github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

test: disabling: SecAuditLogType Concurrent

Browse Source 
The test is making usage of a custom script, which is not functional in
in Nginx due to timing issues. Disabling it for now until we came up
with a solution that works for every port/version.
This commit is contained in:
Felipe Zimmerle
2014-01-13 05:33:42 -08:00
parent 8e390899e0
commit 6c106b1fd7
1 changed files with 23 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
tests/regression/config/10-audit-directives.t
View File

@@ -113,32 +113,37 @@
### ###
### TODO: Need some API for this :) ### TODO: Need some API for this :)
### ###
### FIXME: Just workable with apache, the timing to load auditlog from nginx
### is not correct, so the test is failing even when it should pass.
### Disabling it for now until we figure out a way to handle that.
# Parse log # Parse log
my $alogre = qr/^(?:\S+)\ (?:\S+)\ (?:\S+)\ (?:\S+)\ \[(?:[^:]+):(?:\d+:\d+:\d+)\ (?:[^\]]+)\]\ \"(?:.*)\"\ (?:\d+)\ (?:\S+)\ \"(?:.*)\"\ \"(?:.*)\"\ (\S+)\ \"(?:.*)\"\ (\S+)\ (?:\d+)\ (?:\d+)\ (?:\S+)(?:.*)$/m; #my $alogre = qr/^(?:\S+)\ (?:\S+)\ (?:\S+)\ (?:\S+)\ \[(?:[^:]+):(?:\d+:\d+:\d+)\ (?:[^\]]+)\]\ \"(?:.*)\"\ (?:\d+)\ (?:\S+)\ \"(?:.*)\"\ \"(?:.*)\"\ (\S+)\ \"(?:.*)\"\ (\S+)\ (?:\d+)\ (?:\d+)\ (?:\S+)(?:.*)$/m;
my $alog = match_log("audit", $alogre, 1); #my $alog = match_log("audit", $alogre, 1);
chomp $alog; #chomp $alog;
my @log = ($alog =~ m/$alogre/); #dbg("Alog: $alog\n");
my($id, $fn) = ($log[0], $log[1]); #my @log = ($alog =~ m/$alogre/);
if (!$id or !$fn) { #my($id, $fn) = ($log[0], $log[1]);
dbg("LOG ENTRY: $alog"); #if (!$id or !$fn) {
die "Failed to parse audit log: $ENV{AUDIT_LOG}\n"; #dbg("LOG ENTRY: $alog");
} #die "Failed to parse audit log: $ENV{AUDIT_LOG}\n";
#}
# Verify concurrent log exists # Verify concurrent log exists
my $alogdatafn = "$ENV{LOGS_DIR}/audit$fn"; #my $alogdatafn = "$ENV{LOGS_DIR}/audit$fn";
if (! -e "$alogdatafn") { #if (! -e "$alogdatafn") {
die "Audit log does not exist: $alogdatafn\n"; #die "Audit log does not exist: $alogdatafn\n";
} #}
# Verify concurrent log contents # Verify concurrent log contents
if (defined match_file($alogdatafn, qr/^--[^-]+-A--.*$id.*-Z--$/s)) { #if (defined match_file($alogdatafn, qr/^--[^-]+-A--.*$id.*-Z--$/s)) {
return 0; #return 0;
} #}
# Error # Error
dbg("LOGDATA: \"$FILE{$alogdatafn}{buf}\""); #dbg("LOGDATA: \"$FILE{$alogdatafn}{buf}\"");
die "Audit log data did not match.\n"; #die "Audit log data did not match.\n";
return 0;
}, },
match_response => { match_response => {
status => qr/^200$/, status => qr/^200$/,