]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
projects / thirdparty / snort3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d3ede02)
Pull request #5088: SSL client hello event is published with empty hostname
authorMurugaraj Rajamani -X (mururaja - HCL TECHNOLOGIES LIMITED at Cisco) <mururaja@cisco.com>
Tue, 13 Jan 2026 17:37:28 +0000 (17:37 +0000)
committerSteve Chew (stechew) <stechew@cisco.com>
Tue, 13 Jan 2026 17:37:28 +0000 (17:37 +0000)
Merge in SNORT/snort3 from ~MURURAJA/snort3:SSL_inspector to master

Squashed commit of the following:

commit 1440bbda83b60bca597a8386fdd98f117de4f642
Author: mururaja <mururaja@cisco.com>
Date:   Sat Jan 10 00:26:45 2026 -0800

    ssl: SSL client hello event is published with empty hostname

src/service_inspectors/ssl/ssl_inspector.cc patch | blob | blame | history

diff --git a/src/service_inspectors/ssl/ssl_inspector.cc b/src/service_inspectors/ssl/ssl_inspector.cc
index 5e7fc34ec0a4638f579da10390b709846b2daaf5..a152e9ad469804d4c11be1ac6bf12d61ad413473 100644 (file)
--- a/src/service_inspectors/ssl/ssl_inspector.cc
+++ b/src/service_inspectors/ssl/ssl_inspector.cc
@@ -403,6 +403,11 @@ static void snort_ssl(SSL_PROTO_CONF* config, Packet* p)
         SslClientHelloEvent event(client_hello_data.host_name, p);
         DataBus::publish(pub_id, SslEventIds::CHELLO_SERVER_NAME, event);
     }
+    else if (SSL_IS_CHELLO(new_flags))
+    {
+        SslClientHelloEvent event("", p);
+        DataBus::publish(pub_id, SslEventIds::CHELLO_SERVER_NAME, event);
+    }
 
     if (server_cert.common_name != nullptr)
     {
Mirror of https://github.com/snort3/snort3.git