config: allow configuration via text file

doc/configuration_parameters.md

@@ -20,6 +20,7 @@ TODO
 | NULL         | "filename.malicious_ja3"                  | NULL          | NULL      | NULL      | Name of the file to load with the list of malicious SSL certificate SHA1 fingerprints |
 | NULL         | "filename.risk_domains"                   | NULL          | NULL      | NULL      | Name of the file to load with the list of risky domains |
 | NULL         | "dirname.domains"                         | NULL          | NULL      | NULL      | Load files (whose name is $categoryid\_$label.$extension) stored in the specified directory and bind each domain to the specified category |
+| NULL         | "filename.config"                         | NULL          | NULL      | NULL      | Name of the file containing a list of configuration knobs itself (one per line)!. Useful to configure nDPI via text file instead of via API |
 | NULL         | "asn_lists.load"                          | 1             | NULL      | NULL      | Enable/disable loading of every IP addresses lists used for (sub)classification and based on BGP information |
 | NULL         | "ip_lists.load"                           | 1             | NULL      | NULL      | Enable/disable loading of every IP addresses lists used for (sub)classification |
 | NULL         | "flow_risk_lists.load"                    | 1             | NULL      | NULL      | Enable/disable loading of every IP addresses lists used to check any flow risks |

example/config.txt

@@ -0,0 +1,15 @@
+#Format: <proto, param, value>
+#proto might be empty
+#Basic example of how to set nDPI configuration parameters via file
+#We set only some default values
+#See doc/configuration_parameters.md for a complete list and description of all the accepted knobs
+
+,packets_limit_per_flow,32
+ookla,aggressiveness,0x1
+
+,lru.bittorrent.ttl,0
+
+dns,enable,0
+dns,enable,1
+
+

fuzz/fuzz_common_code.c

@@ -51,6 +51,7 @@ void fuzz_init_detection_module(struct ndpi_detection_module_struct **ndpi_info_
     ndpi_set_config(*ndpi_info_mod, NULL, "filename.risky_domains", "risky_domains.txt");
     ndpi_set_config(*ndpi_info_mod, NULL, "filename.malicious_ja3", "ja3_fingerprints.csv");
     ndpi_set_config(*ndpi_info_mod, NULL, "filename.malicious_sha1", "sha1_fingerprints.csv");
+    ndpi_set_config(*ndpi_info_mod, NULL, "filename.config", "config.txt");
 
     ndpi_finalize_initialization(*ndpi_info_mod);
   }

fuzz/fuzz_filecfg_categories.c

@@ -5,7 +5,6 @@
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   struct ndpi_detection_module_struct *ndpi_struct;
   FILE *fd;
-  NDPI_PROTOCOL_BITMASK all;
   NDPI_PROTOCOL_BITMASK debug_bitmask;
 
   /* To allow memory allocation failures */

fuzz/fuzz_filecfg_protocols.c

@@ -5,7 +5,6 @@
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   struct ndpi_detection_module_struct *ndpi_struct;
   FILE *fd;
-  NDPI_PROTOCOL_BITMASK all;
   NDPI_PROTOCOL_BITMASK debug_bitmask;
 
   /* To allow memory allocation failures */

src/include/ndpi_typedefs.h

@@ -1175,6 +1175,8 @@ struct ndpi_detection_module_config_struct {
   char *filename_risky_domains;
   char *dirname_domains;
 
+  char *filename_config;
+
   NDPI_PROTOCOL_BITMASK detection_bitmask;
 
   /* LRU caches */

src/lib/ndpi_main.c

@@ -4496,6 +4496,64 @@ static int ndpi_handle_rule(struct ndpi_detection_module_struct *ndpi_str,
 
 /* ******************************************************************** */
 
+/*
+ * Format:
+ *
+ * <proto,param,value>
+ *
+ * Notes:
+ *  - proto might be empty
+ *  - empty lines or lines starting with # are ignored
+ */
+int load_config_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd) {
+  char buffer[512], *line, *proto, *param = NULL, *value, *saveptr;
+  int len, rc;
+
+  if(!ndpi_str || !fd)
+    return -1;
+
+  while(1) {
+    line = fgets(buffer, sizeof(buffer), fd);
+
+    if(line == NULL)
+      break;
+
+    len = strlen(line);
+
+    if((len <= 1) || (line[0] == '#'))
+      continue;
+
+    line[len - 1] = '\0';
+
+    if(line[0] == ',') { /* First parameter might be missing */
+      proto = NULL;
+      param = strtok_r(line, ",", &saveptr);
+    } else {
+      proto = strtok_r(line, ",", &saveptr);
+      if(proto) {
+        param = strtok_r(NULL, ",", &saveptr);
+      }
+    }
+    if(param) {
+      value = strtok_r(NULL, ",", &saveptr);
+      if(value) {
+        rc = ndpi_set_config(ndpi_str, proto, param, value);
+	if(rc != 0) {
+          NDPI_LOG_ERR(ndpi_str, "Error ndpi_set_config [%s/%s/%s]: %d\n",
+                       proto, param, value, rc);
+          return rc;
+	}
+	continue;
+      }
+    }
+    NDPI_LOG_ERR(ndpi_str, "Error parsing [%s]\n", line);
+    return -2;
+  }
+  return 0;
+}
+
+/* ******************************************************************** */
+
 /*
  * Format:
  *
@@ -10381,7 +10439,7 @@ static int _set_param_string(void *_variable, const char *value)
   return 0;
 }
 
-/* It can be used for CFG_PARAM_FILENAME parameters, too */
+/* It can be used for CFG_PARAM_FILENAME/CFG_PARAM_FILENAME_CONFIG parameters, too */
 static char *_get_param_string(void *_variable, char *buf, int buf_len)
 {
   char **variable = (char **)_variable;
@@ -10408,6 +10466,27 @@ static int _set_param_filename(void *_variable, const char *value)
   return 0;
 }
 
+static int _set_param_filename_config(struct ndpi_detection_module_struct *ndpi_str, void *_variable, const char *value)
+{
+  int rc;
+  FILE *fd;
+
+  rc = _set_param_filename(_variable, value);
+  if(rc != 0 || value == NULL || ndpi_str == NULL)
+    return rc;
+
+  fd = fopen(value, "r");
+  if(fd == NULL)
+    return -1; /* It shoudn't happen because we already checked it */
+  rc = load_config_file_fd(ndpi_str, fd);
+  fclose(fd);
+  if(rc < 0)
+    return rc;
+
+  return 0;
+}
+
+
 static char *_get_param_protocol_enable_disable(void *_variable, const char *proto, char *buf, int buf_len)
 {
   NDPI_PROTOCOL_BITMASK *bitmask = (NDPI_PROTOCOL_BITMASK *)_variable;
@@ -10466,6 +10545,7 @@ enum cfg_param_type {
   CFG_PARAM_STRING         = 2,
   CFG_PARAM_FILENAME       = 3, /* Like string, but we check also if the file exists */
   CFG_PARAM_PROTOCOL_ENABLE_DISABLE = 4,
+  CFG_PARAM_FILENAME_CONFIG = 5, /* Like CFG_PARAM_FILENAME, but we also call ndpi_set_config() immediately for each row in it */
 };
 
 #define __OFF(a)	offsetof(struct ndpi_detection_module_config_struct, a)
@@ -10545,6 +10625,8 @@ static const struct cfg_param {
   { NULL,            "filename.risky_domains",                  NULL, NULL, NULL, CFG_PARAM_FILENAME, __OFF(filename_risky_domains) },
   { NULL,            "dirname.domains",                         NULL, NULL, NULL, CFG_PARAM_FILENAME, __OFF(dirname_domains) },
 
+  { NULL,            "filename.config",                         NULL, NULL, NULL, CFG_PARAM_FILENAME_CONFIG, __OFF(filename_config) },
+
   /* LRU caches */
 
   { NULL,            "lru.ookla.size",                          "1024", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_num_entries) },
@@ -10600,6 +10682,9 @@ static void set_default_config(struct ndpi_detection_module_config_struct *cfg)
       else
         NDPI_BITMASK_RESET(*(NDPI_PROTOCOL_BITMASK *)((char *)cfg + c->offset));
       break;
+    case CFG_PARAM_FILENAME_CONFIG:
+      _set_param_filename_config(NULL, (void *)((char *)cfg + c->offset), c->default_value);
+      break;
     }
   }
 }
@@ -10617,6 +10702,7 @@ static void free_config(struct ndpi_detection_module_config_struct *cfg)
       break;
     case CFG_PARAM_STRING:
     case CFG_PARAM_FILENAME:
+    case CFG_PARAM_FILENAME_CONFIG:
       ndpi_free(*(char **)((char *)cfg + c->offset));
       break;
     }
@@ -10652,6 +10738,8 @@ int ndpi_set_config(struct ndpi_detection_module_struct *ndpi_str,
         return _set_param_filename((void *)((char *)&ndpi_str->cfg + c->offset), value);
       case CFG_PARAM_PROTOCOL_ENABLE_DISABLE:
         return _set_param_protocol_enable_disable((void *)((char *)&ndpi_str->cfg + c->offset), value, proto);
+      case CFG_PARAM_FILENAME_CONFIG:
+        return _set_param_filename_config(ndpi_str, (void *)((char *)&ndpi_str->cfg + c->offset), value);
       }
     }
   }
@@ -10679,6 +10767,7 @@ char *ndpi_get_config(struct ndpi_detection_module_struct *ndpi_str,
         return _get_param_int((void *)((char *)&ndpi_str->cfg + c->offset), buf, buf_len);
       case CFG_PARAM_STRING:
       case CFG_PARAM_FILENAME:
+      case CFG_PARAM_FILENAME_CONFIG:
         return _get_param_string((void *)((char *)&ndpi_str->cfg + c->offset), buf, buf_len);
       case CFG_PARAM_PROTOCOL_ENABLE_DISABLE:
         return _get_param_protocol_enable_disable((void *)((char *)&ndpi_str->cfg + c->offset), proto, buf, buf_len);
@@ -10714,6 +10803,7 @@ char *ndpi_dump_config(struct ndpi_detection_module_struct *ndpi_str,
       break;
     case CFG_PARAM_STRING:
     case CFG_PARAM_FILENAME:
+    case CFG_PARAM_FILENAME_CONFIG:
       fprintf(fd, " *) %s %s: %s [%s]",
               c->proto ? c->proto : "NULL",
               c->param,

tests/do.sh.in

@@ -30,7 +30,7 @@ PCRE2_ENABLED=@PCRE2_ENABLED@
 PCRE_PCAPS="WebattackRCE.pcap"
 NBPF_ENABLED=@NBPF_ENABLED@
 NBPF_PCAPS="h323-overflow.pcap"
-READER="${CMD_PREFIX} ../../../example/ndpiReader${EXE_SUFFIX} -A -p ../../../example/protos.txt -c ../../../example/categories.txt -r ../../../example/risky_domains.txt -j ../../../example/ja3_fingerprints.csv -S ../../../example/sha1_fingerprints.csv -G ../../../lists -q -K JSON -k /dev/null -t -v 2"
+READER="${CMD_PREFIX} ../../../example/ndpiReader${EXE_SUFFIX} --cfg=,filename.config,../../../example/config.txt -A -p ../../../example/protos.txt -c ../../../example/categories.txt -r ../../../example/risky_domains.txt -j ../../../example/ja3_fingerprints.csv -S ../../../example/sha1_fingerprints.csv -G ../../../lists -q -K JSON -k /dev/null -t -v 2"
 
 RC=0
 

tests/ossfuzz.sh

@@ -59,6 +59,7 @@ cp example/categories.txt $OUT/
 cp example/risky_domains.txt $OUT/
 cp example/ja3_fingerprints.csv $OUT/
 cp example/sha1_fingerprints.csv $OUT/
+cp example/config.txt $OUT/
 cp fuzz/ipv4_addresses.txt $OUT/
 cp fuzz/bd_param.txt $OUT/
 cp fuzz/splt_param.txt $OUT/