gfwleak/tango-certstore
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* 修改Redis存储key值,删除签发证书指纹,增加界面操作时间索引

Browse Source 
* 修改json配置文件
This commit is contained in:
fengweihao
2019-11-21 17:35:09 +08:00
parent db23592c46
commit 3662ddd884
3 changed files with 17 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
program/include/cert_conf.h
View File

@@ -42,9 +42,9 @@ struct pxy_obj_keyring{
char keyring_type[CT_ARRARY_LEN];
char public_algo[CT_STRING_MAX];
char v3_ctl[CT_STRING_MAX];
char finger[EVP_MAX_MD_SIZE];
int is_send;
int is_valid;
int is_valid;
uint64_t op_time;
atomic64_t ref_cnt;
STACK_OF(X509) *stack_ca;
};

18
program/src/cert_session.cpp
View File

@@ -845,14 +845,6 @@ long __attribute__((__unused__))argl, void __attribute__((__unused__))*argp)
atomic64_dec(&pxy_obj->ref_cnt);
if (atomic64_read(&pxy_obj->ref_cnt) == 0)
{
#ifdef RT_REDIS_ADVANCED
int xret; char *command;
asprintf(&command, "redis-cli keys \"%d*\" | xargs redis-cli del", pxy_obj->keyring_id);
xret = system(command);
if ((-1 == xret) || (!WIFEXITED(xret)) || (0 != WEXITSTATUS(xret))){
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "del keyringid %d failed", pxy_obj->keyring_id);
}
#endif
if (pxy_obj->issuer)
X509_free(pxy_obj->issuer);
if (pxy_obj->key)
@@ -1423,7 +1415,7 @@ x509_get_rkey(X509 *origin, int keyring_id, char *rkey, int is_valid)
struct pxy_obj_keyring *pxy_obj = get_obj_for_id(keyring_id);
if (pxy_obj != NULL)
{
snprintf(rkey, DATALEN, "%d:%s:%s:%d", keyring_id, hex, pxy_obj->finger, is_valid);
snprintf(rkey, DATALEN, "%d:%lu:%s:%d", keyring_id, pxy_obj->op_time, hex, is_valid);
goto finish;
}
snprintf(rkey, DATALEN, "%d:%s:%d", keyring_id, hex, is_valid);
@@ -2002,10 +1994,10 @@ const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long __attribute__((__unused__)
memset(pxy_obj, 0, sizeof(struct pxy_obj_keyring));
atomic64_set(&pxy_obj->ref_cnt, 1);
ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%s\t%lu\t%s\t%s\t%d\t%d", &pxy_obj->keyring_id, profile_name,
ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%s\t%lu\t%s\t%s\t%d\t%d\t%lu", &pxy_obj->keyring_id, profile_name,
pxy_obj->keyring_type, private_file, public_file, &pxy_obj->expire_time, pxy_obj->public_algo,
pxy_obj->v3_ctl, &pxy_obj->is_send, &pxy_obj->is_valid);
if(ret!=10)
pxy_obj->v3_ctl, &pxy_obj->is_send, &pxy_obj->is_valid, &pxy_obj->op_time);
if(ret!=11)
{
kfree(pxy_obj);
mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "certstore parse config failed: %s", table_line);
@@ -2026,8 +2018,6 @@ const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long __attribute__((__unused__)
}
mesa_runtime_log(RLOG_LV_INFO, MODULE_NAME, "initialize the x509 certificate, the keyring id is %d",
pxy_obj->keyring_id);
x509_get_fingerprint(pxy_obj->issuer, pxy_obj->finger);
*ad = pxy_obj;
finish:
return;