btest/smtp: Test with smtp-bdat-pipeline-8bitmime.pcap

Not sure about the origin of this pcap, so adding it in a separate commit, but it seems a nice real-world test case.
2025-10-02 06:38:20 +00:00 · 2023-12-12 19:25:43 +01:00 · 2023-12-12 19:25:43 +01:00 · 00e7977732
commit 00e7977732
parent 14949941ce
6 changed files with 46 additions and 0 deletions
--- a/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/conn.log.cut
+++ b/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/conn.log.cut
@ -0,0 +1,3 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	service	duration
+CHhAvVGS1DHFjwGM9	23.128.96.18	56074	217.146.107.83	25	smtp	1.324926
--- a/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/files.log.cut
+++ b/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/files.log.cut
@ -0,0 +1,4 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+uid	source	depth	mime_type	filename	
+CHhAvVGS1DHFjwGM9	SMTP	1	text/plain	-	
+CHhAvVGS1DHFjwGM9	SMTP	2	text/x-diff	-	
--- a/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/out
+++ b/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/out
@ -0,0 +1,9 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+CHhAvVGS1DHFjwGM9, T, EHLO, vger.kernel.org
+CHhAvVGS1DHFjwGM9, T, MAIL, From:<linux-kernel-owner@vger.kernel.org> BODY=8BITMIME SIZE=4333
+CHhAvVGS1DHFjwGM9, T, RCPT, To:<trafficwatcher@foundit.scootmail.com>
+CHhAvVGS1DHFjwGM9, T, BDAT, 4404 LAST
+CHhAvVGS1DHFjwGM9, T, MAIL, From:<linux-kernel-owner@vger.kernel.org> BODY=8BITMIME SIZE=8546
+CHhAvVGS1DHFjwGM9, T, RCPT, To:<trafficwatcher@foundit.scootmail.com>
+CHhAvVGS1DHFjwGM9, T, BDAT, 8757 LAST
+CHhAvVGS1DHFjwGM9, T, QUIT, 
--- a/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/smtp.log
+++ b/testing/btest/Baseline/scripts.base.protocols.smtp.bdat-pipeline-8bitmime/smtp.log
@ -0,0 +1,12 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	smtp
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	trans_depth	helo	mailfrom	rcptto	date	from	to	cc	reply_to	msg_id	in_reply_to	subject	x_originating_ip	first_received	second_received	last_reply	path	user_agent	tls	fuids
+#types	time	string	addr	port	addr	port	count	string	string	set[string]	string	string	set[string]	set[string]	string	string	string	string	addr	string	string	string	vector[addr]	string	bool	vector[string]
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	23.128.96.18	56074	217.146.107.83	25	1	vger.kernel.org	linux-kernel-owner@vger.kernel.org	trafficwatcher@foundit.scootmail.com	Thu, 4 Mar 2021 11:38:56 +0200	Andy Shevchenko <andy.shevchenko@gmail.com>	Andrew Morton <akpm@linux-foundation.org>	Lukasz Luba <lukasz.luba@arm.com>,open list <linux-kernel@vger.kernel.org>,Daniel Lezcano <daniel.lezcano@linaro.org>,"rafael@kernel.org" <rafael@kernel.org>,Andy Shevchenko <andriy.shevchenko@linux.intel.com>	-	<CAHp75Vd5u1jHKPALfBTTqEoXf-4OAdLhsn3A-fzPw3Me=7hhMA@mail.gmail.com>	<20210303163125.dcc0a086a939a58ed30750e8@linux-foundation.org>	Re: [PATCH 1/2] units: Add the HZ_PER_KHZ macro	-	by mail-pf1-x42f.google.com with SMTP id y67so641134pfb.2        for <linux-kernel@vger.kernel.org>; Thu, 04 Mar 2021 01:39:13 -0800 (PST)	from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f])        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A02A7C061574        for <linux-kernel@vger.kernel.org>; Thu,  4 Mar 2021 01:39:13 -0800 (PST)	250 OK id=1lHkUh-008hPw-NY	217.146.107.83,23.128.96.18,23.128.96.19	-	F	FnJaFv4OCDjqLe4uN1
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	23.128.96.18	56074	217.146.107.83	25	1	vger.kernel.org	linux-kernel-owner@vger.kernel.org	trafficwatcher@foundit.scootmail.com	Thu,  4 Mar 2021 10:38:07 +0100	Alejandro Colomar <alx.manpages@gmail.com>	Amir Goldstein <amir73il@gmail.com>,Luis Henriques <lhenriques@suse.de>,linux-man@vger.kernel.org,Steve French <sfrench@samba.org>,Michael Kerrisk <mtk.manpages@gmail.com>	samba-technical <samba-technical@lists.samba.org>,Anna Schumaker <anna.schumaker@netapp.com>,Linux NFS Mailing List <linux-nfs@vger.kernel.org>,linux-fsdevel <linux-fsdevel@vger.kernel.org>,Alexander Viro <viro@zeniv.linux.org.uk>,Trond Myklebust <trond.myklebust@hammerspace.com>,Andreas Dilger <adilger@dilger.ca>,Luis Lozano <llozano@chromium.org>,Ian Lance Taylor <iant@google.com>,Olga Kornievskaia <aglo@umich.edu>,Miklos Szeredi <miklos@szeredi.hu>,linux-kernel <linux-kernel@vger.kernel.org>,Alejandro Colomar <alx.manpages@gmail.com>,Walter Harms <wharms@bfs.de>,Christoph Hellwig <hch@infradead.org>,Nicolas Boichat <drinkcat@chromium.org>,ceph-devel <ceph-devel@vger.kernel.org>,"Darrick J. Wong" <darrick.wong@oracle.com>,Jeff Layton <jlayton@kernel.org>,Greg KH <gregkh@linuxfoundation.org>,Dave Chinner <dchinner@redhat.com>,CIFS <linux-cifs@vger.kernel.org>	-	<20210304093806.10589-1-alx.manpages@gmail.com>	<20210224142307.7284-1-lhenriques@suse.de>	[RFC v4] copy_file_range.2: Update cross-filesystem support for 5.12	-	from localhost.localdomain ([170.253.51.130])        by smtp.googlemail.com with ESMTPSA id l2sm6127295wml.38.2021.03.04.01.40.17        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);        Thu, 04 Mar 2021 01:40:18 -0800 (PST)	by mail-wr1-x431.google.com with SMTP id b18so20376314wrn.6;        Thu, 04 Mar 2021 01:40:19 -0800 (PST)	221 scoot-81.wizint.net closing connection	217.146.107.83,23.128.96.18,23.128.96.19,170.253.51.130	git-send-email 2.30.1.721.g45526154a5	F	FF6Eao4GW4grO0552g
+#close XXXX-XX-XX-XX-XX-XX
--- a/testing/btest/Traces/smtp/smtp-bdat-pipeline-8bitmime.pcap
+++ b/testing/btest/Traces/smtp/smtp-bdat-pipeline-8bitmime.pcap
--- a/testing/btest/scripts/base/protocols/smtp/bdat-pipeline-8bitmime.test
+++ b/testing/btest/scripts/base/protocols/smtp/bdat-pipeline-8bitmime.test
@ -0,0 +1,18 @@
+# @TEST-DOC: PCAP with kernel mailing list BDAT transfer.
+#
+# @TEST-EXEC: zeek -C -b -r $TRACES/smtp/smtp-bdat-pipeline-8bitmime.pcap %INPUT >out
+# @TEST-EXEC: zeek-cut -m uid id.orig_h id.orig_p id.resp_h id.resp_p service duration < conn.log > conn.log.cut
+# @TEST-EXEC: zeek-cut -m uid source depth mime_type filename sha1 < files.log > files.log.cut
+# @TEST-EXEC: btest-diff out
+# @TEST-EXEC: btest-diff conn.log.cut
+# @TEST-EXEC: btest-diff smtp.log
+# @TEST-EXEC: btest-diff files.log.cut
+# @TEST-EXEC: test ! -f weird.log
+
+@load base/protocols/conn
+@load base/protocols/smtp
+
+event smtp_request(c: connection, is_orig: bool, command: string, arg: string)
+	{
+	print c$uid, is_orig, command, arg;
+	}