aboutsummaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/ndpi_utils.c3
-rw-r--r--src/lib/protocols/tls.c6
2 files changed, 9 insertions, 0 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 00fb47dad..e2571f64b 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -1495,6 +1495,9 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) {
case NDPI_HTTP_SUSPICIOUS_HEADER:
return("HTTP Suspicious Header");
+ case NDPI_TLS_NOT_CARRYING_HTTPS:
+ return("TLS (probably) not carrying HTTPS");
+
default:
snprintf(buf, sizeof(buf), "%d", (int)risk);
return(buf);
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 1abf494d5..26be13a6f 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -1381,6 +1381,12 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
#endif
}
+ /* Before returning to the caller we need to make a final check */
+ if((flow->protos.stun_ssl.ssl.ssl_version >= 0x0303) /* >= TLSv1.2 */
+ && (flow->protos.stun_ssl.ssl.alpn == NULL) /* No ALPN */) {
+ NDPI_SET_BIT(flow->risk, NDPI_TLS_NOT_CARRYING_HTTPS);
+ }
+
return(2 /* Client Certificate */);
} else {
#ifdef DEBUG_TLS
Powered by cgit, Themed by Ted Yin.