Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fixing the SSL analysis crashes differently.

Browse source
This commit is contained in:
Seth Hall 2011-10-04 14:40:49 -04:00
parent a649be6d9e
commit dc47203cd7
2 changed files with 2 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/policy/protocols/ssl/expiring-certs.bro
View file

@ -36,7 +36,7 @@ export {
event x509_certificate(c: connection, cert: X509, is_server: bool, chain_idx: count, chain_len: count, der_cert: string) &priority=3
{
# If this isn't the host cert or we aren't interested in the server, just return.
if ( chain_idx != 0 || ! addr_matches_host(c$id$resp_h, notify_certs_expiration) )
if ( ! c$ssl?$cert_hash || ! addr_matches_host(c$id$resp_h, notify_certs_expiration) )
return;
if ( cert$not_valid_before > network_time() )

4
scripts/policy/protocols/ssl/known-certs.bro
View file

@ -47,9 +47,7 @@ event bro_init() &priority=5
event x509_certificate(c: connection, cert: X509, is_server: bool, chain_idx: count, chain_len: count, der_cert: string) &priority=3
{
# We aren't tracking client certificates yet.
if ( ! is_server ) return;
# We are also only tracking the primary cert.
if ( chain_idx != 0 ) return;
if ( ! c$ssl?$cert_hash ) return;
local host = c$id$resp_h;
if ( [host, c$ssl$cert_hash] !in certs && addr_matches_host(host, cert_tracking) )