mirror of
https://github.com/zeek/zeek.git
synced 2025-10-06 08:38:20 +00:00
Basic IMAP StartTLS analyzer.
Parses certificates out of imap connections using StartTLS. Aborts processing if StartTLS is not found.
This commit is contained in:
Johanna Amann
parent
871b340ade
commit
4a5737708c
17 changed files with 331 additions and 0 deletions
9
testing/btest/scripts/base/protocols/imap/starttls.test
Normal file
9
testing/btest/scripts/base/protocols/imap/starttls.test
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
# @TEST-EXEC: bro -b -C -r $TRACES/tls/imap-starttls.pcap %INPUT
|
||||
# @TEST-EXEC: btest-diff conn.log
|
||||
# @TEST-EXEC: btest-diff ssl.log
|
||||
# @TEST-EXEC: btest-diff x509.log
|
||||
|
||||
@load base/protocols/ssl
|
||||
@load base/protocols/conn
|
||||
@load base/frameworks/dpd
|
||||
@load base/protocols/imap
|
||||
Loading…
Add table
Add a link
Reference in a new issue