Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-06 16:48:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/testing
History
Johanna Amann 1ede6bf7fe Add TLS 1.3 fix and testcase. 
It turns out that Chrome supports an experimental mode to support TLS
1.3, which uses a non-standard way to negotiate TLS 1.3 with a server.
This non-standard way to negotiate TLS 1.3 breaks the current draft RFC
and re-uses an extension on the server-side with a different binary
formatting, causing us to throw a binpac exception.

This patch ignores the extension when sent by the server, continuing to
correctly parse the server_hello reply (as far as possible).

From what I can tell this seems to be google working around the fact
that MITM equipment cannot deal with TLS 1.3 server hellos; this change
makes the fact that TLS 1.3 is used completely opaque unless one looks
into a few extensions.

We currently log this as TLS 1.2.
2017-09-09 22:25:49 -07:00
..
btest Add TLS 1.3 fix and testcase. 2017-09-09 22:25:49 -07:00
external Merge remote-tracking branch 'origin/topic/johanna/bit-1612' 2016-07-14 16:26:17 -07:00
scripts Merge remote-tracking branch 'origin/master' into fastpath 2016-10-21 09:35:04 -05:00
.gitignore
Makefile Fix portability issue with use of mktemp 2016-01-28 14:32:22 -06:00
README

README 

This directory contains suites for testing for Bro's correct
operation:

    btest/
        An ever-growing set of small unit tests testing Bro's
        functionality.

    external/
        A framework for downloading additional test sets that run more
        complex Bro configuration on larger traces files. Due to their
        size, these are not included directly. See the README for more
        information. 

    scripts/
        Helpers scripts used by some tests.