vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-01 08:29:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

http: create a common function to parse User Agent field

Browse source 
Prepare the code to handle UA information from flows other than HTTP
This commit is contained in:
Nardi Ivan 2020-09-07 16:35:04 +02:00
parent 601928cc8e
commit a1014e8895
3 changed files with 95 additions and 81 deletions
Download patch file Download diff file Expand all files Collapse all files

3
example/reader_util.c
View file

@ -1139,6 +1139,7 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl
}
/* TLS */
else if((is_ndpi_proto(flow, NDPI_PROTOCOL_TLS))
|| ((is_ndpi_proto(flow, NDPI_PROTOCOL_QUIC)))
|| (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)
|| (flow->ndpi_flow->protos.stun_ssl.ssl.ja3_client[0] != '\0')
) {
@ -1147,6 +1148,8 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl
sizeof(flow->ssh_tls.client_requested_server_name), "%s",
flow->ndpi_flow->protos.stun_ssl.ssl.client_requested_server_name);
snprintf(flow->http.user_agent, sizeof(flow->http.user_agent), "%s", flow->ndpi_flow->http.user_agent ? flow->ndpi_flow->http.user_agent : "");
if(flow->ndpi_flow->protos.stun_ssl.ssl.server_names_len > 0 && flow->ndpi_flow->protos.stun_ssl.ssl.server_names)
flow->ssh_tls.server_names = ndpi_strdup(flow->ndpi_flow->protos.stun_ssl.ssl.server_names);
flow->ssh_tls.notBefore = flow->ndpi_flow->protos.stun_ssl.ssl.notBefore;