github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds more regression tests to SecRemoteRules

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-07-25 08:18:06 -03:00
parent 7ba5c76c78
commit 0e7c13e3c0
6 changed files with 130 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/parser/seclang-parser.yy
View File

@ -323,11 +323,11 @@ expression:
{ {
driver.responseBodyLimitAction = ModSecurity::Rules::BodyLimitAction::RejectBodyLimitAction; driver.responseBodyLimitAction = ModSecurity::Rules::BodyLimitAction::RejectBodyLimitAction;
} }
| CONFIG_SEC_REMOTE_RULES_FAIL_ACTION CONFIG_VALUE_ABORT | CONFIG_SEC_REMOTE_RULES_FAIL_ACTION SPACE CONFIG_VALUE_ABORT
{ {
driver.remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction; driver.remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction;
} }
| CONFIG_SEC_REMOTE_RULES_FAIL_ACTION CONFIG_VALUE_WARN | CONFIG_SEC_REMOTE_RULES_FAIL_ACTION SPACE CONFIG_VALUE_WARN
{ {
driver.remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction; driver.remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction;
} }

8
src/parser/seclang-scanner.ll
View File

@ -236,6 +236,7 @@ FREE_TEXT_NEW_LINE [^\"|\n]+
std::vector<std::string> conf = split(yytext, ' '); std::vector<std::string> conf = split(yytext, ' ');
key = conf[1]; key = conf[1];
url = conf[2]; url = conf[2];
driver.ref.push_back(url); driver.ref.push_back(url);
driver.loc.push_back(*(new yy::location())); driver.loc.push_back(*(new yy::location()));
YY_BUFFER_STATE temp = YY_CURRENT_BUFFER; YY_BUFFER_STATE temp = YY_CURRENT_BUFFER;
@ -244,13 +245,12 @@ FREE_TEXT_NEW_LINE [^\"|\n]+
bool ret = c.download(url); bool ret = c.download(url);
if (ret == false) { if (ret == false) {
/**
* TODO: Implement the fail action.
*
*/
if (driver.remoteRulesActionOnFailed == Rules::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction) { if (driver.remoteRulesActionOnFailed == Rules::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction) {
/** TODO: Implement the server logging mechanism. */
} }
if (driver.remoteRulesActionOnFailed == Rules::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction) { if (driver.remoteRulesActionOnFailed == Rules::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction) {
driver.error (driver.loc.back(), "", yytext + std::string(" - Failed to download: ") + c.error);
throw yy::seclang_parser::syntax_error(driver.loc.back(), "");
} }
} }

2
test/test-cases/data/config_example-bad-op-include.txt Normal file
View File

@ -0,0 +1,2 @@
SecRule ARGS "@contains config_example" "id:10,pass,t:trim"
SecRule ARGS "@missingOperator config_example" "id:10,pass,t:trim"

1
test/test-cases/data/config_example-ops-include.txt Normal file
View File

@ -0,0 +1 @@
Include test-cases/data/config_example-not-exist.txt

62
test/test-cases/regression/config-include-bad.json Normal file
View File

@ -0,0 +1,62 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Include - bad rule",
"expected":{
"parser_error": "Rules error. File: config-include-bad.json. Line: 5. Column: 15."
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"Include test-cases/data/config_example.txt",
"SecRule ARGS \"@missing_operator test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include - missing file",
"expected":{
"parser_error": "Rules error. File: config-include-bad.json. Line: 4. Column: 47. Include test-cases/data/config_example-ops.txt: Not able to open file."
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"Include test-cases/data/config_example-ops.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include - missing at include",
"expected":{
"parser_error": "Rules error. File: test-cases/data/config_example-ops-include.txt. Line: 1. Column: 53. Include test-cases/data/config_example-not-exist.txt: Not able to open file."
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"Include test-cases/data/config_example-ops-include.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include - bad operator inside include",
"expected":{
"parser_error": "Rules error. File: test-cases/data/config_example-bad-op-include.txt. Line: 2. Column: 15."
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"Include test-cases/data/config_example-bad-op-include.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
}
]

60
test/test-cases/regression/config-secremoterules.json
View File

@ -2,7 +2,7 @@
{ {
"enabled":1, "enabled":1,
"version_min":300000, "version_min":300000,
"title":"Include", "title":"Include remote rules",
"client":{ "client":{
"ip":"200.249.12.31", "ip":"200.249.12.31",
"port":123 "port":123
@ -40,5 +40,63 @@
"SecRemoteRules key https://www.modsecurity.org/modsecurity-regression-test-secremoterules.txt", "SecRemoteRules key https://www.modsecurity.org/modsecurity-regression-test-secremoterules.txt",
"SecRule ARGS \"@contains somethingelse\" \"id:9,pass,t:trim\"" "SecRule ARGS \"@contains somethingelse\" \"id:9,pass,t:trim\""
] ]
},
{
"enabled":1,
"version_min":300000,
"title":"Include remote rules - failed download (Abort)",
"expected":{
"parser_error": "Failed to download: HTTP response code said error"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRemoteRulesFailAction Abort",
"SecRemoteRules key https://www.modsecurity.org/modsecurity-regression-test-secremoterules-bonga.txt"
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include remote rules - failed download (Warn)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"@contains \" with param \"somethingelse\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRemoteRulesFailAction Warn",
"SecRemoteRules key https://www.modsecurity.org/modsecurity-regression-test-secremoterules-bonga.txt",
"SecRule ARGS \"@contains somethingelse\" \"id:9,pass,t:trim\""
]
} }
] ]