diff options
| -rw-r--r-- | common/src/tfe_scan.cpp | 37 | ||||
| -rw-r--r-- | plugin/business/tsg-http/src/tsg_http.cpp | 8 |
2 files changed, 18 insertions, 27 deletions
diff --git a/common/src/tfe_scan.cpp b/common/src/tfe_scan.cpp index 158b41d..0fcc03f 100644 --- a/common/src/tfe_scan.cpp +++ b/common/src/tfe_scan.cpp @@ -119,7 +119,7 @@ int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, uui return hit_cnt_group; } -int tfe_get_entry_tags(const struct tfe_stream * stream, enum tfe_cmsg_tlv_type tlv_type, uuid_t *opt_val, char **tag_id_array) +int tfe_get_entry_tags(const struct tfe_stream * stream, enum tfe_cmsg_tlv_type tlv_type, uuid_t *opt_val) { int n_tag_ids = 0; uint16_t opt_out_size = 0; @@ -134,21 +134,20 @@ int tfe_get_entry_tags(const struct tfe_stream * stream, enum tfe_cmsg_tlv_type if(ret == 0 && opt_out_size > 0) { n_tag_ids = opt_out_size/(int)sizeof(uuid_t); - for (int i=0; i<n_tag_ids; i++) - { - uuid_unparse(opt_val[i],tag_id_array[i]); - } } return n_tag_ids; } -void tfe_tags_log(char **tag_id_array, int n_tag_ids, const char *log_key, void *logger) +void tfe_tags_log(uuid_t *opt_val, int n_tag_ids, const char *log_key, void *logger) { + char tag_uuid_str[UUID_STRING_SIZE] = {0}; char *tag_uuids_for_log = ALLOC(char, n_tag_ids*UUID_STRING_SIZE); for(int i = 0; i < n_tag_ids; i++) { - strcat(tag_uuids_for_log, tag_id_array[i]); + memset(tag_uuid_str, 0, UUID_STRING_SIZE); + uuid_unparse(opt_val[i],tag_uuid_str); + strcat(tag_uuids_for_log, tag_uuid_str); if (i < n_tag_ids - 1) { strcat(tag_uuids_for_log, ","); @@ -161,9 +160,9 @@ void tfe_tags_log(char **tag_id_array, int n_tag_ids, const char *log_key, void int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe_cmsg_tlv_type tlv_type, const char *tag_key) { uuid_t opt_val[128]={0}; - char tag_id_array[128][UUID_STRING_SIZE]; + char tag_uuid_str[UUID_STRING_SIZE] = {0}; - int n_tag_ids = tfe_get_entry_tags(stream, tlv_type, opt_val, (char **)tag_id_array); + int n_tag_ids = tfe_get_entry_tags(stream, tlv_type, opt_val); if(n_tag_ids == 0) { return 0; @@ -173,7 +172,9 @@ int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe cJSON *tags_array = cJSON_CreateArray(); for(int i = 0; i < n_tag_ids; i++) { - struct library_tag_ctx *library_tag =(struct library_tag_ctx *)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), "LIBRARY_TAG", (const char *)tag_id_array[i], strlen(tag_id_array[i])); + memset(tag_uuid_str, 0, UUID_STRING_SIZE); + uuid_unparse(opt_val[i],tag_uuid_str); + struct library_tag_ctx *library_tag =(struct library_tag_ctx *)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), "LIBRARY_TAG", (const char *)tag_uuid_str, strlen(tag_uuid_str)); if(library_tag != NULL) { if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_SRC_IP_TAGS_IDS_ARR && atol(library_tag->tag_value) > 0) @@ -211,18 +212,17 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, uuid_t *result, struct maa { size_t n_hit_result = 0; struct maat_hit_object objects; - char tag_id_array[128][UUID_STRING_SIZE]; char result_str[UUID_STRING_SIZE]={0}; int scan_ret = 0, hit_cnt_ip = 0, n_tag_ids = 0; uuid_t opt_val[128]={0}; - n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_IP_TAGS_IDS_ARR, opt_val, (char **)tag_id_array); + n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_IP_TAGS_IDS_ARR, opt_val); if(n_tag_ids == 0) { TFE_LOG_DEBUG(logger, "fetch src ip tags: NULL"); return hit_cnt_ip; } - tfe_tags_log((char **)tag_id_array, n_tag_ids, "src ip", logger); + tfe_tags_log(opt_val, n_tag_ids, "src ip", logger); for (int i = 0; i < n_tag_ids; i++) { @@ -249,15 +249,13 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, uuid_t *result, struct maa } memset(opt_val, 0, sizeof(opt_val)); - memset(tag_id_array, 0, sizeof(tag_id_array)); - - n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_IP_TAGS_IDS_ARR, opt_val, (char **)tag_id_array); + n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_IP_TAGS_IDS_ARR, opt_val); if(n_tag_ids == 0) { TFE_LOG_DEBUG(logger, "fetch dst ip tags: NULL"); return hit_cnt_ip; } - tfe_tags_log((char **)tag_id_array, n_tag_ids, "dst ip", logger); + tfe_tags_log(opt_val, n_tag_ids, "dst ip", logger); for (int i = 0; i < n_tag_ids; i++) { @@ -289,16 +287,15 @@ int tfe_scan_fqdn_tags(const struct tfe_stream *stream, uuid_t *result, struct m { uuid_t opt_val[128]={0}; struct maat_hit_object objects; - char tag_id_array[128][UUID_STRING_SIZE]; int scan_ret = 0, hit_cnt_fqdn = 0, n_tag_ids = 0; - n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_IDS_ARR, opt_val, (char **)tag_id_array); + n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_IDS_ARR, opt_val); if(n_tag_ids == 0) { TFE_LOG_DEBUG(logger, "fetch fqdn tags: NULL"); return hit_cnt_fqdn; } - tfe_tags_log((char **)tag_id_array, n_tag_ids, "fqdn", logger); + tfe_tags_log(opt_val, n_tag_ids, "fqdn", logger); for (int i = 0; i < n_tag_ids; i++) { diff --git a/plugin/business/tsg-http/src/tsg_http.cpp b/plugin/business/tsg-http/src/tsg_http.cpp index 989889c..073140c 100644 --- a/plugin/business/tsg-http/src/tsg_http.cpp +++ b/plugin/business/tsg-http/src/tsg_http.cpp @@ -250,7 +250,6 @@ void trusted_CA_update_cert_cb(const char *table_name, const char *table_line, e } char *uuid_sring=NULL; - int is_valid=0; char cert_name[128]={0}, cert_file[1024]={0}; cJSON *uuid = cJSON_GetObjectItem(trust_ca_cert, "uuid"); @@ -268,13 +267,8 @@ void trusted_CA_update_cert_cb(const char *table_name, const char *table_line, e { memcpy(cert_file, item->valuestring, strlen(item->valuestring)); } - item = cJSON_GetObjectItem(trust_ca_cert, "is_valid"); - if(item && item->type==cJSON_Number) - { - is_valid=item->valueint; - } - if(is_valid==1) + if(op==MAAT_OP_ADD) { ret=tfe_proxy_ssl_add_trust_ca(cert_file); if(ret<0) |