gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

table_name->table_id and compile table callback

Browse Source
This commit is contained in:
liuwentan
2023-02-21 11:27:18 +08:00
parent 24b27429a5
commit f8543d9f96
17 changed files with 391 additions and 298 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
include/maat.h
View File

@@ -100,37 +100,41 @@ struct maat *maat_new(struct maat_options *opts, const char *table_info_path);
void maat_free(struct maat *instance); void maat_free(struct maat *instance);
/* maat table API */ /* maat table API */
int maat_table_get_id(struct maat *instance, const char *table_name);
/* return 0 if success, otherwise return -1 */ /* return 0 if success, otherwise return -1 */
int maat_table_callback_register(struct maat *instance, const char *table_name, int maat_table_callback_register(struct maat *instance, int table_id,
maat_start_callback_t *start, maat_start_callback_t *start,
maat_update_callback_t *update, maat_update_callback_t *update,
maat_finish_callback_t *finish, maat_finish_callback_t *finish,
void *u_para); void *u_para);
/* maat compile table API */ /* maat compile table API */
int maat_compile_table_ex_schema_register(struct maat *instance, const char *table_name, int maat_compile_table_ex_schema_register(struct maat *instance, int table_id,
maat_rule_ex_new_func_t *new_func, maat_rule_ex_new_func_t *new_func,
maat_rule_ex_free_func_t *free_func, maat_rule_ex_free_func_t *free_func,
maat_rule_ex_dup_func_t *dup_func, maat_rule_ex_dup_func_t *dup_func,
long argl, void *argp); long argl, void *argp);
void *maat_compile_table_get_ex_data(struct maat *instance, const char *table_name, int compile_id, size_t idx); void *maat_compile_table_get_ex_data(struct maat *instance, int compile_table_id,
int compile_id, size_t idx);
/* maat plugin table API */ /* maat plugin table API */
int maat_plugin_table_ex_schema_register(struct maat *instance, const char *table_name, int maat_plugin_table_ex_schema_register(struct maat *instance, int table_id,
maat_plugin_ex_new_func_t *new_func, maat_plugin_ex_new_func_t *new_func,
maat_plugin_ex_free_func_t *free_func, maat_plugin_ex_free_func_t *free_func,
maat_plugin_ex_dup_func_t *dup_func, maat_plugin_ex_dup_func_t *dup_func,
long argl, void *argp); long argl, void *argp);
/* returned data is duplicated by dup_func of maat_plugin_table_ex_schema_register, /* returned data is duplicated by dup_func of maat_plugin_table_ex_schema_register,
caller is responsible to free the data. */ caller is responsible to free the data. */
int maat_ip_plugin_table_get_ex_data(struct maat *instance, const char *table_name, int maat_ip_plugin_table_get_ex_data(struct maat *instance, int table_id,
const struct ip_addr *ip, void **ex_data_array, const struct ip_addr *ip, void **ex_data_array,
size_t n_ex_data); size_t n_ex_data);
int maat_fqdn_plugin_table_get_ex_data(struct maat *instance, const char *table_name, int maat_fqdn_plugin_table_get_ex_data(struct maat *instance, int table_id,
const char *fqdn, void **ex_data_array, size_t n_ex_data); const char *fqdn, void **ex_data_array,
size_t n_ex_data);
int maat_bool_plugin_table_get_ex_data(struct maat *instance, const char *table_name, int maat_bool_plugin_table_get_ex_data(struct maat *instance, int table_id,
unsigned long long *item_ids, size_t n_item, unsigned long long *item_ids, size_t n_item,
void **ex_data_array, size_t n_ex_data); void **ex_data_array, size_t n_ex_data);
/* maat scan API */ /* maat scan API */
@@ -150,30 +154,30 @@ struct maat_state;
* MAAT_SCAN_HALF_HIT * MAAT_SCAN_HALF_HIT
* MAAT_SCAN_HIT * MAAT_SCAN_HIT
*/ */
int maat_scan_flag(struct maat *instance, const char *table_name, int thread_id, int maat_scan_flag(struct maat *instance, int table_id, int thread_id,
uint64_t flag, int *results, size_t n_result, uint64_t flag, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state); size_t *n_hit_result, struct maat_state **state);
int maat_scan_integer(struct maat *instance, const char *table_name, int thread_id, int maat_scan_integer(struct maat *instance, int table_id, int thread_id,
unsigned int intval, int *results, size_t n_result, unsigned int intval, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state); size_t *n_hit_result, struct maat_state **state);
int maat_scan_ipv4(struct maat *instance, const char *table_name, int thread_id, int maat_scan_ipv4(struct maat *instance, int table_id, int thread_id,
uint32_t ip_addr, int *results, size_t n_result, uint32_t ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state); size_t *n_hit_result, struct maat_state **state);
int maat_scan_ipv6(struct maat *instance, const char *table_name, int thread_id, int maat_scan_ipv6(struct maat *instance, int table_id, int thread_id,
uint8_t *ip_addr, int *results, size_t n_result, uint8_t *ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state); size_t *n_hit_result, struct maat_state **state);
int maat_scan_string(struct maat *instance, const char *table_name, int thread_id, int maat_scan_string(struct maat *instance, int table_id, int thread_id,
const char *data, size_t data_len, int *results, size_t n_result, const char *data, size_t data_len, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state); size_t *n_hit_result, struct maat_state **state);
struct maat_stream; struct maat_stream;
struct maat_stream *maat_scan_stream_open(struct maat *instance, const char *table_name, int thread_id); struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id);
int maat_scan_stream(struct maat_stream **stream, int thread_id, const char* data, int data_len, int maat_scan_stream(struct maat_stream **stream, int thread_id, const char* data, int data_len,
int results[], size_t *n_result, struct maat_state **state); int *results, size_t *n_result, struct maat_state **state);
void maat_scan_stream_close(struct maat_stream **stream); void maat_scan_stream_close(struct maat_stream **stream);

1
src/inc_internal/maat_compile.h
View File

@@ -54,6 +54,7 @@ int compile_table_set_rule_ex_data_schema(struct compile_schema *compile_schema,
long argl, void *argp, long argl, void *argp,
struct log_handle *logger); struct log_handle *logger);
void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx); void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx);
void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx);
size_t compile_table_rule_ex_data_schema_count(struct compile_schema *compile_schema); size_t compile_table_rule_ex_data_schema_count(struct compile_schema *compile_schema);

4
src/inc_internal/maat_plugin.h
View File

@@ -60,6 +60,10 @@ int plugin_runtime_commit(void *plugin_runtime, const char *table_name);
struct ex_data_runtime *plugin_runtime_get_ex_data_rt(void *plugin_runtime); struct ex_data_runtime *plugin_runtime_get_ex_data_rt(void *plugin_runtime);
size_t plugin_runtime_cached_row_count(void *plugin_runtime);
const char *plugin_runtime_cached_row_get(void *plugin_runtime, size_t index);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

7
src/inc_internal/maat_rule.h
View File

@@ -18,7 +18,7 @@ extern "C"
#include <stdint.h> #include <stdint.h>
#include <stddef.h> #include <stddef.h>
#include <limits.h> #include <linux/limits.h>
#include <sys/time.h> #include <sys/time.h>
#include <pthread.h> #include <pthread.h>
#include <sys/queue.h> #include <sys/queue.h>
@@ -35,7 +35,7 @@ extern "C"
#include "maat_rule.h" #include "maat_rule.h"
#include "maat_virtual.h" #include "maat_virtual.h"
#define MAX_TABLE_NUM 256 #define MAX_TABLE_NUM 1024
#define MAX_COMPILE_TABLE_NUM 16 #define MAX_COMPILE_TABLE_NUM 16
#define MAX_PHYSICAL_TABLE_NUM 16 #define MAX_PHYSICAL_TABLE_NUM 16
@@ -315,9 +315,6 @@ void maat_cmd_set_serial_rule(struct serial_rule *rule, enum maat_operation op,
unsigned long rule_id, const char *table_name, unsigned long rule_id, const char *table_name,
const char *line, long long timeout); const char *line, long long timeout);
void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head,
const char *srv_def, int srv_def_len);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

12
src/json2iris.c
View File

@@ -8,7 +8,7 @@
*********************************************************************************************** ***********************************************************************************************
*/ */
#include <limits.h> #include <linux/limits.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
#include <assert.h> #include <assert.h>
@@ -29,6 +29,8 @@
#define mr_region_id_var "SEQUENCE_REGION" #define mr_region_id_var "SEQUENCE_REGION"
#define mr_group_id_var "SEQUENCE_GROUP" #define mr_group_id_var "SEQUENCE_GROUP"
#define MAX_PATH_LINE 512
const int json_version = 1; const int json_version = 1;
const char *untitled_group_name="Untitled"; const char *untitled_group_name="Untitled";
@@ -39,12 +41,12 @@ enum maat_group_relation {
struct group_info { struct group_info {
int group_id; int group_id;
char group_name[PATH_MAX]; char group_name[NAME_MAX];
UT_hash_handle hh; UT_hash_handle hh;
}; };
struct iris_table { struct iris_table {
char table_name[PATH_MAX]; char table_name[NAME_MAX];
char table_path[PATH_MAX]; char table_path[PATH_MAX];
int line_count; int line_count;
enum table_type table_type; enum table_type table_type;
@@ -58,8 +60,8 @@ struct iris_description {
int group_cnt; int group_cnt;
int region_cnt; int region_cnt;
char tmp_iris_dir[PATH_MAX]; char tmp_iris_dir[MAX_PATH_LINE];
char tmp_iris_index_dir[PATH_MAX]; char tmp_iris_index_dir[MAX_PATH_LINE];
char index_path[PATH_MAX]; char index_path[PATH_MAX];
struct iris_table *group_table; struct iris_table *group_table;

266
src/maat_api.c
View File

@@ -11,6 +11,7 @@
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <assert.h> #include <assert.h>
#include <linux/limits.h>
#include "maat_utils.h" #include "maat_utils.h"
#include "json2iris.h" #include "json2iris.h"
@@ -34,6 +35,7 @@
#include "maat_plugin.h" #include "maat_plugin.h"
#include "maat_ip_plugin.h" #include "maat_ip_plugin.h"
#include "maat_fqdn_plugin.h" #include "maat_fqdn_plugin.h"
#include "maat_bool_plugin.h"
#include "maat_virtual.h" #include "maat_virtual.h"
#define MODULE_MAAT_API module_name_str("maat.api") #define MODULE_MAAT_API module_name_str("maat.api")
@@ -400,36 +402,14 @@ static inline void maat_runtime_ref_dec(struct maat_runtime *maat_rt, int thread
alignment_int64_array_add(maat_rt->ref_cnt, thread_id, -1); alignment_int64_array_add(maat_rt->ref_cnt, thread_id, -1);
} }
void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head,
const char *srv_def, int srv_def_len)
{
memcpy(rule, rule_head, sizeof(struct maat_rule_head));
memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN));
}
size_t generic_plugin_runtime_cached_row_count(void *custom_rt, enum table_type table_type)
{
return 0;
}
const char *generic_plugin_runtime_get_cached_row(void *custom_rt, enum table_type table_type,
size_t row_id)
{
return NULL;
}
/* must be plugin table */ /* must be plugin table */
int maat_table_callback_register(struct maat *maat_instance, const char *table_name, int maat_table_callback_register(struct maat *maat_instance, int table_id,
maat_start_callback_t *start, maat_start_callback_t *start,
maat_update_callback_t *update, maat_update_callback_t *update,
maat_finish_callback_t *finish, maat_finish_callback_t *finish,
void *u_para) void *u_para)
{ {
int ret = -1; int ret = -1;
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return -1;
}
pthread_mutex_lock(&(maat_instance->background_update_mutex)); pthread_mutex_lock(&(maat_instance->background_update_mutex));
void *schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id); void *schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
@@ -447,7 +427,8 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n
void *runtime = table_manager_get_runtime(maat_instance->tbl_mgr, table_id); void *runtime = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id); enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
size_t row_cnt = generic_plugin_runtime_cached_row_count(runtime, table_type); assert(table_type == TABLE_TYPE_PLUGIN);
size_t row_cnt = plugin_runtime_cached_row_count(runtime);
if (row_cnt > 0) { if (row_cnt > 0) {
if (start != NULL) { if (start != NULL) {
@@ -455,7 +436,7 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n
} }
for (size_t i = 0; i < row_cnt; i++) { for (size_t i = 0; i < row_cnt; i++) {
const char *line = generic_plugin_runtime_get_cached_row(runtime, table_type, i); const char *line = plugin_runtime_cached_row_get(runtime, i);
if (NULL == line) { if (NULL == line) {
break; break;
} }
@@ -473,59 +454,60 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n
return 0; return 0;
} }
int maat_compile_table_ex_schema_register(struct maat *maat_instance, const char *table_name, int maat_compile_table_ex_schema_register(struct maat *maat_instance, int table_id,
maat_rule_ex_new_func_t *new_func, maat_rule_ex_new_func_t *new_func,
maat_rule_ex_free_func_t *free_func, maat_rule_ex_free_func_t *free_func,
maat_rule_ex_dup_func_t *dup_func, maat_rule_ex_dup_func_t *dup_func,
long argl, void *argp) long argl, void *argp)
{ {
if (NULL == maat_instance || NULL == table_name) { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table:%s is not registered yet", table_name);
return -1; return -1;
} }
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id); enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
if (table_type != TABLE_TYPE_COMPILE) { if (table_type != TABLE_TYPE_COMPILE) {
log_error(maat_instance->logger, MODULE_MAAT_API, log_error(maat_instance->logger, MODULE_MAAT_API,
"table:%s is not compile table", table_name); "table(tabld_id:%d) is not compile table", table_id);
return -1; return -1;
} }
void *compile_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id); void *compile_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
assert(compile_schema != NULL); assert(compile_schema != NULL);
return compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id, pthread_mutex_lock(&(maat_instance->background_update_mutex));
int idx = compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id,
new_func, free_func, dup_func, new_func, free_func, dup_func,
argl, argp, maat_instance->logger); argl, argp, maat_instance->logger);
} if (idx < 0) {
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
void *maat_compile_table_get_ex_data(struct maat *maat_instance, const char *table_name, int compile_id, size_t idx) return -1;
{
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return NULL;
} }
if (maat_instance->maat_rt != NULL) {
compile_table_rule_ex_data_iterate((struct compile_schema *)compile_schema, idx);
}
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
return idx;
}
void *maat_compile_table_get_ex_data(struct maat *maat_instance, int compile_table_id,
int compile_id, size_t idx)
{
struct compile_schema *schema = (struct compile_schema *)table_manager_get_schema(maat_instance->tbl_mgr, struct compile_schema *schema = (struct compile_schema *)table_manager_get_schema(maat_instance->tbl_mgr,
table_id); compile_table_id);
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, compile_table_id);
assert(table_type == TABLE_TYPE_COMPILE);
return compile_table_get_rule_ex_data(schema, compile_id, idx); return compile_table_get_rule_ex_data(schema, compile_id, idx);
} }
int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const char *table_name, int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, int table_id,
int table_id,
maat_plugin_ex_new_func_t *new_func, maat_plugin_ex_new_func_t *new_func,
maat_plugin_ex_free_func_t *free_func, maat_plugin_ex_free_func_t *free_func,
maat_plugin_ex_dup_func_t *dup_func, maat_plugin_ex_dup_func_t *dup_func,
long argl, void *argp, struct log_handle *logger) long argl, void *argp, struct log_handle *logger)
{ {
if (NULL == tbl_mgr || NULL == table_name || NULL == new_func || if (NULL == tbl_mgr || NULL == new_func || NULL == free_func || NULL == dup_func) {
NULL == free_func || NULL == dup_func) {
assert(0); assert(0);
log_error(logger, MODULE_MAAT_API, log_error(logger, MODULE_MAAT_API,
"table(table_id:%d) %s failed: invalid parameter", __FUNCTION__); "table(table_id:%d) %s failed: invalid parameter", __FUNCTION__);
@@ -535,8 +517,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
void *schema = table_manager_get_schema(tbl_mgr, table_id); void *schema = table_manager_get_schema(tbl_mgr, table_id);
if (NULL == schema) { if (NULL == schema) {
log_error(logger, MODULE_MAAT_API, log_error(logger, MODULE_MAAT_API,
"Error: %s, table:%s is not registered, can't register ex schema", "Error: %s, table(table_id:%d) is not registered, can't register ex schema",
__FUNCTION__, table_name); __FUNCTION__, table_id);
return -1; return -1;
} }
@@ -547,8 +529,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
ex_schema = plugin_table_get_ex_data_schema(schema); ex_schema = plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) { if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API, log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for plugin table:%s", "Error: %s, EX data schema already registed for plugin table(table_id:%d)",
__FUNCTION__, table_name); __FUNCTION__, table_id);
return -1; return -1;
} }
plugin_table_set_ex_data_schema(schema, new_func, free_func, plugin_table_set_ex_data_schema(schema, new_func, free_func,
@@ -558,13 +540,35 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
ex_schema = ip_plugin_table_get_ex_data_schema(schema); ex_schema = ip_plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) { if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API, log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for ip_plugin table:%s", "Error: %s, EX data schema already registed for ip_plugin table(table_id:%d)",
__FUNCTION__, table_name); __FUNCTION__, table_id);
return -1; return -1;
} }
ip_plugin_table_set_ex_data_schema(schema, new_func, free_func, ip_plugin_table_set_ex_data_schema(schema, new_func, free_func,
dup_func, argl, argp, logger); dup_func, argl, argp, logger);
break; break;
case TABLE_TYPE_FQDN_PLUGIN:
ex_schema = fqdn_plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for fqdn_plugin table(table_id:%d)",
__FUNCTION__, table_id);
return -1;
}
fqdn_plugin_table_set_ex_data_schema(schema, new_func, free_func,
dup_func, argl, argp, logger);
break;
case TABLE_TYPE_BOOL_PLUGIN:
ex_schema = bool_plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for bool_plugin table(table_id:%d)",
__FUNCTION__, table_id);
return -1;
}
bool_plugin_table_set_ex_data_schema(schema, new_func, free_func,
dup_func, argl, argp, logger);
break;
default: default:
break; break;
} }
@@ -572,9 +576,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
return 0; return 0;
} }
void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const char *table_name, void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, int table_id,
int table_id, enum table_type table_type, enum table_type table_type, int valid_column)
int valid_column)
{ {
struct ex_data_schema *ex_data_schema = NULL; struct ex_data_schema *ex_data_schema = NULL;
struct ex_data_runtime *ex_data_rt = NULL; struct ex_data_runtime *ex_data_rt = NULL;
@@ -588,6 +591,14 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const
ex_data_schema = ip_plugin_table_get_ex_data_schema(schema); ex_data_schema = ip_plugin_table_get_ex_data_schema(schema);
ex_data_rt = ip_plugin_runtime_get_ex_data_rt(runtime); ex_data_rt = ip_plugin_runtime_get_ex_data_rt(runtime);
break; break;
case TABLE_TYPE_FQDN_PLUGIN:
ex_data_schema = fqdn_plugin_table_get_ex_data_schema(schema);
ex_data_rt = fqdn_plugin_runtime_get_ex_data_rt(runtime);
break;
case TABLE_TYPE_BOOL_PLUGIN:
ex_data_schema = bool_plugin_table_get_ex_data_schema(schema);
ex_data_rt = bool_plugin_runtime_get_ex_data_rt(runtime);
break;
default: default:
break; break;
} }
@@ -608,6 +619,12 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const
case TABLE_TYPE_IP_PLUGIN: case TABLE_TYPE_IP_PLUGIN:
ip_plugin_runtime_update(runtime, schema, row, valid_column); ip_plugin_runtime_update(runtime, schema, row, valid_column);
break; break;
case TABLE_TYPE_FQDN_PLUGIN:
fqdn_plugin_runtime_update(runtime, schema, row, valid_column);
break;
case TABLE_TYPE_BOOL_PLUGIN:
bool_plugin_runtime_update(runtime, schema, row, valid_column);
break;
default: default:
break; break;
} }
@@ -616,36 +633,34 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const
switch (table_type) { switch (table_type) {
case TABLE_TYPE_PLUGIN: case TABLE_TYPE_PLUGIN:
plugin_runtime_commit(runtime, table_name); plugin_runtime_commit(runtime, "unknown");
break; break;
case TABLE_TYPE_IP_PLUGIN: case TABLE_TYPE_IP_PLUGIN:
ip_plugin_runtime_commit(runtime, table_name); ip_plugin_runtime_commit(runtime, "unknown");
break;
case TABLE_TYPE_FQDN_PLUGIN:
fqdn_plugin_runtime_commit(runtime, "unknown");
break;
case TABLE_TYPE_BOOL_PLUGIN:
bool_plugin_runtime_commit(runtime, "unknown");
break; break;
default: default:
break; break;
} }
} }
int maat_plugin_table_ex_schema_register(struct maat *maat_instance, const char *table_name, int maat_plugin_table_ex_schema_register(struct maat *maat_instance, int table_id,
maat_plugin_ex_new_func_t *new_func, maat_plugin_ex_new_func_t *new_func,
maat_plugin_ex_free_func_t *free_func, maat_plugin_ex_free_func_t *free_func,
maat_plugin_ex_dup_func_t *dup_func, maat_plugin_ex_dup_func_t *dup_func,
long argl, void *argp) long argl, void *argp)
{ {
if (NULL == maat_instance || NULL == table_name) { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
return -1; return -1;
} }
pthread_mutex_lock(&(maat_instance->background_update_mutex)); pthread_mutex_lock(&(maat_instance->background_update_mutex));
int ret = generic_plugin_table_ex_schema_register(maat_instance->tbl_mgr, table_name, int ret = generic_plugin_table_ex_schema_register(maat_instance->tbl_mgr, table_id,
table_id,
new_func, free_func, dup_func, new_func, free_func, dup_func,
argl, argp, maat_instance->logger); argl, argp, maat_instance->logger);
if (ret < 0) { if (ret < 0) {
@@ -662,27 +677,19 @@ int maat_plugin_table_ex_schema_register(struct maat *maat_instance, const char
table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id); table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
valid_column = table_manager_get_valid_column(maat_instance->tbl_mgr, table_id); valid_column = table_manager_get_valid_column(maat_instance->tbl_mgr, table_id);
generic_plugin_runtime_commit_ex_schema(runtime, schema, table_name, table_id, table_type, generic_plugin_runtime_commit_ex_schema(runtime, schema, table_id, table_type, valid_column);
valid_column);
} }
pthread_mutex_unlock(&(maat_instance->background_update_mutex)); pthread_mutex_unlock(&(maat_instance->background_update_mutex));
return 0; return 0;
} }
int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name, int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
const struct ip_addr *ip_addr, void **ex_data_array, const struct ip_addr *ip_addr, void **ex_data_array,
size_t n_ex_data) size_t n_ex_data)
{ {
if (NULL == maat_instance || NULL == table_name || NULL == ip_addr || if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM
NULL == ex_data_array || 0 == n_ex_data) { || NULL == ip_addr || NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
return -1; return -1;
} }
@@ -701,18 +708,12 @@ int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, const char *tab
return n_hit_ex_data; return n_hit_ex_data;
} }
int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name, int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
const char *fqdn, void **ex_data_array, size_t n_ex_data) const char *fqdn, void **ex_data_array,
size_t n_ex_data)
{ {
if (NULL == maat_instance || NULL == table_name || NULL == fqdn || if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM
NULL == ex_data_array || 0 == n_ex_data) { || NULL == fqdn || NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
return -1; return -1;
} }
@@ -731,19 +732,12 @@ int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, const char *t
return n_hit_ex_data; return n_hit_ex_data;
} }
int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name, int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
unsigned long long *item_ids, size_t n_item, unsigned long long *item_ids, size_t n_item,
void **ex_data_array, size_t n_ex_data) void **ex_data_array, size_t n_ex_data)
{ {
if (NULL == maat_instance || NULL == table_name || NULL == item_ids || if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM
NULL == ex_data_array || 0 == n_ex_data) { || NULL == item_ids || NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
return -1; return -1;
} }
@@ -820,17 +814,13 @@ size_t hit_group_to_compile(void *compile_runtime, int *compile_ids, size_t comp
return n_hit_compile; return n_hit_compile;
} }
int maat_scan_flag(struct maat *maat_instance, const char *table_name, int thread_id, int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id,
uint64_t flag, int *results, size_t n_result, uint64_t flag, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state) size_t *n_hit_result, struct maat_state **state)
{ {
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
(NULL == results) || (0 == n_result) || (NULL == state)) { || (thread_id < 0) || (NULL == results) || (0 == n_result)
return MAAT_SCAN_ERR; || (NULL == state)) {
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return MAAT_SCAN_ERR; return MAAT_SCAN_ERR;
} }
@@ -950,17 +940,13 @@ int maat_scan_flag(struct maat *maat_instance, const char *table_name, int threa
return MAAT_SCAN_OK; return MAAT_SCAN_OK;
} }
int maat_scan_integer(struct maat *maat_instance, const char *table_name, int thread_id, int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id,
unsigned int intval, int *results, size_t n_result, unsigned int intval, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state) size_t *n_hit_result, struct maat_state **state)
{ {
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
(NULL == results) || (0 == n_result) || (NULL == state)) { || (thread_id < 0) || (NULL == results) || (0 == n_result) ||
return MAAT_SCAN_ERR; (NULL == state)) {
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return MAAT_SCAN_ERR; return MAAT_SCAN_ERR;
} }
@@ -1086,17 +1072,13 @@ int maat_scan_integer(struct maat *maat_instance, const char *table_name, int th
return MAAT_SCAN_OK; return MAAT_SCAN_OK;
} }
int maat_scan_ipv4(struct maat *maat_instance, const char *table_name, int thread_id, int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id,
uint32_t ip_addr, int *results, size_t n_result, uint32_t ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state) size_t *n_hit_result, struct maat_state **state)
{ {
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
(NULL == results) || (0 == n_result) || (NULL == state)) { || (thread_id < 0) || (NULL == results) || (0 == n_result)
return MAAT_SCAN_ERR; || (NULL == state)) {
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return MAAT_SCAN_ERR; return MAAT_SCAN_ERR;
} }
@@ -1218,18 +1200,13 @@ int maat_scan_ipv4(struct maat *maat_instance, const char *table_name, int threa
} }
int maat_scan_ipv6(struct maat *maat_instance, const char *table_name, int thread_id, int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id,
uint8_t *ip_addr, int *results, size_t n_result, uint8_t *ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state) size_t *n_hit_result, struct maat_state **state)
{ {
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
(NULL == ip_addr) || (NULL == results) || (0 == n_result) || || (thread_id < 0) || (NULL == ip_addr) || (NULL == results)
(NULL == state)) { || (0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return MAAT_SCAN_ERR; return MAAT_SCAN_ERR;
} }
@@ -1348,18 +1325,13 @@ int maat_scan_ipv6(struct maat *maat_instance, const char *table_name, int threa
return MAAT_SCAN_OK; return MAAT_SCAN_OK;
} }
int maat_scan_string(struct maat *maat_instance, const char *table_name, int thread_id, int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id,
const char *data, size_t data_len, int *results, size_t n_result, const char *data, size_t data_len, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state) size_t *n_hit_result, struct maat_state **state)
{ {
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
(NULL == data) || (0 == data_len) || (NULL == results) || || (thread_id < 0) || (NULL == data) || (0 == data_len)
(0 == n_result) || (NULL == state)) { || (NULL == results) || (0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return MAAT_SCAN_ERR; return MAAT_SCAN_ERR;
} }
@@ -1483,13 +1455,13 @@ int maat_scan_string(struct maat *maat_instance, const char *table_name, int thr
return MAAT_SCAN_OK; return MAAT_SCAN_OK;
} }
struct maat_stream *maat_scan_stream_open(struct maat *instance, const char *table_name, int thread_id) struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id)
{ {
return NULL; return NULL;
} }
int maat_scan_stream(struct maat_stream **stream, int thread_id, int maat_scan_stream(struct maat_stream **stream, int thread_id,
const char *data, int data_len, int results[], const char *data, int data_len, int *results,
size_t *n_result, struct maat_state **state) size_t *n_result, struct maat_state **state)
{ {
return 0; return 0;

133
src/maat_compile.c
View File

@@ -10,7 +10,7 @@
#include <assert.h> #include <assert.h>
#include <pthread.h> #include <pthread.h>
#include <limits.h> #include <linux/limits.h>
#include "maat_utils.h" #include "maat_utils.h"
#include "log/log.h" #include "log/log.h"
@@ -38,7 +38,7 @@ struct compile_schema {
int compile_id_column; int compile_id_column;
int tags_column; int tags_column;
int user_region_column; int user_region_column;
int clause_num_column; int declared_clause_num_column;
int evaluation_order_column; int evaluation_order_column;
enum user_region_encode user_region_encoding; enum user_region_encode user_region_encoding;
size_t n_ex_schema; size_t n_ex_schema;
@@ -62,7 +62,7 @@ struct group2compile_schema {
struct compile_item { struct compile_item {
int compile_id; int compile_id;
char user_region[MAX_TABLE_LINE_SIZE]; char user_region[MAX_TABLE_LINE_SIZE];
int clause_num; int declared_clause_num;
int evaluation_order; int evaluation_order;
}; };
@@ -202,6 +202,82 @@ void *compile_runtime_get_user_data(struct compile_runtime *compile_rt, int comp
return ret; return ret;
} }
void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head,
const char *srv_def, int srv_def_len)
{
memcpy(rule, rule_head, sizeof(struct maat_rule_head));
memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN));
}
void *rule_ex_data_new(const struct maat_rule_head *rule_head, const char *srv_def,
const struct compile_ex_data_schema *ex_schema)
{
void *ex_data = NULL;
struct maat_rule rule;
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->new_func(ex_schema->idx, &rule, srv_def, &ex_data, ex_schema->argl, ex_schema->argp);
return ex_data;
}
void rule_ex_data_free(const struct maat_rule_head *rule_head, const char *srv_def,
void *ex_data, const struct compile_ex_data_schema *ex_schema)
{
struct maat_rule rule;
memset(&rule, 0, sizeof(rule));
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->free_func(ex_schema->idx, &rule, srv_def, ex_data,
ex_schema->argl, ex_schema->argp);
}
void rule_ex_data_new_cb(void *user_data, void *param)
{
struct compile_ex_data_schema *ex_schema = (struct compile_ex_data_schema *)param;
struct compile_rule *compile = (struct compile_rule *)user_data;
// if(compile->ref_table->table_id!=ex_desc->table_id)
// {
// return;
// }
void *ad = rule_ex_data_new(&(compile->head), compile->service_defined, ex_schema);
compile->ex_data[ex_schema->idx] = ad;
}
void compile_runtime_user_data_iterate(struct compile_runtime *compile_rt,
void (*callback)(void *user_data, void *param),
void *param)
{
struct maat_compile *compile = NULL, *tmp_compile = NULL;
pthread_rwlock_rdlock(&compile_rt->rwlock);
HASH_ITER(hh, compile_rt->compile_hash, compile, tmp_compile) {
if (compile->user_data) {
callback(compile->user_data, param);
}
}
pthread_rwlock_unlock(&compile_rt->rwlock);
}
void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx)
{
if (NULL == compile_schema) {
return;
}
if (idx >= compile_schema->n_ex_schema) {
return;
}
struct compile_ex_data_schema *ex_schema = (compile_schema->ex_schema + idx);
struct compile_runtime *compile_rt = NULL;
compile_rt = (struct compile_runtime *)table_manager_get_runtime(compile_schema->ref_tbl_mgr,
compile_schema->table_id);
compile_runtime_user_data_iterate(compile_rt, rule_ex_data_new_cb, ex_schema);
}
void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx) void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx)
{ {
if (NULL == compile_schema) { if (NULL == compile_schema) {
@@ -254,6 +330,20 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
read_cnt++; read_cnt++;
} }
item = cJSON_GetObjectItem(json, "user_region_encoded");
if (item != NULL && item->type == cJSON_String) {
if (strcmp(item->valuestring, "escape") == 0) {
compile_schema->user_region_encoding = USER_REGION_ENCODE_ESCAPE;
} else if (strcmp(item->valuestring, "none") == 0) {
compile_schema->user_region_encoding = USER_REGION_ENCODE_NONE;
} else {
log_error(logger, MODULE_COMPILE,
"table %s has no user_region_encoded column", table_name);
goto error;
}
read_cnt++;
}
item = cJSON_GetObjectItem(json, "custom"); item = cJSON_GetObjectItem(json, "custom");
if (item == NULL || item->type != cJSON_Object) { if (item == NULL || item->type != cJSON_Object) {
log_error(logger, MODULE_COMPILE, log_error(logger, MODULE_COMPILE,
@@ -281,7 +371,7 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
custom_item = cJSON_GetObjectItem(item, "clause_num"); custom_item = cJSON_GetObjectItem(item, "clause_num");
if (custom_item != NULL && custom_item->type == cJSON_Number) { if (custom_item != NULL && custom_item->type == cJSON_Number) {
compile_schema->clause_num_column = custom_item->valueint; compile_schema->declared_clause_num_column = custom_item->valueint;
read_cnt++; read_cnt++;
} }
@@ -293,7 +383,7 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
compile_schema->ref_tbl_mgr = tbl_mgr; compile_schema->ref_tbl_mgr = tbl_mgr;
if (read_cnt < 6) { if (read_cnt < 7) {
goto error; goto error;
} }
@@ -461,7 +551,7 @@ compile_item_new(const char *line, struct compile_schema *compile_schema,
break; break;
} }
ret = get_column_pos(line, compile_schema->clause_num_column, ret = get_column_pos(line, compile_schema->declared_clause_num_column,
&column_offset, &column_len); &column_offset, &column_len);
if (ret < 0) { if (ret < 0) {
log_error(logger, MODULE_COMPILE, log_error(logger, MODULE_COMPILE,
@@ -469,7 +559,7 @@ compile_item_new(const char *line, struct compile_schema *compile_schema,
compile_schema->table_id, line); compile_schema->table_id, line);
goto error; goto error;
} }
compile_item->clause_num = atoi(line + column_offset); compile_item->declared_clause_num = atoi(line + column_offset);
ret = get_column_pos(line, compile_schema->evaluation_order_column, ret = get_column_pos(line, compile_schema->evaluation_order_column,
&column_offset, &column_len); &column_offset, &column_len);
@@ -1402,29 +1492,6 @@ int maat_compile_state_has_NOT_clause(struct maat_compile_state *compile_state)
return compile_state->not_clause_hitted_flag; return compile_state->not_clause_hitted_flag;
} }
void *rule_ex_data_new(const struct maat_rule_head *rule_head, const char *srv_def,
const struct compile_ex_data_schema *ex_schema)
{
void *ex_data = NULL;
struct maat_rule rule;
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->new_func(ex_schema->idx, &rule, srv_def, &ex_data, ex_schema->argl, ex_schema->argp);
return ex_data;
}
void rule_ex_data_free(const struct maat_rule_head *rule_head, const char *srv_def,
void *ex_data, const struct compile_ex_data_schema *ex_schema)
{
struct maat_rule rule;
memset(&rule, 0, sizeof(rule));
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->free_func(ex_schema->idx, &rule, srv_def, ex_data,
ex_schema->argl, ex_schema->argp);
}
void compile_item_to_compile_rule(struct compile_item *compile_item, void compile_item_to_compile_rule(struct compile_item *compile_item,
struct compile_schema *compile_schema, struct compile_schema *compile_schema,
struct compile_rule *compile_rule) struct compile_rule *compile_rule)
@@ -1434,7 +1501,7 @@ void compile_item_to_compile_rule(struct compile_item *compile_item,
compile_rule->magic_num = COMPILE_RULE_MAGIC; compile_rule->magic_num = COMPILE_RULE_MAGIC;
compile_rule->head = rule_head; compile_rule->head = rule_head;
compile_rule->declared_clause_num = compile_item->clause_num; compile_rule->declared_clause_num = compile_item->declared_clause_num;
compile_rule->ex_data = ALLOC(void *, MAX_COMPILE_EX_DATA_NUM); compile_rule->ex_data = ALLOC(void *, MAX_COMPILE_EX_DATA_NUM);
compile_rule->ref_table = compile_schema; compile_rule->ref_table = compile_schema;
@@ -1544,7 +1611,9 @@ int compile_runtime_update(void *compile_runtime, void *compile_schema,
} else { } else {
maat_compile_hash_add(&(compile_rt->compile_hash), compile_id, compile); maat_compile_hash_add(&(compile_rt->compile_hash), compile_id, compile);
} }
if (compile->compile_id == 141) {
printf("compile->declared_clause_num:%d\n", compile->declared_clause_num);
}
pthread_rwlock_unlock(&compile_rt->rwlock); pthread_rwlock_unlock(&compile_rt->rwlock);
} }

7
src/maat_config_monitor.c
View File

@@ -11,7 +11,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <limits.h> #include <linux/limits.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <dirent.h> #include <dirent.h>
#include <unistd.h> #include <unistd.h>
@@ -23,7 +23,6 @@
#define MODULE_CONFIG_MONITOR module_name_str("maat.config_monitor") #define MODULE_CONFIG_MONITOR module_name_str("maat.config_monitor")
#define CM_MAX_TABLE_NUM 256
#define MAX_CONFIG_LINE (1024 * 16) #define MAX_CONFIG_LINE (1024 * 16)
struct cm_table_info_t struct cm_table_info_t
@@ -319,7 +318,7 @@ void config_monitor_traverse(long long current_version, const char *idx_dir,
long long new_version = 0; long long new_version = 0;
char **idx_path_array = NULL; char **idx_path_array = NULL;
size_t idx_path_num = 0; size_t idx_path_num = 0;
struct cm_table_info_t table_array[CM_MAX_TABLE_NUM]; struct cm_table_info_t table_array[MAX_TABLE_NUM];
memset(table_array, 0, sizeof(table_array)); memset(table_array, 0, sizeof(table_array));
@@ -327,7 +326,7 @@ void config_monitor_traverse(long long current_version, const char *idx_dir,
if (update_type != MAAT_UPDATE_TYPE_NONE) { if (update_type != MAAT_UPDATE_TYPE_NONE) {
for (i = 0; i < idx_path_num; i++) { for (i = 0; i < idx_path_num; i++) {
log_info(logger, MODULE_CONFIG_MONITOR, "load %s", idx_path_array[i]); log_info(logger, MODULE_CONFIG_MONITOR, "load %s", idx_path_array[i]);
int table_num = cm_read_cfg_index_file(idx_path_array[i], table_array, CM_MAX_TABLE_NUM); int table_num = cm_read_cfg_index_file(idx_path_array[i], table_array, MAX_TABLE_NUM);
if (table_num < 0) { if (table_num < 0) {
log_error(logger, MODULE_CONFIG_MONITOR, "load %s failed, abandon update", idx_path_array[i]); log_error(logger, MODULE_CONFIG_MONITOR, "load %s failed, abandon update", idx_path_array[i]);
break; break;

18
src/maat_ip_plugin.c
View File

@@ -320,23 +320,21 @@ void ip_plugin_table_set_ex_data_schema(void *ip_plugin_schema,
schema->ex_schema = ex_data_schema_new(new_func, free_func, dup_func, argl, argp); schema->ex_schema = ex_data_schema_new(new_func, free_func, dup_func, argl, argp);
} }
int ip_plugin_runtime_update_row(struct ip_plugin_runtime *rt, struct ip_plugin_schema *schema, int ip_plugin_runtime_update_row(struct ip_plugin_runtime *ip_plugin_rt,
const char *row, char *key, size_t key_len, const char *row, char *key, size_t key_len,
struct ip_plugin_item *ip_plugin_item, int is_valid) struct ip_plugin_item *ip_plugin_item, int is_valid)
{ {
int ret = -1; int ret = -1;
struct ex_data_runtime *ex_data_rt = rt->ex_data_rt; struct ex_data_runtime *ex_data_rt = ip_plugin_rt->ex_data_rt;
struct ex_data_schema *ex_schema = schema->ex_schema;
if (ex_schema != NULL) {
if (0 == is_valid) { if (0 == is_valid) {
//delete // delete
ret = ex_data_runtime_del_ex_container(ex_data_rt, key, key_len); ret = ex_data_runtime_del_ex_container(ex_data_rt, key, key_len);
if (ret < 0) { if (ret < 0) {
return -1; return -1;
} }
} else { } else {
//add // add
void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len); void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len);
struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)ip_plugin_item); struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)ip_plugin_item);
ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container); ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container);
@@ -344,9 +342,6 @@ int ip_plugin_runtime_update_row(struct ip_plugin_runtime *rt, struct ip_plugin_
return -1; return -1;
} }
} }
} else {
ex_data_runtime_cache_row_put(ex_data_rt, row);
}
return 0; return 0;
} }
@@ -435,8 +430,8 @@ int ip_plugin_runtime_update(void *ip_plugin_runtime, void *ip_plugin_schema,
} }
char *key = (char *)&item_id; char *key = (char *)&item_id;
int ret = ip_plugin_runtime_update_row(ip_plugin_rt, schema, line, key, int ret = ip_plugin_runtime_update_row(ip_plugin_rt, line, key, sizeof(int),
sizeof(int), ip_plugin_item, is_valid); ip_plugin_item, is_valid);
if (ret < 0) { if (ret < 0) {
if (ip_plugin_item != NULL) { if (ip_plugin_item != NULL) {
FREE(ip_plugin_item); FREE(ip_plugin_item);
@@ -479,6 +474,7 @@ int ip_plugin_runtime_commit(void *ip_plugin_runtime, const char *table_name)
for (size_t i = 0; i < rule_cnt; i++) { for (size_t i = 0; i < rule_cnt; i++) {
struct ip_plugin_item *item = (struct ip_plugin_item *)ex_container[i]->custom_data; struct ip_plugin_item *item = (struct ip_plugin_item *)ex_container[i]->custom_data;
assert(item != NULL);
ip_plugin_item_to_ip_rule(item, &rules[i]); ip_plugin_item_to_ip_rule(item, &rules[i]);
rules[i].user_tag = ex_container[i]; rules[i].user_tag = ex_container[i];
} }

28
src/maat_plugin.c
View File

@@ -395,3 +395,31 @@ struct ex_data_runtime *plugin_runtime_get_ex_data_rt(void *plugin_runtime)
struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime; struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime;
return plugin_rt->ex_data_rt; return plugin_rt->ex_data_rt;
} }
size_t plugin_runtime_cached_row_count(void *plugin_runtime)
{
if (NULL == plugin_runtime) {
return 0;
}
struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime;
if (NULL == plugin_rt->ex_data_rt) {
return 0;
}
return ex_data_runtime_cached_row_count(plugin_rt->ex_data_rt);
}
const char *plugin_runtime_cached_row_get(void *plugin_runtime, size_t index)
{
if (NULL == plugin_runtime) {
return NULL;
}
struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime;
if (NULL == plugin_rt->ex_data_rt) {
return NULL;
}
return ex_data_runtime_cached_row_get(plugin_rt->ex_data_rt, index);
}

2
src/maat_rule.c
View File

@@ -11,7 +11,7 @@
#include <unistd.h> #include <unistd.h>
#include <stdio.h> #include <stdio.h>
#include <pthread.h> #include <pthread.h>
#include <limits.h> #include <linux/limits.h>
#include <string.h> #include <string.h>
#include <sys/prctl.h> #include <sys/prctl.h>
#include <sys/stat.h> #include <sys/stat.h>

2
src/maat_table.c
View File

@@ -8,7 +8,7 @@
*********************************************************************************************** ***********************************************************************************************
*/ */
#include <limits.h> #include <linux/limits.h>
#include <assert.h> #include <assert.h>
#include "log/log.h" #include "log/log.h"

104
test/maat_framework_gtest.cpp
View File

@@ -36,14 +36,14 @@ protected:
TEST_F(MaatFlagScan, basic) { TEST_F(MaatFlagScan, basic) {
const char *flag_table_name = "FLAG_CONFIG"; const char *flag_table_name = "FLAG_CONFIG";
int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name);
//compile_id:192 flag: 0000 0001 mask: 0000 0011 //compile_id:192 flag: 0000 0001 mask: 0000 0011
//scan_data: 0000 1001 or 0000 1101 should hit //scan_data: 0000 1001 or 0000 1101 should hit
uint64_t scan_data = 9; uint64_t scan_data = 9;
int results[ARRAY_SIZE] = {0}; int results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results, int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -58,7 +58,7 @@ TEST_F(MaatFlagScan, basic) {
scan_data = 13; scan_data = 13;
memset(results, 0, sizeof(results)); memset(results, 0, sizeof(results));
n_hit_result = 0; n_hit_result = 0;
ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results, ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -68,7 +68,7 @@ TEST_F(MaatFlagScan, basic) {
scan_data = 6; scan_data = 6;
memset(results, 0, sizeof(results)); memset(results, 0, sizeof(results));
n_hit_result = 0; n_hit_result = 0;
ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results, ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0); EXPECT_EQ(n_hit_result, 0);
@@ -78,7 +78,8 @@ TEST_F(MaatFlagScan, basic) {
TEST_F(MaatFlagScan, withExprRegion) { TEST_F(MaatFlagScan, withExprRegion) {
const char *flag_table_name = "FLAG_CONFIG"; const char *flag_table_name = "FLAG_CONFIG";
const char *expr_table_name = "HTTP_URL_LITERAL"; const char *expr_table_name = "HTTP_URL_LITERAL";
int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name);
int expr_table_id = maat_table_get_id(g_maat_instance, expr_table_name);
//compile_id:193 flag: 0000 0010 mask: 0000 0011 //compile_id:193 flag: 0000 0010 mask: 0000 0011
//scan_data: 0000 0010 or 0000 0100 should hit //scan_data: 0000 0010 or 0000 0100 should hit
uint64_t flag_scan_data = 2; uint64_t flag_scan_data = 2;
@@ -86,7 +87,7 @@ TEST_F(MaatFlagScan, withExprRegion) {
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, flag_scan_data, results, int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, flag_scan_data, results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0); EXPECT_EQ(n_hit_result, 0);
@@ -97,7 +98,7 @@ TEST_F(MaatFlagScan, withExprRegion) {
EXPECT_NE(n_read, 0); EXPECT_NE(n_read, 0);
const char *expr_scan_data = "hello world"; const char *expr_scan_data = "hello world";
ret = maat_scan_string(g_maat_instance, expr_table_name, 0, expr_scan_data, ret = maat_scan_string(g_maat_instance, expr_table_id, 0, expr_scan_data,
strlen(expr_scan_data), results, ARRAY_SIZE, strlen(expr_scan_data), results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
@@ -108,7 +109,7 @@ TEST_F(MaatFlagScan, withExprRegion) {
TEST_F(MaatFlagScan, hitMultiCompile) { TEST_F(MaatFlagScan, hitMultiCompile) {
const char *flag_table_name = "FLAG_CONFIG"; const char *flag_table_name = "FLAG_CONFIG";
int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name);
//compile_id:192 flag: 0000 0001 mask: 0000 0011 //compile_id:192 flag: 0000 0001 mask: 0000 0011
//compile_id:194 flag: 0001 0101 mask: 0001 1111 //compile_id:194 flag: 0001 0101 mask: 0001 1111
//scan_data: 0001 0101 should hit compile192 and compile194 //scan_data: 0001 0101 should hit compile192 and compile194
@@ -117,7 +118,7 @@ TEST_F(MaatFlagScan, hitMultiCompile) {
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, flag_scan_data, results, int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, flag_scan_data, results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(n_hit_result, 2);
@@ -145,12 +146,12 @@ protected:
TEST_F(MaatStringScan, Expr8) { TEST_F(MaatStringScan, Expr8) {
const char *table_name = "KEYWORDS_TABLE"; const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[ARRAY_SIZE] = {0}; int results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data, strlen(scan_data), int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -170,8 +171,9 @@ TEST_F(MaatStringScan, Regex) {
struct maat_state *state = NULL; struct maat_state *state = NULL;
const char *cookie = "Cookie: Txa123aheadBCAxd"; const char *cookie = "Cookie: Txa123aheadBCAxd";
const char *table_name = "HTTP_URL_REGEX"; const char *table_name = "HTTP_URL_REGEX";
int table_id = maat_table_get_id(g_maat_instance, table_name);
ret = maat_scan_string(g_maat_instance, table_name, 0, cookie, strlen(cookie), ret = maat_scan_string(g_maat_instance, table_id, 0, cookie, strlen(cookie),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(results[0], 146); EXPECT_EQ(results[0], 146);
@@ -209,14 +211,15 @@ TEST_F(MaatStringScan, ExprPlus) {
const char *scan_data1 = "http://www.cyberessays.com/search_results.php?action=search&query=abckkk,1234567"; const char *scan_data1 = "http://www.cyberessays.com/search_results.php?action=search&query=abckkk,1234567";
const char *scan_data2 = "Addis Sapphire Hotel"; const char *scan_data2 = "Addis Sapphire Hotel";
const char *table_name = "HTTP_SIGNATURE"; const char *table_name = "HTTP_SIGNATURE";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data1, strlen(scan_data1), int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data1, strlen(scan_data1),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_ERR);//Should return error for district not setting. EXPECT_EQ(ret, MAAT_SCAN_ERR);//Should return error for district not setting.
ret = maat_state_set_scan_district(g_maat_instance, &state, region_name1, strlen(region_name1)); ret = maat_state_set_scan_district(g_maat_instance, &state, region_name1, strlen(region_name1));
ASSERT_EQ(ret, 0); ASSERT_EQ(ret, 0);
ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data1, strlen(scan_data1), ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data1, strlen(scan_data1),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(results[0], 128); EXPECT_EQ(results[0], 128);
@@ -224,7 +227,7 @@ TEST_F(MaatStringScan, ExprPlus) {
ret = maat_state_set_scan_district(g_maat_instance, &state, region_name2, strlen(region_name2)); ret = maat_state_set_scan_district(g_maat_instance, &state, region_name2, strlen(region_name2));
ASSERT_EQ(ret, 0); ASSERT_EQ(ret, 0);
ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data2, strlen(scan_data2), ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data2, strlen(scan_data2),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(results[0], 190); EXPECT_EQ(results[0], 190);
@@ -350,12 +353,12 @@ TEST_F(MaatStringScan, ExprPlusWithOffset)
#endif #endif
TEST_F(MaatStringScan, dynamic_config) { TEST_F(MaatStringScan, dynamic_config) {
const char *table_name = "HTTP_URL_LITERAL"; const char *table_name = "HTTP_URL_LITERAL";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char data[128] = "hello world"; char data[128] = "hello world";
int results[ARRAY_SIZE] = {0}; int results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results, int ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0); EXPECT_EQ(n_hit_result, 0);
@@ -392,7 +395,7 @@ TEST_F(MaatStringScan, dynamic_config) {
sleep(2); sleep(2);
state = NULL; state = NULL;
ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results, ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -428,7 +431,7 @@ TEST_F(MaatStringScan, dynamic_config) {
sleep(2); sleep(2);
state = NULL; state = NULL;
ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results, ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results,
ARRAY_SIZE, &n_hit_result, &state); ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0); EXPECT_EQ(n_hit_result, 0);
@@ -449,6 +452,7 @@ protected:
TEST_F(MaatIPScan, IPv4) { TEST_F(MaatIPScan, IPv4) {
const char *table_name = "IP_PLUS_CONFIG"; const char *table_name = "IP_PLUS_CONFIG";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char ip_str[32] = "10.0.7.100"; char ip_str[32] = "10.0.7.100";
uint32_t sip; uint32_t sip;
int ret = inet_pton(AF_INET, ip_str, &sip); int ret = inet_pton(AF_INET, ip_str, &sip);
@@ -457,7 +461,7 @@ TEST_F(MaatIPScan, IPv4) {
int results[ARRAY_SIZE] = {-1}; int results[ARRAY_SIZE] = {-1};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(n_hit_result, 2);
@@ -468,6 +472,7 @@ TEST_F(MaatIPScan, IPv4) {
TEST_F(MaatIPScan, IPv6) { TEST_F(MaatIPScan, IPv6) {
const char *table_name = "IP_PLUS_CONFIG"; const char *table_name = "IP_PLUS_CONFIG";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char ip_str[32] = "1001:da8:205:1::101"; char ip_str[32] = "1001:da8:205:1::101";
uint8_t sip[16]; uint8_t sip[16];
int ret = inet_pton(AF_INET6, ip_str, &sip); int ret = inet_pton(AF_INET6, ip_str, &sip);
@@ -477,7 +482,7 @@ TEST_F(MaatIPScan, IPv6) {
memset(results, -1, sizeof(results)); memset(results, -1, sizeof(results));
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
ret = maat_scan_ipv6(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, ret = maat_scan_ipv6(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -488,7 +493,7 @@ TEST_F(MaatIPScan, IPv6) {
TEST_F(MaatIPScan, dynamic_config) { TEST_F(MaatIPScan, dynamic_config) {
const char *table_name = "IP_PLUS_CONFIG"; const char *table_name = "IP_PLUS_CONFIG";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char ip_str[32] = "100.100.100.100"; char ip_str[32] = "100.100.100.100";
uint32_t sip; uint32_t sip;
int ret = inet_pton(AF_INET, ip_str, &sip); int ret = inet_pton(AF_INET, ip_str, &sip);
@@ -497,7 +502,7 @@ TEST_F(MaatIPScan, dynamic_config) {
int results[ARRAY_SIZE] = {-1}; int results[ARRAY_SIZE] = {-1};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -535,7 +540,7 @@ TEST_F(MaatIPScan, dynamic_config) {
sleep(2); sleep(2);
state = NULL; state = NULL;
ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 2); EXPECT_EQ(n_hit_result, 2);
@@ -588,15 +593,16 @@ TEST_F(MaatIntervalScan, Pure) {
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
const char *table_name = "CONTENT_SIZE"; const char *table_name = "CONTENT_SIZE";
int table_id = maat_table_get_id(g_maat_instance, table_name);
unsigned int scan_data1 = 2015; unsigned int scan_data1 = 2015;
int ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data1, results, ARRAY_SIZE,
int ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
maat_state_free(&state); maat_state_free(&state);
unsigned int scan_data2 = 300; unsigned int scan_data2 = 300;
ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data2, results, ARRAY_SIZE, ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data2, results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0); EXPECT_EQ(n_hit_result, 0);
@@ -608,13 +614,14 @@ TEST_F(MaatIntervalScan, IntervalPlus) {
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
const char *table_name = "INTERGER_PLUS"; const char *table_name = "INTERGER_PLUS";
int table_id = maat_table_get_id(g_maat_instance, table_name);
const char *district_str = "interval.plus"; const char *district_str = "interval.plus";
int ret = maat_state_set_scan_district(g_maat_instance, &state, district_str, strlen(district_str)); int ret = maat_state_set_scan_district(g_maat_instance, &state, district_str, strlen(district_str));
EXPECT_EQ(ret, 0); EXPECT_EQ(ret, 0);
unsigned int scan_data1 = 2020; unsigned int scan_data1 = 2020;
ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data1, results, ARRAY_SIZE, ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE,
&n_hit_result, &state); &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -643,8 +650,10 @@ TEST_F(NOTLogic, ScanNotAtLast) {
struct maat_state *state = NULL; struct maat_state *state = NULL;
const char *hit_table_name = "HTTP_URL_LITERAL"; const char *hit_table_name = "HTTP_URL_LITERAL";
const char *not_hit_table_name = "KEYWORDS_TABLE"; const char *not_hit_table_name = "KEYWORDS_TABLE";
int hit_table_id = maat_table_get_id(g_maat_instance, hit_table_name);
int not_hit_table_id = maat_table_get_id(g_maat_instance, not_hit_table_name);
int ret = maat_scan_string(g_maat_instance, hit_table_name, 0, string_should_hit, strlen(string_should_hit), int ret = maat_scan_string(g_maat_instance, hit_table_id, 0, string_should_hit, strlen(string_should_hit),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
@@ -652,7 +661,7 @@ TEST_F(NOTLogic, ScanNotAtLast) {
EXPECT_EQ(results[0], 144); EXPECT_EQ(results[0], 144);
maat_state_set_last_scan(g_maat_instance, &state); maat_state_set_last_scan(g_maat_instance, &state);
ret = maat_scan_string(g_maat_instance, not_hit_table_name, 0, string_should_not_hit, strlen(string_should_not_hit), ret = maat_scan_string(g_maat_instance, not_hit_table_id, 0, string_should_not_hit, strlen(string_should_not_hit),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
maat_state_free(&state); maat_state_free(&state);
@@ -713,8 +722,9 @@ protected:
TEST_F(PluginTable, Callback) { TEST_F(PluginTable, Callback) {
const char *table_name = "QD_ENTRY_INFO"; const char *table_name = "QD_ENTRY_INFO";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int ret = maat_table_callback_register(g_maat_instance, table_name, int ret = maat_table_callback_register(g_maat_instance, table_id,
maat_read_entry_start_cb, maat_read_entry_start_cb,
maat_read_entry_cb, maat_read_entry_cb,
maat_read_entry_finish_cb, maat_read_entry_finish_cb,
@@ -781,8 +791,9 @@ void ip_plugin_EX_dup_cb(int table_id, void **to, void **from, long argl, void *
TEST_F(IPPluginTable, EX_DATA) { TEST_F(IPPluginTable, EX_DATA) {
int ip_plugin_ex_data_counter = 0; int ip_plugin_ex_data_counter = 0;
const char *table_name = "TEST_IP_PLUGIN_WITH_EXDATA"; const char *table_name = "TEST_IP_PLUGIN_WITH_EXDATA";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int ret = maat_plugin_table_ex_schema_register(g_maat_instance, table_name, int ret = maat_plugin_table_ex_schema_register(g_maat_instance, table_id,
ip_plugin_EX_new_cb, ip_plugin_EX_new_cb,
ip_plugin_EX_free_cb, ip_plugin_EX_free_cb,
ip_plugin_EX_dup_cb, ip_plugin_EX_dup_cb,
@@ -796,7 +807,7 @@ TEST_F(IPPluginTable, EX_DATA) {
EXPECT_EQ(ret, 1); EXPECT_EQ(ret, 1);
struct ip_plugin_ud *results[ARRAY_SIZE]; struct ip_plugin_ud *results[ARRAY_SIZE];
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv4, ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv4,
(void **)results, ARRAY_SIZE); (void **)results, ARRAY_SIZE);
EXPECT_EQ(ret, 2); EXPECT_EQ(ret, 2);
EXPECT_EQ(results[0]->rule_id, 101); EXPECT_EQ(results[0]->rule_id, 101);
@@ -812,7 +823,7 @@ TEST_F(IPPluginTable, EX_DATA) {
inet_pton(AF_INET6, "2001:db8:1234::5210", &(ipv6.ipv6)); inet_pton(AF_INET6, "2001:db8:1234::5210", &(ipv6.ipv6));
memset(results, 0, sizeof(results)); memset(results, 0, sizeof(results));
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv6, ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv6,
(void**)results, ARRAY_SIZE); (void**)results, ARRAY_SIZE);
EXPECT_EQ(ret, 2); EXPECT_EQ(ret, 2);
EXPECT_EQ(results[0]->rule_id, 104); EXPECT_EQ(results[0]->rule_id, 104);
@@ -824,7 +835,7 @@ TEST_F(IPPluginTable, EX_DATA) {
//Reproduce BugReport-Liumengyan-20210515 //Reproduce BugReport-Liumengyan-20210515
inet_pton(AF_INET6, "240e:97c:4010:104::17", &(ipv6.ipv6)); inet_pton(AF_INET6, "240e:97c:4010:104::17", &(ipv6.ipv6));
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv6, ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv6,
(void**)results, ARRAY_SIZE); (void**)results, ARRAY_SIZE);
EXPECT_EQ(ret, 0); EXPECT_EQ(ret, 0);
} }
@@ -846,9 +857,10 @@ TEST_F(VirtualTable, basic) {
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
const char *table_name = "HTTP_RESPONSE_KEYWORDS"; const char *table_name = "HTTP_RESPONSE_KEYWORDS";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data, strlen(scan_data),
int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0); EXPECT_EQ(n_hit_result, 0);
@@ -923,22 +935,26 @@ TEST_F(CompileTable, CompileEXData) {
struct maat_state *state = NULL; struct maat_state *state = NULL;
const char *url = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg"; const char *url = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg";
const char *table_name = "HTTP_URL_LITERAL"; const char *table_name = "HTTP_URL_LITERAL";
const char *compile_table_name = "COMPILE";
const char *expect_name = "I have a name"; const char *expect_name = "I have a name";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int compile_table_id = maat_table_get_id(g_maat_instance, compile_table_name);
int ex_data_counter = 0; int ex_data_counter = 0;
int ex_param_idx = maat_compile_table_ex_schema_register(g_maat_instance, "COMPILE_ALIAS", int ex_param_idx = maat_compile_table_ex_schema_register(g_maat_instance, compile_table_id,
compile_ex_param_new, compile_ex_param_new,
compile_ex_param_free, compile_ex_param_free,
compile_ex_param_dup, compile_ex_param_dup,
0, &ex_data_counter); 0, &ex_data_counter);
ASSERT_TRUE(ex_param_idx>=0); ASSERT_TRUE(ex_param_idx >= 0);
EXPECT_EQ(ex_data_counter, 1);
int ret = maat_scan_string(g_maat_instance, table_name, 0, url, strlen(url), int ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url),
results, ARRAY_SIZE, &n_hit_result, &state); results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
EXPECT_EQ(results[0], 141);
void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, table_name, 0, ex_param_idx); void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, compile_table_id, results[0], ex_param_idx);
ASSERT_TRUE(ex_data!=NULL); ASSERT_TRUE(ex_data!=NULL);
struct rule_ex_param *param = (struct rule_ex_param *)ex_data; struct rule_ex_param *param = (struct rule_ex_param *)ex_data;
EXPECT_EQ(param->id, 7799); EXPECT_EQ(param->id, 7799);
@@ -997,7 +1013,7 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para)
int write_config_to_redis(char *redis_ip, int redis_port, int redis_db, int write_config_to_redis(char *redis_ip, int redis_port, int redis_db,
struct log_handle *logger) struct log_handle *logger)
{ {
char json_iris_path[128] = {0}; char json_iris_path[512] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
@@ -1033,7 +1049,7 @@ int write_config_to_redis(char *redis_ip, int redis_port, int redis_db,
} }
size_t total_line_cnt = 0; size_t total_line_cnt = 0;
char tmp_iris_full_idx_path[128] = {0}; char tmp_iris_full_idx_path[PATH_MAX] = {0};
snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path); snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path);
config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL, &total_line_cnt, logger); config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL, &total_line_cnt, logger);

32
test/maat_input_mode_gtest.cpp
View File

@@ -12,8 +12,8 @@ const char *json_filename = "maat_json.json";
struct log_handle *g_logger = NULL; struct log_handle *g_logger = NULL;
TEST(json_mode, maat_scan_string) { TEST(json_mode, maat_scan_string) {
char tmp_iris_path[128] = {0}; char tmp_iris_path[PATH_MAX] = {0};
char json_iris_path[128] = {0}; char json_iris_path[PATH_MAX] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
if (access(json_iris_path, F_OK) < 0) { if (access(json_iris_path, F_OK) < 0) {
@@ -29,7 +29,7 @@ TEST(json_mode, maat_scan_string) {
} }
struct maat_options *opts = maat_options_new(); struct maat_options *opts = maat_options_new();
char json_path[128] = {0}; char json_path[PATH_MAX] = {0};
snprintf(json_path, sizeof(json_path), "./%s", json_filename); snprintf(json_path, sizeof(json_path), "./%s", json_filename);
maat_options_set_json_file(opts, json_path); maat_options_set_json_file(opts, json_path);
@@ -37,11 +37,12 @@ TEST(json_mode, maat_scan_string) {
EXPECT_TRUE(maat_instance != NULL); EXPECT_TRUE(maat_instance != NULL);
const char *table_name = "KEYWORDS_TABLE"; const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[5] = {0}; int results[5] = {0};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data), int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, sizeof(results), &n_hit_result, &state); results, sizeof(results), &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -53,8 +54,8 @@ TEST(json_mode, maat_scan_string) {
} }
TEST(iris_mode, maat_scan_string) { TEST(iris_mode, maat_scan_string) {
char tmp_iris_path[128] = {0}; char tmp_iris_path[512] = {0};
char json_iris_path[128] = {0}; char json_iris_path[512] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
if (access(json_iris_path, F_OK) < 0) { if (access(json_iris_path, F_OK) < 0) {
@@ -69,8 +70,8 @@ TEST(iris_mode, maat_scan_string) {
EXPECT_NE(ret, -1); EXPECT_NE(ret, -1);
} }
char tmp_iris_full_idx_path[128] = {0}; char tmp_iris_full_idx_path[PATH_MAX] = {0};
char tmp_iris_inc_idx_path[128] = {0}; char tmp_iris_inc_idx_path[PATH_MAX] = {0};
snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path); snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path);
snprintf(tmp_iris_inc_idx_path, sizeof(tmp_iris_inc_idx_path), "%s/index", json_iris_path); snprintf(tmp_iris_inc_idx_path, sizeof(tmp_iris_inc_idx_path), "%s/index", json_iris_path);
@@ -81,11 +82,12 @@ TEST(iris_mode, maat_scan_string) {
EXPECT_TRUE(maat_instance != NULL); EXPECT_TRUE(maat_instance != NULL);
const char *table_name = "KEYWORDS_TABLE"; const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[5] = {0}; int results[5] = {0};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data), int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, sizeof(results), &n_hit_result, &state); results, sizeof(results), &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -135,7 +137,8 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para)
buff[strlen(buff)-1]='\0'; buff[strlen(buff)-1]='\0';
} }
maat_cmd_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, rule_id, table_name, buff, absolute_expire_time); maat_cmd_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, rule_id, table_name,
buff, absolute_expire_time);
line_idx++; line_idx++;
FREE(str1); FREE(str1);
@@ -143,7 +146,7 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para)
} }
TEST(redis_mode, maat_scan_string) { TEST(redis_mode, maat_scan_string) {
char json_iris_path[128] = {0}; char json_iris_path[512] = {0};
char redis_ip[64] = "127.0.0.1"; char redis_ip[64] = "127.0.0.1";
int redis_port = 6379; int redis_port = 6379;
int redis_db = 0; int redis_db = 0;
@@ -170,7 +173,7 @@ TEST(redis_mode, maat_scan_string) {
} }
size_t total_line_cnt = 0; size_t total_line_cnt = 0;
char tmp_iris_full_idx_path[128] = {0}; char tmp_iris_full_idx_path[PATH_MAX] = {0};
snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path); snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path);
config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL, config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL,
&total_line_cnt, g_logger); &total_line_cnt, g_logger);
@@ -201,11 +204,12 @@ TEST(redis_mode, maat_scan_string) {
struct maat *maat_instance = maat_new(opts, table_info_path); struct maat *maat_instance = maat_new(opts, table_info_path);
const char *table_name = "KEYWORDS_TABLE"; const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[5] = {0}; int results[5] = {0};
size_t n_hit_result = 0; size_t n_hit_result = 0;
struct maat_state *state = NULL; struct maat_state *state = NULL;
int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data), int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, sizeof(results), &n_hit_result, &state); results, sizeof(results), &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(n_hit_result, 1);
@@ -222,7 +226,7 @@ int main(int argc, char ** argv)
::testing::InitGoogleTest(&argc, argv); ::testing::InitGoogleTest(&argc, argv);
g_logger = log_handle_create("./input_mode_gtest.log", 0); g_logger = log_handle_create("./input_mode_gtest.log", 0);
char json_iris_path[128] = {0}; char json_iris_path[NAME_MAX] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
if ((access(json_iris_path, F_OK)) == 0) { if ((access(json_iris_path, F_OK)) == 0) {
system_cmd_rmdir(json_iris_path); system_cmd_rmdir(json_iris_path);

1
test/maat_json.json
View File

@@ -682,7 +682,6 @@
"do_blacklist": 1, "do_blacklist": 1,
"do_log": 1, "do_log": 1,
"user_region": "Something:I\\bhave\\ba\\bname,7799", "user_region": "Something:I\\bhave\\ba\\bname,7799",
"table_name":"COMPILE_ALIAS",
"is_valid": "yes", "is_valid": "yes",
"groups": [ "groups": [
{ {

2
test/table_info.conf
View File

@@ -3,6 +3,7 @@
"table_id":0, "table_id":0,
"table_name":"COMPILE", "table_name":"COMPILE",
"table_type":"compile", "table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8, "valid_column":8,
"custom": { "custom": {
"compile_id":1, "compile_id":1,
@@ -194,6 +195,7 @@
"table_id":14, "table_id":14,
"table_name":"COMPILE_ALIAS", "table_name":"COMPILE_ALIAS",
"table_type":"compile", "table_type":"compile",
"user_region_encoded":"escape",
"valid_column":4, "valid_column":4,
"custom": { "custom": {
"compile_id":1, "compile_id":1,

6
tools/maat_redis_tool.cpp
View File

@@ -72,9 +72,9 @@ void read_rule_from_redis(redisContext *c, long long desire_version, const char
int update_type = MAAT_UPDATE_TYPE_INC; int update_type = MAAT_UPDATE_TYPE_INC;
long long version = 0; long long version = 0;
const char *cur_table = NULL; const char *cur_table = NULL;
char foreign_files_dir[256] = {0}; char foreign_files_dir[NAME_MAX] = {0};
char table_path[256] = {0}; char table_path[PATH_MAX] = {0};
char index_path[256] = {0}; char index_path[PATH_MAX] = {0};
FILE *table_fp = NULL; FILE *table_fp = NULL;
FILE *index_fp = NULL; FILE *index_fp = NULL;
struct serial_rule *rule_list = NULL; struct serial_rule *rule_list = NULL;