[Bro-Dev] #891: topic/jsiwek/gridftp

Bro Tracker bro at tracker.bro-ids.org
Fri Oct 12 10:37:33 PDT 2012

#891: topic/jsiwek/gridftp
  Reporter:  jsiwek         |      Owner:
      Type:  Merge Request  |     Status:  new
  Priority:  Normal         |  Milestone:  Bro2.2
 Component:  Bro            |    Version:  git/master
Resolution:                 |   Keywords:

Comment (by robin):

 Good job, I like seeing the analyzer infrastructure being used as it was
 intended :)


 - The extensions to the SSL analysis store cert/chain information for all
 SSL conntections now. Could that have a significant impact on memory or

 - in {{{ftp/gridftp.bro}}}

 event ssl_established(c: connection) &priority=5
 ········# Add service label to control channels.
 ········if ( "FTP" in c$service )
 ················add c$service["gridftp"];

 Can that condition really only be true for GridFTP sessions?

 - in {{{ssl/main.bro}}}

 {{{ c$ssl = [$ts=network_time(), $uid=c$uid, $id=c$id,
 $cert_chain=vector(), $client_cert_chain=vector()]; }}}

 Is that initialization with {{{vector()}}} still needed? I thought we had
 fixed that a while ago so that containers in records get initialized to an
 empty instance?

Ticket URL: <http://tracker.bro-ids.org/bro/ticket/891#comment:1>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker

More information about the bro-dev mailing list