TEST_F(XRulesTest, SetFlag) {
ib_field_t *field;
ib_num_t num;
ib_var_target_t *target;
const ib_list_t *list;
std::string config =
std::string(
"LogLevel DEBUG\n"
"LoadModule \"ibmod_persistence_framework.so\"\n"
"LoadModule \"ibmod_init_collection.so\"\n"
"LoadModule \"ibmod_xrules.so\"\n"
"InitCollection GeoIP vars: country_code=US\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
/* Note that both rules should fire and result in a single entry. */
"XRulePath / EnableRequestParamInspection priority=1\n"
"XRuleGeo US EnableRequestParamInspection priority=1\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Hostname somesite.com\n"
"</Site>\n"
);
configureIronBeeByString(config.c_str());
performTx();
ASSERT_TRUE(ib_tx);
ASSERT_TRUE(ib_tx->flags & IB_TX_FINSPECT_REQPARAMS);
ASSERT_EQ(
IB_OK,
ib_var_target_acquire_from_string(
&target,
ib_tx->mp,
ib_var_store_config(ib_tx->var_store),
"FLAGS:inspectRequestParams",
strlen("FLAGS:inspectRequestParams"),
NULL,
NULL)
);
ASSERT_EQ(
IB_OK,
ib_var_target_get_const(
target,
&list,
ib_tx->mp,
ib_tx->var_store)
);
ASSERT_EQ(1U, ib_list_elements(list));
field = (ib_field_t *)ib_list_node_data_const(ib_list_first_const(list));
ASSERT_EQ(IB_FTYPE_NUM, field->type);
ASSERT_EQ(
IB_OK,
ib_field_value(field, ib_ftype_num_out(&num))
);
ASSERT_EQ(1, num);
}
TEST_F(TxLogTest, BlockResponse) {
ib_logger_format_t *format;
std::string config =
std::string(
"LogLevel INFO\n"
"LoadModule \"ibmod_htp.so\"\n"
"LoadModule \"ibmod_rules.so\"\n"
"LoadModule \"ibmod_txlog.so\"\n"
"AuditLogBaseDir .\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Hostname UnitTest\n"
" Action id:1 rev:1 phase:response block:immediate event\n"
"</Site>\n"
);
configureIronBeeByString(config.c_str());
ASSERT_EQ(
IB_OK,
ib_logger_fetch_format(
ib_engine_logger_get(ib_engine),
TXLOG_FORMAT_FN_NAME,
&format)
);
ASSERT_EQ(
IB_OK,
ib_logger_writer_add(
ib_engine_logger_get(ib_engine),
NULL, NULL, /* Open. */
NULL, NULL, /* Close. */
NULL, NULL, /* Reopen. */
format, /* Format. */
test_record_handler, NULL /* Record. */
)
);
performTx();
ASSERT_TRUE(ib_tx);
std::cout << "Log string is: " << test_log.str();
}
/* Test that the custom error page file is served. */
TEST_F(ErrorPage, basic_file) {
std::string config =
std::string(
"LogLevel DEBUG\n"
"LoadModule \"ibmod_error_page.so\"\n"
"LoadModule \"ibmod_rules.so\"\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
"HttpStatusCodeContents 500 error_page.html\n"
"BlockingMethod status=500\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Service *:*\n"
" Hostname *\n"
" Action id:action01 rev:1 phase:request block:phase\n"
"</Site>\n"
);
configureIronBeeByString(config.c_str());
/* Use the engine_private.h to mock the server error callbacks. */
const_cast<ib_server_t *>(ib_engine->server)->err_fn = mock_error_fn;
const_cast<ib_server_t *>(ib_engine->server)->err_body_fn =
mock_error_body_fn;
/* Clear the mock values. */
mock_error_body = "";
mock_error_status = 0;
/* Perform the transaction (which populates the mock values). */
performTx();
/* Check the status code. */
ASSERT_EQ(500, mock_error_status);
/* Check if we got ANY data. */
ASSERT_TRUE(mock_error_body.size() > 0);
/* Read in the whole file and compare it against what the module did. */
std::stringbuf buf;
std::ifstream("error_page.html").get(buf, 0);
ASSERT_EQ(
buf.str(),
mock_error_body);
}
TEST_F(XRulesTest, Load) {
std::string config =
std::string(
"LogLevel DEBUG\n"
"LoadModule \"ibmod_xrules.so\"\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Hostname somesite.com\n"
"</Site>\n"
);
configureIronBeeByString(config.c_str());
performTx();
ASSERT_TRUE(ib_tx);
}
TEST_F(XRulesTest, Time6) {
std::string config =
std::string(
"LogLevel DEBUG\n"
"LoadModule \"ibmod_xrules.so\"\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
"XRuleTime \"4@02:00-02:10-0800\" Block priority=1\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Hostname somesite.com\n"
"</Site>\n"
);
configureIronBeeByString(config.c_str());
performTx();
}
/* Test the case where the error file does not exist. */
TEST_F(ErrorPage, file_not_found) {
std::string config =
std::string(
"LogLevel DEBUG\n"
"LoadModule \"ibmod_error_page.so\"\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
"BlockingMethod status=500\n"
"HttpStatusCodeContents 500 missing_file.html\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Hostname somesite.com\n"
"</Site>\n"
);
ASSERT_THROW(
configureIronBeeByString(config.c_str()),
std::runtime_error);
}
TEST_F(XRulesTest, IPv6) {
std::string config =
std::string(
"LogLevel DEBUG\n"
"LoadModule \"ibmod_xrules.so\"\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
"XRuleIpv6 \"::1/128\" block priority=1\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Hostname somesite.com\n"
"</Site>\n"
);
configureIronBeeByString(config.c_str());
performTx();
ASSERT_TRUE(ib_tx);
ASSERT_FALSE(ib_tx->flags & IB_TX_BLOCK_IMMEDIATE);
}
TEST_F(XRulesTest, RunGeoIPNoMatch) {
std::string config =
std::string(
"LogLevel DEBUG\n"
"LoadModule \"ibmod_persistence_framework.so\"\n"
"LoadModule \"ibmod_init_collection.so\"\n"
"LoadModule \"ibmod_xrules.so\"\n"
"InitCollection GeoIP vars: country_code=DE\n"
"SensorId B9C1B52B-C24A-4309-B9F9-0EF4CD577A3E\n"
"SensorName UnitTesting\n"
"SensorHostname unit-testing.sensor.tld\n"
"XRuleGeo \"US\" block priority=1\n"
"<Site test-site>\n"
" SiteId AAAABBBB-1111-2222-3333-000000000000\n"
" Hostname somesite.com\n"
"</Site>\n"
);
configureIronBeeByString(config.c_str());
performTx();
ASSERT_TRUE(ib_tx);
ASSERT_FALSE(ib_tx->flags & IB_TX_BLOCK_IMMEDIATE);
}
