mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
94f55532f2
Now we only parse the SignatureAndHashalgorithm field in cases where it is present. This change also takes care to respect SCTs, which do include the SignatureAndHashalgorithm in their digitally-signed struct, even when used in protocol versions that do not have the SignatureAndHashalgorithm in the protocols digitally-signed struct. I also added tests to make sure this does indeed work with TLS 1.1 - it turns out that so far we did not have a single TLS 1.1 pcap.
6 lines
213 B
Text
6 lines
213 B
Text
# This tests a normal SSL connection and the log it outputs.
|
|
|
|
# @TEST-EXEC: bro -r $TRACES/tls/tls1_1.pcap %INPUT
|
|
# @TEST-EXEC: btest-diff ssl.log
|
|
# @TEST-EXEC: btest-diff x509.log
|
|
# @TEST-EXEC: test ! -f dpd.log
|