mirror of
https://github.com/zeek/zeek.git
synced 2025-10-13 03:58:20 +00:00
Implement correct parsing of TLS record fragmentation.
Finally. Our test-case is a >400kb certificate with 10,000 alternative names. :)
This commit is contained in:
Johanna Amann
parent
47de906612
commit
ba27bb54d4
11 changed files with 37 additions and 40 deletions
12
testing/btest/scripts/base/protocols/ssl/fragment.test
Normal file
12
testing/btest/scripts/base/protocols/ssl/fragment.test
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
# Test a heavily fragmented tls connection
|
||||
|
||||
# @TEST-EXEC: cat $TRACES/tls/tls-fragmented-handshake.pcap.gz | gunzip | bro -r - %INPUT
|
||||
# @TEST-EXEC: btest-diff ssl.log
|
||||
# @TEST-EXEC: btest-diff .stdout
|
||||
|
||||
# Certificate has 10,000 alternative names :)
|
||||
event x509_ext_subject_alternative_name(f: fa_file, ext: X509::SubjectAlternativeName)
|
||||
{
|
||||
print |ext$dns|;
|
||||
}
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue