6 files changed, 60 insertions, 28 deletions

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 932f5c49a..6dde946ef 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,40 @@
 # CHANGELOG
 
+#### nDPI 2.2.2 (April 2018)
+
+## Main New Features
+
+* Hyperscan support
+* `ndpi_get_api_version` API call to be used in applications that are dynamically linking with nDPI
+* `--enable-debug-messages` to enable debug information output
+* Increased number of protocols to 512
+
+## New Supported Protocols and Services
+
+* GoogleDocs
+* GoogleServices
+* AmazonVideo
+* ApplePush
+* Diameter
+* GooglePlus
+* WhatsApp file exchage
+
+## Improvements
+
+* WhatsApp detection
+* Amazon detection
+* Improved Google Drive
+* Improved Spotify support
+* Improved SNI matching when using office365
+* Improved HostShield VPN
+
+## Fixes
+
+* Fixed invalid RTP/Skype detection
+* Fixed possible out-of-bounds due to malformed DHCP packets
+* Fixed buffer overflow in function `ndpi_debug_printf`
+
+------------------------------------------------------------------------
 
 #### nDPI 2.2 (December 2017)
 
diff --git a/libndpi.sym b/libndpi.sym
index 07442982c..d00161162 100644
--- a/libndpi.sym
+++ b/libndpi.sym
@@ -15,6 +15,7 @@ ndpi_tdestroy
 ndpi_exit_detection_module
 ndpi_l4_detection_process_packet
 ndpi_detection_process_packet
+ndpi_process_extra_packet
 ndpi_twalk
 ndpi_tdelete
 ndpi_revision
@@ -63,4 +64,4 @@ ndpi_is_subprotocol_informative
 ndpi_set_proto_category
 ndpi_get_api_version
 ndpi_network_ptree_match
-ndpi_check_flow_func
\ No newline at end of file
+ndpi_check_flow_func
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index 8740d372b..f92e580c3 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -86,7 +86,10 @@
 #define NDPI_CONTENT_MMS                    46
 #define NDPI_PROTOCOL_XBOX                  47
 #define NDPI_PROTOCOL_QQ                    48
-#define NDPI_PROTOCOL_MOVE                  49
+
+/* Free to use */
+#define NDPI_PROTOCOL_FREE_A                49
+
 #define NDPI_PROTOCOL_RTSP                  50
 #define NDPI_PROTOCOL_MAIL_IMAPS            51
 #define NDPI_PROTOCOL_ICECAST               52
@@ -169,14 +172,17 @@
 #define NDPI_PROTOCOL_SFLOW                 129
 #define NDPI_PROTOCOL_HTTP_CONNECT          130
 #define NDPI_PROTOCOL_HTTP_PROXY            131
-#define NDPI_PROTOCOL_CITRIX                132
+#define NDPI_PROTOCOL_CITRIX                132 /* It includes also the old NDPI_PROTOCOL_CITRIX_ONLINE */
 #define NDPI_PROTOCOL_NETFLIX               133
 #define NDPI_PROTOCOL_LASTFM                134
 #define NDPI_PROTOCOL_WAZE                  135
 #define NDPI_PROTOCOL_YOUTUBE_UPLOAD        136 /* Upload files to youtube */
 #define NDPI_PROTOCOL_ICQ                   137
 #define NDPI_PROTOCOL_CHECKMK               138
-#define NDPI_PROTOCOL_CITRIX_ONLINE         139
+
+/* Free to use */
+#define NDPI_PROTOCOL_FREE_B                139
+
 #define NDPI_PROTOCOL_APPLE                 140
 #define NDPI_PROTOCOL_WEBEX                 141
 #define NDPI_PROTOCOL_WHATSAPP              142
diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc
index c6a3c5c0e..fa62dec25 100644
--- a/src/lib/ndpi_content_match.c.inc
+++ b/src/lib/ndpi_content_match.c.inc
@@ -613,8 +613,8 @@ static ndpi_network host_protocol_list[] = {
     Citrix GotoMeeting (AS16815, AS21866)
   */
 
-  { 0xD873D000 /* 216.115.208.0 */, 20, NDPI_PROTOCOL_CITRIX_ONLINE },
-  { 0xD8DB7000 /* 216.219.112.0 */, 20, NDPI_PROTOCOL_CITRIX_ONLINE },
+  { 0xD873D000 /* 216.115.208.0 */, 20, NDPI_PROTOCOL_CITRIX },
+  { 0xD8DB7000 /* 216.219.112.0 */, 20, NDPI_PROTOCOL_CITRIX },
 
   /*
     Cisco Webex LLC
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 0e861da9f..a8af223d8 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -1116,11 +1116,6 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			    no_master, "QQ", NDPI_PROTOCOL_CATEGORY_CHAT,
 			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
 			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
-    ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_MOVE,
-			    no_master,
-			    no_master, "Move", NDPI_PROTOCOL_CATEGORY_WEB,
-			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
-			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
     ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_RTSP,
 			    no_master,
 			    no_master, "RTSP", NDPI_PROTOCOL_CATEGORY_MEDIA,
@@ -1497,11 +1492,6 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			    no_master, "Citrix", NDPI_PROTOCOL_CATEGORY_NETWORK,
 			    ndpi_build_default_ports(ports_a, 1494, 2598, 0, 0, 0) /* TCP */,
 			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
-    ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_CITRIX_ONLINE,
-			    no_master,
-			    no_master, "Citrix_Online", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS,
-			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
-			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
     ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_WEBEX,
 			    no_master,
 			    no_master, "Webex", NDPI_PROTOCOL_CATEGORY_COLLABORATIVE,
@@ -1804,6 +1794,18 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
 			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
 
+    /* To remove */
+    ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_FREE_A,
+			    no_master,
+			    no_master, "PlaceholderA", NDPI_PROTOCOL_CATEGORY_UNSPECIFIED,
+			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
+			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
+    ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_FREE_B,
+			    no_master,
+			    no_master, "PlaceholderB", NDPI_PROTOCOL_CATEGORY_UNSPECIFIED,
+			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
+			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
+
     /* calling function for host and content matched protocols */
     init_string_based_protocols(ndpi_mod);
 
diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c
index 187f2a84a..ed8d0cd13 100644
--- a/src/lib/protocols/http.c
+++ b/src/lib/protocols/http.c
@@ -541,9 +541,6 @@ static void http_bitmask_exclude_other(struct ndpi_flow_struct *flow)
 #ifdef NDPI_CONTENT_OGG
   NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_CONTENT_OGG);
 #endif
-#ifdef NDPI_PROTOCOL_MOVE
-  NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_MOVE);
-#endif
 #ifdef NDPI_PROTOCOL_XBOX
   NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_XBOX);
 #endif
@@ -1037,15 +1034,6 @@ void init_http_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int
 				      ADD_TO_DETECTION_BITMASK);
   *id += 1;
 #endif
-#ifdef NDPI_PROTOCOL_MOVE
-  ndpi_set_bitmask_protocol_detection("Move", ndpi_struct, detection_bitmask, *id,
-				      NDPI_PROTOCOL_MOVE,
-				      ndpi_search_http_tcp,
-				      NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_WITH_PAYLOAD,
-				      NO_SAVE_DETECTION_BITMASK_AS_UNKNOWN,
-				      ADD_TO_DETECTION_BITMASK);
-  *id += 1;
-#endif
 
   /* Update excluded protocol bitmask */
   NDPI_BITMASK_SET(ndpi_struct->callback_buffer[a].excluded_protocol_bitmask,