[Bro-Dev] #953: SSL Analyzer: return the root CA used to validate a cert
Bro Tracker
bro at tracker.bro-ids.org
Wed Mar 6 13:25:33 PST 2013
#953: SSL Analyzer: return the root CA used to validate a cert
------------------------------+------------------------------------
Reporter: liamrandall | Owner: amannb
Type: Feature Request | Status: assigned
Priority: Low | Milestone: Bro2.2
Component: Bro | Version: git/master
Resolution: | Keywords: SSL Analyzer, Root, CA
------------------------------+------------------------------------
Comment (by amannb):
The branch topic/bernhard/ticket-953 changes the x509_verify bif.
Instead of just returning the error code, it now returns a record
containing
* the openssl error code
* ascii description of the code
* the full used chain, in case chain resolution was successful, as a
vector of string.
At the moment, the individual certificates returned in the vector are not
parsed -- for blacklist lookups that is not really necessary (and at the
moment there also is no way to feed the certificates back into the bro
x509 parsing code, which is in the ssl analyzer).
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/953#comment:3>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list