From f6ad16d8f8567c990431a6cd38cf5357d7a60723 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Tue, 9 Mar 2021 23:38:29 +0100 Subject: Added experiemntal JA3+ implementation that can be used with -z i ndpiReader --- src/include/ndpi_typedefs.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/include') diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index cd167a24e..e2e27737c 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1050,7 +1050,7 @@ struct ndpi_detection_module_struct { u_int32_t current_ts; u_int32_t ticks_per_second; u_int16_t num_tls_blocks_to_follow; - u_int8_t skip_tls_blocks_until_change_cipher:1, _notused:7; + u_int8_t skip_tls_blocks_until_change_cipher:1, enable_ja3_plus:1, _notused:6; #ifdef NDPI_ENABLE_DEBUG_MESSAGES void *user_data; @@ -1453,6 +1453,7 @@ typedef enum ndpi_no_prefs = 0, ndpi_dont_load_tor_hosts, ndpi_dont_init_libgcrypt, + ndpi_enable_ja3_plus } ndpi_prefs; typedef struct { -- cgit v1.2.3