aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/ndpi_typedefs.h2
-rw-r--r--src/lib/protocols/tls.c14
2 files changed, 12 insertions, 4 deletions
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index f39b2b6bd..c83280e0a 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1405,7 +1405,7 @@ struct ndpi_flow_struct {
char ja3_client[33], ja3_server[33];
u_int16_t server_cipher;
u_int8_t sha1_certificate_fingerprint[20];
- u_int8_t hello_processed:1, subprotocol_detected:1, fingerprint_set:1, _pad:5;
+ u_int8_t hello_processed:1, ch_direction:1, subprotocol_detected:1, fingerprint_set:1, _pad:4;
#ifdef TLS_HANDLE_SIGNATURE_ALGORITMS
/* Under #ifdef to save memory for those who do not need them */
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 55eed7ca9..a602fbeeb 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -861,6 +861,7 @@ static int processTLSBlock(struct ndpi_detection_module_struct *ndpi_struct,
case 0x02: /* Server Hello */
processClientServerHello(ndpi_struct, flow, 0);
flow->protos.tls_quic.hello_processed = 1;
+ flow->protos.tls_quic.ch_direction = (packet->payload[0] == 0x01 ? packet->packet_direction : !packet->packet_direction);
ndpi_int_tls_add_connection(ndpi_struct, flow);
#ifdef DEBUG_TLS
@@ -882,10 +883,17 @@ static int processTLSBlock(struct ndpi_detection_module_struct *ndpi_struct,
/* Important: populate the tls union fields only after
* ndpi_int_tls_add_connection has been called */
if(flow->protos.tls_quic.hello_processed) {
- ret = processCertificate(ndpi_struct, flow);
- if(ret != 1) {
+ /* Only certificates from the server */
+ if(flow->protos.tls_quic.ch_direction != packet->packet_direction) {
+ ret = processCertificate(ndpi_struct, flow);
+ if(ret != 1) {
#ifdef DEBUG_TLS
- printf("[TLS] Error processing certificate: %d\n", ret);
+ printf("[TLS] Error processing certificate: %d\n", ret);
+#endif
+ }
+ } else {
+#ifdef DEBUG_TLS
+ printf("[TLS] Certificate from client. Ignoring it\n");
#endif
}
flow->tls_quic.certificate_processed = 1;
Powered by cgit, Themed by Ted Yin.