From f814be44846345c88f9ffef4130458829aa4026b Mon Sep 17 00:00:00 2001 From: Arne Welzel Date: Wed, 11 Oct 2023 14:11:23 +0200 Subject: [PATCH] btest/quic: Update other tests --- .../btest/Baseline/core.print-bpf-filters/output2 | 12 +++++++----- .../canonified_loaded_scripts.log | 3 +++ testing/btest/Baseline/coverage.find-bro-logs/out | 1 + .../Baseline/coverage.record-fields/out.default | 15 +++++++++++++++ .../scripts.base.files.x509.files/files.log | 12 ++++++------ testing/btest/core/print-bpf-filters.zeek | 3 ++- testing/btest/coverage/bare-mode-errors.test | 3 ++- testing/btest/coverage/default-load-baseline.test | 1 + testing/btest/coverage/init-default.test | 3 ++- testing/btest/coverage/record-fields.zeek | 1 + 10 files changed, 40 insertions(+), 14 deletions(-) diff --git a/testing/btest/Baseline/core.print-bpf-filters/output2 b/testing/btest/Baseline/core.print-bpf-filters/output2 index dcd56a5e77..48f5a34e63 100644 --- a/testing/btest/Baseline/core.print-bpf-filters/output2 +++ b/testing/btest/Baseline/core.print-bpf-filters/output2 @@ -24,7 +24,7 @@ 1 3544 2 389 1 4011 -2 443 +3 443 1 445 1 4789 1 502 @@ -50,11 +50,13 @@ 1 6669 1 67 1 68 +1 784 1 79 1 80 1 8000 1 8080 1 81 +1 853 2 88 1 8888 1 989 @@ -62,8 +64,8 @@ 1 992 1 993 1 995 -70 and -69 or -70 port +73 and +72 or +73 port 46 tcp -24 udp +27 udp diff --git a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log index 985e870bf5..d11129770b 100644 --- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log +++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log @@ -424,6 +424,9 @@ scripts/base/init-default.zeek scripts/base/protocols/ntp/main.zeek scripts/base/protocols/ntp/consts.zeek scripts/base/protocols/pop3/__load__.zeek + scripts/base/protocols/quic/__load__.zeek + scripts/base/protocols/quic/consts.zeek + scripts/base/protocols/quic/main.zeek scripts/base/protocols/radius/__load__.zeek scripts/base/protocols/radius/main.zeek scripts/base/protocols/radius/consts.zeek diff --git a/testing/btest/Baseline/coverage.find-bro-logs/out b/testing/btest/Baseline/coverage.find-bro-logs/out index bd3b78858e..efe4d98b6d 100644 --- a/testing/btest/Baseline/coverage.find-bro-logs/out +++ b/testing/btest/Baseline/coverage.find-bro-logs/out @@ -42,6 +42,7 @@ openflow packet_filter pe print_log_path +quic radius rdp reporter diff --git a/testing/btest/Baseline/coverage.record-fields/out.default b/testing/btest/Baseline/coverage.record-fields/out.default index b53dbd29b1..d4f04e20bd 100644 --- a/testing/btest/Baseline/coverage.record-fields/out.default +++ b/testing/btest/Baseline/coverage.record-fields/out.default @@ -508,6 +508,21 @@ connection { * size: count, log=F, optional=F * state: count, log=F, optional=F } + * quic: record QUIC::Info, log=F, optional=T + QUIC::Info { + * client_initial_dcid: string, log=T, optional=T + * client_protocol: string, log=T, optional=T + * history: string, log=T, optional=T + * history_state: vector of string, log=F, optional=F + * id: record conn_id, log=T, optional=F + conn_id { ... } + * logged: bool, log=F, optional=T + * server_name: string, log=T, optional=T + * server_scid: string, log=T, optional=T + * ts: time, log=T, optional=F + * uid: string, log=T, optional=F + * version: string, log=T, optional=F + } * radius: record RADIUS::Info, log=F, optional=T RADIUS::Info { * connect_info: string, log=T, optional=T diff --git a/testing/btest/Baseline/scripts.base.files.x509.files/files.log b/testing/btest/Baseline/scripts.base.files.x509.files/files.log index ce19924fa1..e64dfc52c0 100644 --- a/testing/btest/Baseline/scripts.base.files.x509.files/files.log +++ b/testing/btest/Baseline/scripts.base.files.x509.files/files.log @@ -7,10 +7,10 @@ #open XXXX-XX-XX-XX-XX-XX #fields ts fuid uid id.orig_h id.orig_p id.resp_h id.resp_p source depth analyzers mime_type filename duration local_orig is_orig seen_bytes total_bytes missing_bytes overflow_bytes timedout parent_fuid md5 sha1 sha256 #types time string string addr port addr port string count set[string] string string interval bool bool count count count count bool string string string string -XXXXXXXXXX.XXXXXX FgN3AE3of2TRIqaeQe CHhAvVGS1DHFjwGM9 192.168.4.149 60623 74.125.239.129 443 SSL 0 X509,SHA256,SHA1,MD5 application/x-x509-user-cert - 0.000000 F F 1859 - 0 0 F - 7af07aca6d5c6e8e87fe4bb34786edc0 548b9e03bc183d1cd39f93a37985cb3950f8f06f 6bacfa4536150ed996f2b0c05ab6e345a257225f449aeb9d2018ccd88f4ede43 -XXXXXXXXXX.XXXXXX Fv2Agc4z5boBOacQi6 CHhAvVGS1DHFjwGM9 192.168.4.149 60623 74.125.239.129 443 SSL 0 X509,SHA256,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 1032 - 0 0 F - 9e4ac96474245129d9766700412a1f89 d83c1a7f4d0446bb2081b81a1670f8183451ca24 a047a37fa2d2e118a4f5095fe074d6cfe0e352425a7632bf8659c03919a6c81d -XXXXXXXXXX.XXXXXX Ftmyeg2qgI2V38Dt3g CHhAvVGS1DHFjwGM9 192.168.4.149 60623 74.125.239.129 443 SSL 0 X509,SHA256,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 897 - 0 0 F - 2e7db2a31d0e3da4b25f49b9542a2e1a 7359755c6df9a0abc3060bce369564c8ec4542a3 3c35cc963eb004451323d3275d05b353235053490d9cd83729a2faf5e7ca1cc0 -XXXXXXXXXX.XXXXXX FUFNf84cduA0IJCp07 ClEkJM2Vm5giqnMf4h 192.168.4.149 60624 74.125.239.129 443 SSL 0 X509,SHA256,SHA1,MD5 application/x-x509-user-cert - 0.000000 F F 1859 - 0 0 F - 7af07aca6d5c6e8e87fe4bb34786edc0 548b9e03bc183d1cd39f93a37985cb3950f8f06f 6bacfa4536150ed996f2b0c05ab6e345a257225f449aeb9d2018ccd88f4ede43 -XXXXXXXXXX.XXXXXX F1H4bd2OKGbLPEdHm4 ClEkJM2Vm5giqnMf4h 192.168.4.149 60624 74.125.239.129 443 SSL 0 X509,SHA256,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 1032 - 0 0 F - 9e4ac96474245129d9766700412a1f89 d83c1a7f4d0446bb2081b81a1670f8183451ca24 a047a37fa2d2e118a4f5095fe074d6cfe0e352425a7632bf8659c03919a6c81d -XXXXXXXXXX.XXXXXX Fgsbci2jxFXYMOHOhi ClEkJM2Vm5giqnMf4h 192.168.4.149 60624 74.125.239.129 443 SSL 0 X509,SHA256,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 897 - 0 0 F - 2e7db2a31d0e3da4b25f49b9542a2e1a 7359755c6df9a0abc3060bce369564c8ec4542a3 3c35cc963eb004451323d3275d05b353235053490d9cd83729a2faf5e7ca1cc0 +XXXXXXXXXX.XXXXXX FgN3AE3of2TRIqaeQe CHhAvVGS1DHFjwGM9 192.168.4.149 60623 74.125.239.129 443 SSL 0 SHA256,X509,SHA1,MD5 application/x-x509-user-cert - 0.000000 F F 1859 - 0 0 F - 7af07aca6d5c6e8e87fe4bb34786edc0 548b9e03bc183d1cd39f93a37985cb3950f8f06f 6bacfa4536150ed996f2b0c05ab6e345a257225f449aeb9d2018ccd88f4ede43 +XXXXXXXXXX.XXXXXX Fv2Agc4z5boBOacQi6 CHhAvVGS1DHFjwGM9 192.168.4.149 60623 74.125.239.129 443 SSL 0 SHA256,X509,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 1032 - 0 0 F - 9e4ac96474245129d9766700412a1f89 d83c1a7f4d0446bb2081b81a1670f8183451ca24 a047a37fa2d2e118a4f5095fe074d6cfe0e352425a7632bf8659c03919a6c81d +XXXXXXXXXX.XXXXXX Ftmyeg2qgI2V38Dt3g CHhAvVGS1DHFjwGM9 192.168.4.149 60623 74.125.239.129 443 SSL 0 SHA256,X509,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 897 - 0 0 F - 2e7db2a31d0e3da4b25f49b9542a2e1a 7359755c6df9a0abc3060bce369564c8ec4542a3 3c35cc963eb004451323d3275d05b353235053490d9cd83729a2faf5e7ca1cc0 +XXXXXXXXXX.XXXXXX FUFNf84cduA0IJCp07 ClEkJM2Vm5giqnMf4h 192.168.4.149 60624 74.125.239.129 443 SSL 0 SHA256,X509,SHA1,MD5 application/x-x509-user-cert - 0.000000 F F 1859 - 0 0 F - 7af07aca6d5c6e8e87fe4bb34786edc0 548b9e03bc183d1cd39f93a37985cb3950f8f06f 6bacfa4536150ed996f2b0c05ab6e345a257225f449aeb9d2018ccd88f4ede43 +XXXXXXXXXX.XXXXXX F1H4bd2OKGbLPEdHm4 ClEkJM2Vm5giqnMf4h 192.168.4.149 60624 74.125.239.129 443 SSL 0 SHA256,X509,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 1032 - 0 0 F - 9e4ac96474245129d9766700412a1f89 d83c1a7f4d0446bb2081b81a1670f8183451ca24 a047a37fa2d2e118a4f5095fe074d6cfe0e352425a7632bf8659c03919a6c81d +XXXXXXXXXX.XXXXXX Fgsbci2jxFXYMOHOhi ClEkJM2Vm5giqnMf4h 192.168.4.149 60624 74.125.239.129 443 SSL 0 SHA256,X509,SHA1,MD5 application/x-x509-ca-cert - 0.000000 F F 897 - 0 0 F - 2e7db2a31d0e3da4b25f49b9542a2e1a 7359755c6df9a0abc3060bce369564c8ec4542a3 3c35cc963eb004451323d3275d05b353235053490d9cd83729a2faf5e7ca1cc0 #close XXXX-XX-XX-XX-XX-XX diff --git a/testing/btest/core/print-bpf-filters.zeek b/testing/btest/core/print-bpf-filters.zeek index e755c4347f..9428af07d7 100644 --- a/testing/btest/core/print-bpf-filters.zeek +++ b/testing/btest/core/print-bpf-filters.zeek @@ -1,4 +1,5 @@ -# @TEST-REQUIRES: have-spicy +# @TEST-REQUIRES: $SCRIPTS/have-spicy +# @TEST-REQUIRES: $SCRIPTS/have-quic # # @TEST-EXEC: zeek -r $TRACES/empty.trace >output # @TEST-EXEC: cat packet_filter.log >>output diff --git a/testing/btest/coverage/bare-mode-errors.test b/testing/btest/coverage/bare-mode-errors.test index be4beaa541..28c0b640ed 100644 --- a/testing/btest/coverage/bare-mode-errors.test +++ b/testing/btest/coverage/bare-mode-errors.test @@ -4,8 +4,9 @@ # Commonly, this test may fail if one forgets to @load some base/ scripts # when writing a new zeek scripts. # -# Require Spicy, otherwise its scripts cannot be loaded. +# Require Spicy and QUIC, otherwise their scripts cannot be loaded. # @TEST-REQUIRES: have-spicy +# @TEST-REQUIRES: have-quic # # @TEST-EXEC: test -d $DIST/scripts # @TEST-EXEC: for script in `find $DIST/scripts/ -name \*\.zeek`; do zeek -b --parse-only $script >>errors 2>&1; done diff --git a/testing/btest/coverage/default-load-baseline.test b/testing/btest/coverage/default-load-baseline.test index 9b9fc1f1f0..47424f5113 100644 --- a/testing/btest/coverage/default-load-baseline.test +++ b/testing/btest/coverage/default-load-baseline.test @@ -8,6 +8,7 @@ # below does. Don't ask. :-) # @TEST-REQUIRES: ${SCRIPTS}/have-spicy +# @TEST-REQUIRES: ${SCRIPTS}/have-quic # @TEST-EXEC: zeek misc/loaded-scripts # @TEST-EXEC: test -e loaded_scripts.log # @TEST-EXEC: cat loaded_scripts.log | grep -E -v '#' | sed 's/ //g' | sed -e ':a' -e '$!N' -e 's/^\(.*\).*\n\1.*/\1/' -e 'ta' >prefix diff --git a/testing/btest/coverage/init-default.test b/testing/btest/coverage/init-default.test index 9dd4b1d1c7..dbfd553691 100644 --- a/testing/btest/coverage/init-default.test +++ b/testing/btest/coverage/init-default.test @@ -7,8 +7,9 @@ # (e.g. cluster operation), and in such cases, the missing_loads baseline # can be adjusted to tolerate that. -# Require Spicy, otherwise baselines change. +# Require Spicy and QUIC, otherwise baselines change. # @TEST-REQUIRES: have-spicy +# @TEST-REQUIRES: have-quic #@TEST-EXEC: test -d $DIST/scripts/base #@TEST-EXEC: test -e $DIST/scripts/base/init-default.zeek diff --git a/testing/btest/coverage/record-fields.zeek b/testing/btest/coverage/record-fields.zeek index 3d1275e474..45fe3634f9 100644 --- a/testing/btest/coverage/record-fields.zeek +++ b/testing/btest/coverage/record-fields.zeek @@ -1,6 +1,7 @@ # @TEST-DOC: Output interesting record types in bare and default mode recursively. Currently just the connection record type. # # @TEST-REQUIRES: ${SCRIPTS}/have-spicy +# @TEST-REQUIRES: ${SCRIPTS}/have-quic # @TEST-EXEC: zeek -b %INPUT >out.bare # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff out.bare # @TEST-EXEC: zeek %INPUT >out.default