[patch] snort with mysql+SSL support

[Ryan Steinmetz <rpsfa () rit edu>]

All,

I've thrown together a quick hack to require SSL use when logging to a mysql database.  I've tested this against 
v2.9.0.5 and it seems to work fine.

A few notes:
-If you are chrooting snort, you'll need to have a devfs mount within the new root as the mysql client libs will want 
access to /dev/urandom.
-If you are chrooting snort, you will also need to have the certificates available within the chrooted environment as 
well.
-Once the patch has been applied, snort will require SSL for all mysql connections.  To disable this you will need to 
revert the patch.
-Certificates must exist in /usr/local/etc/snort/certs and be named as follows:
--ca.pem: The CA's public key
--cert.pem: The client's public key
--key.pem: The client's private key

Ideally, this would be incorporated into future releases and include config knobs to allow for flexibility.

-r

-- 
Ryan Steinmetz
PGP: EF36 D45A 5CA9 28B1 A550  18CD A43C D111 7AD7 FAF2

Attachment: sslpatch.diff
Description:

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a 
definitive record of customers, application performance, security 
threats, fraudulent activity and more. Splunk takes this data and makes 
sense of it. Business sense. IT sense. Common sense.. 
http://p.sf.net/sfu/splunk-d2d-c1

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please see http://www.snort.org/docs for documentation