def test_config(self): """Test the configuration object""" config = Configuration({self.key: self.value}) self.assertEqual(self.value, config.get(self.key)) self.assertEqual(self.value, config.get(self.key, self.new_value)) self.assertEqual(self.new_value, config.get("InexistentKey", self.new_value))
def test_session_manager(self): """Test session manager""" # Obtain a session from the manager session_manager = SessionManager(Configuration()) session = session_manager.get_session("test", "127.0.0.1", 3200, "127.0.0.1", 3201) # Check that the session obtained matches with the requested data self.assertIsInstance(session, Session) self.assertIs(session.event_queue, session_manager.event_queue) self.assertEqual(session.service, "test") self.assertEqual(session.source_ip, "127.0.0.1") self.assertEqual(session.source_port, 3200) self.assertEqual(session.target_ip, "127.0.0.1") self.assertEqual(session.target_port, 3201) # Check that different sessions are created for other service/ip/ports another_session = session_manager.get_session("test", "127.0.0.1", 3200, "127.0.0.1", 3202) self.assertIsNot(session, another_session) another_session = session_manager.get_session("test", "127.0.0.1", 3200, "127.0.0.2", 3201) self.assertIsNot(session, another_session) another_session = session_manager.get_session("test", "127.0.0.2", 3200, "127.0.0.1", 3201) self.assertIsNot(session, another_session) another_session = session_manager.get_session("test", "127.0.0.1", 3201, "127.0.0.1", 3201) self.assertIsNot(session, another_session) another_session = session_manager.get_session("service", "127.0.0.1", 3201, "127.0.0.1", 3201) self.assertIsNot(session, another_session)
def test_feed_manager(self): """Test attack feed manager""" # Create a session manager and the feed manager attached to it config = Configuration() session_manager = SessionManager(config) feed_manager = FeedManager(config, session_manager) feed_manager.add_feed(DummyFeed(config)) feed_manager.run() # Create an event event = Event("Test event") # Obtain a session and add the event session = session_manager.get_session("test", "127.0.0.1", 3200, "127.0.0.1", 3201) session.add_event(event) # Give the feed manager time for processing the event sleep(1) # Stop the feed manager and check if the event was processed feed_manager.stop() new_event = DummyFeed.events.get() self.assertIs(event, new_event)
def test_dbfeeds(self): """Tests event storage on a database""" self.test_filename = mkstemp(".sqlite", "dbfeedstest")[1] # Register an event using the DBFeed configuration = Configuration({ "feed": "DBFeed", "db_engine": "sqlite:///%s" % self.test_filename }) feed = DBFeed(configuration) event = Event("Test event") event.session = Session(Queue(), "test", "127.0.0.1", 3200, "127.0.0.1", 3201) feed.log(event) feed.stop() # Now check the event in the database conn = sqlite3.connect(self.test_filename) cursor = conn.cursor() cursor.execute('SELECT * FROM events') results = cursor.fetchall() self.assertEqual(len(results), 1) self.assertEqual(results[0][1], str(event.session.uuid)) self.assertEqual(results[0][2], str(event.timestamp)) self.assertEqual(results[0][3], repr(event))
def test_datastore_load_config(self): """Test loading the datastore with the config data.""" dummy = self.DummyDataStore() config = Configuration({self.key: self.value}) dummy.load_config(config) self.assertEqual(self.value, dummy.get_data(self.key))
def test_config_json_include(self): """Test json custom include directive.""" test_filename = mkstemp()[1] test_filename_include = mkstemp()[1] with file(test_filename, 'w') as f: f.write("""{ "%s": "%s", "%s": { "!include": "%s" } }""" % (self.key, self.value, self.new_key, test_filename_include)) with file(test_filename_include, 'w') as f: json.dump({self.new_new_key: self.new_new_value}, f) config = Configuration() config.update(test_filename, from_file=True) self.assertEqual(self.value, config.get(self.key)) self.assertEqual({self.new_new_key: self.new_new_value}, config.get(self.new_key)) self.assertListEqual([test_filename_include, test_filename], config.get_config_files()) remove(test_filename) remove(test_filename_include)
def test_config_for(self): """Test the config_for method lookup.""" config = Configuration({ self.key: self.value, self.new_key: [{ self.new_key: self.new_value, self.new_new_key: self.new_new_value }, { self.new_key: self.new_new_value, self.key: self.value }] }) self.assertEqual(self.value, config.get(self.key)) self.assertListEqual([], config.config_for(self.new_new_key, self.new_new_key, "SomeClass")) self.assertListEqual([], config.config_for(self.new_key, self.new_key, "SomeClass")) self.assertListEqual([{ self.key: self.value, self.new_key: self.new_value, self.new_new_key: self.new_new_value }], config.config_for(self.new_key, self.new_key, self.new_value)) self.assertListEqual([{ self.key: self.value, self.new_key: self.new_new_value }], config.config_for(self.new_key, self.new_key, self.new_new_value))
def test_config_yaml_include(self): """Test yaml custom include directive.""" test_filename = mkstemp()[1] test_filename_include = mkstemp()[1] with file(test_filename, 'w') as f: f.write( """--- %s: %s %s: !include %s""" % (self.key, self.value, self.new_key, test_filename_include)) with file(test_filename_include, 'w') as f: yaml.dump({self.new_new_key: self.new_new_value}, f) config = Configuration() config.update(test_filename, from_file=True) self.assertEqual(self.value, config.get(self.key)) self.assertEqual({self.new_new_key: self.new_new_value}, config.get(self.new_key)) self.assertListEqual([test_filename_include, test_filename], config.get_config_files()) remove(test_filename) remove(test_filename_include)
def test_datastoremanager_default(self): """Test the DataStoreManager loading the default DataStore """ manager = DataStoreManager(Configuration()) datastore = manager.get_datastore() #self.assertIsInstance(datastore, MemoryDataStore) new_datastore = manager.get_datastore() self.assertIs(datastore, new_datastore)
def test_config_yaml_include(self): """Test yaml custom include directive.""" test_filename = mkstemp()[1] test_filename_include = mkstemp()[1] with file(test_filename, 'w') as f: f.write("""--- %s: %s %s: !include %s""" % (self.key, self.value, self.new_key, test_filename_include)) with file(test_filename_include, 'w') as f: yaml.dump({self.new_new_key: self.new_new_value}, f) config = Configuration() config.update(test_filename, from_file=True) self.assertEqual(self.value, config.get(self.key)) self.assertEqual({self.new_new_key: self.new_new_value}, config.get(self.new_key)) self.assertListEqual([test_filename_include, test_filename], config.get_config_files()) remove(test_filename) remove(test_filename_include)
def test_hpfeeds(self): """Tests the HPFeed by connecting to honeynet's HPFriends service. """ # Register an event using the HPFeed configuration = Configuration({ "feed": "HPFeed", "feed_host": self.test_host, "feed_port": self.test_port, "feed_ident": self.test_ident, "feed_secret": self.test_secret, "channels": [self.test_channel] })
def test_hpfeeds(self): """Tests the HPFeed by connecting to honeynet's HPFriends service. """ # Register an event using the HPFeed configuration = Configuration({"feed": "HPFeed", "feed_host": self.test_host, "feed_port": self.test_port, "feed_ident": self.test_ident, "feed_secret": self.test_secret, "channels": [self.test_channel]}) feed = HPFeed(configuration) event = Event("Test event") event.session = Session(Queue(), "test", "127.0.0.1", 3200, "127.0.0.1", 3201) feed.log(event) feed.stop()
def test_logfeeds(self): self.test_filename = mkstemp(".log", "logfeedstest")[1] # Register an event using the LogFeed configuration = Configuration({ "feed": "LogFeed", "log_filename": self.test_filename }) feed = LogFeed(configuration) event = Event("Test event") event.session = Session(Queue(), "test", "127.0.0.1", 3200, "127.0.0.1", 3201) feed.log(event) feed.stop() self.assertIs(path.exists(self.test_filename), True)
def test_config_for(self): """Test the config_for method lookup.""" config = Configuration({self.key: self.value, self.new_key: [{self.new_key: self.new_value, self.new_new_key: self.new_new_value}, {self.new_key: self.new_new_value, self.key: self.value}]}) self.assertEqual(self.value, config.get(self.key)) self.assertListEqual([], config.config_for(self.new_new_key, self.new_new_key, "SomeClass")) self.assertListEqual([], config.config_for(self.new_key, self.new_key, "SomeClass")) self.assertListEqual([{self.key: self.value, self.new_key: self.new_value, self.new_new_key: self.new_new_value}], config.config_for(self.new_key, self.new_key, self.new_value)) self.assertListEqual([{self.key: self.value, self.new_key: self.new_new_value}], config.config_for(self.new_key, self.new_key, self.new_new_value))
def test_datastoremanager_invalid(self): """Test the DataStoreManager loading an invalid DataStore """ with self.assertRaises(DataStoreNotFound): DataStoreManager( Configuration({"datastore_class": "InexistentClass"}))
def test_config_update(self): """Test the configuration object update methods""" config = Configuration() # Update from empty using careful config.update({self.key: self.value}, mode="careful") self.assertIs(None, config.get(self.key)) # Update using loose mode config.update({self.key: self.value}, mode="loose") self.assertIs(self.value, config.get(self.key)) # Update using careful mode config.update({self.new_key: self.new_value}, mode="careful") self.assertIs(self.value, config.get(self.key)) self.assertIs(None, config.get(self.new_key)) # Updating from another Configuration object config.update(Configuration({self.new_new_key: self.new_new_value})) self.assertIs(self.new_new_value, config.get(self.new_new_key))
def test_config_parsers(self): """Test the update from a file.""" test_filename = mkstemp()[1] # Test using invalid filenames config = Configuration() with self.assertRaises(ValueError): config.update("invalid_filename", from_file=True) with self.assertRaises(ValueError): config.update({}, from_file=True) # Test using a file with random content config = Configuration() with file(test_filename, 'w') as f: f.write("junk: %lalala%") with self.assertRaises(ConfigurationParserNotFound): config.update(test_filename, from_file=True) # Test using valid json config = Configuration() with file(test_filename, 'w') as f: json.dump({self.key: self.value}, f) config.update(test_filename, from_file=True) self.assertEqual(self.value, config.get(self.key)) # Test using json with comments config = Configuration() with file(test_filename, 'w') as f: f.write("""{ # Some one-line comment %s: %s, /* Other multi-line comment */ }""" % (self.key, self.value)) config.update(test_filename, from_file=True) self.assertEqual(self.value, config.get(self.key)) # Test using valid yaml config = Configuration() with file(test_filename, 'w') as f: yaml.dump({self.key: self.value}, f) config.update(test_filename, from_file=True) self.assertEqual(self.value, config.get(self.key)) remove(test_filename)