Merge remote-tracking branch 'origin/master' into topic/johanna/netcontrol

2025-10-13 03:58:20 +00:00 · 2016-03-07 14:59:25 -08:00 · 2016-03-07 14:59:25 -08:00 · 69b62be5d4
commit 69b62be5d4
parent 8f60974bc0 f89874b9e9
42 changed files with 459 additions and 238 deletions
--- a/testing/btest/scripts/base/protocols/http/http-bad-request-with-version.bro
+++ b/testing/btest/scripts/base/protocols/http/http-bad-request-with-version.bro
@ -0,0 +1,4 @@
+# @TEST-EXEC: bro -Cr $TRACES/http/http-bad-request-with-version.trace %INPUT
+# @TEST-EXEC: btest-diff http.log
+# @TEST-EXEC: btest-diff weird.log
+
--- a/testing/btest/scripts/base/protocols/irc/events.test
+++ b/testing/btest/scripts/base/protocols/irc/events.test
@ -0,0 +1,16 @@
+# Test IRC events
+
+# @TEST-EXEC: bro -r $TRACES/irc-dcc-send.trace %INPUT
+# @TEST-EXEC: bro -r $TRACES/irc-basic.trace %INPUT
+# @TEST-EXEC: bro -r $TRACES/irc-whitespace.trace %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+event irc_privmsg_message(c: connection, is_orig: bool, source: string, target: string, message: string)
+	{
+	print fmt("%s -> %s: %s", source, target, message);
+	}
+
+event irc_quit_message(c: connection, is_orig: bool, nick: string, message: string)
+	{
+	print fmt("quit: %s (%s)", nick, message);
+	}
--- a/testing/btest/scripts/base/protocols/irc/privmsg.test
+++ b/testing/btest/scripts/base/protocols/irc/privmsg.test
@ -1,10 +0,0 @@
-# Test the privmsg event
-
-# @TEST-EXEC: bro -r $TRACES/irc-dcc-send.trace %INPUT
-# @TEST-EXEC: btest-diff .stdout
-
-event irc_privmsg_message(c: connection, is_orig: bool, source: string, target: string, message: string)
-	{
-	print fmt("%s -> %s: %s", source, target, message);
-	}
-
--- a/testing/btest/scripts/base/protocols/ssh/basic.test
+++ b/testing/btest/scripts/base/protocols/ssh/basic.test
@ -1,4 +1,5 @@
 # This tests some SSH connections and the output log.

 # @TEST-EXEC: bro -r $TRACES/ssh/ssh.trace %INPUT
-# @TEST-EXEC: btest-diff ssh.log
+# @TEST-EXEC: btest-diff ssh.log
+# @TEST-EXEC: btest-diff conn.log
--- a/testing/btest/scripts/policy/misc/dump-events.bro
+++ b/testing/btest/scripts/policy/misc/dump-events.bro
@ -1,7 +1,18 @@
-# @TEST-EXEC: bro -r $TRACES/smtp.trace policy/misc/dump-events.bro >all-events.log
-# @TEST-EXEC: bro -r $TRACES/smtp.trace policy/misc/dump-events.bro DumpEvents::include_args=F >all-events-no-args.log
-# @TEST-EXEC: bro -r $TRACES/smtp.trace policy/misc/dump-events.bro DumpEvents::include=/smtp_/ >smtp-events.log
-# 
+# @TEST-EXEC: bro -r $TRACES/smtp.trace policy/misc/dump-events.bro %INPUT >all-events.log
+# @TEST-EXEC: bro -r $TRACES/smtp.trace policy/misc/dump-events.bro %INPUT DumpEvents::include_args=F >all-events-no-args.log
+# @TEST-EXEC: bro -r $TRACES/smtp.trace policy/misc/dump-events.bro %INPUT DumpEvents::include=/smtp_/ >smtp-events.log
+#
 # @TEST-EXEC: btest-diff all-events.log
 # @TEST-EXEC: btest-diff all-events-no-args.log
 # @TEST-EXEC: btest-diff smtp-events.log
+
+# There is some kind of race condition between the MD5 and SHA1 events, which are added
+# by the SSL parser. Just remove MD5, this is not important for this test.
+
+event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priority=-5
+	{
+	if ( ! c?$ssl )
+		return;
+
+	Files::remove_analyzer(f, Files::ANALYZER_MD5);
+	}