Skip to content

S
slapos.toolbox
Commit 0157edfb authored by Łukasz Nowak's avatar Łukasz Nowak
Browse files
Options

check_surykatka_json: Implement whois checks 

Also improve tests to minimize assertions and make them more readable.
parent 48726608
Hide whitespace changes
Inline Side-by-side
Showing with 246 additions and 153 deletions
slapos/promise/plugin/check_surykatka_json.py
View file @ 0157edfb
...@@ -29,7 +29,8 @@ class RunPromise(GenericPromise): ...@@ -29,7 +29,8 @@ class RunPromise(GenericPromise):
self.getConfig('failure-amount', self.getConfig('failure_amount', 1))) self.getConfig('failure-amount', self.getConfig('failure_amount', 1)))
self.enabled_sense_list = self.getConfig( self.enabled_sense_list = self.getConfig(
'enabled-sense-list', 'enabled-sense-list',
'dns_query tcp_server http_query ssl_certificate elapsed_time').split() 'dns_query whois tcp_server http_query ssl_certificate'
' elapsed_time').split()
self.result_count = self.failure_amount self.result_count = self.failure_amount
self.error = False self.error = False
self.message_list = [] self.message_list = []
...@@ -260,6 +261,63 @@ class RunPromise(GenericPromise): ...@@ -260,6 +261,63 @@ class RunPromise(GenericPromise):
else: else:
self.appendError('IP %s:%s' % (ip, port)) self.appendError('IP %s:%s' % (ip, port))
def senseWhois(self):
key = 'whois'
self.appendMessage('%s:' % (key, ))
url = self.getConfig('url')
parsed_url = urlparse(url)
hostname = parsed_url.netloc
if not hostname:
self.appendError('url is incorrect')
return
domain_expiration_days = self.getConfig(
'domain-expiration-days', '30')
try:
domain_expiration_days = int(domain_expiration_days)
except ValueError:
self.appendError(
'domain-expiration-days %r is incorrect' % (
self.getConfig('domain-expiration-days')))
return
if key not in self.surykatka_json:
self.appendError("%r not in %r" % (key, self.json_file))
return
def checkHostnameDomain(hostname, domain):
if hostname == domain:
return True
elif hostname.endswith('.' + domain):
return True
return False
entry_list = [
q for q in self.surykatka_json[key]
if checkHostnameDomain(hostname, q['domain'])]
if len(entry_list) == 0:
self.appendError('No data')
return
if len(entry_list) > 1:
self.appendError('Bad data')
return
entry = entry_list[0]
expiration_date = entry['expiration_date']
if expiration_date is None:
self.appendError('Expiration date not avaliable')
timetuple = email.utils.parsedate(expiration_date)
if timetuple is None:
self.appendError("Can't parse date %s" % (expiration_date,))
domain_expiration_time = datetime.datetime.fromtimestamp(
time.mktime(timetuple))
if domain_expiration_time - datetime.timedelta(
days=domain_expiration_days) < self.utcnow:
self.appendError(
'%s expires in < %s days' % (entry['domain'], domain_expiration_days,))
else:
self.appendOk(
'%s expires in > %s days' % (entry['domain'], domain_expiration_days,))
def senseElapsedTime(self): def senseElapsedTime(self):
key = 'elapsed_time' key = 'elapsed_time'
self.appendMessage('%s:' % (key, )) self.appendMessage('%s:' % (key, ))
...@@ -322,6 +380,7 @@ class RunPromise(GenericPromise): ...@@ -322,6 +380,7 @@ class RunPromise(GenericPromise):
elif report == 'http_query': elif report == 'http_query':
for check_name, check_method in [ for check_name, check_method in [
('dns_query', self.senseDnsQuery), ('dns_query', self.senseDnsQuery),
('whois', self.senseWhois),
('tcp_server', self.senseTcpServer), ('tcp_server', self.senseTcpServer),
('http_query', self.senseHttpQuery), ('http_query', self.senseHttpQuery),
('ssl_certificate', self.senseSslCertificate), ('ssl_certificate', self.senseSslCertificate),
......
slapos/test/promise/plugin/test_check_surykatka_json.py
View file @ 0157edfb
...@@ -24,11 +24,13 @@ class CheckSurykatkaJSONMixin(TestPromisePluginMixin): ...@@ -24,11 +24,13 @@ class CheckSurykatkaJSONMixin(TestPromisePluginMixin):
day = 24 * 3600 day = 24 * 3600
create_date = email.utils.formatdate create_date = email.utils.formatdate
self.time_past14d = create_date(now - 14 * day) self.time_past14d = create_date(now - 14 * day)
self.time_past29d = create_date(now - 29 * day)
self.time_past20m = create_date(now - 20 * minute) self.time_past20m = create_date(now - 20 * minute)
self.time_past2m = create_date(now - 2 * minute) self.time_past2m = create_date(now - 2 * minute)
self.time_future20m = create_date(now + 20 * minute) self.time_future20m = create_date(now + 20 * minute)
self.time_future3d = create_date(now + 3 * day) self.time_future3d = create_date(now + 3 * day)
self.time_future14d = create_date(now + 14 * day) self.time_future14d = create_date(now + 14 * day)
self.time_future29d = create_date(now + 29 * day)
self.time_future60d = create_date(now + 60 * day) self.time_future60d = create_date(now + 60 * day)
def writeSurykatkaPromise(self, d=None): def writeSurykatkaPromise(self, d=None):
...@@ -419,6 +421,32 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -419,6 +421,32 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"port": 80, "port": 80,
"domain": "www.tcpserverfiltered.com" "domain": "www.tcpserverfiltered.com"
}, },
],
"whois": [
{
"domain": "allok.com",
"expiration_date": self.time_future60d,
},
{
"domain": "httpallok.com",
"expiration_date": self.time_future60d,
},
{
"domain": "httpheader.com",
"expiration_date": self.time_future60d,
},
{
"domain": "whois3.com",
"expiration_date": self.time_future3d,
},
{
"domain": "whois29.com",
"expiration_date": self.time_future29d
},
{
"domain": "whoisminus29.com",
"expiration_date": self.time_past29d
},
] ]
}) })
...@@ -453,6 +481,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -453,6 +481,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
self.runAndAssertPassedMessage( self.runAndAssertPassedMessage(
"https://www.allok.com/ : " "https://www.allok.com/ : "
"dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 " "dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 "
"whois: OK allok.com expires in > 30 days "
"tcp_server: OK IP 127.0.0.1:443 OK IP 127.0.0.2:443 " "tcp_server: OK IP 127.0.0.1:443 OK IP 127.0.0.2:443 "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 " "http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 "
"status_code 302 " "status_code 302 "
...@@ -468,17 +497,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -468,17 +497,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.elapsedtoolong.com/', 'url': 'https://www.elapsedtoolong.com/',
'status-code': '302',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'maximum-elapsed-time': '5', 'maximum-elapsed-time': '5',
'enabled-sense-list': 'elapsed_time'
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.elapsedtoolong.com/ : " "https://www.elapsedtoolong.com/ : "
"dns_query: ERROR No data "
"tcp_server: ERROR No data "
"http_query: OK IP 127.0.0.1 status_code 302 "
"ssl_certificate: ERROR No data "
"elapsed_time: ERROR IP 127.0.0.1 replied > 5.00s" "elapsed_time: ERROR IP 127.0.0.1 replied > 5.00s"
) )
...@@ -488,17 +513,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -488,17 +513,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.elapsednototal.com/', 'url': 'https://www.elapsednototal.com/',
'status-code': '302',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'maximum-elapsed-time': '5', 'maximum-elapsed-time': '5',
'enabled-sense-list': 'elapsed_time'
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.elapsednototal.com/ : " "https://www.elapsednototal.com/ : "
"dns_query: ERROR No data "
"tcp_server: ERROR No data "
"http_query: OK IP 127.0.0.1 status_code 302 "
"ssl_certificate: ERROR No data "
"elapsed_time: ERROR No entry with total_seconds found. If the error " "elapsed_time: ERROR No entry with total_seconds found. If the error "
"persist, please update surykatka" "persist, please update surykatka"
) )
...@@ -517,6 +538,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -517,6 +538,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
self.runAndAssertPassedMessage( self.runAndAssertPassedMessage(
"http://www.httpallok.com/ : " "http://www.httpallok.com/ : "
"dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 " "dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 "
"whois: OK httpallok.com expires in > 30 days "
"tcp_server: OK IP 127.0.0.1:80 OK IP 127.0.0.2:80 " "tcp_server: OK IP 127.0.0.1:80 OK IP 127.0.0.2:80 "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 " "http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 "
"status_code 302 " "status_code 302 "
...@@ -525,7 +547,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -525,7 +547,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"< 5.00s" "< 5.00s"
) )
def test_http_with_header_dict(self): def test_http_query_header_dict(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
...@@ -534,20 +556,17 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -534,20 +556,17 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'status-code': '200', 'status-code': '200',
'http-header-dict': '{"Vary": "Accept-Encoding", "Cache-Control": ' 'http-header-dict': '{"Vary": "Accept-Encoding", "Cache-Control": '
'"max-age=300, public"}', '"max-age=300, public"}',
'enabled-sense-list': 'http_query'
} }
) )
self.runAndAssertPassedMessage( self.runAndAssertPassedMessage(
'http://www.httpheader.com/ : ' 'http://www.httpheader.com/ : '
'dns_query: OK No check configured '
'tcp_server: OK No check configured '
'http_query: OK IP 127.0.0.1 status_code 200 OK IP 127.0.0.1 HTTP ' 'http_query: OK IP 127.0.0.1 status_code 200 OK IP 127.0.0.1 HTTP '
'Header {"Cache-Control": "max-age=300, public", "Vary": ' 'Header {"Cache-Control": "max-age=300, public", "Vary": '
'"Accept-Encoding"} ' '"Accept-Encoding"}'
'ssl_certificate: OK No check needed '
'elapsed_time: OK No check configured'
) )
def test_http_with_header_dict_mismatch(self): def test_http_query_header_dict_mismatch(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
...@@ -556,18 +575,15 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -556,18 +575,15 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'status-code': '200', 'status-code': '200',
'http-header-dict': '{"Vary": "Accept-Encoding", "Cache-Control": ' 'http-header-dict': '{"Vary": "Accept-Encoding", "Cache-Control": '
'"max-age=300"}', '"max-age=300"}',
'enabled-sense-list': 'http_query'
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
'http://www.httpheader.com/ : ' 'http://www.httpheader.com/ : '
'dns_query: OK No check configured '
'tcp_server: OK No check configured '
'http_query: OK IP 127.0.0.1 status_code 200 ERROR IP 127.0.0.1 ' 'http_query: OK IP 127.0.0.1 status_code 200 ERROR IP 127.0.0.1 '
'HTTP Header {"Cache-Control": "max-age=300", "Vary": ' 'HTTP Header {"Cache-Control": "max-age=300", "Vary": '
'"Accept-Encoding"} != {"Cache-Control": "max-age=300, public", "Vary": ' '"Accept-Encoding"} != {"Cache-Control": "max-age=300, public", "Vary": '
'"Accept-Encoding"} ' '"Accept-Encoding"}'
'ssl_certificate: OK No check needed '
'elapsed_time: OK No check configured'
) )
def test_configuration_no_ip_list(self): def test_configuration_no_ip_list(self):
...@@ -582,6 +598,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -582,6 +598,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
self.runAndAssertPassedMessage( self.runAndAssertPassedMessage(
"https://www.allok.com/ : " "https://www.allok.com/ : "
"dns_query: OK No check configured " "dns_query: OK No check configured "
"whois: OK allok.com expires in > 30 days "
"tcp_server: OK No check configured " "tcp_server: OK No check configured "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 " "http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 "
"status_code 302 " "status_code 302 "
...@@ -590,61 +607,49 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -590,61 +607,49 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"elapsed_time: OK No check configured" "elapsed_time: OK No check configured"
) )
def test_good_certificate_2_day(self): def test_ssl_certificate_good_certificate_2_day(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.cert3.com/', 'url': 'https://www.cert3.com/',
'status-code': '302', 'certificate-expiration-days': '2',
'certificate-expiration-days': '2' 'enabled-sense-list': 'ssl_certificate',
} }
) )
self.runAndAssertPassedMessage( self.runAndAssertPassedMessage(
"https://www.cert3.com/ : " "https://www.cert3.com/ : "
"dns_query: OK No check configured " "ssl_certificate: OK IP 127.0.0.1 expires in > 2 days"
"tcp_server: OK No check configured "
"http_query: OK IP 127.0.0.1 status_code 302 "
"ssl_certificate: OK IP 127.0.0.1 expires in > 2 days "
"elapsed_time: OK No check configured"
) )
def test_expired_certificate_4_day(self): def test_ssl_certificate_expired_certificate_4_day(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.cert3.com/', 'url': 'https://www.cert3.com/',
'status-code': '302', 'certificate-expiration-days': '4',
'certificate-expiration-days': '4' 'enabled-sense-list': 'ssl_certificate',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.cert3.com/ : " "https://www.cert3.com/ : "
"dns_query: OK No check configured " "ssl_certificate: ERROR IP 127.0.0.1 expires in < 4 days"
"tcp_server: OK No check configured "
"http_query: OK IP 127.0.0.1 status_code 302 "
"ssl_certificate: ERROR IP 127.0.0.1 expires in < 4 days "
"elapsed_time: OK No check configured"
) )
def test_expired_certificate(self): def test_ssl_certificate_expired_certificate(self):
self.writeSurykatkaPromise( self.writeSurykatkaPromise(
{ {
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.cert14.com/', 'url': 'https://www.cert14.com/',
'status-code': '302', 'enabled-sense-list': 'ssl_certificate',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.cert14.com/ : " "https://www.cert14.com/ : "
"dns_query: OK No check configured " "ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days"
"tcp_server: OK No check configured "
"http_query: OK IP 127.0.0.1 status_code 302 "
"ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days "
"elapsed_time: OK No check configured"
) )
def test_expired_certificate_before_today(self): def test_expired_certificate_before_today(self):
...@@ -653,16 +658,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -653,16 +658,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.certminus14.com/', 'url': 'https://www.certminus14.com/',
'status-code': '302', 'enabled-sense-list': 'ssl_certificate',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.certminus14.com/ : " "https://www.certminus14.com/ : "
"dns_query: OK No check configured " "ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days"
"tcp_server: OK No check configured "
"http_query: OK IP 127.0.0.1 status_code 302 "
"ssl_certificate: ERROR IP 127.0.0.1 expires in < 15 days "
"elapsed_time: OK No check configured"
) )
def test_no_http_query_data(self): def test_no_http_query_data(self):
...@@ -672,15 +673,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -672,15 +673,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.httpquerynodata.com/', 'url': 'http://www.httpquerynodata.com/',
'status-code': '302', 'status-code': '302',
'enabled-sense-list': 'http_query'
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.httpquerynodata.com/ : " "http://www.httpquerynodata.com/ : "
"dns_query: OK No check configured " "http_query: ERROR No data"
"tcp_server: OK No check configured "
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data"
) )
def test_no_http_query_present(self): def test_no_http_query_present(self):
...@@ -690,6 +688,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -690,6 +688,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.httpquerynopresent.com/', 'url': 'http://www.httpquerynopresent.com/',
'status-code': '302', 'status-code': '302',
'enabled-sense-list': 'http_query'
} }
) )
self.writeSurykatkaJson({ self.writeSurykatkaJson({
...@@ -699,11 +698,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -699,11 +698,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
}) })
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.httpquerynopresent.com/ : " "http://www.httpquerynopresent.com/ : "
"dns_query: OK No check configured " "http_query: ERROR 'http_query' not in %(json_file)r" % {
"tcp_server: OK No check configured "
"http_query: ERROR 'http_query' not in %(json_file)r "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR 'http_query' not in %(json_file)r" % {
'json_file': self.json_file} 'json_file': self.json_file}
) )
...@@ -713,17 +708,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -713,17 +708,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.nosslcertificatedata.com/', 'url': 'https://www.nosslcertificatedata.com/',
'status-code': '302', 'enabled-sense-list': 'ssl_certificate'
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.nosslcertificatedata.com/ : " "https://www.nosslcertificatedata.com/ : "
"dns_query: OK No check configured " "ssl_certificate: ERROR No data"
"tcp_server: OK No check configured "
"http_query: OK IP 127.0.0.1 "
"status_code 302 "
"ssl_certificate: ERROR No data "
"elapsed_time: OK No check configured"
) )
def test_no_ssl_certificate(self): def test_no_ssl_certificate(self):
...@@ -732,7 +722,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -732,7 +722,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.nosslcertificate.com/', 'url': 'https://www.nosslcertificate.com/',
'status-code': '302', 'enabled-sense-list': 'ssl_certificate',
} }
) )
self.writeSurykatkaJson({ self.writeSurykatkaJson({
...@@ -744,15 +734,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -744,15 +734,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
}, },
], ],
"dns_query": [], "dns_query": [],
"tcp_server": [] "tcp_server": [],
"whois": []
}) })
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.nosslcertificate.com/ : " "https://www.nosslcertificate.com/ : "
"dns_query: OK No check configured " "ssl_certificate: ERROR 'ssl_certificate' not in %(json_file)r" % {
"tcp_server: OK No check configured " 'json_file': self.json_file}
"http_query: OK IP 127.0.0.1 status_code 302 "
"ssl_certificate: ERROR 'ssl_certificate' not in %(json_file)r "
"elapsed_time: OK No check configured" % {'json_file': self.json_file}
) )
def test_bad_code(self): def test_bad_code(self):
...@@ -762,17 +750,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -762,17 +750,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.allok.com/', 'url': 'https://www.allok.com/',
'status-code': '301', 'status-code': '301',
'enabled-sense-list': 'http_query'
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.allok.com/ : " "https://www.allok.com/ : "
"dns_query: OK No check configured "
"tcp_server: OK No check configured "
"http_query: ERROR IP 127.0.0.1 status_code 302 != 301 ERROR " "http_query: ERROR IP 127.0.0.1 status_code 302 != 301 ERROR "
"IP 127.0.0.2 status_code 302 != 301 " "IP 127.0.0.2 status_code 302 != 301"
"ssl_certificate: OK IP 127.0.0.1 expires in > 15 days OK IP "
"127.0.0.2 expires in > 15 days "
"elapsed_time: OK No check configured"
) )
def _test_bad_code_explanation(self, status_code, explanation): def _test_bad_code_explanation(self, status_code, explanation):
...@@ -782,6 +766,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -782,6 +766,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.statuscode.com/', 'url': 'http://www.statuscode.com/',
'status-code': '301', 'status-code': '301',
'enabled-sense-list': 'http_query',
} }
) )
self.writeSurykatkaJson({ self.writeSurykatkaJson({
...@@ -798,11 +783,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -798,11 +783,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
}) })
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.statuscode.com/ : " "http://www.statuscode.com/ : "
"dns_query: OK No check configured " "http_query: ERROR IP 127.0.0.1 status_code %s != 301" % (explanation,)
"tcp_server: OK No check configured "
"http_query: ERROR IP 127.0.0.1 status_code %s != 301 "
"ssl_certificate: OK No check needed "
"elapsed_time: OK No check configured" % (explanation,)
) )
def test_bad_code_explanation_520(self): def test_bad_code_explanation_520(self):
...@@ -825,6 +806,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -825,6 +806,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'url': 'http://www.badip.com/', 'url': 'http://www.badip.com/',
'status-code': '302', 'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.2', 'ip-list': '127.0.0.1 127.0.0.2',
'enabled-sense-list': 'dns_query',
} }
) )
self.configureLauncher(enable_anomaly=True) self.configureLauncher(enable_anomaly=True)
...@@ -834,12 +816,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -834,12 +816,7 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
self.getPromiseResult(self.promise_name), self.getPromiseResult(self.promise_name),
"http://www.badip.com/ : " "http://www.badip.com/ : "
"dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 != " "dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 != "
"127.0.0.1 127.0.0.4 " "127.0.0.1 127.0.0.4"
"tcp_server: OK IP 127.0.0.1:80 ERROR IP 127.0.0.2:80 "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.4 "
"status_code 302 "
"ssl_certificate: OK No check needed "
"elapsed_time: OK No check configured"
) )
def test_https_no_cert(self): def test_https_no_cert(self):
...@@ -848,16 +825,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -848,16 +825,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'https://www.sslcertnoinfo.com/', 'url': 'https://www.sslcertnoinfo.com/',
'status-code': '301', 'enabled-sense-list': 'ssl_certificate',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"https://www.sslcertnoinfo.com/ : " "https://www.sslcertnoinfo.com/ : "
"dns_query: OK No check configured " "ssl_certificate: ERROR IP 127.0.0.1 no information"
"tcp_server: OK No check configured "
"http_query: OK IP 127.0.0.1 status_code 301 "
"ssl_certificate: ERROR IP 127.0.0.1 no information "
"elapsed_time: OK No check configured"
) )
def test_dns_query_no_entry(self): def test_dns_query_no_entry(self):
...@@ -866,17 +839,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -866,17 +839,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.dnsquerynoentry.com/', 'url': 'http://www.dnsquerynoentry.com/',
'status-code': '301', 'ip-list': '127.0.0.1',
'ip-list': '127.0.0.1' 'enabled-sense-list': 'dns_query',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.dnsquerynoentry.com/ : " "http://www.dnsquerynoentry.com/ : "
"dns_query: ERROR No data " "dns_query: ERROR No data"
"tcp_server: ERROR No data "
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data"
) )
def test_dns_query_no_key(self): def test_dns_query_no_key(self):
...@@ -885,8 +854,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -885,8 +854,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.dnsquerynokey.com/', 'url': 'http://www.dnsquerynokey.com/',
'status-code': '301',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'dns_query',
} }
) )
self.writeSurykatkaJson({ self.writeSurykatkaJson({
...@@ -898,11 +867,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -898,11 +867,8 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
}) })
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.dnsquerynokey.com/ : " "http://www.dnsquerynokey.com/ : "
"dns_query: ERROR 'dns_query' not in %(json_file)r " "dns_query: ERROR 'dns_query' not in %(json_file)r" % {
"tcp_server: ERROR No data " 'json_file': self.json_file}
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data" % {'json_file': self.json_file}
) )
def test_dns_query_mismatch(self): def test_dns_query_mismatch(self):
...@@ -911,19 +877,14 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -911,19 +877,14 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.httpallok.com/', 'url': 'http://www.httpallok.com/',
'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.9', 'ip-list': '127.0.0.1 127.0.0.9',
'enabled-sense-list': 'dns_query',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.httpallok.com/ : " "http://www.httpallok.com/ : "
"dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 127.0.0.9 != " "dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 127.0.0.9 != "
"127.0.0.1 127.0.0.2 " "127.0.0.1 127.0.0.2"
"tcp_server: OK IP 127.0.0.1:80 ERROR IP 127.0.0.9:80 "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 "
"status_code 302 "
"ssl_certificate: OK No check needed "
"elapsed_time: OK No check configured"
) )
def test_dns_query_no_reply(self): def test_dns_query_no_reply(self):
...@@ -932,17 +893,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -932,17 +893,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.dnsquerynoreply.com/', 'url': 'http://www.dnsquerynoreply.com/',
'status-code': '301',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'dns_query',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.dnsquerynoreply.com/ : " "http://www.dnsquerynoreply.com/ : "
"dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 != empty-reply " "dns_query: ERROR resolver's 1.2.3.4: 127.0.0.1 != empty-reply"
"tcp_server: ERROR No data "
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data"
) )
def test_tcp_server_no_ip(self): def test_tcp_server_no_ip(self):
...@@ -953,15 +910,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -953,15 +910,12 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'url': 'http://www.tcpservernoip.com/', 'url': 'http://www.tcpservernoip.com/',
'status-code': '301', 'status-code': '301',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.tcpservernoip.com/ : " "http://www.tcpservernoip.com/ : "
"dns_query: ERROR No data " "tcp_server: ERROR IP 127.0.0.1:80"
"tcp_server: ERROR IP 127.0.0.1:80 "
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data"
) )
def test_tcp_server_filtered(self): def test_tcp_server_filtered(self):
...@@ -970,17 +924,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -970,17 +924,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.tcpserverfiltered.com/', 'url': 'http://www.tcpserverfiltered.com/',
'status-code': '301',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.tcpserverfiltered.com/ : " "http://www.tcpserverfiltered.com/ : "
"dns_query: ERROR No data " "tcp_server: ERROR IP 127.0.0.1:80"
"tcp_server: ERROR IP 127.0.0.1:80 "
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data"
) )
def test_tcp_server_no_entry(self): def test_tcp_server_no_entry(self):
...@@ -989,17 +939,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -989,17 +939,13 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.tcpservernoentry.com/', 'url': 'http://www.tcpservernoentry.com/',
'status-code': '301',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.tcpservernoentry.com/ : " "http://www.tcpservernoentry.com/ : "
"dns_query: ERROR No data " "tcp_server: ERROR No data"
"tcp_server: ERROR No data "
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data"
) )
def test_tcp_server_no_key(self): def test_tcp_server_no_key(self):
...@@ -1008,25 +954,18 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -1008,25 +954,18 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'report': 'http_query', 'report': 'http_query',
'json-file': self.json_file, 'json-file': self.json_file,
'url': 'http://www.tcpservernokey.com/', 'url': 'http://www.tcpservernokey.com/',
'status-code': '301',
'ip-list': '127.0.0.1', 'ip-list': '127.0.0.1',
'enabled-sense-list': 'tcp_server',
} }
) )
self.writeSurykatkaJson({ self.writeSurykatkaJson({
"http_query": [
],
"ssl_certificate": [
],
"dns_query": [ "dns_query": [
], ],
}) })
self.runAndAssertFailedMessage( self.runAndAssertFailedMessage(
"http://www.tcpservernokey.com/ : " "http://www.tcpservernokey.com/ : "
"dns_query: ERROR No data " "tcp_server: ERROR 'tcp_server' not in %(json_file)r" % {
"tcp_server: ERROR 'tcp_server' not in %(json_file)r " 'json_file': self.json_file}
"http_query: ERROR No data "
"ssl_certificate: OK No check needed "
"elapsed_time: ERROR No data" % {'json_file': self.json_file}
) )
def test_all_ok_nothing_enabled(self): def test_all_ok_nothing_enabled(self):
...@@ -1054,12 +993,14 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -1054,12 +993,14 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
'status-code': '302', 'status-code': '302',
'ip-list': '127.0.0.1 127.0.0.2', 'ip-list': '127.0.0.1 127.0.0.2',
'maximum-elapsed-time': '5', 'maximum-elapsed-time': '5',
'enabled-sense-list': 'dns_query tcp_server http_query elapsed_time', 'enabled-sense-list': 'dns_query whois tcp_server http_query '
'elapsed_time',
} }
) )
self.runAndAssertPassedMessage( self.runAndAssertPassedMessage(
"https://www.allok.com/ : " "https://www.allok.com/ : "
"dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 " "dns_query: OK resolver's 1.2.3.4: 127.0.0.1 127.0.0.2 "
"whois: OK allok.com expires in > 30 days "
"tcp_server: OK IP 127.0.0.1:443 OK IP 127.0.0.2:443 " "tcp_server: OK IP 127.0.0.1:443 OK IP 127.0.0.2:443 "
"http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 " "http_query: OK IP 127.0.0.1 status_code 302 OK IP 127.0.0.2 "
"status_code 302 " "status_code 302 "
...@@ -1084,3 +1025,96 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin): ...@@ -1084,3 +1025,96 @@ class TestCheckSurykatkaJSONHttpQuery(CheckSurykatkaJSONMixin):
"ssl_certificate: OK IP 127.0.0.1 expires in > 15 days OK IP " "ssl_certificate: OK IP 127.0.0.1 expires in > 15 days OK IP "
"127.0.0.2 expires in > 15 days" "127.0.0.2 expires in > 15 days"
) )
def test_whois_no_entry(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.whoisnoentry.com/',
'ip-list': '127.0.0.1',
'enabled-sense-list': 'whois',
}
)
self.runAndAssertFailedMessage(
"http://www.whoisnoentry.com/ : "
"whois: ERROR No data"
)
def test_whois_no_key(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'http://www.whoisnokey.com/',
'ip-list': '127.0.0.1',
'enabled-sense-list': 'whois',
}
)
self.writeSurykatkaJson({
"dns_query": [
],
})
self.runAndAssertFailedMessage(
"http://www.whoisnokey.com/ : "
"whois: ERROR 'whois' not in %(json_file)r" % {
'json_file': self.json_file}
)
def test_whois_expires_2_day(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.whois3.com/',
'domain-expiration-days': '2',
'enabled-sense-list': 'whois',
}
)
self.runAndAssertPassedMessage(
"https://www.whois3.com/ : "
"whois: OK whois3.com expires in > 2 days"
)
def test_whois_expired_expires_2_day(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.whois3.com/',
'domain-expiration-days': '4',
'enabled-sense-list': 'whois',
}
)
self.runAndAssertFailedMessage(
"https://www.whois3.com/ : "
"whois: ERROR whois3.com expires in < 4 days"
)
def test_whois_expired(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.whois29.com/',
'enabled-sense-list': 'whois',
}
)
self.runAndAssertFailedMessage(
"https://www.whois29.com/ : "
"whois: ERROR whois29.com expires in < 30 days"
)
def test_whois_expired_before_today(self):
self.writeSurykatkaPromise(
{
'report': 'http_query',
'json-file': self.json_file,
'url': 'https://www.whoisminus29.com/',
'enabled-sense-list': 'whois',
}
)
self.runAndAssertFailedMessage(
"https://www.whoisminus29.com/ : "
"whois: ERROR whoisminus29.com expires in < 30 days"
)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7