add temp code

7 files changed, 348 insertions, 0 deletions

diff --git a/CMakeLists.txt b/CMakeLists.txt
new file mode 100644
index 0000000..bd8f526
--- /dev/null
+++ b/CMakeLists.txt
@@ -0,0 +1,74 @@
+cmake_minimum_required (VERSION 3.10)
+
+set(lib_name pkt_seq_matcher)
+set(plugin_name pkt_seq_matcher)
+
+project (${plugin_name})
+
+#set(CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/cmake)
+#include(Version)
+
+set(CMAKE_MACOSX_RPATH 0)
+set(CMAKE_CXX_STANDARD 11)
+set(CMAKE_C_STANDARD 11)
+
+find_program(CMAKE_CXX_CPPCHECK NAMES cppcheck)
+if (CMAKE_CXX_CPPCHECK)
+    list(
+        APPEND CMAKE_CXX_CPPCHECK 
+            "--enable=all"
+            "--error-exitcode=1"
+            "--suppress=unusedFunction"
+            # "--suppress=unusedValue"
+            "--suppress=missingInclude"
+            "--suppress=uselessAssignmentPtrArg"
+            "--suppress=unmatchedSuppression"
+            # "--suppress=memsetClassFloat"
+    )
+    set(CMAKE_C_CPPCHECK ${CMAKE_CXX_CPPCHECK})
+else()
+  message(FATAL_ERROR "Could not find the program cppcheck.")
+endif()
+
+
+#for ASAN
+set(ASAN_OPTION "OFF" CACHE STRING " set asan type chosen by the user, using OFF as default")
+set_property(CACHE ASAN_OPTION  PROPERTY STRINGS OFF ADDRESS THREAD)
+message(STATUS "ASAN_OPTION='${ASAN_OPTION}'")
+
+if(ASAN_OPTION MATCHES "ADDRESS")
+    set(CMAKE_C_FLAGS "${CMAKADDRESS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=address -fno-omit-frame-pointer")
+	set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=address -fno-omit-frame-pointer")
+	set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
+	set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
+elseif(ASAN_OPTION MATCHES "THREAD")
+	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=thread -fno-omit-frame-pointer")
+	set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=thread -fno-omit-frame-pointer")
+	set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
+	set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
+endif()
+# end of for ASAN
+
+include_directories(${PROJECT_SOURCE_DIR}/src/)
+include_directories(${PROJECT_SOURCE_DIR}/deps/)
+include_directories(/opt/tsg/framework/include/)
+include_directories(/opt/MESA/include/)
+include_directories(/opt/MESA/include/MESA)
+include_directories(/opt/MESA/include/tsg)
+link_directories(/opt/MESA/lib)
+
+file(GLOB SRC
+    "src/pkt_seq_matcher_plugin.cpp"
+)
+
+
+# Shared Library Output
+add_library(${plugin_name} SHARED ${SRC})
+target_link_libraries(${plugin_name} MESA_prof_load MESA_handle_logger hyperscan_static hyperscan_runtime_static)
+set_target_properties(${plugin_name}  PROPERTIES PREFIX "")
+
+set(CMAKE_INSTALL_PREFIX /opt/tsg/sapp)
+
+install(TARGETS ${plugin_name} LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/stellar_plugin/ COMPONENT LIBRARIES)
+
+add_subdirectory(vendor)
diff --git a/src/pkt_seq_matcher.h b/src/pkt_seq_matcher.h
new file mode 100644
index 0000000..f968e17
--- /dev/null
+++ b/src/pkt_seq_matcher.h
@@ -0,0 +1,15 @@
+#include <hs/hs.h>
+#include <hs/hs_runtime.h>
+
+struct pkt_seq_matcher_plugin_info{
+	int plugin_id;
+    int sess_ctx_exdata_idx;
+	struct stellar *st;
+	hs_database_t *hs_database;
+};
+
+struct pkt_seq_matcher_ctx
+{
+	int match_flag;
+	hs_stream_t	*hs_stream;
+};
\ No newline at end of file
diff --git a/src/pkt_seq_matcher_plugin.cpp b/src/pkt_seq_matcher_plugin.cpp
new file mode 100644
index 0000000..637a5d9
--- /dev/null
+++ b/src/pkt_seq_matcher_plugin.cpp
@@ -0,0 +1,214 @@
+#include <hs/hs_common.h>
+#include <hs/hs_runtime.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <MESA/MESA_prof_load.h>
+#include <MESA/MESA_handle_logger.h>
+#include <MESA/cJSON.h>
+extern "C" {
+#include <stellar/stellar.h>
+#include <stellar/session.h>
+#include <stellar/session_mq.h>
+#include <stellar/session_exdata.h>
+}
+#include "pkt_seq_matcher.h"
+
+#define UNUSED(x) (void)(x)
+
+const char *CFG_FILE_PATH="stellar_plugin/pkt_seq_matcher.conf";
+static int g_log_level=30;
+void * g_logger_handle = NULL;
+thread_local hs_scratch_t *hs_scratch = NULL;
+thread_local char unicode_charactor[5] = {0};
+
+// 函数用于将单个Unicode码点转换为UTF-8编码并存储到buffer中
+static void encode_utf8(int codepoint, char *buffer)
+{
+	int index = 0;
+
+    if (codepoint <= 0x7F) {
+        // 1字节UTF-8字符
+        buffer[(index)++] = codepoint;
+    } else if (codepoint <= 0x7FF) {
+        // 2字节UTF-8字符
+        buffer[(index)++] = 0xC0 | (codepoint >> 6);
+        buffer[(index)++] = 0x80 | (codepoint & 0x3F);
+    } else if (codepoint <= 0xFFFF) {
+        // 3字节UTF-8字符
+        buffer[(index)++] = 0xE0 | (codepoint >> 12);
+        buffer[(index)++] = 0x80 | ((codepoint >> 6) & 0x3F);
+        buffer[(index)++] = 0x80 | (codepoint & 0x3F);
+    } else if (codepoint <= 0x10FFFF) {
+        // 4字节UTF-8字符
+        buffer[(index)++] = 0xF0 | (codepoint >> 18);
+        buffer[(index)++] = 0x80 | ((codepoint >> 12) & 0x3F);
+        buffer[(index)++] = 0x80 | ((codepoint >> 6) & 0x3F);
+        buffer[(index)++] = 0x80 | (codepoint & 0x3F);
+    }
+}
+
+// 定义匹配事件的回调函数
+static int eventHandler(unsigned int id, unsigned long long from, unsigned long long to, unsigned int flags, void *context) {
+    struct pkt_seq_matcher_ctx *ctx = (struct pkt_seq_matcher_ctx *)context;
+	ctx->match_flag = 1;
+    return 0; // 继续搜索
+}
+
+static int pkt_seq_matcher_hyperscan_init(struct pkt_seq_matcher_plugin_info *psm_plugin_info)
+{
+	hs_error_t err;
+	hs_compile_error_t *compile_err;
+	const char *expression[6] = {"^[\u00C9-\u03E8][\u099C-\u0B68]{3}[\u0001-\u05B4]{0,3}[\u0001-\u0258][\u067D-\u080C][\u0001-\u05B4]$",
+								"^[\u00C9-\u03E8][\u099C-\u0B68]{3}[\u0001-\u05B4]{0,3}[\u0001-\u00C8][\u05B5-\u067C][\u0001-\u05B4]$",
+								"^[\u00C9-\u03E8][\u099C-\u0B68]{2}[\u067D-\u099C][\u0001-\u0258][\u067D-\u080C][\u0001-\u05B4]$",
+								"^[\u00C9-\u03E8][\u099C-\u0B68]{2}[\u067D-\u099C][\u0001-\u00C8][\u05B5-\u067C][\u0001-\u05B4]$",
+								"^[\u0259-\u03E8][\u05B5-\u067C][\u0001-\u05B4]$",
+								"^[\u0259-\u03E8][\u067D-\u080C][\u0001-\u05B4]$"};
+	unsigned int flags[6] = {HS_FLAG_DOTALL | HS_FLAG_UTF8, HS_FLAG_DOTALL | HS_FLAG_UTF8, HS_FLAG_DOTALL | HS_FLAG_UTF8, HS_FLAG_DOTALL | HS_FLAG_UTF8, HS_FLAG_DOTALL | HS_FLAG_UTF8, HS_FLAG_DOTALL | HS_FLAG_UTF8};
+	unsigned int ids[6] = {0, 1, 2, 3, 4, 5};
+	hs_database_t *db = NULL;
+
+	err = hs_compile_multi(expression, flags, ids, 6, HS_MODE_STREAM, NULL, &db, &compile_err);
+	if (err != HS_SUCCESS) {
+		printf("compile failed\n");
+		return -1;
+	}
+
+	psm_plugin_info->hs_database = db;
+
+	return 0;
+}
+
+static void pkt_seq_matcher_exdata_free_cb(struct session *sess, int idx, void *ex_ptr, void *arg)
+{
+	UNUSED(sess);
+	UNUSED(idx);
+	UNUSED(arg);
+
+	if (ex_ptr == NULL)
+	{
+		return;
+	}
+
+	struct pkt_seq_matcher_ctx *ctx = (struct pkt_seq_matcher_ctx *)ex_ptr;
+
+	hs_close_stream(ctx->hs_stream, hs_scratch, NULL, NULL);
+	free(ex_ptr);
+}
+
+int pkt_seq_matcher_entry(struct session *session, int events, const struct packet *pkt, void *cb_arg)
+{
+	if (pkt == NULL)
+	{
+		return 0;
+	}
+
+	struct pkt_seq_matcher_plugin_info *psm_plugin_info = (struct pkt_seq_matcher_plugin_info *)cb_arg;
+	struct pkt_seq_matcher_ctx *ctx = (struct pkt_seq_matcher_ctx *)session_get_ex_data(session, psm_plugin_info->sess_ctx_exdata_idx);
+	size_t pktlen = 0;
+	int pkt_direction;
+
+	if (ctx == NULL)
+	{
+		ctx = (struct pkt_seq_matcher_ctx *)calloc(1, sizeof(struct pkt_seq_matcher_ctx));
+		session_set_ex_data(session, psm_plugin_info->sess_ctx_exdata_idx, ctx);
+
+		if (hs_scratch == NULL)
+		{
+			hs_error_t err = hs_alloc_scratch(psm_plugin_info->hs_database, &hs_scratch);
+			if (err != HS_SUCCESS) {
+				MESA_handle_runtime_log(g_logger_handle, RLOG_LV_FATAL, "PKT_SEQ_MATCHER", "alloc for scratch failed");
+				goto ERROR;
+			}
+		}
+
+		hs_error_t err = hs_open_stream(psm_plugin_info->hs_database, 0, &ctx->hs_stream);
+		if (err != HS_SUCCESS) {
+			MESA_handle_runtime_log(g_logger_handle, RLOG_LV_FATAL, "PKT_SEQ_MATCHER", "%s: open stream failed", session_get0_readable_addr(session));
+			goto ERROR;
+		}
+	}
+
+	packet_get0_data(pkt, &pktlen);
+	if (pktlen == 0)
+	{
+		return 0;
+	}
+
+	pkt_direction = packet_get_direction(pkt);
+
+	if (pkt_direction == PACKET_DIRECTION_S2C)
+	{
+		pktlen += 1460;
+	}
+
+	memset(unicode_charactor, 0, sizeof(unicode_charactor));
+	encode_utf8(pktlen, unicode_charactor);
+	if (hs_scan_stream(ctx->hs_stream, (const char *)unicode_charactor, strlen(unicode_charactor), 0, hs_scratch, eventHandler, ctx) != HS_SUCCESS)
+	{
+		MESA_handle_runtime_log(g_logger_handle, RLOG_LV_FATAL, "PKT_SEQ_MATCHER", "%s: scan failed, pkt_len: %d", session_get0_readable_addr(session), pktlen);
+	}
+	if (ctx->match_flag == 1)
+	{
+		MESA_handle_runtime_log(g_logger_handle, RLOG_LV_DEBUG, "PKT_SEQ_MATCHER", "%s: match success", session_get0_readable_addr(session));
+	}
+
+	return 0;
+
+ERROR:
+	struct session_event *i_ev = session_get_intrinsic_event(session, psm_plugin_info->plugin_id);
+	session_event_assign(i_ev, psm_plugin_info->st, session, 0, pkt_seq_matcher_entry, psm_plugin_info);
+	return 0;
+}
+
+extern "C" void *pkt_seq_matcher_plugin_init(struct stellar *st)
+{
+	char log_path[128]={0};
+	struct pkt_seq_matcher_plugin_info *psm_plugin_info = (struct pkt_seq_matcher_plugin_info *)calloc(1, sizeof(struct pkt_seq_matcher_plugin_info));
+
+	psm_plugin_info->st = st;
+	psm_plugin_info->sess_ctx_exdata_idx = stellar_session_get_ex_new_index(st, "PKT_SEQ_matcher_SESS_CTX", pkt_seq_matcher_exdata_free_cb, NULL);
+	
+	MESA_load_profile_int_def(CFG_FILE_PATH, "PKT_SEQ_matcher","LOG_LEVEL", &g_log_level, 30);
+	MESA_load_profile_string_def(CFG_FILE_PATH, "PKT_SEQ_matcher","LOG_PATH", log_path, sizeof(log_path), "log/pkt_seq_matcher");
+
+	g_logger_handle = MESA_create_runtime_log_handle(log_path, g_log_level);
+	if(g_logger_handle == NULL)
+	{
+		printf("MESA_create_runtime_log object failed ...\n");
+		goto ERROR;
+	}
+
+
+	psm_plugin_info->plugin_id = stellar_plugin_register(st, (SESS_EV_TCP|SESS_EV_UDP|SESS_EV_OPENING|SESS_EV_PACKET|SESS_EV_CLOSING), pkt_seq_matcher_entry, psm_plugin_info);
+
+	return psm_plugin_info;
+
+ERROR:
+	if (psm_plugin_info != NULL)
+	{
+		free(psm_plugin_info);
+	}
+
+	perror("pkt_seq_matcher init failed");
+	exit(-1);
+}
+
+extern "C" void pkt_seq_matcher_plugin_exit(void *plugin_ctx)
+{
+	if (plugin_ctx == NULL)
+	{
+		return;
+	}
+
+	struct pkt_seq_matcher_plugin_info *psm_plugin_info = (struct pkt_seq_matcher_plugin_info *)plugin_ctx;
+	
+	MESA_destroy_runtime_log_handle(g_logger_handle);
+
+	hs_free_database(psm_plugin_info->hs_database);
+	free(plugin_ctx);
+
+	return;
+}
\ No newline at end of file
diff --git a/vendor/CMakeLists.txt b/vendor/CMakeLists.txt
new file mode 100644
index 0000000..a99aaed
--- /dev/null
+++ b/vendor/CMakeLists.txt
@@ -0,0 +1,45 @@
+# CMakeFiles for 3rd vendor library
+cmake_minimum_required(VERSION 3.5)
+include(ExternalProject)
+
+set(VENDOR_ROOT ${CMAKE_BINARY_DIR}/vendor)
+set(VENDOR_BUILD ${CMAKE_BINARY_DIR}/vendor/vbuild)
+
+set(CMAKE_C_FLAGS "-std=c99 -fPIC -Wall") 
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIC -Wall")
+
+# colm-0.13.0.5
+ExternalProject_Add(colm PREFIX colm 
+                    URL ${CMAKE_CURRENT_SOURCE_DIR}/colm-0.13.0.5.tar.gz
+	                CONFIGURE_COMMAND ./autogen.sh && ./configure --prefix=${VENDOR_BUILD}
+	                BUILD_COMMAND make	
+	                INSTALL_COMMAND make install
+	                BUILD_IN_SOURCE 1)
+                    
+# ragel-7.0.0.10
+ExternalProject_Add(ragel PREFIX ragel
+                    URL ${CMAKE_CURRENT_SOURCE_DIR}/ragel-7.0.0.10.tar.gz
+	                CONFIGURE_COMMAND ./autogen.sh && ./configure --prefix=${VENDOR_BUILD} --with-colm=${VENDOR_BUILD}
+	                DEPENDS colm
+	                BUILD_COMMAND make	
+	                INSTALL_COMMAND make install
+	                BUILD_IN_SOURCE 1)
+
+# HyperScan 5.4.2
+ExternalProject_Add(hyperscan PREFIX hyperscan
+                    URL ${CMAKE_CURRENT_SOURCE_DIR}/hyperscan-5.4.2.tar.gz
+	                DEPENDS ragel
+	                CMAKE_ARGS -DCMAKE_INSTALL_PREFIX=${VENDOR_BUILD} -DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} -DCMAKE_C_FLAGS="-fPIC" -DCMAKE_CXX_FLAGS="-fPIC")
+
+ExternalProject_Get_Property(hyperscan INSTALL_DIR)
+file(MAKE_DIRECTORY ${VENDOR_BUILD}/include)
+
+add_library(hyperscan_static STATIC IMPORTED GLOBAL)
+add_dependencies(hyperscan_static hyperscan)
+set_property(TARGET hyperscan_static PROPERTY IMPORTED_LOCATION ${VENDOR_BUILD}/lib64/libhs.a)
+set_property(TARGET hyperscan_static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${VENDOR_BUILD}/include)
+
+add_library(hyperscan_runtime_static STATIC IMPORTED GLOBAL)
+add_dependencies(hyperscan_runtime_static hyperscan)
+set_property(TARGET hyperscan_runtime_static PROPERTY IMPORTED_LOCATION ${VENDOR_BUILD}/lib64/libhs_runtime.a)
+set_property(TARGET hyperscan_runtime_static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${VENDOR_BUILD}/include)
diff --git a/vendor/colm-0.13.0.5.tar.gz b/vendor/colm-0.13.0.5.tar.gz
new file mode 100644
index 0000000..51f4f6d
--- /dev/null
+++ b/vendor/colm-0.13.0.5.tar.gz
diff --git a/vendor/hyperscan-5.4.2.tar.gz b/vendor/hyperscan-5.4.2.tar.gz
new file mode 100644
index 0000000..7237218
--- /dev/null
+++ b/vendor/hyperscan-5.4.2.tar.gz
diff --git a/vendor/ragel-7.0.0.10.tar.gz b/vendor/ragel-7.0.0.10.tar.gz
new file mode 100644
index 0000000..d35ea08
--- /dev/null
+++ b/vendor/ragel-7.0.0.10.tar.gz