diff options
Diffstat (limited to 'example')
| -rw-r--r-- | example/ndpiReader.c | 6 | ||||
| -rw-r--r-- | example/reader_util.c | 6 | ||||
| -rw-r--r-- | example/reader_util.h | 1 |
3 files changed, 7 insertions, 6 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index c88df245a..15e4d1016 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -1224,11 +1224,7 @@ static void printFlow(u_int16_t id, struct ndpi_flow_info *flow, u_int16_t threa if((flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS) || (flow->detected_protocol.app_protocol == NDPI_PROTOCOL_TLS)) { - if((flow->ssh_tls.sha1_cert_fingerprint[0] == 0) - && (flow->ssh_tls.sha1_cert_fingerprint[1] == 0) - && (flow->ssh_tls.sha1_cert_fingerprint[2] == 0)) - ; /* Looks empty */ - else { + if(flow->ssh_tls.sha1_cert_fingerprint_set) { fprintf(out, "[Certificate SHA-1: "); for(i=0; i<20; i++) fprintf(out, "%s%02X", (i > 0) ? ":" : "", diff --git a/example/reader_util.c b/example/reader_util.c index 79104ea91..b8fce9632 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -1049,8 +1049,12 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl flow->ndpi_flow->protos.stun_ssl.ssl.ja3_server); flow->ssh_tls.server_unsafe_cipher = flow->ndpi_flow->protos.stun_ssl.ssl.server_unsafe_cipher; flow->ssh_tls.server_cipher = flow->ndpi_flow->protos.stun_ssl.ssl.server_cipher; - memcpy(flow->ssh_tls.sha1_cert_fingerprint, + + if(flow->ndpi_flow->l4.tcp.tls.fingerprint_set) { + memcpy(flow->ssh_tls.sha1_cert_fingerprint, flow->ndpi_flow->l4.tcp.tls.sha1_certificate_fingerprint, 20); + flow->ssh_tls.sha1_cert_fingerprint_set = 1; + } } if(flow->detection_completed && (!flow->check_extra_packets)) { diff --git a/example/reader_util.h b/example/reader_util.h index 6fd1880e5..55c260a54 100644 --- a/example/reader_util.h +++ b/example/reader_util.h @@ -200,6 +200,7 @@ typedef struct ndpi_flow_info { server_organization[64], ja3_client[33], ja3_server[33], sha1_cert_fingerprint[20]; + u_int8_t sha1_cert_fingerprint_set; time_t notBefore, notAfter; u_int16_t server_cipher; ndpi_cipher_weakness client_unsafe_cipher, server_unsafe_cipher; |