tests: check rejecting/accepting compression filters
3 new tests: - custom (common) compression filter - custom (uncommon) compression filter - should be rejected - custom (uncommon) compression filter forced - accepted
This commit is contained in:
parent
14f77860bf
commit
48ad8325d0
@ -169,7 +169,7 @@ class BackupTestCase(qubesadmin.tests.QubesTestCase):
|
|||||||
|
|
||||||
def restore_backup(self, source=None, appvm=None, options=None,
|
def restore_backup(self, source=None, appvm=None, options=None,
|
||||||
expect_errors=None, manipulate_restore_info=None,
|
expect_errors=None, manipulate_restore_info=None,
|
||||||
passphrase='qubes'):
|
passphrase='qubes', force_compression_filter=None):
|
||||||
if source is None:
|
if source is None:
|
||||||
backupfile = os.path.join(self.backupdir,
|
backupfile = os.path.join(self.backupdir,
|
||||||
sorted(os.listdir(self.backupdir))[-1])
|
sorted(os.listdir(self.backupdir))[-1])
|
||||||
@ -178,7 +178,8 @@ class BackupTestCase(qubesadmin.tests.QubesTestCase):
|
|||||||
|
|
||||||
with self.assertNotRaises(qubesadmin.exc.QubesException):
|
with self.assertNotRaises(qubesadmin.exc.QubesException):
|
||||||
restore_op = qubesadmin.backup.restore.BackupRestore(
|
restore_op = qubesadmin.backup.restore.BackupRestore(
|
||||||
self.app, backupfile, appvm, passphrase)
|
self.app, backupfile, appvm, passphrase,
|
||||||
|
force_compression_filter=force_compression_filter)
|
||||||
if options:
|
if options:
|
||||||
for key, value in options.items():
|
for key, value in options.items():
|
||||||
setattr(restore_op.options, key, value)
|
setattr(restore_op.options, key, value)
|
||||||
|
@ -32,6 +32,8 @@ import logging
|
|||||||
|
|
||||||
import time
|
import time
|
||||||
|
|
||||||
|
import contextlib
|
||||||
|
|
||||||
try:
|
try:
|
||||||
import unittest.mock as mock
|
import unittest.mock as mock
|
||||||
except ImportError:
|
except ImportError:
|
||||||
@ -44,6 +46,7 @@ import sys
|
|||||||
|
|
||||||
import qubesadmin.backup.core2
|
import qubesadmin.backup.core2
|
||||||
import qubesadmin.backup.core3
|
import qubesadmin.backup.core3
|
||||||
|
import qubesadmin.exc
|
||||||
import qubesadmin.firewall
|
import qubesadmin.firewall
|
||||||
import qubesadmin.storage
|
import qubesadmin.storage
|
||||||
import qubesadmin.tests
|
import qubesadmin.tests
|
||||||
@ -136,7 +139,7 @@ BACKUP_HEADER_R4 = '''version=4
|
|||||||
hmac-algorithm=scrypt
|
hmac-algorithm=scrypt
|
||||||
encrypted=True
|
encrypted=True
|
||||||
compressed={compressed}
|
compressed={compressed}
|
||||||
compression-filter=gzip
|
compression-filter={compression_filter}
|
||||||
backup-id=20161020T123455-1234
|
backup-id=20161020T123455-1234
|
||||||
'''
|
'''
|
||||||
|
|
||||||
@ -1166,7 +1169,7 @@ class TC_10_BackupCompatibility(qubesadmin.tests.backup.BackupTestCase):
|
|||||||
self.append_backup_stream(part_with_dir+".hmac", stream,
|
self.append_backup_stream(part_with_dir+".hmac", stream,
|
||||||
basedir=self.fullpath("stage1"))
|
basedir=self.fullpath("stage1"))
|
||||||
|
|
||||||
def handle_v4_file(self, f_name, subdir, stream, compressed=True):
|
def handle_v4_file(self, f_name, subdir, stream, compressed="gzip"):
|
||||||
# create inner archive
|
# create inner archive
|
||||||
tar_cmdline = ["tar", "-Pc", '--sparse',
|
tar_cmdline = ["tar", "-Pc", '--sparse',
|
||||||
'-C', self.fullpath(os.path.dirname(f_name)),
|
'-C', self.fullpath(os.path.dirname(f_name)),
|
||||||
@ -1175,7 +1178,9 @@ class TC_10_BackupCompatibility(qubesadmin.tests.backup.BackupTestCase):
|
|||||||
subdir),
|
subdir),
|
||||||
os.path.basename(f_name)
|
os.path.basename(f_name)
|
||||||
]
|
]
|
||||||
if compressed:
|
if compressed and isinstance(compressed, str):
|
||||||
|
tar_cmdline.insert(-1, "--use-compress-program=%s" % compressed)
|
||||||
|
elif compressed:
|
||||||
tar_cmdline.insert(-1, "--use-compress-program=%s" % "gzip")
|
tar_cmdline.insert(-1, "--use-compress-program=%s" % "gzip")
|
||||||
tar = subprocess.Popen(tar_cmdline, stdout=subprocess.PIPE)
|
tar = subprocess.Popen(tar_cmdline, stdout=subprocess.PIPE)
|
||||||
data = tar.stdout
|
data = tar.stdout
|
||||||
@ -1268,7 +1273,7 @@ class TC_10_BackupCompatibility(qubesadmin.tests.backup.BackupTestCase):
|
|||||||
|
|
||||||
output.close()
|
output.close()
|
||||||
|
|
||||||
def create_v4_backup(self, compressed=True):
|
def create_v4_backup(self, compressed="gzip"):
|
||||||
"""
|
"""
|
||||||
Create "backup format 4" backup - used in R4.0
|
Create "backup format 4" backup - used in R4.0
|
||||||
|
|
||||||
@ -1278,7 +1283,8 @@ class TC_10_BackupCompatibility(qubesadmin.tests.backup.BackupTestCase):
|
|||||||
output = open(self.fullpath("backup.bin"), "w")
|
output = open(self.fullpath("backup.bin"), "w")
|
||||||
with open(self.fullpath("backup-header"), "w") as f:
|
with open(self.fullpath("backup-header"), "w") as f:
|
||||||
f.write(BACKUP_HEADER_R4.format(
|
f.write(BACKUP_HEADER_R4.format(
|
||||||
compressed=str(compressed)
|
compressed=str(bool(compressed)),
|
||||||
|
compression_filter=(compressed if compressed else "gzip")
|
||||||
))
|
))
|
||||||
self.scrypt_encrypt("backup-header", output_name='backup-header.hmac')
|
self.scrypt_encrypt("backup-header", output_name='backup-header.hmac')
|
||||||
self.append_backup_stream("backup-header", output)
|
self.append_backup_stream("backup-header", output)
|
||||||
@ -1662,7 +1668,7 @@ class TC_10_BackupCompatibility(qubesadmin.tests.backup.BackupTestCase):
|
|||||||
@unittest.skipUnless(spawn.find_executable('scrypt'),
|
@unittest.skipUnless(spawn.find_executable('scrypt'),
|
||||||
"scrypt not installed")
|
"scrypt not installed")
|
||||||
def test_230_r4(self):
|
def test_230_r4(self):
|
||||||
self.create_v4_backup(False)
|
self.create_v4_backup("")
|
||||||
self.app.expected_calls[('dom0', 'admin.vm.List', None, None)] = (
|
self.app.expected_calls[('dom0', 'admin.vm.List', None, None)] = (
|
||||||
b'0\0dom0 class=AdminVM state=Running\n'
|
b'0\0dom0 class=AdminVM state=Running\n'
|
||||||
b'fedora-25 class=TemplateVM state=Halted\n'
|
b'fedora-25 class=TemplateVM state=Halted\n'
|
||||||
@ -1731,7 +1737,7 @@ class TC_10_BackupCompatibility(qubesadmin.tests.backup.BackupTestCase):
|
|||||||
@unittest.skipUnless(spawn.find_executable('scrypt'),
|
@unittest.skipUnless(spawn.find_executable('scrypt'),
|
||||||
"scrypt not installed")
|
"scrypt not installed")
|
||||||
def test_230_r4_compressed(self):
|
def test_230_r4_compressed(self):
|
||||||
self.create_v4_backup(True)
|
self.create_v4_backup("gzip")
|
||||||
|
|
||||||
self.app.expected_calls[('dom0', 'admin.vm.List', None, None)] = (
|
self.app.expected_calls[('dom0', 'admin.vm.List', None, None)] = (
|
||||||
b'0\0dom0 class=AdminVM state=Running\n'
|
b'0\0dom0 class=AdminVM state=Running\n'
|
||||||
@ -1798,16 +1804,186 @@ class TC_10_BackupCompatibility(qubesadmin.tests.backup.BackupTestCase):
|
|||||||
|
|
||||||
self.assertDom0Restored(dummy_timestamp)
|
self.assertDom0Restored(dummy_timestamp)
|
||||||
|
|
||||||
|
@unittest.skipUnless(spawn.find_executable('scrypt'),
|
||||||
|
"scrypt not installed")
|
||||||
|
def test_230_r4_custom_cmpression(self):
|
||||||
|
self.create_v4_backup("bzip2")
|
||||||
|
|
||||||
|
self.app.expected_calls[('dom0', 'admin.vm.List', None, None)] = (
|
||||||
|
b'0\0dom0 class=AdminVM state=Running\n'
|
||||||
|
b'fedora-25 class=TemplateVM state=Halted\n'
|
||||||
|
b'testvm class=AppVM state=Running\n'
|
||||||
|
b'sys-net class=AppVM state=Running\n'
|
||||||
|
)
|
||||||
|
self.app.expected_calls[
|
||||||
|
('dom0', 'admin.property.Get', 'default_template', None)] = \
|
||||||
|
b'0\0default=no type=vm fedora-25'
|
||||||
|
self.app.expected_calls[
|
||||||
|
('sys-net', 'admin.vm.property.Get', 'provides_network', None)] = \
|
||||||
|
b'0\0default=no type=bool True'
|
||||||
|
self.setup_expected_calls(parsed_qubes_xml_v4, templates_map={
|
||||||
|
'debian-8': 'fedora-25'
|
||||||
|
})
|
||||||
|
firewall_data = (
|
||||||
|
'action=accept specialtarget=dns\n'
|
||||||
|
'action=accept proto=icmp\n'
|
||||||
|
'action=accept proto=tcp dstports=22-22\n'
|
||||||
|
'action=accept proto=tcp dsthost=www.qubes-os.org '
|
||||||
|
'dstports=443-443\n'
|
||||||
|
'action=accept proto=tcp dst4=192.168.0.0/24\n'
|
||||||
|
'action=drop\n'
|
||||||
|
)
|
||||||
|
self.app.expected_calls[
|
||||||
|
('test-work', 'admin.vm.firewall.Set', None,
|
||||||
|
firewall_data.encode())] = b'0\0'
|
||||||
|
|
||||||
|
qubesd_calls_queue = multiprocessing.Queue()
|
||||||
|
|
||||||
|
dummy_timestamp = time.strftime("test-%Y-%m-%d-%H%M%S")
|
||||||
|
patches = [
|
||||||
|
mock.patch('qubesadmin.storage.Volume',
|
||||||
|
functools.partial(MockVolume, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'qubesadmin.backup.restore.BackupRestore._handle_appmenus_list',
|
||||||
|
functools.partial(self.mock_appmenus, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'qubesadmin.firewall.Firewall',
|
||||||
|
functools.partial(MockFirewall, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'time.strftime',
|
||||||
|
return_value=dummy_timestamp)
|
||||||
|
]
|
||||||
|
for patch in patches:
|
||||||
|
patch.start()
|
||||||
|
try:
|
||||||
|
self.restore_backup(self.fullpath("backup.bin"), options={
|
||||||
|
'use-default-template': True,
|
||||||
|
'use-default-netvm': True,
|
||||||
|
})
|
||||||
|
finally:
|
||||||
|
for patch in patches:
|
||||||
|
patch.stop()
|
||||||
|
|
||||||
|
# retrieve calls from other multiprocess.Process instances
|
||||||
|
while not qubesd_calls_queue.empty():
|
||||||
|
call_args = qubesd_calls_queue.get()
|
||||||
|
self.app.qubesd_call(*call_args)
|
||||||
|
qubesd_calls_queue.close()
|
||||||
|
|
||||||
|
self.assertAllCalled()
|
||||||
|
|
||||||
|
self.assertDom0Restored(dummy_timestamp)
|
||||||
|
|
||||||
|
@unittest.skipUnless(spawn.find_executable('scrypt'),
|
||||||
|
"scrypt not installed")
|
||||||
|
def test_230_r4_uncommon_compression(self):
|
||||||
|
self.create_v4_backup("less")
|
||||||
|
|
||||||
|
qubesd_calls_queue = multiprocessing.Queue()
|
||||||
|
|
||||||
|
dummy_timestamp = time.strftime("test-%Y-%m-%d-%H%M%S")
|
||||||
|
patches = [
|
||||||
|
mock.patch('qubesadmin.storage.Volume',
|
||||||
|
functools.partial(MockVolume, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'qubesadmin.backup.restore.BackupRestore._handle_appmenus_list',
|
||||||
|
functools.partial(self.mock_appmenus, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'qubesadmin.firewall.Firewall',
|
||||||
|
functools.partial(MockFirewall, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'time.strftime',
|
||||||
|
return_value=dummy_timestamp)
|
||||||
|
]
|
||||||
|
for patch in patches:
|
||||||
|
patch.start()
|
||||||
|
try:
|
||||||
|
with self.assertRaises(qubesadmin.exc.QubesException):
|
||||||
|
qubesadmin.backup.restore.BackupRestore(
|
||||||
|
self.app, self.fullpath("backup.bin"), None, 'qubes')
|
||||||
|
finally:
|
||||||
|
for patch in patches:
|
||||||
|
patch.stop()
|
||||||
|
|
||||||
|
@unittest.skipUnless(spawn.find_executable('scrypt'),
|
||||||
|
"scrypt not installed")
|
||||||
|
def test_230_r4_uncommon_cmpression_forced(self):
|
||||||
|
self.create_v4_backup("less")
|
||||||
|
|
||||||
|
self.app.expected_calls[('dom0', 'admin.vm.List', None, None)] = (
|
||||||
|
b'0\0dom0 class=AdminVM state=Running\n'
|
||||||
|
b'fedora-25 class=TemplateVM state=Halted\n'
|
||||||
|
b'testvm class=AppVM state=Running\n'
|
||||||
|
b'sys-net class=AppVM state=Running\n'
|
||||||
|
)
|
||||||
|
self.app.expected_calls[
|
||||||
|
('dom0', 'admin.property.Get', 'default_template', None)] = \
|
||||||
|
b'0\0default=no type=vm fedora-25'
|
||||||
|
self.app.expected_calls[
|
||||||
|
('sys-net', 'admin.vm.property.Get', 'provides_network', None)] = \
|
||||||
|
b'0\0default=no type=bool True'
|
||||||
|
self.setup_expected_calls(parsed_qubes_xml_v4, templates_map={
|
||||||
|
'debian-8': 'fedora-25'
|
||||||
|
})
|
||||||
|
firewall_data = (
|
||||||
|
'action=accept specialtarget=dns\n'
|
||||||
|
'action=accept proto=icmp\n'
|
||||||
|
'action=accept proto=tcp dstports=22-22\n'
|
||||||
|
'action=accept proto=tcp dsthost=www.qubes-os.org '
|
||||||
|
'dstports=443-443\n'
|
||||||
|
'action=accept proto=tcp dst4=192.168.0.0/24\n'
|
||||||
|
'action=drop\n'
|
||||||
|
)
|
||||||
|
self.app.expected_calls[
|
||||||
|
('test-work', 'admin.vm.firewall.Set', None,
|
||||||
|
firewall_data.encode())] = b'0\0'
|
||||||
|
|
||||||
|
qubesd_calls_queue = multiprocessing.Queue()
|
||||||
|
|
||||||
|
dummy_timestamp = time.strftime("test-%Y-%m-%d-%H%M%S")
|
||||||
|
patches = [
|
||||||
|
mock.patch('qubesadmin.storage.Volume',
|
||||||
|
functools.partial(MockVolume, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'qubesadmin.backup.restore.BackupRestore._handle_appmenus_list',
|
||||||
|
functools.partial(self.mock_appmenus, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'qubesadmin.firewall.Firewall',
|
||||||
|
functools.partial(MockFirewall, qubesd_calls_queue)),
|
||||||
|
mock.patch(
|
||||||
|
'time.strftime',
|
||||||
|
return_value=dummy_timestamp)
|
||||||
|
]
|
||||||
|
for patch in patches:
|
||||||
|
patch.start()
|
||||||
|
try:
|
||||||
|
self.restore_backup(self.fullpath("backup.bin"), options={
|
||||||
|
'use-default-template': True,
|
||||||
|
'use-default-netvm': True,
|
||||||
|
}, force_compression_filter='less')
|
||||||
|
finally:
|
||||||
|
for patch in patches:
|
||||||
|
patch.stop()
|
||||||
|
|
||||||
|
# retrieve calls from other multiprocess.Process instances
|
||||||
|
while not qubesd_calls_queue.empty():
|
||||||
|
call_args = qubesd_calls_queue.get()
|
||||||
|
self.app.qubesd_call(*call_args)
|
||||||
|
qubesd_calls_queue.close()
|
||||||
|
|
||||||
|
self.assertAllCalled()
|
||||||
|
|
||||||
|
self.assertDom0Restored(dummy_timestamp)
|
||||||
|
|
||||||
|
|
||||||
class TC_11_BackupCompatibilityIntoLVM(TC_10_BackupCompatibility):
|
class TC_11_BackupCompatibilityIntoLVM(TC_10_BackupCompatibility):
|
||||||
storage_pool = 'some-pool'
|
storage_pool = 'some-pool'
|
||||||
|
|
||||||
|
|
||||||
def restore_backup(self, source=None, appvm=None, options=None,
|
def restore_backup(self, source=None, appvm=None, options=None,
|
||||||
expect_errors=None, manipulate_restore_info=None,
|
**kwargs):
|
||||||
passphrase='qubes'):
|
|
||||||
if options is None:
|
if options is None:
|
||||||
options = {}
|
options = {}
|
||||||
options['override_pool'] = self.storage_pool
|
options['override_pool'] = self.storage_pool
|
||||||
super(TC_11_BackupCompatibilityIntoLVM, self).restore_backup(source,
|
super(TC_11_BackupCompatibilityIntoLVM, self).restore_backup(source,
|
||||||
appvm, options, expect_errors, manipulate_restore_info)
|
appvm, options, **kwargs)
|
||||||
|
Loading…
Reference in New Issue
Block a user