From: Victor Julien <victor@inliniac.net>
Date: Sun, 6 Oct 2019 10:01:32 +0000 (+0200)
Subject: tls/ja3: allow 'auto' setting for ja3
X-Git-Tag: suricata-5.0.0~54
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c582fd28d97f385d1223c2b21c64a1d67068ea61;p=thirdparty%2Fsuricata.git

tls/ja3: allow 'auto' setting for ja3
---

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 2a7477a2ba..a6573d5680 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -2944,13 +2944,16 @@ void RegisterSSLParsers(void)
 
         /* Check if we should generate JA3 fingerprints */
         int enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
-        if (ConfGetBool("app-layer.protocols.tls.ja3-fingerprints",
-                        &enable_ja3) != 1) {
+        const char *strval = NULL;
+        if (ConfGetValue("app-layer.protocols.tls.ja3-fingerprints", &strval) != 1) {
             enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
-        } else {
-            if (enable_ja3 == 0) {
-                ssl_config.disable_ja3 = true;
-            }
+        } else if (strcmp(strval, "auto") == 0) {
+            enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
+        } else if (ConfValIsFalse(strval)) {
+            enable_ja3 = 0;
+            ssl_config.disable_ja3 = true;
+        } else if (ConfValIsTrue(strval)) {
+            enable_ja3 = true;
         }
         SC_ATOMIC_SET(ssl_config.enable_ja3, enable_ja3);