gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[patch]keep maat23.05 compatibility

Browse Source
This commit is contained in:
liuwentan
2023-05-31 13:28:16 +08:00
parent 51e29f0b95
commit 029a391f5d
6 changed files with 28 additions and 203 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
include/maat.h
View File

@@ -150,11 +150,8 @@ int maat_plugin_table_ex_schema_register(struct maat *instance, const char *tabl
/**
* returned data is duplicated by dup_func of maat_plugin_table_ex_schema_register,
* caller is responsible to free the data.
* NOTE: support three key type(integer, pointer, ip_addr) specified in table_info.conf
* if use ip_addr key type, then key should be ip address in network order.
*/
void *maat_plugin_table_get_ex_data(struct maat *instance, int table_id,
const char *key, size_t key_len);
void *maat_plugin_table_get_ex_data(struct maat *instance, int table_id, const char *key);
int maat_ip_plugin_table_get_ex_data(struct maat *instance, int table_id,
const struct ip_addr *ip, void **ex_data_array,

5
src/maat_api.c
View File

@@ -747,7 +747,7 @@ int maat_plugin_table_ex_schema_register(struct maat *maat_instance,
}
void *maat_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
const char *key, size_t key_len)
const char *key)
{
if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM
@@ -773,10 +773,9 @@ void *maat_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
void *ret = NULL;
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
if (TABLE_TYPE_COMPILE == table_type) {
assert(key_len == sizeof(long long));
ret = compile_runtime_get_ex_data(runtime, schema, *(long long *)key);
} else if (TABLE_TYPE_PLUGIN == table_type) {
ret = plugin_runtime_get_ex_data(runtime, schema, key, key_len);
ret = plugin_runtime_get_ex_data(runtime, schema, key, strlen(key));
} else {
return NULL;
}

121
src/maat_plugin.c
View File

@@ -43,8 +43,7 @@ struct plugin_runtime {
enum plugin_key_type {
PLUGIN_KEY_TYPE_INVALID = 0,
PLUGIN_KEY_TYPE_POINTER,
PLUGIN_KEY_TYPE_INTEGER,
PLUGIN_KEY_TYPE_IP_ADDR
PLUGIN_KEY_TYPE_INTEGER
};
#define MAX_PLUGIN_PER_TABLE 32
@@ -121,19 +120,10 @@ void *plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr,
schema->key_type = PLUGIN_KEY_TYPE_POINTER;
} else if (strcmp(custom_item->valuestring, "integer") == 0) {
schema->key_type = PLUGIN_KEY_TYPE_INTEGER;
} else if (strcmp(custom_item->valuestring, "ip_addr") == 0) {
schema->key_type = PLUGIN_KEY_TYPE_IP_ADDR;
custom_item = cJSON_GetObjectItem(item, "addr_type");
if (NULL == custom_item || custom_item->type != cJSON_Number) {
log_error(logger, MODULE_PLUGIN,
"[%s:%d]plugin table:<%s> schema ip_addr key must have addr_type column",
__FUNCTION__, __LINE__, table_name);
}
schema->addr_type_column = custom_item->valueint;
} else {
log_error(logger, MODULE_PLUGIN,
"[%s:%d]plugin table:<%s> schema key_type:%s is illegal, "
"just allow {pointer}, {integer} or {ip_addr}",
"just allow {pointer}, {integer}",
__FUNCTION__, __LINE__, table_name,
custom_item->valuestring);
goto error;
@@ -398,94 +388,6 @@ int plugin_accept_tag_match(struct plugin_schema *schema, const char *table_name
return TAG_MATCH_MATCHED;
}
int plugin_table_line_get_key(struct plugin_schema *schema, const char *table_name,
const char *line, char *dst_key, size_t *dst_key_len,
struct log_handle *logger)
{
size_t key_offset = 0, key_len = 0;
int ret = get_column_pos(line, schema->key_column, &key_offset, &key_len);
if (ret < 0) {
log_error(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> has no key(column seq:%d)"
" in table_line:%s", __FUNCTION__, __LINE__, table_name,
schema->key_column, line);
return -1;
}
long long key_int = 0;
const char *common_key = line + key_offset;
if (schema->key_type == PLUGIN_KEY_TYPE_POINTER) {
memcpy(dst_key, common_key, key_len);
*dst_key_len = key_len;
} else if (schema->key_type == PLUGIN_KEY_TYPE_INTEGER) {
key_int = atoll(common_key);
memcpy(dst_key, (char *)&key_int, sizeof(long long));
*dst_key_len = sizeof(long long);
} else if (schema->key_type == PLUGIN_KEY_TYPE_IP_ADDR) {
if (key_len >= INET6_ADDRSTRLEN) {
log_error(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> ip_key too long(illegal) in "
"table_line:%s", __FUNCTION__, __LINE__, table_name, line);
return -1;
}
size_t addr_type_offset = 0, addr_type_len = 0;
ret = get_column_pos(line, schema->addr_type_column, &addr_type_offset,
&addr_type_len);
if (ret < 0) {
log_error(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> has no addr_type(column seq:%d)"
" in table_line:%s", __FUNCTION__, __LINE__, table_name,
schema->addr_type_column, line);
return -1;
}
char ip_key[INET6_ADDRSTRLEN] = {0};
//snprintf() write at most (key_len+1) bytes (including the terminating null{'\0}) to ip_key.
snprintf(ip_key, key_len + 1, "%s", common_key);
int addr_type = atoi(line + addr_type_offset);
if (IPV4 == addr_type) {
uint32_t ipv4_addr;
ret = inet_pton(AF_INET, ip_key, &ipv4_addr);
if (ret <= 0) {
log_error(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> ipv4 key(column seq:%d)"
" illegal in table_line:%s", __FUNCTION__, __LINE__,
table_name, schema->key_column, line);
return -1;
}
memcpy(dst_key, (char *)&ipv4_addr, sizeof(ipv4_addr));
*dst_key_len = sizeof(ipv4_addr);
} else if (IPV6 == addr_type) {
uint8_t ipv6_addr[16];
ret = inet_pton(AF_INET6, ip_key, ipv6_addr);
if (ret <= 0) {
log_error(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> ipv6 key(column seq:%d)"
" illegal in table_line:%s", __FUNCTION__, __LINE__,
table_name, schema->key_column, line);
return -1;
}
memcpy(dst_key, (char *)&ipv6_addr, sizeof(ipv6_addr));
*dst_key_len = sizeof(ipv6_addr);
} else {
log_error(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> addr_type:%d illegal, just"
" allow{4, 6}, table_line:%s", __FUNCTION__, __LINE__,
table_name, addr_type, line);
return -1;
}
}
return 0;
}
int plugin_runtime_update(void *plugin_runtime, void *plugin_schema,
const char *table_name, const char *line,
int valid_column)
@@ -513,15 +415,21 @@ int plugin_runtime_update(void *plugin_runtime, void *plugin_schema,
return -1;
}
char key[MAX_KEYWORDS_STR] = {0};
size_t key_len = 0;
ret = plugin_table_line_get_key(schema, table_name, line, key, &key_len,
plugin_rt->logger);
size_t key_offset = 0, key_len = 0;
ret = get_column_pos(line, schema->key_column, &key_offset, &key_len);
if (ret < 0) {
plugin_rt->update_err_cnt++;
return -1;
}
long long key_int = 0;
const char *key = line + key_offset;
if (schema->key_type == PLUGIN_KEY_TYPE_INTEGER) {
key_int = atoll(key);
key = (char *)&key_int;
key_len = sizeof(long long);
}
ret = plugin_runtime_update_row(plugin_rt, schema, table_name, line,
key, key_len, is_valid);
if (ret < 0) {
@@ -630,6 +538,11 @@ void *plugin_runtime_get_ex_data(void *plugin_runtime, void *plugin_schema,
}
struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime;
struct plugin_schema *schema = (struct plugin_schema *)plugin_schema;
if (schema->key_type == PLUGIN_KEY_TYPE_INTEGER) {
key_len = sizeof(long long);
}
return ex_data_runtime_get_ex_data_by_key(plugin_rt->ex_data_rt, key, key_len);
}

76
test/maat_framework_gtest.cpp
View File

@@ -2594,7 +2594,7 @@ TEST_F(PluginTable, EX_DATA) {
const char *key1 = "HeBei";
struct plugin_ud *ud = NULL;
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
key1, strlen(key1));
key1);
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "Shijiazhuang");
EXPECT_EQ(ud->id, 1);
@@ -2602,7 +2602,7 @@ TEST_F(PluginTable, EX_DATA) {
const char *key2 = "ShanDong";
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
key2, strlen(key2));
key2);
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "Jinan");
EXPECT_EQ(ud->id, 3);
@@ -2628,7 +2628,7 @@ TEST_F(PluginTable, KEY_TYPE) {
long long key1 = 11111111;
struct plugin_ud *ud = NULL;
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
(char *)&key1, sizeof(long long));
(char *)&key1);
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "Shijiazhuang");
EXPECT_EQ(ud->id, 1);
@@ -2636,75 +2636,13 @@ TEST_F(PluginTable, KEY_TYPE) {
long long key2 = 33333333;
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
(char *)&key2, sizeof(long long));
(char *)&key2);
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "Jinan");
EXPECT_EQ(ud->id, 3);
plugin_EX_free_cb(table_id, (void **)&ud, 0, NULL);
}
TEST_F(PluginTable, IP_KEY_TYPE) {
const char *table_name = "TEST_PLUGIN_IP_KEY_TYPE_TABLE";
struct maat *maat_instance = PluginTable::_shared_maat_instance;
int table_id = maat_get_table_id(maat_instance, table_name);
ASSERT_GT(table_id, 0);
int plugin_ex_data_counter = 0;
int ret = maat_plugin_table_ex_schema_register(maat_instance, table_name,
plugin_EX_new_cb,
plugin_EX_free_cb,
plugin_EX_dup_cb,
0, &plugin_ex_data_counter);
EXPECT_EQ(ret, 0);
EXPECT_EQ(plugin_ex_data_counter, 4);
uint32_t ipv4_addr1;
ret = inet_pton(AF_INET, "100.64.1.1", &ipv4_addr1);
EXPECT_EQ(ret, 1);
struct plugin_ud *ud = NULL;
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
(char *)&ipv4_addr1, sizeof(ipv4_addr1));
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "XiZang");
EXPECT_EQ(ud->id, 4);
plugin_EX_free_cb(table_id, (void **)&ud, 0, NULL);
uint32_t ipv4_addr2;
ret = inet_pton(AF_INET, "100.64.1.2", &ipv4_addr2);
EXPECT_EQ(ret, 1);
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
(char *)&ipv4_addr2, sizeof(ipv4_addr2));
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "XinJiang");
EXPECT_EQ(ud->id, 4);
plugin_EX_free_cb(table_id, (void **)&ud, 0, NULL);
uint8_t ipv6_addr1[16];
ret = inet_pton(AF_INET6, "2001:da8:205:1::101", ipv6_addr1);
EXPECT_EQ(ret, 1);
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
(char *)ipv6_addr1, sizeof(ipv6_addr1));
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "GuiZhou");
EXPECT_EQ(ud->id, 6);
plugin_EX_free_cb(table_id, (void **)&ud, 0, NULL);
uint8_t ipv6_addr2[16];
ret = inet_pton(AF_INET6, "1001:da8:205:1::101", ipv6_addr2);
EXPECT_EQ(ret, 1);
ud = (struct plugin_ud *)maat_plugin_table_get_ex_data(maat_instance, table_id,
(char *)ipv6_addr2, sizeof(ipv6_addr2));
ASSERT_TRUE(ud != NULL);
EXPECT_STREQ(ud->value, "SiChuan");
EXPECT_EQ(ud->id, 6);
plugin_EX_free_cb(table_id, (void **)&ud, 0, NULL);
}
class IPPluginTable : public testing::Test
{
protected:
@@ -3505,7 +3443,7 @@ TEST_F(Policy, CompileEXData) {
EXPECT_EQ(results[0], 198);
void *ex_data = maat_plugin_table_get_ex_data(maat_instance, compile_table_id,
(char *)&results[0], sizeof(long long));
(char *)&results[0]);
ASSERT_TRUE(ex_data!=NULL);
struct rule_ex_param *param = (struct rule_ex_param *)ex_data;
EXPECT_EQ(param->id, 7799);
@@ -4960,7 +4898,7 @@ TEST_F(MaatCmdTest, PluginEXData) {
struct user_info *uinfo = NULL;
const char *key1 = "192.168.0.2";
uinfo = (struct user_info *)maat_plugin_table_get_ex_data(maat_instance, table_id,
key1, strlen(key1));
key1);
ASSERT_TRUE(uinfo != NULL);
EXPECT_EQ(0, strcmp(uinfo->name, "liuqiangdong"));
EXPECT_EQ(uinfo->id, 2);
@@ -4978,7 +4916,7 @@ TEST_F(MaatCmdTest, PluginEXData) {
sleep(WAIT_FOR_EFFECTIVE_S);
const char *key2 = "192.168.0.2";
uinfo = (struct user_info *)maat_plugin_table_get_ex_data(maat_instance, table_id,
key2, strlen(key2));
key2);
ASSERT_TRUE(uinfo == NULL);
}

11
test/maat_json.json
View File

@@ -3027,17 +3027,6 @@
"305\t0&1&2&3&4&5&6&7\ttunnel5\t1",
"306\t101&101\tinvalid\t1"
]
},
{
"table_name": "TEST_PLUGIN_IP_KEY_TYPE_TABLE",
"table_content": [
"4\t100.64.1.1\tXiZang\t1\t0",
"4\t100.64.1.2\tXinJiang\t1\t0",
"6\t2001:da8:205:1::101\tGuiZhou\t1\t0",
"6\t1001:da8:205:1::101\tSiChuan\t1\t0",
"7\t100.64.1.3\tQingHai\t1\t0",
"6\t100.64.1.4\tGanSu\t1\t0"
]
}
]
}

11
test/table_info.conf
View File

@@ -458,16 +458,5 @@
"key":2,
"tag":5
}
},
{
"table_id":39,
"table_name":"TEST_PLUGIN_IP_KEY_TYPE_TABLE",
"table_type":"plugin",
"valid_column":4,
"custom": {
"key_type":"ip_addr",
"addr_type":1,
"key":2
}
}
]