bump libnDPI to 4543385d107fcc5a7e8632e35d9a60bcc40cb4f4

* incorporated API changes from nDPI Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2024-02-06 10:34:26 +0100
committer: Toni Uhlig <matzeton@googlemail.com> 2024-02-06 10:34:52 +0100
commit: feb2583ef680281c827df75e3c3f6d4b97be8d8f (patch)
tree: df3f88da74327f058527e70d2ef39a0b5f47a13c /nDPId.c
parent: 7368f222dbddebab4cb36d7585cb152721bdd024 (diff)
1 files changed, 47 insertions, 12 deletions
diff --git a/nDPId.c b/nDPId.c
index 459ed03f2..e5f74c771 100644
--- a/nDPId.c
+++ b/nDPId.c
@@ -54,8 +54,10 @@
 #define DLT_DSA_TAG_EDSA 285
 #endif
 
-#if ((NDPI_MAJOR == 4 && NDPI_MINOR < 8) || NDPI_MAJOR < 4) && NDPI_API_VERSION < 9000
-#error "nDPI >= 4.8.0 or API version >= 9000 required"
+#define NDPI_VERSION_CHECK ((NDPI_MAJOR == 5 && NDPI_MINOR < 0) || NDPI_MAJOR < 5)
+
+#if NDPI_VERSION_CHECK && NDPI_API_VERSION < 10172
+#error "nDPI >= 5.0.0 or API version >= 10172 required"
 #endif
 
 #if nDPId_MAX_READER_THREADS <= 0
@@ -1259,6 +1261,41 @@ static void ndpi_debug_printf(unsigned int proto,
            buf);
 }
 
+static char const * cfg_err2str(ndpi_cfg_error err)
+{
+    switch (err)
+    {
+        case NDPI_CFG_INVALID_CONTEXT:
+            return "Invalid context";
+        case NDPI_CFG_NOT_FOUND:
+            return "Not found";
+        case NDPI_CFG_INVALID_PARAM:
+            return "Invalid parameter";
+        case NDPI_CFG_CONTEXT_ALREADY_INITIALIZED:
+            return "Context already initialized";
+        case NDPI_CFG_CALLBACK_ERROR:
+            return "Callback error";
+        case NDPI_CFG_OK:
+            return "Success";
+    }
+
+    return "Unknown error";
+}
+
+static int cfg_set_u64(struct nDPId_workflow * const workflow, char const * const proto, char const * const param, uint64_t const value)
+{
+    ndpi_cfg_error cfg_err;
+
+    cfg_err = ndpi_set_config_u64(workflow->ndpi_struct, proto, param, value);
+    if (cfg_err != NDPI_CFG_OK)
+    {
+        logger_early(1, "Could not set nDPI configuration (numeric value): %s", cfg_err2str(cfg_err));
+        return 1;
+    }
+
+    return 0;
+}
+
 static struct nDPId_workflow * init_workflow(char const * const file_or_device)
 {
     char pcap_error_buffer[PCAP_ERRBUF_SIZE];
@@ -1328,8 +1365,7 @@ static struct nDPId_workflow * init_workflow(char const * const file_or_device)
         pcap_freecode(&fp);
     }
 
-    ndpi_init_prefs init_prefs = ndpi_no_prefs;
-    workflow->ndpi_struct = ndpi_init_detection_module(init_prefs);
+    workflow->ndpi_struct = ndpi_init_detection_module(NULL);
     if (workflow->ndpi_struct == NULL)
     {
         logger_early(1, "%s", "BUG: Could not init ndpi detection module");
@@ -1339,7 +1375,11 @@ static struct nDPId_workflow * init_workflow(char const * const file_or_device)
 
     ndpi_set_user_data(workflow->ndpi_struct, workflow);
     set_ndpi_debug_function(workflow->ndpi_struct, ndpi_debug_printf);
-    ndpi_set_log_level(workflow->ndpi_struct, NDPI_LOG_DEBUG_EXTRA);
+
+    cfg_set_u64(workflow, NULL, "log.level", 3);
+    cfg_set_u64(workflow, NULL, "packets_limit_per_flow", nDPId_options.max_packets_per_flow_to_process);
+    cfg_set_u64(workflow, "tls", "application_blocks_tracking", 1);
+    cfg_set_u64(workflow, "tls", "certificate_expiration_threshold", 5);
 
     workflow->total_skipped_flows = 0;
     workflow->total_active_flows = 0;
@@ -1387,11 +1427,6 @@ static struct nDPId_workflow * init_workflow(char const * const file_or_device)
     }
     ndpi_finalize_initialization(workflow->ndpi_struct);
 
-    ndpi_set_detection_preferences(workflow->ndpi_struct, ndpi_pref_enable_tls_block_dissection, 1);
-    ndpi_set_detection_preferences(workflow->ndpi_struct,
-                                   ndpi_pref_max_packets_to_process,
-                                   nDPId_options.max_packets_per_flow_to_process);
-
     if (ndpi_init_serializer_ll(&workflow->ndpi_serializer, ndpi_serialization_format_json, NETWORK_BUFFER_MAX_SIZE) !=
         0)
     {
@@ -1898,7 +1933,7 @@ static void process_idle_flow(struct nDPId_reader_thread * const reader_thread,
                                                   flow->info.detection_data->guessed_l7_protocol) == 0)
                     {
                         flow->info.detection_data->guessed_l7_protocol = ndpi_detection_giveup(
-                            workflow->ndpi_struct, &flow->info.detection_data->flow, 1, &protocol_was_guessed);
+                            workflow->ndpi_struct, &flow->info.detection_data->flow, &protocol_was_guessed);
                     }
                     else
                     {
@@ -4271,7 +4306,7 @@ static void ndpi_process_packet(uint8_t * const args,
         /* last chance to guess something, better then nothing */
         uint8_t protocol_was_guessed = 0;
         flow_to_process->info.detection_data->guessed_l7_protocol = ndpi_detection_giveup(
-            workflow->ndpi_struct, &flow_to_process->info.detection_data->flow, 1, &protocol_was_guessed);
+            workflow->ndpi_struct, &flow_to_process->info.detection_data->flow, &protocol_was_guessed);
         if (protocol_was_guessed != 0)
         {
             workflow->total_guessed_flows++;
author	Toni Uhlig <matzeton@googlemail.com>	2024-02-06 10:34:26 +0100
committer	Toni Uhlig <matzeton@googlemail.com>	2024-02-06 10:34:52 +0100
commit	feb2583ef680281c827df75e3c3f6d4b97be8d8f (patch)
tree	df3f88da74327f058527e70d2ef39a0b5f47a13c /nDPId.c
parent	7368f222dbddebab4cb36d7585cb152721bdd024 (diff)