From 443106dbdb85ed3033db62c631b279e96e47a3fb Mon Sep 17 00:00:00 2001 From: Johanna Amann Date: Wed, 18 Mar 2015 13:25:06 -0700 Subject: [PATCH] a few more small script-level fixes Sorry, forgot to commit these. --- scripts/base/protocols/ssl/files.bro | 4 ++++ scripts/base/protocols/ssl/main.bro | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/base/protocols/ssl/files.bro b/scripts/base/protocols/ssl/files.bro index 65f43ed772..90273639e5 100644 --- a/scripts/base/protocols/ssl/files.bro +++ b/scripts/base/protocols/ssl/files.bro @@ -85,6 +85,10 @@ event bro_init() &priority=5 Files::register_protocol(Analyzer::ANALYZER_SSL, [$get_file_handle = SSL::get_file_handle, $describe = SSL::describe_file]); + + Files::register_protocol(Analyzer::ANALYZER_DTLS, + [$get_file_handle = SSL::get_file_handle, + $describe = SSL::describe_file]); } event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priority=5 diff --git a/scripts/base/protocols/ssl/main.bro b/scripts/base/protocols/ssl/main.bro index 75e41e4077..326d8d374d 100644 --- a/scripts/base/protocols/ssl/main.bro +++ b/scripts/base/protocols/ssl/main.bro @@ -274,7 +274,7 @@ event connection_state_remove(c: connection) &priority=-5 event protocol_confirmation(c: connection, atype: Analyzer::Tag, aid: count) &priority=5 { - if ( atype == Analyzer::ANALYZER_SSL ) + if ( atype == Analyzer::ANALYZER_SSL || atype == Analyzer::ANALYZER_DTLS ) { set_session(c); c$ssl$analyzer_id = aid; @@ -284,6 +284,6 @@ event protocol_confirmation(c: connection, atype: Analyzer::Tag, aid: count) &pr event protocol_violation(c: connection, atype: Analyzer::Tag, aid: count, reason: string) &priority=5 { - if ( c?$ssl && atype == Analyzer::ANALYZER_SSL ) + if ( c?$ssl && ( atype == Analyzer::ANALYZER_SSL || atype == Analyzer::ANALYZER_DTLS ) ) finish(c, T); }