#include #include "crc32_hash.h" #include "session_private.h" #define EX_KEY_MAX_LEN 64 struct ex_schema { char key[EX_KEY_MAX_LEN]; session_ex_free_cb *free_cb; void *args; }; struct ex_manager { struct ex_schema schemas[EX_DATA_MAX_COUNT]; uint8_t count; }; static struct ex_manager g_ex_manager = {0}; /****************************************************************************** * ev queue ******************************************************************************/ static void event_queue_init(struct event_queue *queue) { queue->head_idx = 0; queue->tail_idx = 0; } static bool event_queue_is_empty(struct event_queue *queue) { return queue->head_idx == queue->tail_idx; } static bool event_queue_is_full(struct event_queue *queue) { return (queue->tail_idx + 1) % SESSION_EVENT_QUEUE_SIZE == queue->head_idx; } static bool event_queue_push(struct event_queue *queue, uint32_t event) { if (event_queue_is_full(queue)) { return false; } queue->events[queue->tail_idx] = event; queue->tail_idx = (queue->tail_idx + 1) % SESSION_EVENT_QUEUE_SIZE; return true; } static bool event_queue_pop(struct event_queue *queue, uint32_t *event) { if (event_queue_is_empty(queue)) { return false; } *event = queue->events[queue->head_idx]; queue->head_idx = (queue->head_idx + 1) % SESSION_EVENT_QUEUE_SIZE; return true; } /****************************************************************************** * session key ******************************************************************************/ uint32_t session_key_hash(const struct session_key *key) { uint32_t hash = crc32_hash(&key->security_zone, sizeof(key->security_zone), key->ip_proto); if (key->ip_type == IP_TYPE_V4) { uint32_t src_addr_hash = crc32_hash(&key->src_addr.v4, sizeof(key->src_addr.v4), hash); uint32_t dst_addr_hash = crc32_hash(&key->dst_addr.v4, sizeof(key->dst_addr.v4), hash); hash = src_addr_hash + dst_addr_hash; } else { uint32_t src_addr_hash = crc32_hash(&key->src_addr.v6, sizeof(key->src_addr.v6), hash); uint32_t dst_addr_hash = crc32_hash(&key->dst_addr.v6, sizeof(key->dst_addr.v6), hash); hash = src_addr_hash + dst_addr_hash; } uint32_t src_port_hash = crc32_hash(&key->src_port, sizeof(key->src_port), hash); uint32_t dst_port_hash = crc32_hash(&key->dst_port, sizeof(key->dst_port), hash); hash = src_port_hash + dst_port_hash; return hash; } // return 0: equal // return -1: not equal int session_key_cmp(const struct session_key *key1, const struct session_key *key2) { if (key1->ip_type != key2->ip_type) { return -1; } if (key1->src_port != key2->src_port) { return -1; } if (key1->dst_port != key2->dst_port) { return -1; } if (key1->ip_proto != key2->ip_proto) { return -1; } if (key1->security_zone != key2->security_zone) { return -1; } if (key1->ip_type == IP_TYPE_V4) { if (key1->src_addr.v4.s_addr != key2->src_addr.v4.s_addr) { return -1; } if (key1->dst_addr.v4.s_addr != key2->dst_addr.v4.s_addr) { return -1; } } else { if (memcmp(&key1->src_addr.v6, &key2->src_addr.v6, sizeof(key1->src_addr.v6)) != 0) { return -1; } if (memcmp(&key1->dst_addr.v6, &key2->dst_addr.v6, sizeof(key1->dst_addr.v6)) != 0) { return -1; } } return 0; } void session_key_reverse(const struct session_key *in, struct session_key *out) { out->ip_type = in->ip_type; out->src_port = in->dst_port; out->dst_port = in->src_port; out->ip_proto = in->ip_proto; out->security_zone = in->security_zone; if (in->ip_type == IP_TYPE_V4) { out->src_addr.v4.s_addr = in->dst_addr.v4.s_addr; out->dst_addr.v4.s_addr = in->src_addr.v4.s_addr; } else { memcpy(&out->src_addr.v6, &in->dst_addr.v6, sizeof(in->dst_addr.v6)); memcpy(&out->dst_addr.v6, &in->src_addr.v6, sizeof(in->src_addr.v6)); } } void session_key_tostring(const struct session_key *key, char *buf, uint32_t buf_len) { char src_addr[INET6_ADDRSTRLEN] = {0}; char dst_addr[INET6_ADDRSTRLEN] = {0}; if (key->ip_type == IP_TYPE_V4) { inet_ntop(AF_INET, &key->src_addr.v4, src_addr, sizeof(src_addr)); inet_ntop(AF_INET, &key->dst_addr.v4, dst_addr, sizeof(dst_addr)); } else { inet_ntop(AF_INET6, &key->src_addr.v6, src_addr, sizeof(src_addr)); inet_ntop(AF_INET6, &key->dst_addr.v6, dst_addr, sizeof(dst_addr)); } snprintf(buf, buf_len, "%s:%u -> %s:%u, proto: %u, zone: %lu", src_addr, ntohs(key->src_port), dst_addr, ntohs(key->dst_port), key->ip_proto, key->security_zone); } /****************************************************************************** * session ******************************************************************************/ void session_init(struct session *sess) { memset(sess, 0, sizeof(struct session)); event_queue_init(&sess->events); } // session id void session_set_id(struct session *sess, uint64_t id) { sess->id = id; } uint64_t session_get_id(struct session *sess) { return sess->id; } // session key void session_set_key(struct session *sess, struct session_key *key) { memcpy(&sess->key, key, sizeof(struct session_key)); } struct session_key *session_get0_key(struct session *sess) { return &sess->key; } // session state void session_set_state(struct session *sess, enum session_state state) { sess->state = state; } enum session_state session_get_state(struct session *sess) { return sess->state; } // session type void session_set_type(struct session *sess, enum session_type type) { sess->type = type; } enum session_type session_get_type(struct session *sess) { return sess->type; } // session metrics void session_inc_c2s_metrics(struct session *sess, uint64_t packets, uint64_t bytes) { sess->c2s_bytes += bytes; sess->c2s_packets += packets; } void session_inc_s2c_metrics(struct session *sess, uint64_t packets, uint64_t bytes) { sess->s2c_bytes += bytes; sess->s2c_packets += packets; } uint64_t session_get_c2s_bytes(struct session *sess) { return sess->c2s_bytes; } uint64_t session_get_s2c_bytes(struct session *sess) { return sess->s2c_bytes; } uint64_t session_get_c2s_packets(struct session *sess) { return sess->c2s_packets; } uint64_t session_get_s2c_packets(struct session *sess) { return sess->s2c_packets; } // session metadata void session_set_c2s_1st_md(struct session *sess, struct metadata *md) { memcpy(&sess->c2s_1st_md, md, sizeof(struct metadata)); } void session_set_s2c_1st_md(struct session *sess, struct metadata *md) { memcpy(&sess->s2c_1st_md, md, sizeof(struct metadata)); } struct metadata *session_get0_c2s_1st_md(struct session *sess) { return &sess->c2s_1st_md; } struct metadata *session_get0_s2c_1st_md(struct session *sess) { return &sess->s2c_1st_md; } // session timestamp void session_set_create_time(struct session *sess, uint64_t timestamp) { sess->create_time = timestamp; } void session_set_last_time(struct session *sess, uint64_t timestamp) { sess->last_time = timestamp; } uint64_t session_get_create_time(struct session *sess) { return sess->create_time; } uint64_t session_get_last_time(struct session *sess) { return sess->last_time; } // session event bool session_push_event(struct session *sess, uint32_t event) { return event_queue_push(&sess->events, event); } bool session_pop_event(struct session *sess, uint32_t *event) { return event_queue_pop(&sess->events, event); } /****************************************************************************** * session ex data ******************************************************************************/ /* * the exdata prodoced by user, and comsumed by same user. * so, the exdata is not shared by different user. * otherwise, the exdata need dup by refer count, and free by refer count. * * if key exist, not allow update, return original index. */ uint8_t session_get_ex_new_index(const char *key, session_ex_free_cb *free_cb, void *args) { if (g_ex_manager.count >= EX_DATA_MAX_COUNT) { abort(); return EX_DATA_MAX_COUNT; } for (uint8_t i = 0; i < g_ex_manager.count; i++) { if (strcmp(g_ex_manager.schemas[i].key, key) == 0) { return i; } } uint8_t idx = g_ex_manager.count; g_ex_manager.count++; struct ex_schema *schema = &g_ex_manager.schemas[idx]; strncpy(schema->key, key, EX_KEY_MAX_LEN); schema->free_cb = free_cb; schema->args = args; return idx; } /* * Support update ex_data. * * if key exist: run free_cb free old value, then set new value. * if not run free_cb, old value will be memory leak. * if not allow update, new value will be memory leak. * if key not exist: set new value. */ void session_set_ex_data(struct session *sess, uint8_t idx, void *val) { if (idx >= g_ex_manager.count) { assert(0); return; } session_free_ex_data(sess, idx); sess->ex_data[idx] = val; } void *session_get0_ex_data(struct session *sess, uint8_t idx) { if (idx >= g_ex_manager.count) { assert(0); return NULL; } return sess->ex_data[idx]; } /* * after set ex_data, the owner of ex_data is session, so user should not free it directly. * if user want to free ex_data, should use session_free_ex_data. */ void session_free_ex_data(struct session *sess, uint8_t idx) { if (idx >= g_ex_manager.count) { assert(0); return; } struct ex_schema *schema = &g_ex_manager.schemas[idx]; if (schema->free_cb != NULL && sess->ex_data[idx] != NULL) { schema->free_cb(sess, idx, sess->ex_data[idx], schema->args); } sess->ex_data[idx] = NULL; } /****************************************************************************** * session expire ******************************************************************************/ // session expire void session_set_expirecb(struct session *sess, session_expire_cb expire_cb, void *expire_arg, uint64_t expire_abs_ts) { struct timeout *timeout = &sess->timeout; timeout_init(timeout, TIMEOUT_ABS); timeout_setcb(timeout, NULL, sess); sess->expire_cb = expire_cb; sess->expire_arg = expire_arg; sess->expire_abs_ts = expire_abs_ts; } void session_del_expirecb(struct session *sess) { struct timeout *timeout = &sess->timeout; timeout_init(timeout, 0); sess->expire_cb = NULL; sess->expire_arg = NULL; sess->expire_abs_ts = 0; } void session_run_expirecb(struct session *sess) { if (sess->expire_cb) { sess->expire_cb(sess, sess->expire_arg); } }