From: Jason Ish Date: Tue, 12 Dec 2017 20:38:11 +0000 (-0600) Subject: when testing suricata, use provided suricata-conf X-Git-Tag: 1.0.0b1~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=159c3850ea1d252e87e350a8f6804fa41eb442ec;p=thirdparty%2Fsuricata-update.git when testing suricata, use provided suricata-conf Previously no suricata.yaml was specified for the test, so the default was picked up. --- diff --git a/suricata/update/engine.py b/suricata/update/engine.py index 82c0474..5388045 100644 --- a/suricata/update/engine.py +++ b/suricata/update/engine.py @@ -121,13 +121,15 @@ def get_version(path=None): return parse_version(output) return None -def test_configuration(path, rule_filename=None): +def test_configuration(suricata_path, suricata_conf=None, rule_filename=None): """Test the Suricata configuration with -T.""" test_command = [ - path, + suricata_path, "-T", "-l", "/tmp", ] + if suricata_conf: + test_command += ["-c", suricata_conf] if rule_filename: test_command += ["-S", rule_filename] @@ -139,6 +141,7 @@ def test_configuration(path, rule_filename=None): "ASAN_OPTIONS": "detect_leaks=0", } + logger.debug("Running %s; env=%s", " ".join(test_command), str(env)) rc = subprocess.Popen(test_command, env=env).wait() if rc == 0: return True diff --git a/suricata/update/main.py b/suricata/update/main.py index 0070d77..bddd152 100644 --- a/suricata/update/main.py +++ b/suricata/update/main.py @@ -804,14 +804,16 @@ def test_suricata(suricata_path): return False else: logger.info("Testing with suricata -T.") + suricata_conf = config.get("suricata-conf") if not config.get("no-merge"): if not suricata.update.engine.test_configuration( - suricata_path, os.path.join( + suricata_path, suricata_conf, + os.path.join( config.get_output_dir(), DEFAULT_OUTPUT_RULE_FILENAME)): return False else: if not suricata.update.engine.test_configuration( - suricata_path): + suricata_path, suricata_conf): return False return True