mirror of
https://github.com/zeek/zeek.git
synced 2025-10-16 21:48:21 +00:00
Merge branch 'master' into topic/jsiwek/faf-cleanup
Conflicts: scripts/base/protocols/ftp/file-analysis.bro scripts/base/protocols/http/file-analysis.bro scripts/base/protocols/irc/file-analysis.bro scripts/base/protocols/smtp/file-analysis.bro src/file_analysis/File.cc src/file_analysis/File.h src/file_analysis/Manager.cc src/file_analysis/Manager.h testing/btest/Baseline/scripts.base.frameworks.file-analysis.logging/file_analysis.log testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-0.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-1.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-2.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-3.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-BTsa70Ua9x7-1.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-BTsa70Ua9x7.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-Rqjkzoroau4-0.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-Rqjkzoroau4.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-VLQvJybrm38-2.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-VLQvJybrm38.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-zrfwSs9K1yk-3.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-zrfwSs9K1yk.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp.log testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item-BFymS6bFgT3-0.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item-BFymS6bFgT3.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http.log testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item-wqKMAamJVSb-0.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item-wqKMAamJVSb.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc.log testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-0.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-1.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-Ltd7QO7jEv3-1.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-Ltd7QO7jEv3.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-cwR7l6Zctxb-0.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-cwR7l6Zctxb.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp_entities.log testing/btest/scripts/base/protocols/ftp/ftp-extract.bro testing/btest/scripts/base/protocols/http/http-extract-files.bro testing/btest/scripts/base/protocols/irc/dcc-extract.test testing/btest/scripts/base/protocols/smtp/mime-extract.test
This commit is contained in:
Jon Siwek
commit
f2574636b6
517 changed files with 15571 additions and 12637 deletions
|
|
@ -1,13 +1,15 @@
|
|||
# @TEST-EXEC: bro -r $TRACES/http/get.trace $SCRIPTS/file-analysis-test.bro %INPUT >get.out
|
||||
# @TEST-EXEC: bro -r $TRACES/http/get-gzip.trace $SCRIPTS/file-analysis-test.bro %INPUT >get-gzip.out
|
||||
# @TEST-EXEC: bro -r $TRACES/http/get.trace $SCRIPTS/file-analysis-test.bro %INPUT c=1 >get.out
|
||||
# @TEST-EXEC: bro -r $TRACES/http/get-gzip.trace $SCRIPTS/file-analysis-test.bro %INPUT c=2 >get-gzip.out
|
||||
# @TEST-EXEC: btest-diff get.out
|
||||
# @TEST-EXEC: btest-diff get-gzip.out
|
||||
# @TEST-EXEC: btest-diff Cx92a0ym5R8-file
|
||||
# @TEST-EXEC: btest-diff kg59rqyYxN-file
|
||||
# @TEST-EXEC: btest-diff 1-file
|
||||
# @TEST-EXEC: btest-diff 2-file
|
||||
|
||||
redef test_file_analysis_source = "HTTP";
|
||||
|
||||
global c = 0 &redef;
|
||||
|
||||
redef test_get_file_name = function(f: fa_file): string
|
||||
{
|
||||
return fmt("%s-file", f$id);
|
||||
return fmt("%d-file", c);
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,13 +1,16 @@
|
|||
# @TEST-EXEC: bro -r $TRACES/http/multipart.trace $SCRIPTS/file-analysis-test.bro %INPUT >out
|
||||
# @TEST-EXEC: btest-diff out
|
||||
# @TEST-EXEC: btest-diff TJdltRTxco1-file
|
||||
# @TEST-EXEC: btest-diff QJO04kPdawk-file
|
||||
# @TEST-EXEC: btest-diff dDH5dHdsRH4-file
|
||||
# @TEST-EXEC: btest-diff TaUJcEIboHh-file
|
||||
# @TEST-EXEC: btest-diff 1-file
|
||||
# @TEST-EXEC: btest-diff 2-file
|
||||
# @TEST-EXEC: btest-diff 3-file
|
||||
# @TEST-EXEC: btest-diff 4-file
|
||||
|
||||
redef test_file_analysis_source = "HTTP";
|
||||
|
||||
global cnt: count = 0;
|
||||
|
||||
redef test_get_file_name = function(f: fa_file): string
|
||||
{
|
||||
return fmt("%s-file", f$id);
|
||||
++cnt;
|
||||
return fmt("%d-file", cnt);
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,16 +1,16 @@
|
|||
# @TEST-EXEC: bro -r $TRACES/http/206_example_a.pcap $SCRIPTS/file-analysis-test.bro %INPUT >a.out
|
||||
# @TEST-EXEC: btest-diff a.out
|
||||
# @TEST-EXEC: wc -c 7gZBKVUgy4l-file0 | sed 's/^[ \t]* //g' >a.size
|
||||
# @TEST-EXEC: wc -c file-0 | sed 's/^[ \t]* //g' >a.size
|
||||
# @TEST-EXEC: btest-diff a.size
|
||||
|
||||
# @TEST-EXEC: bro -r $TRACES/http/206_example_b.pcap $SCRIPTS/file-analysis-test.bro %INPUT >b.out
|
||||
# @TEST-EXEC: btest-diff b.out
|
||||
# @TEST-EXEC: wc -c oDwT1BbzjM1-file0 | sed 's/^[ \t]* //g' >b.size
|
||||
# @TEST-EXEC: wc -c file-0 | sed 's/^[ \t]* //g' >b.size
|
||||
# @TEST-EXEC: btest-diff b.size
|
||||
|
||||
# @TEST-EXEC: bro -r $TRACES/http/206_example_c.pcap $SCRIPTS/file-analysis-test.bro %INPUT >c.out
|
||||
# @TEST-EXEC: btest-diff c.out
|
||||
# @TEST-EXEC: wc -c uHS14uhRKGe-file0 | sed 's/^[ \t]* //g' >c.size
|
||||
# @TEST-EXEC: wc -c file-0 | sed 's/^[ \t]* //g' >c.size
|
||||
# @TEST-EXEC: btest-diff c.size
|
||||
|
||||
global cnt: count = 0;
|
||||
|
|
@ -19,7 +19,7 @@ redef test_file_analysis_source = "HTTP";
|
|||
|
||||
redef test_get_file_name = function(f: fa_file): string
|
||||
{
|
||||
local rval: string = fmt("%s-file%d", f$id, cnt);
|
||||
local rval: string = fmt("file-%d", cnt);
|
||||
++cnt;
|
||||
return rval;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,14 +1,16 @@
|
|||
# @TEST-EXEC: bro -r $TRACES/http/pipelined-requests.trace $SCRIPTS/file-analysis-test.bro %INPUT >out
|
||||
# @TEST-EXEC: btest-diff out
|
||||
# @TEST-EXEC: btest-diff aFQKI8SPOL2-file
|
||||
# @TEST-EXEC: btest-diff CCU3vUEr06l-file
|
||||
# @TEST-EXEC: btest-diff HCzA0dVwDPj-file
|
||||
# @TEST-EXEC: btest-diff a1Zu1fteVEf-file
|
||||
# @TEST-EXEC: btest-diff xXlF7wFdsR-file
|
||||
# @TEST-EXEC: btest-diff 1-file
|
||||
# @TEST-EXEC: btest-diff 2-file
|
||||
# @TEST-EXEC: btest-diff 3-file
|
||||
# @TEST-EXEC: btest-diff 4-file
|
||||
# @TEST-EXEC: btest-diff 5-file
|
||||
|
||||
redef test_file_analysis_source = "HTTP";
|
||||
|
||||
global c = 0;
|
||||
|
||||
redef test_get_file_name = function(f: fa_file): string
|
||||
{
|
||||
return fmt("%s-file", f$id);
|
||||
return fmt("%d-file", ++c);
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,11 +1,13 @@
|
|||
# @TEST-EXEC: bro -r $TRACES/http/post.trace $SCRIPTS/file-analysis-test.bro %INPUT >out
|
||||
# @TEST-EXEC: btest-diff out
|
||||
# @TEST-EXEC: btest-diff v5HLI7MxPQh-file
|
||||
# @TEST-EXEC: btest-diff PZS1XGHkIf1-file
|
||||
# @TEST-EXEC: btest-diff 1-file
|
||||
# @TEST-EXEC: btest-diff 2-file
|
||||
|
||||
redef test_file_analysis_source = "HTTP";
|
||||
|
||||
global c = 0;
|
||||
|
||||
redef test_get_file_name = function(f: fa_file): string
|
||||
{
|
||||
return fmt("%s-file", f$id);
|
||||
return fmt("%d-file", ++c);
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue