Python: Rearrange directories

2026-04-30 03:05:15 +02:00 · 2021-02-24 22:07:27 +01:00
parent 10657160bc
commit bf3e5fceea
4 changed files with 0 additions and 0 deletions
--- a/python/ql/test/query-tests/Security/CWE-327/py2/InsecureDefaultProtocol.expected
+++ b/python/ql/test/query-tests/Security/CWE-327/py2/InsecureDefaultProtocol.expected
@@ -1,2 +0,0 @@
-| InsecureProtocol.py:41:1:41:17 | ControlFlowNode for Attribute() | Call to deprecated method ssl.wrap_socket does not specify a protocol, which may result in an insecure default being used. |
-| InsecureProtocol.py:42:11:42:22 | ControlFlowNode for SSLContext() | Call to ssl.SSLContext does not specify a protocol, which may result in an insecure default being used. |
--- a/python/ql/test/query-tests/Security/CWE-327/py2/InsecureDefaultProtocol.qlref
+++ b/python/ql/test/query-tests/Security/CWE-327/py2/InsecureDefaultProtocol.qlref
@@ -1 +0,0 @@
-Security/CWE-327/InsecureDefaultProtocol.ql
--- a/python/ql/test/query-tests/Security/CWE-327/py2/InsecureProtocol.py
+++ b/python/ql/test/query-tests/Security/CWE-327/py2/InsecureProtocol.py
@@ -1,52 +0,0 @@
-import ssl
-from pyOpenSSL import SSL
-from ssl import SSLContext
-
-# true positives
-ssl.wrap_socket(ssl_version=ssl.PROTOCOL_SSLv2)
-ssl.wrap_socket(ssl_version=ssl.PROTOCOL_SSLv3)
-ssl.wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1)
-
-SSLContext(protocol=ssl.PROTOCOL_SSLv2)
-SSLContext(protocol=ssl.PROTOCOL_SSLv3)
-SSLContext(protocol=ssl.PROTOCOL_TLSv1)
-
-SSL.Context(SSL.SSLv2_METHOD)
-SSL.Context(SSL.SSLv23_METHOD)
-SSL.Context(SSL.SSLv3_METHOD)
-SSL.Context(SSL.TLSv1_METHOD)
-
-# not relevant
-wrap_socket(ssl_version=ssl.PROTOCOL_SSLv3)
-wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1)
-wrap_socket(ssl_version=ssl.PROTOCOL_SSLv2)
-
-Context(SSL.SSLv3_METHOD)
-Context(SSL.TLSv1_METHOD)
-Context(SSL.SSLv2_METHOD)
-Context(SSL.SSLv23_METHOD)
-
-# true positive using flow
-
-METHOD = SSL.SSLv2_METHOD
-SSL.Context(METHOD)
-
-# secure versions
-
-ssl.wrap_socket(ssl_version=ssl.PROTOCOL_TLSv1_1)
-SSLContext(protocol=ssl.PROTOCOL_TLSv1_1)
-SSL.Context(SSL.TLSv1_1_METHOD)
-
-# possibly insecure default
-ssl.wrap_socket()
-context = SSLContext()
-
-# importing the protocol constant directly
-
-from ssl import PROTOCOL_SSLv2
-
-ssl.wrap_socket(ssl_version=PROTOCOL_SSLv2)
-SSLContext(protocol=PROTOCOL_SSLv2)
-
-# FP for insecure default
-ssl.SSLContext(ssl.SSLv23_METHOD)
--- a/python/ql/test/query-tests/Security/CWE-327/py2/options
+++ b/python/ql/test/query-tests/Security/CWE-327/py2/options
@@ -1 +0,0 @@
-semmle-extractor-options: --lang=2 -p ../lib/ --max-import-depth=3
				`@@ -1 +0,0 @@`
				`Security/CWE-327/InsecureDefaultProtocol.ql`
				`@@ -1 +0,0 @@`
				`semmle-extractor-options: --lang=2 -p ../lib/ --max-import-depth=3`