Update btests/baselines for OpenDict compat

Haven't checked different build configurations yet, but all except
a few SumStats tests are stable for me now.  The external tests
are also completely failing, but haven't looked at those yet.

testing/btest/Baseline/broker.store.brokerstore-attr-clone/clonetwo.out

@@ -1,18 +1,18 @@
 Peer added
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-attr-clone/master.out

@@ -1,37 +1,37 @@
 Peer added 
 Peer added 
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]
 }
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output1

@@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
+I am a set!,
 I am really a set!,
-Believe me - I am a set,
-I am a set!
+Believe me - I am a set
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output2

@@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
-I am really a set!,
+I am a set!,
 Believe me - I am a set,
-I am a set!
+I am really a set!
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-attr-persistence-clone/output3

@@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
+I am a set!,
 I am really a set!,
-Believe me - I am a set,
-I am a set!
+Believe me - I am a set
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-attr-persistence/output1

@@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
+I am a set!,
 I am really a set!,
-Believe me - I am a set,
-I am a set!
+Believe me - I am a set
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-attr-persistence/output2

@@ -1,19 +1,19 @@
 {
-[b] = 3,
+[a] = 5,
 [whatever] = 5,
-[a] = 5
+[b] = 3
 }
 {
-I am really a set!,
+I am a set!,
 Believe me - I am a set,
-I am a set!
+I am really a set!
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-attr-simple/clone.out

@@ -1,18 +1,18 @@
 Peer added
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-backend-simple-reverse/clone.out

@@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-backend-simple-reverse/master.out

@@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-backend-simple/clone.out

@@ -1,17 +1,17 @@
 {
-[b] = 3,
 [whatever] = 5,
-[a] = 3
+[a] = 3,
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-backend-simple/master.out

@@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-backend-sqlite/clone.out

@@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/broker.store.brokerstore-backend-sqlite/master.out

@@ -1,17 +1,17 @@
 {
-[b] = 3,
+[a] = 3,
 [whatever] = 5,
-[a] = 3
+[b] = 3
 }
 {
 hi
 }
 {
-[b] = [a=2, b=d, c={
+[a] = [a=1, b=c, c={
 elem1,
 elem2
 }],
-[a] = [a=1, b=c, c={
+[b] = [a=2, b=d, c={
 elem1,
 elem2
 }]

testing/btest/Baseline/scripts.base.frameworks.config.weird/output

@@ -1,8 +1,8 @@
 Config values set
 {
 whitelisted_net_weird,
-whitelisted_conn_weird,
-whitelisted_flow_weird
+whitelisted_flow_weird,
+whitelisted_conn_weird
 }
 10
 10

testing/btest/Baseline/scripts.base.frameworks.input.set-event-reread/out

@@ -1,7 +1,7 @@
 entry notification Input::EVENT_NEW: [s=one]
 entry notification Input::EVENT_NEW: [s=two]
 entry notification Input::EVENT_NEW: [s=three]
-entry notification Input::EVENT_REMOVED: [s=three]
 entry notification Input::EVENT_REMOVED: [s=two]
+entry notification Input::EVENT_REMOVED: [s=three]
 entry notification Input::EVENT_NEW: [s=four]
 done

testing/btest/Baseline/scripts.base.utils.exec/zeek..stdout

@@ -1,10 +1,4 @@
-test2, [exit_code=1, signal_exit=F, stdout=[here's something on stdout, some more stdout, last stdout], stderr=[and some stderr, more stderr, last stderr], files=<uninitialized>]
-test5, [exit_code=0, signal_exit=F, stdout=<uninitialized>, stderr=<uninitialized>, files={
-[out3] = [],
-[out4] = [test]
-}]
-test4, [exit_code=0, signal_exit=F, stdout=[hibye], stderr=<uninitialized>, files=<uninitialized>]
-test1, [exit_code=0, signal_exit=F, stdout=[done, exit, stop], stderr=<uninitialized>, files={
-[out2] = [insert more text here, and there],
-[out1] = [insert text here, and here]
-}]
+test4 - exit: 0, signal: F, stdout: [hibye], stderr: , files: 
+test2 - exit: 1, signal: F, stdout: [here's something on stdout, some more stdout, last stdout], stderr: [and some stderr, more stderr, last stderr], files: 
+test5 - exit: 0, signal: F, stdout: , stderr: , files: out3 -> [], out4 -> [test]
+test1 - exit: 0, signal: F, stdout: [done, exit, stop], stderr: , files: out1 -> [insert text here, and here], out2 -> [insert more text here, and there]

testing/btest/Baseline/scripts.policy.frameworks.intel.removal/zeekproc.intel.log

@@ -3,9 +3,10 @@
 #empty_field	(empty)
 #unset_field	-
 #path	intel
-#open	2020-03-02-19-33-21
+#open	2020-08-06-03-32-56
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	seen.indicator	seen.indicator_type	seen.where	seen.node	matched	sources	fuid	file_mime_type	file_desc
 #types	time	string	addr	port	addr	port	string	enum	enum	string	set[enum]	set[string]	string	string	string
-1583177601.918405	-	-	-	-	-	10.0.0.1	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
-1583177601.918405	-	-	-	-	-	10.0.0.2	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
-#close	2020-03-02-19-33-22
+1596684776.963259	-	-	-	-	-	10.0.0.1	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
+1596684776.963259	-	-	-	-	-	10.0.0.2	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
+1596684776.969496	-	-	-	-	-	10.0.0.2	Intel::ADDR	SOMEWHERE	zeek	Intel::ADDR	source1	-	-	-
+#close	2020-08-06-03-32-57

testing/btest/Baseline/scripts.policy.misc.weird-stats-cluster/manager-1.weird_stats.log

@@ -6,8 +6,8 @@
 #open	2018-07-26-23-11-27
 #fields	ts	name	num_seen
 #types	time	string	count
+1532646687.827249	weird1	2000
 1532646687.827249	weird3	1
 1532646687.827249	weird2	1000
-1532646687.827249	weird1	2000
 1532646692.877464	weird1	2
 #close	2018-07-26-23-11-34

testing/btest/broker/store/brokerstore-attr-persistence-clone.zeek

@@ -8,8 +8,6 @@
 # @TEST-EXEC: btest-diff output1
 # @TEST-EXEC: btest-diff output2
 # @TEST-EXEC: btest-diff output3
-# @TEST-EXEC: diff output1 output2
-# @TEST-EXEC: diff output2 output3
 
 # the first test writes out the sqlite files...
 

testing/btest/broker/store/brokerstore-attr-persistence.zeek

@@ -1,10 +1,7 @@
-# @TEST-PORT: BROKER_PORT
-
 # @TEST-EXEC: zeek -B broker -b one.zeek > output1
 # @TEST-EXEC: zeek -B broker -b two.zeek > output2
 # @TEST-EXEC: btest-diff output1
 # @TEST-EXEC: btest-diff output2
-# @TEST-EXEC: diff output1 output2
 
 # the first test writes out the sqlite files...
 

testing/btest/broker/store/brokerstore-backend-simple-reverse.zeek

@@ -9,8 +9,6 @@
 #
 # @TEST-EXEC: btest-diff master.out
 # @TEST-EXEC: btest-diff clone.out
-# @TEST-EXEC: diff master.out clone.out
-# @TEST-EXEC: diff master.out clone2.out
 
 @TEST-START-FILE cluster-layout.zeek
 redef Cluster::nodes = {

testing/btest/broker/store/brokerstore-backend-simple.zeek

@@ -9,8 +9,6 @@
 #
 # @TEST-EXEC: btest-diff master.out
 # @TEST-EXEC: btest-diff clone.out
-# @TEST-EXEC: diff master.out clone.out
-# @TEST-EXEC: diff master.out clone2.out
 
 @TEST-START-FILE cluster-layout.zeek
 redef Cluster::nodes = {

testing/btest/broker/store/brokerstore-backend-sqlite.zeek

@@ -10,8 +10,6 @@
 #
 # @TEST-EXEC: btest-diff master.out
 # @TEST-EXEC: btest-diff clone.out
-# @TEST-EXEC: diff master.out clone.out
-# @TEST-EXEC: diff master.out clone2.out
 
 @TEST-START-FILE cluster-layout.zeek
 redef Cluster::nodes = {

testing/btest/scripts/base/frameworks/intel/expire-item.zeek

@@ -17,7 +17,7 @@ redef exit_only_after_terminate = T;
 redef Intel::read_files += { "../intel.dat" };
 redef enum Intel::Where += { SOMEWHERE };
 redef Intel::item_expiration = 9sec;
-redef table_expire_interval = 3sec;
+redef table_expire_interval = 2sec;
 
 global runs = 0;
 event do_it()

testing/btest/scripts/base/utils/exec.test

@@ -21,7 +21,28 @@ function test_cmd(label: string, cmd: Exec::Command)
 	{
 	when ( local result = Exec::run(cmd) )
 		{
-		print label, result;
+		local file_content = "";
+
+		if ( result?$files )
+			{
+			local which_test = "out1" in result$files;
+
+			if ( which_test )
+				file_content = fmt("out1 -> %s, out2 -> %s",
+				                   result$files["out1"],
+				                   result$files["out2"]);
+			else
+				file_content = fmt("out3 -> %s, out4 -> %s",
+				                   result$files["out3"],
+				                   result$files["out4"]);
+			}
+
+		print fmt("%s - exit: %s, signal: %s, stdout: %s, stderr: %s, files: %s",
+		          label, result$exit_code, result$signal_exit,
+		          result?$stdout ? result$stdout : "",
+		          result?$stderr ? result$stderr : "",
+		          file_content);
+
 		check_exit_condition();
 		}
 	}

testing/btest/scripts/policy/frameworks/intel/removal.zeek

@@ -22,25 +22,30 @@ hook Intel::filter_item(item: Intel::Item)
 		break;
 	}
 
-event do_it()
-	{
-	Intel::seen([$host=10.0.0.1,
-	             $where=SOMEWHERE]);
-	Intel::seen([$host=10.0.0.2,
-	             $where=SOMEWHERE]);
-	}
-
 global log_lines = 0;
 event Intel::log_intel(rec: Intel::Info)
 	{
 	++log_lines;
-	if ( log_lines == 1 )
+	if ( log_lines == 3 )
 		terminate();
 	}
 
-event zeek_init() &priority=-10
+global entries_read = 0;
+event Intel::read_entry(desc: Input::EventDescription, tpe: Input::Event, item: Intel::Item)
+	{
+	++entries_read;
+
+	if ( entries_read == 2 )
+		{
+		Intel::seen([$host=10.0.0.1, $where=SOMEWHERE]);
+		Intel::seen([$host=10.0.0.2, $where=SOMEWHERE]);
+		}
+	}
+
+event zeek_init() &priority=+100
 	{
 	Intel::insert([$indicator="10.0.0.1", $indicator_type=Intel::ADDR, $meta=[$source="source1"]]);
 	Intel::insert([$indicator="10.0.0.2", $indicator_type=Intel::ADDR, $meta=[$source="source1"]]);
-	schedule 1sec { do_it() };
+	Intel::seen([$host=10.0.0.1, $where=SOMEWHERE]);
+	Intel::seen([$host=10.0.0.2, $where=SOMEWHERE]);
 	}