Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

mysql: Recognize when client/server negotiate SSL

Browse source 
This instantiates the SSL analyzer when the client requests SSL
so that Zeek now has a bit more visibility into encrypted MySQL
connections.

The pattern used is the same as in the IMAP, POP or XMPP analyzer.
This commit is contained in:
Arne Welzel 2023-01-27 11:15:23 +01:00
parent e9caea9694
commit fa48c88533
16 changed files with 144 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/analyzer/protocol/mysql/MySQL.h
View file

@ -25,11 +25,14 @@ public:
// Overridden from analyzer::tcp::TCP_ApplicationAnalyzer.
void EndpointEOF(bool is_orig) override;
void StartTLS();
static analyzer::Analyzer* Instantiate(Connection* conn) { return new MySQL_Analyzer(conn); }
protected:
binpac::MySQL::MySQL_Conn* interp;
bool had_gap;
bool tls_active;
};
} // namespace zeek::analyzer::mysql