From 466fd7132804f0bc6008d0a16a2c96e36c0f4648 Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Thu, 8 Nov 2018 09:29:25 -0800 Subject: libndpi: Add patches from the 2.4-stable branch to fix compilation Signed-off-by: Rosen Penev --- libs/libndpi/Makefile | 15 +- ...nfigure-include-file-inclusion-and-code-d.patch | 75 ++++++ libs/libndpi/patches/0002-Fixes-600.patch | 286 +++++++++++++++++++++ .../0003-Fixed-duplicate-protocol-name.-607.patch | 26 ++ ...-Added-missing-ndpi_protocol2id-prototype.patch | 60 +++++ ...the-available-clang-as-the-default-compil.patch | 30 +++ .../patches/0006-Backported-ndpi_protocol2id.patch | 83 ++++++ .../0007-Symlink-the-shared-library-to-pwd.patch | 41 +++ ...a-more-standard-path-for-pkg-config-files.patch | 29 +++ ...he-include-file-path-in-I-CFLAGS-argument.patch | 28 ++ ...xes-600-Backport-of-recent-fixes-e.g.-601.patch | 252 ------------------ 11 files changed, 666 insertions(+), 259 deletions(-) create mode 100644 libs/libndpi/patches/0001-Move-the-configure-include-file-inclusion-and-code-d.patch create mode 100644 libs/libndpi/patches/0002-Fixes-600.patch create mode 100644 libs/libndpi/patches/0003-Fixed-duplicate-protocol-name.-607.patch create mode 100644 libs/libndpi/patches/0004-Added-missing-ndpi_protocol2id-prototype.patch create mode 100644 libs/libndpi/patches/0005-Do-not-use-the-available-clang-as-the-default-compil.patch create mode 100644 libs/libndpi/patches/0006-Backported-ndpi_protocol2id.patch create mode 100644 libs/libndpi/patches/0007-Symlink-the-shared-library-to-pwd.patch create mode 100644 libs/libndpi/patches/0008-Use-a-more-standard-path-for-pkg-config-files.patch create mode 100644 libs/libndpi/patches/0009-Correct-the-include-file-path-in-I-CFLAGS-argument.patch delete mode 100644 libs/libndpi/patches/010-Fixes-600-Backport-of-recent-fixes-e.g.-601.patch (limited to 'libs/libndpi') diff --git a/libs/libndpi/Makefile b/libs/libndpi/Makefile index de9701f5f..1833eaae8 100644 --- a/libs/libndpi/Makefile +++ b/libs/libndpi/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libndpi PKG_VERSION:=2.4 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ntop/nDPI/tar.gz/$(PKG_VERSION)? @@ -20,6 +20,7 @@ PKG_MAINTAINER:=Banglang Huang PKG_LICENSE:=LGPLv3 PKG_FIXUP:=autoreconf +PKG_BUILD_DEPENDS:=libpcap PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 @@ -34,7 +35,7 @@ define Package/libndpi endef define Package/libndpi/description - nDPI is an open source LGPLv3 library for deep-packet inspection. + nDPI is an open source LGPLv3 library for deep-packet inspection. Based on OpenDPI it includes ntop extensions. endef @@ -46,28 +47,28 @@ endef define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include/ $(CP) \ - $(PKG_INSTALL_DIR)/usr/include/ndpi \ + $(PKG_INSTALL_DIR)/usr/local/include/ndpi \ $(1)/usr/include/ $(INSTALL_DIR) $(1)/usr/lib $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libndpi.so* \ + $(PKG_INSTALL_DIR)/usr/local/lib/libndpi.so \ $(1)/usr/lib/ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig $(CP) \ - $(PKG_INSTALL_DIR)/usr/local/libdata/pkgconfig/libndpi.pc \ + $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libndpi.pc \ $(1)/usr/lib/pkgconfig/ endef define Package/libndpi/install $(INSTALL_DIR) $(1)/usr/lib/ $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libndpi.so* \ + $(PKG_INSTALL_DIR)/usr/local/lib/libndpi.so \ $(1)/usr/lib/ $(INSTALL_DIR) $(1)/usr/bin/ $(CP) \ - $(PKG_INSTALL_DIR)/usr/local/bin/ndpiReader \ + $(PKG_INSTALL_DIR)/usr/bin/ndpiReader \ $(1)/usr/bin/ endef diff --git a/libs/libndpi/patches/0001-Move-the-configure-include-file-inclusion-and-code-d.patch b/libs/libndpi/patches/0001-Move-the-configure-include-file-inclusion-and-code-d.patch new file mode 100644 index 000000000..0bb84fd9f --- /dev/null +++ b/libs/libndpi/patches/0001-Move-the-configure-include-file-inclusion-and-code-d.patch @@ -0,0 +1,75 @@ +From 91ac4e4beed953fc9d2185ca2e6813dde47e8d5a Mon Sep 17 00:00:00 2001 +From: Guido Falsi +Date: Mon, 27 Aug 2018 17:52:56 +0200 +Subject: [PATCH 1/9] Move the configure include file inclusion and code + depending on it in code protected by the NDPI_LIB_COMPILATION define, this + should avoid it polluting the environment when including this file from + ntopng, version against stable branch. + +--- + src/include/ndpi_typedefs.h | 15 ++++++++++----- + src/lib/ndpi_main.c | 7 ------- + 2 files changed, 10 insertions(+), 12 deletions(-) + +diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h +index 6a61b44..386b217 100644 +--- a/src/include/ndpi_typedefs.h ++++ b/src/include/ndpi_typedefs.h +@@ -26,9 +26,6 @@ + + #include "ndpi_define.h" + +-/* Needed to have access to HAVE_* defines */ +-#include "ndpi_config.h" +- + /* NDPI_LOG_LEVEL */ + typedef enum { + NDPI_LOG_ERROR, +@@ -854,7 +851,17 @@ typedef struct ndpi_proto { + #define NUM_CUSTOM_CATEGORIES 5 + #define CUSTOM_CATEGORY_LABEL_LEN 32 + ++#ifdef NDPI_LIB_COMPILATION ++ ++/* Needed to have access to HAVE_* defines */ ++#include "ndpi_define.h" ++ + #ifdef HAVE_HYPERSCAN ++struct hs { ++ hs_database_t *database; ++ hs_scratch_t *scratch; ++}; ++ + struct hs_list { + char *expression; + unsigned int id; +@@ -862,8 +869,6 @@ struct hs_list { + }; + #endif + +-#ifdef NDPI_LIB_COMPILATION +- + struct ndpi_detection_module_struct { + NDPI_PROTOCOL_BITMASK detection_bitmask; + NDPI_PROTOCOL_BITMASK generic_http_packet_bitmask; +diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c +index b002126..8061aa1 100644 +--- a/src/lib/ndpi_main.c ++++ b/src/lib/ndpi_main.c +@@ -51,13 +51,6 @@ + #include + #endif + +-#ifdef HAVE_HYPERSCAN +-struct hs { +- hs_database_t *database; +- hs_scratch_t *scratch; +-}; +-#endif +- + #define NDPI_CONST_GENERIC_PROTOCOL_NAME "GenericProtocol" + + static int _ndpi_debug_callbacks = 0; +-- +2.19.1 + diff --git a/libs/libndpi/patches/0002-Fixes-600.patch b/libs/libndpi/patches/0002-Fixes-600.patch new file mode 100644 index 000000000..84bd7dcf1 --- /dev/null +++ b/libs/libndpi/patches/0002-Fixes-600.patch @@ -0,0 +1,286 @@ +From 6be5188ff93780a7f2acd48f41c4ac1846597091 Mon Sep 17 00:00:00 2001 +From: Luca +Date: Tue, 11 Sep 2018 10:02:34 +0300 +Subject: [PATCH 2/9] Fixes #600 Backport of recent fixes (e.g. #601) + +--- + Makefile.am | 5 ++- + autogen.sh | 2 +- + configure.seed | 13 +++++-- + src/lib/Makefile | 26 -------------- + src/lib/Makefile.in | 54 ++++++++++++++++++++++++++++++ + src/lib/ndpi_main.c | 2 -- + src/lib/protocols/ssl.c | 36 ++++++++++++++------ + src/lib/third_party/include/hash.h | 1 + + 8 files changed, 94 insertions(+), 45 deletions(-) + delete mode 100644 src/lib/Makefile + create mode 100644 src/lib/Makefile.in + +diff --git a/Makefile.am b/Makefile.am +index 17c6748..37f0849 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -1,8 +1,7 @@ + ACLOCAL_AMFLAGS = -I m4 +- + SUBDIRS = src/lib example tests + +-pkgconfigdir = $(libdir)/pkgconfig ++pkgconfigdir = $(prefix)/libdata/pkgconfig + pkgconfig_DATA = libndpi.pc + +-EXTRA_DIST = libndpi.sym autogen.sh ++EXTRA_DIST = autogen.sh +diff --git a/autogen.sh b/autogen.sh +index 6596b2f..efeffc4 100755 +--- a/autogen.sh ++++ b/autogen.sh +@@ -5,7 +5,7 @@ NDPI_MINOR="4" + NDPI_PATCH="0" + NDPI_VERSION_SHORT="$NDPI_MAJOR.$NDPI_MINOR.$NDPI_PATCH" + +-rm -f configure config.h config.h.in src/lib/Makefile.in ++rm -f configure config.h config.h.in + + AUTOCONF=$(command -v autoconf) + AUTOMAKE=$(command -v automake) +diff --git a/configure.seed b/configure.seed +index 6b85c66..8f8817f 100644 +--- a/configure.seed ++++ b/configure.seed +@@ -10,6 +10,7 @@ AC_PROG_CC + AM_PROG_CC_C_O + AX_PTHREAD + ++NDPI_VERSION_SHORT="@NDPI_VERSION_SHORT@" + NDPI_MAJOR="@NDPI_MAJOR@" + NDPI_MINOR="@NDPI_MINOR@" + NDPI_PATCH="@NDPI_PATCH@" +@@ -51,11 +52,16 @@ else + AC_CHECK_LIB([numa], [numa_available], [LIBNUMA="-lnuma"]) + fi + +- ++if test -z `which clang`; then ++CC=gcc ++else ++CC=clang ++fi ++ + HS_LIB= + HS_INC= + +-AC_ARG_WITH(hyperscan, [ --with-hyperscan Enable nDPI build with Intel Hyperscan]) ++AC_ARG_WITH(hyperscan, [ --with-hyperscan Enable nDPI build with Intel Hyperscan]) + + if test "${with_hyperscan+set}" = set; then + BKP=$LIBS +@@ -127,12 +133,13 @@ AC_ARG_ENABLE([debug-messages], + + AC_CHECK_LIB(pthread, pthread_setaffinity_np, AC_DEFINE_UNQUOTED(HAVE_PTHREAD_SETAFFINITY_NP, 1, [libc has pthread_setaffinity_np])) + +-AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile libndpi.pc src/include/ndpi_define.h]) ++AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile libndpi.pc src/include/ndpi_define.h src/lib/Makefile]) + AC_CONFIG_HEADERS(src/include/ndpi_config.h) + AC_SUBST(GIT_RELEASE) + AC_SUBST(NDPI_MAJOR) + AC_SUBST(NDPI_MINOR) + AC_SUBST(NDPI_PATCH) ++AC_SUBST(NDPI_VERSION_SHORT) + AC_SUBST(SVN_DATE) + AC_SUBST(JSON_C_LIB) + AC_SUBST(PCAP_INC) +diff --git a/src/lib/Makefile b/src/lib/Makefile +deleted file mode 100644 +index 19c6f1c..0000000 +--- a/src/lib/Makefile ++++ /dev/null +@@ -1,26 +0,0 @@ +-# +-# Simple non-autotools dependent makefile +-# +-# ./autogen.sh +-# cd src/lib +-# make -f Makefile.simple +-# +-CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -g +-RANLIB = ranlib +- +-OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o +-HEADERS = $(wildcard ../include/*.h) +- +-all: libndpi.a +- +-ndpi_main.c: ndpi_content_match.c.inc +- +-libndpi.a: $(OBJECTS) +- ar rc $@ $(OBJECTS) +- $(RANLIB) $@ +- +-%.o: %.c $(HEADERS) Makefile +- $(CC) $(CFLAGS) -c $< -o $@ +- +-clean: +- /bin/rm -f libndpi.a $(OBJECTS) +diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in +new file mode 100644 +index 0000000..ca29001 +--- /dev/null ++++ b/src/lib/Makefile.in +@@ -0,0 +1,54 @@ ++# ++# Simple non-autotools dependent makefile ++# ++# ./autogen.sh ++# cd src/lib ++# make Makefile ++# ++ ++ ++# ++# Installation directories ++# ++prefix = /usr/local ++libdir = ${prefix}/lib ++includedir = ${prefix}/include/ndpi ++CC = @CC@ ++CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -O2 # -g ++RANLIB = ranlib ++ ++OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o ++HEADERS = $(wildcard ../include/*.h) ++NDPI_LIB_STATIC = libndpi.a ++NDPI_LIB_SHARED_BASE = libndpi.so ++NDPI_LIB_SHARED = $(NDPI_LIB_SHARED_BASE).@NDPI_VERSION_SHORT@ ++NDPI_LIBS = $(NDPI_LIB_STATIC) $(NDPI_LIB_SHARED) ++ ++ifeq ($(OS),Darwin) ++CC=clang ++endif ++ ++all: $(NDPI_LIBS) ++ ++ndpi_main.c: ndpi_content_match.c.inc ++ ++$(NDPI_LIB_STATIC): $(OBJECTS) ++ ar rc $@ $(OBJECTS) ++ $(RANLIB) $@ ++ ++$(NDPI_LIB_SHARED): $(OBJECTS) ++ $(CC) -shared -fPIC -o $@ $(OBJECTS) ++ ln -Fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE) ++ ++%.o: %.c $(HEADERS) Makefile ++ $(CC) $(CFLAGS) -c $< -o $@ ++ ++clean: ++ /bin/rm -f $(NDPI_LIB_STATIC) $(OBJECTS) *.o *.so *.lo ++ ++install: $(NDPI_LIBS) ++ mkdir -p $(DESTDIR)$(libdir) ++ cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/ ++ ln -Fs $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE) ++ mkdir -p $(DESTDIR)$(includedir) ++ cp ../include/*.h $(DESTDIR)$(includedir) +diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c +index 8061aa1..540e158 100644 +--- a/src/lib/ndpi_main.c ++++ b/src/lib/ndpi_main.c +@@ -43,9 +43,7 @@ + + #include "ndpi_content_match.c.inc" + #include "third_party/include/ndpi_patricia.h" +-#include "third_party/src/ndpi_patricia.c" + #include "third_party/include/hash.h" +-#include "third_party/src/hash.c" + + #ifdef HAVE_HYPERSCAN + #include +diff --git a/src/lib/protocols/ssl.c b/src/lib/protocols/ssl.c +index b8c3697..59aedcb 100644 +--- a/src/lib/protocols/ssl.c ++++ b/src/lib/protocols/ssl.c +@@ -27,7 +27,7 @@ + + #include "ndpi_api.h" + +-/* #define CERTIFICATE_DEBUG 1 */ ++// #define CERTIFICATE_DEBUG 1 + #define NDPI_MAX_SSL_REQUEST_SIZE 10000 + + /* Skype.c */ +@@ -246,28 +246,43 @@ int getSSLcertificate(struct ndpi_detection_module_struct *ndpi_struct, + u_int16_t compression_len; + u_int16_t extensions_len; + +- compression_len = packet->payload[offset+1]; +- offset += compression_len + 3; ++ offset++; ++ compression_len = packet->payload[offset]; ++ offset++; ++ ++#ifdef CERTIFICATE_DEBUG ++ printf("SSL [compression_len: %u]\n", compression_len); ++#endif ++ ++ // offset += compression_len + 3; ++ offset += compression_len; + + if(offset < total_len) { +- extensions_len = packet->payload[offset]; ++ extensions_len = ntohs(*((u_int16_t*)&packet->payload[offset])); ++ offset += 2; ++ ++#ifdef CERTIFICATE_DEBUG ++ printf("SSL [extensions_len: %u]\n", extensions_len); ++#endif + +- if((extensions_len+offset) < total_len) { ++ if((extensions_len+offset) <= total_len) { + /* Move to the first extension + Type is u_int to avoid possible overflow on extension_len addition */ +- u_int extension_offset = 1; ++ u_int extension_offset = 0; + + while(extension_offset < extensions_len) { + u_int16_t extension_id, extension_len; + +- memcpy(&extension_id, &packet->payload[offset+extension_offset], 2); ++ extension_id = ntohs(*((u_int16_t*)&packet->payload[offset+extension_offset])); + extension_offset += 2; + +- memcpy(&extension_len, &packet->payload[offset+extension_offset], 2); ++ extension_len = ntohs(*((u_int16_t*)&packet->payload[offset+extension_offset])); + extension_offset += 2; + +- extension_id = ntohs(extension_id), extension_len = ntohs(extension_len); +- ++#ifdef CERTIFICATE_DEBUG ++ printf("SSL [extension_id: %u][extension_len: %u]\n", extension_id, extension_len); ++#endif ++ + if(extension_id == 0) { + u_int begin = 0,len; + char *server_name = (char*)&packet->payload[offset+extension_offset]; +@@ -316,6 +331,7 @@ int sslTryAndRetrieveServerCertificate(struct ndpi_detection_module_struct *ndpi + if((packet->payload_packet_len > 9) && (packet->payload[0] == 0x16)) { + char certificate[64]; + int rc; ++ + certificate[0] = '\0'; + rc = getSSLcertificate(ndpi_struct, flow, certificate, sizeof(certificate)); + packet->ssl_certificate_num_checks++; +diff --git a/src/lib/third_party/include/hash.h b/src/lib/third_party/include/hash.h +index 4f53e5a..2251706 100644 +--- a/src/lib/third_party/include/hash.h ++++ b/src/lib/third_party/include/hash.h +@@ -25,5 +25,6 @@ extern int ht_hash( hashtable_t *hashtable, char *key ); + extern entry_t *ht_newpair( char *key, u_int16_t value ); + extern void ht_set( hashtable_t *hashtable, char *key, u_int16_t value ); + extern u_int16_t ht_get( hashtable_t *hashtable, char *key ); ++extern void ht_free( hashtable_t *hashtable ); + + #endif /* _HASH_H_ */ +-- +2.19.1 + diff --git a/libs/libndpi/patches/0003-Fixed-duplicate-protocol-name.-607.patch b/libs/libndpi/patches/0003-Fixed-duplicate-protocol-name.-607.patch new file mode 100644 index 000000000..72777b0a7 --- /dev/null +++ b/libs/libndpi/patches/0003-Fixed-duplicate-protocol-name.-607.patch @@ -0,0 +1,26 @@ +From efd8348c3a5ace204410608f1805c9d5899096ab Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=D0=98=D0=B2=D0=B0=D0=BD=20=D0=A1=D0=BF=D0=B8=D0=BD=D0=B5?= + =?UTF-8?q?=D0=BD=D0=BA=D0=BE?= +Date: Thu, 13 Sep 2018 18:23:47 +0500 +Subject: [PATCH 3/9] Fixed duplicate protocol name. #607 + +--- + src/lib/ndpi_main.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c +index 540e158..33ccbb1 100644 +--- a/src/lib/ndpi_main.c ++++ b/src/lib/ndpi_main.c +@@ -1225,7 +1225,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp + ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_VIDTO, + no_master, +- no_master, "PPStream", NDPI_PROTOCOL_CATEGORY_MEDIA, ++ no_master, "Vidto", NDPI_PROTOCOL_CATEGORY_MEDIA, + ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, + ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); + +-- +2.19.1 + diff --git a/libs/libndpi/patches/0004-Added-missing-ndpi_protocol2id-prototype.patch b/libs/libndpi/patches/0004-Added-missing-ndpi_protocol2id-prototype.patch new file mode 100644 index 000000000..2dc62973e --- /dev/null +++ b/libs/libndpi/patches/0004-Added-missing-ndpi_protocol2id-prototype.patch @@ -0,0 +1,60 @@ +From ba72865f23cd0d52f373573308e0e05c5bd37ba8 Mon Sep 17 00:00:00 2001 +From: Luca Deri +Date: Wed, 19 Sep 2018 11:11:15 +0200 +Subject: [PATCH 4/9] Added missing ndpi_protocol2id() prototype Fixed error + when crearing symlink in Makefile + +--- + src/include/ndpi_api.h | 15 ++++++++++++++- + src/lib/Makefile.in | 2 +- + 2 files changed, 15 insertions(+), 2 deletions(-) + +diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h +index 3fefc8e..56c5436 100644 +--- a/src/include/ndpi_api.h ++++ b/src/include/ndpi_api.h +@@ -420,7 +420,7 @@ extern "C" { + char *bigram_to_match); + + /** +- * Write the protocol name in the buffer -buf- as master_protocol.protocol ++ * Write the protocol name in the buffer -buf- as master_protocol.protocol (string) + * + * @par ndpi_mod = the detection module + * @par proto = the struct ndpi_protocol contain the protocols name +@@ -432,6 +432,19 @@ extern "C" { + char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod, + ndpi_protocol proto, char *buf, u_int buf_len); + ++ /** ++ * Write the protocol name in the buffer -buf- as master_protocol.protocol (number) ++ * ++ * @par ndpi_mod = the detection module ++ * @par proto = the struct ndpi_protocol contain the protocols name ++ * @par buf = the buffer to write the name of the protocols ++ * @par buf_len = the length of the buffer ++ * @return the buffer contains the master_protocol and protocol name ++ * ++ */ ++ char* ndpi_protocol2id(struct ndpi_detection_module_struct *ndpi_mod, ++ ndpi_protocol proto, char *buf, u_int buf_len); ++ + /** + * Find out if a given category is custom/user-defined + * +diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in +index ca29001..cbbc54b 100644 +--- a/src/lib/Makefile.in ++++ b/src/lib/Makefile.in +@@ -38,7 +38,7 @@ $(NDPI_LIB_STATIC): $(OBJECTS) + + $(NDPI_LIB_SHARED): $(OBJECTS) + $(CC) -shared -fPIC -o $@ $(OBJECTS) +- ln -Fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE) ++ ln -fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE) + + %.o: %.c $(HEADERS) Makefile + $(CC) $(CFLAGS) -c $< -o $@ +-- +2.19.1 + diff --git a/libs/libndpi/patches/0005-Do-not-use-the-available-clang-as-the-default-compil.patch b/libs/libndpi/patches/0005-Do-not-use-the-available-clang-as-the-default-compil.patch new file mode 100644 index 000000000..68edcf47b --- /dev/null +++ b/libs/libndpi/patches/0005-Do-not-use-the-available-clang-as-the-default-compil.patch @@ -0,0 +1,30 @@ +From 54fd7face86f3d5287bc8d0f2633bd13c66498cf Mon Sep 17 00:00:00 2001 +From: Vitaly Lavrov +Date: Sun, 30 Sep 2018 22:49:18 +0300 +Subject: [PATCH 5/9] Do not use the available clang as the default compiler. + Use the CC environment variable when running autogen.sh and configure. + +--- + configure.seed | 6 ------ + 1 file changed, 6 deletions(-) + +diff --git a/configure.seed b/configure.seed +index 8f8817f..b150fdb 100644 +--- a/configure.seed ++++ b/configure.seed +@@ -51,12 +51,6 @@ if test $SHORT_MACHINE = "arm"; then + else + AC_CHECK_LIB([numa], [numa_available], [LIBNUMA="-lnuma"]) + fi +- +-if test -z `which clang`; then +-CC=gcc +-else +-CC=clang +-fi + + HS_LIB= + HS_INC= +-- +2.19.1 + diff --git a/libs/libndpi/patches/0006-Backported-ndpi_protocol2id.patch b/libs/libndpi/patches/0006-Backported-ndpi_protocol2id.patch new file mode 100644 index 000000000..73b2fe15a --- /dev/null +++ b/libs/libndpi/patches/0006-Backported-ndpi_protocol2id.patch @@ -0,0 +1,83 @@ +From 6dcf1f3fbab782804339db5a3fe8cd0c88c07795 Mon Sep 17 00:00:00 2001 +From: lucaderi +Date: Thu, 4 Oct 2018 21:36:46 +0200 +Subject: [PATCH 6/9] Backported ndpi_protocol2id + +--- + src/include/ndpi_api.h | 17 +++++++++++++++-- + src/lib/ndpi_main.c | 17 +++++++++++++++++ + 2 files changed, 32 insertions(+), 2 deletions(-) + +diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h +index 56c5436..ccbad73 100644 +--- a/src/include/ndpi_api.h ++++ b/src/include/ndpi_api.h +@@ -274,7 +274,7 @@ extern "C" { + */ + u_int16_t ndpi_get_flow_masterprotocol(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow); +- ++ + /** + * API call that is called internally by ndpi_detection_process_packet or by apps + * that want to avoid calling ndpi_detection_process_packet as they have already +@@ -432,6 +432,19 @@ extern "C" { + char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod, + ndpi_protocol proto, char *buf, u_int buf_len); + ++ /** ++ * Same as ndpi_protocol2name() with the difference that the numeric protocol ++ * name is returned ++ * ++ * @par ndpi_mod = the detection module ++ * @par proto = the struct ndpi_protocol contain the protocols name ++ * @par buf = the buffer to write the name of the protocols ++ * @par buf_len = the length of the buffer ++ * @return the buffer contains the master_protocol and protocol name ++ * ++ */ ++ char* ndpi_protocol2id(struct ndpi_detection_module_struct *ndpi_mod, ++ ndpi_protocol proto, char *buf, u_int buf_len); + /** + * Write the protocol name in the buffer -buf- as master_protocol.protocol (number) + * +@@ -746,7 +759,7 @@ extern "C" { + u_int ndpi_get_ndpi_num_custom_protocols(struct ndpi_detection_module_struct *ndpi_mod); + u_int ndpi_get_ndpi_detection_module_size(); + void ndpi_set_log_level(struct ndpi_detection_module_struct *ndpi_mod, u_int l); +- ++ + /** + * Add a string to match to an automata + * +diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c +index 33ccbb1..e1cf577 100644 +--- a/src/lib/ndpi_main.c ++++ b/src/lib/ndpi_main.c +@@ -5319,6 +5319,23 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct + + /* ****************************************************** */ + ++char* ndpi_protocol2id(struct ndpi_detection_module_struct *ndpi_mod, ++ ndpi_protocol proto, char *buf, u_int buf_len) { ++ if((proto.master_protocol != NDPI_PROTOCOL_UNKNOWN) ++ && (proto.master_protocol != proto.app_protocol)) { ++ if(proto.app_protocol != NDPI_PROTOCOL_UNKNOWN) ++ snprintf(buf, buf_len, "%u.%u", ++ proto.master_protocol, proto.app_protocol); ++ else ++ snprintf(buf, buf_len, "%u", proto.master_protocol); ++ } else ++ snprintf(buf, buf_len, "%u", proto.app_protocol); ++ ++ return(buf); ++} ++ ++/* ****************************************************** */ ++ + char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod, + ndpi_protocol proto, char *buf, u_int buf_len) { + if((proto.master_protocol != NDPI_PROTOCOL_UNKNOWN) +-- +2.19.1 + diff --git a/libs/libndpi/patches/0007-Symlink-the-shared-library-to-pwd.patch b/libs/libndpi/patches/0007-Symlink-the-shared-library-to-pwd.patch new file mode 100644 index 000000000..6cde303d6 --- /dev/null +++ b/libs/libndpi/patches/0007-Symlink-the-shared-library-to-pwd.patch @@ -0,0 +1,41 @@ +From a1f6cbb6c9a212b5b3b6605254ae35bead5c43df Mon Sep 17 00:00:00 2001 +From: Hank Leininger +Date: Mon, 8 Oct 2018 18:17:30 -0600 +Subject: [PATCH 7/9] Symlink the shared library to pwd. + +DESTDIR is used, for instance, by distros to facilitate installing +to a temp path for testing / package-building. + +In general nDPI supports DESTDIR (yay!), but using an absolute path +for the target of the library link has two problems: + +1) If DESTDIR is set to /some/tmp/path, we end up with a link that +points to /some/tmp/path/usr/lib/libndpi-x.y.z, which is definitely +not what is intended - once the package is installed, the link is +broken. + +2) Absolute links are problematic for distributions; pointing to +/usr/lib/libndpi-x.y.z during package build-and-test would point to +either a nonexistent file, or an old and possibly wrong one. + +Both of these are avoided if we just link to the target with no path +at all. +--- + src/lib/Makefile.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in +index cbbc54b..dc1e34b 100644 +--- a/src/lib/Makefile.in ++++ b/src/lib/Makefile.in +@@ -49,6 +49,6 @@ clean: + install: $(NDPI_LIBS) + mkdir -p $(DESTDIR)$(libdir) + cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/ +- ln -Fs $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE) ++ ln -Fs $(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE) + mkdir -p $(DESTDIR)$(includedir) + cp ../include/*.h $(DESTDIR)$(includedir) +-- +2.19.1 + diff --git a/libs/libndpi/patches/0008-Use-a-more-standard-path-for-pkg-config-files.patch b/libs/libndpi/patches/0008-Use-a-more-standard-path-for-pkg-config-files.patch new file mode 100644 index 000000000..e566637e2 --- /dev/null +++ b/libs/libndpi/patches/0008-Use-a-more-standard-path-for-pkg-config-files.patch @@ -0,0 +1,29 @@ +From cfd97bbbca6afddb1bcedb407cb21127d7cb5d53 Mon Sep 17 00:00:00 2001 +From: Hank Leininger +Date: Mon, 8 Oct 2018 19:08:51 -0600 +Subject: [PATCH 8/9] Use a more standard path for pkg-config files. + +The Linuxes I've checked all seem to use /usr/{,local/}lib*/pkgconfig, +not /usr/libdata/. I think FreeBSD does use /usr/libdata/ but also +supports /usr/lib*/pkgconfig, although I have not tested this change +on a FreeBSD system. +--- + Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index 37f0849..4090817 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -1,7 +1,7 @@ + ACLOCAL_AMFLAGS = -I m4 + SUBDIRS = src/lib example tests + +-pkgconfigdir = $(prefix)/libdata/pkgconfig ++pkgconfigdir = $(libdir)/pkgconfig + pkgconfig_DATA = libndpi.pc + + EXTRA_DIST = autogen.sh +-- +2.19.1 + diff --git a/libs/libndpi/patches/0009-Correct-the-include-file-path-in-I-CFLAGS-argument.patch b/libs/libndpi/patches/0009-Correct-the-include-file-path-in-I-CFLAGS-argument.patch new file mode 100644 index 000000000..b21027cd0 --- /dev/null +++ b/libs/libndpi/patches/0009-Correct-the-include-file-path-in-I-CFLAGS-argument.patch @@ -0,0 +1,28 @@ +From b4b7a810697145b718a9a3b6d8a39e700613a640 Mon Sep 17 00:00:00 2001 +From: Hank Leininger +Date: Mon, 8 Oct 2018 21:22:41 -0600 +Subject: [PATCH 9/9] Correct the include file path in -I CFLAGS argument. + +src/lib/Makefile.in install headers into ${prefix}/include/ndpi, +but the shipped libndpi.pc.in specifies a different path. Therefore +anything trying to build using $(pkg-config --cflags libndpi) will +fail to find the nDPI headers. + +This patch simply makes libndpi.pc.in agree with src/lib/Makefile.in. +--- + libndpi.pc.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libndpi.pc.in b/libndpi.pc.in +index 291429c..5e1cde7 100644 +--- a/libndpi.pc.in ++++ b/libndpi.pc.in +@@ -7,4 +7,4 @@ Name: libndpi + Description: deep packet inspection library + Version: @VERSION@ + Libs: -L${libdir} -lndpi +-Cflags: -I${includedir}/libndpi-@VERSION@ ++Cflags: -I${includedir}/ndpi +-- +2.19.1 + diff --git a/libs/libndpi/patches/010-Fixes-600-Backport-of-recent-fixes-e.g.-601.patch b/libs/libndpi/patches/010-Fixes-600-Backport-of-recent-fixes-e.g.-601.patch deleted file mode 100644 index 10ff8fdf6..000000000 --- a/libs/libndpi/patches/010-Fixes-600-Backport-of-recent-fixes-e.g.-601.patch +++ /dev/null @@ -1,252 +0,0 @@ -From 0e09c2b5c573ad1fce7c8f13b6bf255e1f21d390 Mon Sep 17 00:00:00 2001 -From: Luca -Date: Tue, 11 Sep 2018 10:02:34 +0300 -Subject: [PATCH] Fixes #600 Backport of recent fixes (e.g. #601) - ---- - Makefile.am | 5 ++- - autogen.sh | 2 +- - configure.seed | 13 +++++-- - src/lib/Makefile.in | 54 ++++++++++++++++++++++++++++++ - src/lib/ndpi_main.c | 2 -- - src/lib/protocols/ssl.c | 36 ++++++++++++++------ - src/lib/third_party/include/hash.h | 1 + - 7 files changed, 94 insertions(+), 19 deletions(-) - create mode 100644 src/lib/Makefile.in - -diff --git a/Makefile.am b/Makefile.am -index 17c6748..37f0849 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -1,8 +1,7 @@ - ACLOCAL_AMFLAGS = -I m4 -- - SUBDIRS = src/lib example tests - --pkgconfigdir = $(libdir)/pkgconfig -+pkgconfigdir = $(prefix)/libdata/pkgconfig - pkgconfig_DATA = libndpi.pc - --EXTRA_DIST = libndpi.sym autogen.sh -+EXTRA_DIST = autogen.sh -diff --git a/autogen.sh b/autogen.sh -index 6596b2f..efeffc4 100755 ---- a/autogen.sh -+++ b/autogen.sh -@@ -5,7 +5,7 @@ NDPI_MINOR="4" - NDPI_PATCH="0" - NDPI_VERSION_SHORT="$NDPI_MAJOR.$NDPI_MINOR.$NDPI_PATCH" - --rm -f configure config.h config.h.in src/lib/Makefile.in -+rm -f configure config.h config.h.in - - AUTOCONF=$(command -v autoconf) - AUTOMAKE=$(command -v automake) -diff --git a/configure.seed b/configure.seed -index 6b85c66..8f8817f 100644 ---- a/configure.seed -+++ b/configure.seed -@@ -10,6 +10,7 @@ AC_PROG_CC - AM_PROG_CC_C_O - AX_PTHREAD - -+NDPI_VERSION_SHORT="@NDPI_VERSION_SHORT@" - NDPI_MAJOR="@NDPI_MAJOR@" - NDPI_MINOR="@NDPI_MINOR@" - NDPI_PATCH="@NDPI_PATCH@" -@@ -51,11 +52,16 @@ else - AC_CHECK_LIB([numa], [numa_available], [LIBNUMA="-lnuma"]) - fi - -- -+if test -z `which clang`; then -+CC=gcc -+else -+CC=clang -+fi -+ - HS_LIB= - HS_INC= - --AC_ARG_WITH(hyperscan, [ --with-hyperscan Enable nDPI build with Intel Hyperscan]) -+AC_ARG_WITH(hyperscan, [ --with-hyperscan Enable nDPI build with Intel Hyperscan]) - - if test "${with_hyperscan+set}" = set; then - BKP=$LIBS -@@ -127,12 +133,13 @@ AC_ARG_ENABLE([debug-messages], - - AC_CHECK_LIB(pthread, pthread_setaffinity_np, AC_DEFINE_UNQUOTED(HAVE_PTHREAD_SETAFFINITY_NP, 1, [libc has pthread_setaffinity_np])) - --AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile libndpi.pc src/include/ndpi_define.h]) -+AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile libndpi.pc src/include/ndpi_define.h src/lib/Makefile]) - AC_CONFIG_HEADERS(src/include/ndpi_config.h) - AC_SUBST(GIT_RELEASE) - AC_SUBST(NDPI_MAJOR) - AC_SUBST(NDPI_MINOR) - AC_SUBST(NDPI_PATCH) -+AC_SUBST(NDPI_VERSION_SHORT) - AC_SUBST(SVN_DATE) - AC_SUBST(JSON_C_LIB) - AC_SUBST(PCAP_INC) -diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in -new file mode 100644 -index 0000000..ca29001 ---- /dev/null -+++ b/src/lib/Makefile.in -@@ -0,0 +1,54 @@ -+# -+# Simple non-autotools dependent makefile -+# -+# ./autogen.sh -+# cd src/lib -+# make Makefile -+# -+ -+ -+# -+# Installation directories -+# -+prefix = /usr -+libdir = ${prefix}/lib -+includedir = ${prefix}/include/ndpi -+CC = @CC@ -+CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -O2 # -g -+RANLIB = ranlib -+ -+OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o -+HEADERS = $(wildcard ../include/*.h) -+NDPI_LIB_STATIC = libndpi.a -+NDPI_LIB_SHARED_BASE = libndpi.so -+NDPI_LIB_SHARED = $(NDPI_LIB_SHARED_BASE).@NDPI_VERSION_SHORT@ -+NDPI_LIBS = $(NDPI_LIB_STATIC) $(NDPI_LIB_SHARED) -+ -+ifeq ($(OS),Darwin) -+CC=clang -+endif -+ -+all: $(NDPI_LIBS) -+ -+ndpi_main.c: ndpi_content_match.c.inc -+ -+$(NDPI_LIB_STATIC): $(OBJECTS) -+ ar rc $@ $(OBJECTS) -+ $(RANLIB) $@ -+ -+$(NDPI_LIB_SHARED): $(OBJECTS) -+ $(CC) -shared -fPIC -o $@ $(OBJECTS) -+ ln -Fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE) -+ -+%.o: %.c $(HEADERS) Makefile -+ $(CC) $(CFLAGS) -c $< -o $@ -+ -+clean: -+ /bin/rm -f $(NDPI_LIB_STATIC) $(OBJECTS) *.o *.so *.lo -+ -+install: $(NDPI_LIBS) -+ mkdir -p $(DESTDIR)$(libdir) -+ cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/ -+ ln -Fs $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE) -+ mkdir -p $(DESTDIR)$(includedir) -+ cp ../include/*.h $(DESTDIR)$(includedir) -diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c -index b002126..5beb6b4 100644 ---- a/src/lib/ndpi_main.c -+++ b/src/lib/ndpi_main.c -@@ -43,9 +43,7 @@ - - #include "ndpi_content_match.c.inc" - #include "third_party/include/ndpi_patricia.h" --#include "third_party/src/ndpi_patricia.c" - #include "third_party/include/hash.h" --#include "third_party/src/hash.c" - - #ifdef HAVE_HYPERSCAN - #include -diff --git a/src/lib/protocols/ssl.c b/src/lib/protocols/ssl.c -index b8c3697..59aedcb 100644 ---- a/src/lib/protocols/ssl.c -+++ b/src/lib/protocols/ssl.c -@@ -27,7 +27,7 @@ - - #include "ndpi_api.h" - --/* #define CERTIFICATE_DEBUG 1 */ -+// #define CERTIFICATE_DEBUG 1 - #define NDPI_MAX_SSL_REQUEST_SIZE 10000 - - /* Skype.c */ -@@ -246,28 +246,43 @@ int getSSLcertificate(struct ndpi_detection_module_struct *ndpi_struct, - u_int16_t compression_len; - u_int16_t extensions_len; - -- compression_len = packet->payload[offset+1]; -- offset += compression_len + 3; -+ offset++; -+ compression_len = packet->payload[offset]; -+ offset++; -+ -+#ifdef CERTIFICATE_DEBUG -+ printf("SSL [compression_len: %u]\n", compression_len); -+#endif -+ -+ // offset += compression_len + 3; -+ offset += compression_len; - - if(offset < total_len) { -- extensions_len = packet->payload[offset]; -+ extensions_len = ntohs(*((u_int16_t*)&packet->payload[offset])); -+ offset += 2; -+ -+#ifdef CERTIFICATE_DEBUG -+ printf("SSL [extensions_len: %u]\n", extensions_len); -+#endif - -- if((extensions_len+offset) < total_len) { -+ if((extensions_len+offset) <= total_len) { - /* Move to the first extension - Type is u_int to avoid possible overflow on extension_len addition */ -- u_int extension_offset = 1; -+ u_int extension_offset = 0; - - while(extension_offset < extensions_len) { - u_int16_t extension_id, extension_len; - -- memcpy(&extension_id, &packet->payload[offset+extension_offset], 2); -+ extension_id = ntohs(*((u_int16_t*)&packet->payload[offset+extension_offset])); - extension_offset += 2; - -- memcpy(&extension_len, &packet->payload[offset+extension_offset], 2); -+ extension_len = ntohs(*((u_int16_t*)&packet->payload[offset+extension_offset])); - extension_offset += 2; - -- extension_id = ntohs(extension_id), extension_len = ntohs(extension_len); -- -+#ifdef CERTIFICATE_DEBUG -+ printf("SSL [extension_id: %u][extension_len: %u]\n", extension_id, extension_len); -+#endif -+ - if(extension_id == 0) { - u_int begin = 0,len; - char *server_name = (char*)&packet->payload[offset+extension_offset]; -@@ -316,6 +331,7 @@ int sslTryAndRetrieveServerCertificate(struct ndpi_detection_module_struct *ndpi - if((packet->payload_packet_len > 9) && (packet->payload[0] == 0x16)) { - char certificate[64]; - int rc; -+ - certificate[0] = '\0'; - rc = getSSLcertificate(ndpi_struct, flow, certificate, sizeof(certificate)); - packet->ssl_certificate_num_checks++; -diff --git a/src/lib/third_party/include/hash.h b/src/lib/third_party/include/hash.h -index 4f53e5a..2251706 100644 ---- a/src/lib/third_party/include/hash.h -+++ b/src/lib/third_party/include/hash.h -@@ -25,5 +25,6 @@ extern int ht_hash( hashtable_t *hashtable, char *key ); - extern entry_t *ht_newpair( char *key, u_int16_t value ); - extern void ht_set( hashtable_t *hashtable, char *key, u_int16_t value ); - extern u_int16_t ht_get( hashtable_t *hashtable, char *key ); -+extern void ht_free( hashtable_t *hashtable ); - - #endif /* _HASH_H_ */ --- -2.19.1 - -- cgit v1.2.3