From d4af90032e30ae7d1ad706fb19c781827656f5b6 Mon Sep 17 00:00:00 2001
From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Tue, 26 Dec 2017 13:33:05 +0100
Subject: [PATCH] util-ja3: add function to check if JA3 is disabled

---
 src/util-ja3.c | 35 +++++++++++++++++++++++++++++++++++
 src/util-ja3.h |  2 ++
 2 files changed, 37 insertions(+)

diff --git a/src/util-ja3.c b/src/util-ja3.c
index d9b7efb67a..a676d0223b 100644
--- a/src/util-ja3.c
+++ b/src/util-ja3.c
@@ -247,3 +247,38 @@ char *Ja3GenerateHash(JA3Buffer *buffer)
 #endif /* HAVE_NSS */
 
 }
+
+/**
+ * \brief Check if JA3 is disabled.
+ *
+ * Issue warning if JA3 is disabled or if we are lacking support for JA3.
+ *
+ * \param type Type to add to warning.
+ *
+ * \retval 1 if disabled.
+ * \retval 0 otherwise.
+ */
+int Ja3IsDisabled(const char *type)
+{
+    int is_enabled = 0;
+
+    /* Check if JA3 is enabled */
+    ConfGetBool("app-layer.protocols.tls.ja3-fingerprints", &is_enabled);
+
+    if (is_enabled == 0) {
+        SCLogWarning(SC_WARN_JA3_DISABLED, "JA3 is disabled, skipping %s",
+                     type);
+        return 1;
+    }
+
+#ifndef HAVE_NSS
+    else {
+        SCLogWarning(SC_WARN_NO_JA3_SUPPORT,
+                     "no MD5 calculation support build in, skipping %s",
+                     type);
+        return 1;
+    }
+#endif /* HAVE_NSS */
+
+    return 0;
+}
diff --git a/src/util-ja3.h b/src/util-ja3.h
index cae72167d1..10a2255692 100644
--- a/src/util-ja3.h
+++ b/src/util-ja3.h
@@ -37,5 +37,7 @@ void Ja3BufferFree(JA3Buffer *);
 int Ja3BufferAppendBuffer(JA3Buffer *, JA3Buffer *);
 int Ja3BufferAddValue(JA3Buffer *, uint32_t);
 char *Ja3GenerateHash(JA3Buffer *);
+int Ja3IsDisabled(const char *);
 
 #endif /* __UTIL_JA3_H__ */
+