#ifndef __OSFP_COMMON_H__ #define __OSFP_COMMON_H__ #include #include #include #include #include #include #include #include #include #include "utarray.h" #include "uthash.h" #include "utlist.h" #include "utringbuffer.h" #include "utstack.h" #include "utstring.h" #include "cJSON.h" #include "osfp.h" static inline unsigned long long osfp_rdtsc(void) { union { unsigned long long tsc_64; struct { unsigned int lo_32; unsigned int hi_32; }; } tsc; asm volatile("rdtsc" : "=a" (tsc.lo_32), "=d" (tsc.hi_32)); return tsc.tsc_64; } extern unsigned int osfp_profile_enable; #define osfp_profile_cycle(x) volatile unsigned long long x = 0 #define osfp_profile_get_cycle(x) do { \ if (__builtin_expect(!!(osfp_profile_enable), 0)) { \ x = osfp_rdtsc(); \ } else { \ x = 0; \ } \ } while(0) struct osfp_profile_counter { unsigned long long count; unsigned long long curr_cycle; unsigned long long max_cycle; unsigned long long min_cycle; unsigned long long total_cycle; }; extern struct osfp_profile_counter osfp_profile_fingerprinting; extern struct osfp_profile_counter osfp_profile_score; extern struct osfp_profile_counter osfp_profile_result_build; extern struct osfp_profile_counter osfp_profile_result_export; void osfp_profile_counter_update(struct osfp_profile_counter *profile, unsigned long long curr_cycle); void osfp_profile_print_stats(void); void osfp_profile_set(unsigned int enabled); #define OSFP_BIT_U32(n) (1UL << (n)) #define OSFP_PERCENTILE 100 #define OSFP_ETHERNET_HEADER_LEN 14 #define OSFP_VLAN_HEADER_LEN 4 #define OSFP_IPV4_HEADER_LEN 20 #define OSFP_IPV6_HEADER_LEN 40 #define OSFP_TCP_HEADER_LEN 20 #define OSFP_TCP_DATA_OFF_MAX 60 #define OSFP_TCP_OPTLENMAX 64 #define OSFP_TCP_OPTMAX 20 //# TCP Options (opt_type) - http://www.iana.org/assignments/tcp-parameters #define OSFP_TCP_OPT_EOL 0 //# end of option list #define OSFP_TCP_OPT_NOP 1 //# no operation #define OSFP_TCP_OPT_MSS 2 //# maximum segment size #define OSFP_TCP_OPT_WSCALE 3 //# window scale factor, RFC 1072 #define OSFP_TCP_OPT_SACKOK 4 //# SACK permitted, RFC 2018 #define OSFP_TCP_OPT_SACK 5 //# SACK, RFC 2018 #define OSFP_TCP_OPT_ECHO 6 //# echo (obsolete), RFC 1072 #define OSFP_TCP_OPT_ECHOREPLY 7 //# echo reply (obsolete), RFC 1072 #define OSFP_TCP_OPT_TIMESTAMP 8 //# timestamps, RFC 1323 #define OSFP_TCP_OPT_POCONN 9 //# partial order conn, RFC 1693 #define OSFP_TCP_OPT_POSVC 10 //# partial order service, RFC 1693 #define OSFP_TCP_OPT_CC 11 //# connection count, RFC 1644 #define OSFP_TCP_OPT_CCNEW 12 //# CC.NEW, RFC 1644 #define OSFP_TCP_OPT_CCECHO 13 //# CC.ECHO, RFC 1644 #define OSFP_TCP_OPT_ALTSUM 14 //# alt checksum request, RFC 1146 #define OSFP_TCP_OPT_ALTSUMDATA 15 //# alt checksum data, RFC 1146 #define OSFP_TCP_OPT_SKEETER 16 //# Skeeter #define OSFP_TCP_OPT_BUBBA 17 //# Bubba #define OSFP_TCP_OPT_TRAILSUM 18 //# trailer checksum #define OSFP_TCP_OPT_MD5 19 //# MD5 signature, RFC 2385 #define OSFP_TCP_OPT_SCPS 20 //# SCPS capabilities #define OSFP_TCP_OPT_SNACK 21 //# selective negative acks #define OSFP_TCP_OPT_REC 22 //# record boundaries #define OSFP_TCP_OPT_CORRUPT 23 //# corruption experienced #define OSFP_TCP_OPT_SNAP 24 //# SNAP #define OSFP_TCP_OPT_TCPCOMP 26 //# TCP compression filter #define OSFP_TCP_OPT_MAX 27 //# Quick-Start Response #define OSFP_TCP_OPT_USRTO 28 //# User Timeout Option (also, other known unauthorized use) [***][1] [RFC5482] #define OSFP_TCP_OPT_AUTH 29 //# TCP Authentication Option (TCP-AO) [RFC5925] #define OSFP_TCP_OPT_MULTIPATH 30 //# Multipath TCP (MPTCP) #define OSFP_TCP_OPT_FASTOPEN 34 //# TCP Fast Open Cookie [RFC7413] #define OSFP_TCP_OPY_ENCNEG 69 //# Encryption Negotiation (TCP-ENO) [RFC8547] #define OSFP_TCP_OPT_EXP1 253 //# RFC3692-style Experiment 1 (also improperly used for shipping products) #define OSFP_TCP_OPT_EXP2 254 //# RFC3692-style Experiment 2 (also improperly used for shipping products) #define OSFP_TCP_OPT_SACKOK_LEN 2 #define OSFP_TCP_OPT_WS_LEN 3 #define OSFP_TCP_OPT_TS_LEN 10 #define OSFP_TCP_OPT_MSS_LEN 4 #define OSFP_TCP_OPT_SACK_MIN_LEN 10 /* hdr 2, 1 pair 8 = 10 */ #define OSFP_TCP_OPT_SACK_MAX_LEN 34 /* hdr 2, 4 pair 32= 34 */ #define OSFP_TCP_OPT_TFO_MIN_LEN 4 /* kind, len, 2 bytes cookie: 4 */ #define OSFP_TCP_OPT_TFO_MAX_LEN 18 /* kind, len, 18 */ /** * @brief 定义操作系统类别的名称常量。 */ #define OSFP_OS_CLASS_NAME_UNKNOWN "Unknown" #define OSFP_OS_CLASS_NAME_WINDOWS "Windows" #define OSFP_OS_CLASS_NAME_LINUX "Linux" #define OSFP_OS_CLASS_NAME_MAC_OS "Mac OS" #define OSFP_OS_CLASS_NAME_IOS "iOS" #define OSFP_OS_CLASS_NAME_ANDROID "Android" #define OSFP_OS_CLASS_NAME_OTHERS "Others" /** * @brief 枚举表示不同的操作系统类别。 */ enum osfp_os_class_id { OSFP_OS_CLASS_UNKNOWN, // 未知 OSFP_OS_CLASS_WINDOWS, // Windows OSFP_OS_CLASS_LINUX, // Linux OSFP_OS_CLASS_MAC_OS, // Mac OS OSFP_OS_CLASS_IOS, // iOS OSFP_OS_CLASS_ANDROID, // Android OSFP_OS_CLASS_OTHERS, // 其他 OSFP_OS_CLASS_MAX, }; #define OSFP_OS_CLASS_FLAG_WINDOWS OSFP_BIT_U32(OSFP_OS_CLASS_WINDOWS) #define OSFP_OS_CLASS_FLAG_LINUX OSFP_BIT_U32(OSFP_OS_CLASS_LINUX) #define OSFP_OS_CLASS_FLAG_MAC_OS OSFP_BIT_U32(OSFP_OS_CLASS_MAC_OS) #define OSFP_OS_CLASS_FLAG_IOS OSFP_BIT_U32(OSFP_OS_CLASS_IOS) #define OSFP_OS_CLASS_FLAG_ANDROID OSFP_BIT_U32(OSFP_OS_CLASS_ANDROID) enum osfp_error_code { OSFP_NOERR, OSFP_EINVAL, OSFP_ENOMEM, OSFP_ERR_SCORE_DB_READ_FILE, OSFP_ERR_SCORE_DB_PARSE_FILE, OSFP_ERR_SCORE_DB_UNSUPPORTED, OSFP_ERR_FINGERPRINTING_UNSUPPORTED, }; /** * @brief 结构体用于 osfp_result 中的详细结果。 */ struct osfp_result_detail { unsigned int score; // 得分 unsigned int possibility; // 可能性 }; /** * @brief 结构体用于表示操作系统识别结果。 */ struct osfp_result { char *json_str; // JSON 字符串 enum osfp_os_class_id likely_os_class; // 最可能的操作系统类别 struct osfp_result_detail details[OSFP_OS_CLASS_MAX]; // 详细结果数组 }; /** * @brief 结构体用于表示操作系统指纹库。 */ struct osfp_db { char *db_json_path; // 操作系统指纹库 JSON 文件路径 void *score_db; // 分数数据库指针 }; enum osfp_os_class_id osfp_os_class_name_to_id(char *name); extern const char *osfp_os_class_name[OSFP_OS_CLASS_MAX]; static inline const char *osfp_os_class_id_to_name(enum osfp_os_class_id os_class) { return osfp_os_class_name[os_class]; } #endif