void
test_patterndb_rule(void)
{
create_pattern_db(pdb_ruletest_skeleton);
test_rule_tag("pattern11", "tag11-1", TRUE);
test_rule_tag("pattern11", ".classifier.system", TRUE);
test_rule_tag("pattern11", "tag11-2", TRUE);
test_rule_tag("pattern11", "tag11-3", FALSE);
test_rule_tag("pattern11a", "tag11-1", TRUE);
test_rule_tag("pattern11a", "tag11-2", TRUE);
test_rule_tag("pattern11a", "tag11-3", FALSE);
test_rule_tag("pattern12", ".classifier.violation", TRUE);
test_rule_tag("pattern12", "tag12-1", FALSE);
test_rule_tag("pattern12", "tag12-2", FALSE);
test_rule_tag("pattern12", "tag12-3", FALSE);
test_rule_tag("pattern12a", "tag12-1", FALSE);
test_rule_tag("pattern12a", "tag12-2", FALSE);
test_rule_tag("pattern12a", "tag12-3", FALSE);
test_rule_tag("pattern1x", "tag1x-1", FALSE);
test_rule_tag("pattern1x", "tag1x-2", FALSE);
test_rule_tag("pattern1x", "tag1x-3", FALSE);
test_rule_tag("pattern1xa", "tag1x-1", FALSE);
test_rule_tag("pattern1xa", "tag1x-2", FALSE);
test_rule_tag("pattern1xa", "tag1x-3", FALSE);
test_rule_tag("foobar", ".classifier.unknown", TRUE);
test_rule_value("pattern11", "n11-1", "v11-1");
test_rule_value("pattern11", ".classifier.class", "system");
test_rule_value("pattern11", "n11-2", "v11-2");
test_rule_value("pattern11", "n11-3", NULL);
test_rule_value("pattern11", "context-id", "999");
test_rule_value("pattern11", ".classifier.context_id", "999");
test_rule_value("pattern11a", "n11-1", "v11-1");
test_rule_value("pattern11a", "n11-2", "v11-2");
test_rule_value("pattern11a", "n11-3", NULL);
test_rule_value("pattern12", ".classifier.class", "violation");
test_rule_value("pattern12", "n12-1", NULL);
test_rule_value("pattern12", "n12-2", NULL);
test_rule_value("pattern12", "n12-3", NULL);
test_rule_value("pattern1x", "n1x-1", NULL);
test_rule_value("pattern1x", "n1x-2", NULL);
test_rule_value("pattern1x", "n1x-3", NULL);
test_rule_value("pattern11", "vvv", MYHOST);
test_rule_action_message_value("pattern11", 0, 1, "MESSAGE", "rule11 matched");
test_rule_action_message_value("pattern11", 0, 1, "context-id", "999");
test_rule_action_message_tag("pattern11", 0, 1, "tag11-3", TRUE);
test_rule_action_message_tag("pattern11", 0, 1, "tag11-4", FALSE);
test_rule_action_message_value("pattern11", 60, 2, "MESSAGE", "rule11 timed out");
test_rule_action_message_value("pattern11", 60, 2, "context-id", "999");
test_rule_action_message_tag("pattern11", 60, 2, "tag11-3", FALSE);
test_rule_action_message_tag("pattern11", 60, 2, "tag11-4", TRUE);
clean_pattern_db();
}
void
test_patterndb_message_property_inheritance()
{
create_pattern_db(pdb_inheritance_skeleton);
test_rule_action_message_value("pattern11", 0, 1, "MESSAGE", "pattern11");
test_rule_action_message_value("pattern12", 0, 1, "MESSAGE", NULL);
test_rule_action_message_tag("pattern11", 0, 1, "tag11-1", TRUE);
test_rule_action_message_tag("pattern11", 0, 1, "tag11-2", TRUE);
test_rule_action_message_tag("pattern11", 0, 1, "tag11-3", TRUE);
test_rule_action_message_tag("pattern12", 0, 1, "tag12-1", FALSE);
test_rule_action_message_tag("pattern12", 0, 1, "tag12-2", FALSE);
test_rule_action_message_tag("pattern12", 0, 1, "tag12-3", TRUE);
clean_pattern_db();
}
void
test_parser(gchar **test)
{
GString *str;
gint index = 1;
str = g_string_new(pdb_parser_skeleton_prefix);
g_string_append(str, test[0]);
g_string_append(str, pdb_parser_skeleton_postfix);
create_pattern_db(str->str);
g_string_free(str, TRUE);
while(test[index] != NULL)
test_pattern(test[index++], test[0], TRUE);
while(test[index] != NULL)
test_pattern(test[index++], test[0], FALSE);
clean_pattern_db();
}