3 files changed, 54 insertions, 17 deletions

diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in
index cfee592c7..87e03f7e9 100644
--- a/src/include/ndpi_api.h.in
+++ b/src/include/ndpi_api.h.in
@@ -106,7 +106,7 @@ extern "C" {
     via ndpi_add_string_value_to_automa()
   */
   int ndpi_match_string_value(void *_automa, char *string_to_match,
-			      u_int match_len, u_int16_t *num);
+			      u_int match_len, u_int32_t *num);
 
   /**
    * nDPI personal allocation and free functions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index b7da69d3f..3f472d7f1 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -2443,8 +2443,8 @@ void ndpi_finalize_automa(void *_automa) {
 /* ****************************************************** */
 
 static int ndpi_match_string_common(AC_AUTOMATA_t *automa, char *string_to_match,size_t string_len,
-                u_int16_t *protocol_id, ndpi_protocol_category_t *category,
-                ndpi_protocol_breed_t *breed) {
+				    u_int16_t *protocol_id, ndpi_protocol_category_t *category,
+				    ndpi_protocol_breed_t *breed) {
   AC_REP_t match = { NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_UNRATED };
   AC_TEXT_t ac_input_text;
   int rc;
@@ -2473,22 +2473,30 @@ static int ndpi_match_string_common(AC_AUTOMATA_t *automa, char *string_to_match
     rc = 1;
 
   if(protocol_id)
-      *protocol_id = rc ? match.number:NDPI_PROTOCOL_UNKNOWN;
+    *protocol_id = rc ? match.number : NDPI_PROTOCOL_UNKNOWN;
+
   if(category)
-      *category = rc ? match.category:0;
+    *category = rc ? match.category : 0;
+
   if(breed) 
-      *breed = rc ? match.breed:0;
+    *breed = rc ? match.breed : 0;
+
   return rc;
 }
 
+/* ****************************************************** */
+
 int ndpi_match_string(void *_automa, char *string_to_match) {
   uint16_t proto_id;
   int rc;
+
   if(!string_to_match)
-	  return(-2);
+    return(-2);
+
   rc = ndpi_match_string_common(_automa,string_to_match,strlen(string_to_match),
-			  &proto_id, NULL, NULL);
+				&proto_id, NULL, NULL);
   if(rc < 0) return rc;
+
   return rc ? proto_id : NDPI_PROTOCOL_UNKNOWN;
 }
 
@@ -2498,21 +2506,49 @@ int ndpi_match_string_protocol_id(void *automa, char *string_to_match,
 				  u_int match_len, u_int16_t *protocol_id,
 				  ndpi_protocol_category_t *category,
 				  ndpi_protocol_breed_t *breed) {
-
+  
   int rc = ndpi_match_string_common((AC_AUTOMATA_t*)automa, string_to_match,
-		  match_len, protocol_id, category, breed);
+				    match_len, protocol_id, category, breed);
   if(rc < 0) return rc;
+
   return(*protocol_id != NDPI_PROTOCOL_UNKNOWN ? 0 : -1);
 }
 
 /* ****************************************************** */
 
-int ndpi_match_string_value(void *automa, char *string_to_match,
-			    u_int match_len, u_int16_t *num) {
+int ndpi_match_string_value(void *_automa, char *string_to_match,
+			    u_int match_len, u_int32_t *num) {
+  AC_REP_t match = { NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_UNRATED };
+  AC_TEXT_t ac_input_text;
+  int rc;
+  AC_AUTOMATA_t *automa = (AC_AUTOMATA_t*)_automa;
+    
+  if(num) *num = 0;
+
+  if((automa == NULL) || (string_to_match == NULL) || (string_to_match[0] == '\0')) {
+    return(-2);
+  }
+
+  if(automa->automata_open) {
+    printf("[%s:%d] [NDPI] Internal error: please call ndpi_finalize_initialization()\n", __FILE__, __LINE__);
+    return(-1);
+  }
+
+  ac_input_text.astring = string_to_match, ac_input_text.length = match_len;
+  ac_input_text.ignore_case = 0;
+  rc = ac_automata_search(automa, &ac_input_text, &match);
+
+  /*
+    As ac_automata_search can detect partial matches and continue the search process
+    in case rc == 0 (i.e. no match), we need to check if there is a partial match
+    and in this case return it
+  */
+  if((rc == 0) && (match.number != 0))
+    rc = 1;
+
+  if(num && rc)
+    *num = match.number;
 
-  int rc = ndpi_match_string_common((AC_AUTOMATA_t *)automa, string_to_match,
-		  match_len, num, NULL, NULL);
-  if(rc < 0) return rc;
   return rc ? 0 : -1;
 }
 
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 5f15d7f14..4f376a4ff 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -591,12 +591,13 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
 
     if(flow->detected_protocol_stack[1] == NDPI_PROTOCOL_UNKNOWN) {
       /* No idea what is happening behind the scenes: let's check the certificate */
-      u_int16_t proto_id;
+      u_int32_t val;
       int rc = ndpi_match_string_value(ndpi_struct->tls_cert_subject_automa.ac_automa,
-				       rdnSeqBuf, strlen(rdnSeqBuf), &proto_id);
+				       rdnSeqBuf, strlen(rdnSeqBuf), &val);
 
       if(rc == 0) {
 	/* Match found */
+	u_int16_t proto_id = (u_int16_t)val;
 	ndpi_protocol ret = { NDPI_PROTOCOL_TLS, proto_id, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED};
 
 	flow->detected_protocol_stack[0] = proto_id,