Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

More bugfixs, cleanup, and test for SSL analyzer

Browse source 
- SSL related files and classes renamed to remove the "binpac" term.

- A small fix for DPD scripts to make the DPD log more helpful if
  there are multiple continued failures.  Also, fixed the SSL
  analyzer to make it stop doing repeated violation messages for
  some handshake failures.

- Added a $issuer_subject to the SSL log.

- Created a basic test for SSL.
This commit is contained in:
Seth Hall 2012-05-03 10:52:24 -04:00
parent 88807df269
commit 0a6104fe66
12 changed files with 68 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

8
testing/btest/Baseline/scripts.base.protocols.ssl.basic/ssl.log Normal file
View file

@ -0,0 +1,8 @@
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path ssl
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher server_name session_id subject issuer_subject not_valid_before not_valid_after last_alert
#types time string addr port addr port string string string string string string time time string
1335538392.319381 UWkUyAuUGXf 192.168.1.105 62045 74.125.224.79 443 TLSv10 TLS_ECDHE_RSA_WITH_RC4_128_SHA ssl.gstatic.com - CN=*.gstatic.com,O=Google Inc,L=Mountain View,ST=California,C=US CN=Google Internet Authority,O=Google Inc,C=US 1334102677.000000 1365639277.000000 -