annotate mod_firewall/test.lib.lua @ 5251:f3123cbbd894

mod_audit: Allow disabling IP logging, or limiting it to a prefix
author Matthew Wild <mwild1@gmail.com>
date Tue, 14 Mar 2023 18:59:39 +0000
parents 001c756ead7d
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2804
b50f7b9fdbbb mod_firewall/test: Declare globals from mod_firewall that are used [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2585
diff changeset
1 -- luacheck: globals load_unload_scripts
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local set = require "util.set";
2852
668447566edf mod_firewall/test: Import the ltn12 library correctly
Kim Alvefur <zash@zash.se>
parents: 2808
diff changeset
3 local ltn12 = require "ltn12";
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local xmppstream = require "util.xmppstream";
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local function stderr(...)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 io.stderr:write("** ", table.concat({...}, "\t", 1, select("#", ...)), "\n");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 return function (arg)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 require "net.http".request = function (url, ex, cb)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 stderr("Making HTTP request to "..url);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local body_table = {};
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 local ok, response_status, response_headers = require "ssl.https".request({
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 url = url;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 headers = ex.headers;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 method = ex.body and "POST" or "GET";
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 sink = ltn12.sink.table(body_table);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 source = ex.body and ltn12.source.string(ex.body) or nil;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 });
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 stderr("HTTP response "..response_status);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 cb(table.concat(body_table), response_status, { headers = response_headers });
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 return true;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 end;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 local stats_dropped, stats_passed = 0, 0;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 load_unload_scripts(set.new(arg));
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 local stream_callbacks = { default_ns = "jabber:client" };
2807
2c3334131a7d mod_firewall/test: Trim trailing whitespace [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2806
diff changeset
31
2806
93a4b13ca9f6 mod_firewall/test: Use session passed as argument instead of upvalue
Kim Alvefur <zash@zash.se>
parents: 2805
diff changeset
32 function stream_callbacks.streamopened(session)
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 session.notopen = nil;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 function stream_callbacks.streamclosed()
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 end
2808
2cc02ee82e8c mod_firewall/test: Move session variable to avoid warning about it being shadowed [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2807
diff changeset
37 function stream_callbacks.error(session, error_name, error_message) -- luacheck: ignore 212/session
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 stderr("Fatal error parsing XML stream: "..error_name..": "..tostring(error_message))
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 assert(false);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 function stream_callbacks.handlestanza(session, stanza)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 if not module:fire_event("firewall/chains/deliver", { origin = session, stanza = stanza }) then
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 stats_passed = stats_passed + 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 print(stanza);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 print("");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 else
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 stats_dropped = stats_dropped + 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 end
2807
2c3334131a7d mod_firewall/test: Trim trailing whitespace [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2806
diff changeset
50
2808
2cc02ee82e8c mod_firewall/test: Move session variable to avoid warning about it being shadowed [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2807
diff changeset
51 local session = { notopen = true };
4015
001c756ead7d mod_firewall/test: Print replies to stderr instead of crashing
Kim Alvefur <zash@zash.se>
parents: 3761
diff changeset
52 function session.send(stanza)
001c756ead7d mod_firewall/test: Print replies to stderr instead of crashing
Kim Alvefur <zash@zash.se>
parents: 3761
diff changeset
53 stderr("Reply:", "\n"..tostring(stanza).."\n");
001c756ead7d mod_firewall/test: Print replies to stderr instead of crashing
Kim Alvefur <zash@zash.se>
parents: 3761
diff changeset
54 end
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 local stream = xmppstream.new(session, stream_callbacks);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 stream:feed("<stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'>");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 local line_count = 0;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 for line in io.lines() do
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 line_count = line_count + 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 local ok, err = stream:feed(line.."\n");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 if not ok then
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 stderr("Fatal XML parse error on line "..line_count..": "..err);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 return 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 end
2807
2c3334131a7d mod_firewall/test: Trim trailing whitespace [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2806
diff changeset
66
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 stderr("Summary");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 stderr("-------");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 stderr("");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 stderr(stats_dropped + stats_passed, "processed");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 stderr(stats_passed, "passed");
3761
0ae28bf0c546 mod_firewall: Fix typo [codespell]
Kim Alvefur <zash@zash.se>
parents: 2852
diff changeset
72 stderr(stats_dropped, "dropped");
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 stderr(line_count, "input lines");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 stderr("");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 end