From 94bf01a4dd3929a6236a0bbfb220acbda674331f Mon Sep 17 00:00:00 2001 From: liuxueli Date: Fri, 11 Sep 2020 16:40:19 +0800 Subject: 支持生成JA3指纹 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cmake/preInstall.sh | 5 +++++ src/SSL_Analyze.c | 1 + src/ssl.h | 10 ++++++++++ 3 files changed, 16 insertions(+) diff --git a/cmake/preInstall.sh b/cmake/preInstall.sh index f65f832..ccce914 100644 --- a/cmake/preInstall.sh +++ b/cmake/preInstall.sh @@ -4,9 +4,14 @@ mkdir -p ${DST}/plug/protocol/ mkdir -p ${DST}/etc/ touch ${DST}/plug/conflist.inf touch ${DST}/etc/entrylist.conf +touch ${DST}/etc/project_list.conf + if [[ -z `grep -rn 'ssl.inf' ${DST}/plug/conflist.inf` ]];then sed -i '/\[protocol\]/a\./plug/protocol/ssl/ssl.inf' ${DST}/plug/conflist.inf fi if [[ -z `grep -rn 'SSL' ${DST}/etc/entrylist.conf` ]];then echo "SSL" >> ${DST}/etc/entrylist.conf fi +if [[ -z `grep -rn 'JA3_FINGERPRINT_LABEL' ${DST}/etc/project_list.conf` ]];then + echo "JA3_FINGERPRINT_LABEL struct" >> ${DST}/etc/project_list.conf +fi \ No newline at end of file diff --git a/src/SSL_Analyze.c b/src/SSL_Analyze.c index d63e038..6f887c9 100644 --- a/src/SSL_Analyze.c +++ b/src/SSL_Analyze.c @@ -170,6 +170,7 @@ int SSL_INIT(void) /*MESA_proto*/ g_ssl_prog_para.proto_tag_id = project_producer_register("MESA_PROTO","struct",ssl_proto_tag_free); + ssl_ja3_init(); if(g_ssl_prog_para.stat_cycle) diff --git a/src/ssl.h b/src/ssl.h index 5981228..21f43d7 100644 --- a/src/ssl.h +++ b/src/ssl.h @@ -219,6 +219,16 @@ int ssl_read_specific_cert(const char* conj_cert_buf, uint32_t conj_buflen, uint const char* ssl_get_suite(st_suites_t* ciphersuits); +struct _ssl_ja3_info_t +{ + int sni_len; + int fp_len; + char *sni; + char *fp; +}; + +int ssl_ja3_init(void); +struct _ssl_ja3_info_t *ssl_get_ja3_fingerprint(struct streaminfo *stream, unsigned char *payload, int payload_len, int thread_seq); #ifdef __cplusplus } -- cgit v1.2.3