colin
/
tripwire-open-source
mirror of https://github.com/Tripwire/tripwire-open-source.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add more bad policy test cases; split good & bad policies into separate tests

This commit is contained in:
Brian Cox 2017-08-17 21:26:51 -07:00
parent b4e530b40f
commit dc943880de
23 changed files with 82 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/parser/testfiles.bad/arrow.txt Normal file
View File

@ -0,0 +1 @@
->

4
src/parser/testfiles.bad/asdf.txt Normal file
View File

@ -0,0 +1,4 @@
(asdf=fjfj)
{
/foo -> $(IgnoreNone);
}

1
src/parser/testfiles.bad/atat.txt Normal file
View File

@ -0,0 +1 @@
@@

1
src/parser/testfiles.bad/bad-directive.txt Normal file
View File

@ -0,0 +1 @@
@@unknown fjfjfj

1
src/parser/testfiles.bad/bad-ifhost.txt Normal file
View File

@ -0,0 +1 @@
@@ifhost

1
src/parser/testfiles.bad/error.txt Normal file
View File

@ -0,0 +1 @@
@@error This should fail

2
src/parser/testfiles.bad/global-foo.txt Normal file
View File

@ -0,0 +1,2 @@
@@section GLOBAL
/foo -> $(IgnoreNone);

1
src/parser/testfiles.bad/ignore-some.txt Normal file
View File

@ -0,0 +1 @@
/foo -> $(IgnoreSome);

1
src/parser/testfiles.bad/incomplete-1.txt Normal file
View File

@ -0,0 +1 @@
/foo

1
src/parser/testfiles.bad/incomplete-2.txt Normal file
View File

@ -0,0 +1 @@
/foo ->

1
src/parser/testfiles.bad/incomplete-3.txt Normal file
View File

@ -0,0 +1 @@
/foo -> $(IgnoreNone)

2
src/parser/testfiles.bad/incomplete-4.txt Normal file
View File

@ -0,0 +1,2 @@
{
/foo -> $(IgnoreNone);

2
src/parser/testfiles.bad/incomplete-5.txt Normal file
View File

@ -0,0 +1,2 @@
/foo -> $(IgnoreNone);
}

4
src/parser/testfiles.bad/incomplete-6.txt Normal file
View File

@ -0,0 +1,4 @@
(emailto="foo@bar
{
/foo -> $(IgnoreNone);
}

4
src/parser/testfiles.bad/incomplete-7.txt Normal file
View File

@ -0,0 +1,4 @@
(emailto="foo@bar"
{
/foo -> $(IgnoreNone);
}

1
src/parser/testfiles.bad/relpath.txt Normal file
View File

@ -0,0 +1 @@
foo -> $(IgnoreNone);

3
src/parser/testfiles/basic.txt Normal file
View File

@ -0,0 +1,3 @@
/foo -> +S;
/bar -> $(IgnoreNone);
!/baz;

0
src/parser/testfiles.bad/empty.txt → src/parser/testfiles/empty.txt
View File

6
src/parser/testfiles/ifhost.txt Normal file
View File

@ -0,0 +1,6 @@
@@ifhost localhost
@@print Hello World
/foo -> $(IgnoreNone);
@@else
@@error Failed
@@endif

7
src/parser/testfiles/variable.txt Normal file
View File

@ -0,0 +1,7 @@
@@section GLOBAL
FOO =/foo ;
BAR = +pinug ;
@@section FS
$(FOO) -> $(BAR);

112
src/test-harness/tests/createpolicy.pm
View File

@ -12,53 +12,17 @@ BEGIN
$description = "policy creation test"; $description = "policy creation test";
$testpolicydir = "$twtools::twrootdir/../../parser/testfiles"; $testpolicydir = "$twtools::twrootdir/../../parser/testfiles";
$badpolicydir = "$twtools::twrootdir/../../parser/testfiles.bad"; $badpolicydir = "$twtools::twrootdir/../../parser/testfiles.bad";
$twpassed = 1;
} }
###################################################################### ######################################################################
# various policies # Try all policy files in specified directory, & verify each returns expected value
# #
sub basic_policy
{
return <<POLICY_END;
/foo -> +S;
/bar -> \$(IgnoreNone);
!/baz;
POLICY_END
}
sub variable_policy
{
return <<POLICY_END;
\@\@section GLOBAL
FOO = /foo ;
BAR = +pinug ;
\@\@section FS
\$(FOO) -> \$(BAR);
POLICY_END
}
sub host_conditional_policy
{
return <<POLICY_END;
\@\@ifhost localhost
\@\@print Hello World
/foo -> \$(IgnoreNone);
\@\@else
\@\@error failed
\@\@endif
POLICY_END
}
sub test_policy_dir sub test_policy_dir
{ {
my ($policydir, $expected) = @_; my ($policydir, $expected) = @_;
my $twpassed = 1; # my $twpassed = 1;
opendir my $dir, $policydir or return 0; opendir my $dir, $policydir or return 0;
my @files = readdir $dir; my @files = readdir $dir;
@ -74,69 +38,63 @@ sub test_policy_dir
twtools::CreatePolicy({policy-text => "$policydir/$current_file"}); twtools::CreatePolicy({policy-text => "$policydir/$current_file"});
if ( $? != $expected ) { if ( $? != $expected ) {
twtools::logStatus ("create-polfile with $policydir/$current_file failed, error = $?\n"); twtools::logStatus ("*** create-polfile with $policydir/$current_file failed, error = $?\n");
$twpassed = 0; $twpassed = 0;
} }
} }
twtools::logStatus("Done with policy dir $policydir, result = $twpassed\n");
return $twpassed; return $twpassed;
} }
###################################################################### ######################################################################
# #
# Run the test. # Run the test.
# #
sub run sub run
{ {
my $twpassed = 1; my $out = 1;
# First try a bunch of policies that are supposed to succeed
#
twtools::logStatus("*** Beginning policy creation test\n"); twtools::logStatus("*** Beginning policy creation test\n");
printf("%-30s", "-- $description"); printf("%-30s", "-- policy creation test");
twtools::GeneratePolicyFile( basic_policy() );
if ( $? != 0 ) {
twtools::logStatus("basic create-polfile failed, error = $?\n");
$twpassed = 0;
}
twtools::GeneratePolicyFile( variable_policy() );
if ( $? != 0 ) {
twtools::logStatus("create-polfile with variables failed, error = $?\n");
$twpassed = 0;
}
twtools::GeneratePolicyFile( host_conditional_policy() );
if ( $? != 0 ) {
twtools::logStatus("create-polfile with ifhost conditional failed, error = $?\n");
$twpassed = 0;
}
test_policy_dir( "$testpolicydir", 0 ); test_policy_dir( "$testpolicydir", 0 );
if ( $? != 0 ) {
$twpassed = 0;
}
test_policy_dir( "$badpolicydir", 1 );
if ( $? != 0 ) {
$twpassed = 0;
}
#########################################################
#
# See if the tests all succeeded...
#
if ($twpassed) { if ($twpassed) {
++$twtools::twpassedtests; ++$twtools::twpassedtests;
print "PASSED\n"; print "PASSED\n";
return 1;
} }
else { else {
++$twtools::twfailedtests; ++$twtools::twfailedtests;
print "*FAILED*\n"; print "*FAILED*\n";
return 0; $out = 0;
} }
# Now try some bad policies
#
twtools::logStatus("*** Beginning bad policy rejection test\n");
printf("%-30s", "-- bad policy rejection test");
$twpassed = 1;
++$twtools::twtotaltests;
test_policy_dir( "$badpolicydir", 256 );
if ($twpassed) {
++$twtools::twpassedtests;
print "PASSED\n";
}
else {
++$twtools::twfailedtests;
print "*FAILED*\n";
$out = 0;
}
return $out;
} }

2
src/test-harness/tests/dbupdate.pm
View File

@ -142,7 +142,7 @@ sub PrepareForTest
# #
sub RunBasicTest sub RunBasicTest
{ {
twtools::logStatus("*** Beginning dbupdate.basic test\n"); twtools::logStatus("*** Beginning dbupdate.basic test\n");
printf("%-30s", "-- dbupdate.basic test"); printf("%-30s", "-- dbupdate.basic test");
PrepareForTest(); PrepareForTest();

4
src/test-harness/twtools.pm
View File

@ -273,7 +273,7 @@ sub GeneratePolicyFile {
print "generating policy file...\n" if $verbose; print "generating policy file...\n" if $verbose;
logStatus(`$twrootdir/bin/twadmin -m P -c $twrootdir/$twcfgloc -Q $twsitepass -p $twrootdir/$twpolfileloc $twrootdir/$twpolicyloc`); logStatus(`$twrootdir/bin/twadmin -m P -c $twrootdir/$twcfgloc -Q $twsitepass -p $twrootdir/$twpolfileloc $twrootdir/$twpolicyloc 2>&1`);
return ($? == 0); return ($? == 0);
} }
@ -291,7 +291,7 @@ sub CreatePolicy {
print "generating policy file...\n" if $verbose; print "generating policy file...\n" if $verbose;
logStatus(`$twrootdir/bin/twadmin -m P -c $twrootdir/$twcfgloc -Q $twsitepass -p $twrootdir/$twpolfileloc $params{policy-text}`); logStatus(`$twrootdir/bin/twadmin -m P -c $twrootdir/$twcfgloc -Q $twsitepass -p $twrootdir/$twpolfileloc $params{policy-text} 2>&1`);
return ($? == 0); return ($? == 0);
} }