diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2025-03-27 14:54:49 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-27 14:54:49 +0100 |
| commit | 78ca74cf450b76fe4a6116a39ca0dc3d4a0c9582 (patch) | |
| tree | 5f206fe63af1c3a3d196f818bbceadaac596612b /example/ndpiReader.c | |
| parent | 37a0613b14b36debefc988edcc02011c89149236 (diff) | |
TLS: avoid exporting TLS heuristic fingerprint as metadata (#2783)
Diffstat (limited to 'example/ndpiReader.c')
| -rw-r--r-- | example/ndpiReader.c | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index 1dd905d33..aca59569d 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -239,7 +239,6 @@ struct receiver *receivers = NULL, *topReceivers = NULL; #define WIRESHARK_METADATA_SERVERNAME 0x01 #define WIRESHARK_METADATA_JA4C 0x02 -#define WIRESHARK_METADATA_TLS_HEURISTICS_MATCHING_FINGERPRINT 0x03 struct ndpi_packet_tlv { u_int16_t type; @@ -4790,22 +4789,6 @@ static void ndpi_process_packet(u_char *args, tot_len += 4 + htons(tlv->length); tlv = (struct ndpi_packet_tlv *)&trailer->metadata[tot_len]; } - if(flow->ssh_tls.obfuscated_heur_matching_set.pkts[0] != 0) { - tlv->type = ntohs(WIRESHARK_METADATA_TLS_HEURISTICS_MATCHING_FINGERPRINT); - tlv->length = ntohs(sizeof(struct ndpi_tls_obfuscated_heuristic_matching_set)); - struct ndpi_tls_obfuscated_heuristic_matching_set *s = (struct ndpi_tls_obfuscated_heuristic_matching_set *)tlv->data; - s->bytes[0] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.bytes[0]); - s->bytes[1] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.bytes[1]); - s->bytes[2] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.bytes[2]); - s->bytes[3] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.bytes[3]); - s->pkts[0] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.pkts[0]); - s->pkts[1] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.pkts[1]); - s->pkts[2] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.pkts[2]); - s->pkts[3] = ntohl(flow->ssh_tls.obfuscated_heur_matching_set.pkts[3]); - /* TODO: boundary check */ - tot_len += 4 + htons(tlv->length); - tlv = (struct ndpi_packet_tlv *)&trailer->metadata[tot_len]; - } flow->detection_completed = 2; /* Avoid exporting metadata again. If we really want to have the metadata on Wireshark for *all* |