diff --git a/docker/docker_entry.sh b/docker/docker_entry.sh index 6a99e70..ca5b540 100644 --- a/docker/docker_entry.sh +++ b/docker/docker_entry.sh @@ -5,7 +5,7 @@ destaddr="127.0.0.1" ruledir=/CRS/tests cmd_args="--ruledir_recurse " -while getopts "Dd:f:F" opt; do +while getopts "Dd:f:FP:p:" opt; do case $opt in F) cmd_args="$cmd_args --destaddr_as_host " @@ -15,8 +15,8 @@ while getopts "Dd:f:F" opt; do ruledir=$OPTARG else T=`mktemp -d -t rules.XXXXXX` - while IFS= read LINE; do - echo "$LINE" >> $T/rules.yaml + while IFS= read -r LINE; do + echo -E "$LINE" >> $T/rules.yaml done ruledir=$T fi @@ -29,6 +29,14 @@ while getopts "Dd:f:F" opt; do destaddr=$OPTARG cmd_args="$cmd_args --destaddr $destaddr " ;; + p) + port=$OPTARG + cmd_args="$cmd_args --port $port" + ;; + P) + proto=$OPTARG + cmd_args="$cmd_args --protocol $proto" + ;; esac done diff --git a/docs/Docker.md b/docs/Docker.md index eec3045..5aaf52a 100644 --- a/docs/Docker.md +++ b/docs/Docker.md @@ -28,3 +28,11 @@ If you are testing through the CDN, you can use `-F` to use the target specifica ``` % docker run -i ftw-test -F -d -f - < mytest.yaml ``` + +## Connecting using TLS + +If you want to connect using TLS, you need to change the port and protocol: + +``` + % docker run -i ftw-test -P https -p 443 -F -d -f - < mytest.yaml +``` diff --git a/ftw/http.py b/ftw/http.py index 34aa7f2..07c481f 100644 --- a/ftw/http.py +++ b/ftw/http.py @@ -46,7 +46,15 @@ def parse_content_encoding(self, response_headers, response_data): if response_headers['content-encoding'] == 'gzip': buf = StringIO.StringIO(response_data) zipbuf = gzip.GzipFile(fileobj=buf) - response_data = zipbuf.read() + try: + response_data = zipbuf.read() + except IOError: + raise errors.TestError( + 'Content encoding gzip but no compressed data', + { + 'response_data': str(response_data), + 'function': 'http.HttpResponse.parse_content_encoding' + }) elif response_headers['content-encoding'] == 'deflate': data = StringIO.StringIO(zlib.decompress(response_data)) response_data = data.read() diff --git a/ftw/testrunner.py b/ftw/testrunner.py index 0ddf4bf..87fc7e1 100644 --- a/ftw/testrunner.py +++ b/ftw/testrunner.py @@ -122,7 +122,7 @@ def run_stage_with_journal(self, rule_id, test, journal_file, tablename, logger_ if stage.output.status: self.test_status(stage.output.status, status) - def run_test_build_journal(self, rule_id, test, journal_file, tablename, destaddr, callback, headers = {}): + def run_test_build_journal(self, rule_id, test, journal_file, tablename, destaddr, callback, proto, port, headers = {}): """ Build journal entries from a test within a specified rule_id Pass in the rule_id, test object, and path to journal_file @@ -139,6 +139,10 @@ def run_test_build_journal(self, rule_id, test, journal_file, tablename, destadd callback(test, rule_id) if destaddr is not None: stage.input.dest_addr = destaddr + if proto: + stage.input.protocol = proto + if port != 0: + stage.input.port = port ''' Merge in/override the headers that were passed in by the caller. diff --git a/test/integration/HTMLCONTAINSFIXTURE.yaml b/test/integration/HTMLCONTAINSFIXTURE.yaml index f60c510..6a8dac5 100644 --- a/test/integration/HTMLCONTAINSFIXTURE.yaml +++ b/test/integration/HTMLCONTAINSFIXTURE.yaml @@ -21,7 +21,7 @@ uri: "/" output: status: 200 - response_contains: "established to be used for" + response_contains: "for use in illustrative examples in documents" - test_title: "response_contains(2)" stages: diff --git a/test/integration/test_htmlcontains.py b/test/integration/test_htmlcontains.py index 1b2b1e8..bca021b 100644 --- a/test/integration/test_htmlcontains.py +++ b/test/integration/test_htmlcontains.py @@ -32,7 +32,7 @@ def test_search3(): x = ruleset.Input(dest_addr="example.com",headers={"Host":"example.com"}) http_ua = http.HttpUA() http_ua.send_request(x) - runner.test_response(http_ua.response_object,re.compile('established to be used for')) + runner.test_response(http_ua.response_object,re.compile('for use in illustrative examples in documents')) # Should return a success because we found our regex def test_search4(): diff --git a/tools/build_journal.py b/tools/build_journal.py index ad6cc39..4e19f5a 100644 --- a/tools/build_journal.py +++ b/tools/build_journal.py @@ -4,13 +4,13 @@ def diag_print(test, rule_id): print 'Running test %s from rule file %s' % (test.test_title, rule_id) -def build_journal(journal_file, ruledir, ruledir_recurse, tablename, destaddr, headers): +def build_journal(journal_file, ruledir, ruledir_recurse, tablename, destaddr, headers, protocol, port): util.instantiate_database(journal_file) rulesets = util.get_rulesets(ruledir, ruledir_recurse) for rule in rulesets: for test in rule.tests: runner = testrunner.TestRunner() - runner.run_test_build_journal(test.ruleset_meta['name'], test, journal_file, tablename, destaddr, diag_print, headers) + runner.run_test_build_journal(test.ruleset_meta['name'], test, journal_file, tablename, destaddr, diag_print, protocol, port, headers) def main(): parser = argparse.ArgumentParser(description='Build FTW Journal database') @@ -26,6 +26,10 @@ def main(): help='Destination host for the payloads') parser.add_argument('--destaddr_as_host', action='store_true', help='Use destination address as the Host header') + parser.add_argument('--protocol', default=None, + help='Specify protocol: http or https (default http)') + parser.add_argument('--port', default=None, + help='Specify port number (default 80)') args = parser.parse_args() destaddr = args.destaddr journal_file = args.journal @@ -33,9 +37,13 @@ def main(): ruledir_recurse = args.ruledir_recurse tablename = args.tablename headers = {} + protocol = args.protocol + port = 0 + if args.port: + port = int(args.port) if args.destaddr_as_host: headers['Host'] = destaddr = args.destaddr - build_journal(journal_file, ruledir, ruledir_recurse, tablename, destaddr, headers) + build_journal(journal_file, ruledir, ruledir_recurse, tablename, destaddr, headers, protocol, port) if __name__ == '__main__': main()