Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 02:28:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Recognize TLS 1.3 negotiation correctly.

Browse source 
The way in which TLS 1.3 is negotiated was changed slightly in later
revisions of the standard. The final version is only sent in an
extension - while the version field in the server hello still shows TLS
1.2.

This patch makes ssl.log show the correct version again.
This commit is contained in:
Johanna Amann 2018-03-27 14:58:06 -07:00
parent 961f0dfb25
commit f39efd0317
8 changed files with 57 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
testing/btest/scripts/base/protocols/ssl/tls13-version.test Normal file
View file

@ -0,0 +1,4 @@
# @TEST-EXEC: bro -C -r $TRACES/tls/tls13draft23-chrome67.0.3368.0-canary.pcap %INPUT
# @TEST-EXEC: btest-diff ssl.log
# Test that we correctly parse the version out of the extension in an 1.3 connection