respond to sent message!') if option in ['INCORRECT HOST'] and verify_host: raise AssertionError( f'An incorrect host was able to register using the verify_host option' ) except ConnectionResetError as exception: if option in ['INCORRECT HOST'] and verify_host: # Expected return else: raise assert response[:len(OUPUT_MESSAGE)] == OUPUT_MESSAGE, ( f'Option {option} response from manager did not match expected') return
def send_message(message): address, family, connection_protocol = receiver_sockets_params[0] SSL_socket = SocketController(address, family=family, connection_protocol=connection_protocol) try: SSL_socket.open() except ssl.SSLError as exception: # We did not expect this error, fail test raise SSL_socket.send(message, size=False) response = SSL_socket.receive().decode() SSL_socket.close() return response
def connect_to_sockets(request): """Connect to the specified sockets for the test.""" receiver_sockets_params = getattr(request.module, 'receiver_sockets_params') # Create the SocketControllers receiver_sockets = list() for address, family, protocol in receiver_sockets_params: receiver_sockets.append(SocketController(address=address, family=family, connection_protocol=protocol)) setattr(request.module, 'receiver_sockets', receiver_sockets) return receiver_sockets
def create_session(): msg = """{"version":1,"origin":{"name":"Integration Test","module":"api"}, "command":"log_processing","parameters":{"event":"Jun 24 11:54:19 Master systemd[2099]: Started VTE child process 20118 launched by terminator process 17756.","log_format":"syslog", "location":"master->/var/log/syslog"}}""" receiver_sockets[0].send(msg, size=True) token = json.loads(receiver_sockets[0].receive( size=True).rstrip(b'\x00').decode())['data']['token'] # Close socket close_sockets(receiver_sockets) # Renew socket for future connections receiver_sockets[0] = SocketController(address=logtest_path, family='AF_UNIX', connection_protocol='TCP') return token
def get_remote_configuration(component_name, config): socket_path = os.path.join(WAZUH_PATH, 'queue', 'ossec') dest_socket = os.path.join(socket_path, component_name) command = f"getconfig {config}" host_type = 'agent' if 'agent' in WAZUH_SERVICE else 'server' # Socket connection s = SocketController(dest_socket) try: # Send message s.send(command.encode(), True) # Receive response rec_msg_ok, rec_msg = s.receive(True).decode().split(" ", 1) except socket.timeout as error: s.close() raise TimeoutError(error) try: if rec_msg_ok.startswith('ok'): remote_configuration = json.loads(rec_msg) if host_type == 'server': remote_configuration_gcp = remote_configuration['wmodules'][6][ 'gcp-pubsub'] else: if sys.platform == 'darwin': remote_configuration_gcp = remote_configuration[ 'wmodules'][3]['gcp-pubsub'] else: remote_configuration_gcp = remote_configuration[ 'wmodules'][5]['gcp-pubsub'] else: s.close() raise ValueError(rec_msg_ok) except UnboundLocalError as error: s.close() raise TimeoutError(error) return remote_configuration_gcp
def create_connection(): return SocketController(address=logtest_path, family='AF_UNIX', connection_protocol='TCP')
def get_remote_configuration(component_name, config): socket_path = os.path.join(WAZUH_PATH, 'queue', 'sockets') dest_socket = os.path.join(socket_path, component_name) command = f"getconfig {config}" # Socket connection s = SocketController(dest_socket) try: # Send message s.send(command.encode(), True) # Receive response rec_msg_ok, rec_msg = s.receive(True).decode().split(" ", 1) except socket.timeout as error: s.close() raise TimeoutError(error) try: if rec_msg_ok.startswith('ok'): remote_configuration = json.loads(rec_msg) for element in remote_configuration['wmodules']: if 'gcp-pubsub' in element: remote_configuration_gcp = element['gcp-pubsub'] else: s.close() raise ValueError(rec_msg_ok) except UnboundLocalError as error: s.close() raise TimeoutError(error) return remote_configuration_gcp
def send_delete_table_request(agent_id): controller = SocketController(WDB_PATH) controller.send(f'agent {agent_id} rootcheck delete', size=True) response = controller.receive(size=True) return response