def get_remote_configuration(component_name, config):
socket_path = os.path.join(WAZUH_PATH, 'queue', 'sockets')
dest_socket = os.path.join(socket_path, component_name)
command = f"getconfig {config}"
# Socket connection
s = SocketController(dest_socket)
try:
# Send message
s.send(command.encode(), True)
# Receive response
rec_msg_ok, rec_msg = s.receive(True).decode().split(" ", 1)
except socket.timeout as error:
s.close()
raise TimeoutError(error)
try:
if rec_msg_ok.startswith('ok'):
remote_configuration = json.loads(rec_msg)
for element in remote_configuration['wmodules']:
if 'gcp-pubsub' in element:
remote_configuration_gcp = element['gcp-pubsub']
else:
s.close()
raise ValueError(rec_msg_ok)
except UnboundLocalError as error:
s.close()
raise TimeoutError(error)
return remote_configuration_gcp
def test_ossec_auth_configurations(get_configuration, configure_environment,
configure_sockets_environment):
"""Check that every input message in authd port generates the adequate output
Parameters
----------
test_case : list
List of test_cases, dict with following keys:
- expect: What we are expecting to happen
1. open_error: Should fail when trying to do ssl handshake
2. output: Expects an output message from the manager
- ciphers: Value for ssl ciphers
- protocol: Value for ssl protocol
- input: message that will be tried to send to the manager
- output: expected response (if any)
"""
current_test = get_current_test()
test_case = ssl_configuration_tests[current_test]['test_case']
override_wazuh_conf(get_configuration)
for config in test_case:
address, family, connection_protocol = receiver_sockets_params[0]
SSL_socket = SocketController(address,
family=family,
connection_protocol=connection_protocol,
open_at_start=False)
ciphers = config['ciphers']
protocol = config['protocol']
SSL_socket.set_ssl_configuration(ciphers=ciphers,
connection_protocol=protocol)
expect = config['expect']
try:
SSL_socket.open()
except ssl.SSLError as exception:
if expect == 'open_error':
# We expected the error here, check message
assert config['error'] in str(
exception), 'Expected message does not match!'
continue
else:
# We did not expect this error, fail test
raise
SSL_socket.send(config['input'], size=False)
if expect == 'output':
# Output is expected
expected = config['output']
if expected:
response = SSL_socket.receive().decode()
assert response, 'Failed connection stage {}: {}'.format(
test_case.index(config) + 1, config['stage'])
assert response[:len(expected)] == expected, \
'Failed test case stage {}: {}'.format(test_case.index(config) + 1, config['stage'])
return
def test_authd_ssl_certs(get_configuration, generate_ca_certificate):
"""
"""
verify_host = (get_configuration['metadata']['verify_host'] == 'yes')
option = get_configuration['metadata']['sim_option']
override_wazuh_conf(get_configuration)
address, family, connection_protocol = receiver_sockets_params[0]
SSL_socket = SocketController(address,
family=family,
connection_protocol=connection_protocol,
open_at_start=False)
if option != 'NO CERT':
SSL_socket.set_ssl_configuration(certificate=SSL_AGENT_CERT,
keyfile=SSL_AGENT_PRIVATE_KEY)
try:
SSL_socket.open()
if option in ['NO CERT', 'INCORRECT CERT']:
raise AssertionError(
f'Agent was enable to connect without using any certificate or an incorrect one!'
)
except ssl.SSLError as exception:
if option in ['NO CERT', 'INCORRECT CERT']:
# Expected to happen
return
else:
raise AssertionError(
f'Option {option} expected successful socket connection but it failed'
)
SSL_socket.send(INPUT_MESSAGE, size=False)
try:
response = ''
timeout = time.time() + 10
while response == '':
response = SSL_socket.receive().decode()
if time.time() > timeout:
raise ConnectionResetError(
'Manager did not respond to sent message!')
if option in ['INCORRECT HOST'] and verify_host:
raise AssertionError(
f'An incorrect host was able to register using the verify_host option'
)
except ConnectionResetError as exception:
if option in ['INCORRECT HOST'] and verify_host:
# Expected
return
else:
raise
assert response[:len(OUPUT_MESSAGE)] == OUPUT_MESSAGE, (
f'Option {option} response from manager did not match expected')
return
def send_message(message):
address, family, connection_protocol = receiver_sockets_params[0]
SSL_socket = SocketController(address,
family=family,
connection_protocol=connection_protocol)
try:
SSL_socket.open()
except ssl.SSLError as exception:
# We did not expect this error, fail test
raise
SSL_socket.send(message, size=False)
response = SSL_socket.receive().decode()
SSL_socket.close()
return response
def get_remote_configuration(component_name, config):
socket_path = os.path.join(WAZUH_PATH, 'queue', 'ossec')
dest_socket = os.path.join(socket_path, component_name)
command = f"getconfig {config}"
host_type = 'agent' if 'agent' in WAZUH_SERVICE else 'server'
# Socket connection
s = SocketController(dest_socket)
try:
# Send message
s.send(command.encode(), True)
# Receive response
rec_msg_ok, rec_msg = s.receive(True).decode().split(" ", 1)
except socket.timeout as error:
s.close()
raise TimeoutError(error)
try:
if rec_msg_ok.startswith('ok'):
remote_configuration = json.loads(rec_msg)
if host_type == 'server':
remote_configuration_gcp = remote_configuration['wmodules'][6][
'gcp-pubsub']
else:
if sys.platform == 'darwin':
remote_configuration_gcp = remote_configuration[
'wmodules'][3]['gcp-pubsub']
else:
remote_configuration_gcp = remote_configuration[
'wmodules'][5]['gcp-pubsub']
else:
s.close()
raise ValueError(rec_msg_ok)
except UnboundLocalError as error:
s.close()
raise TimeoutError(error)
return remote_configuration_gcp
def send_delete_table_request(agent_id):
controller = SocketController(WDB_PATH)
controller.send(f'agent {agent_id} rootcheck delete', size=True)
response = controller.receive(size=True)
return response