On Thu, Mar 13, 2014 at 00:17 -0700, Bernhard Amann wrote:
> You apparently have to be very careful which EndOfFile function of
> the file analysis framework you call... otherwhise it might try
> to close another file id. This took me quite a while to find.
Can you elaborate? I sens
On Mar 13, 2014, at 2:17 AM, Bernhard Amann wrote:
>You apparently have to be very careful which EndOfFile function of
>the file analysis framework you call... otherwhise it might try
>to close another file id. This took me quite a while to find.
I think that should be the case for
On Mar 13, 2014, at 10:30 AM, Robin Sommer wrote:
> On Thu, Mar 13, 2014 at 00:17 -0700, Bernhard Amann wrote:
>
>>You apparently have to be very careful which EndOfFile function of
>>the file analysis framework you call... otherwhise it might try
>>to close another file id. This to
On Mar 13, 2014, at 7:37 AM, Seth Hall wrote:
>
> On Mar 13, 2014, at 10:30 AM, Robin Sommer wrote:
>
>> On Thu, Mar 13, 2014 at 00:17 -0700, Bernhard Amann wrote:
>>
>>> You apparently have to be very careful which EndOfFile function of
>>> the file analysis framework you call... otherw
On Mar 13, 2014, at 9:45 AM, Bernhard Amann wrote:
> What I did was to call…
>
> file_mgr->DataIn(reinterpret_cast(cert.data()), cert.length(),
>bro_analyzer()->GetAnalyzerTag(), bro_analyzer()->Conn(), ${rec.is_orig});
> file_mgr->EndOfFile(bro_analyzer()->GetAnalyzerTag(), bro_analyzer()-
[
https://bro-tracker.atlassian.net/browse/BIT-1152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Thayer updated BIT-1152:
---
Component/s: (was: Bro)
BroControl
> BroControl version check
> ---
On Mar 13, 2014, at 8:50 AM, Siwek, Jonathan Luke wrote:
>> file_mgr->DataIn(reinterpret_cast(cert.data()), cert.length(),
>> bro_analyzer()->GetAnalyzerTag(), bro_analyzer()->Conn(), ${rec.is_orig});
>> file_mgr->EndOfFile(bro_analyzer()->GetAnalyzerTag(),
>> bro_analyzer()->Conn(), ${rec.is_
On Mar 13, 2014, at 12:54 PM, Bernhard Amann wrote:
> function get_file_handle(c: connection, is_orig: bool): string
> {
> set_session(c);
>
> local depth: count;
>
> if ( is_orig )
> {
> depth = c$ssl$client_depth;
> ++c$ssl$cl
>
>> …even after reading through the how to, I was not quite clear on the fact,
>> that get_file_handle
>> has to always return the same value for the same file. Which is impossible
>> to accomplish in cases
>> like this, because, several certificates are sent over a connection, and you
>> do n
The ping was to quickly notice if a host is down, which iirc ssh
wasn't always able to di (though I don't remember exactly what ssh did
in those cases where it was a problem; too long ago). I'm wondering if
it's worth keeping the ping check even it indeed means the fw needs to
be configured accordi
On Mar 13, 2014, at 2:55 PM, Bernhard Amann wrote:
>>
>>> …even after reading through the how to, I was not quite clear on the fact,
>>> that get_file_handle
>>> has to always return the same value for the same file. Which is impossible
>>> to accomplish in cases
>>> like this, because, sever
[
https://bro-tracker.atlassian.net/browse/BIT-1134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15725#comment-15725
]
Robin Sommer commented on BIT-1134:
---
Merging. I'm suggesting a further change though: what do
[
https://bro-tracker.atlassian.net/browse/BIT-1156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15727#comment-15727
]
Robin Sommer commented on BIT-1156:
---
Yes, this is what I meant; and right: it should be a
[
https://bro-tracker.atlassian.net/browse/BIT-1156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15726#comment-15726
]
Vern Paxson commented on BIT-1156:
--
Does "payload of DNS TXT records" mean that an individual
I believe Seth requested that we remove the ping. In my testing, I
haven't noticed any problems without the ping.
On 03/13/2014 03:15 PM, Robin Sommer wrote:
> The ping was to quickly notice if a host is down, which iirc ssh
> wasn't always able to di (though I don't remember exactly what ssh di
[
https://bro-tracker.atlassian.net/browse/BIT-1154?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15728#comment-15728
]
Robin Sommer commented on BIT-1154:
---
Merged.
The tests are a bit on the weak side though ..
[
https://bro-tracker.atlassian.net/browse/BIT-1148?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robin Sommer updated BIT-1148:
--
Resolution: Merged (was: Fixed)
Status: Closed (was: Merge Request)
> Bug in Connection::Fli
[
https://bro-tracker.atlassian.net/browse/BIT-1154?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15729#comment-15729
]
Robin Sommer commented on BIT-1154:
---
Also, regarding renaming: agree that the Ascii formatter
[
https://bro-tracker.atlassian.net/browse/BIT-1134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robin Sommer updated BIT-1134:
--
Status: Open (was: Merge Request)
> DNS_Mgr::LookupAddr does not respect DNS_FAKE
> -
[
https://bro-tracker.atlassian.net/browse/BIT-1154?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robin Sommer updated BIT-1154:
--
Status: Open (was: Merge Request)
> Formatters restructed in: topic/seth/json-formatter
> ---
[
https://bro-tracker.atlassian.net/browse/BIT-1154?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robin Sommer reassigned BIT-1154:
-
Assignee: (was: Robin Sommer)
> Formatters restructed in: topic/seth/json-formatter
> --
[
https://bro-tracker.atlassian.net/browse/BIT-1150?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15730#comment-15730
]
Bernhard Amann commented on BIT-1150:
-
X509 file analyzer is in the topic/bernhard/file-ana
[
https://bro-tracker.atlassian.net/browse/BIT-1150?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bernhard Amann updated BIT-1150:
Status: Merge Request (was: Open)
> X509 updates
>
>
> Key: BIT-1150
[
https://bro-tracker.atlassian.net/browse/BIT-953?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bernhard Amann updated BIT-953:
---
Status: Merge Request (was: Open)
> SSL Analyzer: return the root CA used to validate a cert
> -
[
https://bro-tracker.atlassian.net/browse/BIT-760?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bernhard Amann updated BIT-760:
---
Status: Merge Request (was: Reopened)
> Lift Server Alternative Name (SAN) field to scripting layer
Open Merge Requests
===
IDComponentReporterAssigneeUpdated
For Version PrioritySummary
--- -- -- --
- --
--
26 matches
Mail list logo
