Merge remote-tracking branch 'origin/topic/bbannier/issue-3276'

* origin/topic/bbannier/issue-3276:
  Propagate failure reason in `spicy::decline_input`/`zeek::reject_protocol`.

testing/btest/Baseline/spicy.decline_input-2/analyzer.log

@@ -0,0 +1,5 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+SPICY_FOO	my reasons	-
+SPICY_FOO	my reasons	-
+SPICY_FOO	my reasons	-
+SPICY_FOO	my reasons	-

testing/btest/Baseline/spicy.decline_input/analyzer.log

@@ -0,0 +1,5 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+SPICY_FOO	my reasons	-
+SPICY_FOO	my reasons	-
+SPICY_FOO	my reasons	-
+SPICY_FOO	my reasons	-

testing/btest/Baseline/spicy.ssh-banner/analyzer.log

@@ -7,6 +7,6 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	cause	analyzer_kind	analyzer_name	uid	fuid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	failure_reason	failure_data
 #types	time	string	string	string	string	string	addr	port	addr	port	string	string
-XXXXXXXXXX.XXXXXX	violation	protocol	SPICY_SSH	CHhAvVGS1DHFjwGM9	-	141.142.228.5	53595	54.243.55.129	80	protocol rejected	-
+XXXXXXXXXX.XXXXXX	violation	protocol	SPICY_SSH	CHhAvVGS1DHFjwGM9	-	141.142.228.5	53595	54.243.55.129	80	kaputt	-
 XXXXXXXXXX.XXXXXX	violation	protocol	SPICY_SSH	CHhAvVGS1DHFjwGM9	-	141.142.228.5	53595	54.243.55.129	80	failed to match regular expression (<...>/ssh.spicy:7:15)	POST /post HTTP/1.1\x0d\x0aUser-Agent: curl/7.
 #close XXXX-XX-XX-XX-XX-XX

testing/btest/Baseline/spicy.ssh-banner/output

@@ -7,4 +7,4 @@ SSH banner, [orig_h=192.150.186.169, orig_p=49244/tcp, resp_h=131.159.14.23, res
 confirm, Analyzer::ANALYZER_SPICY_SSH
 === violation
 violation, Analyzer::ANALYZER_SPICY_SSH, failed to match regular expression (<...>/ssh.spicy:7:15)
-violation, Analyzer::ANALYZER_SPICY_SSH, protocol rejected
+violation, Analyzer::ANALYZER_SPICY_SSH, kaputt

testing/btest/spicy/decline_input.spicy

@@ -0,0 +1,33 @@
+# @TEST-REQUIRES: have-spicy
+#
+# @TEST-EXEC: spicyz -d -o foo.hlto foo.spicy foo.evt %INPUT
+# @TEST-EXEC: zeek -Cr ${TRACES}/udp-packet.pcap foo.hlto
+# @TEST-EXEC: cat analyzer.log | zeek-cut analyzer_name failure_reason failure_data > analyzer.log2 && mv analyzer.log2 analyzer.log
+# @TEST-EXEC: btest-diff analyzer.log
+#
+# @TEST-DOC: Validates that decline_input is propagated properly. This is a regression test for #3276.
+
+# @TEST-START-FILE foo.spicy
+module foo;
+
+public type X = unit {
+    : bytes &eod;
+};
+# @TEST-END-FILE
+
+# @TEST-START-FILE foo.evt
+protocol analyzer spicy::foo over UDP:
+    parse with foo::X,
+    ports { 12345/udp, 31337/udp };
+# @TEST-END-FILE
+
+module zeek_foo;
+import zeek;
+import foo;
+on foo::X::%done { zeek::reject_protocol("my reasons"); }
+
+# @TEST-START-NEXT
+module zeek_foo;
+import spicy;
+import foo;
+on foo::X::%done { spicy::decline_input("my reasons"); }