mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
Fix a few core tests for linux
This commit is contained in:
Théophile Diot
parent
bca36e2966
commit
ce2fa3d360
|
|
@ -26,6 +26,7 @@ if [ "$integration" = "docker" ] ; then
|
|||
fi
|
||||
else
|
||||
sudo systemctl stop bunkerweb
|
||||
sudo pip install -r requirements.txt
|
||||
echo "USE_BAD_BEHAVIOR=yes" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "BAD_BEHAVIOR_STATUS_CODES=400 401 403 404 405 429 444" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "BAD_BEHAVIOR_BAN_TIME=86400" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ if [ "$integration" = "docker" ] ; then
|
|||
fi
|
||||
else
|
||||
sudo systemctl stop bunkerweb
|
||||
sudo pip install -r requirements.txt
|
||||
|
||||
echo "⌨️ Installing Redis ..."
|
||||
sudo apt install --no-install-recommends -y redis
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
sqlalchemy==2.0.20
|
||||
sqlalchemy==2.0.21
|
||||
psycopg2-binary==2.9.7
|
||||
PyMySQL==1.1.0
|
||||
cryptography==41.0.3
|
||||
cryptography==41.0.4
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ if [ "$integration" = "docker" ] ; then
|
|||
fi
|
||||
else
|
||||
sudo systemctl stop bunkerweb
|
||||
sudo pip install -r requirements.txt
|
||||
sudo sed -i 's@SERVER_NAME=.*$@SERVER_NAME=bwadm.example.com@' /etc/bunkerweb/variables.env
|
||||
echo "MULTISITE=no" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "USE_REVERSE_PROXY=yes" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ else
|
|||
echo "ERRORS=" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "INTERCEPTED_ERROR_CODES=400 401 403 404 405 413 429 500 501 502 503 504" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
sudo touch /var/www/html/index.html
|
||||
mkdir -p /var/www/html/errors
|
||||
sudo cp "403.html" "/var/www/html/errors/403.html"
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -82,10 +82,10 @@ cleanup_stack () {
|
|||
sudo sed -i 's@STRICT_TRANSPORT_SECURITY=.*$@STRICT_TRANSPORT_SECURITY=max-age=31536000@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@COOKIE_FLAGS=.*$@COOKIE_FLAGS=* HttpOnly SameSite=Lax@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@COOKIE_AUTO_SECURE_FLAG=.*$@COOKIE_AUTO_SECURE_FLAG=yes@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i "s@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src 'none'; form-action 'self'; frame-ancestors 'self';@" /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=strict-origin-when-cross-origin@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i "s@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none'; xr-spatial-tracking 'none';@" /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=SAMEORIGIN@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=nosniff@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=1; mode=block@' /etc/bunkerweb/variables.env
|
||||
|
|
@ -152,10 +152,10 @@ do
|
|||
sudo sed -i 's@CUSTOM_HEADER=.*$@CUSTOM_HEADER=X-Test: test@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@REMOVE_HEADERS=.*$@REMOVE_HEADERS=X-Powered-By X-AspNet-Version X-AspNetMvc-Version@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@STRICT_TRANSPORT_SECURITY=.*$@STRICT_TRANSPORT_SECURITY=max-age=86400@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i "s@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';@" /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src '"'"'none'"'"'; frame-ancestors '"'"'self'"'"';@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=no-referrer@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=geolocation=(self), microphone=()@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i "s@FEATURE_POLICY=.*$@FEATURE_POLICY=geolocation 'self'; microphone 'none';@" /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@FEATURE_POLICY=.*$@FEATURE_POLICY=geolocation '"'"'self'"'"'; microphone '"'"'none'"'"';@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=DENY@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=0@' /etc/bunkerweb/variables.env
|
||||
|
|
@ -186,15 +186,15 @@ do
|
|||
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: ""@X_CONTENT_TYPE_OPTIONS: "nosniff"@' {} \;
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "0"@X_XSS_PROTECTION: "1; mode=block"@' {} \;
|
||||
else
|
||||
sudo sed -i 's@COOKIE_FLAGS=.*$@COOKIE_FLAGS=* HttpOnly SameSite=Lax@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@COOKIE_FLAGS=.*$@COOKIE_FLAGS=* SameSite=Lax@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@CUSTOM_HEADER=.*$@CUSTOM_HEADER=@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@REMOVE_HEADERS=.*$@REMOVE_HEADERS=Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@STRICT_TRANSPORT_SECURITY=.*$@STRICT_TRANSPORT_SECURITY=max-age=31536000@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=no@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i "s@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src 'none'; form-action 'self'; frame-ancestors 'self';@" /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=strict-origin-when-cross-origin@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i "s@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none'; xr-spatial-tracking 'none';@" /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=SAMEORIGIN@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=nosniff@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=1; mode=block@' /etc/bunkerweb/variables.env
|
||||
|
|
|
|||
|
|
@ -10,17 +10,24 @@ try:
|
|||
ssl_generated = getenv("GENERATE_SELF_SIGNED_SSL", "no") == "yes"
|
||||
disabled_default_server = getenv("DISABLE_DEFAULT_SERVER", "no") == "yes"
|
||||
deny_http_status = getenv("DENY_HTTP_STATUS", "403")
|
||||
listen_http = getenv("LISTEN_HTTP", "no") == "yes"
|
||||
listen_http = getenv("LISTEN_HTTP", "yes") == "yes"
|
||||
|
||||
error = False
|
||||
|
||||
print(
|
||||
"ℹ️ Sending a HEAD request to http://192.168.0.2 (default server) to test DISABLE_DEFAULT_SERVER",
|
||||
f"ℹ️ Sending a HEAD request to http://{'192.168.0.2' if getenv('TEST_TYPE', 'docker') == 'docker' else '127.0.0.1'} (default server) to test DISABLE_DEFAULT_SERVER",
|
||||
flush=True,
|
||||
)
|
||||
|
||||
try:
|
||||
response = head("http://192.168.0.2")
|
||||
response = head(
|
||||
"http://"
|
||||
+ (
|
||||
"192.168.0.2"
|
||||
if getenv("TEST_TYPE", "docker") == "docker"
|
||||
else "127.0.0.1"
|
||||
)
|
||||
)
|
||||
|
||||
if response.status_code != 403 and disabled_default_server:
|
||||
print(
|
||||
|
|
@ -213,7 +220,7 @@ try:
|
|||
|
||||
sleep(1)
|
||||
|
||||
serve_files = getenv("SERVE_FILES", "no") == "yes"
|
||||
serve_files = getenv("SERVE_FILES", "yes") == "yes"
|
||||
|
||||
print(
|
||||
f"ℹ️ Sending a HEAD request to http{'s' if ssl_generated else ''}://www.example.com/index.html to test the serve_files option",
|
||||
|
|
@ -247,7 +254,7 @@ try:
|
|||
|
||||
sleep(1)
|
||||
|
||||
http2 = getenv("HTTP2", "no") == "yes"
|
||||
http2 = getenv("HTTP2", "yes") == "yes"
|
||||
|
||||
print(
|
||||
f"ℹ️ Sending a GET request to http{'s' if ssl_generated else ''}://www.example.com with HTTP/2 to test HTTP2",
|
||||
|
|
|
|||
|
|
@ -40,6 +40,7 @@ else
|
|||
echo "LISTEN_HTTP=yes" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "DENY_HTTP_STATUS=403" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
sudo touch /var/www/html/index.html
|
||||
export TEST_TYPE="linux"
|
||||
fi
|
||||
|
||||
manual=0
|
||||
|
|
|
|||
|
|
@ -14,6 +14,8 @@ from uvicorn import run
|
|||
|
||||
fastapi_proc = None
|
||||
|
||||
ip_to_check = "1.0.0.3" if getenv("TEST_TYPE", "docker") == "docker" else "127.0.0.1"
|
||||
|
||||
try:
|
||||
redis_host = getenv("REDIS_HOST", "127.0.0.1")
|
||||
|
||||
|
|
@ -96,17 +98,17 @@ try:
|
|||
|
||||
print("ℹ️ The request was blocked, checking Redis ...", flush=True)
|
||||
|
||||
key_value = redis_client.get("plugin_reverse_scan_1.0.0.3:8080")
|
||||
key_value = redis_client.get(f"plugin_reverse_scan_{ip_to_check}:8080")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The Reverse Scan key ("plugin_reverse_scan_1.0.0.3:8080") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The Reverse Scan key ("plugin_reverse_scan_{ip_to_check}:8080") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
elif key_value != b"open":
|
||||
print(
|
||||
f'❌ The Reverse Scan key ("plugin_reverse_scan_1.0.0.3:8080") was found, but the value is not "open" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The Reverse Scan key ("plugin_reverse_scan_{ip_to_check}:8080") was found, but the value is not "open" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
|
@ -183,11 +185,11 @@ try:
|
|||
|
||||
print("ℹ️ The request was blocked, checking Redis ...", flush=True)
|
||||
|
||||
key_value = redis_client.get("plugin_bad_behavior_1.0.0.3")
|
||||
key_value = redis_client.get(f"plugin_bad_behavior_{ip_to_check}")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The Bad Behavior key ("plugin_bad_behavior_1.0.0.3") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The Bad Behavior key ("plugin_bad_behavior_{ip_to_check}") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
|
@ -215,11 +217,11 @@ try:
|
|||
|
||||
sleep(0.5)
|
||||
|
||||
second_key_value = redis_client.get("plugin_bad_behavior_1.0.0.3")
|
||||
second_key_value = redis_client.get(f"plugin_bad_behavior_{ip_to_check}")
|
||||
|
||||
if second_key_value <= key_value:
|
||||
print(
|
||||
f'❌ The Bad Behavior key ("plugin_bad_behavior_1.0.0.3") was not incremented, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The Bad Behavior key ("plugin_bad_behavior_{ip_to_check}") was not incremented, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
|
@ -248,11 +250,11 @@ try:
|
|||
|
||||
sleep(0.5)
|
||||
|
||||
key_value = redis_client.get("plugin_limit_www.example.com1.0.0.3/")
|
||||
key_value = redis_client.get(f"plugin_limit_www.example.com{ip_to_check}/")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The limit key ("plugin_limit_www.example.com1.0.0.3/") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The limit key ("plugin_limit_www.example.com{ip_to_check}/") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
|
@ -267,11 +269,11 @@ try:
|
|||
flush=True,
|
||||
)
|
||||
|
||||
key_value = redis_client.get("plugin_country_www.example.com1.0.0.3")
|
||||
key_value = redis_client.get(f"plugin_country_www.example.com{ip_to_check}")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The country key ("plugin_country_www.example.com1.0.0.3") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The country key ("plugin_country_www.example.com{ip_to_check}") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
|
@ -286,17 +288,17 @@ try:
|
|||
flush=True,
|
||||
)
|
||||
|
||||
key_value = redis_client.get("plugin_whitelist_www.example.comip1.0.0.3")
|
||||
key_value = redis_client.get(f"plugin_whitelist_www.example.comip{ip_to_check}")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The whitelist key ("plugin_whitelist_www.example.comip1.0.0.3") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The whitelist key ("plugin_whitelist_www.example.comip{ip_to_check}") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
if key_value != b"ok":
|
||||
print(
|
||||
f'❌ The whitelist key ("plugin_whitelist_www.example.comip1.0.0.3") was found, but the value is not "ok" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The whitelist key ("plugin_whitelist_www.example.comip{ip_to_check}") was found, but the value is not "ok" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
)
|
||||
|
||||
print(
|
||||
|
|
@ -309,17 +311,17 @@ try:
|
|||
flush=True,
|
||||
)
|
||||
|
||||
key_value = redis_client.get("plugin_blacklist_www.example.comip1.0.0.3")
|
||||
key_value = redis_client.get(f"plugin_blacklist_www.example.comip{ip_to_check}")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The blacklist key ("plugin_blacklist_www.example.comip1.0.0.3") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The blacklist key ("plugin_blacklist_www.example.comip{ip_to_check}") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
if key_value != b"ok":
|
||||
print(
|
||||
f'❌ The blacklist key ("plugin_blacklist_www.example.comip1.0.0.3") was found, but the value is not "ok" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The blacklist key ("plugin_blacklist_www.example.comip{ip_to_check}") was found, but the value is not "ok" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
)
|
||||
|
||||
print(
|
||||
|
|
@ -332,17 +334,17 @@ try:
|
|||
flush=True,
|
||||
)
|
||||
|
||||
key_value = redis_client.get("plugin_greylist_www.example.comip1.0.0.3")
|
||||
key_value = redis_client.get(f"plugin_greylist_www.example.comip{ip_to_check}")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The greylist key ("plugin_greylist_www.example.comip1.0.0.3") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The greylist key ("plugin_greylist_www.example.comip{ip_to_check}") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
if key_value != b"ip":
|
||||
print(
|
||||
f'❌ The greylist key ("plugin_greylist_www.example.comip1.0.0.3") was found, but the value is not "ip" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The greylist key ("plugin_greylist_www.example.comip{ip_to_check}") was found, but the value is not "ip" ({key_value.decode()}), exiting ...\nkeys: {redis_client.keys()}',
|
||||
)
|
||||
|
||||
print(
|
||||
|
|
@ -355,11 +357,11 @@ try:
|
|||
flush=True,
|
||||
)
|
||||
|
||||
key_value = redis_client.get("plugin_dnsbl_www.example.com1.0.0.3")
|
||||
key_value = redis_client.get(f"plugin_dnsbl_www.example.com{ip_to_check}")
|
||||
|
||||
if key_value is None:
|
||||
print(
|
||||
f'❌ The dnsbl key ("plugin_dnsbl_www.example.com1.0.0.3") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
f'❌ The dnsbl key ("plugin_dnsbl_www.example.com{ip_to_check}") was not found, exiting ...\nkeys: {redis_client.keys()}',
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
|
|
|||
|
|
@ -60,9 +60,12 @@ try:
|
|||
common_name = certificate.subject.get_attributes_for_oid(
|
||||
x509.oid.NameOID.COMMON_NAME
|
||||
)[0].value
|
||||
if common_name != self_signed_ssl_subj.replace("/", "").replace("CN=", ""):
|
||||
check_self_signed_ssl_subj = self_signed_ssl_subj.replace("/", "").replace(
|
||||
"CN=", ""
|
||||
)
|
||||
if common_name != check_self_signed_ssl_subj:
|
||||
print(
|
||||
f"❌ The SSL generation is enabled and the Common Name (CN) is not {self_signed_ssl_subj} but {common_name}, exiting ...",
|
||||
f"❌ The SSL generation is enabled and the Common Name (CN) is not {check_self_signed_ssl_subj} but {common_name}, exiting ...",
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
requests==2.31.0
|
||||
cryptography==41.0.3
|
||||
cryptography==41.0.4
|
||||
|
|
|
|||
Loading…
Reference in a new issue