fix: mod_security2's regression tests fix

[airween]

what

This PR is a set of commits, where I fixed Apache2 mod_security2's regression tests.

We definitely should integrate this regression test framework to mod_security2's CI pipeline.

why

Unfortunately the tests were abandoned, last commits were 12 years ago. Most tests checks log line messages and status codes, and I assume many messages have changed. Also, it seems like the test script (tests/run-regression-tests.pl) itself was not finished, I had to add a few modifications for a working state.

Commits' details:

• 158084c:
  • perl functionrel2abs() wasn't referenced as it's expected;
  • -S arguments wasn't handled
  • DIST_ROOT was set to parent directory of the whole project
• 36876ff:
  • had to add modsecurity.conf-minimal - that's almost the same as -recommended, but I removed audit.log settings; that's the script's task
  • also had to add necessary unicode.mapping file
  • set up the correct (and now existing) modsecurity.conf file
• 575314f:
  • introduced a new environment variable: RUNASUSER; this can be different on different systems (Linux, Windows)
  • ip.pag file stores the IP collections data, but that has changed too: the new format is $USERNAME-ip.pag, eg. www-data.ip.pag, but if we run local, then the user it's me
• 10659ad:
  • fixed request directives test: had to change the message and response code
• 33791eb:
  • fixed multipart tests: had to change the messages and response codes
• bc01714:
  • StatusEngine does not work anymore, I didn't want to remove that completely, just suspended (commented out)
• 1362a30:
  • SecRemoteRules needs to maintain a remote infrastructure, and as we agreed this feature will be phased out; same as the previous case, I just suspended
• 780304c, 63af830:
  • these tests also needs remote infrastructure, I temporary suspended them
• c7cacf8:
  • fixed XML tests: had to change the messages and response codes
• b6d14b7:
  • added necessary arguments to Makefile.am; Now after the build it's enough to run the command: make test-regression, and all the tests will run. If all tests are success, then make returns 0, otherwise it shows the problems.

How does it work?

If you build the module, you can run the test on two ways:

• make test-regression in source root directory
• cd tests; ./run-regression-tests.pl -v -S ., where
  • -v is the verbose flag
  • -S is the server's root path directory; without this the script does not work out of box, but you can set different path - if you know what are you doing

You can run a single test file or just a single test case from a file, eg:

./run-regression-tests.pl -v -S . regression/rule/10-xml.t

or

./run-regression-tests.pl -v -S . regression/rule/10-xml.t 4

where the last 4 means you want to run the 4th test only.

For help, run:

./run-regression-tests.pl -h

Indeed, I'm going to add these information to README.

[fzipi]

Let's go!

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud