gfwleak/tango-certstore
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.添加扫描框架maat,根据json文件初始化keyring链

Browse Source 
2.添加源证书时签发流程
This commit is contained in:
fengweihao
2018-09-06 19:51:23 +08:00
parent dca65c0d8c
commit 2a844d3205
54 changed files with 7468 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
conf/cert_store.ini
View File

@@ -6,11 +6,13 @@ DEBUG_SWITCH = 1
RUN_LOG_LEVEL = 20
RUN_LOG_PATH = ./logs
[CONFIG]
thread-nu = 1
thread-nu = 4
table_info = ../conf/table_info.conf
pxy_obj_keyring = ../conf/pxy_obj_keyring.json
ca-path = ../ca
valid-days = 30
[LIBEVENT]
port = 9995
port = 9991
[REDIS]
ip = 127.0.0.1
port = 6379

85
conf/pxy_obj_keyring.json Normal file
View File

@@ -0,0 +1,85 @@
{
"compile_table": "COMPILE",
"group_table": "GROUP",
"rules": [
{
"compile_id": 123,
"service": 1,
"action": 1,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "escaped\\bdata:have\\ba\\bspace\\band\\ba\\b\\&\\bsymbol.",
"is_valid": "yes",
"groups": [
{
"group_name": "IP_group",
"regions": [
{
"table_name": "IP_CONFIG",
"table_type": "ip",
"table_content": {
"addr_type": "ipv4",
"src_ip": "10.0.6.201",
"mask_src_ip": "255.255.0.0",
"src_port": "0",
"mask_src_port": "65535",
"dst_ip": "0.0.0.0",
"mask_dst_ip": "255.255.255.255",
"dst_port": "0",
"mask_dst_port": "65535",
"protocol": 6,
"direction": "double"
}
},
{
"table_name": "IP_CONFIG",
"table_type": "ip",
"table_content": {
"addr_type": "ipv6",
"src_ip": "2001:da8:205:1::101",
"mask_src_ip": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:0000",
"src_port": "0",
"mask_src_port": "65535",
"dst_ip": "0::0",
"mask_dst_ip": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",
"dst_port": "0",
"mask_dst_port": "65535",
"protocol": 6,
"direction": "double"
}
}
]
},
{
"group_name": "Untitled",
"regions": [
{
"table_name": "HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "abckkk&123",
"expr_type": "and",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
}
],
"plugin_table": [
{
"table_name": "PXY_OBJ_KEYRING",
"table_content": [
"1\t1\tname_01\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
"2\t1\tname_02\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
"3\t1\tname_03\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
"4\t1\tname_04\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
"5\t1\tname_05\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
"6\t1\tname_06\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1"
]
}
]
}

20
conf/table_info.conf Normal file
View File

@@ -0,0 +1,20 @@
#each collumn seperate with '\t'
#id (0~65535)
#name string
#type one of ip,expr,expr_plus,digest,intval,compile or plugin
#src_charset one of GBK,BIG5,UNICODE,UTF8
#dst_charset combined by GBK,BIG5,UNICODE,UTF8,seperate with '/'
#do_merege [yes/no]
#cross cache [number]
#quick mode [quickon/quickoff], default [quickoff]
#For ip/intval/digest/compile/group
#id name type
#
#For plugin table
#id name type valid_column
#
#For expr/expr_plus Table
#id name type src_charset dst_charset do_merge cross_cache quick_mode
1 COMPILE compile
2 GROUP group
3 PXY_OBJ_KEYRING plugin 8