Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fixed an error when calculating x509 certificate hashes (reported by Martin Holste).

Browse source
This commit is contained in:
Seth Hall 2011-10-04 13:19:11 -04:00
parent aa9fdf38bb
commit 04a9a0dc38
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
scripts/policy/protocols/ssl/cert-hash.bro
View file

@ -10,11 +10,11 @@ export {
}; };
} }
event x509_certificate(c: connection, cert: X509, is_server: bool, chain_idx: count, chain_len: count, der_cert: string) &priority=10 event x509_certificate(c: connection, cert: X509, is_server: bool, chain_idx: count, chain_len: count, der_cert: string) &priority=4
{ {
# We aren't tracking client certificates yet and we are also only tracking # We aren't tracking client certificates yet and we are also only tracking
# the primary cert. # the primary cert. Watch that this came from an SSL analyzed session too.
if ( ! is_server || chain_idx != 0 ) if ( ! is_server || chain_idx != 0 || ! c?$ssl )
return; return;
c$ssl$cert_hash = md5_hash(der_cert); c$ssl$cert_hash = md5_hash(der_cert);