More bugfixs, cleanup, and test for SSL analyzer

- SSL related files and classes renamed to remove the "binpac" term. - A small fix for DPD scripts to make the DPD log more helpful if there are multiple continued failures. Also, fixed the SSL analyzer to make it stop doing repeated violation messages for some handshake failures. - Added a $issuer_subject to the SSL log. - Created a basic test for SSL.
2025-10-08 09:38:19 +00:00 · 2012-05-03 10:52:24 -04:00 · 2012-05-03 10:52:24 -04:00 · 0a6104fe66
commit 0a6104fe66
parent 88807df269
12 changed files with 68 additions and 96 deletions
--- a/src/SSL.h
+++ b/src/SSL.h
@ -0,0 +1,36 @@
+#ifndef ssl_h
+#define ssl_h
+
+#include "TCP.h"
+#include "ssl_pac.h"
+
+class SSL_Analyzer : public TCP_ApplicationAnalyzer {
+public:
+	SSL_Analyzer(Connection* conn);
+	virtual ~SSL_Analyzer();
+
+	// Overriden from Analyzer.
+	virtual void Done();
+	virtual void DeliverStream(int len, const u_char* data, bool orig);
+	virtual void Undelivered(int seq, int len, bool orig);
+
+	// Overriden from TCP_ApplicationAnalyzer.
+	virtual void EndpointEOF(TCP_Reassembler* endp);
+
+	static Analyzer* InstantiateAnalyzer(Connection* conn)
+		{ return new SSL_Analyzer(conn); }
+
+	static bool Available()
+		{
+		return ( ssl_client_hello || ssl_server_hello ||
+			ssl_established || ssl_extension || ssl_alert ||
+			x509_certificate || x509_extension || x509_error );
+		}
+
+protected:
+	binpac::SSL::SSL_Conn* interp;
+	bool had_gap;
+
+};
+
+#endif