From 58a9e2d9679f268a64b9082dae70498147bb58a8 Mon Sep 17 00:00:00 2001 From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> Date: Tue, 7 Nov 2023 15:30:56 +0100 Subject: Remove `struct ndpi_packet_struct` from the public API (#2129) Right now, the only instance of `struct ndpi_packet_struct` is embedded into `struct ndpi_detection_module_struct`. Since the latter is a private structure (because of `NDPI_LIB_COMPILATION` ) there is no way for the application to get a pointer to `ndpi_struct->packet`. Bottom line: the application can't use any API functions having `struct ndpi_packet_struct *` as parameter. Remove them all (since they are completly unused and unusable). There are no public helper functions to initialize/populate/deinit a `struct ndpi_packet_struct` object, so the application can't neither create its own instance of this object. Protect `struct ndpi_packet_struct` via the same define `NDPI_LIB_COMPILATION`. --- src/lib/ndpi_main.c | 114 ++++++++-------------------------------------------- 1 file changed, 17 insertions(+), 97 deletions(-) (limited to 'src/lib/ndpi_main.c') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index a6eceee28..5cdaa9f2b 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -6294,6 +6294,22 @@ static int fully_enc_heuristic(struct ndpi_detection_module_struct *ndpi_str, /* ************************************************ */ +int ndpi_current_pkt_from_client_to_server(const struct ndpi_detection_module_struct *ndpi_str, + const struct ndpi_flow_struct *flow) +{ + return ndpi_str->packet.packet_direction == flow->client_packet_direction; +} + +/* ******************************************************************** */ + +int ndpi_current_pkt_from_server_to_client(const struct ndpi_detection_module_struct *ndpi_str, + const struct ndpi_flow_struct *flow) +{ + return ndpi_str->packet.packet_direction != flow->client_packet_direction; +} + +/* ******************************************************************** */ + static int tcp_ack_padding(struct ndpi_packet_struct *packet) { const struct ndpi_tcphdr *tcph = packet->tcp; if(tcph && tcph->ack && !tcph->psh && @@ -6497,7 +6513,7 @@ void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_str, } } - if(ndpi_current_pkt_from_client_to_server(packet, flow)) { + if(ndpi_current_pkt_from_client_to_server(ndpi_str, flow)) { if(flow->is_ipv6 == 0) { flow->c_address.v4 = packet->iph->saddr; flow->s_address.v4 = packet->iph->daddr; @@ -8738,86 +8754,6 @@ int NDPI_PROTOCOL_IP_is_set(const ndpi_ip_addr_t *ip) { /* ********************************************************************************* */ -/* check if the source ip address in packet and ip are equal */ -/* NTOP */ -int ndpi_packet_src_ip_eql(const struct ndpi_packet_struct *packet, const ndpi_ip_addr_t *ip) { - /* IPv6 */ - if(packet->iphv6 != NULL) { - if(packet->iphv6->ip6_src.u6_addr.u6_addr32[0] == ip->ipv6.u6_addr.u6_addr32[0] && - packet->iphv6->ip6_src.u6_addr.u6_addr32[1] == ip->ipv6.u6_addr.u6_addr32[1] && - packet->iphv6->ip6_src.u6_addr.u6_addr32[2] == ip->ipv6.u6_addr.u6_addr32[2] && - packet->iphv6->ip6_src.u6_addr.u6_addr32[3] == ip->ipv6.u6_addr.u6_addr32[3]) - return(1); - //else - return(0); - } - - /* IPv4 */ - if(packet->iph->saddr == ip->ipv4) - return(1); - return(0); -} - -/* ********************************************************************************* */ - -/* check if the destination ip address in packet and ip are equal */ -int ndpi_packet_dst_ip_eql(const struct ndpi_packet_struct *packet, const ndpi_ip_addr_t *ip) { - /* IPv6 */ - if(packet->iphv6 != NULL) { - if(packet->iphv6->ip6_dst.u6_addr.u6_addr32[0] == ip->ipv6.u6_addr.u6_addr32[0] && - packet->iphv6->ip6_dst.u6_addr.u6_addr32[1] == ip->ipv6.u6_addr.u6_addr32[1] && - packet->iphv6->ip6_dst.u6_addr.u6_addr32[2] == ip->ipv6.u6_addr.u6_addr32[2] && - packet->iphv6->ip6_dst.u6_addr.u6_addr32[3] == ip->ipv6.u6_addr.u6_addr32[3]) - return(1); - //else - return(0); - } - - /* IPv4 */ - if(packet->iph->saddr == ip->ipv4) - return(1); - - return(0); -} - -/* ********************************************************************************* */ - -/* get the source ip address from packet and put it into ip */ -/* NTOP */ -void ndpi_packet_src_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t *ip) { - NDPI_PROTOCOL_IP_clear(ip); - - /* IPv6 */ - if(packet->iphv6 != NULL) { - ip->ipv6.u6_addr.u6_addr32[0] = packet->iphv6->ip6_src.u6_addr.u6_addr32[0]; - ip->ipv6.u6_addr.u6_addr32[1] = packet->iphv6->ip6_src.u6_addr.u6_addr32[1]; - ip->ipv6.u6_addr.u6_addr32[2] = packet->iphv6->ip6_src.u6_addr.u6_addr32[2]; - ip->ipv6.u6_addr.u6_addr32[3] = packet->iphv6->ip6_src.u6_addr.u6_addr32[3]; - } else { - /* IPv4 */ - ip->ipv4 = packet->iph->saddr; - } -} - -/* ********************************************************************************* */ - -/* get the destination ip address from packet and put it into ip */ -/* NTOP */ -void ndpi_packet_dst_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t *ip) { - NDPI_PROTOCOL_IP_clear(ip); - - if(packet->iphv6 != NULL) { - ip->ipv6.u6_addr.u6_addr32[0] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[0]; - ip->ipv6.u6_addr.u6_addr32[1] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[1]; - ip->ipv6.u6_addr.u6_addr32[2] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[2]; - ip->ipv6.u6_addr.u6_addr32[3] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[3]; - - } else - ip->ipv4 = packet->iph->daddr; -} - -/* ********************************************************************************* */ - u_int8_t ndpi_is_ipv6(const ndpi_ip_addr_t *ip) { return(ip->ipv6.u6_addr.u6_addr32[1] != 0 || ip->ipv6.u6_addr.u6_addr32[2] != 0 || ip->ipv6.u6_addr.u6_addr32[3] != 0); @@ -10596,22 +10532,6 @@ char *ndpi_user_agent_set(struct ndpi_flow_struct *flow, /* ******************************************************************** */ -int ndpi_current_pkt_from_client_to_server(const struct ndpi_packet_struct *packet, - const struct ndpi_flow_struct *flow) -{ - return packet->packet_direction == flow->client_packet_direction; -} - -/* ******************************************************************** */ - -int ndpi_current_pkt_from_server_to_client(const struct ndpi_packet_struct *packet, - const struct ndpi_flow_struct *flow) -{ - return packet->packet_direction != flow->client_packet_direction; -} - -/* ******************************************************************** */ - int ndpi_seen_flow_beginning(const struct ndpi_flow_struct *flow) { if(flow->l4_proto == IPPROTO_TCP && -- cgit v1.2.3