def test_dummy(self):
'''
This test establishes a bunch of plain TCP connections against dummy auditor.
The dummy auditor just acknowledges the fact of connection happening.
'''
# these variables will be updated from a hook function invoked from main
self.got_result_starts = 0
self.got_conn_results = 0
self.got_result_ends = 0
self.nstray = 0
# the hook function
def main__handle_result(res):
'''
This function overrides main.handle_result() and updates our counters
'''
if isinstance(res, SessionStartEvent):
self.got_result_starts = self.got_result_starts + 1
elif isinstance(res, SessionEndResult):
self.got_result_ends = self.got_result_ends + 1
elif isinstance(res, ConnectionAuditResult):
self.got_conn_results = self.got_conn_results + 1
else:
self.nstray = self.nstray + 1
# allocate port
port = get_next_listener_port()
# create a client hammering our test listener
self.hammer = TCPConnectionHammer(self.HAMMER_ATTEMPTS)
# create main, the target of the test
main_args = [
'-m', 'dummy', '-l', ("%s:%d" % (TEST_LISTENER_ADDR, port))
]
options = SSLCAuditUI.parse_options(main_args)
file_bag = FileBag(basename='test-sslcaudit', use_tempdir=True)
controller = BaseClientAuditController(
options, file_bag, event_handler=main__handle_result)
# tell the hammer how many attempts to make exactly
self.hammer.set_peer((TEST_LISTENER_ADDR, port))
# start server and client
controller.start()
self.hammer.start()
controller.join(timeout=5)
self.hammer.stop()
# make sure we have received expected number of results
self.assertEquals(self.got_result_starts, 1)
self.assertEquals(self.got_conn_results, 2)
self.assertEquals(self.got_result_ends, 1)
self.assertEquals(self.nstray, 0)
def test_dummy(self):
'''
This test establishes a bunch of plain TCP connections against dummy auditor.
The dummy auditor just acknowledges the fact of connection happening.
'''
# these variables will be updated from a hook function invoked from main
self.got_result_starts = 0
self.got_conn_results = 0
self.got_result_ends = 0
self.nstray = 0
# the hook function
def main__handle_result(res):
'''
This function overrides main.handle_result() and updates our counters
'''
if isinstance(res, SessionStartEvent):
self.got_result_starts = self.got_result_starts + 1
elif isinstance(res, SessionEndResult):
self.got_result_ends = self.got_result_ends + 1
elif isinstance(res, ConnectionAuditResult):
self.got_conn_results = self.got_conn_results + 1
else:
self.nstray = self.nstray + 1
# allocate port
port = get_next_listener_port()
# create a client hammering our test listener
self.hammer = TCPConnectionHammer(self.HAMMER_ATTEMPTS)
# create main, the target of the test
main_args = ['-m', 'dummy', '-l', ("%s:%d" % (TEST_LISTENER_ADDR, port))]
options = SSLCAuditUI.parse_options(main_args)
file_bag = FileBag(basename='test-sslcaudit', use_tempdir=True)
controller = BaseClientAuditController(options, file_bag, event_handler=main__handle_result)
# tell the hammer how many attempts to make exactly
self.hammer.set_peer((TEST_LISTENER_ADDR, port))
# start server and client
controller.start()
self.hammer.start()
controller.join(timeout=5)
self.hammer.stop()
# make sure we have received expected number of results
self.assertEquals(self.got_result_starts, 1)
self.assertEquals(self.got_conn_results, 2)
self.assertEquals(self.got_result_ends, 1)
self.assertEquals(self.nstray, 0)
class SSLCAuditCLI(object):
def __init__(self, options, file_bag):
self.options = options
self.controller = BaseClientAuditController(
self.options, file_bag, event_handler=self.event_handler)
def run(self):
# print config info to the console before running the controller
logger.info('filebag location: %s' %
str(self.controller.file_bag.base_dir))
self.controller.start()
# wait for the controller thread to finish, handle Ctrl-C if any
interrupted_by_user = False
while self.controller.isAlive():
try:
self.controller.join(1)
except KeyboardInterrupt:
logger.info(
'Got KeyboardInterrupt exception, aborting the program ...'
)
self.controller.stop() # graceful death
interrupted_by_user = True
# if the program is aborted by the user, return exitcode 1
if interrupted_by_user:
return 1
else:
return 0
def stop(self):
self.controller.stop()
def event_handler(self, res):
if isinstance(res, ConnectionAuditResult):
# dump:
# * client address and port,
# * server profile
# * result
# all in one line, in fixed width columns
fields = []
client_address = '%s:%d' % (res.conn.client_address)
fields.append('%-16s' % client_address)
fields.append('%-80s' % (res.profile))
fields.append(str(res.result))
print OUTPUT_FIELD_SEPARATOR.join(fields)
class SSLCAuditCLI(object):
def __init__(self, options, file_bag):
self.options = options
self.controller = BaseClientAuditController(self.options, file_bag, event_handler=self.event_handler)
def run(self):
# print config info to the console before running the controller
logger.info('filebag location: %s' % str(self.controller.file_bag.base_dir))
self.controller.start()
# wait for the controller thread to finish, handle Ctrl-C if any
interrupted_by_user = False
while self.controller.isAlive():
try:
self.controller.join(1)
except KeyboardInterrupt:
logger.info('Got KeyboardInterrupt exception, aborting the program ...')
self.controller.stop() # graceful death
interrupted_by_user = True
# if the program is aborted by the user, return exitcode 1
if interrupted_by_user:
return 1
else:
return 0
def stop(self):
self.controller.stop()
def event_handler(self, res):
if isinstance(res, ConnectionAuditResult):
# dump:
# * client address and port,
# * server profile
# * result
# all in one line, in fixed width columns
fields = []
client_address = '%s:%d' % (res.conn.client_address)
fields.append('%-16s' % client_address)
fields.append('%-80s' % (res.profile))
fields.append(str(res.result))
print OUTPUT_FIELD_SEPARATOR.join(fields)
class TestModule(unittest.TestCase):
'''
This is a base class for testing modules of sslcaudit tool.
'''
def setUp(self):
self.controller = None
def tearDown(self):
if self.controller is not None:
self.controller.stop()
def _main_test(self, main_args, hammer, expected_results):
'''
This is a main worker function. It allocates external resources and launches threads,
to make sure they are freed this function was to be called exactly once per test method,
to allow tearDown() method to cleanup properly.
'''
self._main_test_init(main_args, hammer)
self._main_test_do(expected_results)
def _main_test_init(self, args, hammer):
# allocate port
port = get_next_listener_port()
# collect classes of observed audit results
self.actual_results = []
def main__handle_result(res):
#self.orig_main__handle_result(res)
if isinstance(res, ConnectionAuditResult):
self.actual_results.append(ACCAR(res))
else:
pass # ignore other events
# create options for the controller
main_args = ['-l', '%s:%d' % (TEST_LISTENER_ADDR, port)]
main_args.extend(args)
options = SSLCAuditUI.parse_options(main_args)
# create file_bag and controller
file_bag = FileBag(basename='test-sslcaudit', use_tempdir=True)
self.controller = BaseClientAuditController(options, file_bag, event_handler=main__handle_result)
self.hammer = hammer
if self.hammer is not None:
self.hammer.set_peer((TEST_LISTENER_ADDR, port))
def _main_test_do(self, expected_results):
# run the server
self.controller.start()
# start the hammer, if any
if self.hammer is not None:
self.hammer.start()
# wait for main to finish its job
self.controller.join(timeout=TEST_MAIN_JOIN_TIMEOUT)
# on timeout throws exception, which we let propagate after we shut the hammer and the main thread
self.assertFalse(self.controller.is_alive(), 'main thread is still alive')
# stop the hammer if any
if self.hammer is not None: self.hammer.stop()
# stop the server
self.controller.stop()
self.verify_results_ignore_order(expected_results, self.actual_results)
def verify_results_ignore_order(self, expected_results, actual_results):
expected_results_set = set(expected_results)
actual_results_set = set(actual_results)
unexpected = actual_results_set.difference(expected_results_set)
missing = expected_results_set.difference(actual_results_set)
if len(unexpected) != 0 or len(missing) != 0:
print
if len(unexpected) > 0:
print '\tunexpected results'
for r in unexpected:
print '\t\t%s' % r
if len(missing) > 0:
print '\tmissing results'
for r in missing:
print '\t\t%s' % r
self.assertTrue(len(unexpected) == 0 and len(missing) == 0, 'there are missing or unexpected results')
