base/protocols/ssl/files.zeek

SSL
Namespace

SSL

Imports

base/files/x509, base/frameworks/files, base/protocols/ssl/main.zeek, base/utils/conn-ids.zeek

Summary

Redefinable Options

SSL::log_include_client_certificate_subject_issuer: bool &redef

Set this to true to include the client certificate subject and issuer in the SSL logfile.

SSL::log_include_server_certificate_subject_issuer: bool &redef

Set this to true to include the server certificate subject and issuer from the SSL log file.

Redefinitions

SSL::Info: record

New Fields

SSL::Info

cert_chain: vector of Files::Info &optional

Chain of certificates offered by the server to validate its complete signing chain.

cert_chain_fps: vector of string &optional &log

An ordered vector of all certificate fingerprints for the certificates offered by the server.

client_cert_chain: vector of Files::Info &optional

Chain of certificates offered by the client to validate its complete signing chain.

client_cert_chain_fps: vector of string &optional &log

An ordered vector of all certificate fingerprints for the certificates offered by the client.

subject: string &log &optional

Subject of the X.509 certificate offered by the server.

issuer: string &log &optional

Issuer of the signer of the X.509 certificate offered by the server.

client_subject: string &log &optional

Subject of the X.509 certificate offered by the client.

client_issuer: string &log &optional

Subject of the signer of the X.509 certificate offered by the client.

sni_matches_cert: bool &log &optional

Set to true if the hostname sent in the SNI matches the certificate.

server_depth: count &default = 0 &optional

Current number of certificates seen from either side.

client_depth: count &default = 0 &optional

Functions

SSL::describe_file: function

Default file describer for SSL.

SSL::get_file_handle: function

Default file handle provider for SSL.

Detailed Interface

Redefinable Options

SSL::log_include_client_certificate_subject_issuer
Type

bool

Attributes

&redef

Default

F

Set this to true to include the client certificate subject and issuer in the SSL logfile. This information is rarely present and probably only interesting in very specific circumstances

SSL::log_include_server_certificate_subject_issuer
Type

bool

Attributes

&redef

Default

F

Set this to true to include the server certificate subject and issuer from the SSL log file. This information is still available in x509.log.

Functions

SSL::describe_file
Type

function (f: fa_file) : string

Default file describer for SSL.

SSL::get_file_handle
Type

function (c: connection, is_orig: bool) : string

Default file handle provider for SSL.