From: Victor Julien <victor@inliniac.net>
Date: Thu, 18 Jan 2018 08:50:36 +0000 (+0100)
Subject: tests/filestore: add test for meta file checks
X-Git-Tag: suricata-6.0.4~522
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dcd3c9da808a084410aac583e65527672c500ad5;p=thirdparty%2Fsuricata-verify.git

tests/filestore: add test for meta file checks
---

diff --git a/tests/filestore-v2.4-forced-with-meta/README.md b/tests/filestore-v2.4-forced-with-meta/README.md
new file mode 100644
index 000000000..245109e14
--- /dev/null
+++ b/tests/filestore-v2.4-forced-with-meta/README.md
@@ -0,0 +1 @@
+Test if meta file correctly states file has been stored.
diff --git a/tests/filestore-v2.4-forced-with-meta/suricata.yaml b/tests/filestore-v2.4-forced-with-meta/suricata.yaml
new file mode 100644
index 000000000..090d7c9fa
--- /dev/null
+++ b/tests/filestore-v2.4-forced-with-meta/suricata.yaml
@@ -0,0 +1,26 @@
+%YAML 1.1
+---
+
+include: ../../etc/suricata-4.0.3.yaml
+
+outputs:
+  - eve-log:
+      enabled: yes
+      types:
+        - files
+        - stats
+  - file-store:
+      version: 2
+      enabled: yes
+      force-filestore: yes
+      stream-depth: 0
+      write-fileinfo: true
+      
+app-layer:
+  protocols:
+    http:
+      enabled: yes
+      libhtp:
+        default-config:
+          personality: IDS
+          response-body-limit: 200kb
diff --git a/tests/filestore-v2.4-forced-with-meta/test.yaml b/tests/filestore-v2.4-forced-with-meta/test.yaml
new file mode 100644
index 000000000..b70648937
--- /dev/null
+++ b/tests/filestore-v2.4-forced-with-meta/test.yaml
@@ -0,0 +1,20 @@
+requires:
+  features:
+    - HAVE_NSS
+    - HAVE_LIBJANSSON
+  files:
+    - src/output-filestore.c
+
+pcap: ../filestore-v2.1-forced/suricata-update-pdf.pcap
+
+checks:
+
+  # Check how many lines were logged to fast.log.
+  - shell:
+      args: cat output/filestore/48/48d179a2f8d17331446c7a75a082851eee9ad841705ed5fbce730f51a0598d62.1515441287.1.json | jq -c 'select(.fileinfo.sha256=="48d179a2f8d17331446c7a75a082851eee9ad841705ed5fbce730f51a0598d62")' | wc -l | xargs
+      expect: 1
+
+  - shell:
+      args: cat output/filestore/48/48d179a2f8d17331446c7a75a082851eee9ad841705ed5fbce730f51a0598d62.1515441287.1.json | jq -c 'select(.fileinfo.stored==true)' | wc -l | xargs
+      expect: 1
+