apache2/t/regression/config/10-misc-directives.t

   1 ### Misc directive tests
   2
   3 ### TODO:
   4 # SecTmpDir
   5 # SecUploadKeepFiles
   6 # SecChrootDir
   7 # SecGuardianLog
   8
   9 # SecDefaultAction
  10 {
  11         type => "config",
  12         comment => "SecDefaultAction",
  13         conf => qq(
  14                 SecRuleEngine on
  15                 SecDefaultAction "phase:1,deny,status:500"
  16                 SecRule REQUEST_URI "test.txt"
  17         ),
  18         match_log => {
  19                 error => [ qr/ModSecurity: Access denied with code 500 \(phase 1\)/, 1 ],
  20         },
  21         match_response => {
  22                 status => qr/^500$/,
  23         },
  24         request => new HTTP::Request(
  25                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
  26         ),
  27 },
  28
  29 # SecServerSignature
  30 {
  31         type => "config",
  32         comment => "SecServerSignature On",
  33         conf => qq(
  34                 SecServerSignature "NewServerSignature"
  35         ),
  36         match_log => {
  37                 error => [ qr/NewServerSignature/, 1 ],
  38         },
  39         match_response => {
  40                 status => qr/^200$/,
  41                 raw => qr/^Server: +NewServerSignature$/m,
  42         },
  43         request => new HTTP::Request(
  44                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
  45         ),
  46 },
  47
  48 # SecDataDir
  49 {
  50         type => "config",
  51         comment => "SecDataDir",
  52         conf => qq(
  53                 SecRuleEngine On
  54                 SecDataDir "$ENV{DATA_DIR}"
  55                 SecAction initcol:ip=%{REMOTE_ADDR},setvar:ip.dummy=1,pass
  56         ),
  57         match_log => {
  58                 error => [ qr/ModSecurity: Warning. Unconditional match in SecAction\./, 1 ],
  59         },
  60         match_file => {
  61                 "$ENV{DATA_DIR}/ip.pag" => qr/\x00\x06dummy\x00\x00\x021\x00/,
  62         },
  63         match_response => {
  64                 status => qr/^200$/,
  65         },
  66         request => new HTTP::Request(
  67                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
  68         ),
  69 },
  70
  71 # SecTmpDir/SecUploadDir/SecUploadKeepFiles
  72 {
  73         type => "config",
  74         comment => "SecTmpDir/SecUploadDir/SecUploadKeepFiles",
  75         conf => qq(
  76                 SecRuleEngine On
  77                 SecRequestBodyAccess On
  78                 SecDebugLog $ENV{DEBUG_LOG}
  79                 SecDebugLogLevel 4
  80                 SecTmpDir "$ENV{TEMP_DIR}"
  81                 SecUploadKeepFiles On
  82                 SecUploadDir "$ENV{UPLOAD_DIR}"
  83         ),
  84         test => sub {
  85                 # Get the filename and make sure the file exists
  86                 my $fn = match_log(debug => qr/Moved file from .* to ".*"\./, 5);
  87                 die "Failed to determine uploaded filename\n" unless (defined $fn);
  88
  89                 $fn =~ s/Moved file from .* to "(.*)"\..*/$1/;
  90                 die "File does not exist: $fn\n" unless (-e $fn);
  91
  92                 # Check the contents of the file
  93                 return 0 if (match_file($fn, qr/^TESTFILE$/m));
  94
  95                 msg("Failed to match contents of uploaded file: $fn");
  96                 return 1;
  97         },
  98         match_log => {
  99                 debug => [ qr/Created temporary file: $ENV{TEMP_DIR}/, 1 ],
 100                 -debug => [ qr/Failed to /, 1 ],
 101         },
 102         match_response => {
 103                 status => qr/^200$/,
 104         },
 105         request => new HTTP::Request(
 106                 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 107                 [
 108                         "Content-Type" => "multipart/form-data; boundary=---------------------------19813181771830765643996187206",
 109                 ],
 110                 q(-----------------------------19813181771830765643996187206
 111 Content-Disposition: form-data; name="upload-file"; filename="test"
 112 Content-Type: application/octet-stream
 113
 114 TESTFILE
 115 -----------------------------19813181771830765643996187206
 116 Content-Disposition: form-data; name="file"
 117
 118 Upload File
 119 -----------------------------19813181771830765643996187206--),
 120         ),
 121 },
 122
 123 # SecWebAppId
 124 {
 125         type => "config",
 126         comment => "SecWebAppId",
 127         conf => qq(
 128                 SecRuleEngine On
 129                 SecRequestBodyAccess On
 130                 SecDebugLog $ENV{DEBUG_LOG}
 131                 SecDebugLogLevel 4
 132                 SecAuditLog "$ENV{AUDIT_LOG}"
 133                 SecAuditEngine RelevantOnly
 134                 SecWebAppId "app-1"
 135                 SecAction "pass,log,auditlog,id:1"
 136         ),
 137         match_log => {
 138                 error => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
 139                 debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
 140                 audit => [ qr/^WebApp-Info: "app-1"/m, 1 ],
 141         },
 142         match_response => {
 143                 status => qr/^200$/,
 144         },
 145         request => new HTTP::Request(
 146                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 147         ),
 148 },