408
def check_option_syntax(parser, options):
409
"""Apply additional restrictions on options, not expressible in
412
def has_commands(options, commands=None):
414
commands = (command.Enable,
417
command.StartChecker,
423
command.SetExtendedTimeout,
425
command.ApproveByDefault,
426
command.DenyByDefault,
427
command.SetApprovalDelay,
428
command.SetApprovalDuration,
433
return any(isinstance(cmd, commands)
434
for cmd in options.commands)
436
if has_commands(options) and not (options.client or options.all):
294
def print_clients(clients, keywords):
295
print('\n'.join(table_rows_of_clients(clients, keywords)))
297
def table_rows_of_clients(clients, keywords):
298
def valuetostring(value, keyword):
299
if isinstance(value, dbus.Boolean):
300
return "Yes" if value else "No"
301
if keyword in ("Timeout", "Interval", "ApprovalDelay",
302
"ApprovalDuration", "ExtendedTimeout"):
303
return milliseconds_to_string(value)
306
# Create format string to print table rows
307
format_string = " ".join("{{{key}:{width}}}".format(
308
width=max(len(tablewords[key]),
309
max(len(valuetostring(client[key], key))
310
for client in clients)),
313
# Start with header line
314
rows = [format_string.format(**tablewords)]
315
for client in clients:
316
rows.append(format_string
317
.format(**{key: valuetostring(client[key], key)
318
for key in keywords}))
322
def has_actions(options):
323
return any((options.enable,
325
options.bump_timeout,
326
options.start_checker,
327
options.stop_checker,
330
options.checker is not None,
331
options.timeout is not None,
332
options.extended_timeout is not None,
333
options.interval is not None,
334
options.approved_by_default is not None,
335
options.approval_delay is not None,
336
options.approval_duration is not None,
337
options.host is not None,
338
options.secret is not None,
344
parser = argparse.ArgumentParser()
345
parser.add_argument("--version", action="version",
346
version="%(prog)s {}".format(version),
347
help="show version number and exit")
348
parser.add_argument("-a", "--all", action="store_true",
349
help="Select all clients")
350
parser.add_argument("-v", "--verbose", action="store_true",
351
help="Print all fields")
352
parser.add_argument("-j", "--dump-json", action="store_true",
353
help="Dump client data in JSON format")
354
parser.add_argument("-e", "--enable", action="store_true",
355
help="Enable client")
356
parser.add_argument("-d", "--disable", action="store_true",
357
help="disable client")
358
parser.add_argument("-b", "--bump-timeout", action="store_true",
359
help="Bump timeout for client")
360
parser.add_argument("--start-checker", action="store_true",
361
help="Start checker for client")
362
parser.add_argument("--stop-checker", action="store_true",
363
help="Stop checker for client")
364
parser.add_argument("-V", "--is-enabled", action="store_true",
365
help="Check if client is enabled")
366
parser.add_argument("-r", "--remove", action="store_true",
367
help="Remove client")
368
parser.add_argument("-c", "--checker",
369
help="Set checker command for client")
370
parser.add_argument("-t", "--timeout",
371
help="Set timeout for client")
372
parser.add_argument("--extended-timeout",
373
help="Set extended timeout for client")
374
parser.add_argument("-i", "--interval",
375
help="Set checker interval for client")
376
parser.add_argument("--approve-by-default", action="store_true",
377
default=None, dest="approved_by_default",
378
help="Set client to be approved by default")
379
parser.add_argument("--deny-by-default", action="store_false",
380
dest="approved_by_default",
381
help="Set client to be denied by default")
382
parser.add_argument("--approval-delay",
383
help="Set delay before client approve/deny")
384
parser.add_argument("--approval-duration",
385
help="Set duration of one client approval")
386
parser.add_argument("-H", "--host", help="Set host for client")
387
parser.add_argument("-s", "--secret",
388
type=argparse.FileType(mode="rb"),
389
help="Set password blob (file) for client")
390
parser.add_argument("-A", "--approve", action="store_true",
391
help="Approve any current client request")
392
parser.add_argument("-D", "--deny", action="store_true",
393
help="Deny any current client request")
394
parser.add_argument("--check", action="store_true",
395
help="Run self-test")
396
parser.add_argument("client", nargs="*", help="Client name")
397
options = parser.parse_args()
399
if has_actions(options) and not (options.client or options.all):
437
400
parser.error("Options require clients names or --all.")
438
if options.verbose and has_commands(options):
401
if options.verbose and has_actions(options):
439
402
parser.error("--verbose can only be used alone.")
440
if (has_commands(options, (command.DumpJSON,))
441
and (options.verbose or len(options.commands) > 1)):
403
if options.dump_json and (options.verbose
404
or has_actions(options)):
442
405
parser.error("--dump-json can only be used alone.")
443
if options.all and not has_commands(options):
406
if options.all and not has_actions(options):
444
407
parser.error("--all requires an action.")
445
if (has_commands(options, (command.IsEnabled,))
446
and len(options.client) > 1):
447
parser.error("--is-enabled requires exactly one client")
448
if (len(options.commands) > 1
449
and has_commands(options, (command.Remove,))
450
and not has_commands(options, (command.Deny,))):
451
parser.error("--remove can only be combined with --deny")
456
class SystemBus(object):
458
object_manager_iface = "org.freedesktop.DBus.ObjectManager"
459
def get_managed_objects(self, busname, objectpath):
460
return self.call_method("GetManagedObjects", busname,
462
self.object_manager_iface)
464
properties_iface = "org.freedesktop.DBus.Properties"
465
def set_property(self, busname, objectpath, interface, key,
467
self.call_method("Set", busname, objectpath,
468
self.properties_iface, interface, key,
472
class MandosBus(SystemBus):
473
busname_domain = "se.recompile"
474
busname = busname_domain + ".Mandos"
476
server_interface = busname_domain + ".Mandos"
477
client_interface = busname_domain + ".Mandos.Client"
480
def get_clients_and_properties(self):
481
managed_objects = self.get_managed_objects(
482
self.busname, self.server_path)
483
return {objpath: properties[self.client_interface]
484
for objpath, properties in managed_objects.items()
485
if self.client_interface in properties}
487
def set_client_property(self, objectpath, key, value):
488
return self.set_property(self.busname, objectpath,
489
self.client_interface, key,
492
def call_client_method(self, objectpath, method, *args):
493
return self.call_method(method, self.busname, objectpath,
494
self.client_interface, *args)
496
def call_server_method(self, method, *args):
497
return self.call_method(method, self.busname,
499
self.server_interface, *args)
501
class Error(Exception):
504
class ConnectFailed(Error):
508
class dbus_python_adapter(object):
510
class SystemBus(dbus.MandosBus):
511
"""Use dbus-python"""
513
def __init__(self, module=dbus_python):
514
self.dbus_python = module
515
self.bus = self.dbus_python.SystemBus()
517
@contextlib.contextmanager
518
def convert_exception(self, exception_class=dbus.Error):
521
except self.dbus_python.exceptions.DBusException as e:
522
# This does what "raise from" would do
523
exc = exception_class(*e.args)
527
def call_method(self, methodname, busname, objectpath,
529
proxy_object = self.get_object(busname, objectpath)
530
log.debug("D-Bus: %s:%s:%s.%s(%s)", busname, objectpath,
531
interface, methodname,
532
", ".join(repr(a) for a in args))
533
method = getattr(proxy_object, methodname)
534
with self.convert_exception():
535
with dbus_python_adapter.SilenceLogger(
537
value = method(*args, dbus_interface=interface)
538
return self.type_filter(value)
540
def get_object(self, busname, objectpath):
541
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
543
with self.convert_exception(dbus.ConnectFailed):
544
return self.bus.get_object(busname, objectpath)
546
def type_filter(self, value):
547
"""Convert the most bothersome types to Python types"""
548
if isinstance(value, self.dbus_python.Boolean):
550
if isinstance(value, self.dbus_python.ObjectPath):
552
# Also recurse into dictionaries
553
if isinstance(value, self.dbus_python.Dictionary):
554
return {self.type_filter(key):
555
self.type_filter(subval)
556
for key, subval in value.items()}
560
class SilenceLogger(object):
561
"Simple context manager to silence a particular logger"
562
def __init__(self, loggername):
563
self.logger = logging.getLogger(loggername)
566
self.logger.addFilter(self.nullfilter)
568
class NullFilter(logging.Filter):
569
def filter(self, record):
572
nullfilter = NullFilter()
574
def __exit__(self, exc_type, exc_val, exc_tb):
575
self.logger.removeFilter(self.nullfilter)
578
class CachingBus(SystemBus):
579
"""A caching layer for dbus_python_adapter.SystemBus"""
580
def __init__(self, *args, **kwargs):
581
self.object_cache = {}
582
super(dbus_python_adapter.CachingBus,
583
self).__init__(*args, **kwargs)
584
def get_object(self, busname, objectpath):
586
return self.object_cache[(busname, objectpath)]
589
dbus_python_adapter.CachingBus,
590
self).get_object(busname, objectpath)
591
self.object_cache[(busname, objectpath)] = new_object
595
def commands_from_options(options):
597
commands = list(options.commands)
599
def find_cmd(cmd, commands):
601
for i, c in enumerate(commands):
602
if isinstance(c, cmd):
606
# If command.Remove is present, move any instances of command.Deny
607
# to occur ahead of command.Remove.
608
index_of_remove = find_cmd(command.Remove, commands)
609
before_remove = commands[:index_of_remove]
610
after_remove = commands[index_of_remove:]
612
for cmd in after_remove:
613
if isinstance(cmd, command.Deny):
614
before_remove.append(cmd)
616
cleaned_after.append(cmd)
617
if cleaned_after != after_remove:
618
commands = before_remove + cleaned_after
620
# If no command option has been given, show table of clients,
621
# optionally verbosely
623
commands.append(command.PrintTable(verbose=options.verbose))
628
class command(object):
629
"""A namespace for command classes"""
632
"""Abstract base class for commands"""
633
def run(self, clients, bus=None):
634
"""Normal commands should implement run_on_one_client(),
635
but commands which want to operate on all clients at the same time can
636
override this run() method instead.
639
for client, properties in clients.items():
640
self.run_on_one_client(client, properties)
643
class IsEnabled(Base):
644
def run(self, clients, bus=None):
645
properties = next(iter(clients.values()))
646
if properties["Enabled"]:
652
def run_on_one_client(self, client, properties):
653
self.bus.call_client_method(client, "Approve", True)
657
def run_on_one_client(self, client, properties):
658
self.bus.call_client_method(client, "Approve", False)
662
def run(self, clients, bus):
663
for clientpath in frozenset(clients.keys()):
664
bus.call_server_method("RemoveClient", clientpath)
668
"""Abstract class for commands outputting client details"""
669
all_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
410
bus = dbus.SystemBus()
411
mandos_dbus_objc = bus.get_object(busname, server_path)
412
except dbus.exceptions.DBusException:
413
log.critical("Could not connect to Mandos server")
416
mandos_serv = dbus.Interface(mandos_dbus_objc,
417
dbus_interface=server_interface)
418
mandos_serv_object_manager = dbus.Interface(
419
mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
421
# block stderr since dbus library prints to stderr
422
null = os.open(os.path.devnull, os.O_RDWR)
423
stderrcopy = os.dup(sys.stderr.fileno())
424
os.dup2(null, sys.stderr.fileno())
428
mandos_clients = {path: ifs_and_props[client_interface]
429
for path, ifs_and_props in
430
mandos_serv_object_manager
431
.GetManagedObjects().items()
432
if client_interface in ifs_and_props}
435
os.dup2(stderrcopy, sys.stderr.fileno())
437
except dbus.exceptions.DBusException as e:
438
log.critical("Failed to access Mandos server through D-Bus:"
442
# Compile dict of (clients: properties) to process
445
if options.all or not options.client:
446
clients = {bus.get_object(busname, path): properties
447
for path, properties in mandos_clients.items()}
449
for name in options.client:
450
for path, client in mandos_clients.items():
451
if client["Name"] == name:
452
client_objc = bus.get_object(busname, path)
453
clients[client_objc] = client
456
log.critical("Client not found on server: %r", name)
459
if not has_actions(options) and clients:
460
if options.verbose or options.dump_json:
461
keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
670
462
"Created", "Interval", "Host", "KeyID",
671
463
"Fingerprint", "CheckerRunning",
672
464
"LastEnabled", "ApprovalPending",
674
466
"ApprovalDelay", "ApprovalDuration",
675
467
"Checker", "ExtendedTimeout", "Expires",
676
468
"LastCheckerStatus")
679
class DumpJSON(Output):
680
def run(self, clients, bus=None):
681
data = {properties["Name"]:
682
{key: properties[key]
683
for key in self.all_keywords}
684
for properties in clients.values()}
685
print(json.dumps(data, indent=4, separators=(',', ': ')))
688
class PrintTable(Output):
689
def __init__(self, verbose=False):
690
self.verbose = verbose
692
def run(self, clients, bus=None):
693
default_keywords = ("Name", "Enabled", "Timeout",
695
keywords = default_keywords
697
keywords = self.all_keywords
698
print(self.TableOfClients(clients.values(), keywords))
700
class TableOfClients(object):
703
"Enabled": "Enabled",
704
"Timeout": "Timeout",
705
"LastCheckedOK": "Last Successful Check",
706
"LastApprovalRequest": "Last Approval Request",
707
"Created": "Created",
708
"Interval": "Interval",
710
"Fingerprint": "Fingerprint",
712
"CheckerRunning": "Check Is Running",
713
"LastEnabled": "Last Enabled",
714
"ApprovalPending": "Approval Is Pending",
715
"ApprovedByDefault": "Approved By Default",
716
"ApprovalDelay": "Approval Delay",
717
"ApprovalDuration": "Approval Duration",
718
"Checker": "Checker",
719
"ExtendedTimeout": "Extended Timeout",
720
"Expires": "Expires",
721
"LastCheckerStatus": "Last Checker Status",
724
def __init__(self, clients, keywords):
725
self.clients = clients
726
self.keywords = keywords
729
return "\n".join(self.rows())
731
if sys.version_info.major == 2:
732
__unicode__ = __str__
734
return str(self).encode(
735
locale.getpreferredencoding())
738
format_string = self.row_formatting_string()
739
rows = [self.header_line(format_string)]
740
rows.extend(self.client_line(client, format_string)
741
for client in self.clients)
744
def row_formatting_string(self):
745
"Format string used to format table rows"
746
return " ".join("{{{key}:{width}}}".format(
747
width=max(len(self.tableheaders[key]),
748
*(len(self.string_from_client(client,
750
for client in self.clients)),
752
for key in self.keywords)
754
def string_from_client(self, client, key):
755
return self.valuetostring(client[key], key)
758
def valuetostring(cls, value, keyword):
759
if isinstance(value, bool):
760
return "Yes" if value else "No"
761
if keyword in ("Timeout", "Interval", "ApprovalDelay",
762
"ApprovalDuration", "ExtendedTimeout"):
763
return cls.milliseconds_to_string(value)
766
def header_line(self, format_string):
767
return format_string.format(**self.tableheaders)
769
def client_line(self, client, format_string):
770
return format_string.format(
771
**{key: self.string_from_client(client, key)
772
for key in self.keywords})
775
def milliseconds_to_string(ms):
776
td = datetime.timedelta(0, 0, 0, ms)
777
return ("{days}{hours:02}:{minutes:02}:{seconds:02}"
778
.format(days="{}T".format(td.days)
780
hours=td.seconds // 3600,
781
minutes=(td.seconds % 3600) // 60,
782
seconds=td.seconds % 60))
785
class PropertySetter(Base):
786
"Abstract class for Actions for setting one client property"
788
def run_on_one_client(self, client, properties=None):
789
"""Set the Client's D-Bus property"""
790
self.bus.set_client_property(client, self.propname,
795
raise NotImplementedError()
798
class Enable(PropertySetter):
803
class Disable(PropertySetter):
808
class BumpTimeout(PropertySetter):
809
propname = "LastCheckedOK"
813
class StartChecker(PropertySetter):
814
propname = "CheckerRunning"
818
class StopChecker(PropertySetter):
819
propname = "CheckerRunning"
823
class ApproveByDefault(PropertySetter):
824
propname = "ApprovedByDefault"
828
class DenyByDefault(PropertySetter):
829
propname = "ApprovedByDefault"
833
class PropertySetterValue(PropertySetter):
834
"""Abstract class for PropertySetter recieving a value as
835
constructor argument instead of a class attribute."""
836
def __init__(self, value):
837
self.value_to_set = value
840
def argparse(cls, argtype):
842
return cls(argtype(arg))
845
class SetChecker(PropertySetterValue):
849
class SetHost(PropertySetterValue):
853
class SetSecret(PropertySetterValue):
857
def value_to_set(self):
861
def value_to_set(self, value):
862
"""When setting, read data from supplied file object"""
863
self._vts = value.read()
867
class PropertySetterValueMilliseconds(PropertySetterValue):
868
"""Abstract class for PropertySetterValue taking a value
869
argument as a datetime.timedelta() but should store it as
873
def value_to_set(self):
877
def value_to_set(self, value):
878
"When setting, convert value from a datetime.timedelta"
879
self._vts = int(round(value.total_seconds() * 1000))
882
class SetTimeout(PropertySetterValueMilliseconds):
886
class SetExtendedTimeout(PropertySetterValueMilliseconds):
887
propname = "ExtendedTimeout"
890
class SetInterval(PropertySetterValueMilliseconds):
891
propname = "Interval"
894
class SetApprovalDelay(PropertySetterValueMilliseconds):
895
propname = "ApprovalDelay"
898
class SetApprovalDuration(PropertySetterValueMilliseconds):
899
propname = "ApprovalDuration"
470
keywords = defaultkeywords
472
if options.dump_json:
473
json.dump({client["Name"]: {key:
475
if isinstance(client[key],
479
for client in clients.values()},
480
fp=sys.stdout, indent=4,
481
separators=(',', ': '))
484
print_clients(clients.values(), keywords)
486
# Process each client in the list by all selected options
487
for client in clients:
489
def set_client_prop(prop, value):
490
"""Set a Client D-Bus property"""
491
client.Set(client_interface, prop, value,
492
dbus_interface=dbus.PROPERTIES_IFACE)
494
def set_client_prop_ms(prop, value):
495
"""Set a Client D-Bus property, converted
496
from a string to milliseconds."""
497
set_client_prop(prop,
498
string_to_delta(value).total_seconds()
502
mandos_serv.RemoveClient(client.__dbus_object_path__)
504
set_client_prop("Enabled", dbus.Boolean(True))
506
set_client_prop("Enabled", dbus.Boolean(False))
507
if options.bump_timeout:
508
set_client_prop("LastCheckedOK", "")
509
if options.start_checker:
510
set_client_prop("CheckerRunning", dbus.Boolean(True))
511
if options.stop_checker:
512
set_client_prop("CheckerRunning", dbus.Boolean(False))
513
if options.is_enabled:
514
if client.Get(client_interface, "Enabled",
515
dbus_interface=dbus.PROPERTIES_IFACE):
519
if options.checker is not None:
520
set_client_prop("Checker", options.checker)
521
if options.host is not None:
522
set_client_prop("Host", options.host)
523
if options.interval is not None:
524
set_client_prop_ms("Interval", options.interval)
525
if options.approval_delay is not None:
526
set_client_prop_ms("ApprovalDelay",
527
options.approval_delay)
528
if options.approval_duration is not None:
529
set_client_prop_ms("ApprovalDuration",
530
options.approval_duration)
531
if options.timeout is not None:
532
set_client_prop_ms("Timeout", options.timeout)
533
if options.extended_timeout is not None:
534
set_client_prop_ms("ExtendedTimeout",
535
options.extended_timeout)
536
if options.secret is not None:
537
set_client_prop("Secret",
538
dbus.ByteArray(options.secret.read()))
539
if options.approved_by_default is not None:
540
set_client_prop("ApprovedByDefault",
542
.approved_by_default))
544
client.Approve(dbus.Boolean(True),
545
dbus_interface=client_interface)
547
client.Approve(dbus.Boolean(False),
548
dbus_interface=client_interface)
903
class TestCaseWithAssertLogs(unittest.TestCase):
904
"""unittest.TestCase.assertLogs only exists in Python 3.4"""
906
if not hasattr(unittest.TestCase, "assertLogs"):
907
@contextlib.contextmanager
908
def assertLogs(self, logger, level=logging.INFO):
909
capturing_handler = self.CapturingLevelHandler(level)
910
old_level = logger.level
911
old_propagate = logger.propagate
912
logger.addHandler(capturing_handler)
913
logger.setLevel(level)
914
logger.propagate = False
916
yield capturing_handler.watcher
918
logger.propagate = old_propagate
919
logger.removeHandler(capturing_handler)
920
logger.setLevel(old_level)
921
self.assertGreater(len(capturing_handler.watcher.records),
924
class CapturingLevelHandler(logging.Handler):
925
def __init__(self, level, *args, **kwargs):
926
logging.Handler.__init__(self, *args, **kwargs)
927
self.watcher = self.LoggingWatcher([], [])
928
def emit(self, record):
929
self.watcher.records.append(record)
930
self.watcher.output.append(self.format(record))
932
LoggingWatcher = collections.namedtuple("LoggingWatcher",
937
class Unique(object):
938
"""Class for objects which exist only to be unique objects, since
939
unittest.mock.sentinel only exists in Python 3.3"""
942
class Test_string_to_delta(TestCaseWithAssertLogs):
943
# Just test basic RFC 3339 functionality here, the doc string for
944
# rfc3339_duration_to_delta() already has more comprehensive
945
# tests, which are run by doctest.
947
def test_rfc3339_zero_seconds(self):
948
self.assertEqual(datetime.timedelta(),
949
string_to_delta("PT0S"))
951
def test_rfc3339_zero_days(self):
952
self.assertEqual(datetime.timedelta(), string_to_delta("P0D"))
954
def test_rfc3339_one_second(self):
955
self.assertEqual(datetime.timedelta(0, 1),
956
string_to_delta("PT1S"))
958
def test_rfc3339_two_hours(self):
959
self.assertEqual(datetime.timedelta(0, 7200),
960
string_to_delta("PT2H"))
551
class Test_milliseconds_to_string(unittest.TestCase):
553
self.assertEqual(milliseconds_to_string(93785000),
555
def test_no_days(self):
556
self.assertEqual(milliseconds_to_string(7385000), "02:03:05")
557
def test_all_zero(self):
558
self.assertEqual(milliseconds_to_string(0), "00:00:00")
559
def test_no_fractional_seconds(self):
560
self.assertEqual(milliseconds_to_string(400), "00:00:00")
561
self.assertEqual(milliseconds_to_string(900), "00:00:00")
562
self.assertEqual(milliseconds_to_string(1900), "00:00:01")
564
class Test_string_to_delta(unittest.TestCase):
565
def test_handles_basic_rfc3339(self):
566
self.assertEqual(string_to_delta("PT2H"),
567
datetime.timedelta(0, 7200))
962
568
def test_falls_back_to_pre_1_6_1_with_warning(self):
963
with self.assertLogs(log, logging.WARNING):
569
# assertLogs only exists in Python 3.4
570
if hasattr(self, "assertLogs"):
571
with self.assertLogs(log, logging.WARNING):
572
value = string_to_delta("2h")
964
574
value = string_to_delta("2h")
965
self.assertEqual(datetime.timedelta(0, 7200), value)
968
class Test_check_option_syntax(unittest.TestCase):
970
self.parser = argparse.ArgumentParser()
971
add_command_line_options(self.parser)
973
def test_actions_requires_client_or_all(self):
974
for action, value in self.actions.items():
975
args = self.actionargs(action, value)
976
with self.assertParseError():
977
self.parse_args(args)
979
# This mostly corresponds to the definition from has_commands() in
980
# check_option_syntax()
984
"--bump-timeout": None,
985
"--start-checker": None,
986
"--stop-checker": None,
987
"--is-enabled": None,
991
"--extended-timeout": "PT0S",
992
"--interval": "PT0S",
993
"--approve-by-default": None,
994
"--deny-by-default": None,
995
"--approval-delay": "PT0S",
996
"--approval-duration": "PT0S",
997
"--host": "hostname",
998
"--secret": "/dev/null",
1004
def actionargs(action, value, *args):
1005
if value is not None:
1006
return [action, value] + list(args)
1008
return [action] + list(args)
1010
@contextlib.contextmanager
1011
def assertParseError(self):
1012
with self.assertRaises(SystemExit) as e:
1013
with self.redirect_stderr_to_devnull():
1015
# Exit code from argparse is guaranteed to be "2". Reference:
1016
# https://docs.python.org/3/library
1017
# /argparse.html#exiting-methods
1018
self.assertEqual(2, e.exception.code)
1020
def parse_args(self, args):
1021
options = self.parser.parse_args(args)
1022
check_option_syntax(self.parser, options)
1025
@contextlib.contextmanager
1026
def redirect_stderr_to_devnull():
1027
old_stderr = sys.stderr
1028
with contextlib.closing(open(os.devnull, "w")) as null:
1033
sys.stderr = old_stderr
1035
def check_option_syntax(self, options):
1036
check_option_syntax(self.parser, options)
1038
def test_actions_all_conflicts_with_verbose(self):
1039
for action, value in self.actions.items():
1040
args = self.actionargs(action, value, "--all",
1042
with self.assertParseError():
1043
self.parse_args(args)
1045
def test_actions_with_client_conflicts_with_verbose(self):
1046
for action, value in self.actions.items():
1047
args = self.actionargs(action, value, "--verbose",
1049
with self.assertParseError():
1050
self.parse_args(args)
1052
def test_dump_json_conflicts_with_verbose(self):
1053
args = ["--dump-json", "--verbose"]
1054
with self.assertParseError():
1055
self.parse_args(args)
1057
def test_dump_json_conflicts_with_action(self):
1058
for action, value in self.actions.items():
1059
args = self.actionargs(action, value, "--dump-json")
1060
with self.assertParseError():
1061
self.parse_args(args)
1063
def test_all_can_not_be_alone(self):
1065
with self.assertParseError():
1066
self.parse_args(args)
1068
def test_all_is_ok_with_any_action(self):
1069
for action, value in self.actions.items():
1070
args = self.actionargs(action, value, "--all")
1071
self.parse_args(args)
1073
def test_any_action_is_ok_with_one_client(self):
1074
for action, value in self.actions.items():
1075
args = self.actionargs(action, value, "client")
1076
self.parse_args(args)
1078
def test_one_client_with_all_actions_except_is_enabled(self):
1079
for action, value in self.actions.items():
1080
if action == "--is-enabled":
1082
args = self.actionargs(action, value, "client")
1083
self.parse_args(args)
1085
def test_two_clients_with_all_actions_except_is_enabled(self):
1086
for action, value in self.actions.items():
1087
if action == "--is-enabled":
1089
args = self.actionargs(action, value, "client1",
1091
self.parse_args(args)
1093
def test_two_clients_are_ok_with_actions_except_is_enabled(self):
1094
for action, value in self.actions.items():
1095
if action == "--is-enabled":
1097
args = self.actionargs(action, value, "client1",
1099
self.parse_args(args)
1101
def test_is_enabled_fails_without_client(self):
1102
args = ["--is-enabled"]
1103
with self.assertParseError():
1104
self.parse_args(args)
1106
def test_is_enabled_fails_with_two_clients(self):
1107
args = ["--is-enabled", "client1", "client2"]
1108
with self.assertParseError():
1109
self.parse_args(args)
1111
def test_remove_can_only_be_combined_with_action_deny(self):
1112
for action, value in self.actions.items():
1113
if action in {"--remove", "--deny"}:
1115
args = self.actionargs(action, value, "--all",
1117
with self.assertParseError():
1118
self.parse_args(args)
1121
class Test_dbus_exceptions(unittest.TestCase):
1123
def test_dbus_ConnectFailed_is_Error(self):
1124
with self.assertRaises(dbus.Error):
1125
raise dbus.ConnectFailed()
1128
class Test_dbus_MandosBus(unittest.TestCase):
1130
class MockMandosBus(dbus.MandosBus):
1132
self._name = "se.recompile.Mandos"
1133
self._server_path = "/"
1134
self._server_interface = "se.recompile.Mandos"
1135
self._client_interface = "se.recompile.Mandos.Client"
1137
self.call_method_return = Unique()
1139
def call_method(self, methodname, busname, objectpath,
1141
self.calls.append((methodname, busname, objectpath,
1143
return self.call_method_return
1146
self.bus = self.MockMandosBus()
1148
def test_set_client_property(self):
1149
self.bus.set_client_property("objectpath", "key", "value")
1150
expected_call = ("Set", self.bus._name, "objectpath",
1151
"org.freedesktop.DBus.Properties",
1152
(self.bus._client_interface, "key", "value"))
1153
self.assertIn(expected_call, self.bus.calls)
1155
def test_call_client_method(self):
1156
ret = self.bus.call_client_method("objectpath", "methodname")
1157
self.assertIs(self.bus.call_method_return, ret)
1158
expected_call = ("methodname", self.bus._name, "objectpath",
1159
self.bus._client_interface, ())
1160
self.assertIn(expected_call, self.bus.calls)
1162
def test_call_client_method_with_args(self):
1163
args = (Unique(), Unique())
1164
ret = self.bus.call_client_method("objectpath", "methodname",
1166
self.assertIs(self.bus.call_method_return, ret)
1167
expected_call = ("methodname", self.bus._name, "objectpath",
1168
self.bus._client_interface,
1170
self.assertIn(expected_call, self.bus.calls)
1172
def test_get_clients_and_properties(self):
1175
self.bus._client_interface: {
1179
"irrelevant_interface": {
1180
"key": "othervalue",
1184
"other_objectpath": {
1185
"other_irrelevant_interface": {
1191
expected_clients_and_properties = {
1197
self.bus.call_method_return = managed_objects
1198
ret = self.bus.get_clients_and_properties()
1199
self.assertDictEqual(expected_clients_and_properties, ret)
1200
expected_call = ("GetManagedObjects", self.bus._name,
1201
self.bus._server_path,
1202
"org.freedesktop.DBus.ObjectManager", ())
1203
self.assertIn(expected_call, self.bus.calls)
1205
def test_call_server_method(self):
1206
ret = self.bus.call_server_method("methodname")
1207
self.assertIs(self.bus.call_method_return, ret)
1208
expected_call = ("methodname", self.bus._name,
1209
self.bus._server_path,
1210
self.bus._server_interface, ())
1211
self.assertIn(expected_call, self.bus.calls)
1213
def test_call_server_method_with_args(self):
1214
args = (Unique(), Unique())
1215
ret = self.bus.call_server_method("methodname", *args)
1216
self.assertIs(self.bus.call_method_return, ret)
1217
expected_call = ("methodname", self.bus._name,
1218
self.bus._server_path,
1219
self.bus._server_interface,
1221
self.assertIn(expected_call, self.bus.calls)
1224
class Test_dbus_python_adapter_SystemBus(TestCaseWithAssertLogs):
1226
def MockDBusPython_func(self, func):
1227
class mock_dbus_python(object):
1228
"""mock dbus-python module"""
1229
class exceptions(object):
1230
"""Pseudo-namespace"""
1231
class DBusException(Exception):
1233
class SystemBus(object):
1235
def get_object(busname, objectpath):
1236
DBusObject = collections.namedtuple(
1237
"DBusObject", ("methodname",))
1238
def method(*args, **kwargs):
1239
self.assertEqual({"dbus_interface":
1243
return DBusObject(methodname=method)
1244
class Boolean(object):
1245
def __init__(self, value):
1246
self.value = bool(value)
1249
if sys.version_info.major == 2:
1250
__nonzero__ = __bool__
1251
class ObjectPath(str):
1253
class Dictionary(dict):
1255
return mock_dbus_python
1257
def call_method(self, bus, methodname, busname, objectpath,
1259
with self.assertLogs(log, logging.DEBUG):
1260
return bus.call_method(methodname, busname, objectpath,
1263
def test_call_method_returns(self):
1264
expected_method_return = Unique()
1265
method_args = (Unique(), Unique())
1267
self.assertEqual(len(method_args), len(args))
1268
for marg, arg in zip(method_args, args):
1269
self.assertIs(marg, arg)
1270
return expected_method_return
1271
mock_dbus_python = self.MockDBusPython_func(func)
1272
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1273
ret = self.call_method(bus, "methodname", "busname",
1274
"objectpath", "interface",
1276
self.assertIs(ret, expected_method_return)
1278
def test_call_method_filters_bool_true(self):
1280
return method_return
1281
mock_dbus_python = self.MockDBusPython_func(func)
1282
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1283
method_return = mock_dbus_python.Boolean(True)
1284
ret = self.call_method(bus, "methodname", "busname",
1285
"objectpath", "interface")
1286
self.assertTrue(ret)
1287
self.assertNotIsInstance(ret, mock_dbus_python.Boolean)
1289
def test_call_method_filters_bool_false(self):
1291
return method_return
1292
mock_dbus_python = self.MockDBusPython_func(func)
1293
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1294
method_return = mock_dbus_python.Boolean(False)
1295
ret = self.call_method(bus, "methodname", "busname",
1296
"objectpath", "interface")
1297
self.assertFalse(ret)
1298
self.assertNotIsInstance(ret, mock_dbus_python.Boolean)
1300
def test_call_method_filters_objectpath(self):
1302
return method_return
1303
mock_dbus_python = self.MockDBusPython_func(func)
1304
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1305
method_return = mock_dbus_python.ObjectPath("objectpath")
1306
ret = self.call_method(bus, "methodname", "busname",
1307
"objectpath", "interface")
1308
self.assertEqual("objectpath", ret)
1309
self.assertIsNot("objectpath", ret)
1310
self.assertNotIsInstance(ret, mock_dbus_python.ObjectPath)
1312
def test_call_method_filters_booleans_in_dict(self):
1314
return method_return
1315
mock_dbus_python = self.MockDBusPython_func(func)
1316
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1317
method_return = mock_dbus_python.Dictionary(
1318
{mock_dbus_python.Boolean(True):
1319
mock_dbus_python.Boolean(False),
1320
mock_dbus_python.Boolean(False):
1321
mock_dbus_python.Boolean(True)})
1322
ret = self.call_method(bus, "methodname", "busname",
1323
"objectpath", "interface")
1324
expected_method_return = {True: False,
1326
self.assertEqual(expected_method_return, ret)
1327
self.assertNotIsInstance(ret, mock_dbus_python.Dictionary)
1329
def test_call_method_filters_objectpaths_in_dict(self):
1331
return method_return
1332
mock_dbus_python = self.MockDBusPython_func(func)
1333
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1334
method_return = mock_dbus_python.Dictionary(
1335
{mock_dbus_python.ObjectPath("objectpath_key_1"):
1336
mock_dbus_python.ObjectPath("objectpath_value_1"),
1337
mock_dbus_python.ObjectPath("objectpath_key_2"):
1338
mock_dbus_python.ObjectPath("objectpath_value_2")})
1339
ret = self.call_method(bus, "methodname", "busname",
1340
"objectpath", "interface")
1341
expected_method_return = {str(key): str(value)
1343
method_return.items()}
1344
self.assertEqual(expected_method_return, ret)
1345
self.assertIsInstance(ret, dict)
1346
self.assertNotIsInstance(ret, mock_dbus_python.Dictionary)
1348
def test_call_method_filters_dict_in_dict(self):
1350
return method_return
1351
mock_dbus_python = self.MockDBusPython_func(func)
1352
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1353
method_return = mock_dbus_python.Dictionary(
1354
{"key1": mock_dbus_python.Dictionary({"key11": "value11",
1355
"key12": "value12"}),
1356
"key2": mock_dbus_python.Dictionary({"key21": "value21",
1357
"key22": "value22"})})
1358
ret = self.call_method(bus, "methodname", "busname",
1359
"objectpath", "interface")
1360
expected_method_return = {
1361
"key1": {"key11": "value11",
1362
"key12": "value12"},
1363
"key2": {"key21": "value21",
1364
"key22": "value22"},
1366
self.assertEqual(expected_method_return, ret)
1367
self.assertIsInstance(ret, dict)
1368
self.assertNotIsInstance(ret, mock_dbus_python.Dictionary)
1369
for key, value in ret.items():
1370
self.assertIsInstance(value, dict)
1371
self.assertEqual(expected_method_return[key], value)
1372
self.assertNotIsInstance(value,
1373
mock_dbus_python.Dictionary)
1375
def test_call_method_filters_dict_three_deep(self):
1377
return method_return
1378
mock_dbus_python = self.MockDBusPython_func(func)
1379
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1380
method_return = mock_dbus_python.Dictionary(
1382
mock_dbus_python.Dictionary(
1384
mock_dbus_python.Dictionary(
1386
mock_dbus_python.Boolean(True),
1390
ret = self.call_method(bus, "methodname", "busname",
1391
"objectpath", "interface")
1392
expected_method_return = {"key1": {"key2": {"key3": True}}}
1393
self.assertEqual(expected_method_return, ret)
1394
self.assertIsInstance(ret, dict)
1395
self.assertNotIsInstance(ret, mock_dbus_python.Dictionary)
1396
self.assertIsInstance(ret["key1"], dict)
1397
self.assertNotIsInstance(ret["key1"],
1398
mock_dbus_python.Dictionary)
1399
self.assertIsInstance(ret["key1"]["key2"], dict)
1400
self.assertNotIsInstance(ret["key1"]["key2"],
1401
mock_dbus_python.Dictionary)
1402
self.assertTrue(ret["key1"]["key2"]["key3"])
1403
self.assertNotIsInstance(ret["key1"]["key2"]["key3"],
1404
mock_dbus_python.Boolean)
1406
def test_call_method_handles_exception(self):
1407
dbus_logger = logging.getLogger("dbus.proxies")
1410
dbus_logger.error("Test")
1411
raise mock_dbus_python.exceptions.DBusException()
1413
mock_dbus_python = self.MockDBusPython_func(func)
1414
bus = dbus_python_adapter.SystemBus(mock_dbus_python)
1416
class CountingHandler(logging.Handler):
1418
def emit(self, record):
1421
counting_handler = CountingHandler()
1423
dbus_logger.addHandler(counting_handler)
1426
with self.assertRaises(dbus.Error) as e:
1427
self.call_method(bus, "methodname", "busname",
1428
"objectpath", "interface")
1430
dbus_logger.removeFilter(counting_handler)
1432
self.assertNotIsInstance(e, dbus.ConnectFailed)
1434
# Make sure the dbus logger was suppressed
1435
self.assertEqual(0, counting_handler.count)
1437
def test_get_object_converts_to_correct_exception(self):
1438
bus = dbus_python_adapter.SystemBus(
1439
self.fake_dbus_python_raises_exception_on_connect)
1440
with self.assertRaises(dbus.ConnectFailed):
1441
self.call_method(bus, "methodname", "busname",
1442
"objectpath", "interface")
1444
class fake_dbus_python_raises_exception_on_connect(object):
1445
"""fake dbus-python module"""
1446
class exceptions(object):
1447
"""Pseudo-namespace"""
1448
class DBusException(Exception):
1453
def get_object(busname, objectpath):
1454
raise cls.exceptions.DBusException()
1455
Bus = collections.namedtuple("Bus", ["get_object"])
1456
return Bus(get_object=get_object)
1459
class Test_dbus_python_adapter_CachingBus(unittest.TestCase):
1460
class mock_dbus_python(object):
1461
"""mock dbus-python modules"""
1462
class SystemBus(object):
1464
def get_object(busname, objectpath):
1468
self.bus = dbus_python_adapter.CachingBus(
1469
self.mock_dbus_python)
1471
def test_returns_distinct_objectpaths(self):
1472
obj1 = self.bus.get_object("busname", "objectpath1")
1473
self.assertIsInstance(obj1, Unique)
1474
obj2 = self.bus.get_object("busname", "objectpath2")
1475
self.assertIsInstance(obj2, Unique)
1476
self.assertIsNot(obj1, obj2)
1478
def test_returns_distinct_busnames(self):
1479
obj1 = self.bus.get_object("busname1", "objectpath")
1480
self.assertIsInstance(obj1, Unique)
1481
obj2 = self.bus.get_object("busname2", "objectpath")
1482
self.assertIsInstance(obj2, Unique)
1483
self.assertIsNot(obj1, obj2)
1485
def test_returns_distinct_both(self):
1486
obj1 = self.bus.get_object("busname1", "objectpath")
1487
self.assertIsInstance(obj1, Unique)
1488
obj2 = self.bus.get_object("busname2", "objectpath")
1489
self.assertIsInstance(obj2, Unique)
1490
self.assertIsNot(obj1, obj2)
1492
def test_returns_same(self):
1493
obj1 = self.bus.get_object("busname", "objectpath")
1494
self.assertIsInstance(obj1, Unique)
1495
obj2 = self.bus.get_object("busname", "objectpath")
1496
self.assertIsInstance(obj2, Unique)
1497
self.assertIs(obj1, obj2)
1499
def test_returns_same_old(self):
1500
obj1 = self.bus.get_object("busname1", "objectpath1")
1501
self.assertIsInstance(obj1, Unique)
1502
obj2 = self.bus.get_object("busname2", "objectpath2")
1503
self.assertIsInstance(obj2, Unique)
1504
obj1b = self.bus.get_object("busname1", "objectpath1")
1505
self.assertIsInstance(obj1b, Unique)
1506
self.assertIsNot(obj1, obj2)
1507
self.assertIsNot(obj2, obj1b)
1508
self.assertIs(obj1, obj1b)
1511
class Test_commands_from_options(unittest.TestCase):
1514
self.parser = argparse.ArgumentParser()
1515
add_command_line_options(self.parser)
1517
def test_is_enabled(self):
1518
self.assert_command_from_args(["--is-enabled", "client"],
1521
def assert_command_from_args(self, args, command_cls,
1523
"""Assert that parsing ARGS should result in an instance of
1524
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1525
options = self.parser.parse_args(args)
1526
check_option_syntax(self.parser, options)
1527
commands = commands_from_options(options)
1528
self.assertEqual(1, len(commands))
1529
command = commands[0]
1530
self.assertIsInstance(command, command_cls)
1531
for key, value in cmd_attrs.items():
1532
self.assertEqual(value, getattr(command, key))
1534
def test_is_enabled_short(self):
1535
self.assert_command_from_args(["-V", "client"],
1538
def test_approve(self):
1539
self.assert_command_from_args(["--approve", "client"],
1542
def test_approve_short(self):
1543
self.assert_command_from_args(["-A", "client"],
1546
def test_deny(self):
1547
self.assert_command_from_args(["--deny", "client"],
1550
def test_deny_short(self):
1551
self.assert_command_from_args(["-D", "client"], command.Deny)
1553
def test_remove(self):
1554
self.assert_command_from_args(["--remove", "client"],
1557
def test_deny_before_remove(self):
1558
options = self.parser.parse_args(["--deny", "--remove",
1560
check_option_syntax(self.parser, options)
1561
commands = commands_from_options(options)
1562
self.assertEqual(2, len(commands))
1563
self.assertIsInstance(commands[0], command.Deny)
1564
self.assertIsInstance(commands[1], command.Remove)
1566
def test_deny_before_remove_reversed(self):
1567
options = self.parser.parse_args(["--remove", "--deny",
1569
check_option_syntax(self.parser, options)
1570
commands = commands_from_options(options)
1571
self.assertEqual(2, len(commands))
1572
self.assertIsInstance(commands[0], command.Deny)
1573
self.assertIsInstance(commands[1], command.Remove)
1575
def test_remove_short(self):
1576
self.assert_command_from_args(["-r", "client"],
1579
def test_dump_json(self):
1580
self.assert_command_from_args(["--dump-json"],
1583
def test_enable(self):
1584
self.assert_command_from_args(["--enable", "client"],
1587
def test_enable_short(self):
1588
self.assert_command_from_args(["-e", "client"],
1591
def test_disable(self):
1592
self.assert_command_from_args(["--disable", "client"],
1595
def test_disable_short(self):
1596
self.assert_command_from_args(["-d", "client"],
1599
def test_bump_timeout(self):
1600
self.assert_command_from_args(["--bump-timeout", "client"],
1601
command.BumpTimeout)
1603
def test_bump_timeout_short(self):
1604
self.assert_command_from_args(["-b", "client"],
1605
command.BumpTimeout)
1607
def test_start_checker(self):
1608
self.assert_command_from_args(["--start-checker", "client"],
1609
command.StartChecker)
1611
def test_stop_checker(self):
1612
self.assert_command_from_args(["--stop-checker", "client"],
1613
command.StopChecker)
1615
def test_approve_by_default(self):
1616
self.assert_command_from_args(["--approve-by-default",
1618
command.ApproveByDefault)
1620
def test_deny_by_default(self):
1621
self.assert_command_from_args(["--deny-by-default", "client"],
1622
command.DenyByDefault)
1624
def test_checker(self):
1625
self.assert_command_from_args(["--checker", ":", "client"],
1629
def test_checker_empty(self):
1630
self.assert_command_from_args(["--checker", "", "client"],
1634
def test_checker_short(self):
1635
self.assert_command_from_args(["-c", ":", "client"],
1639
def test_host(self):
1640
self.assert_command_from_args(
1641
["--host", "client.example.org", "client"],
1642
command.SetHost, value_to_set="client.example.org")
1644
def test_host_short(self):
1645
self.assert_command_from_args(
1646
["-H", "client.example.org", "client"], command.SetHost,
1647
value_to_set="client.example.org")
1649
def test_secret_devnull(self):
1650
self.assert_command_from_args(["--secret", os.path.devnull,
1651
"client"], command.SetSecret,
1654
def test_secret_tempfile(self):
1655
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1656
value = b"secret\0xyzzy\nbar"
1659
self.assert_command_from_args(["--secret", f.name,
1664
def test_secret_devnull_short(self):
1665
self.assert_command_from_args(["-s", os.path.devnull,
1666
"client"], command.SetSecret,
1669
def test_secret_tempfile_short(self):
1670
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1671
value = b"secret\0xyzzy\nbar"
1674
self.assert_command_from_args(["-s", f.name, "client"],
1678
def test_timeout(self):
1679
self.assert_command_from_args(["--timeout", "PT5M", "client"],
1681
value_to_set=300000)
1683
def test_timeout_short(self):
1684
self.assert_command_from_args(["-t", "PT5M", "client"],
1686
value_to_set=300000)
1688
def test_extended_timeout(self):
1689
self.assert_command_from_args(["--extended-timeout", "PT15M",
1691
command.SetExtendedTimeout,
1692
value_to_set=900000)
1694
def test_interval(self):
1695
self.assert_command_from_args(["--interval", "PT2M",
1696
"client"], command.SetInterval,
1697
value_to_set=120000)
1699
def test_interval_short(self):
1700
self.assert_command_from_args(["-i", "PT2M", "client"],
1701
command.SetInterval,
1702
value_to_set=120000)
1704
def test_approval_delay(self):
1705
self.assert_command_from_args(["--approval-delay", "PT30S",
1707
command.SetApprovalDelay,
1710
def test_approval_duration(self):
1711
self.assert_command_from_args(["--approval-duration", "PT1S",
1713
command.SetApprovalDuration,
1716
def test_print_table(self):
1717
self.assert_command_from_args([], command.PrintTable,
1720
def test_print_table_verbose(self):
1721
self.assert_command_from_args(["--verbose"],
1725
def test_print_table_verbose_short(self):
1726
self.assert_command_from_args(["-v"], command.PrintTable,
1730
class TestCommand(unittest.TestCase):
1731
"""Abstract class for tests of command classes"""
1733
class FakeMandosBus(dbus.MandosBus):
1734
def __init__(self, testcase):
1735
self.client_properties = {
1737
"KeyID": ("92ed150794387c03ce684574b1139a65"
1738
"94a34f895daaaf09fd8ea90a27cddb12"),
1739
"Secret": b"secret",
1740
"Host": "foo.example.org",
1743
"LastCheckedOK": "2019-02-03T00:00:00",
1744
"Created": "2019-01-02T00:00:00",
1746
"Fingerprint": ("778827225BA7DE539C5A"
1747
"7CFA59CFF7CDBD9A5920"),
1748
"CheckerRunning": False,
1749
"LastEnabled": "2019-01-03T00:00:00",
1750
"ApprovalPending": False,
1751
"ApprovedByDefault": True,
1752
"LastApprovalRequest": "",
1754
"ApprovalDuration": 1000,
1755
"Checker": "fping -q -- %(host)s",
1756
"ExtendedTimeout": 900000,
1757
"Expires": "2019-02-04T00:00:00",
1758
"LastCheckerStatus": 0,
1760
self.other_client_properties = {
1762
"KeyID": ("0558568eedd67d622f5c83b35a115f79"
1763
"6ab612cff5ad227247e46c2b020f441c"),
1764
"Secret": b"secretbar",
1765
"Host": "192.0.2.3",
1768
"LastCheckedOK": "2019-02-04T00:00:00",
1769
"Created": "2019-01-03T00:00:00",
1771
"Fingerprint": ("3E393AEAEFB84C7E89E2"
1772
"F547B3A107558FCA3A27"),
1773
"CheckerRunning": True,
1774
"LastEnabled": "2019-01-04T00:00:00",
1775
"ApprovalPending": False,
1776
"ApprovedByDefault": False,
1777
"LastApprovalRequest": "2019-01-03T00:00:00",
1778
"ApprovalDelay": 30000,
1779
"ApprovalDuration": 93785000,
1781
"ExtendedTimeout": 900000,
1782
"Expires": "2019-02-05T00:00:00",
1783
"LastCheckerStatus": -2,
1785
self.clients = collections.OrderedDict(
1787
("client_objectpath", self.client_properties),
1788
("other_client_objectpath",
1789
self.other_client_properties),
1791
self.one_client = {"client_objectpath":
1792
self.client_properties}
1793
self.testcase = testcase
1796
def call_method(self, methodname, busname, objectpath,
1798
self.testcase.assertEqual("se.recompile.Mandos", busname)
1799
self.calls.append((methodname, busname, objectpath,
1801
if interface == "org.freedesktop.DBus.Properties":
1802
if methodname == "Set":
1803
self.testcase.assertEqual(3, len(args))
1804
interface, key, value = args
1805
self.testcase.assertEqual(
1806
"se.recompile.Mandos.Client", interface)
1807
self.clients[objectpath][key] = value
1809
elif interface == "se.recompile.Mandos":
1810
self.testcase.assertEqual("RemoveClient", methodname)
1811
self.testcase.assertEqual(1, len(args))
1812
clientpath = args[0]
1813
del self.clients[clientpath]
1815
elif interface == "se.recompile.Mandos.Client":
1816
if methodname == "Approve":
1817
self.testcase.assertEqual(1, len(args))
1822
self.bus = self.FakeMandosBus(self)
1825
class TestBaseCommands(TestCommand):
1827
def test_IsEnabled_exits_successfully(self):
1828
with self.assertRaises(SystemExit) as e:
1829
command.IsEnabled().run(self.bus.one_client)
1830
if e.exception.code is not None:
1831
self.assertEqual(0, e.exception.code)
1833
self.assertIsNone(e.exception.code)
1835
def test_IsEnabled_exits_with_failure(self):
1836
self.bus.client_properties["Enabled"] = False
1837
with self.assertRaises(SystemExit) as e:
1838
command.IsEnabled().run(self.bus.one_client)
1839
if isinstance(e.exception.code, int):
1840
self.assertNotEqual(0, e.exception.code)
1842
self.assertIsNotNone(e.exception.code)
1844
def test_Approve(self):
1845
busname = "se.recompile.Mandos"
1846
client_interface = "se.recompile.Mandos.Client"
1847
command.Approve().run(self.bus.clients, self.bus)
1848
for clientpath in self.bus.clients:
1849
self.assertIn(("Approve", busname, clientpath,
1850
client_interface, (True,)), self.bus.calls)
1852
def test_Deny(self):
1853
busname = "se.recompile.Mandos"
1854
client_interface = "se.recompile.Mandos.Client"
1855
command.Deny().run(self.bus.clients, self.bus)
1856
for clientpath in self.bus.clients:
1857
self.assertIn(("Approve", busname, clientpath,
1858
client_interface, (False,)),
1861
def test_Remove(self):
1862
command.Remove().run(self.bus.clients, self.bus)
1863
for clientpath in self.bus.clients:
1864
self.assertIn(("RemoveClient", dbus_busname,
1865
dbus_server_path, dbus_server_interface,
1866
(clientpath,)), self.bus.calls)
1871
"KeyID": ("92ed150794387c03ce684574b1139a65"
1872
"94a34f895daaaf09fd8ea90a27cddb12"),
1873
"Host": "foo.example.org",
1876
"LastCheckedOK": "2019-02-03T00:00:00",
1877
"Created": "2019-01-02T00:00:00",
1879
"Fingerprint": ("778827225BA7DE539C5A"
1880
"7CFA59CFF7CDBD9A5920"),
1881
"CheckerRunning": False,
1882
"LastEnabled": "2019-01-03T00:00:00",
1883
"ApprovalPending": False,
1884
"ApprovedByDefault": True,
1885
"LastApprovalRequest": "",
1887
"ApprovalDuration": 1000,
1888
"Checker": "fping -q -- %(host)s",
1889
"ExtendedTimeout": 900000,
1890
"Expires": "2019-02-04T00:00:00",
1891
"LastCheckerStatus": 0,
1895
"KeyID": ("0558568eedd67d622f5c83b35a115f79"
1896
"6ab612cff5ad227247e46c2b020f441c"),
1897
"Host": "192.0.2.3",
1900
"LastCheckedOK": "2019-02-04T00:00:00",
1901
"Created": "2019-01-03T00:00:00",
1903
"Fingerprint": ("3E393AEAEFB84C7E89E2"
1904
"F547B3A107558FCA3A27"),
1905
"CheckerRunning": True,
1906
"LastEnabled": "2019-01-04T00:00:00",
1907
"ApprovalPending": False,
1908
"ApprovedByDefault": False,
1909
"LastApprovalRequest": "2019-01-03T00:00:00",
1910
"ApprovalDelay": 30000,
1911
"ApprovalDuration": 93785000,
1913
"ExtendedTimeout": 900000,
1914
"Expires": "2019-02-05T00:00:00",
1915
"LastCheckerStatus": -2,
1919
def test_DumpJSON_normal(self):
1920
with self.capture_stdout_to_buffer() as buffer:
1921
command.DumpJSON().run(self.bus.clients)
1922
json_data = json.loads(buffer.getvalue())
1923
self.assertDictEqual(self.expected_json, json_data)
1926
@contextlib.contextmanager
1927
def capture_stdout_to_buffer():
1928
capture_buffer = io.StringIO()
1929
old_stdout = sys.stdout
1930
sys.stdout = capture_buffer
1932
yield capture_buffer
1934
sys.stdout = old_stdout
1936
def test_DumpJSON_one_client(self):
1937
with self.capture_stdout_to_buffer() as buffer:
1938
command.DumpJSON().run(self.bus.one_client)
1939
json_data = json.loads(buffer.getvalue())
1940
expected_json = {"foo": self.expected_json["foo"]}
1941
self.assertDictEqual(expected_json, json_data)
1943
def test_PrintTable_normal(self):
1944
with self.capture_stdout_to_buffer() as buffer:
1945
command.PrintTable().run(self.bus.clients)
1946
expected_output = "\n".join((
1947
"Name Enabled Timeout Last Successful Check",
1948
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
1949
"barbar Yes 00:05:00 2019-02-04T00:00:00 ",
1951
self.assertEqual(expected_output, buffer.getvalue())
1953
def test_PrintTable_verbose(self):
1954
with self.capture_stdout_to_buffer() as buffer:
1955
command.PrintTable(verbose=True).run(self.bus.clients)
1970
"Last Successful Check ",
1971
"2019-02-03T00:00:00 ",
1972
"2019-02-04T00:00:00 ",
1975
"2019-01-02T00:00:00 ",
1976
"2019-01-03T00:00:00 ",
1988
("92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8"
1990
("0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e"
1994
"778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 ",
1995
"3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 ",
1997
"Check Is Running ",
2002
"2019-01-03T00:00:00 ",
2003
"2019-01-04T00:00:00 ",
2005
"Approval Is Pending ",
2009
"Approved By Default ",
2013
"Last Approval Request ",
2015
"2019-01-03T00:00:00 ",
2021
"Approval Duration ",
2026
"fping -q -- %(host)s ",
2029
"Extended Timeout ",
2034
"2019-02-04T00:00:00 ",
2035
"2019-02-05T00:00:00 ",
2037
"Last Checker Status",
2042
num_lines = max(len(rows) for rows in columns)
2043
expected_output = ("\n".join("".join(rows[line]
2044
for rows in columns)
2045
for line in range(num_lines))
2047
self.assertEqual(expected_output, buffer.getvalue())
2049
def test_PrintTable_one_client(self):
2050
with self.capture_stdout_to_buffer() as buffer:
2051
command.PrintTable().run(self.bus.one_client)
2052
expected_output = "\n".join((
2053
"Name Enabled Timeout Last Successful Check",
2054
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
2056
self.assertEqual(expected_output, buffer.getvalue())
2059
class TestPropertySetterCmd(TestCommand):
2060
"""Abstract class for tests of command.PropertySetter classes"""
2063
if not hasattr(self, "command"):
2064
return # Abstract TestCase class
2066
if hasattr(self, "values_to_set"):
2067
cmd_args = [(value,) for value in self.values_to_set]
2068
values_to_get = getattr(self, "values_to_get",
2071
cmd_args = [() for x in range(len(self.values_to_get))]
2072
values_to_get = self.values_to_get
2073
for value_to_get, cmd_arg in zip(values_to_get, cmd_args):
2074
for clientpath in self.bus.clients:
2075
self.bus.clients[clientpath][self.propname] = (
2077
self.command(*cmd_arg).run(self.bus.clients, self.bus)
2078
for clientpath in self.bus.clients:
2079
value = (self.bus.clients[clientpath]
2081
self.assertNotIsInstance(value, Unique)
2082
self.assertEqual(value_to_get, value)
2085
class TestEnableCmd(TestPropertySetterCmd):
2086
command = command.Enable
2087
propname = "Enabled"
2088
values_to_get = [True]
2091
class TestDisableCmd(TestPropertySetterCmd):
2092
command = command.Disable
2093
propname = "Enabled"
2094
values_to_get = [False]
2097
class TestBumpTimeoutCmd(TestPropertySetterCmd):
2098
command = command.BumpTimeout
2099
propname = "LastCheckedOK"
2100
values_to_get = [""]
2103
class TestStartCheckerCmd(TestPropertySetterCmd):
2104
command = command.StartChecker
2105
propname = "CheckerRunning"
2106
values_to_get = [True]
2109
class TestStopCheckerCmd(TestPropertySetterCmd):
2110
command = command.StopChecker
2111
propname = "CheckerRunning"
2112
values_to_get = [False]
2115
class TestApproveByDefaultCmd(TestPropertySetterCmd):
2116
command = command.ApproveByDefault
2117
propname = "ApprovedByDefault"
2118
values_to_get = [True]
2121
class TestDenyByDefaultCmd(TestPropertySetterCmd):
2122
command = command.DenyByDefault
2123
propname = "ApprovedByDefault"
2124
values_to_get = [False]
2127
class TestSetCheckerCmd(TestPropertySetterCmd):
2128
command = command.SetChecker
2129
propname = "Checker"
2130
values_to_set = ["", ":", "fping -q -- %s"]
2133
class TestSetHostCmd(TestPropertySetterCmd):
2134
command = command.SetHost
2136
values_to_set = ["192.0.2.3", "client.example.org"]
2139
class TestSetSecretCmd(TestPropertySetterCmd):
2140
command = command.SetSecret
2142
values_to_set = [io.BytesIO(b""),
2143
io.BytesIO(b"secret\0xyzzy\nbar")]
2144
values_to_get = [f.getvalue() for f in values_to_set]
2147
class TestSetTimeoutCmd(TestPropertySetterCmd):
2148
command = command.SetTimeout
2149
propname = "Timeout"
2150
values_to_set = [datetime.timedelta(),
2151
datetime.timedelta(minutes=5),
2152
datetime.timedelta(seconds=1),
2153
datetime.timedelta(weeks=1),
2154
datetime.timedelta(weeks=52)]
2155
values_to_get = [dt.total_seconds()*1000 for dt in values_to_set]
2158
class TestSetExtendedTimeoutCmd(TestPropertySetterCmd):
2159
command = command.SetExtendedTimeout
2160
propname = "ExtendedTimeout"
2161
values_to_set = [datetime.timedelta(),
2162
datetime.timedelta(minutes=5),
2163
datetime.timedelta(seconds=1),
2164
datetime.timedelta(weeks=1),
2165
datetime.timedelta(weeks=52)]
2166
values_to_get = [dt.total_seconds()*1000 for dt in values_to_set]
2169
class TestSetIntervalCmd(TestPropertySetterCmd):
2170
command = command.SetInterval
2171
propname = "Interval"
2172
values_to_set = [datetime.timedelta(),
2173
datetime.timedelta(minutes=5),
2174
datetime.timedelta(seconds=1),
2175
datetime.timedelta(weeks=1),
2176
datetime.timedelta(weeks=52)]
2177
values_to_get = [dt.total_seconds()*1000 for dt in values_to_set]
2180
class TestSetApprovalDelayCmd(TestPropertySetterCmd):
2181
command = command.SetApprovalDelay
2182
propname = "ApprovalDelay"
2183
values_to_set = [datetime.timedelta(),
2184
datetime.timedelta(minutes=5),
2185
datetime.timedelta(seconds=1),
2186
datetime.timedelta(weeks=1),
2187
datetime.timedelta(weeks=52)]
2188
values_to_get = [dt.total_seconds()*1000 for dt in values_to_set]
2191
class TestSetApprovalDurationCmd(TestPropertySetterCmd):
2192
command = command.SetApprovalDuration
2193
propname = "ApprovalDuration"
2194
values_to_set = [datetime.timedelta(),
2195
datetime.timedelta(minutes=5),
2196
datetime.timedelta(seconds=1),
2197
datetime.timedelta(weeks=1),
2198
datetime.timedelta(weeks=52)]
2199
values_to_get = [dt.total_seconds()*1000 for dt in values_to_set]
575
self.assertEqual(value, datetime.timedelta(0, 7200))
577
class Test_table_rows_of_clients(unittest.TestCase):
580
self.old_tablewords = tablewords
585
"Bool": "A D-BUS Boolean",
586
"NonDbusBoolean": "A Non-D-BUS Boolean",
587
"Integer": "An Integer",
588
"Timeout": "Timedelta 1",
589
"Interval": "Timedelta 2",
590
"ApprovalDelay": "Timedelta 3",
591
"ApprovalDuration": "Timedelta 4",
592
"ExtendedTimeout": "Timedelta 5",
593
"String": "A String",
595
self.keywords = ["Attr1", "AttrTwo"]
601
"Bool": dbus.Boolean(False),
602
"NonDbusBoolean": False,
606
"ApprovalDelay": 2000,
607
"ApprovalDuration": 3000,
608
"ExtendedTimeout": 4000,
615
"Bool": dbus.Boolean(True),
616
"NonDbusBoolean": True,
619
"Interval": 93786000,
620
"ApprovalDelay": 93787000,
621
"ApprovalDuration": 93788000,
622
"ExtendedTimeout": 93789000,
623
"String": "A huge string which will not fit," * 10,
628
tablewords = self.old_tablewords
629
def test_short_header(self):
630
rows = table_rows_of_clients(self.clients, self.keywords)
635
self.assertEqual(rows, expected_rows)
636
def test_booleans(self):
637
keywords = ["Bool", "NonDbusBoolean"]
638
rows = table_rows_of_clients(self.clients, keywords)
640
"A D-BUS Boolean A Non-D-BUS Boolean",
644
self.assertEqual(rows, expected_rows)
645
def test_milliseconds_detection(self):
646
keywords = ["Integer", "Timeout", "Interval", "ApprovalDelay",
647
"ApprovalDuration", "ExtendedTimeout"]
648
rows = table_rows_of_clients(self.clients, keywords)
650
An Integer Timedelta 1 Timedelta 2 Timedelta 3 Timedelta 4 Timedelta 5
651
0 00:00:00 00:00:01 00:00:02 00:00:03 00:00:04
652
1 1T02:03:05 1T02:03:06 1T02:03:07 1T02:03:08 1T02:03:09
655
self.assertEqual(rows, expected_rows)
656
def test_empty_and_long_string_values(self):
657
keywords = ["String"]
658
rows = table_rows_of_clients(self.clients, keywords)
662
A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,
665
self.assertEqual(rows, expected_rows)