def testEmptySourceData(self): test_data = ("# comment 1\n" "# deb http://security.debian.org/ wheezy/updates main\n" "URI :\n" "URI:\n" "# Trailing whitespace on purpose\n" "URI: \n" "\n" "URIs :\n" "URIs:\n" "# Trailing whitespace on purpose\n" "URIs: \n" "# comment 2\n") file_obj = StringIO.StringIO(test_data) pathspec = rdf_paths.PathSpec(path="/etc/apt/sources.list.d/test.list") stat = rdf_client.StatEntry(pathspec=pathspec) parser = config_file.APTPackageSourceParser() results = list(parser.Parse(stat, file_obj, None)) result = [d for d in results if isinstance(d, rdf_protodict.AttributedDict)][0] self.assertEqual("/etc/apt/sources.list.d/test.list", result.filename) self.assertEqual(0, len(result.uris))
def testPackageSourceData(self): test_data = r""" # Security updates deb http://security.debian.org/ wheezy/updates main contrib non-free deb-src [arch=amd64,trusted=yes] ftp://security.debian.org/ wheezy/updates main contrib non-free ## Random comment # Different transport protocols below deb ssh://ftp.debian.org/debian wheezy main contrib non-free deb-src file:/mnt/deb-sources-files/ wheezy main contrib non-free # correct - referencing root file system deb-src file:/ # incorrect deb-src http:// # Bad lines below - these shouldn't get any URIs back deb deb-src [arch=i386] deb-src abcdefghijklmnopqrstuvwxyz """ file_obj = StringIO.StringIO(test_data) pathspec = rdf_paths.PathSpec(path="/etc/apt/sources.list") stat = rdf_client.StatEntry(pathspec=pathspec) parser = config_file.APTPackageSourceParser() results = list(parser.Parse(stat, file_obj, None)) result = [ d for d in results if isinstance(d, rdf_protodict.AttributedDict) ][0] self.assertEqual("/etc/apt/sources.list", result.filename) self.assertEqual(5, len(result.uris)) self.assertEqual("http", result.uris[0].transport) self.assertEqual("security.debian.org", result.uris[0].host) self.assertEqual("/", result.uris[0].path) self.assertEqual("ftp", result.uris[1].transport) self.assertEqual("security.debian.org", result.uris[1].host) self.assertEqual("/", result.uris[1].path) self.assertEqual("ssh", result.uris[2].transport) self.assertEqual("ftp.debian.org", result.uris[2].host) self.assertEqual("/debian", result.uris[2].path) self.assertEqual("file", result.uris[3].transport) self.assertEqual("", result.uris[3].host) self.assertEqual("/mnt/deb-sources-files/", result.uris[3].path) self.assertEqual("file", result.uris[4].transport) self.assertEqual("", result.uris[4].host) self.assertEqual("/", result.uris[4].path)
def testAPTDetectUnsupportedTransport(self): artifact = "APTSources" parser = config_file.APTPackageSourceParser() sources = { "/etc/apt/sources.list": r""" # APT sources.list providing the default Ubuntu packages # deb https://httpredir.debian.org/debian jessie-updates main deb https://security.debian.org/ wheezy/updates main # comment 2 """, "/etc/apt/sources.list.d/test.list": r""" deb file:/tmp/debs/ distro main deb [arch=amd64,blah=blah] [meh=meh] https://securitytestasdf.debian.org/ wheezy/updates main contrib non-free deb [arch=amd64] https://dl.google.com/linux/chrome/deb/ stable main """, "/etc/apt/sources.list.d/test2.list": r""" deb http://dl.google.com/linux/chrome/deb/ stable main """, "/etc/apt/sources.list.d/test3.list": r""" deb https://security.debian.org/ wheezy/updates main contrib non-free """, "/etc/apt/sources.list.d/file-test.list": r""" deb file:/mnt/debian/debs/ distro main """, "/etc/apt/sources.list.d/rfc822.list": r""" Type: deb deb-src URI: http://security.example.com https://dl.google.com Suite: testing Section: main contrib """ } chk_id = "CIS-PKG-SOURCE-UNSUPPORTED-TRANSPORT" exp = "Found: APT sources use unsupported transport." found = [ "/etc/apt/sources.list.d/test.list: transport: file,https,https", "/etc/apt/sources.list.d/test2.list: transport: http", "/etc/apt/sources.list.d/file-test.list: transport: file", "/etc/apt/sources.list.d/rfc822.list: transport: http,https" ] results = self.GenResults([artifact], [sources], [parser]) self.assertCheckDetectedAnom(chk_id, results, exp, found)
def testRFC822StyleSourceDataParser(self): """Test source list formated as per rfc822 style.""" test_data = r""" # comment comment comment Types: deb deb-src URIs: http://example.com/debian http://1.example.com/debian1 http://2.example.com/debian2 http://willdetect.example.com/debian-strange URIs : ftp://3.example.com/debian3 http://4.example.com/debian4 blahblahblahblahblahlbha http://willdetect2.example.com/debian-w2 http://willdetect3.example.com/debian-w3 URI URI : ssh://5.example.com/debian5 Suites: stable testing Sections: component1 component2 Description: short long long long [option1]: [option1-value] deb-src [arch=amd64,trusted=yes] ftp://security.debian.org/ wheezy/updates main contrib non-free # comment comment comment Types: deb URI:ftp://another.example.com/debian2 Suites: experimental Sections: component1 component2 Enabled: no Description: http://debian.org This URL shouldn't be picked up by the parser [option1]: [option1-value] """ file_obj = StringIO.StringIO(test_data) pathspec = rdf_paths.PathSpec(path="/etc/apt/sources.list.d/rfc822.list") stat = rdf_client.StatEntry(pathspec=pathspec) parser = config_file.APTPackageSourceParser() results = list(parser.Parse(stat, file_obj, None)) result = [d for d in results if isinstance(d, rdf_protodict.AttributedDict)][0] self.assertEqual("/etc/apt/sources.list.d/rfc822.list", result.filename) self.assertEqual(11, len(result.uris)) self.assertEqual("ftp", result.uris[0].transport) self.assertEqual("security.debian.org", result.uris[0].host) self.assertEqual("/", result.uris[0].path) self.assertEqual("http", result.uris[1].transport) self.assertEqual("example.com", result.uris[1].host) self.assertEqual("/debian", result.uris[1].path) self.assertEqual("http", result.uris[2].transport) self.assertEqual("1.example.com", result.uris[2].host) self.assertEqual("/debian1", result.uris[2].path) self.assertEqual("http", result.uris[3].transport) self.assertEqual("2.example.com", result.uris[3].host) self.assertEqual("/debian2", result.uris[3].path) self.assertEqual("http", result.uris[4].transport) self.assertEqual("willdetect.example.com", result.uris[4].host) self.assertEqual("/debian-strange", result.uris[4].path) self.assertEqual("ftp", result.uris[5].transport) self.assertEqual("3.example.com", result.uris[5].host) self.assertEqual("/debian3", result.uris[5].path) self.assertEqual("http", result.uris[6].transport) self.assertEqual("4.example.com", result.uris[6].host) self.assertEqual("/debian4", result.uris[6].path) self.assertEqual("http", result.uris[7].transport) self.assertEqual("willdetect2.example.com", result.uris[7].host) self.assertEqual("/debian-w2", result.uris[7].path) self.assertEqual("http", result.uris[8].transport) self.assertEqual("willdetect3.example.com", result.uris[8].host) self.assertEqual("/debian-w3", result.uris[8].path) self.assertEqual("ssh", result.uris[9].transport) self.assertEqual("5.example.com", result.uris[9].host) self.assertEqual("/debian5", result.uris[9].path) self.assertEqual("ftp", result.uris[10].transport) self.assertEqual("another.example.com", result.uris[10].host) self.assertEqual("/debian2", result.uris[10].path)