aboutsummaryrefslogtreecommitdiff
path: root/src/lib/protocols/tls.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/protocols/tls.c')
-rw-r--r--src/lib/protocols/tls.c53
1 files changed, 27 insertions, 26 deletions
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 8214ede04..c5142abde 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -268,7 +268,7 @@ static int extractRDNSequence(struct ndpi_packet_struct *packet,
}
if(is_printable) {
- int rc = snprintf(&rdnSeqBuf[*rdnSeqBuf_offset],
+ int rc = ndpi_snprintf(&rdnSeqBuf[*rdnSeqBuf_offset],
rdnSeqBuf_len-(*rdnSeqBuf_offset),
"%s%s=%s", (*rdnSeqBuf_offset > 0) ? ", " : "",
label, buffer);
@@ -530,13 +530,14 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
if(general_name_type == 0x87) {
if(len == 4 /* IPv4 */) {
- snprintf(dNSName, sizeof(dNSName), "%u.%u.%u.%u",
+ ndpi_snprintf(dNSName, sizeof(dNSName), "%u.%u.%u.%u",
packet->payload[i] & 0xFF,
packet->payload[i+1] & 0xFF,
packet->payload[i+2] & 0xFF,
packet->payload[i+3] & 0xFF);
- } else if(len == 16 /* IPv6 */){
- inet_ntop(AF_INET6, &packet->payload[i], dNSName, sizeof(dNSName));
+ } else if(len == 16 /* IPv6 */) {
+ struct in6_addr addr = *(struct in6_addr *)&packet->payload[i];
+ inet_ntop(AF_INET6, &addr, dNSName, sizeof(dNSName));
} else {
/* Is that possibile? Better safe than sorry */
dNSName[0] = '\0';
@@ -1461,7 +1462,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
if(flow->protos.tls_quic.alpn != NULL)
tlsCheckUncommonALPN(ndpi_struct, flow);
- snprintf(ja3.server.alpn, sizeof(ja3.server.alpn), "%s", alpn_str);
+ ndpi_snprintf(ja3.server.alpn, sizeof(ja3.server.alpn), "%s", alpn_str);
/* Replace , with - as in JA3 */
for(i=0; ja3.server.alpn[i] != '\0'; i++)
@@ -1500,36 +1501,36 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
i += 4 + extension_len, offset += 4 + extension_len;
} /* for */
- ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.server.tls_handshake_version);
+ ja3_str_len = ndpi_snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.server.tls_handshake_version);
for(i=0; (i<ja3.server.num_cipher) && (JA3_STR_LEN > ja3_str_len); i++) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.server.cipher[i]);
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.server.cipher[i]);
if(rc <= 0) break; else ja3_str_len += rc;
}
if(JA3_STR_LEN > ja3_str_len) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
}
/* ********** */
for(i=0; (i<ja3.server.num_tls_extension) && (JA3_STR_LEN > ja3_str_len); i++) {
- int rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.server.tls_extension[i]);
+ int rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.server.tls_extension[i]);
if(rc <= 0) break; else ja3_str_len += rc;
}
if(ndpi_struct->enable_ja3_plus) {
for(i=0; (i<ja3.server.num_elliptic_curve_point_format) && (JA3_STR_LEN > ja3_str_len); i++) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
(i > 0) ? "-" : "", ja3.server.elliptic_curve_point_format[i]);
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc; else break;
}
if((ja3.server.alpn[0] != '\0') && (JA3_STR_LEN > ja3_str_len)) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",%s", ja3.server.alpn);
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",%s", ja3.server.alpn);
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc;
}
@@ -1547,7 +1548,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
ndpi_MD5Final(md5_hash, &ctx);
for(i=0, j=0; i<16; i++) {
- int rc = snprintf(&flow->protos.tls_quic.ja3_server[j],
+ int rc = ndpi_snprintf(&flow->protos.tls_quic.ja3_server[j],
sizeof(flow->protos.tls_quic.ja3_server)-j, "%02x", md5_hash[i]);
if(rc <= 0) break; else j += rc;
}
@@ -1898,7 +1899,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
#endif
for(i=0; i<tot_signature_algorithms_len && s_offset+i<total_len; i++) {
- int rc = snprintf(&ja3.client.signature_algorithms[i*2], sizeof(ja3.client.signature_algorithms)-i*2, "%02X", packet->payload[s_offset+i]);
+ int rc = ndpi_snprintf(&ja3.client.signature_algorithms[i*2], sizeof(ja3.client.signature_algorithms)-i*2, "%02X", packet->payload[s_offset+i]);
if(rc < 0) break;
}
@@ -2048,7 +2049,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
if(flow->protos.tls_quic.alpn == NULL)
flow->protos.tls_quic.alpn = ndpi_strdup(alpn_str);
- snprintf(ja3.client.alpn, sizeof(ja3.client.alpn), "%s", alpn_str);
+ ndpi_snprintf(ja3.client.alpn, sizeof(ja3.client.alpn), "%s", alpn_str);
/* Replace , with - as in JA3 */
for(i=0; ja3.client.alpn[i] != '\0'; i++)
@@ -2083,7 +2084,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
#endif
if((version_str_len+8) < sizeof(version_str)) {
- int rc = snprintf(&version_str[version_str_len],
+ int rc = ndpi_snprintf(&version_str[version_str_len],
sizeof(version_str) - version_str_len, "%s%s",
(version_str_len > 0) ? "," : "",
ndpi_ssl_version2str(buf_ver_tmp, sizeof(buf_ver_tmp), tls_version, &unknown_tls_version));
@@ -2092,7 +2093,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
else
version_str_len += rc;
- rc = snprintf(&ja3.client.supported_versions[supported_versions_offset],
+ rc = ndpi_snprintf(&ja3.client.supported_versions[supported_versions_offset],
sizeof(ja3.client.supported_versions)-supported_versions_offset,
"%s%04X", (j > 0) ? "-" : "", tls_version);
@@ -2232,47 +2233,47 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
int rc;
compute_ja3c:
- ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.client.tls_handshake_version);
+ ja3_str_len = ndpi_snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.client.tls_handshake_version);
for(i=0; i<ja3.client.num_cipher; i++) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
(i > 0) ? "-" : "", ja3.client.cipher[i]);
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc; else break;
}
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc;
/* ********** */
for(i=0; i<ja3.client.num_tls_extension; i++) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
(i > 0) ? "-" : "", ja3.client.tls_extension[i]);
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc; else break;
}
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc;
/* ********** */
for(i=0; i<ja3.client.num_elliptic_curve; i++) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
(i > 0) ? "-" : "", ja3.client.elliptic_curve[i]);
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc; else break;
}
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc;
for(i=0; i<ja3.client.num_elliptic_curve_point_format; i++) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
(i > 0) ? "-" : "", ja3.client.elliptic_curve_point_format[i]);
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc; else break;
}
if(ndpi_struct->enable_ja3_plus) {
- rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len,
+ rc = ndpi_snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len,
",%s,%s,%s", ja3.client.signature_algorithms, ja3.client.supported_versions, ja3.client.alpn);
if((rc > 0) && (ja3_str_len + rc < JA3_STR_LEN)) ja3_str_len += rc;
}
@@ -2286,7 +2287,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
ndpi_MD5Final(md5_hash, &ctx);
for(i=0, j=0; i<16; i++) {
- rc = snprintf(&flow->protos.tls_quic.ja3_client[j],
+ rc = ndpi_snprintf(&flow->protos.tls_quic.ja3_client[j],
sizeof(flow->protos.tls_quic.ja3_client)-j, "%02x",
md5_hash[i]);
if(rc > 0) j += rc; else break;
Powered by cgit, Themed by Ted Yin.