diff options
| author | zhuzhenjun <[email protected]> | 2023-10-24 14:37:41 +0800 |
|---|---|---|
| committer | zhuzhenjun <[email protected]> | 2023-10-24 16:28:54 +0800 |
| commit | 4cd2fdb88189dacbdb184c92dcc9c66368badbd7 (patch) | |
| tree | 75874f77eb94455729930c23f41b677eb021abc9 /src/osfp.c | |
| parent | e80ae01d6826e5bc30cf8229f7d8c8cfcf29466e (diff) | |
code: clean upv1.3.2
Diffstat (limited to 'src/osfp.c')
| -rw-r--r-- | src/osfp.c | 117 |
1 files changed, 71 insertions, 46 deletions
@@ -5,14 +5,12 @@ #include "osfp_score_db.h" #include "osfp_log.h" -#define OSFP_DEFAULT_RESULT_BUFLEN_MAX 512 #define OSFP_LOWEST_SCORE_LIMIT 20 -static struct osfp_result *osfp_result_build(struct osfp_os_class_score *os_class_score) +static struct osfp_result *osfp_result_build(struct osfp_os_class_score *os_class_score, const char *matched) { int i; unsigned int tmp_score; - unsigned int sum_score; unsigned int likely_score; enum osfp_os_class_id likely_os_class; struct osfp_result *result; @@ -24,8 +22,8 @@ static struct osfp_result *osfp_result_build(struct osfp_os_class_score *os_clas likely_score = 0; likely_os_class = OSFP_OS_CLASS_OTHERS; - sum_score = 0; + // likely os score for (i = 0; i < OSFP_OS_CLASS_MAX; i++) { tmp_score = os_class_score->scores[i]; @@ -34,20 +32,16 @@ static struct osfp_result *osfp_result_build(struct osfp_os_class_score *os_clas likely_os_class = i; } result->details[i].score = tmp_score; - sum_score += tmp_score; - } - - if (sum_score) { - for (i = 0; i < OSFP_OS_CLASS_MAX; i++) { - result->details[i].possibility = OSFP_PERCENTILE * result->details[i].score / sum_score; - } } if (likely_score == OSFP_PERCENTILE) { + // prefiltered ; } else if (likely_score < OSFP_LOWEST_SCORE_LIMIT) { + // too low to tell os class likely_os_class = OSFP_OS_CLASS_OTHERS; } else { + // when the tied likely scores appear between win/apple-like/unix-like, we throw unknown for (i = 0; i < OSFP_OS_CLASS_MAX; i++) { if (likely_os_class == i) { continue; @@ -66,7 +60,7 @@ static struct osfp_result *osfp_result_build(struct osfp_os_class_score *os_clas } result->likely_os_class = likely_os_class; - + result->matched = matched; return result; exit: return NULL; @@ -91,22 +85,23 @@ const char *osfp_result_os_name_get(struct osfp_result *result) char *osfp_result_score_detail_export(struct osfp_result *result) { int i; - char *result_str = NULL; - cJSON *root = NULL; + char *result_str; + cJSON *root; cJSON *array; cJSON *os_score; + cJSON *matched; osfp_profile_cycle(c1); osfp_profile_cycle(c2); + osfp_profile_get_cycle(c1); if (result == NULL) { - goto exit; + return NULL; } if (result->json_str != NULL) { - result_str = result->json_str; - goto exit; + return result->json_str; } root = cJSON_CreateObject(); @@ -134,6 +129,13 @@ char *osfp_result_score_detail_export(struct osfp_result *result) } } + if (result->matched) { + matched = cJSON_AddObjectToObject(root, "matched"); + if (matched) { + cJSON_AddStringToObject(matched, "fingerprint", result->matched); + } + } + result_str = cJSON_Print(root); if (result_str == NULL) { goto exit; @@ -141,15 +143,15 @@ char *osfp_result_score_detail_export(struct osfp_result *result) result->json_str = result_str; + osfp_profile_get_cycle(c2); + osfp_profile_counter_update(&osfp_profile_result_export, c2 - c1); + + return result_str; exit: if (root) { cJSON_Delete(root); } - if (result_str) { - osfp_profile_get_cycle(c2); - osfp_profile_counter_update(&osfp_profile_result_export, c2 - c1); - } - return result_str; + return NULL; } void osfp_result_free(struct osfp_result *result) @@ -164,15 +166,16 @@ void osfp_result_free(struct osfp_result *result) struct osfp_result *osfp_ipv4_identify(struct osfp_db *db, struct iphdr* l3_hdr, struct tcphdr *l4_hdr, size_t l4_hdr_len) { - int ret = OSFP_EINVAL; + int ret; struct osfp_fingerprint fp; struct osfp_os_class_score os_class_score; struct osfp_result *result; + const char *matched; osfp_profile_cycle(c1); osfp_profile_cycle(c2); - if (db == NULL || l3_hdr == NULL || l4_hdr == NULL || l4_hdr == 0) { + if (db == NULL || l3_hdr == NULL || l4_hdr == NULL || l4_hdr_len == 0) { goto exit; } @@ -185,10 +188,10 @@ struct osfp_result *osfp_ipv4_identify(struct osfp_db *db, struct iphdr* l3_hdr, } osfp_profile_get_cycle(c1); - ret = osfp_score_db_prefilter(db->score_db, &fp, &os_class_score); + matched = osfp_score_db_prefilter(db->score_db, &fp, &os_class_score); osfp_profile_get_cycle(c2); osfp_profile_counter_update(&osfp_profile_prefilter, c2 - c1); - if (ret <= 0) { + if (matched == NULL) { osfp_profile_get_cycle(c1); ret = osfp_score_db_score(db->score_db, 0, &fp, &os_class_score); osfp_profile_get_cycle(c2); @@ -199,7 +202,7 @@ struct osfp_result *osfp_ipv4_identify(struct osfp_db *db, struct iphdr* l3_hdr, } osfp_profile_get_cycle(c1); - result = osfp_result_build(&os_class_score); + result = osfp_result_build(&os_class_score, matched); osfp_profile_get_cycle(c2); osfp_profile_counter_update(&osfp_profile_result_build, c2 - c1); if (result == NULL) { @@ -213,26 +216,45 @@ exit: struct osfp_result *osfp_ipv6_identify(struct osfp_db *db, struct ip6_hdr* l3_hdr, struct tcphdr *l4_hdr, size_t l4_hdr_len) { - int ret = OSFP_EINVAL; + int ret; struct osfp_fingerprint fp; struct osfp_os_class_score os_class_score; struct osfp_result *result; + const char *matched; + + osfp_profile_cycle(c1); + osfp_profile_cycle(c2); if (db == NULL || l3_hdr == NULL || l4_hdr == NULL || l4_hdr_len == 0) { goto exit; } + osfp_profile_get_cycle(c1); ret = osfp_fingerprinting((unsigned char *)l3_hdr, (unsigned char *)l4_hdr, (unsigned int)l4_hdr_len, &fp, 6); + osfp_profile_get_cycle(c2); + osfp_profile_counter_update(&osfp_profile_fingerprinting, c2 - c1); if (ret != 0) { goto exit; } - ret = osfp_score_db_score(db->score_db, 0, &fp, &os_class_score); - if (ret != 0) { - goto exit; + osfp_profile_get_cycle(c1); + matched = osfp_score_db_prefilter(db->score_db, &fp, &os_class_score); + osfp_profile_get_cycle(c2); + osfp_profile_counter_update(&osfp_profile_prefilter, c2 - c1); + if (matched == NULL) { + osfp_profile_get_cycle(c1); + ret = osfp_score_db_score(db->score_db, 0, &fp, &os_class_score); + osfp_profile_get_cycle(c2); + osfp_profile_counter_update(&osfp_profile_score, c2 - c1); + if (ret != 0) { + goto exit; + } } - result = osfp_result_build(&os_class_score); + osfp_profile_get_cycle(c1); + result = osfp_result_build(&os_class_score, matched); + osfp_profile_get_cycle(c2); + osfp_profile_counter_update(&osfp_profile_result_build, c2 - c1); if (result == NULL) { goto exit; } @@ -248,8 +270,9 @@ struct osfp_result *osfp_json_identify(struct osfp_db *db, const char *json_str) struct osfp_fingerprint fp; struct osfp_os_class_score os_class_score; struct osfp_result *result; + const char *matched; - if (db == NULL) { + if (db == NULL || json_str == NULL) { goto exit; } @@ -258,15 +281,15 @@ struct osfp_result *osfp_json_identify(struct osfp_db *db, const char *json_str) goto exit; } - ret = osfp_score_db_prefilter(db->score_db, &fp, &os_class_score); - if (ret <= 0) { + matched = osfp_score_db_prefilter(db->score_db, &fp, &os_class_score); + if (matched == NULL) { ret = osfp_score_db_score(db->score_db, 0, &fp, &os_class_score); if (ret != 0) { goto exit; } } - result = osfp_result_build(&os_class_score); + result = osfp_result_build(&os_class_score, matched); if (result == NULL) { goto exit; } @@ -276,25 +299,27 @@ exit: return NULL; } -struct osfp_db *osfp_db_new(const char *db_json_file) +struct osfp_db *osfp_db_new(const char *fp_path) { int ret; struct osfp_db *db; + if (fp_path == NULL) { + goto exit; + } + + if (0 != access(fp_path, R_OK)) { + goto exit; + } + db = calloc(1, sizeof(struct osfp_db)); if (db == NULL) { goto exit; } - if (db_json_file != NULL) { - if (0 != access(db_json_file, R_OK)) { - goto exit; - } - - db->db_json_path = strdup((const char*)db_json_file); - if (db->db_json_path == NULL) { - goto exit; - } + db->db_json_path = strdup((const char*)fp_path); + if (db->db_json_path == NULL) { + goto exit; } db->score_db = (void *)osfp_score_db_create(); |