diff options
Diffstat (limited to 'src/lib/protocols/rdp.c')
| -rw-r--r-- | src/lib/protocols/rdp.c | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/src/lib/protocols/rdp.c b/src/lib/protocols/rdp.c index e7683d16e..42a7ba6fe 100644 --- a/src/lib/protocols/rdp.c +++ b/src/lib/protocols/rdp.c @@ -2,7 +2,7 @@ * rdp.c * * Copyright (C) 2009-11 - ipoque GmbH - * Copyright (C) 2011-24 - ntop.org + * Copyright (C) 2011-25 - ntop.org * * This file is part of nDPI, an open source deep packet inspection * library based on the OpenDPI and PACE technology by ipoque GmbH @@ -91,7 +91,7 @@ static void ndpi_search_rdp(struct ndpi_detection_module_struct *ndpi_struct, if((rdp_requested_proto & 0x1) == 0x1) { /* RDP Response + Client Hello + Server hello */ flow->max_extra_packets_to_check = 5; - + flow->tls_quic.from_rdp = 1; flow->extra_packets_func = ndpi_search_tls_over_rdp; } } @@ -110,7 +110,7 @@ static void ndpi_search_rdp(struct ndpi_detection_module_struct *ndpi_struct, } } } - NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow); } else if(packet->udp != NULL) { u_int16_t s_port = ntohs(packet->udp->source); u_int16_t d_port = ntohs(packet->udp->dest); @@ -137,7 +137,7 @@ static void ndpi_search_rdp(struct ndpi_detection_module_struct *ndpi_struct, } } else { if(memcmp(flow->l4.udp.rdp_from_srv, packet->payload, 3) != 0) - NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow); else { flow->l4.udp.rdp_from_srv_pkts = 2 /* stage 2 */; @@ -163,7 +163,7 @@ static void ndpi_search_rdp(struct ndpi_detection_module_struct *ndpi_struct, } } else { if(memcmp(flow->l4.udp.rdp_to_srv, packet->payload, 3) != 0) - NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow); else { flow->l4.udp.rdp_to_srv_pkts = 2 /* stage 2 */; @@ -175,20 +175,16 @@ static void ndpi_search_rdp(struct ndpi_detection_module_struct *ndpi_struct, } } } else - NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow); } } /* **************************************** */ -void init_rdp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id) +void init_rdp_dissector(struct ndpi_detection_module_struct *ndpi_struct) { - ndpi_set_bitmask_protocol_detection("RDP", ndpi_struct, *id, - NDPI_PROTOCOL_RDP, - ndpi_search_rdp, - NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_OR_UDP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION, - SAVE_DETECTION_BITMASK_AS_UNKNOWN, - ADD_TO_DETECTION_BITMASK); - - *id += 1; + register_dissector("RDP", ndpi_struct, + ndpi_search_rdp, + NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_OR_UDP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION, + 1, NDPI_PROTOCOL_RDP); } |