From 71f91b5183f9a2735add7e1f0ec86f41f0b06845 Mon Sep 17 00:00:00 2001 From: lns Date: Fri, 27 May 2022 22:09:58 +0200 Subject: Provide a generic reassembler interface. * Shall be used for stream based protocols e.g. Kerberos, QUIC, etc. Signed-off-by: lns Signed-off-by: Toni Uhlig --- src/include/ndpi_api.h.in | 15 +++++++++++++++ src/include/ndpi_typedefs.h | 25 ++++++++++--------------- 2 files changed, 25 insertions(+), 15 deletions(-) (limited to 'src/include') diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in index 9064ac627..a9c39313c 100644 --- a/src/include/ndpi_api.h.in +++ b/src/include/ndpi_api.h.in @@ -1823,6 +1823,21 @@ extern "C" { char *out, u_int out_len, u_int8_t use_json); + /* ******************************* */ + + void ndpi_reassemble_set_buffer_len(struct ndpi_reasm * const reasm, + u_int64_t buffer_len); + int ndpi_reassemble(struct ndpi_reasm * const reasm, uint8_t const * const frag, + uint64_t frag_len, uint64_t frag_offset); + int ndpi_reassemble_payload(struct ndpi_reasm * const reasm, + struct ndpi_packet_struct * packet); + void ndpi_reassemble_swap_payload(struct ndpi_packet_struct * packet, + struct ndpi_reasm const * reasm, + u_int8_t const ** const original_payload, + u_int16_t * original_payload_packet_len); + int ndpi_reassemble_in_progress(struct ndpi_reasm * const reasm); + int ndpi_reassemble_is_complete(struct ndpi_reasm * const reasm); + #ifdef __cplusplus } #endif diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index efea443d6..ee4eabbc2 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -647,6 +647,14 @@ struct ndpi_lru_cache { struct ndpi_lru_cache_entry *entries; }; +struct ndpi_reasm { + u_int8_t *buf; + u_int8_t *buf_bitmap; + u_int32_t buf_last_pos; + u_int32_t buf_req; + u_int32_t buf_len; +}; + /* ************************************************** */ struct ndpi_flow_tcp_struct { @@ -808,11 +816,6 @@ struct ndpi_flow_udp_struct { u_int8_t wireguard_stage; u_int32_t wireguard_peer_index[2]; - /* NDPI_PROTOCOL_QUIC */ - u_int8_t *quic_reasm_buf; - u_int8_t *quic_reasm_buf_bitmap; - u_int32_t quic_reasm_buf_last_pos; - /* NDPI_PROTOCOL_CSGO */ u_int8_t csgo_strid[18],csgo_state,csgo_s2; u_int32_t csgo_id2; @@ -1293,6 +1296,8 @@ struct ndpi_flow_struct { struct ndpi_flow_udp_struct udp; } l4; + struct ndpi_reasm reassemble; + /* Some protocols calculate the entropy. */ float entropy; @@ -1330,16 +1335,6 @@ struct ndpi_flow_struct { char *nat_ip; /* Via HTTP X-Forwarded-For */ } http; - /* - Put outside of the union to avoid issues in case the protocol - is remapped to somethign pther than Kerberos due to a faulty - dissector - */ - struct { - char *pktbuf; - u_int16_t pktbuf_maxlen, pktbuf_currlen; - } kerberos_buf; - struct { u_int8_t num_udp_pkts, num_binding_requests; u_int16_t num_processed_pkts; -- cgit v1.2.3