From: Victor Julien <victor@inliniac.net>
Date: Thu, 18 Aug 2022 09:29:14 +0000 (+0200)
Subject: tests: add test with sslv2 start
X-Git-Tag: suricata-6.0.8~12
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F944%2Fhead;p=thirdparty%2Fsuricata-verify.git

tests: add test with sslv2 start
---

diff --git a/tests/sslv2-tls-upgrade-01/ssl-v2-s1.pcap b/tests/sslv2-tls-upgrade-01/ssl-v2-s1.pcap
new file mode 100644
index 000000000..0fb24e5d1
Binary files /dev/null and b/tests/sslv2-tls-upgrade-01/ssl-v2-s1.pcap differ
diff --git a/tests/sslv2-tls-upgrade-01/test.rules b/tests/sslv2-tls-upgrade-01/test.rules
new file mode 100644
index 000000000..60c764bb5
--- /dev/null
+++ b/tests/sslv2-tls-upgrade-01/test.rules
@@ -0,0 +1 @@
+alert tls any any -> any any (tls.cert_serial; content:"55"; sid:1;)
diff --git a/tests/sslv2-tls-upgrade-01/test.yaml b/tests/sslv2-tls-upgrade-01/test.yaml
new file mode 100644
index 000000000..a6d34a6a7
--- /dev/null
+++ b/tests/sslv2-tls-upgrade-01/test.yaml
@@ -0,0 +1,19 @@
+args:
+- -k none
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: alert
+        alert.signature_id: 1
+  - filter:
+      count: 1
+      match:
+        event_type: tls
+        tls.subject: "C=US, ST=California, L=Sunnyvale, O=NetScreen Technologies, Inc., OU=Security Team, CN=sigdb.secteam.netscreen.com, Email=aturner@netscreen.com"
+        tls.issuerdn: "C=US, ST=California, L=Sunnyvale, O=OneSecure, Inc., OU=Fulfillment, CN=jumper.sv-staging.onesecure.com, Email=fulfillment@onesecure.com"
+        tls.serial: "55"
+        tls.fingerprint: "8c:90:bd:2a:b3:ae:e6:0b:d0:ea:b7:86:b0:1a:e4:b1:cc:57:ef:22"
+        tls.version: "TLSv1"
+        tls.notbefore: "2003-03-29T00:57:44"
+        tls.notafter: "2008-03-27T00:57:44"