/**
* \test parsing: invalid reference.
*
* \retval 1 on succces.
* \retval 0 on failure.
*/
static int DetectReferenceParseTest03(void)
{
int result = 0;
Signature *s = NULL;
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL) {
goto cleanup;
}
de_ctx->flags |= DE_QUIET;
SCRConfGenerateValidDummyReferenceConfigFD01();
SCRConfLoadReferenceConfigFile(de_ctx);
SCRConfDeleteDummyReferenceConfigFD();
s = de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(msg:\"invalid ref\"; "
"reference:unknownkey,001-2010; sid:2;)");
if (s != NULL) {
printf("sig parsed even though it's invalid: ");
goto cleanup;
}
result = 1;
cleanup:
if (de_ctx != NULL) {
DetectEngineCtxFree(de_ctx);
}
return result;
}
/**
* \test Check if the reference info from the reference.config file have
* been loaded into the hash table.
*/
int SCRConfTest04(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
int result = 1;
if (de_ctx == NULL)
return 0;
FILE *fd = SCRConfGenerateValidDummyReferenceConfigFD01();
SCRConfLoadReferenceConfigFile(de_ctx, fd);
if (de_ctx->reference_conf_ht == NULL)
goto end;
result = (de_ctx->reference_conf_ht->count == 3);
result &= (SCRConfGetReference("one", de_ctx) != NULL);
result &= (SCRConfGetReference("two", de_ctx) != NULL);
result &= (SCRConfGetReference("three", de_ctx) != NULL);
result &= (SCRConfGetReference("four", de_ctx) == NULL);
end:
if (de_ctx != NULL)
DetectEngineCtxFree(de_ctx);
return result;
}
/**
* \test for two valid references.
*
* \retval 1 on succces.
* \retval 0 on failure.
*/
static int DetectReferenceParseTest02(void)
{
int result = 0;
Signature *s = NULL;
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL) {
goto cleanup;
}
de_ctx->flags |= DE_QUIET;
SCRConfGenerateValidDummyReferenceConfigFD01();
SCRConfLoadReferenceConfigFile(de_ctx);
SCRConfDeleteDummyReferenceConfigFD();
s = de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(msg:\"Two references\"; "
"reference:one,openinfosecdoundation.txt; "
"reference:two,001-2010; sid:2;)");
if (s == NULL) {
printf("sig parse failed: ");
goto cleanup;
}
if (s->references == NULL || s->references->next == NULL) {
printf("no ref or not enough refs: ");
goto cleanup;
}
if (strcmp(s->references->key, "http://www.one.com") != 0 ||
strcmp(s->references->reference, "openinfosecdoundation.txt") != 0) {
printf("first ref failed: ");
goto cleanup;
}
if (strcmp(s->references->next->key, "http://www.two.com") != 0 ||
strcmp(s->references->next->reference, "001-2010") != 0) {
printf("second ref failed: ");
goto cleanup;
}
result = 1;
cleanup:
if (de_ctx != NULL) {
DetectEngineCtxFree(de_ctx);
}
return result;
}
/**
* \test one valid reference.
*
* \retval 1 on succces.
* \retval 0 on failure.
*/
static int DetectReferenceParseTest01(void)
{
int result = 0;
Signature *s = NULL;
DetectReference *ref = NULL;
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL) {
goto cleanup;
}
de_ctx->flags |= DE_QUIET;
SCRConfGenerateValidDummyReferenceConfigFD01();
SCRConfLoadReferenceConfigFile(de_ctx);
SCRConfDeleteDummyReferenceConfigFD();
s = de_ctx->sig_list = SigInit(de_ctx, "alert icmp any any -> any any "
"(msg:\"One reference\"; reference:one,001-2010; sid:2;)");
if (s == NULL) {
goto cleanup;
}
if (s->references == NULL) {
goto cleanup;
}
ref = s->references;
if (strcmp(ref->key, "http://www.one.com") != 0 ||
strcmp(ref->reference, "001-2010") != 0) {
goto cleanup;
}
result = 1;
cleanup:
if (de_ctx != NULL) {
DetectEngineCtxFree(de_ctx);
}
return result;
}
/**
* \test Check if the reference info from the reference.config file have
* been loaded into the hash table.
*/
int SCRConfTest04(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
SCRConfReference *ref = NULL;
int result = 1;
if (de_ctx == NULL)
return 0;
SCRConfGenerateValidDummyReferenceConfigFD01();
SCRConfLoadReferenceConfigFile(de_ctx);
SCRConfDeleteDummyReferenceConfigFD();
if (de_ctx->reference_conf_ht == NULL)
goto end;
result = (de_ctx->reference_conf_ht->count == 3);
ref = SCRConfAllocSCRConfReference("one", "http://www.one.com");
result &= (HashTableLookup(de_ctx->reference_conf_ht, ref, 0) != NULL);
SCRConfDeAllocSCRConfReference(ref);
ref = SCRConfAllocSCRConfReference("two", "http://www.two.com");
result &= (HashTableLookup(de_ctx->reference_conf_ht, ref, 0) != NULL);
SCRConfDeAllocSCRConfReference(ref);
ref = SCRConfAllocSCRConfReference("three", "http://www.three.com");
result &= (HashTableLookup(de_ctx->reference_conf_ht, ref, 0) != NULL);
SCRConfDeAllocSCRConfReference(ref);
ref = SCRConfAllocSCRConfReference("four", "http://www.four.com");
result &= (HashTableLookup(de_ctx->reference_conf_ht, ref, 0) == NULL);
SCRConfDeAllocSCRConfReference(ref);
end:
if (de_ctx != NULL)
DetectEngineCtxFree(de_ctx);
return result;
}
/**
* \test Check that the reference file is loaded and the detection engine
* content reference_conf_ht loaded with the reference data.
*/
int SCRConfTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
int result = 0;
if (de_ctx == NULL)
return result;
FILE *fd = SCRConfGenerateValidDummyReferenceConfigFD01();
SCRConfLoadReferenceConfigFile(de_ctx, fd);
if (de_ctx->reference_conf_ht == NULL)
goto end;
result = (de_ctx->reference_conf_ht->count == 3);
if (result == 0)
printf("FAILED: de_ctx->reference_conf_ht->count %u: ", de_ctx->reference_conf_ht->count);
end:
if (de_ctx != NULL)
DetectEngineCtxFree(de_ctx);
return result;
}
