diff --git a/images_build/client/dign_client/bin/client.py b/images_build/client/dign_client/bin/client.py index 92c39cf..1277551 100644 --- a/images_build/client/dign_client/bin/client.py +++ b/images_build/client/dign_client/bin/client.py @@ -200,7 +200,6 @@ class ServerAddressBuilder: port = 80 return [f"{parsed_url.hostname}:{port}:{self.IPv4_1_TO_3TH_OCTET}.{self._ipv4_4th_octet}"] - # @property # def resolves(self) -> list: # return [f"{domain}:{port}:192.0.2.{self._ipv4_4th_octet}" for domain, port in self.DOMAIN_TO_PORT_LIST] @@ -262,6 +261,12 @@ class TcpPacketsCapture: else: return None + @staticmethod + def read_server_ip_and_port_from_resolve(resolves): + resolve = resolves[0] + resolve_split = resolve.split(":") + return resolve_split[2], resolve_split[1] + class TcpPacketsCaptureAssertion: @staticmethod def is_dscp_equal(actual_dscp, expected_dscp): @@ -529,7 +534,8 @@ class DNSResponseAssertion: return False, f"Expected rdtype address pair[{expected_rdtype}, {expected_address}] not in {rdtype_address_pairs}." class ProxyCasesRunner: - def action_intercept_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_intercept_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -540,7 +546,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_intercept_protocol_https_cert_error(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_intercept_protocol_https_cert_error(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -551,34 +558,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_intercept_protocol_https_download_size_1k(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024) - - def action_intercept_protocol_https_download_size_4k(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 4) - - def action_intercept_protocol_https_download_size_16k(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 16) - - def action_intercept_protocol_https_download_size_64k(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 64) - - def action_intercept_protocol_https_download_size_256k(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 256) - - def action_intercept_protocol_https_download_size_1M(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 1024) - - def action_intercept_protocol_https_download_size_4M(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 1024 * 4) - - def action_intercept_protocol_https_download_size_16M(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 1024 * 16) - - def action_intercept_protocol_https_download_size_64M(self, url, resolves, conn_timeout, max_recv_speed): - return self._action_intercept_protocol_ssl_by_download_size(url, resolves, conn_timeout, max_recv_speed, 1024 * 1024 * 64) - - def _action_intercept_protocol_ssl_by_download_size(self, url, resolves, conn_timeout, max_recv_speed, download_size): + @staticmethod + def action_intercept_protocol_https_download_size_1k(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -587,12 +568,133 @@ class ProxyCasesRunner: status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') if not status: return False, info - status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, download_size) + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024) if not status: return False, info return True, None - def action_redirect_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_intercept_protocol_https_download_size_4k(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 4) + if not status: + return False, info + return True, None + + @staticmethod + def action_intercept_protocol_https_download_size_16k(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 16) + if not status: + return False, info + return True, None + + @staticmethod + def action_intercept_protocol_https_download_size_64k(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 64) + if not status: + return False, info + return True, None + + @staticmethod + def action_intercept_protocol_https_download_size_256k(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 256) + if not status: + return False, info + return True, None + + @staticmethod + def action_intercept_protocol_https_download_size_1M(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 1024) + if not status: + return False, info + return True, None + + @staticmethod + def action_intercept_protocol_https_download_size_4M(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 1024 * 4) + if not status: + return False, info + return True, None + + @staticmethod + def action_intercept_protocol_https_download_size_16M(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 1024 * 16) + if not status: + return False, info + return True, None + + @staticmethod + def action_intercept_protocol_https_download_size_64M(url, resolves, conn_timeout, max_recv_speed): + conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_cert_issuer_matched(conn.cert_issuer, r'\bCN[\s]*=[\s]*Tango Secure Gateway CA\b') + if not status: + return False, info + status, info = URLTransferResponseAssertion.is_download_size_equal(conn.size_download, 1024 * 1024 * 64) + if not status: + return False, info + return True, None + + @staticmethod + def action_redirect_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -606,7 +708,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_redirect_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_redirect_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -617,7 +720,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_block_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_block_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -634,7 +738,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_block_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_block_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -648,7 +753,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_replace_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_replace_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -666,7 +772,8 @@ class ProxyCasesRunner: return True, None - def action_replace_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_replace_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -682,7 +789,8 @@ class ProxyCasesRunner: return True, None - def action_hijack_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_hijack_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -696,7 +804,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_hijack_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_hijack_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -707,7 +816,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_insert_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_insert_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -727,7 +837,8 @@ class ProxyCasesRunner: return True, None - def action_insert_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_insert_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -743,7 +854,8 @@ class ProxyCasesRunner: return True, None - def action_deny_protocol_http_filter_host(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_deny_protocol_http_filter_host(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -757,7 +869,8 @@ class ProxyCasesRunner: return False, info return True, None - def action_deny_protocol_http_filter_url(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_deny_protocol_http_filter_url(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -772,7 +885,8 @@ class ProxyCasesRunner: return True, None class ShapingCaseRunner: - def rate_limit_0bps_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def rate_limit_0bps_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 28) @@ -780,7 +894,8 @@ class ShapingCaseRunner: return False, info return True, None - def rate_limit_0bps_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def rate_limit_0bps_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 28) @@ -788,8 +903,9 @@ class ShapingCaseRunner: return False, info return True, None - def rate_limit_1000gbps_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): - server_ip, server_port = self._read_server_ip_and_port_from_resolve(resolves) + @staticmethod + def rate_limit_1000gbps_protocol_http(url, resolves, conn_timeout, max_recv_speed): + server_ip, server_port = TcpPacketsCapture.read_server_ip_and_port_from_resolve(resolves) capture = TcpPacketsCapture(server_ip, server_port) capture.start() conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) @@ -807,8 +923,9 @@ class ShapingCaseRunner: return False, info return True, None - def rate_limit_1000gbps_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): - server_ip, server_port = self._read_server_ip_and_port_from_resolve(resolves) + @staticmethod + def rate_limit_1000gbps_protocol_https(url, resolves, conn_timeout, max_recv_speed): + server_ip, server_port = TcpPacketsCapture.read_server_ip_and_port_from_resolve(resolves) capture = TcpPacketsCapture(server_ip, server_port) capture.start() conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) @@ -829,13 +946,9 @@ class ShapingCaseRunner: return False, info return True, None - def _read_server_ip_and_port_from_resolve(self, resolves): - resolve = resolves[0] - resolve_split = resolve.split(":") - return resolve_split[2], resolve_split[1] - class FirewallCasesRunner: - def action_bypass_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_bypass_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -846,7 +959,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_allow_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_allow_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -857,7 +971,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_deny_subaction_drop_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_deny_subaction_drop_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 28) @@ -865,7 +980,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_deny_subaction_reset_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_deny_subaction_reset_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 56) @@ -873,13 +989,26 @@ class FirewallCasesRunner: return False, info return True, None - def action_deny_subaction_reset_protocol_http_filter_host(self, url, resolves, conn_timeout, max_recv_speed): - return self.action_deny_subaction_reset_protocol_http(url, resolves, conn_timeout, max_recv_speed) + @staticmethod + def action_deny_subaction_reset_protocol_http_filter_host(url, resolves, conn_timeout, max_recv_speed): + conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 56) + if not status: + return False, info + return True, None - def action_deny_subaction_reset_protocol_http_filter_url(self, url, resolves, conn_timeout, max_recv_speed): - return self.action_deny_subaction_reset_protocol_http(url, resolves, conn_timeout, max_recv_speed) + @staticmethod + def action_deny_subaction_reset_protocol_http_filter_url(url, resolves, conn_timeout, max_recv_speed): + conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) + conn.connect() + status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 56) + if not status: + return False, info + return True, None - def action_deny_subaction_block_protocol_http(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_deny_subaction_block_protocol_http(url, resolves, conn_timeout, max_recv_speed): conn = HttpURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -893,7 +1022,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_allow_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_allow_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_none(conn.error_info) @@ -907,7 +1037,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_deny_subaction_drop_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_deny_subaction_drop_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 28) @@ -915,7 +1046,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_deny_subaction_reset_protocol_https(self, url, resolves, conn_timeout, max_recv_speed): + @staticmethod + def action_deny_subaction_reset_protocol_https(url, resolves, conn_timeout, max_recv_speed): conn = HttpsURLTransferBuilder(url, resolves, conn_timeout, max_recv_speed) conn.connect() status, info = URLTransferResponseAssertion.is_pycurl_error_code_equal(conn.error_info, 35) @@ -923,7 +1055,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_deny_subaction_drop_protocol_dns(self, domain, nameservers, conn_timeout): + @staticmethod + def action_deny_subaction_drop_protocol_dns(domain, nameservers, conn_timeout): request = DNSQueryTypeABuilder(domain, nameservers, conn_timeout) request.query() @@ -932,7 +1065,8 @@ class FirewallCasesRunner: return False, info return True, None - def action_deny_subaction_redirect_protocol_dns_type_a(self, domain, nameservers, conn_timeout): + @staticmethod + def action_deny_subaction_redirect_protocol_dns_type_a(domain, nameservers, conn_timeout): request = DNSQueryTypeABuilder(domain, nameservers, conn_timeout) request.query() @@ -950,7 +1084,8 @@ class FirewallCasesRunner: return True, None - def action_deny_subaction_redirect_protocol_dns_type_aaaa(self, domain, nameservers, conn_timeout): + @staticmethod + def action_deny_subaction_redirect_protocol_dns_type_aaaa(domain, nameservers, conn_timeout): request = DNSQueryTypeAAAABuilder(domain, nameservers, conn_timeout) request.query() @@ -968,7 +1103,8 @@ class FirewallCasesRunner: return True, None - def action_deny_subaction_redirect_protocol_dns_type_a_range_ttl(self, domain, nameservers, conn_timeout): + @staticmethod + def action_deny_subaction_redirect_protocol_dns_type_a_range_ttl(domain, nameservers, conn_timeout): request = DNSQueryTypeABuilder(domain, nameservers, conn_timeout) request.query() @@ -986,7 +1122,8 @@ class FirewallCasesRunner: return True, None - def action_deny_subaction_redirect_protocol_dns_type_aaaa_range_ttl(self, domain, nameservers, conn_timeout): + @staticmethod + def action_deny_subaction_redirect_protocol_dns_type_aaaa_range_ttl(domain, nameservers, conn_timeout): request = DNSQueryTypeAAAABuilder(domain, nameservers, conn_timeout) request.query() @@ -1065,17 +1202,12 @@ class DiagnoseCasesRunner: self._service_function_names_regexp = cmd_parser.service_function_names_regexp self._service_function_config_path = cmd_parser.service_function_config_path self._random_delay_seconds = cmd_parser.delay_seconds - self._config_loader = ConfigLoader(self._config_path) - - self._proxy_case = ProxyCasesRunner() - self._firewall_case = FirewallCasesRunner() - self._shaping_case = ShapingCaseRunner() self._cases_info = [ { "name": "Firewall_Allow_HTTP", "protocol_type": "http", - "test_function": self._firewall_case.action_allow_protocol_http, + "test_function": FirewallCasesRunner.action_allow_protocol_http, "request_content": "http://http.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1083,7 +1215,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_Allow_HTTPS", "protocol_type": "https", - "test_function": self._firewall_case.action_allow_protocol_https, + "test_function": FirewallCasesRunner.action_allow_protocol_https, "request_content": "https://sha512.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1091,7 +1223,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyReset_HTTP", "protocol_type": "http", - "test_function": self._firewall_case.action_deny_subaction_reset_protocol_http, + "test_function": FirewallCasesRunner.action_deny_subaction_reset_protocol_http, "request_content": "http://http-dynamic-login.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1099,7 +1231,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyReset_HTTPS", "protocol_type": "https", - "test_function": self._firewall_case.action_deny_subaction_reset_protocol_https, + "test_function": FirewallCasesRunner.action_deny_subaction_reset_protocol_https, "request_content": "https://rsa4096.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1107,7 +1239,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyReset_FilterHost_HTTP", "protocol_type": "http", - "test_function": self._firewall_case.action_deny_subaction_reset_protocol_http_filter_host, + "test_function": FirewallCasesRunner.action_deny_subaction_reset_protocol_http_filter_host, "request_content": "http://testing-firewall-filter-host.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1115,7 +1247,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyReset_FilterURL_HTTP", "protocol_type": "http", - "test_function": self._firewall_case.action_deny_subaction_reset_protocol_http_filter_url, + "test_function": FirewallCasesRunner.action_deny_subaction_reset_protocol_http_filter_url, "request_content": "http://testing-firewall-filter-url.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1123,7 +1255,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyBlock_HTTP", "protocol_type": "http", - "test_function": self._firewall_case.action_deny_subaction_block_protocol_http, + "test_function": FirewallCasesRunner.action_deny_subaction_block_protocol_http, "request_content": "http://http-login.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1131,7 +1263,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyDrop_HTTP", "protocol_type": "http", - "test_function": self._firewall_case.action_deny_subaction_drop_protocol_http, + "test_function": FirewallCasesRunner.action_deny_subaction_drop_protocol_http, "request_content": "http://http-credit-card.badssl.selftest.gdnt-cloud.website", "conn_timeout": 4, "max_recv_speed": 6553600 @@ -1139,7 +1271,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyDrop_HTTPS", "protocol_type": "https", - "test_function": self._firewall_case.action_deny_subaction_drop_protocol_https, + "test_function": FirewallCasesRunner.action_deny_subaction_drop_protocol_https, "request_content": "https://rsa2048.badssl.selftest.gdnt-cloud.website", "conn_timeout": 4, "max_recv_speed": 6553600 @@ -1147,7 +1279,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyDrop_DNS", "protocol_type": "dns", - "test_function": self._firewall_case.action_deny_subaction_drop_protocol_dns, + "test_function": FirewallCasesRunner.action_deny_subaction_drop_protocol_dns, "request_content": "dnstest.deny-drop-ipv4.selftest.gdnt-cloud.website", 'conn_timeout': 3, 'max_recv_speed': 6553600 @@ -1155,7 +1287,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyRedirect_A_DNS", "protocol_type": "dns", - "test_function": self._firewall_case.action_deny_subaction_redirect_protocol_dns_type_a, + "test_function": FirewallCasesRunner.action_deny_subaction_redirect_protocol_dns_type_a, "request_content": "dnstest.deny-redirect-a-ipv4.selftest.gdnt-cloud.website", "conn_timeout": 3, "max_recv_speed": 6553600 @@ -1163,7 +1295,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyRedirect_AAAA_DNS", "protocol_type": "dns", - "test_function": self._firewall_case.action_deny_subaction_redirect_protocol_dns_type_aaaa, + "test_function": FirewallCasesRunner.action_deny_subaction_redirect_protocol_dns_type_aaaa, "request_content": "dnstest.deny-redirect-4a-ipv6.selftest.gdnt-cloud.website", "conn_timeout": 3, "max_recv_speed": 6553600 @@ -1171,7 +1303,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyRedirect_ARangeTTL_DNS", "protocol_type": "dns", - "test_function": self._firewall_case.action_deny_subaction_redirect_protocol_dns_type_a_range_ttl, + "test_function": FirewallCasesRunner.action_deny_subaction_redirect_protocol_dns_type_a_range_ttl, "request_content": "dnstest.deny-redirect-a-rttl-ipv4.selftest.gdnt-cloud.website", "conn_timeout": 3, "max_recv_speed": 6553600 @@ -1179,7 +1311,7 @@ class DiagnoseCasesRunner: { "name": "Firewall_DenyRedirect_AAAARangeTTL_DNS", "protocol_type": "dns", - "test_function": self._firewall_case.action_deny_subaction_redirect_protocol_dns_type_aaaa_range_ttl, + "test_function": FirewallCasesRunner.action_deny_subaction_redirect_protocol_dns_type_aaaa_range_ttl, "request_content": "dnstest.deny-redirect-4a-rttl-ipv6.selftest.gdnt-cloud.website", "conn_timeout": 3, "max_recv_speed": 6553600 @@ -1187,7 +1319,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https, + "test_function": ProxyCasesRunner.action_intercept_protocol_https, "request_content": "https://sha256.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1195,7 +1327,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_CertExpired", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_cert_error, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_cert_error, "request_content": "https://expired.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1203,7 +1335,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_CertSelfSigned", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_cert_error, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_cert_error, "request_content": "https://self-signed.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1211,7 +1343,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_CertUntrustedRoot", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_cert_error, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_cert_error, "request_content": "https://untrusted-root.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1219,7 +1351,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_1k", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_1k, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_1k, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/1k", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1227,7 +1359,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_4k", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_4k, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_4k, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/4k", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1235,7 +1367,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_16k", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_16k, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_16k, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/16k", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1243,7 +1375,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_64k", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_64k, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_64k, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/64k", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1251,7 +1383,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_256k", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_256k, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_256k, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/256k", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1259,7 +1391,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_1M", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_1M, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_1M, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/1M", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1267,7 +1399,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_4M", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_4M, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_4M, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/4M", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1275,7 +1407,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_16M", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_16M, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_16M, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/16M", "conn_timeout": 4, "max_recv_speed": 6553600 @@ -1283,7 +1415,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Intercept_HTTPS_Response_64M", "protocol_type": "https", - "test_function": self._proxy_case.action_intercept_protocol_https_download_size_64M, + "test_function": ProxyCasesRunner.action_intercept_protocol_https_download_size_64M, "request_content": "https://testing-download.badssl.selftest.gdnt-cloud.website/resources/64M", "conn_timeout": 12, "max_recv_speed": 6553600 @@ -1291,7 +1423,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Redirect_HTTP", "protocol_type": "http", - "test_function": self._proxy_case.action_redirect_protocol_http, + "test_function": ProxyCasesRunner.action_redirect_protocol_http, "request_content": "http://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyRedirect.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1299,7 +1431,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Redirect_HTTPS", "protocol_type": "https", - "test_function": self._proxy_case.action_redirect_protocol_https, + "test_function": ProxyCasesRunner.action_redirect_protocol_https, "request_content": "https://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyRedirect.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1307,7 +1439,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Replace_HTTP", "protocol_type": "http", - "test_function": self._proxy_case.action_replace_protocol_http, + "test_function": ProxyCasesRunner.action_replace_protocol_http, "request_content": "http://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyReplace.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1315,7 +1447,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Replace_HTTPS", "protocol_type": "https", - "test_function": self._proxy_case.action_replace_protocol_https, + "test_function": ProxyCasesRunner.action_replace_protocol_https, "request_content": "https://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyReplace.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1323,7 +1455,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Deny_HTTP", "protocol_type": "http", - "test_function": self._proxy_case.action_block_protocol_http, + "test_function": ProxyCasesRunner.action_block_protocol_http, "request_content": "http://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyBlock.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1331,7 +1463,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Deny_HTTPS", "protocol_type": "https", - "test_function": self._proxy_case.action_block_protocol_https, + "test_function": ProxyCasesRunner.action_block_protocol_https, "request_content": "https://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyBlock.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1339,7 +1471,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Deny_FilterHost_HTTP", "protocol_type": "http", - "test_function": self._proxy_case.action_deny_protocol_http_filter_host, + "test_function": ProxyCasesRunner.action_deny_protocol_http_filter_host, "request_content": "http://testing-proxy-filter-host.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1347,7 +1479,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Deny_FilterURL_HTTP", "protocol_type": "http", - "test_function": self._proxy_case.action_deny_protocol_http_filter_url, + "test_function": ProxyCasesRunner.action_deny_protocol_http_filter_url, "request_content": "http://testing-proxy-filter-url.badssl.selftest.gdnt-cloud.website", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1355,7 +1487,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Hijack_HTTP", "protocol_type": "http", - "test_function": self._proxy_case.action_hijack_protocol_http, + "test_function": ProxyCasesRunner.action_hijack_protocol_http, "request_content": "http://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyHijack.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1363,7 +1495,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Hijack_HTTPS", "protocol_type": "https", - "test_function": self._proxy_case.action_hijack_protocol_https, + "test_function": ProxyCasesRunner.action_hijack_protocol_https, "request_content": "https://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyHijack.js", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1371,7 +1503,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Insert_HTTP", "protocol_type": "http", - "test_function": self._proxy_case.action_insert_protocol_http, + "test_function": ProxyCasesRunner.action_insert_protocol_http, "request_content": "http://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyInsert.html", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1379,7 +1511,7 @@ class DiagnoseCasesRunner: { "name": "Proxy_Manipulation_Insert_HTTPS", "protocol_type": "https", - "test_function": self._proxy_case.action_insert_protocol_https, + "test_function": ProxyCasesRunner.action_insert_protocol_https, "request_content": "https://web-replay.badssl.selftest.gdnt-cloud.website/resources/proxyInsert.html", "conn_timeout": 1, "max_recv_speed": 6553600 @@ -1387,7 +1519,7 @@ class DiagnoseCasesRunner: { "name": "Shaping_RateLimit0bps_HTTP", "protocol_type": "http", - "test_function": self._shaping_case.rate_limit_0bps_protocol_http, + "test_function": ShapingCaseRunner.rate_limit_0bps_protocol_http, "request_content": "http://testing-rate-limit-0bps.badssl.selftest.gdnt-cloud.website/resources/16M", "conn_timeout": 4, "max_recv_speed": 6553600 @@ -1395,7 +1527,7 @@ class DiagnoseCasesRunner: { "name": "Shaping_RateLimit0bps_HTTPS", "protocol_type": "https", - "test_function": self._shaping_case.rate_limit_0bps_protocol_https, + "test_function": ShapingCaseRunner.rate_limit_0bps_protocol_https, "request_content": "https://testing-rate-limit-0bps.badssl.selftest.gdnt-cloud.website/resources/16M", "conn_timeout": 4, "max_recv_speed": 6553600 @@ -1403,7 +1535,7 @@ class DiagnoseCasesRunner: { "name": "Shaping_RateLimit1000gbps_HTTP", "protocol_type": "http", - "test_function": self._shaping_case.rate_limit_1000gbps_protocol_http, + "test_function": ShapingCaseRunner.rate_limit_1000gbps_protocol_http, "request_content": "http://testing-rate-limit-1000gbps.badssl.selftest.gdnt-cloud.website/resources/16M", "conn_timeout": 4, "max_recv_speed": 6553600 @@ -1411,7 +1543,7 @@ class DiagnoseCasesRunner: { "name": "Shaping_RateLimit1000gbps_HTTPS", "protocol_type": "https", - "test_function": self._shaping_case.rate_limit_1000gbps_protocol_https, + "test_function": ShapingCaseRunner.rate_limit_1000gbps_protocol_https, "request_content": "https://testing-rate-limit-1000gbps.badssl.selftest.gdnt-cloud.website/resources/16M", "conn_timeout": 4, "max_recv_speed": 6553600