zeek/testing/btest/spicy/decline_input.spicy

# @TEST-REQUIRES: have-spicy
#
# @TEST-EXEC: spicyz -d -o foo.hlto foo.spicy foo.evt %INPUT
# @TEST-EXEC: zeek -Cr ${TRACES}/udp-packet.pcap frameworks/analyzer/debug-logging.zeek Analyzer::DebugLogging::include_disabling=F Analyzer::DebugLogging::include_confirmations=F foo.hlto foo.zeek
# @TEST-EXEC: cat analyzer_debug.log | zeek-cut analyzer_name failure_reason failure_data > analyzer_debug.log2 && mv analyzer_debug.log2 analyzer_debug.log
# @TEST-EXEC: btest-diff analyzer_debug.log
#
# @TEST-DOC: Validates that decline_input is propagated properly. This is a regression test for #3276.

# @TEST-START-FILE foo.spicy
module foo;

public type X = unit {
    : bytes &eod;
};
# @TEST-END-FILE

# @TEST-START-FILE foo.evt
protocol analyzer spicy::foo over UDP:
    parse with foo::X;
# @TEST-END-FILE

# @TEST-START-FILE foo.zeek
event zeek_init() {
    Analyzer::register_for_ports(Analyzer::ANALYZER_SPICY_FOO, set(12345/udp, 31337/udp));
}
# @TEST-END-FILE

module zeek_foo;
import zeek;
import foo;
on foo::X::%done { zeek::reject_protocol("my reasons"); }

# @TEST-START-NEXT
module zeek_foo;
import spicy;
import foo;
on foo::X::%done { spicy::decline_input("my reasons"); }