Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge remote-tracking branch 'origin/topic/robin/gh-4481-test-analyzer'

Browse source 
* origin/topic/robin/gh-4481-test-analyzer:
  Spicy: Fix missing include.
  Bump Spicy.
  Spicy: Add functions to check if Zeek provides an analyzer of a given name.
This commit is contained in:
Robin Sommer 2025-07-16 17:46:48 +02:00
commit c94ce6b946
No known key found for this signature in database
GPG key ID: D8187293B3FFE5D0
9 changed files with 144 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

32
testing/btest/spicy/has-analyzer.spicy Normal file
View file

@ -0,0 +1,32 @@
# @TEST-REQUIRES: have-spicy
#
# @TEST-EXEC: spicyz -d -o test.hlto %INPUT disable_ssh.cc
# @TEST-EXEC: zeek test.hlto
module Test;
import zeek;
assert zeek::has_analyzer("HTTP");
assert ! zeek::has_analyzer("XXX");
assert zeek::analyzer_type("HTTP") == zeek::AnalyzerType::Protocol;
assert zeek::analyzer_type("SHA1") == zeek::AnalyzerType::File;
assert zeek::analyzer_type("VLAN") == zeek::AnalyzerType::Packet;
assert ! zeek::analyzer_type("XXX");
# Disable the SSH analyzer and check that we pay attention to its state.
public function disable_ssh() &cxxname="disable_ssh";
disable_ssh();
assert ! zeek::has_analyzer("SSH", True);
assert zeek::has_analyzer("SSH", False);
# @TEST-START-FILE disable_ssh.cc
#include "zeek/analyzer/Manager.h"
void disable_ssh() {
zeek::analyzer_mgr->Lookup("SSH")->SetEnabled(false);
}