From 20ace6209fca54ea42f739a0af5fd922383ccb2b Mon Sep 17 00:00:00 2001 From: Johanna Amann Date: Wed, 29 Jan 2025 14:07:38 +0000 Subject: [PATCH] Update public and private test suite for DPD changes. The changes are mostly quite minor. The main change reasons are: * analyzers that were confirmed, and later removed now show up in the conn.log. * a couple of removed lines in analyzer.log, because non-confirmed analyzers get removed more quickly. * in some cases there are additional lines in analyzer.log. These are cases in which an analyzer gets removed due to a violation and then re-attached because of a later signature match, which replays the violating content. In all examples that I have so far, this is caused by both sides of a connection speaking a differing protocol. There probably should be a better way to handle this - but it works. * new column for failed analyzers in conn.log --- testing/external/commit-hash.zeek-testing | 2 +- testing/external/commit-hash.zeek-testing-private | 2 +- testing/external/scripts/testing-setup.zeek | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/testing/external/commit-hash.zeek-testing b/testing/external/commit-hash.zeek-testing index 333888e999..b26d66fbd3 100644 --- a/testing/external/commit-hash.zeek-testing +++ b/testing/external/commit-hash.zeek-testing @@ -1 +1 @@ -5e5b54025ed7c3c2a9a23dadbb5b35fde15501e0 +6a1cb339d394fe8d73c0f46e79bd13fbee507313 diff --git a/testing/external/commit-hash.zeek-testing-private b/testing/external/commit-hash.zeek-testing-private index adc9ba57ca..3faaa09711 100644 --- a/testing/external/commit-hash.zeek-testing-private +++ b/testing/external/commit-hash.zeek-testing-private @@ -1 +1 @@ -021824adfb8e486b034d4a20120b593076e07215 +ae8e70135812845ef68ac0f8ce2426ad2ff82469 diff --git a/testing/external/scripts/testing-setup.zeek b/testing/external/scripts/testing-setup.zeek index 0f6ed20459..bb3313ad41 100644 --- a/testing/external/scripts/testing-setup.zeek +++ b/testing/external/scripts/testing-setup.zeek @@ -1,6 +1,7 @@ # Sets some testing specific options. @load external-ca-list +@load protocols/conn/failed-services @ifdef ( SMTP::never_calc_md5 ) # MDD5s can depend on libmagic output.