aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

app-layer-ssl: handle all versions above TLSv1.2 as TLSv1.3

Browse Source 
This makes it more likely to log custom versions of TLSv1.3 that
doesn't comply with the draft version numbering.
pull/3532/head
Mats Klepsland 7 years ago
parent 31b87d5f8f
commit ee1de4c812
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/app-layer-ssl.c
Unescape Escape View File

@ -946,7 +946,7 @@ static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state
uint16_t ver = *input << 8 | *(input + 1);
if ((ssl_state->flags & SSL_AL_FLAG_CH_VERSION_EXTENSION) &&
((ver == TLS_VERSION_13) || (((ver >> 8) & 0xff) == 0x7f))) {
(ver > TLS_VERSION_12)) {
ssl_state->flags |= SSL_AL_FLAG_LOG_WITHOUT_CERT;
}

Write Preview
Loading…
Cancel
Save