Added NDPI_MALICIOUS_SHA1 flow risk.add/ssl-cert-sha1-blacklist

* An external file which contains known malicious SSL certificate SHA-1 hashes can be loaded via ndpi_load_malicious_sha1_file(...) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2021-02-26 16:19:28 +0100
committer: Toni Uhlig <matzeton@googlemail.com> 2021-02-26 16:42:50 +0100
commit: 6c1317fa278be71fba8c01c492c223e95eb4ba03 (patch)
tree: b4b325e9052cba16a40dd932b53152221dff6639 /src/include/ndpi_api.h.in
parent: 28330edb7ae0fb3f6eef95b965666368486ac3e1 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in
index 4e63d1d22..0e6a50518 100644
--- a/src/include/ndpi_api.h.in
+++ b/src/include/ndpi_api.h.in
@@ -716,6 +716,15 @@ extern "C" {
   int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
 
   /**
+   * Read a file and load the list of malicious SSL certificate SHA1 fingerprints.
+   * @par     ndpi_mod = the detection module
+   * @par     path     = the path of the file
+   * @return  0 if the file is loaded correctly;
+   *          -1 else
+   */
+  int ndpi_load_malicious_sha1_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
+
+  /**
    * Get the total number of the supported protocols
    *
    * @par     ndpi_mod = the detection module
author	Toni Uhlig <matzeton@googlemail.com>	2021-02-26 16:19:28 +0100
committer	Toni Uhlig <matzeton@googlemail.com>	2021-02-26 16:42:50 +0100
commit	6c1317fa278be71fba8c01c492c223e95eb4ba03 (patch)
tree	b4b325e9052cba16a40dd932b53152221dff6639 /src/include/ndpi_api.h.in
parent	28330edb7ae0fb3f6eef95b965666368486ac3e1 (diff)