Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-17 14:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Improved transition into SSL/TLS from RDP.

Browse source
This commit is contained in:
Seth Hall 2015-03-05 16:57:58 -05:00
parent ffdf2a46d7
commit 371cf10c86
2 changed files with 15 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/analyzer/protocol/rdp/rdp-protocol.pac
View file

@ -388,15 +388,19 @@ refine connection RDP_Conn += {
%member{
bool is_encrypted_;
uint32 encryption_method_;
%}
%init{
is_encrypted_ = false;
encryption_method_ = 0;
%}
function go_encrypted(method: uint32): bool
%{
is_encrypted_ = true;
encryption_method_ = method;
if ( rdp_begin_encryption )
{
BifEvent::generate_rdp_begin_encryption(bro_analyzer(),
@ -411,4 +415,9 @@ refine connection RDP_Conn += {
%{
return is_encrypted_;
%}
function encryption_method(): uint32
%{
return encryption_method_;
%}
};