diff options
| author | Luca Deri <deri@ntop.org> | 2022-01-26 09:23:23 +0100 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2022-01-26 09:23:23 +0100 |
| commit | 58a9aff17cec2842b5d232eee5a39c0d58a01a75 (patch) | |
| tree | aad123e364d9eb0faf62e233531d510621404eff /src/lib/ndpi_utils.c | |
| parent | 14e8808f0351da2f4a4a2a3ce55e42d06c48370a (diff) | |
Added NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE flow risk
Added ndpi_set_tls_cert_expire_days() API call to modify the number of days for triggering the above alert that by default is set to 30 days
Diffstat (limited to 'src/lib/ndpi_utils.c')
| -rw-r--r-- | src/lib/ndpi_utils.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index 1cc666f2c..4b1bd496c 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -1837,6 +1837,10 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) { return("Possible exploit detected"); break; + case NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE: + return("TLS certificate about to expire"); + break; + default: snprintf(buf, sizeof(buf), "%d", (int)risk); return(buf); @@ -2305,7 +2309,6 @@ u_int8_t ndpi_is_valid_protoId(u_int16_t protoId) { u_int8_t ndpi_is_encrypted_proto(struct ndpi_detection_module_struct *ndpi_str, ndpi_protocol proto) { - if(proto.master_protocol == NDPI_PROTOCOL_UNKNOWN && ndpi_is_valid_protoId(proto.app_protocol)) { return(!ndpi_str->proto_defaults[proto.app_protocol].isClearTextProto); } else if(ndpi_is_valid_protoId(proto.master_protocol) && ndpi_is_valid_protoId(proto.app_protocol)) { @@ -2319,3 +2322,9 @@ u_int8_t ndpi_is_encrypted_proto(struct ndpi_detection_module_struct *ndpi_str, return(0); } +/* ******************************************* */ + +void ndpi_set_tls_cert_expire_days(struct ndpi_detection_module_struct *ndpi_str, + u_int8_t num_days) { + ndpi_str->tls_certificate_expire_in_x_days = num_days; +} |