diff options
| author | Luca <deri@ntop.org> | 2020-01-02 07:37:03 +0100 |
|---|---|---|
| committer | Luca <deri@ntop.org> | 2020-01-02 07:37:03 +0100 |
| commit | 8b01056b21905d4ad466aa74f7673ed06f66a64b (patch) | |
| tree | ffe0b8599c94e2cf665bc879ad2f5ed9a633a1d9 | |
| parent | f6c7a33177d4db9c7fdac054b8b0e26f99715c28 (diff) | |
Renamed TLS requested server name
| -rw-r--r-- | example/reader_util.c | 8 | ||||
| -rw-r--r-- | example/reader_util.h | 2 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 2 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 8 | ||||
| -rw-r--r-- | src/lib/ndpi_utils.c | 3 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 5 |
6 files changed, 16 insertions, 12 deletions
diff --git a/example/reader_util.c b/example/reader_util.c index 57286cb0f..79104ea91 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -1017,7 +1017,8 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl snprintf(flow->telnet.username, sizeof(flow->telnet.username), "%s", flow->ndpi_flow->protos.telnet.username); snprintf(flow->telnet.password, sizeof(flow->telnet.password), "%s", flow->ndpi_flow->protos.telnet.password); } else if(is_ndpi_proto(flow, NDPI_PROTOCOL_SSH)) { - snprintf(flow->ssh_tls.client_info, sizeof(flow->ssh_tls.client_info), "%s", + snprintf(flow->ssh_tls.client_requested_server_name, + sizeof(flow->ssh_tls.client_requested_server_name), "%s", flow->ndpi_flow->protos.ssh.client_signature); snprintf(flow->ssh_tls.server_info, sizeof(flow->ssh_tls.server_info), "%s", flow->ndpi_flow->protos.ssh.server_signature); @@ -1032,8 +1033,9 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl || (flow->ndpi_flow->protos.stun_ssl.ssl.ja3_client[0] != '\0') ) { flow->ssh_tls.ssl_version = flow->ndpi_flow->protos.stun_ssl.ssl.ssl_version; - snprintf(flow->ssh_tls.client_info, sizeof(flow->ssh_tls.client_info), "%s", - flow->ndpi_flow->protos.stun_ssl.ssl.client_certificate); + snprintf(flow->ssh_tls.client_requested_server_name, + sizeof(flow->ssh_tls.client_requested_server_name), "%s", + flow->ndpi_flow->protos.stun_ssl.ssl.client_requested_server_name); if(flow->ndpi_flow->protos.stun_ssl.ssl.server_names_len > 0) flow->ssh_tls.server_names = ndpi_strdup(flow->ndpi_flow->protos.stun_ssl.ssl.server_names); diff --git a/example/reader_util.h b/example/reader_util.h index d4f638d0b..6fd1880e5 100644 --- a/example/reader_util.h +++ b/example/reader_util.h @@ -195,7 +195,7 @@ typedef struct ndpi_flow_info { struct { u_int16_t ssl_version; - char client_info[64], server_info[64], + char client_requested_server_name[64], server_info[64], client_hassh[33], server_hassh[33], *server_names, server_organization[64], ja3_client[33], ja3_server[33], diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index ba00185ea..bbfc76d18 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1220,7 +1220,7 @@ struct ndpi_flow_struct { struct { struct { u_int16_t ssl_version, server_names_len; - char client_certificate[64], *server_names, server_organization[64]; + char client_requested_server_name[64], *server_names, server_organization[64]; u_int32_t notBefore, notAfter; char ja3_client[33], ja3_server[33]; u_int16_t server_cipher; diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index c5269171c..fc9eaf9ef 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -4219,7 +4219,7 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st || (flow->guessed_protocol_id == NDPI_PROTOCOL_WHATSAPP_CALL)) ndpi_set_detected_protocol(ndpi_str, flow, flow->guessed_protocol_id, NDPI_PROTOCOL_UNKNOWN); else if((flow->l4.tcp.tls.hello_processed == 1) - && (flow->protos.stun_ssl.ssl.client_certificate[0] != '\0')) { + && (flow->protos.stun_ssl.ssl.client_requested_server_name[0] != '\0')) { ndpi_set_detected_protocol(ndpi_str, flow, NDPI_PROTOCOL_TLS, NDPI_PROTOCOL_UNKNOWN); } else { if((flow->guessed_protocol_id == NDPI_PROTOCOL_UNKNOWN) @@ -4620,11 +4620,11 @@ void ndpi_fill_protocol_category(struct ndpi_detection_module_struct *ndpi_str, } } - if(flow->protos.stun_ssl.ssl.client_certificate[0] != '\0') { + if(flow->protos.stun_ssl.ssl.client_requested_server_name[0] != '\0') { unsigned long id; int rc = ndpi_match_custom_category(ndpi_str, - (char *)flow->protos.stun_ssl.ssl.client_certificate, - strlen(flow->protos.stun_ssl.ssl.client_certificate), + (char *)flow->protos.stun_ssl.ssl.client_requested_server_name, + strlen(flow->protos.stun_ssl.ssl.client_requested_server_name), &id); if(rc == 0) { diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index 6979d099c..2e7fe4966 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -1043,7 +1043,8 @@ int ndpi_flow2json(struct ndpi_detection_module_struct *ndpi_struct, if(!unknown_tls_version) { ndpi_serialize_start_of_block(serializer, "tls"); ndpi_serialize_string_string(serializer, "version", version); - ndpi_serialize_string_string(serializer, "client_cert", flow->protos.stun_ssl.ssl.client_certificate); + ndpi_serialize_string_string(serializer, "client_requested_server_name", + flow->protos.stun_ssl.ssl.client_requested_server_name); if(flow->protos.stun_ssl.ssl.server_names) ndpi_serialize_string_string(serializer, "server_names", flow->protos.stun_ssl.ssl.server_names); ndpi_serialize_string_string(serializer, "issuer", flow->protos.stun_ssl.ssl.server_organization); diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index 1130eb7fe..a73cc2976 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -987,8 +987,9 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, cleanupServerName(buffer, sizeof(buffer)); - snprintf(flow->protos.stun_ssl.ssl.client_certificate, - sizeof(flow->protos.stun_ssl.ssl.client_certificate), "%s", buffer); + snprintf(flow->protos.stun_ssl.ssl.client_requested_server_name, + sizeof(flow->protos.stun_ssl.ssl.client_requested_server_name), + "%s", buffer); if(ndpi_match_hostname_protocol(ndpi_struct, flow, NDPI_PROTOCOL_TLS, buffer, strlen(buffer))) flow->l4.tcp.tls.subprotocol_detected = 1; |