Merge remote-tracking branch 'security/topic/awelzel/148-ftp-skip-get-pending-commands-multi-line-response'

* security/topic/awelzel/148-ftp-skip-get-pending-commands-multi-line-response:
  ftp/main: Special case for intermediate reply lines
  ftp/main: Skip get_pending_command() for intermediate reply lines

testing/btest/scripts/base/protocols/ftp/ftp-multiline-reply.zeek

@@ -0,0 +1,13 @@
+# @TEST-DOC: Tests that c$ftp$reply_msg stays the same over a multiline reply.
+# @TEST-EXEC: zeek -b -r $TRACES/ftp/ipv6-multiline-reply.trace %INPUT > out
+# @TEST-EXEC: btest-diff ftp.log
+# @TEST-EXEC: btest-diff out
+
+@load base/protocols/conn
+@load base/protocols/ftp
+
+redef FTP::logged_commands += { "<init>", "USER", "PASS" };
+
+event ftp_reply(c: connection, code: count, msg: string, cont_resp: bool) {
+	print "ftp_reply", cont_resp, code, cat(c$ftp$reply_msg);
+}

testing/btest/scripts/base/protocols/ftp/ftp-samba-retr.zeek

@@ -0,0 +1,13 @@
+# @TEST-DOC: Tests interemediate lines to not confuse cwd tracking.
+# @TEST-EXEC: zeek -b -r $TRACES/ftp/ipv6-retr-samba.trace %INPUT > out
+# @TEST-EXEC: btest-diff ftp.log
+# @TEST-EXEC: btest-diff out
+
+@load base/protocols/conn
+@load base/protocols/ftp
+
+redef FTP::logged_commands += { "USER", "PASS", "RETR" };
+
+event ftp_reply(c: connection, code: count, msg: string, cont_resp: bool) {
+	print "ftp_reply", cont_resp, code, cat(c$ftp$reply_msg);
+}