ja4: check more ifdef HAVE_JA4

author Philippe Antoine <pantoine@oisf.net>

Tue, 6 May 2025 11:43:14 +0000 (13:43 +0200)

committer Victor Julien <victor@inliniac.net>

Fri, 16 May 2025 19:33:54 +0000 (21:33 +0200)
author Philippe Antoine <pantoine@oisf.net>
Tue, 6 May 2025 11:43:14 +0000 (13:43 +0200)
committer Victor Julien <victor@inliniac.net>
Fri, 16 May 2025 19:33:54 +0000 (21:33 +0200)
diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c

index 6ec0adbf23dc0aedc27119c8a2521e7f36c8c96e..9df0999c8915aac407e992c083d3663a6039292a 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -186,7 +186,9 @@ enum {
  
  /* JA3 and JA4 fingerprints are disabled by default */
  #define SSL_CONFIG_DEFAULT_JA3 0
+#ifdef HAVE_JA4
  #define SSL_CONFIG_DEFAULT_JA4 0
+#endif
  
  enum SslConfigEncryptHandling {
      SSL_CNF_ENC_HANDLE_TRACK_ONLY = 0, /**< disable raw content, continue tracking */
@@ -3366,6 +3368,7 @@ void SSLEnableJA3(void)
   */
  void SSLEnableJA4(void)
  {
+    // only caller has #ifdef HAVE_JA4
      if (g_disable_hashing || ssl_config.disable_ja4) {
          return;
      }
diff --git a/src/output-json-tls.c b/src/output-json-tls.c

index 7c26c6507e46a13280b480b1d6c2ea02282807b5..7c68f7864e6b79733545035673c0755fc1023d2b 100644 (file)
--- a/src/output-json-tls.c
+++ b/src/output-json-tls.c
@@ -83,6 +83,7 @@ TlsFields tls_fields[] = {
      { "client", LOG_TLS_FIELD_CLIENT },
      { "client_certificate", LOG_TLS_FIELD_CLIENT_CERT },
      { "client_chain", LOG_TLS_FIELD_CLIENT_CHAIN },
+    // accept if as nop if we do not HAVE_JA4
      { "ja4", LOG_TLS_FIELD_JA4 },
      { "subjectaltname", LOG_TLS_FIELD_SUBJECTALTNAME },
      { "client_alpns", LOG_TLS_FIELD_CLIENT_ALPNS },
author	Philippe Antoine <pantoine@oisf.net>
	Tue, 6 May 2025 11:43:14 +0000 (13:43 +0200)
committer	Victor Julien <victor@inliniac.net>
	Fri, 16 May 2025 19:33:54 +0000 (21:33 +0200)
src/app-layer-ssl.c		patch \| blob \| blame \| history
src/output-json-tls.c		patch \| blob \| blame \| history