tls: respect tls record length

nfq/protocol.c

@@ -200,7 +200,10 @@ bool TLSFindExt(const uint8_t *data, size_t len, uint16_t type, const uint8_t **
 	// u8	ContentType: Handshake
 	// u16	Version: TLS1.0
 	// u16	Length
+	size_t reclen;
 	if (!IsTLSClientHello(data, len, bPartialIsOK)) return false;
+	reclen=TLSRecordLen(data);
+	if (reclen<len) len=reclen; // correct len if it has more data than the first tls record has
 	return TLSFindExtInHandshake(data + 5, len - 5, type, ext, len_ext, bPartialIsOK);
 }
 static bool TLSExtractHostFromExt(const uint8_t *ext, size_t elen, char *host, size_t len_host)

nfq/strpool.c

@@ -0,0 +1,107 @@
+#define _GNU_SOURCE
+#include "strpool.h"
+#include <string.h>
+#include <stdlib.h>
+
+#undef uthash_nonfatal_oom
+#define uthash_nonfatal_oom(elt) ut_oom_recover(elt)
+
+static bool oom = false;
+static void ut_oom_recover(strpool *elem)
+{
+	oom = true;
+}
+
+// for zero terminated strings
+bool StrPoolAddStr(strpool **pp, const char *s)
+{
+	strpool *elem;
+	if (!(elem = (strpool*)malloc(sizeof(strpool))))
+		return false;
+	if (!(elem->str = strdup(s)))
+	{
+		free(elem);
+		return false;
+	}
+	oom = false;
+	HASH_ADD_KEYPTR(hh, *pp, elem->str, strlen(elem->str), elem);
+	if (oom)
+	{
+		free(elem->str);
+		free(elem);
+		return false;
+	}
+	return true;
+}
+// for not zero terminated strings
+bool StrPoolAddStrLen(strpool **pp, const char *s, size_t slen)
+{
+	strpool *elem;
+	if (!(elem = (strpool*)malloc(sizeof(strpool))))
+		return false;
+	if (!(elem->str = malloc(slen + 1)))
+	{
+		free(elem);
+		return false;
+	}
+	memcpy(elem->str, s, slen);
+	elem->str[slen] = 0;
+	oom = false;
+	HASH_ADD_KEYPTR(hh, *pp, elem->str, strlen(elem->str), elem);
+	if (oom)
+	{
+		free(elem->str);
+		free(elem);
+		return false;
+	}
+	return true;
+}
+
+bool StrPoolCheckStr(strpool *p, const char *s)
+{
+	strpool *elem;
+	HASH_FIND_STR(p, s, elem);
+	return elem != NULL;
+}
+
+void StrPoolDestroy(strpool **p)
+{
+	strpool *elem, *tmp;
+	HASH_ITER(hh, *p, elem, tmp) {
+		free(elem->str);
+		HASH_DEL(*p, elem);
+		free(elem);
+	}
+	*p = NULL;
+}
+
+
+
+
+bool strlist_add(struct str_list_head *head, const char *filename)
+{
+	struct str_list *entry = malloc(sizeof(struct str_list));
+	if (!entry) return false;
+	entry->str = strdup(filename);
+	if (!entry->str)
+	{
+		free(entry);
+		return false;
+	}
+	LIST_INSERT_HEAD(head, entry, next);
+	return true;
+}
+static void strlist_entry_destroy(struct str_list *entry)
+{
+	if (entry->str)	free(entry->str);
+	free(entry);
+}
+void strlist_destroy(struct str_list_head *head)
+{
+	struct str_list *entry;
+	while ((entry = LIST_FIRST(head)))
+	{
+		LIST_REMOVE(entry, next);
+		strlist_entry_destroy(entry);
+	}
+}

nfq/strpool.h

@@ -0,0 +1,29 @@
+#pragma once
+
+#include <stdbool.h>
+#include <ctype.h>
+#include <sys/queue.h>
+
+//#define HASH_BLOOM 20
+#define HASH_NONFATAL_OOM 1
+#define HASH_FUNCTION HASH_BER
+#include "uthash.h"
+
+typedef struct strpool {
+    char *str;           /* key */
+    UT_hash_handle hh;         /* makes this structure hashable */
+} strpool;
+
+void StrPoolDestroy(strpool **p);
+bool StrPoolAddStr(strpool **pp,const char *s);
+bool StrPoolAddStrLen(strpool **pp,const char *s,size_t slen);
+bool StrPoolCheckStr(strpool *p,const char *s);
+
+struct str_list {
+	char *str;
+	LIST_ENTRY(str_list) next;
+};
+LIST_HEAD(str_list_head, str_list);
+
+bool strlist_add(struct str_list_head *head, const char *filename);
+void strlist_destroy(struct str_list_head *head);