diff options
| -rw-r--r-- | src/lib/ndpi_utils.c | 2 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index f969c6c59..9839d8863 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -1697,7 +1697,7 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) { return("Self-signed Certificate"); case NDPI_TLS_OBSOLETE_VERSION: - return("Obsolete TLS version (older than 1.1)"); + return("Obsolete TLS version (older than 1.2)"); case NDPI_TLS_WEAK_CIPHER: return("Weak TLS cipher"); diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index aac8798b3..2d9d517cc 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -1495,7 +1495,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, ja3.client.alpn[0] = '\0'; flow->protos.tls_quic_stun.tls_quic.ssl_version = ja3.client.tls_handshake_version = tls_version; - if(flow->protos.tls_quic_stun.tls_quic.ssl_version < 0x0302) /* TLSv1.1 */ + if(flow->protos.tls_quic_stun.tls_quic.ssl_version < 0x0303) /* < TLSv1.2 */ ndpi_set_risk(ndpi_struct, flow, NDPI_TLS_OBSOLETE_VERSION); if((session_id_len+base_offset+3) > packet->payload_packet_len) |