2 # -*- coding: utf-8 -*-
4 # By Gerald Combs <gerald@wireshark.org>
6 # Ported from a set of Bash scripts which were copyright 2005 Ulf Lamping
8 # SPDX-License-Identifier: GPL-2.0-or-later
10 '''Wireshark Lua scripting tests'''
19 dhcp_pcap = 'dhcp.pcap'
20 dns_port_pcap = 'dns_port.pcap'
21 empty_pcap = 'empty.pcap'
22 segmented_fpm_pcap = 'segmented_fpm.pcap'
23 sip_pcapng = 'sip.pcapng'
24 sipmsg_log = 'sipmsg.log'
25 wpa_induction_pcap_gz = 'wpa-Induction.pcap.gz'
27 def check_lua_script(self, lua_script, cap_file, check_passed, *args):
28 if not config.have_lua:
29 self.skipTest('Test requires Lua scripting support.')
30 tshark_cmd = [config.cmd_tshark,
31 '-r', os.path.join(config.capture_dir, cap_file),
32 '-X', 'lua_script:' + os.path.join(config.lua_dir, lua_script)
35 tshark_proc = self.assertRun(tshark_cmd)
38 self.assertTrue(self.grepOutput(r'All tests passed!'))
42 def check_lua_script_verify(self, lua_script, cap_file, check_stage_1=False, heur_regmode=None):
43 # First run tshark with the dissector script.
44 if heur_regmode is None:
45 tshark_proc = check_lua_script(self, lua_script, dns_port_pcap, check_stage_1,
49 tshark_proc = check_lua_script(self, lua_script, dns_port_pcap, check_stage_1,
51 '-X', 'lua_script1:heur_regmode={}'.format(heur_regmode)
54 # then dump tshark's output to a verification file.
55 verify_file = self.filename_from_id('testin.txt')
56 with io.open(verify_file, 'w', newline='\n') as testin_fd:
57 testin_fd.write(tshark_proc.stdout_str)
60 # finally run tshark again with the verification script and the verification file.
61 if heur_regmode is None:
62 check_lua_script(self, 'verify_dissector.lua', empty_pcap, True,
63 '-X', 'lua_script1:verify_file=' + verify_file,
66 check_lua_script(self, 'verify_dissector.lua', empty_pcap, True,
67 '-X', 'lua_script1:verify_file=' + verify_file,
68 '-X', 'lua_script1:no_heur',
71 class case_wslua(subprocesstest.SubprocessTestCase):
72 def test_wslua_dir(self):
73 '''wslua directory functions'''
74 check_lua_script(self, 'dir.lua', empty_pcap, True)
76 # Mode_1, mode_2, and mode_3, and fpm were all under wslua_step_dissector_test
77 # in the Bash version.
78 def test_wslua_dissector_mode_1(self):
79 '''wslua dissector functions, mode 1'''
80 check_lua_script_verify(self, 'dissector.lua', dns_port_pcap)
82 def test_wslua_dissector_mode_2(self):
83 '''wslua dissector functions, mode 2'''
84 check_lua_script_verify(self, 'dissector.lua', dns_port_pcap, heur_regmode=2)
86 def test_wslua_dissector_mode_3(self):
87 '''wslua dissector functions, mode 3'''
88 check_lua_script_verify(self, 'dissector.lua', dns_port_pcap, heur_regmode=3)
90 def test_wslua_dissector_fpm(self):
91 '''wslua dissector functions, fpm'''
92 tshark_fpm_tcp_proc = check_lua_script(self, 'dissectFPM.lua', segmented_fpm_pcap, False,
99 '-o', 'fpm.dissect_tcp:true'
102 tshark_fpm_no_tcp_proc = check_lua_script(self, 'dissectFPM.lua', segmented_fpm_pcap, False,
104 '-e', 'frame.number',
109 '-o', 'fpm.dissect_tcp:false'
112 self.diffOutput(tshark_fpm_tcp_proc.stdout_str,
113 tshark_fpm_no_tcp_proc.stdout_str,
114 'fpm.dissect_tcp:true',
115 'fpm.dissect_tcp:false',
118 def test_wslua_field(self):
120 check_lua_script(self, 'field.lua', dhcp_pcap, True)
122 # reader, writer, and acme_reader were all under wslua_step_file_test
123 # in the Bash version.
124 def test_wslua_file_reader(self):
125 '''wslua file reader'''
126 cap_file_1 = os.path.join(config.capture_dir, dhcp_pcap)
127 cap_file_2 = os.path.join(config.capture_dir, wpa_induction_pcap_gz)
129 # First run tshark with the pcap_file_reader script.
130 lua_proc_1 = check_lua_script(self, 'pcap_file.lua', cap_file_1, False)
131 lua_proc_2 = check_lua_script(self, 'pcap_file.lua', cap_file_2, False)
132 lua_out = lua_proc_1.stdout_str + lua_proc_2.stdout_str
134 # then run tshark again without the script
135 tshark_proc_1 = self.assertRun((config.cmd_tshark, '-r', cap_file_1))
136 tshark_proc_2 = self.assertRun((config.cmd_tshark, '-r', cap_file_2))
137 tshark_out = tshark_proc_1.stdout_str + tshark_proc_2.stdout_str
139 self.diffOutput(lua_out, tshark_out, 'tshark + lua script', 'tshark only')
141 def test_wslua_file_writer(self):
142 '''wslua file writer'''
143 cap_file_1 = os.path.join(config.capture_dir, dhcp_pcap)
144 cap_file_2 = self.filename_from_id('lua_writer.pcap')
146 # Generate a new capture file using the Lua writer.
147 check_lua_script(self, 'pcap_file.lua', cap_file_1, False,
151 self.assertTrue(filecmp.cmp(cap_file_1, cap_file_2), cap_file_1 + ' differs from ' + cap_file_2)
153 def test_wslua_file_acme_reader(self):
154 '''wslua acme file reader'''
156 cap_file = self.filename_from_id('lua_acme_reader.pcap')
157 # Read an acme sipmsg.log using the acme Lua reader, writing it out as pcapng.
158 check_lua_script(self, 'acme_file.lua', sipmsg_log, False,
163 # Read lua_acme_reader.pcap and sip.pcapng and compare their verbose outputs.
164 tshark_proc_1 = self.assertRun((config.cmd_tshark,
168 tshark_proc_2 = self.assertRun((config.cmd_tshark,
169 '-r', os.path.join(config.capture_dir, sip_pcapng),
172 self.diffOutput(tshark_proc_1.stdout_str, tshark_proc_2.stdout_str, 'sipmsg.log', 'sip.pcapng')
174 def test_wslua_listener(self):
176 check_lua_script(self, 'listener.lua', dhcp_pcap, True)
178 def test_wslua_nstime(self):
180 check_lua_script(self, 'nstime.lua', dhcp_pcap, True)
182 def test_wslua_pinfo(self):
184 check_lua_script(self, 'pinfo.lua', dhcp_pcap, True)
186 def test_wslua_proto(self):
188 check_lua_script_verify(self, 'proto.lua', dns_port_pcap, check_stage_1=True)
190 def test_wslua_protofield_tree(self):
191 '''wslua protofield with a tree'''
192 check_lua_script(self, 'protofield.lua', dns_port_pcap, True,
194 '-Y', 'test.filtered==1',
197 def test_wslua_protofield_no_tree(self):
198 '''wslua protofield without a tree'''
199 check_lua_script(self, 'protofield.lua', dns_port_pcap, True,
200 '-Y', 'test.filtered==1',
203 def test_wslua_int64(self):
205 check_lua_script(self, 'int64.lua', empty_pcap, True)
207 def test_wslua_args_1(self):
209 check_lua_script(self, 'script_args.lua', empty_pcap, True,
210 '-X', 'lua_script1:1',
213 def test_wslua_args_2(self):
215 check_lua_script(self, 'script_args.lua', empty_pcap, True,
216 '-X', 'lua_script1:3',
217 '-X', 'lua_script1:foo',
218 '-X', 'lua_script1:bar',
221 def test_wslua_args_3(self):
223 check_lua_script(self, 'script_args.lua', empty_pcap, True,
224 '-X', 'lua_script:' + os.path.join(config.lua_dir, 'script_args.lua'),
225 '-X', 'lua_script1:3',
226 '-X', 'lua_script2:1',
227 '-X', 'lua_script1:foo',
228 '-X', 'lua_script1:bar',
231 def test_wslua_args_4(self):
233 check_lua_script(self, 'script_args.lua', empty_pcap, False)
234 self.assertFalse(self.grepOutput(r'All tests passed!'))
236 def test_wslua_args_5(self):
238 check_lua_script(self, 'script_args.lua', empty_pcap, False,
239 '-X', 'lua_script1:3',
241 self.assertFalse(self.grepOutput(r'All tests passed!'))
243 def test_wslua_globals(self):
245 check_lua_script(self, 'verify_globals.lua', empty_pcap, True,
246 '-X', 'lua_script1:' + os.path.join(config.lua_dir, ''),
247 '-X', 'lua_script1:' + os.path.join(config.lua_dir, 'globals_2.2.txt'),
250 @unittest.skip('GRegex tests are broken since PCRE 8.34, see bug 12997.')
251 def test_wslua_gregex(self):
253 check_lua_script(self, 'gregex.lua', empty_pcap, True,
254 '-X', 'lua_script1:' + os.path.join(config.lua_dir, ''),
255 '-X', 'lua_script1:glib',
256 '-X', 'lua_script1:-V',
259 def test_wslua_struct(self):
261 check_lua_script(self, 'struct.lua', empty_pcap, True)
263 def test_wslua_tvb_tree(self):
264 '''wslua tvb with a tree'''
265 check_lua_script(self, 'tvb.lua', dns_port_pcap, True, '-V')
267 def test_wslua_tvb_no_tree(self):
268 '''wslua tvb without a tree'''
269 check_lua_script(self, 'tvb.lua', dns_port_pcap, True)