diff options
| author | 杨玉波 <[email protected]> | 2023-05-10 07:35:03 +0000 |
|---|---|---|
| committer | liuxueli <[email protected]> | 2023-05-10 15:43:03 +0800 |
| commit | ee0f57d6d3e74713b120d735251501bd7c690e48 (patch) | |
| tree | 4cf80bc504abe960271f35ffe357bd11de8df4f6 | |
| parent | c5e959492d627e5fcfe3cf5264b0e4e53e63f77a (diff) | |
TSG-14928: 接收通知的ssl_intercept_info信息,填充到Proxy_intercept_event日志中发送; 接收SCE/SHAPER通知的日志信息v6.0.9
| -rw-r--r-- | bin/tsg_log_field.conf | 11 | ||||
| -rw-r--r-- | inc/tsg_send_log.h | 3 | ||||
| -rw-r--r-- | src/tsg_bridge.cpp | 107 | ||||
| -rw-r--r-- | src/tsg_bridge.h | 30 | ||||
| -rw-r--r-- | src/tsg_entry.cpp | 36 | ||||
| -rw-r--r-- | src/tsg_proxy.cpp | 8 | ||||
| -rw-r--r-- | src/tsg_send_log.cpp | 110 | ||||
| -rw-r--r-- | src/tsg_send_log_internal.h | 11 | ||||
| -rw-r--r-- | src/tsg_sync_state.cpp | 371 | ||||
| -rw-r--r-- | src/tsg_sync_state.h | 93 | ||||
| -rw-r--r-- | test/src/gtest_common.cpp | 2 | ||||
| -rw-r--r-- | test/src/gtest_kafka.cpp | 33 | ||||
| -rw-r--r-- | test/src/gtest_master.cpp | 208 | ||||
| -rw-r--r-- | test/src/gtest_sendlog.cpp | 268 | ||||
| -rw-r--r-- | test/src/gtest_sync_state.cpp | 692 |
15 files changed, 1665 insertions, 318 deletions
diff --git a/bin/tsg_log_field.conf b/bin/tsg_log_field.conf index 0712221..7474e1f 100644 --- a/bin/tsg_log_field.conf +++ b/bin/tsg_log_field.conf @@ -125,3 +125,14 @@ STRING common_app_full_path 111 LONG common_flags 112 LONG common_shaping_rule_ids 113 LONG common_flags_identify_info 114 +LONG ssl_pinningst 115 +LONG ssl_cert_verify 116 +LONG ssl_intercept_state 117 +LONG ssl_server_side_latency 118 +LONG ssl_client_side_latency 119 +STRING ssl_server_side_version 120 +STRING ssl_client_side_version 121 +STRING ssl_error 122 +STRING ssl_passthrough_reason 123 +LONG sce_profile_ids 124 +LONG shaping_profile_ids 125
\ No newline at end of file diff --git a/inc/tsg_send_log.h b/inc/tsg_send_log.h index a38c08e..5ba273a 100644 --- a/inc/tsg_send_log.h +++ b/inc/tsg_send_log.h @@ -28,7 +28,8 @@ enum LOG_TYPE LOG_TYPE_INTERIM_SESSION_RECORD, LOG_TYPE_TRANSACTION_RECORD, LOG_TYPE_GTPC_RECORD, - LOG_TYPE_BGP_RECORD + LOG_TYPE_BGP_RECORD, + LOG_TYPE_INTERCEPT_ENEVT }; struct TLD_handle_t; diff --git a/src/tsg_bridge.cpp b/src/tsg_bridge.cpp index c2d2058..1c018bd 100644 --- a/src/tsg_bridge.cpp +++ b/src/tsg_bridge.cpp @@ -26,6 +26,66 @@ struct bridge_info struct bridge_info g_tm_bridge_para[BRIDGE_TYPE_MAX]; +void session_sce_log_update_free(const struct streaminfo *a_stream, int bridge_id, void *data) +{ + if (data != NULL) + { + dictator_free(a_stream->threadnum, data); + data = NULL; + } + + return; +} + +void session_shaper_log_update_free(const struct streaminfo *a_stream, int bridge_id, void *data) +{ + if (data != NULL) + { + dictator_free(a_stream->threadnum, data); + data = NULL; + } + + return; +} + +void session_proxy_log_update_free(const struct streaminfo *a_stream, int bridge_id, void *data) +{ + struct proxy_log_update *proxy = (struct proxy_log_update *)data; + if (proxy != NULL) + { + + if (proxy->ssl_downstream_version != NULL) + { + dictator_free(a_stream->threadnum, (void *)proxy->ssl_downstream_version); + proxy->ssl_downstream_version = NULL; + } + + if (proxy->ssl_error != NULL) + { + dictator_free(a_stream->threadnum, (void *)proxy->ssl_error); + proxy->ssl_error = NULL; + } + + if (proxy->ssl_passthrough_reason != NULL) + { + dictator_free(a_stream->threadnum, (void *)proxy->ssl_passthrough_reason); + proxy->ssl_passthrough_reason = NULL; + } + + if (proxy->ssl_upstream_version != NULL) + { + dictator_free(a_stream->threadnum, (void *)proxy->ssl_upstream_version); + proxy->ssl_upstream_version = NULL; + } + + dictator_free(a_stream->threadnum, (void *)proxy); + proxy = NULL; + } + + data = NULL; + return; +} + void session_runtime_process_context_free(const struct streaminfo *a_stream, int bridge_id, void *data) { struct session_runtime_process_context *srt_process_context=(struct session_runtime_process_context *)data; @@ -222,7 +282,7 @@ int srt_attribute_set_establish_latecy(const struct streaminfo *a_stream) { return 0; } - + struct session_runtime_attribute *srt_attribute=(struct session_runtime_attribute *)session_runtime_attribute_new(a_stream); if(srt_attribute) { @@ -935,6 +995,42 @@ void *session_lua_user_defined_attribute_get(const struct streaminfo *a_stream) return session_async_bridge_get_data(a_stream, g_tm_bridge_para[BRIDGE_TYPE_APP_LUA_RESULT].id); } +void *session_log_update_data_get(const struct streaminfo *a_stream, enum TSG_SERVICE service) +{ + switch (service) + { + case TSG_SERVICE_INTERCEPT: + return stream_bridge_async_data_get(a_stream, g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_PROXY].id); + + case TSG_SERVICE_CHAINING: + return stream_bridge_async_data_get(a_stream, g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SCE].id); + + case TSG_SERVICE_SHAPING: + return stream_bridge_async_data_get(a_stream, g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SHAPER].id); + + default: + return NULL; + } +} + +int session_log_update_data_put(const struct streaminfo *a_stream, enum TSG_SERVICE service, void *data) +{ + switch (service) + { + case TSG_SERVICE_INTERCEPT: + return stream_bridge_async_data_put(a_stream, g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_PROXY].id, data); + + case TSG_SERVICE_CHAINING: + return stream_bridge_async_data_put(a_stream, g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SCE].id, data); + + case TSG_SERVICE_SHAPING: + return stream_bridge_async_data_put(a_stream, g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SHAPER].id, data); + + default: + return 0; + } +} + int tsg_bridge_init(const char *conffile) { MESA_load_profile_string_def(conffile, "BRIDGE", "APP_IDENTIFY_RESULT_BRIDGE", g_tm_bridge_para[BRIDGE_TYPE_SYNC_APP_IDENTIFY_RESULT].name, MAX_BRIDGE_NAME_LEN, "APP_IDENTIFY_RESULT_BRIDGE"); @@ -984,6 +1080,15 @@ int tsg_bridge_init(const char *conffile) MESA_load_profile_string_def(conffile, "BRIDGE", "SEGMENT_IDS_BRIDGE_NAME",g_tm_bridge_para[BRIDGE_TYPE_SEGMENT_IDS].name, MAX_BRIDGE_NAME_LEN, "SEGMENT_IDS"); g_tm_bridge_para[BRIDGE_TYPE_SEGMENT_IDS].free_cb=session_segment_id_free; + MESA_load_profile_string_def(conffile, "BRIDGE", "SCE_LOG_UPDATE_BRIDGE_NAME", g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SCE].name, MAX_BRIDGE_NAME_LEN, "SCE_LOG_UPDATE"); + g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SCE].free_cb = session_sce_log_update_free; + + MESA_load_profile_string_def(conffile, "BRIDGE", "SHAPER_LOG_UPDATE_BRIDGE_NAME", g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SHAPER].name, MAX_BRIDGE_NAME_LEN, "SHAPER_LOG_UPDATE"); + g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_SHAPER].free_cb = session_shaper_log_update_free; + + MESA_load_profile_string_def(conffile, "BRIDGE", "PROXY_LOG_UPDATE_BRIDGE_NAME", g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_PROXY].name, MAX_BRIDGE_NAME_LEN, "PROXY_LOG_UPDATE"); + g_tm_bridge_para[BRIDGE_TYPE_LOG_UPDATE_PROXY].free_cb = session_proxy_log_update_free; + for(int i=0; i<BRIDGE_TYPE_MAX; i++) { g_tm_bridge_para[i].id=stream_bridge_build(g_tm_bridge_para[i].name, "w"); diff --git a/src/tsg_bridge.h b/src/tsg_bridge.h index 62a062e..be5862d 100644 --- a/src/tsg_bridge.h +++ b/src/tsg_bridge.h @@ -13,18 +13,18 @@ enum BRIDGE_TYPE { - BRIDGE_TYPE_SEND_CONN_SKETCH_DATA=0, + BRIDGE_TYPE_SEND_CONN_SKETCH_DATA = 0, BRIDGE_TYPE_RECV_CONN_SKETCH_DATA, BRIDGE_TYPE_SYNC_APP_IDENTIFY_RESULT, BRIDGE_TYPE_SYNC_SESSION_FLAGS, - BRIDGE_TYPE_SHAPING_RESULT, //sync and async - BRIDGE_TYPE_SESSION_PROCESS_CONTEXT, //async - BRIDGE_TYPE_SESSION_ACTION_CONTEXT, //async - BRIDGE_TYPE_GATHER_APP_RESULT, //async - BRIDGE_TYPE_SERVICE_CHAINING_RESULT, //async - BRIDGE_TYPE_SECURITY_RESULT, //async - BRIDGE_TYPE_SESSION_ATTRIBUTE, //async - BRIDGE_TYPE_MAC_LINKINFO, //async + BRIDGE_TYPE_SHAPING_RESULT, // sync and async + BRIDGE_TYPE_SESSION_PROCESS_CONTEXT, // async + BRIDGE_TYPE_SESSION_ACTION_CONTEXT, // async + BRIDGE_TYPE_GATHER_APP_RESULT, // async + BRIDGE_TYPE_SERVICE_CHAINING_RESULT, // async + BRIDGE_TYPE_SECURITY_RESULT, // async + BRIDGE_TYPE_SESSION_ATTRIBUTE, // async + BRIDGE_TYPE_MAC_LINKINFO, // async BRIDGE_TYPE_NAT_C2S_LINKINFO, BRIDGE_TYPE_NAT_S2C_LINKINFO, BRIDGE_TYPE_APP_LUA_RESULT, @@ -33,8 +33,12 @@ enum BRIDGE_TYPE BRIDGE_TYPE_POLICY_ACTION_PARA_EXEC_RESULT, BRIDGE_TYPE_ASYNC_SESSION_FLAGS, BRIDGE_TYPE_APP_SIGNATURE_RESULT, - BRIDGE_TYPE_INTERCEPT_RESULT, //sync and async - BRIDGE_TYPE_SEGMENT_IDS, //async service_chaining or shping SID + BRIDGE_TYPE_INTERCEPT_RESULT, // sync and async + BRIDGE_TYPE_SEGMENT_IDS, // async service_chaining or shping SID + BRIDGE_TYPE_LOG_UPDATE_SCE, + BRIDGE_TYPE_LOG_UPDATE_SHAPER, + BRIDGE_TYPE_LOG_UPDATE_PROXY, + BRIDGE_TYPE_MAX }; @@ -139,6 +143,10 @@ struct session_runtime_attribute // init int tsg_bridge_init(const char *conffile); +// tsg_parse_log_update +void *session_log_update_data_get(const struct streaminfo *a_stream, enum TSG_SERVICE service); +int session_log_update_data_put(const struct streaminfo *a_stream, enum TSG_SERVICE service, void *data); + //send log void *session_mac_linkinfo_get(const struct streaminfo * a_stream); void *session_conn_sketch_notify_data_get(const struct streaminfo * a_stream); diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index 1ebbeb6..fd544e8 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -735,6 +735,30 @@ int session_app_gather_results_update_matched_app_id(const struct streaminfo *a_ return 1; } +int session_state_control_packet(const struct streaminfo *a_stream, void *payload, unsigned int payload_len) +{ + if(payload==NULL || payload_len==0) + { + return 0; + } + + int is_ctrl_pkt=0; + const void *raw_pkt = get_rawpkt_from_streaminfo(a_stream); + int ret=get_opt_from_rawpkt(raw_pkt, RAW_PKT_GET_IS_CTRL_PKT, (void *)&is_ctrl_pkt); + if(ret<0 || is_ctrl_pkt==0) + { + return 0; + } + + ret=tsg_parse_log_update_payload(a_stream, (const void *)payload, payload_len); + if(ret>=0) + { + return 1; + } + + return 0; +} + int session_state_sync_in_opening_and_closing(const struct streaminfo *a_stream, unsigned char state) { struct segment_id_list sid_list={0}; @@ -2060,6 +2084,12 @@ extern "C" unsigned char TSG_MASTER_UDP_ENTRY(const struct streaminfo *a_udp, vo unsigned char state2=APP_STATE_GIVEME; struct udp_session_runtime_context *udp_srt_context=(struct udp_session_runtime_context *)(*pme); + int is_ctrl_pkt=session_state_control_packet(a_udp, a_udp->pudpdetail->pdata, a_udp->pudpdetail->datalen); + if(is_ctrl_pkt==1) + { + return APP_STATE_DROPPKT; + } + if(*pme==NULL) { unsigned short tunnel_type=0; @@ -2114,6 +2144,12 @@ extern "C" unsigned char TSG_MASTER_TCPALL_ENTRY(const struct streaminfo *a_tcp, { struct session_runtime_action_context *_context=(struct session_runtime_action_context *)(*pme); + int is_ctrl_pkt=session_state_control_packet(a_tcp, a_tcp->ptcpdetail->pdata, a_tcp->ptcpdetail->datalen); + if(is_ctrl_pkt==1) + { + return APP_STATE_DROPPKT; + } + if(*pme==NULL) { session_state_sync_in_opening_and_closing(a_tcp, a_tcp->pktstate); diff --git a/src/tsg_proxy.cpp b/src/tsg_proxy.cpp index 2601cda..cef41a5 100644 --- a/src/tsg_proxy.cpp +++ b/src/tsg_proxy.cpp @@ -21,7 +21,7 @@ enum tsg_proxy_ipv6hdr_parse_error{ TSG_PROXY_IPV6HDR_INVALID_TYPE = -3, }; -int update_segment_sids(struct cmsg_int16_array *d_sids_array, unsigned short *s_sids, unsigned int n_s_sids) +int update_segment_sids(struct tcp_sids *d_sids_array, unsigned short *s_sids, unsigned int n_s_sids) { for(unsigned int i=0; i<n_s_sids; i++) { @@ -209,7 +209,7 @@ static int tsg_proxy_rawpkt_info_get(const void *raw_pkt, struct tsg_proxy_tcp_o int ret; struct segment_id_list *sids = NULL; - ret = get_rawpkt_opt_from_streaminfo(stream, RWA_PKT_GET_SID_LIST, &sids); + ret = get_rawpkt_opt_from_streaminfo(stream, RAW_PKT_GET_SID_LIST, &sids); if (ret != sizeof(struct segment_id_list)) { MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_FATAL, "PROXY", "Failed to get sid list, stream treaceid = %llu, %s", tsg_get_stream_trace_id(stream), printaddr(&stream->addr, stream->threadnum)); return -1; @@ -436,8 +436,8 @@ static void tsg_proxy_cmsg_fqdn_category_fill(struct session_runtime_attribute * { size_t n_category_ids = 0; uint32_t category_ids[8] = {0}; - struct cmsg_int32_array *fqdn_cat_ids = &cmsg->fqdn_cat_id_val; - + struct fqdn_cat_id_val *fqdn_cat_ids = &cmsg->fqdn_cat_ids; + n_category_ids = srt_attribute_get_category_ids(session_attr, category_ids, sizeof(category_ids)/sizeof(category_ids[0])); if (n_category_ids > 0 && n_category_ids <= 8) { fqdn_cat_ids->num = n_category_ids; diff --git a/src/tsg_send_log.cpp b/src/tsg_send_log.cpp index 191754c..37afa71 100644 --- a/src/tsg_send_log.cpp +++ b/src/tsg_send_log.cpp @@ -21,6 +21,7 @@ #include "tsg_entry.h" #include "tsg_bridge.h" #include "tsg_send_log.h" +#include "tsg_sync_state.h" #include "tsg_rule_internal.h" #include "tsg_send_log_internal.h" @@ -392,7 +393,7 @@ static int set_direction(struct tsg_log_instance_t *_instance, struct TLD_handle static int set_address_list(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream) { unsigned short tunnel_type=0; - char nest_addr_buf[1024]; + char nest_addr_buf[1024]={0}; int tunnel_type_size=sizeof(tunnel_type); MESA_get_stream_opt(a_stream, MSO_STREAM_TUNNEL_TYPE, &tunnel_type, &tunnel_type_size); @@ -1362,6 +1363,58 @@ int set_session_flags(struct tsg_log_instance_t *_instance, struct TLD_handle_t return 0; } +int set_sce_profile_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream) +{ + struct sce_log_update *sce = (struct sce_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_CHAINING); + if(sce==NULL) + { + return 0; + } + + Value sce_profile_ids_array(kArrayType); + for(size_t i=0; i<sce->n_profile_ids; i++) + { + sce_profile_ids_array.PushBack((unsigned int)(sce->profile_ids[i]), _handle->document->GetAllocator()); + } + + TLD_append(_handle, _instance->id2field[LOG_COMMON_SCE_PROFILE_IDS].name, (void *) &sce_profile_ids_array, TLD_TYPE_OBJECT); + + return 0; +} + +int set_shaping_profile_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream) +{ + struct shaper_log_update *shaping = (struct shaper_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_SHAPING); + if(shaping==NULL) + { + return 0; + } + + Value shaping_object(kObjectType); + + Value shaping_array(kArrayType); + for(size_t i=0; i<shaping->n_shaper_rule; i++) + { + Value object(kObjectType); + object.AddMember("rule_id", (unsigned int)shaping->shaper_rules[i].rule_id, _handle->document->GetAllocator()); + + Value shaping_profile_ids_array(kArrayType); + for(size_t j=0; j<shaping->shaper_rules[i].n_profile_ids; j++) + { + shaping_profile_ids_array.PushBack((unsigned long)(shaping->shaper_rules[i].profile_ids[j]), _handle->document->GetAllocator()); + } + + add_object_member(_handle, &object, "profile_ids", shaping_profile_ids_array) + shaping_array.PushBack(object, _handle->document->GetAllocator()); + } + + TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_PROFILE_IDS].name, &shaping_array, TLD_TYPE_OBJECT); + + //add_object_member(_handle, &shaping_object, _instance->id2field[LOG_COMMON_SHAPING_PROFILE_IDS].name, shaping_array); + + return 0; +} + int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream) { if(a_stream==NULL) @@ -1378,7 +1431,7 @@ int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle Value shaping_rule_ids_array(kArrayType); for(size_t i=0; i<hited_shaping->n_rules; i++) { - shaping_rule_ids_array.PushBack((unsigned int)(hited_shaping->rules[i].rule_id), _handle->document->GetAllocator()); + shaping_rule_ids_array.PushBack((unsigned long)(hited_shaping->rules[i].rule_id), _handle->document->GetAllocator()); } TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_RULE_IDS].name, (void *) &shaping_rule_ids_array, TLD_TYPE_OBJECT); @@ -1689,6 +1742,25 @@ int set_lua_scripts_result(struct tsg_log_instance_t *_instance, struct TLD_hand return 0; } +int set_intercept_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream) +{ + struct proxy_log_update *proxy = (struct proxy_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_INTERCEPT); + if(proxy!=NULL) + { + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_PINNING_STATE].name, (void *)(long)proxy->ssl_pinning_state, TLD_TYPE_LONG); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_CERT_VERIFY].name, (void *)(long)proxy->ssl_cert_verify, TLD_TYPE_LONG); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_INTERCEPT_STATE].name, (void *)(long)proxy->ssl_intercept_state, TLD_TYPE_LONG); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_UPSTREAM_LATENCY].name, (void *)(long)proxy->ssl_upstream_latency, TLD_TYPE_LONG); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_DOWNSTREAM_LATENCY].name, (void *)(long)proxy->ssl_downstream_latency, TLD_TYPE_LONG); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_UPSTREAM_VERSION].name, proxy->ssl_upstream_version, TLD_TYPE_STRING); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_DOWNSTREAM_VERSION].name, proxy->ssl_downstream_version, TLD_TYPE_STRING); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_ERROR].name, proxy->ssl_error, TLD_TYPE_STRING); + TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_PASSTHROUGHT_REASON].name, proxy->ssl_passthrough_reason, TLD_TYPE_STRING); + } + + return 0; +} + int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream) { if(instance==NULL || handle==NULL || a_stream==NULL) @@ -2056,7 +2128,7 @@ int send_log_by_type(struct tsg_log_instance_t *_instance, struct TLD_handle_t * return 0; } -int send_security_event_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, struct maat_rule *rules, size_t n_rules, int thread_id) +int send_event_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, LOG_TYPE log_type, struct maat_rule *rules, size_t n_rules, int thread_id) { int fs_id=0,repeat_cnt=0; int policy_id[MAX_RESULT_NUM]={0}; @@ -2118,7 +2190,7 @@ int send_security_event_log(struct tsg_log_instance_t *_instance, struct TLD_han set_xxxx_from_user_region(_handle, _instance, &(rules[i]), thread_id); - send_log_by_type(_instance, _handle, a_stream, LOG_TYPE_SECURITY_EVENT, thread_id); + send_log_by_type(_instance, _handle, a_stream, log_type, thread_id); TLD_delete(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_SERVICE].name); @@ -2166,24 +2238,32 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl set_application_behavior(_instance, _handle, a_stream); - struct matched_policy_rules *matched_security_rules=NULL; + struct matched_policy_rules *matched_rules=NULL; switch(log_type) { case LOG_TYPE_SECURITY_EVENT: - send_security_event_log(_instance, _handle, a_stream, rules, n_rules, thread_id); + send_event_log(_instance, _handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_id); break; case LOG_TYPE_SESSION_RECORD: case LOG_TYPE_TRANSACTION_RECORD: - matched_security_rules=(struct matched_policy_rules *)session_matched_rules_get(a_stream, TSG_SERVICE_SECURITY); - if(matched_security_rules!=NULL && matched_security_rules->n_rules>0) + matched_rules=(struct matched_policy_rules *)session_matched_rules_get(a_stream, TSG_SERVICE_SECURITY); + if(matched_rules!=NULL && matched_rules->n_rules>0) { - if(matched_security_rules->rules[0].action!=TSG_ACTION_INTERCEPT) - { - send_security_event_log(_instance, _handle, a_stream, matched_security_rules->rules, matched_security_rules->n_rules, thread_id); - session_matched_rules_free(a_stream, TSG_SERVICE_SECURITY, (void *)matched_security_rules); - session_matched_rules_async(a_stream, TSG_SERVICE_SECURITY, NULL); - } + send_event_log(_instance, _handle, a_stream, LOG_TYPE_SECURITY_EVENT, matched_rules->rules, matched_rules->n_rules, thread_id); + session_matched_rules_free(a_stream, TSG_SERVICE_SECURITY, (void *)matched_rules); + session_matched_rules_async(a_stream, TSG_SERVICE_SECURITY, NULL); + matched_rules=NULL; + } + + matched_rules=(struct matched_policy_rules *)session_matched_rules_get(a_stream, TSG_SERVICE_INTERCEPT); + if(matched_rules!=NULL && matched_rules->n_rules>0) + { + set_intercept_info(instance, handle, a_stream); + send_event_log(_instance, _handle, a_stream, LOG_TYPE_INTERCEPT_ENEVT, matched_rules->rules, matched_rules->n_rules, thread_id); + session_matched_rules_free(a_stream, TSG_SERVICE_INTERCEPT, (void *)matched_rules); + session_matched_rules_async(a_stream, TSG_SERVICE_INTERCEPT, NULL); + matched_rules=NULL; } // no break; case LOG_TYPE_INTERIM_SESSION_RECORD: @@ -2191,6 +2271,8 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl { break; } + set_sce_profile_ids(_instance, _handle, a_stream); + set_shaping_profile_ids(_instance, _handle, a_stream); set_shaping_rule_ids(_instance, _handle, a_stream); set_nat_linkinfo(_instance, _handle, a_stream); send_log_by_type(_instance, _handle, a_stream, log_type, thread_id); diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h index 9235a98..fc1d241 100644 --- a/src/tsg_send_log_internal.h +++ b/src/tsg_send_log_internal.h @@ -138,6 +138,17 @@ enum LOG_FIELD_ID LOG_COMMON_FLAGS, LOG_COMMON_SHAPING_RULE_IDS, LOG_COMMON_FLAGS_IDENTIFY_INFO, + LOG_COMMON_SSL_PINNING_STATE, + LOG_COMMON_SSL_CERT_VERIFY, + LOG_COMMON_SSL_INTERCEPT_STATE, + LOG_COMMON_SSL_UPSTREAM_LATENCY, + LOG_COMMON_SSL_DOWNSTREAM_LATENCY, + LOG_COMMON_SSL_UPSTREAM_VERSION, + LOG_COMMON_SSL_DOWNSTREAM_VERSION, + LOG_COMMON_SSL_ERROR, + LOG_COMMON_SSL_PASSTHROUGHT_REASON, + LOG_COMMON_SCE_PROFILE_IDS, + LOG_COMMON_SHAPING_PROFILE_IDS, LOG_COMMON_MAX }; diff --git a/src/tsg_sync_state.cpp b/src/tsg_sync_state.cpp index ae7b1a7..dd7231b 100644 --- a/src/tsg_sync_state.cpp +++ b/src/tsg_sync_state.cpp @@ -11,7 +11,7 @@ char *mpack_data = NULL; size_t mpack_size = 0; -static int tsg_mpack_init_map(const struct streaminfo *a_stream, mpack_writer_t *writer, const char *state) +static int mpack_init_map(const struct streaminfo *a_stream, mpack_writer_t *writer, const char *state) { mpack_writer_init_growable(writer, &mpack_data, &mpack_size); mpack_build_map(writer); @@ -31,9 +31,9 @@ static int tsg_mpack_init_map(const struct streaminfo *a_stream, mpack_writer_t return 0; } -static int tsg_mpack_send_pkt(const struct streaminfo *a_stream, mpack_writer_t *writer) +static int mpack_send_pkt(const struct streaminfo *a_stream, mpack_writer_t *writer) { - mpack_complete_map(writer); // tsg_mpack_init_map + mpack_complete_map(writer); // mpack_init_map if (mpack_writer_destroy(writer) != mpack_ok) { MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_FATAL, "MPACK_WRITER", "An error occurred encoding the data!"); @@ -58,18 +58,18 @@ int tsg_send_session_state(const struct streaminfo *a_stream, unsigned char stat mpack_writer_t writer; if (state == OP_STATE_PENDING) { - tsg_mpack_init_map(a_stream, &writer, "opening"); + mpack_init_map(a_stream, &writer, "opening"); } else if (state == OP_STATE_CLOSE) { - tsg_mpack_init_map(a_stream, &writer, "closing"); + mpack_init_map(a_stream, &writer, "closing"); } else { return -1; } - return tsg_mpack_send_pkt(a_stream, &writer); + return mpack_send_pkt(a_stream, &writer); } int tsg_sync_resetall_state(const struct streaminfo *a_stream) @@ -80,12 +80,12 @@ int tsg_sync_resetall_state(const struct streaminfo *a_stream) } mpack_writer_t writer; - tsg_mpack_init_map(a_stream, &writer, "resetall"); + mpack_init_map(a_stream, &writer, "resetall"); - return tsg_mpack_send_pkt(a_stream, &writer); + return mpack_send_pkt(a_stream, &writer); } -static void tsg_mpack_append_str(mpack_writer_t *writer, char *str) +static void mpack_append_string(mpack_writer_t *writer, char *str) { if (str) { @@ -99,64 +99,67 @@ static void tsg_mpack_append_str(mpack_writer_t *writer, char *str) return; } -static void tsg_mpack_append_array_u32(mpack_writer_t *writer, struct cmsg_int32_array *array) +static void mpack_append_fqdn_cat_ids(mpack_writer_t *writer, struct fqdn_cat_id_val *array) { if (array->num > 0) { - mpack_build_array(writer); - for (size_t i = 0; i < array->num; i++) - { - mpack_write_u32(writer, array->value[i]); - } - mpack_complete_array(writer); - } - else - { - mpack_write_nil(writer); - } + int num = MIN(array->num, FQDN_CAT_ID_VALS); + mpack_build_array(writer); + for (int i = 0; i < num; i++) + { + mpack_write_u32(writer, array->value[i]); + } + mpack_complete_array(writer); + } + else + { + mpack_write_nil(writer); + } - return; + return; } -static void tsg_mpack_append_array_u16(mpack_writer_t *writer, struct cmsg_int16_array *array) +static void mpack_append_tcp_sids(mpack_writer_t *writer, struct tcp_sids *array) { if (array->num > 0) { - mpack_build_array(writer); - for (size_t i = 0; i < array->num; i++) - { - mpack_write_u16(writer, array->value[i]); - } - mpack_complete_array(writer); - } - else - { - mpack_write_nil(writer); - } + int num = MIN(array->num, TCP_XXX_SIDS); + mpack_build_array(writer); + for (int i = 0; i < num; i++) + { + mpack_write_u16(writer, array->value[i]); + } + mpack_complete_array(writer); + } + else + { + mpack_write_nil(writer); + } - return; + return; } -static void tsg_mpack_append_array_u8(mpack_writer_t *writer, struct cmsg_int8_array *array) +static void mpack_append_route_ctx(mpack_writer_t *writer, struct tcp_route_ctx *array) { if (array->num > 0) { - mpack_build_array(writer); - for (size_t i = 0; i < array->num; i++) - { - mpack_write_u8(writer, array->value[i]); - } - mpack_complete_array(writer); - } - else - { - mpack_write_nil(writer); - } + int num = MIN(array->num, TCP_XXX_ROUTE_CTX); + mpack_build_array(writer); + for (int i = 0; i < num; i++) + { + mpack_write_u8(writer, array->value[i]); + } + mpack_complete_array(writer); + } + else + { + mpack_write_nil(writer); + } - return; + return; } -static void tsg_mpack_append_cmsg_value(mpack_writer_t *writer, struct proxy_cmsg *cmsg) +static void mpack_append_cmsg_value(mpack_writer_t *writer, struct proxy_cmsg *cmsg) { if (cmsg == NULL) { @@ -192,44 +195,44 @@ static void tsg_mpack_append_cmsg_value(mpack_writer_t *writer, struct proxy_cms mpack_write_u32(writer, cmsg->tcp_ts_server_val); mpack_write_u8(writer, cmsg->tcp_info_packet_cur_dir); - tsg_mpack_append_str(writer, cmsg->src_sub_id); - tsg_mpack_append_str(writer, cmsg->dst_sub_id); - tsg_mpack_append_str(writer, cmsg->src_asn); - tsg_mpack_append_str(writer, cmsg->dst_asn); - tsg_mpack_append_str(writer, cmsg->src_organization); - tsg_mpack_append_str(writer, cmsg->dst_organization); - tsg_mpack_append_str(writer, cmsg->src_ip_location_country); - tsg_mpack_append_str(writer, cmsg->dst_ip_location_country); - tsg_mpack_append_str(writer, cmsg->src_ip_location_provine); - tsg_mpack_append_str(writer, cmsg->dst_ip_location_provine); - tsg_mpack_append_str(writer, cmsg->src_ip_location_city); - tsg_mpack_append_str(writer, cmsg->dst_ip_location_city); - tsg_mpack_append_str(writer, cmsg->src_ip_location_subdivision); - tsg_mpack_append_str(writer, cmsg->dst_ip_location_subdivision); - tsg_mpack_append_str(writer, cmsg->ssl_client_ja3_fingerprint); + mpack_append_string(writer, cmsg->src_sub_id); + mpack_append_string(writer, cmsg->dst_sub_id); + mpack_append_string(writer, cmsg->src_asn); + mpack_append_string(writer, cmsg->dst_asn); + mpack_append_string(writer, cmsg->src_organization); + mpack_append_string(writer, cmsg->dst_organization); + mpack_append_string(writer, cmsg->src_ip_location_country); + mpack_append_string(writer, cmsg->dst_ip_location_country); + mpack_append_string(writer, cmsg->src_ip_location_provine); + mpack_append_string(writer, cmsg->dst_ip_location_provine); + mpack_append_string(writer, cmsg->src_ip_location_city); + mpack_append_string(writer, cmsg->dst_ip_location_city); + mpack_append_string(writer, cmsg->src_ip_location_subdivision); + mpack_append_string(writer, cmsg->dst_ip_location_subdivision); + mpack_append_string(writer, cmsg->ssl_client_ja3_fingerprint); // fqdn_cat_id_val - tsg_mpack_append_array_u32(writer, &cmsg->fqdn_cat_id_val); + mpack_append_fqdn_cat_ids(writer, &cmsg->fqdn_cat_ids); - // tcp_seq_sids - tsg_mpack_append_array_u16(writer, &cmsg->tcp_seq_sids); + // tcp_seq_sids + mpack_append_tcp_sids(writer, &cmsg->tcp_seq_sids); - // tcp_ack_sids - tsg_mpack_append_array_u16(writer, &cmsg->tcp_ack_sids); + // tcp_ack_sids + mpack_append_tcp_sids(writer, &cmsg->tcp_ack_sids); - // tcp_seq_route_ctx - tsg_mpack_append_array_u8(writer, &cmsg->tcp_seq_route_ctx); + // tcp_seq_route_ctx + mpack_append_route_ctx(writer, &cmsg->tcp_seq_route_ctx); - // tcp_ack_route_ctx - tsg_mpack_append_array_u8(writer, &cmsg->tcp_ack_route_ctx); + // tcp_ack_route_ctx + mpack_append_route_ctx(writer, &cmsg->tcp_ack_route_ctx); - mpack_complete_array(writer); // array - } + mpack_complete_array(writer); // array + } - return; + return; } -static void tsg_mpack_append_update_policy(mpack_writer_t *writer, struct update_policy *policy_update, enum policy_type type) +static void mpack_append_update_policy(mpack_writer_t *writer, struct update_policy *policy_update, enum policy_type type) { switch (type) { @@ -250,8 +253,9 @@ static void tsg_mpack_append_update_policy(mpack_writer_t *writer, struct update mpack_write_cstr(writer, "rule_ids"); if (policy_update->n_ids > 0) { + int n_ids = MIN(policy_update->n_ids, UPDATE_POLICY_RULE_IDS); mpack_build_array(writer); // rule_ids - for (int i = 0; i < policy_update->n_ids; i++) + for (int i = 0; i < n_ids; i++) { mpack_write_i64(writer, policy_update->ids[i]); } @@ -265,7 +269,7 @@ static void tsg_mpack_append_update_policy(mpack_writer_t *writer, struct update if (type == POLICY_UPDATE_INTERCEPT) { mpack_write_cstr(writer, "tcp_handshake"); - tsg_mpack_append_cmsg_value(writer, &policy_update->cmsg); + mpack_append_cmsg_value(writer, &policy_update->cmsg); } mpack_complete_map(writer); // update_policy_type @@ -281,7 +285,7 @@ int tsg_sync_policy_update(const struct streaminfo *a_stream, struct update_poli mpack_writer_t writer; - tsg_mpack_init_map((struct streaminfo *)a_stream, &writer, "active"); + mpack_init_map((struct streaminfo *)a_stream, &writer, "active"); // method: policy_update mpack_write_cstr(&writer, "method"); @@ -292,11 +296,11 @@ int tsg_sync_policy_update(const struct streaminfo *a_stream, struct update_poli mpack_build_map(&writer); for (int i = 0; i < (int)n_policy_update; i++) { - tsg_mpack_append_update_policy(&writer, &policy_update[i], policy_update[i].type); + mpack_append_update_policy(&writer, &policy_update[i], policy_update[i].type); } mpack_complete_map(&writer); // params - return tsg_mpack_send_pkt(a_stream, &writer); + return mpack_send_pkt(a_stream, &writer); } int tsg_sync_closing_state(const struct streaminfo *a_stream, unsigned char state) @@ -310,3 +314,206 @@ int tsg_sync_opening_state(const struct streaminfo *a_stream, unsigned char stat return 0; } + +static char *mpack_parse_get_string(mpack_node_t node, char *p_str, int thread_seq) +{ + if (p_str != NULL) + { + dictator_free(thread_seq, p_str); + p_str = NULL; + } + + int str_len = 0; + const char *str = NULL; + char *result = NULL; + + str = mpack_node_str(node); + str_len = mpack_node_strlen(node); + + result = (char *)dictator_malloc(thread_seq, str_len + 1); + memset(result, 0, str_len + 1); + memcpy(result, str, str_len); + + return result; +} + +static void mpack_parse_intercept_info(mpack_node_t node, struct proxy_log_update *proxy, int thread_seq) +{ + if (mpack_node_array_length(node) != (size_t)(SSL_INTERCEPT_MAX_INDEX)) + { + return; + } + + proxy->ssl_intercept_state = mpack_node_u8(mpack_node_array_at(node, SSL_INTERCEPT_STATE)); + proxy->ssl_upstream_latency = mpack_node_u64(mpack_node_array_at(node, SSL_UPSTREAM_LATENCY)); + proxy->ssl_downstream_latency = mpack_node_u64(mpack_node_array_at(node, SSL_DOWNSTREAM_LATENCY)); + proxy->ssl_upstream_version = mpack_parse_get_string(mpack_node_array_at(node, SSL_UPSTREAM_VERSION), proxy->ssl_upstream_version, thread_seq); + proxy->ssl_downstream_version = mpack_parse_get_string(mpack_node_array_at(node, SSL_DOWNSTREAM_VERSION), proxy->ssl_downstream_version, thread_seq); + proxy->ssl_pinning_state = mpack_node_u8(mpack_node_array_at(node, SSL_PINNING_STATE)); + proxy->ssl_cert_verify = mpack_node_u8(mpack_node_array_at(node, SSL_CERT_VERIFY)); + proxy->ssl_error = mpack_parse_get_string(mpack_node_array_at(node, SSL_ERROR), proxy->ssl_error, thread_seq); + proxy->ssl_passthrough_reason = mpack_parse_get_string(mpack_node_array_at(node, SSL_PASSTHROUGH_REASON), proxy->ssl_passthrough_reason, thread_seq); + + return; +} + +static void mpack_parse_append_profile_id(mpack_node_t profile_ids_node, uint32_t *ids, size_t *n_id, size_t max) +{ + *n_id = MIN(mpack_node_array_length(profile_ids_node), max); + for (int i = 0; i < (int)(*n_id); i++) + { + ids[i] = mpack_node_u32(mpack_node_array_at(profile_ids_node, i)); + } + + return; +} + +int mpack_parse_sce_profile_ids(const struct streaminfo *a_stream, mpack_tree_t tree, mpack_node_t sce_node) +{ + mpack_node_t sf_profile_ids = mpack_node_map_cstr(sce_node, "sf_profile_ids"); + if (mpack_node_type(sf_profile_ids) != mpack_type_array) + { + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_INFO, "PARSE_SCE", "sf_profile_ids error! mpack_node_type(sf_profile_ids): %d", (int)mpack_node_type(sf_profile_ids)); + mpack_tree_destroy(&tree); + return -1; + } + + struct sce_log_update *sce_handle = (struct sce_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_CHAINING); + if (sce_handle == NULL) + { + sce_handle = (struct sce_log_update *)dictator_malloc(a_stream->threadnum, sizeof(struct sce_log_update)); + memset(sce_handle, 0, sizeof(struct sce_log_update)); + session_log_update_data_put(a_stream, TSG_SERVICE_CHAINING, (void *)sce_handle); + } + mpack_parse_append_profile_id(sf_profile_ids, sce_handle->profile_ids, &sce_handle->n_profile_ids, SCE_PROFILE_IDS); + + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "PARSE_SCE", "n_profile_ids: %lu;", sce_handle->n_profile_ids); + mpack_tree_destroy(&tree); + return 0; +} + +int mpack_parse_shaper_profile_ids(const struct streaminfo *a_stream, mpack_tree_t tree, mpack_node_t shaper_node) +{ + struct shaper_log_update *shaper_handle = (struct shaper_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_SHAPING); + if (shaper_handle == NULL) + { + shaper_handle = (struct shaper_log_update *)dictator_malloc(a_stream->threadnum, sizeof(struct shaper_log_update)); + memset(shaper_handle, 0, sizeof(struct shaper_log_update)); + session_log_update_data_put(a_stream, TSG_SERVICE_SHAPING, (void *)shaper_handle); + } + + shaper_handle->n_shaper_rule = MIN(mpack_node_array_length(shaper_node), SHAPR_RULE_IDS); + mpack_node_t sh_ids_node; + for (int i = 0; i < (int)shaper_handle->n_shaper_rule; i++) + { + sh_ids_node = mpack_node_array_at(shaper_node, i); + shaper_handle->shaper_rules[i].rule_id = mpack_node_i64(mpack_node_map_cstr(sh_ids_node, "rule_id")); + + mpack_parse_append_profile_id(mpack_node_map_cstr(sh_ids_node, "profile_ids"), shaper_handle->shaper_rules[i].profile_ids, &shaper_handle->shaper_rules[i].n_profile_ids, SHAPR_PROFILE_IDS); + } + + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "PARSE_SHAPER", "n_sh_profile_ids: %lu;", shaper_handle->n_shaper_rule); + mpack_tree_destroy(&tree); + return 0; +} + +int mpack_parse_proxy_intercept_info(const struct streaminfo *a_stream, mpack_tree_t tree, mpack_node_t proxy_node) +{ + mpack_node_t ssl_intercept_info = mpack_node_map_str_optional(proxy_node, "ssl_intercept_info", 18); + if (mpack_node_type(ssl_intercept_info) != mpack_type_array) + { + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_INFO, "PARSE_PROXY", "ssl_intercept_info error! mpack_node_type(ssl_intercept_info): %d", (int)mpack_node_type(ssl_intercept_info)); + mpack_tree_destroy(&tree); + return -1; + } + + struct proxy_log_update *proxy_handle = (struct proxy_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_INTERCEPT); + if (proxy_handle == NULL) + { + proxy_handle = (struct proxy_log_update *)dictator_malloc(a_stream->threadnum, sizeof(struct proxy_log_update)); + memset(proxy_handle, 0, sizeof(struct proxy_log_update)); + session_log_update_data_put(a_stream, TSG_SERVICE_INTERCEPT, (void *)proxy_handle); + } + mpack_parse_intercept_info(ssl_intercept_info, proxy_handle, a_stream->threadnum); + + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, + "PARSE_PROXY", + "ssl_intercept_state: %u; ssl_upstream_latency: %llu; ssl_downstream_latency: %llu; ssl_upstream_version: %s; ssl_downstream_version: %s; ssl_pinning_state: %u; ssl_cert_verify: %u; ssl_error: %s; ssl_passthrough_reason: %s;", + proxy_handle->ssl_intercept_state, + proxy_handle->ssl_upstream_latency, + proxy_handle->ssl_downstream_latency, + proxy_handle->ssl_upstream_version, + proxy_handle->ssl_downstream_version, + proxy_handle->ssl_pinning_state, + proxy_handle->ssl_cert_verify, + proxy_handle->ssl_error, + proxy_handle->ssl_passthrough_reason); + + mpack_tree_destroy(&tree); + return 0; +} + +int tsg_parse_log_update_payload(const struct streaminfo *a_stream, const void *payload, unsigned int payload_len) +{ + if (a_stream == NULL || payload == NULL || payload_len == 0) + { + return -1; + } + + mpack_tree_t tree; + mpack_tree_init_data(&tree, (const char *)payload, payload_len); + mpack_tree_parse(&tree); + mpack_node_t root = mpack_tree_root(&tree); + + mpack_node_t method = mpack_node_map_cstr(root, "method"); + if (mpack_node_type(method) != mpack_type_str) + { + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_INFO, "PARSE_LOG_UPDATE", "method error! mpack_node_type(method) = %d", (int)mpack_node_type(method)); + mpack_tree_destroy(&tree); + return -1; + } + + if (mpack_node_strlen(method) != strlen("log_update") || memcmp("log_update", mpack_node_str(method), strlen("log_update")) != 0) + { + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_INFO, "PARSE_LOG_UPDATE", "method error! mpack_node_strlen(method) = %lu", mpack_node_strlen(method)); + mpack_tree_destroy(&tree); + return -1; + } + + uint64_t session_id = mpack_node_u64(mpack_node_map_cstr(root, "session_id")); + if (session_id != tsg_get_stream_trace_id(a_stream)) + { + // if session_id = 0, it's could be mpack_node_type(root) = nil + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_INFO, "PARSE_LOG_UPDATE", "session_id error! session_id: %llu, real session_id: %llu", session_id, tsg_get_stream_trace_id(a_stream)); + mpack_tree_destroy(&tree); + return -1; + } + + mpack_node_t params_node = mpack_node_map_cstr(root, "params"); + if (mpack_node_type(params_node) == mpack_type_nil) + { + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_INFO, "PARSE_LOG_UPDATE", "params_node error!"); + mpack_tree_destroy(&tree); + return -1; + } + + mpack_node_t temp_node = mpack_node_map_str_optional(params_node, "sce", 3); + if (mpack_node_type(temp_node) != mpack_type_nil && mpack_node_type(temp_node) != mpack_type_missing) + { + return mpack_parse_sce_profile_ids(a_stream, tree, temp_node); + } + + temp_node = mpack_node_map_str_optional(params_node, "shaper", 6); + if (mpack_node_type(temp_node) != mpack_type_nil && mpack_node_type(temp_node) != mpack_type_missing) + { + return mpack_parse_shaper_profile_ids(a_stream, tree, temp_node); + } + + temp_node = mpack_node_map_str_optional(params_node, "proxy", 5); + if (mpack_node_type(temp_node) != mpack_type_nil && mpack_node_type(temp_node) != mpack_type_missing) + { + return mpack_parse_proxy_intercept_info(a_stream, tree, temp_node); + } + + return -1; +}
\ No newline at end of file diff --git a/src/tsg_sync_state.h b/src/tsg_sync_state.h index ff9fe8f..fdd3005 100644 --- a/src/tsg_sync_state.h +++ b/src/tsg_sync_state.h @@ -11,30 +11,45 @@ enum policy_type POLICY_UPDATE_MAX }; -struct cmsg_int32_array +enum ssl_intercept_info_index +{ + SSL_INTERCEPT_STATE = 0, + SSL_UPSTREAM_LATENCY, + SSL_DOWNSTREAM_LATENCY, + SSL_UPSTREAM_VERSION, + SSL_DOWNSTREAM_VERSION, + SSL_PINNING_STATE, + SSL_CERT_VERIFY, + SSL_ERROR, + SSL_PASSTHROUGH_REASON, + SSL_INTERCEPT_MAX_INDEX +}; + +#define FQDN_CAT_ID_VALS 8 + +struct fqdn_cat_id_val { size_t num; - uint32_t value[8]; + uint32_t value[FQDN_CAT_ID_VALS]; }; -struct cmsg_int16_array +#define TCP_XXX_SIDS 8 +struct tcp_sids { size_t num; - uint16_t value[8]; + uint16_t value[TCP_XXX_SIDS]; }; -struct cmsg_int8_array +#define TCP_XXX_ROUTE_CTX 64 +struct tcp_route_ctx { size_t num; - uint8_t value[64]; + uint8_t value[TCP_XXX_ROUTE_CTX]; }; struct proxy_cmsg { - uint32_t tcp_seq; - uint32_t tcp_ack; - uint16_t tcp_mss_client; - uint16_t tcp_mss_server; + uint8_t tcp_info_packet_cur_dir; uint8_t tcp_wsacle_exist; uint8_t tcp_wsacle_client; uint8_t tcp_wsacle_server; @@ -43,11 +58,15 @@ struct proxy_cmsg uint8_t tcp_ts_client; uint8_t tcp_ts_server; uint8_t tcp_protocol; + uint16_t tcp_mss_client; + uint16_t tcp_mss_server; uint16_t tcp_window_client; uint16_t tcp_window_server; uint32_t tcp_ts_client_val; uint32_t tcp_ts_server_val; - uint8_t tcp_info_packet_cur_dir; + uint32_t tcp_seq; + uint32_t tcp_ack; + char *src_sub_id; char *dst_sub_id; char *src_asn; @@ -63,25 +82,63 @@ struct proxy_cmsg char *src_ip_location_subdivision; char *dst_ip_location_subdivision; char *ssl_client_ja3_fingerprint; - struct cmsg_int32_array fqdn_cat_id_val; - struct cmsg_int16_array tcp_seq_sids; - struct cmsg_int16_array tcp_ack_sids; - struct cmsg_int8_array tcp_seq_route_ctx; - struct cmsg_int8_array tcp_ack_route_ctx; + struct fqdn_cat_id_val fqdn_cat_ids; + struct tcp_sids tcp_seq_sids; + struct tcp_sids tcp_ack_sids; + struct tcp_route_ctx tcp_seq_route_ctx; + struct tcp_route_ctx tcp_ack_route_ctx; }; +#define UPDATE_POLICY_RULE_IDS 8 + struct update_policy { enum policy_type type; int n_ids; - long long ids[8]; + long long ids[UPDATE_POLICY_RULE_IDS]; struct proxy_cmsg cmsg; }; +struct proxy_log_update +{ + uint8_t ssl_pinning_state; + uint8_t ssl_cert_verify; + uint8_t ssl_intercept_state; + uint64_t ssl_upstream_latency; + uint64_t ssl_downstream_latency; + char *ssl_upstream_version; + char *ssl_downstream_version; + char *ssl_error; + char *ssl_passthrough_reason; +}; + +#define SHAPR_PROFILE_IDS 8 + +struct shaper_rule +{ + long long rule_id; + size_t n_profile_ids; + uint32_t profile_ids[SHAPR_PROFILE_IDS]; +}; + +#define SHAPR_RULE_IDS 8 +struct shaper_log_update +{ + size_t n_shaper_rule; + struct shaper_rule shaper_rules[SHAPR_RULE_IDS]; +}; + +#define SCE_PROFILE_IDS 8 +struct sce_log_update +{ + size_t n_profile_ids; + uint32_t profile_ids[SCE_PROFILE_IDS]; +}; + int tsg_sync_resetall_state(const struct streaminfo *a_stream); int tsg_send_session_state(const struct streaminfo *a_stream, unsigned char state); int tsg_sync_opening_state(const struct streaminfo *a_stream, unsigned char state); int tsg_sync_closing_state(const struct streaminfo *a_stream, unsigned char state); int tsg_sync_policy_update(const struct streaminfo *a_stream, struct update_policy *policy_update, size_t n_policy_update); -// int tsg_recv_control_pkt(const struct streaminfo *a_stream, const void *payload, int payload_len); +int tsg_parse_log_update_payload(const struct streaminfo *a_stream, const void *payload, unsigned int payload_len); diff --git a/test/src/gtest_common.cpp b/test/src/gtest_common.cpp index a4c4266..e20f66f 100644 --- a/test/src/gtest_common.cpp +++ b/test/src/gtest_common.cpp @@ -119,7 +119,7 @@ const void *get_rawpkt_from_streaminfo(const struct streaminfo *pstream) } int get_opt_from_rawpkt(const void *rawpkt, int type, void *out_value) { - if (type > RWA_PKT_GET_SID_LIST) { + if (type > RAW_PKT_GET_SID_LIST) { return -1; } diff --git a/test/src/gtest_kafka.cpp b/test/src/gtest_kafka.cpp index 641e2b3..e3ff337 100644 --- a/test/src/gtest_kafka.cpp +++ b/test/src/gtest_kafka.cpp @@ -1,6 +1,8 @@ #include <string.h> #include <librdkafka/rdkafka.h> +#include <MESA/cJSON.h> + #ifndef MIN #define MIN(a,b) ((a)>(b) ? (b) : (a)) #endif @@ -56,8 +58,30 @@ const char *rd_kafka_err2str(rd_kafka_resp_err_t err) int rd_kafka_produce(rd_kafka_topic_t *rkt, int32_t partitition, int msgflags, void *payload, size_t len, const void *key, size_t keylen, void *msg_opaque) { - int length=MIN(len, sizeof(g_kafka_sendlog[g_kafka_sendlog_cnt])); - memcpy((void *)(g_kafka_sendlog[g_kafka_sendlog_cnt++]), payload, length); + cJSON *object=cJSON_Parse((const char *)payload); + if(object!=NULL) + { + cJSON_DeleteItemFromObject(object, "common_start_time"); + cJSON_DeleteItemFromObject(object, "common_end_time"); + char *result=cJSON_PrintUnformatted(object); + + int length=MIN(strlen(result), sizeof(g_kafka_sendlog[g_kafka_sendlog_cnt])); + memset(g_kafka_sendlog[g_kafka_sendlog_cnt], 0, sizeof(g_kafka_sendlog[g_kafka_sendlog_cnt])); + memcpy((void *)(g_kafka_sendlog[g_kafka_sendlog_cnt++]), result, length); + + cJSON_free(result); + result=NULL; + + cJSON_Delete(object); + object=NULL; + } + else + { + int length=MIN(len, sizeof(g_kafka_sendlog[g_kafka_sendlog_cnt])); + memset(g_kafka_sendlog[g_kafka_sendlog_cnt], 0, sizeof(g_kafka_sendlog[g_kafka_sendlog_cnt])); + memcpy((void *)(g_kafka_sendlog[g_kafka_sendlog_cnt++]), payload, length); + } + return 0; } @@ -66,6 +90,11 @@ int rd_kafka_get_sendlog_cnt(void) return g_kafka_sendlog_cnt; } +void rd_kafka_clean_sendlog_cnt(void) +{ + g_kafka_sendlog_cnt=0; +} + const char *rd_kafka_get_sendlog_payload(int idx) { if(idx>g_kafka_sendlog_cnt || idx <0) diff --git a/test/src/gtest_master.cpp b/test/src/gtest_master.cpp index 76cc51a..00c8ff4 100644 --- a/test/src/gtest_master.cpp +++ b/test/src/gtest_master.cpp @@ -4,10 +4,12 @@ #include "gtest_common.h" #include "tsg_entry.h" +#include "tsg_sync_state.h" #include "tsg_rule_internal.h" #include <gtest/gtest.h> extern int rd_kafka_get_sendlog_cnt(void); +extern void rd_kafka_clean_sendlog_cnt(void); extern const char *rd_kafka_get_sendlog_payload(int idx); extern int matched_shaping_rules_deal(const struct streaminfo *a_stream, struct maat_rule *shaping_rules, size_t n_shaping_rules, int thread_seq);; extern int matched_service_chaining_rules_deal(const struct streaminfo *a_stream, struct maat_rule *service_chaining_rules, size_t n_service_chaining_rules, int thread_seq); @@ -15,7 +17,6 @@ extern int matched_intercept_rules_deal(const struct streaminfo * a_stream, stru extern void session_segment_id_free(const struct streaminfo * a_stream, int bridge_id, void * data); - TEST(TSGMaster, SetAPPIDHttp) { const struct streaminfo a_stream={0}; @@ -299,15 +300,17 @@ TEST(TSGMaster, SecurityPolicySendlog) int sendlog_cnt=rd_kafka_get_sendlog_cnt(); EXPECT_EQ(9, sendlog_cnt); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(0)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(1)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(2)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(3)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(4)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(5)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(6)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(7)); - //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(8)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":1,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(0)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":2,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(1)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":3,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(2)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":4,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(3)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":5,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(4)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":6,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(5)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":7,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(6)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"common_policy_id\":8,\"common_service\":0,\"common_vsys_id\":0,\"common_action\":1}", rd_kafka_get_sendlog_payload(7)); + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1}", rd_kafka_get_sendlog_payload(8)); + + rd_kafka_clean_sendlog_cnt(); hited_security=session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY); EXPECT_EQ(nullptr, hited_security); @@ -655,37 +658,6 @@ TEST(TSGMaster, ShapingAndServiceChainingPolicyNotify) EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING)); } -TEST(TSGMaster, InterceptPolicy) -{ - const struct streaminfo a_stream={0}; - struct maat_rule matched_policy[MAX_RESULT_NUM]={0}; - - matched_policy[1].action=TSG_ACTION_INTERCEPT; - matched_policy[1].rule_id=TSG_ACTION_INTERCEPT; - matched_policy[1].service_id=TSG_SERVICE_INTERCEPT; - - // Set Intercept - matched_intercept_rules_deal(&a_stream, &matched_policy[1], 1, 0); - const struct matched_policy_rules *hited_intercept=session_matched_rules_get(&a_stream, TSG_SERVICE_INTERCEPT); - EXPECT_NE(nullptr, hited_intercept); - EXPECT_EQ(1, hited_intercept->n_rules); - EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_intercept->rules[0].action); - EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_intercept->rules[0].rule_id); - EXPECT_EQ(TSG_SERVICE_INTERCEPT, hited_intercept->rules[0].service_id); - - struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream); - EXPECT_NE(nullptr, segment_ids); - EXPECT_EQ(1, segment_ids->sz_sidlist); - EXPECT_EQ(g_tsg_para.intercept_sid, segment_ids->sid_list[0]); - - session_segment_id_free(&a_stream, 0, (void *)segment_ids); - session_control_segment_ids_async(&a_stream, NULL); - - session_matched_rules_free(&a_stream, TSG_SERVICE_INTERCEPT, (void *)hited_intercept); - session_matched_rules_async(&a_stream, TSG_SERVICE_INTERCEPT, NULL); - EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_INTERCEPT)); -} - TEST(TSGMaster, InterceptAndNOInterceptPolicy) { const struct streaminfo a_stream={0}; @@ -847,6 +819,160 @@ TEST(TSGMaster, ServiceChainingAndShapingAndInterceptPolicy) EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_INTERCEPT)); } +TEST(TSGMaster, InterceptPolicySendLog) +{ + const struct streaminfo a_stream={0}; + struct maat_rule matched_policy[MAX_RESULT_NUM]={0}; + + matched_policy[1].do_log=1; + matched_policy[1].action=TSG_ACTION_INTERCEPT; + matched_policy[1].rule_id=TSG_ACTION_INTERCEPT; + matched_policy[1].service_id=TSG_SERVICE_INTERCEPT; + + // Set Intercept + matched_intercept_rules_deal(&a_stream, &matched_policy[1], 1, 0); + const struct matched_policy_rules *hited_intercept=session_matched_rules_get(&a_stream, TSG_SERVICE_INTERCEPT); + EXPECT_NE(nullptr, hited_intercept); + EXPECT_EQ(1, hited_intercept->n_rules); + EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_intercept->rules[0].action); + EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_intercept->rules[0].rule_id); + EXPECT_EQ(TSG_SERVICE_INTERCEPT, hited_intercept->rules[0].service_id); + + struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream); + EXPECT_NE(nullptr, segment_ids); + EXPECT_EQ(1, segment_ids->sz_sidlist); + EXPECT_EQ(g_tsg_para.intercept_sid, segment_ids->sid_list[0]); + + session_segment_id_free(&a_stream, 0, (void *)segment_ids); + session_control_segment_ids_async(&a_stream, NULL); + + struct proxy_log_update proxy={0, 1, 1, 10, 20, (char*)"upstream_version", (char*)"downstream_version", (char*)"error", (char*)"passthrough_reason"}; + session_log_update_data_put(&a_stream, TSG_SERVICE_INTERCEPT, (void *)&proxy); + + struct TLD_handle_t *handle=TLD_create(0); + matched_policy[0].action=0; + matched_policy[0].rule_id=0; + matched_policy[0].service_id=0; + tsg_send_log(g_tsg_log_instance, handle, &a_stream, LOG_TYPE_SESSION_RECORD, &(matched_policy[0]), 1, 0); + + int sendlog_cnt=rd_kafka_get_sendlog_cnt(); + EXPECT_EQ(2, sendlog_cnt); + // intercept + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"ssl_pinningst\":0,\"ssl_cert_verify\":1,\"ssl_intercept_state\":1,\"ssl_server_side_latency\":10,\"ssl_client_side_latency\":20,\"ssl_server_side_version\":\"upstream_version\",\"ssl_client_side_version\":\"downstream_version\",\"ssl_error\":\"error\",\"ssl_passthrough_reason\":\"passthrough_reason\"}", rd_kafka_get_sendlog_payload(1)); + // session record + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"ssl_pinningst\":0,\"ssl_cert_verify\":1,\"ssl_intercept_state\":1,\"ssl_server_side_latency\":10,\"ssl_client_side_latency\":20,\"ssl_server_side_version\":\"upstream_version\",\"ssl_client_side_version\":\"downstream_version\",\"ssl_error\":\"error\",\"ssl_passthrough_reason\":\"passthrough_reason\",\"common_policy_id\":2,\"common_service\":3,\"common_vsys_id\":0,\"common_action\":2}", rd_kafka_get_sendlog_payload(0)); + + session_log_update_data_put(&a_stream, TSG_SERVICE_INTERCEPT, NULL); + rd_kafka_clean_sendlog_cnt(); + + hited_intercept=session_matched_rules_get(&a_stream, TSG_SERVICE_INTERCEPT); + EXPECT_EQ(nullptr, hited_intercept); +} + +TEST(TSGMaster, ServiceChainingPolicySendLog) +{ + const struct streaminfo a_stream={0}; + struct maat_rule matched_policy[MAX_RESULT_NUM]={0}; + + matched_policy[1].do_log=1; + matched_policy[1].action=TSG_ACTION_S_CHAINING; + matched_policy[1].rule_id=TSG_ACTION_S_CHAINING; + matched_policy[1].service_id=TSG_SERVICE_CHAINING; + + // Set Intercept + matched_service_chaining_rules_deal(&a_stream, &matched_policy[1], 1, 0); + const struct matched_policy_rules *hited_s_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_NE(nullptr, hited_s_chaining); + EXPECT_EQ(1, hited_s_chaining->n_rules); + EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->rules[0].action); + EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->rules[0].rule_id); + EXPECT_EQ(TSG_SERVICE_CHAINING, hited_s_chaining->rules[0].service_id); + + struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream); + EXPECT_NE(nullptr, segment_ids); + EXPECT_EQ(1, segment_ids->sz_sidlist); + EXPECT_EQ(g_tsg_para.service_chaining_sid, segment_ids->sid_list[0]); + + session_segment_id_free(&a_stream, 0, (void *)segment_ids); + session_control_segment_ids_async(&a_stream, NULL); + + struct sce_log_update sce={8, {1,2,3,4,5,6,7,8}}; + session_log_update_data_put(&a_stream, TSG_SERVICE_CHAINING, (void *)&sce); + + struct TLD_handle_t *handle=TLD_create(0); + matched_policy[0].action=0; + matched_policy[0].rule_id=0; + matched_policy[0].service_id=0; + tsg_send_log(g_tsg_log_instance, handle, &a_stream, LOG_TYPE_SESSION_RECORD, &(matched_policy[0]), 1, 0); + + int sendlog_cnt=rd_kafka_get_sendlog_cnt(); + EXPECT_EQ(1, sendlog_cnt); + // session record + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"sce_profile_ids\":[1,2,3,4,5,6,7,8]}", rd_kafka_get_sendlog_payload(0)); + + session_log_update_data_put(&a_stream, TSG_SERVICE_CHAINING, NULL); + rd_kafka_clean_sendlog_cnt(); + + session_matched_rules_free(&a_stream, TSG_SERVICE_CHAINING, (void *)hited_s_chaining); + session_matched_rules_async(&a_stream, TSG_SERVICE_CHAINING, NULL); + EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING)); + + hited_s_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_EQ(nullptr, hited_s_chaining); +} + +TEST(TSGMaster, ShapingPolicySendLog) +{ + const struct streaminfo a_stream={0}; + struct maat_rule matched_policy[MAX_RESULT_NUM]={0}; + + matched_policy[1].do_log=1; + matched_policy[1].action=TSG_ACTION_SHAPING; + matched_policy[1].rule_id=TSG_ACTION_SHAPING; + matched_policy[1].service_id=TSG_SERVICE_SHAPING; + + // Set Intercept + matched_shaping_rules_deal(&a_stream, &matched_policy[1], 1, 0); + const struct matched_policy_rules *hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING); + EXPECT_NE(nullptr, hited_shaping); + EXPECT_EQ(1, hited_shaping->n_rules); + EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[0].action); + EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[0].rule_id); + EXPECT_EQ(TSG_SERVICE_SHAPING, hited_shaping->rules[0].service_id); + + struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream); + EXPECT_NE(nullptr, segment_ids); + EXPECT_EQ(1, segment_ids->sz_sidlist); + EXPECT_EQ(g_tsg_para.shaping_sid, segment_ids->sid_list[0]); + + session_segment_id_free(&a_stream, 0, (void *)segment_ids); + session_control_segment_ids_async(&a_stream, NULL); + + struct shaper_log_update shaping={1, {TSG_ACTION_SHAPING, 8, {1,2,3,4,5,6,7,8}}}; + session_log_update_data_put(&a_stream, TSG_SERVICE_SHAPING, (void *)&shaping); + + struct TLD_handle_t *handle=TLD_create(0); + matched_policy[0].action=0; + matched_policy[0].rule_id=0; + matched_policy[0].service_id=0; + tsg_send_log(g_tsg_log_instance, handle, &a_stream, LOG_TYPE_SESSION_RECORD, &(matched_policy[0]), 1, 0); + + int sendlog_cnt=rd_kafka_get_sendlog_cnt(); + EXPECT_EQ(1, sendlog_cnt); + // session record + EXPECT_STREQ("{\"common_app_full_path\":\"unknown\",\"common_app_label\":\"unknown\",\"common_server_port\":0,\"common_client_port\":0,\"common_stream_dir\":0,\"common_address_type\":0,\"common_con_duration_ms\":0,\"common_stream_trace_id\":\"5\",\"common_sled_ip\":\"0.0.0.0\",\"common_device_tag\":\"{\\\"tags\\\":[{\\\"tag\\\":\\\"device_id\\\",\\\"value\\\":\\\"device_1\\\"}]}\",\"common_t_vsys_id\":1,\"shaping_profile_ids\":[{\"rule_id\":32,\"profile_ids\":[1,2,3,4,5,6,7,8]}],\"common_shaping_rule_ids\":[32]}", rd_kafka_get_sendlog_payload(0)); + + session_log_update_data_put(&a_stream, TSG_SERVICE_SHAPING, NULL); + rd_kafka_clean_sendlog_cnt(); + + session_matched_rules_free(&a_stream, TSG_SERVICE_SHAPING, (void *)hited_shaping); + session_matched_rules_async(&a_stream, TSG_SERVICE_SHAPING, NULL); + EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING)); + + hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING); + EXPECT_EQ(nullptr, hited_shaping); +} + int main(int argc, char *argv[]) { TSG_MASTER_INIT(); diff --git a/test/src/gtest_sendlog.cpp b/test/src/gtest_sendlog.cpp index 2e5b3dd..44d8497 100644 --- a/test/src/gtest_sendlog.cpp +++ b/test/src/gtest_sendlog.cpp @@ -1,132 +1,136 @@ -#include <stdio.h> -#include <string.h> -#include <unistd.h> - -#include "tsg_rule.h" - -#include "gtest_common.h" - -#include <gtest/gtest.h> - -struct maat *g_tsg_maat_feather; - -char *tsg_device_tag_get(void) -{ - return NULL; -} - -char *tsg_data_center_get(void) -{ - return NULL; -} - -int tsg_location_type_get(void) -{ - return 0; -} - -int tsg_session_record_switch_get(void) -{ - return 0; -} - -void *session_mac_linkinfo_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_gather_app_results_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_conn_sketch_notify_data_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_business_data_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_session_flags_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_application_behavior_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_mirrored_and_capture_packets_exec_result_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_lua_user_defined_attribute_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_nat_c2s_linkinfo_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *session_nat_s2c_linkinfo_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -int session_matched_rules_async(const struct streaminfo * a_stream, TSG_SERVICE service, void * data) -{ - return 0; -} - -const struct matched_policy_rules *session_matched_rules_get(const struct streaminfo *a_stream, enum TSG_SERVICE service) -{ - return 0; -} - -void session_matched_rules_free(const struct streaminfo * a_stream, TSG_SERVICE service, void * data) -{ -} - -char srt_action_context_get_direction(const struct streaminfo * a_stream) -{ - return 0; -} - -int tsg_get_app_name_by_id(struct maat *feahter, int app_id, char * app_name, int app_name_len, int is_joint_parent) -{ - return 0; -} - -const struct session_runtime_attribute *session_runtime_attribute_get(const struct streaminfo * a_stream) -{ - return NULL; -} - -void *matched_rule_cites_security_compile(struct maat * feather, long long compile_id) -{ - return NULL; -} - -void plugin_ex_data_security_compile_free(struct maat_compile * maat_compile) -{ -} - -TEST(MasterTest, SetVlan) -{ - //int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID); - //EXPECT_EQ(1, ret); -} - -int main(int argc, char *argv[]) -{ - testing::InitGoogleTest(&argc, argv); - return RUN_ALL_TESTS(); -} - +#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "tsg_rule.h"
+
+#include "gtest_common.h"
+
+#include <gtest/gtest.h>
+
+struct maat *g_tsg_maat_feather;
+
+char *tsg_device_tag_get(void)
+{
+ return NULL;
+}
+
+char *tsg_data_center_get(void)
+{
+ return NULL;
+}
+
+int tsg_location_type_get(void)
+{
+ return 0;
+}
+
+int tsg_session_record_switch_get(void)
+{
+ return 0;
+}
+
+void *session_mac_linkinfo_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+void *session_log_update_data_get(const struct streaminfo *a_stream, enum TSG_SERVICE service)
+{
+ return NULL;
+}
+
+void *session_gather_app_results_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_conn_sketch_notify_data_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_business_data_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_session_flags_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_application_behavior_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_mirrored_and_capture_packets_exec_result_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_lua_user_defined_attribute_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_nat_c2s_linkinfo_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *session_nat_s2c_linkinfo_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+int session_matched_rules_async(const struct streaminfo * a_stream, TSG_SERVICE service, void * data)
+{
+ return 0;
+}
+
+const struct matched_policy_rules *session_matched_rules_get(const struct streaminfo *a_stream, enum TSG_SERVICE service)
+{
+ return 0;
+}
+
+void session_matched_rules_free(const struct streaminfo * a_stream, TSG_SERVICE service, void * data)
+{
+}
+
+char srt_action_context_get_direction(const struct streaminfo * a_stream)
+{
+ return 0;
+}
+
+int tsg_get_app_name_by_id(struct maat *feahter, int app_id, char * app_name, int app_name_len, int is_joint_parent)
+{
+ return 0;
+}
+
+const struct session_runtime_attribute *session_runtime_attribute_get(const struct streaminfo * a_stream)
+{
+ return NULL;
+}
+
+void *matched_rule_cites_security_compile(struct maat * feather, long long compile_id)
+{
+ return NULL;
+}
+
+void plugin_ex_data_security_compile_free(struct maat_compile * maat_compile)
+{
+}
+
+TEST(MasterTest, SetVlan)
+{
+ //int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
+ //EXPECT_EQ(1, ret);
+}
+
+int main(int argc, char *argv[])
+{
+ testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
+
diff --git a/test/src/gtest_sync_state.cpp b/test/src/gtest_sync_state.cpp index 14a6642..642cd48 100644 --- a/test/src/gtest_sync_state.cpp +++ b/test/src/gtest_sync_state.cpp @@ -19,6 +19,41 @@ unsigned long long tsg_get_stream_trace_id(const struct streaminfo *a_stream) return 10; } +void *session_log_update_data_get(const struct streaminfo *a_stream, enum TSG_SERVICE service) +{ + switch (service) + { + case TSG_SERVICE_INTERCEPT: + return stream_bridge_async_data_get(a_stream, BRIDGE_TYPE_LOG_UPDATE_PROXY); + + case TSG_SERVICE_CHAINING: + return stream_bridge_async_data_get(a_stream, BRIDGE_TYPE_LOG_UPDATE_SCE); + + case TSG_SERVICE_SHAPING: + return stream_bridge_async_data_get(a_stream, BRIDGE_TYPE_LOG_UPDATE_SHAPER); + default: + return NULL; + } +} + +int session_log_update_data_put(const struct streaminfo *a_stream, enum TSG_SERVICE service, void *data) +{ + switch (service) + { + case TSG_SERVICE_INTERCEPT: + return stream_bridge_async_data_put(a_stream, BRIDGE_TYPE_LOG_UPDATE_PROXY, data); + + case TSG_SERVICE_CHAINING: + return stream_bridge_async_data_put(a_stream, BRIDGE_TYPE_LOG_UPDATE_SCE, data); + + case TSG_SERVICE_SHAPING: + return stream_bridge_async_data_put(a_stream, BRIDGE_TYPE_LOG_UPDATE_SHAPER, data); + + default: + return 0; + } +} + TEST(SESSION_STATE, IllegalPara) { struct streaminfo a_stream = {0}; @@ -139,7 +174,6 @@ TEST(POLICY_UPDATE, Sce) { test.ids[i] = 100 + i; } - tsg_sync_policy_update(&a_stream, &test, 1); ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, sizeof(ctrl_pkt_buf)); @@ -157,6 +191,35 @@ TEST(POLICY_UPDATE, Sce) EXPECT_EQ(mpack_tree_destroy(&tree), mpack_ok); } +TEST(POLICY_UPDATE, SceOverLimitIds) +{ + char ctrl_pkt_buf[1024] = {0}; + int ctrl_pkt_len = 0; + struct streaminfo a_stream = {0}; + struct update_policy test; + memset(&test, 0, sizeof(test)); + test.type = POLICY_UPDATE_SERVICE_CHAINING; + test.n_ids = 4; + for (int i = 0; i < test.n_ids; i++) + { + test.ids[i] = 100 + i; + } + test.n_ids += UPDATE_POLICY_RULE_IDS; + tsg_sync_policy_update(&a_stream, &test, 1); + + ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, sizeof(ctrl_pkt_buf)); + mpack_tree_t tree; + mpack_tree_init_data(&tree, ctrl_pkt_buf, ctrl_pkt_len); + mpack_tree_parse(&tree); + mpack_node_t root = mpack_tree_root(&tree); + + mpack_node_t sce_map = mpack_node_map_cstr(mpack_node_map_cstr(root, "params"), "sce"); + EXPECT_EQ(mpack_node_array_length(mpack_node_map_cstr(sce_map, "rule_ids")), UPDATE_POLICY_RULE_IDS); + EXPECT_EQ(0, mpack_node_i64(mpack_node_array_at(mpack_node_map_cstr(sce_map, "rule_ids"), 5))); + + EXPECT_EQ(mpack_tree_destroy(&tree), mpack_ok); +} + TEST(POLICY_UPDATE, Shaper) { char ctrl_pkt_buf[1024] = {0}; @@ -169,7 +232,6 @@ TEST(POLICY_UPDATE, Shaper) { test.ids[i] = 10000 + i; } - tsg_sync_policy_update(&a_stream, &test, 1); ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, sizeof(ctrl_pkt_buf)); @@ -187,7 +249,36 @@ TEST(POLICY_UPDATE, Shaper) EXPECT_EQ(mpack_tree_destroy(&tree), mpack_ok); } -TEST(SESSION_STATE, ActiveStateServiceChainingAndShaping0) +TEST(POLICY_UPDATE, ShaperOverLimitIds) +{ + char ctrl_pkt_buf[1024] = {0}; + int ctrl_pkt_len = 0; + struct streaminfo a_stream = {0}; + struct update_policy test; + memset(&test, 0, sizeof(test)); + test.type = POLICY_UPDATE_SHAPING; + test.n_ids = 6; + for (int i = 0; i < test.n_ids; i++) + { + test.ids[i] = 10000 + i; + } + test.n_ids += UPDATE_POLICY_RULE_IDS; + tsg_sync_policy_update(&a_stream, &test, 1); + + ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, sizeof(ctrl_pkt_buf)); + mpack_tree_t tree; + mpack_tree_init_data(&tree, ctrl_pkt_buf, ctrl_pkt_len); + mpack_tree_parse(&tree); + mpack_node_t root = mpack_tree_root(&tree); + + mpack_node_t shaper_map = mpack_node_map_cstr(mpack_node_map_cstr(root, "params"), "shaper"); + EXPECT_EQ(mpack_node_array_length(mpack_node_map_cstr(shaper_map, "rule_ids")), UPDATE_POLICY_RULE_IDS); + EXPECT_EQ(0, mpack_node_i64(mpack_node_array_at(mpack_node_map_cstr(shaper_map, "rule_ids"), 7))); + + EXPECT_EQ(mpack_tree_destroy(&tree), mpack_ok); +} + +TEST(POLICY_UPDATE, ActiveStateServiceChainingAndShaping0) { struct streaminfo a_stream = {0}; struct update_policy policy_array[POLICY_UPDATE_MAX]; @@ -238,7 +329,7 @@ TEST(SESSION_STATE, ActiveStateServiceChainingAndShaping0) EXPECT_EQ(mpack_tree_destroy(&tree), mpack_ok); } -TEST(SESSION_STATE, ActiveStateServiceChainingAndShaping1) +TEST(POLICY_UPDATE, ActiveStateServiceChainingAndShaping1) { struct streaminfo a_stream = {0}; struct update_policy policy_array[2]; @@ -349,10 +440,10 @@ static void gtest_cmsg_init(struct proxy_cmsg *cmsg) cmsg->ssl_client_ja3_fingerprint = (char *)calloc(1, 256); snprintf(cmsg->ssl_client_ja3_fingerprint, 256, "thisistest=%d", 15); - cmsg->fqdn_cat_id_val.num = 4; + cmsg->fqdn_cat_ids.num = 4; for (size_t i = 0; i < 4; i++) { - cmsg->fqdn_cat_id_val.value[i] = i + 1; + cmsg->fqdn_cat_ids.value[i] = i + 1; } cmsg->tcp_seq_sids.num = 5; @@ -408,6 +499,7 @@ TEST(POLICY_UPDATE, Proxy) int ctrl_pkt_len = 0; struct streaminfo a_stream = {0}; struct update_policy test; + memset(&test, 0, sizeof(test)); struct proxy_cmsg cmsg; test.type = POLICY_UPDATE_INTERCEPT; test.n_ids = 6; @@ -464,20 +556,598 @@ TEST(POLICY_UPDATE, Proxy) EXPECT_EQ(i + 5, mpack_node_u8(mpack_node_array_at(tcp_ack_route_ctxs, i))); } - // // sce - // EXPECT_EQ(mpack_type_nil, mpack_node_type(mpack_node_map_cstr(params, "sce"))); + EXPECT_EQ(mpack_tree_destroy(&tree), mpack_ok); + gtest_cmsg_destroy(&cmsg); +} - // // shaper - // EXPECT_EQ(mpack_type_nil, mpack_node_type(mpack_node_map_cstr(params, "shaper"))); +TEST(POLICY_UPDATE, ProxyOverLimit) +{ + char ctrl_pkt_buf[1024] = {0}; + int ctrl_pkt_len = 0; + struct streaminfo a_stream = {0}; + struct update_policy test; + struct proxy_cmsg cmsg; + test.type = POLICY_UPDATE_INTERCEPT; + test.n_ids = 6; + for (int i = 0; i < test.n_ids; i++) + { + test.ids[i] = 10000 + i; + } + + gtest_cmsg_init(&cmsg); + memcpy(&test.cmsg, &cmsg, sizeof(struct proxy_cmsg)); + test.cmsg.fqdn_cat_ids.num += FQDN_CAT_ID_VALS; + test.cmsg.tcp_ack_sids.num += TCP_XXX_SIDS; + test.cmsg.tcp_seq_sids.num += TCP_XXX_SIDS; + test.cmsg.tcp_seq_route_ctx.num += TCP_XXX_ROUTE_CTX; + test.cmsg.tcp_ack_route_ctx.num += TCP_XXX_ROUTE_CTX; + tsg_sync_policy_update(&a_stream, &test, 1); + + ctrl_pkt_len = get_ctrl_pkt(ctrl_pkt_buf, sizeof(ctrl_pkt_buf)); + mpack_tree_t tree; + mpack_tree_init_data(&tree, ctrl_pkt_buf, ctrl_pkt_len); + mpack_tree_parse(&tree); + mpack_node_t root = mpack_tree_root(&tree); + mpack_node_t params = mpack_node_map_cstr(root, "params"); + + // proxy + EXPECT_EQ(mpack_type_map, mpack_node_type(mpack_node_map_cstr(params, "proxy"))); + mpack_node_t proxy_map = mpack_node_map_cstr(params, "proxy"); + + mpack_node_t tcp_handshake = mpack_node_map_cstr(proxy_map, "tcp_handshake"); + + mpack_node_t fqdn_cat_id_vals = mpack_node_array_at(tcp_handshake, 31); + EXPECT_EQ(FQDN_CAT_ID_VALS, mpack_node_array_length(fqdn_cat_id_vals)); + + mpack_node_t tcp_seq_sids = mpack_node_array_at(tcp_handshake, 32); + EXPECT_EQ(TCP_XXX_SIDS, mpack_node_array_length(tcp_seq_sids)); + + mpack_node_t tcp_ack_sids = mpack_node_array_at(tcp_handshake, 33); + EXPECT_EQ(TCP_XXX_SIDS, mpack_node_array_length(tcp_ack_sids)); + + mpack_node_t tcp_seq_route_ctxs = mpack_node_array_at(tcp_handshake, 34); + EXPECT_EQ(TCP_XXX_ROUTE_CTX, mpack_node_array_length(tcp_seq_route_ctxs)); + + mpack_node_t tcp_ack_route_ctxs = mpack_node_array_at(tcp_handshake, 35); + EXPECT_EQ(TCP_XXX_ROUTE_CTX, mpack_node_array_length(tcp_ack_route_ctxs)); EXPECT_EQ(mpack_tree_destroy(&tree), mpack_ok); gtest_cmsg_destroy(&cmsg); } +void gtest_get_sce_mpack_date(char **mpack_data, size_t *mpack_size, uint64_t session_id, char *method, int n_ids) +{ + mpack_writer_t writer; + mpack_writer_init_growable(&writer, mpack_data, mpack_size); + mpack_build_map(&writer); + + // tsync : 2.0 + mpack_write_cstr(&writer, "tsync"); + mpack_write_cstr(&writer, "2.0"); + + // session_id + mpack_write_cstr(&writer, "session_id"); + mpack_write_u64(&writer, session_id); + + // state + mpack_write_cstr(&writer, "state"); + mpack_write_cstr(&writer, "active"); + + // method: log_update + mpack_write_cstr(&writer, "method"); + mpack_write_cstr(&writer, method); + + // params + mpack_write_cstr(&writer, "params"); + mpack_build_map(&writer); + { + mpack_write_cstr(&writer, "sce"); + mpack_build_map(&writer); + { + mpack_write_cstr(&writer, "sf_profile_ids"); + + if (n_ids == 0) + { + mpack_write_nil(&writer); + } + else + { + mpack_build_array(&writer); + for (int i = 0; i < n_ids; i++) + { + mpack_write_u32(&writer, i + 1); + } + mpack_complete_array(&writer); + } + } + mpack_complete_map(&writer); + } + mpack_complete_map(&writer); + mpack_complete_map(&writer); + // printf("mpack_size = %lu\n", (unsigned long)mpack_size); + // for (int i = 0; i < mpack_size; i++) + // { + // printf("%x ", mpack_data[i]); + // } + EXPECT_EQ(mpack_writer_destroy(&writer), mpack_ok); +} + +TEST(LOG_UPDATE, SceIllegalLog) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + + // error session + gtest_get_sce_mpack_date(&mpack_data, &mpack_size, 123456789, (char *)"log_update", 3); + EXPECT_EQ(-1, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_FALSE(result); + free(mpack_data); + mpack_data = NULL; + mpack_size = 0; + + // error method + gtest_get_sce_mpack_date(&mpack_data, &mpack_size, 10, (char *)"policy_update", 3); + EXPECT_EQ(-1, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + result = session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_FALSE(result); + free(mpack_data); + mpack_data = NULL; + mpack_size = 0; + + // n_profile_ids = 0 + gtest_get_sce_mpack_date(&mpack_data, &mpack_size, 10, (char *)"log_update", 0); + EXPECT_EQ(-1, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + result = session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_FALSE(result); + free(mpack_data); + mpack_data = NULL; + mpack_size = 0; +} + +TEST(LOG_UPDATE, SceNormal) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + + gtest_get_sce_mpack_date(&mpack_data, &mpack_size, 10, (char *)"log_update", 3); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_TRUE(result); + + struct sce_log_update *sce = (struct sce_log_update *)result; + EXPECT_EQ(3, sce->n_profile_ids); + for (int i = 0; i < (int)sce->n_profile_ids; i++) + { + EXPECT_EQ(i + 1, sce->profile_ids[i]); + } + + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT)); + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING)); + + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_CHAINING, NULL); + free(mpack_data); + mpack_data = NULL; +} + +TEST(LOG_UPDATE, SceTwice) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + + gtest_get_sce_mpack_date(&mpack_data, &mpack_size, 10, (char *)"log_update", 3); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_TRUE(result); + free(mpack_data); + mpack_data = NULL; + mpack_size = 0; + + gtest_get_sce_mpack_date(&mpack_data, &mpack_size, 10, (char *)"log_update", 5); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result_2 = session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_EQ(result_2, result); + + struct sce_log_update *sce = (struct sce_log_update *)result_2; + EXPECT_EQ(5, sce->n_profile_ids); + for (int i = 0; i < (int)sce->n_profile_ids; i++) + { + EXPECT_EQ(i + 1, sce->profile_ids[i]); + } + + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT)); + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING)); + + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_CHAINING, NULL); + free(mpack_data); + mpack_data = NULL; +} + +TEST(LOG_UPDATE, SceOverLimitProfileIds) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + + gtest_get_sce_mpack_date(&mpack_data, &mpack_size, 10, (char *)"log_update", 3 + SCE_PROFILE_IDS); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING); + EXPECT_TRUE(result); + + struct sce_log_update *sce = (struct sce_log_update *)result; + EXPECT_EQ(SCE_PROFILE_IDS, sce->n_profile_ids); + for (int i = 0; i < (int)sce->n_profile_ids; i++) + { + EXPECT_EQ(i + 1, sce->profile_ids[i]); + } + + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_CHAINING, NULL); + free(mpack_data); + mpack_data = NULL; +} + +void gtest_get_shaper_mpack_date(char **mpack_data, size_t *mpack_size, uint64_t session_id, int n_sh_profile_ids, long long *rules, int n_profile_ids) +{ + mpack_writer_t writer; + mpack_writer_init_growable(&writer, mpack_data, mpack_size); + mpack_build_map(&writer); + + // tsync : 2.0 + mpack_write_cstr(&writer, "tsync"); + mpack_write_cstr(&writer, "2.0"); + + // session_id + mpack_write_cstr(&writer, "session_id"); + mpack_write_u64(&writer, session_id); + + // state + mpack_write_cstr(&writer, "state"); + mpack_write_cstr(&writer, "active"); + + // method: log_update + mpack_write_cstr(&writer, "method"); + mpack_write_cstr(&writer, "log_update"); + + // params + mpack_write_cstr(&writer, "params"); + mpack_build_map(&writer); + { + mpack_write_cstr(&writer, "shaper"); + mpack_build_array(&writer); + for (int i = 0; i < n_sh_profile_ids; i++) + { + mpack_build_map(&writer); + { + mpack_write_cstr(&writer, "rule_id"); + mpack_write_i64(&writer, rules[i]); + mpack_write_cstr(&writer, "profile_ids"); + mpack_build_array(&writer); + for (int j = 0; j < n_profile_ids; j++) + { + mpack_write_u32(&writer, j + 1); + } + mpack_complete_array(&writer); + } + mpack_complete_map(&writer); + } + mpack_complete_array(&writer); + } + mpack_complete_map(&writer); + mpack_complete_map(&writer); + // printf("mpack_size = %lu\n", (unsigned long)mpack_size); + // for (int i = 0; i < mpack_size; i++) + // { + // printf("%x ", mpack_data[i]); + // } + EXPECT_EQ(mpack_writer_destroy(&writer), mpack_ok); +} + +TEST(LOG_UPDATE, ShaperNormal) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + long long rule[4] = {2, 3, 4, 5}; + + gtest_get_shaper_mpack_date(&mpack_data, &mpack_size, 10, 4, rule, 3); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING); + EXPECT_TRUE(result); + + struct shaper_log_update *shaper = (struct shaper_log_update *)result; + for (int i = 0; i < (int)shaper->n_shaper_rule; i++) + { + EXPECT_EQ(i + 2, shaper->shaper_rules[i].rule_id); + EXPECT_EQ(3, shaper->shaper_rules[i].n_profile_ids); + for (int j = 0; j < (int)shaper->shaper_rules[i].n_profile_ids; j++) + { + EXPECT_EQ(j + 1, shaper->shaper_rules[i].profile_ids[j]); + } + } + + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT)); + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING)); + + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_SHAPING, NULL); + free(mpack_data); + mpack_data = NULL; +} + +TEST(LOG_UPDATE, ShaperTwice) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + long long rule[4] = {2, 3, 4, 5}; + + gtest_get_shaper_mpack_date(&mpack_data, &mpack_size, 10, 4, rule, 3); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING); + EXPECT_TRUE(result); + free(mpack_data); + mpack_data = NULL; + mpack_size = 0; + + gtest_get_shaper_mpack_date(&mpack_data, &mpack_size, 10, 3, rule, 4); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result_2 = session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING); + EXPECT_EQ(result_2, result); + + struct shaper_log_update *shaper = (struct shaper_log_update *)result; + EXPECT_EQ(3, shaper->n_shaper_rule); + for (int i = 0; i < (int)shaper->n_shaper_rule; i++) + { + EXPECT_EQ(i + 2, shaper->shaper_rules[i].rule_id); + EXPECT_EQ(4, shaper->shaper_rules[i].n_profile_ids); + for (int j = 0; j < (int)shaper->shaper_rules[i].n_profile_ids; j++) + { + EXPECT_EQ(j + 1, shaper->shaper_rules[i].profile_ids[j]); + } + } + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT)); + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING)); + + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_SHAPING, NULL); + free(mpack_data); + mpack_data = NULL; +} + +TEST(LOG_UPDATE, ShaperOverLimitProfileIds) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + long long rule[4 + SHAPR_RULE_IDS] = {2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13}; + + gtest_get_shaper_mpack_date(&mpack_data, &mpack_size, 10, 4 + SHAPR_RULE_IDS, rule, 3 + SHAPR_PROFILE_IDS); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING); + EXPECT_TRUE(result); + + struct shaper_log_update *shaper = (struct shaper_log_update *)result; + EXPECT_EQ(shaper->n_shaper_rule, SHAPR_RULE_IDS); + for (int i = 0; i < (int)shaper->n_shaper_rule; i++) + { + EXPECT_EQ(i + 2, shaper->shaper_rules[i].rule_id); + EXPECT_EQ(SHAPR_PROFILE_IDS, shaper->shaper_rules[i].n_profile_ids); + for (int j = 0; j < (int)shaper->shaper_rules[i].n_profile_ids; j++) + { + EXPECT_EQ(j + 1, shaper->shaper_rules[i].profile_ids[j]); + } + } + + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_SHAPING, NULL); + free(mpack_data); + mpack_data = NULL; +} + +// if flag = 0 nil flag = 1 array flag = 2 ssl_upstream_version = thisisssl_upstream_version_for_test_twice +void gtest_get_proxy_mpack_date(char **mpack_data, size_t *mpack_size, uint64_t session_id, int flag) +{ + mpack_writer_t writer; + mpack_writer_init_growable(&writer, mpack_data, mpack_size); + mpack_build_map(&writer); + + // tsync : 2.0 + mpack_write_cstr(&writer, "tsync"); + mpack_write_cstr(&writer, "2.0"); + + // session_id + mpack_write_cstr(&writer, "session_id"); + mpack_write_u64(&writer, session_id); + + // state + mpack_write_cstr(&writer, "state"); + mpack_write_cstr(&writer, "active"); + + // method: log_update + mpack_write_cstr(&writer, "method"); + mpack_write_cstr(&writer, "log_update"); + + // params + mpack_write_cstr(&writer, "params"); + mpack_build_map(&writer); + { + mpack_write_cstr(&writer, "proxy"); + mpack_build_map(&writer); + mpack_write_cstr(&writer, "ssl_intercept_info"); + { + if (flag == 0) + { + mpack_write_nil(&writer); + } + else + { + mpack_build_array(&writer); + { + mpack_write_u8(&writer, 1); + mpack_write_u64(&writer, 2); + mpack_write_u64(&writer, 3); + if (flag == 2) + { + mpack_write_cstr(&writer, "thisisssl_upstream_version_for_test_twice"); + mpack_write_cstr(&writer, "thisisssl_downstream_version_for_test_twice"); + mpack_write_u8(&writer, 7); + } + else + { + mpack_write_cstr(&writer, "thisisssl_upstream_version"); + mpack_write_cstr(&writer, "thisisssl_downstream_version"); + mpack_write_u8(&writer, 4); + } + + mpack_write_u8(&writer, 5); + mpack_write_cstr(&writer, "thisisssl_error"); + mpack_write_cstr(&writer, "thisisssl_passthrough_reason"); + } + mpack_complete_array(&writer); + } + } + mpack_complete_map(&writer); + } + mpack_complete_map(&writer); + mpack_complete_map(&writer); + // printf("mpack_size = %lu\n", (unsigned long)mpack_size); + // for (int i = 0; i < mpack_size; i++) + // { + // printf("%x ", mpack_data[i]); + // } + EXPECT_EQ(mpack_writer_destroy(&writer), mpack_ok); +} + +TEST(LOG_UPDATE, ProxyIllegalLog) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + + gtest_get_proxy_mpack_date(&mpack_data, &mpack_size, 10, 0); + EXPECT_EQ(-1, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT); + EXPECT_FALSE(result); + free(mpack_data); + mpack_data = NULL; +} + +TEST(LOG_UPDATE, ProxyNormal) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + + gtest_get_proxy_mpack_date(&mpack_data, &mpack_size, 10, 1); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT); + EXPECT_TRUE(result); + + struct proxy_log_update *proxy = (struct proxy_log_update *)result; + + EXPECT_EQ(1, proxy->ssl_intercept_state); + EXPECT_EQ(2, proxy->ssl_upstream_latency); + EXPECT_EQ(3, proxy->ssl_downstream_latency); + EXPECT_STREQ("thisisssl_upstream_version", proxy->ssl_upstream_version); + EXPECT_STREQ("thisisssl_downstream_version", proxy->ssl_downstream_version); + EXPECT_EQ(4, proxy->ssl_pinning_state); + EXPECT_EQ(5, proxy->ssl_cert_verify); + EXPECT_STREQ("thisisssl_error", proxy->ssl_error); + EXPECT_STREQ("thisisssl_passthrough_reason", proxy->ssl_passthrough_reason); + + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING)); + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING)); + + free(proxy->ssl_downstream_version); + free(proxy->ssl_error); + free(proxy->ssl_passthrough_reason); + free(proxy->ssl_upstream_version); + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_INTERCEPT, NULL); + free(mpack_data); + mpack_data = NULL; +} + +TEST(LOG_UPDATE, ProxyTwice) +{ + char *mpack_data = NULL; + size_t mpack_size = 0; + const struct streaminfo a_stream = {0}; + + gtest_get_proxy_mpack_date(&mpack_data, &mpack_size, 10, 1); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result = session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT); + EXPECT_TRUE(result); + free(mpack_data); + mpack_data = NULL; + mpack_size = 0; + + struct proxy_log_update *proxy = (struct proxy_log_update *)result; + char *ssl_upstream_version = proxy->ssl_upstream_version; + char *ssl_downstream_version = proxy->ssl_upstream_version; + EXPECT_STREQ("thisisssl_upstream_version", proxy->ssl_upstream_version); + EXPECT_STREQ("thisisssl_downstream_version", proxy->ssl_downstream_version); + EXPECT_EQ(4, proxy->ssl_pinning_state); + + // second + gtest_get_proxy_mpack_date(&mpack_data, &mpack_size, 10, 2); + EXPECT_EQ(0, tsg_parse_log_update_payload(&a_stream, mpack_data, mpack_size)); + + void *result_2 = session_log_update_data_get(&a_stream, TSG_SERVICE_INTERCEPT); + EXPECT_EQ(result_2, result); + + proxy = (struct proxy_log_update *)result_2; + char *ssl_upstream_version_2 = proxy->ssl_upstream_version; + char *ssl_downstream_version_2 = proxy->ssl_upstream_version; + EXPECT_NE(ssl_upstream_version_2, ssl_upstream_version); + EXPECT_NE(ssl_downstream_version_2, ssl_downstream_version); + + EXPECT_STREQ("thisisssl_upstream_version_for_test_twice", proxy->ssl_upstream_version); + EXPECT_STREQ("thisisssl_downstream_version_for_test_twice", proxy->ssl_downstream_version); + EXPECT_EQ(7, proxy->ssl_pinning_state); + + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_CHAINING)); + EXPECT_FALSE(session_log_update_data_get(&a_stream, TSG_SERVICE_SHAPING)); + + free(proxy->ssl_downstream_version); + free(proxy->ssl_error); + free(proxy->ssl_passthrough_reason); + free(proxy->ssl_upstream_version); + free(result); + result = NULL; + session_log_update_data_put(&a_stream, TSG_SERVICE_INTERCEPT, NULL); + free(mpack_data); + mpack_data = NULL; +} + int main(int argc, char *argv[]) { g_tsg_para.logger = MESA_create_runtime_log_handle("log/tsg_sync_state", 10); - + // tsg_bridge_init("tsgconf/main.conf"); testing::InitGoogleTest(&argc, argv); int ret = RUN_ALL_TESTS(); MESA_destroy_runtime_log_handle(g_tsg_para.logger); |