From: Jeff Lucovsky <jlucovsky@oisf.net>
Date: Wed, 1 Mar 2023 14:16:36 +0000 (-0500)
Subject: tests: Create tests for master-6.0.x branch
X-Git-Tag: suricata-6.0.12~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef948f00cea33d4b96ccb3f2a22d1fc8a2554fa2;p=thirdparty%2Fsuricata-verify.git

tests: Create tests for master-6.0.x branch

This commit introduces master-6.0.x specific tests that cover areas
where functionality is improved or changing for later versions.
---

diff --git a/tests/bug-5198.v6/README.md b/tests/bug-5198.v6/README.md
new file mode 100644
index 000000000..80543044c
--- /dev/null
+++ b/tests/bug-5198.v6/README.md
@@ -0,0 +1,8 @@
+This test covers the conditions described in issue 5198. An ASAN-enabled build is required for verification as the problem does not present
+on a build without ASAN.
+
+The problem occurs when
+- Eve threaded logging is enabled
+- Suricata doesn't have permissions to create the eve output file
+
+An ASAN build is required to detect the condition (see the issue for the ASAN diagnostics)
diff --git a/tests/bug-5198.v6/input.pcap b/tests/bug-5198.v6/input.pcap
new file mode 100644
index 000000000..6cfd80f9b
Binary files /dev/null and b/tests/bug-5198.v6/input.pcap differ
diff --git a/tests/bug-5198.v6/test.yaml b/tests/bug-5198.v6/test.yaml
new file mode 100644
index 000000000..811d464f4
--- /dev/null
+++ b/tests/bug-5198.v6/test.yaml
@@ -0,0 +1,16 @@
+requires:
+  lt-version: 7
+  features:
+    - FIX_FOR_BUG_5836
+
+setup:
+  # Create a log directory without write permission
+  - script: |
+      rm -rf ./noperms
+      mkdir -p ./noperms
+      chmod 555 ./noperms
+
+args:
+    - --set outputs.1.eve-log.filename=noperms/eve.json --set outputs.1.eve-log.threaded=true
+
+exit-code: 0
diff --git a/tests/output-eve-anomaly-04.v6/input.pcap b/tests/output-eve-anomaly-04.v6/input.pcap
new file mode 100644
index 000000000..d50be3325
Binary files /dev/null and b/tests/output-eve-anomaly-04.v6/input.pcap differ
diff --git a/tests/output-eve-anomaly-04.v6/suricata.yaml b/tests/output-eve-anomaly-04.v6/suricata.yaml
new file mode 100644
index 000000000..44deda8ce
--- /dev/null
+++ b/tests/output-eve-anomaly-04.v6/suricata.yaml
@@ -0,0 +1,23 @@
+%YAML 1.1
+---
+
+outputs:
+  - eve-log:
+      enabled: yes
+      filename: eve.json
+      filetype: regular
+      types:
+        - anomaly:
+            types:
+                stream: yes
+                applayer: no
+
+  - eve-log:
+      enabled: yes
+      filename: eve2.json
+      filetype: regular
+      types:
+        - anomaly:
+            types:
+                stream: yes
+                applayer: no
diff --git a/tests/output-eve-anomaly-04.v6/test.yaml b/tests/output-eve-anomaly-04.v6/test.yaml
new file mode 100644
index 000000000..49122a136
--- /dev/null
+++ b/tests/output-eve-anomaly-04.v6/test.yaml
@@ -0,0 +1,12 @@
+requires:
+  lt-version: 7
+
+args:
+  - -k none
+
+checks:
+    - shell:
+        args: grep "only one 'anomaly' logger can be enabled" stderr | wc -l | xargs
+        expect: 1
+
+exit-code: 0