Code improvements

author: Luca Deri <deri@ntop.org> 2019-12-09 00:29:02 +0100
committer: Luca Deri <deri@ntop.org> 2019-12-09 00:29:02 +0100
commit: c4d476cc583a2ef1e9814134efa4fbf484564ed7 (patch)
tree: f6a1c8dc478efcd0037e812ff37ea89ab0c31021 /src
parent: 23b0b8625d1f20596b2b20a149fb28c38046f4e1 (diff)
12 files changed, 80 insertions, 59 deletions
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index a9c14dc85..b0518649c 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -22,7 +22,7 @@
  */
 
 
-#ifndef __NDPI_API_H__
+#ifndef __NDPI_PROTOCOL_IDS_H__
 
 #endif
 
@@ -301,4 +301,5 @@ typedef enum {
 #define NDPI_PROTOCOL_NO_MASTER_PROTO    NDPI_PROTOCOL_UNKNOWN
 #define NDPI_MAX_SUPPORTED_PROTOCOLS     NDPI_LAST_IMPLEMENTED_PROTOCOL
 #define NDPI_MAX_NUM_CUSTOM_PROTOCOLS    (NDPI_NUM_BITS-NDPI_LAST_IMPLEMENTED_PROTOCOL)
-#endif
+
+#endif /* __NDPI_PROTOCOL_IDS_H__ */
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 9b0339c3c..3637561d0 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -1063,9 +1063,12 @@ int ndpi_flow2json(struct ndpi_detection_module_struct *ndpi_struct,
 	ndpi_serialize_string_string(serializer, "cipher", ndpi_cipher2str(flow->protos.stun_ssl.ssl.server_cipher));
 
 	if(flow->l4.tcp.tls_sha1_certificate_fingerprint[0] != '\0') {
-	  for(i=0, off=0; i<20; i++)
-	    off += snprintf(&buf[off], sizeof(buf)-off,"%s%02X", (i > 0) ? ":" : "",
-			    flow->l4.tcp.tls_sha1_certificate_fingerprint[i] & 0xFF);
+	  for(i=0, off=0; i<20; i++) {
+	    int rc = snprintf(&buf[off], sizeof(buf)-off,"%s%02X", (i > 0) ? ":" : "",
+			      flow->l4.tcp.tls_sha1_certificate_fingerprint[i] & 0xFF);
+	    
+	    if(rc <= 0) break; else off += rc;
+	  }
 
 	  ndpi_serialize_string_string(serializer, "fingerprint", buf);
 	}
diff --git a/src/lib/protocols/directdownloadlink.c b/src/lib/protocols/directdownloadlink.c
index dae952a7a..95d795885 100644
--- a/src/lib/protocols/directdownloadlink.c
+++ b/src/lib/protocols/directdownloadlink.c
@@ -56,7 +56,7 @@ u_int8_t search_ddl_domains(struct ndpi_detection_module_struct *ndpi_struct, st
 {
   struct ndpi_packet_struct *packet = &flow->packet;
   u_int16_t filename_start = 0;
-  u_int8_t i = 1;
+  u_int16_t i = 1;
   u_int16_t host_line_len_without_port;
 
   if (packet->payload_packet_len < 100) {
diff --git a/src/lib/protocols/fasttrack.c b/src/lib/protocols/fasttrack.c
index 49a4abdce..8fb20924f 100644
--- a/src/lib/protocols/fasttrack.c
+++ b/src/lib/protocols/fasttrack.c
@@ -37,47 +37,48 @@ static void ndpi_int_fasttrack_add_connection(struct ndpi_detection_module_struc
 
 void ndpi_search_fasttrack_tcp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow)
 {
-	struct ndpi_packet_struct *packet = &flow->packet;
+  struct ndpi_packet_struct *packet = &flow->packet;
 	
-	NDPI_LOG_DBG(ndpi_struct, "search FASTTRACK\n");
-
-	if ( (packet->payload != NULL)
-	     && (packet->payload_packet_len > 6)
-	     && (ntohs(get_u_int16_t(packet->payload, packet->payload_packet_len - 2)) == 0x0d0a)) {
-		NDPI_LOG_DBG2(ndpi_struct, "detected 0d0a at the end of the packet\n");
-
-		if (memcmp(packet->payload, "GIVE ", 5) == 0 && packet->payload_packet_len >= 8) {
-			u_int16_t i;
-			for (i = 5; i < (packet->payload_packet_len - 2); i++) {
-				// make shure that the argument to GIVE is numeric
-				if (!(packet->payload[i] >= '0' && packet->payload[i] <= '9')) {
-					goto exclude_fasttrack;
-				}
-			}
-
-			NDPI_LOG_INFO(ndpi_struct, "found FASTTRACK\n");
-			ndpi_int_fasttrack_add_connection(ndpi_struct, flow);
-			return;
-		}
-
-		if (packet->payload_packet_len > 50 && memcmp(packet->payload, "GET /", 5) == 0) {
-			u_int8_t a = 0;
-			NDPI_LOG_DBG2(ndpi_struct, "detected GET /. \n");
-			ndpi_parse_packet_line_info(ndpi_struct, flow);
-			for (a = 0; a < packet->parsed_lines; a++) {
-				if ((packet->line[a].len > 17 && memcmp(packet->line[a].ptr, "X-Kazaa-Username: ", 18) == 0)
-					|| (packet->line[a].len > 23 && memcmp(packet->line[a].ptr, "User-Agent: PeerEnabler/", 24) == 0)) {
-					NDPI_LOG_INFO(ndpi_struct,
-							"found FASTTRACK X-Kazaa-Username: || User-Agent: PeerEnabler/\n");
-					ndpi_int_fasttrack_add_connection(ndpi_struct, flow);
-					return;
-				}
-			}
-		}
+  NDPI_LOG_DBG(ndpi_struct, "search FASTTRACK\n");
+
+  if ( (packet->payload != NULL)
+       && (packet->payload_packet_len > 6)
+       && (ntohs(get_u_int16_t(packet->payload, packet->payload_packet_len - 2)) == 0x0d0a)) {
+    NDPI_LOG_DBG2(ndpi_struct, "detected 0d0a at the end of the packet\n");
+
+    if (memcmp(packet->payload, "GIVE ", 5) == 0 && packet->payload_packet_len >= 8) {
+      u_int16_t i;
+      for (i = 5; i < (packet->payload_packet_len - 2); i++) {
+	// make shure that the argument to GIVE is numeric
+	if (!(packet->payload[i] >= '0' && packet->payload[i] <= '9')) {
+	  goto exclude_fasttrack;
+	}
+      }
+
+      NDPI_LOG_INFO(ndpi_struct, "found FASTTRACK\n");
+      ndpi_int_fasttrack_add_connection(ndpi_struct, flow);
+      return;
+    }
+
+    if (packet->payload_packet_len > 50 && memcmp(packet->payload, "GET /", 5) == 0) {
+      u_int16_t a = 0;
+      NDPI_LOG_DBG2(ndpi_struct, "detected GET /. \n");
+
+      ndpi_parse_packet_line_info(ndpi_struct, flow);
+      for (a = 0; a < packet->parsed_lines; a++) {
+	if ((packet->line[a].len > 17 && memcmp(packet->line[a].ptr, "X-Kazaa-Username: ", 18) == 0)
+	    || (packet->line[a].len > 23 && memcmp(packet->line[a].ptr, "User-Agent: PeerEnabler/", 24) == 0)) {
+	  NDPI_LOG_INFO(ndpi_struct,
+			"found FASTTRACK X-Kazaa-Username: || User-Agent: PeerEnabler/\n");
+	  ndpi_int_fasttrack_add_connection(ndpi_struct, flow);
+	  return;
 	}
+      }
+    }
+  }
 
-  exclude_fasttrack:
-	NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
+ exclude_fasttrack:
+  NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
 }
 
 
diff --git a/src/lib/protocols/icecast.c b/src/lib/protocols/icecast.c
index 249996281..3055b79f1 100644
--- a/src/lib/protocols/icecast.c
+++ b/src/lib/protocols/icecast.c
@@ -36,7 +36,7 @@ static void ndpi_int_icecast_add_connection(struct ndpi_detection_module_struct
 void ndpi_search_icecast_tcp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow)
 {
   struct ndpi_packet_struct *packet = &flow->packet;
-  u_int8_t i;
+  u_int16_t i;
 
   NDPI_LOG_DBG(ndpi_struct, "search icecast\n");
 
diff --git a/src/lib/protocols/mail_smtp.c b/src/lib/protocols/mail_smtp.c
index 86ff79486..353d2997d 100644
--- a/src/lib/protocols/mail_smtp.c
+++ b/src/lib/protocols/mail_smtp.c
@@ -73,7 +73,7 @@ void ndpi_search_mail_smtp_tcp(struct ndpi_detection_module_struct *ndpi_struct,
      && (packet->parsed_lines <  NDPI_MAX_PARSE_LINES_PER_PACKET)
      && (ntohs(get_u_int16_t(packet->payload, packet->payload_packet_len - 2)) == 0x0d0a)
      ) {
-    u_int8_t a;
+    u_int16_t a;
     u_int8_t bit_count = 0;
 
     NDPI_PARSE_PACKET_LINE_INFO(ndpi_struct, flow, packet);
diff --git a/src/lib/protocols/oscar.c b/src/lib/protocols/oscar.c
index 535e513a9..ec256b81b 100644
--- a/src/lib/protocols/oscar.c
+++ b/src/lib/protocols/oscar.c
@@ -580,7 +580,7 @@ static void ndpi_search_oscar_tcp_connect(struct ndpi_detection_module_struct
 		{
 		  /* request ID */
 		  req_ID = get_u_int32_t(packet->payload, 12);
-		  if((req_ID <= ((u_int32_t)-1)))
+		  /* if((req_ID <= ((u_int32_t)-1))) */
 		    {
 		      NDPI_LOG_INFO(ndpi_struct, "found OSCAR\n");
 		      ndpi_int_oscar_add_connection(ndpi_struct, flow);
@@ -740,10 +740,13 @@ static void ndpi_search_oscar_tcp_connect(struct ndpi_detection_module_struct
 		 || memcmp(packet->payload, "\x00\x0d\x00\x87\x01\xc1", 6) == 0)))) {
       flow->oscar_video_voice = 1;
     }
+
+#if 0
     if (flow->oscar_video_voice && ntohs(get_u_int16_t(packet->payload, 0)) == packet->payload_packet_len
 	&& packet->payload[2] == 0x00 && packet->payload[3] == 0x00) {
     }
-
+#endif
+    
     if (packet->payload_packet_len >= 70 && ntohs(get_u_int16_t(packet->payload, 4)) == packet->payload_packet_len) {
       if (memcmp(packet->payload, "OFT", 3) == 0 &&
 	  ((packet->payload[3] == '3' && ((memcmp(&packet->payload[4], "\x01\x00\x01\x01", 4) == 0)
diff --git a/src/lib/protocols/radius.c b/src/lib/protocols/radius.c
index b64767700..83315d71d 100644
--- a/src/lib/protocols/radius.c
+++ b/src/lib/protocols/radius.c
@@ -43,8 +43,7 @@ static void ndpi_check_radius(struct ndpi_detection_module_struct *ndpi_struct,
     if((payload_len < 20) || (payload_len > 4096))
 	return;
 
-    if((payload_len > sizeof(struct radius_header))
-       && (h->code > 0)
+    if((h->code > 0)
        && (h->code <= 13)
        && (ntohs(h->len) == payload_len)) {
       NDPI_LOG_INFO(ndpi_struct, "Found radius\n");
@@ -52,6 +51,7 @@ static void ndpi_check_radius(struct ndpi_detection_module_struct *ndpi_struct,
 
       return;
     }
+    
     NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
     return;
   }
diff --git a/src/lib/protocols/sflow.c b/src/lib/protocols/sflow.c
index 6330e178c..9e87cfe3f 100644
--- a/src/lib/protocols/sflow.c
+++ b/src/lib/protocols/sflow.c
@@ -42,7 +42,7 @@ void ndpi_search_sflow(struct ndpi_detection_module_struct *ndpi_struct, struct
     return;
   }
 
-// FIXME  NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
+  NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
 }
 
 void init_sflow_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask)
diff --git a/src/lib/protocols/soulseek.c b/src/lib/protocols/soulseek.c
index be4d2e0e9..8e7341713 100644
--- a/src/lib/protocols/soulseek.c
+++ b/src/lib/protocols/soulseek.c
@@ -259,7 +259,9 @@ void ndpi_search_soulseek_tcp(struct ndpi_detection_module_struct *ndpi_struct,
       SOULSEEK_DETECT;
       return;
     }
+    
     if(flow->l4.tcp.soulseek_stage && flow->packet_counter < 11) {
+      ;
     } else {
       NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
     }
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index ed92814d9..fb9ad4c45 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -352,16 +352,22 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
 
 	  ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version);
 
-	  for(i=0; i<ja3.num_cipher; i++)
-	    ja3_str_len += snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]);
+	  for(i=0; i<ja3.num_cipher; i++) {
+	    int rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]);
 
+	    if(rc <= 0) break; else ja3_str_len += rc;
+	  }
+	  
 	  ja3_str_len += snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
 
 	  /* ********** */
 
-	  for(i=0; i<ja3.num_tls_extension; i++)
-	    ja3_str_len += snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]);
+	  for(i=0; i<ja3.num_tls_extension; i++) {
+	    int rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]);
 
+	    if(rc <= 0) break; else ja3_str_len += rc;
+	  }
+	  
 #ifdef DEBUG_TLS
 	  printf("TLS [server] %s\n", ja3_str);
 #endif
@@ -374,10 +380,12 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
 	  ndpi_MD5Update(&ctx, (const unsigned char *)ja3_str, strlen(ja3_str));
 	  ndpi_MD5Final(md5_hash, &ctx);
 
-	  for(i=0, j=0; i<16; i++)
-	    j += snprintf(&flow->protos.stun_ssl.ssl.ja3_server[j],
-			  sizeof(flow->protos.stun_ssl.ssl.ja3_server)-j, "%02x", md5_hash[i]);
-
+	  for(i=0, j=0; i<16; i++) {
+	    int rc = snprintf(&flow->protos.stun_ssl.ssl.ja3_server[j],
+			      sizeof(flow->protos.stun_ssl.ssl.ja3_server)-j, "%02x", md5_hash[i]);
+	    if(rc <= 0) break; else j += rc;
+	  }
+	  
 #ifdef DEBUG_TLS
 	  printf("[JA3] Server: %s \n", flow->protos.stun_ssl.ssl.ja3_server);
 #endif
diff --git a/src/lib/protocols/zattoo.c b/src/lib/protocols/zattoo.c
index 4f2d115ce..1c40fdb8f 100644
--- a/src/lib/protocols/zattoo.c
+++ b/src/lib/protocols/zattoo.c
@@ -164,12 +164,15 @@ void ndpi_search_zattoo(struct ndpi_detection_module_struct *ndpi_struct, struct
 	NDPI_LOG_DBG2(ndpi_struct, "need next packet, seen pattern 0x0000\n");
 	return;
       }
+#if 0
       if(packet->payload_packet_len > 50
 	  && packet->payload[0] == 0x03
 	  && packet->payload[1] == 0x04
 	  && packet->payload[2] == 0x00
 	  && packet->payload[3] == 0x04 && packet->payload[4] == 0x0a && packet->payload[5] == 0x00) {
       }
+#endif
+      
       NDPI_LOG_DBG2(ndpi_struct, "need next packet, seen pattern 0x030400040a00\n");
       return;
author	Luca Deri <deri@ntop.org>	2019-12-09 00:29:02 +0100
committer	Luca Deri <deri@ntop.org>	2019-12-09 00:29:02 +0100
commit	c4d476cc583a2ef1e9814134efa4fbf484564ed7 (patch)
tree	f6a1c8dc478efcd0037e812ff37ea89ab0c31021 /src
parent	23b0b8625d1f20596b2b20a149fb28c38046f4e1 (diff)