gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add api maat_state_sort_rules to sort rule_uuid by order: 1.priority 2.condition_num 3.uuid

Browse Source
This commit is contained in:
liuchang
2024-11-26 06:33:14 +00:00
parent 57149b3060
commit 1c36e1cb21
8 changed files with 119 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
test/maat_framework_gtest.cpp
View File

@@ -950,9 +950,9 @@ TEST_P(StringScan, PrefixAndSuffix) {
EXPECT_EQ(n_hit_result, 2);
char uuid_str[UUID_STR_LEN] = {0};
uuid_unparse(results[0], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000151");
uuid_unparse(results[1], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000152");
uuid_unparse(results[1], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000151");
ret = maat_scan_not_logic(maat_inst, mail_addr_table_name, mail_addr_field_name, results, ARRAY_SIZE,
&n_hit_result, state);
@@ -5278,14 +5278,14 @@ TEST_F(Policy, EvaluationOrder) {
EXPECT_EQ(n_hit_result, 3);
char uuid_str[UUID_STR_LEN] = {0};
uuid_unparse(results[0], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000166");
uuid_unparse(results[1], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000168");
uuid_unparse(results[2], uuid_str);
uuid_unparse(results[1], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000167");
uuid_unparse(results[2], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000166");
struct maat_hit_path hit_path[128];
memset(hit_path, 0, sizeof(hit_path));
size_t n_hit_path = maat_state_get_hit_paths(state, hit_path, 128);
@@ -5369,6 +5369,23 @@ TEST_F(Policy, EvaluationOrder) {
&n_hit_result, state);
EXPECT_EQ(ret, MAAT_SCAN_OK);
uuid_parse("00000000-0000-0000-0000-000000000166", results[0]);
uuid_parse("00000000-0000-0000-0000-000000000168", results[1]);
uuid_parse("00000000-0000-0000-0000-000000000167", results[2]);
uuid_parse("00000000-0000-0000-0000-000000000165", results[3]);
uuid_t sorted_results[4];
ret = maat_state_sort_rules(maat_inst, "RULE_CONJUNCTION", results, sorted_results, 4);
EXPECT_EQ(ret, 4);
uuid_unparse(sorted_results[0], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000165");
uuid_unparse(sorted_results[1], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000168");
uuid_unparse(sorted_results[2], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000167");
uuid_unparse(sorted_results[3], uuid_str);
EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000166");
maat_state_free(state);
}

8
test/maat_json.json
View File

@@ -1970,7 +1970,7 @@
"do_log": 1,
"action_parameter": "EvaluationOrder",
"is_valid": "yes",
"evaluation_order": "2.111",
"priority": 1,
"and_conditions": [
{
"field_name": "HTTP_URL",
@@ -2020,7 +2020,7 @@
"do_log": 1,
"action_parameter": "EvaluationOrder",
"is_valid": "yes",
"evaluation_order": "100.233",
"priority": 2,
"and_conditions": [
{
"field_name": "HTTP_URL",
@@ -2051,7 +2051,7 @@
"do_log": 1,
"action_parameter": "EvaluationOrder",
"is_valid": "yes",
"evaluation_order": "300.999",
"priority": 2,
"and_conditions": [
{
"field_name": "HTTP_URL",
@@ -2077,7 +2077,7 @@
"do_log": 1,
"action_parameter": "EvaluationOrder",
"is_valid": "yes",
"evaluation_order": "0",
"priority": 2,
"and_conditions": [
{
"field_name": "HTTP_URL",

2
test/test_utils.cpp
View File

@@ -177,6 +177,8 @@ int rule_table_set_line(struct maat *maat_inst, const char *table_name,
cJSON_AddStringToObject(json_root, "action_parameter", action_para_str);
}
cJSON_AddNumberToObject(json_root, "priority", 1000);//TODO: support config priority
char *json_str = cJSON_PrintUnformatted(json_root);
struct maat_cmd_line line_rule;