Add fingerprint_set flag

2 files changed, 5 insertions, 3 deletions

diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index bbfc76d18..25a2c8363 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -646,8 +646,8 @@ struct ndpi_flow_tcp_struct {
     void* srv_cert_fingerprint_ctx; /* SHA-1 */
   
     /* NDPI_PROTOCOL_TLS */
-    u_int8_t hello_processed:1, certificate_processed:1, subprotocol_detected:1, _pad:5;
-    int16_t fingerprint_len; /* Need to be signed */
+    u_int8_t hello_processed:1, certificate_processed:1, subprotocol_detected:1,
+	fingerprint_set:1, _pad:4;
     u_int8_t sha1_certificate_fingerprint[20];
   } tls;
   
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 5f2fe5a52..88bfa7590 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -394,7 +394,7 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
 		flow->protos.stun_ssl.ssl.server_names = newstr;
 		flow->protos.stun_ssl.ssl.server_names[flow->protos.stun_ssl.ssl.server_names_len] = ',';
 		strncpy(&flow->protos.stun_ssl.ssl.server_names[flow->protos.stun_ssl.ssl.server_names_len+1],
-			dNSName, dNSName_len);
+			dNSName, dNSName_len-1);
 		flow->protos.stun_ssl.ssl.server_names[newstr_len] = '\0';
 		flow->protos.stun_ssl.ssl.server_names_len = newstr_len;
 	      }
@@ -482,6 +482,8 @@ int processCertificate(struct ndpi_detection_module_struct *ndpi_struct,
 		 certificate_len);
   
       SHA1Final(flow->l4.tcp.tls.sha1_certificate_fingerprint, flow->l4.tcp.tls.srv_cert_fingerprint_ctx);
+
+      flow->l4.tcp.tls.fingerprint_set = 1;
   
 #ifdef DEBUG_TLS
       {