From e9813cd0d9bfc5b0c9aa5832634ec1b39b805108 Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Tue, 10 Dec 2013 13:27:52 -0800 Subject: [PATCH] Regression test: get it working with apache 2.4 Changes in httpd.conf.in to get it working with apache 2.4 --- tests/regression/rule/10-xml.t | 72 +++++++++---------- .../regression/server_root/conf/httpd.conf.in | 11 +-- 2 files changed, 43 insertions(+), 40 deletions(-) diff --git a/tests/regression/rule/10-xml.t b/tests/regression/rule/10-xml.t index edfa5684..2671b58b 100644 --- a/tests/regression/rule/10-xml.t +++ b/tests/regression/rule/10-xml.t @@ -10,11 +10,11 @@ SecRequestBodyAccess On SecDebugLog $ENV{DEBUG_LOG} SecDebugLogLevel 9 - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500005 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500005, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500006 - SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\,id:500007 - "phase:2,deny,id:12345" + SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500007, \\ + phase:3:,deny" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Successfully validated payload against Schema/s, 1 ], @@ -59,11 +59,11 @@ SecDebugLogLevel 9 SecAuditEngine RelevantOnly SecAuditLog "$ENV{AUDIT_LOG}" - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500008 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500008, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500009 - SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\,id:500010 - "phase:2,deny,log,auditlog,id:12345" + SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500010 \\ + phase:2,deny,log,auditlog,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*'badval' is not a valid value of the local atomic type.*Schema validation failed/s, 1 ], @@ -108,11 +108,11 @@ SecDebugLogLevel 9 SecAuditEngine RelevantOnly SecAuditLog "$ENV{AUDIT_LOG}" - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500011 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500011, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500012 - SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\,id:500013 - "phase:2,deny,id:12345" + SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500013 \\ + phase:2,deny,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*element is not expected/s, 1 ], @@ -158,11 +158,11 @@ SecDebugLogLevel 9 SecAuditEngine RelevantOnly SecAuditLog "$ENV{AUDIT_LOG}" - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500014 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500014, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500015 - SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\,id:500016 - "phase:2,deny,id:12345" + SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500016, \\ + phase:2,deny,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ], @@ -208,11 +208,11 @@ SecDebugLogLevel 9 SecAuditEngine RelevantOnly SecAuditLog "$ENV{AUDIT_LOG}" - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500017 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500017 \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500018 - SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope-bad.xsd" \\,id:500019 - "phase:2,deny,id:12345" + SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope-bad.xsd" "id:500019 \\ + phase:2,deny,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Failed to parse the XML resource.*Failed to load Schema/s, 1 ], @@ -256,11 +256,11 @@ SecRequestBodyAccess On SecDebugLog $ENV{DEBUG_LOG} SecDebugLogLevel 9 - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500020 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500020, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500021 - SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" \\,id:500022 - "phase:2,deny,id:12345" + SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" "id:500022, \\ + phase:2,deny,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Successfully validated payload against DTD/s, 1 ], @@ -299,11 +299,11 @@ SecRequestBodyAccess On SecDebugLog $ENV{DEBUG_LOG} SecDebugLogLevel 9 - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500023 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500023, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500024 - SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" \\,id:500025 - "phase:2,deny,id:12345" + SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" "id:500025, \\ + phase:2,deny,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*content does not follow the DTD/s, 1 ], @@ -342,11 +342,11 @@ SecRequestBodyAccess On SecDebugLog $ENV{DEBUG_LOG} SecDebugLogLevel 9 - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500026 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500026, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500027 - SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" \\,id:500028 - "phase:2,deny,id:12345" + SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" "id:500028, \\ + phase:2,deny,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ], @@ -385,11 +385,11 @@ SecRequestBodyAccess On SecDebugLog $ENV{DEBUG_LOG} SecDebugLogLevel 9 - SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\,id:500029 - "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" + SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500029, \\ + phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500030 - SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope-bad.dtd" \\,id:500031 - "phase:2,deny,id:12345" + SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope-bad.dtd" "id:500031 \\ + phase:2,deny,id:12345" ), match_log => { debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Failed to load DTD/s, 1 ], diff --git a/tests/regression/server_root/conf/httpd.conf.in b/tests/regression/server_root/conf/httpd.conf.in index c24399ea..2af5a8e1 100644 --- a/tests/regression/server_root/conf/httpd.conf.in +++ b/tests/regression/server_root/conf/httpd.conf.in @@ -1,5 +1,8 @@ ### Base configuration for starting Apache httpd +LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so +LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so + # File locations PidFile @MSC_REGRESSION_LOGS_DIR@/httpd.pid @@ -16,9 +19,7 @@ # TODO: Need to have these configurable - LoadFile /usr/lib/libxml2.so - LoadFile /usr/lib/liblua5.1.so - LoadModule security2_module @APXS_LIBEXECDIR@/mod_security2.so + LoadModule security2_module @MSC_BASE_DIR@/apache2/.libs/mod_security2.so ServerName localhost @@ -31,7 +32,9 @@ ErrorLog @MSC_REGRESSION_LOGS_DIR@/error.log DocumentRoot @MSC_REGRESSION_DOCROOT_DIR@ - Options Indexes FollowSymLinks + Options +Indexes +FollowSymLinks AllowOverride None + Allow from all + Satisfy Any