tests: add test with sslv2 start

diff --git a/tests/sslv2-tls-upgrade-01/ssl-v2-s1.pcap b/tests/sslv2-tls-upgrade-01/ssl-v2-s1.pcap
new file mode 100644 (file)
index 0000000..0fb24e5
Binary files /dev/null and b/tests/sslv2-tls-upgrade-01/ssl-v2-s1.pcap differ

diff --git a/tests/sslv2-tls-upgrade-01/test.rules b/tests/sslv2-tls-upgrade-01/test.rules
new file mode 100644 (file)
index 0000000..60c764b
--- /dev/null
+++ b/tests/sslv2-tls-upgrade-01/test.rules
@@ -0,0 +1 @@
+alert tls any any -> any any (tls.cert_serial; content:"55"; sid:1;)

diff --git a/tests/sslv2-tls-upgrade-01/test.yaml b/tests/sslv2-tls-upgrade-01/test.yaml
new file mode 100644 (file)
index 0000000..a6d34a6
--- /dev/null
+++ b/tests/sslv2-tls-upgrade-01/test.yaml
@@ -0,0 +1,19 @@
+args:
+- -k none
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: alert
+        alert.signature_id: 1
+  - filter:
+      count: 1
+      match:
+        event_type: tls
+        tls.subject: "C=US, ST=California, L=Sunnyvale, O=NetScreen Technologies, Inc., OU=Security Team, CN=sigdb.secteam.netscreen.com, Email=aturner@netscreen.com"
+        tls.issuerdn: "C=US, ST=California, L=Sunnyvale, O=OneSecure, Inc., OU=Fulfillment, CN=jumper.sv-staging.onesecure.com, Email=fulfillment@onesecure.com"
+        tls.serial: "55"
+        tls.fingerprint: "8c:90:bd:2a:b3:ae:e6:0b:d0:ea:b7:86:b0:1a:e4:b1:cc:57:ef:22"
+        tls.version: "TLSv1"
+        tls.notbefore: "2003-03-29T00:57:44"
+        tls.notafter: "2008-03-27T00:57:44"