diff --git a/entry/include/kni_dynamic_bypass.h b/entry/include/kni_dynamic_bypass.h index c75bc0c..1f91160 100644 --- a/entry/include/kni_dynamic_bypass.h +++ b/entry/include/kni_dynamic_bypass.h @@ -3,6 +3,8 @@ #define __KNI_DYNAMIC_BYPASS_H__ #include "kni_entry.h" +#include +#include int first_data_ssl_dynamic_bypass(struct streaminfo *stream, struct pme_info *pmeinfo, struct pkt_info *pktinfo, int thread_seq); void next_data_ssl_dynamic_bypass(struct pkt_info *pktinfo); diff --git a/entry/include/kni_entry.h b/entry/include/kni_entry.h index fb93919..9f9473a 100644 --- a/entry/include/kni_entry.h +++ b/entry/include/kni_entry.h @@ -18,6 +18,7 @@ #define MAX_STRING_LEN 32 #define TSG_DIAGNOSE_POLICY_CNT 32 +#define MAX_DOMAIN_LEN 2048 enum intercept_error{ @@ -101,7 +102,7 @@ struct pme_info{ char stream_addr[KNI_ADDR_MAX]; int do_log; int policy_id; - tsg_protocol_t protocol; + enum TSG_PROTOCOL protocol; enum kni_action action; int service; struct kni_tcpopt_info client_tcpopt; @@ -126,8 +127,9 @@ struct pme_info{ //kafka log struct TLD_handle_t *tld_handle; const struct streaminfo *stream; - int maat_result_num; - Maat_rule_t maat_result; + //int maat_result_num; + int n_maat_rule; + struct maat_rule maat_rule; //from tfe, kafka log uint64_t ssl_intercept_state; uint64_t ssl_pinningst; //defalut 0 @@ -151,7 +153,7 @@ struct pme_info{ //for proxy tcp option struct proxy_tcp_option pxy_tcp_option; int pxy_tcp_option_is_scan; - struct session_attribute_label *session_attribute; + struct session_runtime_attribute *session_attribute; //for ssl passthrough reason char ssl_passthrough_reason[KNI_SYMBOL_MAX]; }; @@ -243,7 +245,7 @@ struct kni_handle{ char maat_table_name[TABLE_MAX][_MAX_MAAT_TABLE_NAME_LEN]; // for proxy tcp option maat name int maat_table_id[TABLE_MAX]; struct proxy_tcp_option pxy_tcp_option; - int session_attribute_id; +// int session_attribute_id; int log_level; }; diff --git a/entry/include/kni_pxy_tcp_option.h b/entry/include/kni_pxy_tcp_option.h index adb6105..1c32432 100644 --- a/entry/include/kni_pxy_tcp_option.h +++ b/entry/include/kni_pxy_tcp_option.h @@ -8,7 +8,9 @@ int pxy_tcp_option_rule_init(const char* conffile, void *logger); -int pxy_tcp_option_get_param(Maat_feather_t maat_feather,const struct streaminfo *a_stream,struct pme_info *pmeinfo, void *logger); +//int pxy_tcp_option_get_param(Maat_feather_t maat_feather,const struct streaminfo *a_stream,struct pme_info *pmeinfo, void *logger); + +int pxy_tcp_option_param_get(struct pme_info *pmeinfo, void *logger); void pxy_tcp_option_modify_mss(struct pme_info *pmeinfo,void *logger); diff --git a/entry/src/kni_dynamic_bypass.cpp b/entry/src/kni_dynamic_bypass.cpp index 8425bcb..004ae3a 100644 --- a/entry/src/kni_dynamic_bypass.cpp +++ b/entry/src/kni_dynamic_bypass.cpp @@ -230,8 +230,9 @@ static int get_ssl_conn_info(struct pme_info *pmeinfo,struct pkt_info *pktinfo, const char *sip=NULL, *sport=NULL, *dip=NULL, *dport=NULL; char *addr_str = NULL; + const char *ja3_fingerprint = srt_attribute_get_ja3_fingerprint((const struct session_runtime_attribute *)pmeinfo->session_attribute); - if(pmeinfo->session_attribute->ja3_fingerprint == NULL) + if(ja3_fingerprint == NULL) { KNI_LOG_DEBUG(logger, "Dynamic bypass:get stream label ja3_fingerprint is null, stream traceid = %s", pmeinfo->stream_traceid); return 1; @@ -242,7 +243,8 @@ static int get_ssl_conn_info(struct pme_info *pmeinfo,struct pkt_info *pktinfo, ssl_feature->vlen = snprintf(ssl_feature->value, SSL_INFO_LEN, "%s:%s:%s", - pmeinfo->session_attribute->ja3_fingerprint,sip, + ja3_fingerprint, + sip, pmeinfo->domain_len > 0 ? (char*)&(pmeinfo->domain): dip); FREE(&addr_str); diff --git a/entry/src/kni_entry.cpp b/entry/src/kni_entry.cpp index 507d883..e1097e6 100644 --- a/entry/src/kni_entry.cpp +++ b/entry/src/kni_entry.cpp @@ -162,7 +162,7 @@ static int pme_info_init(struct pme_info *pmeinfo, const struct streaminfo *stre pmeinfo->stream = stream; pmeinfo->addr_type = (enum addr_type_t)stream->addr.addrtype; pmeinfo->ssl_cert_verify = -1; - uint64_t traceid = tsg_get_stream_id((struct streaminfo*)stream); + uint64_t traceid = tsg_get_stream_trace_id((struct streaminfo*)stream); snprintf(pmeinfo->stream_traceid, sizeof(pmeinfo->stream_traceid), "%" PRIu64 , traceid); if(g_kni_handle->log_level < RLOG_LV_FATAL) printaddr_r(&(stream->addr), pmeinfo->stream_addr, KNI_ADDR_MAX); @@ -236,12 +236,10 @@ static int log_generate(struct pme_info *pmeinfo){ if(pmeinfo->protocol == PROTO_HTTP){ TLD_append(tld_handle, (char*)"http_host", (void*)pmeinfo->domain.host, TLD_TYPE_STRING); } - tsg_log_t log_msg; - memset(&log_msg, 0, sizeof(log_msg)); - log_msg.result_num = pmeinfo->maat_result_num; - log_msg.result = &(pmeinfo->maat_result); - log_msg.a_stream = NULL; - int ret = tsg_send_log(g_tsg_log_instance, tld_handle, &log_msg, 0); + //int ret = tsg_send_log(g_tsg_log_instance, tld_handle, NULL, &pmeinfo->maat_rule, (size_t)pmeinfo->n_maat_rule, 0); + + int ret = tsg_send_log(g_tsg_log_instance, tld_handle, NULL, LOG_TYPE_SECURITY_EVENT, &pmeinfo->maat_rule, 1, 0); + //int ret = tsg_send_log(g_tsg_log_instance, tld_handle, &log_msg, 0); if(ret < 0){ FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1); KNI_LOG_ERROR(local_logger, "Failed at sendlog, ret = %d, strem_traceid = %s", @@ -264,7 +262,7 @@ static int log_generate(struct pme_info *pmeinfo){ break; } } - tsg_set_intercept_flow(&pmeinfo->maat_result, &pmeinfo->traffic_info,0); + tsg_set_intercept_flow(&pmeinfo->maat_rule, &pmeinfo->traffic_info, 0); FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_SUCC], 0, FS_OP_ADD, 1); return 0; @@ -324,169 +322,238 @@ int wrapped_kni_cmsg_set(struct kni_cmsg *cmsg, uint16_t type, const unsigned ch return ret; } -static int session_attribute_cmsg_set(struct kni_cmsg *cmsg, struct pme_info *pmeinfo) + +static int session_attr_subscribe_id_cmsg_set(const struct session_runtime_attribute *session_attr, struct kni_cmsg *cmsg, struct pme_info *pmeinfo) { - struct session_attribute_label *session_attribute = pmeinfo->session_attribute; int ret = 0; char empty_arr[MAX_STR_FIELD_LEN] = {0}; + const char *client_subscribe_id = srt_attribute_get_client_subscriber_id(session_attr); + const char *server_subscribe_id = srt_attribute_get_server_subscriber_id(session_attr); + + do{ + if(client_subscribe_id == NULL) + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_SUB_ID, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + } + else + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_SUB_ID, (const unsigned char*)client_subscribe_id, strlen(client_subscribe_id), pmeinfo); + } + if(ret < 0) break; + + if(server_subscribe_id == NULL) + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_SUB_ID, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + } + else + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_SUB_ID, (const unsigned char*)server_subscribe_id, strlen(server_subscribe_id), pmeinfo); + } + if(ret < 0) break; + }while(0); + + return ret; +} + +static int session_attr_asn_cmsg_set(const struct session_runtime_attribute *session_attr, struct kni_cmsg *cmsg, struct pme_info *pmeinfo) +{ + int ret = 0; + char empty_arr[MAX_STR_FIELD_LEN] = {0}; + const struct asn_info *client_asn = srt_attribute_get_client_ip_asn(session_attr); + const struct asn_info *server_asn = srt_attribute_get_server_ip_asn(session_attr); + + do{ + if(client_asn == NULL) + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + } + else + { + client_asn->asn_id == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_ASN, (const unsigned char*)client_asn->asn_id, strlen(client_asn->asn_id), pmeinfo); + + if(ret < 0) break; + + client_asn->organization == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_ORGANIZATION, (const unsigned char*)client_asn->organization, strlen(client_asn->organization), pmeinfo); + if(ret < 0) break; + } + + if(server_asn == NULL) + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + } + else + { + server_asn->asn_id == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_ASN, (const unsigned char*)server_asn->asn_id, strlen(server_asn->asn_id), pmeinfo); + if(ret < 0) break; + + server_asn->organization == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_ORGANIZATION, (const unsigned char*)server_asn->organization, strlen(server_asn->organization), pmeinfo); + if(ret < 0) break; + } + }while(0); + return ret; +} + +static int session_attr_ip_location_cmsg_set(const struct session_runtime_attribute *session_attr, struct kni_cmsg *cmsg, struct pme_info *pmeinfo) +{ + int ret = 0; + char empty_arr[MAX_STR_FIELD_LEN] = {0}; + const struct location_info *client_location = srt_attribute_get_client_ip_location(session_attr); + const struct location_info *server_location = srt_attribute_get_server_ip_location(session_attr); + + do{ + if(client_location == NULL) + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + } + else + { + client_location->country_full == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)client_location->country_full, strlen(client_location->country_full), pmeinfo); + if(ret < 0) break; + + client_location->province_full == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)client_location->province_full, strlen(client_location->province_full), pmeinfo); + if(ret < 0) break; + + client_location->city_full == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)client_location->city_full, strlen(client_location->city_full), pmeinfo); + if(ret < 0) break; + + client_location->subdivision_addr == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)client_location->subdivision_addr, strlen(client_location->subdivision_addr), pmeinfo); + if(ret < 0) break; + } + + if(server_location == NULL) + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + if(ret < 0) break; + } + else + { + server_location->country_full == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)server_location->country_full, strlen(server_location->country_full), pmeinfo); + if(ret < 0) break; + + server_location->province_full == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)server_location->province_full, strlen(server_location->province_full), pmeinfo); + if(ret < 0) break; + + server_location->city_full == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)server_location->city_full, strlen(server_location->city_full), pmeinfo); + if(ret < 0) break; + + server_location->subdivision_addr == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)server_location->subdivision_addr, strlen(server_location->subdivision_addr), pmeinfo); + if(ret < 0) break; + } + }while(0); + return ret; +} + + +static int session_attr_ja3_cmsg_set(const struct session_runtime_attribute *session_attr, struct kni_cmsg *cmsg, struct pme_info *pmeinfo) +{ + int ret = 0; + char empty_arr[MAX_STR_FIELD_LEN] = {0}; + + const char *ja3_fingerprint = srt_attribute_get_ja3_fingerprint(session_attr); + + ja3_fingerprint == NULL + ?ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo) + :ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, (const unsigned char*)ja3_fingerprint, strlen(ja3_fingerprint), pmeinfo); + + return ret; +} + + + +static int session_attr_fqdn_category_id_cmsg_set(const struct session_runtime_attribute *session_attr, struct kni_cmsg *cmsg, struct pme_info *pmeinfo) +{ + int ret = 0; + size_t n_category_ids = 0; + unsigned int category_ids[8] = {0}; + char fqdn_val[sizeof(int) * 8] = {0}; + char empty_arr[MAX_STR_FIELD_LEN] = {0}; + + n_category_ids = srt_attribute_get_category_ids((const struct session_runtime_attribute *)pmeinfo->session_attribute, category_ids, sizeof(category_ids)/sizeof(category_ids[0])); + + if(n_category_ids <= 0 || n_category_ids > 8) + { + ret = wrapped_kni_cmsg_set(cmsg, TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); + } + else + { + for(int i = 0 ; i < (int)n_category_ids; i++) + { + memcpy((void *)(fqdn_val + i * (sizeof(unsigned int))), (void *)&(category_ids[i]), sizeof(unsigned int)); + } + ret = wrapped_kni_cmsg_set(cmsg ,TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)fqdn_val, n_category_ids * sizeof(unsigned int) , pmeinfo); + } + return ret; +} + + + +static int session_attribute_cmsg_set(struct kni_cmsg *cmsg, struct pme_info *pmeinfo) +{ + int ret = 0; + struct session_runtime_attribute *session_attr = pmeinfo->session_attribute; + + if(session_attr == NULL) + { + return -1; + } do { - if(session_attribute->client_subscribe_id == NULL) - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_SUB_ID, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - else - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_SUB_ID, (const unsigned char*)session_attribute->client_subscribe_id->subscribe_id, strlen(session_attribute->client_subscribe_id->subscribe_id), pmeinfo); + ret = session_attr_subscribe_id_cmsg_set(session_attr, cmsg, pmeinfo); if(ret < 0) break; - if(session_attribute->server_subscribe_id == NULL) - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_SUB_ID, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - else - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_SUB_ID, (const unsigned char*)session_attribute->server_subscribe_id->subscribe_id, strlen(session_attribute->server_subscribe_id->subscribe_id), pmeinfo); + ret = session_attr_asn_cmsg_set(session_attr, cmsg, pmeinfo); if(ret < 0) break; - if(session_attribute->client_asn == NULL) - { - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - } - else - { - if(session_attribute->client_asn->asn_id == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_ASN, (const unsigned char*)session_attribute->client_asn->asn_id, strlen(session_attribute->client_asn->asn_id), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->client_asn->organization){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - } - else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_ORGANIZATION, (const unsigned char*)session_attribute->client_asn->organization, strlen(session_attribute->client_asn->organization), pmeinfo); - } - if(ret < 0) break; - } + ret = session_attr_ip_location_cmsg_set(session_attr, cmsg, pmeinfo); + if(ret < 0) break; - if(session_attribute->server_asn == NULL) - { - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - } - else - { - if(session_attribute->server_asn->asn_id == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_ASN, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_ASN, (const unsigned char*)session_attribute->server_asn->asn_id, strlen(session_attribute->server_asn->asn_id), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->server_asn->organization == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_ORGANIZATION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_ORGANIZATION, (const unsigned char*)session_attribute->server_asn->organization, strlen(session_attribute->server_asn->organization), pmeinfo); - } - if(ret < 0) break; - } + ret = session_attr_ja3_cmsg_set(session_attr, cmsg, pmeinfo); + if(ret < 0) break; - if(session_attribute->client_location == NULL) - { - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - } - else - { - if(session_attribute->client_location->country_full == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (const unsigned char*)session_attribute->client_location->country_full, strlen(session_attribute->client_location->country_full), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->client_location->province_full == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_PROVINE, (const unsigned char*)session_attribute->client_location->province_full, strlen(session_attribute->client_location->province_full), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->client_location->city_full == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_CITY, (const unsigned char*)session_attribute->client_location->city_full, strlen(session_attribute->client_location->city_full), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->client_location->subdivision_addr == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (const unsigned char*)session_attribute->client_location->subdivision_addr, strlen(session_attribute->client_location->subdivision_addr), pmeinfo); - } - if(ret < 0) break; - } - - if(session_attribute->server_location == NULL) - { - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - if(ret < 0) break; - } - else - { - if(session_attribute->server_location->country_full == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_COUNTRY, (const unsigned char*)session_attribute->server_location->country_full, strlen(session_attribute->server_location->country_full), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->server_location->province_full == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_PROVINE, (const unsigned char*)session_attribute->server_location->province_full, strlen(session_attribute->server_location->province_full), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->server_location->city_full == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_CITY, (const unsigned char*)session_attribute->server_location->city_full, strlen(session_attribute->server_location->city_full), pmeinfo); - } - if(ret < 0) break; - if(session_attribute->server_location->subdivision_addr == NULL){ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - }else{ - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (const unsigned char*)session_attribute->server_location->subdivision_addr, strlen(session_attribute->server_location->subdivision_addr), pmeinfo); - } - if(ret < 0) break; - } - if(session_attribute->ja3_fingerprint == NULL) - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - else - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, (const unsigned char*)session_attribute->ja3_fingerprint, strlen(session_attribute->ja3_fingerprint), pmeinfo); - - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_FQDN_CAT_ID_NUM, (const unsigned char*)&(session_attribute->fqdn_category_id_num), sizeof(unsigned int), pmeinfo); - - if(session_attribute->fqdn_category_id_num <= 0 || session_attribute->fqdn_category_id_num > 8) - { - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)empty_arr, strlen(empty_arr), pmeinfo); - } - else - { - char fqdn_val[sizeof(session_attribute->fqdn_category_id)] = {0}; - for(int i = 0 ; i < session_attribute->fqdn_category_id_num; i ++) - { - memcpy((void *)(fqdn_val + i * (sizeof(unsigned int))), (void *)&(session_attribute->fqdn_category_id[i]), sizeof(unsigned int)); - } - ret = wrapped_kni_cmsg_set(cmsg,TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)fqdn_val,session_attribute->fqdn_category_id_num *sizeof(unsigned int) , pmeinfo); - } - + ret = session_attr_fqdn_category_id_cmsg_set(session_attr, cmsg, pmeinfo); + if(ret < 0) break; }while(0); return ret; } @@ -1085,124 +1152,133 @@ static int dabloom_add(struct pkt_info *pktinfo, int thread_seq){ return ret; } -static struct session_attribute_label * kni_pull_session_attribute_results(struct streaminfo *a_stream,struct pme_info *pmeinfo) +static struct session_runtime_attribute * kni_pull_session_attribute_results(struct streaminfo *a_stream, struct pme_info *pmeinfo) { - struct session_attribute_label *session_attribute = NULL; + const struct session_runtime_attribute *session_attr = NULL; void *logger = g_kni_handle->local_logger; - session_attribute = (struct session_attribute_label *)project_req_get_struct(a_stream, g_kni_handle->session_attribute_id); - if(session_attribute != NULL) + session_attr = session_runtime_attribute_get(a_stream); + if(session_attr == NULL) { - KNI_LOG_DEBUG(logger, "share-session-attribute: Success to get the session attribute results,stream traceid = %s", pmeinfo->stream_traceid); + KNI_LOG_ERROR(logger, "share-session-attribute: Failed to get the session attribute results,stream traceid = %s", pmeinfo->stream_traceid); + return NULL; + } + KNI_LOG_DEBUG(logger, "share-session-attribute: Success to get the session attribute results,stream traceid = %s", pmeinfo->stream_traceid); - if(session_attribute->client_subscribe_id == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: source subscribe id is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - KNI_LOG_DEBUG(logger, "share-session-attribute: source subscribe id is: %s,stream traceid = %s",session_attribute->client_subscribe_id->subscribe_id,pmeinfo->stream_traceid); + const char *client_subscribe_id = srt_attribute_get_client_subscriber_id(session_attr); + if(client_subscribe_id == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: source subscribe id is NULL,stream traceid = %s", pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: source subscribe id is: %s,stream traceid = %s", client_subscribe_id, pmeinfo->stream_traceid); - if(session_attribute->server_subscribe_id == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: destination subscribe id is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - KNI_LOG_DEBUG(logger, "share-session-attribute: destination subscribe id is: %s,stream traceid = %s",session_attribute->server_subscribe_id->subscribe_id,pmeinfo->stream_traceid); + const char *server_subscribe_id = srt_attribute_get_server_subscriber_id(session_attr); + if(server_subscribe_id == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: destination subscribe id is NULL,stream traceid = %s", pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: destination subscribe id is: %s,stream traceid = %s", server_subscribe_id, pmeinfo->stream_traceid); - if(session_attribute->client_asn == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: source asn and organization is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - { - if(session_attribute->client_asn->asn_id == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: source asn is NULL,stream traceid = %s", pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: source asn is: %s,stream traceid = %s",session_attribute->client_asn->asn_id, pmeinfo->stream_traceid); - } - if(session_attribute->client_asn->organization == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: source organization is: NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: source organization is: %s,stream traceid = %s",session_attribute->client_asn->organization, pmeinfo->stream_traceid); - } - } - - if(session_attribute->server_asn == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: destination asn and organization is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - { - if(session_attribute->server_asn->asn_id == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination asn: NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination asn:%s,stream traceid = %s",session_attribute->server_asn->asn_id,pmeinfo->stream_traceid); - } - if(session_attribute->server_asn->organization == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination organization NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination organization:%s,stream traceid = %s",session_attribute->server_asn->organization,pmeinfo->stream_traceid); - } - } - - if(session_attribute->client_location == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - { - if(session_attribute->client_location->country_full == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location country is NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location country is: %s,stream traceid = %s",session_attribute->client_location->country_full,pmeinfo->stream_traceid); - } - if(session_attribute->client_location->province_full == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location province is NULL,stream traceid = %s",pmeinfo->stream_traceid); - } - else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location province is: %s,stream traceid = %s",session_attribute->client_location->province_full,pmeinfo->stream_traceid); - } - if(session_attribute->client_location->city_full == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location city is NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location city is: %s,stream traceid = %s",session_attribute->client_location->city_full,pmeinfo->stream_traceid); - } - } - - if(session_attribute->server_location == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - { - if(session_attribute->server_location->country_full == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location country is NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location country is: %s,stream traceid = %s",session_attribute->server_location->country_full,pmeinfo->stream_traceid); - } - if(session_attribute->server_location->province_full == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location province is NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location province is: %s,stream traceid = %s",session_attribute->server_location->province_full,pmeinfo->stream_traceid); - } - if(session_attribute->server_location->city_full == NULL){ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location city is NULL,stream traceid = %s",pmeinfo->stream_traceid); - }else{ - KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location city is: %s,stream traceid = %s",session_attribute->server_location->city_full,pmeinfo->stream_traceid); - } - } - if(session_attribute->ja3_fingerprint == NULL) - KNI_LOG_DEBUG(logger, "share-session-attribute: ja3_fingerprint is NULL,stream traceid = %s",pmeinfo->stream_traceid); - else - KNI_LOG_DEBUG(logger, "share-session-attribute: ja3_fingerprint is %s,stream traceid = %s",session_attribute->ja3_fingerprint,pmeinfo->stream_traceid); - - - if(session_attribute->fqdn_category_id_num < 0 || session_attribute->fqdn_category_id_num > 8) - { - KNI_LOG_DEBUG(logger, "share-session-attribute: fqdn_category_id_num out of range( 0 <= value <= 8), value = %d,stream traceid = %s",session_attribute->fqdn_category_id_num,pmeinfo->stream_traceid); - } - else - { - for(int i= 0; i < session_attribute->fqdn_category_id_num; i ++) - { - KNI_LOG_DEBUG(logger, "share-session-attribute: fqdn_category_id[%d] = %u,stream traceid = %s",i,session_attribute->fqdn_category_id[i],pmeinfo->stream_traceid); - } - } - + const struct asn_info *client_asn = srt_attribute_get_client_ip_asn(session_attr); + if(client_asn == NULL) + { + KNI_LOG_DEBUG(logger, "share-session-attribute: source asn and organization is NULL,stream traceid = %s", pmeinfo->stream_traceid); } else { - KNI_LOG_ERROR(logger, "share-session-attribute: Failed to get the session attribute results,stream traceid = %s", pmeinfo->stream_traceid); + if(client_asn->asn_id == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: source asn is NULL,stream traceid = %s", pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: source asn is: %s,stream traceid = %s", client_asn->asn_id, pmeinfo->stream_traceid); + + if(client_asn->organization == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: source organization is: NULL,stream traceid = %s", pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: source organization is: %s,stream traceid = %s", client_asn->organization, pmeinfo->stream_traceid); } - return session_attribute; + const struct asn_info *server_asn = srt_attribute_get_server_ip_asn(session_attr); + if(server_asn == NULL) + { + KNI_LOG_DEBUG(logger, "share-session-attribute: destination asn and organization is NULL,stream traceid = %s", pmeinfo->stream_traceid); + } + else + { + if(server_asn->asn_id == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: destination asn: NULL,stream traceid = %s",pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: destination asn:%s,stream traceid = %s", server_asn->asn_id, pmeinfo->stream_traceid); + + if(server_asn->organization == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: destination organization NULL,stream traceid = %s",pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: destination organization:%s,stream traceid = %s", server_asn->organization, pmeinfo->stream_traceid); + } + + const struct location_info *client_location = srt_attribute_get_client_ip_location(session_attr); + if(client_location == NULL) + { + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location is NULL,stream traceid = %s",pmeinfo->stream_traceid); + } + else + { + if(client_location->country_full == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location country is NULL,stream traceid = %s",pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location country is: %s,stream traceid = %s",client_location->country_full,pmeinfo->stream_traceid); + + if(client_location->province_full == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location province is NULL,stream traceid = %s", pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location province is: %s,stream traceid = %s", client_location->province_full, pmeinfo->stream_traceid); + + if(client_location->city_full == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location city is NULL,stream traceid = %s", pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: source ip location city is: %s,stream traceid = %s", client_location->city_full, pmeinfo->stream_traceid); + } + + const struct location_info *server_location = srt_attribute_get_server_ip_location(session_attr); + if(server_location == NULL) + { + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location is NULL,stream traceid = %s",pmeinfo->stream_traceid); + } + else + { + if(server_location->country_full == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location country is NULL,stream traceid = %s",pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location country is: %s,stream traceid = %s",server_location->country_full, pmeinfo->stream_traceid); + + if(server_location->province_full == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location province is NULL,stream traceid = %s",pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location province is: %s,stream traceid = %s", server_location->province_full, pmeinfo->stream_traceid); + + if(server_location->city_full == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location city is NULL,stream traceid = %s",pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: destination ip location city is: %s,stream traceid = %s", server_location->city_full, pmeinfo->stream_traceid); + } + + const char *ja3_fingerprint = srt_attribute_get_ja3_fingerprint(session_attr); + if(ja3_fingerprint == NULL) + KNI_LOG_DEBUG(logger, "share-session-attribute: ja3_fingerprint is NULL,stream traceid = %s",pmeinfo->stream_traceid); + else + KNI_LOG_DEBUG(logger, "share-session-attribute: ja3_fingerprint is %s,stream traceid = %s", ja3_fingerprint, pmeinfo->stream_traceid); + + unsigned int category_ids[8] = {0}; + int n_category_ids = srt_attribute_set_category_ids(a_stream, category_ids, sizeof(category_ids)/sizeof(category_ids[0])); + if(n_category_ids < 0 || n_category_ids > 8) + { + KNI_LOG_DEBUG(logger, "share-session-attribute: fqdn_category_id_num out of range( 0 <= value <= 8), value = %d,stream traceid = %s", n_category_ids, pmeinfo->stream_traceid); + } + else + { + for(int i= 0; i < n_category_ids; i ++) + { + KNI_LOG_DEBUG(logger, "share-session-attribute: fqdn_category_id[%d] = %u,stream traceid = %s",i, category_ids[i],pmeinfo->stream_traceid); + } + } + + return (struct session_runtime_attribute *)session_attr; } @@ -1334,7 +1410,7 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei } //intercept_error: no tfe - if(tsg_diagnose_judge_streamshunt(pmeinfo->maat_result.config_id,pmeinfo) == 0) // tsg diagnose shunt + if(tsg_diagnose_judge_streamshunt(pmeinfo->maat_rule.rule_id, pmeinfo) == 0) // tsg diagnose shunt pmeinfo->tfe_id = tfe_mgr_alive_node_get(g_kni_handle->_tfe_mgr, thread_seq); else pmeinfo->tfe_id = tfe_mgr_alive_node_cycle_get(g_kni_handle->_tfe_mgr, (int *)&(g_kni_handle->arr_last_tfe_dispatch_index[thread_seq])); @@ -1613,30 +1689,44 @@ char first_data_process(struct streaminfo *stream, struct pme_info *pmeinfo, str //first data packet, get action void *logger = g_kni_handle->local_logger; int maat_hit = 0; - int ret = 0; - struct identify_info _identify_info; - ret = tsg_pull_policy_result(stream, PULL_KNI_RESULT, &(pmeinfo->maat_result), 1, &_identify_info); + size_t n_hit_rule = 0; + n_hit_rule = session_matched_rules_copy(stream, TSG_SERVICE_INTERCEPT, &pmeinfo->maat_rule, 1); + //ret = tsg_pull_policy_result(stream, PULL_KNI_RESULT, &(pmeinfo->maat_result), 1, &_identify_info); //ret == 0, bypass and dropme - if(ret == 0){ + if(n_hit_rule == 0){ pmeinfo->action = KNI_ACTION_NONE; maat_hit = 0; KNI_LOG_INFO(logger, "intercept_policy_scan: %s, %s, maat_hit = %d, stream traceid = %s", pmeinfo->stream_addr, (char*)&(pmeinfo->domain), maat_hit, pmeinfo->stream_traceid); } - else{ - pmeinfo->maat_result_num = 1; - pmeinfo->protocol = _identify_info.proto; - pmeinfo->domain_len = MIN(_identify_info.domain_len, (int)sizeof(pmeinfo->domain) - 1); - strncpy(pmeinfo->domain.sni, _identify_info.domain, pmeinfo->domain_len); - pmeinfo->action = (enum kni_action)(pmeinfo->maat_result.action); - pmeinfo->policy_id = pmeinfo->maat_result.config_id; - pmeinfo->do_log = pmeinfo->maat_result.do_log; + else + { + const struct session_runtime_process_context *session_context = session_runtime_process_context_get((const struct streaminfo *)stream); + pmeinfo->n_maat_rule = 1; + pmeinfo->protocol = srt_process_context_get_protocol(session_context); + + const char *domain = srt_process_context_get_domain(session_context); + pmeinfo->domain_len = MIN(strlen(domain), (int)sizeof(pmeinfo->domain) - 1); + + if(pmeinfo->protocol == PROTO_HTTP) + { + strncpy(pmeinfo->domain.host, domain, pmeinfo->domain_len); + } + if(pmeinfo->protocol == PROTO_SSL) + { + strncpy(pmeinfo->domain.sni, domain, pmeinfo->domain_len); + } + + pmeinfo->action = KNI_ACTION_INTERCEPT; + //pmeinfo->action = (enum kni_action)(pmeinfo->maat_result.action); + pmeinfo->policy_id = pmeinfo->maat_rule.rule_id; + pmeinfo->do_log = pmeinfo->maat_rule.do_log; pmeinfo->thread_seq = thread_seq; pmeinfo->is_dynamic_bypass = 0; pmeinfo->session_attribute = kni_pull_session_attribute_results(stream,pmeinfo); maat_hit = 1; char *action_str = kni_maat_action_trans(pmeinfo->action); - KNI_LOG_INFO(logger, "intercept_policy_scan: %s, %s, maat_hit = %d, policy_id = %d, action = %d(%s), stream traceid = %s", + KNI_LOG_INFO(logger, "intercept_policy_scan: %s, %s, maat_hit = %d, rule_id = %d, action = %d(%s), stream traceid = %s", pmeinfo->stream_addr, (char*)&(pmeinfo->domain), maat_hit, pmeinfo->policy_id, pmeinfo->action, action_str, pmeinfo->stream_traceid); } switch(pmeinfo->action){ @@ -1646,12 +1736,15 @@ char first_data_process(struct streaminfo *stream, struct pme_info *pmeinfo, str pmeinfo->tld_handle = TLD_create(-1); if(g_kni_handle->pxy_tcp_option_enable == 1) { - KNI_LOG_DEBUG(logger, "Proxy-tcp-option: before scan status:%d ( 1 is has been scanned, other value not scan),stream traceid = %s", pmeinfo->pxy_tcp_option_is_scan,pmeinfo->stream_traceid); + pxy_tcp_option_param_get(pmeinfo, logger); +/* +* temp comment in version 23.04 if(pmeinfo->pxy_tcp_option_is_scan != 1) { - pxy_tcp_option_get_param(g_tsg_maat_feather,(const struct streaminfo *)stream,pmeinfo,logger); + //pxy_tcp_option_get_param(g_tsg_maat_feather,(const struct streaminfo *)stream,pmeinfo,logger); pmeinfo->pxy_tcp_option_is_scan = 1; } +*/ } return first_data_intercept(stream, pmeinfo, pktinfo, thread_seq); default: @@ -2601,7 +2694,7 @@ extern "C" int kni_init(){ struct thread_tfe_cmsg_receiver_args *cmsg_receiver_args; MESA_htable_handle traceid2pme_htable = NULL; struct tfe_mgr *_tfe_mgr = NULL; - char label_buff[MAX_STRING_LEN*4]={0}; + //char label_buff[MAX_STRING_LEN*4]={0}; tfe_cmsg_enum_to_string(); int ret = MESA_load_profile_string_nodef(profile, section, "log_path", log_path, sizeof(log_path)); if(ret < 0){ @@ -2893,7 +2986,7 @@ extern "C" int kni_init(){ KNI_LOG_ERROR(local_logger, "Failed at init pxy_tcp_option_rule"); goto error_out; } - +/* //register customer for share session attribute MESA_load_profile_string_def(profile, "share_session_attribute", "SESSION_ATTRIBUTE_LABEL", label_buff, sizeof(label_buff), "TSG_MASTER_INTERNAL_LABEL"); g_kni_handle->session_attribute_id = project_customer_register(label_buff, PROJECT_VAL_TYPE_STRUCT); @@ -2902,7 +2995,7 @@ extern "C" int kni_init(){ KNI_LOG_ERROR(local_logger,"Register %s failed; please check :%s ",label_buff,profile); return -1; } - +*/ //init tfe_mgr _tfe_mgr = tfe_mgr_init(tfe_node_count, profile, g_kni_handle->deploy_mode, local_logger); if(_tfe_mgr == NULL){ diff --git a/entry/src/kni_pxy_tcp_option.cpp b/entry/src/kni_pxy_tcp_option.cpp index 5f59271..25dd28e 100644 --- a/entry/src/kni_pxy_tcp_option.cpp +++ b/entry/src/kni_pxy_tcp_option.cpp @@ -346,7 +346,6 @@ void pxy_tcp_option_default_param_dup(int idx, MAAT_RULE_EX_DATA *to, MAAT_RULE_ int pxy_tcp_option_rule_init(const char* conffile, void *logger) { - int i = 0; int pxy_tcp_option_enable = 1; int pxy_tcp_option_enable_override = 0; char section[KNI_SYMBOL_MAX] = "proxy_tcp_option"; @@ -357,7 +356,9 @@ int pxy_tcp_option_rule_init(const char* conffile, void *logger) MESA_load_profile_string_def(conffile, section, "maat_table_fqdn", g_kni_handle->maat_table_name[TABLE_SSL_FQDN], _MAX_MAAT_TABLE_NAME_LEN, "PXY_TCP_OPTION_SERVER_FQDN"); KNI_LOG_ERROR(logger, "Proxy-tcp-option: MESA_prof_load, [%s]:\n enabled: %d,enable_override:%d", section, pxy_tcp_option_enable,pxy_tcp_option_enable_override); g_kni_handle->pxy_tcp_option_enable = pxy_tcp_option_enable; - g_kni_handle->pxy_tcp_option_enable_override = pxy_tcp_option_enable_override; + //g_kni_handle->pxy_tcp_option_enable_override = pxy_tcp_option_enable_override; + //temp comment in version 23.04. + g_kni_handle->pxy_tcp_option_enable_override = 1; MESA_load_profile_int_def(conffile, section, "client_tcp_maxseg_enable", &(g_kni_handle->pxy_tcp_option.client_tcp_maxseg_enable), 0); MESA_load_profile_int_def(conffile, section, "client_tcp_maxseg", &(g_kni_handle->pxy_tcp_option.client_tcp_maxseg), 1460); @@ -397,6 +398,7 @@ int pxy_tcp_option_rule_init(const char* conffile, void *logger) KNI_LOG_ERROR(logger, "Proxy-tcp-option: Turn off tcp option"); return 0; } +/* temp comment in version 23.04 if(pxy_tcp_option_enable_override == 0) { KNI_LOG_ERROR(logger, "Proxy-tcp-option: Using configuration read from maat"); @@ -422,11 +424,11 @@ int pxy_tcp_option_rule_init(const char* conffile, void *logger) return -1; } } - +*/ return 0; } - +/* static int pxy_tcp_option_scan_addr(Maat_feather_t maat_feather,const struct streaminfo *a_stream, Maat_rule_t *result, int result_num,scan_status_t *mid,struct pme_info *pmeinfo, void *logger) { struct ipaddr t_addr; @@ -496,7 +498,11 @@ static int pxy_tcp_option_scan_addr(Maat_feather_t maat_feather,const struct str return hit_num; } +*/ + +/* +* temp comment in version 23.04 static int pxy_tcp_option_scan_domain(Maat_feather_t maat_feather, Maat_rule_t *result, int result_num,scan_status_t *mid, struct pme_info *pmeinfo, void *logger) { int hit_num = 0, maat_ret = 0; @@ -535,7 +541,9 @@ static int pxy_tcp_option_scan_domain(Maat_feather_t maat_feather, Maat_rule_t * } return hit_num; } +*/ +/* static struct Maat_rule_t *pxy_tcp_option_decision_criteria(Maat_rule_t *result, int result_num) { int i=0; @@ -560,7 +568,19 @@ static struct Maat_rule_t *pxy_tcp_option_decision_criteria(Maat_rule_t *result, } return p_result; } +*/ +int pxy_tcp_option_param_get(struct pme_info *pmeinfo, void *logger) +{ + struct proxy_tcp_option *pxy_tcpop = &pmeinfo->pxy_tcp_option; + + memcpy((void *)pxy_tcpop, (const void *)&g_kni_handle->pxy_tcp_option, sizeof(g_kni_handle->pxy_tcp_option)); + KNI_LOG_DEBUG(logger,"Proxy-tcp-option: Using override configuration, streamid = %s", pmeinfo->stream_traceid); + return 0; +} + +/* +* Temp comment in version 23.04 int pxy_tcp_option_get_param(Maat_feather_t maat_feather,const struct streaminfo *a_stream,struct pme_info *pmeinfo, void *logger) { int scan_ret = 0, hit_num = 0, is_not_default = 0, ret = 0; @@ -627,7 +647,7 @@ int pxy_tcp_option_get_param(Maat_feather_t maat_feather,const struct streaminfo } return ret; } - +*/ void pxy_tcp_option_modify_mss(struct pme_info *pmeinfo,void *logger) {