From 477328f79b24896488de51aaa75f274e1ee5ed9b Mon Sep 17 00:00:00 2001
From: Philippe Antoine <contact@catenacyber.fr>
Date: Wed, 10 Jul 2019 21:02:09 +0200
Subject: [PATCH] ssl: register probing for port 443 if no config

---
 src/app-layer-ssl.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index ea384c8d1e..0adc077d86 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -2853,10 +2853,20 @@ void RegisterSSLParsers(void)
                                           STREAM_TOSERVER,
                                           SSLProbingParser, NULL);
         } else {
-            AppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP,
-                                                proto_name, ALPROTO_TLS,
-                                                0, 3,
-                                                SSLProbingParser, NULL);
+            if (AppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP,
+                                                    proto_name, ALPROTO_TLS,
+                                                    0, 3,
+                                                    SSLProbingParser, NULL) == 0) {
+                SCLogWarning(SC_ERR_MISSING_CONFIG_PARAM,
+                             "no TLS config found, "
+                             "enabling TLS detection on port 443.");
+                AppLayerProtoDetectPPRegister(IPPROTO_TCP,
+                                              "443",
+                                              ALPROTO_TLS,
+                                              0, 3,
+                                              STREAM_TOSERVER,
+                                              SSLProbingParser, NULL);
+            }
         }
     } else {
         SCLogInfo("Protocol detection and parser disabled for %s protocol",