From ff22cbb45f2a7cb3db69269bf1102e32c8a8cbbf Mon Sep 17 00:00:00 2001 From: fengweihao Date: Wed, 6 Nov 2024 16:24:17 +0800 Subject: Fix libqmengine not installed causing CI build failure --- decoders/qdpi_detector/CMakeLists.txt | 6 +- decoders/qdpi_detector/qdpi_detector.cpp | 8 +- decoders/qdpi_detector/qdpi_detector.h | 12 +- decoders/qdpi_detector/qdpi_detector_module.c | 508 +++++++++++++++++++++ decoders/qdpi_detector/qdpi_detector_module.cpp | 508 --------------------- decoders/qdpi_detector/qdpi_detector_utils.c | 284 ++++++++++++ decoders/qdpi_detector/qdpi_detector_utils.cpp | 284 ------------ decoders/qdpi_detector/qdpi_detector_utils.h | 9 + test/decoders/qdpi_detector/CMakeLists.txt | 2 +- test/decoders/qdpi_detector/gtest_qdpi_detector.h | 10 +- .../qdpi_detector/gtest_qdpi_detector_main.cpp | 29 +- .../qdpi_detector/gtest_qdpi_detector_module.c | 317 +++++++++++++ .../qdpi_detector/gtest_qdpi_detector_module.cpp | 313 ------------- vendors/CMakeLists.txt | 36 +- vendors/libqmengine-5.7.0-43-LSB-SMP-NG.tar.gz | Bin 525014 -> 493978 bytes 15 files changed, 1159 insertions(+), 1167 deletions(-) create mode 100644 decoders/qdpi_detector/qdpi_detector_module.c delete mode 100644 decoders/qdpi_detector/qdpi_detector_module.cpp create mode 100644 decoders/qdpi_detector/qdpi_detector_utils.c delete mode 100644 decoders/qdpi_detector/qdpi_detector_utils.cpp create mode 100644 test/decoders/qdpi_detector/gtest_qdpi_detector_module.c delete mode 100644 test/decoders/qdpi_detector/gtest_qdpi_detector_module.cpp diff --git a/decoders/qdpi_detector/CMakeLists.txt b/decoders/qdpi_detector/CMakeLists.txt index fa16082..79d9e88 100644 --- a/decoders/qdpi_detector/CMakeLists.txt +++ b/decoders/qdpi_detector/CMakeLists.txt @@ -1,8 +1,8 @@ add_definitions(-fPIC) include_directories(${CMAKE_SOURCE_DIR}/deps/) -include_directories(${CMAKE_BINARY_DIR}/vendors/tsgengine/include/) +#include_directories(${CMAKE_BINARY_DIR}/vendors/tsgengine/include/) include_directories(${CMAKE_SOURCE_DIR}/decoders/) -add_library(qdpi_detector qdpi_detector.cpp qdpi_detector_module.cpp qdpi_detector_utils.cpp) -target_link_libraries(qdpi_detector appid maatframe qmengine cjson-static -Wl,--no-whole-archive openssl-crypto-static -Wl,--no-whole-archive openssl-ssl-static) +add_library(qdpi_detector qdpi_detector_module.c qdpi_detector.cpp qdpi_detector_utils.c) +target_link_libraries(qdpi_detector appid maatframe libqmengine-shared cjson-static -Wl,--no-whole-archive openssl-crypto-static -Wl,--no-whole-archive openssl-ssl-static) set_target_properties(qdpi_detector PROPERTIES LINK_FLAGS "-Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/version.map") diff --git a/decoders/qdpi_detector/qdpi_detector.cpp b/decoders/qdpi_detector/qdpi_detector.cpp index b63342c..98fe194 100644 --- a/decoders/qdpi_detector/qdpi_detector.cpp +++ b/decoders/qdpi_detector/qdpi_detector.cpp @@ -1,9 +1,3 @@ -/************************************************************************* - > File Name: qdpi_detector.cpp - > Author: - > Mail: - > Created Time: - ************************************************************************/ #include #include #include @@ -11,8 +5,8 @@ #include "stellar/utils.h" #include "stellar/session.h" -#include "appid/appid_internal.h" #include "stellar/log.h" +#include "appid/appid_internal.h" #include #include diff --git a/decoders/qdpi_detector/qdpi_detector.h b/decoders/qdpi_detector/qdpi_detector.h index 11d6b4a..9a51c1f 100644 --- a/decoders/qdpi_detector/qdpi_detector.h +++ b/decoders/qdpi_detector/qdpi_detector.h @@ -3,6 +3,11 @@ #include "stellar/log.h" #include +#ifdef __cplusplus +extern "C" +{ +#endif + #define APP_PATH_MAX 256 #define STRING_MAX 2048 #define MAX_WORKER 512 @@ -62,15 +67,16 @@ struct qdpi_detector_module_env struct qmdpi_worker *worker[MAX_WORKER]; }; -void qdpi_detector_destroy_engine(struct qdpi_detector_module_env *plugin_env); int qdpi_detector_create_engine(struct qdpi_detector_module_env *plugin_env, int num_workers); - int qdpi_detector_update_pb(struct qdpi_detector_module_env *plugin_env, struct qdpi_detector_bundle **old_bundle, const char *filename, struct qmdpi_bundle **qmdpi_bundle, int tid); int qdpi_detector_update_pdb(struct qdpi_detector_module_env *plugin_env, int tid, const char *path, char *uuid_string); - int qdpi_detector(struct session *sess, struct qdpi_detector_context *context, const char *payload, int payloadlen); +void qdpi_detector_destroy_engine(struct qdpi_detector_module_env *plugin_env); void qdpi_detector_context_free(struct qdpi_detector_context **context); void qdpi_detector_context_update(struct session *sess, struct qdpi_detector_context *context); struct qdpi_detector_context *qdpi_detector_context_new(struct qdpi_detector_config *lqd_config, struct qmdpi_worker *worker, int thread_id, int topic_id, struct module_manager *mod_mgr, struct logger *log_handle); +#ifdef __cplusplus +} +#endif \ No newline at end of file diff --git a/decoders/qdpi_detector/qdpi_detector_module.c b/decoders/qdpi_detector/qdpi_detector_module.c new file mode 100644 index 0000000..26d39eb --- /dev/null +++ b/decoders/qdpi_detector/qdpi_detector_module.c @@ -0,0 +1,508 @@ +/************************************************************************* + > File Name: qdpi_detector_plugin.cpp + > Author: + > Mail: + > Created Time: + ************************************************************************/ + +#include +#include +#include +#include +#include +//#include +#include +#include +#include +#include + +#include "stellar/utils.h" +#include "stellar/log.h" +#include "stellar/session.h" +#include "appid/appid_internal.h" + +#include "qdpi_detector.h" +#include "qdpi_detector_utils.h" + +#define MODULE_LQD_API "qdpi.plugin" +#define QDPI_DETECTOR_TOML_PATH "etc/qdpi/qdpi_detector.toml" +#define QMDPI_LIBRARY_PATH "./tsgconf/app-sketch-db/libqmbundle.so" +#define QDPI_ENGINE_DEFAULT_CONFIG "injection_mode=stream;nb_workers=1;nb_flows=8000;basic_dpi_enable=1;classification_cache_enable=0;fm_flow_table_alloc_mode=0" + +#if 1 +/*-------- for test ------------------*/ +//#include +struct maat *firewall_maat = NULL; +static struct maat *create_maat_feather(int max_thead_num) +{ + struct maat *target; + int effect_interval = 60; + int log_level=0; + + char json_cfg_file[]="tsgconf/maat.json"; + char instance_name[]="tsg_master"; char table_info[]="tsgconf/table_info.conf"; + + effect_interval *= 1000;//convert s to ms + + struct maat_options *opts = maat_options_new(); + maat_options_set_instance_name(opts, instance_name); + maat_options_set_foreign_cont_dir(opts, "./maat.log"); + maat_options_set_foreign_cont_dir(opts, "./app_signature_update_file"); + maat_options_set_json_file(opts, json_cfg_file); + maat_options_set_logger(opts, "log/maat.log", (enum log_level2)log_level); + maat_options_set_caller_thread_number(opts, max_thead_num); + + target = maat_new(opts, table_info); + if (!target) + { + goto error_out; + } + + maat_options_free(opts); + return target; + +error_out: + maat_options_free(opts); + return NULL; +} +#endif + +/*-------- for test ------------------*/ + +int qdpi_get_current_version(struct qdpi_detector_module_env *qdpi_env) +{ + return qdpi_env->lqd_config->version; +} + +void qdpi_detector_on_session_msg(struct session *sess, enum session_state state __unused, struct packet *pkt, void *args) +{ + struct qdpi_detector_module_env *qdpi_env = (struct qdpi_detector_module_env *)args; + + int tid = module_manager_get_thread_id(qdpi_env->mod_mgr); + int worker_id = qdpi_get_current_version(qdpi_env) == 1 ? 0: tid; + + if(qdpi_env->engine[worker_id] == NULL || qdpi_env->loaded_bundle[worker_id] == NULL) + { + return; + } + + struct qdpi_detector_context *context = NULL; + uint16_t payload_len = packet_get_payload_len(pkt); + const char *payload = packet_get_payload_data(pkt); + if(payload != NULL && payload_len > 0) + { + context = (struct qdpi_detector_context *)session_get_exdata(sess, qdpi_env->exdata_idx); + if (context == NULL) + { + context = qdpi_detector_context_new(qdpi_env->lqd_config, qdpi_env->worker[tid], tid, qdpi_env->topic_id, qdpi_env->mod_mgr, qdpi_env->log_handle); + if (context != NULL) + { + qdpi_detector_context_update(sess, context); + } + if (context == NULL || context->qmdpi_flow == NULL) + { + qdpi_detector_context_free(&context); + session_set_exdata(sess, qdpi_env->exdata_idx, NULL); + context->detect_done=1; + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi_detector_context_new failed to execute."); + return; + } + session_set_exdata(sess, qdpi_env->exdata_idx, context); + } + + if(context->detect_done == 1) + { + return; + } + + if (qdpi_detector(sess, context, payload, payload_len) < 0) + { + context->detect_done=1; + } + } +} + +int qdpi_loaded_license(const char *bytes, int nbytes, struct logger *log_handle) +{ + int ret=0; + const char *serial_number = "Q2101071"; + const char *password = "753159adefqixzyt"; + + char decode_data[2048], decrypt_data[2048]; + int decode_len=0, decrypt_len=0; + + decode_len = lqd_base64_decode(decode_data, sizeof(decode_data), bytes, nbytes); + if(decode_len <= 0) + { + STELLAR_LOG_FATAL(log_handle, MODULE_LQD_API,"License step 1 parsing failed."); + goto error; + } + + decrypt_len = lqd_ecb_decrypt_string(decode_data, decode_len, decrypt_data, password); + if(decrypt_len <= 0) + { + STELLAR_LOG_FATAL(log_handle, MODULE_LQD_API,"License step 2 parsing failed."); + goto error; + } + + ret = qmdpi_license_load_from_addr(decrypt_data, decrypt_len, serial_number); +error: + return ret; +} + +int qdpi_detector_update_features(struct qdpi_detector_module_env *plugin_env, char *pb_path, char *pdb_path, char *uuid_string) +{ + int ret = 0; + int nb_workers = plugin_env->nb_workers; + + if (plugin_env->lqd_config->version == 1 && plugin_env->nb_workers > 1) + { + nb_workers = 1; + } + + for (int i = 0; i < nb_workers; i++) + { + struct qmdpi_bundle *qmdpi_bundle = NULL; + + ret = qdpi_detector_update_pb(plugin_env, &plugin_env->loaded_bundle[i], pb_path, &qmdpi_bundle, i); + if (ret < 0) + { + STELLAR_LOG_FATAL(plugin_env->log_handle, MODULE_LQD_API, "PB %d not activated", qmdpi_bundle_id_get(plugin_env->loaded_bundle[i]->bundle)); + if (qmdpi_bundle) + { + qmdpi_bundle_destroy(qmdpi_bundle); + } + continue; + } + + ret = qdpi_detector_update_pdb(plugin_env, i, pdb_path, uuid_string); + if (ret < 0) + { + STELLAR_LOG_FATAL(plugin_env->log_handle, MODULE_LQD_API, "Failed to update app database features for worker %d", i); + qmdpi_bundle_destroy(qmdpi_bundle); + continue; + } + + STELLAR_LOG_INFO(plugin_env->log_handle, MODULE_LQD_API,"Successfully updated app database features for worker %d", i); + qmdpi_bundle_destroy(qmdpi_bundle); + } + return ret; +} + +static int qdpi_detector_config_load(const char *cfg_path, struct qdpi_detector_config *qdpi_config) +{ + FILE *fp = fopen(cfg_path, "r"); + if (NULL == fp) + { + fprintf(stderr, "[%s:%d]Can't open config file:%s", + __FUNCTION__, __LINE__, cfg_path); + return -1; + } + + int ret = 0; + char errbuf[256] = {0}; + + toml_table_t *root = toml_parse_file(fp, errbuf, sizeof(errbuf)); + fclose(fp); + + toml_table_t *basic_sec_tbl = toml_table_in(root, "qdpi"); + if (NULL == basic_sec_tbl) + { + fprintf(stderr, "[%s:%d]config file:%s has no key: [basic]", + __FUNCTION__, __LINE__, cfg_path); + toml_free(root); + return -1; + } + + toml_datum_t int_val = toml_int_in(basic_sec_tbl, "version"); + if (int_val.ok != 0) + { + qdpi_config->version = int_val.u.b; + } + else + { + qdpi_config->version =1; + } + + int_val = toml_int_in(basic_sec_tbl, "load_local_pd"); + if (int_val.ok != 0) + { + qdpi_config->load_local_pd = int_val.u.i; + } + else + { + qdpi_config->load_local_pd = 0; + } + + int_val = toml_int_in(basic_sec_tbl, "intput_max_packet"); + if (int_val.ok != 0) + { + qdpi_config->max_pkts = int_val.u.i; + } + else + { + qdpi_config->max_pkts = 500; + } + + int_val = toml_int_in(basic_sec_tbl, "depth_detection"); + if (int_val.ok != 0) + { + qdpi_config->result_depth_detection = int_val.u.i; + } + else + { + qdpi_config->result_depth_detection = 1; + } + + int_val = toml_int_in(basic_sec_tbl, "report_cache_path"); + if (int_val.ok != 0) + { + qdpi_config->report_cache_path = int_val.u.i; + } + else + { + qdpi_config->report_cache_path = 0; + } + + int_val = toml_int_in(basic_sec_tbl, "disable_http_detection"); + if (int_val.ok != 0) + { + qdpi_config->disable_http_detection = int_val.u.i; + } + else + { + qdpi_config->disable_http_detection = 0; + } + + toml_datum_t name=toml_string_in(basic_sec_tbl, "qdpi_engine_config"); + if(name.ok==0) + { + memcpy(qdpi_config->qdpi_engine_config, QDPI_ENGINE_DEFAULT_CONFIG, strlen(QDPI_ENGINE_DEFAULT_CONFIG)); + fprintf(stderr, "[%s:%d] config file: %s has no key: [dpi.qdpi_engine_config]", __FUNCTION__, __LINE__, cfg_path); + } + else + { + memcpy(qdpi_config->qdpi_engine_config, name.u.s, strlen(name.u.s)); + free(name.u.s); + name.u.s=NULL; + } + + name=toml_string_in(basic_sec_tbl, "load_pb_path"); + if(name.ok==0) + { + memcpy(qdpi_config->load_qb_path, QMDPI_LIBRARY_PATH, strlen(QMDPI_LIBRARY_PATH)); + fprintf(stderr, "[%s:%d] config file: %s has no key: [dpi.load_pb_path]", __FUNCTION__, __LINE__, cfg_path); + } + else + { + memcpy(qdpi_config->load_qb_path, name.u.s, strlen(name.u.s)); + free(name.u.s); + name.u.s=NULL; + } + + toml_free(root); + return ret; +} + +char *qdpi_get_value_string(cJSON *data, const char *keyword) +{ + char *valuestring=NULL; + cJSON *item = cJSON_GetObjectItem(data, keyword); + if(item && item->type==cJSON_String) + { + valuestring = item->valuestring; + } + return valuestring; +} + +int qdpi_license_is_loaded() +{ + return qmdpi_license_is_loaded(); +} + +void qdpi_license_destroy() +{ + qmdpi_license_destroy(); +} + +int qdpi_detector_create_features(struct qdpi_detector_module_env *qdpi_env, char *license, char *pb_path, char *pdb_path, char *uuid_string) +{ + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "License info was given in command line, trying to load this license..."); + int ret = qdpi_loaded_license(license, strlen(license), qdpi_env->log_handle); + if (ret < 0) + { + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "License loading failed!"); + return 0; + } + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "License loaded successfully."); + + ret = qdpi_detector_config_load(module_manager_get_toml_path(qdpi_env->mod_mgr), qdpi_env->lqd_config); + if(ret < 0) + { + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi loading config failed!"); + return 0; + } + + ret = qdpi_detector_create_engine(qdpi_env, qdpi_env->nb_workers); + if (ret < 0) + { + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi_detector_create_engine Failed"); + return 0; + } + qdpi_detector_update_features(qdpi_env, pb_path, pdb_path, uuid_string); + + return 1; +} + +void app_signature_update_cb(const char *table_name __unused, const char* table_line, enum maat_operation op, void *u_para) +{ + struct qdpi_detector_module_env *qdpi_env = (struct qdpi_detector_module_env*)u_para; + + if(op == MAAT_OP_DEL) + { + return; + } + + cJSON *data = cJSON_Parse(table_line); + if(data == NULL) + { + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "APP_SIGNATURE_UPDATE_PROFILE parse table_line failed %s", table_line); + return; + } + + char *uuid_string = qdpi_get_value_string(data, "uuid"); + if(uuid_string == NULL) + { + cJSON_Delete(data); + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "uuid", table_line); + } + + char *pdb_path = qdpi_get_value_string(data, "pdb_path"); + if(pdb_path == NULL) + { + cJSON_Delete(data); + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "pdb_path", table_line); + return; + } + + char *pb_path = qdpi_get_value_string(data, "pb_path"); + if(pb_path == NULL) + { + cJSON_Delete(data); + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "pb_path", table_line); + return; + } + + char *license = qdpi_get_value_string(data, "license"); + if(license == NULL) + { + cJSON_Delete(data); + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "license", table_line); + return; + } + + int license_is_loaded = qdpi_license_is_loaded(); + if (license_is_loaded) + { + qdpi_detector_update_features(qdpi_env, pb_path, pdb_path, uuid_string); + } + else + { + qdpi_detector_create_features(qdpi_env, license, pb_path, pdb_path, uuid_string); + } + + cJSON_Delete(data); + return; +} + +void app_signature_start_cb(int update_type __unused, void* u_para __unused) +{ + return; +} + +void app_signature_finish_cb(void* u_para __unused) +{ + return; +} + + +void qdpi_detector_exdata_free(int idx __unused, void *ex_ptr, void *arg __unused) +{ + struct qdpi_detector_context *context = (struct qdpi_detector_context *)ex_ptr; + if(context != NULL) + { + qdpi_detector_context_free(&context); + } + return; +} + +void qdpi_detector_module_exit(struct module_manager *mod_mgr, struct module *mod) +{ + if(mod_mgr == NULL || mod == NULL) + { + return; + } + + struct qdpi_detector_module_env *qdpi_env=(struct qdpi_detector_module_env *)module_get_ctx(mod); + if(qdpi_env != NULL) + { + lqd_file_remove("./tsgconf/app-sketch-db", "libqmbundle.so.tmp"); + qdpi_detector_destroy_engine(qdpi_env); + qdpi_license_destroy(); + free(qdpi_env->lqd_config); + free(qdpi_env); + } + module_free(mod); + return; +} + +struct module *qdpi_detector_module_init(struct module_manager *mod_mgr) +{ + if(mod_mgr == NULL) + { + return NULL; + } + + int ret=0; + struct qdpi_detector_module_env *qdpi_env = ALLOC(struct qdpi_detector_module_env, 1); + qdpi_env->mod_mgr=mod_mgr; + qdpi_env->log_handle = module_manager_get_logger(qdpi_env->mod_mgr); + qdpi_env->nb_workers = module_manager_get_max_thread_num(qdpi_env->mod_mgr); + + struct module *mod=module_new("QDPI_MODULE", qdpi_env); + struct module *sess_mgr_mod=module_manager_get_module(mod_mgr, SESSION_MANAGER_MODULE_NAME); + struct session_manager *sess_mgr=module_to_session_manager(sess_mgr_mod); + struct mq_schema *mq_s=module_manager_get_mq_schema(mod_mgr); + if(sess_mgr==NULL || mq_s==NULL) + { + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi module fails when getting session and MQ queue"); + goto finish; + } + + session_manager_subscribe_tcp(sess_mgr, qdpi_detector_on_session_msg, qdpi_env); + session_manager_subscribe_udp(sess_mgr, qdpi_detector_on_session_msg, qdpi_env); + + qdpi_env->exdata_idx = session_manager_new_session_exdata_index(sess_mgr, "EXDATA_QDPI", qdpi_detector_exdata_free, NULL); + qdpi_env->topic_id=stellar_appid_create_topic(mod_mgr); + + qdpi_env->lqd_config = ALLOC(struct qdpi_detector_config, 1); + firewall_maat = create_maat_feather(qdpi_env->nb_workers); + ret = maat_table_callback_register(firewall_maat, "APP_SIGNATURE_UPDATE_PROFILE", app_signature_start_cb, app_signature_update_cb, app_signature_finish_cb, qdpi_env); + if(ret < 0) + { + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Qdpi module register table APP_SIGNATURE_UPDATE_PROFILE failed."); + } + + if(qdpi_env->engine[0] == NULL || qdpi_env->loaded_bundle[0] == NULL) + { + STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Qdpi classification engine not working..."); + } + + STELLAR_LOG_INFO(qdpi_env->log_handle, MODULE_LQD_API, "Qdpi module has been loaded."); + return mod; +finish: + qdpi_detector_module_exit(mod_mgr, mod); + return NULL; +} + + diff --git a/decoders/qdpi_detector/qdpi_detector_module.cpp b/decoders/qdpi_detector/qdpi_detector_module.cpp deleted file mode 100644 index 2123d64..0000000 --- a/decoders/qdpi_detector/qdpi_detector_module.cpp +++ /dev/null @@ -1,508 +0,0 @@ -/************************************************************************* - > File Name: qdpi_detector_plugin.cpp - > Author: - > Mail: - > Created Time: - ************************************************************************/ - -#include -#include -#include -#include -#include -//#include -#include -#include -#include -#include - -#include "stellar/utils.h" -#include "stellar/log.h" -#include "stellar/session.h" -#include "appid/appid_internal.h" - -#include "qdpi_detector.h" -#include "qdpi_detector_utils.h" - -#define MODULE_LQD_API "qdpi.plugin" -#define QDPI_DETECTOR_TOML_PATH "etc/qdpi/qdpi_detector.toml" -#define QMDPI_LIBRARY_PATH "./tsgconf/app-sketch-db/libqmbundle.so" -#define QDPI_ENGINE_DEFAULT_CONFIG "injection_mode=stream;nb_workers=1;nb_flows=8000;basic_dpi_enable=1;classification_cache_enable=0;fm_flow_table_alloc_mode=0" - -#if 1 -/*-------- for test ------------------*/ -//#include -struct maat *firewall_maat = NULL; -static struct maat *create_maat_feather(int max_thead_num) -{ - struct maat *target; - int effect_interval = 60; - int log_level=0; - - char json_cfg_file[]="tsgconf/maat.json"; - char instance_name[]="tsg_master"; char table_info[]="tsgconf/table_info.conf"; - - effect_interval *= 1000;//convert s to ms - - struct maat_options *opts = maat_options_new(); - maat_options_set_instance_name(opts, instance_name); - maat_options_set_foreign_cont_dir(opts, "./maat.log"); - maat_options_set_foreign_cont_dir(opts, "./app_signature_update_file"); - maat_options_set_json_file(opts, json_cfg_file); - maat_options_set_logger(opts, "log/maat.log", (enum log_level2)log_level); - maat_options_set_caller_thread_number(opts, max_thead_num); - - target = maat_new(opts, table_info); - if (!target) - { - goto error_out; - } - - maat_options_free(opts); - return target; - -error_out: - maat_options_free(opts); - return NULL; -} -#endif - -/*-------- for test ------------------*/ - -int qdpi_get_current_version(struct qdpi_detector_module_env *qdpi_env) -{ - return qdpi_env->lqd_config->version; -} - -void qdpi_detector_on_session_msg(struct session *sess, enum session_state state __unused, struct packet *pkt, void *args) -{ - struct qdpi_detector_module_env *qdpi_env = (struct qdpi_detector_module_env *)args; - - int tid = module_manager_get_thread_id(qdpi_env->mod_mgr); - int worker_id = qdpi_get_current_version(qdpi_env) == 1 ? 0: tid; - - if(qdpi_env->engine[worker_id] == NULL || qdpi_env->loaded_bundle[worker_id] == NULL) - { - return; - } - - struct qdpi_detector_context *context = NULL; - uint16_t payload_len = packet_get_payload_len(pkt); - const char *payload = packet_get_payload_data(pkt); - if(payload != NULL && payload_len > 0) - { - context = (struct qdpi_detector_context *)session_get_exdata(sess, qdpi_env->exdata_idx); - if (context == NULL) - { - context = qdpi_detector_context_new(qdpi_env->lqd_config, qdpi_env->worker[tid], tid, qdpi_env->topic_id, qdpi_env->mod_mgr, qdpi_env->log_handle); - if (context != NULL) - { - qdpi_detector_context_update(sess, context); - } - if (context == NULL || context->qmdpi_flow == NULL) - { - qdpi_detector_context_free(&context); - session_set_exdata(sess, qdpi_env->exdata_idx, NULL); - context->detect_done=1; - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi_detector_context_new failed to execute."); - return; - } - session_set_exdata(sess, qdpi_env->exdata_idx, context); - } - - if(context->detect_done == 1) - { - return; - } - - if (qdpi_detector(sess, context, payload, payload_len) < 0) - { - context->detect_done=1; - } - } -} - -int qdpi_loaded_license(const char *bytes, int nbytes, struct logger *log_handle) -{ - int ret=0; - const char *serial_number = "Q2101071"; - const char *password = "753159adefqixzyt"; - - char decode_data[2048], decrypt_data[2048]; - int decode_len=0, decrypt_len=0; - - decode_len = lqd_base64_decode(decode_data, sizeof(decode_data), bytes, nbytes); - if(decode_len <= 0) - { - STELLAR_LOG_FATAL(log_handle, MODULE_LQD_API,"License step 1 parsing failed."); - goto error; - } - - decrypt_len = lqd_ecb_decrypt_string(decode_data, decode_len, decrypt_data, password); - if(decrypt_len <= 0) - { - STELLAR_LOG_FATAL(log_handle, MODULE_LQD_API,"License step 2 parsing failed."); - goto error; - } - - ret = qmdpi_license_load_from_addr(decrypt_data, decrypt_len, serial_number); -error: - return ret; -} - -int qdpi_detector_update_features(struct qdpi_detector_module_env *plugin_env, char *pb_path, char *pdb_path, char *uuid_string) -{ - int ret = 0; - int nb_workers = plugin_env->nb_workers; - - if (plugin_env->lqd_config->version == 1 && plugin_env->nb_workers > 1) - { - nb_workers = 1; - } - - for (int i = 0; i < nb_workers; i++) - { - struct qmdpi_bundle *qmdpi_bundle = NULL; - - ret = qdpi_detector_update_pb(plugin_env, &plugin_env->loaded_bundle[i], pb_path, &qmdpi_bundle, i); - if (ret < 0) - { - STELLAR_LOG_FATAL(plugin_env->log_handle, MODULE_LQD_API, "PB %d not activated", qmdpi_bundle_id_get(plugin_env->loaded_bundle[i]->bundle)); - if (qmdpi_bundle) - { - qmdpi_bundle_destroy(qmdpi_bundle); - } - continue; - } - - ret = qdpi_detector_update_pdb(plugin_env, i, pdb_path, uuid_string); - if (ret < 0) - { - STELLAR_LOG_FATAL(plugin_env->log_handle, MODULE_LQD_API, "Failed to update app database features for worker %d", i); - qmdpi_bundle_destroy(qmdpi_bundle); - continue; - } - - STELLAR_LOG_INFO(plugin_env->log_handle, MODULE_LQD_API,"Successfully updated app database features for worker %d", i); - qmdpi_bundle_destroy(qmdpi_bundle); - } - return ret; -} - -static int qdpi_detector_config_load(const char *cfg_path, struct qdpi_detector_config *qdpi_config) -{ - FILE *fp = fopen(cfg_path, "r"); - if (NULL == fp) - { - fprintf(stderr, "[%s:%d]Can't open config file:%s", - __FUNCTION__, __LINE__, cfg_path); - return -1; - } - - int ret = 0; - char errbuf[256] = {0}; - - toml_table_t *root = toml_parse_file(fp, errbuf, sizeof(errbuf)); - fclose(fp); - - toml_table_t *basic_sec_tbl = toml_table_in(root, "qdpi"); - if (NULL == basic_sec_tbl) - { - fprintf(stderr, "[%s:%d]config file:%s has no key: [basic]", - __FUNCTION__, __LINE__, cfg_path); - toml_free(root); - return -1; - } - - toml_datum_t int_val = toml_int_in(basic_sec_tbl, "version"); - if (int_val.ok != 0) - { - qdpi_config->version = int_val.u.b; - } - else - { - qdpi_config->version =1; - } - - int_val = toml_int_in(basic_sec_tbl, "load_local_pd"); - if (int_val.ok != 0) - { - qdpi_config->load_local_pd = int_val.u.i; - } - else - { - qdpi_config->load_local_pd = 0; - } - - int_val = toml_int_in(basic_sec_tbl, "intput_max_packet"); - if (int_val.ok != 0) - { - qdpi_config->max_pkts = int_val.u.i; - } - else - { - qdpi_config->max_pkts = 500; - } - - int_val = toml_int_in(basic_sec_tbl, "depth_detection"); - if (int_val.ok != 0) - { - qdpi_config->result_depth_detection = int_val.u.i; - } - else - { - qdpi_config->result_depth_detection = 1; - } - - int_val = toml_int_in(basic_sec_tbl, "report_cache_path"); - if (int_val.ok != 0) - { - qdpi_config->report_cache_path = int_val.u.i; - } - else - { - qdpi_config->report_cache_path = 0; - } - - int_val = toml_int_in(basic_sec_tbl, "disable_http_detection"); - if (int_val.ok != 0) - { - qdpi_config->disable_http_detection = int_val.u.i; - } - else - { - qdpi_config->disable_http_detection = 0; - } - - toml_datum_t name=toml_string_in(basic_sec_tbl, "qdpi_engine_config"); - if(name.ok==0) - { - memcpy(qdpi_config->qdpi_engine_config, QDPI_ENGINE_DEFAULT_CONFIG, strlen(QDPI_ENGINE_DEFAULT_CONFIG)); - fprintf(stderr, "[%s:%d] config file: %s has no key: [dpi.qdpi_engine_config]", __FUNCTION__, __LINE__, cfg_path); - } - else - { - memcpy(qdpi_config->qdpi_engine_config, name.u.s, strlen(name.u.s)); - free(name.u.s); - name.u.s=NULL; - } - - name=toml_string_in(basic_sec_tbl, "load_pb_path"); - if(name.ok==0) - { - memcpy(qdpi_config->load_qb_path, QMDPI_LIBRARY_PATH, strlen(QMDPI_LIBRARY_PATH)); - fprintf(stderr, "[%s:%d] config file: %s has no key: [dpi.load_pb_path]", __FUNCTION__, __LINE__, cfg_path); - } - else - { - memcpy(qdpi_config->load_qb_path, name.u.s, strlen(name.u.s)); - free(name.u.s); - name.u.s=NULL; - } - - toml_free(root); - return ret; -} - -char *qdpi_get_value_string(cJSON *data, const char *keyword) -{ - char *valuestring=NULL; - cJSON *item = cJSON_GetObjectItem(data, keyword); - if(item && item->type==cJSON_String) - { - valuestring = item->valuestring; - } - return valuestring; -} - -int qdpi_license_is_loaded() -{ - return qmdpi_license_is_loaded(); -} - -void qdpi_license_destroy() -{ - qmdpi_license_destroy(); -} - -int qdpi_detector_create_features(struct qdpi_detector_module_env *qdpi_env, char *license, char *pb_path, char *pdb_path, char *uuid_string) -{ - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "License info was given in command line, trying to load this license..."); - int ret = qdpi_loaded_license(license, strlen(license), qdpi_env->log_handle); - if (ret < 0) - { - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "License loading failed!"); - return 0; - } - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "License loaded successfully."); - - ret = qdpi_detector_config_load(module_manager_get_toml_path(qdpi_env->mod_mgr), qdpi_env->lqd_config); - if(ret < 0) - { - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi loading config failed!"); - return 0; - } - - ret = qdpi_detector_create_engine(qdpi_env, qdpi_env->nb_workers); - if (ret < 0) - { - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi_detector_create_engine Failed"); - return 0; - } - qdpi_detector_update_features(qdpi_env, pb_path, pdb_path, uuid_string); - - return 1; -} - -void app_signature_update_cb(const char *table_name __unused, const char* table_line, enum maat_operation op, void *u_para) -{ - struct qdpi_detector_module_env *qdpi_env = (struct qdpi_detector_module_env*)u_para; - - if(op == MAAT_OP_DEL) - { - return; - } - - cJSON *data = cJSON_Parse(table_line); - if(data == NULL) - { - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "APP_SIGNATURE_UPDATE_PROFILE parse table_line failed %s", table_line); - return; - } - - char *uuid_string = qdpi_get_value_string(data, "uuid"); - if(uuid_string == NULL) - { - cJSON_Delete(data); - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "uuid", table_line); - } - - char *pdb_path = qdpi_get_value_string(data, "pdb_path"); - if(pdb_path == NULL) - { - cJSON_Delete(data); - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "pdb_path", table_line); - return; - } - - char *pb_path = qdpi_get_value_string(data, "pb_path"); - if(pb_path == NULL) - { - cJSON_Delete(data); - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "pb_path", table_line); - return; - } - - char *license = qdpi_get_value_string(data, "license"); - if(license == NULL) - { - cJSON_Delete(data); - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Invalid APP_SIGNATURE_UPDATE_PROFILE attribute:%s, %s.", "license", table_line); - return; - } - - int license_is_loaded = qdpi_license_is_loaded(); - if (license_is_loaded) - { - qdpi_detector_update_features(qdpi_env, pb_path, pdb_path, uuid_string); - } - else - { - qdpi_detector_create_features(qdpi_env, license, pb_path, pdb_path, uuid_string); - } - - return; -} - -void app_signature_start_cb(int update_type __unused, void* u_para __unused) -{ - return; -} - -void app_signature_finish_cb(void* u_para __unused) -{ - return; -} - - -void qdpi_detector_exdata_free(int idx __unused, void *ex_ptr, void *arg __unused) -{ - struct qdpi_detector_context *context = (struct qdpi_detector_context *)ex_ptr; - if(context != NULL) - { - //struct qmdpi_result *result=NULL; - //qmdpi_flow_destroy(context->worker, context->qmdpi_flow, &result); - qdpi_detector_context_free(&context); - } - return; -} - -extern "C" void qdpi_detector_module_exit(struct module_manager *mod_mgr, struct module *mod) -{ - if(mod_mgr == NULL || mod == NULL) - { - return; - } - - struct qdpi_detector_module_env *qdpi_env=(struct qdpi_detector_module_env *)module_get_ctx(mod); - if(qdpi_env != NULL) - { - lqd_file_remove("./tsgconf/app-sketch-db", "libqmbundle.so.tmp"); - qdpi_detector_destroy_engine(qdpi_env); - qdpi_license_destroy(); - free(qdpi_env->lqd_config); - free(qdpi_env); - } - module_free(mod); - return; -} - -extern "C" struct module *qdpi_detector_module_init(struct module_manager *mod_mgr) -{ - if(mod_mgr == NULL) - { - return NULL; - } - - int ret=0; - struct qdpi_detector_module_env *qdpi_env = ALLOC(struct qdpi_detector_module_env, 1); - qdpi_env->mod_mgr=mod_mgr; - qdpi_env->log_handle = module_manager_get_logger(qdpi_env->mod_mgr); - qdpi_env->nb_workers = module_manager_get_max_thread_num(qdpi_env->mod_mgr); - - struct module *mod=module_new("QDPI_MODULE", qdpi_env); - struct session_manager *sess_mgr=module_to_session_manager(mod); - struct mq_schema *mq_s=module_manager_get_mq_schema(mod_mgr); - if(sess_mgr==NULL || mq_s==NULL) - { - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "qdpi module fails when getting session and MQ queue"); - goto finish; - } - - session_manager_subscribe_tcp(sess_mgr, qdpi_detector_on_session_msg, qdpi_env); - session_manager_subscribe_udp(sess_mgr, qdpi_detector_on_session_msg, qdpi_env); - - qdpi_env->exdata_idx = session_manager_new_session_exdata_index(sess_mgr, "EXDATA_QDPI", qdpi_detector_exdata_free, NULL); - qdpi_env->topic_id=stellar_appid_create_topic(mod_mgr); - - qdpi_env->lqd_config = ALLOC(struct qdpi_detector_config, 1); - firewall_maat = create_maat_feather(qdpi_env->nb_workers); - ret = maat_table_callback_register(firewall_maat, "APP_SIGNATURE_UPDATE_PROFILE", app_signature_start_cb, app_signature_update_cb, app_signature_finish_cb, qdpi_env); - if(ret < 0) - { - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Qdpi module register table APP_SIGNATURE_UPDATE_PROFILE failed."); - } - - if(qdpi_env->engine[0] == NULL || qdpi_env->loaded_bundle[0] == NULL) - { - STELLAR_LOG_FATAL(qdpi_env->log_handle, MODULE_LQD_API, "Qdpi classification engine not working..."); - } - - STELLAR_LOG_INFO(qdpi_env->log_handle, MODULE_LQD_API, "Qdpi module has been loaded."); - return mod; -finish: - qdpi_detector_module_exit(mod_mgr, mod); - return NULL; -} - - diff --git a/decoders/qdpi_detector/qdpi_detector_utils.c b/decoders/qdpi_detector/qdpi_detector_utils.c new file mode 100644 index 0000000..03ae23e --- /dev/null +++ b/decoders/qdpi_detector/qdpi_detector_utils.c @@ -0,0 +1,284 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +static const char index_64[128] = +{ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, + -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, + 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, +}; + +void get_md5_digest(const char *password, int password_len, unsigned char *result) +{ + MD5_CTX md5_ctx; + MD5_Init(&md5_ctx); + MD5_Update(&md5_ctx, password, password_len); + MD5_Final(result,&md5_ctx); +} + +int get_aes_key(const char *password, AES_KEY *key, int flag) +{ + unsigned char data[16]; + + get_md5_digest(password, strlen(password), data); + if (flag == AES_ENCRYPT) + { + AES_set_encrypt_key(data, sizeof(data)*8, key); + } + if (flag == AES_DECRYPT) + { + AES_set_decrypt_key(data, sizeof(data)*8, key); + } + return 1; +} + +int lqd_base64_decode(char *decode_data, int decode_len, const char *encode_data, int encode_len) +{ + const unsigned char *p, *q; + unsigned char *t; + int c1, c2; + + if (decode_data == NULL || decode_len <= 0 || encode_data == NULL || encode_len <= 0) + { + return -1; + } + + for (p = (const unsigned char *) encode_data; encode_len > 0 && isspace(*p); p++, encode_len--) + { + /* void */ ; + } + for (q = p + encode_len - 1; q >= p && isspace(*q); q--, encode_len--) + { + /* void */ ; + } + + if (encode_len % 4 != 0) + { + return -1; + } + + if (encode_len / 4 * 3 + 1 > decode_len) + { + return -1; + } + + t = (unsigned char *)decode_data; + while (encode_len > 0) + { + encode_len -= 4; + if (*p >= 128 || (c1 = index_64[*p++]) == -1) + { + return -1; + } + + if (*p >= 128 || (c2 = index_64[*p++]) == -1) + { + return -1; + } + *t++ = (c1 << 2) | ((c2 & 0x30) >> 4); + + if (p[0] == '=' && p[1] == '=') + { + break; + } + + if (*p >= 128 || (c1 = index_64[*p++]) == -1) + { + return -1; + } + *t++ = ((c2 & 0x0f) << 4) | ((c1 & 0x3c) >> 2); + + if (p[0] == '=') + { + break; + } + + if (*p >= 128 || (c2 = index_64[*p++]) == -1) + { + return -1; + } + *t++ = ((c1 & 0x03) << 6) | c2; + } + + return t - (unsigned char *) decode_data; +} + +int lqd_ecb_decrypt_string(char *aes_ecb_data, int aes_ecb_data_len, char *data, const char *password) +{ + AES_KEY key; + int i=0, data_len=0; + + get_aes_key(password, &key, AES_DECRYPT); + + const unsigned char *input_offset = (const unsigned char *)aes_ecb_data; unsigned char *output_offset = (unsigned char *)data; + for (i = 0; i < aes_ecb_data_len / AES_BLOCK_SIZE; i++) + { + AES_ecb_encrypt(input_offset, output_offset, &key, AES_DECRYPT); + input_offset += AES_BLOCK_SIZE; + output_offset += AES_BLOCK_SIZE; + data_len += AES_BLOCK_SIZE; + } + + int res_input_length = aes_ecb_data_len % AES_BLOCK_SIZE; + if (res_input_length > 0 ) + { + memcpy(output_offset, input_offset, res_input_length + 1); + data_len += res_input_length; + } + return data_len; +} + +int lqd_file_remove(const char *realpath, const char *filename) +{ + struct dirent *entry; + struct stat statbuf; + DIR *dir = NULL; + char filename_load_path[512]={0}; + + if(realpath == NULL) + { + remove(filename); + goto finish; + } + + dir = opendir(realpath); + while ((entry = readdir(dir)) != NULL) + { + lstat(entry->d_name, &statbuf); + if (S_ISDIR(statbuf.st_mode)) + { + if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0 ) + { + continue; + } + + if(!strncasecmp(entry->d_name, filename, strlen(filename))) + { + snprintf(filename_load_path, 512, "%s/%s", realpath, entry->d_name); + remove(filename_load_path); + } + } + } + closedir(dir); + +finish: + return 0; +} + +int lqd_file_write(char *filename, char *buffer, int buffer_len) +{ + int fd; + if ((fd = mkstemp(filename)) < 0) + { + return -1; + } + + if (write(fd, buffer,buffer_len) < 0) + { + return -1; + } + close(fd); + + return 0; +} + +int lqd_file_read(const char *filename, char **buffer, int *buffer_len) +{ + int fd; + struct stat f_stats; + + fd = open(filename, O_RDONLY); + if (fd < 0) + { + fprintf(stderr, "can not open %s\n", filename); + return -1; + } + if (fstat(fd, &f_stats)) + { + fprintf(stderr, "could not fstat %s\n", filename); + close(fd); + return -1; + } + *buffer_len = (int) f_stats.st_size; + *buffer = (char *)malloc(*buffer_len); + + if (NULL == *buffer) + { + close(fd); + return -1; + } + if ((read(fd, *buffer, f_stats.st_size)) < f_stats.st_size) + { + fprintf(stderr, "could not read %s\n", filename); + close(fd); + free(*buffer); + return -1; + } + close(fd); + + return 0; +} + +void lqd_get_clock_time(struct timeval *ts) +{ + struct timespec start_time; + + clock_gettime(CLOCK_REALTIME,&start_time); + + ts->tv_sec = start_time.tv_sec; + ts->tv_usec = start_time.tv_nsec/1000; + + return; +} + +int lqd_file_exsit(const char *load_path) +{ + return (!access(load_path, F_OK)); +} + +char *lqd_parse_config(const char *config) +{ + const char *replace = "nb_workers=1"; + int replace_sz = strlen(replace); + + char *new_config = (char *)malloc(strlen(config) + replace_sz + 1); + if (new_config == NULL) + { + perror("Failed to allocate memory"); + return NULL; + } + + const char *find = strstr(config, "nb_workers="); + if (find != NULL) { + int len = find - config; + strncpy(new_config, config, len); + strcpy(new_config + len, replace); + + const char *pattern = strchr(find, ';'); + if (pattern != NULL) { + strcat(new_config, pattern); + } else { + new_config[len + replace_sz] = '\0'; + } + } else { + strcpy(new_config, config); + } + + return new_config; +} + diff --git a/decoders/qdpi_detector/qdpi_detector_utils.cpp b/decoders/qdpi_detector/qdpi_detector_utils.cpp deleted file mode 100644 index 03ae23e..0000000 --- a/decoders/qdpi_detector/qdpi_detector_utils.cpp +++ /dev/null @@ -1,284 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -static const char index_64[128] = -{ - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, - -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, - -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, -}; - -void get_md5_digest(const char *password, int password_len, unsigned char *result) -{ - MD5_CTX md5_ctx; - MD5_Init(&md5_ctx); - MD5_Update(&md5_ctx, password, password_len); - MD5_Final(result,&md5_ctx); -} - -int get_aes_key(const char *password, AES_KEY *key, int flag) -{ - unsigned char data[16]; - - get_md5_digest(password, strlen(password), data); - if (flag == AES_ENCRYPT) - { - AES_set_encrypt_key(data, sizeof(data)*8, key); - } - if (flag == AES_DECRYPT) - { - AES_set_decrypt_key(data, sizeof(data)*8, key); - } - return 1; -} - -int lqd_base64_decode(char *decode_data, int decode_len, const char *encode_data, int encode_len) -{ - const unsigned char *p, *q; - unsigned char *t; - int c1, c2; - - if (decode_data == NULL || decode_len <= 0 || encode_data == NULL || encode_len <= 0) - { - return -1; - } - - for (p = (const unsigned char *) encode_data; encode_len > 0 && isspace(*p); p++, encode_len--) - { - /* void */ ; - } - for (q = p + encode_len - 1; q >= p && isspace(*q); q--, encode_len--) - { - /* void */ ; - } - - if (encode_len % 4 != 0) - { - return -1; - } - - if (encode_len / 4 * 3 + 1 > decode_len) - { - return -1; - } - - t = (unsigned char *)decode_data; - while (encode_len > 0) - { - encode_len -= 4; - if (*p >= 128 || (c1 = index_64[*p++]) == -1) - { - return -1; - } - - if (*p >= 128 || (c2 = index_64[*p++]) == -1) - { - return -1; - } - *t++ = (c1 << 2) | ((c2 & 0x30) >> 4); - - if (p[0] == '=' && p[1] == '=') - { - break; - } - - if (*p >= 128 || (c1 = index_64[*p++]) == -1) - { - return -1; - } - *t++ = ((c2 & 0x0f) << 4) | ((c1 & 0x3c) >> 2); - - if (p[0] == '=') - { - break; - } - - if (*p >= 128 || (c2 = index_64[*p++]) == -1) - { - return -1; - } - *t++ = ((c1 & 0x03) << 6) | c2; - } - - return t - (unsigned char *) decode_data; -} - -int lqd_ecb_decrypt_string(char *aes_ecb_data, int aes_ecb_data_len, char *data, const char *password) -{ - AES_KEY key; - int i=0, data_len=0; - - get_aes_key(password, &key, AES_DECRYPT); - - const unsigned char *input_offset = (const unsigned char *)aes_ecb_data; unsigned char *output_offset = (unsigned char *)data; - for (i = 0; i < aes_ecb_data_len / AES_BLOCK_SIZE; i++) - { - AES_ecb_encrypt(input_offset, output_offset, &key, AES_DECRYPT); - input_offset += AES_BLOCK_SIZE; - output_offset += AES_BLOCK_SIZE; - data_len += AES_BLOCK_SIZE; - } - - int res_input_length = aes_ecb_data_len % AES_BLOCK_SIZE; - if (res_input_length > 0 ) - { - memcpy(output_offset, input_offset, res_input_length + 1); - data_len += res_input_length; - } - return data_len; -} - -int lqd_file_remove(const char *realpath, const char *filename) -{ - struct dirent *entry; - struct stat statbuf; - DIR *dir = NULL; - char filename_load_path[512]={0}; - - if(realpath == NULL) - { - remove(filename); - goto finish; - } - - dir = opendir(realpath); - while ((entry = readdir(dir)) != NULL) - { - lstat(entry->d_name, &statbuf); - if (S_ISDIR(statbuf.st_mode)) - { - if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0 ) - { - continue; - } - - if(!strncasecmp(entry->d_name, filename, strlen(filename))) - { - snprintf(filename_load_path, 512, "%s/%s", realpath, entry->d_name); - remove(filename_load_path); - } - } - } - closedir(dir); - -finish: - return 0; -} - -int lqd_file_write(char *filename, char *buffer, int buffer_len) -{ - int fd; - if ((fd = mkstemp(filename)) < 0) - { - return -1; - } - - if (write(fd, buffer,buffer_len) < 0) - { - return -1; - } - close(fd); - - return 0; -} - -int lqd_file_read(const char *filename, char **buffer, int *buffer_len) -{ - int fd; - struct stat f_stats; - - fd = open(filename, O_RDONLY); - if (fd < 0) - { - fprintf(stderr, "can not open %s\n", filename); - return -1; - } - if (fstat(fd, &f_stats)) - { - fprintf(stderr, "could not fstat %s\n", filename); - close(fd); - return -1; - } - *buffer_len = (int) f_stats.st_size; - *buffer = (char *)malloc(*buffer_len); - - if (NULL == *buffer) - { - close(fd); - return -1; - } - if ((read(fd, *buffer, f_stats.st_size)) < f_stats.st_size) - { - fprintf(stderr, "could not read %s\n", filename); - close(fd); - free(*buffer); - return -1; - } - close(fd); - - return 0; -} - -void lqd_get_clock_time(struct timeval *ts) -{ - struct timespec start_time; - - clock_gettime(CLOCK_REALTIME,&start_time); - - ts->tv_sec = start_time.tv_sec; - ts->tv_usec = start_time.tv_nsec/1000; - - return; -} - -int lqd_file_exsit(const char *load_path) -{ - return (!access(load_path, F_OK)); -} - -char *lqd_parse_config(const char *config) -{ - const char *replace = "nb_workers=1"; - int replace_sz = strlen(replace); - - char *new_config = (char *)malloc(strlen(config) + replace_sz + 1); - if (new_config == NULL) - { - perror("Failed to allocate memory"); - return NULL; - } - - const char *find = strstr(config, "nb_workers="); - if (find != NULL) { - int len = find - config; - strncpy(new_config, config, len); - strcpy(new_config + len, replace); - - const char *pattern = strchr(find, ';'); - if (pattern != NULL) { - strcat(new_config, pattern); - } else { - new_config[len + replace_sz] = '\0'; - } - } else { - strcpy(new_config, config); - } - - return new_config; -} - diff --git a/decoders/qdpi_detector/qdpi_detector_utils.h b/decoders/qdpi_detector/qdpi_detector_utils.h index 1e155ba..9dd0dc7 100644 --- a/decoders/qdpi_detector/qdpi_detector_utils.h +++ b/decoders/qdpi_detector/qdpi_detector_utils.h @@ -1,5 +1,10 @@ #pragma once +#ifdef __cplusplus +extern "C" +{ +#endif + int lqd_file_exsit(const char *load_path); int lqd_file_remove(const char *realpath, const char *filename); int lqd_file_write(char *filename, char *buffer, int buffer_len); @@ -10,3 +15,7 @@ int lqd_ecb_decrypt_string(char *aes_ecb_data, int aes_ecb_data_len, char *data, char *lqd_parse_config(const char *config); void lqd_get_clock_time(struct timeval *ts); + +#ifdef __cplusplus +} +#endif \ No newline at end of file diff --git a/test/decoders/qdpi_detector/CMakeLists.txt b/test/decoders/qdpi_detector/CMakeLists.txt index a59189c..b0f1967 100644 --- a/test/decoders/qdpi_detector/CMakeLists.txt +++ b/test/decoders/qdpi_detector/CMakeLists.txt @@ -1,4 +1,4 @@ -add_executable(gtest_qdpi_detector gtest_qdpi_detector_module.cpp gtest_qdpi_detector_main.cpp) +add_executable(gtest_qdpi_detector gtest_qdpi_detector_module.c gtest_qdpi_detector_main.cpp) target_include_directories(gtest_qdpi_detector PRIVATE ${CMAKE_SOURCE_DIR}/deps/) target_include_directories(gtest_qdpi_detector PRIVATE ${CMAKE_SOURCE_DIR}/decoders/) diff --git a/test/decoders/qdpi_detector/gtest_qdpi_detector.h b/test/decoders/qdpi_detector/gtest_qdpi_detector.h index 03a9dcc..8e6f87e 100644 --- a/test/decoders/qdpi_detector/gtest_qdpi_detector.h +++ b/test/decoders/qdpi_detector/gtest_qdpi_detector.h @@ -1,8 +1,12 @@ #pragma once - -int stellar_test_result_setup(); +#ifdef __cplusplus +extern "C" +{ +#endif char *gtest_qdpi_result_json_export(); -void gtest_qdpi_result_cleanup(); +#ifdef __cplusplus +} +#endif \ No newline at end of file diff --git a/test/decoders/qdpi_detector/gtest_qdpi_detector_main.cpp b/test/decoders/qdpi_detector/gtest_qdpi_detector_main.cpp index ab04576..6648917 100644 --- a/test/decoders/qdpi_detector/gtest_qdpi_detector_main.cpp +++ b/test/decoders/qdpi_detector/gtest_qdpi_detector_main.cpp @@ -28,12 +28,6 @@ struct gtest_json_result static struct gtest_json_result *gtest_result_new(const char *expect_json_path) { struct gtest_json_result *para = (struct gtest_json_result *)calloc(1, sizeof(struct gtest_json_result)); - if(expect_json_path==NULL) - { - para->expect_json_root=cJSON_CreateArray(); - return para; - } - para->test_json_root = cJSON_CreateArray(); FILE *file = fopen(expect_json_path, "rb"); if(file) @@ -108,22 +102,6 @@ static void gtest_result_free(struct gtest_json_result *para) return; } -void gtest_on_session_msg_expect_json(int topic_id, void *msg, void *on_msg_arg) -{ - struct gtest_json_result *g_test_para = (struct gtest_json_result *)on_msg_arg; - - cJSON *per_session_json = cJSON_Parse((const char *)msg); - - if (g_test_para->test_json_root) - { - char result_name[128] = ""; - sprintf(result_name, "app_session_%d", g_test_para->result_count); - cJSON_AddStringToObject(per_session_json, "name", result_name); - cJSON_AddItemToArray(g_test_para->test_json_root, per_session_json); - } - g_test_para->result_count += 1; -} - /********************************************** * GTEST MAIN * **********************************************/ @@ -140,11 +118,6 @@ int main(int argc, char ** argv) struct stellar *st=stellar_new("./conf/stellar.toml"); EXPECT_TRUE(st!=NULL); - //struct module_manager * mod_mgr = stellar_get_module_manager(st); - //int expect_json_topic_id = mq_schema_get_topic_id(module_manager_get_mq_schema(st->mod_mgr), "EXPECT_JSON"); - //EXPECT_TRUE(expect_json_topic_id>=0); - //mq_schema_subscribe(module_manager_get_mq_schema(mod_mgr), expect_json_topic_id, gtest_on_session_msg_expect_json, g_test_para); - stellar_run(st); stellar_free(st); @@ -157,6 +130,6 @@ int main(int argc, char ** argv) EXPECT_EQ(gtest_result_compare(g_test_para), 1); gtest_result_free(g_test_para); - + return ::testing::Test::HasFailure() ? 1 : 0; } \ No newline at end of file diff --git a/test/decoders/qdpi_detector/gtest_qdpi_detector_module.c b/test/decoders/qdpi_detector/gtest_qdpi_detector_module.c new file mode 100644 index 0000000..859da23 --- /dev/null +++ b/test/decoders/qdpi_detector/gtest_qdpi_detector_module.c @@ -0,0 +1,317 @@ +#include +#include +#include +#include + +//#include + +#include "stellar/utils.h" +#include "stellar/session.h" +#include "appid/appid_internal.h" + +#include "cJSON.h" +#include "packet_helper.h" + +#define MAX_TEST_APP_ID_NUM 16 + +struct gtest_qdpi_detector_module_env +{ + int exdata_idx; + int session_id; +}; + +struct gtest_qdpi_detector_context +{ + cJSON *result; + unsigned long packet_num; +}; + +struct gtest_qdpi_detector_map +{ + int id; + const char *name; +}; + +struct gtest_qdpi_detector_result +{ + int n_result_jsoon; + cJSON *result_json[16]; +}; + +struct gtest_qdpi_detector_result gtest_result_json; + +struct gtest_qdpi_detector_map __str_std_app_id_map[]= { + {Q_PROTO_HTTP, "http"}, + {Q_PROTO_HTTPS, "https"}, + {Q_PROTO_SKYPE, "skype"}, + {Q_PROTO_SOCKS5, "socks5"}, + {Q_PROTO_SSL, "ssl"}, + {Q_PROTO_FACEBOOK, "facebook"}, + {Q_PROTO_QQ_WEB, "qq_web"}, + {Q_PROTO_WECHAT, "wechat"}, + {Q_PROTO_JINGDONG, "jingdong"}, + {Q_PROTO_TELEGRAM, "telegram"}, + {Q_PROTO_HTTP2, "http2"}, + {Q_PROTO_MODBUS, "modbus"}, + {Q_PROTO_WIREGUARD, "wireguard"}, + {4077, "meta_gen"}, + {Q_PROTO_SMTP, "smtp"} +}; + +int update_tsgconf_witch_system(const char* src_file, const char* dst_file) +{ + char cmd[512] = { 0 }; + snprintf(cmd,sizeof(cmd), "cp ./tsgconf/%s ./tsgconf/%s", src_file, dst_file); + return system(cmd); +} + +const char *get_app_name_by_map(int app_id) +{ + int num = sizeof(__str_std_app_id_map) / sizeof(__str_std_app_id_map[0]); + + for (int i = 0; i < num; ++i) + { + if(__str_std_app_id_map[i].id == app_id) + { + return __str_std_app_id_map[i].name; + } + } + return NULL; +} + +#if 0 +#include +struct maat *firewall_maat = NULL; + +static struct maat *create_maat_feather(int max_thead_num) +{ + struct maat *target; + int effect_interval = 60; + int log_level=0; + + char json_cfg_file[]="tsgconf/maat.json"; + char instance_name[]="tsg_master"; char table_info[]="tsgconf/table_info.conf"; + + effect_interval *= 1000;//convert s to ms + + struct maat_options *opts = maat_options_new(); + maat_options_set_instance_name(opts, instance_name); + maat_options_set_foreign_cont_dir(opts, "./maat.log"); + maat_options_set_foreign_cont_dir(opts, "./app_signature_update_file"); + maat_options_set_json_file(opts, json_cfg_file); + maat_options_set_logger(opts, "log/maat.log", (enum log_level2)log_level); + maat_options_set_caller_thread_number(opts, max_thead_num); + + target = maat_new(opts, table_info); + if (!target) + { + goto error_out; + } + + maat_options_free(opts); + return target; + +error_out: + maat_options_free(opts); + return NULL; +} +#endif + +char *gtest_qdpi_result_json_export() +{ + cJSON *test_json_root=cJSON_CreateArray(); + for(int i=1; i<=gtest_result_json.n_result_jsoon; i++) + { + char result_name[128] = ""; + sprintf(result_name, "app_session_%d", i); + cJSON_AddStringToObject(gtest_result_json.result_json[i], "name", result_name); + cJSON_AddItemToArray(test_json_root, gtest_result_json.result_json[i]); + } + char *data=cJSON_Print(test_json_root); + cJSON_Delete(test_json_root); + return data; +} + +static void gtest_qdpi_stellar_exdata_free(int idx __unused, void *ex_ptr, void *arg __unused) +{ + if(ex_ptr)FREE(ex_ptr); +} + +static void gtest_qdpi_detector_on_session_msg(struct session *sess, enum session_state state, struct packet *pkt, void *args) +{ + struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)args; + if(gtest_qdpi_env == NULL) + { + return; + } + + struct gtest_qdpi_detector_context *context_gtest = (struct gtest_qdpi_detector_context *)session_get_exdata(sess, gtest_qdpi_env->exdata_idx); + if(context_gtest == NULL) + { + context_gtest = ALLOC(struct gtest_qdpi_detector_context, 1); + context_gtest->result = cJSON_CreateObject(); + cJSON_AddStringToObject(context_gtest->result, "Tuple4", session_get_readable_addr(sess)); + + enum session_type type= session_get_type(sess); + if(type == SESSION_TYPE_TCP) + { + cJSON_AddStringToObject(context_gtest->result, "STREAM_TYPE", "TCP"); + } + if(type == SESSION_TYPE_UDP) + { + cJSON_AddStringToObject(context_gtest->result, "stream_type", "UDP"); + } + session_set_exdata(sess, gtest_qdpi_env->exdata_idx, context_gtest); + } + + if(state == SESSION_STATE_CLOSED && context_gtest != NULL) + { + char app[64] = {0}; + sprintf(app, "app_session_%d", gtest_qdpi_env->session_id); + gtest_result_json.n_result_jsoon++; + gtest_result_json.result_json[gtest_result_json.n_result_jsoon]=cJSON_Duplicate(context_gtest->result, 1); + cJSON_Delete(context_gtest->result); + } + + if (packet_get_payload_data(pkt) == NULL || packet_get_payload_len(pkt) == 0) + { + return; + } + context_gtest->packet_num++; +} + +static void gtest_qdpi_detector_plugin_on_session_msg(struct session *sess, enum APPID_ORIGIN origin __unused, int appid[], size_t appid_num, void *args) +{ + struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)args; + if(gtest_qdpi_env == NULL) + { + return; + } + + struct gtest_qdpi_detector_context *gtest_context = (struct gtest_qdpi_detector_context *)session_get_exdata(sess, gtest_qdpi_env->exdata_idx); + if(gtest_context == NULL) + { + return; + } + + int pos = 0; char buffer[512]={0}; + for (size_t i = 0; i < appid_num; i++) + { + pos += sprintf(buffer + pos, "%s", i > 0 ? "." : ""); + pos += sprintf(buffer + pos, "%d", appid[i]); + } + + char app_id[24] = {0}, app_name[24]={0}; + sprintf(app_id, "app_id_packet%lu", gtest_context->packet_num); + cJSON_AddStringToObject(gtest_context->result,app_id, buffer); + + pos=0; + memset(buffer, 0, sizeof(buffer)); + char const *name; + for (size_t i = 0; i < appid_num; i++) + { + name=get_app_name_by_map(appid[i]); + pos += sprintf(buffer + pos, "%s", i > 0 ? "." : ""); + pos += sprintf(buffer + pos, "%s", name); + } + sprintf(app_name, "app_name_packet%lu", gtest_context->packet_num); + cJSON_AddStringToObject(gtest_context->result, app_name, buffer); + + unsigned char dir_flag; char stream_dir[24]={0}; + sprintf(stream_dir, "STREAM_DIR_PACKET%lu", gtest_context->packet_num); + int is_symmetric=session_is_symmetric(sess, &dir_flag); + if(is_symmetric) + { + cJSON_AddStringToObject(gtest_context->result, stream_dir, "DOUBLE"); + } + else if(dir_flag == SESSION_SEEN_C2S_FLOW) + { + cJSON_AddStringToObject(gtest_context->result, stream_dir, "C2S"); + } + else if(dir_flag == SESSION_SEEN_S2C_FLOW) + { + cJSON_AddStringToObject(gtest_context->result, stream_dir, "S2C"); + } + + if(appid[0]==2240) + { + update_tsgconf_witch_system("maat.1.710.0-20.json", "maat.json"); + //sleep(1); + } + return; +} + +void *gtest_qdpi_detector_context_new(struct session *sess, void *plugin_env) +{ + struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)plugin_env; + if(gtest_qdpi_env == NULL) + { + return NULL; + } + + struct gtest_qdpi_detector_context *context_gtest = ALLOC(struct gtest_qdpi_detector_context, 1); + context_gtest->result = cJSON_CreateObject(); + session_set_exdata(sess, gtest_qdpi_env->exdata_idx, context_gtest); + + cJSON_AddStringToObject(context_gtest->result, "Tuple4", session_get_readable_addr(sess)); + + enum session_type type= session_get_type(sess); + if(type == SESSION_TYPE_TCP) + { + cJSON_AddStringToObject(context_gtest->result, "STREAM_TYPE", "TCP"); + } + if(type == SESSION_TYPE_UDP) + { + cJSON_AddStringToObject(context_gtest->result, "stream_type", "UDP"); + } + return context_gtest; +} + +void gtest_qdpi_detector_module_exit(struct module_manager *mod_mgr __unused, struct module *mod) +{ + assert(mod_mgr!=NULL); + assert(mod!=NULL); + + struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)module_get_ctx(mod); + assert(gtest_qdpi_env!=NULL); + free(gtest_qdpi_env); + update_tsgconf_witch_system("maat.1.720.0-20.json", "maat.json"); + printf("gtest_qdpi_detector_module_exit OK!\n"); + module_free(mod); + return; +} + +struct module *gtest_qdpi_detector_module_init(struct module_manager *mod_mgr) +{ + //firewall_maat = create_maat_feather(stellar_get_worker_thread_num(st)); + struct gtest_qdpi_detector_module_env *gtest_qdpi_env = ALLOC(struct gtest_qdpi_detector_module_env, 1); + + struct module *mod=module_new("QDPI_GTEST_MODULE", gtest_qdpi_env); + struct module *sess_mgr_mod=module_manager_get_module(mod_mgr, SESSION_MANAGER_MODULE_NAME); + struct session_manager *sess_mgr=module_to_session_manager(sess_mgr_mod); + struct mq_schema *mq_s=module_manager_get_mq_schema(mod_mgr); + if(sess_mgr==NULL || mq_s==NULL) + { + perror("gtest_qdpi_detector_module_init:module_to_session_manager failed !!!\n"); + goto finish; + } + + session_manager_subscribe_udp(sess_mgr, gtest_qdpi_detector_on_session_msg, gtest_qdpi_env); + session_manager_subscribe_tcp(sess_mgr, gtest_qdpi_detector_on_session_msg, gtest_qdpi_env); + + gtest_qdpi_env->exdata_idx = session_manager_new_session_exdata_index(sess_mgr, "EXDATA_GTEST_QDPI_EXDATA", gtest_qdpi_stellar_exdata_free, NULL); + if(gtest_qdpi_env->exdata_idx<0) + { + printf("gtest_qdpi_detector_module_init:session_manager_new_session_exdata_index faild!!!\n"); + goto finish; + } + + stellar_appid_subscribe(mod_mgr, gtest_qdpi_detector_plugin_on_session_msg, gtest_qdpi_env); + printf("gtest_qdpi_detector_module_init OK!\n"); + return mod; + +finish: + gtest_qdpi_detector_module_exit(mod_mgr, mod); + return NULL; +} + diff --git a/test/decoders/qdpi_detector/gtest_qdpi_detector_module.cpp b/test/decoders/qdpi_detector/gtest_qdpi_detector_module.cpp deleted file mode 100644 index 412492d..0000000 --- a/test/decoders/qdpi_detector/gtest_qdpi_detector_module.cpp +++ /dev/null @@ -1,313 +0,0 @@ -#include -#include -#include -#include -#include - -//#include - -#include "stellar/utils.h" -#include "stellar/session.h" -#include "appid/appid_internal.h" - -#include "cJSON.h" -#include "packet_helper.h" - -#define MAX_TEST_APP_ID_NUM 16 - -struct gtest_qdpi_detector_module_env -{ - int topic_id; - int exdata_idx; - int plugin_id; - int session_id; - int expect_json_topic_id; - struct module_manager *mod_mgr; -}; - -struct gtest_qdpi_detector_context -{ - cJSON *result; - unsigned long packet_num; -}; - -struct gtest_qdpi_detector_map -{ - int id; - const char *name; -}; - -struct gtest_qdpi_detector_map __str_std_app_id_map[]= { - {Q_PROTO_HTTP, "http"}, - {Q_PROTO_HTTPS, "https"}, - {Q_PROTO_SKYPE, "skype"}, - {Q_PROTO_SOCKS5, "socks5"}, - {Q_PROTO_SSL, "ssl"}, - {Q_PROTO_FACEBOOK, "facebook"}, - {Q_PROTO_QQ_WEB, "qq_web"}, - {Q_PROTO_WECHAT, "wechat"}, - {Q_PROTO_JINGDONG, "jingdong"}, - {Q_PROTO_TELEGRAM, "telegram"}, - {Q_PROTO_HTTP2, "http2"}, - {Q_PROTO_MODBUS, "modbus"}, - {Q_PROTO_WIREGUARD, "wireguard"}, - {4077, "meta_gen"}, - {Q_PROTO_SMTP, "smtp"} -}; - -int update_tsgconf_witch_system(const char* src_file, const char* dst_file) -{ - char cmd[512] = { 0 }; - snprintf(cmd,sizeof(cmd), "cp ./tsgconf/%s ./tsgconf/%s", src_file, dst_file); - return system(cmd); -} - -const char *get_app_name_by_map(int app_id) -{ - int num = sizeof(__str_std_app_id_map) / sizeof(__str_std_app_id_map[0]); - - for (int i = 0; i < num; ++i) - { - if(__str_std_app_id_map[i].id == app_id) - { - return __str_std_app_id_map[i].name; - } - } - return NULL; -} - -#if 0 -#include -struct maat *firewall_maat = NULL; - -static struct maat *create_maat_feather(int max_thead_num) -{ - struct maat *target; - int effect_interval = 60; - int log_level=0; - - char json_cfg_file[]="tsgconf/maat.json"; - char instance_name[]="tsg_master"; char table_info[]="tsgconf/table_info.conf"; - - effect_interval *= 1000;//convert s to ms - - struct maat_options *opts = maat_options_new(); - maat_options_set_instance_name(opts, instance_name); - maat_options_set_foreign_cont_dir(opts, "./maat.log"); - maat_options_set_foreign_cont_dir(opts, "./app_signature_update_file"); - maat_options_set_json_file(opts, json_cfg_file); - maat_options_set_logger(opts, "log/maat.log", (enum log_level2)log_level); - maat_options_set_caller_thread_number(opts, max_thead_num); - - target = maat_new(opts, table_info); - if (!target) - { - goto error_out; - } - - maat_options_free(opts); - return target; - -error_out: - maat_options_free(opts); - return NULL; -} -#endif - -cJSON *g_result_json=NULL; -char *gtest_qdpi_result_json_export() -{ - if(g_result_json==NULL)return NULL; - return cJSON_Print(g_result_json); -} - -static void gtest_qdpi_stellar_exdata_free(int idx __unused, void *ex_ptr, void *arg __unused) -{ - if(ex_ptr)FREE(ex_ptr); -} - -static void gtest_qdpi_stellar_msg_free(void *msg, void *msg_free_arg __unused) -{ - if(msg)FREE(msg); -} - -static void gtest_qdpi_detector_on_session_msg(struct session *sess, enum session_state state, struct packet *pkt, void *args) -{ - struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)args; - if(gtest_qdpi_env == NULL) - { - return; - } - - struct gtest_qdpi_detector_context *context_gtest = (struct gtest_qdpi_detector_context *)session_get_exdata(sess, gtest_qdpi_env->exdata_idx); - if(context_gtest == NULL) - { - context_gtest = ALLOC(struct gtest_qdpi_detector_context, 1); - context_gtest->result = cJSON_CreateObject(); - cJSON_AddStringToObject(context_gtest->result, "Tuple4", session_get_readable_addr(sess)); - - enum session_type type= session_get_type(sess); - if(type == SESSION_TYPE_TCP) - { - cJSON_AddStringToObject(context_gtest->result, "STREAM_TYPE", "TCP"); - } - if(type == SESSION_TYPE_UDP) - { - cJSON_AddStringToObject(context_gtest->result, "stream_type", "UDP"); - } - session_set_exdata(sess, gtest_qdpi_env->exdata_idx, context_gtest); - } - - if(state == SESSION_STATE_CLOSED && context_gtest != NULL) - { - char app[64] = {0}; - sprintf(app, "app_session_%d", gtest_qdpi_env->session_id); - g_result_json=cJSON_Duplicate(context_gtest->result, 1); - //mq_runtime_publish_message(module_manager_get_mq_runtime(gtest_qdpi_env->mod_mgr), gtest_qdpi_env->expect_json_topic_id, cJSON_Print(context_gtest->result)); - cJSON_Delete(context_gtest->result); - } - - if (packet_get_payload_data(pkt) == NULL || packet_get_payload_len(pkt) == 0) - { - return; - } - context_gtest->packet_num++; -} - -static void gtest_qdpi_detector_plugin_on_session_msg(struct session *sess, enum APPID_ORIGIN origin __unused, int appid[], size_t appid_num, void *args) -{ - struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)args; - if(gtest_qdpi_env == NULL) - { - return; - } - - struct gtest_qdpi_detector_context *gtest_context = (struct gtest_qdpi_detector_context *)session_get_exdata(sess, gtest_qdpi_env->exdata_idx); - if(gtest_context == NULL) - { - return; - } - - int pos = 0; char buffer[512]={0}; - for (size_t i = 0; i < appid_num; i++) - { - pos += sprintf(buffer + pos, "%s", i > 0 ? "." : ""); - pos += sprintf(buffer + pos, "%d", appid[i]); - } - - char app_id[24] = {0}, app_name[24]={0}; - sprintf(app_id, "app_id_packet%lu", gtest_context->packet_num); - cJSON_AddStringToObject(gtest_context->result,app_id, buffer); - - pos=0; - memset(buffer, 0, sizeof(buffer)); - char const *name; - for (size_t i = 0; i < appid_num; i++) - { - name=get_app_name_by_map(appid[i]); - pos += sprintf(buffer + pos, "%s", i > 0 ? "." : ""); - pos += sprintf(buffer + pos, "%s", name); - } - sprintf(app_name, "app_name_packet%lu", gtest_context->packet_num); - cJSON_AddStringToObject(gtest_context->result, app_name, buffer); - - unsigned char dir_flag; char stream_dir[24]={0}; - sprintf(stream_dir, "STREAM_DIR_PACKET%lu", gtest_context->packet_num); - int is_symmetric=session_is_symmetric(sess, &dir_flag); - if(is_symmetric) - { - cJSON_AddStringToObject(gtest_context->result, stream_dir, "DOUBLE"); - } - else if(dir_flag == SESSION_SEEN_C2S_FLOW) - { - cJSON_AddStringToObject(gtest_context->result, stream_dir, "C2S"); - } - else if(dir_flag == SESSION_SEEN_S2C_FLOW) - { - cJSON_AddStringToObject(gtest_context->result, stream_dir, "S2C"); - } - - if(appid[0]==2240) - { - update_tsgconf_witch_system("maat.1.710.0-20.json", "maat.json"); - //sleep(1); - } - return; -} - -void *gtest_qdpi_detector_context_new(struct session *sess, void *plugin_env) -{ - struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)plugin_env; - if(gtest_qdpi_env == NULL) - { - return NULL; - } - - struct gtest_qdpi_detector_context *context_gtest = ALLOC(struct gtest_qdpi_detector_context, 1); - context_gtest->result = cJSON_CreateObject(); - session_set_exdata(sess, gtest_qdpi_env->exdata_idx, context_gtest); - - cJSON_AddStringToObject(context_gtest->result, "Tuple4", session_get_readable_addr(sess)); - - enum session_type type= session_get_type(sess); - if(type == SESSION_TYPE_TCP) - { - cJSON_AddStringToObject(context_gtest->result, "STREAM_TYPE", "TCP"); - } - if(type == SESSION_TYPE_UDP) - { - cJSON_AddStringToObject(context_gtest->result, "stream_type", "UDP"); - } - return context_gtest; -} - -extern "C" void gtest_qdpi_detector_module_exit(struct module_manager *mod_mgr __unused, struct module *mod) -{ - assert(mod_mgr!=NULL); - assert(mod!=NULL); - - struct gtest_qdpi_detector_module_env *gtest_qdpi_env = (struct gtest_qdpi_detector_module_env *)module_get_ctx(mod); - assert(gtest_qdpi_env!=NULL); - free(gtest_qdpi_env); - update_tsgconf_witch_system("maat.1.720.0-20.json", "maat.json"); - printf("gtest_qdpi_detector_module_exit OK!\n"); - module_free(mod); - return; -} - -extern "C" struct module *gtest_qdpi_detector_module_init(struct module_manager *mod_mgr) -{ - //firewall_maat = create_maat_feather(stellar_get_worker_thread_num(st)); - struct gtest_qdpi_detector_module_env *gtest_qdpi_env = ALLOC(struct gtest_qdpi_detector_module_env, 1); - - struct module *mod=module_new("QDPI_GTEST_MODULE", gtest_qdpi_env); - struct session_manager *sess_mgr=module_to_session_manager(mod); - struct mq_schema *mq_s=module_manager_get_mq_schema(mod_mgr); - if(sess_mgr==NULL || mq_s==NULL) - { - perror("gtest_qdpi_detector_module_init:module_to_session_manager failed !!!\n"); - goto finish; - } - gtest_qdpi_env->mod_mgr=mod_mgr; - - session_manager_subscribe_udp(sess_mgr, gtest_qdpi_detector_on_session_msg, gtest_qdpi_env); - session_manager_subscribe_tcp(sess_mgr, gtest_qdpi_detector_on_session_msg, gtest_qdpi_env); - - gtest_qdpi_env->exdata_idx = session_manager_new_session_exdata_index(sess_mgr, "EXDATA_GTEST_QDPI_EXDATA", gtest_qdpi_stellar_exdata_free, NULL); - if(gtest_qdpi_env->exdata_idx<0) - { - printf("gtest_qdpi_detector_module_init:session_manager_new_session_exdata_index faild!!!\n"); - goto finish; - } - - stellar_appid_subscribe(mod_mgr, gtest_qdpi_detector_plugin_on_session_msg, gtest_qdpi_env); - printf("gtest_qdpi_detector_module_init OK!\n"); - gtest_qdpi_env->expect_json_topic_id = mq_schema_create_topic(module_manager_get_mq_schema(gtest_qdpi_env->mod_mgr), "EXPECT_JSON", NULL, NULL, gtest_qdpi_stellar_msg_free, NULL); - - return mod; - -finish: - gtest_qdpi_detector_module_exit(mod_mgr, mod); - return NULL; -} - diff --git a/vendors/CMakeLists.txt b/vendors/CMakeLists.txt index 4af3155..bf5d731 100644 --- a/vendors/CMakeLists.txt +++ b/vendors/CMakeLists.txt @@ -99,22 +99,6 @@ set_property(TARGET libevent-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/li set_property(TARGET libevent-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) set_property(TARGET libevent-static PROPERTY INTERFACE_LINK_LIBRARIES pthread) -###libqmengine -ExternalProject_Add(tsgengine PREFIX tsgengine - URL ${CMAKE_CURRENT_SOURCE_DIR}/libqmengine-5.7.0-43-LSB-SMP-NG.tar.gz - URL_MD5 335262f6ac0726fee75e4efcb449be24 - CONFIGURE_COMMAND "" - BUILD_COMMAND make - BUILD_IN_SOURCE 1) - -ExternalProject_Get_Property(tsgengine INSTALL_DIR) -file(MAKE_DIRECTORY ${INSTALL_DIR}/include) - -add_library(tsgengine-static STATIC IMPORTED GLOBAL) -add_dependencies(tsgengine-static tsgengine) -set_property(TARGET tsgengine-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib/libqmengine.a.5.7.0-43) -set_property(TARGET tsgengine-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) - ### OpenSSL 1.1.1m ExternalProject_Add(openssl PREFIX openssl URL ${CMAKE_CURRENT_SOURCE_DIR}/openssl-1.1.1m.tar.gz @@ -138,4 +122,22 @@ set_property(TARGET openssl-crypto-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES add_library(openssl-ssl-static STATIC IMPORTED GLOBAL) add_dependencies(openssl-ssl-static openssl) set_property(TARGET openssl-ssl-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib/libssl.a) -set_property(TARGET openssl-ssl-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) \ No newline at end of file +set_property(TARGET openssl-ssl-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) + +###libqmengine +ExternalProject_Add(tsgengine PREFIX tsgengine + URL ${CMAKE_CURRENT_SOURCE_DIR}/libqmengine-5.7.0-43-LSB-SMP-NG.tar.gz + URL_MD5 885142d147d804fb83941151c6ead689 + CONFIGURE_COMMAND "" + BUILD_COMMAND make + BUILD_IN_SOURCE 1) + +ExternalProject_Get_Property(tsgengine INSTALL_DIR) +file(MAKE_DIRECTORY ${INSTALL_DIR}/include) + +add_library(libqmengine-shared SHARED IMPORTED GLOBAL) +add_dependencies(libqmengine-shared tsgengine) +set_property(TARGET libqmengine-shared PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib/libqmengine.so.5) +set_property(TARGET libqmengine-shared PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) +add_custom_target(libqmengine_install ALL COMMAND ${CMAKE_COMMAND} -E copy ${INSTALL_DIR}/lib/libqmengine.so.5 /opt/MESA/lib DEPENDS tsgengine) +add_dependencies(libqmengine-shared libqmengine_install) \ No newline at end of file diff --git a/vendors/libqmengine-5.7.0-43-LSB-SMP-NG.tar.gz b/vendors/libqmengine-5.7.0-43-LSB-SMP-NG.tar.gz index ab3ddc7..7ea8831 100644 Binary files a/vendors/libqmengine-5.7.0-43-LSB-SMP-NG.tar.gz and b/vendors/libqmengine-5.7.0-43-LSB-SMP-NG.tar.gz differ -- cgit v1.2.3