release: version 1.1.15 - Fix ALPN detection for malformed TLS extensions
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
- FIX: ALPN (tls_alpn) not appearing in logs for packets with truncated extensions - Add sanitizeTLSRecord fallback in extractTLSExtensions (tlsparse/parser.go) - Mirrors sanitization already present in fingerprint/engine.go - ALPN now correctly extracted even when ParseClientHello fails on raw payload - Bump version to 1.1.15 in main.go and packaging/rpm/ja4sentinel.spec Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
toto
@ -525,25 +525,25 @@ func TestCaptureImpl_buildBPFFilter(t *testing.T) {
|
||||
name: "single port no IPs",
|
||||
ports: []uint16{443},
|
||||
localIPs: []string{},
|
||||
wantParts: []string{"tcp port 443"},
|
||||
wantParts: []string{"tcp dst port 443"},
|
||||
},
|
||||
{
|
||||
name: "single port with single IP",
|
||||
ports: []uint16{443},
|
||||
localIPs: []string{"192.168.1.10"},
|
||||
wantParts: []string{"tcp port 443", "dst host 192.168.1.10"},
|
||||
wantParts: []string{"tcp dst port 443", "dst host 192.168.1.10"},
|
||||
},
|
||||
{
|
||||
name: "multiple ports with multiple IPs",
|
||||
ports: []uint16{443, 8443},
|
||||
localIPs: []string{"192.168.1.10", "10.0.0.5"},
|
||||
wantParts: []string{"tcp port 443", "tcp port 8443", "dst host 192.168.1.10", "dst host 10.0.0.5"},
|
||||
wantParts: []string{"tcp dst port 443", "tcp dst port 8443", "dst host 192.168.1.10", "dst host 10.0.0.5"},
|
||||
},
|
||||
{
|
||||
name: "IPv6 address",
|
||||
ports: []uint16{443},
|
||||
localIPs: []string{"2001:db8::1"},
|
||||
wantParts: []string{"tcp port 443", "dst host 2001:db8::1"},
|
||||
wantParts: []string{"tcp dst port 443", "dst host 2001:db8::1"},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user