Commit graph

14 commits

Author SHA1 Message Date
Arne Welzel
112e3c1c03 btest: Update tests and baselines after adding ctx to conn_id 2025-07-03 18:19:46 +02:00
Tim Wojtulewicz
35ec9733c0 Add conn.log entries for connections with unhandled IP protocols 2024-11-13 11:25:40 -07:00
Johanna Amann
34225e83ba Update TLS consts, mainly new named curves.
Add test for X25519Kyber768Draft00 (post-quantum key agreement)
2024-05-23 14:50:36 +01:00
Johanna Amann
ff27eb5a69 SSL: Add new extension types and ECH test
This commit adds a multitude of new extension types that were added in
the last few years; it also adds grease values to extensions, curves,
and ciphersuites.

Furthermore, it adds a test that contains a encrypted-client-hello
key-exchange (which uses several extension types that we do not have in
our baseline so far).
2023-10-30 14:19:16 +00:00
Johanna Amann
e7c9fa1f6e SSL: Fix logging of Hello Retry Requests
It turns out that we never logged hello retry requests correctly in the
ssl_history field.

Hello retry requests are (in their final version) signaled by a specific
random value in the server random.

This commit fixes this oversight, and hello retry requests are now
correctly logged as such.
2023-05-03 13:34:48 +01:00
Johanna Amann
6ac158dedd Baseline updates for recent SSL changes. 2021-06-29 15:03:03 +01:00
Johanna Amann
b02f22a667 Change SSL and X.509 logging format
This commit changes the SSL and X.509 logging formats to something that,
hopefully, slowly approaches what they will look like in the future.

X.509 log is not yet deduplicated; this will come in the future.

This commit introduces two new options, which determine if certificate
issuers and subjects are still logged in ssl.log. The default is to have
the host subject/issuer logged, but to remove client-certificate
information. Client-certificates are not a typically used feature
nowadays.
2021-06-29 09:26:43 +01:00
Johanna Amann
3c95c9a956 Fix TLS 1.3 session resumption detection.
Now we detect TLS 1.3 session resumption by looking if both sides have
the PSK extension set, which is much more exact than the previous
approach.
2020-12-15 16:34:47 +00:00
Christian Kreibich
0b674eb851 Baseline refresh to reflect btest 0.64 2020-12-06 20:19:49 -08:00
Tim Wojtulewicz
01207c0720 Fix unit tests for new ordering from NetSessions::Drain 2019-08-21 09:24:02 -04:00
Johanna Amann
86ac468882 support the newer TLS 1.3 key_share extension.
This one adds a separate new case that has to be parsed differently - if
a hello-retry-request is sent, only the namedgroup is sent - without the
additional key material.

Support for the legacy extension is retained.
2019-06-03 14:40:33 +10:00
Johanna Amann
23eb8096fc SSL: test updates for record_layer version
Update the tests to also include the recently included record layer
fields.
2018-08-28 11:02:20 -07:00
Johanna Amann
c05e07cc90 Add record layer version to event ssl_encrypted_data.
This exposes the record layer version of the fragment in addition to the
content type and the length. The ordering of the arguments in the event
is the same as the ordering in the protocol message (first type, then
version, then length).

This also includes a slight change to the analyzer, no longer calling
the generate function if the event is not used.
2017-02-03 13:45:40 -08:00
Johanna Amann
fdef28ce7c TLS 1.3 support.
Well, at least -draft-16, and we don't quite parse all extensions yet
(not that there is that much left to parse).
2016-10-07 12:51:43 -07:00