| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | Code cleanup and safety checks in the fragment manager (#1129) | Alfredo Cardigliano | 2021-02-05 | |
| | | ||||
| * | Implemented more efficient and memory savvy RSI | Luca Deri | 2021-02-05 | |
| | | ||||
| * | RSI enhancements | Luca Deri | 2021-02-05 | |
| | | ||||
| * | Implemented API for computing RSI (Relative Strenght Index) | Luca Deri | 2021-02-04 | |
| | | | | | | | void ndpi_init_rsi(struct ndpi_rsi_struct *s, u_int16_t num_learning_values); void ndpi_free_rsi(struct ndpi_rsi_struct *s); float ndpi_rsi_add_value(struct ndpi_rsi_struct *s, const u_int32_t value); | |||
| * | Improved (partial) TLS dissection | Luca Deri | 2021-02-04 | |
| | | ||||
| * | Fix some memory leakes in reassembler code (#1127) | Ivan Nardi | 2021-02-04 | |
| | | ||||
| * | Added missing check | Luca Deri | 2021-02-04 | |
| | | ||||
| * | Fixed leak with DTLS | Luca Deri | 2021-02-03 | |
| | | ||||
| * | HTTP: fix user-agent parsing (#1124) | Ivan Nardi | 2021-02-03 | |
| | | | | | | | | | | | | User-agent information is used to try to detect the user OS; since the UA is extracted for QUIC traffic too, the "detected_os" field must be generic and not associated to HTTP flows only. Otherwise, you might overwrite some "tls_quic_stun" fields (SNI...) with random data. Strangely enough, the "detected_os" field is never used: it is never logged, or printed, or exported... | |||
| * | HTTP: fix logs when NDPI_ENABLE_DEBUG_MESSAGES is defined (#1123) | Ivan Nardi | 2021-02-03 | |
| | | ||||
| * | Cosmetic fixes | Luca Deri | 2021-02-03 | |
| | | ||||
| * | Increased number of extra packets that is necessary since the frgament ↵ | Luca Deri | 2021-02-03 | |
| | | | | | mananger introduction | |||
| * | Fixes an issue with https://github.com/ntop/nDPI/pull/1122 that misprocsssed ↵ | Luca Deri | 2021-02-03 | |
| | | | | | packets belonging to flows whose initial part (e.g. the 3WH) was not observed by nDPI (e.g. capture started in the middle of the flow) | |||
| * | fragments management added (#1122) | Roberto AGOSTINO | 2021-02-03 | |
| | | | | | | | Management of tcp segments managements. Co-authored-by: ragostino <ragostino73@gmail.com> Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com> | |||
| * | debug message bugfix (#1108) | ragostino | 2021-02-03 | |
| | | | | you can not look for memory enlargement if you print debug message after updating the variables | |||
| * | Improved wireguard dissection | Luca Deri | 2021-01-29 | |
| | | ||||
| * | DCE/RPC improvement to avoid false positives | Luca Deri | 2021-01-29 | |
| | | ||||
| * | DGA name improvement | Luca Deri | 2021-01-27 | |
| | | ||||
| * | Cleaned up tls/quic datatypes | Luca Deri | 2021-01-21 | |
| | | ||||
| * | Reworked TLS fingerprint calcolation | Luca Deri | 2021-01-21 | |
| | | | | | Modified TLS memory free | |||
| * | Added simple hash implementation to the nDPI API | Luca Deri | 2021-01-20 | |
| | | ||||
| * | Code cleanup: third party uthash is at the right place | Luca Deri | 2021-01-20 | |
| | | ||||
| * | Rewored UPnP protocol that in essence was WSD hence it has been renamed | Luca | 2021-01-20 | |
| | | | | | Cleaned up TLS code for DTLS detection by defining a new DTLS protocol | |||
| * | Improves STUN dissection removing an invalid termination condition that ↵ | Luca Deri | 2021-01-13 | |
| | | | | | prevented Skype calls to be properly identified | |||
| * | (C) Update | Luca Deri | 2021-01-07 | |
| | | ||||
| * | Warning fix | Luca Deri | 2021-01-07 | |
| | | ||||
| * | Increase SNI hostname buffer length to 256. (#1111) | Darryl Sokoloski | 2021-01-07 | |
| | | | | | | | | | | According to RFC 4366, SNI host names can be up to 255 bytes. Previous size of 64 resulted in failed application matches due to truncation. For example: 0976e041e65b1aece3e720df36ac6bd7.safeframe.googlesyndication.co|m Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca> | |||
| * | STUN: avoid false positives (#1110) | Ivan Nardi | 2021-01-07 | |
| | | | | STUN traffic doesn't use multicast addresses | |||
| * | HTTP: fix compilation and a memory error when NDPI_ENABLE_DEBUG_MESSAGES is ↵ | Ivan Nardi | 2021-01-07 | |
| | | | | | defined (#1109) | |||
| * | QUIC: add suppport for DNS-over-QUIC (#1107) | Ivan Nardi | 2021-01-07 | |
| | | | | | | | | | | Even if it is only an early internet draft, DoQ has already (at least) one deployed implementation. See: https://www.zdnet.com/article/ad-blocker-adguard-deploys-worlds-first-dns-over-quic-resolver/ Draft: https://tools.ietf.org/html/draft-huitema-dprive-dnsoquic-00 In the future, if this protocol will be really used, it might be worth to rename NDPI_PROTOCOL_DOH_DOT in NDPI_PROTOCOL_DOH_DOT_DOQ | |||
| * | Quic fixes (#1106) | Ivan Nardi | 2021-01-07 | |
| | | | | | | * QUIC: fix heap-buffer-overflow * TLS: fix parsing of QUIC Transport Parameters | |||
| * | QUIC: improve handling of SNI (#1105) | Ivan Nardi | 2021-01-07 | |
| | | | | | | | | | | | | | | * QUIC: SNI should be always saved in flow->protos.stun_ssl.ssl.client_requested_server_name Close #1077 * QUIC: fix matching of custom categories * QUIC: add NDPI_TLS_MISSING_SNI support for older GQUIC versions * QUIC: fix serialization * QUIC: add DGA check for older GQUIC versions | |||
| * | Split HTTP request from response Content-Type. Request Content-Type should ↵ | Luca Deri | 2021-01-06 | |
| | | | | | be present with POSTs and not with other methods such as GET | |||
| * | Added check for invalid HTTP content | Luca Deri | 2021-01-06 | |
| | | ||||
| * | QUIC: update to draft-33 (#1104) | Ivan Nardi | 2021-01-04 | |
| | | | | QUIC (final!?) constants for v1 are defined in draft-33 | |||
| * | Fix some warnings when compiling with "-W -Wall" flags (#1103) | Ivan Nardi | 2021-01-04 | |
| | | ||||
| * | Remove FB_ZERO protocol (#1102) | Ivan Nardi | 2021-01-04 | |
| | | | | | | | FB_ZERO was an experimental protocol run by Facebook. They switched to QUIC/TLS1.3 more than 2 years ago; no one ever used it but them so it is definitely dead. See: https://engineering.fb.com/2018/08/06/security/fizz/ | |||
| * | Added a new API function `ndpi_free_flow_data' which free's all members of ↵ | Toni | 2021-01-04 | |
| | | | | | | ndpi_flow_struct but not the struct itself. (#1101) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Fix memory leak introduced in b7376cc6 (#1100) | Ivan Nardi | 2021-01-04 | |
| | | ||||
| * | Fixed missing symbol | Luca Deri | 2021-01-02 | |
| | | ||||
| * | Added HTTP suspicious content securirty risk (useful for tracking trickbot) | Luca Deri | 2021-01-02 | |
| | | ||||
| * | Updated ndpi_ptree_match_addr() prototype | Luca Deri | 2020-12-30 | |
| | | ||||
| * | Split ptree user data in 32 and 64 bit entries | Luca Deri | 2020-12-30 | |
| | | ||||
| * | Bugfix for host check (#1097) | pengtian | 2020-12-29 | |
| | | | | this bug is from commit `427002d14` `2020-05-06 00:31:40` | |||
| * | Added known protocol on unknown port for ntop | Luca Deri | 2020-12-28 | |
| | | ||||
| * | Initialization fix | Luca Deri | 2020-12-28 | |
| | | ||||
| * | Free flow fix | Luca Deri | 2020-12-28 | |
| | | ||||
| * | Removed test code | Luca Deri | 2020-12-26 | |
| | | ||||
| * | Removed space from protocol name | Luca Deri | 2020-12-23 | |
| | | ||||
| * | Introduced fix on TLS for discarding traffic out of sequence that might ↵ | Luca Deri | 2020-12-22 | |
| | | | | | invalidate dissection | |||