Added ndpi_set_detection_preferences() APi call

author: Luca Deri <deri@ntop.org> 2018-05-14 21:40:27 +0200
committer: Luca Deri <deri@ntop.org> 2018-05-14 21:40:27 +0200
commit: 1076455c01bfcfa51b24ff8d681e65fd00047dbd (patch)
tree: 1ffe59c0ae57a55499cece7a2131431bdcf6eea2 /src/lib/protocols
parent: 2d486aeed8e6450cc8034d6244848297bdefc31e (diff)
10 files changed, 119 insertions, 79 deletions
diff --git a/src/lib/protocols/bittorrent.c b/src/lib/protocols/bittorrent.c
index 81fc3baf6..fceafc188 100644
--- a/src/lib/protocols/bittorrent.c
+++ b/src/lib/protocols/bittorrent.c
@@ -57,7 +57,8 @@ static u_int8_t is_utp_pkt(const u_int8_t *payload, u_int payload_len) {
   return(1);
 }
 
-static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow,
+static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struct *ndpi_struct,
+					      struct ndpi_flow_struct *flow,
 					      int bt_offset, int check_hash,
 					      const u_int8_t save_detection, const u_int8_t encrypted_connection)
 {
@@ -73,7 +74,9 @@ static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struc
     } else
       bt_hash = (const char*)&flow->packet.payload[28];
 
-    if(bt_hash) memcpy(flow->protos.bittorrent.hash, bt_hash, 20);
+    if(!ndpi_struct->disable_metadata_export) {
+      if(bt_hash) memcpy(flow->protos.bittorrent.hash, bt_hash, 20);
+    }
   }
 
   ndpi_int_change_protocol(ndpi_struct, flow, NDPI_PROTOCOL_BITTORRENT, NDPI_PROTOCOL_UNKNOWN);
diff --git a/src/lib/protocols/dhcp.c b/src/lib/protocols/dhcp.c
index 02ce00f25..6ac07e832 100644
--- a/src/lib/protocols/dhcp.c
+++ b/src/lib/protocols/dhcp.c
@@ -102,34 +102,40 @@ void ndpi_search_dhcp_udp(struct ndpi_detection_module_struct *ndpi_struct, stru
 
 	    if(msg_type <= 8) foundValidMsgType = 1;
 	  } else if(id == 55 /* Parameter Request List / Fingerprint */) {
-	    u_int idx, offset = 0;
-
-	    for(idx = 0; idx < len && offset < sizeof(flow->protos.dhcp.fingerprint) - 2; idx++) {
-	      snprintf((char*)&flow->protos.dhcp.fingerprint[offset],
-		       sizeof(flow->protos.dhcp.fingerprint) - offset,
-		       "%02X", dhcp->options[i+2+idx] & 0xFF);
-	      offset += 2;
+	    if(!ndpi_struct->disable_metadata_export) {
+	      u_int idx, offset = 0;
+	      
+	      for(idx = 0; idx < len && offset < sizeof(flow->protos.dhcp.fingerprint) - 2; idx++) {
+		snprintf((char*)&flow->protos.dhcp.fingerprint[offset],
+			 sizeof(flow->protos.dhcp.fingerprint) - offset,
+			 "%02X", dhcp->options[i+2+idx] & 0xFF);
+		offset += 2;
+	      }
+	      
+	      flow->protos.dhcp.fingerprint[sizeof(flow->protos.dhcp.fingerprint) - 1] = '\0';
 	    }
-	    flow->protos.dhcp.fingerprint[sizeof(flow->protos.dhcp.fingerprint) - 1] = '\0';
-
 	  } else if(id == 60 /* Class Identifier */) {
-	    char *name = (char*)&dhcp->options[i+2];
-	    int j = 0;
-
-	    j = ndpi_min(len, sizeof(flow->protos.dhcp.class_ident)-1);
-	    strncpy((char*)flow->protos.dhcp.class_ident, name, j);
-	    flow->protos.dhcp.class_ident[j] = '\0';
+	    if(!ndpi_struct->disable_metadata_export) {
+	      char *name = (char*)&dhcp->options[i+2];
+	      int j = 0;
+	      
+	      j = ndpi_min(len, sizeof(flow->protos.dhcp.class_ident)-1);
+	      strncpy((char*)flow->protos.dhcp.class_ident, name, j);
+	      flow->protos.dhcp.class_ident[j] = '\0';
+	    }
 	  } else if(id == 12 /* Host Name */) {
-	    char *name = (char*)&dhcp->options[i+2];
-	    int j = 0;
-
+	    if(!ndpi_struct->disable_metadata_export) {
+	      char *name = (char*)&dhcp->options[i+2];
+	      int j = 0;
+	      
 #ifdef DHCP_DEBUG
-	    NDPI_LOG_DBG2(ndpi_struct, "[DHCP] '%.*s'\n",name,len);
-//	    while(j < len) { printf( "%c", name[j]); j++; }; printf("\n");
+	      NDPI_LOG_DBG2(ndpi_struct, "[DHCP] '%.*s'\n",name,len);
+	      //	    while(j < len) { printf( "%c", name[j]); j++; }; printf("\n");
 #endif
-	    j = ndpi_min(len, sizeof(flow->host_server_name)-1);
-	    strncpy((char*)flow->host_server_name, name, j);
-	    flow->host_server_name[j] = '\0';
+	      j = ndpi_min(len, sizeof(flow->host_server_name)-1);
+	      strncpy((char*)flow->host_server_name, name, j);
+	      flow->host_server_name[j] = '\0';
+	    }
 	  }
 
 	  i += len + 2;
diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c
index 7332c5e04..d2311b3db 100644
--- a/src/lib/protocols/http.c
+++ b/src/lib/protocols/http.c
@@ -156,7 +156,8 @@ static void rtsp_parse_packet_acceptline(struct ndpi_detection_module_struct
 }
 #endif
 
-static void setHttpUserAgent(struct ndpi_flow_struct *flow, char *ua) {
+static void setHttpUserAgent(struct ndpi_detection_module_struct *ndpi_struct,
+			     struct ndpi_flow_struct *flow, char *ua) {
   if (    !strcmp(ua, "Windows NT 5.0"))  ua = "Windows 2000";
   else if(!strcmp(ua, "Windows NT 5.1"))  ua = "Windows XP";
   else if(!strcmp(ua, "Windows NT 5.2"))  ua = "Windows Server 2003";
@@ -170,7 +171,9 @@ static void setHttpUserAgent(struct ndpi_flow_struct *flow, char *ua) {
    * https://github.com/ua-parser/uap-core/blob/master/regexes.yaml */
 
   //printf("==> %s\n", ua);
-  snprintf((char*)flow->protos.http.detected_os, sizeof(flow->protos.http.detected_os), "%s", ua);
+  if(!ndpi_struct->disable_metadata_export) {
+    snprintf((char*)flow->protos.http.detected_os, sizeof(flow->protos.http.detected_os), "%s", ua);
+  }
 }
 
 static void parseHttpSubprotocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
@@ -330,7 +333,7 @@ static void check_content_type_and_change_protocol(struct ndpi_detection_module_
 	    }
 
 	    if(token)
-	      setHttpUserAgent(flow, token);
+	      setHttpUserAgent(ndpi_struct, flow, token);
 	  }
 	}
       }
@@ -360,14 +363,20 @@ static void check_content_type_and_change_protocol(struct ndpi_detection_module_
 				  NDPI_PROTOCOL_HTTP);
 
     /* Copy result for nDPI apps */
-    len = ndpi_min(packet->host_line.len, sizeof(flow->host_server_name)-1);
-    strncpy((char*)flow->host_server_name, (char*)packet->host_line.ptr, len);
-    flow->host_server_name[len] = '\0', flow->server_id = flow->dst;
+    if(!ndpi_struct->disable_metadata_export) {
+      len = ndpi_min(packet->host_line.len, sizeof(flow->host_server_name)-1);
+      strncpy((char*)flow->host_server_name, (char*)packet->host_line.ptr, len);
+      flow->host_server_name[len] = '\0';
+    }
+    
+    flow->server_id = flow->dst;
 
     if(packet->forwarded_line.ptr) {
         len = ndpi_min(packet->forwarded_line.len, sizeof(flow->protos.http.nat_ip)-1);
-        strncpy((char*)flow->protos.http.nat_ip, (char*)packet->forwarded_line.ptr, len);
-        flow->protos.http.nat_ip[len] = '\0';
+	if(!ndpi_struct->disable_metadata_export) {
+	  strncpy((char*)flow->protos.http.nat_ip, (char*)packet->forwarded_line.ptr, len);
+	  flow->protos.http.nat_ip[len] = '\0';
+	}
     }
 
     if(ndpi_struct->http_dont_dissect_response)
diff --git a/src/lib/protocols/mdns.c b/src/lib/protocols/mdns.c
index aa3c3f525..17a6d921d 100644
--- a/src/lib/protocols/mdns.c
+++ b/src/lib/protocols/mdns.c
@@ -86,10 +86,12 @@ static int ndpi_int_check_mdns_payload(struct ndpi_detection_module_struct
 
     /* printf("==> [%d] %s\n", j, answer);  */
 
-    len = ndpi_min(sizeof(flow->protos.mdns.answer)-1, j);
-    strncpy(flow->protos.mdns.answer, (const char *)answer, len);
-    flow->protos.mdns.answer[len] = '\0';
-
+    if(!ndpi_struct->disable_metadata_export) {
+      len = ndpi_min(sizeof(flow->protos.mdns.answer)-1, j);
+      strncpy(flow->protos.mdns.answer, (const char *)answer, len);
+      flow->protos.mdns.answer[len] = '\0';
+    }
+    
     NDPI_LOG_INFO(ndpi_struct, "found MDNS with answer query\n");
     return 1;
   }
diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c
index d10a33b1a..634284121 100644
--- a/src/lib/protocols/netbios.c
+++ b/src/lib/protocols/netbios.c
@@ -119,9 +119,12 @@ void ndpi_search_netbios(struct ndpi_detection_module_struct *ndpi_struct, struc
 
 	NDPI_LOG_INFO(ndpi_struct, "found netbios with questions = 1 and answers = 0, authority = 0 and broadcast \n");
 	
-	if(ndpi_netbios_name_interpret((char*)&packet->payload[12], name, sizeof(name)) > 0)
-	  snprintf((char*)flow->host_server_name, sizeof(flow->host_server_name)-1, "%s", name);
-
+	if(ndpi_netbios_name_interpret((char*)&packet->payload[12], name, sizeof(name)) > 0) {
+	  if(!ndpi_struct->disable_metadata_export) {
+	    snprintf((char*)flow->host_server_name, sizeof(flow->host_server_name)-1, "%s", name);
+	  }
+	}
+	
 	ndpi_int_netbios_add_connection(ndpi_struct, flow);
 	return;
       }
@@ -336,9 +339,12 @@ void ndpi_search_netbios(struct ndpi_detection_module_struct *ndpi_struct, struc
 	if(ntohl(get_u_int32_t(packet->payload, 4)) == ntohl(packet->iph->saddr)) {
 	  NDPI_LOG_INFO(ndpi_struct, "found netbios with checked ip-address\n");
 
-	  if(ndpi_netbios_name_interpret((char*)&packet->payload[12], name, sizeof(name)) > 0)
-	    snprintf((char*)flow->host_server_name, sizeof(flow->host_server_name)-1, "%s", name);
-
+	  if(ndpi_netbios_name_interpret((char*)&packet->payload[12], name, sizeof(name)) > 0) {
+	    if(!ndpi_struct->disable_metadata_export) {
+	      snprintf((char*)flow->host_server_name, sizeof(flow->host_server_name)-1, "%s", name);
+	    }
+	  }
+	  
 	  ndpi_int_netbios_add_connection(ndpi_struct, flow);
 	  return;
 	}
diff --git a/src/lib/protocols/quic.c b/src/lib/protocols/quic.c
index 203aead36..6bf5cb0b2 100644
--- a/src/lib/protocols/quic.c
+++ b/src/lib/protocols/quic.c
@@ -107,20 +107,21 @@ void ndpi_search_quic(struct ndpi_detection_module_struct *ndpi_struct,
 	      sni_offset++;
 
 	    if((sni_offset+len) < udp_len) {
-	      int max_len = sizeof(flow->host_server_name)-1, j = 0;
-
-	      if(len > max_len) len = max_len;
-
-	      while((len > 0) && (sni_offset < udp_len)) {
-		flow->host_server_name[j++] = packet->payload[sni_offset];
-		sni_offset++, len--;
+	      if(!ndpi_struct->disable_metadata_export) {
+		int max_len = sizeof(flow->host_server_name)-1, j = 0;
+		
+		if(len > max_len) len = max_len;
+		
+		while((len > 0) && (sni_offset < udp_len)) {
+		  flow->host_server_name[j++] = packet->payload[sni_offset];
+		  sni_offset++, len--;
+		}
+		
+		ndpi_match_host_subprotocol(ndpi_struct, flow, 
+					    (char *)flow->host_server_name,
+					    strlen((const char*)flow->host_server_name),
+					    NDPI_PROTOCOL_QUIC);
 	      }
-
-	      ndpi_match_host_subprotocol(ndpi_struct, flow, 
-					  (char *)flow->host_server_name,
-					  strlen((const char*)flow->host_server_name),
-					  NDPI_PROTOCOL_QUIC);
-	    
 	    }
 
 	    break;
diff --git a/src/lib/protocols/ssh.c b/src/lib/protocols/ssh.c
index 0045fe69e..89b359040 100644
--- a/src/lib/protocols/ssh.c
+++ b/src/lib/protocols/ssh.c
@@ -54,10 +54,13 @@ void ndpi_search_ssh_tcp(struct ndpi_detection_module_struct *ndpi_struct, struc
   if (flow->l4.tcp.ssh_stage == 0) {
     if (packet->payload_packet_len > 7 && packet->payload_packet_len < 100
 	&& memcmp(packet->payload, "SSH-", 4) == 0) {
-      int len = ndpi_min(sizeof(flow->protos.ssh.client_signature)-1, packet->payload_packet_len);
-      strncpy(flow->protos.ssh.client_signature, (const char *)packet->payload, len);
-      flow->protos.ssh.client_signature[len] = '\0';
-      ndpi_ssh_zap_cr(flow->protos.ssh.client_signature, len);
+      if(!ndpi_struct->disable_metadata_export) {
+	int len = ndpi_min(sizeof(flow->protos.ssh.client_signature)-1, packet->payload_packet_len);
+	strncpy(flow->protos.ssh.client_signature, (const char *)packet->payload, len);
+	flow->protos.ssh.client_signature[len] = '\0';
+	ndpi_ssh_zap_cr(flow->protos.ssh.client_signature, len);
+      }
+      
       NDPI_LOG_DBG2(ndpi_struct, "ssh stage 0 passed\n");
       flow->l4.tcp.ssh_stage = 1 + packet->packet_direction;
       return;
@@ -65,10 +68,13 @@ void ndpi_search_ssh_tcp(struct ndpi_detection_module_struct *ndpi_struct, struc
   } else if (flow->l4.tcp.ssh_stage == (2 - packet->packet_direction)) {
     if (packet->payload_packet_len > 7 && packet->payload_packet_len < 500
 	&& memcmp(packet->payload, "SSH-", 4) == 0) {
-      int len = ndpi_min(sizeof(flow->protos.ssh.server_signature)-1, packet->payload_packet_len);
-      strncpy(flow->protos.ssh.server_signature, (const char *)packet->payload, len);
-      flow->protos.ssh.server_signature[len] = '\0';
-      ndpi_ssh_zap_cr(flow->protos.ssh.server_signature, len);
+      if(!ndpi_struct->disable_metadata_export) {
+	int len = ndpi_min(sizeof(flow->protos.ssh.server_signature)-1, packet->payload_packet_len);
+	strncpy(flow->protos.ssh.server_signature, (const char *)packet->payload, len);
+	flow->protos.ssh.server_signature[len] = '\0';
+	ndpi_ssh_zap_cr(flow->protos.ssh.server_signature, len);
+      }
+      
       NDPI_LOG_INFO(ndpi_struct, "found ssh\n");
       
       ndpi_int_ssh_add_connection(ndpi_struct, flow);
diff --git a/src/lib/protocols/ssl.c b/src/lib/protocols/ssl.c
index adb0e9cf4..aa649f579 100644
--- a/src/lib/protocols/ssl.c
+++ b/src/lib/protocols/ssl.c
@@ -225,9 +225,11 @@ int getSSLcertificate(struct ndpi_detection_module_struct *ndpi_struct,
 	      }
 
 	      if(num_dots >= 2) {
-		stripCertificateTrailer(buffer, buffer_len);
-		snprintf(flow->protos.ssl.server_certificate,
-			 sizeof(flow->protos.ssl.server_certificate), "%s", buffer);
+		if(!ndpi_struct->disable_metadata_export) {
+		  stripCertificateTrailer(buffer, buffer_len);
+		  snprintf(flow->protos.ssl.server_certificate,
+			   sizeof(flow->protos.ssl.server_certificate), "%s", buffer);
+		}
 		return(1 /* Server Certificate */);
 	      }
 	    }
@@ -289,9 +291,11 @@ int getSSLcertificate(struct ndpi_detection_module_struct *ndpi_struct,
 			buffer[len] = '\0';
 			stripCertificateTrailer(buffer, buffer_len);
 
-			snprintf(flow->protos.ssl.client_certificate,
-				 sizeof(flow->protos.ssl.client_certificate), "%s", buffer);
-
+			if(!ndpi_struct->disable_metadata_export) {
+			  snprintf(flow->protos.ssl.client_certificate,
+				   sizeof(flow->protos.ssl.client_certificate), "%s", buffer);
+			}
+			
 			/* We're happy now */
 			return(2 /* Client Certificate */);
 		      }
diff --git a/src/lib/protocols/ubntac2.c b/src/lib/protocols/ubntac2.c
index 012c8712e..d8392fda7 100644
--- a/src/lib/protocols/ubntac2.c
+++ b/src/lib/protocols/ubntac2.c
@@ -64,10 +64,12 @@ void ndpi_search_ubntac2(struct ndpi_detection_module_struct *ndpi_struct, struc
 	    version[j++] = packet->payload[i];
 	  
 	  version[j] = '\0';
-	  
-	  len = ndpi_min(sizeof(flow->protos.ubntac2.version)-1, j);
-	  strncpy(flow->protos.ubntac2.version, (const char *)version, len);
-	  flow->protos.ubntac2.version[len] = '\0';
+
+	  if(!ndpi_struct->disable_metadata_export) {
+	    len = ndpi_min(sizeof(flow->protos.ubntac2.version)-1, j);
+	    strncpy(flow->protos.ubntac2.version, (const char *)version, len);
+	    flow->protos.ubntac2.version[len] = '\0';
+	  }
 	}
 	
 	NDPI_LOG_INFO(ndpi_struct, "UBNT AirControl 2 request\n");
diff --git a/src/lib/protocols/whoisdas.c b/src/lib/protocols/whoisdas.c
index 32a9d186f..291ae15ca 100644
--- a/src/lib/protocols/whoisdas.c
+++ b/src/lib/protocols/whoisdas.c
@@ -41,15 +41,16 @@ void ndpi_search_whois_das(struct ndpi_detection_module_struct *ndpi_struct, str
 	
 	u_int max_len = sizeof(flow->host_server_name) - 1;
 	u_int i, j;
-	
-	for(i=strlen((const char *)flow->host_server_name), j=0; (i<max_len) && (j<packet->payload_packet_len); i++, j++) {
 
-	  if((packet->payload[j] == '\n') || (packet->payload[j] == '\r')) break;
+	if(!ndpi_struct->disable_metadata_export) {
+	  for(i=strlen((const char *)flow->host_server_name), j=0; (i<max_len) && (j<packet->payload_packet_len); i++, j++) {
+	    if((packet->payload[j] == '\n') || (packet->payload[j] == '\r')) break;	  
+	    flow->host_server_name[i] = packet->payload[j];
+	  }
 	  
-	  flow->host_server_name[i] = packet->payload[j];
+	  flow->host_server_name[i] = '\0';
 	}
 	
-	flow->host_server_name[i] = '\0';
 	flow->server_id = ((sport == 43) || (sport == 4343)) ? flow->src : flow->dst;
 	
 	NDPI_LOG_INFO(ndpi_struct, "[WHOIS/DAS] %s\n", flow->host_server_name);
author	Luca Deri <deri@ntop.org>	2018-05-14 21:40:27 +0200
committer	Luca Deri <deri@ntop.org>	2018-05-14 21:40:27 +0200
commit	1076455c01bfcfa51b24ff8d681e65fd00047dbd (patch)
tree	1ffe59c0ae57a55499cece7a2131431bdcf6eea2 /src/lib/protocols
parent	2d486aeed8e6450cc8034d6244848297bdefc31e (diff)