summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/SSL_Analyze.c3
-rw-r--r--src/SSL_Analyze.h1
-rw-r--r--src/SSL_Message.c4
3 files changed, 5 insertions, 3 deletions
diff --git a/src/SSL_Analyze.c b/src/SSL_Analyze.c
index f555b9a..2809c00 100644
--- a/src/SSL_Analyze.c
+++ b/src/SSL_Analyze.c
@@ -209,7 +209,8 @@ extern "C" int SSL_INIT(void)
}
const char *filename="./conf/ssl/ssl_main.conf";
- MESA_load_profile_int_def(filename, "FUNCTION", "MAC_CACHE_LEN", &g_ssl_runtime_para.max_cache_len, 10240);
+ MESA_load_profile_int_def(filename, "SSL", "MAX_CACHE_LEN", &g_ssl_runtime_para.max_cache_len, 10240);
+ MESA_load_profile_int_def(filename, "SSL", "PARSE_CERTIFICATE_DETAIL", &g_ssl_runtime_para.parse_certificate_detail, 1);
ssl_ja3_init();
g_ssl_runtime_para.proto_tag_id=project_producer_register("MESA_PROTO", "struct", ssl_proto_tag_free);
diff --git a/src/SSL_Analyze.h b/src/SSL_Analyze.h
index 955aff8..e5fe861 100644
--- a/src/SSL_Analyze.h
+++ b/src/SSL_Analyze.h
@@ -51,6 +51,7 @@ struct ssl_runtime_para
char stat_appname[16];
int proto_tag_id ;
int max_cache_len;
+ int parse_certificate_detail;
};
struct ssl_business_info
diff --git a/src/SSL_Message.c b/src/SSL_Message.c
index 82999d5..c8cacb5 100644
--- a/src/SSL_Message.c
+++ b/src/SSL_Message.c
@@ -140,7 +140,7 @@ int ssl_trunk_cache(struct ssl_runtime_context *ssl_context, char *payload, int
ssl_context->record.cache_len=0;
int length=MIN(payload_len, g_ssl_runtime_para.max_cache_len);
- memcpy(ssl_context->record.cache_buff+ssl_context->record.cache_len, payload, length);
+ memmove(ssl_context->record.cache_buff+ssl_context->record.cache_len, payload, length);
ssl_context->record.cache_len+=length;
return 0;
@@ -517,7 +517,7 @@ int ssl_parse_new_session_ticket(struct ssl_new_session_ticket *new_session_tick
int ssl_parse_certificate_detail(const struct streaminfo *a_tcp, struct ssl_runtime_context *ssl_context, char *payload, int payload_len, int thread_seq, const void *a_packet)
{
- if(!(g_ssl_runtime_para.ssl_interested_region_flag&SSL_CERTIFICATE_DETAIL))
+ if(!(g_ssl_runtime_para.ssl_interested_region_flag&SSL_CERTIFICATE_DETAIL) || g_ssl_runtime_para.parse_certificate_detail==0)
{
ssl_context->stream.certificate=NULL;
return SSL_TRUE;
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 18:05:58 +0000