forked from p15670423/monkey
Add Windows tests for island_config_options_validator.py
This commit is contained in:
parent
91aad66e16
commit
8a321f0290
|
@ -1,4 +1,5 @@
|
||||||
import os
|
import os
|
||||||
|
import subprocess
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
|
@ -7,15 +8,19 @@ from monkey_island.cc.setup.island_config_options import IslandConfigOptions
|
||||||
from monkey_island.cc.setup.island_config_options_validator import raise_on_invalid_options
|
from monkey_island.cc.setup.island_config_options_validator import raise_on_invalid_options
|
||||||
|
|
||||||
|
|
||||||
|
LINUX_READ_ONLY_BY_USER = 0o400
|
||||||
|
LINUX_RWX_BY_ALL = 0o777
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def island_config_options(tmpdir, create_empty_file):
|
def linux_island_config_options(tmpdir, create_empty_file):
|
||||||
crt_file = os.path.join(tmpdir, "test.crt")
|
crt_file = os.path.join(tmpdir, "test.crt")
|
||||||
create_empty_file(crt_file)
|
create_empty_file(crt_file)
|
||||||
os.chmod(crt_file, 0o400)
|
os.chmod(crt_file, LINUX_READ_ONLY_BY_USER)
|
||||||
|
|
||||||
key_file = os.path.join(tmpdir, "test.key")
|
key_file = os.path.join(tmpdir, "test.key")
|
||||||
create_empty_file(key_file)
|
create_empty_file(key_file)
|
||||||
os.chmod(key_file, 0o400)
|
os.chmod(key_file, LINUX_READ_ONLY_BY_USER)
|
||||||
|
|
||||||
return IslandConfigOptions(
|
return IslandConfigOptions(
|
||||||
{
|
{
|
||||||
"ssl_certificate": {
|
"ssl_certificate": {
|
||||||
|
@ -27,41 +32,114 @@ def island_config_options(tmpdir, create_empty_file):
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
||||||
def test_valid_crt_and_key_paths(island_config_options):
|
def test_linux_valid_crt_and_key_paths(linux_island_config_options):
|
||||||
try:
|
try:
|
||||||
raise_on_invalid_options(island_config_options)
|
raise_on_invalid_options(linux_island_config_options)
|
||||||
except Exception as ex:
|
except Exception as ex:
|
||||||
print(ex)
|
print(ex)
|
||||||
assert False
|
assert False
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
||||||
def test_crt_path_does_not_exist(island_config_options):
|
def test_linux_crt_path_does_not_exist(linux_island_config_options):
|
||||||
os.remove(island_config_options.crt_path)
|
os.remove(linux_island_config_options.crt_path)
|
||||||
|
|
||||||
with pytest.raises(FileNotFoundError):
|
with pytest.raises(FileNotFoundError):
|
||||||
raise_on_invalid_options(island_config_options)
|
raise_on_invalid_options(linux_island_config_options)
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
||||||
def test_crt_path_insecure_permissions(island_config_options):
|
def test_linux_crt_path_insecure_permissions(linux_island_config_options):
|
||||||
os.chmod(island_config_options.crt_path, 0o777)
|
os.chmod(linux_island_config_options.crt_path, LINUX_RWX_BY_ALL)
|
||||||
|
|
||||||
with pytest.raises(InsecurePermissionsError):
|
with pytest.raises(InsecurePermissionsError):
|
||||||
raise_on_invalid_options(island_config_options)
|
raise_on_invalid_options(linux_island_config_options)
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
||||||
def test_key_path_does_not_exist(island_config_options):
|
def test_linux_key_path_does_not_exist(linux_island_config_options):
|
||||||
os.remove(island_config_options.key_path)
|
os.remove(linux_island_config_options.key_path)
|
||||||
|
|
||||||
with pytest.raises(FileNotFoundError):
|
with pytest.raises(FileNotFoundError):
|
||||||
raise_on_invalid_options(island_config_options)
|
raise_on_invalid_options(linux_island_config_options)
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
||||||
def test_key_path_insecure_permissions(island_config_options):
|
def test_linux_key_path_insecure_permissions(linux_island_config_options):
|
||||||
os.chmod(island_config_options.key_path, 0o777)
|
os.chmod(linux_island_config_options.key_path, LINUX_RWX_BY_ALL)
|
||||||
|
|
||||||
with pytest.raises(InsecurePermissionsError):
|
with pytest.raises(InsecurePermissionsError):
|
||||||
raise_on_invalid_options(island_config_options)
|
raise_on_invalid_options(linux_island_config_options)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def windows_island_config_options(tmpdir, create_empty_file):
|
||||||
|
crt_file = os.path.join(tmpdir, "test.crt")
|
||||||
|
create_empty_file(crt_file)
|
||||||
|
cmd_to_change_permissions = get_windows_cmd_to_change_permissions(crt_file, 'R')
|
||||||
|
subprocess.run(cmd_to_change_permissions, shell=True)
|
||||||
|
|
||||||
|
key_file = os.path.join(tmpdir, "test.key")
|
||||||
|
create_empty_file(key_file)
|
||||||
|
cmd_to_change_permissions = get_windows_cmd_to_change_permissions(key_file, 'R')
|
||||||
|
subprocess.run(cmd_to_change_permissions, shell=True)
|
||||||
|
|
||||||
|
return IslandConfigOptions(
|
||||||
|
{
|
||||||
|
"ssl_certificate": {
|
||||||
|
"ssl_certificate_file": crt_file,
|
||||||
|
"ssl_certificate_key_file": key_file,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def get_windows_cmd_to_change_permissions(file_name, permissions):
|
||||||
|
"""
|
||||||
|
:param file_name: name of file
|
||||||
|
:param permissions: can be: N (None), R (Read), W (Write), C (Change (write)), F (Full control)
|
||||||
|
"""
|
||||||
|
return f"echo y| cacls {file_name} /p %USERNAME%:{permissions}"
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skipif(os.name == "posix", reason="Tests Windows (not Posix) permissions.")
|
||||||
|
def test_windows_valid_crt_and_key_paths(windows_island_config_options):
|
||||||
|
try:
|
||||||
|
raise_on_invalid_options(windows_island_config_options)
|
||||||
|
except Exception as ex:
|
||||||
|
print(ex)
|
||||||
|
assert False
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skipif(os.name == "posix", reason="Tests Windows (not Posix) permissions.")
|
||||||
|
def test_windows_crt_path_does_not_exist(windows_island_config_options):
|
||||||
|
os.remove(windows_island_config_options.crt_path)
|
||||||
|
|
||||||
|
with pytest.raises(FileNotFoundError):
|
||||||
|
raise_on_invalid_options(windows_island_config_options)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skipif(os.name == "posix", reason="Tests Windows (not Posix) permissions.")
|
||||||
|
def test_windows_crt_path_insecure_permissions(windows_island_config_options):
|
||||||
|
cmd_to_change_permissions = get_windows_cmd_to_change_permissions(windows_island_config_options.crt_path, 'W')
|
||||||
|
subprocess.run(cmd_to_change_permissions, shell=True)
|
||||||
|
|
||||||
|
with pytest.raises(InsecurePermissionsError):
|
||||||
|
raise_on_invalid_options(windows_island_config_options)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skipif(os.name == "posix", reason="Tests Windows (not Posix) permissions.")
|
||||||
|
def test_windows_key_path_does_not_exist(windows_island_config_options):
|
||||||
|
os.remove(windows_island_config_options.key_path)
|
||||||
|
|
||||||
|
with pytest.raises(FileNotFoundError):
|
||||||
|
raise_on_invalid_options(windows_island_config_options)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skipif(os.name == "posix", reason="Tests Windows (not Posix) permissions.")
|
||||||
|
def test_windows_key_path_insecure_permissions(windows_island_config_options):
|
||||||
|
cmd_to_change_permissions = get_windows_cmd_to_change_permissions(windows_island_config_options.key_path, 'W')
|
||||||
|
subprocess.run(cmd_to_change_permissions, shell=True)
|
||||||
|
|
||||||
|
with pytest.raises(InsecurePermissionsError):
|
||||||
|
raise_on_invalid_options(windows_island_config_options)
|
||||||
|
|
Loading…
Reference in New Issue