mirror of
https://github.com/zeek/zeek.git
synced 2025-10-16 05:28:20 +00:00
574bcb0a51
This is a very simple XMPP analyzer that basically only can parse the protocol until the client and server start negotiating a TLS session. At that point, the TLS analyzer is attached. While the basic case seems to be working, I fully expect that I missed something and that this might break in a lot of cases.
38 lines
900 B
C++
38 lines
900 B
C++
// See the file "COPYING" in the main distribution directory for copyright.
|
|
|
|
#ifndef ANALYZER_PROTOCOL_XMPP_XMPP_H
|
|
#define ANALYZER_PROTOCOL_XMPP_XMPP_H
|
|
|
|
#include "analyzer/protocol/tcp/TCP.h"
|
|
|
|
#include "xmpp_pac.h"
|
|
|
|
namespace analyzer { namespace xmpp {
|
|
|
|
class XMPP_Analyzer : public tcp::TCP_ApplicationAnalyzer {
|
|
public:
|
|
XMPP_Analyzer(Connection* conn);
|
|
virtual ~XMPP_Analyzer();
|
|
|
|
virtual void Done();
|
|
virtual void DeliverStream(int len, const u_char* data, bool orig);
|
|
virtual void Undelivered(uint64 seq, int len, bool orig);
|
|
|
|
// Overriden from tcp::TCP_ApplicationAnalyzer.
|
|
virtual void EndpointEOF(bool is_orig);
|
|
|
|
void StartTLS();
|
|
|
|
static analyzer::Analyzer* Instantiate(Connection* conn)
|
|
{ return new XMPP_Analyzer(conn); }
|
|
|
|
protected:
|
|
binpac::XMPP::XMPP_Conn* interp;
|
|
bool had_gap;
|
|
|
|
bool tls_active;
|
|
};
|
|
|
|
} } // namespace analyzer::*
|
|
|
|
#endif /* ANALYZER_PROTOCOL_XMPP_XMPP_H */
|