(Changeset Tracker. See #1234.)

apache2/t/regression/action/00-meta.t

@@ -0,0 +1,8 @@
+### Test meta actions
+
+# TODO: id
+# TODO: logdata
+# TODO: msg
+# TODO: rev
+# TODO: severity
+# TODO: tag

apache2/t/regression/action/00-misc.t

@@ -0,0 +1,25 @@
+### Test misc actions
+
+# TODO: append
+# TODO: block
+# TODO: capture
+# TODO: chain
+# TODO: ctl
+# TODO: deprecatevar
+# TODO: exec
+# TODO: expirevar
+# TODO: initcol
+# TODO: multiMatch
+# TODO: pause
+# TODO: prepend
+# TODO: sanitiseArg
+# TODO: sanitiseMatched
+# TODO: sanitiseRequestHeader
+# TODO: sanitiseResponseHeader
+# TODO: setuid
+# TODO: setsid
+# TODO: setenv
+# TODO: setvar
+# TODO: skip
+# TODO: skipAfter
+# TODO: xmlns

apache2/t/regression/action/00-transformations.t

@@ -0,0 +1,8 @@
+### Transformation tests
+
+# NOTE: individual tests done in unit tests
+
+# TODO: t:none to override default
+# TODO: t:none inline
+# TODO: combined
+# TODO: caching

apache2/t/regression/config/10-misc-directives.t

@@ -3,7 +3,6 @@
 ### TODO:
 # SecTmpDir
 # SecUploadKeepFiles
-# SecWebAppId
 # SecChrootDir
 # SecGuardianLog
 
@@ -121,3 +120,29 @@ Upload File
 	),
 },
 
+# SecWebAppId
+{
+	type => "config",
+	comment => "SecWebAppId",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 4
+		SecAuditLog "$ENV{AUDIT_LOG}"
+		SecAuditEngine RelevantOnly
+		SecWebAppId "app-1"
+		SecAction "pass,log,auditlog,id:1"
+	),
+	match_log => {
+		error => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
+		debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
+		audit => [ qr/^WebApp-Info: "app-1"/m, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+	),
+},

apache2/t/regression/rule/10-phases.t

@@ -0,0 +1,149 @@
+### Test the phases
+
+# Phase 1 (request headers)
+{
+	type => "rule",
+	comment => "phase 1",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecRule REQUEST_LINE "^POST" "phase:1,pass,log,auditlog"
+		SecRule ARGS "val1" "phase:1,pass,log,auditlog"
+		SecRule RESPONSE_HEADERS:Last-Modified "." "phase:1,pass,log,auditlog"
+		SecRule RESPONSE_BODY "TEST" "phase:1,pass,log,auditlog"
+	),
+	match_log => {
+		error => [ qr/Pattern match "\^POST" at REQUEST_LINE/, 1 ],
+		-error => [ qr/Pattern match .* (ARGS|RESPONSE)/, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# Phase 2 (request body)
+{
+	type => "rule",
+	comment => "phase 2",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecRule REQUEST_LINE "^POST" "phase:2,pass,log,auditlog"
+		SecRule ARGS "val1" "phase:2,pass,log,auditlog"
+		SecRule RESPONSE_HEADERS:Last-Modified "." "phase:2,pass,log,auditlog"
+		SecRule RESPONSE_BODY "TEST" "phase:2,pass,log,auditlog"
+	),
+	match_log => {
+		error => [ qr/Pattern match "\^POST" at REQUEST_LINE.*Pattern match "val1" at ARGS/s, 1 ],
+		-error => [ qr/Pattern match .* RESPONSE/, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# Phase 3 (response headers)
+{
+	type => "rule",
+	comment => "phase 3",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecRule REQUEST_LINE "^POST" "phase:3,pass,log,auditlog"
+		SecRule ARGS "val1" "phase:3,pass,log,auditlog"
+		SecRule RESPONSE_HEADERS:Last-Modified "." "phase:3,pass,log,auditlog"
+		SecRule RESPONSE_BODY "TEST" "phase:3,pass,log,auditlog"
+	),
+	match_log => {
+		error => [ qr/Pattern match "\^POST" at REQUEST_LINE.*Pattern match "val1" at ARGS.*Pattern match "\." at RESPONSE_HEADERS/s, 1 ],
+		-error => [ qr/Pattern match .* RESPONSE_BODY/, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# Phase 4 (response body)
+{
+	type => "rule",
+	comment => "phase 4",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecRule REQUEST_LINE "^POST" "phase:4,pass,log,auditlog"
+		SecRule ARGS "val1" "phase:4,pass,log,auditlog"
+		SecRule RESPONSE_HEADERS:Last-Modified "." "phase:4,pass,log,auditlog"
+		SecRule RESPONSE_BODY "TEST" "phase:4,pass,log,auditlog"
+	),
+	match_log => {
+		error => [ qr/Pattern match "\^POST" at REQUEST_LINE.*Pattern match "val1" at ARGS.*Pattern match "\." at RESPONSE_HEADERS.*Pattern match "TEST" at RESPONSE_BODY/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# Phase 5 (logging)
+{
+	type => "rule",
+	comment => "phase 5",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecRule REQUEST_LINE "^POST" "phase:5,pass,log,auditlog"
+		SecRule ARGS "val1" "phase:5,pass,log,auditlog"
+		SecRule RESPONSE_HEADERS:Last-Modified "." "phase:5,pass,log,auditlog"
+		SecRule RESPONSE_BODY "TEST" "phase:5,pass,log,auditlog"
+	),
+	match_log => {
+		error => [ qr/Pattern match "\^POST" at REQUEST_LINE.*Pattern match "val1" at ARGS.*Pattern match "\." at RESPONSE_HEADERS.*Pattern match "TEST" at RESPONSE_BODY/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},

apache2/t/regression/target/00-targets.t

@@ -0,0 +1,443 @@
+### Test basic targets
+
+# ARGS
+{
+	type => "target",
+	comment => "ARGS (get)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS "val1" "phase:2,log,pass"
+		SecRule ARGS "val2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "val1" at ARGS.*Pattern match "val2" at ARGS/s, 1 ],
+		debug => [ qr/Adding request argument \(QUERY_STRING\): name "arg1", value "val1".*Adding request argument \(QUERY_STRING\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?arg1=val1&arg2=val2",
+	),
+},
+{
+	type => "target",
+	comment => "ARGS (post)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS "val1" "phase:2,log,pass"
+		SecRule ARGS "val2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "val1" at ARGS.*Pattern match "val2" at ARGS/s, 1 ],
+		debug => [ qr/Adding request argument \(BODY\): name "arg1", value "val1".*Adding request argument \(BODY\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# ARGS_COMBINED_SIZE
+{
+	type => "target",
+	comment => "ARGS_COMBINED_SIZE (get)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecRule ARGS_COMBINED_SIZE "\@eq 16" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Operator EQ matched 16 at ARGS_COMBINED_SIZE\./s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?arg1=val1&arg2=val2",
+	),
+},
+{
+	type => "target",
+	comment => "ARGS_COMBINED_SIZE (post)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecRule ARGS_COMBINED_SIZE "\@eq 16" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Operator EQ matched 16 at ARGS_COMBINED_SIZE\./s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# ARGS_NAMES
+{
+	type => "target",
+	comment => "ARGS_NAMES (get)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_NAMES "arg1" "phase:2,log,pass"
+		SecRule ARGS_NAMES "arg2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "arg1" at ARGS.*Pattern match "arg2" at ARGS/s, 1 ],
+		debug => [ qr/Adding request argument \(QUERY_STRING\): name "arg1", value "val1".*Adding request argument \(QUERY_STRING\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?arg1=val1&arg2=val2",
+	),
+},
+{
+	type => "target",
+	comment => "ARGS_NAMES (post)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_NAMES "arg1" "phase:2,log,pass"
+		SecRule ARGS_NAMES "arg2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "arg1" at ARGS_NAMES.*Pattern match "arg2" at ARGS_NAMES/s, 1 ],
+		debug => [ qr/Adding request argument \(BODY\): name "arg1", value "val1".*Adding request argument \(BODY\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# ARGS_GET
+{
+	type => "target",
+	comment => "ARGS_GET (get)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_GET "val1" "phase:2,log,pass"
+		SecRule ARGS_GET "val2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "val1" at ARGS_GET.*Pattern match "val2" at ARGS_GET/s, 1 ],
+		debug => [ qr/Adding request argument \(QUERY_STRING\): name "arg1", value "val1".*Adding request argument \(QUERY_STRING\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?arg1=val1&arg2=val2",
+	),
+},
+{
+	type => "target",
+	comment => "ARGS_GET (post)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_GET "val1" "phase:2,log,pass"
+		SecRule ARGS_GET "val2" "phase:2,log,pass"
+	),
+	match_log => {
+		-error => [ qr/Pattern match/, 1 ],
+		debug => [ qr/Adding request argument \(BODY\): name "arg1", value "val1".*Adding request argument \(BODY\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# ARGS_GET_NAMES
+{
+	type => "target",
+	comment => "ARGS_GET_NAMES (get)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_GET_NAMES "arg1" "phase:2,log,pass"
+		SecRule ARGS_GET_NAMES "arg2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "arg1" at ARGS_GET.*Pattern match "arg2" at ARGS_GET/s, 1 ],
+		debug => [ qr/Adding request argument \(QUERY_STRING\): name "arg1", value "val1".*Adding request argument \(QUERY_STRING\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?arg1=val1&arg2=val2",
+	),
+},
+{
+	type => "target",
+	comment => "ARGS_GET_NAMES (post)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_GET_NAMES "arg1" "phase:2,log,pass"
+		SecRule ARGS_GET_NAMES "arg2" "phase:2,log,pass"
+	),
+	match_log => {
+		-error => [ qr/Pattern match/, 1 ],
+		debug => [ qr/Adding request argument \(BODY\): name "arg1", value "val1".*Adding request argument \(BODY\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# ARGS_POST
+{
+	type => "target",
+	comment => "ARGS_POST (get)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_POST "val1" "phase:2,log,pass"
+		SecRule ARGS_POST "val2" "phase:2,log,pass"
+	),
+	match_log => {
+		-error => [ qr/Pattern match/, 1 ],
+		debug => [ qr/Adding request argument \(QUERY_STRING\): name "arg1", value "val1".*Adding request argument \(QUERY_STRING\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?arg1=val1&arg2=val2",
+	),
+},
+{
+	type => "target",
+	comment => "ARGS_POST (post)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_POST "val1" "phase:2,log,pass"
+		SecRule ARGS_POST "val2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "val1" at ARGS_POST.*Pattern match "val2" at ARGS_POST/s, 1 ],
+		debug => [ qr/Adding request argument \(BODY\): name "arg1", value "val1".*Adding request argument \(BODY\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# ARGS_POST_NAMES
+{
+	type => "target",
+	comment => "ARGS_POST_NAMES (get)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_POST_NAMES "arg1" "phase:2,log,pass"
+		SecRule ARGS_POST_NAMES "arg2" "phase:2,log,pass"
+	),
+	match_log => {
+		-error => [ qr/Pattern match/, 1 ],
+		debug => [ qr/Adding request argument \(QUERY_STRING\): name "arg1", value "val1".*Adding request argument \(QUERY_STRING\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?arg1=val1&arg2=val2",
+	),
+},
+{
+	type => "target",
+	comment => "ARGS_POST_NAMES (post)",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecResponseBodyAccess On
+		SecResponseBodyMimeType null
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRule ARGS_POST_NAMES "arg1" "phase:2,log,pass"
+		SecRule ARGS_POST_NAMES "arg2" "phase:2,log,pass"
+	),
+	match_log => {
+		error => [ qr/Pattern match "arg1" at ARGS_POST.*Pattern match "arg2" at ARGS_POST/s, 1 ],
+		debug => [ qr/Adding request argument \(BODY\): name "arg1", value "val1".*Adding request argument \(BODY\): name "arg2", value "val2"/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		"arg1=val1&arg2=val2",
+	),
+},
+
+# TODO: AUTH_TYPE
+# TODO: ENV
+# TODO: FILES
+# TODO: FILES_COMBINED_SIZE
+# TODO: FILES_NAMES
+# TODO: FILES_SIZES
+# TODO: FILES_TMPNAMES
+# TODO: GEO
+# TODO: HIGHEST_SEVERITY
+# TODO: MATCHED_VAR
+# TODO: MATCHED_VAR_NAME
+# TODO: MODSEC_BUILD
+# TODO: MULTIPART_CRLF_LF_LINES
+# TODO: MULTIPART_STRICT_ERROR
+# TODO: MULTIPART_UNMATCHED_BOUNDARY
+# TODO: PATH_INFO
+# TODO: QUERY_STRING
+# TODO: REMOTE_ADDR
+# TODO: REMOTE_HOST
+# TODO: REMOTE_PORT
+# TODO: REMOTE_USER
+# TODO: REQBODY_PROCESSOR
+# TODO: REQBODY_PROCESSOR_ERROR
+# TODO: REQBODY_PROCESSOR_ERROR_MSG
+# TODO: REQUEST_BASENAME
+# TODO: REQUEST_BODY
+# TODO: REQUEST_COOKIES
+# TODO: REQUEST_COOKIES_NAMES
+# TODO: REQUEST_FILENAME
+# TODO: REQUEST_HEADERS
+# TODO: REQUEST_HEADERS_NAMES
+# TODO: REQUEST_LINE
+# TODO: REQUEST_METHOD
+# TODO: REQUEST_PROTOCOL
+# TODO: REQUEST_URI
+# TODO: REQUEST_URI_RAW
+# TODO: RESPONSE_BODY
+# TODO: RESPONSE_CONTENT_LENGTH
+# TODO: RESPONSE_CONTENT_TYPE
+# TODO: RESPONSE_HEADERS
+# TODO: RESPONSE_HEADERS_NAMES
+# TODO: RESPONSE_PROTOCOL
+# TODO: RESPONSE_STATUS
+# TODO: RULE
+# TODO: SCRIPT_BASENAME
+# TODO: SCRIPT_FILENAME
+# TODO: SCRIPT_GID
+# TODO: SCRIPT_GROUPNAME
+# TODO: SCRIPT_MODE
+# TODO: SCRIPT_UID
+# TODO: SCRIPT_USERNAME
+# TODO: SERVER_ADDR
+# TODO: SERVER_NAME
+# TODO: SERVER_PORT
+# TODO: SESSION
+# TODO: SESSIONID
+# TODO: TIME
+# TODO: TIME_DAY
+# TODO: TIME_EPOCH
+# TODO: TIME_HOUR
+# TODO: TIME_MIN
+# TODO: TIME_MON
+# TODO: TIME_SEC
+# TODO: TIME_WDAY
+# TODO: TIME_YEAR
+# TODO: TX
+# TODO: USERID
+# TODO: WEBAPPID
+# TODO: WEBSERVER_ERROR_LOG
+# TODO: XML
+

apache2/t/run-regression-tests.pl.in

@@ -412,7 +412,7 @@ sub match_file {
 	my($neg,$fn) = ($_[0] =~ m/^(-?)(.*)$/);
 	unless (exists $FILE{$fn}) {
 		$FILE{$fn}{fn} = $fn;
-		$FILE{$fn}{fd} = new FileHandle($fn, O_RDWR|O_CREAT);
+		$FILE{$fn}{fd} = new FileHandle($fn, O_RDONLY);
 		$FILE{$fn}{fd}->blocking(0);
 		$FILE{$fn}{buf} = "";
 	}
@@ -663,20 +663,6 @@ sub httpd_reset_fd {
 
 		}
 	}
-
-	# Any extras listed in "match_file"
-	if ($t and exists $t->{match_file}) {
-		for my $k (keys %{ $t->{match_file} || {} }) {
-			my($neg,$fn) = ($k =~ m/^(-?)(.*)$/);
-			next if (!$fn or exists $FILE{$fn});
-			#dbg("Opening file: $fn");
-			$FILE{$fn}{fn} = $fn;
-			$FILE{$fn}{fd} = new FileHandle($fn, O_RDWR|O_CREAT);
-			$FILE{$fn}{fd}->blocking(0);
-			$FILE{$fn}{buf} = "";
-
-		}
-	}
 }
 
 sub encode_chunked {