diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/captures/smb311-lz77-lz77huff-lznt1.pcap.gz | bin | 0 -> 446 bytes | |||
-rw-r--r-- | test/suite_decryption.py | 4 | ||||
-rw-r--r-- | test/suite_dissection.py | 20 |
3 files changed, 22 insertions, 2 deletions
diff --git a/test/captures/smb311-lz77-lz77huff-lznt1.pcap.gz b/test/captures/smb311-lz77-lz77huff-lznt1.pcap.gz Binary files differnew file mode 100644 index 0000000000..f14bfbaf42 --- /dev/null +++ b/test/captures/smb311-lz77-lz77huff-lznt1.pcap.gz diff --git a/test/suite_decryption.py b/test/suite_decryption.py index 568e095a43..e87358ee86 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -1068,7 +1068,7 @@ class case_decrypt_smb2(subprocesstest.SubprocessTestCase): '-o', 'uat:smb2_seskey_list:{},{}'.format(sesid, seskey), '-Y', 'frame.number == 7', )) - self.assertIn('unknown', proc.stdout_str) + self.assertIn('Invalid header', proc.stdout_str) def test_smb311_bad_key(self, cmd_tshark, capture_file): seskey = 'ffffffffffffffffffffffffffffffff' @@ -1078,7 +1078,7 @@ class case_decrypt_smb2(subprocesstest.SubprocessTestCase): '-o', 'uat:smb2_seskey_list:{},{}'.format(sesid, seskey), '-Y', 'frame.number == 7' )) - self.assertIn('unknown', proc.stdout_str) + self.assertIn('Invalid header', proc.stdout_str) def test_smb300_aes128ccm(self, cmd_tshark, capture_file): '''Check SMB 3.0 AES128CCM decryption.''' diff --git a/test/suite_dissection.py b/test/suite_dissection.py index 06725e1181..772b40f5ca 100644 --- a/test/suite_dissection.py +++ b/test/suite_dissection.py @@ -199,3 +199,23 @@ class case_dissect_tls(subprocesstest.SubprocessTestCase): '''Verify that TCP and TLS handshake reassembly works (second pass).''' self.check_tls_handshake_reassembly( cmd_tshark, capture_file, extraArgs=['-2']) + +@fixtures.mark_usefixtures('test_env') +@fixtures.uses_fixtures +class case_decompress_smb2(subprocesstest.SubprocessTestCase): + def extract_compressed_payload(self, cmd_tshark, capture_file, frame_num): + proc = self.assertRun((cmd_tshark, + '-r', capture_file('smb311-lz77-lz77huff-lznt1.pcap.gz'), + '-Tfields', '-edata.data', + '-Y', 'frame.number == %d'%frame_num, + )) + self.assertEqual(b'a'*4096, bytes.fromhex(proc.stdout_str.strip())) + + def test_smb311_read_lz77(self, cmd_tshark, capture_file): + self.extract_compressed_payload(cmd_tshark, capture_file, 1) + + def test_smb311_read_lz77huff(self, cmd_tshark, capture_file): + self.extract_compressed_payload(cmd_tshark, capture_file, 2) + + def test_smb311_read_lznt1(self, cmd_tshark, capture_file): + self.extract_compressed_payload(cmd_tshark, capture_file, 3) |