Some more updates/tweaks to the regression suite.

Allow the ability to "make test-regression".
2025-09-29 11:16:33 +03:00 · 2008-05-28 20:31:41 +00:00
parent 3e58e99be7
commit 8844813c91
8 changed files with 184 additions and 23 deletions
--- a/apache2/t/regression/config/10-response-directives.t
+++ b/apache2/t/regression/config/10-response-directives.t
@@ -27,9 +27,11 @@
 # SecResponseBodyAccess & SecResponseBodyMimeType
 {
 	type => "config",
-	comment => "SecResponseBodyAccess (pos)",
+	comment => "SecResponseBodyAccess On",
 	conf => qq(
 		SecRuleEngine On
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
 		SecResponseBodyAccess On
 		SecResponseBodyMimeType null
 		SecRule RESPONSE_BODY "TEST" "phase:4,deny"
@@ -46,15 +48,18 @@
 },
 {
 	type => "config",
-	comment => "SecResponseBodyAccess (neg)",
+	comment => "SecResponseBodyAccess Off",
 	conf => qq(
 		SecRuleEngine On
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
 		SecResponseBodyAccess Off
 		SecResponseBodyMimeType null
 		SecRule RESPONSE_BODY "TEST" "phase:4,deny"
 	),
 	match_log => {
 		-error => [ qr/Access denied/, 1 ],
+		debug => [ qr/Response body buffering is not enabled\./, 1 ],
 	},
 	match_response => {
 		status => qr/^200$/,
--- a/apache2/t/regression/rule/00-script.t
+++ b/apache2/t/regression/rule/00-script.t
@@ -1,25 +1,63 @@
+### Test for SecRuleScript

 # Lua
 {
-	type => "config",
-	comment => "SecRuleScript (lua)",
+	type => "rule",
+	comment => "SecRuleScript (lua absolute nomatch)",
 	conf => qq(
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 1
-		SecRuleScript "test.lua" "phase:1"
+		SecRuleScript "$ENV{CONF_DIR}/test.lua" "phase:2,deny"
 	),
 	match_log => {
+		-error => [ qr/Lua script matched\./, 1 ],
 		debug => [ qr/Test message\./, 1 ],
 	},
 	match_response => {
 		status => qr/^200$/,
 	},
 	request => new HTTP::Request(
-		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
-		[
-			"Content-Type" => "application/x-www-form-urlencoded",
-		],
-		"a=1;b=2",
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+	),
+},
+{
+	type => "rule",
+	comment => "SecRuleScript (lua relative nomatch)",
+	conf => qq(
+		SecRuleEngine On
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 1
+		SecRuleScript "test.lua" "phase:2,deny"
+	),
+	match_log => {
+		-error => [ qr/Lua script matched\./, 1 ],
+		debug => [ qr/Test message\./, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+	),
+},
+{
+	type => "rule",
+	comment => "SecRuleScript (lua relative match)",
+	conf => qq(
+		SecRuleEngine On
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 1
+		SecRuleScript "match.lua" "phase:2,deny"
+	),
+	match_log => {
+		error => [ qr/ModSecurity: Access denied with code 403 \(phase 2\)\. Lua script matched\./, 1 ],
+		debug => [ qr/Test message\./, 1 ],
+	},
+	match_response => {
+		status => qr/^403$/,
+	},
+	request => new HTTP::Request(
+		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 	),
 },
--- a/apache2/t/regression/server_root/conf/httpd.conf.in
+++ b/apache2/t/regression/server_root/conf/httpd.conf.in
@@ -1,8 +1,8 @@
 ### Base configuration for starting Apache httpd

 # File locations
-PidFile /home/brectanu/projects/modsec/m2/trunk/apache2/t/regression/server_root/logs/httpd.pid
-ScoreBoardFile /home/brectanu/projects/modsec/m2/trunk/apache2/t/regression/server_root/logs/httpd.scoreboard
+PidFile @MSC_REGRESSION_LOGS_DIR@/httpd.pid
+ScoreBoardFile @MSC_REGRESSION_LOGS_DIR@/httpd.scoreboard

 <IfModule !mod_proxy.c>
 	LoadModule proxy_module modules/mod_proxy.so
@@ -13,6 +13,7 @@ ScoreBoardFile /home/brectanu/projects/modsec/m2/trunk/apache2/t/regression/serv
 </IfModule>

 <IfDefine !NOMODSEC>
+	# TODO: Need to have these configurable
 	LoadFile /usr/lib/libxml2.so
 	LoadFile /usr/lib/liblua5.1.so
 	LoadModule security2_module modules/mod_security2.so
@@ -21,10 +22,10 @@ ScoreBoardFile /home/brectanu/projects/modsec/m2/trunk/apache2/t/regression/serv
 ServerName localhost

 LogLevel debug
-ErrorLog /home/brectanu/projects/modsec/m2/trunk/apache2/t/regression/server_root/logs/error.log
+ErrorLog @MSC_REGRESSION_LOGS_DIR@/error.log

-DocumentRoot /home/brectanu/projects/modsec/m2/trunk/apache2/t/regression/server_root/htdocs
-<Directory "/home/brectanu/projects/modsec/m2/trunk/apache2/t/regression/server_root/htdocs">
+DocumentRoot @MSC_REGRESSION_DOCROOT_DIR@
+<Directory "@MSC_REGRESSION_DOCROOT_DIR@">
  Options Indexes FollowSymLinks
  AllowOverride None
 </Directory>
--- a/apache2/t/regression/server_root/conf/match.lua
+++ b/apache2/t/regression/server_root/conf/match.lua
@@ -0,0 +1,14 @@
+-- Test matching Lua Script to just print debug messages
+function main()
+    m.log(1, "Test message.");
+    m.log(2, "Test message.");
+    m.log(3, "Test message.");
+    m.log(4, "Test message.");
+    m.log(5, "Test message.");
+    m.log(6, "Test message.");
+    m.log(7, "Test message.");
+    m.log(8, "Test message.");
+    m.log(9, "Test message.");
+
+    return "Lua script matched.";
+end
--- a/apache2/t/run-regression-tests.pl.in
+++ b/apache2/t/run-regression-tests.pl.in
@@ -107,6 +107,7 @@ unless (defined $opt{S}) {
 	SERVER_PORT => $opt{p},
 	SERVER_NAME => "localhost",
 	TEST_SERVER_ROOT => $SROOT_DIR,
+	CONF_DIR => $CONF_DIR,
 	LOGS_DIR => $LOGS_DIR,
 	SCRIPT_DIR => $SCRIPT_DIR,
 	REGRESSION_DIR => $REG_DIR,
@@ -178,7 +179,7 @@ sub runfile {

 		my $httpd_up = 0;
 		my %t = %{$t || {}};
-		my $id = sprintf("%6d %s", $n);
+		my $id = sprintf("%3d", $n);
 		my $out = "";
 		my $rc = 0;
 		my $conf_fn;