added dns rebinding runtime test

master
Kevin Froman 2020-04-03 23:34:23 -05:00
parent 39d0be32ac
commit d47c546620
3 changed files with 50 additions and 2 deletions

View File

@ -16,6 +16,7 @@ from .clearnettor import test_clearnet_tor_request
from .housekeeping import test_inserted_housekeeping from .housekeeping import test_inserted_housekeeping
from .lanservertest import test_lan_server from .lanservertest import test_lan_server
from .sneakernettest import test_sneakernet_import from .sneakernettest import test_sneakernet_import
from .dnsrebindingtest import test_dns_rebinding
""" """
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -41,7 +42,8 @@ RUN_TESTS = [uicheck.check_ui,
test_clearnet_tor_request, test_clearnet_tor_request,
test_inserted_housekeeping, test_inserted_housekeeping,
test_lan_server, test_lan_server,
sneakernettest.test_sneakernet_import sneakernettest.test_sneakernet_import,
test_dns_rebinding
] ]
SUCCESS_FILE = os.path.dirname(os.path.realpath(__file__)) + '/../../tests/runtime-result.txt' SUCCESS_FILE = os.path.dirname(os.path.realpath(__file__)) + '/../../tests/runtime-result.txt'

View File

@ -0,0 +1,46 @@
"""Onionr - Private P2P Communication.
Test apis for dns rebinding
"""
import config
import requests
from filepaths import private_API_host_file, public_API_host_file
import logger
"""
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
"""
def test_dns_rebinding(test_manager):
f = ''
with open(private_API_host_file, 'r') as f:
host = f.read()
private_api_port = config.get('client.client.port')
if requests.get(f'http://{host}:{private_api_port}/ping', headers={'host': 'example.com'}) == 'pong!':
raise ValueError('DNS rebinding failed')
logger.info('It is normal to see 403 errors right now', terminal=True)
if config.get('general.security_level', 0) > 0 or not config.get('transports.tor', True):
return
public_api_port = config.get('client.public.port')
f = ''
with open(public_API_host_file, 'r') as f:
host = f.read()
if requests.get(f'http://{host}:{public_api_port}/ping', headers={'host': 'example.com'}) == 'pong!':
raise ValueError('DNS rebinding failed')
logger.info('It is normal to see 403 errors right now', terminal=True)

View File

@ -1 +1 @@
1585902463 1585974430