Merge remote-tracking branch 'origin/master' into topic/seth/smb

testing/btest/scripts/base/protocols/arp/basic.test

@@ -0,0 +1,13 @@
+# @TEST-EXEC: bro -r $TRACES/arp-who-has.pcap %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+event arp_request(mac_src: string, mac_dst: string, SPA: addr, SHA: string, TPA: addr, THA: string)
+	{
+	print mac_src, mac_dst, SPA, SHA, TPA, THA;
+	}
+
+event arp_reply(mac_src: string, mac_dst: string, SPA: addr, SHA: string, TPA: addr, THA: string)
+	{
+	print mac_src, mac_dst, SPA, SHA, TPA, THA;
+	}
+

testing/btest/scripts/base/protocols/conn/new_connection_contents.bro

@@ -0,0 +1,7 @@
+# @TEST-EXEC: bro -r $TRACES/irc-dcc-send.trace %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+event new_connection_contents(c: connection)
+	{
+	print fmt("new_connection_contents for %s", cat(c$id));
+	}

testing/btest/scripts/base/protocols/dns/caa.bro

@@ -0,0 +1,7 @@
+# @TEST-EXEC: bro -r $TRACES/dns-caa.pcap %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+event dns_CAA_reply(c: connection, msg: dns_msg, ans: dns_answer, flags: count, tag: string, value: string)
+	{
+	print flags,tag,value;
+	}

testing/btest/scripts/base/protocols/dns/huge-ttl.bro

@@ -0,0 +1,7 @@
+# @TEST-EXEC: bro -r $TRACES/dns-huge-ttl.pcap %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+event dns_A_reply(c: connection, msg: dns_msg, ans: dns_answer, a: addr)
+	{
+	print ans;
+	}

testing/btest/scripts/base/protocols/imap/capabilities.test

@@ -0,0 +1,12 @@
+# @TEST-EXEC: bro -b -C -r $TRACES/tls/imap-starttls.pcap %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+@load base/protocols/ssl
+@load base/protocols/conn
+@load base/frameworks/dpd
+@load base/protocols/imap
+
+event imap_capabilities(c: connection, capabilities: string_vec)
+	{
+	print capabilities;
+	}

testing/btest/scripts/base/protocols/imap/starttls.test

@@ -0,0 +1,15 @@
+# @TEST-EXEC: bro -b -C -r $TRACES/tls/imap-starttls.pcap %INPUT
+# @TEST-EXEC: btest-diff conn.log
+# @TEST-EXEC: btest-diff ssl.log
+# @TEST-EXEC: btest-diff x509.log
+# @TEST-EXEC: btest-diff .stdout
+
+@load base/protocols/ssl
+@load base/protocols/conn
+@load base/frameworks/dpd
+@load base/protocols/imap
+
+event imap_starttls(c: connection)
+	{
+	print "Tls started for connection";
+	}

testing/btest/scripts/base/protocols/ssl/dtls-stun-dpd.test

@@ -0,0 +1,10 @@
+# @TEST-EXEC: bro -r $TRACES/tls/webrtc-stun.pcap %INPUT
+# @TEST-EXEC: btest-diff ssl.log
+# @TEST-EXEC: touch dpd.log
+# @TEST-EXEC: btest-diff dpd.log
+
+event ssl_client_hello(c: connection, version: count, possible_ts: time, client_random: string, session_id: string, ciphers: index_vec)
+	{
+	print version, client_random, session_id, ciphers;
+	}
+

testing/btest/scripts/base/protocols/xmpp/client-dpd.test

@@ -0,0 +1,8 @@
+# @TEST-EXEC: bro -C -b -r $TRACES/tls/xmpp-starttls.pcap %INPUT
+# @TEST-EXEC: btest-diff ssl.log
+
+@load base/frameworks/dpd
+@load base/frameworks/signatures
+@load base/protocols/ssl
+@load base/protocols/conn
+@load-sigs base/protocols/xmpp/dpd.sig

testing/btest/scripts/base/protocols/xmpp/server-dialback-dpd.test

@@ -0,0 +1,8 @@
+# @TEST-EXEC: bro -C -b -r $TRACES/tls/xmpp-dialback-starttls.pcap %INPUT
+# @TEST-EXEC: btest-diff ssl.log
+
+@load base/frameworks/dpd
+@load base/frameworks/signatures
+@load base/protocols/ssl
+@load base/protocols/conn
+@load-sigs base/protocols/xmpp/dpd.sig

testing/btest/scripts/base/protocols/xmpp/starttls.test

@@ -0,0 +1,9 @@
+# @TEST-EXEC: bro -C -b -r $TRACES/tls/xmpp-starttls.pcap %INPUT
+# @TEST-EXEC: btest-diff conn.log
+# @TEST-EXEC: btest-diff ssl.log
+# @TEST-EXEC: btest-diff x509.log
+
+@load base/protocols/conn
+@load base/frameworks/dpd
+@load base/protocols/ssl
+@load base/protocols/xmpp