src: linux/*.h -> netinet/*.h

author: zhuzhenjun <[email protected]> 2023-10-10 17:14:34 +0800
committer: zhuzhenjun <[email protected]> 2023-10-10 17:14:34 +0800
commit: f6af0204eb2d8a02b4c434148faff9873a2976ce (patch)
tree: efa0c17c44398cc18c4559ffa433efb4104befd5 /src
parent: f203d15fae598b7ba6645e0297f15c60e2006c1f (diff)
6 files changed, 103 insertions, 95 deletions
diff --git a/src/osfp.c b/src/osfp.c
index c629d57..ec9a78f 100644
--- a/src/osfp.c
+++ b/src/osfp.c
@@ -183,7 +183,7 @@ exit:
     return NULL;
 }
 
-struct osfp_result *osfp_ipv6_identify(struct osfp_db *db, struct ipv6hdr* l3_hdr, struct tcphdr *l4_hdr, size_t l4_hdr_len)
+struct osfp_result *osfp_ipv6_identify(struct osfp_db *db, struct ip6_hdr* l3_hdr, struct tcphdr *l4_hdr, size_t l4_hdr_len)
 {
     int ret = OSFP_EINVAL;
     struct osfp_fingerprint fp;
diff --git a/src/osfp.h b/src/osfp.h
index 660a687..1367815 100644
--- a/src/osfp.h
+++ b/src/osfp.h
@@ -2,61 +2,21 @@
 #define __OSFP_H__
 
 #include <stddef.h>
-#include <linux/in.h>
+#include <netinet/in.h>
+#include <netinet/ip.h>
+#include <netinet/ip6.h>
+#include <netinet/tcp.h>
 #include <linux/if_ether.h>
-#include <linux/ip.h>
-#include <linux/ipv6.h>
-#include <linux/tcp.h>
 
-/**
- * @brief 定义操作系统类别的名称常量。
- */
-#define OSFP_OS_CLASS_NAME_UNKNOWN   "Unknown"
-#define OSFP_OS_CLASS_NAME_WINDOWS   "Windows"
-#define OSFP_OS_CLASS_NAME_LINUX     "Linux"
-#define OSFP_OS_CLASS_NAME_MAC_OS    "Mac OS"
-#define OSFP_OS_CLASS_NAME_IOS       "iOS"
-#define OSFP_OS_CLASS_NAME_ANDROID   "Android"
-#define OSFP_OS_CLASS_NAME_OTHERS    "Others"
-
-/**
- * @brief 枚举表示不同的操作系统类别。
- */
-enum osfp_os_class_id {
-    OSFP_OS_CLASS_UNKNOWN,      // 未知
-    OSFP_OS_CLASS_WINDOWS,      // Windows
-    OSFP_OS_CLASS_LINUX,        // Linux
-    OSFP_OS_CLASS_MAC_OS,       // Mac OS
-    OSFP_OS_CLASS_IOS,          // iOS
-    OSFP_OS_CLASS_ANDROID,      // Android
-    OSFP_OS_CLASS_OTHERS,       // 其他
-    OSFP_OS_CLASS_MAX,
-};
-
-/**
- * @brief 结构体用于 osfp_result 中的详细结果。
- */
-struct osfp_result_detail {
-    unsigned int score;         // 得分
-    unsigned int possibility;   // 可能性
-};
+#ifdef __cplusplus
+extern "C"
+{
+#endif
 
-/**
- * @brief 结构体用于表示操作系统识别结果。
- */
-struct osfp_result {
-    char *json_str;                              // JSON 字符串
-    enum osfp_os_class_id likely_os_class;        // 最可能的操作系统类别
-    struct osfp_result_detail details[OSFP_OS_CLASS_MAX];   // 详细结果数组
-};
-
-/**
- * @brief 结构体用于表示操作系统指纹库。
- */
-struct osfp_db {
-    char *db_json_path;   // 操作系统指纹库 JSON 文件路径
-    void *score_db;       // 分数数据库指针
-};
+enum osfp_os_class_id;
+struct osfp_result_detail;
+struct osfp_result;
+struct osfp_db;
 
 /**
  * @brief 创建一个新的操作系统指纹库。
@@ -93,7 +53,7 @@ struct osfp_result *osfp_ipv4_identify(struct osfp_db *db, struct iphdr* l3_hdr,
  * @param l4_hdr_len TCP 头部的长度（注意：包含TCP选项部分）。
  * @return 指向操作系统识别结果的指针（注意：内存需要使用者释放）。
  */
-struct osfp_result *osfp_ipv6_identify(struct osfp_db *db, struct ipv6hdr* l3_hdr, struct tcphdr *l4_hdr, size_t l4_hdr_len);
+struct osfp_result *osfp_ipv6_identify(struct osfp_db *db, struct ip6_hdr* l3_hdr, struct tcphdr *l4_hdr, size_t l4_hdr_len);
 
 /**
  * @brief 通过 json 格式的指纹识别操作系统。
@@ -127,4 +87,7 @@ char *osfp_result_score_detail_export(struct osfp_result *result);
  */
 void osfp_result_free(struct osfp_result *result);
 
+#ifdef __cplusplus
+}
+#endif
 #endif
diff --git a/src/osfp_common.h b/src/osfp_common.h
index 12d84a1..023a2ee 100644
--- a/src/osfp_common.h
+++ b/src/osfp_common.h
@@ -8,11 +8,6 @@
 #include <stdarg.h>
 #include <time.h>
 
-#include <linux/in.h>
-#include <linux/if_ether.h>
-#include <linux/ip.h>
-#include <linux/ipv6.h>
-#include <linux/tcp.h>
 #include <sys/fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -28,8 +23,30 @@
 
 #include "osfp.h"
 
-#define OSFP_TCP_OPTLENMAX                        64
-#define OSFP_TCP_OPTMAX                           20
+static inline unsigned long long osfp_rdtsc(void)
+{
+	union {
+		unsigned long long tsc_64;
+		struct {
+			unsigned int lo_32;
+			unsigned int hi_32;
+		};
+	} tsc;
+
+	asm volatile("rdtsc" :
+		     "=a" (tsc.lo_32),
+		     "=d" (tsc.hi_32));
+	return tsc.tsc_64;
+}
+
+#define osfp_profile_cycle(x) volatile unsigned long long x = 0
+#define osfp_profile_get_cycle(x) do { \
+        x = osfp_rdtsc(); \
+    } while(0)
+
+#define OSFP_BIT_U32(n) (1UL << (n))
+
+#define OSFP_PERCENTILE 100
 
 #define OSFP_ETHERNET_HEADER_LEN     14
 #define OSFP_VLAN_HEADER_LEN         4
@@ -37,8 +54,8 @@
 #define OSFP_IPV6_HEADER_LEN         40
 #define OSFP_TCP_HEADER_LEN          20
 #define OSFP_TCP_DATA_OFF_MAX        60
-
-
+#define OSFP_TCP_OPTLENMAX                        64
+#define OSFP_TCP_OPTMAX                           20
 //# TCP Options (opt_type) - http://www.iana.org/assignments/tcp-parameters
 #define OSFP_TCP_OPT_EOL             0               //# end of option list
 #define OSFP_TCP_OPT_NOP             1               //# no operation
@@ -74,7 +91,6 @@
 #define OSFP_TCP_OPY_ENCNEG          69              //# Encryption Negotiation (TCP-ENO)      [RFC8547]
 #define OSFP_TCP_OPT_EXP1            253             //# RFC3692-style Experiment 1 (also improperly used for shipping products)
 #define OSFP_TCP_OPT_EXP2            254             //# RFC3692-style Experiment 2 (also improperly used for shipping products)
-
 #define OSFP_TCP_OPT_SACKOK_LEN                   2
 #define OSFP_TCP_OPT_WS_LEN                       3
 #define OSFP_TCP_OPT_TS_LEN                       10
@@ -84,28 +100,39 @@
 #define OSFP_TCP_OPT_TFO_MIN_LEN                  4  /* kind, len, 2 bytes cookie: 4 */
 #define OSFP_TCP_OPT_TFO_MAX_LEN                  18 /* kind, len, 18 */
 
-static inline unsigned long long osfp_rdtsc(void)
-{
-	union {
-		unsigned long long tsc_64;
-		struct {
-			unsigned int lo_32;
-			unsigned int hi_32;
-		};
-	} tsc;
 
-	asm volatile("rdtsc" :
-		     "=a" (tsc.lo_32),
-		     "=d" (tsc.hi_32));
-	return tsc.tsc_64;
-}
+/**
+ * @brief 定义操作系统类别的名称常量。
+ */
+#define OSFP_OS_CLASS_NAME_UNKNOWN   "Unknown"
+#define OSFP_OS_CLASS_NAME_WINDOWS   "Windows"
+#define OSFP_OS_CLASS_NAME_LINUX     "Linux"
+#define OSFP_OS_CLASS_NAME_MAC_OS    "Mac OS"
+#define OSFP_OS_CLASS_NAME_IOS       "iOS"
+#define OSFP_OS_CLASS_NAME_ANDROID   "Android"
+#define OSFP_OS_CLASS_NAME_OTHERS    "Others"
+
+/**
+ * @brief 枚举表示不同的操作系统类别。
+ */
+enum osfp_os_class_id {
+    OSFP_OS_CLASS_UNKNOWN,      // 未知
+    OSFP_OS_CLASS_WINDOWS,      // Windows
+    OSFP_OS_CLASS_LINUX,        // Linux
+    OSFP_OS_CLASS_MAC_OS,       // Mac OS
+    OSFP_OS_CLASS_IOS,          // iOS
+    OSFP_OS_CLASS_ANDROID,      // Android
+    OSFP_OS_CLASS_OTHERS,       // 其他
+    OSFP_OS_CLASS_MAX,
+};
 
-#define osfp_profile_cycle(x) volatile unsigned long long x = 0
-#define osfp_profile_get_cycle(x) do { \
-        x = osfp_rdtsc(); \
-    } while(0)
 
-#define OSFP_BIT_U32(n) (1UL << (n))
+#define OSFP_OS_CLASS_FLAG_WINDOWS   OSFP_BIT_U32(OSFP_OS_CLASS_WINDOWS)
+#define OSFP_OS_CLASS_FLAG_LINUX     OSFP_BIT_U32(OSFP_OS_CLASS_LINUX)
+#define OSFP_OS_CLASS_FLAG_MAC_OS    OSFP_BIT_U32(OSFP_OS_CLASS_MAC_OS)
+#define OSFP_OS_CLASS_FLAG_IOS       OSFP_BIT_U32(OSFP_OS_CLASS_IOS)
+#define OSFP_OS_CLASS_FLAG_ANDROID   OSFP_BIT_U32(OSFP_OS_CLASS_ANDROID)
+
 
 enum osfp_error_code {
     OSFP_NOERR,
@@ -116,16 +143,33 @@ enum osfp_error_code {
     OSFP_ERR_SCORE_DB_UNSUPPORTED,
 
     OSFP_ERR_FINGERPRINTING_UNSUPPORTED,
+};
+
 
+/**
+ * @brief 结构体用于 osfp_result 中的详细结果。
+ */
+struct osfp_result_detail {
+    unsigned int score;         // 得分
+    unsigned int possibility;   // 可能性
 };
 
-#define OSFP_OS_CLASS_FLAG_WINDOWS   OSFP_BIT_U32(OSFP_OS_CLASS_WINDOWS)
-#define OSFP_OS_CLASS_FLAG_LINUX     OSFP_BIT_U32(OSFP_OS_CLASS_LINUX)
-#define OSFP_OS_CLASS_FLAG_MAC_OS    OSFP_BIT_U32(OSFP_OS_CLASS_MAC_OS)
-#define OSFP_OS_CLASS_FLAG_IOS       OSFP_BIT_U32(OSFP_OS_CLASS_IOS)
-#define OSFP_OS_CLASS_FLAG_ANDROID   OSFP_BIT_U32(OSFP_OS_CLASS_ANDROID)
+/**
+ * @brief 结构体用于表示操作系统识别结果。
+ */
+struct osfp_result {
+    char *json_str;                              // JSON 字符串
+    enum osfp_os_class_id likely_os_class;        // 最可能的操作系统类别
+    struct osfp_result_detail details[OSFP_OS_CLASS_MAX];   // 详细结果数组
+};
 
-#define OSFP_PERCENTILE 100
+/**
+ * @brief 结构体用于表示操作系统指纹库。
+ */
+struct osfp_db {
+    char *db_json_path;   // 操作系统指纹库 JSON 文件路径
+    void *score_db;       // 分数数据库指针
+};
 
 const char *osfp_os_class_id_to_name(enum osfp_os_class_id os_class);
 enum osfp_os_class_id osfp_os_class_name_to_id(char *name);
diff --git a/src/osfp_fingerprint.c b/src/osfp_fingerprint.c
index a4551d9..3c212e6 100644
--- a/src/osfp_fingerprint.c
+++ b/src/osfp_fingerprint.c
@@ -368,7 +368,7 @@ int osfp_fingerprinting_tcp(struct tcphdr *tcph, unsigned int tcph_len, struct o
 
     tcp_off = tcph->doff << 2;
     tcp_window_size = ntohs(tcph->window);
-    tcp_flags = *((unsigned char *)&tcph->window - 1);
+    tcp_flags = *((unsigned char *)&tcph->ack_seq + 5);
 
     if (tcp_off != tcph_len) {
         goto exit;
@@ -409,7 +409,7 @@ exit:
     return -1;
 }
 
-int osfp_fingerprinting_ipv6(struct ipv6hdr *iph, struct osfp_fingerprint *fp)
+int osfp_fingerprinting_ipv6(struct ip6_hdr *iph, struct osfp_fingerprint *fp)
 {
     if (iph == NULL || fp == NULL) {
         goto exit;
@@ -417,8 +417,8 @@ int osfp_fingerprinting_ipv6(struct ipv6hdr *iph, struct osfp_fingerprint *fp)
 
     //unsigned int ip_id = 0;
     //unsigned int ip_tos = 0;
-    unsigned int ip_total_length = OSFP_IPV6_HEADER_LEN + ntohs(iph->payload_len);
-    unsigned int ip_ttl = compute_ip_ttl(iph->hop_limit);
+    unsigned int ip_total_length = OSFP_IPV6_HEADER_LEN + ntohs(iph->ip6_ctlun.ip6_un1.ip6_un1_plen);
+    unsigned int ip_ttl = compute_ip_ttl(iph->ip6_ctlun.ip6_un1.ip6_un1_hlim);
 
     //osfp_fingerprint_setup_field(fp, OSFP_FIELD_IP_ID, &ip_id, sizeof(ip_id));
     //osfp_fingerprint_setup_field(fp, OSFP_FIELD_IP_TOS, &ip_tos, sizeof(ip_tos));
@@ -445,7 +445,7 @@ int osfp_fingerprinting(unsigned char *iph, unsigned char *tcph, unsigned int tc
             ret = osfp_fingerprinting_ipv4((struct iphdr *)iph, fp);
             break;
         case 6:
-            ret = osfp_fingerprinting_ipv6((struct ipv6hdr *)iph, fp);
+            ret = osfp_fingerprinting_ipv6((struct ip6_hdr *)iph, fp);
             break;
         default:
             ret = -1;
diff --git a/src/osfp_fingerprint.h b/src/osfp_fingerprint.h
index d7c39c8..3de5edd 100644
--- a/src/osfp_fingerprint.h
+++ b/src/osfp_fingerprint.h
@@ -55,7 +55,7 @@ unsigned int osfp_fingerprint_get_field_type(enum osfp_field_id field_id);
 int osfp_fingerprinting_tcp_option(unsigned char *pkt, unsigned int pktlen, struct osfp_fingerprint *fp);
 int osfp_fingerprinting_tcp(struct tcphdr *tcph, unsigned int tcph_len, struct osfp_fingerprint *fp);
 int osfp_fingerprinting_ipv4(struct iphdr *iph, struct osfp_fingerprint *fp);
-int osfp_fingerprinting_ipv6(struct ipv6hdr *iph, struct osfp_fingerprint *fp);
+int osfp_fingerprinting_ipv6(struct ip6_hdr *iph, struct osfp_fingerprint *fp);
 int osfp_fingerprinting(unsigned char *iph, unsigned char *tcph, unsigned int tcph_len, struct osfp_fingerprint *fp, unsigned int ip_version);
 
 #ifdef UNITTEST
diff --git a/src/osfp_score_db.h b/src/osfp_score_db.h
index 71b4704..8e4439f 100644
--- a/src/osfp_score_db.h
+++ b/src/osfp_score_db.h
@@ -3,6 +3,7 @@
 
 #include "osfp.h"
 #include "osfp_fingerprint.h"
+#include "osfp_common.h"
 
 struct osfp_os_class_score {
     unsigned int scores[OSFP_OS_CLASS_MAX];
author	zhuzhenjun <[email protected]>	2023-10-10 17:14:34 +0800
committer	zhuzhenjun <[email protected]>	2023-10-10 17:14:34 +0800
commit	f6af0204eb2d8a02b4c434148faff9873a2976ce (patch)
tree	efa0c17c44398cc18c4559ffa433efb4104befd5 /src
parent	f203d15fae598b7ba6645e0297f15c60e2006c1f (diff)