smilestone322
smilestone322

庖丁解牛-----winpcap源码彻底解密(三)

庖丁解牛-----winpcap源码彻底解密(三)

  上一篇讲了怎么发送数据包,这次接着讲怎么接收数据包,数据包过滤后,就被复制到内核缓冲区(kernel buffer),接收数据包的方式有2种,使用回调函数接收数据包,比如pcap_looppcap_dispatch,二是非回调函数的方式来接收数据包,如pcap_ next, pcap_next_ex。这一篇讲讲怎么发送数据包。

(1)      pcap_loop函数调用read_op(p,cnt,callback,user)

int pcap_loop(pcap_t *p,int cnt, pcap_handler callback,u_char* user)调用read_op(p,cnt,callback,user),该函数是一个回调函数,在pcap_win32.c中有p->read_op=pcap_read_win32_npf

 

//pcap_loop,pcap_dispatch,pcap_next,pcap_next_ex中调用的函数

staticintpcap_read_win32_npf(pcap_t *p,intcnt,pcap_handlercallback,u_char *user)

{

    intcc;

    intn = 0;

    registeru_char *bp, *ep;

#ifdefHAVE_REMOTE

    staticintsamp_npkt;               // parameter needed for sampling, with '1 out of N' method has been requested

    staticstructtimevalsamp_time;// parameter needed for sampling, with '1 every N ms' method has been requested

#endif  /* HAVE_REMOTE */

    cc =p->cc;

    if (p->cc == 0) {

        /*

         * Has "pcap_breakloop()" been called?

         */

        if (p->break_loop) {

            /*

              * Yes - clear the flag that indicates that it

              * has, and return -2 to indicate that we were

              * told to break out of the loop.

              */

             p->break_loop = 0;

             return (-2);

        }

       /* capture the packets接收包*/

        if(PacketReceivePacket(p->adapter,p->Packet,TRUE)==FALSE){

             snprintf(p->errbuf,PCAP_ERRBUF_SIZE,"read error: PacketReceivePacket failed");

             return (-1);

        }

        cc =p->Packet->ulBytesReceived;

        bp =p->Packet->Buffer;

    }

    else

        bp =p->bp;

    /*

     * Loop through each packet.

     */

#definebhp ((struct bpf_hdr *)bp)

    ep =bp +cc;                   

    while (1) {

        registerintcaplen,hdrlen;

        /*

         * Has "pcap_breakloop()" been called?

         * If so, return immediately - if we haven't read any

         * packets, clear the flag and return -2 to indicate

         * that we were told to break out of the loop, otherwise

         * leave the flag set, so that the *next* call will break

         * out of the loop without having read any packets, and

         * return the number of packets we've processed so far.

         */

        if (p->break_loop) {

             if (n == 0) {

                  p->break_loop = 0;         

                  return (-2);

             }else {

                  p->bp =bp;

                  p->cc =ep - bp;                

                  return (n);           

             }

        }

        if (bp >=ep)                   

             break;

        caplen =bhp->bh_caplen;        

        hdrlen =bhp->bh_hdrlen;        

#ifdefHAVE_REMOTE

        if (p->rmt_samp.method ==PCAP_SAMP_1_EVERY_N)

        {

             samp_npkt= (samp_npkt + 1) %p->rmt_samp.value;

             // Discard all packets that are not '1 out of N'

             if (samp_npkt != 0)

             {

                  bp +=BPF_WORDALIGN(caplen +hdrlen);

                  continue;

             }

        }

 

        if (p->rmt_samp.method ==PCAP_SAMP_FIRST_AFTER_N_MS)

        {

        structpcap_pkthdr *pkt_header= (structpcap_pkthdr*)bp;

             // Check if the timestamp of the arrived packet is smaller than our target time

             if ( (pkt_header->ts.tv_sec <samp_time.tv_sec) ||

                      ( (pkt_header->ts.tv_sec ==samp_time.tv_sec) && (pkt_header->ts.tv_usec <samp_time.tv_usec) ) )

             {

                  bp +=BPF_WORDALIGN(caplen +hdrlen);

                  continue;

             }

             // The arrived packet is suitable for being sent to the remote host

             // So, let's update the target time

             samp_time.tv_usec=pkt_header->ts.tv_usec +p->rmt_samp.value * 1000;

             if (samp_time.tv_usec > 1000000)

             {

                  samp_time.tv_sec=pkt_header->ts.tv_sec +samp_time.tv_usec / 1000000;

                  samp_time.tv_usec=samp_time.tv_usec % 1000000;

             }

        }

#endif  /* HAVE_REMOTE */

        /*

         * XXX A bpf_hdr matches a pcap_pkthdr.

         */

        (*callback)(user, (structpcap_pkthdr*)bp,bp + hdrlen);    

        bp +=BPF_WORDALIGN(caplen +hdrlen);

        if (++n >=cnt && cnt > 0) {        

             p->bp =bp;

             p->cc =ep - bp;

             return (n);                              

        }

    }

#undefbhp

    p->cc = 0;

    return (n);

}

 

Pcap_loop函数和pcap_dispatch函数类似,都是调用pcap_read_win32_npf函数pcap_loop函数和pcap_dispatch函数的区别是,pcap_dispatch当超时时,函数就返回,pcap_loop函数只有读到cnt个数据包才返回。Pcap_next函数和pcap_next_ex函数都是调用pcap_read_win32_npf函数,pcap_next函数和pcap_next_ex函数的区别是pcap_next调用pcap_dispatch函数后才调用pcap_read_win32_npf函数,而pcap_next_ex直接调用pcap_read_win32_npf函数,增加了远程模式和读文件模式。pcap_read_win32_npf函数调用parketPacketRecivePacket函数。

BOOLEANPacketReceivePacket(LPADAPTERAdapterObject,LPPACKETlpPacket,BOOLEANSync) //Sync=TRUE

{

    BOOLEANres;

    UNUSED(Sync);

    TRACE_ENTER("PacketReceivePacket");

#ifdefHAVE_WANPACKET_API

    if (AdapterObject->Flags ==INFO_FLAG_NDISWAN_ADAPTER)

    {

        lpPacket->ulBytesReceived =WanPacketReceivePacket(AdapterObject->pWanAdapter,lpPacket->Buffer,lpPacket->Length);

        TRACE_EXIT("PacketReceivePacket");

        returnTRUE;

    }

#endif//HAVE_WANPACKET_API

#ifdefHAVE_AIRPCAP_API

    if(AdapterObject->Flags ==INFO_FLAG_AIRPCAP_CARD)

    {

        //

        // Wait for data, only if the user requested us to do that

        //

        if((int)AdapterObject->ReadTimeOut != -1)

        {

             WaitForSingleObject(AdapterObject->ReadEvent, (AdapterObject->ReadTimeOut==0)?INFINITE:AdapterObject->ReadTimeOut);

        }

        //

        // Read the data.

        // g_PAirpcapRead always returns immediately.

        //

        res = (BOOLEAN)g_PAirpcapRead(AdapterObject->AirpcapAd,

                  lpPacket->Buffer,

                  lpPacket->Length,

                  &lpPacket->ulBytesReceived);

        TRACE_EXIT("PacketReceivePacket");

        returnres;

    }

#endif// HAVE_AIRPCAP_API

#ifdefHAVE_NPFIM_API

    if(AdapterObject->Flags == INFO_FLAG_NPFIM_DEVICE)

    {

        //

        // Read the data.

        // NpfImReceivePacket performs its own wait internally.

        //

        res = (BOOLEAN)g_NpfImHandlers.NpfImReceivePackets(AdapterObject->NpfImHandle,

                  lpPacket->Buffer,

                  lpPacket->Length,

                  &lpPacket->ulBytesReceived);

        TRACE_EXIT("PacketReceivePacket");

        return res;

    }

#endif// HAVE_NPFIM_API

#ifdefHAVE_DAG_API

    if((AdapterObject->Flags & INFO_FLAG_DAG_CARD) || (AdapterObject->Flags & INFO_FLAG_DAG_FILE))

    {

        g_p_dagc_wait(AdapterObject->pDagCard, &AdapterObject->DagReadTimeout);

        res = (BOOLEAN)(g_p_dagc_receive(AdapterObject->pDagCard, (u_char**)&AdapterObject->DagBuffer, (u_int*)&lpPacket->ulBytesReceived) == 0);

        TRACE_EXIT("PacketReceivePacket");

        return res;

    }

#endif// HAVE_DAG_API

    if (AdapterObject->Flags ==INFO_FLAG_NDIS_ADAPTER)

    {

        if((int)AdapterObject->ReadTimeOut != -1)

             WaitForSingleObject(AdapterObject->ReadEvent, (AdapterObject->ReadTimeOut==0)?INFINITE:AdapterObject->ReadTimeOut);

        //从驱动中读取数据包

        res = (BOOLEAN)ReadFile(AdapterObject->hFile,lpPacket->Buffer,lpPacket->Length, &lpPacket->ulBytesReceived,NULL);

    }

    else

    {

        TRACE_PRINT1("Request to read on an unknown device type (%u)",AdapterObject->Flags);

        res =FALSE;

    }

    TRACE_EXIT("PacketReceivePacket");

    returnres;

}

 

PacketReceivePacket函数ReadFile从驱动中读取数据包,应用程序和驱动进行通信到最下一层都是通过DeviceIoControlReadFileWriteFile函数。这些函数在上面都已经介绍了。ReadFile对应驱动程序中

NTSTATUSNPF_Read(INPDEVICE_OBJECTDeviceObject,INPIRPIrp)

{

 POPEN_INSTANCE     Open;

 PIO_STACK_LOCATION IrpSp;

 PUCHAR              packp;

    ULONG                 Input_Buffer_Length;

    UINT              Thead;

    UINT              Ttail;

    UINT              TLastByte;

    PUCHAR                CurrBuff;

    LARGE_INTEGER     CapTime;

    LARGE_INTEGER     TimeFreq;

    structbpf_hdr        *header;

    KIRQL                 Irql;

    PUCHAR                UserPointer;

    ULONG                 bytecopy;

    UINT              SizeToCopy;

    UINT              PktLen;

    ULONG                 copied,count,current_cpu,av,plen,increment,ToCopy,available;

    CpuPrivateData        *LocalData;

    ULONG                 i;

    ULONG                 Occupation;

    IF_LOUD(DbgPrint("NPF: Read/n");)

    IrpSp =IoGetCurrentIrpStackLocation(Irp);        //获取Irp当前堆栈

   Open=IrpSp->FileObject->FsContext;                 //得到打开上下文

    if (NPF_StartUsingOpenInstance(Open) ==FALSE)

    {

        //

        // an IRP_MJ_CLEANUP was received, just fail the request

        //

        Irp->IoStatus.Information = 0;

        Irp->IoStatus.Status =STATUS_CANCELLED;

        IoCompleteRequest(Irp,IO_NO_INCREMENT);      //完成irp请求

        TRACE_EXIT();

        returnSTATUS_CANCELLED;

    }

    //

    // we need to test if the device is still bound(绑定) to the Network adapter,

    // so we perform a start/stop using binding.

    // This is not critical, since we just want to have a quick way to have the

    // dispatch read fail in case the adapter has been unbound

    if(NPF_StartUsingBinding(Open) ==FALSE)

    {

        NPF_StopUsingOpenInstance(Open);

        // The Network adapter has been removed or diasabled

        EXIT_FAILURE(0);

    }

    NPF_StopUsingBinding(Open);

    if (Open->Size == 0)  

    {

        NPF_StopUsingOpenInstance(Open);

        EXIT_FAILURE(0);

    }

    if(Open->mode &MODE_DUMP &&Open->DumpFileHandle ==NULL ){ 

        // this instance is in dump mode, but the dump file has still not been opened

        NPF_StopUsingOpenInstance(Open);

        EXIT_FAILURE(0);

    }

    Occupation=0;

    for(i=0;i<g_NCpu;i++)

        Occupation += (Open->Size -Open->CpuData[i].Free);  //计算出已经占用的内核缓冲区

    //See if the buffer is full enough to be copied判断缓冲区是否enough

    if(Occupation <=Open->MinToCopy*g_NCpu ||Open->mode &MODE_DUMP )

    {

        if (Open->ReadEvent !=NULL)

        {

             //wait until some packets arrive or the timeout expires     

             if(Open->TimeOut.QuadPart != (LONGLONG)IMMEDIATE)

                  KeWaitForSingleObject(Open->ReadEvent,

                      UserRequest,

                      KernelMode,

                      TRUE,

                      (Open->TimeOut.QuadPart == (LONGLONG)0)?NULL: &(Open->TimeOut));

             KeClearEvent(Open->ReadEvent);

        }       

        //统计模式

        if(Open->mode &MODE_STAT)

        {  //this capture instance is in statistics mode

#ifdefNDIS50

             CurrBuff=(PUCHAR)MmGetSystemAddressForMdlSafe(Irp->MdlAddress,NormalPagePriority);

#else

             CurrBuff=(PUCHAR)MmGetSystemAddressForMdl(Irp->MdlAddress);

#endif

             if (CurrBuff ==NULL)

             {

                  NPF_StopUsingOpenInstance(Open);

                  EXIT_FAILURE(0);

             }

             if (Open->mode &MODE_DUMP)

             {

                  if (IrpSp->Parameters.Read.Length <sizeof(struct bpf_hdr) + 24)

                  {

                      NPF_StopUsingOpenInstance(Open);

                      Irp->IoStatus.Status =STATUS_BUFFER_TOO_SMALL;

                      IoCompleteRequest(Irp,IO_NO_INCREMENT);

                      returnSTATUS_BUFFER_TOO_SMALL;

                  }

             }

             else

             {

                  if (IrpSp->Parameters.Read.Length <sizeof(struct bpf_hdr) + 16)

                  {

                      NPF_StopUsingOpenInstance(Open);

                      Irp->IoStatus.Status =STATUS_BUFFER_TOO_SMALL;

                      IoCompleteRequest(Irp,IO_NO_INCREMENT);

                      returnSTATUS_BUFFER_TOO_SMALL;

                  }

             }

             //fill the bpf header for this packet

             header=(structbpf_hdr*)CurrBuff;

             GET_TIME(&header->bh_tstamp,&G_Start_Time);

             if(Open->mode &MODE_DUMP){

                  *(LONGLONG*)(CurrBuff+sizeof(structbpf_hdr)+16)=Open->DumpOffset.QuadPart;

                  header->bh_caplen=24;

                  header->bh_datalen=24;

                  Irp->IoStatus.Information = 24 +sizeof(structbpf_hdr);

             }

             else{

                  header->bh_caplen=16;

                  header->bh_datalen=16;

                  header->bh_hdrlen=sizeof(structbpf_hdr);

                  Irp->IoStatus.Information = 16 +sizeof(structbpf_hdr);

             }

             *(LONGLONG*)(CurrBuff+sizeof(structbpf_hdr))=Open->Npackets.QuadPart;

             *(LONGLONG*)(CurrBuff+sizeof(structbpf_hdr)+8)=Open->Nbytes.QuadPart;

             //reset the countetrs

             NdisAcquireSpinLock( &Open->CountersLock );

             Open->Npackets.QuadPart=0;

             Open->Nbytes.QuadPart=0;

             NdisReleaseSpinLock( &Open->CountersLock );

             NPF_StopUsingOpenInstance(Open);

            Irp->IoStatus.Status =STATUS_SUCCESS;

             IoCompleteRequest(Irp,IO_NO_INCREMENT);

             returnSTATUS_SUCCESS;

        }

// 监控模式

// The MONITOR_MODE (aka TME extensions) is not supported on

// 64 bit architectures

//

#ifdefHAVE_BUGGY_TME_SUPPORT

        if(Open->mode==MODE_MON)  //this capture instance is in monitor mode

        {  

             PTME_DATAdata;

             ULONGcnt;

             ULONGblock_size;

             PUCHARtmp;

#ifdefNDIS50

             UserPointer=MmGetSystemAddressForMdlSafe(Irp->MdlAddress,NormalPagePriority);

#else

             UserPointer=MmGetSystemAddressForMdl(Irp->MdlAddress);

#endif

             if (UserPointer ==NULL)

             {

                  NPF_StopUsingOpenInstance(Open);

                 EXIT_FAILURE(0);

             }

             if ((!IS_VALIDATED(Open->tme.validated_blocks,Open->tme.active_read))||(IrpSp->Parameters.Read.Length<sizeof(structbpf_hdr)))

             {   

                  NPF_StopUsingOpenInstance(Open);

                  EXIT_FAILURE(0);

             }

             header=(structbpf_hdr*)UserPointer;

             GET_TIME(&header->bh_tstamp,&G_Start_Time);

             header->bh_hdrlen=sizeof(structbpf_hdr);

             //moves user memory pointer

             UserPointer+=sizeof(structbpf_hdr);

             //calculus of data to be copied

             //if the user buffer is smaller than data to be copied,

             //only some data will be copied

             data=&Open->tme.block_data[Open->tme.active_read];

             if (data->last_read.tv_sec!=0)

                  data->last_read=header->bh_tstamp;

             bytecopy=data->block_size*data->filled_blocks;

             if ((IrpSp->Parameters.Read.Length-sizeof(structbpf_hdr))<bytecopy)

                  bytecopy=(IrpSp->Parameters.Read.Length-sizeof(structbpf_hdr))/data->block_size;

             else

                  bytecopy=data->filled_blocks;

             tmp=data->shared_memory_base_address;

             block_size=data->block_size;

             for (cnt=0;cnt<bytecopy;cnt++)

             {

                  NdisAcquireSpinLock(&Open->MachineLock);

                  RtlCopyMemory(UserPointer,tmp,block_size);

                  NdisReleaseSpinLock(&Open->MachineLock);

                  tmp+=block_size;

                  UserPointer+=block_size;

             }       

             bytecopy*=block_size;

             header->bh_caplen=bytecopy;

             header->bh_datalen=header->bh_caplen;

             NPF_StopUsingOpenInstance(Open);

             EXIT_SUCCESS(bytecopy+sizeof(structbpf_hdr));

        }

//end of //this capture instance is in monitor mode

        Occupation=0;

        //重新计算内核缓冲区的占用;

        for(i=0;i<g_NCpu;i++)

             Occupation += (Open->Size -Open->CpuData[i].Free);

        if (Occupation == 0 ||Open->mode &MODE_DUMP)

             // The timeout has expired, but the buffer is still empty (or the packets must be written to file).

             // We must awake the application, returning an empty buffer.

        {

             NPF_StopUsingOpenInstance(Open);

             EXIT_SUCCESS(0);

        }   

#else// not HAVE_BUGGY_TME_SUPPORT

        if(Open->mode==MODE_MON)  //this capture instance is in monitor mode

        {  

             NPF_StopUsingOpenInstance(Open);

             EXIT_FAILURE(0);

        }

#endif// HAVE_BUGGY_TME_SUPPORT

    }

//------------------------------------------------------------------------------

    copied=0;

    count=0;

    current_cpu=0;

    available =IrpSp->Parameters.Read.Length;

#ifdefNDIS50

    packp=(PUCHAR)MmGetSystemAddressForMdlSafe(Irp->MdlAddress,NormalPagePriority);

#else

    packp=(PUCHAR)MmGetSystemAddressForMdl(Irp->MdlAddress);

#endif

    if (packp ==NULL)

    {

        NPF_StopUsingOpenInstance(Open);

        EXIT_FAILURE(0);

    }

    if (Open->ReadEvent !=NULL)

        KeClearEvent(Open->ReadEvent);

    while (count <g_NCpu)//round robin on the CPUs, if count = NCpu there are no packets left to be copied

    {

        if (available ==copied)

        {

             NPF_StopUsingOpenInstance(Open);

             EXIT_SUCCESS(copied);

        }

        LocalData = &Open->CpuData[current_cpu];

        if (LocalData->Free <Open->Size) 

        { //there are some packets in the selected (aka LocalData) buffer

             structPacketHeader *Header = (structPacketHeader*)(LocalData->Buffer +LocalData->C);

             if (Header->SN ==Open->ReaderSN)

             {  //check if it the next one to be copied

                  plen =Header->header.bh_caplen;

                  if (plen +sizeof (struct bpf_hdr) >available -copied) 

                  { //if the packet does not fit into the user buffer, we've ended copying packets 

                      //如果包没有拷贝到用户缓冲区,结束拷贝数据包

                      NPF_StopUsingOpenInstance(Open);

                      EXIT_SUCCESS(copied);

                  }

//                FIX_TIMESTAMPS(&Header->header.bh_tstamp);

                  *((structbpf_hdr*)(&packp[copied]))=Header->header;

                  copied +=sizeof(structbpf_hdr);

                  LocalData->C +=sizeof(structPacketHeader);

                  if (LocalData->C ==Open->Size)

                      LocalData->C = 0;

                  if (Open->Size -LocalData->C <plen)

                  {

                      //the packet is fragmented in the buffer (i.e. it skips the buffer boundary)

                      ToCopy =Open->Size -LocalData->C;

                      RtlCopyMemory(packp +copied,LocalData->Buffer +LocalData->C,ToCopy);

                      RtlCopyMemory(packp +copied + ToCopy,LocalData->Buffer,plen-ToCopy);

                      LocalData->C =plen-ToCopy;

                  }

                  else

                  {

                      //the packet is not fragmented

                      RtlCopyMemory(packp +copied ,LocalData->Buffer +LocalData->C ,plen);

                      LocalData->C +=plen;

             //      if (c==size) inutile, contemplato nell "header atomico"

             //           c=0;

                  }

                  Open->ReaderSN++;

                  copied+=Packet_WORDALIGN(plen);

                  increment =plen +sizeof(structPacketHeader);

                  if (Open->Size -LocalData->C <sizeof(structPacketHeader))

                  {  //the next packet would be saved at the end of the buffer, but the NewHeader struct would be fragmented

                      //so the producer (--> the consumer) skips to the beginning of the buffer

                      increment +=Open->Size-LocalData->C;

                      LocalData->C=0;

                  }

                  InterlockedExchangeAdd(&Open->CpuData[current_cpu].Free,increment);

                  count=0;

             }

             else

             {

                  current_cpu=(current_cpu+1)%g_NCpu;

                  count++;

             }

        

        }

        else

        {

             current_cpu=(current_cpu+1)%g_NCpu;

             count++;

        }

    }

    {

        NPF_StopUsingOpenInstance(Open);

        EXIT_SUCCESS(copied);

    }

}

讲到这里,大家都知道,应用程序怎么从驱动中读取数据了,但是数据怎么到达内核缓冲区呢,下面介绍一个回调函数,NPF_tap()

 

NDIS_STATUSNPF_tap (IN NDIS_HANDLEProtocolBindingContext,INNDIS_HANDLEMacReceiveContext,

                       INPVOIDHeaderBuffer,INUINTHeaderBufferSize,INPVOIDLookaheadBuffer,

                       INUINTLookaheadBufferSize,INUINTPacketSize)

{

   POPEN_INSTANCE     Open;

   PNDIS_PACKET       pPacket;

   ULONG              SizeToTransfer;

   NDIS_STATUS        Status;

   UINT               BytesTransfered;

   ULONG              BufferLength;

   PMDL               pMdl1,pMdl2;

    LARGE_INTEGER     CapTime;

    LARGE_INTEGER     TimeFreq;

    UINT              fres;

    USHORT                NPFHdrSize;

 

    CpuPrivateData        *LocalData;

    ULONG                 Cpu;

    structPacketHeader   *Header;

    ULONG                 ToCopy;

    ULONG                 increment;

    ULONG                 i;

    BOOLEAN               ShouldReleaseBufferLock;

 

   IF_VERY_LOUD(DbgPrint("NPF: tap/n");)

    IF_VERY_LOUD(DbgPrint("HeaderBufferSize=%u, LookAheadBuffer=%p, LookaheadBufferSize=%u, PacketSize=%u/n",

    HeaderBufferSize,

    LookaheadBuffer,

    LookaheadBufferSize,

    PacketSize);)

 

    Open= (POPEN_INSTANCE)ProtocolBindingContext;

    

   Cpu =KeGetCurrentProcessorNumber();

    LocalData = &Open->CpuData[Cpu];

 

    LocalData->Received++;

    IF_LOUD(DbgPrint("Received on CPU %d /t%d/n",Cpu,LocalData->Received);)

//  Open->Received++;     // Number of packets received by filter ++

 

 

    NdisAcquireSpinLock(&Open->MachineLock);

 

    //

    //Check if the lookahead buffer follows the mac header.

    //If the data follow the header (i.e. there is only a buffer) a normal bpf_filter() is

    //executed on the packet.

    //Otherwise if there are 2 separate buffers (this could be the case of LAN emulation or

    //things like this) bpf_filter_with_2_buffers() is executed.

    //

    if((UINT)((PUCHAR)LookaheadBuffer-(PUCHAR)HeaderBuffer) != HeaderBufferSize)

    {

#ifdef HAVE_BUGGY_TME_SUPPORT

        fres=bpf_filter_with_2_buffers((structbpf_insn*)(Open->bpfprogram),

                                           HeaderBuffer,

                                           LookaheadBuffer,

                                           HeaderBufferSize,

                                           PacketSize+HeaderBufferSize,

                                           LookaheadBufferSize+HeaderBufferSize,

                                           &Open->mem_ex,

                                           &Open->tme,

                                           &G_Start_Time);

#else// HAVE_BUGGY_TME_SUPPORT

        fres=bpf_filter_with_2_buffers((structbpf_insn*)(Open->bpfprogram),

                                           HeaderBuffer,

                                           LookaheadBuffer,

                                           HeaderBufferSize,

                                           PacketSize+HeaderBufferSize,

                                           LookaheadBufferSize+HeaderBufferSize);

#endif// HAVE_BUGGY_TME_SUPPORT

    }   

    else

//

// the jit filter is available on x86 (32 bit) only

//

#ifdef_X86_

 

        if(Open->Filter !=NULL)

        {

             if (Open->bpfprogram !=NULL)

             {

                  fres=Open->Filter->Function(HeaderBuffer,

                                         PacketSize+HeaderBufferSize,

                                        LookaheadBufferSize+HeaderBufferSize);

             }

             else

                  fres = -1;

        }

        else

#endif//_X86_

    

#ifdefHAVE_BUGGY_TME_SUPPORT

             fres=bpf_filter((structbpf_insn*)(Open->bpfprogram),

                       HeaderBuffer,

                           PacketSize+HeaderBufferSize,

                           LookaheadBufferSize+HeaderBufferSize,

                           &Open->mem_ex,

                           &Open->tme,

                           &G_Start_Time);

#else//HAVE_BUGGY_TME_SUPPORT

             fres=bpf_filter((structbpf_insn*)(Open->bpfprogram),

                       HeaderBuffer,

                           PacketSize+HeaderBufferSize,

                           LookaheadBufferSize+HeaderBufferSize);

#endif//HAVE_BUGGY_TME_SUPPORT

 

    NdisReleaseSpinLock(&Open->MachineLock);

 

//

// The MONITOR_MODE (aka TME extensions) is not supported on

// 64 bit architectures

//

#ifdefHAVE_BUGGY_TME_SUPPORT

    if(Open->mode==MODE_MON)

    // we are in monitor mode

    {

        if (fres==1)

        {

             if (Open->ReadEvent !=NULL)

             {

                  KeSetEvent(Open->ReadEvent,0,FALSE);

             }

        }

        returnNDIS_STATUS_NOT_ACCEPTED;

 

    }

#endif//HAVE_BUGGY_TME_SUPPORT

 

    if(fres==0)

    {

        // Packet not accepted by the filter, ignore it.

        returnNDIS_STATUS_NOT_ACCEPTED;

    }

 

    //if the filter returns -1 the whole packet must be accepted

    if(fres == -1 ||fres > PacketSize+HeaderBufferSize)

        fres =PacketSize+HeaderBufferSize;

 

    if(Open->mode &MODE_STAT)

    {

    // we are in statistics mode

        NdisAcquireSpinLock( &Open->CountersLock );

 

        Open->Npackets.QuadPart++;

        

        if(PacketSize+HeaderBufferSize<60)

             Open->Nbytes.QuadPart+=60;

        else

             Open->Nbytes.QuadPart+=PacketSize+HeaderBufferSize;

        // add preamble+SFD+FCS to the packet

        // these values must be considered because are not part of the packet received from NDIS

        Open->Nbytes.QuadPart+=12;

 

        NdisReleaseSpinLock( &Open->CountersLock );

        

        if(!(Open->mode &MODE_DUMP))

        {

             returnNDIS_STATUS_NOT_ACCEPTED;

        }

    }

    if(Open->Size == 0)

    {

        LocalData->Dropped++;

        returnNDIS_STATUS_NOT_ACCEPTED;

    }

 

    if(Open->mode &MODE_DUMP && Open->MaxDumpPacks)

    {

        ULONGAccepted=0;

        for(i=0;i<g_NCpu;i++)

             Accepted+=Open->CpuData[i].Accepted;

        if( Accepted >Open->MaxDumpPacks)

        {

             // Reached the max number of packets to save in the dump file. Discard the packet and stop the dump thread.

             Open->DumpLimitReached =TRUE;// This stops the thread

             // Awake the dump thread

             NdisSetEvent(&Open->DumpEvent);

             // Awake the application

             if (Open->ReadEvent !=NULL)

                  KeSetEvent(Open->ReadEvent,0,FALSE);

 

             returnNDIS_STATUS_NOT_ACCEPTED;

        }

    }

 

    //////////////////////////////COPIA.C//////////////////////////////////////////77

    ShouldReleaseBufferLock =TRUE;

    NdisDprAcquireSpinLock(&LocalData->BufferLock);

    do

    {

        if (fres +sizeof(structPacketHeader) > LocalData->Free)

        {

             LocalData->Dropped++;

             break;

        }

        if (LocalData->TransferMdl1 !=NULL)

        {

             //

             //if TransferMdl is not NULL, there is some TransferData pending (i.e. not having called TransferDataComplete, yet)

             //in order to avoid buffer corruption, we drop the packet

             //

             LocalData->Dropped++;

             break;

        }

        if (LookaheadBufferSize +HeaderBufferSize >= fres)

        {

             //

             // we do not need to call NdisTransferData, either because we need only the HeaderBuffer, or because the LookaheadBuffer

             // contains what we need

             //

             Header = (structPacketHeader*)(LocalData->Buffer +LocalData->P);

             LocalData->Accepted++;

             GET_TIME(&Header->header.bh_tstamp,&G_Start_Time);

             Header->SN =InterlockedIncrement(&Open->WriterSN) - 1;

             Header->header.bh_caplen =fres;

             Header->header.bh_datalen =PacketSize + HeaderBufferSize;

             Header->header.bh_hdrlen=sizeof(structbpf_hdr);

             LocalData->P +=sizeof(structPacketHeader);

             if (LocalData->P ==Open->Size)

                  LocalData->P = 0;

             if (fres <=HeaderBufferSize || (UINT)( (PUCHAR)LookaheadBuffer - (PUCHAR)HeaderBuffer ) ==HeaderBufferSize )

             {

                  //

                  //we can consider the buffer contiguous, either because we use only the data

                  //present in the HeaderBuffer, or because HeaderBuffer and LookaheadBuffer are contiguous

                  // ;-))))))

                  //

                  if (Open->Size -LocalData->P <fres)

                  {

                      //the packet will be fragmented in the buffer (aka, it will skip the buffer boundary)

                      //two copies!!

                      ToCopy =Open->Size -LocalData->P;

                      NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,HeaderBuffer,ToCopy);

                      NdisMoveMappedMemory(LocalData->Buffer + 0 , (PUCHAR)HeaderBuffer +ToCopy,fres -ToCopy);

                      LocalData->P =fres-ToCopy;

                  }

                  else

                  {

                      //the packet does not need to be fragmented in the buffer (aka, it doesn't skip the buffer boundary)

                      // ;-)))))) only ONE copy

                      NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,HeaderBuffer,fres);

                      LocalData->P +=fres;

                  }

             }

             else

             {

                  //HeaderBuffer and LookAhead buffer are NOT contiguous,

                  //AND, we need some bytes from the LookaheadBuffer, too

                  if (Open->Size -LocalData->P <fres)

                  {

                      //the packet will be fragmented in the buffer (aka, it will skip the buffer boundary)

                      if (Open->Size -LocalData->P >=HeaderBufferSize)

                      {

                           //HeaderBuffer is NOT fragmented

                           NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,HeaderBuffer,HeaderBufferSize);

                           LocalData->P +=HeaderBufferSize;

                           if (LocalData->P ==Open->Size)

                           {

                                //the fragmentation of the packet in the buffer is the same fragmentation

                                //in HeaderBuffer+LookaheadBuffer

                                LocalData->P=0;   

                                NdisMoveMappedMemory(LocalData->Buffer + 0,LookaheadBuffer, fres -HeaderBufferSize);

                                LocalData->P += (fres -HeaderBufferSize);

                           }

                           else

                           {

                                //LookAheadBuffer is fragmented, two copies

                                ToCopy =Open->Size -LocalData->P;

                                NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,LookaheadBuffer,ToCopy);

                                LocalData->P=0;

                                NdisMoveMappedMemory(LocalData->Buffer + 0, (PUCHAR)LookaheadBuffer+ToCopy,fres -HeaderBufferSize -ToCopy);

                                LocalData->P =fres - HeaderBufferSize -ToCopy;

                           }

                      }

                      else

                      {

                           //HeaderBuffer is fragmented in the buffer (aka, it will skip the buffer boundary)

                           //two copies to copy the HeaderBuffer

                           ToCopy =Open->Size -LocalData->P;

                           NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,HeaderBuffer,ToCopy);

                           LocalData->P = 0;

                           NdisMoveMappedMemory(LocalData->Buffer + 0, (PUCHAR)HeaderBuffer +ToCopy,HeaderBufferSize -ToCopy);

                           LocalData->P =HeaderBufferSize - ToCopy;

 

                           //only one copy to copy the LookaheadBuffer

                           NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,LookaheadBuffer,fres-HeaderBufferSize);

                           LocalData->P += (fres -HeaderBufferSize);

                      }

                  }

                  else

                  {   

                      //the packet won't be fragmented in the destination buffer (aka, it won't skip the buffer boundary)

                      //two copies, the former to copy the HeaderBuffer, the latter to copy the LookaheadBuffer

                      NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,HeaderBuffer,HeaderBufferSize);

                      LocalData->P +=HeaderBufferSize;

                      NdisMoveMappedMemory(LocalData->Buffer +LocalData->P,LookaheadBuffer,fres -HeaderBufferSize);

                      LocalData->P += (fres -HeaderBufferSize);

                  }       

             }       

             increment =fres +sizeof(structPacketHeader);

             if (Open->Size -LocalData->P <sizeof(structPacketHeader)) //we check that the available, AND contiguous, space in the buffer will fit

             {                                                                 //the NewHeader structure, at least, otherwise we skip the producer

                  increment +=Open->Size-LocalData->P;               //at the beginning of the buffer (p = 0), and decrement the free bytes appropriately

                  LocalData->P = 0;

             }

             InterlockedExchangeAdd(&LocalData->Free, (ULONG)(-(LONG)increment));

             if(Open->Size -LocalData->Free >=Open->MinToCopy)

             {

                  if(Open->mode &MODE_DUMP)

                      NdisSetEvent(&Open->DumpEvent);

                  else

                  {       

                      if (Open->ReadEvent !=NULL)

                      {

                           KeSetEvent(Open->ReadEvent,0,FALSE);

                      }

                  }

             }

             break;

        }

        else

        {

             IF_LOUD(DbgPrint("TransferData!!/n");)

                  //ndisTransferData required

                  LocalData->NewP =LocalData->P;

             LocalData->NewP +=sizeof(structPacketHeader);

             if (LocalData->NewP ==Open->Size)

                  LocalData->NewP = 0;

             //first of all, surely the header must be copied

             if (Open->Size-LocalData->NewP >=HeaderBufferSize)

             {

                  //1 copy!

                  NdisMoveMappedMemory(LocalData->Buffer +LocalData->NewP,HeaderBuffer,HeaderBufferSize);

                  LocalData->NewP +=HeaderBufferSize;

                  if (LocalData->NewP ==Open->Size)

                      LocalData->NewP = 0;

             }

             else

             {

                  ToCopy =Open->Size -LocalData->NewP;

                  NdisMoveMappedMemory(LocalData->Buffer +LocalData->NewP,HeaderBuffer,ToCopy);

                  NdisMoveMappedMemory(LocalData->Buffer + 0, (PUCHAR)HeaderBuffer +ToCopy,HeaderBufferSize -ToCopy);

                  LocalData->NewP =HeaderBufferSize - ToCopy;

             }

             //then we copy the Lookahead buffer

             if (Open->Size-LocalData->NewP >=LookaheadBufferSize)

             {

                  //1 copy!

                  NdisMoveMappedMemory(LocalData->Buffer +LocalData->NewP,LookaheadBuffer,LookaheadBufferSize);

                  LocalData->NewP +=LookaheadBufferSize;

                  if (LocalData->NewP ==Open->Size)

                      LocalData->NewP = 0;

             }

             else

             {

                  ToCopy =Open->Size -LocalData->NewP;

                  NdisMoveMappedMemory(LocalData->Buffer +LocalData->NewP,LookaheadBuffer,ToCopy);

                  NdisMoveMappedMemory(LocalData->Buffer + 0, (PUCHAR)LookaheadBuffer +ToCopy,LookaheadBufferSize -ToCopy);

                  LocalData->NewP =LookaheadBufferSize - ToCopy;

             }

 

             //Now we must prepare the buffer(s) for the NdisTransferData

             if ((Open->Size -LocalData->NewP) >= (fres -HeaderBufferSize -LookaheadBufferSize))

             {

                  //only 1 buffer

                  pMdl1 =IoAllocateMdl(

                      LocalData->Buffer +LocalData->NewP,

                      fres -HeaderBufferSize -LookaheadBufferSize,

                      FALSE,

                      FALSE,

                      NULL);

                  if (pMdl1 ==NULL)

                  {

                      IF_LOUD(DbgPrint("Error allocating Mdl1/n");)

                           LocalData->Dropped++;

                      break;

                  }

                  MmBuildMdlForNonPagedPool(pMdl1);

                  pMdl2=NULL;

                  LocalData->NewP +=fres - HeaderBufferSize -LookaheadBufferSize;

             }

             else

             {

                  //2 buffers

                  pMdl1 =IoAllocateMdl(

                      LocalData->Buffer +LocalData->NewP,

                      Open->Size -LocalData->NewP,

                      FALSE,

                      FALSE,

                      NULL);

                  if (pMdl1 ==NULL)

                  {

                      IF_LOUD(DbgPrint("Error allocating Mdl1/n");)

                           LocalData->Dropped++;

                      break;

                  }

                  pMdl2 =IoAllocateMdl(

                      LocalData->Buffer + 0,

                      fres -HeaderBufferSize -LookaheadBufferSize - (Open->Size -LocalData->NewP),

                      FALSE,

                      FALSE,

                      NULL);

                  if (pMdl2 ==NULL)

                  {

                      IF_LOUD(DbgPrint("Error allocating Mdl2/n");)

                           IoFreeMdl(pMdl1);

                      LocalData->Dropped++;

                      break;

                  }

                  LocalData->NewP =fres - HeaderBufferSize -LookaheadBufferSize - (Open->Size -LocalData->NewP);

 

                  MmBuildMdlForNonPagedPool(pMdl1);

                  MmBuildMdlForNonPagedPool(pMdl2);

             }

             NdisAllocatePacket(&Status, &pPacket,Open->PacketPool);

             if (Status !=NDIS_STATUS_SUCCESS)

             {

                  IF_LOUD(DbgPrint("NPF: Tap - No free packets/n");)

                      IoFreeMdl(pMdl1);

                  if (pMdl2 !=NULL)

                      IoFreeMdl(pMdl2);

                  LocalData->Dropped++;

                  break;

             }

             if (pMdl2 !=NULL)

                  NdisChainBufferAtFront(pPacket,pMdl2);

             NdisChainBufferAtFront(pPacket,pMdl1);

             RESERVED(pPacket)->Cpu =Cpu;

             LocalData->TransferMdl1 =pMdl1;

             LocalData->TransferMdl2 =pMdl2;

             Header = (structPacketHeader*)(LocalData->Buffer +LocalData->P);

             Header->header.bh_caplen =fres;

             Header->header.bh_datalen =PacketSize + HeaderBufferSize;

             Header->header.bh_hdrlen=sizeof(structbpf_hdr);

    /*调用NdisTransferData重新获取剩余的所需数据包,从网卡的Nic memory copy to kernel buffer*/

             NdisTransferData(

                  &Status,

                  Open->AdapterHandle,

                  MacReceiveContext,

                  LookaheadBufferSize,

                  fres -HeaderBufferSize -LookaheadBufferSize,

                  pPacket,

                  &BytesTransfered);

             if (Status !=NDIS_STATUS_PENDING)

             {

                  IF_LOUD(DbgPrint("NdisTransferData, not pending!/n");) 

                      LocalData->TransferMdl1 =NULL;

                  LocalData->TransferMdl2 =NULL;

                  IoFreeMdl(pMdl1);

                  if (pMdl2 !=NULL )

                      IoFreeMdl(pMdl2);

                 NdisReinitializePacket(pPacket);

                  // Put the packet on the free queue

                  NdisFreePacket(pPacket);

                  LocalData->P =LocalData->NewP;

                  LocalData->Accepted++;

                  GET_TIME(&Header->header.bh_tstamp,&G_Start_Time);

                  Header->SN =InterlockedIncrement(&Open->WriterSN) - 1;

                  increment =fres +sizeof(structPacketHeader);

                  if (Open->Size -LocalData->P <sizeof(structPacketHeader))

                  {

                      increment +=Open->Size-LocalData->P;

                      LocalData->P = 0;

                  }

                  InterlockedExchangeAdd(&LocalData->Free, (ULONG)(-(LONG)increment));

                  if(Open->Size -LocalData->Free >=Open->MinToCopy)

                  {

                      if(Open->mode &MODE_DUMP)

                           NdisSetEvent(&Open->DumpEvent);

                      else

                      {

                           if (Open->ReadEvent !=NULL)

                           {

                                KeSetEvent(Open->ReadEvent,0,FALSE);

                           }

                      }

                  }

                  break;

             }

             else

             {

                  IF_LOUD(DbgPrint("NdisTransferData, pending!/n");)

                      ShouldReleaseBufferLock =FALSE;

             }

        }

    }

    while(FALSE);

    if (ShouldReleaseBufferLock)

    {

        NdisDprReleaseSpinLock(&LocalData->BufferLock);

    }

    returnNDIS_STATUS_NOT_ACCEPTED;

}

 

要理解这个函数涉及到Ndis驱动的内容,在这里就不详细讲解了,下一章讲解如何设置内核缓冲区,用户缓冲区等内容。

你可能感兴趣的:(struct,解密,header,null,buffer)

  • ArcGIS栅格计算器常见公式(赋值、0和空值的转换、补充栅格空值) 研学随笔 arcgis经验分享
    我们在使用ArcGIS时通常经常用到栅格计算器,今天主要给大家介绍我日常中经常用到的几个公式,供大家参考学习。将特定值(-9999)赋值为0,例如-9999.Con("raster"==-9999,0,"raster")2.给空值赋予特定的值(如0)Con(IsNull("raster"),0,"raster")3.将特定的栅格值(如1)赋值为空值,其他保留原值SetNull("raster"==
  • 每日一题——第八十四题 互联网打工人no1 C语言程序设计每日一练c语言
    题目:编写函数1、输入10个职工的姓名和职工号2、按照职工由大到小顺序排列,姓名顺序也随之调整3、要求输入一个职工号,用折半查找法找出该职工的姓名#define_CRT_SECURE_NO_WARNINGS#include#include#defineMAX_EMPLOYEES10typedefstruct{intid;charname[50];}Empolyee;voidinputEmploye
  • 使用LLaVa和Ollama实现多模态RAG示例 llzwxh888 python人工智能开发语言
    本文将详细介绍如何使用LLaVa和Ollama实现多模态RAG(检索增强生成),通过提取图像中的结构化数据、生成图像字幕等功能来展示这一技术的强大之处。安装环境首先,您需要安装以下依赖包:!pipinstallllama-index-multi-modal-llms-ollama!pipinstallllama-index-readers-file!pipinstallunstructured!p
  • ARM驱动学习之4小结 JT灬新一 嵌入式C++arm开发学习linux
    ARM驱动学习之4小结#include#include#include#include#include#defineDEVICE_NAME"hello_ctl123"MODULE_LICENSE("DualBSD/GPL");MODULE_AUTHOR("TOPEET");staticlonghello_ioctl(structfile*file,unsignedintcmd,unsignedlo
  • ArrayList 源码解析 程序猿进阶 Java基础ArrayListListjava面试性能优化架构设计idea
    ArrayList是Java集合框架中的一个动态数组实现,提供了可变大小的数组功能。它继承自AbstractList并实现了List接口,是顺序容器,即元素存放的数据与放进去的顺序相同,允许放入null元素,底层通过数组实现。除该类未实现同步外,其余跟Vector大致相同。每个ArrayList都有一个容量capacity,表示底层数组的实际大小,容器内存储元素的个数不能多于当前容量。当向容器中添
  • ARM V8 base instruction -- Debug instructions xiaozhiwise Assemblyarm
    /**Debuginstructions*/BRK#imm16进入monitormodedebug,那里有on-chipdebugmonitorcodeHLT#imm16进入haltmodedebug,连接有外部调试硬件
  • python怎么将png转为tif_png转tif weixin_39977276
    发国外的文章要求图片是tif,cmyk色彩空间的。大小尺寸还有要求。比如网上大神多,找到了一段代码,感谢!https://www.jianshu.com/p/ec2af4311f56https://github.com/KevinZc007/image2Tifimportjava.awt.image.BufferedImage;importjava.io.File;importjava.io.Fi
  • 【2022 CCF 非专业级别软件能力认证第一轮(CSP-J1)入门级 C++语言试题及解析】 汉子萌萌哒 CCFnoi算法数据结构c++
    一、单项选择题(共15题,每题2分,共计30分;每题有且仅有一个正确选项)1.以下哪种功能没有涉及C++语言的面向对象特性支持:()。A.C++中调用printf函数B.C++中调用用户定义的类成员函数C.C++中构造一个class或structD.C++中构造来源于同一基类的多个派生类题目解析【解析】正确答案:AC++基础知识,面向对象和类有关,类又涉及父类、子类、继承、派生等关系,printf
  • 非对称加密算法原理与应用2——RSA私钥加密文件 私语茶馆 云部署与开发架构及产品灵感记录RSA2048私钥加密
    作者:私语茶馆1.相关章节(1)非对称加密算法原理与应用1——秘钥的生成-CSDN博客第一章节讲述的是创建秘钥对,并将公钥和私钥导出为文件格式存储。本章节继续讲如何利用私钥加密内容,包括从密钥库或文件中读取私钥,并用RSA算法加密文件和String。2.私钥加密的概述本文主要基于第一章节的RSA2048bit的非对称加密算法讲述如何利用私钥加密文件。这种加密后的文件,只能由该私钥对应的公钥来解密。
  • leetcode-617. 合并二叉树 manba_ leetcodehot100leetcode算法
    题目描述给你两棵二叉树:root1和root2。想象一下,当你将其中一棵覆盖到另一棵之上时,两棵树上的一些节点将会重叠(而另一些不会)。你需要将这两棵树合并成一棵新二叉树。合并的规则是:如果两个节点重叠,那么将这两个节点的值相加作为合并后节点的新值;否则,不为null的节点将直接作为新二叉树的节点。返回合并后的二叉树。注意:合并过程必须从两个树的根节点开始。示例1:输入:root1=[1,3,2,
  • 非对称加密算法————RSA理论及详情 hu19930613
    转自:https://www.kancloud.cn/kancloud/rsa_algorithm/48484一、一点历史1976年以前,所有的加密方法都是同一种模式:(1)甲方选择某一种加密规则,对信息进行加密;(2)乙方使用同一种规则,对信息进行解密。由于加密和解密使用同样规则(简称"密钥"),这被称为"对称加密算法"(Symmetric-keyalgorithm)。这种加密模式有一个最大弱点
  • Linux CTF逆向入门 蚁景网络安全 linux运维CTF
    1.ELF格式我们先来看看ELF文件头,如果想详细了解,可以查看ELF的manpage文档。关于ELF更详细的说明:e_shoff:节头表的文件偏移量(字节)。如果文件没有节头表,则此成员值为零。sh_offset:表示了该section(节)离开文件头部位置的距离+-------------------+|ELFheader|---++--------->+-------------------
  • 【加密算法基础——对称加密和非对称加密】 XWWW668899 网络安全服务器笔记
    对称加密与非对称加密对称加密和非对称加密是两种基本的加密方法,各自有不同的特点和用途。以下是详细比较:1.对称加密特点密钥:使用相同的密钥进行加密和解密。发送方和接收方必须共享这个密钥。速度:通常速度较快,适合处理大量数据。实现:算法相对简单,计算效率高。常见算法AES(高级加密标准)DES(数据加密标准)3DES(三重数据加密标准)RC4(流密码)应用场景文件加密磁盘加密传输大量数据时的加密2.
  • 【加密算法基础——RSA 加密】 XWWW668899 网络服务器笔记python
    RSA加密RSA(Rivest-Shamir-Adleman)加密是非对称加密,一种广泛使用的公钥加密算法,主要用于安全数据传输。公钥用于加密,私钥用于解密。RSA加密算法的名称来源于其三位发明者的姓氏:R:RonRivestS:AdiShamirA:LeonardAdleman这三位计算机科学家在1977年共同提出了这一算法,并发表了相关论文。他们的工作为公钥加密的基础奠定了重要基础,使得安全通
  • Golang语言基础知识点总结 最帅猪猪侠 golang开发语言后端
    Golang语言基础知识点小总结1.go语言有两大类型:值类型:数值类型,bool,string,数组,struct结构体变量直接存储值,内存通常在栈中分配,修改值,不会对源对象产生影响引用类型:指针,slice切片,管道chan,map,interface变量存储的是一个地址,这个地址对应的空间才真正存储数据值,内存通常在堆上分配,当没有任何变量引用这个地址时,该地址对应的数据空间就成为一个垃圾
  • C++常见知识掌握 nfgo c++开发语言
    1.Linux软件开发、调试与维护内核与系统结构Linux内核是操作系统的核心,负责管理硬件资源,提供系统服务,它是系统软件与硬件之间的桥梁。主要组成部分包括:进程管理:内核通过调度器分配CPU时间给各个进程,实现进程的创建、调度、终止等操作。使用进程描述符(task_struct)来存储进程信息,包括状态(就绪、运行、阻塞等)、优先级、内存映射等。内存管理:包括物理内存和虚拟内存管理。通过页表映
  • golang获取用户输入的几种方式 余生逆风飞翔 golang开发语言后端
    一、定义结构体typeUserInfostruct{Namestring`json:"name"`Ageint`json:"age"`Addstring`json:"add"`}typeReturnDatastruct{Messagestring`json:"message"`Statusstring`json:"status"`DataUserInfo`json:"data"`}二、get请求的
  • ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your †徐先森® Oracle数据库Web相关错误集
    createtablestudents(idintunsignedprimarykeyauto_increment,namevarchar(50)notnull,ageintunsigned,highdecimal(3,2),genderenum('男','女','中性','保密','妖')default'保密',cls_idintunsigned);在对数据库插入如上带有中文带有默认值的字段的时
  • metaRTC5.0 API编程指南(一) metaRTC metaRTCc++c语言webrtc
    概述metaRTC5.0版本API进行了重构,本篇文章将介绍webrtc传输调用流程和例子。metaRTC5.0版本提供了C++和纯C两种接口。纯C接口YangPeerConnection头文件:include/yangrtc/YangPeerConnection.htypedefstruct{void*conn;YangAVInfo*avinfo;YangStreamConfigstreamco
  • 自定义分区 我的K8409 Hadoophdfshadoop大数据
    通过简单例子了解partition分区类的重写方法分区是在MR的过程中进行的,属于Shuffle阶段但是在Job端不要忘记进行调用:job.setPartitionerClass(xxx.class)按照年龄分区:classAgePartitionerextendsPartitioner{@OverridepublicintgetPartition(MyComparablekey,NullWrit
  • 坚持抄书打卡第七天,掌握新技能的一天 爱读书的无业游民
    我是爱读书的无业游民hjk,为什么是这个名字呢?因为我想做个无业游民,不上班还能够维持自己的生活开销!今天学会了如何解密pdf,对添加密码的pdf如何进行编辑操作,果然,遇到问题会激发自己学习的欲望,要不就一直没有学习的动力。抄书增长自己的学识,丰富自己的见闻,充实自己,让自己更优秀,同时善于分享,把一些我认为比较好的,有意义的语句分享给大家,如果帮到了大家,欢迎留言讨论!最近看得这本书是中村恒子
  • leetcode021-合并两个有序链表 陆阳226
    问题描述将两个升序链表合并为一个新的升序链表并返回。新链表是通过拼接给定的两个链表的所有节点组成的。示例:输入:1->2->4,1->3->4输出:1->1->2->3->4->4解答递归法:每一层减去一个较小的节点,直到某个链表为null递归结束。publicstaticListNodesolution(ListNodel1,ListNodel2){if(l1==null){returnl2;}
  • 接口测试如何设计测试用例 李蕴Ronnie
    接口测试用例设计方式针对每个必填参数,都设计一条参数为空的测试用例必填参数不存在传的参数值在数据库中不存在添加数据接口,传入已有的数据重复添加编辑数据接口,各个字段分别编辑,合并编辑参数数据类型限制,针对每个参数设计一条参数值类型不符合的逆向用例参数自身取值范围,针对所有参数,设计一条每个参数值在取值范围内最大值的正向测试用例是否满足前提条件(token、headers),几个前提条件几条用例针对
  • tcp线程进程多并发 @莫福瑞 算法
    tcp线程多并发#include#defineSERPORT8888#defineSERIP"192.168.0.118"#defineBACKLOG20typedefstruct{intnewfd;structsockaddr_incin;}BMH;void*fun1(void*sss){intnewfd=accept((BMH*)sss)->newfd;structsockaddr_incin
  • Ubuntu Juju 与 Ansible的区别 xidianjiapei001 #Kubernetesubuntuansiblelinux云原生Juju
    JujuandAnsiblearebothpowerfultoolsusedformanagingandorchestratingITinfrastructureandapplications,buttheyhavedifferentapproachesandusecases.Here’sabreakdownofthekeydifferencesbetweenthem:1.ConceptualFo
  • PCIe进阶之TL:Memory, I/O, and Configuration Request Rules & TPH Rules 芯芯之火,可以燎原 PCIe进阶PCIe进阶硬件工程信息与通信
    1Memory,I/O,andConfigurationRequestRules下述规则适用于Memory请求、IO请求和配置请求。除了公共的header字段外,所有Memory请求、IO请求和配置请求还包括以下字段:(1)RequesterID[15:0]和Tag[9:0],组成了TransactionID。(2)LastDWBE[3:0]和1stDWBE[3:0]字段。对于TH字段置1的Mem
  • 每日一题《leetcode--LCR 022.环形链表||》 Peace & Love487 题目分享leetcode链表算法笔记数据结构
    https://leetcode.cn/problems/c32eOV/我们使用两个指针,fast与slow。它们起始都位于链表的头部。随后slow指针每次向后移动一个位置,而fast指针向后移动两个位置。如果链表中存在环,则fast指针最终将再次与slow指针在环中相遇。structListNode*detectCycle(structListNode*head){structListNode*
  • 【中国国际航空-注册_登录安全分析报告】 风控牛 验证码接口安全评测系列安全行为验证极验网易易盾智能手机
    前言由于网站注册入口容易被黑客攻击,存在如下安全问题:1.暴力破解密码,造成用户信息泄露2.短信盗刷的安全问题,影响业务及导致用户投诉3.带来经济损失,尤其是后付费客户,风险巨大,造成亏损无底洞所以大部分网站及App都采取图形验证码或滑动验证码等交互解决方案,但在机器学习能力提高的当下,连百度这样的大厂都遭受攻击导致点名批评,图形验证及交互验证方式的安全性到底如何?请看具体分析一、中国国际航空PC
  • 华南农业大学C语言oj第八章 黑兔子撒 C语言C语言华南农业大学编程程序
    18058一年的第几天时间限制:1000MS内存限制:65535K提交次数:0通过次数:0题型:填空题语言:G++;GCC;VCDescription定义一个结构体类型表示日期类型(包括年、月、日)。程序中定义一个日期类型的变量,输入该日期的年、月、日,计算并输出该日期是一年的第几天。#include  struct DATE { _______________________ }; int da
  • Gobelieve 架构 weixin_34099526 数据库golangjson
    Gobelievegithub地址声明:转简书JackieF的文章,为了自己方便copy了一份,加一些自己的东西.链接:https://www.jianshu.com/p/8121d6e85282IMCore主要分三大块:im客户连接服务器(可分布式部署,暂无负载均衡模块)imr路由查询服务器(主要解决im分布式部署的问题)ims存储服务器(主从部署)基础模块1.数据包协议包:header(12)
  • knob UI插件使用 换个号韩国红果果 JavaScriptjsonpknob
    图形是用canvas绘制的 js代码 var paras = { max:800, min:100, skin:'tron',//button type thickness:.3,//button width width:'200',//define canvas width.,canvas height displayInput:'tr
  • Android+Jquery Mobile学习系列(5)-SQLite数据库 白糖_ JQuery Mobile
    目录导航   SQLite是轻量级的、嵌入式的、关系型数据库,目前已经在iPhone、Android等手机系统中使用,SQLite可移植性好,很容易使用,很小,高效而且可靠。   因为Android已经集成了SQLite,所以开发人员无需引入任何JAR包,而且Android也针对SQLite封装了专属的API,调用起来非常快捷方便。   我也是第一次接触S
  • impala-2.1.2-CDH5.3.2 dayutianfei impala
    最近在整理impala编译的东西,简单记录几个要点: 根据官网的信息(https://github.com/cloudera/Impala/wiki/How-to-build-Impala): 1. 首次编译impala,推荐使用命令: ${IMPALA_HOME}/buildall.sh -skiptests -build_shared_libs -format 2.仅编译BE ${I
  • 求二进制数中1的个数 周凡杨 java算法二进制
    解法一: 对于一个正整数如果是偶数,该数的二进制数的最后一位是 0 ,反之若是奇数,则该数的二进制数的最后一位是 1 。因此,可以考虑利用位移、判断奇偶来实现。   public int bitCount(int x){ int count = 0; while(x!=0){ if(x%2!=0){ /
  • spring中hibernate及事务配置 g21121 Hibernate
    hibernate的sessionFactory配置: <!-- hibernate sessionFactory配置 --> <bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean"> <
  • log4j.properties 使用 510888780 log4j
    log4j.properties 使用 一.参数意义说明 输出级别的种类 ERROR、WARN、INFO、DEBUG ERROR 为严重错误 主要是程序的错误 WARN 为一般警告,比如session丢失 INFO 为一般要显示的信息,比如登录登出 DEBUG 为程序的调试信息 配置日志信息输出目的地 log4j.appender.appenderName = fully.qua
  • Spring mvc-jfreeChart柱图(2) 布衣凌宇 jfreechart
    上一篇中生成的图是静态的,这篇将按条件进行搜索,并统计成图表,左面为统计图,右面显示搜索出的结果。 第一步:导包 第二步;配置web.xml(上一篇有代码) 建BarRenderer类用于柱子颜色 import java.awt.Color; import java.awt.Paint; import org.jfree.chart.renderer.category.BarR
  • 我的spring学习笔记14-容器扩展点之PropertyPlaceholderConfigurer aijuans Spring3
    PropertyPlaceholderConfigurer是个bean工厂后置处理器的实现,也就是BeanFactoryPostProcessor接口的一个实现。关于BeanFactoryPostProcessor和BeanPostProcessor类似。我会在其他地方介绍。 PropertyPlaceholderConfigurer可以将上下文(配置文件)中的属性值放在另一个单独的标准java
  • maven 之 cobertura 简单使用 antlove maventestunitcoberturareport
    1. 创建一个maven项目 2. 创建com.CoberturaStart.java package com; public class CoberturaStart { public void helloEveryone(){ System.out.println("=================================================
  • 程序的执行顺序 百合不是茶 JAVA执行顺序
          刚在看java核心技术时发现对java的执行顺序不是很明白了,百度一下也没有找到适合自己的资料,所以就简单的回顾一下吧   代码如下;     经典的程序执行面试题 //关于程序执行的顺序 //例如: //定义一个基类 public class A(){ public A(
  • 设置session失效的几种方法 bijian1013 web.xmlsession失效监听器
    在系统登录后,都会设置一个当前session失效的时间,以确保在用户长时间不与服务器交互,自动退出登录,销毁session。具体设置很简单,方法有三种:(1)在主页面或者公共页面中加入:session.setMaxInactiveInterval(900);参数900单位是秒,即在没有活动15分钟后,session将失效。这里要注意这个session设置的时间是根据服务器来计算的,而不是客户端。所
  • java jvm常用命令工具 bijian1013 javajvm
    一.概述         程序运行中经常会遇到各种问题,定位问题时通常需要综合各种信息,如系统日志、堆dump文件、线程dump文件、GC日志等。通过虚拟机监控和诊断工具可以帮忙我们快速获取、分析需要的数据,进而提高问题解决速度。 本文将介绍虚拟机常用监控和问题诊断命令工具的使用方法,主要包含以下工具:       &nbs
  • 【Spring框架一】Spring常用注解之Autowired和Resource注解 bit1129 Spring常用注解
    Spring自从2.0引入注解的方式取代XML配置的方式来做IOC之后,对Spring一些常用注解的含义行为一直处于比较模糊的状态,写几篇总结下Spring常用的注解。本篇包含的注解有如下几个: Autowired Resource Component Service Controller Transactional 根据它们的功能、目的,可以分为三组,Autow
  • mysql 操作遇到safe update mode问题 bitray update
        我并不知道出现这个问题的实际原理,只是通过其他朋友的博客,文章得知的一个解决方案,目前先记录一个解决方法,未来要是真了解以后,还会继续补全.     在mysql5中有一个safe update mode,这个模式让sql操作更加安全,据说要求有where条件,防止全表更新操作.如果必须要进行全表操作,我们可以执行 SET
  • nginx_perl试用 ronin47 nginx_perl试用
    因为空闲时间比较多,所以在CPAN上乱翻,看到了nginx_perl这个项目(原名Nginx::Engine),现在托管在github.com上。地址见:https://github.com/zzzcpan/nginx-perl 这个模块的目的,是在nginx内置官方perl模块的基础上,实现一系列异步非阻塞的api。用connector/writer/reader完成类似proxy的功能(这里
  • java-63-在字符串中删除特定的字符 bylijinnan java
    public class DeleteSpecificChars { /** * Q 63 在字符串中删除特定的字符 * 输入两个字符串,从第一字符串中删除第二个字符串中所有的字符。 * 例如,输入”They are students.”和”aeiou”,则删除之后的第一个字符串变成”Thy r stdnts.” */ public static voi
  • EffectiveJava--创建和销毁对象 ccii 创建和销毁对象
    本章内容: 1. 考虑用静态工厂方法代替构造器 2. 遇到多个构造器参数时要考虑用构建器(Builder模式) 3. 用私有构造器或者枚举类型强化Singleton属性 4. 通过私有构造器强化不可实例化的能力 5. 避免创建不必要的对象 6. 消除过期的对象引用 7. 避免使用终结方法 1. 考虑用静态工厂方法代替构造器     类可以通过
  • [宇宙时代]四边形理论与光速飞行 comsci
       从四边形理论来推论 为什么光子飞船必须获得星光信号才能够进行光速飞行?    一组星体组成星座  向空间辐射一组由复杂星光信号组成的辐射频带,按照四边形-频率假说  一组频率就代表一个时空的入口    那么这种由星光信号组成的辐射频带就代表由这些星体所控制的时空通道,该时空通道在三维空间的投影是一
  • ubuntu server下python脚本迁移数据 cywhoyi pythonKettlepymysqlcx_Oracleubuntu server
    因为是在Ubuntu下,所以安装python、pip、pymysql等都极其方便,sudo apt-get install pymysql, 但是在安装cx_Oracle(连接oracle的模块)出现许多问题,查阅相关资料,发现这边文章能够帮我解决,希望大家少走点弯路。http://www.tbdazhe.com/archives/602 1.安装python 2.安装pip、pymysql
  • Ajax正确但是请求不到值解决方案 dashuaifu Ajaxasync
    Ajax正确但是请求不到值解决方案   解决方案:1 .     async: false ,    2.     设置延时执行js里的ajax或者延时后台java方法!!!!!!!   例如:   $.ajax({     &
  • windows安装配置php+memcached dcj3sjt126com PHPInstallmemcache
    Windows下Memcached的安装配置方法 1、将第一个包解压放某个盘下面,比如在c:\memcached。 2、在终端(也即cmd命令界面)下输入 'c:\memcached\memcached.exe -d install' 安装。 3、再输入: 'c:\memcached\memcached.exe -d start' 启动。(需要注意的: 以后memcached将作为windo
  • iOS开发学习路径的一些建议 dcj3sjt126com ios
    iOS论坛里有朋友要求回答帖子,帖子的标题是: 想学IOS开发高阶一点的东西,从何开始,然后我吧啦吧啦回答写了很多。既然敲了那么多字,我就把我写的回复也贴到博客里来分享,希望能对大家有帮助。欢迎大家也到帖子里讨论和分享,地址:http://bbs.csdn.net/topics/390920759   下面是我回复的内容:   结合自己情况聊下iOS学习建议,
  • Javascript闭包概念 fanfanlovey JavaScript闭包
    1.参考资料 http://www.jb51.net/article/24101.htm http://blog.csdn.net/yn49782026/article/details/8549462 2.内容概述 要理解闭包,首先需要理解变量作用域问题 内部函数可以饮用外面全局变量 var n=999;   functio
  • yum安装mysql5.6 haisheng mysql
    1、安装http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm   2、yum install mysql   3、yum install mysql-server   4、vi /etc/my.cnf   添加character_set_server=utf8
  • po/bo/vo/dao/pojo的详介 IT_zhlp80 javaBOVODAOPOJOpo
        JAVA几种对象的解释 PO:persistant object持久对象,可以看成是与数据库中的表相映射的java对象。最简单的PO就是对应数据库中某个表中的一条记录,多个记录可以用PO的集合。PO中应该不包含任何对数据库的操作. VO:value object值对象。通常用于业务层之间的数据传递,和PO一样也是仅仅包含数据而已。但应是抽象出的业务对象,可
  • java设计模式 kerryg java设计模式
    设计模式的分类:    一、 设计模式总体分为三大类: 1、创建型模式(5种):工厂方法模式,抽象工厂模式,单例模式,建造者模式,原型模式。 2、结构型模式(7种):适配器模式,装饰器模式,代理模式,外观模式,桥接模式,组合模式,享元模式。 3、行为型模式(11种):策略模式,模版方法模式,观察者模式,迭代子模式,责任链模式,命令模式,备忘录模式,状态模式,访问者
  • [1]CXF3.1整合Spring开发webservice——helloworld篇 木头.java springwebserviceCXF
    Spring 版本3.2.10 CXF 版本3.1.1 项目采用MAVEN组织依赖jar 我这里是有parent的pom,为了简洁明了,我直接把所有的依赖都列一起了,所以都没version,反正上面已经写了版本 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="ht
  • Google 工程师亲授:菜鸟开发者一定要投资的十大目标 qindongliang1922 工作感悟人生
    身为软件开发者,有什么是一定得投资的? Google 软件工程师 Emanuel Saringan 整理了十项他认为必要的投资,第一项就是身体健康,英文与数学也都是必备能力吗?来看看他怎么说。(以下文字以作者第一人称撰写)) 你的健康 无疑地,软件开发者是世界上最久坐不动的职业之一。 每天连坐八到十六小时,休息时间只有一点点,绝对会让你的鲔鱼肚肆无忌惮的生长。肥胖容易扩大罹患其他疾病的风险,
  • linux打开最大文件数量1,048,576 tianzhihehe clinux
    File descriptors are represented by the C int type. Not using a special type is often  considered odd, but is, historically, the Unix way. Each Linux process has a maximum number of files th
  • java语言中PO、VO、DAO、BO、POJO几种对象的解释 衞酆夼 javaVOBOPOJOpo
    PO:persistant object持久对象 最形象的理解就是一个PO就是数据库中的一条记录。好处是可以把一条记录作为一个对象处理,可以方便的转为其它对象。可以看成是与数据库中的表相映射的java对象。最简单的PO就是对应数据库中某个表中的一条记录,多个记录可以用PO的集合。PO中应该不包含任何对数据库的操作。 BO:business object业务对象 封装业务逻辑的java对象
按字母分类: ABCDEFGHIJKLMNOPQRSTUVWXYZ其他