Added NDPI_MALICIOUS_SHA1 flow risk. (#1142)

* An external file which contains known malicious SSL certificate SHA-1 hashes can be loaded via ndpi_load_malicious_sha1_file(...) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni <matzeton@googlemail.com> 2021-02-26 17:00:05 +0100
committer: GitHub <noreply@github.com> 2021-02-26 17:00:05 +0100
commit: 16890a6632b237020848c7210d3cca6c19645f9d (patch)
tree: caded29f6ab0db37365b3d182ff065ac304b1fd6 /src/lib/ndpi_utils.c
parent: fba61adf5eb56ecd40686f11aab2296f56dd4bbe (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 2fdaf34c6..d50e8ccae 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -1766,6 +1766,9 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) {
   case NDPI_MALICIOUS_JA3:
     return("Possibly Malicious JA3 Fingerprint");
 
+  case NDPI_MALICIOUS_SHA1:
+    return("Possibly Malicious SSL Certificate SHA1 Fingerprint");
+
   default:
     snprintf(buf, sizeof(buf), "%d", (int)risk);
     return(buf);
author	Toni <matzeton@googlemail.com>	2021-02-26 17:00:05 +0100
committer	GitHub <noreply@github.com>	2021-02-26 17:00:05 +0100
commit	16890a6632b237020848c7210d3cca6c19645f9d (patch)
tree	caded29f6ab0db37365b3d182ff065ac304b1fd6 /src/lib/ndpi_utils.c
parent	fba61adf5eb56ecd40686f11aab2296f56dd4bbe (diff)