diff options
| author | Luca Deri <deri@ntop.org> | 2020-02-04 22:31:02 +0100 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2020-02-04 22:31:02 +0100 |
| commit | 88fc9232ff1a7652777e4a41d118326c27ee185a (patch) | |
| tree | aacee4f25e58896e20b4e66f39c4d97ea67ab0ea | |
| parent | 0703ab5ac558857319c2ed4a1673444006f915f8 (diff) | |
Code improvements
| -rw-r--r-- | example/intrusion_detection.h | 5 | ||||
| -rw-r--r-- | example/ndpiReader.c | 11 | ||||
| -rw-r--r-- | src/include/ndpi_protocol_ids.h | 8 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 6 |
4 files changed, 15 insertions, 15 deletions
diff --git a/example/intrusion_detection.h b/example/intrusion_detection.h index f78095e67..d07965484 100644 --- a/example/intrusion_detection.h +++ b/example/intrusion_detection.h @@ -21,6 +21,9 @@ * */ +#ifndef _INTRUSION_DETECTION_H_ +#define _INTRUSION_DETECTION_H_ + /* Code to detect attacks reported in @@ -62,3 +65,5 @@ double Hearthbleed_score(struct ndpi_flow_info* flow); double Infiltration_score(struct ndpi_flow_info* flow); double Ssh_patator_score(struct ndpi_flow_info* flow); + +#endif /* _INTRUSION_DETECTION_H_ */ diff --git a/example/ndpiReader.c b/example/ndpiReader.c index 3e521edab..09fd0e887 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -1777,9 +1777,7 @@ static void debug_printf(u_int32_t protocol, void *id_struct, ndpi_log_level_t log_level, const char *format, ...) { va_list va_ap; -#ifndef WIN32 struct tm result; -#endif if(log_level <= nDPI_LogLevel) { char buf[8192], out_buf[8192]; @@ -1797,7 +1795,7 @@ static void debug_printf(u_int32_t protocol, void *id_struct, extra_msg = "DEBUG: "; memset(buf, 0, sizeof(buf)); - strftime(theDate, 32, "%d/%b/%Y %H:%M:%S", localtime_r(&theTime,&result) ); + strftime(theDate, 32, "%d/%b/%Y %H:%M:%S", localtime_r(&theTime,&result)); vsnprintf(buf, sizeof(buf)-1, format, va_ap); snprintf(out_buf, sizeof(out_buf), "%s %s%s", theDate, extra_msg, buf); @@ -2504,7 +2502,8 @@ static void printResults(u_int64_t processing_time_usec, u_int64_t setup_time_us float t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)processing_time_usec; float b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)processing_time_usec; float traffic_duration; - + struct tm result; + if(live_capture) traffic_duration = processing_time_usec; else traffic_duration = (pcap_end.tv_sec*1000000 + pcap_end.tv_usec) - (pcap_start.tv_sec*1000000 + pcap_start.tv_usec); @@ -2512,9 +2511,9 @@ static void printResults(u_int64_t processing_time_usec, u_int64_t setup_time_us t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)traffic_duration; b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)traffic_duration; - strftime(when, sizeof(when), "%d/%b/%Y %H:%M:%S", localtime(&pcap_start.tv_sec)); + strftime(when, sizeof(when), "%d/%b/%Y %H:%M:%S", localtime_r(&pcap_start.tv_sec, &result)); printf("\tAnalysis begin: %s\n", when); - strftime(when, sizeof(when), "%d/%b/%Y %H:%M:%S", localtime(&pcap_end.tv_sec)); + strftime(when, sizeof(when), "%d/%b/%Y %H:%M:%S", localtime_r(&pcap_end.tv_sec, &result)); printf("\tAnalysis end: %s\n", when); printf("\tTraffic throughput: %s pps / %s/sec\n", formatPackets(t, buf), formatTraffic(b, 1, buf1)); printf("\tTraffic duration: %.3f sec\n", traffic_duration/1000000); diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index c6b0fc4a4..d2190afc1 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -22,12 +22,8 @@ */ -#ifndef __NDPI_PROTOCOL_IDS_H__ - -#endif - -#ifndef __NDPI_PROTOCOLS_DEFAULT_H__ -#define __NDPI_PROTOCOLS_DEFAULT_H__ +#ifndef __NDPI_PROTOCOLS_IDS_H__ +#define __NDPI_PROTOCOLS_IDS_H__ #define NDPI_DETECTION_SUPPORT_IPV6 #define NDPI_PROTOCOL_SIZE 2 diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index d4f60d973..e5f46c05c 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -186,17 +186,17 @@ static void cleanupServerName(char *buffer, int buffer_len) { /* See https://blog.catchpoint.com/2017/05/12/dissecting-tls-using-wireshark/ */ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, - u_int16_t offset, u_int16_t certificate_len) { + u_int16_t p_offset, u_int16_t certificate_len) { struct ndpi_packet_struct *packet = &flow->packet; u_int num_found = 0, i, j; char buffer[64] = { '\0' }; #ifdef DEBUG_TLS - printf("[TLS] %s() [offset: %u][certificate_len: %u]\n", __FUNCTION__, offset, certificate_len); + printf("[TLS] %s() [offset: %u][certificate_len: %u]\n", __FUNCTION__, p_offset, certificate_len); #endif /* Check after handshake protocol header (5 bytes) and message header (4 bytes) */ - for(i = offset; i < certificate_len; i++) { + for(i = p_offset; i < certificate_len; i++) { /* Organization OID: 2.5.4.10 */ if((packet->payload[i] == 0x55) && (packet->payload[i+1] == 0x04) && (packet->payload[i+2] == 0x0a)) { u_int8_t server_len = packet->payload[i+4]; |