| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | ndpiReader: print an error msg if we found an unsupported datalink type (#1157) | Ivan Nardi | 2021-03-23 | |
| | | ||||
| * | Reworked extendal dependency across testing tools | Luca Deri | 2021-03-14 | |
| | | ||||
| * | Added experiemntal JA3+ implementation that can be used with -z i ndpiReader | Luca Deri | 2021-03-09 | |
| | | ||||
| * | Add support for Snapchat voip calls (#1147) | Ivan Nardi | 2021-03-06 | |
| | | | | | | | | | | * Add support for Snapchat voip calls Snapchat multiplexes some of its audio/video real time traffic with QUIC sessions. The peculiarity of these sessions is that they are Q046 and don't have any SNI. * Fix tests with libgcrypt disabled | |||
| * | Fixed memory leaks caused by conditional free'ing for some TLS connec… (#1132) | Toni | 2021-02-10 | |
| | | | | | | | | | | | | | | | | * Fixed memory leaks caused by conditional free'ing for some TLS connections. * Members of tls_quic struct should also free'd if the detected master protocol is IMAPS / POPS / SMTPS / etc. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Prevent reader_util.c from exit()'ing if maximum flow count reached. This confuses the fuzzer. * Improved fuzz/Makefile.am to use LDADD for ../example/libndpiReader.a instead of LDFLAGS. That way, fuzz_ndpi_reader re-links to ../example/libndpiReader.a if something changed there. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | RSI enhancements | Luca Deri | 2021-02-05 | |
| | | ||||
| * | Improved debug message | Luca Deri | 2021-02-03 | |
| | | ||||
| * | Cleaned up tls/quic datatypes | Luca Deri | 2021-01-21 | |
| | | ||||
| * | Reworked TLS fingerprint calcolation | Luca Deri | 2021-01-21 | |
| | | | | | Modified TLS memory free | |||
| * | (C) Update | Luca Deri | 2021-01-07 | |
| | | ||||
| * | Split HTTP request from response Content-Type. Request Content-Type should ↵ | Luca Deri | 2021-01-06 | |
| | | | | | be present with POSTs and not with other methods such as GET | |||
| * | Restored QUIC stats | Luca Deri | 2020-12-30 | |
| | | ||||
| * | Fixed output when tLS (nad not QUIC) is used | Luca Deri | 2020-12-28 | |
| | | ||||
| * | Fixes bug introduced by https://github.com/ntop/nDPI/pull/1085 | Luca Deri | 2020-12-12 | |
| | | ||||
| * | Fix minimum packet length condition (#1087) | Zied Aouini | 2020-12-12 | |
| | | ||||
| * | Added --ignore-vlanid / -I to exclude VLAN ids for flow hash calculation. ↵ | Toni | 2020-12-11 | |
| | | | | | | #1073 (#1085) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Support raw IPv4 / IPv6 pcap packet processing. (#1053) | Toni | 2020-11-09 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Cosmetic changes | Luca Deri | 2020-11-03 | |
| | | ||||
| * | Moved global in reader_util.c | Luca Deri | 2020-10-27 | |
| | | ||||
| * | Added -D flag for detecting DoH in the wild | Luca Deri | 2020-10-26 | |
| | | | | | Removed heuristic from CiscoVPN as it leads to false positives | |||
| * | Various improvemement when using ndpi_pref_enable_tls_block_dissection: | Luca Deri | 2020-10-24 | |
| | | | | | | | application data TLS blocks are now ignored when exchanged before - the end of certificate negotiation (up to TLS 1.2) - change cipher | |||
| * | Fix parsing of DLT_PPP datalink type (#1042) | Ivan Nardi | 2020-10-21 | |
| | | ||||
| * | CAPWAP tunnel decoding fix (#1038) | Zied Aouini | 2020-10-21 | |
| | | | | | | * Fix CAPWAP processing. * Update result. | |||
| * | Fix CAPWAP handling. | aouinizied | 2020-10-13 | |
| | | ||||
| * | Added ndpi_quick_16_byte_hash | Luca | 2020-10-05 | |
| | | | | | Warning fix | |||
| * | Warning fix | Luca Deri | 2020-10-03 | |
| | | ||||
| * | Reworked MDNS dissector that is not based on the DNS dissector | Luca Deri | 2020-09-17 | |
| | | ||||
| * | http: create a common function to parse User Agent field | Nardi Ivan | 2020-09-08 | |
| | | | | | Prepare the code to handle UA information from flows other than HTTP | |||
| * | OpenBSD: Introduce pkt_timeval to deal with (bpf_)_timeval | Adrian Zgorzałek | 2020-08-09 | |
| | | | | | | | Some BSD APIs called in example/ return `struct bpf_timeval`, where nDPI APIs expect `struct timeval`. These two structs, besides having a different name, share the exact same set of fields. | |||
| * | Tiny changes for TLS block lenght dissection | Luca Deri | 2020-07-29 | |
| | | ||||
| * | wrapper cleanup | Luca Deri | 2020-07-13 | |
| | | ||||
| * | Fixed heap overflow caused by missing lengthcheck in 802.11 LLC header parsing. | Toni Uhlig | 2020-07-11 | |
| | | | | | | | * triggered by fuzz traces from wireshark Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Removed csv_fp as external symbol. Instead passing csv_fp through as argument. | Toni Uhlig | 2020-07-08 | |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Added ndpi_cluster_bins() for clustering bins and ancillary functions for ↵ | Luca Deri | 2020-07-07 | |
| | | | | | bins manipulation | |||
| * | Merge pull request #932 from IvanNardi/log | Luca Deri | 2020-07-07 | |
| |\ | | | | | Log | |||
| | * | Fix compilation with --enable-debug-messages flag | Nardi Ivan | 2020-06-26 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | NDPI_LOG* macros dereference ndpi_detection_module_struct object which is private to ndpi library (via NDPI_LIB_COMPILATION define). So we can't use them outside the library itself, i.e. in ndpiReader code Therefore, in files in example/, convert all (rare) uses of NDPI_LOG* macros to a new very simple macro, private to ndpiReader program. If necessary, such macro may be improved. According to a comment in ndpi_define.h, each dissector must define its own NDPI_CURRENT_PROTO macro before including ndpi_api.h file | |||
| * | | Fixed heap overflow caused by missing lengthcheck in reader uutil. | Toni Uhlig | 2020-07-06 | |
| | | | | | | | | | | | | | * triggered by fuzz traces from wireshark Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | | Fix memory leak about purged/expired flows | Nardi Ivan | 2020-06-28 | |
| | | | | | | | | | | | Create an helper to avoid similar errors in the future Fixes: 1a62f4c7 | |||
| * | | Fix (harmless) memory leaks when DPDK is enabled | Nardi Ivan | 2020-06-28 | |
| |/ | ||||
| * | Added ndpi_bin_XXX API | Luca Deri | 2020-06-22 | |
| | | | | | Added packet lenght distribution bins | |||
| * | Added checks for DGA detection | Luca Deri | 2020-06-17 | |
| | | ||||
| * | Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants) | Luca Deri | 2020-06-06 | |
| | | ||||
| * | Merge pull request #913 from yskcg/fix_segment_fault_dev | Luca Deri | 2020-06-05 | |
| |\ | | | | | Fix segment fault dev | |||
| | * | fix segment fault cause by the ssl.server_names when it may NULL | ysk | 2020-06-03 | |
| | | | ||||
| * | | Added support for Encrypted TLS SNI dissection | Luca Deri | 2020-05-28 | |
| |/ | | | | https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/ | |||
| * | Added the ability to detect when a known protocol is using a non-standard port | Luca Deri | 2020-05-10 | |
| | | | | | Added check to spot executables exchanged via HTTP | |||
| * | Added TLS issuerDN and subjectDN | Luca Deri | 2020-05-07 | |
| | | ||||
| * | Fix heap-overflow error in CAPWAP detunneling code | Nardi Ivan | 2020-04-24 | |
| | | ||||
| * | Add basic support for some ip-in-ip tunnels | Nardi Ivan | 2020-04-23 | |
| | | | | | | | | | Add support for 4in4, 6in6 and 4in6 encapsulations Add support for ipv6 traffic in gtp tunnels, too To allow gtp unit test, gtp detunneling flag has been globally enabled in the test suite | |||
| * | Merge pull request #879 from IvanNardi/warnings | Luca Deri | 2020-04-21 | |
| |\ | | | | | Fix some compilation warnings | |||