[Bro-Dev] #891: topic/jsiwek/gridftp
Bro Tracker
bro at tracker.bro-ids.org
Fri Oct 12 10:37:33 PDT 2012
#891: topic/jsiwek/gridftp
----------------------------+------------------------
Reporter: jsiwek | Owner:
Type: Merge Request | Status: new
Priority: Normal | Milestone: Bro2.2
Component: Bro | Version: git/master
Resolution: | Keywords:
----------------------------+------------------------
Comment (by robin):
Good job, I like seeing the analyzer infrastructure being used as it was
intended :)
Questions:
- The extensions to the SSL analysis store cert/chain information for all
SSL conntections now. Could that have a significant impact on memory or
CPU?
- in {{{ftp/gridftp.bro}}}
{{{
event ssl_established(c: connection) &priority=5
········{
········# Add service label to control channels.
········if ( "FTP" in c$service )
················add c$service["gridftp"];
········}
}}}
Can that condition really only be true for GridFTP sessions?
- in {{{ssl/main.bro}}}
{{{ c$ssl = [$ts=network_time(), $uid=c$uid, $id=c$id,
$cert_chain=vector(), $client_cert_chain=vector()]; }}}
Is that initialization with {{{vector()}}} still needed? I thought we had
fixed that a while ago so that containers in records get initialized to an
empty instance?
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/891#comment:1>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list