gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

table_name->table_id and compile table callback

Browse Source
This commit is contained in:
liuwentan
2023-02-21 11:27:18 +08:00
parent 24b27429a5
commit f8543d9f96
17 changed files with 391 additions and 298 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
include/maat.h
View File

@@ -100,37 +100,41 @@ struct maat *maat_new(struct maat_options *opts, const char *table_info_path);
void maat_free(struct maat *instance);
/* maat table API */
int maat_table_get_id(struct maat *instance, const char *table_name);
/* return 0 if success, otherwise return -1 */
int maat_table_callback_register(struct maat *instance, const char *table_name,
int maat_table_callback_register(struct maat *instance, int table_id,
maat_start_callback_t *start,
maat_update_callback_t *update,
maat_finish_callback_t *finish,
void *u_para);
/* maat compile table API */
int maat_compile_table_ex_schema_register(struct maat *instance, const char *table_name,
int maat_compile_table_ex_schema_register(struct maat *instance, int table_id,
maat_rule_ex_new_func_t *new_func,
maat_rule_ex_free_func_t *free_func,
maat_rule_ex_dup_func_t *dup_func,
long argl, void *argp);
void *maat_compile_table_get_ex_data(struct maat *instance, const char *table_name, int compile_id, size_t idx);
void *maat_compile_table_get_ex_data(struct maat *instance, int compile_table_id,
int compile_id, size_t idx);
/* maat plugin table API */
int maat_plugin_table_ex_schema_register(struct maat *instance, const char *table_name,
int maat_plugin_table_ex_schema_register(struct maat *instance, int table_id,
maat_plugin_ex_new_func_t *new_func,
maat_plugin_ex_free_func_t *free_func,
maat_plugin_ex_dup_func_t *dup_func,
long argl, void *argp);
/* returned data is duplicated by dup_func of maat_plugin_table_ex_schema_register,
caller is responsible to free the data. */
int maat_ip_plugin_table_get_ex_data(struct maat *instance, const char *table_name,
int maat_ip_plugin_table_get_ex_data(struct maat *instance, int table_id,
const struct ip_addr *ip, void **ex_data_array,
size_t n_ex_data);
int maat_fqdn_plugin_table_get_ex_data(struct maat *instance, const char *table_name,
const char *fqdn, void **ex_data_array, size_t n_ex_data);
int maat_fqdn_plugin_table_get_ex_data(struct maat *instance, int table_id,
const char *fqdn, void **ex_data_array,
size_t n_ex_data);
int maat_bool_plugin_table_get_ex_data(struct maat *instance, const char *table_name,
int maat_bool_plugin_table_get_ex_data(struct maat *instance, int table_id,
unsigned long long *item_ids, size_t n_item,
void **ex_data_array, size_t n_ex_data);
/* maat scan API */
@@ -150,30 +154,30 @@ struct maat_state;
* MAAT_SCAN_HALF_HIT
* MAAT_SCAN_HIT
*/
int maat_scan_flag(struct maat *instance, const char *table_name, int thread_id,
int maat_scan_flag(struct maat *instance, int table_id, int thread_id,
uint64_t flag, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state);
int maat_scan_integer(struct maat *instance, const char *table_name, int thread_id,
int maat_scan_integer(struct maat *instance, int table_id, int thread_id,
unsigned int intval, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state);
int maat_scan_ipv4(struct maat *instance, const char *table_name, int thread_id,
int maat_scan_ipv4(struct maat *instance, int table_id, int thread_id,
uint32_t ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state);
int maat_scan_ipv6(struct maat *instance, const char *table_name, int thread_id,
int maat_scan_ipv6(struct maat *instance, int table_id, int thread_id,
uint8_t *ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state);
int maat_scan_string(struct maat *instance, const char *table_name, int thread_id,
int maat_scan_string(struct maat *instance, int table_id, int thread_id,
const char *data, size_t data_len, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state);
struct maat_stream;
struct maat_stream *maat_scan_stream_open(struct maat *instance, const char *table_name, int thread_id);
struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id);
int maat_scan_stream(struct maat_stream **stream, int thread_id, const char* data, int data_len,
int results[], size_t *n_result, struct maat_state **state);
int *results, size_t *n_result, struct maat_state **state);
void maat_scan_stream_close(struct maat_stream **stream);

1
src/inc_internal/maat_compile.h
View File

@@ -54,6 +54,7 @@ int compile_table_set_rule_ex_data_schema(struct compile_schema *compile_schema,
long argl, void *argp,
struct log_handle *logger);
void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx);
void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx);
size_t compile_table_rule_ex_data_schema_count(struct compile_schema *compile_schema);

4
src/inc_internal/maat_plugin.h
View File

@@ -60,6 +60,10 @@ int plugin_runtime_commit(void *plugin_runtime, const char *table_name);
struct ex_data_runtime *plugin_runtime_get_ex_data_rt(void *plugin_runtime);
size_t plugin_runtime_cached_row_count(void *plugin_runtime);
const char *plugin_runtime_cached_row_get(void *plugin_runtime, size_t index);
#ifdef __cplusplus
}
#endif

7
src/inc_internal/maat_rule.h
View File

@@ -18,7 +18,7 @@ extern "C"
#include <stdint.h>
#include <stddef.h>
#include <limits.h>
#include <linux/limits.h>
#include <sys/time.h>
#include <pthread.h>
#include <sys/queue.h>
@@ -35,7 +35,7 @@ extern "C"
#include "maat_rule.h"
#include "maat_virtual.h"
#define MAX_TABLE_NUM 256
#define MAX_TABLE_NUM 1024
#define MAX_COMPILE_TABLE_NUM 16
#define MAX_PHYSICAL_TABLE_NUM 16
@@ -315,9 +315,6 @@ void maat_cmd_set_serial_rule(struct serial_rule *rule, enum maat_operation op,
unsigned long rule_id, const char *table_name,
const char *line, long long timeout);
void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head,
const char *srv_def, int srv_def_len);
#ifdef __cplusplus
}
#endif

12
src/json2iris.c
View File

@@ -8,7 +8,7 @@
***********************************************************************************************
*/
#include <limits.h>
#include <linux/limits.h>
#include <string.h>
#include <unistd.h>
#include <assert.h>
@@ -29,6 +29,8 @@
#define mr_region_id_var "SEQUENCE_REGION"
#define mr_group_id_var "SEQUENCE_GROUP"
#define MAX_PATH_LINE 512
const int json_version = 1;
const char *untitled_group_name="Untitled";
@@ -39,12 +41,12 @@ enum maat_group_relation {
struct group_info {
int group_id;
char group_name[PATH_MAX];
char group_name[NAME_MAX];
UT_hash_handle hh;
};
struct iris_table {
char table_name[PATH_MAX];
char table_name[NAME_MAX];
char table_path[PATH_MAX];
int line_count;
enum table_type table_type;
@@ -58,8 +60,8 @@ struct iris_description {
int group_cnt;
int region_cnt;
char tmp_iris_dir[PATH_MAX];
char tmp_iris_index_dir[PATH_MAX];
char tmp_iris_dir[MAX_PATH_LINE];
char tmp_iris_index_dir[MAX_PATH_LINE];
char index_path[PATH_MAX];
struct iris_table *group_table;

266
src/maat_api.c
View File

@@ -11,6 +11,7 @@
#include <stdio.h>
#include <string.h>
#include <assert.h>
#include <linux/limits.h>
#include "maat_utils.h"
#include "json2iris.h"
@@ -34,6 +35,7 @@
#include "maat_plugin.h"
#include "maat_ip_plugin.h"
#include "maat_fqdn_plugin.h"
#include "maat_bool_plugin.h"
#include "maat_virtual.h"
#define MODULE_MAAT_API module_name_str("maat.api")
@@ -400,36 +402,14 @@ static inline void maat_runtime_ref_dec(struct maat_runtime *maat_rt, int thread
alignment_int64_array_add(maat_rt->ref_cnt, thread_id, -1);
}
void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head,
const char *srv_def, int srv_def_len)
{
memcpy(rule, rule_head, sizeof(struct maat_rule_head));
memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN));
}
size_t generic_plugin_runtime_cached_row_count(void *custom_rt, enum table_type table_type)
{
return 0;
}
const char *generic_plugin_runtime_get_cached_row(void *custom_rt, enum table_type table_type,
size_t row_id)
{
return NULL;
}
/* must be plugin table */
int maat_table_callback_register(struct maat *maat_instance, const char *table_name,
int maat_table_callback_register(struct maat *maat_instance, int table_id,
maat_start_callback_t *start,
maat_update_callback_t *update,
maat_finish_callback_t *finish,
void *u_para)
{
int ret = -1;
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return -1;
}
pthread_mutex_lock(&(maat_instance->background_update_mutex));
void *schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
@@ -447,7 +427,8 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n
void *runtime = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
size_t row_cnt = generic_plugin_runtime_cached_row_count(runtime, table_type);
assert(table_type == TABLE_TYPE_PLUGIN);
size_t row_cnt = plugin_runtime_cached_row_count(runtime);
if (row_cnt > 0) {
if (start != NULL) {
@@ -455,7 +436,7 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n
}
for (size_t i = 0; i < row_cnt; i++) {
const char *line = generic_plugin_runtime_get_cached_row(runtime, table_type, i);
const char *line = plugin_runtime_cached_row_get(runtime, i);
if (NULL == line) {
break;
}
@@ -473,59 +454,60 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n
return 0;
}
int maat_compile_table_ex_schema_register(struct maat *maat_instance, const char *table_name,
int maat_compile_table_ex_schema_register(struct maat *maat_instance, int table_id,
maat_rule_ex_new_func_t *new_func,
maat_rule_ex_free_func_t *free_func,
maat_rule_ex_dup_func_t *dup_func,
long argl, void *argp)
{
if (NULL == maat_instance || NULL == table_name) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table:%s is not registered yet", table_name);
if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) {
return -1;
}
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
if (table_type != TABLE_TYPE_COMPILE) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table:%s is not compile table", table_name);
"table(tabld_id:%d) is not compile table", table_id);
return -1;
}
void *compile_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
assert(compile_schema != NULL);
return compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id,
pthread_mutex_lock(&(maat_instance->background_update_mutex));
int idx = compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id,
new_func, free_func, dup_func,
argl, argp, maat_instance->logger);
}
void *maat_compile_table_get_ex_data(struct maat *maat_instance, const char *table_name, int compile_id, size_t idx)
{
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
return NULL;
if (idx < 0) {
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
return -1;
}
if (maat_instance->maat_rt != NULL) {
compile_table_rule_ex_data_iterate((struct compile_schema *)compile_schema, idx);
}
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
return idx;
}
void *maat_compile_table_get_ex_data(struct maat *maat_instance, int compile_table_id,
int compile_id, size_t idx)
{
struct compile_schema *schema = (struct compile_schema *)table_manager_get_schema(maat_instance->tbl_mgr,
table_id);
compile_table_id);
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, compile_table_id);
assert(table_type == TABLE_TYPE_COMPILE);
return compile_table_get_rule_ex_data(schema, compile_id, idx);
}
int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const char *table_name,
int table_id,
int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, int table_id,
maat_plugin_ex_new_func_t *new_func,
maat_plugin_ex_free_func_t *free_func,
maat_plugin_ex_dup_func_t *dup_func,
long argl, void *argp, struct log_handle *logger)
{
if (NULL == tbl_mgr || NULL == table_name || NULL == new_func ||
NULL == free_func || NULL == dup_func) {
if (NULL == tbl_mgr || NULL == new_func || NULL == free_func || NULL == dup_func) {
assert(0);
log_error(logger, MODULE_MAAT_API,
"table(table_id:%d) %s failed: invalid parameter", __FUNCTION__);
@@ -535,8 +517,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
void *schema = table_manager_get_schema(tbl_mgr, table_id);
if (NULL == schema) {
log_error(logger, MODULE_MAAT_API,
"Error: %s, table:%s is not registered, can't register ex schema",
__FUNCTION__, table_name);
"Error: %s, table(table_id:%d) is not registered, can't register ex schema",
__FUNCTION__, table_id);
return -1;
}
@@ -547,8 +529,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
ex_schema = plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for plugin table:%s",
__FUNCTION__, table_name);
"Error: %s, EX data schema already registed for plugin table(table_id:%d)",
__FUNCTION__, table_id);
return -1;
}
plugin_table_set_ex_data_schema(schema, new_func, free_func,
@@ -558,13 +540,35 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
ex_schema = ip_plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for ip_plugin table:%s",
__FUNCTION__, table_name);
"Error: %s, EX data schema already registed for ip_plugin table(table_id:%d)",
__FUNCTION__, table_id);
return -1;
}
ip_plugin_table_set_ex_data_schema(schema, new_func, free_func,
dup_func, argl, argp, logger);
break;
case TABLE_TYPE_FQDN_PLUGIN:
ex_schema = fqdn_plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for fqdn_plugin table(table_id:%d)",
__FUNCTION__, table_id);
return -1;
}
fqdn_plugin_table_set_ex_data_schema(schema, new_func, free_func,
dup_func, argl, argp, logger);
break;
case TABLE_TYPE_BOOL_PLUGIN:
ex_schema = bool_plugin_table_get_ex_data_schema(schema);
if (ex_schema != NULL) {
log_error(logger, MODULE_MAAT_API,
"Error: %s, EX data schema already registed for bool_plugin table(table_id:%d)",
__FUNCTION__, table_id);
return -1;
}
bool_plugin_table_set_ex_data_schema(schema, new_func, free_func,
dup_func, argl, argp, logger);
break;
default:
break;
}
@@ -572,9 +576,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const
return 0;
}
void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const char *table_name,
int table_id, enum table_type table_type,
int valid_column)
void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, int table_id,
enum table_type table_type, int valid_column)
{
struct ex_data_schema *ex_data_schema = NULL;
struct ex_data_runtime *ex_data_rt = NULL;
@@ -588,6 +591,14 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const
ex_data_schema = ip_plugin_table_get_ex_data_schema(schema);
ex_data_rt = ip_plugin_runtime_get_ex_data_rt(runtime);
break;
case TABLE_TYPE_FQDN_PLUGIN:
ex_data_schema = fqdn_plugin_table_get_ex_data_schema(schema);
ex_data_rt = fqdn_plugin_runtime_get_ex_data_rt(runtime);
break;
case TABLE_TYPE_BOOL_PLUGIN:
ex_data_schema = bool_plugin_table_get_ex_data_schema(schema);
ex_data_rt = bool_plugin_runtime_get_ex_data_rt(runtime);
break;
default:
break;
}
@@ -608,6 +619,12 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const
case TABLE_TYPE_IP_PLUGIN:
ip_plugin_runtime_update(runtime, schema, row, valid_column);
break;
case TABLE_TYPE_FQDN_PLUGIN:
fqdn_plugin_runtime_update(runtime, schema, row, valid_column);
break;
case TABLE_TYPE_BOOL_PLUGIN:
bool_plugin_runtime_update(runtime, schema, row, valid_column);
break;
default:
break;
}
@@ -616,36 +633,34 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const
switch (table_type) {
case TABLE_TYPE_PLUGIN:
plugin_runtime_commit(runtime, table_name);
plugin_runtime_commit(runtime, "unknown");
break;
case TABLE_TYPE_IP_PLUGIN:
ip_plugin_runtime_commit(runtime, table_name);
ip_plugin_runtime_commit(runtime, "unknown");
break;
case TABLE_TYPE_FQDN_PLUGIN:
fqdn_plugin_runtime_commit(runtime, "unknown");
break;
case TABLE_TYPE_BOOL_PLUGIN:
bool_plugin_runtime_commit(runtime, "unknown");
break;
default:
break;
}
}
int maat_plugin_table_ex_schema_register(struct maat *maat_instance, const char *table_name,
int maat_plugin_table_ex_schema_register(struct maat *maat_instance, int table_id,
maat_plugin_ex_new_func_t *new_func,
maat_plugin_ex_free_func_t *free_func,
maat_plugin_ex_dup_func_t *dup_func,
long argl, void *argp)
{
if (NULL == maat_instance || NULL == table_name) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) {
return -1;
}
pthread_mutex_lock(&(maat_instance->background_update_mutex));
int ret = generic_plugin_table_ex_schema_register(maat_instance->tbl_mgr, table_name,
table_id,
int ret = generic_plugin_table_ex_schema_register(maat_instance->tbl_mgr, table_id,
new_func, free_func, dup_func,
argl, argp, maat_instance->logger);
if (ret < 0) {
@@ -662,27 +677,19 @@ int maat_plugin_table_ex_schema_register(struct maat *maat_instance, const char
table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
valid_column = table_manager_get_valid_column(maat_instance->tbl_mgr, table_id);
generic_plugin_runtime_commit_ex_schema(runtime, schema, table_name, table_id, table_type,
valid_column);
generic_plugin_runtime_commit_ex_schema(runtime, schema, table_id, table_type, valid_column);
}
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
return 0;
}
int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name,
int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
const struct ip_addr *ip_addr, void **ex_data_array,
size_t n_ex_data)
{
if (NULL == maat_instance || NULL == table_name || NULL == ip_addr ||
NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM
|| NULL == ip_addr || NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
@@ -701,18 +708,12 @@ int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, const char *tab
return n_hit_ex_data;
}
int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name,
const char *fqdn, void **ex_data_array, size_t n_ex_data)
int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
const char *fqdn, void **ex_data_array,
size_t n_ex_data)
{
if (NULL == maat_instance || NULL == table_name || NULL == fqdn ||
NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM
|| NULL == fqdn || NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
@@ -731,19 +732,12 @@ int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, const char *t
return n_hit_ex_data;
}
int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name,
int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
unsigned long long *item_ids, size_t n_item,
void **ex_data_array, size_t n_ex_data)
{
if (NULL == maat_instance || NULL == table_name || NULL == item_ids ||
NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
log_error(maat_instance->logger, MODULE_MAAT_API,
"table_name:%s not registered yet, can't register ex_schema.", table_name);
if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM
|| NULL == item_ids || NULL == ex_data_array || 0 == n_ex_data) {
return -1;
}
@@ -820,17 +814,13 @@ size_t hit_group_to_compile(void *compile_runtime, int *compile_ids, size_t comp
return n_hit_compile;
}
int maat_scan_flag(struct maat *maat_instance, const char *table_name, int thread_id,
int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id,
uint64_t flag, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state)
{
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) ||
(NULL == results) || (0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
|| (thread_id < 0) || (NULL == results) || (0 == n_result)
|| (NULL == state)) {
return MAAT_SCAN_ERR;
}
@@ -950,17 +940,13 @@ int maat_scan_flag(struct maat *maat_instance, const char *table_name, int threa
return MAAT_SCAN_OK;
}
int maat_scan_integer(struct maat *maat_instance, const char *table_name, int thread_id,
int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id,
unsigned int intval, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state)
{
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) ||
(NULL == results) || (0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
|| (thread_id < 0) || (NULL == results) || (0 == n_result) ||
(NULL == state)) {
return MAAT_SCAN_ERR;
}
@@ -1086,17 +1072,13 @@ int maat_scan_integer(struct maat *maat_instance, const char *table_name, int th
return MAAT_SCAN_OK;
}
int maat_scan_ipv4(struct maat *maat_instance, const char *table_name, int thread_id,
int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id,
uint32_t ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state)
{
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) ||
(NULL == results) || (0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
|| (thread_id < 0) || (NULL == results) || (0 == n_result)
|| (NULL == state)) {
return MAAT_SCAN_ERR;
}
@@ -1218,18 +1200,13 @@ int maat_scan_ipv4(struct maat *maat_instance, const char *table_name, int threa
}
int maat_scan_ipv6(struct maat *maat_instance, const char *table_name, int thread_id,
int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id,
uint8_t *ip_addr, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state)
{
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) ||
(NULL == ip_addr) || (NULL == results) || (0 == n_result) ||
(NULL == state)) {
return MAAT_SCAN_ERR;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
|| (thread_id < 0) || (NULL == ip_addr) || (NULL == results)
|| (0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
@@ -1348,18 +1325,13 @@ int maat_scan_ipv6(struct maat *maat_instance, const char *table_name, int threa
return MAAT_SCAN_OK;
}
int maat_scan_string(struct maat *maat_instance, const char *table_name, int thread_id,
int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id,
const char *data, size_t data_len, int *results, size_t n_result,
size_t *n_hit_result, struct maat_state **state)
{
if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) ||
(NULL == data) || (0 == data_len) || (NULL == results) ||
(0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
int table_id = maat_table_get_id(maat_instance, table_name);
if (table_id < 0) {
if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM
|| (thread_id < 0) || (NULL == data) || (0 == data_len)
|| (NULL == results) || (0 == n_result) || (NULL == state)) {
return MAAT_SCAN_ERR;
}
@@ -1483,13 +1455,13 @@ int maat_scan_string(struct maat *maat_instance, const char *table_name, int thr
return MAAT_SCAN_OK;
}
struct maat_stream *maat_scan_stream_open(struct maat *instance, const char *table_name, int thread_id)
struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id)
{
return NULL;
}
int maat_scan_stream(struct maat_stream **stream, int thread_id,
const char *data, int data_len, int results[],
const char *data, int data_len, int *results,
size_t *n_result, struct maat_state **state)
{
return 0;

133
src/maat_compile.c
View File

@@ -10,7 +10,7 @@
#include <assert.h>
#include <pthread.h>
#include <limits.h>
#include <linux/limits.h>
#include "maat_utils.h"
#include "log/log.h"
@@ -38,7 +38,7 @@ struct compile_schema {
int compile_id_column;
int tags_column;
int user_region_column;
int clause_num_column;
int declared_clause_num_column;
int evaluation_order_column;
enum user_region_encode user_region_encoding;
size_t n_ex_schema;
@@ -62,7 +62,7 @@ struct group2compile_schema {
struct compile_item {
int compile_id;
char user_region[MAX_TABLE_LINE_SIZE];
int clause_num;
int declared_clause_num;
int evaluation_order;
};
@@ -202,6 +202,82 @@ void *compile_runtime_get_user_data(struct compile_runtime *compile_rt, int comp
return ret;
}
void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head,
const char *srv_def, int srv_def_len)
{
memcpy(rule, rule_head, sizeof(struct maat_rule_head));
memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN));
}
void *rule_ex_data_new(const struct maat_rule_head *rule_head, const char *srv_def,
const struct compile_ex_data_schema *ex_schema)
{
void *ex_data = NULL;
struct maat_rule rule;
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->new_func(ex_schema->idx, &rule, srv_def, &ex_data, ex_schema->argl, ex_schema->argp);
return ex_data;
}
void rule_ex_data_free(const struct maat_rule_head *rule_head, const char *srv_def,
void *ex_data, const struct compile_ex_data_schema *ex_schema)
{
struct maat_rule rule;
memset(&rule, 0, sizeof(rule));
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->free_func(ex_schema->idx, &rule, srv_def, ex_data,
ex_schema->argl, ex_schema->argp);
}
void rule_ex_data_new_cb(void *user_data, void *param)
{
struct compile_ex_data_schema *ex_schema = (struct compile_ex_data_schema *)param;
struct compile_rule *compile = (struct compile_rule *)user_data;
// if(compile->ref_table->table_id!=ex_desc->table_id)
// {
// return;
// }
void *ad = rule_ex_data_new(&(compile->head), compile->service_defined, ex_schema);
compile->ex_data[ex_schema->idx] = ad;
}
void compile_runtime_user_data_iterate(struct compile_runtime *compile_rt,
void (*callback)(void *user_data, void *param),
void *param)
{
struct maat_compile *compile = NULL, *tmp_compile = NULL;
pthread_rwlock_rdlock(&compile_rt->rwlock);
HASH_ITER(hh, compile_rt->compile_hash, compile, tmp_compile) {
if (compile->user_data) {
callback(compile->user_data, param);
}
}
pthread_rwlock_unlock(&compile_rt->rwlock);
}
void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx)
{
if (NULL == compile_schema) {
return;
}
if (idx >= compile_schema->n_ex_schema) {
return;
}
struct compile_ex_data_schema *ex_schema = (compile_schema->ex_schema + idx);
struct compile_runtime *compile_rt = NULL;
compile_rt = (struct compile_runtime *)table_manager_get_runtime(compile_schema->ref_tbl_mgr,
compile_schema->table_id);
compile_runtime_user_data_iterate(compile_rt, rule_ex_data_new_cb, ex_schema);
}
void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx)
{
if (NULL == compile_schema) {
@@ -254,6 +330,20 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
read_cnt++;
}
item = cJSON_GetObjectItem(json, "user_region_encoded");
if (item != NULL && item->type == cJSON_String) {
if (strcmp(item->valuestring, "escape") == 0) {
compile_schema->user_region_encoding = USER_REGION_ENCODE_ESCAPE;
} else if (strcmp(item->valuestring, "none") == 0) {
compile_schema->user_region_encoding = USER_REGION_ENCODE_NONE;
} else {
log_error(logger, MODULE_COMPILE,
"table %s has no user_region_encoded column", table_name);
goto error;
}
read_cnt++;
}
item = cJSON_GetObjectItem(json, "custom");
if (item == NULL || item->type != cJSON_Object) {
log_error(logger, MODULE_COMPILE,
@@ -281,7 +371,7 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
custom_item = cJSON_GetObjectItem(item, "clause_num");
if (custom_item != NULL && custom_item->type == cJSON_Number) {
compile_schema->clause_num_column = custom_item->valueint;
compile_schema->declared_clause_num_column = custom_item->valueint;
read_cnt++;
}
@@ -293,7 +383,7 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
compile_schema->ref_tbl_mgr = tbl_mgr;
if (read_cnt < 6) {
if (read_cnt < 7) {
goto error;
}
@@ -461,7 +551,7 @@ compile_item_new(const char *line, struct compile_schema *compile_schema,
break;
}
ret = get_column_pos(line, compile_schema->clause_num_column,
ret = get_column_pos(line, compile_schema->declared_clause_num_column,
&column_offset, &column_len);
if (ret < 0) {
log_error(logger, MODULE_COMPILE,
@@ -469,7 +559,7 @@ compile_item_new(const char *line, struct compile_schema *compile_schema,
compile_schema->table_id, line);
goto error;
}
compile_item->clause_num = atoi(line + column_offset);
compile_item->declared_clause_num = atoi(line + column_offset);
ret = get_column_pos(line, compile_schema->evaluation_order_column,
&column_offset, &column_len);
@@ -1402,29 +1492,6 @@ int maat_compile_state_has_NOT_clause(struct maat_compile_state *compile_state)
return compile_state->not_clause_hitted_flag;
}
void *rule_ex_data_new(const struct maat_rule_head *rule_head, const char *srv_def,
const struct compile_ex_data_schema *ex_schema)
{
void *ex_data = NULL;
struct maat_rule rule;
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->new_func(ex_schema->idx, &rule, srv_def, &ex_data, ex_schema->argl, ex_schema->argp);
return ex_data;
}
void rule_ex_data_free(const struct maat_rule_head *rule_head, const char *srv_def,
void *ex_data, const struct compile_ex_data_schema *ex_schema)
{
struct maat_rule rule;
memset(&rule, 0, sizeof(rule));
fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1);
ex_schema->free_func(ex_schema->idx, &rule, srv_def, ex_data,
ex_schema->argl, ex_schema->argp);
}
void compile_item_to_compile_rule(struct compile_item *compile_item,
struct compile_schema *compile_schema,
struct compile_rule *compile_rule)
@@ -1434,7 +1501,7 @@ void compile_item_to_compile_rule(struct compile_item *compile_item,
compile_rule->magic_num = COMPILE_RULE_MAGIC;
compile_rule->head = rule_head;
compile_rule->declared_clause_num = compile_item->clause_num;
compile_rule->declared_clause_num = compile_item->declared_clause_num;
compile_rule->ex_data = ALLOC(void *, MAX_COMPILE_EX_DATA_NUM);
compile_rule->ref_table = compile_schema;
@@ -1544,7 +1611,9 @@ int compile_runtime_update(void *compile_runtime, void *compile_schema,
} else {
maat_compile_hash_add(&(compile_rt->compile_hash), compile_id, compile);
}
if (compile->compile_id == 141) {
printf("compile->declared_clause_num:%d\n", compile->declared_clause_num);
}
pthread_rwlock_unlock(&compile_rt->rwlock);
}

7
src/maat_config_monitor.c
View File

@@ -11,7 +11,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <limits.h>
#include <linux/limits.h>
#include <sys/stat.h>
#include <dirent.h>
#include <unistd.h>
@@ -23,7 +23,6 @@
#define MODULE_CONFIG_MONITOR module_name_str("maat.config_monitor")
#define CM_MAX_TABLE_NUM 256
#define MAX_CONFIG_LINE (1024 * 16)
struct cm_table_info_t
@@ -319,7 +318,7 @@ void config_monitor_traverse(long long current_version, const char *idx_dir,
long long new_version = 0;
char **idx_path_array = NULL;
size_t idx_path_num = 0;
struct cm_table_info_t table_array[CM_MAX_TABLE_NUM];
struct cm_table_info_t table_array[MAX_TABLE_NUM];
memset(table_array, 0, sizeof(table_array));
@@ -327,7 +326,7 @@ void config_monitor_traverse(long long current_version, const char *idx_dir,
if (update_type != MAAT_UPDATE_TYPE_NONE) {
for (i = 0; i < idx_path_num; i++) {
log_info(logger, MODULE_CONFIG_MONITOR, "load %s", idx_path_array[i]);
int table_num = cm_read_cfg_index_file(idx_path_array[i], table_array, CM_MAX_TABLE_NUM);
int table_num = cm_read_cfg_index_file(idx_path_array[i], table_array, MAX_TABLE_NUM);
if (table_num < 0) {
log_error(logger, MODULE_CONFIG_MONITOR, "load %s failed, abandon update", idx_path_array[i]);
break;

18
src/maat_ip_plugin.c
View File

@@ -320,23 +320,21 @@ void ip_plugin_table_set_ex_data_schema(void *ip_plugin_schema,
schema->ex_schema = ex_data_schema_new(new_func, free_func, dup_func, argl, argp);
}
int ip_plugin_runtime_update_row(struct ip_plugin_runtime *rt, struct ip_plugin_schema *schema,
int ip_plugin_runtime_update_row(struct ip_plugin_runtime *ip_plugin_rt,
const char *row, char *key, size_t key_len,
struct ip_plugin_item *ip_plugin_item, int is_valid)
{
int ret = -1;
struct ex_data_runtime *ex_data_rt = rt->ex_data_rt;
struct ex_data_schema *ex_schema = schema->ex_schema;
struct ex_data_runtime *ex_data_rt = ip_plugin_rt->ex_data_rt;
if (ex_schema != NULL) {
if (0 == is_valid) {
//delete
// delete
ret = ex_data_runtime_del_ex_container(ex_data_rt, key, key_len);
if (ret < 0) {
return -1;
}
} else {
//add
// add
void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len);
struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)ip_plugin_item);
ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container);
@@ -344,9 +342,6 @@ int ip_plugin_runtime_update_row(struct ip_plugin_runtime *rt, struct ip_plugin_
return -1;
}
}
} else {
ex_data_runtime_cache_row_put(ex_data_rt, row);
}
return 0;
}
@@ -435,8 +430,8 @@ int ip_plugin_runtime_update(void *ip_plugin_runtime, void *ip_plugin_schema,
}
char *key = (char *)&item_id;
int ret = ip_plugin_runtime_update_row(ip_plugin_rt, schema, line, key,
sizeof(int), ip_plugin_item, is_valid);
int ret = ip_plugin_runtime_update_row(ip_plugin_rt, line, key, sizeof(int),
ip_plugin_item, is_valid);
if (ret < 0) {
if (ip_plugin_item != NULL) {
FREE(ip_plugin_item);
@@ -479,6 +474,7 @@ int ip_plugin_runtime_commit(void *ip_plugin_runtime, const char *table_name)
for (size_t i = 0; i < rule_cnt; i++) {
struct ip_plugin_item *item = (struct ip_plugin_item *)ex_container[i]->custom_data;
assert(item != NULL);
ip_plugin_item_to_ip_rule(item, &rules[i]);
rules[i].user_tag = ex_container[i];
}

28
src/maat_plugin.c
View File

@@ -395,3 +395,31 @@ struct ex_data_runtime *plugin_runtime_get_ex_data_rt(void *plugin_runtime)
struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime;
return plugin_rt->ex_data_rt;
}
size_t plugin_runtime_cached_row_count(void *plugin_runtime)
{
if (NULL == plugin_runtime) {
return 0;
}
struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime;
if (NULL == plugin_rt->ex_data_rt) {
return 0;
}
return ex_data_runtime_cached_row_count(plugin_rt->ex_data_rt);
}
const char *plugin_runtime_cached_row_get(void *plugin_runtime, size_t index)
{
if (NULL == plugin_runtime) {
return NULL;
}
struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime;
if (NULL == plugin_rt->ex_data_rt) {
return NULL;
}
return ex_data_runtime_cached_row_get(plugin_rt->ex_data_rt, index);
}

2
src/maat_rule.c
View File

@@ -11,7 +11,7 @@
#include <unistd.h>
#include <stdio.h>
#include <pthread.h>
#include <limits.h>
#include <linux/limits.h>
#include <string.h>
#include <sys/prctl.h>
#include <sys/stat.h>

2
src/maat_table.c
View File

@@ -8,7 +8,7 @@
***********************************************************************************************
*/
#include <limits.h>
#include <linux/limits.h>
#include <assert.h>
#include "log/log.h"

104
test/maat_framework_gtest.cpp
View File

@@ -36,14 +36,14 @@ protected:
TEST_F(MaatFlagScan, basic) {
const char *flag_table_name = "FLAG_CONFIG";
int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name);
//compile_id:192 flag: 0000 0001 mask: 0000 0011
//scan_data: 0000 1001 or 0000 1101 should hit
uint64_t scan_data = 9;
int results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results,
int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -58,7 +58,7 @@ TEST_F(MaatFlagScan, basic) {
scan_data = 13;
memset(results, 0, sizeof(results));
n_hit_result = 0;
ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results,
ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -68,7 +68,7 @@ TEST_F(MaatFlagScan, basic) {
scan_data = 6;
memset(results, 0, sizeof(results));
n_hit_result = 0;
ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results,
ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0);
@@ -78,7 +78,8 @@ TEST_F(MaatFlagScan, basic) {
TEST_F(MaatFlagScan, withExprRegion) {
const char *flag_table_name = "FLAG_CONFIG";
const char *expr_table_name = "HTTP_URL_LITERAL";
int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name);
int expr_table_id = maat_table_get_id(g_maat_instance, expr_table_name);
//compile_id:193 flag: 0000 0010 mask: 0000 0011
//scan_data: 0000 0010 or 0000 0100 should hit
uint64_t flag_scan_data = 2;
@@ -86,7 +87,7 @@ TEST_F(MaatFlagScan, withExprRegion) {
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, flag_scan_data, results,
int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, flag_scan_data, results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0);
@@ -97,7 +98,7 @@ TEST_F(MaatFlagScan, withExprRegion) {
EXPECT_NE(n_read, 0);
const char *expr_scan_data = "hello world";
ret = maat_scan_string(g_maat_instance, expr_table_name, 0, expr_scan_data,
ret = maat_scan_string(g_maat_instance, expr_table_id, 0, expr_scan_data,
strlen(expr_scan_data), results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
@@ -108,7 +109,7 @@ TEST_F(MaatFlagScan, withExprRegion) {
TEST_F(MaatFlagScan, hitMultiCompile) {
const char *flag_table_name = "FLAG_CONFIG";
int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name);
//compile_id:192 flag: 0000 0001 mask: 0000 0011
//compile_id:194 flag: 0001 0101 mask: 0001 1111
//scan_data: 0001 0101 should hit compile192 and compile194
@@ -117,7 +118,7 @@ TEST_F(MaatFlagScan, hitMultiCompile) {
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, flag_scan_data, results,
int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, flag_scan_data, results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 2);
@@ -145,12 +146,12 @@ protected:
TEST_F(MaatStringScan, Expr8) {
const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data, strlen(scan_data),
int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -170,8 +171,9 @@ TEST_F(MaatStringScan, Regex) {
struct maat_state *state = NULL;
const char *cookie = "Cookie: Txa123aheadBCAxd";
const char *table_name = "HTTP_URL_REGEX";
int table_id = maat_table_get_id(g_maat_instance, table_name);
ret = maat_scan_string(g_maat_instance, table_name, 0, cookie, strlen(cookie),
ret = maat_scan_string(g_maat_instance, table_id, 0, cookie, strlen(cookie),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(results[0], 146);
@@ -209,14 +211,15 @@ TEST_F(MaatStringScan, ExprPlus) {
const char *scan_data1 = "http://www.cyberessays.com/search_results.php?action=search&query=abckkk,1234567";
const char *scan_data2 = "Addis Sapphire Hotel";
const char *table_name = "HTTP_SIGNATURE";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data1, strlen(scan_data1),
int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data1, strlen(scan_data1),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_ERR);//Should return error for district not setting.
ret = maat_state_set_scan_district(g_maat_instance, &state, region_name1, strlen(region_name1));
ASSERT_EQ(ret, 0);
ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data1, strlen(scan_data1),
ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data1, strlen(scan_data1),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(results[0], 128);
@@ -224,7 +227,7 @@ TEST_F(MaatStringScan, ExprPlus) {
ret = maat_state_set_scan_district(g_maat_instance, &state, region_name2, strlen(region_name2));
ASSERT_EQ(ret, 0);
ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data2, strlen(scan_data2),
ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data2, strlen(scan_data2),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(results[0], 190);
@@ -350,12 +353,12 @@ TEST_F(MaatStringScan, ExprPlusWithOffset)
#endif
TEST_F(MaatStringScan, dynamic_config) {
const char *table_name = "HTTP_URL_LITERAL";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char data[128] = "hello world";
int results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results,
int ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0);
@@ -392,7 +395,7 @@ TEST_F(MaatStringScan, dynamic_config) {
sleep(2);
state = NULL;
ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results,
ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -428,7 +431,7 @@ TEST_F(MaatStringScan, dynamic_config) {
sleep(2);
state = NULL;
ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results,
ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results,
ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0);
@@ -449,6 +452,7 @@ protected:
TEST_F(MaatIPScan, IPv4) {
const char *table_name = "IP_PLUS_CONFIG";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char ip_str[32] = "10.0.7.100";
uint32_t sip;
int ret = inet_pton(AF_INET, ip_str, &sip);
@@ -457,7 +461,7 @@ TEST_F(MaatIPScan, IPv4) {
int results[ARRAY_SIZE] = {-1};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE,
ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 2);
@@ -468,6 +472,7 @@ TEST_F(MaatIPScan, IPv4) {
TEST_F(MaatIPScan, IPv6) {
const char *table_name = "IP_PLUS_CONFIG";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char ip_str[32] = "1001:da8:205:1::101";
uint8_t sip[16];
int ret = inet_pton(AF_INET6, ip_str, &sip);
@@ -477,7 +482,7 @@ TEST_F(MaatIPScan, IPv6) {
memset(results, -1, sizeof(results));
size_t n_hit_result = 0;
struct maat_state *state = NULL;
ret = maat_scan_ipv6(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE,
ret = maat_scan_ipv6(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -488,7 +493,7 @@ TEST_F(MaatIPScan, IPv6) {
TEST_F(MaatIPScan, dynamic_config) {
const char *table_name = "IP_PLUS_CONFIG";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char ip_str[32] = "100.100.100.100";
uint32_t sip;
int ret = inet_pton(AF_INET, ip_str, &sip);
@@ -497,7 +502,7 @@ TEST_F(MaatIPScan, dynamic_config) {
int results[ARRAY_SIZE] = {-1};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE,
ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -535,7 +540,7 @@ TEST_F(MaatIPScan, dynamic_config) {
sleep(2);
state = NULL;
ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE,
ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 2);
@@ -588,15 +593,16 @@ TEST_F(MaatIntervalScan, Pure) {
size_t n_hit_result = 0;
struct maat_state *state = NULL;
const char *table_name = "CONTENT_SIZE";
int table_id = maat_table_get_id(g_maat_instance, table_name);
unsigned int scan_data1 = 2015;
int ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data1, results, ARRAY_SIZE,
int ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
maat_state_free(&state);
unsigned int scan_data2 = 300;
ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data2, results, ARRAY_SIZE,
ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data2, results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0);
@@ -608,13 +614,14 @@ TEST_F(MaatIntervalScan, IntervalPlus) {
size_t n_hit_result = 0;
struct maat_state *state = NULL;
const char *table_name = "INTERGER_PLUS";
int table_id = maat_table_get_id(g_maat_instance, table_name);
const char *district_str = "interval.plus";
int ret = maat_state_set_scan_district(g_maat_instance, &state, district_str, strlen(district_str));
EXPECT_EQ(ret, 0);
unsigned int scan_data1 = 2020;
ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data1, results, ARRAY_SIZE,
ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE,
&n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -643,8 +650,10 @@ TEST_F(NOTLogic, ScanNotAtLast) {
struct maat_state *state = NULL;
const char *hit_table_name = "HTTP_URL_LITERAL";
const char *not_hit_table_name = "KEYWORDS_TABLE";
int hit_table_id = maat_table_get_id(g_maat_instance, hit_table_name);
int not_hit_table_id = maat_table_get_id(g_maat_instance, not_hit_table_name);
int ret = maat_scan_string(g_maat_instance, hit_table_name, 0, string_should_hit, strlen(string_should_hit),
int ret = maat_scan_string(g_maat_instance, hit_table_id, 0, string_should_hit, strlen(string_should_hit),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
@@ -652,7 +661,7 @@ TEST_F(NOTLogic, ScanNotAtLast) {
EXPECT_EQ(results[0], 144);
maat_state_set_last_scan(g_maat_instance, &state);
ret = maat_scan_string(g_maat_instance, not_hit_table_name, 0, string_should_not_hit, strlen(string_should_not_hit),
ret = maat_scan_string(g_maat_instance, not_hit_table_id, 0, string_should_not_hit, strlen(string_should_not_hit),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
maat_state_free(&state);
@@ -713,8 +722,9 @@ protected:
TEST_F(PluginTable, Callback) {
const char *table_name = "QD_ENTRY_INFO";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int ret = maat_table_callback_register(g_maat_instance, table_name,
int ret = maat_table_callback_register(g_maat_instance, table_id,
maat_read_entry_start_cb,
maat_read_entry_cb,
maat_read_entry_finish_cb,
@@ -781,8 +791,9 @@ void ip_plugin_EX_dup_cb(int table_id, void **to, void **from, long argl, void *
TEST_F(IPPluginTable, EX_DATA) {
int ip_plugin_ex_data_counter = 0;
const char *table_name = "TEST_IP_PLUGIN_WITH_EXDATA";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int ret = maat_plugin_table_ex_schema_register(g_maat_instance, table_name,
int ret = maat_plugin_table_ex_schema_register(g_maat_instance, table_id,
ip_plugin_EX_new_cb,
ip_plugin_EX_free_cb,
ip_plugin_EX_dup_cb,
@@ -796,7 +807,7 @@ TEST_F(IPPluginTable, EX_DATA) {
EXPECT_EQ(ret, 1);
struct ip_plugin_ud *results[ARRAY_SIZE];
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv4,
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv4,
(void **)results, ARRAY_SIZE);
EXPECT_EQ(ret, 2);
EXPECT_EQ(results[0]->rule_id, 101);
@@ -812,7 +823,7 @@ TEST_F(IPPluginTable, EX_DATA) {
inet_pton(AF_INET6, "2001:db8:1234::5210", &(ipv6.ipv6));
memset(results, 0, sizeof(results));
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv6,
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv6,
(void**)results, ARRAY_SIZE);
EXPECT_EQ(ret, 2);
EXPECT_EQ(results[0]->rule_id, 104);
@@ -824,7 +835,7 @@ TEST_F(IPPluginTable, EX_DATA) {
//Reproduce BugReport-Liumengyan-20210515
inet_pton(AF_INET6, "240e:97c:4010:104::17", &(ipv6.ipv6));
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv6,
ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv6,
(void**)results, ARRAY_SIZE);
EXPECT_EQ(ret, 0);
}
@@ -846,9 +857,10 @@ TEST_F(VirtualTable, basic) {
size_t n_hit_result = 0;
struct maat_state *state = NULL;
const char *table_name = "HTTP_RESPONSE_KEYWORDS";
int table_id = maat_table_get_id(g_maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data, strlen(scan_data),
int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
EXPECT_EQ(n_hit_result, 0);
@@ -923,22 +935,26 @@ TEST_F(CompileTable, CompileEXData) {
struct maat_state *state = NULL;
const char *url = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg";
const char *table_name = "HTTP_URL_LITERAL";
const char *compile_table_name = "COMPILE";
const char *expect_name = "I have a name";
int table_id = maat_table_get_id(g_maat_instance, table_name);
int compile_table_id = maat_table_get_id(g_maat_instance, compile_table_name);
int ex_data_counter = 0;
int ex_param_idx = maat_compile_table_ex_schema_register(g_maat_instance, "COMPILE_ALIAS",
int ex_param_idx = maat_compile_table_ex_schema_register(g_maat_instance, compile_table_id,
compile_ex_param_new,
compile_ex_param_free,
compile_ex_param_dup,
0, &ex_data_counter);
ASSERT_TRUE(ex_param_idx>=0);
EXPECT_EQ(ex_data_counter, 1);
ASSERT_TRUE(ex_param_idx >= 0);
int ret = maat_scan_string(g_maat_instance, table_name, 0, url, strlen(url),
int ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url),
results, ARRAY_SIZE, &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
EXPECT_EQ(results[0], 141);
void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, table_name, 0, ex_param_idx);
void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, compile_table_id, results[0], ex_param_idx);
ASSERT_TRUE(ex_data!=NULL);
struct rule_ex_param *param = (struct rule_ex_param *)ex_data;
EXPECT_EQ(param->id, 7799);
@@ -997,7 +1013,7 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para)
int write_config_to_redis(char *redis_ip, int redis_port, int redis_db,
struct log_handle *logger)
{
char json_iris_path[128] = {0};
char json_iris_path[512] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
@@ -1033,7 +1049,7 @@ int write_config_to_redis(char *redis_ip, int redis_port, int redis_db,
}
size_t total_line_cnt = 0;
char tmp_iris_full_idx_path[128] = {0};
char tmp_iris_full_idx_path[PATH_MAX] = {0};
snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path);
config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL, &total_line_cnt, logger);

32
test/maat_input_mode_gtest.cpp
View File

@@ -12,8 +12,8 @@ const char *json_filename = "maat_json.json";
struct log_handle *g_logger = NULL;
TEST(json_mode, maat_scan_string) {
char tmp_iris_path[128] = {0};
char json_iris_path[128] = {0};
char tmp_iris_path[PATH_MAX] = {0};
char json_iris_path[PATH_MAX] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
if (access(json_iris_path, F_OK) < 0) {
@@ -29,7 +29,7 @@ TEST(json_mode, maat_scan_string) {
}
struct maat_options *opts = maat_options_new();
char json_path[128] = {0};
char json_path[PATH_MAX] = {0};
snprintf(json_path, sizeof(json_path), "./%s", json_filename);
maat_options_set_json_file(opts, json_path);
@@ -37,11 +37,12 @@ TEST(json_mode, maat_scan_string) {
EXPECT_TRUE(maat_instance != NULL);
const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[5] = {0};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data),
int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, sizeof(results), &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -53,8 +54,8 @@ TEST(json_mode, maat_scan_string) {
}
TEST(iris_mode, maat_scan_string) {
char tmp_iris_path[128] = {0};
char json_iris_path[128] = {0};
char tmp_iris_path[512] = {0};
char json_iris_path[512] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
if (access(json_iris_path, F_OK) < 0) {
@@ -69,8 +70,8 @@ TEST(iris_mode, maat_scan_string) {
EXPECT_NE(ret, -1);
}
char tmp_iris_full_idx_path[128] = {0};
char tmp_iris_inc_idx_path[128] = {0};
char tmp_iris_full_idx_path[PATH_MAX] = {0};
char tmp_iris_inc_idx_path[PATH_MAX] = {0};
snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path);
snprintf(tmp_iris_inc_idx_path, sizeof(tmp_iris_inc_idx_path), "%s/index", json_iris_path);
@@ -81,11 +82,12 @@ TEST(iris_mode, maat_scan_string) {
EXPECT_TRUE(maat_instance != NULL);
const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[5] = {0};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data),
int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, sizeof(results), &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -135,7 +137,8 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para)
buff[strlen(buff)-1]='\0';
}
maat_cmd_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, rule_id, table_name, buff, absolute_expire_time);
maat_cmd_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, rule_id, table_name,
buff, absolute_expire_time);
line_idx++;
FREE(str1);
@@ -143,7 +146,7 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para)
}
TEST(redis_mode, maat_scan_string) {
char json_iris_path[128] = {0};
char json_iris_path[512] = {0};
char redis_ip[64] = "127.0.0.1";
int redis_port = 6379;
int redis_db = 0;
@@ -170,7 +173,7 @@ TEST(redis_mode, maat_scan_string) {
}
size_t total_line_cnt = 0;
char tmp_iris_full_idx_path[128] = {0};
char tmp_iris_full_idx_path[PATH_MAX] = {0};
snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path);
config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL,
&total_line_cnt, g_logger);
@@ -201,11 +204,12 @@ TEST(redis_mode, maat_scan_string) {
struct maat *maat_instance = maat_new(opts, table_info_path);
const char *table_name = "KEYWORDS_TABLE";
int table_id = maat_table_get_id(maat_instance, table_name);
char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8";
int results[5] = {0};
size_t n_hit_result = 0;
struct maat_state *state = NULL;
int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data),
int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data),
results, sizeof(results), &n_hit_result, &state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
@@ -222,7 +226,7 @@ int main(int argc, char ** argv)
::testing::InitGoogleTest(&argc, argv);
g_logger = log_handle_create("./input_mode_gtest.log", 0);
char json_iris_path[128] = {0};
char json_iris_path[NAME_MAX] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename);
if ((access(json_iris_path, F_OK)) == 0) {
system_cmd_rmdir(json_iris_path);

1
test/maat_json.json
View File

@@ -682,7 +682,6 @@
"do_blacklist": 1,
"do_log": 1,
"user_region": "Something:I\\bhave\\ba\\bname,7799",
"table_name":"COMPILE_ALIAS",
"is_valid": "yes",
"groups": [
{

2
test/table_info.conf
View File

@@ -3,6 +3,7 @@
"table_id":0,
"table_name":"COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
@@ -194,6 +195,7 @@
"table_id":14,
"table_name":"COMPILE_ALIAS",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":4,
"custom": {
"compile_id":1,

6
tools/maat_redis_tool.cpp
View File

@@ -72,9 +72,9 @@ void read_rule_from_redis(redisContext *c, long long desire_version, const char
int update_type = MAAT_UPDATE_TYPE_INC;
long long version = 0;
const char *cur_table = NULL;
char foreign_files_dir[256] = {0};
char table_path[256] = {0};
char index_path[256] = {0};
char foreign_files_dir[NAME_MAX] = {0};
char table_path[PATH_MAX] = {0};
char index_path[PATH_MAX] = {0};
FILE *table_fp = NULL;
FILE *index_fp = NULL;
struct serial_rule *rule_list = NULL;