gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cmsg中增加窗口大小

Browse Source
This commit is contained in:
崔一鸣
2019-06-05 15:42:46 +08:00
parent 0ccc62fe08
commit d1524eb81b
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
common/include/kni_cmsg.h
View File

@@ -26,6 +26,8 @@ enum tfe_cmsg_tlv_type
TFE_CMSG_TCP_RESTORE_TS_CLIENT = 0x8,
TFE_CMSG_TCP_RESTORE_TS_SERVER = 0x9,
TFE_CMSG_TCP_RESTORE_PROTOCOL = 0xa,
TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT = 0xb,
TFE_CMSG_TCP_RESTORE_WINDOW_SERVER = 0xc,
TFE_CMSG_POLICY_ID = 0x10,
TFE_CMSG_STREAM_TRACE_ID = 0x11,
@@ -36,8 +38,8 @@ enum tfe_cmsg_tlv_type
TFE_CMSG_SSL_UPSTREAM_VERSION, //string, SSLv3 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 unknown
TFE_CMSG_SSL_DOWNSTREAM_VERSION,
TFE_CMSG_SSL_PINNING_STATE, //size uint64_t, 0-not pinning 1-pinning 2-maybe pinning
TFE_CMSG_SSL_CERT_VERIFY,
TFE_CMSG_SSL_ERROR
TFE_CMSG_SSL_CERT_VERIFY, //uint16_t
TFE_CMSG_SSL_ERROR //string
};
struct kni_cmsg* kni_cmsg_init();

14
entry/src/kni_entry.cpp
View File

@@ -43,6 +43,8 @@ struct pme_info{
int service;
struct kni_tcpopt_info *client_tcpopt;
struct kni_tcpopt_info *server_tcpopt;
uint16_t client_window;
uint16_t server_window;
int tfe_id;
void *logger;
char stream_trace_id[STREAM_TRACE_ID_LEN];
@@ -284,10 +286,12 @@ static void pme_info_destroy(struct pme_info *pmeinfo){
}
FREE(&pmeinfo);
}
/* TODO: segment fault
else{
KNI_LOG_DEBUG(logger, "can not free pmeinfo, sapp_release is %d, tfe_release is %d",
pmeinfo->sapp_release, pmeinfo->tfe_release);
}
*/
}
static int protocol_identify(const struct streaminfo* stream, char *buf, int len, struct protocol_identify_result *result){
@@ -342,6 +346,8 @@ static unsigned char* kni_cmsg_serialize_header_new(struct pme_info *pmeinfo, st
uint32_t ack = pktinfo->tcphdr->ack_seq;
uint16_t client_mss = htons(pmeinfo->client_tcpopt->mss);
uint16_t server_mss = htons(pmeinfo->server_tcpopt->mss);
uint16_t client_window = htons(pmeinfo->client_window);
uint16_t server_window = htons(pmeinfo->server_window);
//seq
int ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_TCP_RESTORE_SEQ, (const unsigned char*)&seq, 4);
if(ret < 0) goto error_out;
@@ -375,6 +381,12 @@ static unsigned char* kni_cmsg_serialize_header_new(struct pme_info *pmeinfo, st
//protocol
ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_TCP_RESTORE_PROTOCOL, (const unsigned char*)&protocol_type, 1);
if(ret < 0) goto error_out;
//client window
ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT, (const unsigned char*)&client_window, 2);
if(ret < 0) goto error_out;
//server window
ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_TCP_RESTORE_WINDOW_SERVER, (const unsigned char*)&server_window, 2);
if(ret < 0) goto error_out;
//maat policy id
policy_id = pmeinfo->policy_id;
ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_POLICY_ID, (const unsigned char*)&policy_id, sizeof(policy_id));
@@ -479,6 +491,7 @@ static char pending_opstate(const struct streaminfo *stream, struct pme_info *pm
pmeinfo->tfe_release = 1;
return APP_STATE_FAWPKT | APP_STATE_DROPME;
}
pmeinfo->client_window = pktinfo->tcphdr->window;
pmeinfo->client_tcpopt = kni_get_tcpopt(pktinfo->tcphdr, pktinfo->tcphdr_len);
FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_PKT], 0, FS_OP_ADD, 1);
return APP_STATE_FAWPKT | APP_STATE_GIVEME;
@@ -515,6 +528,7 @@ static char data_opstate(const struct streaminfo *stream, struct pme_info *pmein
}
// syn/ack
if(pktinfo->tcphdr->syn && pktinfo->tcphdr->ack){
pmeinfo->server_window = pktinfo->tcphdr->window;
pmeinfo->server_tcpopt = kni_get_tcpopt(pktinfo->tcphdr, pktinfo->tcphdr_len);
FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_PKT], 0, FS_OP_ADD, 1);
return APP_STATE_FAWPKT | APP_STATE_GIVEME;