aboutsummaryrefslogtreecommitdiffstats
path: root/test/security/check_for_jdwp.sh
AgeCommit message (Collapse)AuthorFilesLines
2020-03-10Add a white list for jdwp testsmrichomme1-42/+88
The port scanned can be the default redis port. A white list must be included to avoid false positive. Open quesiton, should this list be passed as argument? It is relatively static so for the moment, I created a list to exclude through grep -V the false positive Issue-ID: INT-1435 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: Ibaed4c5c0e5ae179af0ae317e543c1efdc9ddef2 Signed-off-by: mrichomme <morgan.richomme@orange.com>
2019-05-10Don't treat error reply as a proper JDWP handshakeKrzysztof Opasiak1-1/+2
As it turned out thanks to Yan Yang some ONAP services tend to return a propr JDWP handshake as a part of their error message. Let's filter out those services by checking number of lines returned by the server. We expect that proper JDWP handshake won't be longer than a single line. Issue-ID: SECCOM-231 Change-Id: I4b8950ebdf5fe118ec5f2dd5f4de583211784fb2 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2019-05-06Don't wait forever for jdwp responseKrzysztof Opasiak1-1/+2
Some of web services do not send any data when challenged with JDWP challenge. This makes the script waiting forever for response. To fix that let's introduce 10s timeout (experimental value) and replace empty string with a new line to avoid bash warnings. Issue-ID: SECCOM-231 Change-Id: I35546c001c5c54f298e8a4e346c2cf5d41e230ac Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2019-03-21Add script which looks for open JDWP portsKrzysztof Opasiak1-0/+93
ONAP should not expose any open JDWP ports even inside a cluser. Let's start enforcing this by adding test script to integration which will find all open JDWP ports. Based on initial work by: Radoslaw Zeszczuk <r.zeszczuk@samsung.com> Issue-ID: SECCOM-231 Change-Id: Ica46faad55850c74ed24728d54f6afdb3301a6d2 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>