Skip to content

Commit

Permalink
Allow init of app protocols w/o any hostnames set. (#2057)
Browse files Browse the repository at this point in the history
  • Loading branch information
@utoni
utoni authored Jul 22, 2023
1 parent 88a757c commit 2b230e2
Show file tree
Hide file tree
Showing 2 changed files with 70 additions and 16 deletions.
26 changes: 24 additions & 2 deletions src/include/ndpi_api.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,14 +167,36 @@ extern "C" {
u_int16_t port /* network byte order */);

/**
* Init single protocol match
* Creates a protocol match that does not contain any hostnames.
*
* @par hostname_list = the desired hostname list form which the first entry is used to create the match
* @par empty_app_protocol = the resulting protocol match that does contain all information except the hostname
*
* @return 0 on success, 1 otherwise
*/
int ndpi_init_empty_app_protocol(ndpi_protocol_match const * const hostname_list,
ndpi_protocol_match * const empty_app_protocol);

/**
* Init single protocol match.
*
* @par ndpi_mod = the struct created for the protocol detection
* @par match = the struct passed to match the protocol
*
* @return 0 on success, 1 otherwise
*/
int ndpi_init_app_protocol(struct ndpi_detection_module_struct *ndpi_str,
ndpi_protocol_match const * const match);

/**
* Init single protocol match and adds it to the Aho-Corasick automata.
*
* @par ndpi_mod = the struct created for the protocol detection
* @par match = the struct passed to match the protocol
*
*/
void ndpi_init_protocol_match(struct ndpi_detection_module_struct *ndpi_mod,
ndpi_protocol_match *match);
ndpi_protocol_match const * const match);

/**
* Returns a new initialized detection module
Expand Down
60 changes: 46 additions & 14 deletions src/lib/ndpi_main.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -840,39 +840,63 @@ static int ndpi_remove_host_url_subprotocol(struct ndpi_detection_module_struct

/* ******************************************************************** */

void ndpi_init_protocol_match(struct ndpi_detection_module_struct *ndpi_str,
ndpi_protocol_match *match) {
int ndpi_init_empty_app_protocol(ndpi_protocol_match const * const hostname_list,
ndpi_protocol_match * const empty_app_protocol) {
if (hostname_list[0].proto_name == NULL)
return 1;

memset(empty_app_protocol, 0, sizeof(*empty_app_protocol));
empty_app_protocol->proto_name = hostname_list[0].proto_name;
empty_app_protocol->protocol_id = hostname_list[0].protocol_id;
empty_app_protocol->protocol_category = hostname_list[0].protocol_category;
empty_app_protocol->protocol_breed = hostname_list[0].protocol_breed;
empty_app_protocol->level = hostname_list[0].level;

return 0;
}

int ndpi_init_app_protocol(struct ndpi_detection_module_struct *ndpi_str,
ndpi_protocol_match const * const match) {
ndpi_port_range ports_a[MAX_DEFAULT_PORTS], ports_b[MAX_DEFAULT_PORTS];

if(ndpi_str->proto_defaults[match->protocol_id].protoName == NULL) {
ndpi_str->proto_defaults[match->protocol_id].protoName = ndpi_strdup(match->proto_name);
if(!ndpi_str->proto_defaults[match->protocol_id].protoName)
return;
return 1;
ndpi_str->proto_defaults[match->protocol_id].isAppProtocol = 1;
ndpi_str->proto_defaults[match->protocol_id].protoId = match->protocol_id;
ndpi_str->proto_defaults[match->protocol_id].protoCategory = match->protocol_category;
ndpi_str->proto_defaults[match->protocol_id].protoBreed = match->protocol_breed;

ndpi_set_proto_defaults(ndpi_str,
ndpi_str->proto_defaults[match->protocol_id].isClearTextProto,
ndpi_str->proto_defaults[match->protocol_id].isAppProtocol,
ndpi_str->proto_defaults[match->protocol_id].protoBreed,
ndpi_str->proto_defaults[match->protocol_id].protoId,
ndpi_str->proto_defaults[match->protocol_id].protoName,
ndpi_str->proto_defaults[match->protocol_id].protoCategory,
ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
ndpi_str->proto_defaults[match->protocol_id].isClearTextProto,
ndpi_str->proto_defaults[match->protocol_id].isAppProtocol,
ndpi_str->proto_defaults[match->protocol_id].protoBreed,
ndpi_str->proto_defaults[match->protocol_id].protoId,
ndpi_str->proto_defaults[match->protocol_id].protoName,
ndpi_str->proto_defaults[match->protocol_id].protoCategory,
ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
}

if(!is_proto_enabled(ndpi_str, match->protocol_id)) {
NDPI_LOG_DBG(ndpi_str, "[NDPI] Skip protocol match for %s/protoId=%d: disabled\n",
match->string_to_match, match->protocol_id);
return;
match->string_to_match, match->protocol_id);
return 1;
}

ndpi_add_host_url_subprotocol(ndpi_str, match->string_to_match,
return 0;
}

/* ******************************************************************** */

void ndpi_init_protocol_match(struct ndpi_detection_module_struct *ndpi_str,
ndpi_protocol_match const * const match) {
if (ndpi_init_app_protocol(ndpi_str, match) == 0) {
ndpi_add_host_url_subprotocol(ndpi_str, match->string_to_match,
match->protocol_id, match->protocol_category,
match->protocol_breed, match->level);
}
}

/* ******************************************************************** */
Expand Down Expand Up @@ -945,6 +969,14 @@ static void init_string_based_protocols(struct ndpi_detection_module_struct *ndp
if(ndpi_str->enable_load_gambling_list)
for(i = 0; ndpi_protocol_gambling_hostname_list[i].string_to_match != NULL; i++)
ndpi_init_protocol_match(ndpi_str, &ndpi_protocol_gambling_hostname_list[i]);
else {
ndpi_protocol_match gambling_match;
if (ndpi_init_empty_app_protocol(ndpi_protocol_gambling_hostname_list, &gambling_match) != 0 ||
ndpi_init_app_protocol(ndpi_str, &gambling_match) != 0) {
NDPI_LOG_ERR(ndpi_str,
"[NDPI] INTERNAL ERROR could not initialize empty gambling app protocol\n");
}
}

/* ************************ */

Expand Down

0 comments on commit 2b230e2

Please sign in to comment.