mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-20 13:50:45 +00:00
Added NTP test. Refactored html match from parameterised_website into the superclass
This commit is contained in:
1
Gemfile
1
Gemfile
@@ -33,6 +33,7 @@ gem 'ruby-graphviz'
|
||||
gem 'rsa'
|
||||
gem 'gpgmeh'
|
||||
gem 'digest-sha3', :git => "http://github.com/izetex/digest-sha3-ruby"
|
||||
gem 'net-ntp'
|
||||
|
||||
#development only gems go here
|
||||
group :test, :development do
|
||||
|
||||
@@ -85,6 +85,7 @@ GEM
|
||||
minitest (5.11.3)
|
||||
multi_json (1.13.1)
|
||||
multipart-post (2.0.0)
|
||||
net-ntp (2.1.3)
|
||||
nio4r (2.3.1)
|
||||
nokogiri (1.8.4)
|
||||
mini_portile2 (~> 2.3.0)
|
||||
@@ -159,6 +160,7 @@ DEPENDENCIES
|
||||
librarian-puppet
|
||||
mini_exiftool_vendored
|
||||
minitest
|
||||
net-ntp
|
||||
nokogiri
|
||||
nori
|
||||
ovirt-engine-sdk
|
||||
@@ -182,4 +184,4 @@ DEPENDENCIES
|
||||
zipruby
|
||||
|
||||
BUNDLED WITH
|
||||
1.16.1
|
||||
2.0.0.pre.2
|
||||
|
||||
@@ -41,6 +41,7 @@ class PostProvisionTest
|
||||
# Testing Functions #
|
||||
#####################
|
||||
|
||||
# Test service is up (tcp)
|
||||
def test_service_up
|
||||
if is_port_open? system_ip, self.port
|
||||
self.outputs << "PASSED: Port #{self.port} is open at #{get_system_ip} (#{get_system_name})!"
|
||||
@@ -49,6 +50,22 @@ class PostProvisionTest
|
||||
end
|
||||
end
|
||||
|
||||
# example usage for page: /index.html
|
||||
def test_html_returned_content(page, match_string)
|
||||
|
||||
begin
|
||||
source = Net::HTTP.get(get_system_ip, page, self.port)
|
||||
rescue SocketError
|
||||
# do nothing
|
||||
end
|
||||
|
||||
if source.include? match_string
|
||||
self.outputs << "PASSED: Content #{match_string} is contained within #{page} at #{get_system_ip}:#{self.port} (#{get_system_name})!"
|
||||
else
|
||||
self.outputs << "FAILED: Content #{match_string} is contained within #{page} at #{get_system_ip}:#{self.port} (#{get_system_name})!"
|
||||
end
|
||||
end
|
||||
|
||||
##################
|
||||
# Misc Functions #
|
||||
##################
|
||||
@@ -56,7 +73,7 @@ class PostProvisionTest
|
||||
def get_system_ip
|
||||
vagrant_file_path = "#{get_project_path}/Vagrantfile"
|
||||
vagrantfile = File.read(vagrant_file_path)
|
||||
ip_line = vagrantfile.split("\n").delete_if { |line| !line.include? "# ip_address_for_#{get_system_name}"}[0]
|
||||
ip_line = vagrantfile.split("\n").delete_if {|line| !line.include? "# ip_address_for_#{get_system_name}"}[0]
|
||||
ip_address = ip_line.split('=')[-1]
|
||||
if ip_address == "DHCP"
|
||||
self.outputs << "FAILED: Cannot test against dynamic IPs" # TODO: fix this so that we grab dynamic IP address (maybe from vagrant?)
|
||||
@@ -69,7 +86,7 @@ class PostProvisionTest
|
||||
def get_json_inputs
|
||||
json_inputs_path = "#{File.expand_path('../', self.module_path)}/secgen_functions/files/json_inputs/*"
|
||||
json_inputs_files = Dir.glob(json_inputs_path)
|
||||
json_inputs_files.delete_if { |path| !path.include?(self.module_name) }
|
||||
json_inputs_files.delete_if {|path| !path.include?(self.module_name)}
|
||||
if json_inputs_files.size > 0
|
||||
return JSON.parse(Base64.strict_decode64(File.read(json_inputs_files.first)))
|
||||
end
|
||||
|
||||
@@ -28,20 +28,6 @@ class ParamWebsiteTest < PostProvisionTest
|
||||
test_service_up
|
||||
end
|
||||
|
||||
def test_html_returned_content(page, match_string)
|
||||
|
||||
begin
|
||||
source = Net::HTTP.get(get_system_ip, page, self.port)
|
||||
rescue SocketError
|
||||
# do nothing
|
||||
end
|
||||
|
||||
if source.include? match_string
|
||||
self.outputs << "PASSED: Content #{match_string} is contained within #{page} at #{get_system_ip}:#{self.port} (#{get_system_name})!"
|
||||
else
|
||||
self.outputs << "FAILED: Content #{match_string} is contained within #{page} at #{get_system_ip}:#{self.port} (#{get_system_name})!"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
ParamWebsiteTest.new.run
|
||||
27
modules/services/unix/ntp/ntp/secgen_test/ntp.rb
Normal file
27
modules/services/unix/ntp/ntp/secgen_test/ntp.rb
Normal file
@@ -0,0 +1,27 @@
|
||||
require_relative '../../../../../lib/post_provision_test'
|
||||
require 'net/ntp'
|
||||
|
||||
class NTPTest < PostProvisionTest
|
||||
def initialize
|
||||
self.module_name = 'ntp'
|
||||
self.module_path = get_module_path(__FILE__)
|
||||
super
|
||||
self.port = 123
|
||||
end
|
||||
|
||||
def test_module
|
||||
super
|
||||
test_ntp_query #TODO
|
||||
end
|
||||
|
||||
def test_ntp_query
|
||||
begin
|
||||
time_response = Net::NTP.get(system_ip, port).time
|
||||
self.outputs << "PASSED: NTP responded on UDP port #{port} with #{time_response}"
|
||||
rescue Errno::ECONNREFUSED
|
||||
self.outputs << "FAILED: unable to connect to #{module_name} on UDP port #{port} "
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
NTPTest.new.run
|
||||
@@ -4,15 +4,14 @@
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.github/cliffe/SecGen/scenario">
|
||||
<system>
|
||||
<system_name>proftpd_testing</system_name>
|
||||
<base platform="linux" distro="Debian 7.8" type="server"/>
|
||||
<system_name>testing</system_name>
|
||||
<base platform="linux" distro="Debian 9" type="server"/>
|
||||
|
||||
<!--<service type="ftp"/>-->
|
||||
<service module_path=".*nfs_share.*"/>
|
||||
<!--<vulnerability module_path=".*unrealirc_3281.*"/>-->
|
||||
<service type="ftp"/>
|
||||
<service module_path=".*ntp.*"/>
|
||||
|
||||
<input into_datastore="IP_addresses">
|
||||
<value>172.16.0.17</value>
|
||||
<value>172.16.0.13</value>
|
||||
</input>
|
||||
|
||||
<network type="private_network">
|
||||
|
||||
@@ -354,7 +354,7 @@ def post_provision_tests(project_dir)
|
||||
end
|
||||
test_module_outputs.each do |output_lines|
|
||||
output_lines.each do |line|
|
||||
if line.include? "FAILED:"
|
||||
if line.include? "FAILED:" # todo: read exit code instead
|
||||
tests_passed = false
|
||||
Print.err line
|
||||
Print.err "Post provision tests contained failures!"
|
||||
|
||||
Reference in New Issue
Block a user