Annotate

mod_firewall/test.lib.lua @ 3772:22f02716819f

mod_s2s_keepalive: Isolate source host of pings The incoming_s2s table is not restricted to the current virtualhost so this prevents opening more connections than what's needed. Also prevents useless double sending of one whitespace per local host.
author Kim Alvefur <zash@zash.se>
date Mon, 23 Dec 2019 01:18:02 +0100
parent 3761:0ae28bf0c546
child 4015:001c756ead7d
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2804
b50f7b9fdbbb mod_firewall/test: Declare globals from mod_firewall that are used [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2585
diff changeset
1 -- luacheck: globals load_unload_scripts
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local set = require "util.set";
2852
668447566edf mod_firewall/test: Import the ltn12 library correctly
Kim Alvefur <zash@zash.se>
parents: 2808
diff changeset
3 local ltn12 = require "ltn12";
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local xmppstream = require "util.xmppstream";
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local function stderr(...)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 io.stderr:write("** ", table.concat({...}, "\t", 1, select("#", ...)), "\n");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 return function (arg)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 require "net.http".request = function (url, ex, cb)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 stderr("Making HTTP request to "..url);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local body_table = {};
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 local ok, response_status, response_headers = require "ssl.https".request({
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 url = url;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 headers = ex.headers;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 method = ex.body and "POST" or "GET";
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 sink = ltn12.sink.table(body_table);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 source = ex.body and ltn12.source.string(ex.body) or nil;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 });
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 stderr("HTTP response "..response_status);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 cb(table.concat(body_table), response_status, { headers = response_headers });
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 return true;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 end;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 local stats_dropped, stats_passed = 0, 0;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 load_unload_scripts(set.new(arg));
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 local stream_callbacks = { default_ns = "jabber:client" };
2807
2c3334131a7d mod_firewall/test: Trim trailing whitespace [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2806
diff changeset
31
2806
93a4b13ca9f6 mod_firewall/test: Use session passed as argument instead of upvalue
Kim Alvefur <zash@zash.se>
parents: 2805
diff changeset
32 function stream_callbacks.streamopened(session)
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 session.notopen = nil;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 function stream_callbacks.streamclosed()
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 end
2808
2cc02ee82e8c mod_firewall/test: Move session variable to avoid warning about it being shadowed [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2807
diff changeset
37 function stream_callbacks.error(session, error_name, error_message) -- luacheck: ignore 212/session
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 stderr("Fatal error parsing XML stream: "..error_name..": "..tostring(error_message))
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 assert(false);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 function stream_callbacks.handlestanza(session, stanza)
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 if not module:fire_event("firewall/chains/deliver", { origin = session, stanza = stanza }) then
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 stats_passed = stats_passed + 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 print(stanza);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 print("");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 else
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 stats_dropped = stats_dropped + 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 end
2807
2c3334131a7d mod_firewall/test: Trim trailing whitespace [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2806
diff changeset
50
2808
2cc02ee82e8c mod_firewall/test: Move session variable to avoid warning about it being shadowed [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2807
diff changeset
51 local session = { notopen = true };
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 local stream = xmppstream.new(session, stream_callbacks);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 stream:feed("<stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'>");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 local line_count = 0;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 for line in io.lines() do
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 line_count = line_count + 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 local ok, err = stream:feed(line.."\n");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 if not ok then
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 stderr("Fatal XML parse error on line "..line_count..": "..err);
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 return 1;
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 end
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 end
2807
2c3334131a7d mod_firewall/test: Trim trailing whitespace [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2806
diff changeset
63
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 stderr("Summary");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 stderr("-------");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 stderr("");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 stderr(stats_dropped + stats_passed, "processed");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 stderr(stats_passed, "passed");
3761
0ae28bf0c546 mod_firewall: Fix typo [codespell]
Kim Alvefur <zash@zash.se>
parents: 2852
diff changeset
69 stderr(stats_dropped, "dropped");
2585
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 stderr(line_count, "input lines");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 stderr("");
02c6ae745c4f mod_firewall: Add 'test' subcommand to read stanzas from stdin and test them against rules
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 end