Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

FileAnalysis: unit test tweaks (portability, etc.)

Browse source
This commit is contained in:
Jon Siwek 2013-03-27 14:51:23 -05:00
parent dce3e6448f
commit 7caa4aa45c
7 changed files with 15 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

2
testing/btest/Baseline/scripts.base.frameworks.file-analysis.http.partial-content/a.size
View file

@ -1 +1 @@
555523 7gZBKVUgy4l-file0
555523 7gZBKVUgy4l-file0

2
testing/btest/Baseline/scripts.base.frameworks.file-analysis.http.partial-content/b.size
View file

@ -1 +1 @@
1022920 oDwT1BbzjM1-file0
1022920 oDwT1BbzjM1-file0

2
testing/btest/Baseline/scripts.base.frameworks.file-analysis.http.partial-content/c.size
View file

@ -1 +1 @@
498668 uHS14uhRKGe-file0
498668 uHS14uhRKGe-file0

2
testing/btest/Baseline/scripts.base.frameworks.logging.dataseries.wikipedia/http.ds.txt
View file

@ -61,7 +61,7 @@
<!-- proxied : table[string] -->
<!-- mime_type : string -->
<!-- md5 : string -->
<!-- extraction_file : file -->
<!-- extraction_file : string -->
# Extent, type='http'
ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth method host uri referrer user_agent request_body_len response_body_len status_code status_msg info_code info_msg filename tags username password proxied mime_type md5 extraction_file

6
testing/btest/scripts/base/frameworks/file-analysis/http/partial-content.bro
View file

@ -1,16 +1,16 @@
# @TEST-EXEC: bro -r $TRACES/http/206_example_a.pcap $SCRIPTS/file-analysis-test.bro %INPUT >a.out
# @TEST-EXEC: btest-diff a.out
# @TEST-EXEC: wc -c 7gZBKVUgy4l-file0 >a.size
# @TEST-EXEC: wc -c 7gZBKVUgy4l-file0 | sed 's/^[ \t]* //g' >a.size
# @TEST-EXEC: btest-diff a.size
# @TEST-EXEC: bro -r $TRACES/http/206_example_b.pcap $SCRIPTS/file-analysis-test.bro %INPUT >b.out
# @TEST-EXEC: btest-diff b.out
# @TEST-EXEC: wc -c oDwT1BbzjM1-file0 >b.size
# @TEST-EXEC: wc -c oDwT1BbzjM1-file0 | sed 's/^[ \t]* //g' >b.size
# @TEST-EXEC: btest-diff b.size
# @TEST-EXEC: bro -r $TRACES/http/206_example_c.pcap $SCRIPTS/file-analysis-test.bro %INPUT >c.out
# @TEST-EXEC: btest-diff c.out
# @TEST-EXEC: wc -c uHS14uhRKGe-file0 >c.size
# @TEST-EXEC: wc -c uHS14uhRKGe-file0 | sed 's/^[ \t]* //g' >c.size
# @TEST-EXEC: btest-diff c.size
global cnt: count = 0;

3
testing/scripts/diff-canonifier
View file

@ -2,4 +2,5 @@
#
# Default canonifier used with the tests in testing/btest/*.
`dirname $0`/diff-remove-timestamps
`dirname $0`/diff-remove-timestamps \
| `dirname $0`/diff-remove-mime-types

9
testing/scripts/file-analysis-test.bro
View file

@ -76,13 +76,16 @@ hook FileAnalysis::policy(trig: FileAnalysis::Trigger, info: FileAnalysis::Info)
for ( act in info$actions )
switch ( act$act ) {
case FileAnalysis::ACTION_MD5:
print fmt("MD5: %s", info$actions[act]$md5);
if ( info$actions[act]?$md5 )
print fmt("MD5: %s", info$actions[act]$md5);
break;
case FileAnalysis::ACTION_SHA1:
print fmt("SHA1: %s", info$actions[act]$sha1);
if ( info$actions[act]?$sha1 )
print fmt("SHA1: %s", info$actions[act]$sha1);
break;
case FileAnalysis::ACTION_SHA256:
print fmt("SHA256: %s", info$actions[act]$sha256);
if ( info$actions[act]?$sha256 )
print fmt("SHA256: %s", info$actions[act]$sha256);
break;
}
break;