vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-22 03:03:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

TLS: better handling of encrypted/cleartext alert messages (#3095)

Browse source
This commit is contained in:
Ivan Nardi 2026-01-19 17:33:01 +00:00 committed by GitHub
parent 6755d3309a
commit 009a85ef53
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/lib/protocols/tls.c
View file

@ -1509,7 +1509,10 @@ int ndpi_search_tls_tcp(struct ndpi_detection_module_struct *ndpi_struct,
printf("[TLS] *** TLS ALERT ***\n");
#endif
if(len >= 7) {
/* Basic heuristic to tell if the alert is encrypted or not */
if(len == 7 &&
(message->buffer[5] == 1 ||
message->buffer[5] == 2)) {
u_int8_t alert_level = message->buffer[5];
if(alert_level == 2 /* Warning (1), Fatal (2) */)