Fixing btests.

- When Bro is given a PRNG seed, it now uses its own internal random number generator that produces consistent results across sytems. Note that this internal generator isn't very good, so it should only be used for testing purposes. - The BTest configuration now sets the environemnt variables TZ=UTC and LANG=C to ensure consistent results. - Fixing doc markup in logging.bro. - Updating baselines.
2025-10-09 18:18:19 +00:00 · 2011-04-21 19:31:44 -07:00 · 2011-04-21 19:31:44 -07:00 · da0ea67453
commit da0ea67453
parent 5fba6d144e
13 changed files with 163 additions and 124 deletions
--- a/policy/logging.bro
+++ b/policy/logging.bro
@ -81,10 +81,10 @@ export {
 	## Information passed into rotation callback functions.
 	type RotationInfo: record {
-		writer: Writer;	##> Writer.
+		writer: Writer;	##< Writer.
-		path: string;	##> Original path value.
+		path: string;	##< Original path value.
-		open: time;	##> Time when opened.
+		open: time;	##< Time when opened.
-		close: time;	##> Time when closed.
+		close: time;	##< Time when closed.
 	};
 	## Default rotation interval. Zero disables rotation.
--- a/src/Anon.cc
+++ b/src/Anon.cc
@ -17,7 +17,7 @@ AnonymizeIPAddr* ip_anonymizer[NUM_ADDR_ANONYMIZATION_METHODS] = {0};
 static uint32 rand32()
 	{
-	return ((random() & 0xffff) << 16) | (random() & 0xffff);
+	return ((bro_random() & 0xffff) << 16) | (bro_random() & 0xffff);
 	}
 // From tcpdpriv.
--- a/src/H3.h
+++ b/src/H3.h
@ -52,8 +52,8 @@
 //     together to get the same result as hashing the full string.
 // Any number of hash functions can be created by creating new instances of H3,
 //     with the same or different template parameters.  The hash function is
-//     randomly generated using random(); you must call srandom() before the
+//     randomly generated using bro_random(); you must call init_random_seed()
-//     H3 constructor if you wish to seed it.
+//     before the H3 constructor if you wish to seed it.
 #ifndef H3_H
@ -96,7 +96,7 @@ H3<T,N>::H3()
 	bit_lookup[bit] = 0;
 	for (size_t i = 0; i < sizeof(T)/2; i++) {
 	    // assume random() returns at least 16 random bits
-	    bit_lookup[bit] = (bit_lookup[bit] << 16) | (random() & 0xFFFF);
+	    bit_lookup[bit] = (bit_lookup[bit] << 16) | (bro_random() & 0xFFFF);
 	}
    }
--- a/src/Net.cc
+++ b/src/Net.cc
@ -367,7 +367,7 @@ void net_packet_dispatch(double t, const struct pcap_pkthdr* hdr,
 		if ( load_freq == 0 )
 			load_freq = uint32(0xffffffff) / uint32(load_sample_freq);
-		if ( uint32(random() & 0xffffffff) < load_freq )
+		if ( uint32(bro_random() & 0xffffffff) < load_freq )
 			{
 			// Drain the queued timer events so they're not
 			// charged against this sample.
--- a/src/PacketFilter.cc
+++ b/src/PacketFilter.cc
@ -102,5 +102,5 @@ bool PacketFilter::MatchFilter(const Filter& f, const IP_Hdr& ip,
 			return false;
 		}
-	return uint32(random()) < f.probability;
+	return uint32(bro_random()) < f.probability;
 	}
--- a/src/util.cc
+++ b/src/util.cc
@ -573,6 +573,17 @@ static bool write_random_seeds(const char* write_file, uint32 seed,
 	return true;
 	}
 static bool bro_rand_determistic = false;
 static unsigned int bro_rand_state = 0;
 static void bro_srand(unsigned int seed, bool deterministic)
 	{
 	bro_rand_state = seed;
 	bro_rand_determistic = deterministic;
 	srand(seed);
 	}
 void init_random_seed(uint32 seed, const char* read_file, const char* write_file)
 	{
 	static const int bufsiz = 16;
@ -633,9 +644,11 @@ void init_random_seed(uint32 seed, const char* read_file, const char* write_file
 				seed = (seed << 1) | (seed >> 31);
 				}
 			}
 		else
 			seeds_done = true;
 		}
-	srandom(seed);
+	bro_srand(seed, seeds_done);
 	if ( ! hmac_key_set )
 		{
@ -648,6 +661,25 @@ void init_random_seed(uint32 seed, const char* read_file, const char* write_file
 				write_file);
 	}
 long int bro_random()
 	{
 	if ( ! bro_rand_determistic )
 		return random(); // Use system PRNG.
 	// Use our own simple linear congruence PRNG to make sure we are
 	// predictable across platforms.
 	const long int m = 2147483647;
 	const long int a = 16807;
 	const long int q = m / a;
 	const long int r = m % a;
 	bro_rand_state = a * ( bro_rand_state % q ) - r * ( bro_rand_state / q );
 	if ( bro_rand_state <= 0 )
 		bro_rand_state += m;
 	return bro_rand_state;
 	}
 // Returns a 64-bit random string.
 uint64 rand64bit()
@ -656,7 +688,7 @@ uint64 rand64bit()
 	int i;
 	for ( i = 1; i <= 4; ++i )
-		base = (base<<16) | random();
+		base = (base<<16) | bro_random();
 	return base;
 	}
--- a/src/util.h
+++ b/src/util.h
@ -140,7 +140,7 @@ extern void hmac_md5(size_t size, const unsigned char* bytes,
 extern const char* md5_digest_print(const unsigned char digest[16]);
-// Initializes RNGs for random() and MD5 usage.  If seed is given, then
+// Initializes RNGs for bro_random() and MD5 usage.  If seed is given, then
 // it is used (to provide determinism).  If load_file is given, the seeds
 // (both random & MD5) are loaded from that file.  This takes precedence
 // over the "seed" argument.  If write_file is given, the seeds are written
@ -149,6 +149,11 @@ extern const char* md5_digest_print(const unsigned char digest[16]);
 extern void init_random_seed(uint32 seed, const char* load_file,
 				const char* write_file);
 // Replacement for the system random(), to which is normally falls back
 // except when a seed has been given. In that case, we use our own
 // predictable PRNG.
 long int bro_random();
 extern uint64 rand64bit();
 #define UHASH_KEY_SIZE	32
--- a/testing/btest/Baseline/language.rec-table-default/output
+++ b/testing/btest/Baseline/language.rec-table-default/output
@ -5,9 +5,9 @@
 }
 {
-B,
+C,
 A,
-C
+B
 }
 {
--- a/testing/btest/Baseline/logging.remote-types/receiver.ssh.log
+++ b/testing/btest/Baseline/logging.remote-types/receiver.ssh.log
@ -1,2 +1,2 @@
 # b	i	e	c	p	sn	n	a	d	t	iv	s	sc	ss	se	vc	ve
-T	-42	SSH::SSH	21	123	10.0.0.0/24	10.0.0.0	1.2.3.4	3.14	1301360085.98852	100.0	hurz	4,1,3,2	CC,BB,AA	EMPTY	10,20,30	EMPTY
+T	-42	SSH::SSH	21	123	10.0.0.0/24	10.0.0.0	1.2.3.4	3.14	1303439439.02908	100.0	hurz	1,4,2,3	CC,AA,BB	EMPTY	10,20,30	EMPTY
--- a/testing/btest/Baseline/logging.rotate-custom/out
+++ b/testing/btest/Baseline/logging.rotate-custom/out
@ -1,132 +1,132 @@
 2nd test2-11-03-06_19.00.05.log test2.log 11-03-06_19.00.05 11-03-06_19.59.55 0
 1st test-11-03-06_19.00.05.log test.log 11-03-06_19.00.05 11-03-06_20.00.05 0
 2nd test2-11-03-06_19.59.55.log test2.log 11-03-06_19.59.55 11-03-06_20.00.05 0
 2nd test2-11-03-06_20.00.05.log test2.log 11-03-06_20.00.05 11-03-06_20.59.55 0
 1st test-11-03-06_20.00.05.log test.log 11-03-06_20.00.05 11-03-06_21.00.05 0
 2nd test2-11-03-06_20.59.55.log test2.log 11-03-06_20.59.55 11-03-06_21.00.05 0
 2nd test2-11-03-06_21.00.05.log test2.log 11-03-06_21.00.05 11-03-06_21.59.55 0
 1st test-11-03-06_21.00.05.log test.log 11-03-06_21.00.05 11-03-06_22.00.05 0
 2nd test2-11-03-06_21.59.55.log test2.log 11-03-06_21.59.55 11-03-06_22.00.05 0
 2nd test2-11-03-06_22.00.05.log test2.log 11-03-06_22.00.05 11-03-06_22.59.55 0
 1st test-11-03-06_22.00.05.log test.log 11-03-06_22.00.05 11-03-06_23.00.05 0
 2nd test2-11-03-06_22.59.55.log test2.log 11-03-06_22.59.55 11-03-06_23.00.05 0
 2nd test2-11-03-06_23.00.05.log test2.log 11-03-06_23.00.05 11-03-06_23.59.55 0
 1st test-11-03-06_23.00.05.log test.log 11-03-06_23.00.05 11-03-07_00.00.05 0
 2nd test2-11-03-06_23.59.55.log test2.log 11-03-06_23.59.55 11-03-07_00.00.05 0
 2nd test2-11-03-07_00.00.05.log test2.log 11-03-07_00.00.05 11-03-07_00.59.55 0
 1st test-11-03-07_00.00.05.log test.log 11-03-07_00.00.05 11-03-07_01.00.05 0
 2nd test2-11-03-07_00.59.55.log test2.log 11-03-07_00.59.55 11-03-07_01.00.05 0
 2nd test2-11-03-07_01.00.05.log test2.log 11-03-07_01.00.05 11-03-07_01.59.55 0
 1st test-11-03-07_01.00.05.log test.log 11-03-07_01.00.05 11-03-07_02.00.05 0
 2nd test2-11-03-07_01.59.55.log test2.log 11-03-07_01.59.55 11-03-07_02.00.05 0
 2nd test2-11-03-07_02.00.05.log test2.log 11-03-07_02.00.05 11-03-07_02.59.55 0
 1st test-11-03-07_02.00.05.log test.log 11-03-07_02.00.05 11-03-07_03.00.05 0
 2nd test2-11-03-07_02.59.55.log test2.log 11-03-07_02.59.55 11-03-07_03.00.05 0
 2nd test2-11-03-07_03.00.05.log test2.log 11-03-07_03.00.05 11-03-07_03.59.55 0
 1st test-11-03-07_03.00.05.log test.log 11-03-07_03.00.05 11-03-07_04.00.05 0
 2nd test2-11-03-07_03.59.55.log test2.log 11-03-07_03.59.55 11-03-07_04.00.05 0
 2nd test2-11-03-07_04.00.05.log test2.log 11-03-07_04.00.05 11-03-07_04.59.55 0
-1st test-11-03-07_04.00.05.log test.log 11-03-07_04.00.05 11-03-07_04.59.55 1
+1st test-11-03-07_04.00.05.log test.log 11-03-07_04.00.05 11-03-07_05.00.05 0
-2nd test2-11-03-07_04.59.55.log test2.log 11-03-07_04.59.55 11-03-07_04.59.55 1
+2nd test2-11-03-07_04.59.55.log test2.log 11-03-07_04.59.55 11-03-07_05.00.05 0
-> test-11-03-06_19.00.05.log
+2nd test2-11-03-07_05.00.05.log test2.log 11-03-07_05.00.05 11-03-07_05.59.55 0
 1st test-11-03-07_05.00.05.log test.log 11-03-07_05.00.05 11-03-07_06.00.05 0
 2nd test2-11-03-07_05.59.55.log test2.log 11-03-07_05.59.55 11-03-07_06.00.05 0
 2nd test2-11-03-07_06.00.05.log test2.log 11-03-07_06.00.05 11-03-07_06.59.55 0
 1st test-11-03-07_06.00.05.log test.log 11-03-07_06.00.05 11-03-07_07.00.05 0
 2nd test2-11-03-07_06.59.55.log test2.log 11-03-07_06.59.55 11-03-07_07.00.05 0
 2nd test2-11-03-07_07.00.05.log test2.log 11-03-07_07.00.05 11-03-07_07.59.55 0
 1st test-11-03-07_07.00.05.log test.log 11-03-07_07.00.05 11-03-07_08.00.05 0
 2nd test2-11-03-07_07.59.55.log test2.log 11-03-07_07.59.55 11-03-07_08.00.05 0
 2nd test2-11-03-07_08.00.05.log test2.log 11-03-07_08.00.05 11-03-07_08.59.55 0
 1st test-11-03-07_08.00.05.log test.log 11-03-07_08.00.05 11-03-07_09.00.05 0
 2nd test2-11-03-07_08.59.55.log test2.log 11-03-07_08.59.55 11-03-07_09.00.05 0
 2nd test2-11-03-07_09.00.05.log test2.log 11-03-07_09.00.05 11-03-07_09.59.55 0
 1st test-11-03-07_09.00.05.log test.log 11-03-07_09.00.05 11-03-07_10.00.05 0
 2nd test2-11-03-07_09.59.55.log test2.log 11-03-07_09.59.55 11-03-07_10.00.05 0
 2nd test2-11-03-07_10.00.05.log test2.log 11-03-07_10.00.05 11-03-07_10.59.55 0
 1st test-11-03-07_10.00.05.log test.log 11-03-07_10.00.05 11-03-07_11.00.05 0
 2nd test2-11-03-07_10.59.55.log test2.log 11-03-07_10.59.55 11-03-07_11.00.05 0
 2nd test2-11-03-07_11.00.05.log test2.log 11-03-07_11.00.05 11-03-07_11.59.55 0
 1st test-11-03-07_11.00.05.log test.log 11-03-07_11.00.05 11-03-07_12.00.05 0
 2nd test2-11-03-07_11.59.55.log test2.log 11-03-07_11.59.55 11-03-07_12.00.05 0
 2nd test2-11-03-07_12.00.05.log test2.log 11-03-07_12.00.05 11-03-07_12.59.55 0
 1st test-11-03-07_12.00.05.log test.log 11-03-07_12.00.05 11-03-07_12.59.55 1
 2nd test2-11-03-07_12.59.55.log test2.log 11-03-07_12.59.55 11-03-07_12.59.55 1
 > test-11-03-07_03.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299466805.0	10.0.0.1	20	10.0.0.2	1024
 1299470395.0	10.0.0.2	20	10.0.0.3	0
-> test-11-03-06_20.00.05.log
+> test-11-03-07_04.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299470405.0	10.0.0.1	20	10.0.0.2	1025
 1299473995.0	10.0.0.2	20	10.0.0.3	1
-> test-11-03-06_21.00.05.log
+> test-11-03-07_05.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299474005.0	10.0.0.1	20	10.0.0.2	1026
 1299477595.0	10.0.0.2	20	10.0.0.3	2
-> test-11-03-06_22.00.05.log
+> test-11-03-07_06.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299477605.0	10.0.0.1	20	10.0.0.2	1027
 1299481195.0	10.0.0.2	20	10.0.0.3	3
-> test-11-03-06_23.00.05.log
+> test-11-03-07_07.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299481205.0	10.0.0.1	20	10.0.0.2	1028
 1299484795.0	10.0.0.2	20	10.0.0.3	4
-> test-11-03-07_00.00.05.log
+> test-11-03-07_08.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299484805.0	10.0.0.1	20	10.0.0.2	1029
 1299488395.0	10.0.0.2	20	10.0.0.3	5
-> test-11-03-07_01.00.05.log
+> test-11-03-07_09.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299488405.0	10.0.0.1	20	10.0.0.2	1030
 1299491995.0	10.0.0.2	20	10.0.0.3	6
-> test-11-03-07_02.00.05.log
+> test-11-03-07_10.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299492005.0	10.0.0.1	20	10.0.0.2	1031
 1299495595.0	10.0.0.2	20	10.0.0.3	7
-> test-11-03-07_03.00.05.log
+> test-11-03-07_11.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299495605.0	10.0.0.1	20	10.0.0.2	1032
 1299499195.0	10.0.0.2	20	10.0.0.3	8
-> test-11-03-07_04.00.05.log
+> test-11-03-07_12.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299499205.0	10.0.0.1	20	10.0.0.2	1033
 1299502795.0	10.0.0.2	20	10.0.0.3	9
 > test2-11-03-06_19.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299466805.0	10.0.0.1	20	10.0.0.2	1024
 > test2-11-03-06_19.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299470395.0	10.0.0.2	20	10.0.0.3	0
 > test2-11-03-06_20.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299470405.0	10.0.0.1	20	10.0.0.2	1025
 > test2-11-03-06_20.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299473995.0	10.0.0.2	20	10.0.0.3	1
 > test2-11-03-06_21.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299474005.0	10.0.0.1	20	10.0.0.2	1026
 > test2-11-03-06_21.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299477595.0	10.0.0.2	20	10.0.0.3	2
 > test2-11-03-06_22.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299477605.0	10.0.0.1	20	10.0.0.2	1027
 > test2-11-03-06_22.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299481195.0	10.0.0.2	20	10.0.0.3	3
 > test2-11-03-06_23.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299481205.0	10.0.0.1	20	10.0.0.2	1028
 > test2-11-03-06_23.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299484795.0	10.0.0.2	20	10.0.0.3	4
 > test2-11-03-07_00.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299484805.0	10.0.0.1	20	10.0.0.2	1029
 > test2-11-03-07_00.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299488395.0	10.0.0.2	20	10.0.0.3	5
 > test2-11-03-07_01.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299488405.0	10.0.0.1	20	10.0.0.2	1030
 > test2-11-03-07_01.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299491995.0	10.0.0.2	20	10.0.0.3	6
 > test2-11-03-07_02.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299492005.0	10.0.0.1	20	10.0.0.2	1031
 > test2-11-03-07_02.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299495595.0	10.0.0.2	20	10.0.0.3	7
 > test2-11-03-07_03.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
-1299495605.0	10.0.0.1	20	10.0.0.2	1032
+1299466805.0	10.0.0.1	20	10.0.0.2	1024
 > test2-11-03-07_03.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
-1299499195.0	10.0.0.2	20	10.0.0.3	8
+1299470395.0	10.0.0.2	20	10.0.0.3	0
 > test2-11-03-07_04.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
-1299499205.0	10.0.0.1	20	10.0.0.2	1033
+1299470405.0	10.0.0.1	20	10.0.0.2	1025
 > test2-11-03-07_04.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299473995.0	10.0.0.2	20	10.0.0.3	1
 > test2-11-03-07_05.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299474005.0	10.0.0.1	20	10.0.0.2	1026
 > test2-11-03-07_05.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299477595.0	10.0.0.2	20	10.0.0.3	2
 > test2-11-03-07_06.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299477605.0	10.0.0.1	20	10.0.0.2	1027
 > test2-11-03-07_06.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299481195.0	10.0.0.2	20	10.0.0.3	3
 > test2-11-03-07_07.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299481205.0	10.0.0.1	20	10.0.0.2	1028
 > test2-11-03-07_07.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299484795.0	10.0.0.2	20	10.0.0.3	4
 > test2-11-03-07_08.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299484805.0	10.0.0.1	20	10.0.0.2	1029
 > test2-11-03-07_08.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299488395.0	10.0.0.2	20	10.0.0.3	5
 > test2-11-03-07_09.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299488405.0	10.0.0.1	20	10.0.0.2	1030
 > test2-11-03-07_09.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299491995.0	10.0.0.2	20	10.0.0.3	6
 > test2-11-03-07_10.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299492005.0	10.0.0.1	20	10.0.0.2	1031
 > test2-11-03-07_10.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299495595.0	10.0.0.2	20	10.0.0.3	7
 > test2-11-03-07_11.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299495605.0	10.0.0.1	20	10.0.0.2	1032
 > test2-11-03-07_11.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299499195.0	10.0.0.2	20	10.0.0.3	8
 > test2-11-03-07_12.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299499205.0	10.0.0.1	20	10.0.0.2	1033
 > test2-11-03-07_12.59.55.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299502795.0	10.0.0.2	20	10.0.0.3	9
 > test2.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
--- a/testing/btest/Baseline/logging.rotate/out
+++ b/testing/btest/Baseline/logging.rotate/out
@ -1,50 +1,50 @@
 test-11-03-06_19.00.05.log test.log 11-03-06_19.00.05 11-03-06_20.00.05 0
 test-11-03-06_20.00.05.log test.log 11-03-06_20.00.05 11-03-06_21.00.05 0
 test-11-03-06_21.00.05.log test.log 11-03-06_21.00.05 11-03-06_22.00.05 0
 test-11-03-06_22.00.05.log test.log 11-03-06_22.00.05 11-03-06_23.00.05 0
 test-11-03-06_23.00.05.log test.log 11-03-06_23.00.05 11-03-07_00.00.05 0
 test-11-03-07_00.00.05.log test.log 11-03-07_00.00.05 11-03-07_01.00.05 0
 test-11-03-07_01.00.05.log test.log 11-03-07_01.00.05 11-03-07_02.00.05 0
 test-11-03-07_02.00.05.log test.log 11-03-07_02.00.05 11-03-07_03.00.05 0
 test-11-03-07_03.00.05.log test.log 11-03-07_03.00.05 11-03-07_04.00.05 0
-test-11-03-07_04.00.05.log test.log 11-03-07_04.00.05 11-03-07_04.59.55 1
+test-11-03-07_04.00.05.log test.log 11-03-07_04.00.05 11-03-07_05.00.05 0
-> test-11-03-06_19.00.05.log
+test-11-03-07_05.00.05.log test.log 11-03-07_05.00.05 11-03-07_06.00.05 0
 test-11-03-07_06.00.05.log test.log 11-03-07_06.00.05 11-03-07_07.00.05 0
 test-11-03-07_07.00.05.log test.log 11-03-07_07.00.05 11-03-07_08.00.05 0
 test-11-03-07_08.00.05.log test.log 11-03-07_08.00.05 11-03-07_09.00.05 0
 test-11-03-07_09.00.05.log test.log 11-03-07_09.00.05 11-03-07_10.00.05 0
 test-11-03-07_10.00.05.log test.log 11-03-07_10.00.05 11-03-07_11.00.05 0
 test-11-03-07_11.00.05.log test.log 11-03-07_11.00.05 11-03-07_12.00.05 0
 test-11-03-07_12.00.05.log test.log 11-03-07_12.00.05 11-03-07_12.59.55 1
 > test-11-03-07_03.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299466805.0	10.0.0.1	20	10.0.0.2	1024
 1299470395.0	10.0.0.2	20	10.0.0.3	0
-> test-11-03-06_20.00.05.log
+> test-11-03-07_04.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299470405.0	10.0.0.1	20	10.0.0.2	1025
 1299473995.0	10.0.0.2	20	10.0.0.3	1
-> test-11-03-06_21.00.05.log
+> test-11-03-07_05.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299474005.0	10.0.0.1	20	10.0.0.2	1026
 1299477595.0	10.0.0.2	20	10.0.0.3	2
-> test-11-03-06_22.00.05.log
+> test-11-03-07_06.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299477605.0	10.0.0.1	20	10.0.0.2	1027
 1299481195.0	10.0.0.2	20	10.0.0.3	3
-> test-11-03-06_23.00.05.log
+> test-11-03-07_07.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299481205.0	10.0.0.1	20	10.0.0.2	1028
 1299484795.0	10.0.0.2	20	10.0.0.3	4
-> test-11-03-07_00.00.05.log
+> test-11-03-07_08.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299484805.0	10.0.0.1	20	10.0.0.2	1029
 1299488395.0	10.0.0.2	20	10.0.0.3	5
-> test-11-03-07_01.00.05.log
+> test-11-03-07_09.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299488405.0	10.0.0.1	20	10.0.0.2	1030
 1299491995.0	10.0.0.2	20	10.0.0.3	6
-> test-11-03-07_02.00.05.log
+> test-11-03-07_10.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299492005.0	10.0.0.1	20	10.0.0.2	1031
 1299495595.0	10.0.0.2	20	10.0.0.3	7
-> test-11-03-07_03.00.05.log
+> test-11-03-07_11.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299495605.0	10.0.0.1	20	10.0.0.2	1032
 1299499195.0	10.0.0.2	20	10.0.0.3	8
-> test-11-03-07_04.00.05.log
+> test-11-03-07_12.00.05.log
 # t	id.orig_h	id.orig_p	id.resp_h	id.resp_p
 1299499205.0	10.0.0.1	20	10.0.0.2	1033
 1299502795.0	10.0.0.2	20	10.0.0.3	9
--- a/testing/btest/Baseline/logging.types/ssh.log
+++ b/testing/btest/Baseline/logging.types/ssh.log
@ -1,2 +1,2 @@
 # b	i	e	c	p	sn	n	a	d	t	iv	s	sc	ss	se	vc	ve
-T	-42	SSH::SSH	21	123	10.0.0.0/24	10.0.0.0	1.2.3.4	3.14	1301359781.8203	100.0	hurz	4,1,3,2	CC,BB,AA	EMPTY	10,20,30	EMPTY
+T	-42	SSH::SSH	21	123	10.0.0.0/24	10.0.0.0	1.2.3.4	3.14	1303438960.30366	100.0	hurz	1,4,2,3	CC,AA,BB	EMPTY	10,20,30	EMPTY
--- a/testing/btest/btest.cfg
+++ b/testing/btest/btest.cfg
@ -8,6 +8,8 @@ IgnoreFiles = *.tmp *.swp #* *.trace
 [environment]
 BROPATH=`bash -c %(testbase)s/../../build/bro-path-dev`
 BRO_SEED_FILE=%(testbase)s/random.seed
 TZ=UTC
 LOCALE=C
 PATH=%(testbase)s/../../build/src:%(testbase)s/../../aux/btest:%(default_path)s
 TEST_DIFF_CANONIFIER=%(testbase)s/Scripts/diff-canonifier
 TRACES=%(testbase)s/Traces
`@ -1,2 +1,2 @@`
	`# b i e c p sn n a d t iv s sc ss se vc ve`	`# b i e c p sn n a d t iv s sc ss se vc ve`
	`T -42 SSH::SSH 21 123 10.0.0.0/24 10.0.0.0 1.2.3.4 3.14 1301360085.98852 100.0 hurz 4,1,3,2 CC,BB,AA EMPTY 10,20,30 EMPTY`	`T -42 SSH::SSH 21 123 10.0.0.0/24 10.0.0.0 1.2.3.4 3.14 1303439439.02908 100.0 hurz 1,4,2,3 CC,AA,BB EMPTY 10,20,30 EMPTY`