diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-01-20 16:14:41 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-20 16:14:41 +0100 |
| commit | 42d23cff6a87825e6d3bc8e81080e6a9102f7709 (patch) | |
| tree | 8987bfac24ff24de845e1a6ae369513c3567740e /src | |
| parent | 8651ce981149a73df6f2d9d64218ef58a4479c46 (diff) | |
config: follow-up (#2268)
Some changes in the parameters names.
Add a fuzzer to fuzz the configuration file format.
Add the infrastructure to configuratin callbacks.
Add an helper to map LRU cache indexes to names.
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/ndpi_api.h | 3 | ||||
| -rw-r--r-- | src/include/ndpi_private.h | 3 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 1 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 113 | ||||
| -rw-r--r-- | src/lib/ndpi_utils.c | 12 |
5 files changed, 79 insertions, 53 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index ce94df0d5..27386966e 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -2236,6 +2236,9 @@ extern "C" { /* ******************************* */ + const char *ndpi_lru_cache_idx_to_name(lru_cache_type idx); + + #ifdef __cplusplus } #endif diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h index 21fb11c38..cfe799ab1 100644 --- a/src/include/ndpi_private.h +++ b/src/include/ndpi_private.h @@ -315,8 +315,6 @@ struct ndpi_detection_module_struct { /* NDPI_PROTOCOL_ZOOM */ struct ndpi_lru_cache *zoom_cache; - u_int32_t zoom_cache_num_entries; - u_int32_t zoom_cache_ttl; /* NDPI_PROTOCOL_STUN and subprotocols */ struct ndpi_lru_cache *stun_cache; @@ -435,6 +433,7 @@ int load_categories_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE int load_malicious_sha1_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd); int load_malicious_ja3_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd); int load_risk_domain_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd); +int load_config_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd); /* TLS */ diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 5a0f95c8c..4b96d5216 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -239,6 +239,7 @@ typedef enum { NDPI_CFG_NOT_FOUND = -2, NDPI_CFG_INVALID_PARAM = -3, NDPI_CFG_CONTEXT_ALREADY_INITIALIZED = -4, + NDPI_CFG_CALLBACK_ERROR = -5, NDPI_CFG_OK = 0, } ndpi_cfg_error; diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index e9372ba5c..b3d75ebe6 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -4587,12 +4587,12 @@ int load_config_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) value = strtok_r(NULL, ",", &saveptr); if(value) { rc = ndpi_set_config(ndpi_str, proto, param, value); - if(rc < NDPI_CFG_OK) { + if(rc != NDPI_CFG_OK) { NDPI_LOG_ERR(ndpi_str, "Error ndpi_set_config [%s/%s/%s]: %d\n", proto, param, value, rc); return rc; - } - continue; + } + continue; } } NDPI_LOG_ERR(ndpi_str, "Error parsing [%s]\n", line); @@ -10565,7 +10565,7 @@ static u_int16_t __get_proto_id(const char *proto_name_or_id) /* Use a temporary module with all protocols enabled */ module = ndpi_init_detection_module(); if(!module) - return -1; + return NDPI_PROTOCOL_UNKNOWN; NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(module, &all); /* Try to be fast: we need only the protocol name -> protocol id mapping! */ @@ -10612,14 +10612,14 @@ static ndpi_cfg_error _set_param_int(struct ndpi_detection_module_struct *ndpi_s return NDPI_CFG_INVALID_PARAM; } - *variable = val; - /* Min and max values are set in the code, so we can convert them to integers without too many checks...*/ if(min_value && max_value && (val < strtol(min_value, NULL, 0) || val > strtol(max_value, NULL, 0))) return NDPI_CFG_INVALID_PARAM; + *variable = val; + return NDPI_CFG_OK; } @@ -10750,6 +10750,7 @@ typedef ndpi_cfg_error (*cfg_set)(struct ndpi_detection_module_struct *ndpi_str, const char *min_value, const char *max_value, const char *proto); typedef char *(*cfg_get)(void *_variable, const char *proto, char *buf, int buf_len); +typedef int (*cfg_calback)(struct ndpi_detection_module_struct *ndpi_str, void *_variable, const char *proto, const char *param); static const struct cfg_op { enum cfg_param_type type; @@ -10772,81 +10773,82 @@ static const struct cfg_param { char *max_value; enum cfg_param_type type; int offset; + cfg_calback fn_callback; } cfg_params[] = { /* Per-protocol parameters */ - { "tls", "certificate_expiration_threshold", "30", "0", "365", CFG_PARAM_INT, __OFF(tls_certificate_expire_in_x_days) }, - { "tls", "application_blocks_tracking.enable", "0", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_app_blocks_tracking_enabled) }, - { "tls", "metadata.sha1_fingerprint.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_sha1_fingerprint_enabled) }, + { "tls", "certificate_expiration_threshold", "30", "0", "365", CFG_PARAM_INT, __OFF(tls_certificate_expire_in_x_days), NULL }, + { "tls", "application_blocks_tracking", "disable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_app_blocks_tracking_enabled), NULL }, + { "tls", "metadata.sha1_fingerprint", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_sha1_fingerprint_enabled), NULL }, - { "smtp", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(smtp_opportunistic_tls_enabled) }, + { "smtp", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(smtp_opportunistic_tls_enabled), NULL }, - { "imap", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(imap_opportunistic_tls_enabled) }, + { "imap", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(imap_opportunistic_tls_enabled), NULL }, - { "pop", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(pop_opportunistic_tls_enabled) }, + { "pop", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(pop_opportunistic_tls_enabled), NULL }, - { "ftp", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(ftp_opportunistic_tls_enabled) }, + { "ftp", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(ftp_opportunistic_tls_enabled), NULL }, - { "stun", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(stun_opportunistic_tls_enabled) }, + { "stun", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(stun_opportunistic_tls_enabled), NULL }, - { "dns", "subclassification.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_subclassification_enabled) }, - { "dns", "process_response.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_parse_response_enabled) }, + { "dns", "subclassification", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_subclassification_enabled), NULL }, + { "dns", "process_response", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_parse_response_enabled), NULL }, - { "http", "process_response.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(http_parse_response_enabled) }, + { "http", "process_response", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(http_parse_response_enabled), NULL }, - { "ookla", "aggressiveness", "0x01", "0", "1", CFG_PARAM_INT, __OFF(ookla_aggressiveness) }, + { "ookla", "dpi.aggressiveness", "0x01", "0", "1", CFG_PARAM_INT, __OFF(ookla_aggressiveness), NULL }, - { "$PROTO_NAME_OR_ID", "log.enable", "0", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(debug_bitmask) }, - { "$PROTO_NAME_OR_ID", "ip_list.load", "1", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(ip_list_bitmask) }, + { "$PROTO_NAME_OR_ID", "log", "disable", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(debug_bitmask), NULL }, + { "$PROTO_NAME_OR_ID", "ip_list.load", "1", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(ip_list_bitmask), NULL }, /* Global parameters */ - { NULL, "packets_limit_per_flow", "32", "0", "255", CFG_PARAM_INT, __OFF(max_packets_to_process) }, - { NULL, "flow.direction_detection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(direction_detect_enabled) }, - { NULL, "flow.track_payload.enable", "0", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(track_payload_enabled), }, - { NULL, "tcp_ack_payload_heuristic.enable", "0", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tcp_ack_paylod_heuristic) }, - { NULL, "fully_encrypted_heuristic.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(fully_encrypted_heuristic) }, - { NULL, "libgcrypt.init", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(libgcrypt_init), }, - { NULL, "guess_on_giveup", "0x3", "0", "3", CFG_PARAM_INT, __OFF(guess_on_giveup) }, + { NULL, "packets_limit_per_flow", "32", "0", "255", CFG_PARAM_INT, __OFF(max_packets_to_process), NULL }, + { NULL, "flow.direction_detection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(direction_detect_enabled), NULL }, + { NULL, "flow.track_payload", "disable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(track_payload_enabled), NULL }, + { NULL, "tcp_ack_payload_heuristic", "disable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tcp_ack_paylod_heuristic), NULL }, + { NULL, "fully_encrypted_heuristic", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(fully_encrypted_heuristic), NULL }, + { NULL, "libgcrypt.init", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(libgcrypt_init), NULL }, + { NULL, "dpi.guess_on_giveup", "0x3", "0", "3", CFG_PARAM_INT, __OFF(guess_on_giveup), NULL }, - { NULL, "flow_risk_lists.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(flow_risk_lists_enabled)}, + { NULL, "flow_risk_lists.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(flow_risk_lists_enabled), NULL }, - { NULL, "flow_risk.anonymous_subscriber.list.icloudprivaterelay.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_icloudprivaterelay_enabled)}, - { NULL, "flow_risk.anonymous_subscriber.list.protonvpn.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_protonvpn_enabled)}, - { NULL, "flow_risk.crawler_bot.list.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_crawler_bot_list_enabled)}, + { NULL, "flow_risk.anonymous_subscriber.list.icloudprivaterelay.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_icloudprivaterelay_enabled), NULL }, + { NULL, "flow_risk.anonymous_subscriber.list.protonvpn.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_protonvpn_enabled), NULL }, + { NULL, "flow_risk.crawler_bot.list.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_crawler_bot_list_enabled), NULL }, - { NULL, "filename.config", NULL, NULL, NULL, CFG_PARAM_FILENAME_CONFIG, __OFF(filename_config) }, + { NULL, "filename.config", NULL, NULL, NULL, CFG_PARAM_FILENAME_CONFIG, __OFF(filename_config), NULL }, - { NULL, "log.level", "0", "0", "3", CFG_PARAM_INT, __OFF(log_level) }, + { NULL, "log.level", "0", "0", "3", CFG_PARAM_INT, __OFF(log_level), NULL }, /* LRU caches */ - { NULL, "lru.ookla.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_num_entries)}, - { NULL, "lru.ookla.ttl", "120", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_ttl)}, + { NULL, "lru.ookla.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_num_entries), NULL }, + { NULL, "lru.ookla.ttl", "120", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_ttl), NULL }, - { NULL, "lru.bittorrent.size", "32768", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_num_entries)}, - { NULL, "lru.bittorrent.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_ttl)}, + { NULL, "lru.bittorrent.size", "32768", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_num_entries), NULL }, + { NULL, "lru.bittorrent.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_ttl), NULL }, - { NULL, "lru.zoom.size", "512", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_num_entries)}, - { NULL, "lru.zoom.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_ttl)}, + { NULL, "lru.zoom.size", "512", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_num_entries), NULL }, + { NULL, "lru.zoom.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_ttl), NULL }, - { NULL, "lru.stun.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_num_entries)}, - { NULL, "lru.stun.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_ttl)}, + { NULL, "lru.stun.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_num_entries), NULL }, + { NULL, "lru.stun.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_ttl), NULL }, - { NULL, "lru.tls_cert.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_num_entries)}, - { NULL, "lru.tls_cert.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_ttl)}, + { NULL, "lru.tls_cert.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_num_entries), NULL }, + { NULL, "lru.tls_cert.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_ttl), NULL }, - { NULL, "lru.mining.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_num_entries)}, - { NULL, "lru.mining.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_ttl)}, + { NULL, "lru.mining.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_num_entries), NULL }, + { NULL, "lru.mining.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_ttl), NULL }, - { NULL, "lru.msteams.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_num_entries)}, - { NULL, "lru.msteams.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_ttl)}, + { NULL, "lru.msteams.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_num_entries), NULL }, + { NULL, "lru.msteams.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_ttl), NULL }, - { NULL, "lru.stun_zoom.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_num_entries)}, - { NULL, "lru.stun_zoom.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_ttl)}, + { NULL, "lru.stun_zoom.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_num_entries), NULL }, + { NULL, "lru.stun_zoom.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_ttl), NULL }, - { NULL, NULL, NULL, NULL, NULL, 0, -1 }, + { NULL, NULL, NULL, NULL, NULL, 0, -1, NULL }, }; #undef __OFF @@ -10866,6 +10868,7 @@ ndpi_cfg_error ndpi_set_config(struct ndpi_detection_module_struct *ndpi_str, { const struct cfg_param *c; ndpi_cfg_error rc; + int ret; if(!ndpi_str || !param || !value) return NDPI_CFG_INVALID_CONTEXT; @@ -10884,6 +10887,14 @@ ndpi_cfg_error ndpi_set_config(struct ndpi_detection_module_struct *ndpi_str, rc = cfg_ops[c->type].fn_set(ndpi_str, (void *)((char *)&ndpi_str->cfg + c->offset), value, c->min_value, c->max_value, proto); + if(rc == NDPI_CFG_OK && c->fn_callback) { + ret = c->fn_callback(ndpi_str, (void *)((char *)&ndpi_str->cfg + c->offset), + proto, param); + if(ret < 0) + rc = NDPI_CFG_CALLBACK_ERROR; + else + rc = ret; + } return rc; } } @@ -10898,7 +10909,7 @@ char *ndpi_get_config(struct ndpi_detection_module_struct *ndpi_str, if(!ndpi_str || !param || !buf || buf_len <= 0) return NULL; - NDPI_LOG_ERR(ndpi_str, "Get [%s][%s]\n", proto, param); + NDPI_LOG_DBG(ndpi_str, "Get [%s][%s]\n", proto, param); for(c = &cfg_params[0]; c && c->param; c++) { if(((proto == NULL && c->proto == NULL) || diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index 03b845c30..5f224f2e2 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -3094,3 +3094,15 @@ int64_t ndpi_strtonum(const char *numstr, int64_t minval, int64_t maxval, const *errstrp = NULL; return val; } + +/* ******************************************* */ + +const char *ndpi_lru_cache_idx_to_name(lru_cache_type idx) +{ + const char *names[NDPI_LRUCACHE_MAX] = { "ookla", "bittorrent", "zoom", "stun", + "tls_cert", "mining", "msteams", "stun_zoom" }; + + if(idx < 0 || idx >= NDPI_LRUCACHE_MAX) + return NULL; + return names[idx]; +} |