aboutsummaryrefslogtreecommitdiff
path: root/src/lib
Commit message (Collapse)AuthorAge
* Added -D flag for detecting DoH in the wildLuca Deri2020-10-26
| | | | Removed heuristic from CiscoVPN as it leads to false positives
* Various improvemement when using ndpi_pref_enable_tls_block_dissection:Luca Deri2020-10-24
| | | | | | application data TLS blocks are now ignored when exchanged before - the end of certificate negotiation (up to TLS 1.2) - change cipher
* Added CPHA - CheckPoint High Availability Protocol protocl supportLuca Deri2020-10-22
|
* Fixes #1033Luca Deri2020-10-21
|
* Added new IPs for TeamViewer (#1040)Douglas2020-10-21
| | | Co-authored-by: Douglas Wordell <douglas.wordell@seti.com.br>
* Remove possible invalid read (#1035)Igor Duarte2020-10-21
|
* Improved processing of IPv6 headerLuca Deri2020-10-15
| | | | Improved QUIC serialization
* Handle list items in ndpi_deserialize_get_single_sizeAlfredo Cardigliano2020-10-15
|
* Add serialization of values list in TLVAlfredo Cardigliano2020-10-15
|
* Added ndpi_quick_16_byte_hashLuca2020-10-05
| | | | Warning fix
* Added fix for invalid SNI check when SNI is missingLuca Deri2020-10-02
|
* QUIC: fix dissection of "offset" field (#1025)Ivan Nardi2020-09-29
| | | | | | | The "offset" field is a variable-length integer. This bug hasn't any practical effects right now, since we are ignoring any packet with "offset" != 0 (and the value 0 is always encoded in only one byte). But extracting a correct "offset" is important if we are ever going to handle fragmented Client Hello messages.
* Added extra boundary checksLuca Deri2020-09-26
|
* Boundary fixLuca Deri2020-09-25
|
* Various optimizations to reduce not-necessary callsLuca Deri2020-09-24
| | | | | Optimized various UDP dissectors Removed dead protocols such as pando and pplive
* Improved boundary check to prevent overflowLuca Deri2020-09-23
|
* Minor UA handling improvement to avoid heap-overflowLuca Deri2020-09-22
|
* Minor change for alignment issueLuca Deri2020-09-21
|
* Added risks for checkingLuca Deri2020-09-21
| | | | | - invalid DNS traffic (probably carrying exfiltrated data) - TLS traffic with no SNI extension
* Do not re-define libc functions for mingw builds.Toni Uhlig2020-09-20
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Merge pull request #1019 from IvanNardi/quic_fbLuca Deri2020-09-20
|\ | | | | QUIC: add support for MVFST EXPERIMENTAL version
| * QUIC: add support for MVFST EXPERIMENTAL versionNardi Ivan2020-09-20
| |
* | Merge pull request #1018 from lnslbrty/fix/make-distLuca Deri2020-09-20
|\ \ | | | | | | Fixed broken `make dist' and added CI check.
| * | Fixed broken `make dist' and added CI check.Toni Uhlig2020-09-19
| | | | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | | Merge pull request #1017 from lnslbrty/fix/mingw-xcompileLuca Deri2020-09-20
|\ \ \ | |_|/ |/| | Added support for mingw xcompile.
| * | Using NDPI_I64_FORMAT, NDPI_U64_FORMAT format string to differentiate ↵Toni Uhlig2020-09-18
| | | | | | | | | | | | | | | | | | between Windows and non-Windows. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
| * | Fixed mingw build w/o examples/tests/fuzzer.Toni Uhlig2020-09-18
| | | | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
| * | Fixed shlib xcompile for x86_64-w64-mingw32Toni Uhlig2020-09-08
| | | | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | | Added MDNS in extra packet dissection functionLuca Deri2020-09-18
| | |
* | | Reworked MDNS dissector that is not based on the DNS dissectorLuca Deri2020-09-17
| | |
* | | Merge pull request #1012 from IvanNardi/uaLuca Deri2020-09-17
|\ \ \ | | | | | | | | QUIC: extract User Agent information
| * | | TLS: fix memory accesses in QUIC transport parameters extensionNardi Ivan2020-09-10
| | | |
| * | | QUIC: extract User Agent informationNardi Ivan2020-09-08
| | | |
| * | | http: create a common function to parse User Agent fieldNardi Ivan2020-09-08
| | |/ | |/| | | | | | | Prepare the code to handle UA information from flows other than HTTP
* | | Disabled QUIC tracing that pollutes the outputLuca Deri2020-09-17
| | |
* | | Commented unused functionLuca2020-09-13
| | |
* | | Temporarily keep using snprintfAlfredo Cardigliano2020-09-11
| | |
* | | Reworked DGA checksLuca Deri2020-09-11
| | |
* | | Replace snprintf with ndpi_snappendAlfredo Cardigliano2020-09-11
| | |
* | | Added boundary checkLuca Deri2020-09-10
| | |
* | | Added buffer check in DGA analysisLuca Deri2020-09-10
| | |
* | | Complation fix as not on all platforms isnumber() is availablelucaderi2020-09-10
| | |
* | | Merge pull request #1014 from lnslbrty/improved/teamspeakLuca Deri2020-09-09
|\ \ \ | | | | | | | | Improved Teamspeak(3) protocol detection.
| * | | Improved Teamspeak(3) protocol detection.Toni Uhlig2020-09-09
| |/ / | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | | Added extension to detect nested subdomains as used in Browsertunnel attack toolLuca Deri2020-09-09
| | | | | | | | | | | | https://github.com/veggiedefender/browsertunnel
* | | Add missing low-level serializer calls to the APIAlfredo Cardigliano2020-09-09
|/ /
* | Updated DoT/DoH provider.Toni Uhlig2020-09-07
| | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | Improved dnscrypt v1/v2 protocol detection.Toni Uhlig2020-09-06
|/ | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Add start_of_block/end_of_block support to TLVAlfredo Cardigliano2020-09-04
|
* Added some additional TLS mappingsLuca Deri2020-09-02
|
Powered by cgit, Themed by Ted Yin.