207 lines
7.7 KiB
C
207 lines
7.7 KiB
C
#ifndef __OSFP_COMMON_H__
|
|
#define __OSFP_COMMON_H__
|
|
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <unistd.h>
|
|
#include <malloc.h>
|
|
#include <stdarg.h>
|
|
#include <time.h>
|
|
|
|
#include <sys/fcntl.h>
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
|
|
#include "utarray.h"
|
|
#include "uthash.h"
|
|
#include "utlist.h"
|
|
#include "utringbuffer.h"
|
|
#include "utstack.h"
|
|
#include "utstring.h"
|
|
|
|
#include "cJSON.h"
|
|
|
|
#include "osfp.h"
|
|
|
|
static inline unsigned long long osfp_rdtsc(void)
|
|
{
|
|
union {
|
|
unsigned long long tsc_64;
|
|
struct {
|
|
unsigned int lo_32;
|
|
unsigned int hi_32;
|
|
};
|
|
} tsc;
|
|
|
|
asm volatile("rdtsc" :
|
|
"=a" (tsc.lo_32),
|
|
"=d" (tsc.hi_32));
|
|
return tsc.tsc_64;
|
|
}
|
|
|
|
extern unsigned int osfp_profile_enable;
|
|
|
|
#define osfp_profile_cycle(x) volatile unsigned long long x = 0
|
|
#define osfp_profile_get_cycle(x) do { \
|
|
if (__builtin_expect(!!(osfp_profile_enable), 0)) { \
|
|
x = osfp_rdtsc(); \
|
|
} else { \
|
|
x = 0; \
|
|
} \
|
|
} while(0)
|
|
|
|
struct osfp_profile_counter {
|
|
unsigned long long count;
|
|
unsigned long long curr_cycle;
|
|
unsigned long long max_cycle;
|
|
unsigned long long min_cycle;
|
|
unsigned long long total_cycle;
|
|
};
|
|
|
|
extern struct osfp_profile_counter osfp_profile_fingerprinting;
|
|
extern struct osfp_profile_counter osfp_profile_score;
|
|
extern struct osfp_profile_counter osfp_profile_result_build;
|
|
extern struct osfp_profile_counter osfp_profile_result_export;
|
|
|
|
void osfp_profile_counter_update(struct osfp_profile_counter *profile, unsigned long long curr_cycle);
|
|
void osfp_profile_print_stats(void);
|
|
void osfp_profile_set(unsigned int enabled);
|
|
|
|
|
|
#define OSFP_BIT_U32(n) (1UL << (n))
|
|
|
|
#define OSFP_PERCENTILE 100
|
|
|
|
#define OSFP_ETHERNET_HEADER_LEN 14
|
|
#define OSFP_VLAN_HEADER_LEN 4
|
|
#define OSFP_IPV4_HEADER_LEN 20
|
|
#define OSFP_IPV6_HEADER_LEN 40
|
|
#define OSFP_TCP_HEADER_LEN 20
|
|
#define OSFP_TCP_DATA_OFF_MAX 60
|
|
#define OSFP_TCP_OPTLENMAX 64
|
|
#define OSFP_TCP_OPTMAX 20
|
|
//# TCP Options (opt_type) - http://www.iana.org/assignments/tcp-parameters
|
|
#define OSFP_TCP_OPT_EOL 0 //# end of option list
|
|
#define OSFP_TCP_OPT_NOP 1 //# no operation
|
|
#define OSFP_TCP_OPT_MSS 2 //# maximum segment size
|
|
#define OSFP_TCP_OPT_WSCALE 3 //# window scale factor, RFC 1072
|
|
#define OSFP_TCP_OPT_SACKOK 4 //# SACK permitted, RFC 2018
|
|
#define OSFP_TCP_OPT_SACK 5 //# SACK, RFC 2018
|
|
#define OSFP_TCP_OPT_ECHO 6 //# echo (obsolete), RFC 1072
|
|
#define OSFP_TCP_OPT_ECHOREPLY 7 //# echo reply (obsolete), RFC 1072
|
|
#define OSFP_TCP_OPT_TIMESTAMP 8 //# timestamps, RFC 1323
|
|
#define OSFP_TCP_OPT_POCONN 9 //# partial order conn, RFC 1693
|
|
#define OSFP_TCP_OPT_POSVC 10 //# partial order service, RFC 1693
|
|
#define OSFP_TCP_OPT_CC 11 //# connection count, RFC 1644
|
|
#define OSFP_TCP_OPT_CCNEW 12 //# CC.NEW, RFC 1644
|
|
#define OSFP_TCP_OPT_CCECHO 13 //# CC.ECHO, RFC 1644
|
|
#define OSFP_TCP_OPT_ALTSUM 14 //# alt checksum request, RFC 1146
|
|
#define OSFP_TCP_OPT_ALTSUMDATA 15 //# alt checksum data, RFC 1146
|
|
#define OSFP_TCP_OPT_SKEETER 16 //# Skeeter
|
|
#define OSFP_TCP_OPT_BUBBA 17 //# Bubba
|
|
#define OSFP_TCP_OPT_TRAILSUM 18 //# trailer checksum
|
|
#define OSFP_TCP_OPT_MD5 19 //# MD5 signature, RFC 2385
|
|
#define OSFP_TCP_OPT_SCPS 20 //# SCPS capabilities
|
|
#define OSFP_TCP_OPT_SNACK 21 //# selective negative acks
|
|
#define OSFP_TCP_OPT_REC 22 //# record boundaries
|
|
#define OSFP_TCP_OPT_CORRUPT 23 //# corruption experienced
|
|
#define OSFP_TCP_OPT_SNAP 24 //# SNAP
|
|
#define OSFP_TCP_OPT_TCPCOMP 26 //# TCP compression filter
|
|
#define OSFP_TCP_OPT_MAX 27 //# Quick-Start Response
|
|
#define OSFP_TCP_OPT_USRTO 28 //# User Timeout Option (also, other known unauthorized use) [***][1] [RFC5482]
|
|
#define OSFP_TCP_OPT_AUTH 29 //# TCP Authentication Option (TCP-AO) [RFC5925]
|
|
#define OSFP_TCP_OPT_MULTIPATH 30 //# Multipath TCP (MPTCP)
|
|
#define OSFP_TCP_OPT_FASTOPEN 34 //# TCP Fast Open Cookie [RFC7413]
|
|
#define OSFP_TCP_OPY_ENCNEG 69 //# Encryption Negotiation (TCP-ENO) [RFC8547]
|
|
#define OSFP_TCP_OPT_EXP1 253 //# RFC3692-style Experiment 1 (also improperly used for shipping products)
|
|
#define OSFP_TCP_OPT_EXP2 254 //# RFC3692-style Experiment 2 (also improperly used for shipping products)
|
|
#define OSFP_TCP_OPT_SACKOK_LEN 2
|
|
#define OSFP_TCP_OPT_WS_LEN 3
|
|
#define OSFP_TCP_OPT_TS_LEN 10
|
|
#define OSFP_TCP_OPT_MSS_LEN 4
|
|
#define OSFP_TCP_OPT_SACK_MIN_LEN 10 /* hdr 2, 1 pair 8 = 10 */
|
|
#define OSFP_TCP_OPT_SACK_MAX_LEN 34 /* hdr 2, 4 pair 32= 34 */
|
|
#define OSFP_TCP_OPT_TFO_MIN_LEN 4 /* kind, len, 2 bytes cookie: 4 */
|
|
#define OSFP_TCP_OPT_TFO_MAX_LEN 18 /* kind, len, 18 */
|
|
|
|
|
|
/**
|
|
* @brief 定义操作系统类别的名称常量。
|
|
*/
|
|
#define OSFP_OS_CLASS_NAME_UNKNOWN "Unknown"
|
|
#define OSFP_OS_CLASS_NAME_WINDOWS "Windows"
|
|
#define OSFP_OS_CLASS_NAME_LINUX "Linux"
|
|
#define OSFP_OS_CLASS_NAME_MAC_OS "Mac OS"
|
|
#define OSFP_OS_CLASS_NAME_IOS "iOS"
|
|
#define OSFP_OS_CLASS_NAME_ANDROID "Android"
|
|
#define OSFP_OS_CLASS_NAME_OTHERS "Others"
|
|
|
|
/**
|
|
* @brief 枚举表示不同的操作系统类别。
|
|
*/
|
|
enum osfp_os_class_id {
|
|
OSFP_OS_CLASS_UNKNOWN, // 未知
|
|
OSFP_OS_CLASS_WINDOWS, // Windows
|
|
OSFP_OS_CLASS_LINUX, // Linux
|
|
OSFP_OS_CLASS_MAC_OS, // Mac OS
|
|
OSFP_OS_CLASS_IOS, // iOS
|
|
OSFP_OS_CLASS_ANDROID, // Android
|
|
OSFP_OS_CLASS_OTHERS, // 其他
|
|
OSFP_OS_CLASS_MAX,
|
|
};
|
|
|
|
|
|
#define OSFP_OS_CLASS_FLAG_WINDOWS OSFP_BIT_U32(OSFP_OS_CLASS_WINDOWS)
|
|
#define OSFP_OS_CLASS_FLAG_LINUX OSFP_BIT_U32(OSFP_OS_CLASS_LINUX)
|
|
#define OSFP_OS_CLASS_FLAG_MAC_OS OSFP_BIT_U32(OSFP_OS_CLASS_MAC_OS)
|
|
#define OSFP_OS_CLASS_FLAG_IOS OSFP_BIT_U32(OSFP_OS_CLASS_IOS)
|
|
#define OSFP_OS_CLASS_FLAG_ANDROID OSFP_BIT_U32(OSFP_OS_CLASS_ANDROID)
|
|
|
|
|
|
enum osfp_error_code {
|
|
OSFP_NOERR,
|
|
OSFP_EINVAL,
|
|
OSFP_ENOMEM,
|
|
OSFP_ERR_SCORE_DB_READ_FILE,
|
|
OSFP_ERR_SCORE_DB_PARSE_FILE,
|
|
OSFP_ERR_SCORE_DB_UNSUPPORTED,
|
|
|
|
OSFP_ERR_FINGERPRINTING_UNSUPPORTED,
|
|
};
|
|
|
|
|
|
/**
|
|
* @brief 结构体用于 osfp_result 中的详细结果。
|
|
*/
|
|
struct osfp_result_detail {
|
|
unsigned int score; // 得分
|
|
unsigned int possibility; // 可能性
|
|
};
|
|
|
|
/**
|
|
* @brief 结构体用于表示操作系统识别结果。
|
|
*/
|
|
struct osfp_result {
|
|
char *json_str; // JSON 字符串
|
|
enum osfp_os_class_id likely_os_class; // 最可能的操作系统类别
|
|
struct osfp_result_detail details[OSFP_OS_CLASS_MAX]; // 详细结果数组
|
|
};
|
|
|
|
/**
|
|
* @brief 结构体用于表示操作系统指纹库。
|
|
*/
|
|
struct osfp_db {
|
|
char *db_json_path; // 操作系统指纹库 JSON 文件路径
|
|
void *score_db; // 分数数据库指针
|
|
};
|
|
|
|
enum osfp_os_class_id osfp_os_class_name_to_id(char *name);
|
|
|
|
extern const char *osfp_os_class_name[OSFP_OS_CLASS_MAX];
|
|
static inline const char *osfp_os_class_id_to_name(enum osfp_os_class_id os_class)
|
|
{
|
|
return osfp_os_class_name[os_class];
|
|
}
|
|
|
|
#endif
|