test_php_application.py (894:c79252edf26f) test_php_application.py (970:2f4376c8f358)
1import unittest
2import unit
3import re
4
5class TestUnitPHPApplication(unit.TestUnitApplicationPHP):
6
7 def setUpClass():
8 unit.TestUnit().check_modules('php')
9
10 def search_disabled(self, name):
11 p = re.compile(name + '\(\) has been disabled')
12 return self.search_in_log(p)
13
14 def test_php_application_variables(self):
15 self.load('variables')
16
17 body = 'Test body string.'
18
19 resp = self.post(headers={
20 'Host': 'localhost',
21 'Content-Type': 'text/html',
1import unittest
2import unit
3import re
4
5class TestUnitPHPApplication(unit.TestUnitApplicationPHP):
6
7 def setUpClass():
8 unit.TestUnit().check_modules('php')
9
10 def search_disabled(self, name):
11 p = re.compile(name + '\(\) has been disabled')
12 return self.search_in_log(p)
13
14 def test_php_application_variables(self):
15 self.load('variables')
16
17 body = 'Test body string.'
18
19 resp = self.post(headers={
20 'Host': 'localhost',
21 'Content-Type': 'text/html',
22 'Custom-Header': 'blah'
22 'Custom-Header': 'blah',
23 'Connection': 'close'
23 }, body=body)
24
25 self.assertEqual(resp['status'], 200, 'status')
26 headers = resp['headers']
27 header_server = headers.pop('Server')
28 self.assertRegex(header_server, r'Unit/[\d\.]+', 'server header')
29 self.assertEqual(headers.pop('Server-Software'), header_server,
30 'server software header')
31
32 date = headers.pop('Date')
33 self.assertEqual(date[-4:], ' GMT', 'date header timezone')
34 self.assertLess(abs(self.date_to_sec_epoch(date) - self.sec_epoch()), 5,
35 'date header')
36
37 if 'X-Powered-By' in headers:
38 headers.pop('X-Powered-By')
39
40 headers.pop('Content-type')
41 self.assertDictEqual(headers, {
24 }, body=body)
25
26 self.assertEqual(resp['status'], 200, 'status')
27 headers = resp['headers']
28 header_server = headers.pop('Server')
29 self.assertRegex(header_server, r'Unit/[\d\.]+', 'server header')
30 self.assertEqual(headers.pop('Server-Software'), header_server,
31 'server software header')
32
33 date = headers.pop('Date')
34 self.assertEqual(date[-4:], ' GMT', 'date header timezone')
35 self.assertLess(abs(self.date_to_sec_epoch(date) - self.sec_epoch()), 5,
36 'date header')
37
38 if 'X-Powered-By' in headers:
39 headers.pop('X-Powered-By')
40
41 headers.pop('Content-type')
42 self.assertDictEqual(headers, {
43 'Connection': 'close',
42 'Content-Length': str(len(body)),
43 'Request-Method': 'POST',
44 'Request-Uri': '/',
45 'Http-Host': 'localhost',
46 'Server-Protocol': 'HTTP/1.1',
47 'Custom-Header': 'blah'
48 }, 'headers')
49 self.assertEqual(resp['body'], body, 'body')
50
51 def test_php_application_query_string(self):
52 self.load('query_string')
53
54 resp = self.get(url='/?var1=val1&var2=val2')
55
56 self.assertEqual(resp['headers']['Query-String'], 'var1=val1&var2=val2',
57 'query string')
58
59 def test_php_application_query_string_empty(self):
60 self.load('query_string')
61
62 resp = self.get(url='/?')
63
64 self.assertEqual(resp['status'], 200, 'query string empty status')
65 self.assertEqual(resp['headers']['Query-String'], '',
66 'query string empty')
67
68 @unittest.expectedFailure
69 def test_php_application_query_string_absent(self):
70 self.load('query_string')
71
72 resp = self.get()
73
74 self.assertEqual(resp['status'], 200, 'query string absent status')
75 self.assertEqual(resp['headers']['Query-String'], '',
76 'query string absent')
77
78 def test_php_application_phpinfo(self):
79 self.load('phpinfo')
80
81 resp = self.get()
82
83 self.assertEqual(resp['status'], 200, 'status')
84 self.assertNotEqual(resp['body'], '', 'body not empty')
85
86 def test_php_application_404(self):
87 self.load('404')
88
89 resp = self.get()
90
91 self.assertEqual(resp['status'], 404, '404 status')
92 self.assertRegex(resp['body'], r'<title>404 Not Found</title>',
93 '404 body')
94
95 def test_php_application_keepalive_body(self):
96 self.load('mirror')
97
98 (resp, sock) = self.post(headers={
44 'Content-Length': str(len(body)),
45 'Request-Method': 'POST',
46 'Request-Uri': '/',
47 'Http-Host': 'localhost',
48 'Server-Protocol': 'HTTP/1.1',
49 'Custom-Header': 'blah'
50 }, 'headers')
51 self.assertEqual(resp['body'], body, 'body')
52
53 def test_php_application_query_string(self):
54 self.load('query_string')
55
56 resp = self.get(url='/?var1=val1&var2=val2')
57
58 self.assertEqual(resp['headers']['Query-String'], 'var1=val1&var2=val2',
59 'query string')
60
61 def test_php_application_query_string_empty(self):
62 self.load('query_string')
63
64 resp = self.get(url='/?')
65
66 self.assertEqual(resp['status'], 200, 'query string empty status')
67 self.assertEqual(resp['headers']['Query-String'], '',
68 'query string empty')
69
70 @unittest.expectedFailure
71 def test_php_application_query_string_absent(self):
72 self.load('query_string')
73
74 resp = self.get()
75
76 self.assertEqual(resp['status'], 200, 'query string absent status')
77 self.assertEqual(resp['headers']['Query-String'], '',
78 'query string absent')
79
80 def test_php_application_phpinfo(self):
81 self.load('phpinfo')
82
83 resp = self.get()
84
85 self.assertEqual(resp['status'], 200, 'status')
86 self.assertNotEqual(resp['body'], '', 'body not empty')
87
88 def test_php_application_404(self):
89 self.load('404')
90
91 resp = self.get()
92
93 self.assertEqual(resp['status'], 404, '404 status')
94 self.assertRegex(resp['body'], r'<title>404 Not Found</title>',
95 '404 body')
96
97 def test_php_application_keepalive_body(self):
98 self.load('mirror')
99
100 (resp, sock) = self.post(headers={
101 'Host': 'localhost',
99 'Connection': 'keep-alive',
102 'Connection': 'keep-alive',
100 'Content-Type': 'text/html',
101 'Host': 'localhost'
103 'Content-Type': 'text/html'
102 }, start=True, body='0123456789' * 500)
103
104 self.assertEqual(resp['body'], '0123456789' * 500, 'keep-alive 1')
105
106 resp = self.post(headers={
104 }, start=True, body='0123456789' * 500)
105
106 self.assertEqual(resp['body'], '0123456789' * 500, 'keep-alive 1')
107
108 resp = self.post(headers={
109 'Host': 'localhost',
107 'Connection': 'close',
110 'Connection': 'close',
108 'Content-Type': 'text/html',
109 'Host': 'localhost'
111 'Content-Type': 'text/html'
110 }, sock=sock, body='0123456789')
111
112 self.assertEqual(resp['body'], '0123456789', 'keep-alive 2')
113
114 def test_php_application_conditional(self):
115 self.load('conditional')
116
117 self.assertRegex(self.get()['body'], r'True', 'conditional true')
118 self.assertRegex(self.post()['body'], r'False', 'conditional false')
119
120 def test_php_application_get_variables(self):
121 self.load('get_variables')
122
123 resp = self.get(url='/?var1=val1&var2=&var3')
124 self.assertEqual(resp['headers']['X-Var-1'], 'val1', 'GET variables')
125 self.assertEqual(resp['headers']['X-Var-2'], '1', 'GET variables 2')
126 self.assertEqual(resp['headers']['X-Var-3'], '1', 'GET variables 3')
127 self.assertEqual(resp['headers']['X-Var-4'], '', 'GET variables 4')
128
129 def test_php_application_post_variables(self):
130 self.load('post_variables')
131
132 resp = self.post(headers={
133 'Content-Type': 'application/x-www-form-urlencoded',
134 'Host': 'localhost',
135 'Connection': 'close'
136 }, body='var1=val1&var2=')
137 self.assertEqual(resp['headers']['X-Var-1'], 'val1', 'POST variables')
138 self.assertEqual(resp['headers']['X-Var-2'], '1', 'POST variables 2')
139 self.assertEqual(resp['headers']['X-Var-3'], '', 'POST variables 3')
140
141 def test_php_application_cookies(self):
142 self.load('cookies')
143
144 resp = self.get(headers={
145 'Cookie': 'var=val; var2=val2',
146 'Host': 'localhost',
147 'Connection': 'close'
148 })
149
150 self.assertEqual(resp['headers']['X-Cookie-1'], 'val', 'cookie')
151 self.assertEqual(resp['headers']['X-Cookie-2'], 'val2', 'cookie')
152
153 def test_php_application_ini_precision(self):
154 self.load('ini_precision')
155
156 self.assertNotEqual(self.get()['headers']['X-Precision'], '4',
157 'ini value default')
158
159 self.conf({"file": "php.ini"}, 'applications/ini_precision/options')
160
161 self.assertEqual(self.get()['headers']['X-File'],
162 self.current_dir + '/php/ini_precision/php.ini', 'ini file')
163 self.assertEqual(self.get()['headers']['X-Precision'], '4', 'ini value')
164
165 @unittest.expectedFailure
166 def test_php_application_ini_admin_user(self):
167 self.load('ini_precision')
168
169 self.assertIn('error', self.conf({
170 "user": { "precision": "4" },
171 "admin": { "precision": "5" }
172 }, 'applications/ini_precision/options'), 'ini admin user')
173
174 def test_php_application_ini_admin(self):
175 self.load('ini_precision')
176
177 self.conf({
178 "file": "php.ini",
179 "admin": { "precision": "5" }
180 }, 'applications/ini_precision/options')
181
182 self.assertEqual(self.get()['headers']['X-Precision'], '5',
183 'ini value admin')
184
185 def test_php_application_ini_user(self):
186 self.load('ini_precision')
187
188 self.conf({
189 "file": "php.ini",
190 "user": { "precision": "5" }
191 }, 'applications/ini_precision/options')
192
193 self.assertEqual(self.get()['headers']['X-Precision'], '5',
194 'ini value user')
195
196 def test_php_application_ini_user_2(self):
197 self.load('ini_precision')
198
199 self.conf({"file": "php.ini"}, 'applications/ini_precision/options')
200
201 self.assertEqual(self.get()['headers']['X-Precision'], '4',
202 'ini user file')
203
204 self.conf({ "precision": "5" },
205 'applications/ini_precision/options/user')
206
207 self.assertEqual(self.get()['headers']['X-Precision'], '5',
208 'ini value user')
209
210 def test_php_application_ini_set_admin(self):
211 self.load('ini_precision')
212
213 self.conf({"admin": { "precision": "5" }},
214 'applications/ini_precision/options')
215
216 self.assertEqual(self.get(url='/?precision=6')['headers']['X-Precision'],
217 '5', 'ini set admin')
218
219 def test_php_application_ini_set_user(self):
220 self.load('ini_precision')
221
222 self.conf({"user": { "precision": "5" }},
223 'applications/ini_precision/options')
224
225 self.assertEqual(self.get(url='/?precision=6')['headers']['X-Precision'],
226 '6', 'ini set user')
227
228 def test_php_application_ini_repeat(self):
229 self.load('ini_precision')
230
231 self.conf({"user": { "precision": "5" }},
232 'applications/ini_precision/options')
233
234 self.assertEqual(self.get()['headers']['X-Precision'], '5', 'ini value')
235
236 self.assertEqual(self.get()['headers']['X-Precision'], '5',
237 'ini value repeat')
238
239 def test_php_application_disable_functions_exec(self):
240 self.load('highlight_file_exec')
241
242 self.conf({"admin": { "disable_functions": "exec" }},
243 'applications/highlight_file_exec/options')
244
245 self.get()
246
247 self.assertIsNotNone(self.search_disabled('exec'),
248 'disable_functions exec')
249 self.assertIsNone(self.search_disabled('highlight_file'),
250 'disable_functions highlight_file')
251
252 def test_php_application_disable_functions_highlight_file(self):
253 self.load('highlight_file_exec')
254
255 self.conf({"admin": { "disable_functions": "highlight_file" }},
256 'applications/highlight_file_exec/options')
257
258 self.get()
259
260 self.assertIsNone(self.search_disabled('exec'),
261 'disable_functions exec')
262 self.assertIsNotNone(self.search_disabled('highlight_file'),
263 'disable_functions highlight_file')
264
265 def test_php_application_disable_functions_comma(self):
266 self.load('highlight_file_exec')
267
268 self.conf({"admin": { "disable_functions": "exec,highlight_file" }},
269 'applications/highlight_file_exec/options')
270
271 self.get()
272
273 self.assertIsNotNone(self.search_disabled('exec'),
274 'disable_functions exec')
275 self.assertIsNotNone(self.search_disabled('highlight_file'),
276 'disable_functions highlight_file')
277
278 def test_php_application_disable_functions_space(self):
279 self.load('highlight_file_exec')
280
281 self.conf({"admin": { "disable_functions": "exec highlight_file" }},
282 'applications/highlight_file_exec/options')
283
284 self.get()
285
286 self.assertIsNotNone(self.search_disabled('exec'),
287 'disable_functions exec')
288 self.assertIsNotNone(self.search_disabled('highlight_file'),
289 'disable_functions highlight_file')
290
291 def test_php_application_disable_functions_user(self):
292 self.load('highlight_file_exec')
293
294 self.conf({"user": { "disable_functions": "exec" }},
295 'applications/highlight_file_exec/options')
296
297 self.get()
298
299 self.assertIsNotNone(self.search_disabled('exec'),
300 'disable_functions exec')
301 self.assertIsNone(self.search_disabled('highlight_file'),
302 'disable_functions highlight_file')
303
304 def test_php_application_disable_functions_nonexistent(self):
305 self.load('highlight_file_exec')
306
307 self.conf({"admin": { "disable_functions": "blah" }},
308 'applications/highlight_file_exec/options')
309
310 self.get()
311
312 self.assertIsNone(self.search_disabled('exec'),
313 'disable_functions exec')
314 self.assertIsNone(self.search_disabled('highlight_file'),
315 'disable_functions highlight_file')
316
317 def test_php_application_disable_classes(self):
318 self.load('date_time')
319
320 self.get()
321
322 self.assertIsNone(self.search_disabled('DateTime'),
323 'disable_classes before')
324
325 self.conf({"admin": { "disable_classes": "DateTime" }},
326 'applications/date_time/options')
327
328 self.get()
329
330 self.assertIsNotNone(self.search_disabled('DateTime'),
331 'disable_classes')
332
333 def test_php_application_disable_classes_user(self):
334 self.load('date_time')
335
336 self.conf({"user": { "disable_classes": "DateTime" }},
337 'applications/date_time/options')
338
339 self.get()
340
341 self.assertIsNotNone(self.search_disabled('DateTime'),
342 'disable_classes user')
343
344if __name__ == '__main__':
345 TestUnitPHPApplication.main()
112 }, sock=sock, body='0123456789')
113
114 self.assertEqual(resp['body'], '0123456789', 'keep-alive 2')
115
116 def test_php_application_conditional(self):
117 self.load('conditional')
118
119 self.assertRegex(self.get()['body'], r'True', 'conditional true')
120 self.assertRegex(self.post()['body'], r'False', 'conditional false')
121
122 def test_php_application_get_variables(self):
123 self.load('get_variables')
124
125 resp = self.get(url='/?var1=val1&var2=&var3')
126 self.assertEqual(resp['headers']['X-Var-1'], 'val1', 'GET variables')
127 self.assertEqual(resp['headers']['X-Var-2'], '1', 'GET variables 2')
128 self.assertEqual(resp['headers']['X-Var-3'], '1', 'GET variables 3')
129 self.assertEqual(resp['headers']['X-Var-4'], '', 'GET variables 4')
130
131 def test_php_application_post_variables(self):
132 self.load('post_variables')
133
134 resp = self.post(headers={
135 'Content-Type': 'application/x-www-form-urlencoded',
136 'Host': 'localhost',
137 'Connection': 'close'
138 }, body='var1=val1&var2=')
139 self.assertEqual(resp['headers']['X-Var-1'], 'val1', 'POST variables')
140 self.assertEqual(resp['headers']['X-Var-2'], '1', 'POST variables 2')
141 self.assertEqual(resp['headers']['X-Var-3'], '', 'POST variables 3')
142
143 def test_php_application_cookies(self):
144 self.load('cookies')
145
146 resp = self.get(headers={
147 'Cookie': 'var=val; var2=val2',
148 'Host': 'localhost',
149 'Connection': 'close'
150 })
151
152 self.assertEqual(resp['headers']['X-Cookie-1'], 'val', 'cookie')
153 self.assertEqual(resp['headers']['X-Cookie-2'], 'val2', 'cookie')
154
155 def test_php_application_ini_precision(self):
156 self.load('ini_precision')
157
158 self.assertNotEqual(self.get()['headers']['X-Precision'], '4',
159 'ini value default')
160
161 self.conf({"file": "php.ini"}, 'applications/ini_precision/options')
162
163 self.assertEqual(self.get()['headers']['X-File'],
164 self.current_dir + '/php/ini_precision/php.ini', 'ini file')
165 self.assertEqual(self.get()['headers']['X-Precision'], '4', 'ini value')
166
167 @unittest.expectedFailure
168 def test_php_application_ini_admin_user(self):
169 self.load('ini_precision')
170
171 self.assertIn('error', self.conf({
172 "user": { "precision": "4" },
173 "admin": { "precision": "5" }
174 }, 'applications/ini_precision/options'), 'ini admin user')
175
176 def test_php_application_ini_admin(self):
177 self.load('ini_precision')
178
179 self.conf({
180 "file": "php.ini",
181 "admin": { "precision": "5" }
182 }, 'applications/ini_precision/options')
183
184 self.assertEqual(self.get()['headers']['X-Precision'], '5',
185 'ini value admin')
186
187 def test_php_application_ini_user(self):
188 self.load('ini_precision')
189
190 self.conf({
191 "file": "php.ini",
192 "user": { "precision": "5" }
193 }, 'applications/ini_precision/options')
194
195 self.assertEqual(self.get()['headers']['X-Precision'], '5',
196 'ini value user')
197
198 def test_php_application_ini_user_2(self):
199 self.load('ini_precision')
200
201 self.conf({"file": "php.ini"}, 'applications/ini_precision/options')
202
203 self.assertEqual(self.get()['headers']['X-Precision'], '4',
204 'ini user file')
205
206 self.conf({ "precision": "5" },
207 'applications/ini_precision/options/user')
208
209 self.assertEqual(self.get()['headers']['X-Precision'], '5',
210 'ini value user')
211
212 def test_php_application_ini_set_admin(self):
213 self.load('ini_precision')
214
215 self.conf({"admin": { "precision": "5" }},
216 'applications/ini_precision/options')
217
218 self.assertEqual(self.get(url='/?precision=6')['headers']['X-Precision'],
219 '5', 'ini set admin')
220
221 def test_php_application_ini_set_user(self):
222 self.load('ini_precision')
223
224 self.conf({"user": { "precision": "5" }},
225 'applications/ini_precision/options')
226
227 self.assertEqual(self.get(url='/?precision=6')['headers']['X-Precision'],
228 '6', 'ini set user')
229
230 def test_php_application_ini_repeat(self):
231 self.load('ini_precision')
232
233 self.conf({"user": { "precision": "5" }},
234 'applications/ini_precision/options')
235
236 self.assertEqual(self.get()['headers']['X-Precision'], '5', 'ini value')
237
238 self.assertEqual(self.get()['headers']['X-Precision'], '5',
239 'ini value repeat')
240
241 def test_php_application_disable_functions_exec(self):
242 self.load('highlight_file_exec')
243
244 self.conf({"admin": { "disable_functions": "exec" }},
245 'applications/highlight_file_exec/options')
246
247 self.get()
248
249 self.assertIsNotNone(self.search_disabled('exec'),
250 'disable_functions exec')
251 self.assertIsNone(self.search_disabled('highlight_file'),
252 'disable_functions highlight_file')
253
254 def test_php_application_disable_functions_highlight_file(self):
255 self.load('highlight_file_exec')
256
257 self.conf({"admin": { "disable_functions": "highlight_file" }},
258 'applications/highlight_file_exec/options')
259
260 self.get()
261
262 self.assertIsNone(self.search_disabled('exec'),
263 'disable_functions exec')
264 self.assertIsNotNone(self.search_disabled('highlight_file'),
265 'disable_functions highlight_file')
266
267 def test_php_application_disable_functions_comma(self):
268 self.load('highlight_file_exec')
269
270 self.conf({"admin": { "disable_functions": "exec,highlight_file" }},
271 'applications/highlight_file_exec/options')
272
273 self.get()
274
275 self.assertIsNotNone(self.search_disabled('exec'),
276 'disable_functions exec')
277 self.assertIsNotNone(self.search_disabled('highlight_file'),
278 'disable_functions highlight_file')
279
280 def test_php_application_disable_functions_space(self):
281 self.load('highlight_file_exec')
282
283 self.conf({"admin": { "disable_functions": "exec highlight_file" }},
284 'applications/highlight_file_exec/options')
285
286 self.get()
287
288 self.assertIsNotNone(self.search_disabled('exec'),
289 'disable_functions exec')
290 self.assertIsNotNone(self.search_disabled('highlight_file'),
291 'disable_functions highlight_file')
292
293 def test_php_application_disable_functions_user(self):
294 self.load('highlight_file_exec')
295
296 self.conf({"user": { "disable_functions": "exec" }},
297 'applications/highlight_file_exec/options')
298
299 self.get()
300
301 self.assertIsNotNone(self.search_disabled('exec'),
302 'disable_functions exec')
303 self.assertIsNone(self.search_disabled('highlight_file'),
304 'disable_functions highlight_file')
305
306 def test_php_application_disable_functions_nonexistent(self):
307 self.load('highlight_file_exec')
308
309 self.conf({"admin": { "disable_functions": "blah" }},
310 'applications/highlight_file_exec/options')
311
312 self.get()
313
314 self.assertIsNone(self.search_disabled('exec'),
315 'disable_functions exec')
316 self.assertIsNone(self.search_disabled('highlight_file'),
317 'disable_functions highlight_file')
318
319 def test_php_application_disable_classes(self):
320 self.load('date_time')
321
322 self.get()
323
324 self.assertIsNone(self.search_disabled('DateTime'),
325 'disable_classes before')
326
327 self.conf({"admin": { "disable_classes": "DateTime" }},
328 'applications/date_time/options')
329
330 self.get()
331
332 self.assertIsNotNone(self.search_disabled('DateTime'),
333 'disable_classes')
334
335 def test_php_application_disable_classes_user(self):
336 self.load('date_time')
337
338 self.conf({"user": { "disable_classes": "DateTime" }},
339 'applications/date_time/options')
340
341 self.get()
342
343 self.assertIsNotNone(self.search_disabled('DateTime'),
344 'disable_classes user')
345
346if __name__ == '__main__':
347 TestUnitPHPApplication.main()