From: Victor Julien <victor@inliniac.net>
Date: Fri, 14 Jul 2023 04:42:58 +0000 (+0200)
Subject: tests: expand http2 file test
X-Git-Tag: suricata-7.0.0~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=32d6be5335b7ff98fe360cb6dfacdbc33f3dd295;p=thirdparty%2Fsuricata-verify.git

tests: expand http2 file test

Limit to 7.
---

diff --git a/tests/http2-files/expected/fast.log b/tests/http2-files/expected/fast.log
index 6152138df..8796be646 100644
--- a/tests/http2-files/expected/fast.log
+++ b/tests/http2-files/expected/fast.log
@@ -1,12 +1,27 @@
 08/02/2014-10:50:25.823699  [**] [1:6:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.823699  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.823699  [**] [1:8:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.823699  [**] [1:9:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.823699  [**] [1:10:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.823699  [**] [1:11:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.823699  [**] [1:12:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.823699  [**] [1:13:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.828791  [**] [1:3:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
 08/02/2014-10:50:25.828986  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.828986  [**] [1:10:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.828986  [**] [1:13:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.830473  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.830473  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830473  [**] [1:10:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830473  [**] [1:10:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830473  [**] [1:13:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830473  [**] [1:13:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.830719  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.830719  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830719  [**] [1:10:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830719  [**] [1:10:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830719  [**] [1:13:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830719  [**] [1:13:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
 08/02/2014-10:50:25.832311  [**] [1:4:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
 08/02/2014-10:50:25.833220  [**] [1:4:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
 08/02/2014-10:50:25.833365  [**] [1:5:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
diff --git a/tests/http2-files/test.rules b/tests/http2-files/test.rules
index d1126b8b7..8897c05ff 100644
--- a/tests/http2-files/test.rules
+++ b/tests/http2-files/test.rules
@@ -5,3 +5,8 @@ alert http2 any any -> any any (flow:established,to_client; filemd5:test.md5; si
 alert http2 any any -> any any (file.data; content:"nghttp2 - HTTP/2 C Library"; sid:6; rev:1;)
 alert http2 any any -> any any (file.data; content:!"html"; startswith; sid:7; rev:1;)
 alert http2 any any -> any any (file.data; content:"|0a 0a|<!DOCTYPE"; startswith; sid:8; rev:1;)
+alert http2 any any -> any any (http.response_body; content:"nghttp2 - HTTP/2 C Library"; sid:9; rev:1;)
+alert http2 any any -> any any (http.response_body; content:!"html"; startswith; sid:10; rev:1;)
+alert http2 any any -> any any (http.response_body; content:"|0a 0a|<!DOCTYPE"; startswith; sid:11; rev:1;)
+alert http2 any any -> any any (http.response_body; strip_whitespace; content:"nghttp2-HTTP/2CLibrary"; sid:12; rev:1;)
+alert http2 any any -> any any (http.response_body; strip_whitespace; content:!"html"; startswith; sid:13; rev:1;)
diff --git a/tests/http2-files/test.yaml b/tests/http2-files/test.yaml
index f61522bd5..ea4352ef4 100644
--- a/tests/http2-files/test.yaml
+++ b/tests/http2-files/test.yaml
@@ -2,7 +2,7 @@ requires:
   features:
     - HAVE_NSS
     - HAVE_LIBJANSSON
-  min-version: 6.0.0
+  min-version: 7
 
 # disables checksum verification
 args:
@@ -91,6 +91,31 @@ checks:
       match:
         event_type: alert
         alert.signature_id: 8
+  - filter:
+      count: 1
+      match:
+        event_type: alert
+        alert.signature_id: 9
+  - filter:
+      count: 6
+      match:
+        event_type: alert
+        alert.signature_id: 10
+  - filter:
+      count: 1
+      match:
+        event_type: alert
+        alert.signature_id: 11
+  - filter:
+      count: 1
+      match:
+        event_type: alert
+        alert.signature_id: 12
+  - filter:
+      count: 6
+      match:
+        event_type: alert
+        alert.signature_id: 13
   - filter:
       count: 6
       match: