3 files changed, 12 insertions, 6 deletions
diff --git a/src/lib/ndpi_community_id.c b/src/lib/ndpi_community_id.c
index 30519b59e..72f60c746 100644
--- a/src/lib/ndpi_community_id.c
+++ b/src/lib/ndpi_community_id.c
@@ -167,13 +167,15 @@ static int ndpi_community_id_peer_v4_is_less_than(u_int32_t ip1, u_int32_t ip2,
 
 static int ndpi_community_id_peer_v6_is_less_than(struct ndpi_in6_addr *ip1, struct ndpi_in6_addr *ip2, u_int16_t p1, u_int16_t p2) {
   int comp = memcmp(ip1, ip2, sizeof(struct ndpi_in6_addr));
+
   return comp < 0 || (comp == 0 && p1 < p2);
 }
 
 /* **************************************************** */
 
-static void ndpi_community_id_sha1_hash(const uint8_t *message, size_t len, u_char *hash /* 20-bytes */) {
+void ndpi_string_sha1_hash(const uint8_t *message, size_t len, u_char *hash /* 20-bytes */) {
   SHA1_CTX ctx;
+
   SHA1Init(&ctx);
   SHA1Update(&ctx, message, len);
   SHA1Final(hash, &ctx);
@@ -185,7 +187,8 @@ static void ndpi_community_id_sha1_hash(const uint8_t *message, size_t len, u_ch
 https://github.com/corelight/community-id-spec/blob/bda913f617389df07cdaa23606e11bbd318e265c/community-id.py#L285
 */
 static int ndpi_community_id_finalize_and_compute_hash(u_int8_t *comm_buf, u_int16_t off, u_int8_t l4_proto,
-             u_int16_t src_port, u_int16_t dst_port, char *hash_buf, u_int8_t hash_buf_len) {
+						       u_int16_t src_port, u_int16_t dst_port,
+						       char *hash_buf, u_int8_t hash_buf_len) {
   u_int8_t pad = 0;
   uint32_t hash[5];
   char *community_id;
@@ -209,12 +212,12 @@ static int ndpi_community_id_finalize_and_compute_hash(u_int8_t *comm_buf, u_int
   }
 
   /* Compute SHA1 */
-  ndpi_community_id_sha1_hash(comm_buf, off, (u_char*)hash);
+  ndpi_string_sha1_hash(comm_buf, off, (u_char*)hash);
 
   /* Base64 encoding */
   community_id = ndpi_base64_encode((u_int8_t*)hash, sizeof(hash));
 
-  if (community_id == NULL)
+  if(community_id == NULL)
     return -1;
 
 #if 0 /* Debug Info */
@@ -231,7 +234,7 @@ static int ndpi_community_id_finalize_and_compute_hash(u_int8_t *comm_buf, u_int
   printf("Base64: %s\n", community_id);
 #endif
 
-  if (hash_buf_len < 2 || hash_buf_len-2 < strlen(community_id)+1) {
+  if(hash_buf_len < 2 || hash_buf_len-2 < strlen(community_id)+1) {
     ndpi_free(community_id);
     return -1;
   }
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 9fc5d2d7f..0d2f5cf3c 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -874,6 +874,7 @@ u_char* ndpi_base64_decode(const u_char *src, size_t len, size_t *out_len) {
 
 /* ********************************** */
 
+/* NOTE: caller MUST free returned pointer */
 char* ndpi_base64_encode(unsigned char const* bytes_to_encode, size_t in_len) {
   size_t len = 0, ret_size;
   char *ret;
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 5cf2cac19..f96745dc6 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -316,7 +316,9 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
 	printf("[TLS] %s() IssuerDN [%s]\n", __FUNCTION__, rdnSeqBuf);
 #endif
 
-	if(rdn_len) flow->protos.stun_ssl.ssl.issuerDN = ndpi_strdup(rdnSeqBuf);
+	if(rdn_len && (flow->protos.stun_ssl.ssl.issuerDN == NULL))
+	  flow->protos.stun_ssl.ssl.issuerDN = ndpi_strdup(rdnSeqBuf);
+	
 	rdn_len = 0; /* Reset buffer */
       }