nfqws: tls client hello reassemble

2025-12-31 11:55:55 +03:00 · 2023-11-15 19:36:34 +03:00
parent f25f1f104b
commit a9a4cd5cb4
23 changed files with 377 additions and 149 deletions
--- a/nfq/conntrack.c
+++ b/nfq/conntrack.c
@@ -25,9 +25,23 @@ static void connswap(const t_conn *c, t_conn *c2)
 	c2->dport = c->sport;
 }

+void ConntrackClearHostname(t_ctrack *track)
+{
+	if (track->hostname)
+	{
+		free(track->hostname);
+		track->hostname = NULL;
+	}
+}
+static void ConntrackClearTrack(t_ctrack *track)
+{
+	ConntrackClearHostname(track);
+	ReasmClear(&track->reasm_orig);
+}
+
 static void ConntrackFreeElem(t_conntrack_pool *elem)
 {
-	if (elem->track.hostname) free(elem->track.hostname);
+	ConntrackClearTrack(&elem->track);
 	free(elem);
 }

@@ -309,3 +323,36 @@ void ConntrackPoolDump(const t_conntrack *p)
 			t->track.req_retrans_counter, t->track.b_cutoff, t->track.b_wssize_cutoff, t->track.b_desync_cutoff, t->track.hostname, ConntrackProtoName(t->track.l7proto));
 	};
 }
+
+
+void ReasmClear(t_reassemble *reasm)
+{
+	if (reasm->packet)
+	{
+		free(reasm->packet);
+		reasm->packet = NULL;
+	}
+	reasm->size = reasm->size_present = 0;
+}
+bool ReasmInit(t_reassemble *reasm, size_t size_requested, uint32_t seq_start)
+{
+	reasm->packet = malloc(size_requested);
+	if (!reasm->packet) return false;
+	reasm->size = size_requested;
+	reasm->size_present = 0;
+	reasm->seq = seq_start;
+	return true;
+}
+bool ReasmFeed(t_reassemble *reasm, uint32_t seq, const void *payload, size_t len)
+{
+	if (reasm->seq!=seq) return false; // fail session if out of sequence
+	
+	size_t szcopy;
+	szcopy = reasm->size - reasm->size_present;
+	if (len<szcopy) szcopy = len;
+	memcpy(reasm->packet + reasm->size_present, payload, szcopy);
+	reasm->size_present += szcopy;
+	reasm->seq += (uint32_t)szcopy;
+
+	return true;
+}