From d72a760ac3895dd8a0bd3e55d4b51f9e22e04e6c Mon Sep 17 00:00:00 2001 From: Nardi Ivan Date: Tue, 9 Jan 2024 08:41:44 +0100 Subject: New API for library configuration This is the first step into providing (more) configuration options in nDPI. The idea is to have a simple way to configure (most of) nDPI: only one function (`ndpi_set_config()`) to set any configuration parameters (in the present or on in the future) and we try to keep this function prototype as agnostic as possible. You can configure the library: * via API, using `ndpi_set_config()` * via a configuration file, in a text format This way, anytime we need to add a new configuration parameter: * we don't need to add two public functions (a getter and a setter) * we don't break API/ABI compatibility of the library; even changing the parameter type (from integer to a list of integer, for example) doesn't break the compatibility. The complete list of configuration options is provided in `doc/configuration_parameters.md`. As a first example, two configuration knobs are provided: * the ability to enable/disable the extraction of the sha1 fingerprint of the TLS certificates. * the upper limit on the number of packets per flow that will be subject to inspection --- src/include/ndpi_api.h | 9 +++++++++ src/include/ndpi_define.h.in | 1 - src/include/ndpi_private.h | 17 +++++++++++++++-- src/include/ndpi_typedefs.h | 9 ++++++++- src/include/ndpi_win32.h | 4 ++++ 5 files changed, 36 insertions(+), 4 deletions(-) (limited to 'src/include') diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index 8bec8e3eb..3a5c7eccc 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -2246,6 +2246,15 @@ extern "C" { /* ******************************* */ + ndpi_cfg_error ndpi_set_config(struct ndpi_detection_module_struct *ndpi_str, + const char *proto, const char *param, const char *value); + char *ndpi_get_config(struct ndpi_detection_module_struct *ndpi_str, + const char *proto, const char *param, char *buf, int buf_len); + char *ndpi_dump_config(struct ndpi_detection_module_struct *ndpi_str, + FILE *fd); + + /* ******************************* */ + /* Can't call libc functions from kernel space, define some stub instead */ #define ndpi_isalpha(ch) (((ch) >= 'a' && (ch) <= 'z') || ((ch) >= 'A' && (ch) <= 'Z')) diff --git a/src/include/ndpi_define.h.in b/src/include/ndpi_define.h.in index 3a5585f12..3ec09ebdd 100644 --- a/src/include/ndpi_define.h.in +++ b/src/include/ndpi_define.h.in @@ -153,7 +153,6 @@ /* misc definitions */ #define NDPI_DEFAULT_MAX_TCP_RETRANSMISSION_WINDOW_SIZE 0x10000 -#define NDPI_DEFAULT_MAX_NUM_PKTS_PER_FLOW_TO_DISSECT 32 /* TODO: rebuild all memory areas to have a more aligned memory block here */ diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h index df3bfaf2c..d4ff2461f 100644 --- a/src/include/ndpi_private.h +++ b/src/include/ndpi_private.h @@ -144,13 +144,24 @@ typedef struct { } nbpf_filter; #endif +#define CFG_MAX_LEN 256 + +struct ndpi_detection_module_config_struct { + int max_packets_to_process; + + char filename_config[CFG_MAX_LEN]; + + /* Protocols */ + + int tls_sha1_fingerprint_enabled; +}; + struct ndpi_detection_module_struct { NDPI_PROTOCOL_BITMASK detection_bitmask; u_int64_t current_ts; - u_int16_t max_packets_to_process; u_int16_t num_tls_blocks_to_follow; - u_int8_t skip_tls_blocks_until_change_cipher:1, _notused:7; + u_int8_t skip_tls_blocks_until_change_cipher:1, finalized:1, _notused:6; u_int8_t tls_certificate_expire_in_x_days; void *user_data; @@ -226,6 +237,8 @@ struct ndpi_detection_module_struct { u_int8_t ip_version_limit; + struct ndpi_detection_module_config_struct cfg; + /* NDPI_PROTOCOL_TINC */ struct cache *tinc_cache; diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 792aea9ee..3ed4ee50c 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -234,6 +234,14 @@ typedef enum { ndpi_leaf } ndpi_VISIT; +typedef enum { + NDPI_CFG_INVALID_CONTEXT = -1, + NDPI_CFG_NOT_FOUND = -2, + NDPI_CFG_INVALID_PARAM = -3, + NDPI_CFG_CONTEXT_ALREADY_INITIALIZED = -4, + + NDPI_CFG_OK = 0, +} ndpi_cfg_error; /* NDPI_MASK_SIZE */ typedef u_int32_t ndpi_ndpi_mask; @@ -1065,7 +1073,6 @@ typedef enum { typedef enum { ndpi_pref_direction_detect_disable = 0, - ndpi_pref_max_packets_to_process, ndpi_pref_enable_tls_block_dissection, /* nDPI considers only those blocks past the certificate exchange */ } ndpi_detection_preference; diff --git a/src/include/ndpi_win32.h b/src/include/ndpi_win32.h index 2ad8602aa..c6b3290f6 100644 --- a/src/include/ndpi_win32.h +++ b/src/include/ndpi_win32.h @@ -59,6 +59,10 @@ #define strdup _strdup #endif +#ifndef F_OK +#define F_OK 0 +#endif + extern char* strsep(char **sp, char *sep); typedef unsigned char u_char; -- cgit v1.2.3