def test_response_failure():
runner = testrunner.TestRunner()
http_ua = http.HttpUA()
with pytest.raises(AssertionError):
runner.test_response(
http.HttpResponse('HTTP/1.1 200 OK\r\n\r\ncat', http_ua),
re.compile('dog'))
def build_journal(journal_file, ruledir, ruledir_recurse, tablename):
util.instantiate_database(journal_file)
rulesets = util.get_rulesets(ruledir, ruledir_recurse)
for rule in rulesets:
for test in rule.tests:
runner = testrunner.TestRunner()
runner.run_test_build_journal(test.ruleset_meta['name'], test, journal_file, tablename)
def test_search3():
runner = testrunner.TestRunner()
x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"})
http_ua = http.HttpUA()
http_ua.send_request(x)
runner.test_response(http_ua.response_object,
re.compile('is for use in illustrative'))
def test_search3():
runner = testrunner.TestRunner()
x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"})
http_ua = http.HttpUA()
http_ua.send_request(x)
runner.test_response(http_ua.response_object,
re.compile('established to be used for'))
def test_search2():
runner = testrunner.TestRunner()
x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"})
http_ua = http.HttpUA()
http_ua.send_request(x)
with pytest.raises(AssertionError):
runner.test_response(http_ua.response_object, re.compile('dog'))
def test_modsecurityv2(modsec_logger_obj, ruleset, test, destaddr):
"""
Modsec specific test
"""
runner = testrunner.TestRunner()
try:
for stage in test.stages:
if destaddr is not None:
stage.input.dest_addr = destaddr
runner.run_stage(stage, modsec_logger_obj)
except errors.TestError as e:
e.args[1]['meta'] = ruleset.meta
pytest.fail('Failure! Message -> {0}, Context -> {1}'.format(
e.args[0], e.args[1]))
def test_default(ruleset, test, destaddr):
"""
Default tester with no logger obj. Useful for HTML contains and Status code
Not useful for testing loggers
"""
runner = testrunner.TestRunner()
try:
for stage in test.stages:
if destaddr is not None:
stage.input.dest_addr = destaddr
runner.run_stage(stage, None)
except errors.TestError as e:
e.args[1]['meta'] = ruleset.meta
pytest.fail('Failure! Message -> {0}, Context -> {1}'.format(
e.args[0], e.args[1]))
def test_crs(ruleset, test, logchecker_obj, csv_writer):
runner = testrunner.TestRunner()
for stage in test.stages:
result, log_data = False, ''
error = None
try:
result, log_data = runner.run_stage(stage, logchecker_obj)
except Exception as e:
error = e
# write expect
expect = ""
if stage.output.log_contains_str:
expect += f"- log contains: {stage.output.log_contains_str.pattern}\n"
if stage.output.expect_error:
expect += f"- error: {stage.output.expect_error}\n"
if stage.output.no_log_contains_str:
expect += f"- log not contains: {stage.output.no_log_contains_str.pattern}\n"
if stage.output.response_contains_str:
expect += f"- response contains: {stage.output.response_contains_str.pattern}\n"
if stage.output.status:
if type(stage.output.status) is list:
expect += f"- status code: {' or '.join(map(lambda i: str(i), stage.output.status))}\n"
else:
expect += f"- status code: {stage.output.status}\n"
test_data = {
'id': f"{ruleset.meta['name']}-{csv_writer.numTest}",
'description': test.test_title,
'test_result': "OK" if result else "FAILED",
'expect_behavior': expect,
'url': stage.input.uri,
'data': stage.input.data,
'log_message': log_data
}
csv_writer.append(test_data)
if error:
raise error
assert result
def test_crs(ruleset, test, logchecker_obj):
runner = testrunner.TestRunner()
for stage in test.stages:
runner.run_stage(stage, logchecker_obj)
def test_search1():
runner = testrunner.TestRunner()
ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"})
http_ua = http.HttpUA()
with pytest.raises(errors.TestError):
runner.test_response(http_ua.response_object, re.compile('dog'))
def test_multipart(ruleset, test):
runner = testrunner.TestRunner()
for stage in test.stages:
runner.run_stage(stage)
def test_search4():
runner = testrunner.TestRunner()
x = ruleset.Input(dest_addr="example.com", headers={"Host": "example.com"})
http_ua = http.HttpUA(x)
http_ua.send_request()
runner.test_response(http_ua.response_object, re.compile('.*'))
def test_crs(ruleset, test, logchecker_obj, with_journal, tablename):
runner = testrunner.TestRunner()
for stage in test.stages:
runner.run_stage_with_journal(test.ruleset_meta['name'], test,
with_journal, tablename, logchecker_obj)
def test_logcontains_nolog(logchecker_obj, ruleset, test):
logchecker_obj.do_nothing = True
runner = testrunner.TestRunner()
for stage in test.stages:
runner.run_stage(stage, logchecker_obj)
def test_logcontains_withlog(logchecker_obj, ruleset, test):
runner = testrunner.TestRunner()
for stage in test.stages:
runner.run_stage(stage, logchecker_obj)
def test_response_success():
runner = testrunner.TestRunner()
http_ua = http.HttpUA()
runner.test_response(
http.HttpResponse('HTTP/1.1 200 OK\r\n\r\ncat', http_ua),
re.compile('cat'))
def test_response_before_response():
runner = testrunner.TestRunner()
http_ua = http.HttpUA()
with pytest.raises(errors.TestError):
runner.test_response(http_ua.response_object, re.compile('dog'))
def test_expecterror(ruleset, test):
runner = testrunner.TestRunner()
for stage in test.stages:
runner.run_stage(stage)
def test_logcontains(ruleset, test):
runner = testrunner.TestRunner()
for stage in test.stages:
runner.run_stage(stage)
def test_logcontains_nolog(logchecker_obj, test):
logchecker_obj.do_nothing = True
runner = testrunner.TestRunner()
with (pytest.raises(AssertionError)):
for stage in test.stages:
runner.run_stage(stage, logchecker_obj)
