From 021500f42aeefa6af849702cb99e1af49cfb9eeb Mon Sep 17 00:00:00 2001
From: fengweihao <fengweihao@iie.ac.cn>
Date: Thu, 5 Sep 2019 16:45:26 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9hijack,=E5=BD=93=E6=9C=AA?=
 =?UTF-8?q?=E5=AE=9A=E4=B9=89=E6=96=87=E4=BB=B6=E5=90=8D=E6=97=B6=EF=BC=8C?=
 =?UTF-8?q?=E8=AF=BB=E5=8F=96Content-Disposition=E5=80=BC=E5=88=9D?=
 =?UTF-8?q?=E5=A7=8B=E5=8C=96=E6=96=87=E4=BB=B6=E5=90=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 plugin/business/pangu-http/src/pangu_http.cpp | 93 +++++++++++--------
 1 file changed, 55 insertions(+), 38 deletions(-)

diff --git a/plugin/business/pangu-http/src/pangu_http.cpp b/plugin/business/pangu-http/src/pangu_http.cpp
index ca7f85f..691e6b9 100644
--- a/plugin/business/pangu-http/src/pangu_http.cpp
+++ b/plugin/business/pangu-http/src/pangu_http.cpp
@@ -1647,8 +1647,9 @@ static void http_hijack(const struct tfe_http_session * session, enum tfe_http_e
 {
 	struct policy_action_param *param = ctx->param;
 	struct tfe_http_half * response = NULL;
+	struct tfe_http_session * to_write_sess = NULL;
 
-	if (param->profile_id <= 0 || !(events & EV_HTTP_RESP_HDR || tfe_http_in_request(events)))
+	if (param->profile_id <= 0)
 	{
 		TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid hijack rule %d",
 		ctx->enforce_rules[0].config_id);
@@ -1656,48 +1657,64 @@ static void http_hijack(const struct tfe_http_session * session, enum tfe_http_e
 		return;
 	}
 
-	struct manipulate_profile* hijack_profile=get_profile_by_id(POLICY_PROFILE_TABLE_HIJACK, param->profile_id);
-	if (NULL == hijack_profile)
-	{
-		TFE_LOG_ERROR(g_pangu_rt->local_logger, "get table obj faild, profile_id = %d", param->profile_id);
-		ctx->action = PG_ACTION_NONE;
+	if (tfe_http_in_request(events))
+	{		
 		return;
 	}
 
-	char * hijack_buff=NULL; size_t hijack_size=0;
-
-	hijack_buff = execute_read_file(hijack_profile->profile_msg, &hijack_size);
-	if (NULL == hijack_buff){
-		TFE_LOG_ERROR(g_pangu_rt->local_logger, "read hijack file faild, path = %s", hijack_profile->profile_msg);
-		ctx->action = PG_ACTION_NONE;
-		return;
-	}
-
-	struct tfe_http_session * to_write_sess = NULL;
-	char cont_len_str[16];
-
-	to_write_sess = tfe_http_session_allow_write(session);
-	response = tfe_http_session_response_create(to_write_sess, 200);
-
-	if (0!=strcasecmp(hijack_profile->profile_name, "null"))
+	if(events & EV_HTTP_RESP_HDR)
 	{
-		int hijack_file_len = strlen(hijack_profile->profile_name)+strlen("filename=\"\"")+1;
-		char *hijack_file_name = ALLOC(char, hijack_file_len);
-		snprintf(hijack_file_name, hijack_file_len, "filename=\"%s\"", hijack_profile->profile_name);
-		tfe_http_nonstd_field_write(response, "Content-Disposition", hijack_file_name);
-		FREE(&hijack_file_name);
+		struct manipulate_profile* hijack_profile=get_profile_by_id(POLICY_PROFILE_TABLE_HIJACK, param->profile_id);
+		if (NULL == hijack_profile)
+		{
+			TFE_LOG_ERROR(g_pangu_rt->local_logger, "get table obj faild, profile_id = %d", param->profile_id);
+			ctx->action = PG_ACTION_NONE;
+			return;
+		}
+
+		char * hijack_buff=NULL; size_t hijack_size=0;
+
+		hijack_buff = execute_read_file(hijack_profile->profile_msg, &hijack_size);
+		if (NULL == hijack_buff){
+			TFE_LOG_ERROR(g_pangu_rt->local_logger, "read hijack file faild, path = %s", hijack_profile->profile_msg);
+			ctx->action = PG_ACTION_NONE;
+			return;
+		}
+
+		char cont_len_str[16];
+
+		to_write_sess = tfe_http_session_allow_write(session);
+		response = tfe_http_session_response_create(to_write_sess, 200);
+
+		if (0!=strcasecmp(hijack_profile->profile_name, "null"))
+		{
+			int hijack_file_len = strlen(hijack_profile->profile_name)+strlen("filename=\"\"")+1;
+			char *hijack_file_name = ALLOC(char, hijack_file_len);
+			snprintf(hijack_file_name, hijack_file_len, "filename=\"%s\"", hijack_profile->profile_name);
+			tfe_http_nonstd_field_write(response, "Content-Disposition", hijack_file_name);
+			FREE(&hijack_file_name);
+		}
+		const char* cont_disposition_val=tfe_http_std_field_read(to_write_sess->resp, TFE_HTTP_CONT_DISPOSITION);
+		if (cont_disposition_val != NULL)
+		{		
+			tfe_http_std_field_write(response, TFE_HTTP_CONT_DISPOSITION, cont_disposition_val);
+		}	
+		tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, hijack_profile->profile_type);
+		snprintf(cont_len_str, sizeof(cont_len_str), "%lu", hijack_size);
+		tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str);
+
+		tfe_http_half_append_body(response, hijack_buff, hijack_size, 0);
+		tfe_http_half_append_body(response, NULL, 0, 0);
+		tfe_http_session_response_set(to_write_sess, response);
+		tfe_http_session_detach(session);
+		ma_profile_table_free(hijack_profile);
+		hijack_profile = NULL;
+	}
+	else
+	{
+		to_write_sess = tfe_http_session_allow_write(session);
+		tfe_http_session_kill(to_write_sess);
 	}
-
-	tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, hijack_profile->profile_type);
-	snprintf(cont_len_str, sizeof(cont_len_str), "%lu", hijack_size);
-	tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str);
-
-	tfe_http_half_append_body(response, hijack_buff, hijack_size, 0);
-	tfe_http_half_append_body(response, NULL, 0, 0);
-	tfe_http_session_response_set(to_write_sess, response);
-	tfe_http_session_detach(session);
-	ma_profile_table_free(hijack_profile);
-	hijack_profile = NULL;
 
 	return;
 }