diff --git a/cmake/Package.cmake b/cmake/Package.cmake index c949201..a46dcb7 100644 --- a/cmake/Package.cmake +++ b/cmake/Package.cmake @@ -17,7 +17,6 @@ set(CPACK_RPM_PACKAGE_AUTOREQPROV "no") set(CPACK_RPM_PACKAGE_RELEASE_DIST on) set(CPACK_RPM_DEBUGINFO_PACKAGE on) -set(CPACK_RPM_PRE_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreInstall.in) set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostInstall.in) set(CPACK_RPM_PRE_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreunInstall.in) set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostunInstall.in) diff --git a/cmake/PreInstall.in b/cmake/PreInstall.in deleted file mode 100644 index 35b98e9..0000000 --- a/cmake/PreInstall.in +++ /dev/null @@ -1,4 +0,0 @@ -systemctl stop tsg-diagnose -docker rmi -f badssl-tsg-diagnose -docker rmi -f unittest-tsg-diagnose -docker rmi -f wpr-tsg-diagnose \ No newline at end of file diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index 7709733..fc74d7b 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -63,7 +63,7 @@ services: ipv4_address: 192.51.100.4 volumes: - /opt/tsg/tsg-diagnose/.badssl_cert_dict:/root/cafile_dict - - /opt/tsg/tsg-diagnose/log:/root/result_self_test + - /opt/tsg/tsg-diagnose/result:/root/result_tsg_diagnose - /etc/localtime:/etc/localtime:ro command: - /bin/sh @@ -74,13 +74,13 @@ services: ifconfig eth0 hw ether 02:42:C0:A8:FD:03 arp -i eth0 -s 192.0.2.130 02:42:c0:a8:fd:82 arp -i eth0 -s 192.0.2.131 02:42:C0:A8:FD:83 - mkdir -p /root/result_self_test/unittest - mkdir -p /root/result_self_test/con_traffic_inject + mkdir -p /root/result_tsg_diagnose/unittest + mkdir -p /root/result_tsg_diagnose/con_traffic_inject cp -rf /root/cafile_dict/certs/sets/current/gen/crt/ca-root.crt /usr/local/share/ca-certificates update-ca-certificates cat /root/unittest/badssl.test.hosts >> /etc/hosts - python /root/unittest/unittest_self.py & - tail -f /dev/null + crond + python /root/unittest/tsg_diagnose.py -l networks: diff --git a/unittest_python/Dockerfile b/unittest_python/Dockerfile index 1b0bf1e..dc590de 100644 --- a/unittest_python/Dockerfile +++ b/unittest_python/Dockerfile @@ -5,10 +5,12 @@ FROM python:3.6.9-alpine3.10 ADD unittest /root/unittest RUN sed -i s@/dl-cdn.alpinelinux.org/@/mirrors.ustc.edu.cn/@g /etc/apk/repositories \ - && apk update \ + && apk update \ && apk add curl-dev gcc libc-dev curl gzip \ - && pip3 install pycurl \ - && pip3 install httpstat + && pip3 install pycurl \ + && pip3 install httpstat \ + && pip3 install CIUnitTest \ + && echo '0 2 * * * /usr/local/bin/python /root/unittest/clear_file_timeout.py' > /etc/crontabs/root WORKDIR /root/unittest diff --git a/unittest_python/unittest/clear_file_timeout.py b/unittest_python/unittest/clear_file_timeout.py new file mode 100644 index 0000000..f977d2a --- /dev/null +++ b/unittest_python/unittest/clear_file_timeout.py @@ -0,0 +1,43 @@ +import os +import sys +import time +import argparse + + +def get_suite_option(): + parser = argparse.ArgumentParser(description="Tsg diagnose Tools - clear tsg diagnose result file", epilog = "Example:help") + parser.add_argument('-t','--timeout', type = int, default = 604800,help='Specify the time to delete files that are not accessed in seconds ,the default is 604800 (7 days)') + parser.add_argument('-d','--dictpath', type = str, default = '/root/result_tsg_diagnose/unittest', help='Specify the folder to delete files, the default is /root/result_tsg_diagnose/unittest') + args = parser.parse_args() + return args + + +def clear_dict_file(dictpath, timeout): + try: + files = os.listdir(dictpath) + if not files: + print("The directory not exist, the process will exit") + sys.exit(0) + for file in files: + filePath = dictpath + "/" + file + if os.path.isfile(filePath): + last = int(os.stat(filePath).st_mtime) + now = int(time.time()) + if (now - last >= timeout): + os.remove(filePath) + print(filePath + " was removed!") + elif os.path.isdir(filePath): + clear_dict_file(filePath,timeout) + if not os.listdir(filePath): + os.rmdir(filePath) + except Exception as ex: + print("Process get an exception, will exit, Exception info: ", ex) + sys.stdout.write(str(ex)) + sys.exit(1) + + +if __name__ == '__main__': + args = get_suite_option() + timeout = args.timeout + dictpath = args.dictpath + clear_dict_file(dictpath, timeout) diff --git a/unittest_python/unittest/unittest_self.py b/unittest_python/unittest/tsg_diagnose.py similarity index 90% rename from unittest_python/unittest/unittest_self.py rename to unittest_python/unittest/tsg_diagnose.py index 3e2d9e7..9c24821 100644 --- a/unittest_python/unittest/unittest_self.py +++ b/unittest_python/unittest/tsg_diagnose.py @@ -8,7 +8,6 @@ import time from io import BytesIO import getopt import ciunittest -import xmlrunner import argparse @@ -49,8 +48,8 @@ URLdictConTrafficInject = { "64M":"https://downloadfile.self-test.geedge.net/64M"} -ssl_bypass_info_re = "ssl bypass ok" -ssl_intercept_info_re = "ssl intercept ok" +ssl_bypass_info_re = "Ssl connection bypass success" +ssl_intercept_info_re = "Ssl connection intercept success" https_exprired_info_re = "https exprired ok" https_wrong_host_info_re = "https wrong host ok" https_self_signed_info_re = "https self signed ok" @@ -86,13 +85,13 @@ class SSLCheckRequestBuild: issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'\bCN[\s]*=[\s]*BadSSL\b',issuer[1],0): raise Exception(ssl_bypass_info_re) elif re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0): - raise Exception("Error:Ssl link is intercepted") + raise Exception("Error:Ssl connection is intercepted, not bypass") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error:Got other error certificate information, ssl connection's packages may loss") def ssl_intercept(self): self.conn.setopt(self.conn.URL,URLIntercept) @@ -101,17 +100,17 @@ class SSLCheckRequestBuild: self.conn.close() issuer = () for cert_info in certs[0]: - if cert_info[0] == "Issuer": + if cert_info[0].lower() == "issuer": issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'CN = Tango[\s\S]*UNTRUST',issuer[1],0): raise Exception(ssl_intercept_info_re) elif re.search(r'\bCN[\s]*=[\s]*BadSSL\b',issuer[1],0): - raise Exception("Error:Ssl link is intercepted") + raise Exception("Error: Ssl connection is bypass, not intercept") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error: Got other error certificate information, ssl connection's packages may loss") class SslInterceptRequestBuild: @@ -133,14 +132,14 @@ class SslInterceptRequestBuild: issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0): if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0): raise Exception(https_exprired_info_re) else: - raise Exception("Fail:ssl intercept cert is trust") + raise Exception("Error: get error certificate, Possible tsg certificate verification error") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error: Got other error certificate information, ssl connection's packages may loss") def ssl_intercept_certerrWrong_host(self): @@ -155,14 +154,14 @@ class SslInterceptRequestBuild: issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0): if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0): - raise Exception(https_wrong_host_info_re ) + raise Exception(https_wrong_host_info_re) else: - raise Exception("Fail:ssl intercept cert is trust") + raise Exception("Error: get error certificate, Possible tsg certificate verification error") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error: Got other error certificate information, ssl connection's packages may loss") def ssl_intercept_certerrSelf_signed(self): self.conn.setopt(self.conn.URL,URLSselfsigned) @@ -175,14 +174,14 @@ class SslInterceptRequestBuild: issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0): if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0): raise Exception(https_self_signed_info_re) else: - raise Exception("Fail:ssl intercept cert is trust") + raise Exception("Error: get error certificate, Possible tsg certificate verification error") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error: Got other error certificate information, ssl connection's packages may loss") def ssl_intercept_certerrUntrusted_root(self): self.conn.setopt(self.conn.URL,URLSuntrustedroot) @@ -195,14 +194,14 @@ class SslInterceptRequestBuild: issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0): if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0): raise Exception(https_untrusted_root_info_re) else: - raise Exception("Fail:ssl intercept cert is trust") + raise Exception("Error: get error certificate, Possible tsg certificate verification error") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error: Got other error certificate information, ssl connection's packages may loss") def ssl_intercept_certerrRevoked(self): @@ -217,14 +216,14 @@ class SslInterceptRequestBuild: issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0): if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0): raise Exception(https_revoked_info_re) else: - raise Exception("Fail:ssl intercept cert is trust") + raise Exception("Error: get error certificate, Possible tsg certificate verification error") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error: Got other error certificate information, ssl connection's packages may loss") def ssl_intercept_certerrPinning_test(self): @@ -239,14 +238,14 @@ class SslInterceptRequestBuild: issuer = cert_info break if len(issuer) <= 0: - raise Exception("Error: get Certificate info error") + raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer)) if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0): if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0): raise Exception(https_pinning_test_info_re) else: - raise Exception("Fail:ssl intercept cert is trust") + raise Exception("Error: get error certificate, Possible tsg certificate verification error") else: - raise Exception("Error:Got other error certificate information") + raise Exception("Error: Got other error certificate information, ssl connection's packages may loss") class SslHttpRequestBuild: