From c2fec4cbab54a335adb207214025375e68082b0c Mon Sep 17 00:00:00 2001 From: Vadim Vetrov Date: Tue, 7 Jan 2025 00:52:36 +0300 Subject: [PATCH] Use size_t instead of uint32_t Encountered some crossplatform errors with uint_t-like length type definition. --- .github/workflows/build-ci.yml | 4 +- src/config.h | 4 +- src/kytunblock.c | 12 +-- src/mangle.c | 84 +++++++++--------- src/mangle.h | 14 +-- src/quic.c | 103 +++++++++++++--------- src/quic.h | 42 ++++----- src/quic_crypto.c | 29 ++++--- src/tls.c | 14 +-- src/tls.h | 8 +- src/utils.c | 152 ++++++++++++++++----------------- src/utils.h | 96 ++++++++++----------- src/youtubeUnblock.c | 16 ++-- test/quic.c | 16 ++-- 14 files changed, 308 insertions(+), 286 deletions(-) diff --git a/.github/workflows/build-ci.yml b/.github/workflows/build-ci.yml index 07f7330..6ebad2c 100644 --- a/.github/workflows/build-ci.yml +++ b/.github/workflows/build-ci.yml @@ -109,8 +109,8 @@ jobs: tool: mips64el-unknown-linux-musl # - arch: mips64 # tool: mips64-unknown-linux-musl - # - arch: mipsel - # tool: mipsel-unknown-linux-musl + - arch: mipsel + tool: mipsel-unknown-linux-musl # - arch: mipselsf # tool: mipsel-unknown-linux-muslsf # - arch: mips diff --git a/src/config.h b/src/config.h index 865f2bb..e685383 100644 --- a/src/config.h +++ b/src/config.h @@ -26,12 +26,12 @@ #include "types.h" -typedef int (*raw_send_t)(const unsigned char *data, unsigned int data_len); +typedef int (*raw_send_t)(const unsigned char *data, size_t data_len); /** * Sends the packet after delay_ms. The function should schedule send and return immediately * (for example, open daemon thread) */ -typedef int (*delayed_send_t)(const unsigned char *data, unsigned int data_len, unsigned int delay_ms); +typedef int (*delayed_send_t)(const unsigned char *data, size_t data_len, unsigned int delay_ms); struct instance_config_t { raw_send_t send_raw_packet; diff --git a/src/kytunblock.c b/src/kytunblock.c index 182ffdf..013706b 100644 --- a/src/kytunblock.c +++ b/src/kytunblock.c @@ -79,7 +79,7 @@ static void close_raw_socket(void) { sock_release(rawsocket); } -static int send_raw_ipv4(const uint8_t *pkt, uint32_t pktlen) { +static int send_raw_ipv4(const uint8_t *pkt, size_t pktlen) { int ret = 0; if (pktlen > AVAILABLE_MTU) return -ENOMEM; @@ -141,7 +141,7 @@ static void close_raw6_socket(void) { sock_release(raw6socket); } -static int send_raw_ipv6(const uint8_t *pkt, uint32_t pktlen) { +static int send_raw_ipv6(const uint8_t *pkt, size_t pktlen) { int ret = 0; if (pktlen > AVAILABLE_MTU) return -ENOMEM; @@ -177,7 +177,7 @@ static int send_raw_ipv6(const uint8_t *pkt, uint32_t pktlen) { return ret; } -static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { +static int send_raw_socket(const uint8_t *pkt, size_t pktlen) { int ret; if (pktlen > AVAILABLE_MTU) { @@ -194,8 +194,8 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { NETBUF_FREE(buff2); return -ENOMEM; } - uint32_t buff1_size = MAX_PACKET_SIZE; - uint32_t buff2_size = MAX_PACKET_SIZE; + size_t buff1_size = MAX_PACKET_SIZE; + size_t buff2_size = MAX_PACKET_SIZE; if ((ret = tcp_frag(pkt, pktlen, AVAILABLE_MTU-128, buff1, &buff1_size, buff2, &buff2_size)) < 0) { @@ -241,7 +241,7 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { return ret; } -static int delay_packet_send(const unsigned char *data, unsigned int data_len, unsigned int delay_ms) { +static int delay_packet_send(const unsigned char *data, size_t data_len, unsigned int delay_ms) { lginfo("delay_packet_send won't work on current youtubeUnblock version"); return send_raw_socket(data, data_len); } diff --git a/src/mangle.c b/src/mangle.c index 91a22e8..e3bbafa 100644 --- a/src/mangle.c +++ b/src/mangle.c @@ -30,16 +30,16 @@ #include #endif -int process_packet(const uint8_t *raw_payload, uint32_t raw_payload_len) { +int process_packet(const uint8_t *raw_payload, size_t raw_payload_len) { if (raw_payload_len > MAX_PACKET_SIZE) { return PKT_ACCEPT; } const struct iphdr *iph; const struct ip6_hdr *ip6h; - uint32_t iph_len; + size_t iph_len; const uint8_t *ip_payload; - uint32_t ip_payload_len; + size_t ip_payload_len; int transport_proto = -1; int ipver = netproto_version(raw_payload, raw_payload_len); @@ -121,13 +121,13 @@ int process_packet(const uint8_t *raw_payload, uint32_t raw_payload_len) { return verdict; } -int process_tcp_packet(const struct section_config_t *section, const uint8_t *raw_payload, uint32_t raw_payload_len) { +int process_tcp_packet(const struct section_config_t *section, const uint8_t *raw_payload, size_t raw_payload_len) { const void *ipxh; - uint32_t iph_len; + size_t iph_len; const struct tcphdr *tcph; - uint32_t tcph_len; + size_t tcph_len; const uint8_t *data; - uint32_t dlen; + size_t dlen; int ipxv = netproto_version(raw_payload, raw_payload_len); @@ -153,7 +153,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra memcpy(payload, ipxh, iph_len); memcpy(payload + iph_len, tcph, tcph_len); - uint32_t fake_len = section->fake_sni_pkt_sz; + size_t fake_len = section->fake_sni_pkt_sz; if (section->synfake_len) fake_len = min(section->synfake_len, fake_len); @@ -204,7 +204,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra size_t sni_offset = vrd.sni_ptr - data; size_t target_sni_offset = vrd.target_sni_ptr - data; - uint32_t payload_len = raw_payload_len; + size_t payload_len = raw_payload_len; NETBUF_ALLOC(payload, MAX_PACKET_SIZE); if (!NETBUF_CHECK(payload)) { lgerror(-ENOMEM, "Allocation error"); @@ -214,11 +214,11 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra memcpy(payload, raw_payload, raw_payload_len); void *iph; - uint32_t iph_len; + size_t iph_len; struct tcphdr *tcph; - uint32_t tcph_len; + size_t tcph_len; uint8_t *data; - uint32_t dlen; + size_t dlen; int ret = tcp_payload_split(payload, payload_len, &iph, &iph_len, &tcph, &tcph_len, @@ -262,7 +262,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra ipd_offset = target_sni_offset; mid_offset = ipd_offset + vrd.target_sni_len / 2; - uint32_t poses[2]; + size_t poses[2]; int cnt = 0; if (section->frag_sni_pos && dlen > section->frag_sni_pos) { @@ -274,7 +274,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra } if (cnt > 1 && poses[0] > poses[1]) { - uint32_t tmp = poses[0]; + size_t tmp = poses[0]; poses[0] = poses[1]; poses[1] = tmp; } @@ -294,7 +294,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra mid_offset = ipd_offset + vrd.target_sni_len / 2; mid_offset += 8 - mid_offset % 8; - uint32_t poses[2]; + size_t poses[2]; int cnt = 0; if (section->frag_sni_pos && dlen > section->frag_sni_pos) { @@ -308,7 +308,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra } if (cnt > 1 && poses[0] > poses[1]) { - uint32_t tmp = poses[0]; + size_t tmp = poses[0]; poses[0] = poses[1]; poses[1] = tmp; } @@ -356,12 +356,12 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra return PKT_DROP; } -int process_udp_packet(const struct section_config_t *section, const uint8_t *pkt, uint32_t pktlen) { +int process_udp_packet(const struct section_config_t *section, const uint8_t *pkt, size_t pktlen) { const void *iph; - uint32_t iph_len; + size_t iph_len; const struct udphdr *udph; const uint8_t *data; - uint32_t dlen; + size_t dlen; int ret = udp_payload_split((uint8_t *)pkt, pktlen, (void **)&iph, &iph_len, @@ -398,7 +398,7 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } - uint32_t fsn_len = MAX_PACKET_SIZE; + size_t fsn_len = MAX_PACKET_SIZE; struct udp_fake_type fake_type = { .fake_len = section->udp_fake_len, @@ -441,20 +441,20 @@ int process_udp_packet(const struct section_config_t *section, const uint8_t *pk return PKT_DROP; } -int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet, uint32_t pktlen, const uint32_t *poses, uint32_t poses_sz, uint32_t dvs) { +int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet, size_t pktlen, const size_t *poses, size_t poses_sz, size_t dvs) { if (poses_sz == 0) { if (section->seg2_delay && ((dvs > 0) ^ section->frag_sni_reverse)) { if (!instance_config.send_delayed_packet) { return -EINVAL; } - lgtrace_addp("Sent %d delayed for %d", pktlen, section->seg2_delay); + lgtrace_addp("Sent %zu delayed for %d", pktlen, section->seg2_delay); instance_config.send_delayed_packet( packet, pktlen, section->seg2_delay); return 0; } else { - lgtrace_addp("Sent %d bytes", pktlen); + lgtrace_addp("Sent %zu bytes", pktlen); return instance_config.send_raw_packet( packet, pktlen); } @@ -482,26 +482,26 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet } */ - uint32_t f1len = MAX_PACKET_SIZE; - uint32_t f2len = MAX_PACKET_SIZE; - // uint32_t fake_pad_len = MAX_PACKET_SIZE; + size_t f1len = MAX_PACKET_SIZE; + size_t f2len = MAX_PACKET_SIZE; + // size_t fake_pad_len = MAX_PACKET_SIZE; int ret; if (dvs > poses[0]) { - lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]); + lgerror(-EINVAL, "send_frags: Recursive dvs(%zu) is more than poses0(%zu)", dvs, poses[0]); ret = -EINVAL; goto erret_lc; } - uint32_t frag_pos = poses[0] - dvs; + size_t frag_pos = poses[0] - dvs; frag_pos += 8 - frag_pos % 8; ret = ip4_frag(packet, pktlen, frag_pos, frag1, &f1len, frag2, &f2len); if (ret < 0) { - lgerror(ret, "send_frags: frag: with context packet with size %d, position: %d, recursive dvs: %d", pktlen, poses[0], dvs); + lgerror(ret, "send_frags: frag: with context packet with size %zu, position: %zu, recursive dvs: %zu", pktlen, poses[0], dvs); goto erret_lc; } @@ -522,7 +522,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet /* if (section->frag_sni_faked) { ITER_FAKE_STRAT(section->faking_strategy, strategy) { - uint32_t iphfl; + size_t iphfl; fake_pad_len = f2len; ret = ip4_payload_split(frag2, f2len, NULL, &iphfl, NULL, NULL); if (ret < 0) { @@ -573,7 +573,7 @@ int send_ip4_frags(const struct section_config_t *section, const uint8_t *packet return 0; } -int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet, uint32_t pktlen, const uint32_t *poses, uint32_t poses_sz, uint32_t dvs) { +int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet, size_t pktlen, const size_t *poses, size_t poses_sz, size_t dvs) { if (poses_sz == 0) { if (section->seg2_delay && ((dvs > 0) ^ section->frag_sni_reverse)) { if (!instance_config.send_delayed_packet) { @@ -585,7 +585,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet return 0; } else { - lgtrace_addp("raw send packet of %d bytes with %d dvs", pktlen, dvs); + lgtrace_addp("raw send packet of %zu bytes with %zu dvs", pktlen, dvs); return instance_config.send_raw_packet( packet, pktlen); } @@ -603,13 +603,13 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet return -ENOMEM; } - uint32_t f1len = MAX_PACKET_SIZE; - uint32_t f2len = MAX_PACKET_SIZE; + size_t f1len = MAX_PACKET_SIZE; + size_t f2len = MAX_PACKET_SIZE; int ret; if (dvs > poses[0]) { - lgerror(-EINVAL, "send_frags: Recursive dvs(%d) is more than poses0(%d)", dvs, poses[0]); + lgerror(-EINVAL, "send_frags: Recursive dvs(%zu) is more than poses0(%zu)", dvs, poses[0]); ret = -EINVAL; goto erret_lc; } @@ -619,10 +619,10 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet frag1, &f1len, frag2, &f2len); - lgtrace_addp("Packet split in %d bytes position of payload start, dvs: %d to two packets of %d and %d lengths", poses[0], dvs, f1len, f2len); + lgtrace_addp("Packet split in %zu bytes position of payload start, dvs: %zu to two packets of %zu and %zu lengths", poses[0], dvs, f1len, f2len); if (ret < 0) { - lgerror(ret, "send_frags: tcp_frag: with context packet with size %d, position: %d", pktlen, poses[0]); + lgerror(ret, "send_frags: tcp_frag: with context packet with size %zu, position: %zu", pktlen, poses[0]); goto erret_lc; } @@ -643,7 +643,7 @@ int send_tcp_frags(const struct section_config_t *section, const uint8_t *packet send_fake: if (section->frag_sni_faked) { - uint32_t iphfl, tcphfl; + size_t iphfl, tcphfl; void *iph; struct tcphdr *tcph; ret = tcp_payload_split(frag2, f2len, &iph, &iphfl, &tcph, &tcphfl, NULL, NULL); @@ -712,7 +712,7 @@ int post_fake_sni(struct fake_type f_type, lgerror(-ENOMEM, "Allocation error"); return -ENOMEM; } - uint32_t fsn_len = MAX_PACKET_SIZE; + size_t fsn_len = MAX_PACKET_SIZE; ret = gen_fake_sni( fake_seq_type, @@ -734,9 +734,9 @@ int post_fake_sni(struct fake_type f_type, lgerror(ret, "send fake sni"); goto erret_lc; } - uint32_t iph_len; - uint32_t tcph_len; - uint32_t plen; + size_t iph_len; + size_t tcph_len; + size_t plen; ret = tcp_payload_split( fake_sni, fsn_len, &fsiph, &iph_len, diff --git a/src/mangle.h b/src/mangle.h index f455edc..51f190d 100644 --- a/src/mangle.h +++ b/src/mangle.h @@ -32,21 +32,21 @@ * Processes the packet and returns verdict. * This is the primary function that traverses the packet. */ -int process_packet(const uint8_t *packet, uint32_t packet_len); +int process_packet(const uint8_t *packet, size_t packet_len); /** * Processe the TCP packet. * Returns verdict. */ -int process_tcp_packet(const struct section_config_t *section, const uint8_t *raw_payload, uint32_t raw_payload_len); +int process_tcp_packet(const struct section_config_t *section, const uint8_t *raw_payload, size_t raw_payload_len); /** * Processes the UDP packet. * Returns verdict. */ -int process_udp_packet(const struct section_config_t *section, const uint8_t *pkt, uint32_t pktlen); +int process_udp_packet(const struct section_config_t *section, const uint8_t *pkt, size_t pktlen); @@ -63,8 +63,8 @@ int post_fake_sni(struct fake_type f_type, * dvs used internally and should be zero. */ int send_tcp_frags(const struct section_config_t *section, - const uint8_t *packet, uint32_t pktlen, - const uint32_t *poses, uint32_t poses_len, uint32_t dvs); + const uint8_t *packet, size_t pktlen, + const size_t *poses, size_t poses_len, size_t dvs); /** * Splits packet by poses and posts. @@ -72,6 +72,6 @@ int send_tcp_frags(const struct section_config_t *section, * dvs used internally and should be zero. */ int send_ip4_frags(const struct section_config_t *section, - const uint8_t *packet, uint32_t pktlen, - const uint32_t *poses, uint32_t poses_len, uint32_t dvs); + const uint8_t *packet, size_t pktlen, + const size_t *poses, size_t poses_len, size_t dvs); #endif /* YU_MANGLE_H */ diff --git a/src/quic.c b/src/quic.c index 8d0f024..cdfa7e1 100644 --- a/src/quic.c +++ b/src/quic.c @@ -32,7 +32,7 @@ struct quic_pnumber { uint8_t d4; }; -uint64_t quic_parse_varlength(const uint8_t *variable, uint64_t *mlen) { +uint64_t quic_parse_varlength(const uint8_t *variable, size_t *mlen) { if (mlen && *mlen == 0) return 0; uint64_t vr = (*variable & 0x3F); uint8_t len = 1 << (*variable >> 6); @@ -54,20 +54,23 @@ uint64_t quic_parse_varlength(const uint8_t *variable, uint64_t *mlen) { return vr; } -int64_t quic_get_version(const struct quic_lhdr *qch) { - int64_t qversion = ntohl(qch->version); +int quic_get_version(uint32_t *version, const struct quic_lhdr *qch) { + uint32_t qversion = ntohl(qch->version); + *version = qversion; switch (qversion) { case QUIC_V1: case QUIC_V2: - return qversion; + return 0; default: - return -qversion; + return -EINVAL; } } int quic_check_is_initial(const struct quic_lhdr *qch) { - int64_t qversion = quic_get_version(qch); + uint32_t qversion; + int ret; + ret = quic_get_version(&qversion, qch); if (qversion < 0) return 0; uint8_t qtype = qch->type; @@ -90,30 +93,33 @@ int quic_check_is_initial(const struct quic_lhdr *qch) { return 1; } -int quic_parse_data(const uint8_t *raw_payload, uint32_t raw_payload_len, - const struct quic_lhdr **qch, uint32_t *qch_len, +int quic_parse_data(const uint8_t *raw_payload, size_t raw_payload_len, + const struct quic_lhdr **qch, size_t *qch_len, struct quic_cids *qci, - const uint8_t **payload, uint32_t *plen) { + const uint8_t **payload, size_t *plen) { if ( raw_payload == NULL || raw_payload_len < sizeof(struct quic_lhdr)) goto invalid_packet; const struct quic_lhdr *nqch = (const struct quic_lhdr *)raw_payload; - uint32_t left_len = raw_payload_len - sizeof(struct quic_lhdr); + size_t left_len = raw_payload_len - sizeof(struct quic_lhdr); const uint8_t *cur_rawptr = raw_payload + sizeof(struct quic_lhdr); + int ret; + uint32_t qversion; + if (!nqch->fixed) { lgtrace_addp("quic fixed unset"); return -EPROTO; } - int64_t qversion = quic_get_version(nqch); + ret = quic_get_version(&qversion, nqch); - if (qversion < 0) { - lgtrace_addp("quic version undefined %u", (uint32_t)(-qversion)); + if (ret < 0) { + lgtrace_addp("quic version undefined %u", qversion); return -EPROTO; } - lgtrace_addp("quic version valid %u", (uint32_t)qversion); + lgtrace_addp("quic version valid %u", qversion); if (left_len < 2) goto invalid_packet; struct quic_cids nqci = {0}; @@ -147,14 +153,14 @@ int quic_parse_data(const uint8_t *raw_payload, uint32_t raw_payload_len, return -EINVAL; } -int quic_parse_initial_header(const uint8_t *inpayload, uint32_t inplen, +int quic_parse_initial_header(const uint8_t *inpayload, size_t inplen, struct quici_hdr *qhdr) { if (inplen < 3) goto invalid_packet; struct quici_hdr nqhdr; const uint8_t *cur_ptr = inpayload; - uint32_t left_len = inplen; - uint64_t tlen = left_len; + size_t left_len = inplen; + size_t tlen = left_len; nqhdr.token_len = quic_parse_varlength(cur_ptr, &tlen); nqhdr.token = cur_ptr + tlen; @@ -188,10 +194,10 @@ int quic_parse_initial_header(const uint8_t *inpayload, uint32_t inplen, } ssize_t quic_parse_crypto(struct quic_frame_crypto *crypto_frame, - const uint8_t *frame, uint64_t flen) { + const uint8_t *frame, size_t flen) { const uint8_t *curptr = frame; - uint64_t curptr_len = flen; - uint64_t vln; + size_t curptr_len = flen; + size_t vln; *crypto_frame = (struct quic_frame_crypto){0}; if (flen == 0 || *frame != QUIC_FRAME_CRYPTO || @@ -202,14 +208,19 @@ ssize_t quic_parse_crypto(struct quic_frame_crypto *crypto_frame, curptr++, curptr_len--; vln = curptr_len; - uint64_t offset = quic_parse_varlength(curptr, &vln); + lgtrace_addp("cl=%zu fl=%zu", curptr_len, flen); + size_t offset = quic_parse_varlength(curptr, &vln); + lgtrace_addp("cl=%zu vl=%zu of=%zu", curptr_len, vln, offset); curptr += vln, curptr_len -= vln; if (vln == 0) { return -EINVAL; } + vln = curptr_len; - uint64_t length = quic_parse_varlength(curptr, &vln); + lgtrace_addp("cl=%zu fl=%zu", curptr_len, flen); + size_t length = quic_parse_varlength(curptr, &vln); + lgtrace_addp("cl=%zu vl=%zu of=%zu", curptr_len, vln, offset); curptr += vln, curptr_len -= vln; if (vln == 0) { return -EINVAL; @@ -225,15 +236,17 @@ ssize_t quic_parse_crypto(struct quic_frame_crypto *crypto_frame, curptr += length; curptr_len -= length; + lgtrace_addp("cl=%zu fl=%zu br=%zu", curptr_len, flen, flen - curptr_len); + return flen - curptr_len; } -int udp_fail_packet(struct udp_failing_strategy strategy, uint8_t *payload, uint32_t *plen, uint32_t avail_buflen) { +int udp_fail_packet(struct udp_failing_strategy strategy, uint8_t *payload, size_t *plen, size_t avail_buflen) { void *iph; - uint32_t iph_len; + size_t iph_len; struct udphdr *udph; uint8_t *data; - uint32_t dlen; + size_t dlen; int ret; ret = udp_payload_split(payload, *plen, @@ -276,10 +289,10 @@ int udp_fail_packet(struct udp_failing_strategy strategy, uint8_t *payload, uint } int gen_fake_udp(struct udp_fake_type type, - const void *ipxh, uint32_t iph_len, + const void *ipxh, size_t iph_len, const struct udphdr *udph, - uint8_t *buf, uint32_t *buflen) { - uint32_t data_len = type.fake_len; + uint8_t *buf, size_t *buflen) { + size_t data_len = type.fake_len; if (!ipxh || !udph || !buf || !buflen) return -EINVAL; @@ -305,7 +318,7 @@ int gen_fake_udp(struct udp_fake_type type, return -EINVAL; } - uint32_t dlen = iph_len + sizeof(struct udphdr) + data_len; + size_t dlen = iph_len + sizeof(struct udphdr) + data_len; if (*buflen < dlen) return -ENOMEM; @@ -338,8 +351,8 @@ int gen_fake_udp(struct udp_fake_type type, int parse_quic_decrypted( const struct section_config_t *section, - const uint8_t *decrypted_message, uint32_t decrypted_message_len, - uint8_t **crypto_message_buf, uint32_t *crypto_message_buf_len + const uint8_t *decrypted_message, size_t decrypted_message_len, + uint8_t **crypto_message_buf, size_t *crypto_message_buf_len ) { const uint8_t *curptr = decrypted_message; ssize_t curptr_len = decrypted_message_len; @@ -372,14 +385,20 @@ int parse_quic_decrypted( break; case QUIC_FRAME_CRYPTO: fret = quic_parse_crypto(&fr_cr, curptr, curptr_len); - lgtrace_addp("crypto %d %d %d", (int)fr_cr.offset, (int)fr_cr.payload_length, (int)fret); + lgtrace_addp("crypto %zu %zu %zu %zu", fr_cr.offset, fr_cr.payload_length, fret, curptr_len); if (fret < 0) break; + if (fret == 0) { + lgerr("ERROR IN CRYPTO PARSE"); + // break; + } curptr += fret; curptr_len -= fret; - if (fr_cr.offset + fr_cr.payload_length <= - crypto_message_len) { + if (fr_cr.offset <= crypto_message_len && + fr_cr.payload_length <= crypto_message_len && + fr_cr.payload_length <= crypto_message_len + ) { memcpy(crypto_message + fr_cr.offset, fr_cr.payload, fr_cr.payload_length); @@ -399,12 +418,12 @@ int parse_quic_decrypted( } int detect_udp_filtered(const struct section_config_t *section, - const uint8_t *payload, uint32_t plen) { + const uint8_t *payload, size_t plen) { const void *iph; - uint32_t iph_len; + size_t iph_len; const struct udphdr *udph; const uint8_t *data; - uint32_t dlen; + size_t dlen; int ret; ret = udp_payload_split((uint8_t *)payload, plen, @@ -421,10 +440,10 @@ int detect_udp_filtered(const struct section_config_t *section, if (section->udp_filter_quic != UDP_FILTER_QUIC_DISABLED) { const struct quic_lhdr *qch; - uint32_t qch_len; + size_t qch_len; struct quic_cids qci; const uint8_t *quic_in_payload; - uint32_t quic_in_plen; + size_t quic_in_plen; lgtrace_addp("QUIC probe"); @@ -453,11 +472,11 @@ int detect_udp_filtered(const struct section_config_t *section, } uint8_t *decrypted_payload; - uint32_t decrypted_payload_len; + size_t decrypted_payload_len; const uint8_t *decrypted_message; - uint32_t decrypted_message_len; + size_t decrypted_message_len; uint8_t *crypto_message; - uint32_t crypto_message_len; + size_t crypto_message_len; struct tls_verdict tlsv; ret = quic_parse_initial_message( diff --git a/src/quic.h b/src/quic.h index 5fa3de6..6c3f810 100644 --- a/src/quic.h +++ b/src/quic.h @@ -140,10 +140,10 @@ struct quic_cids { * \qch_len is sizeof(qch) + qci->dst_len + qci->src_id * \payload is Type-Specific payload (#17.2). */ -int quic_parse_data(const uint8_t *raw_payload, uint32_t raw_payload_len, - const struct quic_lhdr **qch, uint32_t *qch_len, +int quic_parse_data(const uint8_t *raw_payload, size_t raw_payload_len, + const struct quic_lhdr **qch, size_t *qch_len, struct quic_cids *qci, - const uint8_t **payload, uint32_t *plen); + const uint8_t **payload, size_t *plen); /** @@ -156,7 +156,7 @@ int quic_parse_data(const uint8_t *raw_payload, uint32_t raw_payload_len, * * On error/buffer overflow mlen set to 0, otherwise it is higher */ -uint64_t quic_parse_varlength(const uint8_t *variable, uint64_t *mlen); +uint64_t quic_parse_varlength(const uint8_t *variable, size_t *mlen); // quici stands for QUIC Initial @@ -164,21 +164,21 @@ uint64_t quic_parse_varlength(const uint8_t *variable, uint64_t *mlen); * This structure should be parsed */ struct quici_hdr { - uint64_t token_len; + size_t token_len; const uint8_t *token; - uint64_t length; + size_t length; const uint8_t *protected_payload; // with packet number // RFC 9001 5.4.2 - uint64_t sample_length; + size_t sample_length; const uint8_t *sample; }; /** * Checks for quic version and checks if it is supported */ -int64_t quic_get_version(const struct quic_lhdr *qch); +int quic_get_version(uint32_t *version, const struct quic_lhdr *qch); /** * Checks quic message to be initial according to version. @@ -187,8 +187,8 @@ int64_t quic_get_version(const struct quic_lhdr *qch); int quic_check_is_initial(const struct quic_lhdr *qch); struct quic_frame_crypto { - uint64_t offset; - uint64_t payload_length; + size_t offset; + size_t payload_length; const uint8_t *payload; }; /** @@ -196,14 +196,14 @@ struct quic_frame_crypto { * Returns parsed size or -EINVAL on error */ ssize_t quic_parse_crypto(struct quic_frame_crypto *crypto_frame, - const uint8_t *frame, uint64_t flen); + const uint8_t *frame, size_t flen); /** * Parses QUIC initial message header. * \inpayload is a QUIC Initial message payload (payload after quic large header) */ -int quic_parse_initial_header(const uint8_t *inpayload, uint32_t inplen, +int quic_parse_initial_header(const uint8_t *inpayload, size_t inplen, struct quici_hdr *qhdr); /** @@ -215,9 +215,9 @@ int quic_parse_initial_header(const uint8_t *inpayload, uint32_t inplen, * */ int quic_parse_initial_message( - const uint8_t *quic_payload, uint32_t quic_plen, - uint8_t **udecrypted_payload, uint32_t *udecrypted_payload_len, - const uint8_t **udecrypted_message, uint32_t *udecrypted_message_len + const uint8_t *quic_payload, size_t quic_plen, + uint8_t **udecrypted_payload, size_t *udecrypted_payload_len, + const uint8_t **udecrypted_message, size_t *udecrypted_message_len ); /** @@ -227,20 +227,20 @@ int quic_parse_initial_message( */ int parse_quic_decrypted( const struct section_config_t *section, - const uint8_t *decrypted_message, uint32_t decrypted_message_len, - uint8_t **crypto_message_buf, uint32_t *crypto_message_buf_len + const uint8_t *decrypted_message, size_t decrypted_message_len, + uint8_t **crypto_message_buf, size_t *crypto_message_buf_len ); // Like fail_packet for TCP -int udp_fail_packet(struct udp_failing_strategy strategy, uint8_t *payload, uint32_t *plen, uint32_t avail_buflen); +int udp_fail_packet(struct udp_failing_strategy strategy, uint8_t *payload, size_t *plen, size_t avail_buflen); // Like gen_fake_sni for TCP int gen_fake_udp(struct udp_fake_type type, - const void *ipxh, uint32_t iph_len, + const void *ipxh, size_t iph_len, const struct udphdr *udph, - uint8_t *buf, uint32_t *buflen); + uint8_t *buf, size_t *buflen); int detect_udp_filtered(const struct section_config_t *section, - const uint8_t *payload, uint32_t plen); + const uint8_t *payload, size_t plen); #endif /* QUIC_H */ diff --git a/src/quic_crypto.c b/src/quic_crypto.c index 639cf8c..5e498b3 100644 --- a/src/quic_crypto.c +++ b/src/quic_crypto.c @@ -34,16 +34,16 @@ const uint8_t quic2_iv_info[] = "\0\x0c\x0ftls13 quicv2 iv\0"; const uint8_t quic2_hp_info[] = "\0\x10\x0ftls13 quicv2 hp\0"; int quic_parse_initial_message( - const uint8_t *quic_payload, uint32_t quic_plen, - uint8_t **udecrypted_payload, uint32_t *udecrypted_payload_len, - const uint8_t **udecrypted_message, uint32_t *udecrypted_message_len + const uint8_t *quic_payload, size_t quic_plen, + uint8_t **udecrypted_payload, size_t *udecrypted_payload_len, + const uint8_t **udecrypted_message, size_t *udecrypted_message_len ) { int ret; const struct quic_lhdr *qch; - uint32_t qch_len; + size_t qch_len; struct quic_cids qci; const uint8_t *inpayload; - uint32_t inplen; + size_t inplen; struct quici_hdr qich; size_t quic_header_len; @@ -61,29 +61,32 @@ int quic_parse_initial_message( uint8_t quic_hp[QUIC_HP_SIZE]; uint8_t mask[QUIC_SAMPLE_SIZE]; uint8_t *decrypted_payload = NULL; - uint32_t decrypted_payload_len; + size_t decrypted_payload_len; uint8_t *decrypted_packet_number = NULL; uint8_t *dcptr = NULL; // Decrypted plain message without header uint8_t *decrypted_message = NULL; - uint32_t decrypted_message_len; + size_t decrypted_message_len; AesContext actx; GcmContext gctx; - int64_t qversion; + uint32_t qversion; const uint8_t *iv_info; - uint32_t iv_info_size; + size_t iv_info_size; const uint8_t *key_info; - uint32_t key_info_size; + size_t key_info_size; const uint8_t *hp_info; - uint32_t hp_info_size; + size_t hp_info_size; const uint8_t *initial_salt; - uint32_t initial_salt_size; + size_t initial_salt_size; ret = quic_parse_data(quic_payload, quic_plen, &qch, &qch_len, &qci, &inpayload, &inplen ); - qversion = quic_get_version(qch); + ret = quic_get_version(&qversion, qch); + if (ret < 0) { + return -EINVAL; + } if (!quic_check_is_initial(qch)) { return -EINVAL; } diff --git a/src/tls.c b/src/tls.c index 7bf3cd5..ac12b7e 100644 --- a/src/tls.c +++ b/src/tls.c @@ -256,7 +256,7 @@ int analyze_tls_message( struct tls_verdict analyze_tls_data( const struct section_config_t *section, const uint8_t *data, - uint32_t dlen) + size_t dlen) { struct tls_verdict vrd = {0}; @@ -317,13 +317,13 @@ struct tls_verdict analyze_tls_data( } int gen_fake_sni(struct fake_type type, - const void *ipxh, uint32_t iph_len, - const struct tcphdr *tcph, uint32_t tcph_len, - uint8_t *buf, uint32_t *buflen) { - uint32_t data_len = type.fake_len; + const void *ipxh, size_t iph_len, + const struct tcphdr *tcph, size_t tcph_len, + uint8_t *buf, size_t *buflen) { + size_t data_len = type.fake_len; if (type.type == FAKE_PAYLOAD_RANDOM && data_len == 0) { - data_len = (uint32_t)randint() % 1200; + data_len = (size_t)randint() % 1200; } if (!ipxh || !tcph || !buf || !buflen) @@ -350,7 +350,7 @@ int gen_fake_sni(struct fake_type type, return -EINVAL; } - uint32_t dlen = iph_len + tcph_len + data_len; + size_t dlen = iph_len + tcph_len + data_len; if (*buflen < dlen) return -ENOMEM; diff --git a/src/tls.h b/src/tls.h index cd9828f..6f96fcc 100644 --- a/src/tls.h +++ b/src/tls.h @@ -71,15 +71,15 @@ int bruteforce_analyze_sni_str( * * Note that all the constant pointers of tls_verdict will be relative to data pointer */ -struct tls_verdict analyze_tls_data(const struct section_config_t *section, const uint8_t *data, uint32_t dlen); +struct tls_verdict analyze_tls_data(const struct section_config_t *section, const uint8_t *data, size_t dlen); /** * Generates the fake client hello message */ int gen_fake_sni(struct fake_type type, - const void *iph, uint32_t iph_len, - const struct tcphdr *tcph, uint32_t tcph_len, - uint8_t *buf, uint32_t *buflen); + const void *iph, size_t iph_len, + const struct tcphdr *tcph, size_t tcph_len, + uint8_t *buf, size_t *buflen); #endif /* TLS_H */ diff --git a/src/utils.c b/src/utils.c index 987ac97..5bb7a3c 100644 --- a/src/utils.c +++ b/src/utils.c @@ -40,7 +40,7 @@ void tcp4_set_checksum(struct tcphdr *tcph, struct iphdr *iph) { #ifdef KERNEL_SPACE - uint32_t tcp_packet_len = ntohs(iph->tot_len) - (iph->ihl << 2); + size_t tcp_packet_len = ntohs(iph->tot_len) - (iph->ihl << 2); tcph->check = 0; tcph->check = csum_tcpudp_magic( iph->saddr, iph->daddr, tcp_packet_len, @@ -54,7 +54,7 @@ void tcp4_set_checksum(struct tcphdr *tcph, struct iphdr *iph) void udp4_set_checksum(struct udphdr *udph, struct iphdr *iph) { #ifdef KERNEL_SPACE - uint32_t udp_packet_len = ntohs(iph->tot_len) - (iph->ihl << 2); + size_t udp_packet_len = ntohs(iph->tot_len) - (iph->ihl << 2); udph->check = 0; udph->check = csum_tcpudp_magic( iph->saddr, iph->daddr, udp_packet_len, @@ -97,7 +97,7 @@ void udp6_set_checksum(struct udphdr *udph, struct ip6_hdr *iph) { #endif } -int set_ip_checksum(void *iph, uint32_t iphb_len) { +int set_ip_checksum(void *iph, size_t iphb_len) { int ipvx = netproto_version(iph, iphb_len); if (ipvx == IP4VERSION) { @@ -109,7 +109,7 @@ int set_ip_checksum(void *iph, uint32_t iphb_len) { return 0; } -int set_tcp_checksum(struct tcphdr *tcph, void *iph, uint32_t iphb_len) { +int set_tcp_checksum(struct tcphdr *tcph, void *iph, size_t iphb_len) { int ipvx = netproto_version(iph, iphb_len); if (ipvx == IP4VERSION) { @@ -122,7 +122,7 @@ int set_tcp_checksum(struct tcphdr *tcph, void *iph, uint32_t iphb_len) { return 0; } -int set_udp_checksum(struct udphdr *udph, void *iph, uint32_t iphb_len) { +int set_udp_checksum(struct udphdr *udph, void *iph, size_t iphb_len) { int ipvx = netproto_version(iph, iphb_len); if (ipvx == IP4VERSION) { @@ -137,9 +137,9 @@ int set_udp_checksum(struct udphdr *udph, void *iph, uint32_t iphb_len) { } -int ip4_payload_split(uint8_t *pkt, uint32_t buflen, - struct iphdr **iph, uint32_t *iph_len, - uint8_t **payload, uint32_t *plen) { +int ip4_payload_split(uint8_t *pkt, size_t buflen, + struct iphdr **iph, size_t *iph_len, + uint8_t **payload, size_t *plen) { if (pkt == NULL || buflen < sizeof(struct iphdr)) { lgerror(-EINVAL, "ip4_payload_split: pkt|buflen"); return -EINVAL; @@ -151,8 +151,8 @@ int ip4_payload_split(uint8_t *pkt, uint32_t buflen, return -EINVAL; } - uint32_t hdr_len = hdr->ihl * 4; - uint32_t pktlen = ntohs(hdr->tot_len); + size_t hdr_len = hdr->ihl * 4; + size_t pktlen = ntohs(hdr->tot_len); if (buflen < pktlen || hdr_len > pktlen) { lgerror(-EINVAL, "ip4_payload_split: buflen cmp pktlen"); return -EINVAL; @@ -170,17 +170,17 @@ int ip4_payload_split(uint8_t *pkt, uint32_t buflen, return 0; } -int tcp4_payload_split(uint8_t *pkt, uint32_t buflen, - struct iphdr **iph, uint32_t *iph_len, - struct tcphdr **tcph, uint32_t *tcph_len, - uint8_t **payload, uint32_t *plen) { +int tcp4_payload_split(uint8_t *pkt, size_t buflen, + struct iphdr **iph, size_t *iph_len, + struct tcphdr **tcph, size_t *tcph_len, + uint8_t **payload, size_t *plen) { struct iphdr *hdr; - uint32_t hdr_len; + size_t hdr_len; struct tcphdr *thdr; - uint32_t thdr_len; + size_t thdr_len; uint8_t *tcph_pl; - uint32_t tcph_plen; + size_t tcph_plen; if (ip4_payload_split(pkt, buflen, &hdr, &hdr_len, &tcph_pl, &tcph_plen)){ @@ -212,9 +212,9 @@ int tcp4_payload_split(uint8_t *pkt, uint32_t buflen, return 0; } -int ip6_payload_split(uint8_t *pkt, uint32_t buflen, - struct ip6_hdr **iph, uint32_t *iph_len, - uint8_t **payload, uint32_t *plen) { +int ip6_payload_split(uint8_t *pkt, size_t buflen, + struct ip6_hdr **iph, size_t *iph_len, + uint8_t **payload, size_t *plen) { if (pkt == NULL || buflen < sizeof(struct ip6_hdr)) { lgerror(-EINVAL, "ip6_payload_split: pkt|buflen"); return -EINVAL; @@ -226,10 +226,10 @@ int ip6_payload_split(uint8_t *pkt, uint32_t buflen, return -EINVAL; } - uint32_t hdr_len = sizeof(struct ip6_hdr); - uint32_t pktlen = ntohs(hdr->ip6_plen); + size_t hdr_len = sizeof(struct ip6_hdr); + size_t pktlen = ntohs(hdr->ip6_plen); if (buflen < pktlen) { - lgerror(-EINVAL, "ip6_payload_split: buflen cmp pktlen: %d %d", buflen, pktlen); + lgerror(-EINVAL, "ip6_payload_split: buflen cmp pktlen: %zu %zu", buflen, pktlen); return -EINVAL; } @@ -245,17 +245,17 @@ int ip6_payload_split(uint8_t *pkt, uint32_t buflen, return 0; } -int tcp6_payload_split(uint8_t *pkt, uint32_t buflen, - struct ip6_hdr **iph, uint32_t *iph_len, - struct tcphdr **tcph, uint32_t *tcph_len, - uint8_t **payload, uint32_t *plen) { +int tcp6_payload_split(uint8_t *pkt, size_t buflen, + struct ip6_hdr **iph, size_t *iph_len, + struct tcphdr **tcph, size_t *tcph_len, + uint8_t **payload, size_t *plen) { struct ip6_hdr *hdr; - uint32_t hdr_len; + size_t hdr_len; struct tcphdr *thdr; - uint32_t thdr_len; + size_t thdr_len; uint8_t *tcph_pl; - uint32_t tcph_plen; + size_t tcph_plen; if (ip6_payload_split(pkt, buflen, &hdr, &hdr_len, &tcph_pl, &tcph_plen)){ @@ -287,10 +287,10 @@ int tcp6_payload_split(uint8_t *pkt, uint32_t buflen, return 0; } -int tcp_payload_split(uint8_t *pkt, uint32_t buflen, - void **iph, uint32_t *iph_len, - struct tcphdr **tcph, uint32_t *tcph_len, - uint8_t **payload, uint32_t *plen) { +int tcp_payload_split(uint8_t *pkt, size_t buflen, + void **iph, size_t *iph_len, + struct tcphdr **tcph, size_t *tcph_len, + uint8_t **payload, size_t *plen) { int netvers = netproto_version(pkt, buflen); if (netvers == IP4VERSION) { return tcp4_payload_split(pkt, buflen, (struct iphdr **)iph, iph_len, tcph, tcph_len, payload, plen); @@ -303,16 +303,16 @@ int tcp_payload_split(uint8_t *pkt, uint32_t buflen, } -int udp4_payload_split(uint8_t *pkt, uint32_t buflen, - struct iphdr **iph, uint32_t *iph_len, +int udp4_payload_split(uint8_t *pkt, size_t buflen, + struct iphdr **iph, size_t *iph_len, struct udphdr **udph, - uint8_t **payload, uint32_t *plen) { + uint8_t **payload, size_t *plen) { struct iphdr *hdr; - uint32_t hdr_len; + size_t hdr_len; struct udphdr *uhdr; uint8_t *ip_ph; - uint32_t ip_phlen; + size_t ip_phlen; if (ip4_payload_split(pkt, buflen, &hdr, &hdr_len, &ip_ph, &ip_phlen)){ @@ -341,16 +341,16 @@ int udp4_payload_split(uint8_t *pkt, uint32_t buflen, return 0; } -int udp6_payload_split(uint8_t *pkt, uint32_t buflen, - struct ip6_hdr **iph, uint32_t *iph_len, +int udp6_payload_split(uint8_t *pkt, size_t buflen, + struct ip6_hdr **iph, size_t *iph_len, struct udphdr **udph, - uint8_t **payload, uint32_t *plen) { + uint8_t **payload, size_t *plen) { struct ip6_hdr *hdr; - uint32_t hdr_len; + size_t hdr_len; struct udphdr *uhdr; uint8_t *ip_ph; - uint32_t ip_phlen; + size_t ip_phlen; if (ip6_payload_split(pkt, buflen, &hdr, &hdr_len, &ip_ph, &ip_phlen)){ @@ -379,10 +379,10 @@ int udp6_payload_split(uint8_t *pkt, uint32_t buflen, return 0; } -int udp_payload_split(uint8_t *pkt, uint32_t buflen, - void **iph, uint32_t *iph_len, +int udp_payload_split(uint8_t *pkt, size_t buflen, + void **iph, size_t *iph_len, struct udphdr **udph, - uint8_t **payload, uint32_t *plen) { + uint8_t **payload, size_t *plen) { int netvers = netproto_version(pkt, buflen); if (netvers == IP4VERSION) { return udp4_payload_split(pkt, buflen, (struct iphdr **)iph, iph_len, udph, payload, plen); @@ -395,14 +395,14 @@ int udp_payload_split(uint8_t *pkt, uint32_t buflen, } // split packet to two ipv4 fragments. -int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, - uint8_t *frag1, uint32_t *f1len, - uint8_t *frag2, uint32_t *f2len) { +int ip4_frag(const uint8_t *pkt, size_t buflen, size_t payload_offset, + uint8_t *frag1, size_t *f1len, + uint8_t *frag2, size_t *f2len) { struct iphdr *hdr; const uint8_t *payload; - uint32_t plen; - uint32_t hdr_len; + size_t plen; + size_t hdr_len; int ret; if (!frag1 || !f1len || !frag2 || !f2len) @@ -425,11 +425,11 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, return -EINVAL; } - uint32_t f1_plen = payload_offset; - uint32_t f1_dlen = f1_plen + hdr_len; + size_t f1_plen = payload_offset; + size_t f1_dlen = f1_plen + hdr_len; - uint32_t f2_plen = plen - payload_offset; - uint32_t f2_dlen = f2_plen + hdr_len; + size_t f2_plen = plen - payload_offset; + size_t f2_dlen = f2_plen + hdr_len; if (*f1len < f1_dlen || *f2len < f2_dlen) { return -ENOMEM; @@ -474,15 +474,15 @@ int ip4_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, } // split packet to two tcp-on-ipv4 segments. -int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, - uint8_t *seg1, uint32_t *s1len, - uint8_t *seg2, uint32_t *s2len) { +int tcp_frag(const uint8_t *pkt, size_t buflen, size_t payload_offset, + uint8_t *seg1, size_t *s1len, + uint8_t *seg2, size_t *s2len) { void *hdr; - uint32_t hdr_len; + size_t hdr_len; struct tcphdr *tcph; - uint32_t tcph_len; - uint32_t plen; + size_t tcph_len; + size_t plen; const uint8_t *payload; int ret; @@ -518,11 +518,11 @@ int tcp_frag(const uint8_t *pkt, uint32_t buflen, uint32_t payload_offset, return -EINVAL; } - uint32_t s1_plen = payload_offset; - uint32_t s1_dlen = s1_plen + hdr_len + tcph_len; + size_t s1_plen = payload_offset; + size_t s1_dlen = s1_plen + hdr_len + tcph_len; - uint32_t s2_plen = plen - payload_offset; - uint32_t s2_dlen = s2_plen + hdr_len + tcph_len; + size_t s2_plen = plen - payload_offset; + size_t s2_dlen = s2_plen + hdr_len + tcph_len; if (*s1len < s1_dlen || *s2len < s2_dlen) return -ENOMEM; @@ -589,7 +589,7 @@ void z_function(const char *str, int *zbuf, size_t len) { } } -void shift_data(uint8_t *data, uint32_t dlen, uint32_t delta) { +void shift_data(uint8_t *data, size_t dlen, size_t delta) { uint8_t *ndptr = data + delta + dlen; uint8_t *dptr = data + dlen; uint8_t *ndlptr = data; @@ -613,20 +613,20 @@ struct tcp_md5sig_opt { // Real length of the option, with NOOP fillers #define TCP_MD5SIG_OPT_RLEN 20 -int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *plen, uint32_t avail_buflen) { +int fail_packet(struct failing_strategy strategy, uint8_t *payload, size_t *plen, size_t avail_buflen) { void *iph; - uint32_t iph_len; + size_t iph_len; struct tcphdr *tcph; - uint32_t tcph_len; + size_t tcph_len; uint8_t *data; - uint32_t dlen; + size_t dlen; int ret; ret = tcp_payload_split(payload, *plen, &iph, &iph_len, &tcph, &tcph_len, &data, &dlen); - uint32_t ipxv = netproto_version(payload, *plen); + int ipxv = netproto_version(payload, *plen); if (ret < 0) { return ret; @@ -710,15 +710,15 @@ int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *pl return 0; } -int seqovl_packet(uint8_t *payload, uint32_t *plen, uint32_t seq_delta) { +int seqovl_packet(uint8_t *payload, size_t *plen, size_t seq_delta) { int ipxv = netproto_version(payload, *plen); void *iph; - uint32_t iph_len; + size_t iph_len; struct tcphdr *tcph; - uint32_t tcph_len; + size_t tcph_len; uint8_t *data; - uint32_t dlen; + size_t dlen; int ret = tcp_payload_split(payload, *plen, diff --git a/src/utils.h b/src/utils.h index a6eee29..6c025a2 100644 --- a/src/utils.h +++ b/src/utils.h @@ -31,33 +31,33 @@ * payload_offset indicates the position relatively to start of IP payload * (start of transport header) */ -int ip4_frag(const uint8_t *pkt, uint32_t pktlen, - uint32_t payload_offset, - uint8_t *frag1, uint32_t *f1len, - uint8_t *frag2, uint32_t *f2len); +int ip4_frag(const uint8_t *pkt, size_t pktlen, + size_t payload_offset, + uint8_t *frag1, size_t *f1len, + uint8_t *frag2, size_t *f2len); /** * Splits the packet to two TCP segments on position payload_offset * payload_offset indicates the position relatively to start of TCP payload. */ -// int tcp4_frag(const uint8_t *pkt, uint32_t pktlen, -// uint32_t payload_offset, -// uint8_t *seg1, uint32_t *s1len, -// uint8_t *seg2, uint32_t *s2len); -int tcp_frag(const uint8_t *pkt, uint32_t pktlen, - uint32_t payload_offset, - uint8_t *seg1, uint32_t *s1len, - uint8_t *seg2, uint32_t *s2len); +// int tcp4_frag(const uint8_t *pkt, size_t pktlen, +// size_t payload_offset, +// uint8_t *seg1, size_t *s1len, +// uint8_t *seg2, size_t *s2len); +int tcp_frag(const uint8_t *pkt, size_t pktlen, + size_t payload_offset, + uint8_t *seg1, size_t *s1len, + uint8_t *seg2, size_t *s2len); /** * Splits the raw packet payload to ip header and ip payload. */ -int ip4_payload_split(uint8_t *pkt, uint32_t buflen, - struct iphdr **iph, uint32_t *iph_len, - uint8_t **payload, uint32_t *plen); +int ip4_payload_split(uint8_t *pkt, size_t buflen, + struct iphdr **iph, size_t *iph_len, + uint8_t **payload, size_t *plen); -static inline int netproto_version(const uint8_t *pkt, uint32_t buflen) { +static inline int netproto_version(const uint8_t *pkt, size_t buflen) { if (pkt == NULL || buflen == 0) return -1; @@ -68,48 +68,48 @@ static inline int netproto_version(const uint8_t *pkt, uint32_t buflen) { /** * Splits the raw packet payload to ip header, tcp header and tcp payload. */ -int tcp4_payload_split(uint8_t *pkt, uint32_t buflen, - struct iphdr **iph, uint32_t *iph_len, - struct tcphdr **tcph, uint32_t *tcph_len, - uint8_t **payload, uint32_t *plen); +int tcp4_payload_split(uint8_t *pkt, size_t buflen, + struct iphdr **iph, size_t *iph_len, + struct tcphdr **tcph, size_t *tcph_len, + uint8_t **payload, size_t *plen); /** * Splits the raw packet payload to ip header and ip payload. */ -int ip6_payload_split(uint8_t *pkt, uint32_t buflen, - struct ip6_hdr **iph, uint32_t *iph_len, - uint8_t **payload, uint32_t *plen); +int ip6_payload_split(uint8_t *pkt, size_t buflen, + struct ip6_hdr **iph, size_t *iph_len, + uint8_t **payload, size_t *plen); /** * Splits the raw packet payload to ip header, tcp header and tcp payload. */ -int tcp6_payload_split(uint8_t *pkt, uint32_t buflen, - struct ip6_hdr **iph, uint32_t *iph_len, - struct tcphdr **tcph, uint32_t *tcph_len, - uint8_t **payload, uint32_t *plen); +int tcp6_payload_split(uint8_t *pkt, size_t buflen, + struct ip6_hdr **iph, size_t *iph_len, + struct tcphdr **tcph, size_t *tcph_len, + uint8_t **payload, size_t *plen); -int tcp_payload_split(uint8_t *pkt, uint32_t buflen, - void **iph, uint32_t *iph_len, - struct tcphdr **tcph, uint32_t *tcph_len, - uint8_t **payload, uint32_t *plen); +int tcp_payload_split(uint8_t *pkt, size_t buflen, + void **iph, size_t *iph_len, + struct tcphdr **tcph, size_t *tcph_len, + uint8_t **payload, size_t *plen); /** * Splits the raw packet payload to ip header, udp header and udp payload. */ -int udp4_payload_split(uint8_t *pkt, uint32_t buflen, - struct iphdr **iph, uint32_t *iph_len, +int udp4_payload_split(uint8_t *pkt, size_t buflen, + struct iphdr **iph, size_t *iph_len, struct udphdr **udph, - uint8_t **payload, uint32_t *plen); + uint8_t **payload, size_t *plen); -int udp6_payload_split(uint8_t *pkt, uint32_t buflen, - struct ip6_hdr **iph, uint32_t *iph_len, +int udp6_payload_split(uint8_t *pkt, size_t buflen, + struct ip6_hdr **iph, size_t *iph_len, struct udphdr **udph, - uint8_t **payload, uint32_t *plen); + uint8_t **payload, size_t *plen); -int udp_payload_split(uint8_t *pkt, uint32_t buflen, - void **iph, uint32_t *iph_len, +int udp_payload_split(uint8_t *pkt, size_t buflen, + void **iph, size_t *iph_len, struct udphdr **udph, - uint8_t **payload, uint32_t *plen); + uint8_t **payload, size_t *plen); void tcp4_set_checksum(struct tcphdr *tcph, struct iphdr *iph); void ip4_set_checksum(struct iphdr *iph); @@ -118,22 +118,22 @@ void tcp6_set_checksum(struct tcphdr *tcph, struct ip6_hdr *iph); void udp4_set_checksum(struct udphdr *udph, struct iphdr *iph); void udp6_set_checksum(struct udphdr *udph, struct ip6_hdr *iph); -int set_ip_checksum(void *iph, uint32_t iphb_len); -int set_tcp_checksum(struct tcphdr *tcph, void *iph, uint32_t iphb_len); -int set_udp_checksum(struct udphdr *udph, void *iph, uint32_t iphb_len); +int set_ip_checksum(void *iph, size_t iphb_len); +int set_tcp_checksum(struct tcphdr *tcph, void *iph, size_t iphb_len); +int set_udp_checksum(struct udphdr *udph, void *iph, size_t iphb_len); void z_function(const char *str, int *zbuf, size_t len); /** * Shifts data left delta bytes. Fills delta buffer with zeroes. */ -void shift_data(uint8_t *data, uint32_t dlen, uint32_t delta); +void shift_data(uint8_t *data, size_t dlen, size_t delta); struct failing_strategy { unsigned int strategy; uint8_t faking_ttl; - uint32_t randseq_offset; + size_t randseq_offset; }; @@ -184,12 +184,12 @@ struct udp_fake_type { * * Does not support bitmask, pass standalone strategy. */ -int fail_packet(struct failing_strategy strategy, uint8_t *payload, uint32_t *plen, uint32_t avail_buflen); +int fail_packet(struct failing_strategy strategy, uint8_t *payload, size_t *plen, size_t avail_buflen); /** * Shifts the payload right and pushes zeroes before it. Useful for TCP TLS faking. */ -int seqovl_packet(uint8_t *payload, uint32_t *plen, uint32_t seq_delta); +int seqovl_packet(uint8_t *payload, size_t *plen, size_t seq_delta); @@ -197,7 +197,7 @@ static inline struct failing_strategy args_default_failing_strategy(const struct struct failing_strategy fl_strat = { .strategy = (unsigned int)section->faking_strategy, .faking_ttl = section->faking_ttl, - .randseq_offset = (uint32_t)section->fakeseq_offset + .randseq_offset = (size_t)section->fakeseq_offset }; return fl_strat; } diff --git a/src/youtubeUnblock.c b/src/youtubeUnblock.c index 737ffeb..8daad46 100644 --- a/src/youtubeUnblock.c +++ b/src/youtubeUnblock.c @@ -196,7 +196,7 @@ static int close_raw6_socket(void) { return 0; } -static int send_raw_ipv4(const uint8_t *pkt, uint32_t pktlen) { +static int send_raw_ipv4(const uint8_t *pkt, size_t pktlen) { int ret; if (pktlen > AVAILABLE_MTU) return -ENOMEM; @@ -233,7 +233,7 @@ static int send_raw_ipv4(const uint8_t *pkt, uint32_t pktlen) { return sent; } -static int send_raw_ipv6(const uint8_t *pkt, uint32_t pktlen) { +static int send_raw_ipv6(const uint8_t *pkt, size_t pktlen) { int ret; if (pktlen > AVAILABLE_MTU) return -ENOMEM; @@ -270,7 +270,7 @@ static int send_raw_ipv6(const uint8_t *pkt, uint32_t pktlen) { return sent; } -static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { +static int send_raw_socket(const uint8_t *pkt, size_t pktlen) { int ret; if (pktlen > AVAILABLE_MTU) { @@ -289,8 +289,8 @@ static int send_raw_socket(const uint8_t *pkt, uint32_t pktlen) { return -ENOMEM; } - uint32_t buff1_size = MNL_SOCKET_BUFFER_SIZE; - uint32_t buff2_size = MNL_SOCKET_BUFFER_SIZE; + size_t buff1_size = MNL_SOCKET_BUFFER_SIZE; + size_t buff2_size = MNL_SOCKET_BUFFER_SIZE; if ((ret = tcp_frag(pkt, pktlen, AVAILABLE_MTU-128, buff1, &buff1_size, buff2, &buff2_size)) < 0) { @@ -373,7 +373,7 @@ static int fallback_accept_packet(uint32_t id, struct queue_data qdata) { struct dps_t { uint8_t *pkt; - uint32_t pktlen; + size_t pktlen; // Time for the packet in milliseconds uint32_t timer; }; @@ -382,7 +382,7 @@ void *delay_packet_send_fn(void *data) { struct dps_t *dpdt = data; uint8_t *pkt = dpdt->pkt; - uint32_t pktlen = dpdt->pktlen; + size_t pktlen = dpdt->pktlen; usleep(dpdt->timer * 1000); int ret = send_raw_socket(pkt, pktlen); @@ -396,7 +396,7 @@ void *delay_packet_send_fn(void *data) { return NULL; } -int delay_packet_send(const unsigned char *data, unsigned int data_len, unsigned int delay_ms) { +int delay_packet_send(const unsigned char *data, size_t data_len, unsigned int delay_ms) { struct dps_t *dpdt = malloc(sizeof(struct dps_t)); dpdt->pkt = malloc(data_len); memcpy(dpdt->pkt, data, data_len); diff --git a/test/quic.c b/test/quic.c index 81b0db4..8a0ae5b 100644 --- a/test/quic.c +++ b/test/quic.c @@ -34,9 +34,9 @@ TEST(QuicTest, Test_decrypts) { int ret; uint8_t *decrypted_payload; - uint32_t decrypted_payload_len; + size_t decrypted_payload_len; const uint8_t *decrypted_message; - uint32_t decrypted_message_len; + size_t decrypted_message_len; ret = quic_parse_initial_message( (const uint8_t *)quic_testing_payload, sizeof(quic_testing_payload) - 1, @@ -145,11 +145,11 @@ TEST(QuicTest, Test_parse_quic_decrypted) int ret; uint8_t *decrypted_payload; - uint32_t decrypted_payload_len; + size_t decrypted_payload_len; const uint8_t *decrypted_message; - uint32_t decrypted_message_len; + size_t decrypted_message_len; uint8_t *crypto_message; - uint32_t crypto_message_len; + size_t crypto_message_len; struct tls_verdict tlsv = {0}; ret = quic_parse_initial_message( @@ -181,11 +181,11 @@ TEST(QuicTest, Test_parse_quic_decrypted_on_sparse) int ret; uint8_t *decrypted_payload; - uint32_t decrypted_payload_len; + size_t decrypted_payload_len; const uint8_t *decrypted_message; - uint32_t decrypted_message_len; + size_t decrypted_message_len; uint8_t *crypto_message; - uint32_t crypto_message_len; + size_t crypto_message_len; struct tls_verdict tlsv = {0}; ret = quic_parse_initial_message(