Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 19:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/master' into topic/johanna/config-cluster

Browse source
This commit is contained in:
Johanna Amann 2018-07-18 09:56:01 -07:00
commit da58f9d4a6
83 changed files with 894 additions and 695 deletions
Download patch file Download diff file Expand all files Collapse all files

9
scripts/policy/frameworks/intel/seen/x509.bro
View file

@ -2,9 +2,16 @@
@load base/files/x509
@load ./where-locations
module Intel;
export {
## Enables the extraction of subject alternate names from the X509 SAN DNS field
const enable_x509_ext_subject_alternative_name = T &redef;
}
event x509_ext_subject_alternative_name(f: fa_file, ext: X509::SubjectAlternativeName)
{
if ( ext?$dns )
if ( enable_x509_ext_subject_alternative_name && ext?$dns )
{
for ( i in ext$dns )
Intel::seen([$indicator=ext$dns[i],