Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 02:28:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

parse out extension. One event for general extensions (just returns the

Browse source 
openssl-parsed string-value), one event for basicconstraints (is a certificate
a CA or not) and one event for subject-alternative-names (only DNS parts).
This commit is contained in:
Bernhard Amann 2013-09-19 14:35:11 -07:00
parent e5a589dbfe
commit df552ca87d
9 changed files with 202 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

22
scripts/base/init-bare.bro
View file

@ -2736,9 +2736,27 @@ export {
key_length: count &optional; ##< key-length in bits
exponent: string &optional; ##< exponent, if RSA-certificate
curve: string &optional; ##< curve, if EC-certificate
ca: bool &optional; ##< indicates the CA value in the X509v3 BasicConstraints extension
path_len: count &optional; ##< indicates the path_length value in the X509v3 BasicConstraints extension
#ca: bool &optional; ##< indicates the CA value in the X509v3 BasicConstraints extension
#path_len: count &optional; ##< indicates the path_length value in the X509v3 BasicConstraints extension
};
type X509::Extension: record {
name: string; ##< long name of extension. oid if name not known
short_name: string &optional; ##< short name of extension if known.
oid: string; ##< oid of extension
critical: bool; ##< true if extension is critical
value: string; ##< extension content parsed to string for known extensions. Raw data otherwise.
};
type X509::BasicConstraints: record {
ca: bool; ##< CA flag set?
path_len: count &optional;
};
type X509::SubjectAlternativeName: record {
names: vector of string;
};
}
module SOCKS;