diff options
Diffstat (limited to 'src/lib/protocols')
| -rw-r--r-- | src/lib/protocols/bittorrent.c | 27 | ||||
| -rw-r--r-- | src/lib/protocols/mining.c | 8 | ||||
| -rw-r--r-- | src/lib/protocols/ookla.c | 10 | ||||
| -rw-r--r-- | src/lib/protocols/stun.c | 43 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 24 |
5 files changed, 58 insertions, 54 deletions
diff --git a/src/lib/protocols/bittorrent.c b/src/lib/protocols/bittorrent.c index 01d497492..d1c9dd323 100644 --- a/src/lib/protocols/bittorrent.c +++ b/src/lib/protocols/bittorrent.c @@ -144,20 +144,20 @@ static void ndpi_search_bittorrent_hash(struct ndpi_detection_module_struct *ndp /* *********************************************** */ -u_int32_t make_bittorrent_host_key(struct ndpi_flow_struct *flow, int client, int offset) { - u_int32_t key; +u_int64_t make_bittorrent_host_key(struct ndpi_flow_struct *flow, int client, int offset) { + u_int64_t key; /* network byte order */ if(flow->is_ipv6) { if(client) - key = ip_port_hash_funct(ndpi_quick_hash(flow->c_address.v6, 16), htons(ntohs(flow->c_port) + offset)); + key = (ndpi_quick_hash64((const char *)flow->c_address.v6, 16) << 16) | htons(ntohs(flow->c_port) + offset); else - key = ip_port_hash_funct(ndpi_quick_hash(flow->s_address.v6, 16), flow->s_port); + key = (ndpi_quick_hash64((const char *)flow->s_address.v6, 16) << 16) | flow->s_port; } else { if(client) - key = ip_port_hash_funct(flow->c_address.v4, htons(ntohs(flow->c_port) + offset)); + key = ((u_int64_t)flow->c_address.v4 << 32) | htons(ntohs(flow->c_port) + offset); else - key = ip_port_hash_funct(flow->s_address.v4, flow->s_port); + key = ((u_int64_t)flow->s_address.v4 << 32) | flow->s_port; } return key; @@ -165,14 +165,14 @@ u_int32_t make_bittorrent_host_key(struct ndpi_flow_struct *flow, int client, in /* *********************************************** */ -u_int32_t make_bittorrent_peers_key(struct ndpi_flow_struct *flow) { - u_int32_t key; +u_int64_t make_bittorrent_peers_key(struct ndpi_flow_struct *flow) { + u_int64_t key; /* network byte order */ if(flow->is_ipv6) - key = ndpi_quick_hash(flow->c_address.v6, 16) + ndpi_quick_hash(flow->s_address.v6, 16); + key = (ndpi_quick_hash64((const char *)flow->c_address.v6, 16) << 32) | (ndpi_quick_hash64((const char *)flow->s_address.v6, 16) & 0xFFFFFFFF); else - key = flow->c_address.v4 + flow->s_address.v4; + key = ((u_int64_t)flow->c_address.v4 << 32) | flow->s_address.v4; return key; } @@ -196,7 +196,7 @@ static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struc } if(ndpi_struct->bittorrent_cache) { - u_int32_t key, key1, key2, i; + u_int64_t key, key1, key2, i; key = make_bittorrent_peers_key(flow); key1 = make_bittorrent_host_key(flow, 1, 0), key2 = make_bittorrent_host_key(flow, 0, 0); @@ -218,7 +218,10 @@ static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struc } #ifdef BITTORRENT_CACHE_DEBUG - printf("[BitTorrent] [%s] *** ADDED ports %u / %u [%u][%u]\n", flow->l4_proto == IPPROTO_TCP ? "TCP" : "UDP", ntohs(flow->c_port), ntohs(flow->s_port), key1, key2); + printf("[BitTorrent] [%s] *** ADDED ports %u / %u [0x%llx][0x%llx]\n", + flow->l4_proto == IPPROTO_TCP ? "TCP" : "UDP", + ntohs(flow->c_port), ntohs(flow->s_port), + (long long unsigned int)key1, (long long unsigned int)key2); #endif } } diff --git a/src/lib/protocols/mining.c b/src/lib/protocols/mining.c index e6cdcf487..22d215927 100644 --- a/src/lib/protocols/mining.c +++ b/src/lib/protocols/mining.c @@ -28,14 +28,14 @@ /* ************************************************************************** */ -u_int32_t mining_make_lru_cache_key(struct ndpi_flow_struct *flow) { - u_int32_t key; +u_int64_t mining_make_lru_cache_key(struct ndpi_flow_struct *flow) { + u_int64_t key; /* network byte order */ if(flow->is_ipv6) - key = ndpi_quick_hash(flow->c_address.v6, 16) + ndpi_quick_hash(flow->s_address.v6, 16); + key = (ndpi_quick_hash64((const char *)flow->c_address.v6, 16) << 32) | (ndpi_quick_hash64((const char *)flow->s_address.v6, 16) & 0xFFFFFFFF); else - key = flow->c_address.v4 + flow->s_address.v4; + key = ((u_int64_t)flow->c_address.v4 << 32) | flow->s_address.v4; return key; } diff --git a/src/lib/protocols/ookla.c b/src/lib/protocols/ookla.c index b5391234b..c7aad161d 100644 --- a/src/lib/protocols/ookla.c +++ b/src/lib/protocols/ookla.c @@ -30,12 +30,12 @@ const u_int16_t ookla_port = 8080; /* ************************************************************* */ -static u_int32_t get_ookla_key(struct ndpi_flow_struct *flow) +static u_int64_t get_ookla_key(struct ndpi_flow_struct *flow) { if(flow->is_ipv6) - return ndpi_quick_hash(flow->c_address.v6, 16); + return ndpi_quick_hash64((const char *)flow->c_address.v6, 16); else - return ntohl(flow->c_address.v4); + return flow->c_address.v4; } /* ************************************************************* */ @@ -43,7 +43,7 @@ static u_int32_t get_ookla_key(struct ndpi_flow_struct *flow) int ookla_search_into_cache(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { - u_int32_t key; + u_int64_t key; u_int16_t dummy; if(ndpi_struct->ookla_cache) { @@ -69,7 +69,7 @@ int ookla_search_into_cache(struct ndpi_detection_module_struct *ndpi_struct, void ookla_add_to_cache(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { - u_int32_t key; + u_int64_t key; if(ndpi_struct->ookla_cache) { key = get_ookla_key(flow); diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index 9b6274753..31ec2168d 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -33,8 +33,8 @@ #define STUN_HDR_LEN 20 /* STUN message header length, Classic-STUN (RFC 3489) and STUN (RFC 8489) both */ -static u_int32_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev); -static u_int32_t get_stun_lru_key_raw4(u_int32_t ip, u_int16_t port); +static u_int64_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev); +static u_int64_t get_stun_lru_key_raw4(u_int32_t ip, u_int16_t port); static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int app_proto); @@ -46,7 +46,7 @@ static u_int16_t search_into_cache(struct ndpi_detection_module_struct *ndpi_str struct ndpi_flow_struct *flow) { u_int16_t proto; - u_int32_t key; + u_int64_t key; int rc; if(ndpi_struct->stun_cache) { @@ -55,7 +55,7 @@ static u_int16_t search_into_cache(struct ndpi_detection_module_struct *ndpi_str 0 /* Don't remove it as it can be used for other connections */, ndpi_get_current_time(flow)); #ifdef DEBUG_LRU - printf("[LRU] Searching %u\n", key); + printf("[LRU] Searching 0x%llx\n", (long long unsigned int)key); #endif if(!rc) { @@ -64,19 +64,19 @@ static u_int16_t search_into_cache(struct ndpi_detection_module_struct *ndpi_str 0 /* Don't remove it as it can be used for other connections */, ndpi_get_current_time(flow)); #ifdef DEBUG_LRU - printf("[LRU] Searching %u\n", key); + printf("[LRU] Searching 0x%llx\n", (long long unsigned int)key); #endif } if(rc) { #ifdef DEBUG_LRU - printf("[LRU] Cache FOUND %u / %u\n", key, proto); + printf("[LRU] Cache FOUND 0x%llx / %u\n", (long long unsigned int)key, proto); #endif return proto; } else { #ifdef DEBUG_LRU - printf("[LRU] NOT FOUND %u\n", key); + printf("[LRU] NOT FOUND 0x%llx\n", (long long unsigned int)key); #endif } } else { @@ -91,7 +91,7 @@ static void add_to_caches(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int16_t app_proto) { - u_int32_t key, key_rev; + u_int64_t key, key_rev; if(ndpi_struct->stun_cache && app_proto != NDPI_PROTOCOL_STUN && @@ -104,7 +104,8 @@ static void add_to_caches(struct ndpi_detection_module_struct *ndpi_struct, ndpi_lru_add_to_cache(ndpi_struct->stun_cache, key_rev, app_proto, ndpi_get_current_time(flow)); #ifdef DEBUG_LRU - printf("[LRU] ADDING %u 0x%x app %u [%u -> %u]\n", key, key_rev, app_proto, + printf("[LRU] ADDING 0x%llx 0x%llx app %u [%u -> %u]\n", + (long long unsigned int)key, (long long unsigned int)key_rev, app_proto, ntohs(flow->c_port), ntohs(flow->s_port)); #endif } @@ -118,7 +119,7 @@ static void add_to_caches(struct ndpi_detection_module_struct *ndpi_struct, 0 /* dummy */, ndpi_get_current_time(flow)); #ifdef DEBUG_ZOOM_LRU - printf("[LRU ZOOM] ADDING %u [src_port %u]\n", key, ntohs(flow->c_port)); + printf("[LRU ZOOM] ADDING 0x%llu [src_port %u]\n", (long long unsigned int)key, ntohs(flow->c_port)); #endif } } @@ -241,13 +242,13 @@ int is_stun(struct ndpi_detection_module_struct *ndpi_struct, if(1 /* TODO: enable/disable */ && ndpi_struct->stun_cache) { - u_int32_t key = get_stun_lru_key_raw4(ip, port); + u_int64_t key = get_stun_lru_key_raw4(ip, port); ndpi_lru_add_to_cache(ndpi_struct->stun_cache, key, flow->detected_protocol_stack[0], ndpi_get_current_time(flow)); #ifdef DEBUG_LRU - printf("[LRU] Add peer %u %d\n", key, flow->detected_protocol_stack[0]); + printf("[LRU] Add peer 0x%llx %d\n", (long long unsigned int)key, flow->detected_protocol_stack[0]); #endif } } @@ -514,24 +515,24 @@ static int stun_search_again(struct ndpi_detection_module_struct *ndpi_struct, /* ************************************************************ */ -static u_int32_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev) { +static u_int64_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev) { if(rev) { if(flow->is_ipv6) - return ndpi_quick_hash(flow->s_address.v6, 16) + ntohs(flow->s_port); + return (ndpi_quick_hash64((const char *)flow->s_address.v6, 16) << 16) | ntohs(flow->s_port); else - return ntohl(flow->s_address.v4) + ntohs(flow->s_port); + return ((u_int64_t)flow->s_address.v4 << 32) | flow->s_port; } else { if(flow->is_ipv6) - return ndpi_quick_hash(flow->c_address.v6, 16) + ntohs(flow->c_port); + return (ndpi_quick_hash64((const char *)flow->c_address.v6, 16) << 16) | ntohs(flow->c_port); else - return ntohl(flow->c_address.v4) + ntohs(flow->c_port); + return ((u_int64_t)flow->c_address.v4 << 32) | flow->c_port; } } /* ************************************************************ */ -static u_int32_t get_stun_lru_key_raw4(u_int32_t ip, u_int16_t port_host_order) { - return ntohl(ip) + port_host_order; +static u_int64_t get_stun_lru_key_raw4(u_int32_t ip, u_int16_t port_host_order) { + return ((u_int64_t)ip << 32) | htons(port_host_order); } /* ************************************************************ */ @@ -540,13 +541,13 @@ int stun_search_into_zoom_cache(struct ndpi_detection_module_struct *ndpi_struct struct ndpi_flow_struct *flow) { u_int16_t dummy; - u_int32_t key; + u_int64_t key; if(ndpi_struct->stun_zoom_cache && flow->l4_proto == IPPROTO_UDP) { key = get_stun_lru_key(flow, 0); /* Src */ #ifdef DEBUG_ZOOM_LRU - printf("[LRU ZOOM] Search %u [src_port %u]\n", key, ntohs(flow->c_port)); + printf("[LRU ZOOM] Search 0x%llx [src_port %u]\n", (long long unsigned int)key, ntohs(flow->c_port)); #endif if(ndpi_lru_find_cache(ndpi_struct->stun_zoom_cache, key, diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index d03860216..7e9552004 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -296,34 +296,34 @@ static int extractRDNSequence(struct ndpi_packet_struct *packet, /* **************************************** */ -static u_int32_t make_tls_cert_key(struct ndpi_packet_struct *packet, int is_from_client) +static u_int64_t make_tls_cert_key(struct ndpi_packet_struct *packet, int is_from_client) { - u_int32_t key; + u_int64_t key; /* Server ip/port */ if(packet->iphv6 == NULL) { if(packet->tcp) { if(is_from_client) - key = packet->iph->daddr + packet->tcp->dest; + key = ((u_int64_t)packet->iph->daddr << 32) | packet->tcp->dest; else - key = packet->iph->saddr + packet->tcp->source; + key = ((u_int64_t)packet->iph->saddr << 32) | packet->tcp->source; } else { if(is_from_client) - key = packet->iph->daddr + packet->udp->dest; + key = ((u_int64_t)packet->iph->daddr << 32) | packet->udp->dest; else - key = packet->iph->saddr + packet->udp->source; + key = ((u_int64_t)packet->iph->saddr << 32) | packet->udp->source; } } else { if(packet->tcp) { if(is_from_client) - key = ndpi_quick_hash((unsigned char *)&packet->iphv6->ip6_dst, 16) + packet->tcp->dest; + key = (ndpi_quick_hash64((const char *)&packet->iphv6->ip6_dst, 16) << 16) | packet->tcp->dest; else - key = ndpi_quick_hash((unsigned char *)&packet->iphv6->ip6_src, 16) + packet->tcp->source; + key = (ndpi_quick_hash64((const char *)&packet->iphv6->ip6_src, 16) << 16) | packet->tcp->source; } else { if(is_from_client) - key = ndpi_quick_hash((unsigned char *)&packet->iphv6->ip6_dst, 16) + packet->udp->dest; + key = (ndpi_quick_hash64((const char *)&packet->iphv6->ip6_dst, 16) << 16) | packet->udp->dest; else - key = ndpi_quick_hash((unsigned char *)&packet->iphv6->ip6_src, 16) + packet->udp->source; + key = (ndpi_quick_hash64((const char *)&packet->iphv6->ip6_src, 16) << 16) | packet->udp->source; } } @@ -342,7 +342,7 @@ static void checkTLSSubprotocol(struct ndpi_detection_module_struct *ndpi_struct if(ndpi_struct->tls_cert_cache) { u_int16_t cached_proto; - u_int32_t key; + u_int64_t key; key = make_tls_cert_key(packet, is_from_client); @@ -740,7 +740,7 @@ void processCertificateElements(struct ndpi_detection_module_struct *ndpi_struct ndpi_unset_risk(ndpi_struct, flow, NDPI_NUMERIC_IP_HOST); if(ndpi_struct->tls_cert_cache) { - u_int32_t key = make_tls_cert_key(packet, 0 /* from the server */); + u_int64_t key = make_tls_cert_key(packet, 0 /* from the server */); ndpi_lru_add_to_cache(ndpi_struct->tls_cert_cache, key, proto_id, ndpi_get_current_time(flow)); } |