Update btests/baselines for OpenDict compat

Haven't checked different build configurations yet, but all except a few SumStats tests are stable for me now. The external tests are also completely failing, but haven't looked at those yet.
2025-10-05 08:08:19 +00:00 · 2020-08-05 21:12:13 -07:00 · 2020-08-05 21:12:13 -07:00 · 94aee910d5
commit 94aee910d5
parent 37d3cfbd44
27 changed files with 122 additions and 112 deletions
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-clone/clonetwo.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-clone/clonetwo.out
@ -1,18 +1,18 @@
 Peer added
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-clone/master.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-clone/master.out
@ -1,37 +1,37 @@
 Peer added 
 Peer added 
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
 }
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output1
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output1
@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
 I am a set!,
 I am really a set!,
-Believe me - I am a set,
+Believe me - I am a set
 I am a set!
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output2
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output2
@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
-I am really a set!,
+I am a set!,
 Believe me - I am a set,
-I am a set!
+I am really a set!
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output3
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output3
@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
 I am a set!,
 I am really a set!,
-Believe me - I am a set,
+Believe me - I am a set
 I am a set!
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-persistence/output1
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-persistence/output1
@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
 I am a set!,
 I am really a set!,
-Believe me - I am a set,
+Believe me - I am a set
 I am a set!
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-persistence/output2
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-persistence/output2
@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
-I am really a set!,
+I am a set!,
 Believe me - I am a set,
-I am a set!
+I am really a set!
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-attr-simple/clone.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-attr-simple/clone.out
@ -1,18 +1,18 @@
 Peer added
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-backend-simple-reverse/clone.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-backend-simple-reverse/clone.out
@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-backend-simple-reverse/master.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-backend-simple-reverse/master.out
@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-backend-simple/clone.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-backend-simple/clone.out
@ -1,17 +1,17 @@
 {
 [b] = 3,
 [whatever] = 5,
-[a] = 3
+[a] = 3,
 [b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-backend-simple/master.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-backend-simple/master.out
@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-backend-sqlite/clone.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-backend-sqlite/clone.out
@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/broker.store.brokerstore-backend-sqlite/master.out
+++ b/testing/btest/Baseline/broker.store.brokerstore-backend-sqlite/master.out
@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
--- a/testing/btest/Baseline/scripts.base.frameworks.config.weird/output
+++ b/testing/btest/Baseline/scripts.base.frameworks.config.weird/output
@ -1,8 +1,8 @@
 Config values set
 {
 whitelisted_net_weird,
-whitelisted_conn_weird,
+whitelisted_flow_weird,
-whitelisted_flow_weird
+whitelisted_conn_weird
 }
 10
 10
--- a/testing/btest/Baseline/scripts.base.frameworks.input.set-event-reread/out
+++ b/testing/btest/Baseline/scripts.base.frameworks.input.set-event-reread/out
@ -1,7 +1,7 @@
 entry notification Input::EVENT_NEW: [s=one]
 entry notification Input::EVENT_NEW: [s=two]
 entry notification Input::EVENT_NEW: [s=three]
 entry notification Input::EVENT_REMOVED: [s=three]
 entry notification Input::EVENT_REMOVED: [s=two]
 entry notification Input::EVENT_REMOVED: [s=three]
 entry notification Input::EVENT_NEW: [s=four]
 done
--- a/testing/btest/Baseline/scripts.base.utils.exec/zeek..stdout
+++ b/testing/btest/Baseline/scripts.base.utils.exec/zeek..stdout
@ -1,10 +1,4 @@
-test2, [exit_code=1, signal_exit=F, stdout=[here's something on stdout, some more stdout, last stdout], stderr=[and some stderr, more stderr, last stderr], files=<uninitialized>]
+test4 - exit: 0, signal: F, stdout: [hibye], stderr: , files: 
-test5, [exit_code=0, signal_exit=F, stdout=<uninitialized>, stderr=<uninitialized>, files={
+test2 - exit: 1, signal: F, stdout: [here's something on stdout, some more stdout, last stdout], stderr: [and some stderr, more stderr, last stderr], files: 
-[out3] = [],
+test5 - exit: 0, signal: F, stdout: , stderr: , files: out3 -> [], out4 -> [test]
-[out4] = [test]
+test1 - exit: 0, signal: F, stdout: [done, exit, stop], stderr: , files: out1 -> [insert text here, and here], out2 -> [insert more text here, and there]
 }]
 test4, [exit_code=0, signal_exit=F, stdout=[hibye], stderr=<uninitialized>, files=<uninitialized>]
 test1, [exit_code=0, signal_exit=F, stdout=[done, exit, stop], stderr=<uninitialized>, files={
 [out2] = [insert more text here, and there],
 [out1] = [insert text here, and here]
 }]
--- a/testing/btest/Baseline/scripts.policy.frameworks.intel.removal/zeekproc.intel.log
+++ b/testing/btest/Baseline/scripts.policy.frameworks.intel.removal/zeekproc.intel.log
@ -3,9 +3,10 @@
 #empty_field	(empty)
 #unset_field	-
 #path	intel
-#open	2020-03-02-19-33-21
+#open	2020-08-06-03-32-56
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	seen.indicator	seen.indicator_type	seen.where	seen.node	matched	sources	fuid	file_mime_type	file_desc
 #types	time	string	addr	port	addr	port	string	enum	enum	string	set[enum]	set[string]	string	string	string
-1583177601.918405	-	-	-	-	-	10.0.0.1	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
+1596684776.963259	-	-	-	-	-	10.0.0.1	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
-1583177601.918405	-	-	-	-	-	10.0.0.2	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
+1596684776.963259	-	-	-	-	-	10.0.0.2	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
-#close	2020-03-02-19-33-22
+1596684776.969496	-	-	-	-	-	10.0.0.2	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
 #close	2020-08-06-03-32-57
--- a/testing/btest/Baseline/scripts.policy.misc.weird-stats-cluster/manager-1.weird_stats.log
+++ b/testing/btest/Baseline/scripts.policy.misc.weird-stats-cluster/manager-1.weird_stats.log
@ -6,8 +6,8 @@
 #open	2018-07-26-23-11-27
 #fields	ts	name	num_seen
 #types	time	string	count
 1532646687.827249	weird1	2000
 1532646687.827249	weird3	1
 1532646687.827249	weird2	1000
 1532646687.827249	weird1	2000
 1532646692.877464	weird1	2
 #close	2018-07-26-23-11-34
--- a/testing/btest/broker/store/brokerstore-attr-persistence-clone.zeek
+++ b/testing/btest/broker/store/brokerstore-attr-persistence-clone.zeek
@ -8,8 +8,6 @@
 # @TEST-EXEC: btest-diff output1
 # @TEST-EXEC: btest-diff output2
 # @TEST-EXEC: btest-diff output3
 # @TEST-EXEC: diff output1 output2
 # @TEST-EXEC: diff output2 output3
 # the first test writes out the sqlite files...
--- a/testing/btest/broker/store/brokerstore-attr-persistence.zeek
+++ b/testing/btest/broker/store/brokerstore-attr-persistence.zeek
@ -1,10 +1,7 @@
 # @TEST-PORT: BROKER_PORT
 # @TEST-EXEC: zeek -B broker -b one.zeek > output1
 # @TEST-EXEC: zeek -B broker -b two.zeek > output2
 # @TEST-EXEC: btest-diff output1
 # @TEST-EXEC: btest-diff output2
 # @TEST-EXEC: diff output1 output2
 # the first test writes out the sqlite files...
--- a/testing/btest/broker/store/brokerstore-backend-simple-reverse.zeek
+++ b/testing/btest/broker/store/brokerstore-backend-simple-reverse.zeek
@ -9,8 +9,6 @@
 #
 # @TEST-EXEC: btest-diff master.out
 # @TEST-EXEC: btest-diff clone.out
 # @TEST-EXEC: diff master.out clone.out
 # @TEST-EXEC: diff master.out clone2.out
@TEST-START-FILE cluster-layout.zeek
 redef Cluster::nodes = {
--- a/testing/btest/broker/store/brokerstore-backend-simple.zeek
+++ b/testing/btest/broker/store/brokerstore-backend-simple.zeek
@ -9,8 +9,6 @@
 #
 # @TEST-EXEC: btest-diff master.out
 # @TEST-EXEC: btest-diff clone.out
 # @TEST-EXEC: diff master.out clone.out
 # @TEST-EXEC: diff master.out clone2.out
@TEST-START-FILE cluster-layout.zeek
 redef Cluster::nodes = {
--- a/testing/btest/broker/store/brokerstore-backend-sqlite.zeek
+++ b/testing/btest/broker/store/brokerstore-backend-sqlite.zeek
@ -10,8 +10,6 @@
 #
 # @TEST-EXEC: btest-diff master.out
 # @TEST-EXEC: btest-diff clone.out
 # @TEST-EXEC: diff master.out clone.out
 # @TEST-EXEC: diff master.out clone2.out
@TEST-START-FILE cluster-layout.zeek
 redef Cluster::nodes = {
--- a/testing/btest/scripts/base/frameworks/intel/expire-item.zeek
+++ b/testing/btest/scripts/base/frameworks/intel/expire-item.zeek
@ -17,7 +17,7 @@ redef exit_only_after_terminate = T;
 redef Intel::read_files += { "../intel.dat" };
 redef enum Intel::Where += { SOMEWHERE };
 redef Intel::item_expiration = 9sec;
-redef table_expire_interval = 3sec;
+redef table_expire_interval = 2sec;
 global runs = 0;
 event do_it()
--- a/testing/btest/scripts/base/utils/exec.test
+++ b/testing/btest/scripts/base/utils/exec.test
@ -21,7 +21,28 @@ function test_cmd(label: string, cmd: Exec::Command)
 	{
 	when ( local result = Exec::run(cmd) )
 		{
-		print label, result;
+		local file_content = "";
 		if ( result?$files )
 			{
 			local which_test = "out1" in result$files;
 			if ( which_test )
 				file_content = fmt("out1 -> %s, out2 -> %s",
 				                   result$files["out1"],
 				                   result$files["out2"]);
 			else
 				file_content = fmt("out3 -> %s, out4 -> %s",
 				                   result$files["out3"],
 				                   result$files["out4"]);
 			}
 		print fmt("%s - exit: %s, signal: %s, stdout: %s, stderr: %s, files: %s",
 		          label, result$exit_code, result$signal_exit,
 		          result?$stdout ? result$stdout : "",
 		          result?$stderr ? result$stderr : "",
 		          file_content);
 		check_exit_condition();
 		}
 	}
--- a/testing/btest/scripts/policy/frameworks/intel/removal.zeek
+++ b/testing/btest/scripts/policy/frameworks/intel/removal.zeek
@ -22,25 +22,30 @@ hook Intel::filter_item(item: Intel::Item)
 		break;
 	}
 event do_it()
 	{
 	Intel::seen([$host=10.0.0.1,
 	             $where=SOMEWHERE]);
 	Intel::seen([$host=10.0.0.2,
 	             $where=SOMEWHERE]);
 	}
 global log_lines = 0;
 event Intel::log_intel(rec: Intel::Info)
 	{
 	++log_lines;
-	if ( log_lines == 1 )
+	if ( log_lines == 3 )
 		terminate();
 	}
-event zeek_init() &priority=-10
+global entries_read = 0;
 event Intel::read_entry(desc: Input::EventDescription, tpe: Input::Event, item: Intel::Item)
 	{
 	++entries_read;
 	if ( entries_read == 2 )
 		{
 		Intel::seen([$host=10.0.0.1, $where=SOMEWHERE]);
 		Intel::seen([$host=10.0.0.2, $where=SOMEWHERE]);
 		}
 	}
 event zeek_init() &priority=+100
 	{
 	Intel::insert([$indicator="10.0.0.1", $indicator_type=Intel::ADDR, $meta=[$source="source1"]]);
 	Intel::insert([$indicator="10.0.0.2", $indicator_type=Intel::ADDR, $meta=[$source="source1"]]);
-	schedule 1sec { do_it() };
+	Intel::seen([$host=10.0.0.1, $where=SOMEWHERE]);
 	Intel::seen([$host=10.0.0.2, $where=SOMEWHERE]);
 	}