From b5210028da0b5b926960f25449ef904e6daea821 Mon Sep 17 00:00:00 2001 From: liuxueli Date: Tue, 14 Sep 2021 11:59:31 +0800 Subject: [PATCH] =?UTF-8?q?TSG-7756:=20QUIC.v13.1=E5=BC=82=E5=B8=B8?= =?UTF-8?q?=E5=AD=98=E5=9C=A8=E9=87=8D=E5=90=AF=EF=BC=8C=E8=A7=A3=E6=9E=90?= =?UTF-8?q?client=20hello=E5=87=BA=E9=94=99=E6=97=B6=EF=BC=8C=E6=9C=AA?= =?UTF-8?q?=E5=AF=B9=E5=8F=82=E6=95=B0=E8=BF=9B=E8=A1=8C=E6=A3=80=E6=9F=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- demo/demo.cpp | 2 +- src/gquic_process.cpp | 9 ++++++--- test/pcap/iquic/29/quic_result.json | 6 +++++- ...24.88.191.113.39716-114.250.66.33-443.pcap | Bin 0 -> 10619 bytes test/pcap/rfc9000/quic_result.json | 19 ++++++++++-------- 5 files changed, 23 insertions(+), 13 deletions(-) create mode 100644 test/pcap/rfc9000/2-ietf-rfc9000-124.88.191.113.39716-114.250.66.33-443.pcap diff --git a/demo/demo.cpp b/demo/demo.cpp index e69845b..dfafb19 100644 --- a/demo/demo.cpp +++ b/demo/demo.cpp @@ -173,7 +173,7 @@ int parse_encrypt_client_hello(void *pstream, struct _quic_stream *quic_stream, used_len+=skip_len; extension_total_len=(int)get_value(payload, &used_len, 2); //Extension length - if(!check_length(payload_len-used_len, extension_total_len)) + if(!check_length(payload_len-used_len, extension_total_len) && (extension_total_len!=payload_len-used_len)) { return flags; } diff --git a/src/gquic_process.cpp b/src/gquic_process.cpp index 0f185ca..fa7f641 100644 --- a/src/gquic_process.cpp +++ b/src/gquic_process.cpp @@ -1169,7 +1169,7 @@ int parse_encrypt_client_hello(struct streaminfo *pstream, struct _quic_stream * used_len+=skip_len; extension_total_len=(int)get_value(payload, &used_len, 2); //Extension length - if(!check_length(payload_len-used_len, extension_total_len)) + if(!check_length(payload_len-used_len, extension_total_len) && (payload_len-used_len!=extension_total_len)) { return flags; } @@ -1235,6 +1235,9 @@ int parse_decrypt_quic(struct streaminfo *pstream, struct _quic_context* _contex { _context->quic_info.client_hello=(struct _quic_stream *)dictator_malloc(pstream->threadnum, sizeof(struct _quic_stream)); memset(_context->quic_info.client_hello, 0, sizeof(struct _quic_stream)); + _context->quic_info.client_hello->sni_idx=0xFF; + _context->quic_info.client_hello->ua_idx=0xFF; + _context->quic_info.client_hello->ver_idx=0xFF; } ret=parse_encrypt_client_hello(pstream, _context->quic_info.client_hello, a_packet, payload+*used_len, payload_len-*used_len); //Frame Type=1, offset=1, length=2 if(ret>0 && _context->call_business) @@ -1314,7 +1317,7 @@ int quic_process(struct streaminfo *pstream, struct _quic_context* _context, int ret=dissect_quic((char *)udp_detail->pdata, udp_detail->datalen, decrypt_payload, &decrypt_payload_len); if(ret!=1) { - return APP_STATE_DROPME; + return APP_STATE_GIVEME; } ret=parse_decrypt_quic(pstream, _context, a_packet, decrypt_payload, decrypt_payload_len, &used_len); break; @@ -1373,7 +1376,7 @@ unsigned int quic_protocol_identify(struct streaminfo *a_stream, void *a_packet, ret=quic_process(a_stream, _context, a_stream->threadnum, a_packet); if(ret!=PROT_STATE_DROPME && _context->is_quic!=QUIC_VERSION_UNKNOWN) { - if(_context->quic_info.client_hello!=NULL) + if(_context->quic_info.client_hello!=NULL && _context->quic_info.client_hello->ext_tags!=NULL) { if(_context->quic_info.client_hello->sni_idx!=0xFF) { diff --git a/test/pcap/iquic/29/quic_result.json b/test/pcap/iquic/29/quic_result.json index e9eb40e..6cee24e 100644 --- a/test/pcap/iquic/29/quic_result.json +++ b/test/pcap/iquic/29/quic_result.json @@ -3,9 +3,13 @@ "VERSION": "IETF QUIC 29", "SNI": "www.facebook.com", "name": "QUIC_RESULT_1" + }, { + "Tuple4": "223.104.233.102.13650>203.208.40.98.443", + "VERSION": "IETF QUIC 29", + "name": "QUIC_RESULT_2" }, { "Tuple4": "192.168.50.33.57220>114.250.70.38.443", "VERSION": "IETF QUIC 29", "SNI": "securepubads.g.doubleclick.net", - "name": "QUIC_RESULT_2" + "name": "QUIC_RESULT_3" }] diff --git a/test/pcap/rfc9000/2-ietf-rfc9000-124.88.191.113.39716-114.250.66.33-443.pcap b/test/pcap/rfc9000/2-ietf-rfc9000-124.88.191.113.39716-114.250.66.33-443.pcap new file mode 100644 index 0000000000000000000000000000000000000000..ee760fb423557bb9aed92aae3fc25b0961f84d3d GIT binary patch literal 10619 zcmeI1b!;9>ldoShGcz+Y+pn4Jn3)-3W{Np>95XXB+c7g!?3kIEneirPb-&%S=hKz$ z{=FrYG&8E{s%ed$?*7$mUtKOJ037h21`YuEeba&rH0lCE0^A`0fBEl6ph5fqaCA5j z05m`x0AUqO1qAS;^t=0Lb~!pdi;$#~gS0`Yjo=Oa4h4ZxUS0H0-j+?L1$(Ky1&Ck} z8b>!Wr`e3c!isP#C%tG-ijb#VQ+n!2pfaMDN%`BoSZ(W+sY%$J3sNt-DBDsWh)dX)}dP3wVZ(XTfn}d=LGuiKbT9DFQocB0?3=`0D<%W>0 zom)XxcrKgE)g2wtRPr4-6(f!>@$KNwzi~g87T;>=?ON*jxBmFu%bAZa_K9SF!QuPsEWMhm$#*y=l=qUuC6!DsD^QnWPiTek& zZAB7D%{f^NE-rz@+NwyC*={KtX^uo@# z*mZa}eERSjXVeVbwEy#```@eooq_+Ifq%}x9}H)2{u9G!(Ek_1000ocha#Q*2f=?( z4APcP4xxq^|MT}?Ab;QsjmRV50`aby2>`n6`mgN=?zfCV?=dK-^|T9bYbqVs!x^=F zjANyWucePb5ZSc&2gwPxP@89LW4u%t&zxvkoNJ~$lYgtu?R8`m;$-$u>v`HJK&_sL zj5nBT2moa`EST{YxAI%-ItQg$e2+wsSnv&%*`M^DEJtBHBQ-$PqLk-(t=Ks7b|AwK`c51s4enDehHpB zah1|wTatg)r&l%Ho&seRof#hM!4XG zyM4xW$xVIDZyQ;V0Omwtdv&{POq-h*=R7V*Zs}G7obB{)-BAw>*$zYrkpfD`xh;;0 zY$LumAZro^em=nlJ-`=od>P|Li&`x#Jwl$l6RQ63@-qxplcHCyS|*&{C`C$JLMN_L z=-`EvVxkR)DI02Mc4B`b<4gS#2Hv;vfGP*8G<(-{$>Kd7Oqlyd5B&3oq+A8E%Z9FFwEoU`f5vlqE=L7STn**uB z>df+~P>-pd9EZ^nXIwWCF7JL4ScQ}X;e*0q#*r%%({I9rwIXOP1b*rw4+;7Z@ca}1UJ z%lny8O3gdSJC%gkr5BTG5laR+#zFbTI77mKg>P3QaP@e2=xEu9|ll9a&{ zyJGp`W9xtPQsQqp+hn9WP7wNBM?GFmSQeBH)rCbOg!C!R2co%654S8`qzTFE6JPsZb> z+l50A4EuUkg%~>{X~d_2varBPq8g+U92P;omUadbO9B`E&2z1ZT*kN8;|n#W)Bt$w z5GATzSc0{T$U1b=6QE)fI0;Z8>j2;!Hfo5q73l-O0+(+FqNNR-9T@W1gYA-k{qW)l z8=M0TGs0m^I9}vv`Tq9qm~3arv~|I@_*k%Za68&531`od9X9*}oiJc60g=u@-qVM4 z-V!o0?B4!7re`!N)=3i`X-ma4{F;hi53cM8N7cN%)RQ!qX`P$?+zEj@3s5bz_`MHs zAWb(ono%drkC0ZIJA7S-=(j8c3$7hjh|1Cc2QXq)D2+L}Z><*Qs%A=f+FZ3<-;q?W zTeUl6D`8SngeN`!LioO6UpENe8?S1S%_uI5XZmok*zgw6slM31FP5CEZ>hMUR)c*D zqd-G>j_QF>YBS!}v%SwG0J?N1iiRrV?1uRsqb-LDl&k!S?AM!s7Wr26z`vc55LQb?yO_d;d4lBDqPj0a69(W<7FH0}tj zWSAr_V>;3SoO!!m&cnWEJ^0%L%Y?-ik}U3hLA70tDxU=-+OuooAz1?ZIiS${ww6r% z=TTF>0aSt$-6z=4;azl1R^C(;2KKmnCOIwU4^Ng{up~ocu;40_Ng_K8Y!fp%)aE}J zuKgci7&2t@AM_LFadx+*Nuty`@$N^gkwzB~6rF_S(gl7_1b`hQ-o%}tn>Ob51bP}; zGY?H0DARwf6f?B51QJCMK80p>qk~No$_#SZ!+U61p?Yqd#+_DZL=kn|{3_997up?wqeyj8Q-!nx{2@G%2Xg)^TMFIrOPx z=1H~3T&?|%;vk7CKHil zAPw57;&E7I;-mZwiV7lkd$4n+07(|haFJ`}f)w&?mysq+48asPGRva~#50_}Cf^K0 zd*Uxeag81=8B}?<@jzbJXTDVpqy?^f{#j6c*{NB0S;}o4ENo#B3p#Amp(vI*L?Yzy zo{y;`ofcLDGUQS7_^D4~nWJu+%0iU>;cu2uF|OX5n| zKKaPo>z1}={HNRlCqyg|SRC zPvHYv{?KRStp>=R2XNHRbN&hCfGFl5b(x*B8TVL$4C58(=hBBP75zC7gk$imKCWJsd~vKELp^oRKlo3U!qGxBKcj>tRSC@A#ugJqu6|jW z=hA&rbyr?N==85>Y(JgR{R$3)XruC#$<+mOv=LONzU}Mh0K=A_TopZYy^2m=M)a9F zZleUuc;&LG;;)!kk`UkTm6Vz4$PL;zH-!u@$*dTwwx(`W=e&two z2Yv&!t>eRy_PuGvF||E%;x!k z9fi2g3BNGR?mG6=ezjYJ813Dw0v|u;#4K_sEIAgLNtt3VExfXCK8r|AqVK& zb!7T_JQ!dFRIEw}z4(R}GC{CH=M>>P=0IgZb0v$e3PxXV#=+xi)7q`4H7KAZyOOA; zr4wUDgX#jUhL&h8Z$ZQEyVBwN%2+5%mb@R_4jsO(cRZ-d;uu(zx#?*lutTbzXGR=h zFVOSO^FzqKGJ05Bu0cycDhtxlF!apRR!NOi757pd`lvyO{ti^`Ha6B|nXU)5K_=6Z z=%PR=Lo6JD9Q?8pSLuVX=6<VQ~Nip>_$|Uc-m+0bL<|VVklZciBCTc&o0hXCbF+ zHnfQv7dUudr6LbWZO6924C&CI^e(>0jtpkYcqhXx5nH5ujZjO|b>z0I{xbTrkzD-n zm1mHWsViY>rP=KWvPHbc)PukYw`JatX;xw>HeaN^%G?KWvJg!ef$|LY6K23un-uZN)}5;E14+V>CYU-yCi>P&?wjuQ;I?sYp@ekt_tC>T4^{=W z&soE!J3u^c_f6(dRCl_nH2J;bFm;=Bi@z5_fYX z&Ir(lC^#4w8+zKS{pzsBAx1Oz!TLI!*r=G^m7O4jp zkp=zw2Gg)AN85U)|AHh%z4oL#{wWw^oJGm#$W8SkMO4=BuMwE__FxxO&dmSl{qlYPA+ZkpiiXQpnan;+JyrI0hKbRq& zyNL?=PIP;9QBHO#5|-yPz)Dis=hfzsX1QR`MWRIi1xiVW;PEky=r%jNwcD23HRSHx zKiVjUJN^loiR|g+D|822<*-$o8(gNzsd->%?T`(k@)N>LL{c(M2s_`<%Jj@3yS7k6mTdVT|QmsvvtzXq*WFQxFd2vmvYr`r&9f9-6tkx^3XVm8}Iu51|tq>I7WIyx0Y=U2b z=~4sk&G$D6OaoJpZ382$e0>$N#_>+V9s-_u!={I z@-*3?nP)~>T7-GHcWF*Gef5)mR_2qjx3G!OATrw5RjCTiJltR6GTc_6kBwI`;ChKd zSXJ=a`K1dA<4)>sRm;q)3JPrU&c6hzAk4u^*2ZDt4n`}zI57(Fpf`BzYL1=Rv#Wc2 zetH%X!r=)n7|p|8mkV`H6+ zXZ{7xfcepKh!{nCXg$=D=I}jGTuc?y`(k0}=tiHg^Q5s+{RNpO8Hu=Zq@@h0f0n1p zJL53BO&7oNl+i}Ww@Fl60gD=ZyBk4FHt#+&tFhdQW>;48q%Uo1(quR3BA~7lMx0vC zS9C_YcVm5nUU*tj;`|T+0>oYD;VLoEBot+?0UM3+OI=GU*XLo5$hsh|id$7Ur0SF+o-rnXa-UZ7Ad}ptK4umq14O! z!`8`>lz{uLj7A;uoIZ5~GDBOsaW^vDrv&E4xKkU(ZWZ2o*?kgYr&kOl;S8f)6CY^{{X#OY+X^4V|E<$G@5eI; zeuOs?9(CrZ+*eY9Z9)sfrfdg|ROGszF9{`nq|v))ig%&ZnwlT13zzP`a@O5hl`Vk~ z#<9$sw?L#fDsFZh|ATp>EZhN+4;7GEF6X{d@8{&Q~xyt`j=feygGb(wT*Ui%5luvIwF=S9 z+?7tLg5wt|tAku&Y*HBmm7SW*4Q2v}dNVP^8z-<*T66;!`}2~h8tFAMNnQ{F1)LZl zZ_r35no^TaN*L5M2&><5b`XnVwI2nasuri8>0CwN5)DGd&UsC)lfe60)WkSdKRP%< zcSW6<2<`+0Km5cVr?8Jck(xvrXlTB&$8UUoE5c!lD!|By=APL`~TLg0tX0;Db#pWe!m``yt9hAM7 zH=DwTw{|hF!|}<5`%`7n42M#3C=Yd3ae2GsOt}pU_{1Jp%QAUZ9(GpkrXZAcWCvvp zm-39nI(SmY6`ImuP-yS9)^FXkdIqWJ`i2N4jHU;?bKDPkrpawhxx(Yzz>`||6KDW3 zb;HLwr~C^N1W9LbFGTWVSf^yv6_0Is#!PI~H zXCt=%wSNXMz<=od9SZU<(e|(Q84yePlfIlB=s;5Uk8yN3Tu!UY=#4eF(UY@(!~(HA z$FP0d^Uc1rIj1gG-JTH7mFP69qE`PYh^HS4p!WNfKmObPUXWxk?Oz2Y{jDIj&m#XW z2`52HXIuITBW6QWnLMGchK1_OPM!1DKS?n0p#iGDNB`r$?e9q>g6aNE64tx&z2BjK z|7sxSv;~#TD*K($d?lo{fu5cjXE$!HDE^-ukWO&_=uG}=^|AW*k~lDF@K28aE{Vs@ ztQt~Sd`Y$Dt)TQy(B?Nv$o5lP?-Uw-=cW=*~`rw&**Rg0|)|^&c zQhrt(=w!+JNdfsjtyMZ?Vd~NcY+LnnE(8a>%jWag+lznh80pEE8Ov{on@D1K63b?)TK%#VqT%eUI4~HtR6lz>-gvo@BiCB` zS;-CxASvr7&uK~)z$#^K?V_F?Fbo_mQZz1!U-!+4LRmDZU9*mNkxLm-*PzWXU=Q6j z1`-M;Qo^34452DS_CVuDay>%D^CP}g69WrA4>U_!KjMm71j?@c@{m2r+2vF@yc0f-c(>hR89dFGUK8~@B zt3~#+`FKY;#g;00lA;SB6H}Wqn<&0U*%R)XPy2#NFB~XDv#vqZaauMc>LGa%lGnAk zy_myzBvXGz&j*eZ`(p>tQ@!U4`q4VWj3^d!w(K#(3b`nzv}~jQQ5aLqUW`0;)x{^* z;56gbS8b&w+P;C4d+QC;Ty2Y5Eo$nfA6Bq#;b1a}Ak`X^z9&ZGC>1W*d^qs989vTz z!$i^2%-F=K9W(}co+Qv5FEzKuzewWu0*PfzA}snGFD~b63AC~Te@4(LS(H8uxVTSK zCD>dl&$FZ-?zpzB*=iyyc4OIRv%;KEVJ7;J%r3mc@VUJ|e{REdTgeFK6@?ks_37EO z9ic#HkUZvIu#^3n@7uBu-+ZxPj3j8zqp`K`>0|1`7@JEqBqKAC6IYLgV1LDY5!^v1 zS4EcE==BaWW5-Vwack><fD z{z8hVV6YJh;@I6Mzf5n7anomhbKe9n`J|~UK6`0rU-Xl%uNTFx?SfZh1kExq{!{F) zzP^+YQw-X+IGS{N)95ro{G}=57l?bE)^LBJQJ3I5-68)D|Ic|@?XN1d0z*AJEYwB? z*{P)z&wCK@BO*3zG?8xI&IWFiZ5Mwq%r^-4|3W?eU#L&~+j_!^rFi^rP+$8i3=cWZ zZ*FPDQTxSpI;`=0&fk=(^>>asZHWJG)GNvVwTS*V)Y~)5u-9ERQvNWWLcyF(ZboaY zBvJSl{jw<#;%`e3`)%Yhuir{mNX|e*u9E2PO@z{!l3WzjeHPKf>p3n8u{4A8(&6^P z#X2$j%RqR9IaOL~GGBrzsell$$rQPCT~^{-jFXCH)|aaRlai{g3ABTMQog}uFE?7e zvTZ7s@YB^CnogOO4sVxms69i4^D`y^8_WGp1{WO$dG1;zmJ*v7j#dj&)-AZ>&#l2T zShv=XJJ%nCt?AqgAz(CtpUS4S%Gb$v>n_F1u4{~pu#PS9=ktqqprw2*M*Y8!49=H% zw*HhdEn*)ImTkJp#SVQ~ustVj6Wp*7(TI9qIKo91u!tiifAvh+=LkN+ruPw(Qy4_^ zAQyDYGPb?_WLY)G>bl7F;~C4E6Jiy{aVIGHeX7i*P-H=g3tTGjsEziJ0?{Sc73-ZJ zt*afl@>$f`0uhcOg+1Y?b?oc8*U{|-#W7dyGd|K zc@v)NY=TcCmO6^GL!Jfc`Gnow&0X_BCoubM<{^b6(u~OdCobCAccS*=l|%Ng6_&{) ziriLu?o2O=+ij@o$mbFU$&g};()M38S^HD5a#acX2tb)$dSG>Q@UY2 zZ|8a>B$8|u+6qp$$ggQ5 zmd;hV>2XxE3c4%%vW$!%i6AofihCQNN z>-L(L8vAHU1FZH3gLa(-4xGJFvaZyb@aiy_-c0q;qM{`y*hNc!ccZ#LwqRU7Za^x! zsN*Z6un?_Z;t5QjqialunclcS;*v*4U{2zUwK*$_z-NENUy32(PG)9irN_-tAX&ON zpXHF-6=0dJXoevKDNpBypIQ)yeSZlG+`4yvSctN!zM&?#^HLNk2q+142{X&gD?UPs z(znA{!@I_6P)kJ0KZaW&G#fdC?0vEkT5O*l^_y5ZntirrwcC?1v!FEPX+lZ%q|@be5LV*K6Ljb^&I6Qt-msh}8+!mZ!WtQ@(- zUN@hhe9(n}*KB?>Ps51f#YV=;Gl0_V;2rj#TyQr*9=2ymD@Ed`%&{)I7Jw> zBSlEPFy0P%Eg2hpYMa`@`*0d`4n9d1%XG`nXQ7gjkI6(pPYp@kT`~78lw!&ECH@`@ z;yA|WI^vP-^aOi0`o!3A<;%17T!J3lD(RG?hxUQ&?owwc#@EAOzfXRZ8;#<>aAr@q zLN831uB1-Zb@b*pw;(N*L4hyWVc<%1kWth){G9H z%2jEp3cj6cJvKBw9+Y8$yh|Y6k=I$SQpCUHZA2E^-ac*;g{L-`aD=)CtLC`pj(b*8 z`IEAu2I44~VBKtnmY?vS;nuzCd*jF1cGOWUFMk-<^MwVPA^CUhbhJE@T&8c6dNA{> zQglseNrEl^#_;=Zy+;xR@R$GQ+TZjZ5T5_oam)YuuX+y%#RBNBe;^P5{KOz2f^Ghp zU9M9=ia@v?n8-w%Yd7h!RLLRX3Z90D^*SUi&~U-xBT44N#jLoY_u0;BycGtQy{5RE zP~i=~SOz69c0i+UYqr=UstSnZ&-zboANXl__hIIN{Dy}D+KhtROmsCm{IaW#f2KF3|81f3=!qLuaYBE;m_~=0DF-riK oClgP}D0aGm%b6$lE@Oh#MRyg%&_o~^U``U*F`|k;;yL<%09lwS)Bpeg literal 0 HcmV?d00001 diff --git a/test/pcap/rfc9000/quic_result.json b/test/pcap/rfc9000/quic_result.json index 33179dc..38f21e3 100644 --- a/test/pcap/rfc9000/quic_result.json +++ b/test/pcap/rfc9000/quic_result.json @@ -1,8 +1,11 @@ -[ - { - "Tuple4": "192.168.60.32.59699>64.233.164.84.443", - "VERSION": "IETF QUIC RFC9000", - "SNI": "accounts.google.com", - "name": "QUIC_RESULT_1" - } -] +[{ + "Tuple4": "192.168.60.32.59699>64.233.164.84.443", + "VERSION": "IETF QUIC RFC9000", + "SNI": "accounts.google.com", + "name": "QUIC_RESULT_1" + }, { + "Tuple4": "124.88.191.113.39716>114.250.66.33.443", + "VERSION": "IETF QUIC RFC9000", + "SNI": "safebrowsing.googleapis.com", + "name": "QUIC_RESULT_2" +}]