Resolved conflicts on fetch

3 files changed, 92 insertions, 46 deletions

diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 5f980b506..824e2585f 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1172,7 +1172,7 @@ struct ndpi_flow_struct {
   u_char host_server_name[240];
   u_int8_t initial_binary_bytes[8], initial_binary_bytes_len;
   u_int8_t risk_checked;
-  u_int32_t risk; /* Issues found with this flow [bitmask of ndpi_risk] */
+  ndpi_risk risk; /* Issues found with this flow [bitmask of ndpi_risk] */
   
   /*
     This structure below will not not stay inside the protos
diff --git a/src/lib/protocols/ssh.c b/src/lib/protocols/ssh.c
index 1b876a42e..5927d066b 100644
--- a/src/lib/protocols/ssh.c
+++ b/src/lib/protocols/ssh.c
@@ -92,6 +92,7 @@ static void ssh_analyze_signature_version(struct ndpi_detection_module_struct *n
       if (patch < PATCH_CUTOFF) obsolete_ssh_version = 1;
   }
   
+<<<<<<< HEAD
   if (obsolete_ssh_version) {
       #ifdef SSH_DEBUG
         printf("[SSH] [SSH Version: %d.%d.%d]\n", major, minor, patch);
@@ -99,6 +100,40 @@ static void ssh_analyze_signature_version(struct ndpi_detection_module_struct *n
 
       NDPI_SET_BIT(flow->risk, (is_client_signature ? NDPI_SSH_OBSOLETE_CLIENT_VERSION_OR_CIPHER : NDPI_SSH_OBSOLETE_SERVER_VERSION_OR_CIPHER));
   }
+||||||| f83d0b18
+  /*
+  if(obsolete_ssh_version)
+    NDPI_SET_BIT(flow->risk, is_client_signature ? NDPI_SSH_OBSOLETE_CLIENT_SIGNATURE : NDPI_SSH_OBSOLETE_SERVER_SIGNATURE);
+  */
+  
+=======
+  /*
+  if(obsolete_ssh_version)
+    NDPI_SET_BIT(flow->risk, is_client_signature ? NDPI_SSH_OBSOLETE_CLIENT_SIGNATURE : NDPI_SSH_OBSOLETE_SERVER_SIGNATURE);
+  */
+}
+  
+/* ************************************************************************ */
+
+static void ssh_analyse_cipher(struct ndpi_detection_module_struct *ndpi_struct,
+			       struct ndpi_flow_struct *flow,
+			       char *cipher, u_int cipher_len,
+			       u_int8_t is_client_signature) {
+  /*
+    List of obsolete ciphers can be found at
+    https://www.linuxminion.com/deprecated-ssh-cryptographic-settings/
+  */
+#ifdef SSH_DEBUG
+  u_int i;
+  
+  printf("[%s] ", is_client_signature ? "CLIENT" : "SERVER");
+
+  for(i=0; i<cipher_len; i++)
+    printf("%c", cipher[i]);
+
+  printf("\n");
+#endif
+>>>>>>> ntop_origin/dev
 }
   
 /* ************************************************************************ */
@@ -136,7 +171,9 @@ static void ndpi_int_ssh_add_connection(struct ndpi_detection_module_struct
 
 /* ************************************************************************ */
 
-static u_int16_t concat_hash_string(struct ndpi_packet_struct *packet,
+static u_int16_t concat_hash_string(struct ndpi_detection_module_struct *ndpi_struct,
+				    struct ndpi_flow_struct *flow,
+				    struct ndpi_packet_struct *packet,
 				    char *buf, u_int8_t client_hash) {
   u_int32_t offset = 22, len, buf_out_len = 0, max_payload_len = packet->payload_packet_len-sizeof(u_int32_t);
   const u_int32_t len_max = 65565;
@@ -178,6 +215,7 @@ static u_int16_t concat_hash_string(struct ndpi_packet_struct *packet,
       goto invalid_payload;
 
     strncpy(&buf[buf_out_len], (const char *)&packet->payload[offset], len);
+    ssh_analyse_cipher(ndpi_struct, flow, (char*)&packet->payload[offset], len, 1 /* client */);
     buf_out_len += len;
     buf[buf_out_len++] = ';';
   }
@@ -198,6 +236,7 @@ static u_int16_t concat_hash_string(struct ndpi_packet_struct *packet,
       goto invalid_payload;
 
     strncpy(&buf[buf_out_len], (const char *)&packet->payload[offset], len);
+    ssh_analyse_cipher(ndpi_struct, flow, (char*)&packet->payload[offset], len, 0 /* server */);
     buf_out_len += len;
     buf[buf_out_len++] = ';';
   }
@@ -383,7 +422,7 @@ static void ndpi_search_ssh_tcp(struct ndpi_detection_module_struct *ndpi_struct
 	if(packet->packet_direction == 0 /* client */) {
 	  u_char fingerprint_client[16];
 
-	  len = concat_hash_string(packet, hassh_buf, 1 /* client */);
+	  len = concat_hash_string(ndpi_struct, flow, packet, hassh_buf, 1 /* client */);
 
 	  ndpi_MD5Init(&ctx);
 	  ndpi_MD5Update(&ctx, (const unsigned char *)hassh_buf, len);
@@ -401,7 +440,7 @@ static void ndpi_search_ssh_tcp(struct ndpi_detection_module_struct *ndpi_struct
 	} else {
 	  u_char fingerprint_server[16];
 
-	  len = concat_hash_string(packet, hassh_buf, 0 /* server */);
+	  len = concat_hash_string(ndpi_struct, flow, packet, hassh_buf, 0 /* server */);
 
 	  ndpi_MD5Init(&ctx);
 	  ndpi_MD5Update(&ctx, (const unsigned char *)hassh_buf, len);
diff --git a/src/lib/third_party/src/hll/hll.c b/src/lib/third_party/src/hll/hll.c
index b9d61f21c..a7006c7ed 100644
--- a/src/lib/third_party/src/hll/hll.c
+++ b/src/lib/third_party/src/hll/hll.c
@@ -82,21 +82,26 @@ int hll_init(struct ndpi_hll *hll, u_int8_t bits) {
 }
 
 void hll_destroy(struct ndpi_hll *hll) {
-  ndpi_free(hll->registers);
-
-  hll->registers = NULL;
+  if(hll->registers) {
+    ndpi_free(hll->registers);
+    
+    hll->registers = NULL;
+  }
 }
 
 void hll_reset(struct ndpi_hll *hll) {
-  memset(hll->registers, 0, hll->size);
+  if(hll->registers)
+    memset(hll->registers, 0, hll->size);
 }
 
 static __inline void _hll_add_hash(struct ndpi_hll *hll, u_int32_t hash) {
-  u_int32_t index = hash >> (32 - hll->bits);
-  u_int8_t rank = _hll_rank(hash, hll->bits);
-
-  if(rank > hll->registers[index]) {
-    hll->registers[index] = rank;
+  if(hll->registers) {
+    u_int32_t index = hash >> (32 - hll->bits);
+    u_int8_t rank = _hll_rank(hash, hll->bits);
+    
+    if(rank > hll->registers[index]) {
+      hll->registers[index] = rank;
+    }
   }
 }
 
@@ -107,46 +112,48 @@ void hll_add(struct ndpi_hll *hll, const void *buf, size_t size) {
 }
 
 double hll_count(const struct ndpi_hll *hll) {
-  double alpha_mm;
-  u_int32_t i;
-
-  switch (hll->bits) {
-  case 4:
-    alpha_mm = 0.673;
-    break;
-  case 5:
-    alpha_mm = 0.697;
-    break;
-  case 6:
-    alpha_mm = 0.709;
-    break;
-  default:
-    alpha_mm = 0.7213 / (1.0 + 1.079 / (double)hll->size);
-    break;
-  }
+  if(hll->registers) {
+    double alpha_mm, sum, estimate;
+    u_int32_t i;
 
-  alpha_mm *= ((double)hll->size * (double)hll->size);
+    switch(hll->bits) {
+    case 4:
+      alpha_mm = 0.673;
+      break;
+    case 5:
+      alpha_mm = 0.697;
+      break;
+    case 6:
+      alpha_mm = 0.709;
+      break;
+    default:
+      alpha_mm = 0.7213 / (1.0 + 1.079 / (double)hll->size);
+      break;
+    }
 
-  double sum = 0;
-  for(i = 0; i < hll->size; i++) {
-    sum += 1.0 / (1 << hll->registers[i]);
-  }
+    alpha_mm *= ((double)hll->size * (double)hll->size);
+
+    sum = 0;
+    for(i = 0; i < hll->size; i++)
+      sum += 1.0 / (1 << hll->registers[i]);    
 
-  double estimate = alpha_mm / sum;
+    estimate = alpha_mm / sum;
 
-  if (estimate <= 5.0 / 2.0 * (double)hll->size) {
-    int zeros = 0;
+    if(estimate <= (5.0 / 2.0 * (double)hll->size)) {
+      int zeros = 0;
 
-    for(i = 0; i < hll->size; i++)
-      zeros += (hll->registers[i] == 0);
+      for(i = 0; i < hll->size; i++)
+	zeros += (hll->registers[i] == 0);
 
-    if(zeros)
-      estimate = (double)hll->size * log((double)hll->size / zeros);
+      if(zeros)
+	estimate = (double)hll->size * log((double)hll->size / zeros);
 
-  } else if (estimate > (1.0 / 30.0) * 4294967296.0) {
-    estimate = -4294967296.0 * log(1.0 - (estimate / 4294967296.0));
-  }
+    } else if(estimate > ((1.0 / 30.0) * 4294967296.0)) {
+      estimate = -4294967296.0 * log(1.0 - (estimate / 4294967296.0));
+    }
 
-  return estimate;
+    return estimate;
+  } else
+    return(0.);
 }