Gitiles
Code Review Sign In
gerrit.openbmc.org / stefanberger / openbmc / 9a53395458785b43f205c5aa4a2730fa3d4057a3^! / . / meta-security / lib
commit9a53395458785b43f205c5aa4a2730fa3d4057a3[log] [tgz]
authorBrad Bishop <bradleyb@fuzziesquirrel.com>Thu Dec 19 16:39:26 2019 -0500
committerBrad Bishop <bradleyb@fuzziesquirrel.com>Thu Dec 19 16:39:27 2019 -0500
treea9ad3ec666d03f483dc00b046c2538479f8f69b0
parent3e1101ba9bfca4735cc4a0f8e4c28ad56b3acf9e [diff]
meta-security: subtree update:2df7dd9fba..3001c3ebfc

Armin Kuster (6):
      meta-security: add layer index callouts
      meta-security-compliance/conf/layer.conf: fix typo
      python3-suricata-update: update to 1.1.1
      libhtp: bugfix only update 0.5.32
      lib/oeqa/runtime: suricata add tests
      suricata: update to 4.1.6

Philip Tricca (1):
      tpm2-abrmd: Port command line options to new version.

Trevor Woerner (1):
      tpm2-abrmd-init.sh: fix for /dev/tpmrmX

Yi Zhao (1):
      libseccomp: upgrade 2.4.1 -> 2.4.2

Change-Id: Ic00ca8ac8ff5d3fbe0b79aa4a42243b197080f14
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

diff --git a/meta-security/lib/oeqa/runtime/cases/suricata.py b/meta-security/lib/oeqa/runtime/cases/suricata.py
index 17fc8c5..7f052ec 100644
--- a/meta-security/lib/oeqa/runtime/cases/suricata.py
+++ b/meta-security/lib/oeqa/runtime/cases/suricata.py

@@ -1,6 +1,7 @@
 # Copyright (C) 2019 Armin Kuster <akuster808@gmail.com>
 #
 import re
+from tempfile import mkstemp
 
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
@@ -9,6 +10,22 @@
 
 class SuricataTest(OERuntimeTestCase):
 
+    @classmethod
+    def setUpClass(cls):
+        cls.tmp_fd, cls.tmp_path = mkstemp()
+        with os.fdopen(cls.tmp_fd, 'w') as f:
+            # use google public dns
+            f.write("nameserver 8.8.8.8")
+            f.write(os.linesep)
+            f.write("nameserver 8.8.4.4")
+            f.write(os.linesep)
+            f.write("nameserver 127.0.0.1")
+            f.write(os.linesep)
+
+    @classmethod
+    def tearDownClass(cls):
+        os.remove(cls.tmp_path)
+
     @OEHasPackage(['suricata'])
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     def test_suricata_help(self):
@@ -18,10 +35,42 @@
         self.assertEqual(status, 1, msg = msg)
 
     @OETestDepends(['suricata.SuricataTest.test_suricata_help'])
-    def test_suricata_unittest(self):
-        status, output = self.target.run('suricata -u')
-        match = re.search('FAILED: 0 ', output)
-        if not match:
-            msg = ('suricata unittest had an unexpected failure. '
-               'Status and output:%s and %s' % (status, output))
-            self.assertEqual(status, 0, msg = msg)
+    def test_ping_openinfosecfoundation_org(self):
+        dst = '/etc/resolv.conf'
+        self.tc.target.run('rm -f %s' % dst)
+        (status, output) = self.tc.target.copyTo(self.tmp_path, dst)
+        msg = 'File could not be copied. Output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+        status, output = self.target.run('ping -c 1 openinfosecfoundation.org')
+        msg = ('ping openinfosecfoundation.org failed: output is:\n%s' % output)
+        self.assertEqual(status, 0, msg = msg)
+
+    @OEHasPackage(['python3-suricata-update'])
+    @OETestDepends(['suricata.SuricataTest.test_ping_openinfosecfoundation_org'])
+    def test_suricata_update(self):
+        status, output = self.tc.target.run('suricata-update')
+        msg = ('suricata-update had an unexpected failure. '
+           'Status and output:%s and %s' % (status, output))
+        self.assertEqual(status, 0, msg = msg)
+
+    @OETestDepends(['suricata.SuricataTest.test_suricata_update'])
+    def test_suricata_update_sources_list(self):
+        status, output = self.tc.target.run('suricata-update list-sources')
+        msg = ('suricata-update list-sources had an unexpected failure. '
+           'Status and output:%s and %s' % (status, output))
+        self.assertEqual(status, 0, msg = msg)
+
+    @OETestDepends(['suricata.SuricataTest.test_suricata_update_sources_list'])
+    def test_suricata_update_sources(self):
+        status, output = self.tc.target.run('suricata-update update-sources')
+        msg = ('suricata-update update-sources had an unexpected failure. '
+           'Status and output:%s and %s' % (status, output))
+        self.assertEqual(status, 0, msg = msg)
+
+    @OETestDepends(['suricata.SuricataTest.test_suricata_update_sources'])
+    def test_suricata_update_enable_source(self):
+        status, output = self.tc.target.run('suricata-update enable-source oisf/trafficid')
+        msg = ('suricata-update enable-source oisf/trafficid  had an unexpected failure. '
+           'Status and output:%s and %s' % (status, output))
+        self.assertEqual(status, 0, msg = msg)