A final(?) effort to reduce memory usage per flow (#1389)

Remove some unused fields and re-organize other ones.
In particular:
* Update the parameters of `ndpi_ssl_version2str()` function
* Zattoo, Thunder: these timestamps aren't really used.
* Ftp/mail: these protocols are dissected only over TCP.
* Attention must be paid to TLS.Bittorrent flows to avoid invalid
read/write to `flow->protos.bittorrent.hash` field.

This is the last(?) commit of a long series (see 22241a1d, 227e586e,
730c2360, a8ffcd8b) aiming to reduce library memory consumption.

Before, at nDPI 4.0 (more precisly, at a6b10cf7, because memory stats
were wrong until that commit):
```
nDPI Memory statistics:
	nDPI Memory (once):      221.15 KB
	Flow Memory (per flow):  2.94 KB
```
Now:
```
nDPI Memory statistics:
	nDPI Memory (once):      231.71 KB
	Flow Memory (per flow):  1008 B       <---------
```
i.e. memory usage per flow has been reduced by 66%, dropping below the
psychological threshold of 1 KB.

To further reduce this value, we probably need to look into #1279:
let's fight this battle another day.

1 files changed, 29 insertions, 29 deletions

diff --git a/src/lib/protocols/mail_smtp.c b/src/lib/protocols/mail_smtp.c
index e1d98dd35..ce3ba4058 100644
--- a/src/lib/protocols/mail_smtp.c
+++ b/src/lib/protocols/mail_smtp.c
@@ -93,19 +93,19 @@ static void get_credentials_auth_plain(struct ndpi_detection_module_struct *ndpi
       user_len = i - 1;
   }
   if(user_len > 0) {
-    user_len = ndpi_min(user_len, sizeof(flow->ftp_imap_pop_smtp.username) - 1);
+    user_len = ndpi_min(user_len, sizeof(flow->l4.tcp.ftp_imap_pop_smtp.username) - 1);
 
-    memcpy(flow->ftp_imap_pop_smtp.username, out + 1, user_len);
-    flow->ftp_imap_pop_smtp.username[user_len] = '\0';
+    memcpy(flow->l4.tcp.ftp_imap_pop_smtp.username, out + 1, user_len);
+    flow->l4.tcp.ftp_imap_pop_smtp.username[user_len] = '\0';
 
     ndpi_set_risk(ndpi_struct, flow, NDPI_CLEAR_TEXT_CREDENTIALS);
 
     if(1 + user_len + 1 < out_len) {
       unsigned int pwd_len;
 
-      pwd_len = ndpi_min(out_len - (1 + user_len + 1), sizeof(flow->ftp_imap_pop_smtp.password) - 1);
-      memcpy(flow->ftp_imap_pop_smtp.password, out + 1 + user_len + 1, pwd_len);
-      flow->ftp_imap_pop_smtp.password[pwd_len] = '\0';
+      pwd_len = ndpi_min(out_len - (1 + user_len + 1), sizeof(flow->l4.tcp.ftp_imap_pop_smtp.password) - 1);
+      memcpy(flow->l4.tcp.ftp_imap_pop_smtp.password, out + 1 + user_len + 1, pwd_len);
+      flow->l4.tcp.ftp_imap_pop_smtp.password[pwd_len] = '\0';
     }
   }
   ndpi_free(out);
@@ -182,25 +182,25 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 	   && (packet->line[a].ptr[3] == 'O' || packet->line[a].ptr[3] == 'o')
 	   && packet->line[a].ptr[4] == ' ') {
 	  flow->l4.tcp.smtp_command_bitmask |= SMTP_BIT_HELO_EHLO;
-	  flow->ftp_imap_pop_smtp.auth_found = 0;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_found = 0;
 	} else if((packet->line[a].ptr[0] == 'M' || packet->line[a].ptr[0] == 'm')
 		  && (packet->line[a].ptr[1] == 'A' || packet->line[a].ptr[1] == 'a')
 		  && (packet->line[a].ptr[2] == 'I' || packet->line[a].ptr[2] == 'i')
 		  && (packet->line[a].ptr[3] == 'L' || packet->line[a].ptr[3] == 'l')
 		  && packet->line[a].ptr[4] == ' ') {
 	  flow->l4.tcp.smtp_command_bitmask |= SMTP_BIT_MAIL;
-	  flow->ftp_imap_pop_smtp.auth_found = 0;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_found = 0;
 	  /* We shouldn't be here if there are credentials */
-	  flow->ftp_imap_pop_smtp.auth_done = 1;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_done = 1;
 	} else if((packet->line[a].ptr[0] == 'R' || packet->line[a].ptr[0] == 'r')
 		  && (packet->line[a].ptr[1] == 'C' || packet->line[a].ptr[1] == 'c')
 		  && (packet->line[a].ptr[2] == 'P' || packet->line[a].ptr[2] == 'p')
 		  && (packet->line[a].ptr[3] == 'T' || packet->line[a].ptr[3] == 't')
 		  && packet->line[a].ptr[4] == ' ') {
 	  flow->l4.tcp.smtp_command_bitmask |= SMTP_BIT_RCPT;
-	  flow->ftp_imap_pop_smtp.auth_found = 0;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_found = 0;
 	  /* We shouldn't be here if there are credentials */
-	  flow->ftp_imap_pop_smtp.auth_done = 1;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_done = 1;
 	} else if((packet->line[a].ptr[0] == 'A' || packet->line[a].ptr[0] == 'a')
 		  && (packet->line[a].ptr[1] == 'U' || packet->line[a].ptr[1] == 'u')
 		  && (packet->line[a].ptr[2] == 'T' || packet->line[a].ptr[2] == 't')
@@ -209,7 +209,7 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 #ifdef SMTP_DEBUG
 	  printf("%s() AUTH [%.*s]\n", __FUNCTION__, packet->line[a].len, packet->line[a].ptr);
 #endif
-	  flow->ftp_imap_pop_smtp.auth_found = 1;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_found = 1;
 	  if(packet->line[a].len >= 6) {
             if(packet->line[a].ptr[5] == 'L' || packet->line[a].ptr[5] == 'l') {
 	      flow->l4.tcp.smtp_command_bitmask |= SMTP_BIT_AUTH_LOGIN;
@@ -219,7 +219,7 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 	      /* AUTH PLAIN: username and pwd here */
 	      get_credentials_auth_plain(ndpi_struct, flow,
 					 packet->line[a].ptr, packet->line[a].len);
-	      flow->ftp_imap_pop_smtp.auth_done = 1;
+	      flow->l4.tcp.ftp_imap_pop_smtp.auth_done = 1;
 	    }
 	  }
 	} else {
@@ -228,9 +228,9 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 	    printf("%s() => [%.*s]\n", __FUNCTION__, packet->line[a].len, packet->line[a].ptr);
 #endif
 
-	    if(flow->ftp_imap_pop_smtp.auth_found &&
+	    if(flow->l4.tcp.ftp_imap_pop_smtp.auth_found &&
 	       (flow->l4.tcp.smtp_command_bitmask & SMTP_BIT_AUTH_LOGIN)) {
-	      if(flow->ftp_imap_pop_smtp.username[0] == '\0') {
+	      if(flow->l4.tcp.ftp_imap_pop_smtp.username[0] == '\0') {
 		/* Username */
 		u_int8_t buf[48];
 		u_char *out;
@@ -240,22 +240,22 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 					   packet->line[a].ptr, packet->line[a].len);
 
 #ifdef SMTP_DEBUG
-		printf("%s() => [auth: %u] (username) [%s]\n", __FUNCTION__, flow->ftp_imap_pop_smtp.auth_found, buf);
+		printf("%s() => [auth: %u] (username) [%s]\n", __FUNCTION__, flow->l4.tcp.ftp_imap_pop_smtp.auth_found, buf);
 #endif
 
 		out = ndpi_base64_decode((const u_char*)buf, (size_t)strlen((const char*)buf), &out_len);
 
 		if(out) {
-		  size_t len = ndpi_min(out_len, sizeof(flow->ftp_imap_pop_smtp.username) - 1);
+		  size_t len = ndpi_min(out_len, sizeof(flow->l4.tcp.ftp_imap_pop_smtp.username) - 1);
 
-		  memcpy(flow->ftp_imap_pop_smtp.username, out, len);
-		  flow->ftp_imap_pop_smtp.username[len] = '\0';
+		  memcpy(flow->l4.tcp.ftp_imap_pop_smtp.username, out, len);
+		  flow->l4.tcp.ftp_imap_pop_smtp.username[len] = '\0';
 
 		  ndpi_free(out);
 		}
 		
 		ndpi_set_risk(ndpi_struct, flow, NDPI_CLEAR_TEXT_CREDENTIALS);
-	      } else if(flow->ftp_imap_pop_smtp.password[0] == '\0') {
+	      } else if(flow->l4.tcp.ftp_imap_pop_smtp.password[0] == '\0') {
 		/* Password */
 		u_int8_t buf[48];
 		u_char *out;
@@ -265,23 +265,23 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 					   packet->line[a].ptr, packet->line[a].len);
 
 #ifdef SMTP_DEBUG
-		printf("%s() => [auth: %u] (password) [%s]\n", __FUNCTION__, flow->ftp_imap_pop_smtp.auth_found, buf);
+		printf("%s() => [auth: %u] (password) [%s]\n", __FUNCTION__, flow->l4.tcp.ftp_imap_pop_smtp.auth_found, buf);
 #endif
 
 		out = ndpi_base64_decode((const u_char*)buf, (size_t)strlen((const char*)buf), &out_len);
 
 		if(out) {
-		  size_t len = ndpi_min(out_len, sizeof(flow->ftp_imap_pop_smtp.password) - 1);
+		  size_t len = ndpi_min(out_len, sizeof(flow->l4.tcp.ftp_imap_pop_smtp.password) - 1);
 
-		  memcpy(flow->ftp_imap_pop_smtp.password, out, len);
-		  flow->ftp_imap_pop_smtp.password[len] = '\0';
+		  memcpy(flow->l4.tcp.ftp_imap_pop_smtp.password, out, len);
+		  flow->l4.tcp.ftp_imap_pop_smtp.password[len] = '\0';
 
 		  ndpi_free(out);
 		}
 
 		ndpi_set_risk(ndpi_struct, flow, NDPI_CLEAR_TEXT_CREDENTIALS);
 
-		flow->ftp_imap_pop_smtp.auth_done = 1;
+		flow->l4.tcp.ftp_imap_pop_smtp.auth_done = 1;
 	      } else {
 		flow->host_server_name[0] = '\0';
 		NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
@@ -302,8 +302,8 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 	   && (packet->line[a].ptr[6] == 'L' || packet->line[a].ptr[6] == 'l')
 	   && (packet->line[a].ptr[7] == 'S' || packet->line[a].ptr[7] == 's')) {
 	  flow->l4.tcp.smtp_command_bitmask |= SMTP_BIT_STARTTLS;
-	  flow->ftp_imap_pop_smtp.auth_tls = 1;
-	  flow->ftp_imap_pop_smtp.auth_done = 1;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_tls = 1;
+	  flow->l4.tcp.ftp_imap_pop_smtp.auth_done = 1;
 	}
       }
 
@@ -341,7 +341,7 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
 
 #ifdef SMTP_DEBUG
       printf("%s() [bit_count: %u][%s]\n", __FUNCTION__,
-	     bit_count, flow->ftp_imap_pop_smtp.password);
+	     bit_count, flow->l4.tcp.ftp_imap_pop_smtp.password);
 #endif
 
       /* Only if we don't have already set the protocol via hostname matching */
@@ -379,7 +379,7 @@ int ndpi_extra_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_st
 
   ndpi_search_mail_smtp_tcp(ndpi_struct, flow);
 
-  rc = (flow->ftp_imap_pop_smtp.password[0] == '\0') ? 1 : 0;
+  rc = (flow->l4.tcp.ftp_imap_pop_smtp.password[0] == '\0') ? 1 : 0;
 
 #ifdef SMTP_DEBUG
   printf("**** %s() [rc: %d]\n", __FUNCTION__, rc);