aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/protocols/tls.c2
-rw-r--r--tests/result/ssl-cert-name-mismatch.pcap.out2
2 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 600346b83..b5a0bb1cb 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -568,7 +568,7 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
if(label != NULL) {
char * first_dot = strchr(flow->host_server_name, '.');
- if(first_dot == NULL || first_dot >= label) {
+ if((first_dot == NULL) || (first_dot <= label)) {
matched_name = 1;
}
}
diff --git a/tests/result/ssl-cert-name-mismatch.pcap.out b/tests/result/ssl-cert-name-mismatch.pcap.out
index aa6b3d4b1..eb83fad33 100644
--- a/tests/result/ssl-cert-name-mismatch.pcap.out
+++ b/tests/result/ssl-cert-name-mismatch.pcap.out
@@ -10,4 +10,4 @@ JA3 Host Stats:
1 192.168.2.222 1
- 1 TCP 192.168.2.222:54772 <-> 104.154.89.105:443 [proto: 91.126/TLS.Google][Encrypted][Confidence: DPI][cat: Web/5][11 pkts/1136 bytes <-> 10 pkts/4276 bytes][Goodput ratio: 35/84][0.72 sec][Hostname/SNI: wrong.host.badssl.com][ALPN: http/1.1][bytes ratio: -0.580 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 79/48 167/160 64/68][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/428 311/1474 70/548][Risk: ** TLS Certificate Mismatch **][Risk Score: 100][TLSv1.2][JA3C: 4e69e4e5627c5e4c2846ba3e64d23fb9][ServerNames: *.badssl.com,badssl.com][JA3S: b898351eb5e266aefd3723d466935494][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=Walnut Creek, O=Lucas Garron Torres, CN=*.badssl.com][Certificate SHA-1: 18:45:B2:16:EF:D0:83:9A:18:51:A9:57:32:5D:A3:36:21:70:49:CB][Firefox][Validity: 2020-03-23 00:00:00 - 2022-05-17 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,12,0,0,0,0,12,12,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
+ 1 TCP 192.168.2.222:54772 <-> 104.154.89.105:443 [proto: 91.126/TLS.Google][Encrypted][Confidence: DPI][cat: Web/5][11 pkts/1136 bytes <-> 10 pkts/4276 bytes][Goodput ratio: 35/84][0.72 sec][Hostname/SNI: wrong.host.badssl.com][ALPN: http/1.1][bytes ratio: -0.580 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 79/48 167/160 64/68][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/428 311/1474 70/548][TLSv1.2][JA3C: 4e69e4e5627c5e4c2846ba3e64d23fb9][ServerNames: *.badssl.com,badssl.com][JA3S: b898351eb5e266aefd3723d466935494][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=Walnut Creek, O=Lucas Garron Torres, CN=*.badssl.com][Certificate SHA-1: 18:45:B2:16:EF:D0:83:9A:18:51:A9:57:32:5D:A3:36:21:70:49:CB][Firefox][Validity: 2020-03-23 00:00:00 - 2022-05-17 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,12,0,0,0,0,12,12,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
Powered by cgit, Themed by Ted Yin.