From 948a9060378a2a33f5701947386492ff10cb2de6 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Mon, 26 Oct 2020 21:40:59 +0100 Subject: Added -D flag for detecting DoH in the wild Removed heuristic from CiscoVPN as it leads to false positives --- src/lib/ndpi_main.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/lib/ndpi_main.c') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 9de47e471..65f1db852 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -603,10 +603,11 @@ int ndpi_set_detection_preferences(struct ndpi_detection_module_struct *ndpi_str case ndpi_pref_enable_tls_block_dissection: /* - If this option is enabled only the TLS Application data blocks past the - certificate negotiation are considered + If this option is enabled only the TLS Application data blocks past the + certificate negotiation are considered */ ndpi_str->num_tls_blocks_to_follow = NDPI_MAX_NUM_TLS_APPL_BLOCKS; + ndpi_str->skip_tls_blocks_until_change_cipher = 1; break; default: -- cgit v1.2.3