Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 23:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Deprecation and warning fixes

Browse source
This commit is contained in:
Johanna Amann 2022-01-05 10:41:55 +00:00
parent 9e5c4ae700
commit f77213ba66
3 changed files with 8 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/analyzer/protocol/ssl/SSL.cc
View file

@ -189,7 +189,8 @@ bool SSL_Analyzer::TLS12_PRF(const std::string& secret, const std::string& label
#if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) #if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
// setup OSSL_PARAM array: digest, secret, seed // setup OSSL_PARAM array: digest, secret, seed
// FIXME: sha384 should not be hardcoded // FIXME: sha384 should not be hardcoded
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, SN_sha384, strlen(SN_sha384)); // The const-cast is a bit ugly - but otherwise we have to copy the static string.
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, const_cast<char*>(SN_sha384), 0);
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET, (void*)secret.data(), *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SECRET, (void*)secret.data(),
secret.size()); secret.size());
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED, (void*)seed.data(), seed.size()); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED, (void*)seed.data(), seed.size());

6
src/analyzer/protocol/ssl/ssl-analyzer.pac
View file

@ -14,11 +14,11 @@ refine connection SSL_Conn += {
%{ %{
if ( ! version_ok(version) ) if ( ! version_ok(version) )
{ {
zeek_analyzer()->ProtocolViolation(zeek::util::fmt("unsupported client SSL version 0x%04x", version)); zeek_analyzer()->AnalyzerViolation(zeek::util::fmt("unsupported client SSL version 0x%04x", version));
zeek_analyzer()->SetSkip(true); zeek_analyzer()->SetSkip(true);
} }
else else
zeek_analyzer()->ProtocolConfirmation(); zeek_analyzer()->AnalyzerConfirmation();
if ( ssl_client_hello ) if ( ssl_client_hello )
{ {
@ -69,7 +69,7 @@ refine connection SSL_Conn += {
%{ %{
if ( ! version_ok(version) ) if ( ! version_ok(version) )
{ {
zeek_analyzer()->ProtocolViolation(zeek::util::fmt("unsupported server SSL version 0x%04x", version)); zeek_analyzer()->AnalyzerViolation(zeek::util::fmt("unsupported server SSL version 0x%04x", version));
zeek_analyzer()->SetSkip(true); zeek_analyzer()->SetSkip(true);
} }

6
src/analyzer/protocol/ssl/tls-handshake-analyzer.pac
View file

@ -37,11 +37,11 @@ refine connection Handshake_Conn += {
%{ %{
if ( ! version_ok(version) ) if ( ! version_ok(version) )
{ {
zeek_analyzer()->ProtocolViolation(zeek::util::fmt("unsupported client SSL version 0x%04x", version)); zeek_analyzer()->AnalyzerViolation(zeek::util::fmt("unsupported client SSL version 0x%04x", version));
zeek_analyzer()->SetSkip(true); zeek_analyzer()->SetSkip(true);
} }
else else
zeek_analyzer()->ProtocolConfirmation(); zeek_analyzer()->AnalyzerConfirmation();
if ( ssl_client_hello ) if ( ssl_client_hello )
{ {
@ -94,7 +94,7 @@ refine connection Handshake_Conn += {
%{ %{
if ( ! version_ok(version) ) if ( ! version_ok(version) )
{ {
zeek_analyzer()->ProtocolViolation(zeek::util::fmt("unsupported server SSL version 0x%04x", version)); zeek_analyzer()->AnalyzerViolation(zeek::util::fmt("unsupported server SSL version 0x%04x", version));
zeek_analyzer()->SetSkip(true); zeek_analyzer()->SetSkip(true);
} }