diff options
| author | Darryl Sokoloski <darryl@sokoloski.ca> | 2022-03-27 05:10:44 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-27 11:10:44 +0200 |
| commit | d668ab4becf446195f3c6cd338d5de2711d7bf4e (patch) | |
| tree | c3b32f1b0e376c1ab31a2b0da21abb0106397a50 | |
| parent | 856d7d2916369e42111543c54a5f784e1c87b2a2 (diff) | |
[SSDP] Extract HTTP user-agent when available. (#1500)
[SSDP] Added capture file with UA header.
[SSDP] Added pcap test output log file.
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
| -rw-r--r-- | src/lib/protocols/ssdp.c | 21 | ||||
| -rw-r--r-- | tests/pcap/ssdp-m-search-ua.pcap | bin | 0 -> 952 bytes | |||
| -rw-r--r-- | tests/result/ssdp-m-search-ua.pcap.out | 8 |
3 files changed, 29 insertions, 0 deletions
diff --git a/src/lib/protocols/ssdp.c b/src/lib/protocols/ssdp.c index 92354b27a..cc2eb2f71 100644 --- a/src/lib/protocols/ssdp.c +++ b/src/lib/protocols/ssdp.c @@ -29,9 +29,30 @@ #include "ndpi_api.h" +static void ssdp_parse_lines(struct ndpi_detection_module_struct + *ndpi_struct, struct ndpi_flow_struct *flow) +{ + struct ndpi_packet_struct *packet = &ndpi_struct->packet; + + ndpi_parse_packet_line_info(ndpi_struct, flow); + + /* Save user-agent for device discovery if available */ + if(packet->user_agent_line.ptr != NULL && packet->user_agent_line.len != 0) { + if(flow->http.user_agent == NULL) { + flow->http.user_agent = ndpi_malloc(packet->user_agent_line.len + 1); + if(flow->http.user_agent) { + memcpy(flow->http.user_agent, + (char*)packet->user_agent_line.ptr, packet->user_agent_line.len); + flow->http.user_agent[packet->user_agent_line.len] = '\0'; + } + } + } +} + static void ndpi_int_ssdp_add_connection(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { + ssdp_parse_lines(ndpi_struct, flow); ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SSDP, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); } diff --git a/tests/pcap/ssdp-m-search-ua.pcap b/tests/pcap/ssdp-m-search-ua.pcap Binary files differnew file mode 100644 index 000000000..30d47079c --- /dev/null +++ b/tests/pcap/ssdp-m-search-ua.pcap diff --git a/tests/result/ssdp-m-search-ua.pcap.out b/tests/result/ssdp-m-search-ua.pcap.out new file mode 100644 index 000000000..bd1477c1c --- /dev/null +++ b/tests/result/ssdp-m-search-ua.pcap.out @@ -0,0 +1,8 @@ +Guessed flow protos: 0 + +DPI Packets (UDP): 1 (1.00 pkts/flow) +Confidence DPI : 1 (flows) + +SSDP 4 864 1 + + 1 UDP 192.168.242.50:56446 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |