Mercurial > hg > orthanc-tests

annotate Tests/CheckDicomTls.py @ 658:31a7e52b3da6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
split DICOM TLS in 2: check-client and no-check-client
author Alain Mazy <am@orthanc.team>
date Mon, 17 Jun 2024 18:25:18 +0200
parents 5d7b6e43ab7d
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
610
ec657d1a62a6 fix compatibility with python3
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 588
diff changeset
1 #!/usr/bin/python3
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
2
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
3 # Orthanc - A Lightweight, RESTful DICOM Store
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
4 # Copyright (C) 2012-2016 Sebastien Jodogne, Medical Physics
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
5 # Department, University Hospital of Liege, Belgium
649
5d7b6e43ab7d updated copyright, as Orthanc Team now replaces Osimis
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 640
diff changeset
6 # Copyright (C) 2017-2023 Osimis S.A., Belgium
5d7b6e43ab7d updated copyright, as Orthanc Team now replaces Osimis
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 640
diff changeset
7 # Copyright (C) 2024-2024 Orthanc Team SRL, Belgium
640
9f8276ac1cdd update year to 2024
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 610
diff changeset
8 # Copyright (C) 2021-2024 Sebastien Jodogne, ICTEAM UCLouvain, Belgium
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
9 #
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
10 # This program is free software: you can redistribute it and/or
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
11 # modify it under the terms of the GNU General Public License as
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
12 # published by the Free Software Foundation, either version 3 of the
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
13 # License, or (at your option) any later version.
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
14 #
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
15 # This program is distributed in the hope that it will be useful, but
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
16 # WITHOUT ANY WARRANTY; without even the implied warranty of
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
18 # General Public License for more details.
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
19 #
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
20 # You should have received a copy of the GNU General Public License
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
21 # along with this program. If not, see <http://www.gnu.org/licenses/>.
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
22
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
23
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
24
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
25 import argparse
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
26 import os
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
27 import pprint
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
28 import re
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
29 import sys
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
30 import subprocess
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
31 import unittest
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
32
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
33 from Toolbox import *
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
34
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
35
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
36 ##
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
37 ## Parse the command-line arguments
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
38 ##
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
39
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
40 parser = argparse.ArgumentParser(description = 'Run the integration tests for DICOM TLS in Orthanc.')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
41
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
42 parser.add_argument('--server',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
43 default = 'localhost',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
44 help = 'Address of the Orthanc server to test')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
45 parser.add_argument('--aet',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
46 default = 'ORTHANC',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
47 help = 'AET of the Orthanc instance to test')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
48 parser.add_argument('--dicom',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
49 type = int,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
50 default = 4242,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
51 help = 'DICOM port of the Orthanc instance to test')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
52 parser.add_argument('--rest',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
53 type = int,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
54 default = 8042,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
55 help = 'Port to the REST API')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
56 parser.add_argument('--username',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
57 default = 'alice',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
58 help = 'Username to the REST API')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
59 parser.add_argument('--password',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
60 default = 'orthanctest',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
61 help = 'Password to the REST API')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
62 parser.add_argument('--force', help = 'Do not warn the user',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
63 action = 'store_true')
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
64 parser.add_argument('--config-no-check-client', help = 'Create the configuration files for the "no-check-client" tests in the current folder',
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
65 action = 'store_true')
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
66 parser.add_argument('--config-check-client', help = 'Create the configuration files for the "check-client" tests test in the current folder',
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
67 action = 'store_true')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
68 parser.add_argument('options', metavar = 'N', nargs = '*',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
69 help='Arguments to Python unittest')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
70
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
71 args = parser.parse_args()
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
72
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
73
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
74 ##
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
75 ## Configure the testing context
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
76 ##
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
77
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
78
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
79 if args.config_no_check_client or args.config_check_client:
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
80 def CreateCertificate(name):
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
81 subprocess.check_call([ 'openssl', 'req', '-x509', '-nodes', '-days', '365', '-newkey', 'rsa:2048',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
82 '-keyout', '%s.key' % name,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
83 '-out', '%s.crt' % name,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
84 '-subj', '/C=BE/CN=localhost' ])
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
85
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
86 print('Writing configuration for the %s tests to current folder' % ('no-check-client' if args.config_no_check_client else 'check-client'))
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
87 CreateCertificate('dicom-tls-a')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
88 CreateCertificate('dicom-tls-b')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
89 CreateCertificate('dicom-tls-c') # Not trusted by Orthanc
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
90
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
91 with open('dicom-tls-trusted.crt', 'w') as f:
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
92 for i in [ 'dicom-tls-a.crt', 'dicom-tls-b.crt' ]:
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
93 with open(i, 'r') as g:
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
94 f.write(g.read())
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
95
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
96 with open('dicom-tls.json', 'w') as f:
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
97 f.write(json.dumps({
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
98 'DicomTlsEnabled' : True,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
99 'DicomTlsCertificate' : 'dicom-tls-a.crt',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
100 'DicomTlsPrivateKey' : 'dicom-tls-a.key',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
101 'DicomTlsTrustedCertificates' : 'dicom-tls-trusted.crt',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
102 'ExecuteLuaEnabled' : True,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
103 'RemoteAccessAllowed' : True,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
104 'RegisteredUsers' : {
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
105 'alice' : 'orthanctest'
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
106 },
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
107 'DicomTlsRemoteCertificateRequired' : args.config_check_client, # New in Orthanc 1.9.3
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
108 }))
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
109
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
110 exit(0)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
111
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
112
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
113 if not args.force:
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
114 print("""
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
115 WARNING: This test will remove all the content of your
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
116 Orthanc instance running on %s!
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
117
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
118 Are you sure ["yes" to go on]?""" % args.server)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
119
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
120 if sys.stdin.readline().strip() != 'yes':
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
121 print('Aborting...')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
122 exit(0)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
123
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
124
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
125 ORTHANC = DefineOrthanc(server = args.server,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
126 username = args.username,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
127 password = args.password,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
128 restPort = args.rest,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
129 aet = args.aet,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
130 dicomPort = args.dicom)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
131
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
132
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
133 ##
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
134 ## The tests
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
135 ##
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
136
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
137
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
138 FNULL = open(os.devnull, 'w') # Emulates "subprocess.DEVNULL" on Python 2.7
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
139
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
140
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
141 # in these tests, Orthanc does not check client certificates
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
142 class OrthancNoCheckClient(unittest.TestCase):
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
143 def setUp(self):
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
144 if (sys.version_info >= (3, 0)):
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
145 # Remove annoying warnings about unclosed socket in Python 3
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
146 import warnings
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
147 warnings.simplefilter('ignore', ResourceWarning)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
148
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
149 DropOrthanc(ORTHANC)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
150
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
151
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
152 def test_incoming(self):
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
153 # No client certificate provided and client does not check server cert -> raise
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
154 self.assertRaises(Exception, lambda: subprocess.check_call([
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
155 FindExecutable('echoscu'),
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
156 ORTHANC['Server'],
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
157 str(ORTHANC['DicomPort']),
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
158 '-aec', 'ORTHANC',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
159 ], stderr = FNULL))
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
160
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
161 # No client certificate provided and client does check server cert -> no raise
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
162 self.assertRaises(Exception, lambda: subprocess.check_call([
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
163 FindExecutable('echoscu'),
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
164 ORTHANC['Server'],
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
165 str(ORTHANC['DicomPort']),
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
166 '-aec', 'ORTHANC',
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
167 '+cf', 'dicom-tls-a.crt'
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
168 ], stderr = FNULL))
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
169
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
170 # random client certificate provided and client does check server cert -> no raise since Orthanc does not check the client cert
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
171 subprocess.check_call([
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
172 FindExecutable('echoscu'),
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
173 ORTHANC['Server'],
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
174 str(ORTHANC['DicomPort']),
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
175 '-aec', 'ORTHANC',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
176 '+tls', 'dicom-tls-b.key', 'dicom-tls-b.crt',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
177 '+cf', 'dicom-tls-a.crt',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
178 ], stderr = FNULL)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
179
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
180
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
181
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
182 def test_outgoing_to_self(self):
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
183 u = UploadInstance(ORTHANC, 'DummyCT.dcm') ['ID']
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
184
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
185 # Error, as DICOM TLS is not enabled
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
186 DoPut(ORTHANC, '/modalities/self', {
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
187 'AET' : 'ORTHANC',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
188 'Host' : ORTHANC['Server'],
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
189 'Port' : ORTHANC['DicomPort'],
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
190 })
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
191
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
192 self.assertRaises(Exception, lambda: DoPost(ORTHANC, '/modalities/self/store', u))
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
193
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
194 # Retry using DICOM TLS
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
195 DoPut(ORTHANC, '/modalities/self', {
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
196 'AET' : 'ORTHANC',
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
197 'Host' : ORTHANC['Server'],
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
198 'Port' : ORTHANC['DicomPort'],
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
199 'UseDicomTls' : True,
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
200 })
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
201
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
202 self.assertEqual(1, DoPost(ORTHANC, '/modalities/self/store', u) ['InstancesCount'])
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
203
400
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
204
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
205 def test_anonymous(self):
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
206 # Fails on Orthanc <= 1.9.2
588
8aa101e126d0 migration to UCLouvain servers
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 511
diff changeset
207 # https://orthanc.uclouvain.be/book/faq/dicom-tls.html#secure-tls-connections-without-certificate
400
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
208 subprocess.check_call([
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
209 FindExecutable('echoscu'),
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
210 ORTHANC['Server'],
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
211 str(ORTHANC['DicomPort']),
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
212 '-aec', 'ORTHANC',
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
213 '--anonymous-tls',
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
214 '+cf', 'dicom-tls-a.crt',
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
215 ], stderr = FNULL)
f454fe86061b dicom tls: test_anonymous
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 375
diff changeset
216
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
217
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
218 # in these tests, Orthanc do checks client certificates
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
219 class OrthancCheckClient(unittest.TestCase):
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
220 def setUp(self):
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
221 if (sys.version_info >= (3, 0)):
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
222 # Remove annoying warnings about unclosed socket in Python 3
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
223 import warnings
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
224 warnings.simplefilter('ignore', ResourceWarning)
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
225
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
226 DropOrthanc(ORTHANC)
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
227
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
228
658
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
229 def test_check_client_incoming(self):
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
230 # client provides an untrusted certificate -> Orthanc will complain -> raise
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
231 self.assertRaises(Exception, lambda: subprocess.check_call([
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
232 FindExecutable('echoscu'),
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
233 ORTHANC['Server'],
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
234 str(ORTHANC['DicomPort']),
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
235 '-aec', 'ORTHANC',
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
236 '+tls', 'dicom-tls-c.key', 'dicom-tls-c.crt', # Not trusted by Orthanc
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
237 '+cf', 'dicom-tls-a.crt',
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
238 ], stderr = FNULL))
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
239
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
240 # client provides a trusted certificate but expects another cert from Orthanc -> raise
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
241 self.assertRaises(Exception, lambda: subprocess.check_call([
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
242 FindExecutable('echoscu'),
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
243 ORTHANC['Server'],
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
244 str(ORTHANC['DicomPort']),
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
245 '-aec', 'ORTHANC',
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
246 '+tls', 'dicom-tls-b.key', 'dicom-tls-b.crt',
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
247 '+cf', 'dicom-tls-b.crt', # Not the certificate of Orthanc
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
248 ], stderr = FNULL))
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
249
31a7e52b3da6 split DICOM TLS in 2: check-client and no-check-client
Alain Mazy <am@orthanc.team>
parents: 649
diff changeset
250
375
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
251 try:
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
252 print('\nStarting the tests...')
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
253 unittest.main(argv = [ sys.argv[0] ] + args.options)
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
254
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
255 finally:
08fac54c8555 CheckDicomTls.py
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
256 print('\nDone')