Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 17:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add simple XMPP StartTLS analyzer.

Browse source 
This is a very simple XMPP analyzer that basically only can parse the
protocol until the client and server start negotiating a TLS session. At
that point, the TLS analyzer is attached.

While the basic case seems to be working, I fully expect that I missed
something and that this might break in a lot of cases.
This commit is contained in:
Johanna Amann 2015-07-21 11:57:16 -07:00
parent 748450c61f
commit 574bcb0a51
17 changed files with 314 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
testing/btest/scripts/base/protocols/xmpp/starttls.test Normal file
View file

@ -0,0 +1,9 @@
# @TEST-EXEC: bro -C -b -r $TRACES/tls/xmpp-starttls.pcap %INPUT
# @TEST-EXEC: btest-diff conn.log
# @TEST-EXEC: btest-diff ssl.log
# @TEST-EXEC: btest-diff x509.log
@load base/protocols/conn
@load base/frameworks/dpd
@load base/protocols/ssl
@load base/protocols/xmpp