aboutsummaryrefslogtreecommitdiff
path: root/example
diff options
context:
space:
mode:
Diffstat (limited to 'example')
-rw-r--r--example/reader_util.c26
-rw-r--r--example/reader_util.h12
2 files changed, 21 insertions, 17 deletions
diff --git a/example/reader_util.c b/example/reader_util.c
index 6d90121d2..80178cd0d 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -1069,6 +1069,10 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl
flow->ndpi_flow->l4.tcp.tls.sha1_certificate_fingerprint, 20);
flow->ssh_tls.sha1_cert_fingerprint_set = 1;
}
+
+ if(flow->ndpi_flow->protos.stun_ssl.ssl.alpn)
+ snprintf(flow->info, sizeof(flow->info), "ALPN: %s",
+ flow->ndpi_flow->protos.stun_ssl.ssl.alpn);
}
if(flow->detection_completed && (!flow->check_extra_packets)) {
@@ -1287,15 +1291,15 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow,
if((proto == IPPROTO_TCP)
&& (
- is_ndpi_proto(flow, NDPI_PROTOCOL_TLS)
- || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)
- || is_ndpi_proto(flow, NDPI_PROTOCOL_SSH)
- || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_SSH))
- ) {
+ is_ndpi_proto(flow, NDPI_PROTOCOL_TLS)
+ || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)
+ || is_ndpi_proto(flow, NDPI_PROTOCOL_SSH)
+ || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_SSH))
+ ) {
if((flow->src2dst_packets+flow->dst2src_packets) < 10 /* MIN_NUM_ENCRYPT_SKIP_PACKETS */)
skip = 1;
}
-
+
if(!skip) {
if(ndpi_has_human_readeable_string(workflow->ndpi_struct, (char*)packet, header->caplen,
human_readeable_string_len,
@@ -1306,11 +1310,11 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow,
} else {
if((proto == IPPROTO_TCP)
&& (
- is_ndpi_proto(flow, NDPI_PROTOCOL_TLS)
- || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)
- || is_ndpi_proto(flow, NDPI_PROTOCOL_SSH)
- || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_SSH))
- )
+ is_ndpi_proto(flow, NDPI_PROTOCOL_TLS)
+ || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)
+ || is_ndpi_proto(flow, NDPI_PROTOCOL_SSH)
+ || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_SSH))
+ )
flow->has_human_readeable_strings = 0;
}
} else { // flow is NULL
diff --git a/example/reader_util.h b/example/reader_util.h
index c01682b8b..d54b4d611 100644
--- a/example/reader_util.h
+++ b/example/reader_util.h
@@ -180,14 +180,14 @@ typedef struct ndpi_flow_info {
u_int32_t src2dst_packets, dst2src_packets;
u_int32_t has_human_readeable_strings;
char human_readeable_string_buffer[32];
-
+
// result only, not used for flow identification
ndpi_protocol detected_protocol;
// Flow data analysis
struct ndpi_analyze_struct *iat_c_to_s, *iat_s_to_c, *iat_flow,
*pktlen_c_to_s, *pktlen_s_to_c;
-
+
char info[160];
char flow_extra_info[16];
char host_server_name[240];
@@ -204,22 +204,22 @@ typedef struct ndpi_flow_info {
u_int8_t sha1_cert_fingerprint_set;
time_t notBefore, notAfter;
u_int16_t server_cipher;
- ndpi_cipher_weakness client_unsafe_cipher, server_unsafe_cipher;
+ ndpi_cipher_weakness client_unsafe_cipher, server_unsafe_cipher;
} ssh_tls;
struct {
char url[256], content_type[64], user_agent[128];
u_int response_status_code;
} http;
-
+
struct {
char username[32], password[32];
} telnet;
-
+
void *src_id, *dst_id;
struct ndpi_entropy entropy;
- struct ndpi_entropy last_entropy;
+ struct ndpi_entropy last_entropy;
} ndpi_flow_info_t;
Powered by cgit, Themed by Ted Yin.