Keep separating public and private API (ntop#2157)

See: b08c787

fuzz/Makefile.am

@@ -78,8 +78,8 @@ fuzz_quic_get_crypto_data_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS)
     $(fuzz_quic_get_crypto_data_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@
 
 fuzz_config_SOURCES = fuzz_config.cpp fuzz_common_code.c
-fuzz_config_CXXFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS)
-fuzz_config_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS)
+fuzz_config_CXXFLAGS = -I../src/lib/ @NDPI_CFLAGS@ $(CXXFLAGS) -DNDPI_LIB_COMPILATION
+fuzz_config_CFLAGS = -I../src/lib/ @NDPI_CFLAGS@ $(CXXFLAGS) -DNDPI_LIB_COMPILATION
 fuzz_config_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS)
 fuzz_config_LDFLAGS = $(LIBS)
 if HAS_FUZZLDFLAGS

fuzz/fuzz_config.cpp

@@ -1,4 +1,5 @@
 #include "ndpi_api.h"
+#include "ndpi_private.h"
 #include "ndpi_classify.h"
 #include "fuzz_common_code.h"
 
@@ -204,7 +205,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   ndpi_get_http_method(ndpi_info_mod, bool_value ? &flow : NULL);
   ndpi_get_http_url(ndpi_info_mod, &flow);
   ndpi_get_http_content_type(ndpi_info_mod, &flow);
-  ndpi_check_for_email_address(ndpi_info_mod, 0);
+  check_for_email_address(ndpi_info_mod, 0);
   ndpi_get_flow_name(bool_value ? &flow : NULL);
   /* ndpi_guess_undetected_protocol() is a "strange" function. Try fuzzing it, here */
   if(!ndpi_is_protocol_detected(ndpi_info_mod, p)) {

src/include/ndpi_api.h

@@ -241,18 +241,6 @@ extern "C" {
    */
   void ndpi_free_flow(struct ndpi_flow_struct *flow);
 
-  /**
-   * Enables cache support.
-   * In nDPI is used for some protocol (i.e. Skype)
-   *
-   * @par ndpi_mod  = the struct created for the protocol detection
-   * @par host      = string for the host name
-   * @par port      = unsigned int for the port number
-   *
-   */
-  void ndpi_enable_cache(struct ndpi_detection_module_struct *ndpi_mod,
-			 char* host, u_int port);
-
   /**
    * Destroys the detection module
    *
@@ -2164,6 +2152,29 @@ extern "C" {
    */
   void *ndpi_get_user_data(struct ndpi_detection_module_struct *ndpi_str);
 
+  /* ******************************* */
+
+  /* Can't call libc functions from kernel space, define some stub instead */
+
+#define ndpi_isalpha(ch) (((ch) >= 'a' && (ch) <= 'z') || ((ch) >= 'A' && (ch) <= 'Z'))
+#define ndpi_isdigit(ch) ((ch) >= '0' && (ch) <= '9')
+#define ndpi_isalnum(ch) (ndpi_isalpha(ch) != 0 || ndpi_isdigit(ch) != 0)
+#define ndpi_isspace(ch) (((ch) >= '\t' && (ch) <= '\r') || ((ch) == ' '))
+#define ndpi_isprint(ch) ((ch) >= 0x20 && (ch) <= 0x7e)
+#define ndpi_ispunct(ch) (((ch) >= '!' && (ch) <= '/') ||   \
+              ((ch) >= ':' && (ch) <= '@') ||   \
+              ((ch) >= '[' && (ch) <= '`') ||   \
+              ((ch) >= '{' && (ch) <= '~'))
+
+  /* ******************************* */
+
+  int ndpi_vsnprintf(char * str, size_t size, char const * format, va_list va_args);
+  int ndpi_snprintf(char * str, size_t size, char const * format, ...);
+  struct tm *ndpi_gmtime_r(const time_t *timep,
+                           struct tm *result);
+
+  /* ******************************* */
+
 #ifdef __cplusplus
 }
 #endif

src/include/ndpi_main.h

@@ -33,11 +33,7 @@
 #include "ndpi_protocol_ids.h"
 #include "ndpi_typedefs.h"
 #include "ndpi_api.h"
-#include "ndpi_protocols.h"
 
-/* used by ndpi_set_proto_subprotocols */
-#define NDPI_PROTOCOL_NO_MORE_SUBPROTOCOLS (-1)
-#define NDPI_PROTOCOL_MATCHED_BY_CONTENT (-2)
 
 #ifdef __cplusplus
 extern "C" {
@@ -54,12 +50,8 @@ extern "C" {
   int NDPI_BITMASK_IS_EMPTY(NDPI_PROTOCOL_BITMASK a);
   void NDPI_DUMP_BITMASK(NDPI_PROTOCOL_BITMASK a);
 
-  extern u_int8_t ndpi_net_match(u_int32_t ip_to_check,
-				 u_int32_t net,
-				 u_int32_t num_bits);
 
-  extern u_int8_t ndpi_ips_match(u_int32_t src, u_int32_t dst,
-				 u_int32_t net, u_int32_t num_bits);
+
 
   u_int16_t ntohs_ndpi_bytestream_to_number(const u_int8_t * str,
 					    u_int16_t max_chars_to_read,
@@ -78,34 +70,8 @@ extern "C" {
   u_int32_t ndpi_bytestream_to_ipv4(const u_int8_t * str, u_int16_t max_chars_to_read,
 				    u_int16_t * bytes_read);
 
-  void ndpi_set_detected_protocol(struct ndpi_detection_module_struct *ndpi_struct,
-				  struct ndpi_flow_struct *flow,
-				  u_int16_t upper_detected_protocol,
-				  u_int16_t lower_detected_protocol,
-				  ndpi_confidence_t confidence);
-
-  void ndpi_reset_detected_protocol(struct ndpi_detection_module_struct *ndpi_struct,
-				    struct ndpi_flow_struct *flow);
-
-  void ndpi_set_detected_protocol_keeping_master(struct ndpi_detection_module_struct *ndpi_str,
-						 struct ndpi_flow_struct *flow,
-						 u_int16_t detected_protocol,
-						 ndpi_confidence_t confidence);
-
-  extern void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struct,
-					  struct ndpi_flow_struct *flow);
-  extern void ndpi_parse_packet_line_info_any(struct ndpi_detection_module_struct *ndpi_struct,
-					      struct ndpi_flow_struct *flow);
-
-  extern u_int16_t ndpi_check_for_email_address(struct ndpi_detection_module_struct *ndpi_struct,
-                                                u_int16_t counter);
-
-  extern void ndpi_int_change_category(struct ndpi_detection_module_struct *ndpi_struct,
-				       struct ndpi_flow_struct *flow,
-				       ndpi_protocol_category_t protocol_category);
-
   extern void ndpi_set_proto_subprotocols(struct ndpi_detection_module_struct *ndpi_mod,
-				      int protoId, ...);
+                                     int protoId, ...);
 
   extern int ndpi_parse_ip_string(const char *ip_str, ndpi_ip_addr_t *parsed_ip);
   extern char *ndpi_get_ip_string(const ndpi_ip_addr_t * ip, char *buf, u_int buf_len);
@@ -114,20 +80,10 @@ extern "C" {
   extern char* ndpi_get_proto_by_id(struct ndpi_detection_module_struct *ndpi_mod, u_int id);
   u_int16_t ndpi_get_proto_by_name(struct ndpi_detection_module_struct *ndpi_mod, const char *name);
 
-  extern u_int16_t ndpi_guess_protocol_id(struct ndpi_detection_module_struct *ndpi_struct,
-					  struct ndpi_flow_struct *flow,
-					  u_int8_t proto, u_int16_t sport, u_int16_t dport,
-					  u_int8_t *user_defined_proto);
-
   extern u_int8_t ndpi_is_proto(ndpi_protocol proto, u_int16_t p);
 
   extern void ndpi_search_tcp_or_udp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow);
 
-#ifdef NDPI_ENABLE_DEBUG_MESSAGES
-  void ndpi_debug_get_last_log_function_line(struct ndpi_detection_module_struct *ndpi_struct,
-					     const char **file, const char **func, u_int32_t * line);
-#endif
-
   /** Checks when the @p payload starts with the string literal @p str.
    * When the string is larger than the payload, check fails.
    * @return non-zero if check succeeded
@@ -149,7 +105,7 @@ extern "C" {
 			       u_int16_t protoId, char *protoName,
 			       ndpi_protocol_category_t protoCategory,
 			       ndpi_port_range *tcpDefPorts,
-			       ndpi_port_range *udpDefPorts);    
+			       ndpi_port_range *udpDefPorts);
   void ndpi_set_risk(struct ndpi_detection_module_struct *ndpi_str,
 		     struct ndpi_flow_struct *flow, ndpi_risk_enum r,
 		     char *risk_message);
@@ -161,18 +117,7 @@ extern "C" {
   int ndpi_normalize_printable_string(char * const str, size_t len);
   int ndpi_is_valid_hostname(char * const str, size_t len);
 #define NDPI_ENTROPY_ENCRYPTED_OR_RANDOM(entropy) (entropy > 7.0f)
-  float ndpi_entropy(u_int8_t const * const buf, size_t len);
-  u_int16_t ndpi_calculate_icmp4_checksum(u_int8_t const * const buf, size_t len);
-  void load_common_alpns(struct ndpi_detection_module_struct *ndpi_str);
-  u_int8_t is_a_common_alpn(struct ndpi_detection_module_struct *ndpi_str,
-			    const char *alpn_to_check, u_int alpn_to_check_len);    
-
-  char *ndpi_hostname_sni_set(struct ndpi_flow_struct *flow, const u_int8_t *value, size_t value_len);
-  char *ndpi_user_agent_set(struct ndpi_flow_struct *flow, const u_int8_t *value, size_t value_len);
-
-  int64_t ndpi_asn1_ber_decode_length(const unsigned char *payload, int payload_len, u_int16_t *value_len);
-  char* ndpi_intoav4(unsigned int addr, char* buf, u_int16_t bufLen);
-  int ndpi_seen_flow_beginning(const struct ndpi_flow_struct *flow);
+  float ndpi_entropy(u_int8_t const * const buf, size_t len); 
 
 #ifdef __cplusplus
 }