forked from max197616/nfqfilter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nDPI-1.7-bugfixes.patch
64 lines (56 loc) · 2.82 KB
/
nDPI-1.7-bugfixes.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
diff -ruN nDPI.orig/configure.ac nDPI/configure.ac
--- nDPI.orig/configure.ac 2016-03-09 22:13:19.098325729 +0300
+++ nDPI/configure.ac 2016-03-09 22:13:41.017357878 +0300
@@ -1,6 +1,7 @@
AC_INIT([libndpi], [1.7.0])
AC_CONFIG_MACRO_DIR([m4])
+AC_CONFIG_AUX_DIR([.])
AM_INIT_AUTOMAKE([foreign subdir-objects])
diff -ruN nDPI.orig/src/lib/protocols/http.c nDPI/src/lib/protocols/http.c
--- nDPI.orig/src/lib/protocols/http.c 2016-03-09 22:13:19.105326058 +0300
+++ nDPI/src/lib/protocols/http.c 2016-03-09 22:14:06.426559272 +0300
@@ -241,13 +241,12 @@
if((flow->http.url == NULL)
&& (packet->http_url_name.len > 0)
&& (packet->host_line.len > 0)) {
- int len = packet->http_url_name.len + packet->host_line.len + 7 + 1; /* "http://" */
+ int len = packet->http_url_name.len + packet->host_line.len + 1;
flow->http.url = ndpi_malloc(len);
if(flow->http.url) {
- strncpy(flow->http.url, "http://", 7);
- strncpy(&flow->http.url[7], (char*)packet->host_line.ptr, packet->host_line.len);
- strncpy(&flow->http.url[7+packet->host_line.len], (char*)packet->http_url_name.ptr,
+ strncpy(flow->http.url, (char*)packet->host_line.ptr, packet->host_line.len);
+ strncpy(&flow->http.url[packet->host_line.len], (char*)packet->http_url_name.ptr,
packet->http_url_name.len);
flow->http.url[len-1] = '\0';
}
diff -ruN nDPI.orig/src/lib/protocols/ssl.c nDPI/src/lib/protocols/ssl.c
--- nDPI.orig/src/lib/protocols/ssl.c 2016-03-09 22:13:19.108326199 +0300
+++ nDPI/src/lib/protocols/ssl.c 2016-03-09 22:13:41.017357878 +0300
@@ -263,7 +263,7 @@
len = (u_int)ndpi_min(extension_len-begin, buffer_len-1);
strncpy(buffer, &server_name[begin], len);
buffer[len] = '\0';
- stripCertificateTrailer(buffer, buffer_len);
+// stripCertificateTrailer(buffer, buffer_len);
snprintf(flow->protos.ssl.client_certificate,
sizeof(flow->protos.ssl.client_certificate), "%s", buffer);
@@ -288,8 +288,6 @@
int sslDetectProtocolFromCertificate(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
struct ndpi_packet_struct *packet = &flow->packet;
- if(!packet->iph /* IPv4 */) return(-1);
-
if((packet->payload_packet_len > 9)
&& (packet->payload[0] == 0x16 /* consider only specific SSL packets (handshake) */)) {
if((packet->detected_protocol_stack[0] == NDPI_PROTOCOL_UNKNOWN)
diff -ruN nDPI.orig/src/lib/protocols/tor.c nDPI/src/lib/protocols/tor.c
--- nDPI.orig/src/lib/protocols/tor.c 2016-03-09 22:13:19.109326246 +0300
+++ nDPI/src/lib/protocols/tor.c 2016-03-09 22:13:41.018357925 +0300
@@ -24,7 +24,7 @@
if((certificate == NULL)
|| (strlen(certificate) < 6)
- || strncmp(certificate, "www.", 4))
+ || !strncmp(certificate, "www.", 4))
return(0);
// printf("***** [SSL] %s(): %s\n", __FUNCTION__, certificate);