vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 23:49:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
3155 commits 9 branches 12 tags 263 MiB
Commit graph

156 commits

Author SHA1 Message Date
ysk
52893d99f6 fix segment fault cause by the ssl.server_names when it may NULL 2020-06-03 10:44:35 +08:00
Luca Deri
9c3bfeca80 Added support for Encrypted TLS SNI dissection 
https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
 2020-05-28 17:44:18 +02:00
Luca Deri
e5e69d0f7a Added the ability to detect when a known protocol is using a non-standard port 
Added check to spot executables exchanged via HTTP
 2020-05-10 21:25:38 +02:00
Luca Deri
4a09b4efa0 Added TLS issuerDN and subjectDN 2020-05-07 18:44:51 +02:00
Nardi Ivan
097127c31d Fix heap-overflow error in CAPWAP detunneling code 2020-04-24 10:42:52 +02:00
Nardi Ivan
f965983c23 Add basic support for some ip-in-ip tunnels 
Add support for 4in4, 6in6 and 4in6 encapsulations
Add support for ipv6 traffic in gtp tunnels, too

To allow gtp unit test, gtp detunneling flag has been globally enabled
in the test suite
 2020-04-23 10:55:33 +02:00
Luca Deri
019b51bb17
Merge pull request #879 from IvanNardi/warnings 
Fix some compilation warnings
 2020-04-21 19:23:57 +02:00
Philippe Antoine
1b73f7372e Gets right protocol after IPv6 header 2020-04-21 15:34:53 +02:00
Nardi Ivan
b1a6c6b895 Fix some compilation warnings 2020-04-20 16:53:39 +02:00
Luca Deri
25cd2a23a6 Compilation fixes 2020-04-20 15:08:51 +02:00
Philippe Antoine
c2b2692e65 Seeting right flow protocol after IP6 extensions 
Finally fixing https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20727
 2020-04-18 14:39:57 +02:00
Philippe Antoine
da0889d3ba Adds bound check before calling ndpi_handle_ipv6_extension_headers 2020-04-17 22:21:03 +02:00
Alexander Czyrny
32d25bfdaf additional csv semicolon fix 
Created function correct_csv_data_field to pevent duplicated code. Additionally used for _flow->ndpi_flow->protos.stun_ssl.ssl.alpn_ and _flow->ndpi_flow->protos.stun_ssl.ssl.tls_supported_versions_ to guarantee a valid csv output (commas replaced by semicolon) .
 2020-04-16 14:12:48 +02:00
Philippe Antoine
cf47ba234a Use ndpi_handle_ipv6_extension_headers in reader_util 2020-04-15 16:19:57 +02:00
Philippe Antoine
c1baf1516d Adds bound check for TZSP 2020-04-15 15:50:58 +02:00
Nardi Ivan
e84563f971 ndpiReader: fix memory leak in idle sessions purging 2020-04-08 15:15:34 +02:00
Philippe Antoine
e9195589d2 Checks enough data for UDP header 2020-03-19 16:44:53 +01:00
Luca Deri
34ad06fef5 Compilation fix 2020-02-28 16:03:27 +01:00
Philippe Antoine
5fc9d41eb0 Run ndpi_detection_process_packet only with payload 
Real problem is decapsulation of all ipv6 headers
 2020-02-26 17:05:08 +01:00
Philippe Antoine
83fdfe24d0 Fix read overflow before UDP header 2020-02-26 16:16:29 +01:00
Philippe Antoine
3eb9907dd7 Fix various buffer over reads 2020-02-18 11:50:22 +01:00
Luca Deri
fdf8dd724f Minor fix 2020-02-17 22:15:36 +01:00
Philippe Antoine
bf7dcd63c3 Checks length for next ip header 2020-02-14 14:18:31 +01:00
Philippe Antoine
b287dccecf Checks l4 size against l3 size 2020-02-14 14:02:19 +01:00
Luca Deri
83bbb4cb69 Compliation warning fixes 2020-02-08 11:24:40 +01:00
Luca Deri
33d761a55a
Merge pull request #838 from catenacyber/fix2 
Adds missing checks
 2020-02-08 11:20:54 +01:00
Luca Deri
5cad39f0e8 Added export of TLS supported version in TLS header 2020-02-07 23:26:03 +01:00
Luca Deri
3be263aafc Added TLS ALPN support 2020-02-07 21:54:04 +01:00
Luca Deri
fa26c62b0c Fix for IPv6 address format across the various platforms/distributions 2020-02-04 22:50:08 +01:00
Luca Deri
2701cc9491 Warnign fix 2020-02-04 22:34:08 +01:00
Luca Deri
0703ab5ac5 Improved DNS response decoding 
The first decoded address is now reported by ndpiReader
 2020-02-04 22:16:54 +01:00
Philippe Antoine
418ea234ae Adds missing checks 
Found by fuzzing
 2020-02-03 22:38:31 +01:00
Philippe Antoine
0bf2ca56a8 Uses ip_size in get_ndpi_flow_info6 2020-01-31 15:37:36 +01:00
Philippe Antoine
b97360d931 Fix infinite loop in ndpi_workflow_process_packet 2020-01-31 15:26:34 +01:00
Luca
812505b56b Added sanity check 2020-01-15 20:49:21 -07:00
Vitaliy Ivanov
cbabbd5865 example: fix compilation of ndpireader on latest dpdk. 
reader_util.c:1708:43: error: 'ETHER_MAX_LEN' undeclared here (not in a function)
             .rxmode = { .max_rx_pkt_len = ETHER_MAX_LEN }
                                           ^~~~~~~~~~~~~

DPDK before 19.08 had a macro ETHER_MAX_LEN, in later versions it was
changed to RTE_ETHER_MAX_LEN.

Signed-off-by: Vitaliy Ivanov <vitaliyi@interfacemasters.com>
 2020-01-13 16:10:09 +02:00
Luca Deri
5571ce114d Added flow extra info field 
Updated tests/results
 2020-01-10 22:21:16 +01:00
emanuele-f
798bb6e2e1 Fix leaks and sha1 certificate detection 2020-01-02 14:39:51 +01:00
Luca
8b01056b21 Renamed TLS requested server name 2020-01-02 07:37:03 +01:00
Luca
daae1cc9b1 Reworked TLS dissection 2020-01-01 12:59:19 +01:00
Luca
9fb3a57a71 Kerberos fixes 
Minor TLS cleanup
 2019-12-29 10:45:42 +01:00
Luca Deri
81012b3201 CSV output enhancements 2019-12-13 12:50:52 +01:00
Luca Deri
56eeb965bf Code cleanup 2019-12-09 13:10:21 +01:00
Luca Deri
c4d476cc58 Code improvements 2019-12-09 00:29:02 +01:00
Luca Deri
558983c99c
Merge pull request #813 from SimoneRicci97/dev 
Fixed intrusion detection
 2019-12-09 00:01:09 +01:00
Luca Deri
239842b821 Major kerberos rework 2019-12-08 23:47:04 +01:00
Simone Ricci
a65c959940 Fixed intrusion detection 2019-11-26 21:20:22 +01:00
Luca Deri
382217887b Nested encapsulation dissection 2019-11-23 11:53:00 +01:00
Luca Deri
bdc0719e76 Added auth failed support with FTP 2019-11-21 23:31:52 +01:00
Luca Deri
fc82cdfa4a Implemented telnet password export 2019-11-21 19:36:01 +01:00