Feature #807
closed
Implement CONNECT support
Added by Eric Leblond about 11 years ago.
Updated over 6 years ago.
Description
When using a proxy for HTTPS, the CONNECT keyword is used to open the connection to the peer. Suricata is currently not seeing the TLS exchange because it does not switch the flow applayer to TLS after seeing this keyword.
- Target version set to TBD
Currently in our HTP glue layer we do detect when a CONNECT tunnel is in place, but we silently ignore it in HTTP parsing. So an implementation should probably hook into this.
- Target version changed from TBD to 3.0RC2
- Status changed from New to Assigned
- Assignee set to Eric Leblond
- Target version changed from 3.0RC2 to 2.1beta2
- Target version changed from 2.1beta2 to 2.1beta3
- Target version changed from 2.1beta3 to 2.1beta4
- Target version changed from 2.1beta4 to 3.0RC1
- Target version changed from 3.0RC1 to 70
- Status changed from Assigned to Closed
- Assignee deleted (
Eric Leblond)
- Target version deleted (
70)
This has been implemented since in 4.0.
Also available in: Atom
PDF