| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Avoid useless host automa lookup (#1724) | Ivan Nardi | 2022-09-05 |
| | | | | | | | | | | | | | | | | | | | | The host automa is used for two tasks: * protocol sub-classification (obviously); * DGA evaluation: the idea is that if a domain is present in this automa, it can't be a DGA, regardless of its format/name. In most dissectors both checks are executed, i.e. the code is something like: ``` ndpi_match_host_subprotocol(..., flow->host_server_name, ...); ndpi_check_dga_name(..., flow->host_server_name,...); ``` In that common case, we can perform only one automa lookup: if we check the sub-classification before the DGA, we can avoid the second lookup in the DGA function itself. | ||
| * | Fixed FastCGI memory issue (was not using nDPI's malloc wrapper). (#1722) | Toni | 2022-09-05 |
| | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | FastCGI: dissect PARAMS (#1715) | Toni | 2022-08-30 |
| | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> Signed-off-by: lns <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com> Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | Add FastCGI protocol detection. (#1711) | Toni | 2022-08-24 |
| * CQL: fixed byte order conversion (BigEndian not LittleEndian) * CQL: increased required successful dissected packets to prevent false-positives Signed-off-by: Toni Uhlig <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||