diff options
| author | Luca Deri <deri@ntop.org> | 2022-05-30 00:31:52 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2022-05-30 00:32:32 +0200 |
| commit | f25deeccb1ccbebd6346271828762fdd8326c32b (patch) | |
| tree | 677c846f19b9b1468e6ec62637e77ae354fe0a24 /src/lib/protocols/quic.c | |
| parent | a9d7cc4841ea098074b3dc0b42b7b6e73d4d8cd9 (diff) | |
Added RiskInfo string
Diffstat (limited to 'src/lib/protocols/quic.c')
| -rw-r--r-- | src/lib/protocols/quic.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/lib/protocols/quic.c b/src/lib/protocols/quic.c index d3512cd9b..0f1d37a70 100644 --- a/src/lib/protocols/quic.c +++ b/src/lib/protocols/quic.c @@ -1395,10 +1395,13 @@ static void process_chlo(struct ndpi_detection_module_struct *ndpi_struct, if(ndpi_is_valid_hostname(flow->host_server_name, strlen(flow->host_server_name)) == 0) { - ndpi_set_risk(ndpi_struct, flow, NDPI_INVALID_CHARACTERS); + char str[64]; + + snprintf(str, sizeof(str), "Invalid host %s", flow->host_server_name); + ndpi_set_risk(ndpi_struct, flow, NDPI_INVALID_CHARACTERS, str); /* This looks like an attack */ - ndpi_set_risk(ndpi_struct, flow, NDPI_POSSIBLE_EXPLOIT); + ndpi_set_risk(ndpi_struct, flow, NDPI_POSSIBLE_EXPLOIT, NULL); } sni_found = 1; @@ -1426,7 +1429,7 @@ static void process_chlo(struct ndpi_detection_module_struct *ndpi_struct, /* Add check for missing SNI */ if(flow->host_server_name[0] == '\0') { /* This is a bit suspicious */ - ndpi_set_risk(ndpi_struct, flow, NDPI_TLS_MISSING_SNI); + ndpi_set_risk(ndpi_struct, flow, NDPI_TLS_MISSING_SNI, NULL); } } |