suricata
reputation.c
Go to the documentation of this file.
1 /* Copyright (C) 2019 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  *
20  * \author Giuseppe Longo <giuseppe@glongo.it>
21  *
22  */
23 
24 #include "conf-yaml-loader.h"
25 #include "detect-engine.h"
26 #include "stream-tcp-private.h"
27 #include "stream-tcp-reassemble.h"
28 #include "stream-tcp.h"
29 #include "util-unittest-helper.h"
30 
31 #define TEST_INIT \
32  DetectEngineCtx *de_ctx = DetectEngineCtxInit(); \
33  FAIL_IF(de_ctx == NULL); \
34  SRepInit(de_ctx); \
35  \
36  Address a; \
37  uint8_t cat = 0, value = 0;
38 
39 #define TEST_INIT_WITH_PACKET(ip) \
40  uint8_t *buf = (uint8_t *)"Hi all!"; \
41  uint16_t buflen = strlen((char *)buf); \
42  Packet *p = UTHBuildPacket((uint8_t *)buf, buflen, IPPROTO_TCP); \
43  FAIL_IF(p == NULL); \
44  p->src.addr_data32[0] = UTHSetIPv4Address(ip); \
45  TEST_INIT
46 
47 #define TEST_CLEANUP \
48  DetectEngineCtxFree(de_ctx);
49 
50 #define TEST_CLEANUP_WITH_PACKET \
51  UTHFreePacket(p); \
52  TEST_CLEANUP
53 
54 static int SRepTest01(void)
55 {
56  TEST_INIT;
57 
58  char ipstr[16];
59  char str[] = "1.2.3.4,1,2";
60  FAIL_IF(SRepSplitLine(de_ctx->srepCIDR_ctx, str, &a, &cat, &value) != 0);
61  PrintInet(AF_INET, (const void *)&a.address, ipstr, sizeof(ipstr));
62  FAIL_IF(strcmp(ipstr, "1.2.3.4") != 0);
63  FAIL_IF(cat != 1);
64  FAIL_IF(value != 2);
65 
66  TEST_CLEANUP;
67  PASS;
68 }
69 
70 static int SRepTest02(void)
71 {
72  TEST_INIT;
73 
74  char str[] = "1.1.1.1,";
75  FAIL_IF(SRepSplitLine(de_ctx->srepCIDR_ctx, str, &a, &cat, &value) == 0);
76 
77  TEST_CLEANUP;
78  PASS;
79 }
80 
81 static int SRepTest03(void)
82 {
83  char str[] = "1,Shortname,Long Name";
84  uint8_t cat = 0;
85  char shortname[SREP_SHORTNAME_LEN];
86 
87  FAIL_IF(SRepCatSplitLine(str, &cat, shortname, sizeof(shortname)) != 0);
88  FAIL_IF(strcmp(shortname, "Shortname") != 0);
89  FAIL_IF(cat != 1);
90 
91  PASS;
92 }
93 
94 static int SRepTest04(void)
95 {
96  TEST_INIT;
97 
98  char str[] = "10.0.0.0/16,1,2";
99  FAIL_IF(SRepSplitLine(de_ctx->srepCIDR_ctx, str, &a, &cat, &value) != 1);
100 
101  TEST_CLEANUP;
102  PASS;
103 }
104 
105 static int SRepTest05(void)
106 {
107  TEST_INIT_WITH_PACKET("10.0.0.1");
108 
109  char str[] = "10.0.0.0/16,1,20";
110  FAIL_IF(SRepSplitLine(de_ctx->srepCIDR_ctx, str, &a, &cat, &value) != 1);
111 
112  cat = 1;
113  FAIL_IF(SRepCIDRGetIPRepSrc(de_ctx->srepCIDR_ctx, p, cat, 0) != 20);
114 
115  TEST_CLEANUP_WITH_PACKET;
116  PASS;
117 }
118 
119 static int SRepTest06(void)
120 {
121  TEST_INIT_WITH_PACKET("192.168.0.1");
122 
123  char str[] =
124  "0.0.0.0/0,1,10\n"
125  "192.168.0.0/16,2,127";
126 
127  FAIL_IF(SRepSplitLine(de_ctx->srepCIDR_ctx, str, &a, &cat, &value) != 1);
128 
129  cat = 1;
130  FAIL_IF(SRepCIDRGetIPRepSrc(de_ctx->srepCIDR_ctx, p, cat, 0) != 10);
131 
132  TEST_CLEANUP_WITH_PACKET;
133  PASS;
134 }
135 
136 static int SRepTest07(void) {
137  TEST_INIT;
138 
139  char str[] = "2000:0000:0000:0000:0000:0000:0000:0001,";
140  FAIL_IF(SRepSplitLine(de_ctx->srepCIDR_ctx, str, &a, &cat, &value) == 0);
141 
142  TEST_CLEANUP;
143  PASS;
144 }
145 
146 /** Register the following unittests for the Reputation module */
147 void SCReputationRegisterTests(void)
148 {
149  UtRegisterTest("SRepTest01", SRepTest01);
150  UtRegisterTest("SRepTest02", SRepTest02);
151  UtRegisterTest("SRepTest03", SRepTest03);
152  UtRegisterTest("SRepTest04", SRepTest04);
153  UtRegisterTest("SRepTest05", SRepTest05);
154  UtRegisterTest("SRepTest06", SRepTest06);
155  UtRegisterTest("SRepTest07", SRepTest07);
156 }
PASS
#define PASS
Pass the test.
Definition: util-unittest.h:105
SRepCIDRGetIPRepSrc
uint8_t SRepCIDRGetIPRepSrc(SRepCIDRTree *cidr_ctx, Packet *p, uint8_t cat, uint32_t version)
Definition: reputation.c:146
FAIL_IF
#define FAIL_IF(expr)
Fail a test if expression evaluates to false.
Definition: util-unittest.h:71
SREP_SHORTNAME_LEN
#define SREP_SHORTNAME_LEN
Definition: reputation.c:337
str
#define str(s)
Definition: suricata-common.h:258
UtRegisterTest
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
Definition: util-unittest.c:103
PrintInet
const char * PrintInet(int af, const void *src, char *dst, socklen_t size)
Definition: util-print.c:267
TEST_CLEANUP_WITH_PACKET
#define TEST_CLEANUP_WITH_PACKET
Definition: reputation.c:50
TEST_CLEANUP
#define TEST_CLEANUP
Definition: reputation.c:47
TEST_INIT
#define TEST_INIT
Definition: reputation.c:31
SCReputationRegisterTests
void SCReputationRegisterTests(void)
Definition: reputation.c:147
TEST_INIT_WITH_PACKET
#define TEST_INIT_WITH_PACKET(ip)
Definition: reputation.c:39