void cfg_parser_init(void)
{
size_t i;
statement_names = smack_create("confload", SMACK_CASE_SENSITIVE);
for (i=0; tokens[i].name; i++) {
smack_add_pattern(
statement_names,
tokens[i].name,
(unsigned)strlen(tokens[i].name) + 1,
tokens[i].id,
SMACK_ANCHOR_BEGIN
);
}
for (i=0; tsigkeys[i].name; i++) {
char *foo;
size_t len;
smack_add_pattern(
statement_names,
tsigkeys[i].name,
(unsigned)strlen(tsigkeys[i].name) + 1,
tsigkeys[i].id,
SMACK_ANCHOR_BEGIN
);
/* for truncation, where an algorithm might
* appear as "hmac-md5-80" instead of simply
* "hmac-md5" */
len = strlen(tsigkeys[i].name);
foo = malloc(len + 2);
memcpy(foo, tsigkeys[i].name, len+1);
foo[len] = '-';
foo[len+1] = '\0';
smack_add_pattern(
statement_names,
foo,
(unsigned)len,
tsigkeys[i].id,
SMACK_ANCHOR_BEGIN
);
free(foo);
}
smack_compile(statement_names);
}
struct Banner1 *
banner1_create(void)
{
struct Banner1 *b;
unsigned i;
b = (struct Banner1 *)malloc(sizeof(*b));
memset(b, 0, sizeof(*b));
/*
* These patterns match the start of the TCP stream
*/
b->smack = smack_create("banner1", SMACK_CASE_INSENSITIVE);
for (i=0; patterns[i].pattern; i++)
smack_add_pattern(
b->smack,
patterns[i].pattern,
patterns[i].pattern_length,
patterns[i].id,
patterns[i].is_anchored);
smack_compile(b->smack);
banner_http.init(b);
return b;
}
/***************************************************************************
* Create the --banners systems
***************************************************************************/
struct Banner1 *
banner1_create(void)
{
struct Banner1 *b;
unsigned i;
b = (struct Banner1 *)malloc(sizeof(*b));
if (b == NULL)
exit(1);
memset(b, 0, sizeof(*b));
/*
* These patterns match the start of the TCP stream
*/
b->smack = smack_create("banner1", SMACK_CASE_INSENSITIVE);
for (i=0; patterns[i].pattern; i++)
smack_add_pattern(
b->smack,
patterns[i].pattern,
patterns[i].pattern_length,
i,
patterns[i].is_anchored);
smack_compile(b->smack);
banner_http.init(b);
b->tcp_payloads[80] = &banner_http;
b->tcp_payloads[8080] = &banner_http;
b->tcp_payloads[443] = (void*)&banner_ssl; /* HTTP/s */
b->tcp_payloads[465] = (void*)&banner_ssl; /* SMTP/s */
b->tcp_payloads[990] = (void*)&banner_ssl; /* FTP/s */
b->tcp_payloads[991] = (void*)&banner_ssl;
b->tcp_payloads[992] = (void*)&banner_ssl; /* Telnet/s */
b->tcp_payloads[993] = (void*)&banner_ssl; /* IMAP4/s */
b->tcp_payloads[994] = (void*)&banner_ssl;
b->tcp_payloads[995] = (void*)&banner_ssl; /* POP3/s */
b->tcp_payloads[2083] = (void*)&banner_ssl; /* cPanel - SSL */
b->tcp_payloads[2087] = (void*)&banner_ssl; /* WHM - SSL */
b->tcp_payloads[2096] = (void*)&banner_ssl; /* cPanel webmail - SSL */
b->tcp_payloads[8443] = (void*)&banner_ssl; /* Plesk Control Panel - SSL */
b->tcp_payloads[9050] = (void*)&banner_ssl; /* Tor */
b->tcp_payloads[8140] = (void*)&banner_ssl; /* puppet */
return b;
}
int
main(int argc, char *argv[])
{
printf("---- SMACK/2 - benchmark program ----\n");
{
char dir[512];
char *p = getcwd(dir, sizeof(dir));
if (p == NULL)
perror("getcwd");
else
printf("directory = %s\n", p);
}
#if WIN32
{
SetProcessAffinityMask(NULL, 1);
SetPriorityClass(NULL, REALTIME_PRIORITY_CLASS);
}
#endif
#ifdef __linux__
{
cpu_set_t mask;
int status;
CPU_ZERO(&mask);
CPU_SET(1, &mask);
status = sched_setaffinity(0, sizeof(mask), &mask);
if (status != 0)
{
perror("sched_setaffinity");
}
}
#endif
/*
* Print cpu info
*/
{
char vendor[16];
char brand[64];
struct CpuInfo info;
pixie_cpu_vendor(vendor);
pixie_cpu_brand(brand);
pixie_cpu_info(&info);
printf("CPU width = %u-bits\n", (unsigned)sizeof(void*)*8);
printf("CPU vendor = \"%s\"\n", vendor);
printf("CPU brand = \"%s\"\n", brand);
printf("CPU codename = \"%s\" (0x%X" "x)\n", info.codename, info.codenumber);
printf("CPU info = type(%u) family(%u) model(%u) stepping(%u)\n",
info.type, info.family, info.model, info.stepping);
printf("\n");
}
/*
* First, do a unit-test. If the unit-test fails, then it's pointless
* continueing with the benchmarks
*/
if (smack_selftest() != 0) {
printf("selftest failed\n");
return 1;
}
/*
* Print help if user is confused
*/
if (0 && ( argc <= 1
|| get_parm("--help", argc, argv)
|| get_parm("-h", argc, argv)
|| get_parm("-?", argc, argv))) {
printf("usage:\n"
" smack2 --benchmark\n"
" smack2 --haystack kingjames.txt --needle pharoah\n"
" smack2 --haystack kingjames.txt --needles patterns.txt\n"
);
return 1;
}
if (get_parm("--haystack", argc, argv)) {
if (!get_parm("--needles", argc, argv)
&& !get_parm("--needle", argc, argv)) {
printf("FAIL: need to specify patterns to search for\n");
printf(" hint: use \"--needles <file>\" to read patterns from file\n");
printf(" hint: use \"--needle <pattern\" to specify one or more patterns\n");
return 1;
}
}
/*
* If doing simple benchmarks, do them first
*/
if (get_parm("--benchmark", argc, argv) || argc <= 1) {
printf("--- low-level benchmarks ---\n");
bench_c_ptr();
bench_c_idx(0);
bench_asm_ptr();
//bench_asm_ptr2();
bench_asm_idx();
printf("\n");
smack_benchmark();
}
if (!get_parm("--haystack", argc, argv))
return 0;
/*
* Look in file for patterns
*/
{
const char *filename = get_parm("--haystack", argc, argv);
char *buf;
size_t sizeof_buf;
struct stat s;
int x;
struct SMACK *smack;
int i;
fprintf(stderr, "haystack file = %s\n", filename);
/*
* Find file size
*/
x = stat(filename, &s);
if (x != 0) {
perror(filename);
return 1;
}
sizeof_buf = s.st_size;
/*
* Allocate memory
*/
buf = (char*)malloc(sizeof_buf);
if (buf == 0) {
fprintf(stderr, "Could not allocate %u bytes for buffer\n",
(unsigned)sizeof_buf);
return 1;
}
/*
* Read in the file
*/
{
FILE *fp;
size_t bytes_read;
fp = fopen(filename, "rb");
if (fp == NULL) {
perror(filename);
return 1;
}
bytes_read = fread(buf, 1, sizeof_buf, fp);
if (bytes_read == 0) {
perror(filename);
return 1;
}
if (bytes_read < sizeof_buf) {
fprintf(stderr, "ERROR: could not read entire file\n");
fprintf(stderr, "wanted %u bytes, read %u bytes\n",
(unsigned)sizeof_buf,
(unsigned)bytes_read);
sizeof_buf = bytes_read;
}
fclose(fp);
fprintf(stderr, "file-size = %u\n", (unsigned)sizeof_buf);
}
/*
* Build the smack object
*/
smack = smack_create("haystack", SMACK_CASE_INSENSITIVE);
if (smack == 0) {
fprintf(stderr, "FAIL: couldn't create test object\n");
return 1;
}
/*
* Add patterns
*/
for (i=1; i<argc; i++) {
if (strcmp(argv[i], "--needle") == 0) {
const char *pattern = argv[i+1];
if (i+1 >= argc) {
fprintf(stderr, "FAIL: expected value to parm\n");
return 1;
}
smack_add_pattern(smack, pattern, strlen(pattern), 1, 0);
}
if (strcmp(argv[i], "--needles") == 0) {
const char *patterns = argv[i+1];
FILE *fp;
char line[80];
if (i+1 >= argc) {
fprintf(stderr, "FAIL: expected value to parm\n");
return 1;
}
fp = fopen(patterns, "rt");
if (fp == NULL) {
perror(patterns);
return 1;
}
while (fgets(line, sizeof(line), fp)) {
/* strip whitespace */
while (line[0] && isspace(line[0]&0xFF))
memmove(line, line+1, strlen(line));
while (line[0] && isspace(line[strlen(line)-1]&0xFF))
line[strlen(line)-1] = '\0';
if (line[0] == '\0' || ispunct(line[0]&0xFF))
continue;
smack_add_pattern(smack, line, strlen(line), 1, 0);
}
}
}
if (smack_count_patterns(smack) == 0) {
fprintf(stderr, "FAIL: no patterns found\n");
return 1;
} else {
fprintf(stderr, "needles = %u patterns\n", smack_count_patterns(smack));
}
smack_compile(smack);
/*
* Do the benchmark
*/
do_haystack(smack,
buf, sizeof_buf,
10);
}
return 0;
}
/***************************************************************************
* Create the --banners systems
***************************************************************************/
struct Banner1 *
banner1_create(void)
{
struct Banner1 *b;
unsigned i;
b = (struct Banner1 *)malloc(sizeof(*b));
if (b == NULL)
exit(1);
memset(b, 0, sizeof(*b));
/*
* This creates a pattern-matching blob for heuristically determining
* a protocol that runs on wrong ports, such as how FTP servers
* often respond with "220 " or VNC servers respond with "RFB".
*/
b->smack = smack_create("banner1", SMACK_CASE_INSENSITIVE);
for (i=0; patterns[i].pattern; i++)
smack_add_pattern(
b->smack,
patterns[i].pattern,
patterns[i].pattern_length,
i,
patterns[i].is_anchored);
smack_compile(b->smack);
/*
* This goes down the list of all the TCP protocol handlers and initializes
* them.
*/
banner_ftp.init(b);
banner_http.init(b);
banner_imap4.init(b);
banner_memcached.init(b);
banner_pop3.init(b);
banner_smtp.init(b);
banner_ssh.init(b);
banner_ssl.init(b);
banner_vnc.init(b);
b->tcp_payloads[80] = &banner_http;
b->tcp_payloads[8080] = &banner_http;
b->tcp_payloads[443] = (void*)&banner_ssl; /* HTTP/s */
b->tcp_payloads[465] = (void*)&banner_ssl; /* SMTP/s */
b->tcp_payloads[990] = (void*)&banner_ssl; /* FTP/s */
b->tcp_payloads[991] = (void*)&banner_ssl;
b->tcp_payloads[992] = (void*)&banner_ssl; /* Telnet/s */
b->tcp_payloads[993] = (void*)&banner_ssl; /* IMAP4/s */
b->tcp_payloads[994] = (void*)&banner_ssl;
b->tcp_payloads[995] = (void*)&banner_ssl; /* POP3/s */
b->tcp_payloads[2083] = (void*)&banner_ssl; /* cPanel - SSL */
b->tcp_payloads[2087] = (void*)&banner_ssl; /* WHM - SSL */
b->tcp_payloads[2096] = (void*)&banner_ssl; /* cPanel webmail - SSL */
b->tcp_payloads[8443] = (void*)&banner_ssl; /* Plesk Control Panel - SSL */
b->tcp_payloads[9050] = (void*)&banner_ssl; /* Tor */
b->tcp_payloads[8140] = (void*)&banner_ssl; /* puppet */
b->tcp_payloads[11211] = (void*)&banner_memcached;
return b;
}
