diff options
| author | Aldo Cortesi <aldo@corte.si> | 2018-05-06 12:43:25 +1200 |
|---|---|---|
| committer | Aldo Cortesi <aldo@corte.si> | 2018-05-06 12:43:25 +1200 |
| commit | 60acbd79b9b81ff0e733628dc3ee538011a37778 (patch) | |
| tree | 1d7f807ccd8d8c1a6734cde8f6e3a7bcaceb5daf /test | |
| parent | c53bc39c9547685d4227d9b4ad48a22d6d11dbff (diff) | |
| download | mitmproxy-60acbd79b9b81ff0e733628dc3ee538011a37778.tar.gz mitmproxy-60acbd79b9b81ff0e733628dc3ee538011a37778.tar.bz2 mitmproxy-60acbd79b9b81ff0e733628dc3ee538011a37778.zip | |
Remove allowremote addon, add an improved take called block
We now have two options: block_global blocks global networks, block_private
blocks private networks. The block_global option is true by default, and
block_private is false by default. The addon name is "block" so the options are
correctly prefixed.
Also make option documentation precise, reduce verbosity of logs.
Diffstat (limited to 'test')
| -rw-r--r-- | test/mitmproxy/addons/test_allowremote.py | 61 | ||||
| -rw-r--r-- | test/mitmproxy/addons/test_block.py | 63 |
2 files changed, 63 insertions, 61 deletions
diff --git a/test/mitmproxy/addons/test_allowremote.py b/test/mitmproxy/addons/test_allowremote.py deleted file mode 100644 index c8e3eb9e..00000000 --- a/test/mitmproxy/addons/test_allowremote.py +++ /dev/null @@ -1,61 +0,0 @@ -from unittest import mock -import pytest - -from mitmproxy.addons import allowremote, proxyauth -from mitmproxy.test import taddons - - -@pytest.mark.parametrize("allow_remote, should_be_killed, address", [ - (True, False, ("10.0.0.1",)), - (True, False, ("172.20.0.1",)), - (True, False, ("192.168.1.1",)), - (True, False, ("1.1.1.1",)), - (True, False, ("8.8.8.8",)), - (True, False, ("216.58.207.174",)), - (True, False, ("::ffff:1.1.1.1",)), - (True, False, ("::ffff:8.8.8.8",)), - (True, False, ("::ffff:216.58.207.174",)), - (True, False, ("::ffff:10.0.0.1",)), - (True, False, ("::ffff:172.20.0.1",)), - (True, False, ("::ffff:192.168.1.1",)), - (True, False, ("fe80::",)), - (True, False, ("2001:4860:4860::8888",)), - (False, False, ("10.0.0.1",)), - (False, False, ("172.20.0.1",)), - (False, False, ("192.168.1.1",)), - (False, True, ("1.1.1.1",)), - (False, True, ("8.8.8.8",)), - (False, True, ("216.58.207.174",)), - (False, True, ("::ffff:1.1.1.1",)), - (False, True, ("::ffff:8.8.8.8",)), - (False, True, ("::ffff:216.58.207.174",)), - (False, False, ("::ffff:10.0.0.1",)), - (False, False, ("::ffff:172.20.0.1",)), - (False, False, ("::ffff:192.168.1.1",)), - (False, False, ("fe80::",)), - (False, True, ("2001:4860:4860::8888",)), -]) -@pytest.mark.asyncio -async def test_allowremote(allow_remote, should_be_killed, address): - if allow_remote: - # prevent faulty tests - assert not should_be_killed - - ar = allowremote.AllowRemote() - up = proxyauth.ProxyAuth() - with taddons.context(ar, up) as tctx: - tctx.options.allow_remote = allow_remote - - with mock.patch('mitmproxy.proxy.protocol.base.Layer') as layer: - layer.client_conn.address = address - - ar.clientconnect(layer) - if should_be_killed: - assert await tctx.master.await_log("Client connection was killed", "warn") - else: - assert tctx.master.logs == [] - tctx.master.clear() - - tctx.options.proxyauth = "any" - ar.clientconnect(layer) - assert tctx.master.logs == [] diff --git a/test/mitmproxy/addons/test_block.py b/test/mitmproxy/addons/test_block.py new file mode 100644 index 00000000..4446d89c --- /dev/null +++ b/test/mitmproxy/addons/test_block.py @@ -0,0 +1,63 @@ +from unittest import mock +import pytest + +from mitmproxy.addons import block +from mitmproxy.test import taddons + + +@pytest.mark.parametrize("block_global, block_private, should_be_killed, address", [ + # block_global: loopback + (True, False, False, ("127.0.0.1",)), + (True, False, False, ("::1",)), + # block_global: private + (True, False, False, ("10.0.0.1",)), + (True, False, False, ("172.20.0.1",)), + (True, False, False, ("192.168.1.1",)), + (True, False, False, ("::ffff:10.0.0.1",)), + (True, False, False, ("::ffff:172.20.0.1",)), + (True, False, False, ("::ffff:192.168.1.1",)), + (True, False, False, ("fe80::",)), + # block_global: global + (True, False, True, ("1.1.1.1",)), + (True, False, True, ("8.8.8.8",)), + (True, False, True, ("216.58.207.174",)), + (True, False, True, ("::ffff:1.1.1.1",)), + (True, False, True, ("::ffff:8.8.8.8",)), + (True, False, True, ("::ffff:216.58.207.174",)), + (True, False, True, ("2001:4860:4860::8888",)), + + + # block_private: loopback + (False, True, False, ("127.0.0.1",)), + (False, True, False, ("::1",)), + # block_private: private + (False, True, True, ("10.0.0.1",)), + (False, True, True, ("172.20.0.1",)), + (False, True, True, ("192.168.1.1",)), + (False, True, True, ("::ffff:10.0.0.1",)), + (False, True, True, ("::ffff:172.20.0.1",)), + (False, True, True, ("::ffff:192.168.1.1",)), + (False, True, True, ("fe80::",)), + # block_private: global + (False, True, False, ("1.1.1.1",)), + (False, True, False, ("8.8.8.8",)), + (False, True, False, ("216.58.207.174",)), + (False, True, False, ("::ffff:1.1.1.1",)), + (False, True, False, ("::ffff:8.8.8.8",)), + (False, True, False, ("::ffff:216.58.207.174",)), + (False, True, False, ("2001:4860:4860::8888",)), +]) +@pytest.mark.asyncio +async def test_block_global(block_global, block_private, should_be_killed, address): + ar = block.Block() + with taddons.context(ar) as tctx: + tctx.options.block_global = block_global + tctx.options.block_private = block_private + with mock.patch('mitmproxy.proxy.protocol.base.Layer') as layer: + layer.client_conn.address = address + ar.clientconnect(layer) + if should_be_killed: + assert layer.reply.kill.called + assert await tctx.master.await_log("killed", "warn") + else: + assert not layer.reply.kill.called |