Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 22:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
8253 commits 386 branches 195 tags 257 MiB
Commit graph

9 commits

Author SHA1 Message Date
Johanna Amann
9594f69598 SSL: Update OCSP/SCT scripts and documentation. 2017-07-27 16:22:40 -07:00
Johanna Amann
9126376581 Revert "add parameter 'status_type' to event ssl_stapled_ocsp" 
This reverts commit 545848d906.

Revert further part of stapled OCSP response handling that probably
never worked.
 2017-07-27 15:12:19 -07:00
Johanna Amann
c670613996 Make OCSP analyzer part of the X.509 analyzer 
This allows the easier integration of shared functionality. And it also
makes logical sense, given that OCSP is not interesting without X.509.
 2017-02-10 17:02:15 -08:00
Liang Zhu
545848d906 add parameter 'status_type' to event ssl_stapled_ocsp 2015-07-08 14:11:14 -07:00
Johanna Amann
897351f87e Extend the weak-keys policy file to also alert when encountering 
ssl connections with old versions as well as unsafe cipher suites.

Also make the notice suppression handling of other ssl policy files
a tad more robust.
 2015-02-25 13:57:04 -08:00
Bernhard Amann
b16322aefb fix expression errors in x509 policy scrips when unparseable data is in certificate chain. 2014-05-21 10:50:31 -07:00
Robin Sommer
ed4cd9352a Merge remote-tracking branch 'origin/topic/bernhard/even-more-ssl-changes' 
Good stuff! (but I admit I didn't look at the OpenSSL code too closely :)

* origin/topic/bernhard/even-more-ssl-changes:
  small test update & script fix
  update baselines & add ocsp leak check
  Add policy script adding ocsp validation to ssl.log
  Implement verification of OCSP replies.
  Add tls flag to smtp.log. Will be set if a connection switched to startls.
  add starttls support for pop3
  Add smtp starttls support
  Replace errors when parsing x509 certs with weirds (as requested by Seth).
  move tls content types from heartbleed to consts.bro. Seems better to put them there...
  Add new features from other branch to the heartbleed-detector (and clean them up).
  Let TLS analyzer fail better when no longer in sync with the data stream. The version field in each record-layer packet is now re-checked.

BIT-1190 #merged

Conflicts:
	testing/btest/Baseline/scripts.policy.misc.dump-events/all-events.log
	testing/btest/Baseline/scripts.policy.misc.dump-events/smtp-events.log
 2014-05-16 14:45:25 -07:00
Bernhard Amann
e749f17821 small test update & script fix 2014-05-16 11:29:47 -07:00
Bernhard Amann
d9e7ac6e92 Add policy script adding ocsp validation to ssl.log 2014-05-16 11:21:26 -07:00