Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 04:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Remove requestorName parameter of ocsp_request event

Browse source 
This field isn't publicly available via the OpenSSL 1.1 API, not used
in the base scripts, and has no example in the test suit, so removing
it is simpler than trying to support manually parsing it out of the
raw data.
This commit is contained in:
Jon Siwek 2018-06-29 16:15:34 -05:00
parent 2e0edd7416
commit bb55f82809
8 changed files with 13 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/file_analysis/analyzer/x509/OCSP.cc
View file

@ -422,13 +422,10 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
vl->append(GetFile()->GetVal()->Ref());
uint64 version = 0;
GENERAL_NAME* general_name = nullptr;
#if ( OPENSSL_VERSION_NUMBER < 0x10100000L )
if ( req->tbsRequest->version )
version = (uint64)ASN1_INTEGER_get(req->tbsRequest->version);
general_name = req->tbsRequest->requestorName;
#else
version = parse_request_version(req);
// TODO: try to parse out general name ?
@ -438,16 +435,6 @@ void file_analysis::OCSP::ParseRequest(OCSP_REQUEST* req, const char* fid)
BIO *bio = BIO_new(BIO_s_mem());
if ( general_name )
{
GENERAL_NAME_print(bio, general_name);
int len = BIO_read(bio, buf, sizeof(buf));
vl->append(new StringVal(len, buf));
BIO_reset(bio);
}
else
vl->append(new StringVal(0, ""));
mgr.QueueEvent(ocsp_request, vl);
int req_count = OCSP_request_onereq_count(req);