diff options
| author | wangmenglan <[email protected]> | 2023-08-28 15:40:12 +0800 |
|---|---|---|
| committer | wangmenglan <[email protected]> | 2023-08-28 18:31:20 +0800 |
| commit | 420e41cda8e0c8bf041992828d22da88ad30adf1 (patch) | |
| tree | f879432169e72d1e2b30843c540c640da3697b39 /common/src/tfe_ctrl_packet.cpp | |
| parent | 9f2bf29f674c8e7b6985a5e3d1b34ce428d8c1a5 (diff) | |
🐞 fix(TSG-16240): 修复Intercept选择http协议时,日志中Intercept Status值为passthroughv4.8.35-20230830
Diffstat (limited to 'common/src/tfe_ctrl_packet.cpp')
| -rw-r--r-- | common/src/tfe_ctrl_packet.cpp | 252 |
1 files changed, 156 insertions, 96 deletions
diff --git a/common/src/tfe_ctrl_packet.cpp b/common/src/tfe_ctrl_packet.cpp index fc2d40d..3017635 100644 --- a/common/src/tfe_ctrl_packet.cpp +++ b/common/src/tfe_ctrl_packet.cpp @@ -23,7 +23,12 @@ enum ctr_pkt_index }; enum { - MPACK_ARRAY_INIT, + CMSG_MODE, + ARRAY_MODE, + VARIABLE_MODE, +}; + +enum { MPACK_ARRAY_FQDN_IDS, MPACK_ARRAY_SEQ_SIDS, MPACK_ARRAY_ACK_SIDS, @@ -31,54 +36,62 @@ enum { MPACK_ARRAY_ACK_ROUTE_CTX, MPACK_ARRAY_SEQ_PKG_HEADER, MPACK_ARRAY_ACK_PKG_HEADER, + + MPACK_ARRAY_MAX, +}; + +enum { + MPACK_VAR_FLAG, + + MPACK_VAR_MAX, }; struct mpack_mmap_id2type { int id; - enum tfe_cmsg_tlv_type type; + int mode; + int type; const char *str_name; int size; - int array_index; }mpack_table[] = { - {.id = 0, .type = TFE_CMSG_TCP_RESTORE_SEQ, .str_name = "TFE_CMSG_TCP_RESTORE_SEQ", .size = 4, .array_index = MPACK_ARRAY_INIT}, - {.id = 1, .type = TFE_CMSG_TCP_RESTORE_ACK, .str_name = "TFE_CMSG_TCP_RESTORE_ACK", .size = 4, .array_index = MPACK_ARRAY_INIT}, - {.id = 2, .type = TFE_CMSG_TCP_RESTORE_MSS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_CLIENT", .size = 2, .array_index = MPACK_ARRAY_INIT}, - {.id = 3, .type = TFE_CMSG_TCP_RESTORE_MSS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_SERVER", .size = 2, .array_index = MPACK_ARRAY_INIT}, - {.id = 4, .type = TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 5, .type = TFE_CMSG_TCP_RESTORE_WSACLE_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_SERVER", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 6, .type = TFE_CMSG_TCP_RESTORE_SACK_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_CLIENT", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 7, .type = TFE_CMSG_TCP_RESTORE_SACK_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_SERVER", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 8, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 9, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 10, .type = TFE_CMSG_TCP_RESTORE_PROTOCOL, .str_name = "TFE_CMSG_TCP_RESTORE_PROTOCOL", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 11, .type = TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT", .size = 2, .array_index = MPACK_ARRAY_INIT}, - {.id = 12, .type = TFE_CMSG_TCP_RESTORE_WINDOW_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_SERVER", .size = 2, .array_index = MPACK_ARRAY_INIT}, - {.id = 13, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL", .size = 4, .array_index = MPACK_ARRAY_INIT}, - {.id = 14, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL", .size = 4, .array_index = MPACK_ARRAY_INIT}, - {.id = 15, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1, .array_index = MPACK_ARRAY_INIT}, - {.id = 16, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256, .array_index = MPACK_ARRAY_INIT}, - {.id = 17, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256, .array_index = MPACK_ARRAY_INIT}, - {.id = 18, .type = TFE_CMSG_SRC_ASN, .str_name = "TFE_CMSG_SRC_ASN", .size = 64, .array_index = MPACK_ARRAY_INIT}, - {.id = 19, .type = TFE_CMSG_DST_ASN, .str_name = "TFE_CMSG_DST_ASN", .size = 64, .array_index = MPACK_ARRAY_INIT}, - {.id = 20, .type = TFE_CMSG_SRC_ORGANIZATION, .str_name = "TFE_CMSG_SRC_ORGANIZATION", .size = 256, .array_index = MPACK_ARRAY_INIT}, - {.id = 21, .type = TFE_CMSG_DST_ORGANIZATION, .str_name = "TFE_CMSG_DST_ORGANIZATION", .size = 256, .array_index = MPACK_ARRAY_INIT}, - {.id = 22, .type = TFE_CMSG_SRC_IP_LOCATION, .str_name = "TFE_CMSG_SRC_IP_LOCATION", .size = 1024, .array_index = MPACK_ARRAY_INIT}, - {.id = 23, .type = TFE_CMSG_DST_IP_LOCATION, .str_name = "TFE_CMSG_DST_IP_LOCATION", .size = 1024, .array_index = MPACK_ARRAY_INIT}, - {.id = 24, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32, .array_index = MPACK_ARRAY_INIT}, - {.id = 25, .type = TFE_CMSG_FQDN_CAT_ID_VAL, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4, .array_index = MPACK_ARRAY_FQDN_IDS}, - {.id = 26, .type = TFE_CMSG_TLV_NR_MAX, .str_name = "TFE_SEQ_SIDS", .size = 2, .array_index = MPACK_ARRAY_SEQ_SIDS}, - {.id = 27, .type = TFE_CMSG_TLV_NR_MAX, .str_name = "TFE_ACK_SIDS", .size = 2, .array_index = MPACK_ARRAY_ACK_SIDS}, - {.id = 28, .type = TFE_CMSG_TLV_NR_MAX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1, .array_index = MPACK_ARRAY_SEQ_ROUTE_CTX}, - {.id = 29, .type = TFE_CMSG_TLV_NR_MAX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1, .array_index = MPACK_ARRAY_ACK_ROUTE_CTX}, - {.id = 30, .type = TFE_CMSG_TLV_NR_MAX, .str_name = "TFE_SEQ_PKG_HEADER", .size = 1, .array_index = MPACK_ARRAY_SEQ_PKG_HEADER}, - {.id = 31, .type = TFE_CMSG_TLV_NR_MAX, .str_name = "TFE_ACK_PKG_HEADER", .size = 1, .array_index = MPACK_ARRAY_ACK_PKG_HEADER}, - {.id = 32, .type = TFE_CMSG_TLV_NR_MAX, .str_name = "TFE_FLAG", .size = 1, .array_index = MPACK_ARRAY_INIT} + {.id = 0, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_SEQ, .str_name = "TFE_CMSG_TCP_RESTORE_SEQ", .size = 4}, + {.id = 1, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_ACK, .str_name = "TFE_CMSG_TCP_RESTORE_ACK", .size = 4}, + {.id = 2, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_MSS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_CLIENT", .size = 2}, + {.id = 3, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_MSS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_SERVER", .size = 2}, + {.id = 4, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT", .size = 1}, + {.id = 5, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WSACLE_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_SERVER", .size = 1}, + {.id = 6, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_SACK_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_CLIENT", .size = 1}, + {.id = 7, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_SACK_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_SERVER", .size = 1}, + {.id = 8, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT", .size = 1}, + {.id = 9, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER", .size = 1}, + {.id = 10, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_PROTOCOL, .str_name = "TFE_CMSG_TCP_RESTORE_PROTOCOL", .size = 1}, + {.id = 11, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT", .size = 2}, + {.id = 12, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WINDOW_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_SERVER", .size = 2}, + {.id = 13, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL", .size = 4}, + {.id = 14, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL", .size = 4}, + {.id = 15, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1}, + {.id = 16, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256}, + {.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256}, + {.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN, .str_name = "TFE_CMSG_SRC_ASN", .size = 64}, + {.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN, .str_name = "TFE_CMSG_DST_ASN", .size = 64}, + {.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ORGANIZATION, .str_name = "TFE_CMSG_SRC_ORGANIZATION", .size = 256}, + {.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ORGANIZATION, .str_name = "TFE_CMSG_DST_ORGANIZATION", .size = 256}, + {.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IP_LOCATION, .str_name = "TFE_CMSG_SRC_IP_LOCATION", .size = 1024}, + {.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_IP_LOCATION, .str_name = "TFE_CMSG_DST_IP_LOCATION", .size = 1024}, + {.id = 24, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32}, + {.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_FQDN_IDS, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4}, + {.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2}, + {.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2}, + {.id = 28, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_ROUTE_CTX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1}, + {.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_ROUTE_CTX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1}, + {.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_PKG_HEADER, .str_name = "TFE_SEQ_PKG_HEADER", .size = 1}, + {.id = 31, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_PKG_HEADER, .str_name = "TFE_ACK_PKG_HEADER", .size = 1}, + {.id = 32, .mode = VARIABLE_MODE, .type = MPACK_VAR_FLAG, .str_name = "TFE_FLAG", .size = 1} }; extern void * g_packet_io_logger; -static int fqdn_id_set_cmsg(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index) +static int fqdn_id_set_cmsg(struct ctrl_pkt_parser *handler, mpack_node_t node) { char empty_str[4] = {0}; uint32_t fqdn_val[8] = {0}; @@ -97,7 +110,7 @@ static int fqdn_id_set_cmsg(struct ctrl_pkt_parser *handler, mpack_node_t node, return 0; } -static int sids_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index, int is_seq) +static int sids_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int is_seq) { struct sids *sid = is_seq ? &handler->seq_sids : &handler->ack_sids; if (mpack_node_array_length(node) > MR_SID_LIST_MAXLEN) { @@ -112,7 +125,7 @@ static int sids_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t return 0; } -static int route_ctx_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index, int is_seq) +static int route_ctx_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int is_seq) { struct route_ctx *ctx = is_seq ? &handler->seq_route_ctx : &handler->ack_route_ctx; size_t len = mpack_node_bin_size(node); @@ -126,7 +139,7 @@ static int route_ctx_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t n return 0; } -static int pkt_header_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index, int is_seq) +static int pkt_header_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int is_seq) { char **header = is_seq ? &handler->seq_header : &handler->ack_header; int *header_len = is_seq ? &handler->seq_len : &handler->ack_len; @@ -145,12 +158,103 @@ static int pkt_header_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t return 0; } -static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger) +static void mpack_parse_uint(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index) { - int ret = 0; uint64_t value = 0; - char empty_str[4] = {0}; + int mode = mpack_table[table_index].mode; + + switch(mode) { + case CMSG_MODE: + value = mpack_node_u64(node); + tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[table_index].type, (const unsigned char *)&value, mpack_table[table_index].size); + break; + case VARIABLE_MODE: + if (mpack_table[table_index].type == MPACK_VAR_FLAG) { + handler->intercpet_data = mpack_node_u8(node); + } + break; + } + return; +} + +static void mpack_parse_str(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index) +{ char cmsg_str[1024] = {0}; + int mode = mpack_table[table_index].mode; + + switch(mode) { + case CMSG_MODE: + mpack_node_copy_cstr(node, cmsg_str, sizeof(cmsg_str)); + tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[table_index].type, (const unsigned char *)cmsg_str, mpack_node_strlen(node)); + break; + } + return; +} + +static void mpack_parse_nil(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index) +{ + char empty_str[4] = {0}; + int mode = mpack_table[table_index].mode; + + switch(mode) { + case CMSG_MODE: + tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[table_index].type, (const unsigned char *)empty_str, 0); + break; + } + return; +} + +static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index) +{ + int ret = 0; + int mode = mpack_table[table_index].mode; + + if (mode != ARRAY_MODE) + return -1; + + switch(mpack_table[table_index].type) { + case MPACK_ARRAY_SEQ_ROUTE_CTX: + ret = route_ctx_parse_mpack(handler, node, 1); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_ACK_ROUTE_CTX: + ret = route_ctx_parse_mpack(handler, node, 0); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_SEQ_PKG_HEADER: + ret = pkt_header_parse_mpack(handler, node, 1); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_ACK_PKG_HEADER: + ret = pkt_header_parse_mpack(handler, node, 0); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_FQDN_IDS: + fqdn_id_set_cmsg(handler, node); + break; + case MPACK_ARRAY_SEQ_SIDS: + ret = sids_array_parse_mpack(handler, node, 1); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_ACK_SIDS: + ret = sids_array_parse_mpack(handler, node, 0); + if (ret != 0) + return -1; + break; + default: + break; + } + return 0; +} + +static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger) +{ + int ret = 0; struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx; if (mpack_node_is_nil(mpack_node_map_cstr(node, "rule_ids"))) @@ -174,67 +278,23 @@ static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger) switch (mpack_node_type(ptr)) { case mpack_type_uint: - if (i == 32) { - handler->intercpet_data = mpack_node_u8(ptr); - } - else { - value = mpack_node_u64(ptr); - tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)&value, mpack_table[i].size); - } + mpack_parse_uint(handler, ptr, i); break; case mpack_type_str: - mpack_node_copy_cstr(ptr, cmsg_str, sizeof(cmsg_str)); - tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)cmsg_str, mpack_node_strlen(ptr)); + mpack_parse_str(handler, ptr, i); break; case mpack_type_nil: - tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)empty_str, 0); + mpack_parse_nil(handler, ptr, i); break; case mpack_type_bin: - switch(mpack_table[i].array_index) - { - case MPACK_ARRAY_SEQ_ROUTE_CTX: - ret = route_ctx_parse_mpack(handler, ptr, i, 1); - if (ret != 0) - return -1; - break; - case MPACK_ARRAY_ACK_ROUTE_CTX: - ret = route_ctx_parse_mpack(handler, ptr, i, 0); - if (ret != 0) - return -1; - break; - case MPACK_ARRAY_SEQ_PKG_HEADER: - ret = pkt_header_parse_mpack(handler, ptr, i, 1); - if (ret != 0) - return -1; - break; - case MPACK_ARRAY_ACK_PKG_HEADER: - ret = pkt_header_parse_mpack(handler, ptr, i, 0); - if (ret != 0) - return -1; - break; - default: - break; - } + ret = mpack_parse_array(handler, ptr, i); + if (ret != 0) + return -1; break; case mpack_type_array: - switch(mpack_table[i].array_index) - { - case MPACK_ARRAY_FQDN_IDS: - fqdn_id_set_cmsg(handler, ptr, i); - break; - case MPACK_ARRAY_SEQ_SIDS: - ret = sids_array_parse_mpack(handler, ptr, i, 1); - if (ret != 0) - return -1; - break; - case MPACK_ARRAY_ACK_SIDS: - ret = sids_array_parse_mpack(handler, ptr, i, 0); - if (ret != 0) - return -1; - break; - default: - break; - } + ret = mpack_parse_array(handler, ptr, i); + if (ret != 0) + return -1; break; default: break; |