mirror of
https://github.com/zeek/zeek.git
synced 2025-10-12 19:48:20 +00:00
Make parsing of ServerKeyExchange work for D(TLS) < 1.2.
Now we only parse the SignatureAndHashalgorithm field in cases where it is present. This change also takes care to respect SCTs, which do include the SignatureAndHashalgorithm in their digitally-signed struct, even when used in protocol versions that do not have the SignatureAndHashalgorithm in the protocols digitally-signed struct. I also added tests to make sure this does indeed work with TLS 1.1 - it turns out that so far we did not have a single TLS 1.1 pcap.
This commit is contained in:
Johanna Amann
parent
fdf8717588
commit
94f55532f2
18 changed files with 163 additions and 17 deletions
6
testing/btest/scripts/base/protocols/ssl/tls1_1.test
Normal file
6
testing/btest/scripts/base/protocols/ssl/tls1_1.test
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
# This tests a normal SSL connection and the log it outputs.
|
||||
|
||||
# @TEST-EXEC: bro -r $TRACES/tls/tls1_1.pcap %INPUT
|
||||
# @TEST-EXEC: btest-diff ssl.log
|
||||
# @TEST-EXEC: btest-diff x509.log
|
||||
# @TEST-EXEC: test ! -f dpd.log
|
||||
Loading…
Add table
Add a link
Reference in a new issue