aboutsummaryrefslogtreecommitdiff
path: root/src/lib/protocols/tls.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/protocols/tls.c')
-rw-r--r--src/lib/protocols/tls.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index ec267ba5e..5cf2cac19 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -1432,6 +1432,11 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
NDPI_SET_BIT(flow->risk, NDPI_TLS_NOT_CARRYING_HTTPS);
}
+ if(flow->protos.stun_ssl.ssl.encrypted_sni.esni &&
+ flow->protos.stun_ssl.ssl.client_requested_server_name[0] != '\0') {
+ NDPI_SET_BIT(flow->risk, NDPI_TLS_SUSPICIOUS_ESNI_USAGE);
+ }
+
return(2 /* Client Certificate */);
} else {
#ifdef DEBUG_TLS
Powered by cgit, Themed by Ted Yin.