Hi nDPI Team,
I found a bug in the nDPI SSL code. In some case (I have a pcap) the SSL
is not identified by nDPI library.
The pach (if I understand the code) is very simple.
>From the file ssl.c inside the function named
"sslDetectProtocolFromCertificate" is used the function
"matchStringProtocol" (line 184).
If the function matchStringProtocol fails (ie return -1) the
"sslDetectProtocolFromCertificate" does not return 0.
Then the lines (184-186):
matchStringProtocol(ipoque_struct, certificate, strlen(certificate));
return(rc);
should be modified in:
if (matchStringProtocol(ipoque_struct, certificate,
strlen(certificate)) != -1)
return(rc);
Ciao.
Gianluca
--
Gianluca Costa - Xplico project manager
http://www.xplico.org
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
