klavirshik
/
GoodbyeDPI
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: klavirshik:master
Branches Tags
klavirshik:master
klavirshik:quic_block
klavirshik:test_windres
klavirshik:openvpn
klavirshik:windivert2
klavirshik:masterv6
klavirshik:ipv6
klavirshik:windivert-test
klavirshik:0.2.3rc1
klavirshik:0.2.2
klavirshik:0.2.1
klavirshik:0.2.0
klavirshik:0.1.8
klavirshik:0.1.7
klavirshik:0.1.6
klavirshik:0.1.5
klavirshik:0.1.5rc3
klavirshik:0.1.5rc2
klavirshik:0.1.5rc1
klavirshik:0.1.4
klavirshik:0.1.3
klavirshik:0.1.2
klavirshik:0.1.2rc3
klavirshik:0.1.2rc2
klavirshik:0.1.2rc1
klavirshik:0.1.1
klavirshik:0.1.0
klavirshik:0.0.9
klavirshik:0.0.8
klavirshik:0.0.7
klavirshik:0.0.6
klavirshik:0.0.5
klavirshik:0.0.4
klavirshik:0.0.3
klavirshik:0.0.2
klavirshik:0.0.1
..
compare: klavirshik:0.1.8
Branches Tags
klavirshik:master
klavirshik:quic_block
klavirshik:test_windres
klavirshik:openvpn
klavirshik:windivert2
klavirshik:masterv6
klavirshik:ipv6
klavirshik:windivert-test
klavirshik:0.2.3rc1
klavirshik:0.2.2
klavirshik:0.2.1
klavirshik:0.2.0
klavirshik:0.1.8
klavirshik:0.1.7
klavirshik:0.1.6
klavirshik:0.1.5
klavirshik:0.1.5rc3
klavirshik:0.1.5rc2
klavirshik:0.1.5rc1
klavirshik:0.1.4
klavirshik:0.1.3
klavirshik:0.1.2
klavirshik:0.1.2rc3
klavirshik:0.1.2rc2
klavirshik:0.1.2rc1
klavirshik:0.1.1
klavirshik:0.1.0
klavirshik:0.0.9
klavirshik:0.0.8
klavirshik:0.0.7
klavirshik:0.0.6
klavirshik:0.0.5
klavirshik:0.0.4
klavirshik:0.0.3
klavirshik:0.0.2
klavirshik:0.0.1

No commits in common. "master" and "0.1.8" have entirely different histories.
master ... 0.1.8

12 changed files with 331 additions and 498 deletions
Show Stats Expand all files Collapse all files

38
.github/ISSUE_TEMPLATE/bug.yml vendored
View File

@ -1,35 +1,19 @@
name: Bug Report / Сообщение об ошибке
description: File a bug report / Сообщить об ошибке в программе
description: File a bug report / Сообщить об ошибке в проекте
body:
- type: markdown
attributes:
value: |
### USE THIS FORM ONLY FOR BUGS! The webside does not open? That's likely NOT a bug, do not report it here!
GoodbyeDPI does not guarantee to work with your ISP for every blocked website or at all. If GoodbyeDPI can't unblock some or any websites, this is most likely not a software bug, and you should not report it here.
Please pay some attention!
GoodbyeDPI does not guarantee to work on your ISP on 100% or at all. If GoodbyeDPI can't unblock some or any websites, this is most likely not a software bug, and you should not report it.
Please report software bugs, such as: website incompatibility (if the website works without GoodbyeDPI but breaks with GoobyeDPI enabled), antivirus incompatibility, DNS redirection problems, incorrect packet handling, and other software issues.
Please make sure to check other opened and closed issues, it could be your question or issue has been already discussed.
Please only report software bugs, such as:
* program crash
* incorrect network packet handling
* antivirus incompatibility
* DNS redirection problems
* other software
Please make sure to check other opened and closed issues, it could be your bug has been reported already.
For questions, or if in doubt, [use NTC.party forum](https://ntc.party/c/community-software/goodbyedpi).
### ИСПОЛЬЗУЙТЕ ЭТУ ФОРМУ ТОЛЬКО ДЛЯ БАГОВ! Веб-сайт не открывается? Это, скорее всего, не баг, не сообщайте сюда!
GoodbyeDPI не гарантирует ни 100% работу с вашим провайдером, ни работу с каждым заблокированным сайтом. Если GoodbyeDPI не разблокирует доступ к некоторым или всем веб-сайтам, вероятнее всего, это не программная ошибка, и не стоит о ней сообщать здесь.
Пожалуйста, сообщайте только об ошибках в программе, таких как:
* падение программы
* некорректная обработка сетевых пакетов
* несовместимость с антивирусами
* проблемы с перенаправлением DNS
* другие ошибки в программе
Также посмотрите другие открытые и закрытые баги. Возможно, ошибка уже обсуждалась или исправлена.
Для вопросов, а также в случае сомнений в определении бага, обращайтесь [на форум NTC.party](https://ntc.party/c/community-software/goodbyedpi).
Пожалуйста, прочтите!
GoodbyeDPI не гарантирует ни 100% работу с вашим провайдером, ни работу вообще. Если GoodbyeDPI не разблокирует доступ к некоторым или всем веб-сайтам, вероятнее всего, это не программная ошибка, и не стоит о ней сообщать здесь.
Сообщайте только об ошибках в программе, таких как: некорректная работа с веб-сайтами (когда веб-сайт работает без GoodbyeDPI, но ломается с GoodbyeDPI), несовместимость с антивирусами, проблемы с перенаправлением DNS, некорректная обработка пакетов, и другие проблемы.
Также посмотрите другие открытые и закрытые баги. Возможно, ваш вопрос или проблема уже обсуждались.
- type: input
id: os
attributes:
@ -51,8 +35,8 @@ body:
- type: textarea
id: what-happened
attributes:
label: Describe the bug / Опишите ошибку программы
description: A clear and concise description of what the bug is / Подробно опишите, в чём заключается ошибка
label: Describe the issue / Опишите проблему
description: A clear and concise description of what the bug is / Подробно опишите, в чём заключается проблема
placeholder: Attach the screenshots for clarity / При необходимости приложите скриншоты
validations:
required: true

31
.github/workflows/build.yml vendored
View File

@ -4,34 +4,31 @@ on:
push:
paths:
- 'src/**'
workflow_dispatch:
env:
WINDIVERT_URL: https://reqrypt.org/download/WinDivert-2.2.0-D.zip
WINDIVERT_NAME: WinDivert-2.2.0-D.zip
WINDIVERT_BASENAME: WinDivert-2.2.0-D
WINDIVERT_SHA256: 1d461cfdfa7ba88ebcfbb3603b71b703e9f72aba8aeff99a75ce293e6f89d2ba
WINDIVERT_URL: https://www.reqrypt.org/download/WinDivert-1.4.3-A.zip
WINDIVERT_NAME: WinDivert-1.4.3-A.zip
WINDIVERT_SHA256: 4084bc3931f31546d375ed89e3f842776efa46f321ed0adcd32d3972a7d02566
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v2
- name: Declare short commit variable
id: vars
run: |
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: Install MinGW-w64
run: >
sudo rm /var/lib/man-db/auto-update &&
sudo DEBIAN_FRONTEND=noninteractive XZ_DEFAULTS="-T0" XZ_OPT="-T0" eatmydata
apt install -y --no-install-recommends gcc-mingw-w64
- name: Download WinDivert from cache
id: windivert-cache
uses: actions/cache@v4
uses: actions/cache@v2
with:
path: ${{ env. WINDIVERT_NAME }}
key: ${{ env. WINDIVERT_SHA256 }}
@ -48,15 +45,15 @@ jobs:
- name: Compile x86_64
run: >
cd src && make clean &&
make CPREFIX=x86_64-w64-mingw32- BIT64=1 WINDIVERTHEADERS=../${{ env.WINDIVERT_BASENAME }}/include WINDIVERTLIBS=../${{ env.WINDIVERT_BASENAME }}/x64 -j4
make CPREFIX=x86_64-w64-mingw32- BIT64=1 WINDIVERTHEADERS=../WinDivert-1.4.3-A/include WINDIVERTLIBS=../WinDivert-1.4.3-A/x86_64 -j4
- name: Prepare x86_64 directory
run: |
mkdir goodbyedpi_x86_64_${{ steps.vars.outputs.sha_short }}
cp src/goodbyedpi.exe ${{ env.WINDIVERT_BASENAME }}/x64/*.{dll,sys} goodbyedpi_x86_64_${{ steps.vars.outputs.sha_short }}
cp src/goodbyedpi.exe WinDivert-1.4.3-A/x86_64/*.{dll,sys} goodbyedpi_x86_64_${{ steps.vars.outputs.sha_short }}
- name: Upload output file x86_64
uses: actions/upload-artifact@v4
- name: Upload output file x86_64 (64 bit)
uses: actions/upload-artifact@v2
with:
name: goodbyedpi_x86_64_${{ steps.vars.outputs.sha_short }}
path: goodbyedpi_x86_64_${{ steps.vars.outputs.sha_short }}
@ -64,15 +61,15 @@ jobs:
- name: Compile i686
run: >
cd src && make clean &&
make CPREFIX=i686-w64-mingw32- WINDIVERTHEADERS=../${{ env.WINDIVERT_BASENAME }}/include WINDIVERTLIBS=../${{ env.WINDIVERT_BASENAME }}/x86 -j4
make CPREFIX=i686-w64-mingw32- WINDIVERTHEADERS=../WinDivert-1.4.3-A/include WINDIVERTLIBS=../WinDivert-1.4.3-A/x86 -j4
- name: Prepare x86 directory
run: |
mkdir goodbyedpi_x86_${{ steps.vars.outputs.sha_short }}
cp src/goodbyedpi.exe ${{ env.WINDIVERT_BASENAME }}/x86/*.{dll,sys} goodbyedpi_x86_${{ steps.vars.outputs.sha_short }}
cp src/goodbyedpi.exe WinDivert-1.4.3-A/x86/*.{dll,sys} goodbyedpi_x86_${{ steps.vars.outputs.sha_short }}
- name: Upload output file x86
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v2
with:
name: goodbyedpi_x86_${{ steps.vars.outputs.sha_short }}
path: goodbyedpi_x86_${{ steps.vars.outputs.sha_short }}

53
README.md
View File

@ -1,19 +1,11 @@
GoodbyeDPI — Deep Packet Inspection circumvention utility
GoodbyeDPI — Passive Deep Packet Inspection blocker and Active DPI circumvention utility
=========================
This software designed to bypass Deep Packet Inspection systems found in many Internet Service Providers which block access to certain websites.
It handles DPI connected using optical splitter or port mirroring (**Passive DPI**) which do not block any data but just replying faster than requested destination, and **Active DPI** connected in sequence.
**Windows 7, 8, 8.1, 10 or 11** with administrator privileges required.
# Quick start
* **For Russia**: Download [latest version from Releases page](https://github.com/ValdikSS/GoodbyeDPI/releases), unpack the file and run **1_russia_blacklist_dnsredir.cmd** script.
* For other countries: Download [latest version from Releases page](https://github.com/ValdikSS/GoodbyeDPI/releases), unpack the file and run **2_any_country_dnsredir.cmd**.
These scripts launch GoodbyeDPI in recommended mode with DNS resolver redirection to Yandex DNS on non-standard port (to prevent DNS poisoning).
If it works — congratulations! You can use it as-is or configure further.
**Windows 7, 8, 8.1 and 10** with administrator privileges required.
# How to use
@ -42,18 +34,10 @@ Usage: goodbyedpi.exe [OPTION...]
--blacklist <txtfile> perform circumvention tricks only to host names and subdomains from
supplied text file (HTTP Host/TLS SNI).
This option can be supplied multiple times.
--allow-no-sni perform circumvention if TLS SNI can't be detected with --blacklist enabled.
--frag-by-sni if SNI is detected in TLS packet, fragment the packet right before SNI value.
--set-ttl <value> activate Fake Request Mode and send it with supplied TTL value.
DANGEROUS! May break websites in unexpected ways. Use with care (or --blacklist).
--auto-ttl [a1-a2-m] activate Fake Request Mode, automatically detect TTL and decrease
it based on a distance. If the distance is shorter than a2, TTL is decreased
by a2. If it's longer, (a1; a2) scale is used with the distance as a weight.
If the resulting TTL is more than m(ax), set it to m.
Default (if set): --auto-ttl 1-4-10. Also sets --min-ttl 3.
DANGEROUS! May break websites in unexpected ways. Use with care (or --blacklist).
--min-ttl <value> minimum TTL distance (128/64 - TTL) for which to send Fake Request
in --set-ttl and --auto-ttl modes.
DANGEROUS! May break websites in unexpected ways. Use with care.
--auto-ttl [decttl] activate Fake Request Mode, automatically detect TTL and decrease
it from standard 64 or 128 by decttl (128/64 - TTL - 4 by default).
--wrong-chksum activate Fake Request Mode and send it with incorrect TCP checksum.
May not work in a VM or with some routers, but is safer than set-ttl.
--wrong-seq activate Fake Request Mode and send it with TCP SEQ/ACK in the past.
@ -63,11 +47,6 @@ Usage: goodbyedpi.exe [OPTION...]
--reverse-frag fragment (split) the packets just as --native-frag, but send them in the
reversed order. Works with the websites which could not handle segmented
HTTPS TLS ClientHello (because they receive the TCP flow "combined").
--max-payload [value] packets with TCP payload data more than [value] won't be processed.
Use this option to reduce CPU usage by skipping huge amount of data
(like file transfers) in already established sessions.
May skip some huge HTTP requests from being processed.
Default (if set): --max-payload 1200.
LEGACY modesets:
@ -77,18 +56,18 @@ LEGACY modesets:
-4 -p -r -s (best speed)
Modern modesets (more stable, more compatible, faster):
-5 -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default)
-6 -f 2 -e 2 --wrong-seq --reverse-frag --max-payload
-5 -f 2 -e 2 --auto-ttl --reverse-frag (this is the default)
-6 -f 2 -e 2 --wrong-seq --reverse-frag
```
To check if your ISP's DPI could be circumvented, first make sure that your provider does not poison DNS answers by enabling "Secure DNS (DNS over HTTPS)" option in your browser.
* **Chrome**: Settings → [Privacy and security](chrome://settings/security) Use secure DNS → With: NextDNS
* **Chrome**: Settings → [Privacy and security](chrome://settings/security) > Use secure DNS → With: NextDNS
* **Firefox**: [Settings](about:preferences) → Network Settings → Enable DNS over HTTPS → Use provider: NextDNS
Then run the `goodbyedpi.exe` executable without any options. If it works — congratulations! You can use it as-is or configure further, for example by using `--blacklist` option if the list of blocked websites is known and available for your country.
If your provider intercepts DNS requests, you may want to use `--dns-addr` option to a public DNS resolver running on non-standard port (such as Yandex DNS `77.88.8.8:1253`) or configure DNS over HTTPS/TLS using third-party applications.
If your provider intercepts DNS requests, you may want to use `--dns-addr` option to a public DNS resover running on non-standard port (such as Yandex DNS `77.88.8.8:1253`) or configure DNS over HTTPS/TLS using third-party applications.
Check the .cmd scripts and modify it according to your preference and network conditions.
@ -141,15 +120,11 @@ Modify them according to your own needs.
# Similar projects
- **[zapret](https://github.com/bol-van/zapret)** by @bol-van (for MacOS, Linux and Windows)
- **[Green Tunnel](https://github.com/SadeghHayeri/GreenTunnel)** by @SadeghHayeri (for MacOS, Linux and Windows)
- **[DPI Tunnel CLI](https://github.com/zhenyolka/DPITunnel-cli)** by @zhenyolka (for Linux and routers)
- **[DPI Tunnel for Android](https://github.com/zhenyolka/DPITunnel-android)** by @zhenyolka (for Android)
- **[PowerTunnel](https://github.com/krlvm/PowerTunnel)** by @krlvm (for Windows, MacOS and Linux)
- **[PowerTunnel for Android](https://github.com/krlvm/PowerTunnel-Android)** by @krlvm (for Android)
- **[SpoofDPI](https://github.com/xvzc/SpoofDPI)** by @xvzc (for macOS and Linux)
- **[GhosTCP](https://github.com/macronut/ghostcp)** by @macronut (for Windows)
- **[ByeDPI](https://github.com/hufrea/byedpi)** for Linux/Windows + **[ByeDPIAndroid](https://github.com/dovecoteescapee/ByeDPIAndroid/)** for Android (no root)
- **[zapret](https://github.com/bol-van/zapret)** by @bol-van (for Linux).
- **[Green Tunnel](https://github.com/SadeghHayeri/GreenTunnel)** by @SadeghHayeri (for MacOS, Linux and Windows).
- **[DPITunnel](https://github.com/zhenyolka/DPITunnel)** by @zhenyolka (for Android).
- **[PowerTunnel](https://github.com/krlvm/PowerTunnel)** by @krlvm (for Windows, MacOS and Linux).
- **[PowerTunnel for Android](https://github.com/krlvm/PowerTunnel-Android)** by @krlvm (for Android).
# Kudos

15
src/Makefile
View File

@ -11,19 +11,10 @@ TARGET = goodbyedpi.exe
#LIBS = -L$(WINDIVERTLIBS) -Wl,-Bstatic -lssp -Wl,-Bdynamic -lWinDivert -lws2_32
LIBS = -L$(WINDIVERTLIBS) -lWinDivert -lws2_32 -l:libssp.a
CC = $(CPREFIX)gcc
CCWINDRES = $(CPREFIX)windres
ifeq (, $(shell which $(CPREFIX)windres))
CCWINDRES = windres
endif
CFLAGS = -std=c99 -pie -fPIE -pipe -I$(WINDIVERTHEADERS) -L$(WINDIVERTLIBS) \
-O2 -D_FORTIFY_SOURCE=2 -fstack-protector \
-Wall -Wextra -Wpedantic -Wformat=2 -Wformat-overflow=2 -Wformat-truncation=2 \
-Wformat-security -Wno-format-nonliteral -Wshadow -Wstrict-aliasing=1 \
-Wnull-dereference -Warray-bounds=2 -Wimplicit-fallthrough=3 \
-Wstringop-overflow=4 \
-Wformat-signedness -Wstrict-overflow=2 -Wcast-align=strict \
-Wall -Wextra -Wpedantic -Wformat=2 -Wno-format-nonliteral -Wshadow -Wstrict-aliasing=1 -Werror=format-security \
-Wfloat-equal -Wcast-align -Wsign-conversion \
#-fstack-protector-strong
LDFLAGS = -fstack-protector -Wl,-O1,-pie,--dynamicbase,--nxcompat,--sort-common,--as-needed \
@ -38,7 +29,7 @@ endif
.PHONY: default all clean
default: $(TARGET)
default: manifest $(TARGET)
all: default
OBJECTS = $(patsubst %.c, %.o, $(wildcard *.c utils/*.c)) goodbyedpi-rc.o
@ -47,7 +38,7 @@ HEADERS = $(wildcard *.h utils/*.h)
%.o: %.c $(HEADERS)
$(CC) $(CFLAGS) -c $< -o $@
goodbyedpi-rc.o:
manifest:
$(CCWINDRES) goodbyedpi-rc.rc goodbyedpi-rc.o
.PRECIOUS: $(TARGET) $(OBJECTS)

4
src/blackwhitelist.c
View File

@ -70,10 +70,8 @@ int blackwhitelist_load_list(const char *filename) {
line);
continue;
}
if (strlen(line) < 3) {
printf("WARNING: host %s is less than 3 bytes, skipping\n", line);
if (strlen(line) < 4)
continue;
}
if (add_hostname(line))
cnt++;
}

2
src/dnsredir.c
View File

@ -44,7 +44,7 @@ static time_t last_cleanup = 0;
static udp_connrecord_t *conntrack = NULL;
void flush_dns_cache() {
INT_PTR WINAPI (*DnsFlushResolverCache)();
long long int WINAPI (*DnsFlushResolverCache)();
HMODULE dnsapi = LoadLibrary("dnsapi.dll");
if (dnsapi == NULL)

16
src/fakepackets.c
View File

@ -70,21 +70,19 @@ static int send_fake_data(const HANDLE w_filter,
memcpy(&addr_new, addr, sizeof(WINDIVERT_ADDRESS));
memcpy(packet_fake, pkt, packetLen);
addr_new.TCPChecksum = 0;
addr_new.IPChecksum = 0;
addr_new.PseudoTCPChecksum = 0;
addr_new.PseudoIPChecksum = 0;
if (!is_ipv6) {
// IPv4 TCP Data packet
if (!WinDivertHelperParsePacket(packet_fake, packetLen, &ppIpHdr,
NULL, NULL, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen,
NULL, NULL))
NULL, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen))
return 1;
}
else {
// IPv6 TCP Data packet
if (!WinDivertHelperParsePacket(packet_fake, packetLen, NULL,
&ppIpV6Hdr, NULL, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen,
NULL, NULL))
&ppIpV6Hdr, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen))
return 1;
}
@ -122,18 +120,18 @@ static int send_fake_data(const HANDLE w_filter,
}
// Recalculate the checksum
WinDivertHelperCalcChecksums(packet_fake, packetLen_new, &addr_new, 0ULL);
WinDivertHelperCalcChecksums(packet_fake, packetLen_new, &addr_new, (UINT64)NULL);
if (set_checksum) {
// ...and damage it
ppTcpHdr->Checksum = htons(ntohs(ppTcpHdr->Checksum) - 1);
}
//printf("Pseudo checksum: %d\n", addr_new.TCPChecksum);
//printf("Pseudo checksum: %d\n", addr_new.PseudoTCPChecksum);
WinDivertSend(
w_filter, packet_fake,
packetLen_new,
NULL, &addr_new
&addr_new, NULL
);
debug("Fake packet: OK");

451
src/goodbyedpi.c
View File

@ -23,7 +23,7 @@
// My mingw installation does not load inet_pton definition for some reason
WINSOCK_API_LINKAGE INT WSAAPI inet_pton(INT Family, LPCSTR pStringBuf, PVOID pAddr);
#define GOODBYEDPI_VERSION "v0.2.2"
#define GOODBYEDPI_VERSION "v0.1.8"
#define die() do { sleep(20); exit(EXIT_FAILURE); } while (0)
@ -61,9 +61,8 @@ WINSOCK_API_LINKAGE INT WSAAPI inet_pton(INT Family, LPCSTR pStringBuf, PVOID pA
/* #IPID# is a template to find&replace */
#define IPID_TEMPLATE "#IPID#"
#define MAXPAYLOADSIZE_TEMPLATE "#MAXPAYLOADSIZE#"
#define FILTER_STRING_TEMPLATE \
"(tcp and !impostor and !loopback " MAXPAYLOADSIZE_TEMPLATE " and " \
"(tcp and !impostor and !loopback and " \
"((inbound and (" \
"(" \
"(" \
@ -90,48 +89,28 @@ WINSOCK_API_LINKAGE INT WSAAPI inet_pton(INT Family, LPCSTR pStringBuf, PVOID pA
} \
else if (http_fragment_size != (unsigned int)fragment_size) { \
printf( \
"WARNING: HTTP fragment size is already set to %u, not changing.\n", \
"WARNING: HTTP fragment size is already set to %d, not changing.\n", \
http_fragment_size \
); \
} \
} while (0)
#define TCP_HANDLE_OUTGOING_TTL_PARSE_PACKET_IF() \
#define TCP_HANDLE_OUTGOING_ADJUST_TTL() do { \
if ((packet_v4 && tcp_handle_outgoing(&ppIpHdr->SrcAddr, &ppIpHdr->DstAddr, \
ppTcpHdr->SrcPort, ppTcpHdr->DstPort, \
&tcp_conn_info, 0)) \
|| \
(packet_v6 && tcp_handle_outgoing(ppIpV6Hdr->SrcAddr, ppIpV6Hdr->DstAddr, \
ppTcpHdr->SrcPort, ppTcpHdr->DstPort, \
&tcp_conn_info, 1)))
#define TCP_HANDLE_OUTGOING_FAKE_PACKET(func) do { \
should_send_fake = 1; \
if (do_auto_ttl || ttl_min_nhops) { \
TCP_HANDLE_OUTGOING_TTL_PARSE_PACKET_IF() { \
if (do_auto_ttl) { \
/* If Auto TTL mode */ \
ttl_of_fake_packet = tcp_get_auto_ttl(tcp_conn_info.ttl, auto_ttl_1, auto_ttl_2, \
ttl_min_nhops, auto_ttl_max); \
if (do_tcp_verb) { \
printf("Connection TTL = %d, Fake TTL = %d\n", tcp_conn_info.ttl, ttl_of_fake_packet); \
} \
} \
else if (ttl_min_nhops) { \
/* If not Auto TTL mode but --min-ttl is set */ \
if (!tcp_get_auto_ttl(tcp_conn_info.ttl, 0, 0, ttl_min_nhops, 0)) { \
/* Send only if nhops >= min_ttl */ \
should_send_fake = 0; \
} \
} \
&tcp_conn_info, 1))) \
{ \
ttl_of_fake_packet = tcp_get_auto_ttl(tcp_conn_info.ttl, do_auto_ttl); \
if (do_tcp_verb) { \
printf("Connection TTL = %d, Fake TTL = %d\n", tcp_conn_info.ttl, ttl_of_fake_packet); \
} \
} \
if (should_send_fake) \
func(w_filter, &addr, packet, packetLen, packet_v6, \
ttl_of_fake_packet, do_wrong_chksum, do_wrong_seq); \
} while (0)
static int running_from_service = 0;
static int exiting = 0;
static HANDLE filters[MAX_FILTERS];
@ -161,17 +140,13 @@ static struct option long_options[] = {
{"dnsv6-port", required_argument, 0, '@' },
{"dns-verb", no_argument, 0, 'v' },
{"blacklist", required_argument, 0, 'b' },
{"allow-no-sni",no_argument, 0, ']' },
{"frag-by-sni", no_argument, 0, '>' },
{"ip-id", required_argument, 0, 'i' },
{"set-ttl", required_argument, 0, '$' },
{"min-ttl", required_argument, 0, '[' },
{"auto-ttl", optional_argument, 0, '+' },
{"wrong-chksum",no_argument, 0, '%' },
{"wrong-seq", no_argument, 0, ')' },
{"native-frag", no_argument, 0, '*' },
{"reverse-frag",no_argument, 0, '(' },
{"max-payload", optional_argument, 0, '|' },
{0, 0, 0, 0 }
};
@ -181,7 +156,7 @@ static char *filter_passive_string = NULL;
static void add_filter_str(int proto, int port) {
const char *udp = " or (udp and !impostor and !loopback and " \
"(udp.SrcPort == %d or udp.DstPort == %d))";
const char *tcp = " or (tcp and !impostor and !loopback " MAXPAYLOADSIZE_TEMPLATE " and " \
const char *tcp = " or (tcp and !impostor and !loopback and " \
"(tcp.SrcPort == %d or tcp.DstPort == %d))";
char *current_filter = filter_string;
@ -215,26 +190,11 @@ static void add_ip_id_str(int id) {
filter_passive_string = newstr;
}
static void add_maxpayloadsize_str(unsigned short maxpayload) {
char *newstr;
/* 0x47455420 is "GET ", 0x504F5354 is "POST", big endian. */
const char *maxpayloadsize_str = "and (tcp.PayloadLength ? tcp.PayloadLength < %hu or tcp.Payload32[0] == 0x47455420 or tcp.Payload32[0] == 0x504F5354 : true)";
char *addfilter = malloc(strlen(maxpayloadsize_str) + 16);
sprintf(addfilter, maxpayloadsize_str, maxpayload);
newstr = repl_str(filter_string, MAXPAYLOADSIZE_TEMPLATE, addfilter);
free(filter_string);
filter_string = newstr;
}
static void finalize_filter_strings() {
char *newstr, *newstr2;
char *newstr;
newstr2 = repl_str(filter_string, IPID_TEMPLATE, "");
newstr = repl_str(newstr2, MAXPAYLOADSIZE_TEMPLATE, "");
newstr = repl_str(filter_string, IPID_TEMPLATE, "");
free(filter_string);
free(newstr2);
filter_string = newstr;
newstr = repl_str(filter_passive_string, IPID_TEMPLATE, "");
@ -243,7 +203,7 @@ static void finalize_filter_strings() {
}
static char* dumb_memmem(const char* haystack, unsigned int hlen,
const char* needle, unsigned int nlen)
const char* needle, size_t nlen)
{
// naive implementation
if (nlen > hlen) return NULL;
@ -311,7 +271,6 @@ static HANDLE init(char *filter, UINT64 flags) {
static int deinit(HANDLE handle) {
if (handle) {
WinDivertShutdown(handle, WINDIVERT_SHUTDOWN_BOTH);
WinDivertClose(handle);
return TRUE;
}
@ -378,11 +337,11 @@ static int find_header_and_get_info(const char *pktdata, unsigned int pktlen,
/* Search for header end (\r\n) */
data_addr_rn = dumb_memmem(*hdrvalueaddr,
pktlen - (uintptr_t)(*hdrvalueaddr - pktdata),
pktlen - (*hdrvalueaddr - pktdata),
"\r\n", 2);
if (data_addr_rn) {
*hdrvaluelen = (uintptr_t)(data_addr_rn - *hdrvalueaddr);
if (*hdrvaluelen >= 3 && *hdrvaluelen <= HOST_MAXLEN)
*hdrvaluelen = data_addr_rn - *hdrvalueaddr;
if (*hdrvaluelen > 0u && *hdrvaluelen <= 512u)
return TRUE;
}
return FALSE;
@ -393,10 +352,10 @@ static int find_header_and_get_info(const char *pktdata, unsigned int pktlen,
*/
static int extract_sni(const char *pktdata, unsigned int pktlen,
char **hostnameaddr, unsigned int *hostnamelen) {
unsigned int ptr = 0;
unsigned const char *d = (unsigned const char *)pktdata;
unsigned const char *hnaddr = 0;
int hnlen = 0;
uint32_t ptr = 0;
unsigned char *d = (unsigned char*)pktdata;
unsigned char *hnaddr = 0;
unsigned int hnlen = 0;
while (ptr + 8 < pktlen) {
/* Search for specific Extensions sequence */
@ -412,21 +371,21 @@ static int extract_sni(const char *pktdata, unsigned int pktlen,
}
hnaddr = &d[ptr+9];
hnlen = d[ptr+8];
/* Limit hostname size up to 253 bytes */
if (hnlen < 3 || hnlen > HOST_MAXLEN) {
/* Limit hostname size up to 254 bytes */
if (hnlen < 2 || hnlen > 254) {
return FALSE;
}
/* Validate that hostname has only ascii lowercase characters */
for (int i=0; i<hnlen; i++) {
if (!( (hnaddr[i] >= '0' && hnaddr[i] <= '9') ||
for (unsigned int i=0; i<hnlen; i++) {
if (!( (hnaddr[i] >= '1' && hnaddr[i] <= '9') ||
(hnaddr[i] >= 'a' && hnaddr[i] <= 'z') ||
hnaddr[i] == '.' || hnaddr[i] == '-'))
hnaddr[i] == '.'))
{
return FALSE;
}
}
*hostnameaddr = (char*)hnaddr;
*hostnamelen = (unsigned int)hnlen;
*hostnamelen = hnlen;
return TRUE;
}
ptr++;
@ -475,16 +434,9 @@ static void send_native_fragment(HANDLE w_filter, WINDIVERT_ADDRESS addr,
PWINDIVERT_TCPHDR ppTcpHdr,
unsigned int fragment_size, int step) {
char packet_bak[MAX_PACKET_SIZE];
memcpy(packet_bak, packet, packetLen);
memcpy(&packet_bak, packet, packetLen);
UINT orig_packetLen = packetLen;
if (fragment_size >= packet_dataLen) {
if (step == 1)
fragment_size = 0;
else
return;
}
if (step == 0) {
if (packet_v4)
ppIpHdr->Length = htons(
@ -521,8 +473,8 @@ static void send_native_fragment(HANDLE w_filter, WINDIVERT_ADDRESS addr,
ppTcpHdr->SeqNum = htonl(ntohl(ppTcpHdr->SeqNum) + fragment_size);
}
addr.IPChecksum = 0;
addr.TCPChecksum = 0;
addr.PseudoIPChecksum = 0;
addr.PseudoTCPChecksum = 0;
WinDivertHelperCalcChecksums(
packet, packetLen, &addr, 0
@ -530,9 +482,9 @@ static void send_native_fragment(HANDLE w_filter, WINDIVERT_ADDRESS addr,
WinDivertSend(
w_filter, packet,
packetLen,
NULL, &addr
&addr, NULL
);
memcpy(packet, packet_bak, orig_packetLen);
memcpy(packet, &packet_bak, orig_packetLen);
//printf("Sent native fragment of %d size (step%d)\n", packetLen, step);
}
@ -543,7 +495,6 @@ int main(int argc, char *argv[]) {
ipv6_tcp, ipv6_tcp_data, ipv6_udp_data
} packet_type;
int i, should_reinject, should_recalc_checksum = 0;
int sni_ok = 0;
int opt;
int packet_v4, packet_v6;
HANDLE w_filter = NULL;
@ -568,8 +519,6 @@ int main(int argc, char *argv[]) {
do_host_mixedcase = 0,
do_dnsv4_redirect = 0, do_dnsv6_redirect = 0,
do_dns_verb = 0, do_tcp_verb = 0, do_blacklist = 0,
do_allow_no_sni = 0,
do_fragment_by_sni = 0,
do_fake_packet = 0,
do_auto_ttl = 0,
do_wrong_chksum = 0,
@ -578,13 +527,7 @@ int main(int argc, char *argv[]) {
unsigned int http_fragment_size = 0;
unsigned int https_fragment_size = 0;
unsigned int current_fragment_size = 0;
unsigned short max_payload_size = 0;
BYTE should_send_fake = 0;
BYTE ttl_of_fake_packet = 0;
BYTE ttl_min_nhops = 0;
BYTE auto_ttl_1 = 0;
BYTE auto_ttl_2 = 0;
BYTE auto_ttl_max = 0;
uint32_t dnsv4_addr = 0;
struct in6_addr dnsv6_addr = {0};
struct in6_addr dns_temp_addr = {0};
@ -637,8 +580,7 @@ int main(int argc, char *argv[]) {
http_fragment_size = https_fragment_size = 2;
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_auto_ttl = 1;
max_payload_size = 1200;
do_auto_ttl = 4;
}
while ((opt = getopt_long(argc, argv, "123456prsaf:e:mwk:n", long_options, NULL)) != -1) {
@ -670,8 +612,7 @@ int main(int argc, char *argv[]) {
http_fragment_size = https_fragment_size = 2;
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_auto_ttl = 1;
max_payload_size = 1200;
do_auto_ttl = 4;
break;
case '6':
do_fragment_http = do_fragment_https = 1;
@ -680,7 +621,6 @@ int main(int argc, char *argv[]) {
do_fragment_http_persistent = do_fragment_http_persistent_nowait = 1;
do_fake_packet = 1;
do_wrong_seq = 1;
max_payload_size = 1200;
break;
case 'p':
do_passivedpi = 1;
@ -719,7 +659,7 @@ int main(int argc, char *argv[]) {
case 'w':
do_http_allports = 1;
break;
case 'z': // --port
case 'z':
/* i is used as a temporary variable here */
i = atoi(optarg);
if (i <= 0 || i > 65535) {
@ -730,13 +670,13 @@ int main(int argc, char *argv[]) {
add_filter_str(IPPROTO_TCP, i);
i = 0;
break;
case 'i': // --ip-id
case 'i':
/* i is used as a temporary variable here */
i = atousi(optarg, "IP ID parameter error!\n");
add_ip_id_str(i);
i = 0;
break;
case 'd': // --dns-addr
case 'd':
if ((inet_pton(AF_INET, optarg, dns_temp_addr.s6_addr) == 1) &&
!do_dnsv4_redirect)
{
@ -752,7 +692,7 @@ int main(int argc, char *argv[]) {
puts("DNS address parameter error!");
exit(EXIT_FAILURE);
break;
case '!': // --dnsv6-addr
case '!':
if ((inet_pton(AF_INET6, optarg, dns_temp_addr.s6_addr) == 1) &&
!do_dnsv6_redirect)
{
@ -768,7 +708,7 @@ int main(int argc, char *argv[]) {
puts("DNS address parameter error!");
exit(EXIT_FAILURE);
break;
case 'g': // --dns-port
case 'g':
if (!do_dnsv4_redirect) {
puts("--dns-port should be used with --dns-addr!\n"
"Make sure you use --dns-addr and pass it before "
@ -781,7 +721,7 @@ int main(int argc, char *argv[]) {
}
dnsv4_port = htons(dnsv4_port);
break;
case '@': // --dnsv6-port
case '@':
if (!do_dnsv6_redirect) {
puts("--dnsv6-port should be used with --dnsv6-addr!\n"
"Make sure you use --dnsv6-addr and pass it before "
@ -798,89 +738,45 @@ int main(int argc, char *argv[]) {
do_dns_verb = 1;
do_tcp_verb = 1;
break;
case 'b': // --blacklist
case 'b':
do_blacklist = 1;
if (!blackwhitelist_load_list(optarg)) {
printf("Can't load blacklist from file!\n");
exit(EXIT_FAILURE);
}
break;
case ']': // --allow-no-sni
do_allow_no_sni = 1;
break;
case '>': // --frag-by-sni
do_fragment_by_sni = 1;
break;
case '$': // --set-ttl
do_auto_ttl = auto_ttl_1 = auto_ttl_2 = auto_ttl_max = 0;
case '$':
do_fake_packet = 1;
ttl_of_fake_packet = atoub(optarg, "Set TTL parameter error!");
break;
case '[': // --min-ttl
case '+':
do_fake_packet = 1;
ttl_min_nhops = atoub(optarg, "Set Minimum TTL number of hops parameter error!");
break;
case '+': // --auto-ttl
do_fake_packet = 1;
do_auto_ttl = 1;
if (!optarg && argv[optind] && argv[optind][0] != '-')
optarg = argv[optind];
do_auto_ttl = 4;
if (optarg) {
char *autottl_copy = strdup(optarg);
if (strchr(autottl_copy, '-')) {
// token "-" found, start X-Y parser
char *autottl_current = strtok(autottl_copy, "-");
auto_ttl_1 = atoub(autottl_current, "Set Auto TTL parameter error!");
autottl_current = strtok(NULL, "-");
if (!autottl_current) {
puts("Set Auto TTL parameter error!");
exit(EXIT_FAILURE);
}
auto_ttl_2 = atoub(autottl_current, "Set Auto TTL parameter error!");
autottl_current = strtok(NULL, "-");
if (!autottl_current) {
puts("Set Auto TTL parameter error!");
exit(EXIT_FAILURE);
}
auto_ttl_max = atoub(autottl_current, "Set Auto TTL parameter error!");
}
else {
// single digit parser
auto_ttl_2 = atoub(optarg, "Set Auto TTL parameter error!");
auto_ttl_1 = auto_ttl_2;
}
free(autottl_copy);
do_auto_ttl = atoub(optarg, "Set Auto TTL parameter error!");
} else if (argv[optind] && argv[optind][0] != '-') {
do_auto_ttl = atoub(argv[optind], "Set Auto TTL parameter error!");
}
break;
case '%': // --wrong-chksum
case '%':
do_fake_packet = 1;
do_wrong_chksum = 1;
break;
case ')': // --wrong-seq
case ')':
do_fake_packet = 1;
do_wrong_seq = 1;
break;
case '*': // --native-frag
case '*':
do_native_frag = 1;
do_fragment_http_persistent = 1;
do_fragment_http_persistent_nowait = 1;
break;
case '(': // --reverse-frag
case '(':
do_reverse_frag = 1;
do_native_frag = 1;
do_fragment_http_persistent = 1;
do_fragment_http_persistent_nowait = 1;
break;
case '|': // --max-payload
if (!optarg && argv[optind] && argv[optind][0] != '-')
optarg = argv[optind];
if (optarg)
max_payload_size = atousi(optarg, "Max payload size parameter error!");
else
max_payload_size = 1200;
break;
default:
puts("Usage: goodbyedpi.exe [OPTION...]\n"
" -p block passive DPI\n"
@ -903,18 +799,10 @@ int main(int argc, char *argv[]) {
" --blacklist <txtfile> perform circumvention tricks only to host names and subdomains from\n"
" supplied text file (HTTP Host/TLS SNI).\n"
" This option can be supplied multiple times.\n"
" --allow-no-sni perform circumvention if TLS SNI can't be detected with --blacklist enabled.\n"
" --frag-by-sni if SNI is detected in TLS packet, fragment the packet right before SNI value.\n"
" --set-ttl <value> activate Fake Request Mode and send it with supplied TTL value.\n"
" DANGEROUS! May break websites in unexpected ways. Use with care (or --blacklist).\n"
" --auto-ttl [a1-a2-m] activate Fake Request Mode, automatically detect TTL and decrease\n"
" it based on a distance. If the distance is shorter than a2, TTL is decreased\n"
" by a2. If it's longer, (a1; a2) scale is used with the distance as a weight.\n"
" If the resulting TTL is more than m(ax), set it to m.\n"
" Default (if set): --auto-ttl 1-4-10. Also sets --min-ttl 3.\n"
" DANGEROUS! May break websites in unexpected ways. Use with care (or --blacklist).\n"
" --min-ttl <value> minimum TTL distance (128/64 - TTL) for which to send Fake Request\n"
" in --set-ttl and --auto-ttl modes.\n"
" DANGEROUS! May break websites in unexpected ways. Use with care.\n"
" --auto-ttl [decttl] activate Fake Request Mode, automatically detect TTL and decrease\n"
" it from standard 64 or 128 by decttl (128/64 - TTL - 4 by default).\n"
" --wrong-chksum activate Fake Request Mode and send it with incorrect TCP checksum.\n"
" May not work in a VM or with some routers, but is safer than set-ttl.\n"
" Could be combined with --set-ttl\n"
@ -925,21 +813,17 @@ int main(int argc, char *argv[]) {
" --reverse-frag fragment (split) the packets just as --native-frag, but send them in the\n"
" reversed order. Works with the websites which could not handle segmented\n"
" HTTPS TLS ClientHello (because they receive the TCP flow \"combined\").\n"
" --max-payload [value] packets with TCP payload data more than [value] won't be processed.\n"
" Use this option to reduce CPU usage by skipping huge amount of data\n"
" (like file transfers) in already established sessions.\n"
" May skip some huge HTTP requests from being processed.\n"
" Default (if set): --max-payload 1200.\n"
"\n");
puts("LEGACY modesets:\n"
"\n"
"\n"
"LEGACY modesets:\n"
" -1 -p -r -s -f 2 -k 2 -n -e 2 (most compatible mode)\n"
" -2 -p -r -s -f 2 -k 2 -n -e 40 (better speed for HTTPS yet still compatible)\n"
" -3 -p -r -s -e 40 (better speed for HTTP and HTTPS)\n"
" -4 -p -r -s (best speed)"
"\n"
"Modern modesets (more stable, more compatible, faster):\n"
" -5 -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default)\n"
" -6 -f 2 -e 2 --wrong-seq --reverse-frag --max-payload\n");
" -5 -f 2 -e 2 --auto-ttl --reverse-frag (this is the default)\n"
" -6 -f 2 -e 2 --wrong-seq --reverse-frag\n");
exit(EXIT_FAILURE);
}
}
@ -948,77 +832,33 @@ int main(int argc, char *argv[]) {
http_fragment_size = 2;
if (!https_fragment_size)
https_fragment_size = 2;
if (!auto_ttl_1)
auto_ttl_1 = 1;
if (!auto_ttl_2)
auto_ttl_2 = 4;
if (do_auto_ttl) {
if (!ttl_min_nhops)
ttl_min_nhops = 3;
if (!auto_ttl_max)
auto_ttl_max = 10;
}
printf("Block passive: %d\n" /* 1 */
"Fragment HTTP: %u\n" /* 2 */
"Fragment persistent HTTP: %u\n" /* 3 */
"Fragment HTTPS: %u\n" /* 4 */
"Fragment by SNI: %u\n" /* 5 */
"Native fragmentation (splitting): %d\n" /* 5 */
"Fragments sending in reverse: %d\n" /* 6 */
"hoSt: %d\n" /* 7 */
"Host no space: %d\n" /* 8 */
"Additional space: %d\n" /* 9 */
"Mix Host: %d\n" /* 10 */
"HTTP AllPorts: %d\n" /* 11 */
"HTTP Persistent Nowait: %d\n" /* 12 */
"DNS redirect: %d\n" /* 13 */
"DNSv6 redirect: %d\n" /* 14 */
"Allow missing SNI: %d\n" /* 15 */
"Fake requests, TTL: %s (fixed: %hu, auto: %hu-%hu-%hu, min distance: %hu)\n" /* 16 */
"Fake requests, wrong checksum: %d\n" /* 17 */
"Fake requests, wrong SEQ/ACK: %d\n" /* 18 */
"Max payload size: %hu\n", /* 19 */
do_passivedpi, /* 1 */
(do_fragment_http ? http_fragment_size : 0), /* 2 */
(do_fragment_http_persistent ? http_fragment_size : 0),/* 3 */
(do_fragment_https ? https_fragment_size : 0), /* 4 */
do_fragment_by_sni, /* 5 */
do_native_frag, /* 6 */
do_reverse_frag, /* 7 */
do_host, /* 8 */
do_host_removespace, /* 9 */
do_additional_space, /* 10 */
do_host_mixedcase, /* 11 */
do_http_allports, /* 12 */
do_fragment_http_persistent_nowait, /* 13 */
do_dnsv4_redirect, /* 14 */
do_dnsv6_redirect, /* 15 */
do_allow_no_sni, /* 16 */
do_auto_ttl ? "auto" : (do_fake_packet ? "fixed" : "disabled"), /* 17 */
ttl_of_fake_packet, do_auto_ttl ? auto_ttl_1 : 0, do_auto_ttl ? auto_ttl_2 : 0,
do_auto_ttl ? auto_ttl_max : 0, ttl_min_nhops,
do_wrong_chksum, /* 18 */
do_wrong_seq, /* 19 */
max_payload_size /* 20 */
printf("Block passive: %d\nFragment HTTP: %d\nFragment persistent HTTP: %d\n"
"Fragment HTTPS: %d\nNative fragmentation (splitting): %d\n"
"Fragments sending in reverse: %d\n"
"hoSt: %d\nHost no space: %d\nAdditional space: %d\n"
"Mix Host: %d\nHTTP AllPorts: %d\nHTTP Persistent Nowait: %d\n"
"DNS redirect: %d\nDNSv6 redirect: %d\n"
"Fake requests, TTL: %hu (auto: %hu)\nFake requests, wrong checksum: %d\n"
"Fake requests, wrong SEQ/ACK: %d\n",
do_passivedpi, (do_fragment_http ? http_fragment_size : 0),
(do_fragment_http_persistent ? http_fragment_size : 0),
(do_fragment_https ? https_fragment_size : 0),
do_native_frag, do_reverse_frag,
do_host, do_host_removespace, do_additional_space, do_host_mixedcase,
do_http_allports, do_fragment_http_persistent_nowait, do_dnsv4_redirect,
do_dnsv6_redirect, ttl_of_fake_packet, do_auto_ttl,
do_wrong_chksum, do_wrong_seq
);
if (do_fragment_http && http_fragment_size > 2 && !do_native_frag) {
puts("\nWARNING: HTTP fragmentation values > 2 are not fully compatible "
"with other options. Please use values <= 2 or disable HTTP fragmentation "
"completely.");
printf("WARNING: HTTP fragmentation values > 2 are not fully compatible "
"with other options. Please use values <= 2 or disable HTTP fragmentation "
"completely.\n");
}
if (do_native_frag && !(do_fragment_http || do_fragment_https)) {
puts("\nERROR: Native fragmentation is enabled but fragment sizes are not set.\n"
"Fragmentation has no effect.");
die();
}
if (max_payload_size)
add_maxpayloadsize_str(max_payload_size);
printf("\nOpening filter\n");
finalize_filter_strings();
puts("\nOpening filter");
filter_num = 0;
if (do_passivedpi) {
@ -1045,16 +885,15 @@ int main(int argc, char *argv[]) {
die();
}
printf("Filter activated, GoodbyeDPI is now running!\n");
printf("Filter activated!\n");
signal(SIGINT, sigint_handler);
while (1) {
if (WinDivertRecv(w_filter, packet, sizeof(packet), &packetLen, &addr)) {
debug("Got %s packet, len=%d!\n", addr.Outbound ? "outbound" : "inbound",
if (WinDivertRecv(w_filter, packet, sizeof(packet), &addr, &packetLen)) {
debug("Got %s packet, len=%d!\n", addr.Direction ? "inbound" : "outbound",
packetLen);
should_reinject = 1;
should_recalc_checksum = 0;
sni_ok = 0;
ppIpHdr = (PWINDIVERT_IPHDR)NULL;
ppIpV6Hdr = (PWINDIVERT_IPV6HDR)NULL;
@ -1064,35 +903,35 @@ int main(int argc, char *argv[]) {
packet_type = unknown;
// Parse network packet and set it's type
if (WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
&ppIpV6Hdr, NULL, NULL, NULL, &ppTcpHdr, &ppUdpHdr, &packet_data, &packet_dataLen,
NULL, NULL))
if ((packet_v4 = WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
NULL, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen)))
{
if (ppIpHdr) {
packet_v4 = 1;
if (ppTcpHdr) {
packet_type = ipv4_tcp;
if (packet_data) {
packet_type = ipv4_tcp_data;
}
}
else if (ppUdpHdr && packet_data) {
packet_type = ipv4_udp_data;
}
}
else if (ppIpV6Hdr) {
packet_v6 = 1;
if (ppTcpHdr) {
packet_type = ipv6_tcp;
if (packet_data) {
packet_type = ipv6_tcp_data;
}
}
else if (ppUdpHdr && packet_data) {
packet_type = ipv6_udp_data;
}
}
packet_type = ipv4_tcp_data;
}
else if ((packet_v6 = WinDivertHelperParsePacket(packet, packetLen, NULL,
&ppIpV6Hdr, NULL, NULL, &ppTcpHdr, NULL, &packet_data, &packet_dataLen)))
{
packet_type = ipv6_tcp_data;
}
else if ((packet_v4 = WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
NULL, NULL, NULL, &ppTcpHdr, NULL, NULL, NULL)))
{
packet_type = ipv4_tcp;
}
else if ((packet_v6 = WinDivertHelperParsePacket(packet, packetLen, NULL,
&ppIpV6Hdr, NULL, NULL, &ppTcpHdr, NULL, NULL, NULL)))
{
packet_type = ipv6_tcp;
}
else if ((packet_v4 = WinDivertHelperParsePacket(packet, packetLen, &ppIpHdr,
NULL, NULL, NULL, NULL, &ppUdpHdr, &packet_data, &packet_dataLen)))
{
packet_type = ipv4_udp_data;
}
else if ((packet_v6 = WinDivertHelperParsePacket(packet, packetLen, NULL,
&ppIpV6Hdr, NULL, NULL, NULL, &ppUdpHdr, &packet_data, &packet_dataLen)))
{
packet_type = ipv6_udp_data;
}
debug("packet_type: %d, packet_v4: %d, packet_v6: %d\n", packet_type, packet_v4, packet_v6);
@ -1102,7 +941,7 @@ int main(int argc, char *argv[]) {
/* Got a TCP packet WITH DATA */
/* Handle INBOUND packet with data and find HTTP REDIRECT in there */
if (!addr.Outbound && packet_dataLen > 16) {
if (addr.Direction == WINDIVERT_DIRECTION_INBOUND && packet_dataLen > 16) {
/* If INBOUND packet with DATA (tcp.Ack) */
/* Drop packets from filter with HTTP 30x Redirect */
@ -1126,41 +965,33 @@ int main(int argc, char *argv[]) {
/* Handle OUTBOUND packet on port 443, search for something that resembles
* TLS handshake, send fake request.
*/
else if (addr.Outbound &&
else if (addr.Direction == WINDIVERT_DIRECTION_OUTBOUND &&
((do_fragment_https ? packet_dataLen == https_fragment_size : 0) ||
packet_dataLen > 16) &&
ppTcpHdr->DstPort != htons(80) &&
(do_fake_packet || do_native_frag)
)
{
/**
* In case of Window Size fragmentation=2, we'll receive only 2 byte packet.
* But if the packet is more than 2 bytes, check ClientHello byte.
*/
if ((packet_dataLen == 2 && memcmp(packet_data, "\x16\x03", 2) == 0) ||
(packet_dataLen >= 3 && ( memcmp(packet_data, "\x16\x03\x01", 3) == 0 || memcmp(packet_data, "\x16\x03\x03", 3) == 0 )))
{
if (do_blacklist || do_fragment_by_sni) {
sni_ok = extract_sni(packet_data, packet_dataLen,
&host_addr, &host_len);
}
if (
(do_blacklist && sni_ok &&
blackwhitelist_check_hostname(host_addr, host_len)
) ||
(do_blacklist && !sni_ok && do_allow_no_sni) ||
(!do_blacklist)
)
if (packet_dataLen >=2 && memcmp(packet_data, "\x16\x03", 2) == 0) {
if (do_blacklist
? (extract_sni(packet_data, packet_dataLen,
&host_addr, &host_len) &&
blackwhitelist_check_hostname(host_addr, host_len))
: 1)
{
#ifdef DEBUG
char lsni[HOST_MAXLEN + 1] = {0};
unsigned char lsni[256] = {0};
extract_sni(packet_data, packet_dataLen,
&host_addr, &host_len);
memcpy(lsni, host_addr, host_len);
memcpy(&lsni, host_addr, host_len);
printf("Blocked HTTPS website SNI: %s\n", lsni);
#endif
if (do_fake_packet) {
TCP_HANDLE_OUTGOING_FAKE_PACKET(send_fake_https_request);
if (do_auto_ttl) {
TCP_HANDLE_OUTGOING_ADJUST_TTL();
}
send_fake_https_request(w_filter, &addr, packet, packetLen, packet_v6,
ttl_of_fake_packet, do_wrong_chksum, do_wrong_seq);
}
if (do_native_frag) {
// Signal for native fragmentation code handler
@ -1170,7 +1001,7 @@ int main(int argc, char *argv[]) {
}
}
/* Handle OUTBOUND packet on port 80, search for Host header */
else if (addr.Outbound &&
else if (addr.Direction == WINDIVERT_DIRECTION_OUTBOUND &&
packet_dataLen > 16 &&
(do_http_allports ? 1 : (ppTcpHdr->DstPort == htons(80))) &&
find_http_method_end(packet_data,
@ -1190,8 +1021,8 @@ int main(int argc, char *argv[]) {
host_addr = hdr_value_addr;
host_len = hdr_value_len;
#ifdef DEBUG
char lhost[HOST_MAXLEN + 1] = {0};
memcpy(lhost, host_addr, host_len);
unsigned char lhost[256] = {0};
memcpy(&lhost, host_addr, host_len);
printf("Blocked HTTP website Host: %s\n", lhost);
#endif
@ -1201,7 +1032,11 @@ int main(int argc, char *argv[]) {
}
if (do_fake_packet) {
TCP_HANDLE_OUTGOING_FAKE_PACKET(send_fake_http_request);
if (do_auto_ttl) {
TCP_HANDLE_OUTGOING_ADJUST_TTL();
}
send_fake_http_request(w_filter, &addr, packet, packetLen, packet_v6,
ttl_of_fake_packet, do_wrong_chksum, do_wrong_seq);
}
if (do_host_mixedcase) {
@ -1257,7 +1092,7 @@ int main(int argc, char *argv[]) {
(size_t)(useragent_addr + useragent_len - host_addr));
host_addr -= 1;
/* Put space in the end of User-Agent header */
*(char*)((unsigned char*)useragent_addr + useragent_len - 1) = ' ';
*(char*)((uint8_t*)useragent_addr + useragent_len - 1) = ' ';
should_recalc_checksum = 1;
//printf("Replaced Host header!\n");
}
@ -1271,7 +1106,7 @@ int main(int argc, char *argv[]) {
useragent_addr + useragent_len,
(size_t)(host_addr - 1 - (useragent_addr + useragent_len)));
/* Put space in the end of User-Agent header */
*(char*)((unsigned char*)useragent_addr + useragent_len) = ' ';
*(char*)((uint8_t*)useragent_addr + useragent_len) = ' ';
should_recalc_checksum = 1;
//printf("Replaced Host header!\n");
}
@ -1293,11 +1128,7 @@ int main(int argc, char *argv[]) {
current_fragment_size = http_fragment_size;
}
else if (do_fragment_https && ppTcpHdr->DstPort != htons(80)) {
if (do_fragment_by_sni && sni_ok) {
current_fragment_size = (void*)host_addr - packet_data;
} else {
current_fragment_size = https_fragment_size;
}
current_fragment_size = https_fragment_size;
}
if (current_fragment_size) {
@ -1318,7 +1149,7 @@ int main(int argc, char *argv[]) {
/* Else if we got TCP packet without data */
else if (packet_type == ipv4_tcp || packet_type == ipv6_tcp) {
/* If we got INBOUND SYN+ACK packet */
if (!addr.Outbound &&
if (addr.Direction == WINDIVERT_DIRECTION_INBOUND &&
ppTcpHdr->Syn == 1 && ppTcpHdr->Ack == 1) {
//printf("Changing Window Size!\n");
/*
@ -1326,7 +1157,7 @@ int main(int argc, char *argv[]) {
* is enabled as there could be non-HTTP data on port 80
*/
if (do_fake_packet && (do_auto_ttl || ttl_min_nhops)) {
if (do_fake_packet && do_auto_ttl) {
if (!((packet_v4 && tcp_handle_incoming(&ppIpHdr->SrcAddr, &ppIpHdr->DstAddr,
ppTcpHdr->SrcPort, ppTcpHdr->DstPort,
0, ppIpHdr->TTL))
@ -1358,7 +1189,7 @@ int main(int argc, char *argv[]) {
else if ((do_dnsv4_redirect && (packet_type == ipv4_udp_data)) ||
(do_dnsv6_redirect && (packet_type == ipv6_udp_data)))
{
if (!addr.Outbound) {
if (addr.Direction == WINDIVERT_DIRECTION_INBOUND) {
if ((packet_v4 && dns_handle_incoming(&ppIpHdr->DstAddr, ppUdpHdr->DstPort,
packet_data, packet_dataLen,
&dns_conn_info, 0))
@ -1388,7 +1219,7 @@ int main(int argc, char *argv[]) {
}
}
else if (addr.Outbound) {
else if (addr.Direction == WINDIVERT_DIRECTION_OUTBOUND) {
if ((packet_v4 && dns_handle_outgoing(&ppIpHdr->SrcAddr, ppUdpHdr->SrcPort,
&ppIpHdr->DstAddr, ppUdpHdr->DstPort,
packet_data, packet_dataLen, 0))
@ -1424,9 +1255,9 @@ int main(int argc, char *argv[]) {
if (should_reinject) {
//printf("Re-injecting!\n");
if (should_recalc_checksum) {
WinDivertHelperCalcChecksums(packet, packetLen, &addr, (UINT64)0LL);
WinDivertHelperCalcChecksums(packet, packetLen, &addr, (UINT64)NULL);
}
WinDivertSend(w_filter, packet, packetLen, NULL, &addr);
WinDivertSend(w_filter, packet, packetLen, &addr, NULL);
}
}
else {

2
src/service.c
View File

@ -30,7 +30,7 @@ int service_register(int argc, char *argv[])
*/
if (!service_argc && !service_argv) {
service_argc = argc;
service_argv = calloc((size_t)(argc + 1), sizeof(void*));
service_argv = malloc(sizeof(void*) * (size_t)argc);
for (i = 0; i < argc; i++) {
service_argv[i] = strdup(argv[i]);
}

31
src/ttltrack.c
View File

@ -8,7 +8,6 @@
#include <windows.h>
#include <time.h>
#include <stdio.h>
#include <math.h>
#include "goodbyedpi.h"
#include "ttltrack.h"
#include "utils/uthash.h"
@ -219,33 +218,23 @@ int tcp_handle_outgoing(uint32_t srcip[4], uint32_t dstip[4],
return FALSE;
}
int tcp_get_auto_ttl(const uint8_t ttl, const uint8_t autottl1,
const uint8_t autottl2, const uint8_t minhops,
const uint8_t maxttl) {
uint8_t nhops = 0;
int tcp_get_auto_ttl(const uint8_t ttl, const uint8_t decrease_for) {
uint8_t ttl_of_fake_packet = 0;
if (ttl > 98 && ttl < 128) {
nhops = 128 - ttl;
/* Safekeeping */
if (128 - ttl > decrease_for + 1) {
ttl_of_fake_packet = 128 - ttl - decrease_for;
}
}
else if (ttl > 34 && ttl < 64) {
nhops = 64 - ttl;
/* Safekeeping */
if (64 - ttl > decrease_for + 1) {
ttl_of_fake_packet = 64 - ttl - decrease_for;
}
}
else {
return 0;
}
if (nhops <= autottl1 || nhops < minhops) {
return 0;
}
ttl_of_fake_packet = nhops - autottl2;
if (ttl_of_fake_packet < autottl2 && nhops <= 9) {
ttl_of_fake_packet = nhops - autottl1 - trunc((autottl2 - autottl1) * ((float)nhops/10));
}
if (maxttl && ttl_of_fake_packet > maxttl) {
ttl_of_fake_packet = maxttl;
ttl_of_fake_packet = 0;
}
return ttl_of_fake_packet;

4
src/ttltrack.h
View File

@ -21,7 +21,5 @@ int tcp_handle_outgoing(uint32_t srcip[4], uint32_t dstip[4],
tcp_conntrack_info_t *conn_info,
uint8_t is_ipv6);
int tcp_get_auto_ttl(const uint8_t ttl, const uint8_t autottl1,
const uint8_t autottl2, const uint8_t minhops,
const uint8_t maxttl);
int tcp_get_auto_ttl(uint8_t ttl, uint8_t decrease_for);
#endif

182
src/utils/uthash.h
View File

@ -1,5 +1,5 @@
/*
Copyright (c) 2003-2021, Troy D. Hanson http://troydhanson.github.io/uthash/
Copyright (c) 2003-2017, Troy D. Hanson http://troydhanson.github.com/uthash/
All rights reserved.
Redistribution and use in source and binary forms, with or without
@ -24,22 +24,12 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#ifndef UTHASH_H
#define UTHASH_H
#define UTHASH_VERSION 2.3.0
#define UTHASH_VERSION 2.0.2
#include <string.h> /* memcmp, memset, strlen */
#include <stddef.h> /* ptrdiff_t */
#include <stdlib.h> /* exit */
#if defined(HASH_DEFINE_OWN_STDINT) && HASH_DEFINE_OWN_STDINT
/* This codepath is provided for backward compatibility, but I plan to remove it. */
#warning "HASH_DEFINE_OWN_STDINT is deprecated; please use HASH_NO_STDINT instead"
typedef unsigned int uint32_t;
typedef unsigned char uint8_t;
#elif defined(HASH_NO_STDINT) && HASH_NO_STDINT
#else
#include <stdint.h> /* uint8_t, uint32_t */
#endif
/* These macros use decltype or the earlier __typeof GNU extension.
As decltype is only available in newer compilers (VS2010 or gcc 4.3+
when compiling c++ source) this code uses whatever method is needed
@ -72,6 +62,23 @@ do {
} while (0)
#endif
/* a number of the hash function use uint32_t which isn't defined on Pre VS2010 */
#if defined(_WIN32)
#if defined(_MSC_VER) && _MSC_VER >= 1600
#include <stdint.h>
#elif defined(__WATCOMC__) || defined(__MINGW32__) || defined(__CYGWIN__)
#include <stdint.h>
#else
typedef unsigned int uint32_t;
typedef unsigned char uint8_t;
#endif
#elif defined(__GNUC__) && !defined(__VXWORKS__)
#include <stdint.h>
#else
typedef unsigned int uint32_t;
typedef unsigned char uint8_t;
#endif
#ifndef uthash_malloc
#define uthash_malloc(sz) malloc(sz) /* malloc fcn */
#endif
@ -81,18 +88,13 @@ do {
#ifndef uthash_bzero
#define uthash_bzero(a,n) memset(a,'\0',n)
#endif
#ifndef uthash_memcmp
#define uthash_memcmp(a,b,n) memcmp(a,b,n)
#endif
#ifndef uthash_strlen
#define uthash_strlen(s) strlen(s)
#endif
#ifndef HASH_FUNCTION
#define HASH_FUNCTION(keyptr,keylen,hashv) HASH_JEN(keyptr, keylen, hashv)
#endif
#ifndef HASH_KEYCMP
#define HASH_KEYCMP(a,b,n) memcmp(a,b,n)
#endif
#ifndef uthash_noexpand_fyi
#define uthash_noexpand_fyi(tbl) /* can be defined to log noexpand */
#endif
@ -134,7 +136,7 @@ do {
/* calculate the element whose hash handle address is hhp */
#define ELMT_FROM_HH(tbl,hhp) ((void*)(((char*)(hhp)) - ((tbl)->hho)))
/* calculate the hash handle from element address elp */
#define HH_FROM_ELMT(tbl,elp) ((UT_hash_handle*)(void*)(((char*)(elp)) + ((tbl)->hho)))
#define HH_FROM_ELMT(tbl,elp) ((UT_hash_handle *)(((char*)(elp)) + ((tbl)->hho)))
#define HASH_ROLLBACK_BKT(hh, head, itemptrhh) \
do { \
@ -148,7 +150,7 @@ do {
#define HASH_VALUE(keyptr,keylen,hashv) \
do { \
HASH_FUNCTION(keyptr, keylen, hashv); \
HASH_FCN(keyptr, keylen, hashv); \
} while (0)
#define HASH_FIND_BYHASHVALUE(hh,head,keyptr,keylen,hashval,out) \
@ -165,12 +167,9 @@ do {
#define HASH_FIND(hh,head,keyptr,keylen,out) \
do { \
(out) = NULL; \
if (head) { \
unsigned _hf_hashv; \
HASH_VALUE(keyptr, keylen, _hf_hashv); \
HASH_FIND_BYHASHVALUE(hh, head, keyptr, keylen, _hf_hashv, out); \
} \
unsigned _hf_hashv; \
HASH_VALUE(keyptr, keylen, _hf_hashv); \
HASH_FIND_BYHASHVALUE(hh, head, keyptr, keylen, _hf_hashv, out); \
} while (0)
#ifdef HASH_BLOOM
@ -398,7 +397,7 @@ do {
do { \
IF_HASH_NONFATAL_OOM( int _ha_oomed = 0; ) \
(add)->hh.hashv = (hashval); \
(add)->hh.key = (const void*) (keyptr); \
(add)->hh.key = (char*) (keyptr); \
(add)->hh.keylen = (unsigned) (keylen_in); \
if (!(head)) { \
(add)->hh.next = NULL; \
@ -479,20 +478,11 @@ do {
/* convenience forms of HASH_FIND/HASH_ADD/HASH_DEL */
#define HASH_FIND_STR(head,findstr,out) \
do { \
unsigned _uthash_hfstr_keylen = (unsigned)uthash_strlen(findstr); \
HASH_FIND(hh, head, findstr, _uthash_hfstr_keylen, out); \
} while (0)
HASH_FIND(hh,head,findstr,(unsigned)uthash_strlen(findstr),out)
#define HASH_ADD_STR(head,strfield,add) \
do { \
unsigned _uthash_hastr_keylen = (unsigned)uthash_strlen((add)->strfield); \
HASH_ADD(hh, head, strfield[0], _uthash_hastr_keylen, add); \
} while (0)
HASH_ADD(hh,head,strfield[0],(unsigned)uthash_strlen(add->strfield),add)
#define HASH_REPLACE_STR(head,strfield,add,replaced) \
do { \
unsigned _uthash_hrstr_keylen = (unsigned)uthash_strlen((add)->strfield); \
HASH_REPLACE(hh, head, strfield[0], _uthash_hrstr_keylen, add, replaced); \
} while (0)
HASH_REPLACE(hh,head,strfield[0],(unsigned)uthash_strlen(add->strfield),add,replaced)
#define HASH_FIND_INT(head,findint,out) \
HASH_FIND(hh,head,findint,sizeof(int),out)
#define HASH_ADD_INT(head,intfield,add) \
@ -512,8 +502,7 @@ do {
* This is for uthash developer only; it compiles away if HASH_DEBUG isn't defined.
*/
#ifdef HASH_DEBUG
#include <stdio.h> /* fprintf, stderr */
#define HASH_OOPS(...) do { fprintf(stderr, __VA_ARGS__); exit(-1); } while (0)
#define HASH_OOPS(...) do { fprintf(stderr,__VA_ARGS__); exit(-1); } while (0)
#define HASH_FSCK(hh,head,where) \
do { \
struct UT_hash_handle *_thh; \
@ -580,6 +569,13 @@ do {
#define HASH_EMIT_KEY(hh,head,keyptr,fieldlen)
#endif
/* default to Jenkin's hash unless overridden e.g. DHASH_FUNCTION=HASH_SAX */
#ifdef HASH_FUNCTION
#define HASH_FCN HASH_FUNCTION
#else
#define HASH_FCN HASH_JEN
#endif
/* The Bernstein hash function, used in Perl prior to v5.6. Note (x<<5+x)=x*33. */
#define HASH_BER(key,keylen,hashv) \
do { \
@ -678,8 +674,7 @@ do {
case 4: _hj_i += ( (unsigned)_hj_key[3] << 24 ); /* FALLTHROUGH */ \
case 3: _hj_i += ( (unsigned)_hj_key[2] << 16 ); /* FALLTHROUGH */ \
case 2: _hj_i += ( (unsigned)_hj_key[1] << 8 ); /* FALLTHROUGH */ \
case 1: _hj_i += _hj_key[0]; /* FALLTHROUGH */ \
default: ; \
case 1: _hj_i += _hj_key[0]; \
} \
HASH_JEN_MIX(_hj_i, _hj_j, hashv); \
} while (0)
@ -727,8 +722,6 @@ do {
case 1: hashv += *_sfh_key; \
hashv ^= hashv << 10; \
hashv += hashv >> 1; \
break; \
default: ; \
} \
\
/* Force "avalanching" of final 127 bits */ \
@ -740,6 +733,87 @@ do {
hashv += hashv >> 6; \
} while (0)
#ifdef HASH_USING_NO_STRICT_ALIASING
/* The MurmurHash exploits some CPU's (x86,x86_64) tolerance for unaligned reads.
* For other types of CPU's (e.g. Sparc) an unaligned read causes a bus error.
* MurmurHash uses the faster approach only on CPU's where we know it's safe.
*
* Note the preprocessor built-in defines can be emitted using:
*
* gcc -m64 -dM -E - < /dev/null (on gcc)
* cc -## a.c (where a.c is a simple test file) (Sun Studio)
*/
#if (defined(__i386__) || defined(__x86_64__) || defined(_M_IX86))
#define MUR_GETBLOCK(p,i) p[i]
#else /* non intel */
#define MUR_PLUS0_ALIGNED(p) (((unsigned long)p & 3UL) == 0UL)
#define MUR_PLUS1_ALIGNED(p) (((unsigned long)p & 3UL) == 1UL)
#define MUR_PLUS2_ALIGNED(p) (((unsigned long)p & 3UL) == 2UL)
#define MUR_PLUS3_ALIGNED(p) (((unsigned long)p & 3UL) == 3UL)
#define WP(p) ((uint32_t*)((unsigned long)(p) & ~3UL))
#if (defined(__BIG_ENDIAN__) || defined(SPARC) || defined(__ppc__) || defined(__ppc64__))
#define MUR_THREE_ONE(p) ((((*WP(p))&0x00ffffff) << 8) | (((*(WP(p)+1))&0xff000000) >> 24))
#define MUR_TWO_TWO(p) ((((*WP(p))&0x0000ffff) <<16) | (((*(WP(p)+1))&0xffff0000) >> 16))
#define MUR_ONE_THREE(p) ((((*WP(p))&0x000000ff) <<24) | (((*(WP(p)+1))&0xffffff00) >> 8))
#else /* assume little endian non-intel */
#define MUR_THREE_ONE(p) ((((*WP(p))&0xffffff00) >> 8) | (((*(WP(p)+1))&0x000000ff) << 24))
#define MUR_TWO_TWO(p) ((((*WP(p))&0xffff0000) >>16) | (((*(WP(p)+1))&0x0000ffff) << 16))
#define MUR_ONE_THREE(p) ((((*WP(p))&0xff000000) >>24) | (((*(WP(p)+1))&0x00ffffff) << 8))
#endif
#define MUR_GETBLOCK(p,i) (MUR_PLUS0_ALIGNED(p) ? ((p)[i]) : \
(MUR_PLUS1_ALIGNED(p) ? MUR_THREE_ONE(p) : \
(MUR_PLUS2_ALIGNED(p) ? MUR_TWO_TWO(p) : \
MUR_ONE_THREE(p))))
#endif
#define MUR_ROTL32(x,r) (((x) << (r)) | ((x) >> (32 - (r))))
#define MUR_FMIX(_h) \
do { \
_h ^= _h >> 16; \
_h *= 0x85ebca6bu; \
_h ^= _h >> 13; \
_h *= 0xc2b2ae35u; \
_h ^= _h >> 16; \
} while (0)
#define HASH_MUR(key,keylen,hashv) \
do { \
const uint8_t *_mur_data = (const uint8_t*)(key); \
const int _mur_nblocks = (int)(keylen) / 4; \
uint32_t _mur_h1 = 0xf88D5353u; \
uint32_t _mur_c1 = 0xcc9e2d51u; \
uint32_t _mur_c2 = 0x1b873593u; \
uint32_t _mur_k1 = 0; \
const uint8_t *_mur_tail; \
const uint32_t *_mur_blocks = (const uint32_t*)(_mur_data+(_mur_nblocks*4)); \
int _mur_i; \
for (_mur_i = -_mur_nblocks; _mur_i != 0; _mur_i++) { \
_mur_k1 = MUR_GETBLOCK(_mur_blocks,_mur_i); \
_mur_k1 *= _mur_c1; \
_mur_k1 = MUR_ROTL32(_mur_k1,15); \
_mur_k1 *= _mur_c2; \
\
_mur_h1 ^= _mur_k1; \
_mur_h1 = MUR_ROTL32(_mur_h1,13); \
_mur_h1 = (_mur_h1*5U) + 0xe6546b64u; \
} \
_mur_tail = (const uint8_t*)(_mur_data + (_mur_nblocks*4)); \
_mur_k1=0; \
switch ((keylen) & 3U) { \
case 0: break; \
case 3: _mur_k1 ^= (uint32_t)_mur_tail[2] << 16; /* FALLTHROUGH */ \
case 2: _mur_k1 ^= (uint32_t)_mur_tail[1] << 8; /* FALLTHROUGH */ \
case 1: _mur_k1 ^= (uint32_t)_mur_tail[0]; \
_mur_k1 *= _mur_c1; \
_mur_k1 = MUR_ROTL32(_mur_k1,15); \
_mur_k1 *= _mur_c2; \
_mur_h1 ^= _mur_k1; \
} \
_mur_h1 ^= (uint32_t)(keylen); \
MUR_FMIX(_mur_h1); \
hashv = _mur_h1; \
} while (0)
#endif /* HASH_USING_NO_STRICT_ALIASING */
/* iterate over items in a known bucket to find desired item */
#define HASH_FIND_IN_BKT(tbl,hh,head,keyptr,keylen_in,hashval,out) \
do { \
@ -750,7 +824,7 @@ do {
} \
while ((out) != NULL) { \
if ((out)->hh.hashv == (hashval) && (out)->hh.keylen == (keylen_in)) { \
if (HASH_KEYCMP((out)->hh.key, keyptr, keylen_in) == 0) { \
if (uthash_memcmp((out)->hh.key, keyptr, keylen_in) == 0) { \
break; \
} \
} \
@ -836,12 +910,12 @@ do {
struct UT_hash_handle *_he_thh, *_he_hh_nxt; \
UT_hash_bucket *_he_new_buckets, *_he_newbkt; \
_he_new_buckets = (UT_hash_bucket*)uthash_malloc( \
sizeof(struct UT_hash_bucket) * (tbl)->num_buckets * 2U); \
2UL * (tbl)->num_buckets * sizeof(struct UT_hash_bucket)); \
if (!_he_new_buckets) { \
HASH_RECORD_OOM(oomed); \
} else { \
uthash_bzero(_he_new_buckets, \
sizeof(struct UT_hash_bucket) * (tbl)->num_buckets * 2U); \
2UL * (tbl)->num_buckets * sizeof(struct UT_hash_bucket)); \
(tbl)->ideal_chain_maxlen = \
((tbl)->num_items >> ((tbl)->log2_num_buckets+1U)) + \
((((tbl)->num_items & (((tbl)->num_buckets*2U)-1U)) != 0U) ? 1U : 0U); \
@ -854,9 +928,7 @@ do {
_he_newbkt = &(_he_new_buckets[_he_bkt]); \
if (++(_he_newbkt->count) > (tbl)->ideal_chain_maxlen) { \
(tbl)->nonideal_items++; \
if (_he_newbkt->count > _he_newbkt->expand_mult * (tbl)->ideal_chain_maxlen) { \
_he_newbkt->expand_mult++; \
} \
_he_newbkt->expand_mult = _he_newbkt->count / (tbl)->ideal_chain_maxlen; \
} \
_he_thh->hh_prev = NULL; \
_he_thh->hh_next = _he_newbkt->hh_head; \
@ -989,7 +1061,7 @@ do {
_elt = ELMT_FROM_HH((src)->hh_src.tbl, _src_hh); \
if (cond(_elt)) { \
IF_HASH_NONFATAL_OOM( int _hs_oomed = 0; ) \
_dst_hh = (UT_hash_handle*)(void*)(((char*)_elt) + _dst_hho); \
_dst_hh = (UT_hash_handle*)(((char*)_elt) + _dst_hho); \
_dst_hh->key = _src_hh->key; \
_dst_hh->keylen = _src_hh->keylen; \
_dst_hh->hashv = _src_hh->hashv; \
@ -1128,7 +1200,7 @@ typedef struct UT_hash_handle {
void *next; /* next element in app order */
struct UT_hash_handle *hh_prev; /* previous hh in bucket order */
struct UT_hash_handle *hh_next; /* next hh in bucket order */
const void *key; /* ptr to enclosing struct's key */
void *key; /* ptr to enclosing struct's key */
unsigned keylen; /* enclosing struct's key len */
unsigned hashv; /* result of hash-fcn(key) */
} UT_hash_handle;