2006-08-23 15:27:25 +02:00
|
|
|
#!/usr/bin/env python2.4
|
|
|
|
|
2006-08-22 06:29:53 +02:00
|
|
|
import unittest
|
2006-08-25 09:37:52 +02:00
|
|
|
import sys
|
2006-08-27 10:38:48 +02:00
|
|
|
from CryptoBox import *
|
2006-08-22 06:29:53 +02:00
|
|
|
|
|
|
|
class CryptoBoxPropsDeviceTests(unittest.TestCase):
|
|
|
|
import CryptoBox
|
|
|
|
cb = CryptoBox.CryptoBoxProps()
|
|
|
|
|
|
|
|
def testAllowedDevices(self):
|
|
|
|
'''isDeviceAllowed should accept permitted devices'''
|
|
|
|
self.assertTrue(self.cb.isDeviceAllowed("/dev/loop"))
|
|
|
|
self.assertTrue(self.cb.isDeviceAllowed("/dev/loop1"))
|
|
|
|
self.assertTrue(self.cb.isDeviceAllowed("/dev/loop/urgd"))
|
|
|
|
self.assertTrue(self.cb.isDeviceAllowed("/dev/usb/../loop1"))
|
|
|
|
|
|
|
|
def testDeniedDevices(self):
|
2006-08-24 09:36:47 +02:00
|
|
|
'''isDeviceAllowed should fail with not explicitly allowed devices'''
|
2006-08-22 06:29:53 +02:00
|
|
|
self.assertFalse(self.cb.isDeviceAllowed("/dev/hda"))
|
|
|
|
self.assertFalse(self.cb.isDeviceAllowed("/dev/loopa/../hda"))
|
|
|
|
self.assertFalse(self.cb.isDeviceAllowed("/"))
|
|
|
|
|
|
|
|
|
|
|
|
class CryptoBoxPropsConfigTests(unittest.TestCase):
|
|
|
|
'''test here if everything with the config turns right'''
|
|
|
|
import os
|
|
|
|
import CryptoBox
|
|
|
|
|
2006-08-24 09:36:47 +02:00
|
|
|
files = {
|
|
|
|
"configFileOK" : "cbox-test_ok.conf",
|
|
|
|
"configFileBroken" : "cbox-test_broken.conf",
|
|
|
|
"nameDBFile" : "cryptobox_names.db",
|
|
|
|
"logFile" : "cryptobox.log",
|
|
|
|
"tmpdir" : "cryptobox-mnt" }
|
2006-08-22 06:29:53 +02:00
|
|
|
tmpdirname = ""
|
|
|
|
filenames = {}
|
2006-08-24 09:36:47 +02:00
|
|
|
configContentOK = """
|
2006-08-25 09:37:52 +02:00
|
|
|
[Main]
|
|
|
|
AllowedDevices = /dev/loop
|
|
|
|
DefaultVolumePrefix = "Data "
|
|
|
|
DefaultCipher = aes-cbc-essiv:sha256
|
2006-08-27 10:38:48 +02:00
|
|
|
[Locations]
|
|
|
|
NameDatabase = %s/cryptobox_names.db
|
|
|
|
MountParentDir = %s
|
|
|
|
TemplateDir = ../templates
|
|
|
|
LangDir = ../lang
|
|
|
|
DocDir = ../doc/html
|
2006-08-25 09:37:52 +02:00
|
|
|
[Log]
|
|
|
|
Level = debug
|
|
|
|
Destination = file
|
|
|
|
Details = %s/cryptobox.log
|
|
|
|
[Programs]
|
|
|
|
blkid = /sbin/blkid
|
|
|
|
cryptsetup = /sbin/cryptsetup
|
|
|
|
super = /usr/bin/super
|
|
|
|
CryptoBoxRootActions = CryptoBoxRootActions
|
|
|
|
"""
|
|
|
|
|
2006-08-24 09:36:47 +02:00
|
|
|
|
2006-08-22 06:29:53 +02:00
|
|
|
def setUp(self):
|
|
|
|
'''generate all files in tmp and remember the names'''
|
2006-08-24 09:36:47 +02:00
|
|
|
import tempfile
|
2006-08-22 06:29:53 +02:00
|
|
|
os = self.os
|
2006-08-24 09:36:47 +02:00
|
|
|
self.tmpdirname = tempfile.mkdtemp(prefix="cbox-")
|
2006-08-22 06:29:53 +02:00
|
|
|
for file in self.files.keys():
|
2006-08-24 09:36:47 +02:00
|
|
|
self.filenames[file] = os.path.join(self.tmpdirname, self.files[file])
|
2006-08-25 09:37:52 +02:00
|
|
|
self.writeConfig()
|
2006-08-24 09:36:47 +02:00
|
|
|
|
2006-08-22 06:29:53 +02:00
|
|
|
|
|
|
|
def tearDown(self):
|
|
|
|
'''remove the created tmpfiles'''
|
|
|
|
os = self.os
|
2006-08-24 09:36:47 +02:00
|
|
|
# remove temp files
|
2006-08-22 06:29:53 +02:00
|
|
|
for file in self.filenames.values():
|
2006-09-05 17:03:16 +02:00
|
|
|
compl_name = os.path.join(self.tmpdirname, file)
|
|
|
|
if os.path.exists(compl_name):
|
|
|
|
os.remove(compl_name)
|
2006-08-24 09:36:47 +02:00
|
|
|
# remove temp dir
|
|
|
|
os.rmdir(self.tmpdirname)
|
|
|
|
|
2006-08-22 06:29:53 +02:00
|
|
|
|
2006-08-24 09:36:47 +02:00
|
|
|
def testConfigInit(self):
|
|
|
|
'''Check various branches of config file loading'''
|
2006-08-25 09:37:52 +02:00
|
|
|
import os
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBConfigUnavailableError, self.CryptoBox.CryptoBoxProps,"/invalid/path/to/config/file")
|
|
|
|
self.assertRaises(CBConfigUnavailableError, self.CryptoBox.CryptoBoxProps,"/etc/shadow")
|
2006-09-05 17:03:16 +02:00
|
|
|
""" check one of the following things:
|
|
|
|
1) are we successfully using an existing config file?
|
|
|
|
2) do we break, if no config file is there?
|
|
|
|
depending on the existence of a config file, only one of these conditions
|
|
|
|
can be checked - hints for more comprehensive tests are appreciated :) """
|
2006-08-25 09:37:52 +02:00
|
|
|
for a in self.CryptoBox.CONF_LOCATIONS:
|
2006-09-05 17:03:16 +02:00
|
|
|
if os.path.exists(a):
|
2006-08-30 21:56:37 +02:00
|
|
|
self.CryptoBox.CryptoBoxProps()
|
2006-09-05 17:03:16 +02:00
|
|
|
break # this skips the 'else' clause
|
|
|
|
else: self.assertRaises(CBConfigUnavailableError, self.CryptoBox.CryptoBoxProps)
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBConfigUnavailableError, self.CryptoBox.CryptoBoxProps,[])
|
2006-08-25 09:37:52 +02:00
|
|
|
|
|
|
|
def testBrokenConfigs(self):
|
|
|
|
"""Check various broken configurations"""
|
|
|
|
self.writeConfig("NameDatabase", "#out", filename=self.filenames["configFileBroken"])
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBConfigUndefinedError, self.CryptoBox.CryptoBoxProps,self.filenames["configFileBroken"])
|
2006-08-25 09:37:52 +02:00
|
|
|
self.writeConfig("Level", "#out", filename=self.filenames["configFileBroken"])
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBConfigUndefinedError, self.CryptoBox.CryptoBoxProps,self.filenames["configFileBroken"])
|
2006-08-25 09:37:52 +02:00
|
|
|
self.writeConfig("Details", "#out", filename=self.filenames["configFileBroken"])
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBConfigUndefinedError, self.CryptoBox.CryptoBoxProps,self.filenames["configFileBroken"])
|
2006-08-25 09:37:52 +02:00
|
|
|
self.writeConfig("super", "super=/bin/invalid/no", filename=self.filenames["configFileBroken"])
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBEnvironmentError, self.CryptoBox.CryptoBoxProps,self.filenames["configFileBroken"])
|
2006-08-25 09:37:52 +02:00
|
|
|
self.writeConfig("CryptoBoxRootActions", "#not here", filename=self.filenames["configFileBroken"])
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBConfigUndefinedError, self.CryptoBox.CryptoBoxProps,self.filenames["configFileBroken"])
|
2006-08-25 09:37:52 +02:00
|
|
|
self.writeConfig("CryptoBoxRootActions", "CryptoBoxRootActions = /bin/false", filename=self.filenames["configFileBroken"])
|
2006-08-27 10:38:48 +02:00
|
|
|
self.assertRaises(CBEnvironmentError, self.CryptoBox.CryptoBoxProps,self.filenames["configFileBroken"])
|
2006-08-25 09:37:52 +02:00
|
|
|
|
|
|
|
|
|
|
|
def writeConfig(self, replace=None, newline=None, filename=None):
|
|
|
|
"""write a config file and (optional) replace a line in it"""
|
|
|
|
import re
|
|
|
|
if not filename: filename = self.filenames["configFileOK"]
|
|
|
|
content = self.configContentOK % (self.tmpdirname, self.tmpdirname, self.tmpdirname)
|
|
|
|
if replace:
|
|
|
|
pattern = re.compile('^' + replace + '\\s*=.*$', flags=re.M)
|
|
|
|
content = re.sub(pattern, newline, content)
|
|
|
|
cf = open(filename, "w")
|
|
|
|
cf.write(content)
|
|
|
|
cf.close()
|
2006-08-22 06:29:53 +02:00
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
unittest.main()
|