From 452ec2c18a01cd90d684a122fe7217bd0a597036 Mon Sep 17 00:00:00 2001 From: Roland Hedberg Date: Thu, 29 Aug 2013 14:13:31 +0200 Subject: [PATCH] Changed so there is a default ca bundle and then another can be chosen. Not verifying is not the default anymore it has to specified with a command argument (-i or --insecure). --- setup.py | 2 +- src/idp_test/__init__.py | 11 +++++++++-- src/sp_test/__init__.py | 35 +++++++++++++++++++++++------------ 3 files changed, 33 insertions(+), 15 deletions(-) diff --git a/setup.py b/setup.py index 209450a..be53239 100644 --- a/setup.py +++ b/setup.py @@ -21,7 +21,7 @@ __author__ = 'rohe0002' setup( name="saml2test", - version="0.4.2", + version="0.4.3", description="SAML2 test tool", author = "Roland Hedberg", author_email = "roland.hedberg@adm.umu.se", diff --git a/src/idp_test/__init__.py b/src/idp_test/__init__.py index 1c51a45..adcd729 100644 --- a/src/idp_test/__init__.py +++ b/src/idp_test/__init__.py @@ -105,7 +105,7 @@ class SAML2client(object): self._parser.add_argument('-L', dest='log', action='store_true', help="Print log information") self._parser.add_argument( - '-C', dest="ca_certs", + '-C', dest="ยง", help=("CA certs to use to verify HTTPS server certificates, ", "if HTTPS is used and no server CA certs are defined then ", "no cert verification will be done")) @@ -131,6 +131,7 @@ class SAML2client(object): self._parser.add_argument("-Y", dest="pysamllog", action='store_true', help="Print PySAML2 logs") self._parser.add_argument("-H", dest="pretty", action='store_true') + self._parser.add_argument("-i", dest="insecure", action='store_true') self._parser.add_argument("oper", nargs="?", help="Which test to run") self.interactions = None @@ -170,8 +171,14 @@ class SAML2client(object): break self.sp_config = SPConfig().load(mod.CONFIG, metadata_construction) - if not self.args.ca_certs: + + if not self.args.insecure: self.sp_config.verify_ssl_cert = False + else: + if self.args.ca_certs: + self.sp_config.ca_certs = self.args.ca_certs + else: + self.sp_config.ca_certs = "../keys/cacert.pem" def setup(self): self.json_config = self.json_config_file() diff --git a/src/sp_test/__init__.py b/src/sp_test/__init__.py index 8ded0d3..c7839be 100644 --- a/src/sp_test/__init__.py +++ b/src/sp_test/__init__.py @@ -23,7 +23,8 @@ from saml2test import exception_trace __author__ = 'rolandh' #formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s") -formatter_2 = logging.Formatter("%(delta).6f - %(levelname)s - [%(name)s] %(message)s") +formatter_2 = logging.Formatter( + "%(delta).6f - %(levelname)s - [%(name)s] %(message)s") cf = ContextFilter() cf.start() @@ -31,7 +32,7 @@ cf.start() streamhandler = logging.StreamHandler(sys.stderr) streamhandler.setFormatter(formatter_2) -memoryhandler = logging.handlers.MemoryHandler(1024*10, logging.DEBUG) +memoryhandler = logging.handlers.MemoryHandler(1024 * 10, logging.DEBUG) memoryhandler.addFilter(cf) logger = logging.getLogger(__name__) @@ -39,40 +40,41 @@ logger.setLevel(logging.DEBUG) logger.addHandler(memoryhandler) logger.setLevel(logging.DEBUG) -class Client(object): +class Client(object): def __init__(self, operations, check_factory): self.operations = operations self.tests = None self.check_factory = check_factory self._parser = argparse.ArgumentParser() - self._parser.add_argument('-d', dest='debug', action='store_true', - help="Print debug information") - self._parser.add_argument('-v', dest='verbose', action='store_true', - help="Print runtime information") + self._parser.add_argument("-c", dest="config", default="config", + help="Configuration file for the IdP") self._parser.add_argument( '-C', dest="ca_certs", help=("CA certs to use to verify HTTPS server certificates, ", "if HTTPS is used and no server CA certs are defined then ", "no cert verification will be done")) + self._parser.add_argument('-d', dest='debug', action='store_true', + help="Print debug information") + self._parser.add_argument("-H", dest="pretty", action='store_true') + self._parser.add_argument("-i", dest="insecure", action='store_true') self._parser.add_argument('-J', dest="json_config_file", help="Script configuration") - self._parser.add_argument('-m', dest="metadata", action='store_true', - help="Return the IdP metadata") self._parser.add_argument( "-l", dest="list", action="store_true", help="List all the test flows as a JSON object") - self._parser.add_argument("-c", dest="config", default="config", - help="Configuration file for the IdP") + self._parser.add_argument('-m', dest="metadata", action='store_true', + help="Return the IdP metadata") self._parser.add_argument( "-P", dest="configpath", default=".", help="Path to the configuration file for the IdP") self._parser.add_argument("-t", dest="testpackage", help="Module describing tests") + self._parser.add_argument('-v', dest='verbose', action='store_true', + help="Print runtime information") self._parser.add_argument("-Y", dest="pysamllog", action='store_true', help="Print PySAML2 logs") - self._parser.add_argument("-H", dest="pretty", action='store_true') self._parser.add_argument("oper", nargs="?", help="Which test to run") self.interactions = None @@ -92,6 +94,15 @@ class Client(object): sys.path.insert(0, self.args.configpath) mod = import_module(self.args.config) self.idp_config = IdPConfig().load(mod.CONFIG, metadata_construction) + + if not self.args.insecure: + self.idp_config.verify_ssl_cert = False + else: + if self.args.ca_certs: + self.idp_config.ca_certs = self.args.ca_certs + else: + self.idp_config.ca_certs = "../keys/cacert.pem" + self.idp = Server(config=self.idp_config) def test_summation(self, sid):