From: Philippe Antoine <pantoine@oisf.net>
Date: Thu, 4 May 2023 07:11:46 +0000 (+0200)
Subject: smb: update pcap for test about ntlmssp
X-Git-Tag: suricata-6.0.13~44
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ed8df1c5b680b3fc3748beddee932e06f1a83a0f;p=thirdparty%2Fsuricata-verify.git

smb: update pcap for test about ntlmssp

Turning off a ntlmssp bitflag, so that we are sure we pick the
right bit which is set for version parsing.
---

diff --git a/tests/smb2-ntlmssp-order/smb2.pcap b/tests/smb2-ntlmssp-order/smb2.pcap
index a384afcee..b44f237fa 100644
Binary files a/tests/smb2-ntlmssp-order/smb2.pcap and b/tests/smb2-ntlmssp-order/smb2.pcap differ
diff --git a/tests/smb2-ntlmssp-order/test.yaml b/tests/smb2-ntlmssp-order/test.yaml
index f708cb367..6a450a0f0 100644
--- a/tests/smb2-ntlmssp-order/test.yaml
+++ b/tests/smb2-ntlmssp-order/test.yaml
@@ -2,17 +2,17 @@ requires:
   min-version: 6
 
 args:
-- --set stream.reassembly.depth=0
+- --set stream.reassembly.depth=0 -k none
 
 checks:
   - filter:
       count: 1
       match:
         event_type: smb
-        smb.id: 3
         smb.dialect: "2.02"
         smb.command: SMB2_COMMAND_SESSION_SETUP
         smb.status: STATUS_SUCCESS
         smb.ntlmssp.domain: "CONTOSO"
         smb.ntlmssp.user: "SERVER01"
         smb.ntlmssp.host: "Administrator"
+        smb.ntlmssp.version: "6.0 build 6001 rev 15"