From 59638765e3eacdf0eac3d96e7941fb710d3a0590 Mon Sep 17 00:00:00 2001 From: liuxueli Date: Fri, 3 Sep 2021 14:51:29 +0800 Subject: [PATCH] =?UTF-8?q?TSG-7627:=20=E8=A7=A3=E6=9E=90=E5=8A=A0?= =?UTF-8?q?=E5=AF=86GQUIC048=20SNI=E5=AF=BC=E8=87=B4watchdog=20timeout?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/gquic_process.cpp | 35 ++++++++++++++++++++++-- src/{parser-quic.cpp => parser_quic.cpp} | 2 +- src/{parser-quic.h => parser_quic.h} | 0 src/quic_analysis.cpp | 9 ++++++ src/quic_analysis.h | 1 + 5 files changed, 44 insertions(+), 3 deletions(-) rename src/{parser-quic.cpp => parser_quic.cpp} (99%) rename src/{parser-quic.h => parser_quic.h} (100%) diff --git a/src/gquic_process.cpp b/src/gquic_process.cpp index e84e7eb..2f3ce62 100644 --- a/src/gquic_process.cpp +++ b/src/gquic_process.cpp @@ -13,7 +13,7 @@ #include "gquic_process.h" #include "quic_analysis.h" -#include "parser-quic.h" +#include "parser_quic.h" int is_iquic(enum _QUIC_VERSION quic_version) { @@ -60,6 +60,32 @@ int is_iquic(enum _QUIC_VERSION quic_version) return FALSE; } +int is_quic_port(struct streaminfo *pstream) +{ + switch(pstream->addr.addrtype) + { + case ADDR_TYPE_IPV4: + case __ADDR_TYPE_IP_PAIR_V4: + if(ntohs(pstream->addr.ipv4->source)!=443 && ntohs(pstream->addr.ipv4->dest)!=443) + { + return 0; + } + break; + case ADDR_TYPE_IPV6: + case __ADDR_TYPE_IP_PAIR_V6: + if(ntohs(pstream->addr.ipv6->source)!=443 && ntohs(pstream->addr.ipv6->dest)!=443) + { + return 0; + } + break; + default: + return 0; + break; + } + + return 1; +} + static int get_value(unsigned char *payload, int *offset, int len) { switch(len) @@ -1108,7 +1134,7 @@ int quic_process(struct streaminfo *pstream, struct _quic_context* _context, int break; default: if( ((is_gquic>=MVFST_VERSION_00 && is_gquic<=MVFST_VERSION_0F) || - (is_gquic>=GQUIC_VERSION_Q047 && is_gquic<=GQUIC_VERSION_Q059) || + (is_gquic>=GQUIC_VERSION_Q049 && is_gquic<=GQUIC_VERSION_Q059) || (is_gquic>=GQUIC_VERSION_T050 && is_gquic<=GQUIC_VERSION_T059) || (is_gquic>=GQUIC_VERSION_T050 && is_gquic<=GQUIC_VERSION_T059) || (is_gquic>=IQUIC_VERSION_I022 && is_gquic<=IQUIC_VERSION_I029) || @@ -1166,6 +1192,11 @@ int quic_protocol_identify(struct streaminfo *a_stream, void *a_packet, char *ou void *pme=NULL; char *sni=NULL; struct _quic_context *_context=NULL; + + if(!is_quic_port(a_stream)) + { + return len; + } quic_init_stream(&pme, a_stream->threadnum); _context=(struct _quic_context *)pme; diff --git a/src/parser-quic.cpp b/src/parser_quic.cpp similarity index 99% rename from src/parser-quic.cpp rename to src/parser_quic.cpp index 421e06e..de3b968 100644 --- a/src/parser-quic.cpp +++ b/src/parser_quic.cpp @@ -10,7 +10,7 @@ #include #include -#include "parser-quic.h" +#include "parser_quic.h" #include "wsgcrypt.h" #include "utils.h" #include "pint.h" diff --git a/src/parser-quic.h b/src/parser_quic.h similarity index 100% rename from src/parser-quic.h rename to src/parser_quic.h diff --git a/src/quic_analysis.cpp b/src/quic_analysis.cpp index 9c71ac4..23dff35 100644 --- a/src/quic_analysis.cpp +++ b/src/quic_analysis.cpp @@ -7,6 +7,8 @@ #include "gquic.h" #include "quic_analysis.h" #include "gquic_process.h" +#include "parser_quic.h" + #include #include #include @@ -156,6 +158,8 @@ extern "C" int QUIC_INIT(void) return -1; } + gcry_init(); + return 0; }/*QUICINIT*/ @@ -242,6 +246,11 @@ extern "C" char QUIC_ENTRY(struct streaminfo *pstream, void**pme, int thread_seq return APP_STATE_DROPME; } + if(!is_quic_port(pstream)) + { + return APP_STATE_DROPME; + } + if(*pme==NULL) { quic_init_stream(pme, thread_seq); diff --git a/src/quic_analysis.h b/src/quic_analysis.h index 71c8c67..e8866b7 100644 --- a/src/quic_analysis.h +++ b/src/quic_analysis.h @@ -41,6 +41,7 @@ enum quic_mes_type{ extern struct _quic_param_t g_quic_param; +int is_quic_port(struct streaminfo *pstream); void quic_release_exts(int thread_seq, quic_tlv_t *ext_tags, int ext_tag_num); #endif /* SRC_QUIC_ANALYSIS_H_ */