From ffcb4ad232da6250199477d413ae13fee6d2a945 Mon Sep 17 00:00:00 2001 From: Mats Klepsland Date: Fri, 16 Dec 2016 14:43:43 +0100 Subject: [PATCH] tls: fix tls_cert_subject prefilter bug If check in prefilter was checking that issuer was non-NULL, when it in fact should be checking subject. --- src/detect-engine-tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/detect-engine-tls.c b/src/detect-engine-tls.c index 6adac0f8b8..8e216618b0 100644 --- a/src/detect-engine-tls.c +++ b/src/detect-engine-tls.c @@ -215,7 +215,7 @@ static void PrefilterTxTlsSubject(DetectEngineThreadCtx *det_ctx, const void *pe const MpmCtx *mpm_ctx = (MpmCtx *)pectx; SSLState *ssl_state = f->alstate; - if (ssl_state->server_connp.cert0_issuerdn == NULL) + if (ssl_state->server_connp.cert0_subject == NULL) return; const uint8_t *buffer = (const uint8_t *)ssl_state->server_connp.cert0_subject; -- 2.47.2