aboutsummaryrefslogtreecommitdiff
path: root/src/lib/third_party/include
Commit message (Collapse)AuthorAge
* Add some fuzzers to test other data structures. (#1870)Ivan Nardi2023-01-25
| | | | | | | Start using a dictionary for fuzzing (see: https://llvm.org/docs/LibFuzzer.html#dictionaries). Remove some dead code. Fuzzing with debug enabled is not usually a great idea (from performance POV). Keep the code since it might be useful while debugging.
* Add some fuzzers to test algorithms and data structures (#1852)Ivan Nardi2023-01-17
| | | Fix some issues found with these new fuzzers
* Extend CodeQL configuration and fix two warnings (#1816)Ivan Nardi2022-12-02
| | | | | | | | | ``` Call to `memset` may be deleted Comparison of narrow type with wide type in loop condition ``` See https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-yang.pdf for the new portable function `secure_memzero`.
* Fix some warningsNardi Ivan2022-09-05
| | | | | | | | | | | | | | | | | | | | | Ubuntu-20.04, clang-16 (nightly build) ``` Making all in src/lib protocols/smpp.c:70:17: warning: variable 'pdu_c' set but not used [-Wunused-but-set-variable] u_int16_t pdu_c = 1; ^ 1 warning generated. third_party/src/ahocorasick.c:173:20: warning: implicit truncation from 'int' to a one-bit wide bit-field changes value from 1 to -1 [-Wsingle-bit-bitfield-constant-conversion] thiz->root->root = 1; ^ ~ third_party/src/ahocorasick.c:336:15: warning: implicit truncation from 'int' to a one-bit wide bit-field changes value from 1 to -1 [-Wsingle-bit-bitfield-constant-conversion] n->ff = 1; ^ ~ third_party/src/ahocorasick.c:716:21: warning: implicit truncation from 'int' to a one-bit wide bit-field changes value from 1 to -1 [-Wsingle-bit-bitfield-constant-conversion] node->final = 1; [...] ```
* Modified definition of hll_addLuca Deri2022-08-17
|
* Patricia tree, Ahocarasick automa, LRU cache: add statistics (#1683)Ivan Nardi2022-07-29
| | | | | | | | | | Add (basic) internal stats to the main data structures used by the library; they might be usefull to check how effective these structures are. Add an option to `ndpiReader` to dump them; enabled by default in the unit tests. This new option enables/disables dumping of "num dissectors calls" values, too (see b4cb14ec).
* Revert "Patricia tree, Ahocarasick automa, LRU cache: add statistics ↵Ivan Nardi2022-07-29
| | | | | (#1677)" (#1682) This reverts commit bb83899985c25097341b947c2c535f56254a075c.
* Patricia tree, Ahocarasick automa, LRU cache: add statistics (#1677)Ivan Nardi2022-07-29
| | | | | | | | Add (basic) internal stats to the main data structures used by the library; they might be usefull to check how effective these structures are. Add an option to `ndpiReader` to dump them; disabled by default to avoid too much fuss with the unit tests.
* ahocorasick: fix char/uchar bug (#1597)Ivan Nardi2022-07-20
| | | | Porting of https://github.com/vel21ripn/nDPI/commit/06e2967d0c26ab214683a2f5565f4012fd523537 Close #1506
* Replaced nDPI's internal hashmap with uthash. (#1602)Toni2022-06-17
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Fixed msys2 build warnings and re-activated CI Mingw64 build.fix/windows-msys2Toni Uhlig2022-04-14
| | | | | | | * Removed Visual Studio leftovers. Maintaining an autotools project with VS integration requires some additional overhead. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> Signed-off-by: lns <matzeton@googlemail.com>
* Fixed a bug for BE architectures (#1478)Vitaly Lavrov2022-03-05
| | | Fixed a bug in the internal implementation of libgcrypt for bigendian architectures
* Drop support for non-gcrypt builds. (#1469)Toni2022-03-02
| | | | | | | | * As there is now a builtin, lightweight libgcrypt there is no need to disable tls-clho decryption. * It is still possible to use a host libgcrypt with `--with-local-libgcrypt'. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Internal crypto: increase size of authentication buffer (#1468)Ivan Nardi2022-03-02
| | | | | | | Some QUIC flows are not properly decoded while using internal crypto code: the authentication buffer is too small. The new value (like the old one) is arbitrary. Close #1463
* Added lightweight implementation of libgcrypt. (#1444)Vitaly Lavrov2022-02-20
| | | | | | | | | | | | | | | | | | | | | Implementation borrowed from the https://github.com/ARMmbed/mbedtls.git project (v3.1.0) Speed testing (Xeon(R) CPU E3-1230 V2 @ 3.30GHz): gcrypt-gnu Test md 2897 ms enc 2777 ms dec 942 ms gcrypt-int Test md 3668 ms enc 1312 ms dec 2836 ms gcrypt-int-noaesni Test md 3652 ms enc 1916 ms dec 4458 ms gcrypt-gnu-nonopt Test md 3763 ms enc 4978 ms dec 3999 ms gcrypt-gnu-nonopt - libgcrypt compiled without hardware acceleration --disable-padlock-support --disable-aesni-support \ --disable-shaext-support --disable-pclmul-support \ --disable-sse41-support --disable-drng-support \ --disable-avx-support --disable-avx2-support \ --disable-neon-support --disable-arm-crypto-support \ --disable-ppc-crypto-support --disable-amd64-as-feature-detection
* Reworked bitmap codeLuca Deri2021-09-27
|
* Added API for handling compressed bitmapsLuca Deri2021-09-26
| | | | | | | | | | | | | | ndpi_bitmap* ndpi_bitmap_alloc(); void ndpi_bitmap_free(ndpi_bitmap* b); u_int64_t ndpi_bitmap_cardinality(ndpi_bitmap* b); void ndpi_bitmap_set(ndpi_bitmap* b, u_int32_t value); void ndpi_bitmap_unset(ndpi_bitmap* b, u_int32_t value); bool ndpi_bitmap_isset(ndpi_bitmap* b, u_int32_t value); void ndpi_bitmap_clear(ndpi_bitmap* b); size_t ndpi_bitmap_serialize(ndpi_bitmap* b, char **buf); ndpi_bitmap* ndpi_bitmap_deserialize(char *buf); based on https://github.com/RoaringBitmap/CRoaring
* Win fixLuca Deri2021-08-03
|
* Implementation of flow risk eception (work in progress)Luca Deri2021-07-22
|
* ahoсorasick. Code review. Part 2. (#1236)Vitaly Lavrov2021-07-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Simplified the process of adding lines to AC_AUTOMATA_t. Use the ndpi_string_to_automa() function to add patterns with domain names. For other cases can use ndpi_add_string_value_to_automa(). ac_automata_feature(ac_automa, AC_FEATURE_LC) allows adding and compare data in a case insensitive manner. For mandatory pattern comparison from the end of the line, the "ac_pattern.rep.at_end=1" flag is used. This eliminated unnecessary conversions to lowercase and adding "$" for end-of-line matching in domain name patterns. ac_match_handler() has been renamed ac_domain_match_handler() and has been greatly simplified. ac_domain_match_handler() looks for the template with the highest domain level. For special cases it is possible to manually specify the domain level. Added test for checking ambiguous domain names like: - short.weixin.qq.com is QQ, not Wechat - instagram.faae1-1.fna.fbcdn.net is Instagram, not Facebook If you specify a NULL handler when creating the AC_AUTOMATA_t structure, then a pattern with the maximum length that satisfies the search conditions will be found (exact match, from the beginning of the string, from the end of the string, or a substring). Added debugging for ac_automata_search. To do this, you need to enable debugging globally using ac_automata_enable_debug(1) and enable debugging in the AC_AUTOMATA_t structure using ac_automata_name("name", AC_FEATURE_DEBUG). The search will display "name" and a list of matching patterns. Running "AHO_DEBUG=1 ndpiReader ..." will show the lines that were searched for templates and which templates were found. The ac_automata_dump() prototype has been changed. Now it outputs data to a file. If it is specified as NULL, then the output will be directed to stdout. If you need to get data as a string, then use open_memstream(). Added the ability to run individual tests via the do.sh script
* Removed ht_hash as it is not used anymore. (#1220)Toni2021-06-29
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Win changesLuca Deri2021-06-08
|
* New version of the ahocorasick library (#1200)Vitaly Lavrov2021-06-07
| | | | | | | | | | | | | | | | The new version is about 25% faster with -O2 and 45% faster with -O3. No recursion is used (smaller stack size required). Uses less memory (by valgrind info) bigram: - original 1796 allocs, 247864 bytes allocated - new 1232 allocs, 158880 bytes allocated host_match: - original 18038 allocs, 3004576 bytes allocated - new 6861 allocs, 396624 bytes allocated The function ac_automata_search() is thread safe. Optional case-insensitive comparison. Matching at the beginning and at the end of the string is supported. One code file and one header file.
* Reworked ndpi patricia includes to avoid compilation issues on some platformsLuca Deri2021-03-31
|
* Add support for MAC to Patricia tree. Expose full API to applications. Add ↵Alfredo Cardigliano2021-02-23
| | | | utility functions.
* Code cleanup: third party uthash is at the right placeLuca Deri2021-01-20
|
* Split ptree user data in 32 and 64 bit entriesLuca Deri2020-12-30
|
* Values stored in patricia tree are now 32 bit (they used to be 16 bit) longLuca Deri2020-06-26
|
* Added HyperLogLog cardinality estimator API callsLuca Deri2020-06-10
| | | | | | | | | | | | | /* Memory lifecycle */ int ndpi_hll_init(struct ndpi_hll *hll, u_int8_t bits); void ndpi_hll_destroy(struct ndpi_hll *hll); /* Add values */ void ndpi_hll_add(struct ndpi_hll *hll, const char *data, size_t data_len); void ndpi_hll_add_number(struct ndpi_hll *hll, u_int32_t value) ; /* Get cardinality estimation */ double ndpi_hll_count(struct ndpi_hll *hll);
* Win fixesLuca Deri2020-06-08
|
* API cleanup for indetifying explicitly in automa's what we're searching ↵Luca Deri2020-05-06
| | | | | | (protocol or category) Removed hyperscan support that is apperently unused
* Updated automa API to use 32 bit values splits from protocol/categpryLuca Deri2020-05-06
|
* Introduced custom protocols with IP and (optional) port supportLuca Deri2020-05-06
| | | | | | | | | | | | | | | | Example - Single IP address ip:213.75.170.11@CustomProtocol - IP address with CIDR ip:213.75.170.11/32@CustomProtocol - IP address with CIDR and port ip:213.75.170.11/32:443@CustomProtocol Please note that there are some restrictions on the port usage. They have been listed in example/protos.txt
* Various fixes to patricia tree handlingLuca Deri2020-05-06
|
* False positive fixesLuca Deri2020-05-06
|
* Reworked protocol handling chnging it is u_int16_tLuca Deri2020-05-06
|
* FIXED - nDPI now detect RCE injections via PCRE instead Intel HyperscanMrTiz92020-02-01
|
* nDPI now detect RCE injections via PCRE instead Intel Hyperscan - BUGGY, ↵MrTiz92020-01-30
| | | | DOES NOT COMPILE
* nDPI now detect RCE in HTTP GET requestsMrTiz92020-01-24
|
* Integration of the libinjection library to detect SQL injections and XSS ↵MrTiz92019-12-05
| | | | type attacks in HTTP requests
* Added ndpi_finalize_initalization() initialization functionLuca2019-11-07
|
* Fix double free after b19bfa1e207a8d4972bfc701fde5d5c014f95383emanuele-f2019-10-02
|
* Fixes leaks in ndpi_add_host_url_subprotocolemanuele-f2019-10-02
| | | | | It is now possible to deallocate strings in ac_automata_release via an additional parameter
* TLS cerficate hash calculationLuca Deri2019-09-14
|
* Implemented HASSH (https://github.com/salesforce/hassh)Luca Deri2019-08-22
|
* Removed this party LRU and replaced with home grownLuca Deri2019-01-17
|
* Added Ookla cacheLuca Deri2018-12-17
|
* Renamed files to avoid name clashes during compilation with other libsLuca Deri2018-09-29
|
* Renamed source files to avoid clashesLuca Deri2018-09-29
|
* ADD: add prototype of function ht_free in hash.h - DEL: delete include file ↵Campus2018-08-23
| | | | .c in ndpi_main.c
Powered by cgit, Themed by Ted Yin.