From d54d5083b3682b4223e1b8fb0b033b5c293174d5 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Sat, 30 Jul 2022 12:05:43 +0200
Subject: SMTPS, POPS, IMAPS: fix classification and extra dissection (#1685)

The big change in TLS code is to allow "master" protocols other than
TLS/DTLS, like SMTPS, POPS and IMAPS.
This change will allow, in a future, a proper and complete TLS dissection
for all these protocols with "STARTTLS"-like messages.
---
 example/ndpiReader.c | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

(limited to 'example')

diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index f4c0f427a..c06be6733 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -1588,15 +1588,12 @@ static void printFlow(u_int32_t id, struct ndpi_flow_info *flow, u_int16_t threa
       fprintf(out, "[ESNI Cipher: %s]", ndpi_cipher2str(flow->ssh_tls.encrypted_sni.cipher_suite));
     }
 
-    if((flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)
-       || (flow->detected_protocol.app_protocol == NDPI_PROTOCOL_TLS)) {
-      if(flow->ssh_tls.sha1_cert_fingerprint_set) {
-	fprintf(out, "[Certificate SHA-1: ");
-	for(i=0; i<20; i++)
-	  fprintf(out, "%s%02X", (i > 0) ? ":" : "",
-		  flow->ssh_tls.sha1_cert_fingerprint[i] & 0xFF);
-	fprintf(out, "]");
-      }
+    if(flow->ssh_tls.sha1_cert_fingerprint_set) {
+      fprintf(out, "[Certificate SHA-1: ");
+      for(i=0; i<20; i++)
+        fprintf(out, "%s%02X", (i > 0) ? ":" : "",
+                flow->ssh_tls.sha1_cert_fingerprint[i] & 0xFF);
+      fprintf(out, "]");
     }
 
 #ifdef HEURISTICS_CODE
-- 
cgit v1.2.3