summaryrefslogblamecommitdiffhomepage
path: root/test/test_static_chroot.py
blob: e33a181cedae6664692f42128a655c42d1547d94 (plain) (tree) 
e0a06195




e0a06195



b86891c4

e0a06195





b86891c4


e0a06195

a3699557

e0a06195




c5220944

e0a06195



5c20d43e


0f725346


5c20d43e



0f725346



5c20d43e

b86891c4

e0a06195



a3699557



e0a06195





5c20d43e

a3699557



5c20d43e







a3699557



5c20d43e


b86891c4

72420358



e0a06195


a3699557


e0a06195




b86891c4

a3699557


e0a06195

a3699557


e0a06195

b86891c4

e0a06195



a3699557

e0a06195


a3699557

e0a06195


a3699557

e0a06195


39adb292

5c20d43e










39adb292

5c20d43e



5c20d43e


39adb292

5c20d43e



5c20d43e


39adb292

5c20d43e



5c20d43e



a3699557



5c20d43e



a3699557



5c20d43e


a3699557



5c20d43e



a3699557



5c20d43e


b86891c4

e0a06195

0f725346


e0a06195


0f725346


e0a06195


0f725346


e0a06195

5c20d43e







1
2
3
4

5
6
7

8

9
10
11
12
13

14
15

16

17

18
19
20
21

22

23
24
25

26
27

28
29

30
31
32

33
34
35

36

37

38
39
40

41
42
43

44
45
46
47
48

49

50
51
52

53
54
55
56
57
58
59

60
61
62

63
64

65

66
67
68

69
70

71
72

73
74
75
76

77

78
79

80

81
82

83

84

85
86
87

88

89
90

91

92
93

94

95
96

97

98
99
100
101
102
103
104
105
106
107

108

109
110
111

112
113

114

115
116
117

118
119

120

121
122
123

124
125
126

127
128
129

130
131
132

133
134
135

136
137

138
139
140

141
142
143

144
145
146

147
148

149

150

151
152

153
154

155
156

157
158

159
160

161

162
163
164
165
166
167
168




                        


                                                        
                                             




                                             

                                                                      
 
                                                              



                                                            
                                                                            


             

                                           

                                               


                                    


                                                                                
 
                                           


                                                                               


                                                              




                                                                           
                                                


                                                                         






                                                                           


                                                         

                                                             
                                                             


                                                  

                                                 

                                                              



                                                                   
                                                 

                                                                            
 

                                                                              
 
                                                           


                                                  
                                                                             

                                                                            
                                                                            

                                                                              
                                                            

                                                                        
                                                     









                                                                  
                                                                   


                                                             

                                                       
                                                                 


                                                             

                                                            
                                                                 


                                                                


                                                         


                                                               


                                                                          


                                                              

                                                                         


                                                               


                                                                            


                                                                            

                                                                             
                                                   
                                    

                                                

                                    

                                                    

                                    

                                                 
                                  






                                                                  
import os
from pathlib import Path

import pytest
from unit.applications.proto import TestApplicationProto


class TestStaticChroot(TestApplicationProto):
    prerequisites = {'features': ['chroot']}

    @pytest.fixture(autouse=True)
    def setup_method_fixture(self, temp_dir):
        os.makedirs(temp_dir + '/assets/dir')
        Path(temp_dir + '/assets/index.html').write_text('0123456789')
        Path(temp_dir + '/assets/dir/file').write_text('blah')

        self.test_path = '/' + os.path.relpath(Path(__file__))

        self._load_conf(
            {
                "listeners": {"*:7080": {"pass": "routes"}},
                "routes": [{"action": {"share": temp_dir + "/assets$uri"}}],
            }
        )

    def update_action(self, share, chroot):
        return self.conf(
            {"share": share, "chroot": chroot},
            'routes/0/action',
        )

    def get_custom(self, uri, host):
        return self.get(url=uri, headers={'Host': host, 'Connection': 'close'})[
            'status'
        ]

    def test_static_chroot(self, temp_dir):
        assert self.get(url='/dir/file')['status'] == 200, 'default chroot'
        assert self.get(url='/index.html')['status'] == 200, 'default chroot 2'

        assert 'success' in self.update_action(
            temp_dir + "/assets$uri", temp_dir + "/assets/dir"
        )

        assert self.get(url='/dir/file')['status'] == 200, 'chroot'
        assert self.get(url='/index.html')['status'] == 403, 'chroot 403 2'
        assert self.get(url='/file')['status'] == 403, 'chroot 403'

    def test_share_chroot_array(self, temp_dir):
        assert 'success' in self.update_action(
            ["/blah", temp_dir + "/assets$uri"], temp_dir + "/assets/dir"
        )
        assert self.get(url='/dir/file')['status'] == 200, 'share array'

        assert 'success' in self.update_action(
            ["/blah", temp_dir + '/assets$uri'], temp_dir + '/assets/$host'
        )
        assert self.get_custom('/dir/file', 'dir') == 200, 'array variable'

        assert 'success' in self.update_action(
            ["/blah", "/blah2"], temp_dir + "/assets/dir"
        )
        assert self.get()['status'] != 200, 'share array bad'

    def test_static_chroot_permission(self, is_su, temp_dir):
        if is_su:
            pytest.skip('does\'t work under root')

        os.chmod(temp_dir + '/assets/dir', 0o100)

        assert 'success' in self.update_action(
            temp_dir + "/assets$uri", temp_dir + "/assets/dir"
        ), 'configure chroot'

        assert self.get(url='/dir/file')['status'] == 200, 'chroot'

    def test_static_chroot_empty(self, temp_dir):
        assert 'success' in self.update_action(temp_dir + "/assets$uri", "")
        assert self.get(url='/dir/file')['status'] == 200, 'empty absolute'

        assert 'success' in self.update_action(".$uri", "")
        assert self.get(url=self.test_path)['status'] == 200, 'empty relative'

    def test_static_chroot_relative(self, is_su, temp_dir):
        if is_su:
            pytest.skip('does\'t work under root')

        assert 'success' in self.update_action(temp_dir + "/assets$uri", ".")
        assert self.get(url='/dir/file')['status'] == 403, 'relative chroot'

        assert 'success' in self.conf({"share": ".$uri"}, 'routes/0/action')
        assert self.get(url=self.test_path)['status'] == 200, 'relative share'

        assert 'success' in self.update_action(".$uri", ".")
        assert self.get(url=self.test_path)['status'] == 200, 'relative'

    def test_static_chroot_variables(self, temp_dir):
        assert 'success' in self.update_action(
            temp_dir + '/assets$uri', temp_dir + '/assets/$host'
        )
        assert self.get_custom('/dir/file', 'dir') == 200

        assert 'success' in self.update_action(
            temp_dir + '/assets$uri', temp_dir + '/assets/${host}'
        )
        assert self.get_custom('/dir/file', 'dir') == 200

    def test_static_chroot_variables_buildin_start(self, temp_dir):
        assert 'success' in self.update_action(
            temp_dir + '/assets/dir/$host', '$uri/assets/dir'
        )
        assert self.get_custom(temp_dir, 'file') == 200

    def test_static_chroot_variables_buildin_mid(self, temp_dir):
        assert 'success' in self.update_action(
            temp_dir + '/assets$uri', temp_dir + '/$host/dir'
        )
        assert self.get_custom('/dir/file', 'assets') == 200

    def test_static_chroot_variables_buildin_end(self, temp_dir):
        assert 'success' in self.update_action(
            temp_dir + '/assets$uri', temp_dir + '/assets/$host'
        )
        assert self.get_custom('/dir/file', 'dir') == 200

    def test_static_chroot_slash(self, temp_dir):
        assert 'success' in self.update_action(
            temp_dir + "/assets$uri", temp_dir + "/assets/dir/"
        )
        assert self.get(url='/dir/file')['status'] == 200, 'slash end'
        assert self.get(url='/dirxfile')['status'] == 403, 'slash end bad'

        assert 'success' in self.update_action(
            temp_dir + "/assets$uri", temp_dir + "/assets/dir"
        )
        assert self.get(url='/dir/file')['status'] == 200, 'no slash end'

        assert 'success' in self.update_action(
            temp_dir + "/assets$uri", temp_dir + "/assets/dir/"
        )
        assert self.get(url='/dir/file')['status'] == 200, 'slash end 2'
        assert self.get(url='/dirxfile')['status'] == 403, 'slash end 2 bad'

        assert 'success' in self.update_action(
            temp_dir + "///assets/////$uri", temp_dir + "//assets////dir///"
        )
        assert self.get(url='/dir/file')['status'] == 200, 'multiple slashes'

    def test_static_chroot_invalid(self, temp_dir):
        assert 'error' in self.conf(
            {"share": temp_dir, "chroot": True},
            'routes/0/action',
        ), 'configure chroot error'
        assert 'error' in self.conf(
            {"share": temp_dir, "symlinks": "True"},
            'routes/0/action',
        ), 'configure symlink error'
        assert 'error' in self.conf(
            {"share": temp_dir, "mount": "True"},
            'routes/0/action',
        ), 'configure mount error'

        assert 'error' in self.update_action(
            temp_dir + '/assets$uri', temp_dir + '/assets/d$r$uri'
        )
        assert 'error' in self.update_action(
            temp_dir + '/assets$uri', temp_dir + '/assets/$$uri'
        )
generated by cgit (git 2.34.1) at 2024-11-16 23:28:20 +0000