5 files changed, 35 insertions, 20 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index 669f59dda..5723494ba 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -1,7 +1,7 @@
 /*
  * ndpi_api.h
  *
- * Copyright (C) 2011-19 - ntop.org
+ * Copyright (C) 2011-20 - ntop.org
  *
  * This file is part of nDPI, an open source deep packet inspection
  * library based on the OpenDPI and PACE technology by ipoque GmbH
@@ -507,6 +507,21 @@ extern "C" {
 					   u_int16_t protoId);
 
   /**
+   * Set hostname-based protocol
+   *
+   * @par ndpi_mod          = the detection module
+   * @par flow              = the flow to which this communication belongs to
+   * @par master_protocol   = the master protocol for this flow
+   * @par name              = the host name
+   * @par name_len          = length of the host name
+   *
+   */
+  int ndpi_match_hostname_protocol(struct ndpi_detection_module_struct *ndpi_mod,
+				   struct ndpi_flow_struct *flow,
+				   u_int16_t master_protocol,				 
+				   char *name, u_int name_len);
+
+  /**
    * Get protocol category as string
    *
    * @par     mod           = the detection module
diff --git a/src/include/ndpi_main.h b/src/include/ndpi_main.h
index 7263410de..c909adc74 100644
--- a/src/include/ndpi_main.h
+++ b/src/include/ndpi_main.h
@@ -1,7 +1,7 @@
 /*
  * ndpi_main.h
  *
- * Copyright (C) 2011-19 - ntop.org
+ * Copyright (C) 2011-20 - ntop.org
  *
  * This file is part of nDPI, an open source deep packet inspection
  * library based on the OpenDPI and PACE technology by ipoque GmbH
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index b0518649c..c6b0fc4a4 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -1,7 +1,7 @@
 /*
  * ndpi_protocol_ids.h
  *
- * Copyright (C) 2011-19 - ntop.org
+ * Copyright (C) 2011-20 - ntop.org
  *
  * This file is part of nDPI, an open source deep packet inspection
  * library based on the OpenDPI and PACE technology by ipoque GmbH
diff --git a/src/include/ndpi_protocols.h b/src/include/ndpi_protocols.h
index 7fdf7ec27..2cae4b203 100644
--- a/src/include/ndpi_protocols.h
+++ b/src/include/ndpi_protocols.h
@@ -1,7 +1,7 @@
 /*
  * ndpi_protocols.h
  *
- * Copyright (C) 2011-19 - ntop.org
+ * Copyright (C) 2011-20 - ntop.org
  *
  * This file is part of nDPI, an open source deep packet inspection
  * library based on the OpenDPI and PACE technology by ipoque GmbH
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 11b3394da..c7d88fe0f 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1,7 +1,7 @@
 /*
  * ndpi_typedefs.h
  *
- * Copyright (C) 2011-19 - ntop.org
+ * Copyright (C) 2011-20 - ntop.org
  *
  * This file is part of nDPI, an open source deep packet inspection
  * library based on the OpenDPI and PACE technology by ipoque GmbH
@@ -637,17 +637,19 @@ struct ndpi_flow_tcp_struct {
   /* NDPI_PROTOCOL_TELNET */
   u_int32_t telnet_stage:2;			// 0 - 2
 
-  void* tls_srv_cert_fingerprint_ctx;
+  struct {
+    struct {
+      u_int8_t *buffer;
+      u_int buffer_len, buffer_used;
+    } message;
+    
+    void* srv_cert_fingerprint_ctx; /* SHA-1 */
   
-  /* NDPI_PROTOCOL_TLS */
-  u_int8_t tls_seen_client_cert:1,
-    tls_seen_server_cert:1,
-    tls_seen_certificate:1,
-    tls_srv_cert_fingerprint_found:1,
-    tls_srv_cert_fingerprint_processed:1,
-    tls_stage:2, _pad:1; // 0 - 5
-  int16_t tls_record_offset, tls_fingerprint_len; /* Need to be signed */
-  u_int8_t tls_sha1_certificate_fingerprint[20];
+    /* NDPI_PROTOCOL_TLS */
+    u_int8_t hello_processed:1, certificate_processed:1, subprotocol_detected:1,
+	fingerprint_set:1, _pad:4;
+    u_int8_t sha1_certificate_fingerprint[20];
+  } tls;
   
   /* NDPI_PROTOCOL_POSTGRES */
   u_int32_t postgres_stage:3;
@@ -941,7 +943,6 @@ typedef enum {
 
 typedef enum {
    ndpi_pref_direction_detect_disable = 0,
-   ndpi_pref_disable_metadata_export,
 } ndpi_detection_preference;
 
 /* ntop extensions */
@@ -1119,8 +1120,7 @@ struct ndpi_detection_module_struct {
   ndpi_proto_defaults_t proto_defaults[NDPI_MAX_SUPPORTED_PROTOCOLS+NDPI_MAX_NUM_CUSTOM_PROTOCOLS];
 
   u_int8_t direction_detect_disable:1, /* disable internal detection of packet direction */
-    disable_metadata_export:1   /* No metadata is exported */
-    ;
+    _pad:7;
 
   void *hyperscan; /* Intel Hyperscan */
 };
@@ -1219,8 +1219,8 @@ struct ndpi_flow_struct {
 
     struct {
       struct {
-	u_int16_t ssl_version;
-	char client_certificate[64], server_certificate[64], server_organization[64];
+	u_int16_t ssl_version, server_names_len;
+	char client_requested_server_name[64], *server_names, server_organization[64];
 	u_int32_t notBefore, notAfter;
 	char ja3_client[33], ja3_server[33];
 	u_int16_t server_cipher;