Mirror/zeek - git.uphillsecurity.com: We code.

Mirror/zeek

Fork 0

mirror of https://github.com/zeek/zeek.git synced 2025-10-03 07:08:19 +00:00

Commit graph

Author	SHA1	Message	Date
Robin Sommer	7344052b50	Changing what's escaped when printing. With this patch the model is: - "print" cleans the data so that non-printable characters get escaped. This is not necessarily reversible. - to print in a reversible way, one can go through escape_string(); this escapes backslashes as well to make the decoding non-ambigious. - Logging always escapes similar to escape_string(), making it reversible. Compared to master, we also change the escaping as follows: - We now only escape with "\xXX", no more "^X" or "\0". Exception: backslashes. - We escape backlashes as "\\". - There's no "alternative" output style anymore, i.e., fmt() '%A' qualifier is gone. Baselines in testing/btest are updated, external tests not yet. Addresses BIT-1333.	2015-04-15 16:59:50 -07:00
Bernhard Amann	4b63b30901	Fix x509-extension test sometimes failing. For some fields, the format apparently is not consistens over OpenSSL versions. For the test, we simply skip those.	2014-02-05 10:01:51 -08:00
Bernhard Amann	6d73b8c57e	Fix x509_extension event. The event now really returns the extension. If openssl supports printing it, it is converted into the openssl ascii output. The output does not always look pretty because it can contain newlines. New event syntax: event x509_extension(c: connection, is_orig: bool, cert:X509, extension: X509_extension_info) Example output for extension: [name=X509v3 Extended Key Usage, short_name=extendedKeyUsage, oid=2.5.29.37, critical=F, value=TLS Web Server Authentication, TLS Web Client Authentication] [name=X509v3 Certificate Policies, short_name=certificatePolicies, oid=2.5.29.32, critical=F, value=Policy: 1.3.6.1.4.1.6449.1.2.1.3.4^J CPS: https://secure.comodo.com/CPS^J]	2014-01-27 10:24:57 -08:00

Author

SHA1

Message

Date

Robin Sommer

7344052b50

Changing what's escaped when printing.

With this patch the model is:

    - "print" cleans the data so that non-printable characters get
      escaped. This is not necessarily reversible.

    - to print in a reversible way, one can go through
      escape_string(); this escapes backslashes as well to make the
      decoding non-ambigious.

    - Logging always escapes similar to escape_string(), making it
      reversible.

Compared to master, we also change the escaping as follows:

    - We now only escape with "\xXX", no more "^X" or "\0". Exception:
      backslashes.

    - We escape backlashes as "\\".

    - There's no "alternative" output style anymore, i.e., fmt() '%A'
      qualifier is gone.

Baselines in testing/btest are updated, external tests not yet.

Addresses BIT-1333.

2015-04-15 16:59:50 -07:00

Bernhard Amann

4b63b30901

Fix x509-extension test sometimes failing.

For some fields, the format apparently is not consistens over
OpenSSL versions. For the test, we simply skip those.

2014-02-05 10:01:51 -08:00

Bernhard Amann

6d73b8c57e

Fix x509_extension event.

The event now really returns the extension. If openssl supports printing
it, it is converted into the openssl ascii output.

The output does not always look pretty because it can contain newlines.

New event syntax:
event x509_extension(c: connection, is_orig: bool, cert:X509, extension: X509_extension_info)

Example output for extension:
  [name=X509v3 Extended Key Usage,
    short_name=extendedKeyUsage,
    oid=2.5.29.37,
    critical=F,
    value=TLS Web Server Authentication, TLS Web Client Authentication]
  [name=X509v3 Certificate Policies,
   short_name=certificatePolicies,
   oid=2.5.29.32,
   critical=F,
   value=Policy: 1.3.6.1.4.1.6449.1.2.1.3.4^J  CPS: https://secure.comodo.com/CPS^J]

2014-01-27 10:24:57 -08:00

3 commits