summaryrefslogtreecommitdiff
path: root/src/gquic_process.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/gquic_process.cpp')
-rw-r--r--src/gquic_process.cpp1190
1 files changed, 1190 insertions, 0 deletions
diff --git a/src/gquic_process.cpp b/src/gquic_process.cpp
new file mode 100644
index 0000000..d68f262
--- /dev/null
+++ b/src/gquic_process.cpp
@@ -0,0 +1,1190 @@
+/*
+ * quic_process.c
+ *
+ * Created on: 2019��4��2��
+ * Author: root
+ */
+
+#include <stdio.h>
+#include <assert.h>
+#include <stdbool.h>
+#include <MESA/stream.h>
+#include <MESA/MESA_handle_logger.h>
+
+#include "gquic_process.h"
+#include "quic_analysis.h"
+#include "parser-quic.h"
+
+int is_iquic(enum _QUIC_VERSION quic_version)
+{
+ switch(quic_version)
+ {
+ case IQUIC_VERSION_I001:
+ case IQUIC_VERSION_I002:
+ case IQUIC_VERSION_I003:
+ case IQUIC_VERSION_I004:
+ case IQUIC_VERSION_I005:
+ case IQUIC_VERSION_I006:
+ case IQUIC_VERSION_I007:
+ case IQUIC_VERSION_I008:
+ case IQUIC_VERSION_I009:
+ case IQUIC_VERSION_I010:
+ case IQUIC_VERSION_I011:
+ case IQUIC_VERSION_I012:
+ case IQUIC_VERSION_I013:
+ case IQUIC_VERSION_I014:
+ case IQUIC_VERSION_I015:
+ case IQUIC_VERSION_I016:
+ case IQUIC_VERSION_I017:
+ case IQUIC_VERSION_I018:
+ case IQUIC_VERSION_I019:
+ case IQUIC_VERSION_I020:
+ case IQUIC_VERSION_I021:
+ case IQUIC_VERSION_I022:
+ case IQUIC_VERSION_I023:
+ case IQUIC_VERSION_I024:
+ case IQUIC_VERSION_I025:
+ case IQUIC_VERSION_I026:
+ case IQUIC_VERSION_I027:
+ case IQUIC_VERSION_I028:
+ case IQUIC_VERSION_I029:
+ case IQUIC_VERSION_I030:
+ case IQUIC_VERSION_I031:
+ case IQUIC_VERSION_I032:
+ return TRUE;
+ break;
+ default:
+ break;
+ }
+
+ return FALSE;
+}
+
+static int get_value(unsigned char *payload, int *offset, int len)
+{
+ switch(len)
+ {
+ case 1:
+ return (int)(payload[(*offset)++]);
+ break;
+ case 2:
+ (*offset)+=len;
+ return (int)ntohs(*(unsigned short *)(payload+*offset-len));
+ break;
+ case 3:
+ (*offset)+=len;
+ return ((int)*(payload-2+*offset)<<16|
+ (int)*(payload-1+*offset)<<8|
+ (int)*(payload+*offset)<<0);
+ break;
+ case 4:
+ (*offset)+=len;
+ return (int)ntohl(*(unsigned int *)(payload+*offset-len));
+ break;
+ case 32:
+ (*offset)+=len;
+ return 0;
+ break;
+ default:
+ break;
+ }
+
+ return 0;
+}
+
+int quic_getLinkState(struct _quic_context *_context)
+{
+ UCHAR state = 0;
+
+ if(0==_context->link_state)
+ {
+ state=SESSION_STATE_PENDING|SESSION_STATE_DATA;
+ _context->link_state=1;
+ }
+ else
+ {
+ state=SESSION_STATE_DATA;
+ }
+
+ return state;
+}
+
+char quic_callPlugins(struct streaminfo *pstream, struct _quic_context *_context, void *buff, int buff_len, enum quic_interested_region region_mask, void *a_packet)
+{
+ char state=PROT_STATE_GIVEME;
+ char app_state=APP_STATE_GIVEME;
+ stSessionInfo session_info={0};
+
+ if(region_mask==QUIC_INTEREST_KEY_MASK)
+ {
+ session_info.plugid=g_quic_param.quic_plugid;
+ session_info.prot_flag=0;
+ session_info.session_state=SESSION_STATE_CLOSE;
+ session_info.app_info=NULL;
+ session_info.buf=NULL;
+ session_info.buflen=0;
+ }
+ else
+ {
+ session_info.plugid=g_quic_param.quic_plugid;
+ session_info.prot_flag=(((unsigned long long)1)<<region_mask);
+ session_info.session_state=quic_getLinkState(_context) ;
+ session_info.app_info=(void*)(&_context->quic_info);
+ session_info.buf=buff;
+ session_info.buflen=buff_len;
+ }
+ state=PROT_PROCESS(&session_info, &(_context->business_pme), pstream->threadnum, pstream, a_packet);
+
+ if(state&PROT_STATE_DROPPKT)
+ {
+ app_state=APP_STATE_DROPPKT;
+ }
+
+ return app_state;
+}
+
+
+unsigned long long get_variable_length(char *p, int offset, int v_len)
+{
+ switch(v_len)
+ {
+ case 1:
+ return (unsigned long long)(p[offset]);
+ break;
+ case 2:
+ return (unsigned long long)ntohs(*(unsigned short *)((char *)p+offset));
+ break;
+ case 3:
+ return (unsigned long long)*(p+0+offset)<<16|
+ (unsigned long long)*(p+1+offset)<<8|
+ (unsigned long long)*(p+2+offset)<<0;
+ break;
+ case 4:
+ return (unsigned long long)ntohl(*(unsigned int *)(p+offset));
+ break;
+ case 5:
+ return (unsigned long long)*((unsigned char *)(p)+0+offset)<<32|
+ (unsigned long long)*((unsigned char *)(p)+1+offset)<<24|
+ (unsigned long long)*((unsigned char *)(p)+2+offset)<<16|
+ (unsigned long long)*((unsigned char *)(p)+3+offset)<<8|
+ (unsigned long long)*((unsigned char *)(p)+4+offset)<<0;
+ break;
+ case 6:
+ return (unsigned long long)*((unsigned char *)(p)+0+offset)<<40|
+ (unsigned long long)*((unsigned char *)(p)+1+offset)<<32|
+ (unsigned long long)*((unsigned char *)(p)+2+offset)<<24|
+ (unsigned long long)*((unsigned char *)(p)+3+offset)<<16|
+ (unsigned long long)*((unsigned char *)(p)+4+offset)<<8|
+ (unsigned long long)*((unsigned char *)(p)+5+offset)<<0;
+ break;
+ case 7:
+ return (unsigned long long)*((unsigned char *)(p)+0+offset)<<56|
+ (unsigned long long)*((unsigned char *)(p)+1+offset)<<40|
+ (unsigned long long)*((unsigned char *)(p)+2+offset)<<32|
+ (unsigned long long)*((unsigned char *)(p)+3+offset)<<24|
+ (unsigned long long)*((unsigned char *)(p)+4+offset)<<16|
+ (unsigned long long)*((unsigned char *)(p)+5+offset)<<8|
+ (unsigned long long)*((unsigned char *)(p)+6+offset)<<0;
+ break;
+ case 8:
+ return (unsigned long long)*((unsigned char *)(p)+0+offset)<<56|
+ (unsigned long long)*((unsigned char *)(p)+1+offset)<<48|
+ (unsigned long long)*((unsigned char *)(p)+2+offset)<<40|
+ (unsigned long long)*((unsigned char *)(p)+3+offset)<<32|
+ (unsigned long long)*((unsigned char *)(p)+4+offset)<<24|
+ (unsigned long long)*((unsigned char *)(p)+5+offset)<<16|
+ (unsigned long long)*((unsigned char *)(p)+6+offset)<<8|
+ (unsigned long long)*((unsigned char *)(p)+7+offset)<<0;
+ break;
+ default:
+ break;
+ }
+
+ return 0;
+}
+
+long long bit_to_value(char *payload, unsigned char flags, unsigned long long *out_value, int *used_len)
+{
+ switch(flags&0x3) // packet number
+ {
+ case 0x3: // 6 bytes
+ *out_value=get_variable_length(payload, *used_len, 6);
+ *used_len+=6;
+ break;
+ case 0x2: // 4 bytes
+ *out_value=(unsigned long long)ntohl(*(unsigned int *)(payload+*used_len));
+ *used_len+=4;
+ break;
+ case 0x1: // 2bytes
+ *out_value=(unsigned long long)ntohs(*(unsigned short *)(payload+*used_len));
+ *used_len+=2;
+ break;
+ default: // 1 byte
+ *out_value=payload[*used_len];
+ *used_len+=1;
+ break;
+ }
+
+ return 0;
+}
+
+int get_quic_tlv(char *start_pos, quic_tlv_t *tlv, int len, int type, int thread_seq)
+{
+ if(tlv->value==NULL && len>0)
+ {
+ tlv->value=(char *)dictator_malloc(thread_seq, len+1);
+ memset(tlv->value, 0, len+1);
+ tlv->length=len;
+ tlv->type=type;
+ memcpy(tlv->value, start_pos, tlv->length);
+ }
+
+ return 0;
+}
+
+int get_stream_id(struct streaminfo *pstream, struct _quic_context* _context, char* payload, unsigned char frame_type, int *used_len)
+{
+ int stream_len=0,offset_len=0;
+
+ _context->quic_info.frame_hdr.frame_type=frame_type;
+
+ stream_len=(frame_type&GQUIC_SPECIAL_FRAME_STREAM_ID)+1;
+ _context->quic_info.frame_hdr.stream_id=(unsigned int)get_variable_length(payload, *used_len, stream_len);
+ *used_len+=stream_len; // stream ID length
+
+ if(frame_type&GQUIC_SPECIAL_FRAME_STREAM_DLEN)
+ {
+ _context->quic_info.frame_hdr.data_len=ntohs(*(unsigned short *)(payload+*used_len));
+ *used_len+=2; //data length
+ }
+
+ offset_len=(frame_type&GQUIC_SPECIAL_FRAME_STREAM_OFFSET) ? (((frame_type&GQUIC_SPECIAL_FRAME_STREAM_OFFSET))>>2)+1 : 0;
+ _context->quic_info.frame_hdr.offset=get_variable_length(payload, *used_len, offset_len);
+ *used_len+=offset_len;
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_FRAME",
+ "frame_type: 0X%02X stream_id: %u data length: %u offset length: %u addr: %s",
+ frame_type,
+ _context->quic_info.frame_hdr.stream_id,
+ _context->quic_info.frame_hdr.data_len,
+ offset_len,
+ printaddr(&pstream->addr, pstream->threadnum));
+
+ return _context->quic_info.frame_hdr.stream_id;
+}
+
+unsigned long long get_packet_number(char* data, int offset, char pkn_len)
+{
+ switch(pkn_len)
+ {
+ case 1:
+ return (unsigned long long)data[offset];
+ break;
+ case 2:
+ return (unsigned long long)ntohs(*(unsigned short *)(data+offset));
+ break;
+ case 4:
+ return (unsigned long long)ntohl(*(unsigned int *)(data+offset));
+ break;
+ case 8:
+ return get_variable_length(data, offset, 8);;
+ break;
+ }
+
+ return 0;
+}
+
+// GQUIC version from 0 to 43
+static enum _QUIC_VERSION parse_q0to43_header(struct streaminfo *pstream, struct _quic_context* _context, char *payload, int payload_len, int *used_len)
+{
+ char public_flags=0;
+
+ struct _quic_public_header *gquic_hdr=&(_context->quic_info.quic_hdr);
+
+ public_flags=payload[*used_len];
+ *used_len+=1;
+ gquic_hdr->public_flags=public_flags;
+
+ if((public_flags&GQUIC_PUBLIC_FLAG_RST) && _context->is_quic==TRUE)
+ {
+ gquic_hdr->is_reset=TRUE; //Public Reset Packet
+ return QUIC_VERSION_UNKNOWN;
+
+ }
+
+ if(pstream->curdir==DIR_S2C && gquic_hdr->public_flags&GQUIC_PUBLIC_FLAG_VERSION)
+ {
+ return QUIC_VERSION_UNKNOWN;
+ }
+
+ //For Public Reset and Version Negotiation Packets (sent by the server) which don't have a packet number
+ if(!public_flags&GQUIC_PUBLIC_FLAG_PKT_NUM)
+ {
+ if(public_flags&GQUIC_PUBLIC_FLAG_VERSION) //Public Reset Packet
+ {
+ return QUIC_VERSION_UNKNOWN;// todo
+ }
+ else // Version Negotiation Packet
+ {
+ return QUIC_VERSION_UNKNOWN;
+ }
+ }
+
+ if(gquic_hdr->public_flags&GQUIC_PUBLIC_FLAG_CID)
+ {
+ *(unsigned long long *)gquic_hdr->server_CID=get_variable_length(payload, *used_len, sizeof(gquic_hdr->server_CID));
+ *used_len+=sizeof(unsigned long long); // CID length
+
+ _context->is_quic=TRUE;
+ }
+
+ if(gquic_hdr->public_flags&GQUIC_PUBLIC_FLAG_VERSION && (*(unsigned char *)(payload+*used_len)==0x51))
+ {
+ gquic_hdr->quic_version=(unsigned int)ntohl(*(unsigned int *)(payload+*used_len));
+ *used_len+=sizeof(int); // skip version
+
+ _context->is_quic=TRUE;
+ }
+
+ if(_context->is_quic==FALSE || gquic_hdr->quic_version<GQUIC_VERSION_Q001 || gquic_hdr->quic_version>GQUIC_VERSION_Q043)
+ {
+ _context->is_quic=FALSE;
+ return QUIC_VERSION_UNKNOWN;
+ }
+
+ bit_to_value(payload, gquic_hdr->public_flags>>4, &gquic_hdr->packet_number, used_len);
+
+ if(gquic_hdr->public_flags==GQUIC_PUBLIC_FLAG_NONCE)
+ {
+ *used_len+=32; //diversification nonce
+ }
+
+ // Version 11 reduced the length of null encryption authentication tag from 16 to 12 bytes
+ if(gquic_hdr->quic_version > GQUIC_VERSION_Q010)
+ {
+ *used_len+=12;
+ }
+ else
+ {
+ *used_len+=16;
+ }
+
+ // Version 34 removed entropy bits from packets and ACK frames,
+ // removed private flag from packet header and changed the ACK format to specify ranges of packets acknowledged rather than missing ranges.
+ if(gquic_hdr->quic_version < GQUIC_VERSION_Q034)
+ {
+ *used_len+=1; //private flags
+ }
+
+ _context->is_quic=TRUE;
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_IDETIFY",
+ "pub_flags: 0X%02X conection ID:[ destination: %llu ] version: Q%03u packet number: %llu dir(1: C2S;2: S2C): %d addr: %s",
+ gquic_hdr->public_flags,
+ *(unsigned long long *)gquic_hdr->server_CID,
+ (((gquic_hdr->quic_version>>8)&0x0000000F)*10) + ((gquic_hdr->quic_version)&0x0000000F),
+ gquic_hdr->packet_number,
+ pstream->curdir,
+ printaddr(&pstream->addr, pstream->threadnum));
+
+ return (enum _QUIC_VERSION)gquic_hdr->quic_version;
+}
+
+enum _QUIC_VERSION parse_quic_header(struct streaminfo *pstream, struct _quic_context* _context, char *payload, int payload_len, int *used_len)
+{
+ int i=0,len=0;
+ char client_CID[MAX_CONNECT_ID_LEN*2]={0};
+ char server_CID[MAX_CONNECT_ID_LEN*2]={0};
+
+ struct _quic_public_header *long_hdr=&(_context->quic_info.quic_hdr);
+
+ long_hdr->public_flags=payload[*used_len];
+ *used_len+=1; //skip public flags
+
+ if(long_hdr->public_flags&0x80)
+ {
+ long_hdr->quic_version=(unsigned int)ntohl(*(unsigned int *)(payload+*used_len));
+ *used_len+=sizeof(int); // skip version
+
+ long_hdr->client_CID_len=(payload[*used_len]&0xF) ? (payload[*used_len]&0xF)+3 : 0;
+ long_hdr->server_CID_len=((payload[*used_len]>>4)&0xF) ? ((payload[*used_len]>>4)&0xF)+3 : 0;
+ *used_len+=sizeof(char); // both connection_id length
+
+ memcpy(long_hdr->server_CID, (void *)(payload+*used_len), long_hdr->server_CID_len);
+ *used_len+=long_hdr->server_CID_len; // Destination connection_id length
+ memcpy(long_hdr->client_CID, (void *)(payload+*used_len), long_hdr->client_CID_len);
+ *used_len+=long_hdr->client_CID_len; // source connection_id length
+ }
+ else
+ {
+ if(pstream->curdir==DIR_C2S)// short header only destination connection ID
+ {
+ *used_len+=long_hdr->server_CID_len; // every packet destination connection ID is same
+ }
+ }
+
+ len=(long_hdr->public_flags&0x03)+1;
+ long_hdr->packet_number=get_packet_number(payload, *used_len, len);
+ *used_len+=len;
+
+ *used_len+=12; //message authentication hash
+
+ _context->is_quic=TRUE;
+
+ for(i=0,len=0;i<long_hdr->server_CID_len; i++)
+ {
+ len+=snprintf(server_CID+len, sizeof(server_CID)-len, "%02X", long_hdr->server_CID[i]);
+ }
+
+ for(i=0,len=0;i<long_hdr->client_CID_len; i++)
+ {
+ len+=snprintf(client_CID+len, sizeof(client_CID)-len, "%02X", long_hdr->client_CID[i]);
+ }
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_IDETIFY",
+ "pub_flags: 0X%02X conection ID:[ destination: %s source: %s ] version: Q%03u packet number: %llu dir(1: C2S;2: S2C): %d addr: %s",
+ long_hdr->public_flags,
+ server_CID,
+ client_CID,
+ (((long_hdr->quic_version>>8)&0x0000000F)*10) + ((long_hdr->quic_version)&0x0000000F),
+ long_hdr->packet_number,
+ pstream->curdir,
+ printaddr(&pstream->addr, pstream->threadnum));
+
+ return (enum _QUIC_VERSION)long_hdr->quic_version;
+}
+
+enum _QUIC_VERSION is_quic_protocol(struct streaminfo *pstream, struct _quic_context* _context, char *payload, int payload_len, int *used_len)
+{
+ enum _QUIC_VERSION quic_version=QUIC_VERSION_UNKNOWN;
+
+ if(_context->quic_info.quic_hdr.quic_version!=QUIC_VERSION_UNKNOWN)
+ {
+ if(is_iquic((enum _QUIC_VERSION)(_context->quic_info.quic_hdr.quic_version)))
+ {
+ return (enum _QUIC_VERSION)(_context->quic_info.quic_hdr.quic_version);
+ }
+
+ quic_version=(enum _QUIC_VERSION)(_context->quic_info.quic_hdr.quic_version);
+ }
+ else
+ {
+ // The most significant bit (0x80) of byte 0 (the first byte) is set to 1 for long headers
+ (payload[*used_len]&0x80) ? (quic_version=(enum _QUIC_VERSION)ntohl(*(unsigned int *)(payload+(*used_len+1)))) : QUIC_VERSION_UNKNOWN;
+ }
+
+ switch(quic_version) // +1 meaning: skip public flags
+ {
+ case GQUIC_VERSION_Q046:
+ quic_version=parse_quic_header(pstream, _context, payload, payload_len, used_len);
+ return quic_version;
+ break;
+ default:
+ if( (quic_version==GQUIC_VERSION_Q044) ||
+ (quic_version==GQUIC_VERSION_Q045) ||
+ (quic_version==GQUIC_VERSION_Q099) ||
+ (quic_version==PICOQUIC_VERSION_30) ||
+ (quic_version==PQUIC_VERSION_PROX) ||
+ (quic_version==GQUIC_VERSION_T099) ||
+ (quic_version>=GQUIC_VERSION_Q047 && quic_version<=GQUIC_VERSION_Q050) ||
+ (quic_version>=GQUIC_VERSION_Q051 && quic_version<=GQUIC_VERSION_Q059) ||
+ (quic_version>=GQUIC_VERSION_T048&& quic_version<=GQUIC_VERSION_T049) ||
+ (quic_version>=GQUIC_VERSION_T050&& quic_version<=GQUIC_VERSION_T059) ||
+ (quic_version>=QUANT_VERSION_00 && quic_version<=QUANT_VERSION_FF) ||
+ (quic_version>=QUIC_GO_VERSION_00 && quic_version<=QUIC_GO_VERSION_FF) ||
+ (quic_version>=QUICLY_VERSION_00 && quic_version<=QUICLY_VERSION_FF) ||
+ (quic_version>=MSQUIC_VERSION_00 && quic_version<=MSQUIC_VERSION_0F) ||
+ (quic_version>=MOZQUIC_VERSION_00 && quic_version<=MOZQUIC_VERSION_0F) ||
+ (quic_version>=MVFST_VERSION_00 && quic_version<=MVFST_VERSION_0F) ||
+ (quic_version>=IQUIC_VERSION_I001 && quic_version<=IQUIC_VERSION_I032)
+ )
+ {
+ MESA_handle_runtime_log(g_quic_param.logger, RLOG_LV_DEBUG, "QUIC", "version: 0x%x addr: %s",
+ quic_version, printaddr(&pstream->addr, pstream->threadnum));
+
+ _context->is_quic=TRUE;
+ _context->quic_info.quic_hdr.quic_version=quic_version;
+ return quic_version;
+ }
+ break;
+ }
+
+ // Q001~Q043: 0x80 is currently unused, and must be set to 0
+ if(payload[*used_len]>0x80)
+ {
+ return QUIC_VERSION_UNKNOWN;
+ }
+
+ return parse_q0to43_header(pstream, _context, payload, payload_len, used_len);
+}
+
+int parse_extension_tag(struct streaminfo *pstream, struct _quic_stream **quic_stream, void *a_packet, char *payload, int payload_len, int *used_len, int tag_num)
+{
+ int tag_used_num=0;
+ int tag_type=0;
+ int total_tag_len=0,tag_len=0;
+ int tag_offset_end=0,pre_tag_offset_end=0;
+
+ struct _quic_stream *stream=*quic_stream;
+ int tag_value_start=tag_num*4*2+(*used_len); // skip length of type and offset, type(offset)=szieof(int)
+
+ if(stream==NULL)
+ {
+ stream=(struct _quic_stream *)dictator_malloc(pstream->threadnum, sizeof(struct _quic_stream));
+ memset(stream, 0, sizeof(struct _quic_stream));
+ stream->ext_tags=(quic_tlv_t *)dictator_malloc(pstream->threadnum, tag_num*sizeof(quic_tlv_t));
+ memset(stream->ext_tags, 0, tag_num*sizeof(quic_tlv_t));
+ *quic_stream=stream;
+ }
+ else
+ {
+ quic_release_exts(pstream->threadnum, stream->ext_tags, stream->ext_tag_num);
+ stream->ext_tags=(quic_tlv_t *)dictator_malloc(pstream->threadnum, tag_num*sizeof(quic_tlv_t));
+ memset(stream->ext_tags, 0, tag_num*sizeof(quic_tlv_t));
+ *quic_stream=stream;
+ stream->ext_tag_num=0;
+ stream->count++;
+ }
+
+ while(tag_num>tag_used_num)
+ {
+ tag_type=ntohl(*(unsigned int *)(payload+*used_len));
+ *used_len+=sizeof(int);
+
+ tag_offset_end=*(unsigned int *)(payload+*used_len);
+ *used_len+=sizeof(int);
+
+ tag_len=tag_offset_end-pre_tag_offset_end;
+ if(tag_len<0 || (tag_offset_end>=payload_len) || (tag_len>payload_len-tag_value_start))
+ {
+ return -1;
+ }
+
+ switch(tag_type)
+ {
+ case TAG_PAD:
+ break;
+ case TAG_VER:
+ stream->ver_idx=stream->ext_tag_num;
+ get_quic_tlv(payload+tag_value_start, &stream->ext_tags[stream->ext_tag_num], tag_len, tag_type, pstream->threadnum);
+ *(unsigned int *)(stream->ext_tags[stream->ext_tag_num].value)=(unsigned int)ntohl(*(unsigned int *)(stream->ext_tags[stream->ext_tag_num].value));
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_VERSION",
+ "Quic version: 0X%X addr: %s",
+ *(unsigned int *)(stream->ext_tags[stream->ext_tag_num].value),
+ printaddr(&pstream->addr, pstream->threadnum));
+ break;
+ case TAG_UAID:
+ stream->ua_idx=stream->ext_tag_num;
+ get_quic_tlv(payload+tag_value_start, &stream->ext_tags[stream->ext_tag_num], tag_len, tag_type, pstream->threadnum);
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_UA",
+ "User Agent: %s addr: %s",
+ stream->ext_tags[stream->ext_tag_num].value,
+ printaddr(&pstream->addr, pstream->threadnum));
+ stream->ext_tag_num++;
+ break;
+ case TAG_SNI:
+ stream->sni_idx=stream->ext_tag_num;
+ get_quic_tlv(payload+tag_value_start, &stream->ext_tags[stream->ext_tag_num], tag_len, tag_type, pstream->threadnum);
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_SNI",
+ "SNI: %s addr: %s",
+ stream->ext_tags[stream->ext_tag_num].value,
+ printaddr(&pstream->addr, pstream->threadnum));
+ stream->ext_tag_num++;
+ break;
+ default:
+ get_quic_tlv(payload+tag_value_start, &stream->ext_tags[stream->ext_tag_num], tag_len, tag_type, pstream->threadnum);
+ stream->ext_tag_num++;
+ break;
+ }
+
+ tag_used_num++;
+ tag_value_start+=tag_len;
+ total_tag_len+=tag_len;
+ pre_tag_offset_end=tag_offset_end;
+ }
+
+ *used_len += total_tag_len;
+
+ return 0;
+}
+
+int gquic_frame_type_ack(struct streaminfo *pstream, struct _quic_context* _context, char *payload, int payload_len, int *used_len, char frame_type, void *a_packet)
+{
+ unsigned char num_timestamp;
+ unsigned char num_blocks=0;;
+ unsigned short largest_acked_delta_time=0;
+ unsigned long long ack_block_length=0;
+ unsigned long long largest_observed_ack=0;
+
+ bit_to_value(payload, frame_type>>2, &largest_observed_ack, used_len); // frame_type -> LL
+ largest_acked_delta_time=ntohs(*(unsigned short *)(payload+*used_len));
+ *used_len+=sizeof(unsigned short);
+
+ if(frame_type&0x20) // frame_type -> n
+ {
+ num_blocks=(*(unsigned char *)(payload+*used_len))-1;
+ }
+ bit_to_value(payload, frame_type>>2, &ack_block_length, used_len); // frame_type -> mm
+
+ if(num_blocks>0)
+ {
+ *used_len+=1; //gap_to_next_block
+
+ *used_len+=(num_blocks*sizeof(unsigned int)); //Ack block length
+ }
+
+ num_timestamp=*(unsigned char *)(payload+*used_len);
+ *used_len += 1;
+
+ if(num_timestamp > 0)
+ {
+ *used_len+=sizeof(unsigned char); //Delta Largest Observed
+ *used_len+= sizeof(unsigned int); //First Timestamp
+ *used_len+=(num_timestamp-1)*(1+2); //1+2=Delta Largest Observed+Time Since Previous Timestamp
+ }
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_ACK",
+ "largest_observed_ack: %llu largest_acked_delta_time: %u num_blocks: %d ack_block_length: %d num_timestamp: %d addr: %s",
+ largest_observed_ack,
+ largest_acked_delta_time,
+ num_blocks,
+ ack_block_length,
+ num_timestamp,
+ printaddr(&pstream->addr, pstream->threadnum));
+
+ return 0;
+}
+
+int gquic_frame_type_stream(struct streaminfo *pstream, struct _quic_context* _context, char *payload, int payload_len, int *used_len, void *a_packet)
+{
+ int ret=0;
+ char state=APP_STATE_GIVEME;
+ unsigned short tag_num = 0;
+ unsigned int message_tag;
+
+ message_tag=(unsigned int)ntohl(*(unsigned int *)(payload+*used_len));
+ *used_len+=4;
+
+ tag_num=*(unsigned short *)(payload+*used_len);
+ *used_len+=2; //tag_num
+ *used_len+=2; //padding
+
+ switch(message_tag)
+ {
+ case CHLO: //MTAG_CHLO;
+ ret=parse_extension_tag(pstream, &(_context->quic_info.client_hello), a_packet, payload, payload_len, used_len, tag_num);
+ if(ret>=0 && _context->call_business)
+ {
+ state=quic_callPlugins(pstream, _context, (void *)(_context->quic_info.client_hello), sizeof(void *), QUIC_CLIENT_HELLO_MASK, a_packet);
+ }
+ break;
+ case SHLO: //MTAG_SHLO;
+ ret=parse_extension_tag(pstream, &(_context->quic_info.server_hello), a_packet, payload, payload_len, used_len, tag_num);
+ if(ret>=0 && _context->call_business)
+ {
+ state=quic_callPlugins(pstream, _context, (void *)(_context->quic_info.server_hello), sizeof(void *), QUIC_SERVER_HELLO_MASK, a_packet);
+ }
+ break;
+ case REJ: //MTAG_REJ;
+ ret=parse_extension_tag(pstream, &(_context->quic_info.rejection), a_packet, payload, payload_len, used_len, tag_num);
+ if(ret>=0 && _context->call_business)
+ {
+ state=quic_callPlugins(pstream, _context, (void *)(_context->quic_info.rejection), sizeof(void *), QUIC_REJECTION_MASK, a_packet);
+ }
+ break;
+ default:
+ break;
+ }
+
+ return state;
+}
+
+//frame type->stream->offset->data length
+int gquic_proc_unencrypt(struct streaminfo *pstream, struct _quic_context* _context, void *a_packet, char * payload, int payload_len, int *used_len)
+{
+ unsigned int ret=0;
+ unsigned char frame_type=0;
+ unsigned int stream_id=0;
+ unsigned int error_code=0;
+ unsigned short reason_phrase_length=0;
+ unsigned long long byte_offset=0;
+ unsigned long long least_unacked_delta=0;
+
+ while(*used_len<payload_len)
+ {
+ frame_type=payload[*used_len];
+ *used_len+=1; //skip frame_type
+
+ switch(frame_type)
+ {
+ case GQUIC_REGULAR_FRAME_PADDING:
+ return APP_STATE_GIVEME; // PADDING frame
+ break;
+ case GQUIC_REGULAR_FRAME_RST_STREAM:
+ stream_id=(unsigned int)get_variable_length(payload, *used_len, sizeof(unsigned int));
+ *used_len+=sizeof(unsigned int);
+
+ byte_offset=get_variable_length(payload, *used_len, sizeof(unsigned long long));
+ *used_len+=sizeof(unsigned long long);
+
+ error_code=(unsigned int)get_variable_length(payload, *used_len, sizeof(unsigned int));
+ *used_len+=sizeof(unsigned int);
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_RST_STREAM",
+ "stream_id: %u byte_offset: %llu error_code: %u addr: %s",
+ stream_id,
+ byte_offset,
+ error_code,
+ printaddr(&pstream->addr, pstream->threadnum));
+
+ return quic_callPlugins(pstream, _context, NULL, 0, QUIC_INTEREST_KEY_MASK, a_packet);
+ break;
+ case GQUIC_REGULAR_FRAME_CONNECTION_CLOSE:
+ error_code=(unsigned int)get_variable_length(payload, *used_len, sizeof(unsigned int));
+ *used_len+=sizeof(unsigned int);
+
+ reason_phrase_length=(unsigned short)get_variable_length(payload, *used_len, sizeof(unsigned short));
+ *used_len+=sizeof(unsigned short);
+
+ *used_len+=reason_phrase_length; // skip Reason Phrase
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_CONNECTION_CLOSE",
+ "error_code: %u reason_phrase_length: %d addr: %s",
+ error_code,
+ reason_phrase_length,
+ printaddr(&pstream->addr, pstream->threadnum));
+
+ return quic_callPlugins(pstream, _context, NULL, 0, QUIC_INTEREST_KEY_MASK, a_packet);
+ break;
+ case GQUIC_REGULAR_FRAME_GOAWAY:
+ error_code=(unsigned int)get_variable_length(payload, *used_len, sizeof(unsigned int));
+ *used_len+=sizeof(unsigned int);
+
+ //Last Good Stream ID
+ stream_id=(unsigned int)get_variable_length(payload, *used_len, sizeof(unsigned int));
+ *used_len+=sizeof(unsigned int);
+
+ reason_phrase_length=(unsigned short)get_variable_length(payload, *used_len, sizeof(unsigned short));
+ *used_len+=sizeof(unsigned short);
+
+ *used_len+=reason_phrase_length; // skip Reason Phrase
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_GOAWAY",
+ "error_code: %u Last Good Stream ID: %u reason_phrase_length: %d addr: %s",
+ error_code,
+ stream_id,
+ reason_phrase_length,
+ printaddr(&pstream->addr, pstream->threadnum));
+ break;
+ case GQUIC_REGULAR_FRAME_WINDOW_UPDATE:
+ stream_id=(unsigned int)get_variable_length(payload, *used_len, sizeof(unsigned int));
+ *used_len+=sizeof(unsigned int);
+
+ byte_offset=get_variable_length(payload, *used_len, sizeof(unsigned long long));
+ *used_len+=sizeof(unsigned long long);
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_WINDOW_UPDATE",
+ "stream_id: %u byte_offset: %llu addr: %s",
+ stream_id,
+ byte_offset,
+ printaddr(&pstream->addr, pstream->threadnum));
+ break;
+ case GQUIC_REGULAR_FRAME_BLOCKED:
+ stream_id=(unsigned int)get_variable_length(payload, *used_len, sizeof(unsigned int));
+ *used_len+=sizeof(unsigned int);
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_STOP_WAITING",
+ "stream_id: %u addr: %s",
+ stream_id,
+ printaddr(&pstream->addr, pstream->threadnum));
+ break;
+ case GQUIC_REGULAR_FRAME_STOP_WAITING:
+ bit_to_value(payload, _context->quic_info.quic_hdr.public_flags>>4, &least_unacked_delta, used_len);
+
+ MESA_handle_runtime_log(g_quic_param.logger,
+ RLOG_LV_DEBUG,
+ "QUIC_STOP_WAITING",
+ "least_unacked_delta: %llu addr: %s",
+ least_unacked_delta,
+ printaddr(&pstream->addr, pstream->threadnum));
+ break;
+ case GQUIC_REGULAR_FRAME_PING:
+ //The PING frame contains no payload.
+ //The receiver of a PING frame simply needs to ACK the packet containing this frame
+ break;
+ default: //Regular Frame Types
+ if(frame_type&GQUIC_SPECIAL_FRAME_STREAM)
+ {
+ stream_id=get_stream_id(pstream, _context, payload, frame_type, used_len);
+ ret=gquic_frame_type_stream(pstream, _context, payload, payload_len, used_len, a_packet);
+ }
+ else if((frame_type&0xC0)==GQUIC_SPECIAL_FRAME_ACK) // high bit set 0; (frame_type: 01nullmmB)
+ {
+ stream_id=get_stream_id(pstream, _context, payload, frame_type, used_len);
+ ret=gquic_frame_type_stream(pstream, _context, payload, payload_len, used_len, a_packet);
+ }
+ else if((frame_type&0xE0)==GQUIC_SPECIAL_FRAME_CONGEST_FB) // high two bits set 0; (frame_type: 01nullmmB)
+ {
+ //not used
+ }
+ else
+ {
+ return APP_STATE_GIVEME;
+ }
+ break;
+ }
+
+ if(ret&APP_STATE_DROPME || ret&APP_STATE_DROPPKT)
+ {
+ return ret;
+ }
+ }
+
+ return APP_STATE_GIVEME;
+}
+
+
+//QUIC_DATA:is quic data pcap;QUIC_TRUE:is handshake pcap;QUIC_RETURN_DROPME:not quic protocol;
+int parse_gquic_Q046(struct streaminfo *pstream, struct _quic_context* _context, void *a_packet, char * payload, int payload_len, int *used_len)
+{
+ int ret=APP_STATE_GIVEME;
+ unsigned char frame_type;
+
+ while(*used_len < payload_len)
+ {
+ frame_type=payload[*used_len];
+ *used_len+=1; //skip frame_type
+
+ if(frame_type&IQUIC_FRAME_STREAM_HEX08)
+ {
+ get_stream_id(pstream, _context, payload, frame_type, used_len);
+ ret=gquic_frame_type_stream(pstream, _context, payload, payload_len, used_len, a_packet);
+ }
+ else
+ {
+ return APP_STATE_GIVEME; //todo
+ }
+
+ if(ret&APP_STATE_DROPME || ret&APP_STATE_DROPPKT)
+ {
+ return ret;
+ }
+ }
+
+ return APP_STATE_GIVEME;
+}
+
+int parse_encrypt_parameter(struct _quic_stream *quic_stream, unsigned char *payload, int payload_len, int thread_seq)
+{
+ int used_len=0,length=0;
+ while(payload_len>used_len)
+ {
+ if(payload[used_len]> 0x00 && payload[used_len]<=0x20)
+ {
+ get_value(payload, &used_len, 1); //type=1
+ length=get_value(payload, &used_len, 1); // length=1
+ used_len+=length;
+
+ continue;
+ }
+
+ if((*(unsigned short *)(payload+used_len)) == htons(EXT_QUIC_PARAM_USER_AGENT))
+ {
+ quic_stream->ua_idx=quic_stream->ext_tag_num++;
+ get_value(payload, &used_len, 2); //type=2
+ length=get_value(payload, &used_len, 1); // length=1
+ get_quic_tlv((char *)payload+used_len, &(quic_stream->ext_tags[quic_stream->ua_idx]), length, EXT_QUIC_PARAM_USER_AGENT, thread_seq);
+ used_len+=length;
+
+ continue;
+ }
+
+ if(*(unsigned int *)(payload+used_len) == htonl(EXT_QUIC_PARAM_QUIC_VERSION))
+ {
+ quic_stream->ver_idx=quic_stream->ext_tag_num++;
+ get_value(payload, &used_len, 4); //type=4
+ length=get_value(payload, &used_len, 1); // length=1
+ get_quic_tlv((char *)payload+used_len, &(quic_stream->ext_tags[quic_stream->ver_idx]), length, EXT_QUIC_PARAM_QUIC_VERSION, thread_seq);
+ *(unsigned int *)quic_stream->ext_tags[quic_stream->ver_idx].value=(unsigned int)htonl(*(unsigned int *)quic_stream->ext_tags[quic_stream->ver_idx].value);
+ used_len+=length;
+
+ continue;
+ }
+
+ if((*(unsigned int *)(payload+used_len))== htonl(EXT_QUIC_PARAM_GREASE_HIGH4) && (*(unsigned int *)(payload+used_len+4))== htonl(EXT_QUIC_PARAM_GREASE_LOW4))
+ {
+ used_len+=8; //type=8
+ length=get_value(payload, &used_len, 1); // length=1
+ used_len+=length;
+
+ continue;
+ }
+
+ break;
+ }
+
+ return 0;
+}
+int parse_encrypt_server_name(struct _quic_stream *quic_stream, unsigned char *payload, int payload_len, int thread_seq)
+{
+ int ext_len=0,used_len=0;
+
+ quic_stream->sni_idx=quic_stream->ext_tag_num++;
+ get_value(payload, &used_len, 2); //Server Name List length
+ if(get_value(payload, &used_len, 1)==0) //Server Name type
+ {
+ ext_len=get_value(payload, &used_len, 2); //Server Name length
+ get_quic_tlv((char *)payload+used_len, &(quic_stream->ext_tags[quic_stream->sni_idx]), ext_len, EXTENSION_SERVER_NAME, thread_seq);
+ }
+
+ return 1;
+}
+
+int parse_encrypt_client_hello(struct streaminfo *pstream, struct _quic_stream *quic_stream, void *a_packet, unsigned char *payload, int payload_len)
+{
+ int skip_len=0;
+ int used_len=0;
+ int flags=0;
+ int ext_type=0, extension_total_len=0;
+
+ get_value(payload, &used_len, 1); //handshake type
+ get_value(payload, &used_len, 3); //client hello length
+ get_value(payload, &used_len, 2); //ssl_version
+
+ get_value(payload, &used_len, 32); //Random
+
+ skip_len=(int)get_value(payload, &used_len, 1); //Session ID length
+ used_len+=skip_len;
+
+ skip_len=(int)get_value(payload, &used_len, 2); //Ciper Suites length
+ used_len+=skip_len;
+
+ skip_len=(int)get_value(payload, &used_len, 1); //Compression Methods
+ used_len+=skip_len;
+
+ extension_total_len=(int)get_value(payload, &used_len, 2); //Extension length
+
+ quic_stream->ext_tags=(quic_tlv_t *)dictator_malloc(pstream->threadnum, sizeof(quic_tlv_t)*3);
+ memset(quic_stream->ext_tags, 0, sizeof(quic_tlv_t)*3);
+
+ while(extension_total_len>used_len)
+ {
+ ext_type=get_value(payload, &used_len, 2); //Extension type
+ skip_len=get_value(payload, &used_len, 2); //length
+ switch(ext_type)
+ {
+ case EXTENSION_SERVER_NAME:
+ parse_encrypt_server_name(quic_stream, payload+used_len, skip_len, pstream->threadnum);
+ flags=1;
+ break;
+ case EXTENSION_QUIC_PARAM:
+ parse_encrypt_parameter(quic_stream, payload+used_len, skip_len, pstream->threadnum);
+ break;
+ case EXTENSION_SUPPORT_GROUP:
+ case EXTENSION_APP_PROT_NEGO:
+ case EXTENSION_SIG_ALGORITHM:
+ case EXTENSION_KEY_SHARE:
+ case EXTENSION_PSK_EXCHANGE:
+ case EXTENSION_SUPP_SSL_VER:
+ case EXTENSION_COMPRESS_CERT:
+ break;
+ default:
+ break;
+ }
+
+ used_len+=skip_len;
+ }
+
+ return flags;
+}
+
+int parse_decrypt_quic(struct streaminfo *pstream, struct _quic_context* _context, void *a_packet, unsigned char * payload, int payload_len, int *used_len)
+{
+ int ret=0,state=APP_STATE_GIVEME;
+ unsigned int quic_version=_context->quic_info.quic_hdr.quic_version;
+
+ get_value(payload, used_len, 4); //Frame Type=1, offset=1, length=2
+
+ if( (quic_version>=MVFST_VERSION_00 && quic_version<=MVFST_VERSION_0F) ||
+ (quic_version>=GQUIC_VERSION_T050 && quic_version<=GQUIC_VERSION_T059) ||
+ (quic_version>=IQUIC_VERSION_I022 && quic_version<=IQUIC_VERSION_I029)
+ )
+ {
+ if(payload[*used_len] == 0x01)
+ {
+ if(_context->quic_info.client_hello==NULL)
+ {
+ _context->quic_info.client_hello=(struct _quic_stream *)dictator_malloc(pstream->threadnum, sizeof(struct _quic_stream));
+ memset(_context->quic_info.client_hello, 0, sizeof(struct _quic_stream));
+ }
+ ret=parse_encrypt_client_hello(pstream, _context->quic_info.client_hello, a_packet, payload+*used_len, payload_len); //Frame Type=1, offset=1, length=2
+ if(ret>0 && _context->call_business)
+ {
+ state=quic_callPlugins(pstream, _context, (void *)(_context->quic_info.client_hello), sizeof(void *), QUIC_CLIENT_HELLO_MASK, a_packet);
+ }
+ }
+ }
+ else if( (quic_version>=GQUIC_VERSION_Q047 && quic_version<=GQUIC_VERSION_Q059))
+ {
+ state=gquic_frame_type_stream(pstream, _context, (char *)payload, payload_len, used_len, a_packet);
+ }
+ else
+ {
+ state=APP_STATE_DROPME;
+ }
+
+ return state;
+}
+
+//cid->version->nounce->pkt num->ahn hash(12)
+int quic_process(struct streaminfo *pstream, struct _quic_context* _context, int thread_seq, void* a_packet)
+{
+ int used_len=0;
+ int ret=APP_STATE_GIVEME;
+ unsigned char decrypt_payload[1500]={0};
+ unsigned int decrypt_payload_len=sizeof(decrypt_payload);
+
+ enum _QUIC_VERSION is_gquic=QUIC_VERSION_UNKNOWN;
+ struct udpdetail *udp_detail=pstream->pudpdetail;
+
+ if(udp_detail->pdata==NULL || udp_detail->datalen<=0)
+ {
+ return APP_STATE_GIVEME;
+ }
+
+ is_gquic=is_quic_protocol(pstream, _context, (char *)udp_detail->pdata, udp_detail->datalen, &used_len);
+ if(!_context->call_business)
+ {
+ return APP_STATE_GIVEME;
+ }
+
+ if(is_gquic!=QUIC_VERSION_UNKNOWN)
+ {
+ if(_context->cb_version==0)
+ {
+ _context->cb_version=1;
+ ret=quic_callPlugins(pstream, _context, &(_context->quic_info.quic_hdr.quic_version), sizeof(_context->quic_info.quic_hdr.quic_version), QUIC_USEING_VERSION_MASK, a_packet);
+ if((ret&APP_STATE_DROPME) || (ret&APP_STATE_DROPPKT))
+ {
+ return ret;
+ }
+ }
+
+ switch(is_gquic)
+ {
+ case GQUIC_VERSION_Q043:
+ ret=gquic_proc_unencrypt(pstream, _context, a_packet, (char *)udp_detail->pdata, udp_detail->datalen, &used_len);
+ break;
+ case GQUIC_VERSION_Q046:
+ ret=parse_gquic_Q046(pstream, _context, a_packet, (char *)udp_detail->pdata, udp_detail->datalen, &used_len);
+ break;
+ default:
+ if( ((is_gquic>=MVFST_VERSION_00 && is_gquic<=MVFST_VERSION_0F) ||
+ (is_gquic>=GQUIC_VERSION_Q047 && is_gquic<=GQUIC_VERSION_Q059) ||
+ (is_gquic>=GQUIC_VERSION_T050 && is_gquic<=GQUIC_VERSION_T059) ||
+ (is_gquic>=GQUIC_VERSION_T050 && is_gquic<=GQUIC_VERSION_T059) ||
+ (is_gquic>=IQUIC_VERSION_I022 && is_gquic<=IQUIC_VERSION_I029)
+ )
+ && _context->is_decrypt==0
+ )
+ {
+ _context->is_decrypt=1;
+ ret=dissect_quic((char *)udp_detail->pdata, udp_detail->datalen, decrypt_payload, &decrypt_payload_len);
+ if(ret!=1)
+ {
+ return APP_STATE_DROPME;
+ }
+ ret=parse_decrypt_quic(pstream, _context, a_packet, decrypt_payload, decrypt_payload_len, &used_len);
+ break;
+ }
+
+ ret=quic_callPlugins(pstream, _context, (char *)udp_detail->pdata, udp_detail->datalen, QUIC_APPLICATION_DATA_MASK, a_packet);
+ if((ret&APP_STATE_DROPME) || (ret&APP_STATE_DROPPKT))
+ {
+ return ret;
+ }
+ break;
+ }
+
+ if((ret&APP_STATE_DROPME) || (ret&APP_STATE_DROPPKT))
+ {
+ return ret;
+ }
+ }
+
+ if(_context->is_quic==TRUE)
+ {
+ if(_context->quic_info.quic_hdr.is_reset)
+ {
+ return quic_callPlugins(pstream, _context, NULL, 0, QUIC_INTEREST_KEY_MASK, a_packet);
+ }
+
+ if(_context->quic_info.quic_hdr.is_version_negotiation)
+ {
+ return quic_callPlugins(pstream, _context, NULL, 0, QUIC_NEGOTIATION_VERSION_MASK, a_packet);
+ }
+ return APP_STATE_GIVEME;
+ }
+
+ return APP_STATE_DROPME;;
+}
+
+
+int quic_protocol_identify(struct streaminfo *a_stream, void *a_packet, char *out_sni, int out_sni_len)
+{
+ int ret=APP_STATE_GIVEME;
+ int sni_len=0,len=-1;
+ void *pme=NULL;
+ char *sni=NULL;
+ struct _quic_context *_context=NULL;
+
+ quic_init_stream(&pme, a_stream->threadnum);
+ _context=(struct _quic_context *)pme;
+
+ ret=quic_process(a_stream, _context, a_stream->threadnum, a_packet);
+ if(ret!=PROT_STATE_DROPME && _context->is_quic!=QUIC_VERSION_UNKNOWN)
+ {
+ if(_context->quic_info.client_hello!=NULL)
+ {
+ sni=(char *)(_context->quic_info.client_hello->ext_tags[_context->quic_info.client_hello->sni_idx].value);
+ sni_len=_context->quic_info.client_hello->ext_tags[_context->quic_info.client_hello->sni_idx].length;
+ len= sni_len>(out_sni_len-1) ? (out_sni_len-1) : sni_len;
+ memcpy(out_sni, sni, len);
+ }
+ else
+ {
+ if(_context->is_quic==TRUE)
+ {
+ len=0;
+ }
+ }
+ }
+
+ quic_release_stream(&pme, a_stream->threadnum);
+
+ return len;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 15:44:40 +0000