HEX
Server: LiteSpeed
System: Linux 112.webhostingindonesia.co.id 5.14.0-570.62.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 10:10:59 EST 2025 x86_64
User: iyfwylsv (10313)
PHP: 8.2.30
Disabled: NONE
$ pwd: /lib/python3.9/site-packages/fail2ban/tests/__pycache__/
Upload Files
File: //lib/python3.9/site-packages/fail2ban/tests/__pycache__/clientreadertestcase.cpython-39.pyc
a

@�\]�)l�@svdZdZdZddlZddlZddlZddlZddlZddlZddl	Z	ddl
mZmZm
Z
mZddlmZddlmZmZmZdd	lmZdd
lmZddlmZmZddlmZdd
lmZddl m Z ddl!m"Z"m#Z#ej$�%ej$�&e'�d�Z(iZ)ddl!m*Z*e	j+j,Z-ej$�%ej$�&e'�d�Z.iZ/Gdd�de	j0�Z1Gdd�de"�Z2Gdd�de"�Z3Gdd�de"�Z4Gdd�de"�Z5dS)z!Cyril Jaquier, Yaroslav Halchenkoz>Copyright (c) 2004 Cyril Jaquier, 2011-2013 Yaroslav Halchenko�GPL�N�)�ConfigReader�ConfigReaderUnshared�DefinitionInitConfigReader�NoSectionError)�configparserinc)�
JailReader�extractOptions�splitWithOptions)�FilterReader)�JailsReader)�ActionReader�
CommandAction)�Configurator)�MyTime)�version�)�LogCaptureTestCase�with_tmpdir�files)�
CONFIG_DIR�configcs|eZdZ�fdd�Z�fdd�Zddd�Zdd	�Zddd�Zd
d�Zdd�Z	dd�Z
dd�Zdd�Zdd�Z
dd�Z�ZS)�ConfigReaderTestcs.tt|���tjdd�|_t|jd�|_dS)zCall before every test case.zf2b-temp)�prefix��basedirN)�superr�setUp�tempfile�mkdtemp�dr�c��self��	__class__��G/usr/lib/python3.9/site-packages/fail2ban/tests/clientreadertestcase.pyr7szConfigReaderTest.setUpcst�|j�tt|���dS)zCall after every test case.N)�shutil�rmtreer!rr�tearDownr#r%r'r(r+=szConfigReaderTest.tearDownNcCs�tjj|vr>tj�|�}tj�|j|�}tj�|�s>t�|�td|j|fd�}|durh|�	d|�|durz|�	|�|�
�dS)N�%s/%s�wz
[section]
option = %s
	)�os�path�sep�dirname�joinr!�exists�makedirs�open�write�close)r$�fname�value�contentr!Zd_�fr'r'r(�_writeBs
�
zConfigReaderTest._writecCs*t�d|j|f�|�|j�d��dS)Nr,r")r.�unlinkr!�
assertTruer"�read)r$r8r'r'r(�_removeSszConfigReaderTest._remover"cCs&|�|j�|��|j�ddg�dS)N�section)�int�optionrC)r>r"r?�
getOptions)r$r;r'r'r(�
_getoptionWszConfigReaderTest._getoptioncCs�|j�d�|j�ddd�|j�ddd�|j�ddd�|j�dd�}|�|dd	d
d��|j�dd�}|�|dd	dd��|j�dd
dd
d��}|�|dd	d
d��dS)N�
Definition�a�1�br"�test))rBrGr)�boolrIr)rBr"rrTr)rGrIr"))rBrG)rKrI)rBr")rBr)rKr)r"�add_section�setrD�assertSortedEqual)r$�optsr'r'r(�testConvert[s ��
�zConfigReaderTest.testConvertcCsztj�|jd�}|�dd�|�|�d�d�t�|d�t�|tj	�s\|�
|j�d��nddl
}t�d|�
���dS)Nzd.confrr!z0Skipping on %s -- access rights are not enforced)r.r/r2r!r<�assertEqualrE�chmod�access�R_OK�assertFalser"r?�platform�unittest�SkipTest)r$r;rVr'r'r(�testInaccessibleFilejsz%ConfigReaderTest.testInaccessibleFilecCsL|�|j�d��|�dd�|�|��d�|�dd�|�|��d�|�dd�|�|��d	�|�d
d�|�|��d	�|�dd
�|�|��d�|�dd�|�|��d�|�dd�|�|��d�|�d�|�d�|�|��d�|�d�|�|��d	�|�d�|�|��d�|�d
�|�|��d�dS)Nr"�c.confrHr�2rzc.d/98.confZ998i�zc.d/90.confZ990zc.d/99.confZ999i�zc.local�3�zc.d/1.local�4�i�)rUr"r?r<rQrEr@r#r'r'r(�testOptionalDotDDirws0




z$ConfigReaderTest.testOptionalDotDDircCs�|jdddd�|jdddd�|jdddd�|jddd	d�|jd
ddd�Gdd
�d
t�}|ddi�|_|j�|j�|�|j���|jjidd�|j��}|�	|�
d�d�|�	|�
d�d�|�	|�
d�d�dS)NrZzS
[INCLUDES]
before = ib.conf
after  = ia.conf
[Definition]
test = %(default/test)s
�r9r:zib.confz,
[DEFAULT]
test = A
[Definition]
option = 1
zib.localz,
[DEFAULT]
test = B
[Definition]
option = 2
zia.confz,
[DEFAULT]
test = C
[Definition]
oafter = 3
zia.localz,
[DEFAULT]
test = D
[Definition]
oafter = 4
c@s$eZdZddgddgddgd�ZdS)z?ConfigReaderTest.testLocalInIncludes.<locals>.TestDefConfReaderrBN�string)rC�oafterrJ)�__name__�
__module__�__qualname__Z_configOptsr'r'r'r(�TestDefConfReader�s�rgr"rCT)�allrrcr_rJ�D)r<rr"�
setBaseDirr!r>r?rD�getCombinedrQ�get)r$rg�or'r'r(�testLocalInIncludes�s
z$ConfigReaderTest.testLocalInIncludescCs�|�|j�d��|jdddd�|�|j�d��|�|j��ddg�|�|j�dd�d�|�|j�dd	�d
�|�|j�dd�d�|�|j�dd�d
�|�|j�dd�d�dS)N�izi.confzu
[DEFAULT]
b = a
zz = the%(__name__)s

[section]
y = 4%(b)s
e = 5${b}
z = %(__name__)s

[section2]
z = 3%(__name__)s
rarAZsection2�yZ4a�ez5${b}�z�zzZ
thesectionZ	3section2)rUr"r?r<r>rQ�sectionsrlr#r'r'r(�testInterpolations�s
z#ConfigReaderTest.testInterpolationscCsd|�|j�d��|jdddd�|�|j�d��|�|j�dd�d�|�|j�dd�d	�dS)
N�g�g.confz4
[DEFAULT]
# A comment
b = a
c = d ;in line comment
ra�DEFAULTrIrGr"r!)rUr"r?r<r>rQrlr#r'r'r(�testComments�s
zConfigReaderTest.testCommentscCs<|�|j�d��|jdddd�|�|j�d��|�|j�dd�d�|�|j�dd�d	�|�|j�d
d�d�|�|j�d
d�d�|�|j�d
d
�d�|�|j�d
d�d�|�|j�dd
�d�|�|j�dd�d�|�|j�dd
�d�|�|j�dd�d�|�t|jjdd�|�t|jjd
d�dS)Nrvrwz�
[DEFAULT]
a = def-a
b = def-b,a:`%(a)s`
c = def-c,b:"%(b)s"
d = def-d-b:"%(known/b)s"

[jail]
a = jail-a-%(test/a)s
b = jail-b-%(test/b)s
y = %(test/y)s

[test]
a = test-a-%(default/a)s
b = test-b-%(known/b)s
x = %(test/x)s
y = %(jail/y)s
rarJrGztest-a-def-arIztest-b-def-b,a:`test-a-def-a`�jailzjail-a-test-a-def-az+jail-b-test-b-def-b,a:`jail-a-test-a-def-a`r"z5def-c,b:"jail-b-test-b-def-b,a:`jail-a-test-a-def-a`"r!z'def-d-b:"def-b,a:`jail-a-test-a-def-a`"z'def-c,b:"test-b-def-b,a:`test-a-def-a`"z def-d-b:"def-b,a:`test-a-def-a`"rxzdef-c,b:"def-b,a:`def-a`"zdef-d-b:"def-b,a:`def-a`"�xrp)	rUr"r?r<r>rQrl�assertRaises�	Exceptionr#r'r'r(�testTargetedSectionOptions�sz+ConfigReaderTest.testTargetedSectionOptions)NN)r")rdrerfrr+r<r@rErPrYr`rnruryr~�
__classcell__r'r'r%r(r5s


0rcs�eZdZ�fdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zedd��Zdd �Z�ZS)!�JailReaderTestcstt|�j|i|��dS�N)rr��__init__�r$�args�kwargsr%r'r(r�	szJailReaderTest.__init__cCs�dD]�}|�td|f�ddg�|�td|f�ddg�|�td|f�ddg�|�td	|f�d
dg�|�td|f�ddg�|�td
|f�ddg�|�td|f�ddg�qdS)N)�
�	� za%sbrGrIz	a[x=y]%sbza[x=y]za[x=y][z=z]%sbza[x=y][z=z]za[x="y][z"]%sbza[x="y][z"]z
a[x="y z"]%sbz
a[x="y z"]z
a[x="y	z"]%sbz
a[x="y	z"]z
a[x="y
z"]%sbz
a[x="y
z"])rQr)r$r0r'r'r(�testSplitWithOptionssz#JailReaderTest.testSplitWithOptionscCs tdttd�}|�t|j�dS)NZXXXABSENTXXX�r�share_config)r	r�CONFIG_DIR_SHARE_CFGr|�
ValueErrorr?�r$rzr'r'r(�testIncorrectJailsz JailReaderTest.testIncorrectJailcCsPtdttd�}|�|���|�|���|�|���|�d�|�d�dS)N�emptyactionr�z"No filter set for jail emptyactionz'No actions were defined for emptyaction)r	�IMPERFECT_CONFIG�IMPERFECT_CONFIG_SHARE_CFGr>r?rD�	isEnabled�assertLoggedr�r'r'r(�testJailActionEmptys
z"JailReaderTest.testJailActionEmptycCsTtdttd�}|�|���|�|���|�|���|�dt�|�d�dS)NZmissingbitsjailr�zJFound no accessible config files for 'filter.d/catchallthebadies' under %szUnable to read the filter�	r	r�r�r>r?rUrDr�r�r�r'r'r(�testJailActionFilterMissing#sz*JailReaderTest.testJailActionFilterMissingcCsFtdttd�}|�|���|�|���|�|���|�d�dS)NZbrokenactiondefr�z$Invalid action definition 'joho[foo'r�r�r'r'r(�testJailActionBrokenDef+s�z&JailReaderTest.testJailActionBrokenDefcCsNtdttd�}|�|���|�|���|�|���|�|jdd�dS)N�
tz_correctr��logtimezone�UTC+0200)	r	r�r�r>r?rDr�rQ�optionsr�r'r'r(�testJailLogTimeZone3s�z"JailReaderTest.testJailLogTimeZonecCsFtdttd�}|�|���|�|���|�|���|�d�dS)NZbrokenfilterdefr�z$Invalid filter definition 'flt[test'r�r�r'r'r(�testJailFilterBrokenDef;s�z&JailReaderTest.testJailFilterBrokenDefcCsttjjdd�tdttd�}|�|���|�|���|�	|�
��|�|��d�|�
d�|�|��d�dS)NT�Zstock�sshdr�zssh-funky-blocker)rW�F2B�SkipIfCfgMissingr	rr�r>r?rDrUr�rQ�getName�setNamer�r'r'r(�testStockSSHJailCs
zJailReaderTest.testStockSSHJailcCs�tjjdd�tdttdd�}|�|���|�|���|�|�	��|�
�}|�gd�gdd�|D��|�gd�gd	d�|D��|�gd
�gdd�|D��|�gd��}d
}|D]8}|�
t|�dko�|d�d��|d7}||kr�q�q�dS)NTr��sshd-override-flt-opts�rr��force_enable)rMr��	prefregexz^TestcSs(g|] }t|�dkr|ddkr|�qS)rr���len��.0rmr'r'r(�
<listcomp>X�z>JailReaderTest.testOverrideFilterOptInJail.<locals>.<listcomp>)rMr��addjournalmatchz
_COMM=testcSs(g|] }t|�dkr|ddkr|�qS)rr�r�r�r'r'r(r�[r�)rMr��maxlinesrcSs(g|] }t|�dkr|ddkr|�qS)rr�r�r�r'r'r(r�^r�)rMr��usedns�norr�regexr)rWr�r�r	r�r�r>r?rDr��convertrQ�indexrUr��endswith)r$rz�streamZ	usednsidxrormr'r'r(�testOverrideFilterOptInJailMs.���� z*JailReaderTest.testOverrideFilterOptInJailc	Cs�tjjdd�dD]r}dD]h}td|��ttdd�}|�|���|�|�	��|�
�}|�d|��dd	|ggd
d�|D��qqdS)NTr�)rr)ZJRNLZFILE�TESTZINITZ
checklogtype_r�rM�addfailregexz^%s failure from <HOST>$cSs(g|] }t|�dkr|ddkr|�qS)rr�r�r�r'r'r(r�tr�z=JailReaderTest.testLogTypeOfBackendInJail.<locals>.<listcomp>)
rWr�r�r	�lowerr�r�r>r?rDr�rQr�)r$roZpreflinerzr�r'r'r(�testLogTypeOfBackendInJailgs��z)JailReaderTest.testLogTypeOfBackendInJailc
Csvd}dddif}t|�}|�||�|�diftd��|�dddd�ftd	��|�d
iftd
��|�ddd
iftd��|�dddiftd��|�ttd�|�ttd�|�ttd�|�ttd�|�ttd�d}dif}t|�}|�||�d}ddddddddd d!d"d"d#�f}t|�}|�||�t|�d
d$��}|d%td&d'�|d(��D��f}|�||�dS))Nzmail-whois[name=SSH]z
mail-whois�nameZSSHzmail.who_is�catZdog)rGrIzmail.who_is[a=cat,b=dog]zmail--ho_is�mailrG�,zmail[a=',']rIzmail[a=b, ]z	mail-how[z-mail[a="test with interim (wrong) "" quotes"]z-mail[a='test with interim (wrong) '' quotes']zmail[a='x, y, z', b=x, y, z]z	mail['s']zabc[]�abcz�option[opt01=abc,opt02="123",opt03="with=okay?",opt04="andwith,okay...",opt05="how about spaces",opt06="single'in'double",opt07='double"in"single',  opt08= leave some space, opt09=one for luck, opt10=, opt11=]rCZ123z
with=okay?zandwith,okay...zhow about spaceszsingle'in'doublezdouble"in"singlezleave some spacezone for luck�)Zopt01Zopt02Zopt03Zopt04Zopt05Zopt06Zopt07Zopt08Zopt09Zopt10Zopt11�][rcss"|]\}}||�dd�fVqdS)r�r�N)�replace)r��k�vr'r'r(�	<genexpr>�r�z1JailReaderTest.testSplitOption.<locals>.<genexpr>r)r
rQr|r�r��dict�items)r$rCZexpected�resultZ	expected2r'r'r(�testSplitOptionvsN�
�zJailReaderTest.testSplitOptioncCs�tddttd�}|�|���|�|���|�|jdd�|�|jdd�|�dd	�|j	D�gd
�ddddd
dgddgddgggggd�ddddd
dgddgddgddgggggd�ddddd
dgddgddggggg�dS)N�	multi-logT)r�rr�Zlogpathza.log
b.log
c.log�actionzeaction[actname='ban']
action[actname='log', logpath="a.log
b.log
c.log
d.log"]
action[actname='test']cSsg|]}|���qSr')r��r�rGr'r'r(r��r�z6JailReaderTest.testMultiLineOption.<locals>.<listcomp>)rMr��	addaction�ban�	multi-setr��	actionbanz4echo "name: ban, ban: <ip>, logs: a.log
b.log
c.log"�actnamer�)rMr�r��logr�z:echo "name: log, ban: <ip>, logs: a.log
b.log
c.log
d.log"za.log
b.log
c.log
d.log)rMr�r�rJrJz5echo "name: test, ban: <ip>, logs: a.log
b.log
c.log")
r	r�r�r>r?rDrQr�rN�_JailReader__actionsr�r'r'r(�testMultiLineOption�s,����z"JailReaderTest.testMultiLineOptionc	stjjdd�tddtd�}t�|d�|j��}t	d�|d<|�
|���|��}g}|D]^�t
��dkrnq\�dd	kr��dd
kr�|���q\�ddkr\|��fdd
��dD��q\dt}|�t
|�d�|�|dd	dddd
|g�|�|dd	dddd
|g�dS)NTr��
blocklisttest)r�rrz))rdr�)�filterr�)�	failregexz
^test <HOST>$)Zsenderzf2b-test@example.com)Zblocklist_de_apikeyztest-key)r�zX%(action_blocklist_de)s
mynetwatchman[port=1234,protocol=udp,agent="%(fail2ban_agent)s"]r_rrM�agentr�cs.g|]&}|ddkrdg�dd�|�qS)rr�rMrr_r'r���cmdr'r(r��r�z3JailReaderTest.testVersionAgent.<locals>.<listcomp>zFail2Ban/%srr�Zblocklist_derZ
mynetwatchman)rWr�r�r	rrr?Z_cfgZget_sectionsr�r>rDr�r��append�extendrrQ)r$rzrtr��actZ	useragentr'r�r(�testVersionAgent�s&
	zJailReaderTest.testVersionAgentcCs�tj�|d�}t|d���tj�|d�}t�d|�|�t�tj�|d��|g�|�t�|�g�|�	d|�|�t�tj�|d��g�dS)N�f1r-�f2Znonexisting�*z4File %s is a dangling link, thus cannot be monitored)
r.r/r2r5r7�symlinkrQr	Z_globr�)r$r!r�r�r'r'r(�testGlob�szJailReaderTest.testGlobcCsttid�}|�|��g�|�|�d��|�t|jdi�|�t|jd�|�t|j	dd�|�t|j
di�dS)N�r�rJ�any)rrQrtrU�has_sectionr|rZ
merge_sectionr�rlrD)r$r"r'r'r(�testCommonFunction�s
z!JailReaderTest.testCommonFunction)rdrerfr�r�r�r�r�r�r�r�r�r�r�r�r�r�rr�r�rr'r'r%r(r�s"
5!
r�c@sTeZdZdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
dd�ZdS)�FilterReaderTestcCs�gd�dddgd�ggd�gd�gd�gd	�g}tddi�}|�t�|��|�d�|�|��|�tddd
dittd�}|��|�d�d
|dd<|�|��|�dS)N)rM�
testcase01r�rr�r�r�)z�^\s*(?:\S+ )?(?:kernel: \[\d+\.\d+\] )?(?:@vserver_\S+ )?(?:(?:\[\d+\])?:\s+[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?|[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?(?:\[\d+\])?:)?\s*(?:error: PAM: )?Authentication failure for .* from <HOST>\s*$z�^\s*(?:\S+ )?(?:kernel: \[\d+\.\d+\] )?(?:@vserver_\S+ )?(?:(?:\[\d+\])?:\s+[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?|[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?(?:\[\d+\])?:)?\s*(?:error: PAM: )?User not known to the underlying authentication module for .* from <HOST>\s*$a^\s*(?:\S+ )?(?:kernel: \[\d+\.\d+\] )?(?:@vserver_\S+ )?(?:(?:\[\d+\])?:\s+[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?|[\[\(]?sshd(?:\(\S+\))?[\]\)]?:?(?:\[\d+\])?:)?\s*(?:error: PAM: )?User not known to the\nunderlying authentication.+$<SKIPLINES>^.+ module for .* from <HOST>\s*$)rMr�Zaddignoreregexz"^.+ john from host 192.168.1.1\s*$)rMr�r�z
_COMM=sshd�+z_SYSTEMD_UNIT=sshd.servicez_UID=0)rMr�r�zFIELD= with spaces r�zAFIELD= with + char and spaces)rMr�Zdatepatternz%Y %m %d %H:%M:%Sr��5�r�r�r���)rrj�TEST_FILES_DIRr?rDrNr��TEST_FILES_DIR_SHARE_CFG)r$�output�filterReaderr'r'r(rPs&�

�
zFilterReaderTest.testConvertcCsPtddddd�ttd�}|��|�d�|��}|�|dd�|�d�dS)Nr�z<test>�X)r�rJr�r�z6Wrong int value 'X' for 'maxlines'. Using default one:)rr�r�r?rDrkZassertNotEqualr��r$r�rOr'r'r(�testConvertOptions.s�
z#FilterReaderTest.testConvertOptionscCsFgd�g}tddittd�}|��|�d�|��}|�||�dS)N)rM�jailnamer�z to=sweet@example.com fromip=<IP>�substitutionr�r��rr�r�r?rDr�rN�r$r�r�r"r'r'r(�!testFilterReaderSubstitionDefault7s
�
z2FilterReaderTest.testFilterReaderSubstitionDefaultcCsBtddittd�}|��|�d�|��}|�d|dv�dS)NZ
testcase02r�r�r�r�)rr�r�r?rDrkr>r�r'r'r(�testFilterReaderSubstKnown@s�
z+FilterReaderTest.testFilterReaderSubstKnowncCsJgd�g}tddddittd�}|��|�d�|��}|�||�dS)N)rMr�r�zto=sour@example.com fromip=<IP>r�r��honeypotzsour@example.comr�r�r�r'r'r(�testFilterReaderSubstitionSetKs
�
z.FilterReaderTest.testFilterReaderSubstitionSetcCsRgd�g}td�\}}tdd|ttd�}|��|�d�|��}|�||�dS)N)rMr�r�z?^to=test,sweet@example.com,test2,sweet@example.com fromip=<IP>$zwsubstitution[failregex="^<known/failregex>$", honeypot="<sweet>,<known/honeypot>", sweet="test,<known/honeypot>,test2"]r�r�r��r
rr�r�r?rDr�rN�r$r��
filterName�	filterOptr�r"r'r'r(�testFilterReaderSubstitionKnownTs
��
z0FilterReaderTest.testFilterReaderSubstitionKnowncCsRgd�g}td�\}}tdd|ttd�}|��|�d�|��}|�||�dS)N)rMr�r�z)^\s*to=fail2ban@localhost fromip=<IP>\s*$zWsubstitution[failregex="^\s*<Definition/failregex>\s*$", honeypot="<default/honeypot>"]r�r�r�rrr'r'r(�!testFilterReaderSubstitionSection_s
��
z2FilterReaderTest.testFilterReaderSubstitionSectioncCsvtddddittd�}|��|�d�|�ttj|�tddddd�ttd�}|��|�d�|�ttj|�dS)Nr�r�r�z
<honeypot>r�z<sweet>)r�Zsweet)rr�r�r?rDr|r�r�)r$r�r'r'r(�testFilterReaderSubstitionFailjs�
�
z/FilterReaderTest.testFilterReaderSubstitionFailc
Cs�tj�tj�td��}ttj�|d�di�}|�|��tj�|d�tj�|d�g�z2|�d�|�	dd�|�	dd�|�	dd�Wn2t
y�}z|�d	|�WYd}~n
d}~00dS)
N�filter.dztestcase01.confr�ztestcase-common.confrFZ
__prefix_liner�Zignoreregexz)unexpected options after readexplicit: %s)r.r/�abspathr2r�rrQZreadexplicitrDrlr}�fail)r$Zpath_r�rqr'r'r(�testFilterReaderExplicitxs
�
z)FilterReaderTest.testFilterReaderExplicitN)rdrerfrPr�r�r�rrrrrr'r'r'r(r�s,			r�c@s*eZdZd	dd�Zdd�Zedd��ZdS)
�JailsReaderTestCacheFNcCsBt||d�}|�|�|��|��|��|�|�d��dS)N�r�r�)rrj�	readEarly�getEarlyOptions�readAllr>rD)r$rr�r��configuratorr'r'r(�_readWholeConf�s
z#JailsReaderTestCache._readWholeConfcCs4d}|���d�D]}t�d||�r|d7}q|S)Nrr�z^\s*Reading files?: .*/r)ZgetLog�rsplit�re�match)r$Z	filematch�cnt�sr'r'r(�_getLoggedReadCount�s

z(JailsReaderTestCache._getLoggedReadCountcCs
tj��tj}tjt_z�t�|�t�	t
|�t�t
d|d�t�t
d|d�t�}|j
||d�|�d�}|�|dkd|�|j
|d	|d
�|�d�}|�|dkd|�|�d
�}|�|dkd|�|�d�}|�|dkd|�W|t_n|t_0dS)Nz
/jail.confz/jail.localz/fail2ban.confz/fail2ban.localr�z
jail.localrz3Unexpected count by reading of jail files, cnt = %sTr
zjail\.localz:Unexpected count by second reading of jail files, cnt = %szfilter\.d/common\.confz5Unexpected count by reading of filter files, cnt = %szaction\.d/iptables\.confz5Unexpected count by reading of action files, cnt = %s)rWr�Z
SkipIfFastrZlogLevel�logging�DEBUGr)r*�copytreer�copyr�rrr>)r$rZsaved_llZ	share_cfgrr'r'r(�testTestJailConfCache�s(





z*JailsReaderTestCache.testTestJailConfCache)FN)rdrerfrrrrr'r'r'r(r�s

rcs|eZdZ�fdd�Zdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
edd��Zdd�Z
dd�Zedd��Z�ZS)�JailsReaderTestcstt|�j|i|��dSr�)rrr�r�r%r'r(r��szJailsReaderTest.__init__cCs(tj�d�s$tdd�}|�t|j�dS)Nz/XXXr)r.r/r3r
r|r�r?)r$�readerr'r'r(�testProvidingBadBasedir�s
z'JailsReaderTest.testProvidingBadBasedircCs*tttd�}|�|���|�|jdd��|�t|j	�|j	dd�}d|_
|�|gd�gd�dd	d
gd�gdd	ggd
�gd�gd�gd�gd�ddddddgddgddggggd�gd�gd�gd�ddgddgddgddggd�dd gd!d"gd!d#gd!d$gd!d%gg�|�d&�|�
d'�|�d(�dS))Nr�F)ZignoreWrongT�Zallow_no_files)�addr��auto)r"�test-known-interpr#r�r$r�)z*failure test 1 (filter.d/test.conf) <HOST>z+failure test 2 (filter.d/test.local) <HOST>z"failure test 3 (jail.local) <HOST>�start)r"�missinglogfilesr#)rMr&r��<IP>)r"�brokenactionr#)rMr(r�r')rMr(r�r(r(r�r�zhit with big stick <ip>r�r�)r"�parse_to_end_of_jail.confr#)rMr)r�r')rMr�r�r')rMr�r�r�r�r&r))r"r�r#r�zconfig-errorz~Jail 'brokenactiondef' skipped, because of wrong configuration: Invalid action definition 'joho[foo': unexpected option syntaxz~Jail 'brokenfilterdef' skipped, because of wrong configuration: Invalid filter definition 'flt[test': unexpected option syntaxzoJail 'missingaction' skipped, because of wrong configuration: Unable to read action 'noactionfileforthisaction'zmJail 'missingbitsjail' skipped, because of wrong configuration: Unable to read the filter 'catchallthebadies'z!Errors in jail 'missingbitsjail'.zSkipping...z6No file(s) found for glob /weapons/of/mass/destruction)r
r�r�r>r?rUrDr|r�r��maxDiffrNr�ZassertNotLogged)r$�jails�
comm_commandsr'r'r(�testReadTestJailConf�s`�������&

z$JailsReaderTest.testReadTestJailConfcCsFtjjdd�t�tj�tdd��D�]}tj�|��	dd�}t
|ditd�}|�|���z|�
i�Wn>ty�}z&|�d	|t|�j|f�WYd}~n
d}~00|�d
�s$|jd|��d|d
�|j|j�dd���d|d
�|jtjtd�Bd�}|j|�d�dd|d
�|dvr$|jd|�dd�d|d
�q$dS)NTr��action.d�*.confz.confr�r�rzaction %r
%s: %sz-commonrFz.Action file %r is lacking [Definition] section��msgr�z#Action file %r is lacking actionban)�timeout�bantime)�ignorer�z5Action file %r does not contains jail-name 'f2b-TEST')�pfziptables-allports�iptables-multiportzf2b-TESTZactionstartzSAction file %r: interpolation of actionstart does not contains jail-name 'f2b-TEST')rWr�r��globr.r/r2r�basenamer�rr>r?rDr}r
�typerdr��assertInrt�_optsrl�striprkrZ_escapedTagsrMrQ)r$ZactionConfigZ
actionName�actionReaderrqrOr'r'r(�testReadStockActionConf�s40
�����z'JailsReaderTest.testReadStockActionConfc	Cs�tjjdd�tttd�}|�|���|�|���|�	�}|�
|g�t�}|��D�]L}|dkrhqX|�
|d�}t|�\}}|�|�|�t|��t|||ttd�}|�|��d|�|�i�|�|j�
dd	����|�
|d
�}|�t|����t|�D]�}	t|	�\}
}|�t|
��|�t|t��|
dk�rJ|�d|�t|
|ittd�}|�|���|�i�|�	�}
|�t|
��|�|j�
d
d	�����qqXdS)NTr�r�ZINCLUDESr�r�zFailed to read filter:r�r�r�r6�portr�)rWr�r�r
rr�r>r?rDr�rQrMrtrlr
r"r�rr;r<r�
isinstancer�r:r)r$r+r,Z
allFiltersrzrrr��actionsr�ZactNameZactOptr=Zcmdsr'r'r(�testReadStockJailConfsH
�

�
z%JailsReaderTest.testReadStockJailConfc	Cs�tjjdd�ttdtd�}|�|���|�|���t	dd�t
�
tj�
ddd��D��}t	d	d�|jD��}d|_|�|�|�d
|�|��|�|�|�d|�|��dS)NTr��rr�r�css>|]6}|�d�s|�d�stj�tj�|�d�dVqdS)zcommon.confz-aggressive.confrrN)r�r.r/�splitext�splitr�r'r'r(r�_s�zBJailsReaderTest.testReadStockJailFilterComplete.<locals>.<genexpr>rrr/css |]}t|jd�dVqdS)r�rN)r
r�)r�rzr'r'r(r�csz=More filters exists than are referenced in stock jail.conf %rz2Stock jail.conf references non-existent filters %r)rWr�r�r
rr�r>r?rDrMr7r.r/r2r+r*�issubset�
difference)r$r+�filtersZfilters_jailr'r'r(�testReadStockJailFilterCompleteYs"����z/JailsReaderTest.testReadStockJailFilterCompletecCs(tjjdd�ttdtd�}|�|���|�|���|j	dd�}|�t
|��|D]@}t
|�dkrV|d|dgdd	gkrV|�t�|d�dk�qVd
D]B}|�
d|gdd
�|D��|�
d|ddg|�|�
d|g|�q�|�|ddd�|jD�]&}|j}|��}|jt
|�d|d�|D]�}|�	�}|��}	dt|�v�r(|�
d|j�d}
|d|	g}|D]�}t
|�dk�r�|ddk�r�|dd�|k�r�ddd�|dD�v}
n@t
|�dk�r�|ddk�r�|dd�|k�r�|ddk�r�d}
|
�rj�q�qj|j|
d|t|�fd��q(q�dS)NTr�rCr!r]rrrMr3)r�Zrecidiver"css2|]*}t|�dkr|ddkr|dd�VqdS)r]rr"Nrr��r�r�r'r'r(r��r�zDJailsReaderTest.testReadStockJailConfForceEnabled.<locals>.<genexpr>r��warnr%r�zNo actions found for jail %sr0z<blocktype>Z	blocktypeFr�r_r�rcSsg|]}|d�qS)rr'rJr'r'r(r��r�zEJailsReaderTest.testReadStockJailConfForceEnabled.<locals>.<listcomp>r�zFound no %s command among %s)rWr�r�r
rr�r>r?rDr�r�rZstr2secondsr:rQZ_JailsReader__jailsr�r��strZ	_initOpts)r$r+r,�command�jrAZ	jail_namer��commandsZaction_nameZblocktype_presentZtarget_commandr'r'r(�!testReadStockJailConfForceEnabledls`$
�
�
��
�

��z1JailsReaderTest.testReadStockJailConfForceEnabledcsHtjjdd�t�}|�t�|�|��t�|��|�	�}|�|dd�|�|dd�|�
�|��|��|�
���fdd�}|�|d	�|d
�ko�|d�kn�|�|d�|d
�k�|�|d�|d
�k�|��gd�gd�gd�gd�gd�gd�gd�g�|j�d�|�|j��d�|�|��t�dS)NTr��socketz/var/run/fail2ban/fail2ban.sockZpidfilez/var/run/fail2ban/fail2ban.pidcsFt��D](\}}|ddkr|d|kr|Sqtd|�f��dS)NrrMrz/Did not find command 'set %s' among commands %s)�	enumerater�)rCrorq�rOr'r(�find_set�s
�z7JailsReaderTest.testStockConfigurator.<locals>.find_set�syslogsocket�loglevel�	logtarget�
dbpurgeage�dbfile�dbmaxmatches)rMrUr#)rMrV�INFO)rMrWz/var/log/fail2ban.log)rMZ	allowipv6r#)rMrYz"/var/lib/fail2ban/fail2ban.sqlite3)rMrZ�
)rMrXZ1dz/tmp)rWr�r�rrjrrQZ
getBaseDirrrrrDZconvertToProtocolZgetConfigStreamr>rNZ_Configurator__jails)r$rrOrTr'rSr(�testStockConfigurator�s<
"��
z%JailsReaderTest.testStockConfiguratorcCs�t�tj�|d��t�tj�|d��ttj�|dd�d���ttj�|dd�d���ttj�|d�d�}|�d�|��t|id�}|�|�	��|�|�
��|jd	d
�}dd�|D�}|�t
td
d�|D���d�|�|ddd�dS)Nrr.ztestaction1.confr-ztestfilter1.conf�	jail.confz�
[testjail1]
enabled = true
action = testaction1[actname=test1]
         testaction1[actname=test2]
         testaction.py
         testaction.py[actname=test3]
filter = testfilter1
r�Tr!cSs,g|]$}|dd�gd�kr|dd��qS)Nr])rMZ	testjail1r�r')r�Zcommr'r'r(r��s�z:JailsReaderTest.testMultipleSameAction.<locals>.<listcomp>css|]}|dVqdS)rNr')r�r�r'r'r(r��r�z9JailsReaderTest.testMultipleSameAction.<locals>.<genexpr>r_r�z{})r.�mkdirr/r2r5r7r6r
r>r?rDr�rQr�rM)r$r�jailfdr+r,Zadd_actionsr'r'r(�testMultipleSameAction�s
	z&JailsReaderTest.testMultipleSameActioncCs|jtd|jdd�dS)Nz'Have not found any log file for .* jailZpolling��backend)ZassertRaisesRegexr��_testLogPathr#r'r'r(�testLogPathFileFilterBackend�s�z,JailsReaderTest.testLogPathFileFilterBackendc
Cs\zddlm}Wn.ty>}zt�d��WYd}~n
d}~00|jdd�|jdd�dS)Nr)�
FilterSystemdz&systemd python interface not availableZsystemdrbzsystemd[journalflags=2])Zserver.filtersystemdrfr}rWrXrd)r$rfrqr'r'r(�testLogPathSystemdBackends z)JailsReaderTest.testLogPathSystemdBackendcCs`ttj�|d�d�}|�d||f�|��t|d�}|�|���|�|�	��|�
�dS)Nr^r-z�
[testjail1]
enabled = true
backend = %s
logpath = %s/not/exist.log
          /this/path/should/not/exist.log
action = 
filter = 
failregex = test <HOST>
r)r5r.r/r2r6r7r
r>r?rDr�)r$rrcr`r+r'r'r(rd	s	�

zJailsReaderTest._testLogPath)rdrerfr�r r-r>rBrIrPr]rrarergrdrr'r'r%r(r�s1??4
r)6�
__author__�
__copyright__�__license__r7rr.rr)rrWZclient.configreaderrrrr�clientrZclient.jailreaderr	r
rZclient.filterreaderrZclient.jailsreaderr
Zclient.actionreaderrrZclient.configuratorrZ
server.mytimerr�utilsrrr/r2r1�__file__r�r�rr�r�r�r�r�ZTestCaserr�r�rrr'r'r'r(�<module>sBSz:
@ Telegram