def test_response_failure(): runner = testrunner.TestRunner() http_ua = http.HttpUA() with pytest.raises(AssertionError): runner.test_response( http.HttpResponse('HTTP/1.1 200 OK\r\n\r\ncat', http_ua), re.compile('dog'))
def build_journal(journal_file, ruledir, ruledir_recurse, tablename): util.instantiate_database(journal_file) rulesets = util.get_rulesets(ruledir, ruledir_recurse) for rule in rulesets: for test in rule.tests: runner = testrunner.TestRunner() runner.run_test_build_journal(test.ruleset_meta['name'], test, journal_file, tablename)
def test_search3(): runner = testrunner.TestRunner() x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"}) http_ua = http.HttpUA() http_ua.send_request(x) runner.test_response(http_ua.response_object, re.compile('is for use in illustrative'))
def test_search3(): runner = testrunner.TestRunner() x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"}) http_ua = http.HttpUA() http_ua.send_request(x) runner.test_response(http_ua.response_object, re.compile('established to be used for'))
def test_search2(): runner = testrunner.TestRunner() x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"}) http_ua = http.HttpUA() http_ua.send_request(x) with pytest.raises(AssertionError): runner.test_response(http_ua.response_object, re.compile('dog'))
def test_modsecurityv2(modsec_logger_obj, ruleset, test, destaddr): """ Modsec specific test """ runner = testrunner.TestRunner() try: for stage in test.stages: if destaddr is not None: stage.input.dest_addr = destaddr runner.run_stage(stage, modsec_logger_obj) except errors.TestError as e: e.args[1]['meta'] = ruleset.meta pytest.fail('Failure! Message -> {0}, Context -> {1}'.format( e.args[0], e.args[1]))
def test_default(ruleset, test, destaddr): """ Default tester with no logger obj. Useful for HTML contains and Status code Not useful for testing loggers """ runner = testrunner.TestRunner() try: for stage in test.stages: if destaddr is not None: stage.input.dest_addr = destaddr runner.run_stage(stage, None) except errors.TestError as e: e.args[1]['meta'] = ruleset.meta pytest.fail('Failure! Message -> {0}, Context -> {1}'.format( e.args[0], e.args[1]))
def test_crs(ruleset, test, logchecker_obj, csv_writer): runner = testrunner.TestRunner() for stage in test.stages: result, log_data = False, '' error = None try: result, log_data = runner.run_stage(stage, logchecker_obj) except Exception as e: error = e # write expect expect = "" if stage.output.log_contains_str: expect += f"- log contains: {stage.output.log_contains_str.pattern}\n" if stage.output.expect_error: expect += f"- error: {stage.output.expect_error}\n" if stage.output.no_log_contains_str: expect += f"- log not contains: {stage.output.no_log_contains_str.pattern}\n" if stage.output.response_contains_str: expect += f"- response contains: {stage.output.response_contains_str.pattern}\n" if stage.output.status: if type(stage.output.status) is list: expect += f"- status code: {' or '.join(map(lambda i: str(i), stage.output.status))}\n" else: expect += f"- status code: {stage.output.status}\n" test_data = { 'id': f"{ruleset.meta['name']}-{csv_writer.numTest}", 'description': test.test_title, 'test_result': "OK" if result else "FAILED", 'expect_behavior': expect, 'url': stage.input.uri, 'data': stage.input.data, 'log_message': log_data } csv_writer.append(test_data) if error: raise error assert result
def test_crs(ruleset, test, logchecker_obj): runner = testrunner.TestRunner() for stage in test.stages: runner.run_stage(stage, logchecker_obj)
def test_search1(): runner = testrunner.TestRunner() ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"}) http_ua = http.HttpUA() with pytest.raises(errors.TestError): runner.test_response(http_ua.response_object, re.compile('dog'))
def test_multipart(ruleset, test): runner = testrunner.TestRunner() for stage in test.stages: runner.run_stage(stage)
def test_search4(): runner = testrunner.TestRunner() x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"}) http_ua = http.HttpUA(x) http_ua.send_request() runner.test_response(http_ua.response_object, re.compile('.*'))
def test_crs(ruleset, test, logchecker_obj, with_journal, tablename): runner = testrunner.TestRunner() for stage in test.stages: runner.run_stage_with_journal(test.ruleset_meta['name'], test, with_journal, tablename, logchecker_obj)
def test_logcontains_nolog(logchecker_obj, ruleset, test): logchecker_obj.do_nothing = True runner = testrunner.TestRunner() for stage in test.stages: runner.run_stage(stage, logchecker_obj)
def test_logcontains_withlog(logchecker_obj, ruleset, test): runner = testrunner.TestRunner() for stage in test.stages: runner.run_stage(stage, logchecker_obj)
def test_response_success(): runner = testrunner.TestRunner() http_ua = http.HttpUA() runner.test_response( http.HttpResponse('HTTP/1.1 200 OK\r\n\r\ncat', http_ua), re.compile('cat'))
def test_response_before_response(): runner = testrunner.TestRunner() http_ua = http.HttpUA() with pytest.raises(errors.TestError): runner.test_response(http_ua.response_object, re.compile('dog'))
def test_expecterror(ruleset, test): runner = testrunner.TestRunner() for stage in test.stages: runner.run_stage(stage)
def test_logcontains(ruleset, test): runner = testrunner.TestRunner() for stage in test.stages: runner.run_stage(stage)
def test_logcontains_nolog(logchecker_obj, test): logchecker_obj.do_nothing = True runner = testrunner.TestRunner() with (pytest.raises(AssertionError)): for stage in test.stages: runner.run_stage(stage, logchecker_obj)