From e6da87724cff1cecc16030803dd8a7dda2813491 Mon Sep 17 00:00:00 2001
From: Jared Hendrickson <jaredhendrickson13@gmail.com>
Date: Wed, 6 Jul 2022 23:15:45 -0600
Subject: [PATCH 1/7] test: added basic unit testing.

---
 .pylintrc                  | 610 +++++++++++++++++++++++++++++++++++++
 pfsense_vshell/__init__.py |  18 +-
 tests/test_vshell.py       |  64 ++++
 3 files changed, 688 insertions(+), 4 deletions(-)
 create mode 100644 .pylintrc
 create mode 100644 tests/test_vshell.py

diff --git a/.pylintrc b/.pylintrc
new file mode 100644
index 0000000..3c23876
--- /dev/null
+++ b/.pylintrc
@@ -0,0 +1,610 @@
+[MAIN]
+
+# Analyse import fallback blocks. This can be used to support both Python 2 and
+# 3 compatible code, which means that the block might have code that exists
+# only in one or another interpreter, leading to false positives when analysed.
+analyse-fallback-blocks=no
+
+# Load and enable all available extensions. Use --list-extensions to see a list
+# all available extensions.
+#enable-all-extensions=
+
+# In error mode, messages with a category besides ERROR or FATAL are
+# suppressed, and no reports are done by default. Error mode is compatible with
+# disabling specific errors.
+#errors-only=
+
+# Always return a 0 (non-error) status code, even if lint errors are found.
+# This is primarily useful in continuous integration scripts.
+#exit-zero=
+
+# A comma-separated list of package or module names from where C extensions may
+# be loaded. Extensions are loading into the active Python interpreter and may
+# run arbitrary code.
+extension-pkg-allow-list=
+
+# A comma-separated list of package or module names from where C extensions may
+# be loaded. Extensions are loading into the active Python interpreter and may
+# run arbitrary code. (This is an alternative name to extension-pkg-allow-list
+# for backward compatibility.)
+extension-pkg-whitelist=
+
+# Return non-zero exit code if any of these messages/categories are detected,
+# even if score is above --fail-under value. Syntax same as enable. Messages
+# specified are enabled, while categories only check already-enabled messages.
+fail-on=
+
+# Specify a score threshold to be exceeded before program exits with error.
+fail-under=10
+
+# Interpret the stdin as a python script, whose filename needs to be passed as
+# the module_or_package argument.
+#from-stdin=
+
+# Files or directories to be skipped. They should be base names, not paths.
+ignore=CVS
+
+# Add files or directories matching the regex patterns to the ignore-list. The
+# regex matches against paths and can be in Posix or Windows format.
+ignore-paths=
+
+# Files or directories matching the regex patterns are skipped. The regex
+# matches against base names, not paths. The default value ignores Emacs file
+# locks
+ignore-patterns=^\.#
+
+# List of module names for which member attributes should not be checked
+# (useful for modules/projects where namespaces are manipulated during runtime
+# and thus existing member attributes cannot be deduced by static analysis). It
+# supports qualified module names, as well as Unix pattern matching.
+ignored-modules=
+
+# Python code to execute, usually for sys.path manipulation such as
+# pygtk.require().
+#init-hook=
+
+# Use multiple processes to speed up Pylint. Specifying 0 will auto-detect the
+# number of processors available to use, and will cap the count on Windows to
+# avoid hangs.
+jobs=1
+
+# Control the amount of potential inferred values when inferring a single
+# object. This can help the performance when dealing with large functions or
+# complex, nested conditions.
+limit-inference-results=100
+
+# List of plugins (as comma separated values of python module names) to load,
+# usually to register additional checkers.
+load-plugins=
+
+# Pickle collected data for later comparisons.
+persistent=yes
+
+# Minimum Python version to use for version dependent checks. Will default to
+# the version used to run pylint.
+py-version=3.5
+
+# Discover python modules and packages in the file system subtree.
+recursive=no
+
+# When enabled, pylint would attempt to guess common misconfiguration and emit
+# user-friendly hints instead of false-positive error messages.
+suggestion-mode=yes
+
+# Allow loading of arbitrary C extensions. Extensions are imported into the
+# active Python interpreter and may run arbitrary code.
+unsafe-load-any-extension=no
+
+# In verbose mode, extra non-checker-related info will be displayed.
+#verbose=
+
+
+[REPORTS]
+
+# Python expression which should return a score less than or equal to 10. You
+# have access to the variables 'fatal', 'error', 'warning', 'refactor',
+# 'convention', and 'info' which contain the number of messages in each
+# category, as well as 'statement' which is the total number of statements
+# analyzed. This score is used by the global evaluation report (RP0004).
+evaluation=max(0, 0 if fatal else 10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10))
+
+# Template used to display messages. This is a python new-style format string
+# used to format the message information. See doc for all details.
+msg-template=
+
+# Set the output format. Available formats are text, parseable, colorized, json
+# and msvs (visual studio). You can also give a reporter class, e.g.
+# mypackage.mymodule.MyReporterClass.
+#output-format=
+
+# Tells whether to display a full report or only the messages.
+reports=no
+
+# Activate the evaluation score.
+score=yes
+
+
+[MESSAGES CONTROL]
+
+# Only show warnings with the listed confidence levels. Leave empty to show
+# all. Valid levels: HIGH, CONTROL_FLOW, INFERENCE, INFERENCE_FAILURE,
+# UNDEFINED.
+confidence=HIGH,
+           CONTROL_FLOW,
+           INFERENCE,
+           INFERENCE_FAILURE,
+           UNDEFINED
+
+# Disable the message, report, category or checker with the given id(s). You
+# can either give multiple identifiers separated by comma (,) or put this
+# option multiple times (only on the command line, not in the configuration
+# file where it should appear only once). You can also use "--disable=all" to
+# disable everything first and then re-enable specific checks. For example, if
+# you want to run only the similarities checker, you can use "--disable=all
+# --enable=similarities". If you want to run only the classes checker, but have
+# no Warning level messages displayed, use "--disable=all --enable=classes
+# --disable=W".
+disable=raw-checker-failed,
+        bad-inline-option,
+        locally-disabled,
+        file-ignored,
+        suppressed-message,
+        useless-suppression,
+        deprecated-pragma,
+        use-symbolic-message-instead
+
+# Enable the message, report, category or checker with the given id(s). You can
+# either give multiple identifier separated by comma (,) or put this option
+# multiple time (only on the command line, not in the configuration file where
+# it should appear only once). See also the "--disable" option for examples.
+enable=c-extension-no-member
+
+
+[LOGGING]
+
+# The type of string formatting that logging methods do. `old` means using %
+# formatting, `new` is for `{}` formatting.
+logging-format-style=old
+
+# Logging modules to check that the string format arguments are in logging
+# function parameter format.
+logging-modules=logging
+
+
+[SPELLING]
+
+# Limits count of emitted suggestions for spelling mistakes.
+max-spelling-suggestions=4
+
+# Spelling dictionary name. Available dictionaries: none. To make it work,
+# install the 'python-enchant' package.
+spelling-dict=
+
+# List of comma separated words that should be considered directives if they
+# appear at the beginning of a comment and should not be checked.
+spelling-ignore-comment-directives=fmt: on,fmt: off,noqa:,noqa,nosec,isort:skip,mypy:
+
+# List of comma separated words that should not be checked.
+spelling-ignore-words=
+
+# A path to a file that contains the private dictionary; one word per line.
+spelling-private-dict-file=
+
+# Tells whether to store unknown words to the private dictionary (see the
+# --spelling-private-dict-file option) instead of raising a message.
+spelling-store-unknown-words=no
+
+
+[MISCELLANEOUS]
+
+# List of note tags to take in consideration, separated by a comma.
+notes=FIXME,
+      XXX,
+      TODO
+
+# Regular expression of note tags to take in consideration.
+notes-rgx=
+
+
+[TYPECHECK]
+
+# List of decorators that produce context managers, such as
+# contextlib.contextmanager. Add to this list to register other decorators that
+# produce valid context managers.
+contextmanager-decorators=contextlib.contextmanager
+
+# List of members which are set dynamically and missed by pylint inference
+# system, and so shouldn't trigger E1101 when accessed. Python regular
+# expressions are accepted.
+generated-members=
+
+# Tells whether to warn about missing members when the owner of the attribute
+# is inferred to be None.
+ignore-none=yes
+
+# This flag controls whether pylint should warn about no-member and similar
+# checks whenever an opaque object is returned when inferring. The inference
+# can return multiple potential results while evaluating a Python object, but
+# some branches might not be evaluated, which results in partial inference. In
+# that case, it might be useful to still emit no-member and other checks for
+# the rest of the inferred objects.
+ignore-on-opaque-inference=yes
+
+# List of symbolic message names to ignore for Mixin members.
+ignored-checks-for-mixins=no-member,
+                          not-async-context-manager,
+                          not-context-manager,
+                          attribute-defined-outside-init
+
+# List of class names for which member attributes should not be checked (useful
+# for classes with dynamically set attributes). This supports the use of
+# qualified names.
+ignored-classes=optparse.Values,thread._local,_thread._local,argparse.Namespace
+
+# Show a hint with possible names when a member name was not found. The aspect
+# of finding the hint is based on edit distance.
+missing-member-hint=yes
+
+# The minimum edit distance a name should have in order to be considered a
+# similar match for a missing member name.
+missing-member-hint-distance=1
+
+# The total number of similar names that should be taken in consideration when
+# showing a hint for a missing member.
+missing-member-max-choices=1
+
+# Regex pattern to define which classes are considered mixins.
+mixin-class-rgx=.*[Mm]ixin
+
+# List of decorators that change the signature of a decorated function.
+signature-mutators=
+
+
+[CLASSES]
+
+# Warn about protected attribute access inside special methods
+check-protected-access-in-special-methods=no
+
+# List of method names used to declare (i.e. assign) instance attributes.
+defining-attr-methods=__init__,
+                      __new__,
+                      setUp,
+                      __post_init__
+
+# List of member names, which should be excluded from the protected access
+# warning.
+exclude-protected=_asdict,
+                  _fields,
+                  _replace,
+                  _source,
+                  _make
+
+# List of valid names for the first argument in a class method.
+valid-classmethod-first-arg=cls
+
+# List of valid names for the first argument in a metaclass class method.
+valid-metaclass-classmethod-first-arg=cls
+
+
+[VARIABLES]
+
+# List of additional names supposed to be defined in builtins. Remember that
+# you should avoid defining new builtins when possible.
+additional-builtins=
+
+# Tells whether unused global variables should be treated as a violation.
+allow-global-unused-variables=yes
+
+# List of names allowed to shadow builtins
+allowed-redefined-builtins=
+
+# List of strings which can identify a callback function by name. A callback
+# name must start or end with one of those strings.
+callbacks=cb_,
+          _cb
+
+# A regular expression matching the name of dummy variables (i.e. expected to
+# not be used).
+dummy-variables-rgx=_+$|(_[a-zA-Z0-9_]*[a-zA-Z0-9]+?$)|dummy|^ignored_|^unused_
+
+# Argument names that match this expression will be ignored. Default to name
+# with leading underscore.
+ignored-argument-names=_.*|^ignored_|^unused_
+
+# Tells whether we should check for unused import in __init__ files.
+init-import=no
+
+# List of qualified module names which can have objects that can redefine
+# builtins.
+redefining-builtins-modules=six.moves,past.builtins,future.builtins,builtins,io
+
+
+[FORMAT]
+
+# Expected format of line ending, e.g. empty (any line ending), LF or CRLF.
+expected-line-ending-format=
+
+# Regexp for a line that is allowed to be longer than the limit.
+ignore-long-lines=^\s*(# )?<?https?://\S+>?$
+
+# Number of spaces of indent required inside a hanging or continued line.
+indent-after-paren=4
+
+# String used as indentation unit. This is usually "    " (4 spaces) or "\t" (1
+# tab).
+indent-string='    '
+
+# Maximum number of characters on a single line.
+max-line-length=128
+
+# Maximum number of lines in a module.
+max-module-lines=1000
+
+# Allow the body of a class to be on the same line as the declaration if body
+# contains single statement.
+single-line-class-stmt=no
+
+# Allow the body of an if to be on the same line as the test if there is no
+# else.
+single-line-if-stmt=no
+
+
+[IMPORTS]
+
+# List of modules that can be imported at any level, not just the top level
+# one.
+allow-any-import-level=
+
+# Allow wildcard imports from modules that define __all__.
+allow-wildcard-with-all=no
+
+# Deprecated modules which should not be used, separated by a comma.
+deprecated-modules=
+
+# Output a graph (.gv or any supported image format) of external dependencies
+# to the given file (report RP0402 must not be disabled).
+ext-import-graph=
+
+# Output a graph (.gv or any supported image format) of all (i.e. internal and
+# external) dependencies to the given file (report RP0402 must not be
+# disabled).
+import-graph=
+
+# Output a graph (.gv or any supported image format) of internal dependencies
+# to the given file (report RP0402 must not be disabled).
+int-import-graph=
+
+# Force import order to recognize a module as part of the standard
+# compatibility libraries.
+known-standard-library=
+
+# Force import order to recognize a module as part of a third party library.
+known-third-party=enchant
+
+# Couples of modules and preferred modules, separated by a comma.
+preferred-modules=
+
+
+[EXCEPTIONS]
+
+# Exceptions that will emit a warning when caught.
+overgeneral-exceptions=BaseException,
+                       Exception
+
+
+[REFACTORING]
+
+# Maximum number of nested blocks for function / method body
+max-nested-blocks=5
+
+# Complete name of functions that never returns. When checking for
+# inconsistent-return-statements if a never returning function is called then
+# it will be considered as an explicit return statement and no message will be
+# printed.
+never-returning-functions=sys.exit,argparse.parse_error
+
+
+[SIMILARITIES]
+
+# Comments are removed from the similarity computation
+ignore-comments=yes
+
+# Docstrings are removed from the similarity computation
+ignore-docstrings=yes
+
+# Imports are removed from the similarity computation
+ignore-imports=yes
+
+# Signatures are removed from the similarity computation
+ignore-signatures=yes
+
+# Minimum lines number of a similarity.
+min-similarity-lines=4
+
+
+[DESIGN]
+
+# List of regular expressions of class ancestor names to ignore when counting
+# public methods (see R0903)
+exclude-too-few-public-methods=
+
+# List of qualified class names to ignore when counting class parents (see
+# R0901)
+ignored-parents=
+
+# Maximum number of arguments for function / method.
+max-args=5
+
+# Maximum number of attributes for a class (see R0902).
+max-attributes=7
+
+# Maximum number of boolean expressions in an if statement (see R0916).
+max-bool-expr=5
+
+# Maximum number of branch for function / method body.
+max-branches=12
+
+# Maximum number of locals for function / method body.
+max-locals=15
+
+# Maximum number of parents for a class (see R0901).
+max-parents=7
+
+# Maximum number of public methods for a class (see R0904).
+max-public-methods=20
+
+# Maximum number of return / yield for function / method body.
+max-returns=6
+
+# Maximum number of statements in function / method body.
+max-statements=50
+
+# Minimum number of public methods for a class (see R0903).
+min-public-methods=2
+
+
+[STRING]
+
+# This flag controls whether inconsistent-quotes generates a warning when the
+# character used as a quote delimiter is used inconsistently within a module.
+check-quote-consistency=no
+
+# This flag controls whether the implicit-str-concat should generate a warning
+# on implicit string concatenation in sequences defined over several lines.
+check-str-concat-over-line-jumps=no
+
+
+[BASIC]
+
+# Naming style matching correct argument names.
+argument-naming-style=snake_case
+
+# Regular expression matching correct argument names. Overrides argument-
+# naming-style. If left empty, argument names will be checked with the set
+# naming style.
+#argument-rgx=
+
+# Naming style matching correct attribute names.
+attr-naming-style=snake_case
+
+# Regular expression matching correct attribute names. Overrides attr-naming-
+# style. If left empty, attribute names will be checked with the set naming
+# style.
+#attr-rgx=
+
+# Bad variable names which should always be refused, separated by a comma.
+bad-names=foo,
+          bar,
+          baz,
+          toto,
+          tutu,
+          tata
+
+# Bad variable names regexes, separated by a comma. If names match any regex,
+# they will always be refused
+bad-names-rgxs=
+
+# Naming style matching correct class attribute names.
+class-attribute-naming-style=any
+
+# Regular expression matching correct class attribute names. Overrides class-
+# attribute-naming-style. If left empty, class attribute names will be checked
+# with the set naming style.
+#class-attribute-rgx=
+
+# Naming style matching correct class constant names.
+class-const-naming-style=UPPER_CASE
+
+# Regular expression matching correct class constant names. Overrides class-
+# const-naming-style. If left empty, class constant names will be checked with
+# the set naming style.
+#class-const-rgx=
+
+# Naming style matching correct class names.
+class-naming-style=PascalCase
+
+# Regular expression matching correct class names. Overrides class-naming-
+# style. If left empty, class names will be checked with the set naming style.
+#class-rgx=
+
+# Naming style matching correct constant names.
+const-naming-style=UPPER_CASE
+
+# Regular expression matching correct constant names. Overrides const-naming-
+# style. If left empty, constant names will be checked with the set naming
+# style.
+#const-rgx=
+
+# Minimum line length for functions/classes that require docstrings, shorter
+# ones are exempt.
+docstring-min-length=-1
+
+# Naming style matching correct function names.
+function-naming-style=snake_case
+
+# Regular expression matching correct function names. Overrides function-
+# naming-style. If left empty, function names will be checked with the set
+# naming style.
+#function-rgx=
+
+# Good variable names which should always be accepted, separated by a comma.
+good-names=i,
+           j,
+           k,
+           ex,
+           Run,
+           _
+
+# Good variable names regexes, separated by a comma. If names match any regex,
+# they will always be accepted
+good-names-rgxs=
+
+# Include a hint for the correct naming format with invalid-name.
+include-naming-hint=no
+
+# Naming style matching correct inline iteration names.
+inlinevar-naming-style=any
+
+# Regular expression matching correct inline iteration names. Overrides
+# inlinevar-naming-style. If left empty, inline iteration names will be checked
+# with the set naming style.
+#inlinevar-rgx=
+
+# Naming style matching correct method names.
+method-naming-style=snake_case
+
+# Regular expression matching correct method names. Overrides method-naming-
+# style. If left empty, method names will be checked with the set naming style.
+#method-rgx=
+
+# Naming style matching correct module names.
+module-naming-style=snake_case
+
+# Regular expression matching correct module names. Overrides module-naming-
+# style. If left empty, module names will be checked with the set naming style.
+#module-rgx=
+
+# Colon-delimited sets of names that determine each other's naming style when
+# the name regexes allow several styles.
+name-group=
+
+# Regular expression which should only match function or class names that do
+# not require a docstring.
+no-docstring-rgx=^_
+
+# List of decorators that produce properties, such as abc.abstractproperty. Add
+# to this list to register other decorators that produce valid properties.
+# These decorators are taken in consideration only for invalid-name.
+property-classes=abc.abstractproperty
+
+# Regular expression matching correct type variable names. If left empty, type
+# variable names will be checked with the set naming style.
+#typevar-rgx=
+
+# Naming style matching correct variable names.
+variable-naming-style=snake_case
+
+# Regular expression matching correct variable names. Overrides variable-
+# naming-style. If left empty, variable names will be checked with the set
+# naming style.
+#variable-rgx=
diff --git a/pfsense_vshell/__init__.py b/pfsense_vshell/__init__.py
index 8764e79..063871a 100644
--- a/pfsense_vshell/__init__.py
+++ b/pfsense_vshell/__init__.py
@@ -12,14 +12,17 @@
 #    See the License for the specific language governing permissions and
 #    limitations under the License.
 
+
 # IMPORT MODULES #
-import requests
+import datetime
 import html
+import requests
 import urllib3
-import datetime
 
 
 class PFClient:
+    """Client object that facilitates controlling the virtual shell."""
+
     def __init__(self, host, username, password, port=443, scheme="https", timeout=30, verify=True):
         """
         Initializes the object at creation
@@ -81,6 +84,9 @@ def run_command(self, cmd):
         if "<pre>" in req.text:
             return html.unescape(req.text.split("<pre>")[1].split("</pre>")[0])
 
+        # Return none if we were unable to locate the output
+        return None
+
     def request(self, uri, method="GET", data=None):
         """
         Makes HTTP requests on behalf of our object
@@ -106,6 +112,9 @@ def request(self, uri, method="GET", data=None):
             self.__log__("request", str(connection_error))
             self.__get_error__(12)
 
+        # Return none if we somehow land here
+        return None
+
     def authenticate(self):
         """
         Attempts to authenticate using the objects current properties
@@ -175,6 +184,7 @@ def is_host_pfsense(self, req=None):
         """
 
         resp = req.text if req else self.request("/").text
+
         platform_confidence = 0
 
         # List of platform dependent key words to check for
@@ -185,8 +195,8 @@ def is_host_pfsense(self, req=None):
             "csrfMagicToken", "/csrf/csrf-magic.js", "wizard.php", "/css/pfSense.css"
         ]
         # Loop through our list and add up a confidence score
-        for ci in check_items:
-            platform_confidence = platform_confidence + 10 if ci in resp else platform_confidence
+        for item in check_items:
+            platform_confidence = platform_confidence + 10 if item in resp else platform_confidence
 
         return True if platform_confidence > 50 else False
 
diff --git a/tests/test_vshell.py b/tests/test_vshell.py
new file mode 100644
index 0000000..2c1215c
--- /dev/null
+++ b/tests/test_vshell.py
@@ -0,0 +1,64 @@
+import unittest
+import os
+import copy
+import pfsense_vshell
+
+
+class TestVShell(unittest.TestCase):
+    """Test the pfsense_vshell.PFClient object methods and attributes."""
+
+    # Set attributes
+    vshell = None
+
+    def setUp(self):
+        # Define the vshell attribute
+        self.vshell = pfsense_vshell.PFClient(
+            os.environ.get("PFSENSE_VSHELL_HOST", "localhost"),
+            username=os.environ.get("PFSENSE_VSHELL_USERNAME", "admin"),
+            password=os.environ.get("PFSENSE_VSHELL_PASSWORD", "pfsense"),
+            port=int(os.environ.get("PFSENSE_VSHELL_PORT", 443)),
+            scheme=os.environ.get("PFSENSE_VSHELL_SCHEME", "https"),
+            timeout=int(os.environ.get("PFSENSE_VSHELL_TIMEOUT", 30)),
+            verify=bool(os.environ.get("PFSENSE_VSHELL_VERIFY", False))
+        )
+
+    def test_get_csrf_token(self):
+        """Ensure we are able to fetch the CSRF token and it is a valid length."""
+        self.assertEqual(len(self.vshell.get_csrf_token("/index.php")), 55)
+
+    def test_authenticate(self):
+        """Ensure we are able to determine successful authentication from failed authentication."""
+        # Check bad authentication using a clone of the PFClient object
+        bad_auth_vshell = copy.deepcopy(self.vshell)
+        bad_auth_vshell.username = "INVALID"
+        bad_auth_vshell.password = "INVALID"
+        self.assertFalse(bad_auth_vshell.authenticate())
+
+        # Check good authentication.
+        self.assertTrue(self.vshell.authenticate())
+
+    def test_is_host_pfsense(self):
+        """Ensure module can accurate tell if a host is running pfSense."""
+        # Check if module correctly identifies pfSense host.
+        self.assertTrue(self.vshell.is_host_pfsense())
+
+        # Check if module correctly identifies non-pfSense host using a clone of the PFClient object
+        non_pfsense_vshell = copy.deepcopy(self.vshell)
+        non_pfsense_vshell.host = "google.com"
+        self.assertFalse(non_pfsense_vshell.is_host_pfsense())
+
+    def test_run_command(self):
+        """Ensure specific commands produce an expected output."""
+        # Ensure working directory is pfSense webroot.
+        self.assertEqual(self.vshell.run_command("pwd"), "/usr/local/www")
+
+        # Ensure current user is pfSense root.
+        self.assertEqual(self.vshell.run_command("whoami"), "root")
+
+        # Ensure executed commands are registered in the vshell history.
+        self.assertIn("pwd", self.vshell.history)
+        self.assertIn("whoami", self.vshell.history)
+
+
+if __name__ == '__main__':
+    unittest.main()

From 7933fdde4199f2e15db6805b1feb029ae7c5e4c6 Mon Sep 17 00:00:00 2001
From: Jared Hendrickson <jaredhendrickson13@gmail.com>
Date: Wed, 6 Jul 2022 23:16:13 -0600
Subject: [PATCH 2/7] chore: bumped package version to v2.0.3

---
 pfsense_vshell/__init__.py | 2 +-
 setup.py                   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pfsense_vshell/__init__.py b/pfsense_vshell/__init__.py
index 063871a..826b2bb 100644
--- a/pfsense_vshell/__init__.py
+++ b/pfsense_vshell/__init__.py
@@ -57,7 +57,7 @@ def version():
         Provides the current version of pfsense vShell
         :return: (string) the current pfSense vShell version
         """
-        return "2.0.2"
+        return "2.0.3"
 
     def url(self):
         """
diff --git a/setup.py b/setup.py
index 673071b..8bb6708 100644
--- a/setup.py
+++ b/setup.py
@@ -29,7 +29,7 @@ def read_me():
     description="A command line tool to run remote shell commands on pfSense without SSH",
     long_description=read_me(),
     long_description_content_type="text/markdown",
-    version="2.0.2",
+    version="2.0.3",
     scripts=['scripts/pfsense-vshell'],
     packages=["pfsense_vshell"],
     install_requires=[

From 930df01a169b70893ba07aee35e7e1d3ca5e6911 Mon Sep 17 00:00:00 2001
From: Jared Hendrickson <jaredhendrickson13@gmail.com>
Date: Wed, 6 Jul 2022 23:45:11 -0600
Subject: [PATCH 3/7] fix: addresses potentially memory leak that left open
 requests sessions.

---
 pfsense_vshell/__init__.py | 24 +++++++++++++++++-------
 tests/test_vshell.py       |  2 ++
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/pfsense_vshell/__init__.py b/pfsense_vshell/__init__.py
index 826b2bb..81ed4d6 100644
--- a/pfsense_vshell/__init__.py
+++ b/pfsense_vshell/__init__.py
@@ -73,10 +73,14 @@ def run_command(self, cmd):
         :param cmd: (string) a shell command to execute
         :return: (string) output of the shell command
         """
-
+        # Ensure there are no apparent issues with the target host.
         self.__has_host_errors__()
+
+        # Make our HTTP request.
         payload = {"__csrf_magic": self.get_csrf_token("/diag_command.php"), "txtCommand": cmd, "submit": "EXEC"}
         req = self.request("/diag_command.php", method="POST", data=payload)
+
+        # Write the command executed to the vShell history and log the action.
         self.history.append(cmd)
         self.__log__("run_command", cmd)
 
@@ -98,7 +102,9 @@ def request(self, uri, method="GET", data=None):
 
         # Try to make our HTTP request, handle errors accordingly
         try:
-            req = self.session.request(method, self.url() + uri, data=data, timeout=self.timeout, verify=self.verify)
+            session = self.session
+            req = session.request(method, self.url() + uri, data=data, timeout=self.timeout, verify=self.verify)
+            session.close()
             self.last_request = req
             self.__log__("request", str(req.status_code) + " " + method + " " + uri)
             return req
@@ -121,7 +127,10 @@ def authenticate(self):
         :return: (bool) true if authentication was successful, false if it wasn't
         """
 
+        # Make an initial request to the initialize the CSRF checks.
         pre_auth_req = self.request("/index.php")
+
+        # Format our request payload include the valid CSRF token.
         payload = {
             "__csrf_magic": self.get_csrf_token("/index.php"),
             "usernamefld": self.username,
@@ -150,9 +159,9 @@ def get_csrf_token(self, uri):
         """
         Retrieves the current CSRF token for a page
         :param uri: (string) the URI (e.g. index.php) to retrieve the CSRF token from
-        :return: (string) the CSRF token
+        :return: (string) the valid CSRF token or empty string if no CSRF token was found
         """
-
+        # Initialize CSRF token attributes and make initial CSRF query.
         csrf_token_length = 55
         csrf_token = ""
         csrf_resp = self.request(uri, "GET")
@@ -163,7 +172,8 @@ def get_csrf_token(self, uri):
             csrf += csrf_resp.text.split("sid:")[1].split(";")[0].replace(" ", "").replace("\n", "").replace("\"", "")
             csrf_token = csrf if len(csrf) is csrf_token_length else ""
 
-        return csrf_token  # Return our token
+        # Return the valid CSRF token, or empty string if it could not be determined.
+        return csrf_token
 
     def has_dns_rebind_error(self, req=None):
         """
@@ -171,7 +181,7 @@ def has_dns_rebind_error(self, req=None):
         :param req: (object) optionally provide an existing Response object created by the requests module
         :return: (bool) true if a DNS rebind error was found, false if it wasn't
         """
-
+        # Make a preliminary request to check if a DNS Rebind error was detected by pfSense.
         resp = req.text if req else self.request("/").text
         return True if "Potential DNS Rebind attack detected" in resp else False
 
@@ -182,7 +192,7 @@ def is_host_pfsense(self, req=None):
         :param req: (object) optionally provide an existing Response object created by the requests module
         :return: (bool) true if the host is running pfSense, false if it is not
         """
-
+        # Make a preliminary request to check for keywords that indicate the target is running pfSense.
         resp = req.text if req else self.request("/").text
 
         platform_confidence = 0
diff --git a/tests/test_vshell.py b/tests/test_vshell.py
index 2c1215c..638adf4 100644
--- a/tests/test_vshell.py
+++ b/tests/test_vshell.py
@@ -11,6 +11,7 @@ class TestVShell(unittest.TestCase):
     vshell = None
 
     def setUp(self):
+        """Define attributes required for test methods."""
         # Define the vshell attribute
         self.vshell = pfsense_vshell.PFClient(
             os.environ.get("PFSENSE_VSHELL_HOST", "localhost"),
@@ -62,3 +63,4 @@ def test_run_command(self):
 
 if __name__ == '__main__':
     unittest.main()
+

From 1e5619d3c4fb2de31ee41b5892ae218f49c32b70 Mon Sep 17 00:00:00 2001
From: Jared Hendrickson <jaredhendrickson13@gmail.com>
Date: Thu, 7 Jul 2022 00:25:21 -0600
Subject: [PATCH 4/7] fix: changed test_is_host_pfsense method to use
 example.com as test case.

---
 tests/test_vshell.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/test_vshell.py b/tests/test_vshell.py
index 638adf4..0df72ea 100644
--- a/tests/test_vshell.py
+++ b/tests/test_vshell.py
@@ -45,7 +45,9 @@ def test_is_host_pfsense(self):
 
         # Check if module correctly identifies non-pfSense host using a clone of the PFClient object
         non_pfsense_vshell = copy.deepcopy(self.vshell)
-        non_pfsense_vshell.host = "google.com"
+        non_pfsense_vshell.host = "example.com"
+        non_pfsense_vshell.port = 80
+        non_pfsense_vshell.scheme = "http"
         self.assertFalse(non_pfsense_vshell.is_host_pfsense())
 
     def test_run_command(self):

From 1c8f087dcb77fa150e15918c0c467b8bce149930 Mon Sep 17 00:00:00 2001
From: Jared Hendrickson <jaredhendrickson13@gmail.com>
Date: Thu, 7 Jul 2022 00:31:32 -0600
Subject: [PATCH 5/7] chore: updated copyright year.

---
 pfsense_vshell/__init__.py | 2 +-
 scripts/pfsense-vshell     | 2 +-
 setup.py                   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/pfsense_vshell/__init__.py b/pfsense_vshell/__init__.py
index 81ed4d6..dee3ede 100644
--- a/pfsense_vshell/__init__.py
+++ b/pfsense_vshell/__init__.py
@@ -1,4 +1,4 @@
-# Copyright 2020 Jared Hendrickson
+# Copyright 2022 Jared Hendrickson
 #
 #    Licensed under the Apache License, Version 2.0 (the "License");
 #    you may not use this file except in compliance with the License.
diff --git a/scripts/pfsense-vshell b/scripts/pfsense-vshell
index 0d44e6f..d7e02c6 100644
--- a/scripts/pfsense-vshell
+++ b/scripts/pfsense-vshell
@@ -1,5 +1,5 @@
 #!/usr/bin/python3
-# Copyright 2020 Jared Hendrickson
+# Copyright 2022 Jared Hendrickson
 #
 #    Licensed under the Apache License, Version 2.0 (the "License");
 #    you may not use this file except in compliance with the License.
diff --git a/setup.py b/setup.py
index 8bb6708..d521b3d 100644
--- a/setup.py
+++ b/setup.py
@@ -1,4 +1,4 @@
-# Copyright 2020 Jared Hendrickson
+# Copyright 2022 Jared Hendrickson
 #
 #    Licensed under the Apache License, Version 2.0 (the "License");
 #    you may not use this file except in compliance with the License.

From 817c56f5db84613eca1529dc508ab2a053e56662 Mon Sep 17 00:00:00 2001
From: Jared Hendrickson <jaredhendrickson13@gmail.com>
Date: Thu, 7 Jul 2022 00:37:02 -0600
Subject: [PATCH 6/7] chore: added copyright header to test_vshell.py

---
 tests/test_vshell.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/tests/test_vshell.py b/tests/test_vshell.py
index 0df72ea..eea29c7 100644
--- a/tests/test_vshell.py
+++ b/tests/test_vshell.py
@@ -1,3 +1,18 @@
+# Copyright 2022 Jared Hendrickson
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+
 import unittest
 import os
 import copy
@@ -65,4 +80,3 @@ def test_run_command(self):
 
 if __name__ == '__main__':
     unittest.main()
-

From 9998e3dd7a14c67635674a9ec243fbb13ea7a4c9 Mon Sep 17 00:00:00 2001
From: Jared Hendrickson <jaredhendrickson13@gmail.com>
Date: Thu, 7 Jul 2022 21:47:09 -0600
Subject: [PATCH 7/7] docs: removed --check_auth cli reference as it was only
 present in v1.

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index c9450b3..d765008 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@ To uninstall:<br>
 
 ## Usage & Syntax
 ```
-usage: pfsense-vshell [-h] --host HOST [--virtual_shell] [--command COMMAND] [--check_auth COMMAND] --username USERNAME --password PASSWORD [--scheme {http,https}] [--port PORT] [--timeout TIMEOUT] [--shell_timeout SHELL_TIMEOUT] [--no_verify] [--version] [--verbose]
+usage: pfsense-vshell [-h] --host HOST [--virtual_shell] [--command COMMAND] --username USERNAME --password PASSWORD [--scheme {http,https}] [--port PORT] [--timeout TIMEOUT] [--shell_timeout SHELL_TIMEOUT] [--no_verify] [--version] [--verbose]
 ```
 
 | Command         | Shorthand | Required                              | Description                                                                                    | Example Usage           |
@@ -65,7 +65,7 @@ $ pfsense-vshell --host 127.0.0.1 --command "pkg install -y pfSense-pkg-nmap" --
 5: Display pfSense vShell version
 ```shell script
 $ pfsense-vshell --version
-pfsense-vshell v2.0.0
+pfsense-vshell v2.0.3
 ```
 
 ## Notes