Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 05:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

change base scripts to use run-time if's or @if ... &analyze

Browse source
This commit is contained in:
Vern Paxson 2023-05-19 13:26:27 -07:00
parent e749638380
commit 890010915a
30 changed files with 263 additions and 253 deletions
Download patch file Download diff file Expand all files Collapse all files

13
scripts/policy/protocols/ssl/decryption.zeek
View file

@ -41,16 +41,15 @@ export {
global add_secret: event(client_random: string, secrets: string);
}
@if ( keylog_file == "" )
# If a keylog file was given via an environment variable, let's disable secret expiration - that does not
# make sense for pcaps.
global secrets: table[string] of string = {} &redef;
global keys: table[string] of string = {} &redef;
@else
global secrets: table[string] of string = {} &read_expire=secret_expiration &redef;
global keys: table[string] of string = {} &read_expire=secret_expiration &redef;
@endif
@if ( keylog_file != "" ) &analyze
# If a keylog file was given directly (not via an environment variable),
# set up secret expiration (which doesn't make sense for PCAPs).
redef secrets &read_expire=secret_expiration;
redef keys &read_expire=secret_expiration;
@endif
redef record SSL::Info += {
# Decryption uses client_random as identifier