diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2022-10-18 16:40:15 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-18 16:40:15 +0200 |
| commit | 35fdbc81480cdeaafc593fe952b2b28ebccbb0c2 (patch) | |
| tree | 3cc1eaaf1716cb037236eee98725daed592e41f8 /tests/pcap | |
| parent | 223a6fb9f7403b34a93b04f6266db6b6e430782c (diff) | |
TLS: explicit ignore client certificate (#1776)
TLS classification usually stops after processing *server* certificates
(if any). That means, that *client* certificate, if present, is usually
ignored.
However in some corner cases (i.e. unidirectional traffic) we might end
up processing client certificate and exposing its metadata: the issue is
that the application will think that this metadata are about the server
and not about the client.
So, for the time being, always ignore client certificate processing.
As a future work, we might find an efficient way to process and export both
certificates.
Diffstat (limited to 'tests/pcap')
| -rw-r--r-- | tests/pcap/tls_client_certificate_with_missing_server_one.pcapng | bin | 0 -> 6328 bytes |
| -rw-r--r-- | tests/pcap/tls_unidirectional.pcap | bin | 0 -> 15217 bytes |
2 files changed, 0 insertions, 0 deletions
diff --git a/tests/pcap/tls_client_certificate_with_missing_server_one.pcapng b/tests/pcap/tls_client_certificate_with_missing_server_one.pcapng Binary files differnew file mode 100644 index 000000000..40cb1eb30 --- /dev/null +++ b/tests/pcap/tls_client_certificate_with_missing_server_one.pcapng diff --git a/tests/pcap/tls_unidirectional.pcap b/tests/pcap/tls_unidirectional.pcap Binary files differnew file mode 100644 index 000000000..c46674086 --- /dev/null +++ b/tests/pcap/tls_unidirectional.pcap |