From: Philippe Antoine Date: Sat, 4 May 2024 19:37:20 +0000 (+0200) Subject: snmp: remove community keyword unit test X-Git-Tag: suricata-8.0.0-beta1~1343 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ce4119ae3dba89e8ad1cfe59a7239e54ed23584c;p=thirdparty%2Fsuricata.git snmp: remove community keyword unit test Ticket: 3725 This test was moved to suricata-verify snmp-community --- diff --git a/src/Makefile.am b/src/Makefile.am index d2fd1e29ea..ee334a4063 100755 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1252,7 +1252,6 @@ EXTRA_DIST = \ tests/detect-http-stat-msg.c \ tests/detect-http-uri.c \ tests/detect-http-user-agent.c \ - tests/detect-snmp-community.c \ tests/detect-ssl-state.c \ tests/detect-ssl-version.c \ tests/detect-template-buffer.c \ diff --git a/src/detect-snmp-community.c b/src/detect-snmp-community.c index f1dd740e3d..76c4bddd0a 100644 --- a/src/detect-snmp-community.c +++ b/src/detect-snmp-community.c @@ -39,12 +39,8 @@ static int DetectSNMPCommunitySetup(DetectEngineCtx *, Signature *, const char *); static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, - const DetectEngineTransforms *transforms, - Flow *f, const uint8_t flow_flags, - void *txv, const int list_id); -#ifdef UNITTESTS -static void DetectSNMPCommunityRegisterTests(void); -#endif + const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, + const int list_id); static int g_snmp_rust_id = 0; void DetectSNMPCommunityRegister(void) @@ -52,13 +48,8 @@ void DetectSNMPCommunityRegister(void) sigmatch_table[DETECT_AL_SNMP_COMMUNITY].name = "snmp.community"; sigmatch_table[DETECT_AL_SNMP_COMMUNITY].desc = "SNMP content modifier to match on the SNMP community"; - sigmatch_table[DETECT_AL_SNMP_COMMUNITY].Setup = - DetectSNMPCommunitySetup; -#ifdef UNITTESTS - sigmatch_table[DETECT_AL_SNMP_COMMUNITY].RegisterTests = DetectSNMPCommunityRegisterTests; -#endif + sigmatch_table[DETECT_AL_SNMP_COMMUNITY].Setup = DetectSNMPCommunitySetup; sigmatch_table[DETECT_AL_SNMP_COMMUNITY].url = "/rules/snmp-keywords.html#snmp-community"; - sigmatch_table[DETECT_AL_SNMP_COMMUNITY].flags |= SIGMATCH_NOOPT|SIGMATCH_INFO_STICKY_BUFFER; /* register inspect engines */ @@ -108,7 +99,3 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, return buffer; } - -#ifdef UNITTESTS -#include "tests/detect-snmp-community.c" -#endif /* UNITTESTS */ diff --git a/src/tests/detect-snmp-community.c b/src/tests/detect-snmp-community.c deleted file mode 100644 index 1eda88385c..0000000000 --- a/src/tests/detect-snmp-community.c +++ /dev/null @@ -1,113 +0,0 @@ -/* Copyright (C) 2019 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -#include "util-unittest.h" -#include "util-unittest-helper.h" -#include "app-layer-parser.h" -#include "detect-engine.h" -#include "detect-parse.h" -#include "flow-util.h" -#include "stream-tcp.h" -#include "detect-engine-build.h" -#include "detect-engine-alert.h" - -static int DetectSNMPCommunityTest(void) -{ - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - DetectEngineThreadCtx *det_ctx = NULL; - DetectEngineCtx *de_ctx = NULL; - Flow f; - Packet *p; - TcpSession tcp; - ThreadVars tv; - Signature *s; - - uint8_t request[] = { - 0x30, 0x27, 0x02, 0x01, 0x01, 0x04, 0x0b, 0x5b, - 0x52, 0x30, 0x5f, 0x43, 0x40, 0x63, 0x74, 0x69, - 0x21, 0x5d, 0xa1, 0x15, 0x02, 0x04, 0x2b, 0x13, - 0x3f, 0x85, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00, - 0x30, 0x07, 0x30, 0x05, 0x06, 0x01, 0x01, 0x05, - 0x00 - }; - - /* Setup flow. */ - memset(&f, 0, sizeof(Flow)); - memset(&tcp, 0, sizeof(TcpSession)); - memset(&tv, 0, sizeof(ThreadVars)); - p = UTHBuildPacket(request, sizeof(request), IPPROTO_UDP); - FLOW_INITIALIZE(&f); - f.alproto = ALPROTO_SNMP; - f.protoctx = (void *)&tcp; - f.proto = IPPROTO_UDP; - f.protomap = FlowGetProtoMapping(f.proto); - f.flags |= FLOW_IPV4; - p->flow = &f; - p->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER | FLOW_PKT_ESTABLISHED; - StreamTcpInitConfig(true); - - de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - /* This rule should match. */ - s = DetectEngineAppendSig(de_ctx, - "alert snmp any any -> any any (" - "msg:\"SNMP Test Rule\"; " - "snmp.community; content:\"[R0_C@cti!]\"; " - "sid:1; rev:1;)"); - FAIL_IF_NULL(s); - - /* This rule should not match. */ - s = DetectEngineAppendSig(de_ctx, - "alert snmp any any -> any any (" - "msg:\"SNMP Test Rule\"; " - "snmp.community; content:\"private\"; " - "sid:2; rev:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_SNMP, - STREAM_TOSERVER, request, sizeof(request)); - FAIL_IF(r != 0); - - /* Check that we have app-layer state. */ - FAIL_IF_NULL(f.alstate); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - FAIL_IF(!PacketAlertCheck(p, 1)); - FAIL_IF(PacketAlertCheck(p, 2)); - - /* Cleanup. */ - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - SigGroupCleanup(de_ctx); - DetectEngineCtxFree(de_ctx); - StreamTcpFreeConfig(true); - FLOW_DESTROY(&f); - UTHFreePacket(p); - - PASS; -} - -static void DetectSNMPCommunityRegisterTests(void) -{ - UtRegisterTest("DetectSNMPCommunityTest", - DetectSNMPCommunityTest); -}