def avt():
return AmavisVT(
AmavisVTConfigurationParser(
{
'database-path': ':memory:',
'api-key': 'my-api-key'
},
path='/dev/null'))
def test_report_to_vt_pretend(self, requests_post):
avt = AmavisVT(
AmavisVTConfigurationParser(
{
'database-path': ':memory:',
'api-key': 'my-api-key',
'pretend': 'true'
},
path='/dev/null'))
avt.report_to_vt(DummyResource('file1', 'application/zip'))
assert not requests_post.called
def test_is_included_by_extension(self):
avt = AmavisVT(AmavisVTConfigurationParser())
for ext in [
'.exe', '.com', '.bat', '.cmd', '.tar.gz', '.zip', '.tar.bz2',
'.tar.7z', '.doc', '.docx', '.docm', '.xls', '.xlsa', '.xlsx',
'.xlsm', '.ppt', '.ppta', '.pptx', '.pptm', '.pdf', '.js',
'.rtf', '.ttf', '.htm', '.html', '.vbs', '.wsf', ''
]:
assert avt.is_included(DummyResource(
'/tmp/foo%s' % ext)), "Extension '%s' should be included" % ext
def test_check_vt_pretend(self, requests_post):
avt = AmavisVT(
AmavisVTConfigurationParser(
{
'database-path': ':memory:',
'api-key': 'my-api-key',
'pretend': 'true'
},
path='/dev/null'))
result = list(avt.check_vt(None))
assert not requests_post.called
assert not result
def test_run_with_filename_pattern_detection_match_with_autoreport(
self, database_mock, memcached_get_mock, memcached_set_mock,
requests_mock):
memcached_get_mock.return_value = None
database_mock.filename_pattern_match = mock.MagicMock()
database_mock.filename_pattern_match.return_value = True
avt = AmavisVT(
AmavisVTConfigurationParser(
{
'database-path': ':memory:',
'api-key': 'my-api-key',
'filename-pattern-detection': 'true',
'auto-report': 'true'
},
path='/dev/null'))
avt.database = database_mock
mail = os.path.join(os.path.dirname(__file__),
'samples/mail_with_attachment.eml')
result = avt.run(mail)
assert database_mock.filename_pattern_match.called
call_result = database_mock.filename_pattern_match.call_args
assert len(call_result) == 2 # resource and localpart
call_args, call_kwargs = call_result
# assert that one arg and one kwarg are passed
assert len(call_args) == 1
assert len(call_kwargs) == 1
# the first arg must be our resource
assert isinstance(call_args[0], Resource)
assert call_args[0].filename == 'textfile.zip'
# the localpart kwarg should be 'alice'
assert call_kwargs['localpart'] == 'alice'
assert requests_mock.called
assert requests_mock.call_count == 2 # once for scan report and once for submitting
assert len(result) == 1
resource, response = result[0]
assert resource.filename == 'textfile.zip'
assert response.infected
assert not any([os.path.exists(p) for p in avt.clean_paths])
def test_default_options(self):
c = AmavisVTConfigurationParser(cliargs={'api-key': 'api-key'},
path='/dev/null')
assert c.apikey == 'api-key'
assert c.positive_expire == 21 * 86400
assert c.negative_expire == 12 * 3600
assert c.unknown_expire == 12 * 3600
assert c.api_url == "https://www.virustotal.com/vtapi/v2/file/report"
assert c.report_url == "https://www.virustotal.com/vtapi/v2/file/scan"
assert c.database_path == '/var/lib/amavisvt/amavisvt.sqlite3'
assert c.timeout == 10
assert c.pretend is False
assert c.hits_required == 5
assert c.filename_pattern_detection is False
assert c.min_filename_patterns == 20
assert c.min_infected_percent == 0.7
assert c.auto_report is False
def test_is_included_by_mime_type(self):
avt = AmavisVT(AmavisVTConfigurationParser())
assert avt.is_included(
DummyResource(filename='foo.bar',
mime_type='application/octet-stream'))
assert avt.is_included(
DummyResource(filename='foo.bar', mime_type='application/foobar'))
assert avt.is_included(
DummyResource(filename='foo.bar', mime_type='text/x-shellscript'))
assert avt.is_included(
DummyResource(filename='foo.bar', mime_type='text/x-perl'))
assert avt.is_included(
DummyResource(filename='foo.bar', mime_type='text/x-ruby'))
assert avt.is_included(
DummyResource(filename='foo.bar', mime_type='text/x-python'))
assert not avt.is_included(
DummyResource(filename='foo.bar', mime_type='text/plain'))
assert not avt.is_included(
DummyResource(filename='foo.bar', mime_type='message/rfc822'))
assert not avt.is_included(
DummyResource(filename='foo.bar', mime_type='image/png'))
def testdb():
return Database(config=AmavisVTConfigurationParser(
{'database-path': TEST_DB_PATH}, path='/dev/null'))
def test_check_schema_empty_database(self, tmpdir):
db = Database(config=AmavisVTConfigurationParser(
{'database-path': str(tmpdir + '/database.sqlite3')},
path='/dev/null'))
assert db.schema_version == 3
def test_close_already_closed(self, tmpdir):
db = Database(config=AmavisVTConfigurationParser(
{'database-path': str(tmpdir + '/database.sqlite3')},
path='/dev/null'))
def test_cliargs(self):
c = AmavisVTConfigurationParser(cliargs={'foo': 'bar'},
path='/dev/null')
assert c.get('DEFAULT', 'foo') == 'bar'
def test_init(self):
c = AmavisVTConfigurationParser(path='/dev/null')
assert True
def test_none_cliargs_removed(self):
c = AmavisVTConfigurationParser(cliargs={'foo': None},
path='/dev/null')
assert not c.has_option('DEFAULT', 'foo')
