Merge remote-tracking branch 'security/topic/awelzel/125-ftp-timeout-three'

* security/topic/awelzel/125-ftp-timeout-three:
  testing/ftp: Add tests and pcaps with invalid reply lines
  ftp: Harden reply handing a bit and don't raise bad replies to script-land
  ftp: ignore invalid commands

testing/btest/scripts/base/protocols/ftp/ftp-invalid-reply-code.zeek

@@ -0,0 +1,11 @@
+# @TEST-DOC: Th server replies with a line that does not contain a numeric code.: violation.
+# @TEST-EXEC: zeek -b -r $TRACES/ftp/ftp-invalid-reply-code.pcap %INPUT
+# @TEST-EXEC: btest-diff conn.log
+# @TEST-EXEC: btest-diff ftp.log
+# @TEST-EXEC: btest-diff dpd.log
+# @TEST-EXEC: test ! -f reporter.log
+
+@load base/protocols/conn
+@load base/protocols/ftp
+
+redef FTP::logged_commands += { "USER", "PASS", "SYST", "QUIT" };

testing/btest/scripts/base/protocols/ftp/ftp-missing-reply-code.zeek

@@ -0,0 +1,11 @@
+# @TEST-DOC: Th server replies with a line that does not contain a numeric code.: violation.
+# @TEST-EXEC: zeek -b -r $TRACES/ftp/ftp-missing-reply-code.pcap %INPUT
+# @TEST-EXEC: btest-diff conn.log
+# @TEST-EXEC: btest-diff ftp.log
+# @TEST-EXEC: btest-diff dpd.log
+# @TEST-EXEC: test ! -f reporter.log
+
+@load base/protocols/conn
+@load base/protocols/ftp
+
+redef FTP::logged_commands += { "USER", "PASS", "SYST", "QUIT" };

testing/btest/scripts/base/protocols/ftp/ftp-missing-space-after-reply-code.zeek

@@ -0,0 +1,11 @@
+# @TEST-DOC: Th server replies with a line that does not contain a numeric code.: violation.
+# @TEST-EXEC: zeek -b -r $TRACES/ftp/ftp-missing-space-after-reply-code.pcap %INPUT
+# @TEST-EXEC: btest-diff conn.log
+# @TEST-EXEC: btest-diff ftp.log
+# @TEST-EXEC: btest-diff dpd.log
+# @TEST-EXEC: test ! -f reporter.log
+
+@load base/protocols/conn
+@load base/protocols/ftp
+
+redef FTP::logged_commands += { "USER", "PASS", "SYST", "QUIT" };