Added check for empty/missing user-agent in HTTP

1 files changed, 9 insertions, 7 deletions

diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c
index a7876c15e..e33ee265d 100644
--- a/src/lib/protocols/http.c
+++ b/src/lib/protocols/http.c
@@ -210,6 +210,9 @@ static void ndpi_validate_http_content(struct ndpi_detection_module_struct *ndpi
 
     NDPI_LOG_DBG(ndpi_struct, "\n");
   }
+
+  if((flow->http.user_agent == NULL) || (flow->http.user_agent[0] == '\0'))
+    ndpi_set_risk(ndpi_struct, flow, NDPI_HTTP_SUSPICIOUS_USER_AGENT, "Empty or missing User-Agent");
 }
 
 /* *********************************************** */
@@ -452,8 +455,8 @@ static void ndpi_check_user_agent(struct ndpi_detection_module_struct *ndpi_stru
   char *double_slash;
 
   if((!ua) || (ua[0] == '\0'))
-    return;
-
+    return;  
+  
   if (ua_len > 12)
   {
     size_t i, upper_case_count = 0;
@@ -602,12 +605,10 @@ int http_process_user_agent(struct ndpi_detection_module_struct *ndpi_struct,
     }
   }
 
-  if (ndpi_user_agent_set(flow, ua_ptr, ua_ptr_len) != NULL)
-  {
+  if(ndpi_user_agent_set(flow, ua_ptr, ua_ptr_len) != NULL)
     ndpi_check_user_agent(ndpi_struct, flow, flow->http.user_agent, ua_ptr_len);
-  } else {
-    NDPI_LOG_DBG2(ndpi_struct, "Could not set HTTP user agent\n");
-  }
+  else
+    NDPI_LOG_DBG2(ndpi_struct, "Could not set HTTP user agent\n");  
 
   NDPI_LOG_DBG2(ndpi_struct, "User Agent Type line found %.*s\n",
 		ua_ptr_len, ua_ptr);
@@ -1371,6 +1372,7 @@ static void ndpi_check_http_tcp(struct ndpi_detection_module_struct *ndpi_struct
       }
     }
 
+    check_content_type_and_change_protocol(ndpi_struct, flow);
     NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
     http_bitmask_exclude_other(flow);
   } else if((flow->l4.tcp.http_stage == 1) || (flow->l4.tcp.http_stage == 2)) {