mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
fix a bug and update baseline
This commit is contained in:
Liang Zhu
parent
01094bfc43
commit
c2f1c428f0
4 changed files with 19 additions and 18 deletions
|
|
@ -363,8 +363,7 @@ function start_log_ocsp(http: HTTP::Info)
|
||||||
$resp_ts = resp_rec$ts,
|
$resp_ts = resp_rec$ts,
|
||||||
$resp = resp_rec,
|
$resp = resp_rec,
|
||||||
$cid = http$id,
|
$cid = http$id,
|
||||||
$cuid = http$uid,
|
$cuid = http$uid];
|
||||||
$method = http$method];
|
|
||||||
|
|
||||||
if ( http?$ocsp_requests && cert_id in http$ocsp_requests )
|
if ( http?$ocsp_requests && cert_id in http$ocsp_requests )
|
||||||
{
|
{
|
||||||
|
|
@ -377,7 +376,7 @@ function start_log_ocsp(http: HTTP::Info)
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if ( http$method == "GET" && ! http$checked_get )
|
if ( http?$method && http$method == "GET" && ! http$checked_get )
|
||||||
{
|
{
|
||||||
http$checked_get = T;
|
http$checked_get = T;
|
||||||
local req_get: OCSP::Request = check_ocsp_request_uri(http);
|
local req_get: OCSP::Request = check_ocsp_request_uri(http);
|
||||||
|
|
@ -393,6 +392,8 @@ function start_log_ocsp(http: HTTP::Info)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if ( http?$method )
|
||||||
|
info_rec$method = http$method;
|
||||||
Log::write(LOG, info_rec);
|
Log::write(LOG, info_rec);
|
||||||
}
|
}
|
||||||
if ( Queue::len(http$ocsp_responses[cert_id]) == 0 )
|
if ( Queue::len(http$ocsp_responses[cert_id]) == 0 )
|
||||||
|
|
|
||||||
|
|
@ -3,8 +3,8 @@
|
||||||
#empty_field (empty)
|
#empty_field (empty)
|
||||||
#unset_field -
|
#unset_field -
|
||||||
#path ocsp
|
#path ocsp
|
||||||
#open 2015-07-06-23-03-35
|
#open 2015-07-15-07-54-54
|
||||||
#fields ts cid.orig_h cid.orig_p cid.resp_h cid.resp_p cuid certId.hashAlgorithm certId.issuerNameHash certId.issuerKeyHash certId.serialNumber req.id req.version req.requestorName resp_ts resp.id resp.responseStatus resp.responseType resp.version resp.responderID resp.producedAt resp.certStatus resp.thisUpdate resp.nextUpdate
|
#fields ts cid.orig_h cid.orig_p cid.resp_h cid.resp_p cuid certId.hashAlgorithm certId.issuerNameHash certId.issuerKeyHash certId.serialNumber req.id req.version req.requestorName resp_ts resp.id resp.responseStatus resp.responseType resp.version resp.responderID resp.producedAt resp.certStatus resp.thisUpdate resp.nextUpdate method
|
||||||
#types time addr port addr port string string string string string string count string time string string string count string string string string string
|
#types time addr port addr port string string string string string string count string time string string string count string string string string string string
|
||||||
1434666864.046145 192.168.6.109 34334 72.167.18.239 80 CXWv6p3arKYeMETxOg sha1 B6080D5F6C6B76EB13E438A5F8660BA85233344E 40C2BD278ECC348330A233D7FB6CB3F0B42C80CE 081C862DC8AAC9 FMbJOe2y5n1E7iSVsg 0 - - - - - - - - - - -
|
1434666864.046145 192.168.6.109 34334 72.167.18.239 80 CXWv6p3arKYeMETxOg sha1 B6080D5F6C6B76EB13E438A5F8660BA85233344E 40C2BD278ECC348330A233D7FB6CB3F0B42C80CE 081C862DC8AAC9 FMbJOe2y5n1E7iSVsg 0 - - - - - - - - - - - POST
|
||||||
#close 2015-07-06-23-03-35
|
#close 2015-07-15-07-54-54
|
||||||
|
|
|
||||||
|
|
@ -3,8 +3,8 @@
|
||||||
#empty_field (empty)
|
#empty_field (empty)
|
||||||
#unset_field -
|
#unset_field -
|
||||||
#path ocsp
|
#path ocsp
|
||||||
#open 2015-07-06-23-05-10
|
#open 2015-07-15-07-55-45
|
||||||
#fields ts cid.orig_h cid.orig_p cid.resp_h cid.resp_p cuid certId.hashAlgorithm certId.issuerNameHash certId.issuerKeyHash certId.serialNumber req.id req.version req.requestorName resp_ts resp.id resp.responseStatus resp.responseType resp.version resp.responderID resp.producedAt resp.certStatus resp.thisUpdate resp.nextUpdate
|
#fields ts cid.orig_h cid.orig_p cid.resp_h cid.resp_p cuid certId.hashAlgorithm certId.issuerNameHash certId.issuerKeyHash certId.serialNumber req.id req.version req.requestorName resp_ts resp.id resp.responseStatus resp.responseType resp.version resp.responderID resp.producedAt resp.certStatus resp.thisUpdate resp.nextUpdate method
|
||||||
#types time addr port addr port string string string string string string count string time string string string count string string string string string
|
#types time addr port addr port string string string string string string count string time string string string count string string string string string string
|
||||||
1434666864.046145 192.168.6.109 34334 72.167.18.239 80 CXWv6p3arKYeMETxOg sha1 B6080D5F6C6B76EB13E438A5F8660BA85233344E 40C2BD278ECC348330A233D7FB6CB3F0B42C80CE 081C862DC8AAC9 FMbJOe2y5n1E7iSVsg 0 - 1434666864.070748 Fb215u2y5byABaV747 successful Basic OCSP Response 0 C = US, ST = Arizona, L = Scottsdale, O = GoDaddy Inc., CN = Go Daddy Validation Authority - G2 20150618220334Z good 20150618220334Z 20150620100334Z
|
1434666864.046145 192.168.6.109 34334 72.167.18.239 80 CXWv6p3arKYeMETxOg sha1 B6080D5F6C6B76EB13E438A5F8660BA85233344E 40C2BD278ECC348330A233D7FB6CB3F0B42C80CE 081C862DC8AAC9 FMbJOe2y5n1E7iSVsg 0 - 1434666864.070748 Fb215u2y5byABaV747 successful Basic OCSP Response 0 C = US, ST = Arizona, L = Scottsdale, O = GoDaddy Inc., CN = Go Daddy Validation Authority - G2 20150618220334Z good 20150618220334Z 20150620100334Z POST
|
||||||
#close 2015-07-06-23-05-10
|
#close 2015-07-15-07-55-45
|
||||||
|
|
|
||||||
|
|
@ -3,8 +3,8 @@
|
||||||
#empty_field (empty)
|
#empty_field (empty)
|
||||||
#unset_field -
|
#unset_field -
|
||||||
#path ocsp
|
#path ocsp
|
||||||
#open 2015-07-06-23-05-43
|
#open 2015-07-15-08-02-35
|
||||||
#fields ts cid.orig_h cid.orig_p cid.resp_h cid.resp_p cuid certId.hashAlgorithm certId.issuerNameHash certId.issuerKeyHash certId.serialNumber req.id req.version req.requestorName resp_ts resp.id resp.responseStatus resp.responseType resp.version resp.responderID resp.producedAt resp.certStatus resp.thisUpdate resp.nextUpdate
|
#fields ts cid.orig_h cid.orig_p cid.resp_h cid.resp_p cuid certId.hashAlgorithm certId.issuerNameHash certId.issuerKeyHash certId.serialNumber req.id req.version req.requestorName resp_ts resp.id resp.responseStatus resp.responseType resp.version resp.responderID resp.producedAt resp.certStatus resp.thisUpdate resp.nextUpdate method
|
||||||
#types time addr port addr port string string string string string string count string time string string string count string string string string string
|
#types time addr port addr port string string string string string string count string time string string string count string string string string string string
|
||||||
1434666864.070748 192.168.6.109 34334 72.167.18.239 80 CXWv6p3arKYeMETxOg sha1 B6080D5F6C6B76EB13E438A5F8660BA85233344E 40C2BD278ECC348330A233D7FB6CB3F0B42C80CE 081C862DC8AAC9 - - - 1434666864.070748 Fb215u2y5byABaV747 successful Basic OCSP Response 0 C = US, ST = Arizona, L = Scottsdale, O = GoDaddy Inc., CN = Go Daddy Validation Authority - G2 20150618220334Z good 20150618220334Z 20150620100334Z
|
1434666864.070748 192.168.6.109 34334 72.167.18.239 80 CXWv6p3arKYeMETxOg sha1 B6080D5F6C6B76EB13E438A5F8660BA85233344E 40C2BD278ECC348330A233D7FB6CB3F0B42C80CE 081C862DC8AAC9 - - - 1434666864.070748 Fb215u2y5byABaV747 successful Basic OCSP Response 0 C = US, ST = Arizona, L = Scottsdale, O = GoDaddy Inc., CN = Go Daddy Validation Authority - G2 20150618220334Z good 20150618220334Z 20150620100334Z -
|
||||||
#close 2015-07-06-23-05-43
|
#close 2015-07-15-08-02-35
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue