Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 17:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

SSL/TLS: Parse CertificateRequest message

Browse source 
This commit introduces parsing of the CertificateRequest message in the
TLS handshake. It introduces a new event ssl_certificate_request, as
well as a new function parse_distinguished_name, which can be used to
parse part of the ssl_certificate_request event parameters.

This commit also introduces a new policy script, which appends
information about the CAs a TLS server requests in the
CertificateRequest message, if it sends it.
This commit is contained in:
Johanna Amann 2023-03-09 08:20:50 +01:00
parent b73dda5cff
commit b56b856da9
17 changed files with 221 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
testing/btest/scripts/policy/protocols/ssl/certificate-request-info.zeek Normal file
View file

@ -0,0 +1,4 @@
# @TEST-EXEC: zeek -C -r $TRACES/tls/certificate-request-failed.pcap %INPUT
# @TEST-EXEC: btest-diff ssl.log
@load protocols/ssl/certificate-request-info