Added NDPI_MALICIOUS_SHA1 flow risk.add/ssl-cert-sha1-blacklist

* An external file which contains known malicious SSL certificate SHA-1 hashes can be loaded via ndpi_load_malicious_sha1_file(...) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2021-02-26 16:19:28 +0100
committer: Toni Uhlig <matzeton@googlemail.com> 2021-02-26 16:42:50 +0100
commit: 6c1317fa278be71fba8c01c492c223e95eb4ba03 (patch)
tree: b4b325e9052cba16a40dd932b53152221dff6639 /src/lib/ndpi_utils.c
parent: 28330edb7ae0fb3f6eef95b965666368486ac3e1 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 2fdaf34c6..d50e8ccae 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -1766,6 +1766,9 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) {
   case NDPI_MALICIOUS_JA3:
     return("Possibly Malicious JA3 Fingerprint");
 
+  case NDPI_MALICIOUS_SHA1:
+    return("Possibly Malicious SSL Certificate SHA1 Fingerprint");
+
   default:
     snprintf(buf, sizeof(buf), "%d", (int)risk);
     return(buf);
author	Toni Uhlig <matzeton@googlemail.com>	2021-02-26 16:19:28 +0100
committer	Toni Uhlig <matzeton@googlemail.com>	2021-02-26 16:42:50 +0100
commit	6c1317fa278be71fba8c01c492c223e95eb4ba03 (patch)
tree	b4b325e9052cba16a40dd932b53152221dff6639 /src/lib/ndpi_utils.c
parent	28330edb7ae0fb3f6eef95b965666368486ac3e1 (diff)