From 6c1317fa278be71fba8c01c492c223e95eb4ba03 Mon Sep 17 00:00:00 2001
From: Toni Uhlig <matzeton@googlemail.com>
Date: Fri, 26 Feb 2021 16:19:28 +0100
Subject: Added NDPI_MALICIOUS_SHA1 flow risk.

 * An external file which contains known malicious SSL certificate SHA-1 hashes
   can be loaded via ndpi_load_malicious_sha1_file(...)

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 src/include/ndpi_api.h.in | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/include/ndpi_api.h.in')

diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in
index 4e63d1d22..0e6a50518 100644
--- a/src/include/ndpi_api.h.in
+++ b/src/include/ndpi_api.h.in
@@ -715,6 +715,15 @@ extern "C" {
    */
   int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
 
+  /**
+   * Read a file and load the list of malicious SSL certificate SHA1 fingerprints.
+   * @par     ndpi_mod = the detection module
+   * @par     path     = the path of the file
+   * @return  0 if the file is loaded correctly;
+   *          -1 else
+   */
+  int ndpi_load_malicious_sha1_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
+
   /**
    * Get the total number of the supported protocols
    *
-- 
cgit v1.2.3