mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-25 14:20:18 +00:00
ecde222512
* Fix handling of wildcard help text * Rewrite help text for better handling of params * Replace misleading letter variable * stash changes on branch switch, else it fails if any changes have been made. * Make changes according to comment in #1384 * Update queryFunc() * Allow scanList() to search files using a wildcard by removing quotes wrapped around `${list}` * scanList() will not provide a domain ouput on each string if exact is specified (`grep -l`) * Remove unused processWildcards() function * Return a message if no domain is specified * IDN domains are converted to punycode when running a `pihole -q` search if the `python` package is available, otherwise will revert to current behaviour * Scan Blacklist & Wildcards first, exiting from search if a match is found (Fixes #1330) * Use one `grep` subshell to search for all "*.domains" lists at once (opposed to looping to get every matching file name, and then spawning a `grep` instance for every matching file) * queryFunc() will not return "(0 results)" output from files where no match is found * Sort results based off list number * Return a message if no results are found * Update basic-install.sh * Update block page. Allow for setupVars setting of CUSTOMBLOCKPAGE (bool) to prevent it being overwritten * simplify * further simplify * fix inteliJ IDEA complaints * even further simplify * tidy up output * revert line, looks tidyer * clarify * Revert "Ensure any changes to blocking page are updated." * We test for dpkg lock on line 830 directly, no need for the check also in the template section. Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net> * Display FTL version & version.sh rewrite While testing to make sure `pihole -v` would output `pihole-FTL version`, I noticed some options didn't work how I expected them to. For example, if I use `pihole -v -p`, I would expect to see the version output of Pi-hole Core. Instead, I'm informed that it's an invalid option. I've had the following things in mind while rewriting this: * I'm operating under the assumption that FTL is only installed if the Admin Console is (Line 113 exit 0) * I have modified the help text to only output with `pihole -v --help` * I have modified all output to be more similar to the output style of `grep` and `curl` (Ditching ":::") Testing output: ``` w3k@MCT:~$ pihole -v Pi-hole version is v3.0.1-14-ga928cd3 (Latest: v3.0.1) Admin Console version is v3.0-9-g3760482 (Latest: v3.0.1) FTL version is v2.6.2 (Latest: v2.6.2) w3k@MCT:~$ pihole -v -c Current Pi-hole version is v3.0.1-14-ga928cd3 Current Admin Console version is v3.0-9-g3760482 Current FTL version is v2.6.2 w3k@MCT:~$ pihole -v -l Latest Pi-hole version is v3.0.1 Latest Admin Console version is v3.0.1 Latest FTL version is v2.6.2 w3k@MCT:~$ pihole -v -p --hash Current Pi-hole hash isa928cd3
w3k@MCT:~$ pihole -v -a --hash Current Admin Console hash is 3760482 w3k@MCT:~$ pihole -v --help Usage: pihole -v [REPO | OPTION] [OPTION] Show Pi-hole, Web Admin & FTL versions <Shows all Repositories and Options> w3k@MCT:~$ pihole -v -foo Invalid Option! ``` * Update -h to work as --hash Also provide error output as per https://github.com/pi-hole/pi-hole/pull/1447#issuecomment-300600093 * Perform EXACT searches on HOSTS lists correctly `\s` on the end may be overkill, but it is the existing scanList() behaviour. * Fixed indentation * Minimise string duplication & other minor changes Instead of duplicating output strings, rewrite core/web/ftlOutput() into one neat versionOutput(). * Modified syntax to be valid for Shellcheck * Log and echo gateway responses * Update queryFunc() to search Whitelist If there is a match in Whitelist/Blacklist/Wildcards, `[ ! -t 1 ]` will cause the search to end if the terminal is closed when the script is called. This has the intended effect of allowing a user to search for a W/B/W domain (as well as all the adlists it's found in) using `pihole -q` via Terminal, but the script will stop searching after a W/B/W match when called by the block page. * Wrap in double brackets * Provide remote hashes for version.sh * Provide remote hashes for comparison * Use double braces for all conditions (for consistency) * Suppress potential "cd" error output * Provide "not applicable" output upon any hash request for FTL * whitelist on website blocked doesnt work (#1452) Since Pi-hole redirects ad domains to itself, accessing the script via de.ign.com is the same as pi.hole in this case. The fix should be as simple as adding a / before admin on this line. * Solve piholeLogFlush.sh having to be issued 2 x to clear logs (#1460) Simplified the command -v syntax, and added a sleep 3 timer to the first execution of the log rotation. The second execution was being issued while the first was still running, thus it would fail and you would have to issue the "Flush Logs" command a second time. * Use `echo "ABC" | pihole tricorder` to upload to Pi-hole's medical tricorder. Uses SSL if available. * Update list.sh I believe this has feature parity with `sed /foo/ Id` but also supports busybox, and my alpine docker ;) * Document `sed` substitution for user readability Comment the oneliner with explanations of what each step does. * Update Help Output (#1467) * File consistency * Tabs to 2 spaces * Corrected indenting * Double braced conditionals * Quoted variables within conditionals * Standardise core help text * Added help text for disable command * Added help text for logging command * Clean up * Fixed certain new lines and spaces * Sync with development branch * Formatting consistency * Tabs to 2 spaces * Corrected indenting * Double braced conditionals * Quoted variables within conditionals * Fixed certain newlines and spaces * Admin help text * Added help text for interface command * Sync with development branch * Formatting consistency * Tabs to 2 spaces * Fixed some wording * Fixed certain spaces * Formatting consistency * Minor wording changes * Tabs to 2 spaces * Corrected indenting * Double braced conditionals * Quoted variables within conditionals * Fixed certain newlines and spaces * Blacklist help text * Formatting consistency * Tabs to 2 spaces * Corrected indenting * Cronometer help text * Formatting consistency * Fixed certain newlines and spaces * Corrected indenting * Checkout warning alteration * Add checkout help text * Corrected help output * Show help for "pihole -a -i --help" * Fix "pihole disable --help" and "pihole -l --help" * Show help for "pihole -v -h" * Indent output text * Minor help text change * Show help for "pihole checkout --help" * Tricorder: Insecure Opt-out * Check to see if Tricorder is being called directly * Provide opt-out for insecure transmission of debug log * Remove mention of internal function from help menu * 🌮 is the new :shipit: squirrel * Wording changes and bug fix * Fix wildcard help text * -wild is not a valid option since we're already using -wild * Fix logrotation: manual flushing should be done twice, but automated rotation at midnight should only be done *once*! * Print echos only when manual flushing is requested * Add "quiet" mode + update comments in the cron file * Confirm Tricorder is online * Scan port 9998 to confirm the availability of "tricorder.pi-hole.net" * Exit codes for upload process * Formatting consistency * Add link to Windows DNS Swapper See #1400 * Install loopback firewall rules for FTL (#1419) * Install loopback firewall rules for FTL * FirewallD FTL ports Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net> * Remove firewallD FTL local rules. Local rules should not be blocked in firewallD, not requred for internal service FTD> * Reinstate https rules, and delete FTL rules Fixes earlier commit. * Retrieve local repos on repair (#1481) * Retrieve local repos on repair * Change conditional to check for repair * Change wording of Update/Reconfigure message * Fixed indenting * Perform "git reset --hard" on reconfigure * Change directory before trying to reset repository. Fixes #1489 * No need to `cd $PWD` as it doesn't affect flow of caller script. Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net> * Refine output of password status in basic-install.sh:displayFinalMessage(). Fixes #1488 (#1490) * Rewrite Chronometer to output more stats * Fix output IPv4 addr when removing CIDR notation (#1498) * Move wildcards file if blocking is disabled (#1495) * Move wildcards file if blocking is diabled * Delete newline * Roll back merge #1417 (#1494) * Update ISSUE_TEMPLATE.md * Remove Question option * Prefer ULA over GUA addresses [IPv6] (#1508) * On installs with GUA and ULA's we should prefer ULA's as it's been demonstrated that GUA's can and often are rotated by ISPs. Fixes #1473 * Add test for link-local address detection * Add ULA-only and GUA-only tests * Add test_IPv6_GUA_ULA_test and test_IPv6_ULA_GUA_test * Add "" * Add mock_command_2 command that can mock a command with more than one argument (as "ip -6 address") and result multiple lines of results * Make mock_command_2 more similar to the original mock_command * Correct comments * Fixed remaining comments * Fixed one last comment... * Fixed a comment... * Add weekly logrotation of FTL's log (#1509) * Update LICENSE of the project to EUPL v1.2 * Make clear that NO is the default if the user just hits return (#1514) * Add tricorderFunc back as usable function (#1515) As per #1464 * Don't update FTL when there is a core update (as this will update FTL a second time). Fixes #1516 * Add FTL tests to the test suite (#1510) * Add first version of FTL tests * Wait one second to allow FTL to start up and analyze our mock log * Add test_FTL_telnet_statistics * Added test_FTL_telnet_top_clients * Add test_FTL_telnet_top_domains * Revert "Add FTL tests to the test suite (#1510)" (#1519) This reverts commitcf6a1ac9ad
. * Trim version output when update is successful (#1527) * Change ownership of /etc/pihole to user/group pihole. Fixes #1529 (#1530) * Delete temporary files after installing the FTL binary. Fixes #1525 * Change from admin to approvers teams * Introduce new file black.list for blacklist content * Add "pihole -g -b" to *only* update black.list (saves a bunch of time when adding/changing only blacklisted files - won'tdownload lal lists, but only processes the blacklist and restars dnsmasq) * Remove useless cat * Improve displayed messages and overall logic * Disable black.list on "pihole disable" * cp + rm === mv (well, almost)
506 lines
22 KiB
Python
506 lines
22 KiB
Python
import pytest
|
|
from textwrap import dedent
|
|
|
|
SETUPVARS = {
|
|
'PIHOLE_INTERFACE' : 'eth99',
|
|
'IPV4_ADDRESS' : '1.1.1.1',
|
|
'IPV6_ADDRESS' : 'FE80::240:D0FF:FE48:4672',
|
|
'PIHOLE_DNS_1' : '4.2.2.1',
|
|
'PIHOLE_DNS_2' : '4.2.2.2'
|
|
}
|
|
|
|
def test_setupVars_are_sourced_to_global_scope(Pihole):
|
|
''' currently update_dialogs sources setupVars with a dot,
|
|
then various other functions use the variables.
|
|
This confirms the sourced variables are in scope between functions '''
|
|
setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
|
|
for k,v in SETUPVARS.iteritems():
|
|
setup_var_file += "{}={}\n".format(k, v)
|
|
setup_var_file += "EOF\n"
|
|
Pihole.run(setup_var_file)
|
|
|
|
script = dedent('''\
|
|
set -e
|
|
printSetupVars() {
|
|
# Currently debug test function only
|
|
echo "Outputting sourced variables"
|
|
echo "PIHOLE_INTERFACE=${PIHOLE_INTERFACE}"
|
|
echo "IPV4_ADDRESS=${IPV4_ADDRESS}"
|
|
echo "IPV6_ADDRESS=${IPV6_ADDRESS}"
|
|
echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
|
|
echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
|
|
}
|
|
update_dialogs() {
|
|
. /etc/pihole/setupVars.conf
|
|
}
|
|
update_dialogs
|
|
printSetupVars
|
|
''')
|
|
|
|
output = run_script(Pihole, script).stdout
|
|
|
|
for k,v in SETUPVARS.iteritems():
|
|
assert "{}={}".format(k, v) in output
|
|
|
|
def test_setupVars_saved_to_file(Pihole):
|
|
''' confirm saved settings are written to a file for future updates to re-use '''
|
|
set_setup_vars = '\n' # dedent works better with this and padding matching script below
|
|
for k,v in SETUPVARS.iteritems():
|
|
set_setup_vars += " {}={}\n".format(k, v)
|
|
Pihole.run(set_setup_vars).stdout
|
|
|
|
script = dedent('''\
|
|
set -e
|
|
echo start
|
|
TERM=xterm
|
|
source /opt/pihole/basic-install.sh
|
|
{}
|
|
finalExports
|
|
cat /etc/pihole/setupVars.conf
|
|
'''.format(set_setup_vars))
|
|
|
|
output = run_script(Pihole, script).stdout
|
|
|
|
for k,v in SETUPVARS.iteritems():
|
|
assert "{}={}".format(k, v) in output
|
|
|
|
def test_configureFirewall_firewalld_running_no_errors(Pihole):
|
|
''' confirms firewalld rules are applied when firewallD is running '''
|
|
# firewallD returns 'running' as status
|
|
mock_command('firewall-cmd', {'*':('running', 0)}, Pihole)
|
|
# Whiptail dialog returns Ok for user prompt
|
|
mock_command('whiptail', {'*':('', 0)}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Configuring FirewallD for httpd and dnsmasq.'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout
|
|
assert 'firewall-cmd --state' in firewall_calls
|
|
assert 'firewall-cmd --permanent --add-service=http --add-service=dns' in firewall_calls
|
|
assert 'firewall-cmd --reload' in firewall_calls
|
|
|
|
def test_configureFirewall_firewalld_disabled_no_errors(Pihole):
|
|
''' confirms firewalld rules are not applied when firewallD is not running '''
|
|
# firewallD returns non-running status
|
|
mock_command('firewall-cmd', {'*':('not running', '1')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'No active firewall detected.. skipping firewall configuration.'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole):
|
|
''' confirms firewalld rules are not applied when firewallD is running, user declines ruleset '''
|
|
# firewallD returns running status
|
|
mock_command('firewall-cmd', {'*':('running', 0)}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*':('', 1)}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Not installing firewall rulesets.'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
def test_configureFirewall_no_firewall(Pihole):
|
|
''' confirms firewall skipped no daemon is running '''
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'No active firewall detected'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole):
|
|
''' confirms IPTables rules are not applied when IPTables is running, user declines ruleset '''
|
|
# iptables command exists
|
|
mock_command('iptables', {'*':('', '0')}, Pihole)
|
|
# modinfo returns always true (ip_tables module check)
|
|
mock_command('modinfo', {'*':('', '0')}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*':('', '1')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Not installing firewall rulesets.'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole):
|
|
''' confirms IPTables rules are not applied when IPTables is running and rules exist '''
|
|
# iptables command exists and returns 0 on calls (should return 0 on iptables -C)
|
|
mock_command('iptables', {'-S':('-P INPUT DENY', '0')}, Pihole)
|
|
# modinfo returns always true (ip_tables module check)
|
|
mock_command('modinfo', {'*':('', '0')}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*':('', '0')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Installing new IPTables firewall rulesets'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
firewall_calls = Pihole.run('cat /var/log/iptables').stdout
|
|
assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' not in firewall_calls
|
|
assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' not in firewall_calls
|
|
assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' not in firewall_calls
|
|
|
|
def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole):
|
|
''' confirms IPTables rules are applied when IPTables is running and rules do not exist '''
|
|
# iptables command and returns 0 on calls (should return 1 on iptables -C)
|
|
mock_command('iptables', {'-S':('-P INPUT DENY', '0'), '-C':('', 1), '-I':('', 0)}, Pihole)
|
|
# modinfo returns always true (ip_tables module check)
|
|
mock_command('modinfo', {'*':('', '0')}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*':('', '0')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Installing new IPTables firewall rulesets'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
firewall_calls = Pihole.run('cat /var/log/iptables').stdout
|
|
assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' in firewall_calls
|
|
assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' in firewall_calls
|
|
assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' in firewall_calls
|
|
|
|
def test_installPiholeWeb_fresh_install_no_errors(Pihole):
|
|
''' confirms all web page assets from Core repo are installed on a fresh build '''
|
|
installWeb = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
installPiholeWeb
|
|
''')
|
|
assert 'Installing pihole custom index page...' in installWeb.stdout
|
|
assert 'No default index.lighttpd.html file found... not backing up' in installWeb.stdout
|
|
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
|
assert 'index.php' in web_directory
|
|
assert 'index.js' in web_directory
|
|
assert 'blockingpage.css' in web_directory
|
|
|
|
def test_installPiholeWeb_empty_directory_no_errors(Pihole):
|
|
''' confirms all web page assets from Core repo are installed in an emtpy directory '''
|
|
installWeb = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
mkdir -p /var/www/html/pihole
|
|
installPiholeWeb
|
|
''')
|
|
assert 'Installing pihole custom index page...' in installWeb.stdout
|
|
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
|
|
assert 'index.php missing, replacing...' in installWeb.stdout
|
|
assert 'index.js missing, replacing...' in installWeb.stdout
|
|
assert 'blockingpage.css missing, replacing...' in installWeb.stdout
|
|
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
|
assert 'index.php' in web_directory
|
|
assert 'index.js' in web_directory
|
|
assert 'blockingpage.css' in web_directory
|
|
|
|
def test_installPiholeWeb_index_php_no_errors(Pihole):
|
|
''' confirms all web page assets from Core repo are installed when necessary '''
|
|
installWeb = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
mkdir -p /var/www/html/pihole
|
|
touch /var/www/html/pihole/index.php
|
|
installPiholeWeb
|
|
''')
|
|
assert 'Installing pihole custom index page...' in installWeb.stdout
|
|
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
|
|
assert 'Existing index.php detected, not overwriting' in installWeb.stdout
|
|
assert 'index.js missing, replacing...' in installWeb.stdout
|
|
assert 'blockingpage.css missing, replacing...' in installWeb.stdout
|
|
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
|
assert 'index.php' in web_directory
|
|
assert 'index.js' in web_directory
|
|
assert 'blockingpage.css' in web_directory
|
|
|
|
def test_installPiholeWeb_index_js_no_errors(Pihole):
|
|
''' confirms all web page assets from Core repo are installed when necessary '''
|
|
installWeb = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
mkdir -p /var/www/html/pihole
|
|
touch /var/www/html/pihole/index.js
|
|
installPiholeWeb
|
|
''')
|
|
assert 'Installing pihole custom index page...' in installWeb.stdout
|
|
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
|
|
assert 'index.php missing, replacing...' in installWeb.stdout
|
|
assert 'Existing index.js detected, not overwriting' in installWeb.stdout
|
|
assert 'blockingpage.css missing, replacing...' in installWeb.stdout
|
|
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
|
assert 'index.php' in web_directory
|
|
assert 'index.js' in web_directory
|
|
assert 'blockingpage.css' in web_directory
|
|
|
|
def test_installPiholeWeb_blockingpage_css_no_errors(Pihole):
|
|
''' confirms all web page assets from Core repo are installed when necessary '''
|
|
installWeb = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
mkdir -p /var/www/html/pihole
|
|
touch /var/www/html/pihole/blockingpage.css
|
|
installPiholeWeb
|
|
''')
|
|
assert 'Installing pihole custom index page...' in installWeb.stdout
|
|
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
|
|
assert 'index.php missing, replacing...' in installWeb.stdout
|
|
assert 'index.js missing, replacing...' in installWeb.stdout
|
|
assert 'Existing blockingpage.css detected, not overwriting' in installWeb.stdout
|
|
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
|
assert 'index.php' in web_directory
|
|
assert 'index.js' in web_directory
|
|
assert 'blockingpage.css' in web_directory
|
|
|
|
def test_installPiholeWeb_already_populated_no_errors(Pihole):
|
|
''' confirms all web page assets from Core repo are installed when necessary '''
|
|
installWeb = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
mkdir -p /var/www/html/pihole
|
|
touch /var/www/html/pihole/index.php
|
|
touch /var/www/html/pihole/index.js
|
|
touch /var/www/html/pihole/blockingpage.css
|
|
installPiholeWeb
|
|
''')
|
|
assert 'Installing pihole custom index page...' in installWeb.stdout
|
|
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
|
|
assert 'Existing index.php detected, not overwriting' in installWeb.stdout
|
|
assert 'index.php missing, replacing...' not in installWeb.stdout
|
|
assert 'Existing index.js detected, not overwriting' in installWeb.stdout
|
|
assert 'index.js missing, replacing...' not in installWeb.stdout
|
|
assert 'Existing blockingpage.css detected, not overwriting' in installWeb.stdout
|
|
assert 'blockingpage.css missing, replacing... ' not in installWeb.stdout
|
|
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
|
assert 'index.php' in web_directory
|
|
assert 'index.js' in web_directory
|
|
assert 'blockingpage.css' in web_directory
|
|
|
|
def test_update_package_cache_success_no_errors(Pihole):
|
|
''' confirms package cache was updated without any errors'''
|
|
updateCache = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
distro_check
|
|
update_package_cache
|
|
''')
|
|
assert 'Updating local cache of available packages...' in updateCache.stdout
|
|
assert 'ERROR' not in updateCache.stdout
|
|
assert 'done!' in updateCache.stdout
|
|
|
|
def test_update_package_cache_failure_no_errors(Pihole):
|
|
''' confirms package cache was not updated'''
|
|
mock_command('apt-get', {'update':('', '1')}, Pihole)
|
|
updateCache = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
distro_check
|
|
update_package_cache
|
|
''')
|
|
assert 'Updating local cache of available packages...' in updateCache.stdout
|
|
assert 'ERROR' in updateCache.stdout
|
|
assert 'done!' not in updateCache.stdout
|
|
|
|
def test_FTL_detect_aarch64_no_errors(Pihole):
|
|
''' confirms only aarch64 package is downloaded for FTL engine '''
|
|
# mock uname to return aarch64 platform
|
|
mock_command('uname', {'-m':('aarch64', '0')}, Pihole)
|
|
# mock ldd to respond with aarch64 shared library
|
|
mock_command('ldd', {'/bin/ls':('/lib/ld-linux-aarch64.so.1', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLdetect
|
|
''')
|
|
expected_stdout = 'Detected ARM-aarch64 architecture'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_FTL_detect_armv6l_no_errors(Pihole):
|
|
''' confirms only armv6l package is downloaded for FTL engine '''
|
|
# mock uname to return armv6l platform
|
|
mock_command('uname', {'-m':('armv6l', '0')}, Pihole)
|
|
# mock ldd to respond with aarch64 shared library
|
|
mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLdetect
|
|
''')
|
|
expected_stdout = 'Detected ARM-hf architecture (armv6 or lower)'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_FTL_detect_armv7l_no_errors(Pihole):
|
|
''' confirms only armv7l package is downloaded for FTL engine '''
|
|
# mock uname to return armv7l platform
|
|
mock_command('uname', {'-m':('armv7l', '0')}, Pihole)
|
|
# mock ldd to respond with aarch64 shared library
|
|
mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLdetect
|
|
''')
|
|
expected_stdout = 'Detected ARM-hf architecture (armv7+)'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_FTL_detect_x86_64_no_errors(Pihole):
|
|
''' confirms only x86_64 package is downloaded for FTL engine '''
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLdetect
|
|
''')
|
|
expected_stdout = 'Detected x86_64 architecture'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_FTL_detect_unknown_no_errors(Pihole):
|
|
''' confirms only generic package is downloaded for FTL engine '''
|
|
# mock uname to return generic platform
|
|
mock_command('uname', {'-m':('mips', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLdetect
|
|
''')
|
|
expected_stdout = 'Not able to detect architecture (unknown: mips)'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_FTL_download_aarch64_no_errors(Pihole):
|
|
''' confirms only aarch64 package is downloaded for FTL engine '''
|
|
# mock uname to return generic platform
|
|
download_binary = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLinstall pihole-FTL-aarch64-linux-gnu
|
|
''')
|
|
expected_stdout = 'done'
|
|
assert expected_stdout in download_binary.stdout
|
|
assert 'failed' not in download_binary.stdout
|
|
|
|
def test_FTL_download_unknown_fails_no_errors(Pihole):
|
|
''' confirms unknown binary is not downloaded for FTL engine '''
|
|
# mock uname to return generic platform
|
|
download_binary = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLinstall pihole-FTL-mips
|
|
''')
|
|
expected_stdout = 'failed'
|
|
assert expected_stdout in download_binary.stdout
|
|
assert 'done' not in download_binary.stdout
|
|
|
|
def test_FTL_binary_installed_and_responsive_no_errors(Pihole):
|
|
''' confirms FTL binary is copied and functional in installed location '''
|
|
installed_binary = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
FTLdetect
|
|
pihole-FTL version
|
|
''')
|
|
expected_stdout = 'v'
|
|
assert expected_stdout in installed_binary.stdout
|
|
|
|
# def test_FTL_support_files_installed(Pihole):
|
|
# ''' confirms FTL support files are installed '''
|
|
# support_files = Pihole.run('''
|
|
# source /opt/pihole/basic-install.sh
|
|
# FTLdetect
|
|
# stat -c '%a %n' /var/log/pihole-FTL.log
|
|
# stat -c '%a %n' /run/pihole-FTL.port
|
|
# stat -c '%a %n' /run/pihole-FTL.pid
|
|
# ls -lac /run
|
|
# ''')
|
|
# assert '644 /run/pihole-FTL.port' in support_files.stdout
|
|
# assert '644 /run/pihole-FTL.pid' in support_files.stdout
|
|
# assert '644 /var/log/pihole-FTL.log' in support_files.stdout
|
|
|
|
def test_IPv6_only_link_local(Pihole):
|
|
''' confirms IPv6 blocking is disabled for Link-local address '''
|
|
# mock ip -6 address to return Link-local address
|
|
mock_command_2('ip', {'-6 address':('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found neither IPv6 ULA nor GUA address, blocking IPv6 ads will not be enabled'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_IPv6_only_ULA(Pihole):
|
|
''' confirms IPv6 blocking is enabled for ULA addresses '''
|
|
# mock ip -6 address to return ULA address
|
|
mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_IPv6_only_GUA(Pihole):
|
|
''' confirms IPv6 blocking is enabled for GUA addresses '''
|
|
# mock ip -6 address to return GUA address
|
|
mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 GUA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_IPv6_GUA_ULA_test(Pihole):
|
|
''' confirms IPv6 blocking is enabled for GUA and ULA addresses '''
|
|
# mock ip -6 address to return GUA and ULA addresses
|
|
mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
def test_IPv6_ULA_GUA_test(Pihole):
|
|
''' confirms IPv6 blocking is enabled for GUA and ULA addresses '''
|
|
# mock ip -6 address to return ULA and GUA addresses
|
|
mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
# Helper functions
|
|
def mock_command(script, args, container):
|
|
''' Allows for setup of commands we don't really want to have to run for real in unit tests '''
|
|
full_script_path = '/usr/local/bin/{}'.format(script)
|
|
mock_script = dedent('''\
|
|
#!/bin/bash -e
|
|
echo "\$0 \$@" >> /var/log/{script}
|
|
case "\$1" in'''.format(script=script))
|
|
for k, v in args.iteritems():
|
|
case = dedent('''
|
|
{arg})
|
|
echo {res}
|
|
exit {retcode}
|
|
;;'''.format(arg=k, res=v[0], retcode=v[1]))
|
|
mock_script += case
|
|
mock_script += dedent('''
|
|
esac''')
|
|
container.run('''
|
|
cat <<EOF> {script}\n{content}\nEOF
|
|
chmod +x {script}
|
|
rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script))
|
|
|
|
def mock_command_2(script, args, container):
|
|
''' Allows for setup of commands we don't really want to have to run for real in unit tests '''
|
|
full_script_path = '/usr/local/bin/{}'.format(script)
|
|
mock_script = dedent('''\
|
|
#!/bin/bash -e
|
|
echo "\$0 \$@" >> /var/log/{script}
|
|
case "\$1 \$2" in'''.format(script=script))
|
|
for k, v in args.iteritems():
|
|
case = dedent('''
|
|
\"{arg}\")
|
|
echo \"{res}\"
|
|
exit {retcode}
|
|
;;'''.format(arg=k, res=v[0], retcode=v[1]))
|
|
mock_script += case
|
|
mock_script += dedent('''
|
|
esac''')
|
|
container.run('''
|
|
cat <<EOF> {script}\n{content}\nEOF
|
|
chmod +x {script}
|
|
rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script))
|
|
|
|
def run_script(Pihole, script):
|
|
result = Pihole.run(script)
|
|
assert result.rc == 0
|
|
return result
|