diff options
| -rw-r--r-- | src/include/ndpi_api.h.in | 3 | ||||
| -rw-r--r-- | src/lib/ndpi_utils.c | 28 | ||||
| -rw-r--r-- | src/lib/protocols/http.c | 28 |
3 files changed, 33 insertions, 26 deletions
diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in index aac75f02c..c99a02024 100644 --- a/src/include/ndpi_api.h.in +++ b/src/include/ndpi_api.h.in @@ -928,6 +928,9 @@ extern "C" { ndpi_serializer *serializer); void ndpi_md5(const u_char *data, size_t data_len, u_char hash[16]); + + const char* ndpi_http_method2str(ndpi_http_method m); + ndpi_http_method ndpi_http_str2method(const char* method); /* ptree (trie) API */ ndpi_ptree_t* ndpi_ptree_create(void); diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index 24ceae440..72653bb69 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -1550,7 +1550,7 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) { const char* ndpi_http_method2str(ndpi_http_method m) { switch(m) { - // case NDPI_HTTP_METHOD_UNKNOWN: return("Unknown"); + case NDPI_HTTP_METHOD_UNKNOWN: break; case NDPI_HTTP_METHOD_OPTIONS: return("OPTIONS"); case NDPI_HTTP_METHOD_GET: return("GET"); case NDPI_HTTP_METHOD_HEAD: return("HEAD"); @@ -1559,8 +1559,32 @@ const char* ndpi_http_method2str(ndpi_http_method m) { case NDPI_HTTP_METHOD_PUT: return("PUT"); case NDPI_HTTP_METHOD_DELETE: return("DELETE"); case NDPI_HTTP_METHOD_TRACE: return("TRACE"); - case NDPI_HTTP_METHOD_CONNECT: return("CONNECT"); + case NDPI_HTTP_METHOD_CONNECT: return("CONNECT"); } return("Unknown HTTP method"); } + +/* ******************************************************************** */ + +ndpi_http_method ndpi_http_str2method(const char* method) { + switch(method[0]) { + case 'O': return(NDPI_HTTP_METHOD_OPTIONS); + case 'G': return(NDPI_HTTP_METHOD_GET); + case 'H': return(NDPI_HTTP_METHOD_HEAD); + + case 'P': + switch(method[1]) { + case 'A':return(NDPI_HTTP_METHOD_PATCH); + case 'O':return(NDPI_HTTP_METHOD_POST); + case 'U':return(NDPI_HTTP_METHOD_PUT); + } + break; + + case 'D': return(NDPI_HTTP_METHOD_DELETE); + case 'T': return(NDPI_HTTP_METHOD_TRACE); + case 'C': return(NDPI_HTTP_METHOD_CONNECT); + } + + return(NDPI_HTTP_METHOD_UNKNOWN); +} diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c index eb64265ee..d190e1e9b 100644 --- a/src/lib/protocols/http.c +++ b/src/lib/protocols/http.c @@ -265,7 +265,7 @@ static void ndpi_check_user_agent(struct ndpi_detection_module_struct *ndpi_stru // printf("***** [%s:%d] ==> '%s'\n", __FILE__, __LINE__, ua); // printf("***** %u\n", ndpi_check_dga_name(ndpi_struct, NULL, "uclient-fetch]")); - + if((strlen(ua) < 4) || (!strncmp(ua, "test", 4)) || (!strncmp(ua, "<?", 2)) @@ -339,28 +339,8 @@ static void check_content_type_and_change_protocol(struct ndpi_detection_module_ if(flow->packet.http_method.len < 3) flow->http.method = NDPI_HTTP_METHOD_UNKNOWN; - else { - switch(flow->packet.http_method.ptr[0]) { - case 'O': flow->http.method = NDPI_HTTP_METHOD_OPTIONS; break; - case 'G': flow->http.method = NDPI_HTTP_METHOD_GET; break; - case 'H': flow->http.method = NDPI_HTTP_METHOD_HEAD; break; - - case 'P': - switch(flow->packet.http_method.ptr[1]) { - case 'A': flow->http.method = NDPI_HTTP_METHOD_PATCH; break; - case 'O': flow->http.method = NDPI_HTTP_METHOD_POST; break; - case 'U': flow->http.method = NDPI_HTTP_METHOD_PUT; break; - } - break; - - case 'D': flow->http.method = NDPI_HTTP_METHOD_DELETE; break; - case 'T': flow->http.method = NDPI_HTTP_METHOD_TRACE; break; - case 'C': flow->http.method = NDPI_HTTP_METHOD_CONNECT; break; - default: - flow->http.method = NDPI_HTTP_METHOD_UNKNOWN; - break; - } - } + else + flow->http.method = ndpi_http_str2method((const char*)flow->packet.http_method.ptr); } if(packet->user_agent_line.ptr != NULL && packet->user_agent_line.len != 0) { @@ -613,7 +593,7 @@ static u_int16_t http_request_url_offset(struct ndpi_detection_module_struct *nd /* Check first char */ if(!packet->payload_packet_len || !strchr(http_fs,packet->payload[0])) return 0; - + /** FIRST PAYLOAD PACKET FROM CLIENT **/ |