From cae9fb9989838f213eeb857b8fc4bbeac6940049 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Mon, 6 Jan 2025 11:04:50 +0100
Subject: TLS: remove ESNI support (#2648)

ESNI has been superseded by ECH for years, now.
See: https://blog.cloudflare.com/encrypted-client-hello/
Set the existing flow risk if we still found this extension.
---
 src/include/ndpi_typedefs.h | 5 -----
 1 file changed, 5 deletions(-)

(limited to 'src/include')

diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 57a7d9993..4d0e6740b 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1434,11 +1434,6 @@ struct ndpi_flow_struct {
 
       u_int16_t ssl_version, server_names_len;
 
-      struct {
-        u_int16_t cipher_suite;
-        char *esni;
-      } encrypted_sni;
-
       struct {
         u_int16_t version;
       } encrypted_ch;
-- 
cgit v1.2.3