Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 08:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix circular reference problem and a few other small things.

Browse source 
SSL::Info now holds a reference to Files::Info instead of the
fa_files record.

Everything should work now, if everyone thinks that the interface is
ok I will update the test baselines in a bit.

addresses BIT-953, BIT-760
This commit is contained in:
Bernhard Amann 2014-03-04 05:29:04 -08:00
parent 110d9fbd6a
commit 7eb6b5133e
8 changed files with 24 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

26
scripts/base/files/x509/main.bro
View file

@ -39,7 +39,7 @@ event bro_init() &priority=5
Log::create_stream(X509::LOG, [$columns=Info, $ev=log_x509]);
}
redef record fa_file += {
redef record Files::Info += {
## Information about X509 certificates. This is used to keep
## certificate information until all events have been received.
x509: X509::Info &optional;
@ -47,31 +47,31 @@ redef record fa_file += {
event x509_certificate(f: fa_file, cert_ref: opaque of x509, cert: X509::Certificate) &priority=5
{
f$x509 = [$id=f$id, $certificate=cert, $handle=cert_ref];
f$info$x509 = [$id=f$id, $certificate=cert, $handle=cert_ref];
}
event x509_extension(f: fa_file, ext: X509::Extension) &priority=5
{
if ( f?$x509 )
f$x509$extensions[|f$x509$extensions|] = ext;
if ( f$info?$x509 )
f$info$x509$extensions[|f$info$x509$extensions|] = ext;
}
event x509_ext_basic_constraints(f: fa_file, ext: X509::BasicConstraints) &priority=5
{
if ( f?$x509 )
f$x509$basic_constraints = ext;
if ( f$info?$x509 )
f$info$x509$basic_constraints = ext;
}
event x509_ext_subject_alternative_name(f: fa_file, names: string_vec) &priority=5
{
if ( f?$x509 )
f$x509$san = names;
if ( f$info?$x509 )
f$info$x509$san = names;
}
event file_state_remove(f: fa_file)
event file_state_remove(f: fa_file) &priority=5
{
if ( f?$x509 )
{
Log::write(LOG, f$x509);
}
if ( ! f$info?$x509 )
return;
Log::write(LOG, f$info$x509);
}

9
scripts/base/protocols/ssl/files.bro
View file

@ -1,6 +1,7 @@
@load ./main
@load base/utils/conn-ids
@load base/frameworks/files
@load base/files/x509
module SSL;
@ -8,7 +9,7 @@ export {
redef record Info += {
## Chain of certificates offered by the server to validate its
## complete signing chain.
cert_chain: vector of fa_file &optional;
cert_chain: vector of Files::Info &optional;
## An ordered vector of all certicate file unique IDs for the
## certificates offered by the server.
@ -16,7 +17,7 @@ export {
## Chain of certificates offered by the client to validate its
## complete signing chain.
client_cert_chain: vector of fa_file &optional;
client_cert_chain: vector of Files::Info &optional;
## An ordered vector of all certicate file unique IDs for the
## certificates offered by the client.
@ -80,12 +81,12 @@ event file_over_new_connection(f: fa_file, c: connection, is_orig: bool) &priori
if ( is_orig )
{
c$ssl$client_cert_chain[|c$ssl$client_cert_chain|] = f;
c$ssl$client_cert_chain[|c$ssl$client_cert_chain|] = f$info;
c$ssl$client_cert_chain_fuids[|c$ssl$client_cert_chain_fuids|] = f$id;
}
else
{
c$ssl$cert_chain[|c$ssl$cert_chain|] = f;
c$ssl$cert_chain[|c$ssl$cert_chain|] = f$info;
c$ssl$cert_chain_fuids[|c$ssl$cert_chain_fuids|] = f$id;
}