Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 16:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Added session ID to the SSL logging.

Browse source
This commit is contained in:
Seth Hall 2011-09-20 13:59:22 -04:00
parent 16eafb771f
commit f53d5fe0b9
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
scripts/base/protocols/ssl/main.bro
View file

@ -12,6 +12,7 @@ export {
version: string &log &optional;
cipher: string &log &optional;
server_name: string &log &optional;
session_id: string &log &optional;
subject: string &log &optional;
not_valid_before: time &log &optional;
not_valid_after: time &log &optional;
@ -87,6 +88,10 @@ function finish(c: connection)
event ssl_client_hello(c: connection, version: count, possible_ts: time, session_id: string, ciphers: count_set) &priority=5
{
set_session(c);
# Save the session_id if there is one set.
if ( session_id != /^\x00{32}$/ )
c$ssl$session_id = bytestring_to_hexstr(session_id);
}
event ssl_server_hello(c: connection, version: count, possible_ts: time, session_id: string, cipher: count, comp_method: count) &priority=5