spam/SpamPickupTest.php

   1 <?php
   2 // $Id: SpamPickupTest.php,v 1.4 2007/08/20 14:50:31 henoheno Exp $
   3 // Copyright (C) 2007 heno
   4 //
   5 // Design test case for spam.php (called from runner.php)
   6
   7 if (! defined('SPAM_INI_FILE')) define('SPAM_INI_FILE', 'spam.ini.php');
   8
   9 require_once('spam_pickup.php');
  10 require_once('PHPUnit/PHPUnit.php');
  11
  12 class SpamPickupTest extends PHPUnit_TestCase
  13 {
  14         function setup_string_null()
  15         {
  16                 return array(
  17                         '[NULL]'        => NULL,
  18                         '[TRUE]'        => TRUE,
  19                         '[FALSE]'       => FALSE,
  20                         '[array(foobar)]' => array('foobar'),
  21                         '[]'            => '',
  22                         '[0]'           => 0,
  23                         '[1]'           => 1
  24                 );
  25         }
  26
  27         function testFunc_scheme_normalize()
  28         {
  29                 // Null
  30                 foreach($this->setup_string_null() as $key => $value){
  31                         $this->assertEquals('', scheme_normalize($value), $key);
  32                 }
  33
  34                 // CASE
  35                 $this->assertEquals('http', scheme_normalize('HTTP'));
  36
  37                 // Aliases
  38                 $this->assertEquals('pop3',  scheme_normalize('pop'));
  39                 $this->assertEquals('nntp',  scheme_normalize('news'));
  40                 $this->assertEquals('imap',  scheme_normalize('imap4'));
  41                 $this->assertEquals('nntps', scheme_normalize('snntp'));
  42                 $this->assertEquals('nntps', scheme_normalize('snews'));
  43                 $this->assertEquals('pop3s', scheme_normalize('spop3'));
  44                 $this->assertEquals('pop3s', scheme_normalize('pops'));
  45
  46                 // Abbrevs
  47                 $this->assertEquals('http',  scheme_normalize('ttp'));
  48                 $this->assertEquals('https', scheme_normalize('ttps'));
  49
  50                 // Abbrevs considererd harmless
  51                 $this->assertEquals('', scheme_normalize('ttp',  FALSE));
  52                 $this->assertEquals('', scheme_normalize('ttps', FALSE));
  53         }
  54
  55         function testFunc_host_normalize()
  56         {
  57                 // Null
  58                 foreach($this->setup_string_null() as $key => $value){
  59                         $this->assertEquals('', host_normalize($value), $key);
  60                 }
  61
  62                 // Hostname is case-insensitive
  63                 $this->assertEquals('example.org', host_normalize('ExAMPle.ORG'));
  64
  65                 // Cut 'www' (destructive)
  66                 $this->assertEquals('example.org', host_normalize('WWW.example.org'));
  67         }
  68
  69         function testFunc_port_normalize()
  70         {
  71                 $scheme = 'dont_care';
  72
  73                 // 1st argument: Null
  74                 $this->assertEquals('', port_normalize(NULL, $scheme));
  75                 $this->assertEquals('', port_normalize(TRUE, $scheme));
  76                 $this->assertEquals('', port_normalize(FALSE, $scheme));
  77                 $this->assertEquals('', port_normalize(array('foobar'), $scheme));
  78                 $this->assertEquals('', port_normalize('',   $scheme));
  79
  80                 // 1st argument: Known port
  81                 $this->assertEquals('',    port_normalize(   -1, $scheme));
  82                 $this->assertEquals(0,     port_normalize(    0, $scheme));
  83                 $this->assertEquals(1,     port_normalize(    1, $scheme));
  84                 $this->assertEquals('',    port_normalize(   21, 'ftp'));
  85                 $this->assertEquals('',    port_normalize(   22, 'ssh'));
  86                 $this->assertEquals('',    port_normalize(   23, 'telnet'));
  87                 $this->assertEquals('',    port_normalize(   25, 'smtp'));
  88                 $this->assertEquals('',    port_normalize(   69, 'tftp'));
  89                 $this->assertEquals('',    port_normalize(   70, 'gopher'));
  90                 $this->assertEquals('',    port_normalize(   79, 'finger'));
  91                 $this->assertEquals('',    port_normalize(   80, 'http'));
  92                 $this->assertEquals('',    port_normalize(  110, 'pop3'));
  93                 $this->assertEquals('',    port_normalize(  115, 'sftp'));
  94                 $this->assertEquals('',    port_normalize(  119, 'nntp'));
  95                 $this->assertEquals('',    port_normalize(  143, 'imap'));
  96                 $this->assertEquals('',    port_normalize(  194, 'irc'));
  97                 $this->assertEquals('',    port_normalize(  210, 'wais'));
  98                 $this->assertEquals('',    port_normalize(  443, 'https'));
  99                 $this->assertEquals('',    port_normalize(  563, 'nntps'));
 100                 $this->assertEquals('',    port_normalize(  873, 'rsync'));
 101                 $this->assertEquals('',    port_normalize(  990, 'ftps'));
 102                 $this->assertEquals('',    port_normalize(  992, 'telnets'));
 103                 $this->assertEquals('',    port_normalize(  993, 'imaps'));
 104                 $this->assertEquals('',    port_normalize(  994, 'ircs'));
 105                 $this->assertEquals('',    port_normalize(  995, 'pop3s'));
 106                 $this->assertEquals('',    port_normalize( 3306, 'mysql'));
 107                 $this->assertEquals(8080,  port_normalize( 8080, $scheme));
 108                 $this->assertEquals(65535, port_normalize(65535, $scheme));
 109                 $this->assertEquals(65536, port_normalize(65536, $scheme)); // Seems not invalid in RFC
 110
 111                 // 1st argument: Invalid type
 112                 $this->assertEquals('1x',  port_normalize('001', $scheme) . 'x');
 113                 $this->assertEquals('',    port_normalize('+0',  $scheme));
 114                 $this->assertEquals('',    port_normalize('0-1', $scheme)); // intval() says '0'
 115                 $this->assertEquals('',    port_normalize('str', $scheme));
 116
 117                 // 2nd and 3rd argument: Null
 118                 $this->assertEquals(80,    port_normalize(80, NULL,  TRUE));
 119                 $this->assertEquals(80,    port_normalize(80, TRUE,  TRUE));
 120                 $this->assertEquals(80,    port_normalize(80, FALSE, TRUE));
 121                 $this->assertEquals(80,    port_normalize(80, array('foobar'), TRUE));
 122                 $this->assertEquals(80,    port_normalize(80, '', TRUE));
 123
 124                 // 2nd and 3rd argument: Do $scheme_normalize
 125                 $this->assertEquals('',    port_normalize(80,  'TTP',  TRUE));
 126                 $this->assertEquals('',    port_normalize(110, 'POP',  TRUE));
 127                 $this->assertEquals(80,    port_normalize(80,  'HTTP', FALSE));
 128         }
 129
 130         function testFunc_path_normalize()
 131         {
 132                 // 1st argument: Null
 133                 foreach($this->setup_string_null() as $key => $value){
 134                         $this->assertEquals('/', path_normalize($value), $key);
 135                 }
 136
 137                 // 1st argument: CASE sensitive
 138                 $this->assertEquals('/ExAMPle', path_normalize('ExAMPle'));
 139                 $this->assertEquals('/#hoge',   path_normalize('#hoge'));
 140                 $this->assertEquals('/a/b/c/d', path_normalize('/a/b/./c////./d'));
 141                 $this->assertEquals('/b/',      path_normalize('/a/../../../b/'));
 142
 143                 // 2nd argument
 144                 $this->assertEquals('\\b\\c\\d\\', path_normalize('\\a\\..\\b\\.\\c\\\\.\\d\\', '\\'));
 145                 $this->assertEquals('str1str3str', path_normalize('str1strstr2str..str3str', 'str'));
 146                 $this->assertEquals('/do/../nothing/', path_normalize('/do/../nothing/', TRUE));
 147                 $this->assertEquals('/do/../nothing/', path_normalize('/do/../nothing/', array('a')));
 148                 $this->assertEquals('',            path_normalize(array('a'), array('b')));
 149         }
 150
 151         function testFunc_query_normalize()
 152         {
 153                 // 1st argument: Null
 154                 foreach($this->setup_string_null() as $key => $value){
 155                         $this->assertEquals('', query_normalize($value), $key);
 156                 }
 157
 158                 $this->assertEquals('a=0dd&b&c&d&f=d', query_normalize('&&&&f=d&b&d&c&a=0dd'));
 159                 $this->assertEquals('eg=foobar',       query_normalize('nothing==&eg=dummy&eg=padding&eg=foobar'));
 160         }
 161
 162         function testFunc_file_normalize()
 163         {
 164                 // 1st argument: Null
 165                 foreach($this->setup_string_null() as $key => $value){
 166                         $this->assertEquals('', file_normalize($value), $key);
 167                 }
 168
 169                 // 1st argument: Cut DirectoryIndexes (Destructive)
 170                 foreach(array(
 171                         'default.htm',
 172                         'default.html',
 173                         'default.asp',
 174                         'default.aspx',
 175 \r                       'index',
 176                         'index.htm',
 177                         'index.html',
 178                         'index.shtml',
 179                         'index.jsp',
 180                         'index.php',
 181                         'index.php',
 182                         'index.php3',
 183                         'index.php4',
 184                         'index.pl',
 185                         'index.py',
 186                         'index.rb',
 187                         'index.cgi',
 188
 189                         // Apache 2.0.59 default 'index.html' variants
 190                         'index.html.ca',
 191                         'index.html.cz.iso8859-2',
 192                         'index.html.de',
 193                         'index.html.dk',
 194                         'index.html.ee',
 195                         'index.html.el',
 196                         'index.html.en',
 197                         'index.html.es',
 198                         'index.html.et',
 199                         'index.html.fr',
 200                         'index.html.he.iso8859-8',
 201                         'index.html.hr.iso8859-2',
 202                         'index.html.it',
 203                         'index.html.ja.iso2022-jp',
 204                         'index.html.ko.euc-kr',
 205                         'index.html.lb.utf8',
 206                         'index.html.nl',
 207                         'index.html.nn',
 208                         'index.html.no',
 209                         'index.html.po.iso8859-2',
 210                         'index.html.pt',
 211                         'index.html.pt-br',
 212                         'index.html.ru.cp866',
 213                         'index.html.ru.cp-1251',
 214                         'index.html.ru.iso-ru',
 215                         'index.html.ru.koi8-r',
 216                         'index.html.ru.utf8',
 217                         'index.html.sv',
 218                         'index.html.var',       // default
 219                         'index.html.zh-cn.gb2312',
 220                         'index.html.zh-tw.big5',
 221
 222                         'index.html.po.iso8859-2',
 223                         'index.html.zh-tw.big5',
 224
 225                         'index.ja.en.de.html',
 226
 227                         // .gz
 228                         'index.html.ca.gz',
 229                         'index.html.en.ja.ca.z',
 230                 ) as $arg){
 231                         $this->assertEquals('', file_normalize($arg));
 232                 }
 233
 234                 //$this->assertEquals('foo/', file_normalize('foo/index.html'));
 235
 236                 //$this->assertEquals('ExAMPle', file_normalize('ExAMPle'));
 237                 //$this->assertEquals('exe.exe', file_normalize('exe.exe'));
 238                 //$this->assertEquals('sample.html', file_normalize('sample.html.en'));
 239                 //$this->assertEquals('sample.html', file_normalize('sample.html.pt-br'));
 240                 //$this->assertEquals('sample.html', file_normalize('sample.html.po.iso8859-2'));
 241                 //$this->assertEquals('sample.html', file_normalize('sample.html.zh-tw.big5'));
 242         }
 243
 244         function testFunc_uri_pickup()
 245         {
 246                 // 1st argument: Null
 247                 foreach($this->setup_string_null() as $key => $value){
 248                         $this->assertEquals(0, count(uri_pickup($value)), $key);
 249                 }
 250
 251                 // 1st argument: Some
 252                 $test_string = <<<EOF
 253                         TTP://wwW.Example.Org#TTP_and_www
 254                         https://nasty.example.org:443/foo/xxx#port443/slash
 255                         sftp://foobar.example.org:80/dfsdfs#ftp_bat_port80
 256                         ftp://cnn.example.com&story=breaking_news@10.0.0.1/top_story.htm
 257                         http://192.168.1.4:443#IPv4
 258 EOF;
 259                 $results = uri_pickup_normalize(uri_pickup($test_string));
 260                 $this->assertEquals(5, count($results));
 261
 262                 // ttp://wwW.Example.Org:80#TTP_and_www
 263                 $this->assertEquals('http',           $results[0]['scheme']);
 264                 $this->assertEquals('',               $results[0]['userinfo']);
 265                 $this->assertEquals('example.org',    $results[0]['host']);
 266                 $this->assertEquals('',               $results[0]['port']);
 267                 $this->assertEquals('/',              $results[0]['path']);
 268                 $this->assertEquals('',               $results[0]['file']);
 269                 $this->assertEquals('',               $results[0]['query']);
 270                 $this->assertEquals('ttp_and_www',    $results[0]['fragment']);
 271
 272                 // https://nasty.example.org:443/foo/xxx#port443/slash
 273                 $this->assertEquals('https',          $results[1]['scheme']);
 274                 $this->assertEquals('',               $results[1]['userinfo']);
 275                 $this->assertEquals('nasty.example.org', $results[1]['host']);
 276                 $this->assertEquals('',               $results[1]['port']);
 277                 $this->assertEquals('/foo/',          $results[1]['path']);
 278                 $this->assertEquals('xxx',            $results[1]['file']);
 279                 $this->assertEquals('',               $results[1]['query']);
 280                 $this->assertEquals('port443',        $results[1]['fragment']);
 281
 282                 // sftp://foobar.example.org:80/dfsdfs#sftp_bat_port80
 283                 $this->assertEquals('sftp',           $results[2]['scheme']);
 284                 $this->assertEquals('',               $results[2]['userinfo']);
 285                 $this->assertEquals('foobar.example.org', $results[2]['host']);
 286                 $this->assertEquals('80',             $results[2]['port']);
 287                 $this->assertEquals('/',              $results[2]['path']);
 288                 $this->assertEquals('dfsdfs',         $results[2]['file']);
 289                 $this->assertEquals('',               $results[2]['query']);
 290                 $this->assertEquals('ftp_bat_port80', $results[2]['fragment']);
 291
 292                 // ftp://cnn.example.com&story=breaking_news@10.0.0.1/top_story.htm
 293                 $this->assertEquals('ftp',            $results[3]['scheme']);
 294                 $this->assertEquals('cnn.example.com&story=breaking_news', $results[3]['userinfo']);
 295                 $this->assertEquals('10.0.0.1',       $results[3]['host']);
 296                 $this->assertEquals('',               $results[3]['port']);
 297                 $this->assertEquals('/',              $results[3]['path']);
 298                 $this->assertEquals('top_story.htm',  $results[3]['file']);
 299                 $this->assertEquals('',               $results[3]['query']);
 300                 $this->assertEquals('',               $results[3]['fragment']);
 301
 302
 303                 // Specific tests ----
 304
 305                 // Divider: Back-slash
 306                 $test_string = ' http:\\backslash.org\fobar.html ';
 307                 $results = uri_pickup_normalize(uri_pickup($test_string));
 308                 $this->assertEquals('backslash.org',  $results[0]['host']);
 309
 310                 // Divider: percent-encoded
 311                 //$test_string = ' http%3A%2F%5Cpercent-encoded.org%5Cfobar.html ';
 312                 //$results = uri_pickup_normalize(uri_pickup($test_string));
 313                 //$this->assertEquals('percent-encoded.org',  $results[0]['host']);
 314
 315                 // Host: Underscore
 316                 $test_string = ' http://under_score.org/fobar.html ';
 317                 $results = uri_pickup_normalize(uri_pickup($test_string));
 318                 $this->assertEquals('under_score.org',$results[0]['host']);     // Not 'under'
 319
 320                 // Host: IPv4
 321                 $test_string = ' http://192.168.0.1/fobar.html ';
 322                 $results = uri_pickup_normalize(uri_pickup($test_string));
 323                 $this->assertEquals('192.168.0.1',    $results[0]['host']);
 324
 325                 // Host: Starts
 326                 $test_string = ' http://_sss/foo.html ';
 327                 $results = uri_pickup_normalize(uri_pickup($test_string));
 328                 $this->assertEquals('_sss',           $results[0]['host']);
 329                 $this->assertEquals('foo.html',       $results[0]['file']);
 330
 331                 // Host: Ends
 332                 $test_string = ' http://sss_/foo.html ';
 333                 $results = uri_pickup_normalize(uri_pickup($test_string));
 334                 $this->assertEquals('sss_',           $results[0]['host']);
 335                 $this->assertEquals('foo.html',       $results[0]['file']);
 336
 337
 338                 // Specific tests ---- Fails
 339
 340                 // Divider: Colon only (Too sensitive to capture)
 341                 $test_string = ' http:colon.org ';
 342                 $results = uri_pickup_normalize(uri_pickup($test_string));
 343                 $this->assertEquals(0, count($results));
 344
 345                 // Host: Too short
 346                 $test_string = ' http://s/foo.html http://ss/foo.html ';
 347                 $results = uri_pickup_normalize(uri_pickup($test_string));
 348                 $this->assertEquals(0, count($results));
 349
 350                 $test_string = ' http://sss/foo.html ';
 351                 $results = uri_pickup_normalize(uri_pickup($test_string));
 352                 $this->assertEquals('sss',            $results[0]['host']);
 353                 $this->assertEquals('foo.html',       $results[0]['file']);
 354         }
 355
 356         function testFunc_spam_uri_pickup()
 357         {
 358                 // Divider: percent-encoded
 359                 $test_string = ' http://victim.example.org/http%3A%2F%5Cnasty.example.org ';
 360                 $results = spam_uri_pickup($test_string);
 361                 $this->assertEquals('victim.example.org', $results[0]['host']);
 362                 $this->assertEquals('nasty.example.org',  $results[1]['host']);
 363
 364                 // Domain exposure (site:)
 365                 $test_string = ' http://search.example.org/?q=%20site:nasty.example.org ';
 366                 $results = spam_uri_pickup($test_string);
 367                 $this->assertEquals('nasty.example.org', $results[0]['host']);
 368                 $this->assertEquals('search.example.org',  $results[1]['host']);
 369
 370                 // Domain exposure (%20site:)
 371                 $test_string = ' http://search2.example.org/?q=%20site:nasty2.example.org ';
 372                 $results = spam_uri_pickup($test_string);
 373                 $this->assertEquals('nasty2.example.org', $results[0]['host']);
 374                 $this->assertEquals('search2.example.org',  $results[1]['host']);
 375         }
 376 }
 377
 378 ?>