diff options
Diffstat (limited to 'example')
| -rw-r--r-- | example/ndpiReader.c | 18 | ||||
| -rw-r--r-- | example/ndpi_util.c | 18 | ||||
| -rw-r--r-- | example/ndpi_util.h | 4 |
3 files changed, 25 insertions, 15 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index e1777d7da..4bf786aa8 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -387,8 +387,10 @@ static void printFlow(u_int16_t thread_id, struct ndpi_flow_info *flow) { flow->packets, (long long unsigned int) flow->bytes); if(flow->host_server_name[0] != '\0') fprintf(out, "[Host: %s]", flow->host_server_name); - if(flow->ssl.client_certificate[0] != '\0') fprintf(out, "[SSL client: %s]", flow->ssl.client_certificate); - if(flow->ssl.server_certificate[0] != '\0') fprintf(out, "[SSL server: %s]", flow->ssl.server_certificate); + + + if(flow->ssh_ssl.client_info[0] != '\0') fprintf(out, "[client: %s]", flow->ssh_ssl.client_info); + if(flow->ssh_ssl.server_info[0] != '\0') fprintf(out, "[server: %s]", flow->ssh_ssl.server_info); if(flow->bittorent_hash[0] != '\0') fprintf(out, "[BT Hash: %s]", flow->bittorent_hash); fprintf(out, "\n"); @@ -427,16 +429,16 @@ static void printFlow(u_int16_t thread_id, struct ndpi_flow_info *flow) { if(flow->host_server_name[0] != '\0') json_object_object_add(jObj,"host.server.name",json_object_new_string(flow->host_server_name)); - if((flow->ssl.client_certificate[0] != '\0') || (flow->ssl.server_certificate[0] != '\0')) { + if((flow->ssh_ssl.client_info[0] != '\0') || (flow->ssh_ssl.server_info[0] != '\0')) { json_object *sjObj = json_object_new_object(); - if(flow->ssl.client_certificate[0] != '\0') - json_object_object_add(sjObj, "client", json_object_new_string(flow->ssl.client_certificate)); + if(flow->ssh_ssl.client_info[0] != '\0') + json_object_object_add(sjObj, "client", json_object_new_string(flow->ssh_ssl.client_info)); - if(flow->ssl.server_certificate[0] != '\0') - json_object_object_add(sjObj, "server", json_object_new_string(flow->ssl.server_certificate)); + if(flow->ssh_ssl.server_info[0] != '\0') + json_object_object_add(sjObj, "server", json_object_new_string(flow->ssh_ssl.server_info)); - json_object_object_add(jObj, "ssl", sjObj); + json_object_object_add(jObj, "ssh_ssl", sjObj); } if(json_flag == 1) diff --git a/example/ndpi_util.c b/example/ndpi_util.c index d121b5841..d5cb27d5a 100644 --- a/example/ndpi_util.c +++ b/example/ndpi_util.c @@ -440,7 +440,7 @@ static struct ndpi_flow_info *get_ndpi_flow_info6(struct ndpi_workflow * workflo Function to process the packet: determine the flow of a packet and try to decode it @return: 0 if success; else != 0 - + @Note: ipsize = header->len - ip_offset ; rawsize = header->len */ static unsigned int packet_processing(struct ndpi_workflow * workflow, @@ -519,10 +519,18 @@ static unsigned int packet_processing(struct ndpi_workflow * workflow, } if((proto == IPPROTO_TCP) && (flow->detected_protocol.protocol != NDPI_PROTOCOL_DNS)) { - snprintf(flow->ssl.client_certificate, sizeof(flow->ssl.client_certificate), "%s", - flow->ndpi_flow->protos.ssl.client_certificate); - snprintf(flow->ssl.server_certificate, sizeof(flow->ssl.server_certificate), "%s", - flow->ndpi_flow->protos.ssl.server_certificate); + if(flow->detected_protocol.protocol == NDPI_PROTOCOL_SSH) { + snprintf(flow->ssh_ssl.client_info, sizeof(flow->ssh_ssl.client_info), "%s", + flow->ndpi_flow->protos.ssh.client_signature); + snprintf(flow->ssh_ssl.server_info, sizeof(flow->ssh_ssl.server_info), "%s", + flow->ndpi_flow->protos.ssh.server_signature); + } else if((flow->detected_protocol.protocol == NDPI_PROTOCOL_SSL) + || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_SSL)) { + snprintf(flow->ssh_ssl.client_info, sizeof(flow->ssh_ssl.client_info), "%s", + flow->ndpi_flow->protos.ssl.client_certificate); + snprintf(flow->ssh_ssl.server_info, sizeof(flow->ssh_ssl.server_info), "%s", + flow->ndpi_flow->protos.ssl.server_certificate); + } } if(flow->detection_completed) { diff --git a/example/ndpi_util.h b/example/ndpi_util.h index 3168a5010..171ab8e95 100644 --- a/example/ndpi_util.h +++ b/example/ndpi_util.h @@ -62,8 +62,8 @@ typedef struct ndpi_flow_info { char bittorent_hash[41]; struct { - char client_certificate[48], server_certificate[48]; - } ssl; + char client_info[48], server_info[48]; + } ssh_ssl; void *src_id, *dst_id; } ndpi_flow_info_t; |