From 5d3ee62d23253218243c9be831ffa084add3ef80 Mon Sep 17 00:00:00 2001 From: luwenpeng Date: Thu, 26 Sep 2024 14:39:21 +0800 Subject: fix compile errors for adapting maat --- .../chaining-policy/src/chaining_policy.cpp | 32 ++++++------ .../business/chaining-policy/src/chaining_policy.h | 2 +- plugin/business/ssl-policy/src/ssl_policy.cpp | 1 - plugin/business/tcp-policy/src/tcp_policy.cpp | 58 ++++++++++++---------- plugin/business/traffic-mirror/src/entry.cpp | 30 ++++++----- 5 files changed, 65 insertions(+), 58 deletions(-) (limited to 'plugin') diff --git a/plugin/business/chaining-policy/src/chaining_policy.cpp b/plugin/business/chaining-policy/src/chaining_policy.cpp index 4edfc92..87d42f2 100644 --- a/plugin/business/chaining-policy/src/chaining_policy.cpp +++ b/plugin/business/chaining-policy/src/chaining_policy.cpp @@ -31,23 +31,21 @@ struct chaining_policy_enforcer static void chaining_param_new_cb(const char *table_name, const char *key, const char *table_line, void **ad, long argl, void *argp) { - cJSON * json_root = NULL; - cJSON * json_subroot = NULL; - cJSON * item = NULL; - size_t user_region_offset = 0; - size_t user_region_len = 0; + cJSON *json_root = NULL; + cJSON *json_subroot = NULL; + cJSON *item = NULL; struct chaining_param *param = NULL; struct chaining_policy_enforcer *enforcer = (struct chaining_policy_enforcer *)argp; - json_root = cJSON_Parse(table_line); + char *json_str = strdup(table_line); + json_root = cJSON_Parse(json_str); if (unlikely(!json_root)) { TFE_LOG_ERROR(enforcer->logger, "Invalid chaining profile: %s", table_line); goto error_out; } - json_subroot = cJSON_GetObjectItem(json_root, "action_parameter"); - if (unlikely(!json_subroot)) + if (unlikely(!json_subroot || !cJSON_IsObject(json_subroot))) { TFE_LOG_ERROR(enforcer->logger, "Invalid chaining rule: %s (invalid action_parameter format) %s.", key, table_line); goto error_out; @@ -80,6 +78,7 @@ static void chaining_param_new_cb(const char *table_name, const char *key, const *ad = param; TFE_LOG_INFO(enforcer->logger, "Add chaining rule: %s", key); cJSON_Delete(json_root); + free(json_str); return; error_out: @@ -88,6 +87,11 @@ error_out: cJSON_Delete(json_root); json_root = NULL; } + if (json_str) + { + free(json_str); + json_str = NULL; + } if (param) { free(param); @@ -97,7 +101,7 @@ error_out: static void chaining_param_free_cb(const char *table_name, void **ad, long argl, void *argp) { - char str_rule_id[UUID_STR_LEN] = {0}; + char str_rule_id[UUID_STRING_SIZE] = {0}; struct chaining_policy_enforcer *enforcer = (struct chaining_policy_enforcer *)argp; struct chaining_param *param = (struct chaining_param *)*ad; if (param == NULL) @@ -116,7 +120,7 @@ static void chaining_param_free_cb(const char *table_name, void **ad, long argl, static void chaining_param_free(struct chaining_param *param) { - chaining_param_free_cb(0, (void **)¶m, 0, NULL); + chaining_param_free_cb(NULL, (void **)¶m, 0, NULL); } static void chaining_param_dup_cb(const char *table_name, void **to, void **from, long argl, void *argp) @@ -167,10 +171,10 @@ void chaining_policy_enforcer_destory(struct chaining_policy_enforcer *enforcer) } } -void chaining_policy_enforce(struct chaining_policy_enforcer *enforcer, struct tfe_cmsg *cmsg, uuid_t rule_id) +void chaining_policy_enforce(struct chaining_policy_enforcer *enforcer, struct tfe_cmsg *cmsg, uuid_t *rule_id) { uint16_t size = 0; - char str_rule_id[UUID_STR_LEN] = {0}; + char str_rule_id[UUID_STRING_SIZE] = {0}; uint8_t enalbe_decrypted_traffic_steering = 0; tfe_cmsg_get_value(cmsg, TFE_CMSG_TCP_DECRYPTED_TRAFFIC_STEERING, (unsigned char *)&enalbe_decrypted_traffic_steering, sizeof(enalbe_decrypted_traffic_steering), &size); @@ -179,8 +183,8 @@ void chaining_policy_enforce(struct chaining_policy_enforcer *enforcer, struct t return; } - uuid_unparse(rule_id, str_rule_id); - struct chaining_param *param = (struct chaining_param *)maat_plugin_table_get_ex_data(enforcer->maat, enforcer->table_name, str_rule_id, UUID_STR_LEN-1); + uuid_unparse(*rule_id, str_rule_id); + struct chaining_param *param = (struct chaining_param *)maat_plugin_table_get_ex_data(enforcer->maat, enforcer->table_name, (const char *)rule_id, sizeof(uuid_t)); if (param == NULL) { TFE_LOG_INFO(enforcer->logger, "Failed to get chaining parameter of policy %s.", str_rule_id); diff --git a/plugin/business/chaining-policy/src/chaining_policy.h b/plugin/business/chaining-policy/src/chaining_policy.h index e7fa485..df8c837 100644 --- a/plugin/business/chaining-policy/src/chaining_policy.h +++ b/plugin/business/chaining-policy/src/chaining_policy.h @@ -5,4 +5,4 @@ struct chaining_policy_enforcer; struct chaining_policy_enforcer *chaining_policy_enforcer_create(void *logger); void chaining_policy_enforcer_destory(struct chaining_policy_enforcer *enforcer); -void chaining_policy_enforce(struct chaining_policy_enforcer *enforcer, struct tfe_cmsg *cmsg, uuid_t rule_id); \ No newline at end of file +void chaining_policy_enforce(struct chaining_policy_enforcer *enforcer, struct tfe_cmsg *cmsg, uuid_t *rule_id); \ No newline at end of file diff --git a/plugin/business/ssl-policy/src/ssl_policy.cpp b/plugin/business/ssl-policy/src/ssl_policy.cpp index 826b03d..6820c28 100644 --- a/plugin/business/ssl-policy/src/ssl_policy.cpp +++ b/plugin/business/ssl-policy/src/ssl_policy.cpp @@ -74,7 +74,6 @@ static void profile_param_free(struct decryption_param *param) static void profile_param_new_cb(const char *table_name, const char *key, const char *table_line, void **ad, long argl, void *argp) { - int ret = 0; cJSON *json = NULL; cJSON *object = NULL; cJSON *exclusions = NULL; diff --git a/plugin/business/tcp-policy/src/tcp_policy.cpp b/plugin/business/tcp-policy/src/tcp_policy.cpp index 26e54a2..4443840 100644 --- a/plugin/business/tcp-policy/src/tcp_policy.cpp +++ b/plugin/business/tcp-policy/src/tcp_policy.cpp @@ -37,7 +37,7 @@ struct tcp_profile_param struct side_conn_param server_side; }; -static int parser_side_conn_param(cJSON * json, struct side_conn_param *out_val, void *logger) +static int parser_side_conn_param(cJSON *json, struct side_conn_param *out_val, void *logger) { cJSON *object = NULL; cJSON *item = NULL; @@ -113,21 +113,21 @@ static int parser_side_conn_param(cJSON * json, struct side_conn_param *out_val, out_val->user_timeout = 0; } } - cJSON_Delete(json); return 0; } static void profile_param_new_cb(const char *table_name, const char *key, const char *table_line, void **ad, long argl, void *argp) { - cJSON * json_root = NULL; - cJSON * json_subroot = NULL; - cJSON * item = NULL; + cJSON *json_root = NULL; + cJSON *json_subroot = NULL; + cJSON *item = NULL; struct tcp_profile_param *param = NULL; struct tcp_policy_enforcer *enforcer = (struct tcp_policy_enforcer *)argp; - json_root = cJSON_Parse(table_line); - if (unlikely(!json_root)) + char *json_str = strdup(table_line); + json_root = cJSON_Parse(json_str); + if (json_root == NULL) { TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option profile: %s", table_line); goto error_out; @@ -139,7 +139,7 @@ static void profile_param_new_cb(const char *table_name, const char *key, const item = cJSON_GetObjectItem(json_root, "tcp_passthrough"); if (unlikely(!item || !cJSON_IsNumber(item))) { - TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: %s invalid tcp_passthrough format.", key); + TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: (invalid tcp_passthrough format) %s", table_line); goto error_out; } param->tcp_passthrough = item->valueint; @@ -147,15 +147,15 @@ static void profile_param_new_cb(const char *table_name, const char *key, const item = cJSON_GetObjectItem(json_root, "bypass_duplicated_packet"); if (unlikely(!item || !cJSON_IsNumber(item))) { - TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: %s invalid bypass_duplicated_packet format.", key); + TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: (invalid bypass_duplicated_packet format) %s", table_line); goto error_out; } param->bypass_duplicated_packet = item->valueint; json_subroot = cJSON_GetObjectItem(json_root, "client_side_conn_param"); - if (unlikely(!json_subroot)) + if (unlikely(!json_subroot || !cJSON_IsObject(json_subroot))) { - TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: %s invalid client_side_conn_param format.", key); + TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: (invalid client_side_conn_param format) %s", table_line); goto error_out; } if (parser_side_conn_param(json_subroot, ¶m->client_side, enforcer->logger) == -1) @@ -164,9 +164,9 @@ static void profile_param_new_cb(const char *table_name, const char *key, const } json_subroot = cJSON_GetObjectItem(json_root, "server_side_conn_param"); - if (unlikely(!json_subroot)) + if (unlikely(!json_subroot || !cJSON_IsObject(json_subroot))) { - TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: %s invalid server_side_conn_param format.", key); + TFE_LOG_ERROR(enforcer->logger, "Invalid tcp option parameter: (invalid server_side_conn_param format) %s", table_line); goto error_out; } if (parser_side_conn_param(json_subroot, ¶m->server_side, enforcer->logger) == -1) @@ -176,18 +176,24 @@ static void profile_param_new_cb(const char *table_name, const char *key, const *ad = param; TFE_LOG_INFO(enforcer->logger, "Add tcp option profile: %s", key); + cJSON_Delete(json_root); + free(json_str); return; error_out: - if (param) - { - free(param); - } if (json_root) { cJSON_Delete(json_root); } + if (json_str) + { + free(json_str); + } + if (param) + { + free(param); + } } static void profile_param_free_cb(const char *table_name, void **ad, long argl, void *argp) @@ -221,7 +227,7 @@ static void profile_param_dup_cb(const char *table_name, void **to, void **from, static void profile_param_free(struct tcp_profile_param *param) { - profile_param_free_cb(0, (void **)¶m, 0, NULL); + profile_param_free_cb(NULL, (void **)¶m, 0, NULL); } struct tcp_policy_enforcer *tcp_policy_enforcer_create(void *logger) @@ -263,22 +269,22 @@ void tcp_policy_enforcer_destory(struct tcp_policy_enforcer *enforcer) int tcp_policy_enforce(struct tcp_policy_enforcer *tcp_enforcer, struct tfe_cmsg *cmsg) { int ret = 0; - int profile_id = 0; + uuid_t profile_uuid; uint16_t size = 0; - char buffer[16] = {0}; + char profile_uuid_str[UUID_STRING_SIZE] = {0}; - ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_TCP_OPTION_PROFILE_ID, (unsigned char *)&profile_id, sizeof(profile_id), &size); + ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_TCP_OPTION_PROFILE_ID, (unsigned char *)&profile_uuid, sizeof(uuid_t), &size); if (ret < 0) { TFE_LOG_ERROR(g_default_logger, "Failed at fetch tcp_option_profile from cmsg: %s", strerror(-ret)); return -1; } - snprintf(buffer, sizeof(buffer), "%d", profile_id); - struct tcp_profile_param *param = (struct tcp_profile_param *)maat_plugin_table_get_ex_data(tcp_enforcer->maat, tcp_enforcer->table_name, buffer, strlen(buffer)); + uuid_unparse(profile_uuid, profile_uuid_str); + struct tcp_profile_param *param = (struct tcp_profile_param *)maat_plugin_table_get_ex_data(tcp_enforcer->maat, tcp_enforcer->table_name, (const char *)&profile_uuid, sizeof(uuid_t)); if (param == NULL) { - TFE_LOG_INFO(tcp_enforcer->logger, "Failed to get tcp option parameter of profile %d.", profile_id); + TFE_LOG_INFO(tcp_enforcer->logger, "Failed to get tcp option parameter of profile %s.", profile_uuid_str); return -1; } @@ -311,10 +317,10 @@ int tcp_policy_enforce(struct tcp_policy_enforcer *tcp_enforcer, struct tfe_cmsg tfe_cmsg_set(cmsg, TFE_CMSG_UPSTREAM_TCP_KEEPINTVL, (unsigned char *)&server_side->keepintvl, sizeof(server_side->keepintvl)); tfe_cmsg_set(cmsg, TFE_CMSG_UPSTREAM_TCP_USER_TIMEOUT, (unsigned char *)&server_side->user_timeout, sizeof(server_side->user_timeout)); - TFE_LOG_INFO(tcp_enforcer->logger, "hit tcp_option_profile %d tcp_passthrough %d " + TFE_LOG_INFO(tcp_enforcer->logger, "hit tcp_option_profile %s tcp_passthrough %d " "client_side={maxseg_enable:%d, maxseg_vaule:%d, nodelay:%d, ttl:%d, keepalive:%d, keepcnt:%d, keepidle:%d, keepintvl:%d, user_timeout:%d} " "server_side={maxseg_enable:%d, maxseg_vaule:%d, nodelay:%d, ttl:%d, keepalive:%d, keepcnt:%d, keepidle:%d, keepintvl:%d, user_timeout:%d} ", - profile_id, param->tcp_passthrough, + profile_uuid_str, param->tcp_passthrough, client_side->maxseg_enable, client_side->maxseg_vaule, client_side->nodelay, client_side->ttl, client_side->keepalive, client_side->keepcnt, client_side->keepidle, client_side->keepintvl, client_side->user_timeout, server_side->maxseg_enable, server_side->maxseg_vaule, server_side->nodelay, server_side->ttl, server_side->keepalive, server_side->keepcnt, server_side->keepidle, server_side->keepintvl, server_side->user_timeout); profile_param_free(param); diff --git a/plugin/business/traffic-mirror/src/entry.cpp b/plugin/business/traffic-mirror/src/entry.cpp index 929e50a..c5ff524 100644 --- a/plugin/business/traffic-mirror/src/entry.cpp +++ b/plugin/business/traffic-mirror/src/entry.cpp @@ -106,7 +106,7 @@ void policy_table_ex_data_new_cb(const char *table_name, const char *key, const char *str_json = NULL; cJSON *json = NULL; cJSON *object = NULL; - cjson *subobj = NULL; + cJSON *subobj = NULL; cJSON *item = NULL; struct policy_table_ex_data *ex_data = NULL; @@ -132,7 +132,7 @@ void policy_table_ex_data_new_cb(const char *table_name, const char *key, const } subobj = cJSON_GetObjectItem(object, "traffic_mirror"); - if (unlikely(!json_subroot)) + if (unlikely(!subobj)) { TFE_LOG_ERROR(instance->logger, "invalid format, traffic_mirror is not defined, %s", table_line); goto error_out; @@ -142,7 +142,7 @@ void policy_table_ex_data_new_cb(const char *table_name, const char *key, const ex_data->atomic_refcnt = 1; ex_data->enable = 0; ex_data->is_profile_set = 0; - uuid_parse(key, ex_data->rule_id); + uuid_parse(key, ex_data->rule_uuid); item = cJSON_GetObjectItem(subobj, "enable"); if (unlikely(!item || !cJSON_IsNumber(item))) @@ -306,24 +306,22 @@ void profile_table_ex_data_new_cb(const char *table_name, const char *key, const TFE_LOG_DEBUG(instance->logger, "Add traffic mirror profile: %s", key); - cJSON_Delete(json_root); + cJSON_Delete(json); free(str_json); return; error_out: - if (ex_data) + if (json) { - profile_table_ex_data_free(ex_data); + cJSON_Delete(json); } - if (str_json) { free(str_json); } - - if (json_root) + if (ex_data) { - cJSON_Delete(json_root); + profile_table_ex_data_free(ex_data); } } @@ -513,13 +511,13 @@ int traffic_mirror_init(struct tfe_proxy * proxy) goto errout; } - result = maat_plugin_table_ex_schema_register(instance->maat_feather, "PXY_INTERCEPT_COMPILE", + result = maat_plugin_table_ex_schema_register(instance->maat_feather, "PXY_INTERCEPT_RULE", policy_table_ex_data_new_cb, policy_table_ex_data_free_cb, policy_table_ex_data_dup_cb, 0, instance); if(result < 0) { - TFE_LOG_ERROR(instance->logger, "failed at maat_plugin_table_ex_schema_register(PXY_INTERCEPT_COMPILE)"); + TFE_LOG_ERROR(instance->logger, "failed at maat_plugin_table_ex_schema_register(PXY_INTERCEPT_RULE)"); goto errout; } @@ -585,7 +583,7 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr } uuid_unparse(rule_uuid, rule_uuid_str); - policy_ex_data = (struct policy_table_ex_data *)maat_plugin_table_get_ex_data(instance->maat_feather, PXY_INTERCEPT_COMPILE, rule_uuid, sizeof(uuid_t)); + policy_ex_data = (struct policy_table_ex_data *)maat_plugin_table_get_ex_data(instance->maat_feather, "PXY_INTERCEPT_RULE", (const char *)&rule_uuid, sizeof(uuid_t)); if (!policy_ex_data || !policy_ex_data->enable) { goto detach; @@ -612,7 +610,7 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr if (policy_ex_data->is_profile_set) { uuid_unparse(policy_ex_data->profile_uuid, profile_uuid_str); - profile_ex_data = (struct profile_table_ex_data *)maat_plugin_table_get_ex_data(instance->maat_feather, TSG_PROFILE_TRAFFIC_MIRROR, policy_ex_data->profile_uuid, sizeof(uuid_t)); + profile_ex_data = (struct profile_table_ex_data *)maat_plugin_table_get_ex_data(instance->maat_feather, "TSG_PROFILE_TRAFFIC_MIRROR", (const char *)&policy_ex_data->profile_uuid, sizeof(uuid_t)); if (!profile_ex_data) { TFE_LOG_ERROR(instance->logger, "failed at getting policy %s's profile, profile id = %s, " @@ -647,8 +645,8 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr rebuild_target = NULL; traffic_mirror_rebuild_handshake(me->rebuild_ctx, thread_id); - TFE_LOG_DEBUG(instance->logger, "hit traffic mirror policy %s, profile %s, vlan %d", - rule_uuid_str, profile_uuid_str, me->rebuild_ctx->target.vlan_tci); + TFE_LOG_DEBUG(instance->logger, "hit traffic mirror policy %s, profile %s", + rule_uuid_str, profile_uuid_str); return ACTION_FORWARD_DATA; detach: -- cgit v1.2.3