diff options
| author | yangwei <[email protected]> | 2024-06-20 20:46:53 +0800 |
|---|---|---|
| committer | yangwei <[email protected]> | 2024-06-20 20:46:53 +0800 |
| commit | b79604e50bcd71c05c5151e1691001bbb2bd0f6c (patch) | |
| tree | 5c3581b92ff3a9676e9b037a6630ad475b9a8a0a /src | |
| parent | 123a903a45091a8bc8d6126b2c0b084d7e9a83ad (diff) | |
✨ feat(ssl_chello_finished): support get chello state by streamBackport-2.0-frag-chello
Diffstat (limited to 'src')
| -rw-r--r-- | src/SSL_Analyze.c | 11 | ||||
| -rw-r--r-- | src/SSL_Analyze.h | 2 | ||||
| -rw-r--r-- | src/SSL_Message.c | 37 | ||||
| -rw-r--r-- | src/ssl.h | 3 |
4 files changed, 53 insertions, 0 deletions
diff --git a/src/SSL_Analyze.c b/src/SSL_Analyze.c index 23060ad..df8465a 100644 --- a/src/SSL_Analyze.c +++ b/src/SSL_Analyze.c @@ -271,6 +271,14 @@ void ssl_frag_chello_free(struct streaminfo *a_tcp) return; } +static void ssl_easy_bridge_free(const struct streaminfo *stream, int bridge_id, void *data) +{ + if(data) + { + free(data); + data=NULL; + } +} extern "C" int SSL_DEFER_INIT(void){return 0;}; extern "C" void SSL_DEFER_DESTROY(void){}; @@ -295,6 +303,9 @@ int SSL_INIT(void) stream_bridge_register_data_free_cb(g_ssl_prog_para.frag_chello_exdata_idx, ssl_retain_packet_bridge_free); } + g_ssl_prog_para.chello_finish_exdata_idx=stream_bridge_build(SSL_CHELLO_FINISH_BRIDEGE_NAME, "w"); + stream_bridge_register_data_free_cb(g_ssl_prog_para.chello_finish_exdata_idx, ssl_easy_bridge_free); + if(g_ssl_prog_para.stat_cycle) { g_ssl_prog_para.stat_handler = FS_create_handle(); diff --git a/src/SSL_Analyze.h b/src/SSL_Analyze.h index 57c77c1..04ad4a3 100644 --- a/src/SSL_Analyze.h +++ b/src/SSL_Analyze.h @@ -86,6 +86,7 @@ typedef struct ssl_prog_runtime_parameter_t unsigned int detain_frag_chello_num; int frag_chello_exdata_idx; + int chello_finish_exdata_idx; }ssl_prog_runtime_parameter_t; @@ -95,6 +96,7 @@ struct ssl_proto_tag_t }; #define SSL_FRAG_CHELLO_BRIDEGE_NAME "SSL_FRAG_CHELLO_BRIDGE" +#define SSL_CHELLO_FINISH_BRIDEGE_NAME "SSL_CHELLO_FINISH_BRIDGE" struct frag_chello_internal { struct ssl_frag_chello frag_chello; diff --git a/src/SSL_Message.c b/src/SSL_Message.c index 34d3ef3..63e5c05 100644 --- a/src/SSL_Message.c +++ b/src/SSL_Message.c @@ -981,6 +981,28 @@ static void ssl_detain_chello_finish(const struct streaminfo *a_tcp) return; } +// < 0: not ssl, 0: not finished, 1: finished +int ssl_chello_finished(struct streaminfo *stream) +{ + int *chello_state = (int *)stream_bridge_async_data_get(stream, g_ssl_prog_para.chello_finish_exdata_idx); + if(chello_state) + { + return *chello_state; + } + return -1; +} + + +static void ssl_chello_finish_state_set(struct streaminfo *a_tcp, int state) +{ + int *chello_state = (int *)stream_bridge_async_data_get(a_tcp, g_ssl_prog_para.chello_finish_exdata_idx); + if(chello_state == NULL) + { + chello_state = (int *)calloc(sizeof(int), 1); + } + *chello_state=state; + stream_bridge_async_data_put(a_tcp, g_ssl_prog_para.chello_finish_exdata_idx, chello_state); +} UCHAR ssl_analyseStream(struct streaminfo *a_tcp, void **pme, int thread_seq, void *a_packet) { @@ -1032,7 +1054,10 @@ UCHAR ssl_analyseStream(struct streaminfo *a_tcp, void **pme, int thread_seq, vo iSslDateLen = a_ssl_stream->uiCurBuffLen; pcSslData = a_ssl_stream->pcSslBuffer; if(*(unsigned char *)(a_ssl_stream->pcSslBuffer)==CLIENT_HELLO) + { ssl_detain_frag_chello(a_tcp); + ssl_chello_finish_state_set(a_tcp, 0); + } } else { @@ -1050,7 +1075,16 @@ UCHAR ssl_analyseStream(struct streaminfo *a_tcp, void **pme, int thread_seq, vo if (iRet < 0 || iRet >= iSslDateLen) { if(a_ssl_stream->pcSslBuffer!=NULL && *(unsigned char *)(a_ssl_stream->pcSslBuffer)==CLIENT_HELLO) + { ssl_detain_chello_finish(a_tcp); + ssl_chello_finish_state_set(a_tcp, 1); + } + + if(pcSslData!=NULL && (*pcSslData==HANDSHAKE) && (*(pcSslData+sizeof(stSSLRecordHdr_t))==CLIENT_HELLO)) + { + ssl_chello_finish_state_set(a_tcp, 1); + } + a_ssl_stream->uiCurBuffLen = 0; } else @@ -1064,7 +1098,10 @@ UCHAR ssl_analyseStream(struct streaminfo *a_tcp, void **pme, int thread_seq, vo fn_vMemCpy(a_ssl_stream->pcSslBuffer, (int)a_ssl_stream->uiMaxBuffLen, pcSslData + iRet, (int)(iSslDateLen - iRet)); a_ssl_stream->uiCurBuffLen = iSslDateLen - iRet; if(*(unsigned char *)(a_ssl_stream->pcSslBuffer)==CLIENT_HELLO) + { ssl_detain_frag_chello(a_tcp); + ssl_chello_finish_state_set(a_tcp, 0); + } } return return_val; } @@ -343,6 +343,9 @@ struct ssl_frag_chello *ssl_frag_chello_get0(struct streaminfo *stream); void ssl_frag_chello_free(struct streaminfo *stream); +// < 0: not ssl, 0: not finished, 1: finished +int ssl_chello_finished(struct streaminfo *stream); + #ifdef __cplusplus } #endif |