aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2024-01-20 16:14:41 +0100
committerGitHub <noreply@github.com>2024-01-20 16:14:41 +0100
commit42d23cff6a87825e6d3bc8e81080e6a9102f7709 (patch)
tree8987bfac24ff24de845e1a6ae369513c3567740e /src
parent8651ce981149a73df6f2d9d64218ef58a4479c46 (diff)
config: follow-up (#2268)
Some changes in the parameters names. Add a fuzzer to fuzz the configuration file format. Add the infrastructure to configuratin callbacks. Add an helper to map LRU cache indexes to names.
Diffstat (limited to 'src')
-rw-r--r--src/include/ndpi_api.h3
-rw-r--r--src/include/ndpi_private.h3
-rw-r--r--src/include/ndpi_typedefs.h1
-rw-r--r--src/lib/ndpi_main.c113
-rw-r--r--src/lib/ndpi_utils.c12
5 files changed, 79 insertions, 53 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index ce94df0d5..27386966e 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -2236,6 +2236,9 @@ extern "C" {
/* ******************************* */
+ const char *ndpi_lru_cache_idx_to_name(lru_cache_type idx);
+
+
#ifdef __cplusplus
}
#endif
diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h
index 21fb11c38..cfe799ab1 100644
--- a/src/include/ndpi_private.h
+++ b/src/include/ndpi_private.h
@@ -315,8 +315,6 @@ struct ndpi_detection_module_struct {
/* NDPI_PROTOCOL_ZOOM */
struct ndpi_lru_cache *zoom_cache;
- u_int32_t zoom_cache_num_entries;
- u_int32_t zoom_cache_ttl;
/* NDPI_PROTOCOL_STUN and subprotocols */
struct ndpi_lru_cache *stun_cache;
@@ -435,6 +433,7 @@ int load_categories_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE
int load_malicious_sha1_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd);
int load_malicious_ja3_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd);
int load_risk_domain_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd);
+int load_config_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd);
/* TLS */
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 5a0f95c8c..4b96d5216 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -239,6 +239,7 @@ typedef enum {
NDPI_CFG_NOT_FOUND = -2,
NDPI_CFG_INVALID_PARAM = -3,
NDPI_CFG_CONTEXT_ALREADY_INITIALIZED = -4,
+ NDPI_CFG_CALLBACK_ERROR = -5,
NDPI_CFG_OK = 0,
} ndpi_cfg_error;
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index e9372ba5c..b3d75ebe6 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -4587,12 +4587,12 @@ int load_config_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd)
value = strtok_r(NULL, ",", &saveptr);
if(value) {
rc = ndpi_set_config(ndpi_str, proto, param, value);
- if(rc < NDPI_CFG_OK) {
+ if(rc != NDPI_CFG_OK) {
NDPI_LOG_ERR(ndpi_str, "Error ndpi_set_config [%s/%s/%s]: %d\n",
proto, param, value, rc);
return rc;
- }
- continue;
+ }
+ continue;
}
}
NDPI_LOG_ERR(ndpi_str, "Error parsing [%s]\n", line);
@@ -10565,7 +10565,7 @@ static u_int16_t __get_proto_id(const char *proto_name_or_id)
/* Use a temporary module with all protocols enabled */
module = ndpi_init_detection_module();
if(!module)
- return -1;
+ return NDPI_PROTOCOL_UNKNOWN;
NDPI_BITMASK_SET_ALL(all);
ndpi_set_protocol_detection_bitmask2(module, &all);
/* Try to be fast: we need only the protocol name -> protocol id mapping! */
@@ -10612,14 +10612,14 @@ static ndpi_cfg_error _set_param_int(struct ndpi_detection_module_struct *ndpi_s
return NDPI_CFG_INVALID_PARAM;
}
- *variable = val;
-
/* Min and max values are set in the code, so we can convert them
to integers without too many checks...*/
if(min_value && max_value &&
(val < strtol(min_value, NULL, 0) || val > strtol(max_value, NULL, 0)))
return NDPI_CFG_INVALID_PARAM;
+ *variable = val;
+
return NDPI_CFG_OK;
}
@@ -10750,6 +10750,7 @@ typedef ndpi_cfg_error (*cfg_set)(struct ndpi_detection_module_struct *ndpi_str,
const char *min_value, const char *max_value,
const char *proto);
typedef char *(*cfg_get)(void *_variable, const char *proto, char *buf, int buf_len);
+typedef int (*cfg_calback)(struct ndpi_detection_module_struct *ndpi_str, void *_variable, const char *proto, const char *param);
static const struct cfg_op {
enum cfg_param_type type;
@@ -10772,81 +10773,82 @@ static const struct cfg_param {
char *max_value;
enum cfg_param_type type;
int offset;
+ cfg_calback fn_callback;
} cfg_params[] = {
/* Per-protocol parameters */
- { "tls", "certificate_expiration_threshold", "30", "0", "365", CFG_PARAM_INT, __OFF(tls_certificate_expire_in_x_days) },
- { "tls", "application_blocks_tracking.enable", "0", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_app_blocks_tracking_enabled) },
- { "tls", "metadata.sha1_fingerprint.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_sha1_fingerprint_enabled) },
+ { "tls", "certificate_expiration_threshold", "30", "0", "365", CFG_PARAM_INT, __OFF(tls_certificate_expire_in_x_days), NULL },
+ { "tls", "application_blocks_tracking", "disable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_app_blocks_tracking_enabled), NULL },
+ { "tls", "metadata.sha1_fingerprint", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tls_sha1_fingerprint_enabled), NULL },
- { "smtp", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(smtp_opportunistic_tls_enabled) },
+ { "smtp", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(smtp_opportunistic_tls_enabled), NULL },
- { "imap", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(imap_opportunistic_tls_enabled) },
+ { "imap", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(imap_opportunistic_tls_enabled), NULL },
- { "pop", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(pop_opportunistic_tls_enabled) },
+ { "pop", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(pop_opportunistic_tls_enabled), NULL },
- { "ftp", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(ftp_opportunistic_tls_enabled) },
+ { "ftp", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(ftp_opportunistic_tls_enabled), NULL },
- { "stun", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(stun_opportunistic_tls_enabled) },
+ { "stun", "tls_dissection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(stun_opportunistic_tls_enabled), NULL },
- { "dns", "subclassification.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_subclassification_enabled) },
- { "dns", "process_response.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_parse_response_enabled) },
+ { "dns", "subclassification", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_subclassification_enabled), NULL },
+ { "dns", "process_response", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(dns_parse_response_enabled), NULL },
- { "http", "process_response.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(http_parse_response_enabled) },
+ { "http", "process_response", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(http_parse_response_enabled), NULL },
- { "ookla", "aggressiveness", "0x01", "0", "1", CFG_PARAM_INT, __OFF(ookla_aggressiveness) },
+ { "ookla", "dpi.aggressiveness", "0x01", "0", "1", CFG_PARAM_INT, __OFF(ookla_aggressiveness), NULL },
- { "$PROTO_NAME_OR_ID", "log.enable", "0", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(debug_bitmask) },
- { "$PROTO_NAME_OR_ID", "ip_list.load", "1", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(ip_list_bitmask) },
+ { "$PROTO_NAME_OR_ID", "log", "disable", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(debug_bitmask), NULL },
+ { "$PROTO_NAME_OR_ID", "ip_list.load", "1", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(ip_list_bitmask), NULL },
/* Global parameters */
- { NULL, "packets_limit_per_flow", "32", "0", "255", CFG_PARAM_INT, __OFF(max_packets_to_process) },
- { NULL, "flow.direction_detection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(direction_detect_enabled) },
- { NULL, "flow.track_payload.enable", "0", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(track_payload_enabled), },
- { NULL, "tcp_ack_payload_heuristic.enable", "0", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tcp_ack_paylod_heuristic) },
- { NULL, "fully_encrypted_heuristic.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(fully_encrypted_heuristic) },
- { NULL, "libgcrypt.init", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(libgcrypt_init), },
- { NULL, "guess_on_giveup", "0x3", "0", "3", CFG_PARAM_INT, __OFF(guess_on_giveup) },
+ { NULL, "packets_limit_per_flow", "32", "0", "255", CFG_PARAM_INT, __OFF(max_packets_to_process), NULL },
+ { NULL, "flow.direction_detection", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(direction_detect_enabled), NULL },
+ { NULL, "flow.track_payload", "disable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(track_payload_enabled), NULL },
+ { NULL, "tcp_ack_payload_heuristic", "disable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tcp_ack_paylod_heuristic), NULL },
+ { NULL, "fully_encrypted_heuristic", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(fully_encrypted_heuristic), NULL },
+ { NULL, "libgcrypt.init", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(libgcrypt_init), NULL },
+ { NULL, "dpi.guess_on_giveup", "0x3", "0", "3", CFG_PARAM_INT, __OFF(guess_on_giveup), NULL },
- { NULL, "flow_risk_lists.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(flow_risk_lists_enabled)},
+ { NULL, "flow_risk_lists.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(flow_risk_lists_enabled), NULL },
- { NULL, "flow_risk.anonymous_subscriber.list.icloudprivaterelay.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_icloudprivaterelay_enabled)},
- { NULL, "flow_risk.anonymous_subscriber.list.protonvpn.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_protonvpn_enabled)},
- { NULL, "flow_risk.crawler_bot.list.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_crawler_bot_list_enabled)},
+ { NULL, "flow_risk.anonymous_subscriber.list.icloudprivaterelay.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_icloudprivaterelay_enabled), NULL },
+ { NULL, "flow_risk.anonymous_subscriber.list.protonvpn.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_protonvpn_enabled), NULL },
+ { NULL, "flow_risk.crawler_bot.list.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_crawler_bot_list_enabled), NULL },
- { NULL, "filename.config", NULL, NULL, NULL, CFG_PARAM_FILENAME_CONFIG, __OFF(filename_config) },
+ { NULL, "filename.config", NULL, NULL, NULL, CFG_PARAM_FILENAME_CONFIG, __OFF(filename_config), NULL },
- { NULL, "log.level", "0", "0", "3", CFG_PARAM_INT, __OFF(log_level) },
+ { NULL, "log.level", "0", "0", "3", CFG_PARAM_INT, __OFF(log_level), NULL },
/* LRU caches */
- { NULL, "lru.ookla.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_num_entries)},
- { NULL, "lru.ookla.ttl", "120", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_ttl)},
+ { NULL, "lru.ookla.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_num_entries), NULL },
+ { NULL, "lru.ookla.ttl", "120", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_ttl), NULL },
- { NULL, "lru.bittorrent.size", "32768", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_num_entries)},
- { NULL, "lru.bittorrent.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_ttl)},
+ { NULL, "lru.bittorrent.size", "32768", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_num_entries), NULL },
+ { NULL, "lru.bittorrent.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(bittorrent_cache_ttl), NULL },
- { NULL, "lru.zoom.size", "512", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_num_entries)},
- { NULL, "lru.zoom.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_ttl)},
+ { NULL, "lru.zoom.size", "512", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_num_entries), NULL },
+ { NULL, "lru.zoom.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(zoom_cache_ttl), NULL },
- { NULL, "lru.stun.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_num_entries)},
- { NULL, "lru.stun.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_ttl)},
+ { NULL, "lru.stun.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_num_entries), NULL },
+ { NULL, "lru.stun.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(stun_cache_ttl), NULL },
- { NULL, "lru.tls_cert.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_num_entries)},
- { NULL, "lru.tls_cert.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_ttl)},
+ { NULL, "lru.tls_cert.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_num_entries), NULL },
+ { NULL, "lru.tls_cert.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(tls_cert_cache_ttl), NULL },
- { NULL, "lru.mining.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_num_entries)},
- { NULL, "lru.mining.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_ttl)},
+ { NULL, "lru.mining.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_num_entries), NULL },
+ { NULL, "lru.mining.ttl", "0", "0", "16777215", CFG_PARAM_INT, __OFF(mining_cache_ttl), NULL },
- { NULL, "lru.msteams.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_num_entries)},
- { NULL, "lru.msteams.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_ttl)},
+ { NULL, "lru.msteams.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_num_entries), NULL },
+ { NULL, "lru.msteams.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(msteams_cache_ttl), NULL },
- { NULL, "lru.stun_zoom.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_num_entries)},
- { NULL, "lru.stun_zoom.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_ttl)},
+ { NULL, "lru.stun_zoom.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_num_entries), NULL },
+ { NULL, "lru.stun_zoom.ttl", "60", "0", "16777215", CFG_PARAM_INT, __OFF(stun_zoom_cache_ttl), NULL },
- { NULL, NULL, NULL, NULL, NULL, 0, -1 },
+ { NULL, NULL, NULL, NULL, NULL, 0, -1, NULL },
};
#undef __OFF
@@ -10866,6 +10868,7 @@ ndpi_cfg_error ndpi_set_config(struct ndpi_detection_module_struct *ndpi_str,
{
const struct cfg_param *c;
ndpi_cfg_error rc;
+ int ret;
if(!ndpi_str || !param || !value)
return NDPI_CFG_INVALID_CONTEXT;
@@ -10884,6 +10887,14 @@ ndpi_cfg_error ndpi_set_config(struct ndpi_detection_module_struct *ndpi_str,
rc = cfg_ops[c->type].fn_set(ndpi_str, (void *)((char *)&ndpi_str->cfg + c->offset),
value, c->min_value, c->max_value, proto);
+ if(rc == NDPI_CFG_OK && c->fn_callback) {
+ ret = c->fn_callback(ndpi_str, (void *)((char *)&ndpi_str->cfg + c->offset),
+ proto, param);
+ if(ret < 0)
+ rc = NDPI_CFG_CALLBACK_ERROR;
+ else
+ rc = ret;
+ }
return rc;
}
}
@@ -10898,7 +10909,7 @@ char *ndpi_get_config(struct ndpi_detection_module_struct *ndpi_str,
if(!ndpi_str || !param || !buf || buf_len <= 0)
return NULL;
- NDPI_LOG_ERR(ndpi_str, "Get [%s][%s]\n", proto, param);
+ NDPI_LOG_DBG(ndpi_str, "Get [%s][%s]\n", proto, param);
for(c = &cfg_params[0]; c && c->param; c++) {
if(((proto == NULL && c->proto == NULL) ||
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 03b845c30..5f224f2e2 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -3094,3 +3094,15 @@ int64_t ndpi_strtonum(const char *numstr, int64_t minval, int64_t maxval, const
*errstrp = NULL;
return val;
}
+
+/* ******************************************* */
+
+const char *ndpi_lru_cache_idx_to_name(lru_cache_type idx)
+{
+ const char *names[NDPI_LRUCACHE_MAX] = { "ookla", "bittorrent", "zoom", "stun",
+ "tls_cert", "mining", "msteams", "stun_zoom" };
+
+ if(idx < 0 || idx >= NDPI_LRUCACHE_MAX)
+ return NULL;
+ return names[idx];
+}