zeek/scripts/base/protocols/ssl at bea3075c1fcc54dfad7db0f345a2c027d15e3f32 - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

History

Johanna Amann bea3075c1f TLS analyzer: change logic to track TLS 1.3 connection establishment This commit changes the logic that is used to tracks connection establishment - and moves it from scriptland into the core. TLS 1.3 connection establishment is much more finnicky for us than the establishment of earlier versions - since we cannot rely on the CCS message anymore (which is meaningless and not sent in a lot of cases). With this commit, the ssl_encrypted_data message gets raised for encrypted TLS 1.3 handshake messages - which is much more correct than the behavior before that just interpreted them as plaintext messages. I will refine this a bit more - at the moment the connection established event happens a bit too early - earlier than TLS 1.3 connections actually can be estasblished. Part of GH-1323		2020-12-14 19:51:05 +00:00
..
__load__.zeek	Rename all scripts to have ".zeek" file extension	2019-04-11 21:12:40 -05:00
consts.zeek	update SSL consts from TLS 1.3	2019-04-22 22:57:45 +02:00
ct-list.zeek	Update Mozilla Root Store	2020-12-09 21:46:32 +00:00
dpd.sig	SSL: update dpd signature for TLS1.3	2017-04-05 08:58:08 -07:00
files.zeek	Fix warning when reading files from non-network sources	2020-01-14 10:53:02 -05:00
main.zeek	TLS analyzer: change logic to track TLS 1.3 connection establishment	2020-12-14 19:51:05 +00:00
mozilla-ca-list.zeek	Update Mozilla Root Store	2020-12-09 21:46:32 +00:00
README	SSL: Update OCSP/SCT scripts and documentation.	2017-07-27 16:22:40 -07:00

Support for Secure Sockets Layer (SSL)/Transport Layer Security(TLS) protocol analysis.