diff options
| author | Nardi Ivan <nardi.ivan@gmail.com> | 2023-10-03 20:22:31 +0200 |
|---|---|---|
| committer | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-10-11 15:15:20 +0200 |
| commit | 4a0eda69ad9755aa6f922a2c786b3bf93c777f77 (patch) | |
| tree | 863d2782d3315be8f5c90e6dd98a11b9838f93af /example | |
| parent | a76b9d151f58e000980abffc29b0192b08c5bb4e (diff) | |
QUIC: export QUIC version as metadata
Diffstat (limited to 'example')
| -rw-r--r-- | example/ndpiReader.c | 9 | ||||
| -rw-r--r-- | example/reader_util.c | 1 | ||||
| -rw-r--r-- | example/reader_util.h | 2 |
3 files changed, 10 insertions, 2 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index 3601978c0..182c82772 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -868,7 +868,7 @@ void printCSVHeader() { /* Flow info */ fprintf(csv_fp, "server_info,"); - fprintf(csv_fp, "tls_version,ja3c,tls_client_unsafe,"); + fprintf(csv_fp, "tls_version,quic_version,ja3c,tls_client_unsafe,"); fprintf(csv_fp, "ja3s,tls_server_unsafe,"); fprintf(csv_fp, "advertised_alpns,negotiated_alpn,tls_supported_versions,"); #if 0 @@ -1499,6 +1499,7 @@ static void printFlow(u_int32_t id, struct ndpi_flow_info *flow, u_int16_t threa u_int8_t known_tls; char buf[32], buf1[64]; char buf_ver[16]; + char buf2_ver[16]; char l4_proto_name[32]; u_int i; @@ -1562,8 +1563,9 @@ static void printFlow(u_int32_t id, struct ndpi_flow_info *flow, u_int16_t threa fprintf(csv_fp, "%s,", (flow->ssh_tls.server_info[0] != '\0') ? flow->ssh_tls.server_info : ""); - fprintf(csv_fp, "%s,%s,%s,%s,%s,", + fprintf(csv_fp, "%s,%s,%s,%s,%s,%s,", (flow->ssh_tls.ssl_version != 0) ? ndpi_ssl_version2str(buf_ver, sizeof(buf_ver), flow->ssh_tls.ssl_version, &known_tls) : "0", + (flow->ssh_tls.quic_version != 0) ? ndpi_quic_version2str(buf2_ver, sizeof(buf2_ver), flow->ssh_tls.quic_version) : "0", (flow->ssh_tls.ja3_client[0] != '\0') ? flow->ssh_tls.ja3_client : "", (flow->ssh_tls.ja3_client[0] != '\0') ? is_unsafe_cipher(flow->ssh_tls.client_unsafe_cipher) : "0", (flow->ssh_tls.ja3_server[0] != '\0') ? flow->ssh_tls.ja3_server : "", @@ -1882,6 +1884,9 @@ static void printFlow(u_int32_t id, struct ndpi_flow_info *flow, u_int16_t threa if(flow->ssh_tls.ssl_version != 0) fprintf(out, "[%s]", ndpi_ssl_version2str(buf_ver, sizeof(buf_ver), flow->ssh_tls.ssl_version, &known_tls)); + if(flow->ssh_tls.quic_version != 0) fprintf(out, "[QUIC ver: %s]", ndpi_quic_version2str(buf_ver, sizeof(buf_ver), + flow->ssh_tls.quic_version)); + if(flow->ssh_tls.client_hassh[0] != '\0') fprintf(out, "[HASSH-C: %s]", flow->ssh_tls.client_hassh); if(flow->ssh_tls.ja3_client[0] != '\0') fprintf(out, "[JA3C: %s%s]", flow->ssh_tls.ja3_client, diff --git a/example/reader_util.c b/example/reader_util.c index 566c64607..47873cbe0 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -1317,6 +1317,7 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl || ((is_quic = is_ndpi_proto(flow, NDPI_PROTOCOL_QUIC))) ) { flow->ssh_tls.ssl_version = flow->ndpi_flow->protos.tls_quic.ssl_version; + flow->ssh_tls.quic_version = flow->ndpi_flow->protos.tls_quic.quic_version; if(flow->ndpi_flow->protos.tls_quic.server_names_len > 0 && flow->ndpi_flow->protos.tls_quic.server_names) flow->ssh_tls.server_names = ndpi_strdup(flow->ndpi_flow->protos.tls_quic.server_names); diff --git a/example/reader_util.h b/example/reader_util.h index f152c2ecd..9c55355e6 100644 --- a/example/reader_util.h +++ b/example/reader_util.h @@ -290,6 +290,8 @@ typedef struct ndpi_flow_info { time_t notBefore, notAfter; u_int16_t server_cipher; ndpi_cipher_weakness client_unsafe_cipher, server_unsafe_cipher; + + u_int32_t quic_version; } ssh_tls; struct { |