Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix TLS 1.3 session resumption detection.

Browse source 
Now we detect TLS 1.3 session resumption by looking if both sides have
the PSK extension set, which is much more exact than the previous
approach.
This commit is contained in:
Johanna Amann 2020-12-15 16:28:14 +00:00 committed by Johanna Amann
parent 84315b54c3
commit 3c95c9a956
8 changed files with 256 additions and 197 deletions
Download patch file Download diff file Expand all files Collapse all files

2
testing/btest/Baseline/scripts.base.protocols.ssl.tls13-version/ssl.log
View file

@ -7,5 +7,5 @@
#open XXXX-XX-XX-XX-XX-XX
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.86.23 63449 52.32.149.186 443 TLSv13-draft23 TLS_AES_128_GCM_SHA256 x25519 tls13.crypto.mozilla.org T - - T - - - - - -
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.86.23 63449 52.32.149.186 443 TLSv13-draft23 TLS_AES_128_GCM_SHA256 x25519 tls13.crypto.mozilla.org F - - T - - - - - -
#close XXXX-XX-XX-XX-XX-XX