/** * @brief Send a TCP segment to libntoh */ void send_tcp_segment ( struct ip *iphdr , pntoh_tcp_callback_t callback ) { ppeer_info_t pinfo; ntoh_tcp_tuple5_t tcpt5; pntoh_tcp_stream_t stream; struct tcphdr *tcp; size_t size_ip; size_t total_len; size_t size_tcp; size_t size_payload; unsigned char *payload; int ret; unsigned int error; size_ip = iphdr->ip_hl * 4; total_len = ntohs( iphdr->ip_len ); tcp = (struct tcphdr*)((unsigned char*)iphdr + size_ip); if ( (size_tcp = tcp->th_off * 4) < sizeof(struct tcphdr) ) return; payload = (unsigned char *)iphdr + size_ip + size_tcp; size_payload = total_len - ( size_ip + size_tcp ); ntoh_tcp_get_tuple5 ( (void*)iphdr , tcp , &tcpt5 ); /* find the stream or creates a new one */ if ( !( stream = ntoh_tcp_find_stream( tcp_session , &tcpt5 ) ) ) if ( ! ( stream = ntoh_tcp_new_stream( tcp_session , &tcpt5, callback , 0 , &error , 1 , 1 ) ) ) { fprintf ( stderr , "\n[e] Error %d creating new stream: %s" , error , ntoh_get_errdesc ( error ) ); return; } if ( size_payload > 0 ) pinfo = get_peer_info ( payload , size_payload , &tcpt5 ); else pinfo = 0; /* add this segment to the stream */ switch ( ( ret = ntoh_tcp_add_segment( tcp_session , stream, (void*)iphdr, total_len, (void*)pinfo ) ) ) { case NTOH_OK: break; case NTOH_SYNCHRONIZING: free_peer_info ( pinfo ); break; default: fprintf( stderr, "\n[e] Error %d adding segment: %s", ret, ntoh_get_retval_desc( ret ) ); free_peer_info ( pinfo ); break; } return; }
/** * @brief Send a TCP segment to libntoh */ void send_tcp_segment ( struct ip *iphdr , pntoh_tcp_callback_t callback ) { ppeer_info_t pinfo; ntoh_tcp_tuple5_t tcpt5; pntoh_tcp_stream_t stream; struct tcphdr *tcp; size_t size_ip; size_t total_len; size_t size_tcp; size_t size_payload; unsigned char *payload; int32_t ret; unsigned int error; size_ip = iphdr->ip_hl * 4; total_len = ntohs( iphdr->ip_len ); tcp = (struct tcphdr*)((unsigned char*)iphdr + size_ip); if ( (size_tcp = tcp->th_off * 4) < sizeof(struct tcphdr) ) { return; } payload = (unsigned char *)iphdr + size_ip + size_tcp; size_payload = total_len - ( size_ip + size_tcp ); ntoh_tcp_get_tuple5 ( iphdr , tcp , &tcpt5 ); /* find the stream or creates a new one */ if ( !( stream = ntoh_tcp_find_stream( tcp_session , &tcpt5 ) ) ) { if ( ! ( stream = ntoh_tcp_new_stream( tcp_session , &tcpt5, callback , 0 , &error , 1 , 1 ) ) ) { if (DEBUG) { fprintf ( stderr , "\n[e] Error %d creating new stream: %s" , error , ntoh_get_errdesc ( error ) ); } return; } } if ( size_payload > 0 ) { pinfo = get_peer_info ( payload , size_payload , &tcpt5 ); } else { pinfo = 0; } if (pinfo != 0) { /* HERE - determine if this is a packet type we're interested in */ //if (Contains((char *)payload, "HTTP") && (Contains((char *)payload, "GET") || Contains((char *)payload, "POST") || Contains((char *)payload, "HEAD"))) if (ntohs(tcpt5.dport) == 80) { pending_more_hdr_data = extractHttpHdr((const char *)(payload)); if (pending_more_hdr_data == 0) { size_t l = (strlen((const char *)(pinfo->path))); i = 0; while (i < l) { snc.mem.t5s[(snc.smem.shm[CTL][POS]) - 1][i] = (sig_atomic_t)(pinfo->path[i]); i++; } snc.mem.t5s[(snc.smem.shm[CTL][POS]) - 1][i] = (sig_atomic_t)((const char)'\0'); if (DEBUG) { write(2, "\n\t[i] --- tcp tuple 5 --- ", 27); write(2, (const char *)(pinfo->path), strlen((const char *)(pinfo->path))); fflush(stderr); } extractSig(); ret = dumpToShm(); if(ret != 0) { if (DEBUG) { fprintf(stderr, "\n\t[Error] --- Unable to dump HTTP header to shared memory\n\t\tReason: %s\n", ret == CRING ? "CRING" : (ret == PWING ? "PWING" : "Unknown")); } } else { if (DEBUG) { write(2, "\n\tSuccessfully dumped signature to shared memory\n", 49); } } ret = 0; } } } /* add this segment to the stream */ switch ( ( ret = ntoh_tcp_add_segment( tcp_session , stream, iphdr, total_len, (void*)pinfo ) ) ) { case NTOH_OK: break; case NTOH_SYNCHRONIZING: free_peer_info ( pinfo ); break; default: if (DEBUG) { fprintf( stderr, "\n[e] Error %d adding segment: %s", ret, ntoh_get_retval_desc( ret ) ); } free_peer_info ( pinfo ); break; } return; }