diff options
| author | Luca Deri <deri@ntop.org> | 2022-12-05 21:27:30 +0100 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2022-12-05 21:27:30 +0100 |
| commit | e0afc16aa2ae78c39b7b51c73840f79ba1723c9c (patch) | |
| tree | 58cb02776a9e8f069910fe1cddd8308496e6cce6 | |
| parent | c882120afd76255d6511f9b43b9776f8e0a9044f (diff) | |
Exported HTTP server in metadata
| -rw-r--r-- | example/ndpiReader.c | 3 | ||||
| -rw-r--r-- | example/reader_util.c | 1 | ||||
| -rw-r--r-- | example/reader_util.h | 2 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 4 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 3 | ||||
| -rw-r--r-- | src/lib/protocols/http.c | 11 | ||||
| -rw-r--r-- | tests/unit/unit.c | 6 |
7 files changed, 26 insertions, 4 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index e82e089db..326197ee3 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -1578,6 +1578,9 @@ static void printFlow(u_int32_t id, struct ndpi_flow_info *flow, u_int16_t threa fprintf(out, "[Content-Type: %s]", flow->http.content_type); } + if(flow->http.server[0] != '\0') + fprintf(out, "[Server: %s]", flow->http.server); + if(flow->http.user_agent[0] != '\0') fprintf(out, "[User-Agent: %s]", flow->http.user_agent); diff --git a/example/reader_util.c b/example/reader_util.c index 8c43f24ef..f3d7f73ff 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -1214,6 +1214,7 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl ndpi_snprintf(flow->http.url, sizeof(flow->http.url), "%s", flow->ndpi_flow->http.url); flow->http.response_status_code = flow->ndpi_flow->http.response_status_code; ndpi_snprintf(flow->http.content_type, sizeof(flow->http.content_type), "%s", flow->ndpi_flow->http.content_type ? flow->ndpi_flow->http.content_type : ""); + ndpi_snprintf(flow->http.server, sizeof(flow->http.server), "%s", flow->ndpi_flow->http.server ? flow->ndpi_flow->http.server : ""); ndpi_snprintf(flow->http.request_content_type, sizeof(flow->http.request_content_type), "%s", flow->ndpi_flow->http.request_content_type ? flow->ndpi_flow->http.request_content_type : ""); } } diff --git a/example/reader_util.h b/example/reader_util.h index ce296e2d2..675b00bdf 100644 --- a/example/reader_util.h +++ b/example/reader_util.h @@ -275,7 +275,7 @@ typedef struct ndpi_flow_info { } ssh_tls; struct { - char url[256], request_content_type[64], content_type[64], user_agent[256]; + char url[256], request_content_type[64], content_type[64], user_agent[256], server[128]; u_int response_status_code; } http; diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 33ccd93ec..7c599f384 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1355,14 +1355,14 @@ struct ndpi_flow_struct { ndpi_http_method method; u_int8_t request_version; /* 0=1.0 and 1=1.1. Create an enum for this? */ u_int16_t response_status_code; /* 200, 404, etc. */ - char *url, *content_type /* response */, *request_content_type /* e.g. for POST */, *user_agent; + char *url, *content_type /* response */, *request_content_type /* e.g. for POST */, *user_agent, *server; char *detected_os; /* Via HTTP/QUIC User-Agent */ char *nat_ip; /* Via HTTP X-Forwarded-For */ } http; /* Put outside of the union to avoid issues in case the protocol - is remapped to somethign pther than Kerberos due to a faulty + is remapped to something other than Kerberos due to a faulty dissector */ struct { diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 5d9ec40ef..1bc286f4d 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -5057,6 +5057,9 @@ void ndpi_free_flow_data(struct ndpi_flow_struct* flow) { if(flow->http.detected_os) ndpi_free(flow->http.detected_os); + if(flow->http.server) + ndpi_free(flow->http.server); + if(flow->kerberos_buf.pktbuf) ndpi_free(flow->kerberos_buf.pktbuf); diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c index e33ee265d..2c8f474fa 100644 --- a/src/lib/protocols/http.c +++ b/src/lib/protocols/http.c @@ -882,6 +882,17 @@ static void check_content_type_and_change_protocol(struct ndpi_detection_module_ flow->guessed_category = flow->category = ndpi_http_check_content(ndpi_struct, flow); } } + + if((flow->http.server == NULL) && (packet->server_line.len > 0)) { + int len = packet->server_line.len + 1; + + flow->http.server = ndpi_malloc(len); + if(flow->http.server) { + strncpy(flow->http.server, (char*)packet->server_line.ptr, + packet->server_line.len); + flow->http.server[packet->server_line.len] = '\0'; + } + } } if(flow->http_detected && packet->content_line.ptr && *(char*)packet->content_line.ptr) { diff --git a/tests/unit/unit.c b/tests/unit/unit.c index 184d1bdc6..e1713a7c4 100644 --- a/tests/unit/unit.c +++ b/tests/unit/unit.c @@ -63,8 +63,9 @@ static int verbose = 0; /* *********************************************** */ #define FLT_MAX 3.402823466e+38F + int serializerUnitTest() { - ndpi_serializer serializer = {0}, deserializer = {0}; + ndpi_serializer serializer, deserializer; int i, loop_id; ndpi_serialization_format fmt = {0}; u_int32_t buffer_len; @@ -72,6 +73,9 @@ int serializerUnitTest() { enum json_tokener_error jerr; json_object *j; + memset(&serializer, 0, sizeof(serializer)); + memset(&deserializer, 0, sizeof(deserializer)); + for(loop_id=0; loop_id<3; loop_id++) { switch(loop_id) { case 0: |