gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修正HTTP解析层丢失部分请求的问题,修正SSL Session Reuse回调函数段错误的问题

Browse Source 
* 修正HTTP解析层丢失部分请求的问题,原四层连接在第一次调open后,不会调data回调函数,现修正;
* 原实现只设置了SSL的user define ctx,没有设置SSL_CTX的user define ctx,现修正。
This commit is contained in:
Lu Qiuwen
2018-09-18 18:47:02 +08:00
parent 386fb486f5
commit 0f67ba1790
2 changed files with 77 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
platform/src/ssl_stream.cpp
View File

@@ -1033,7 +1033,8 @@ static SSL * downstream_ssl_create(struct ssl_mgr * mgr, struct keyring * crt)
SSL_CTX_set_session_cache_mode(sslctx, SSL_SESS_CACHE_SERVER | SSL_SESS_CACHE_NO_INTERNAL); SSL_CTX_set_session_cache_mode(sslctx, SSL_SESS_CACHE_SERVER | SSL_SESS_CACHE_NO_INTERNAL);
SSL_CTX_set_session_id_context(sslctx, (const unsigned char *) mgr->ssl_session_context, SSL_CTX_set_session_id_context(sslctx, (const unsigned char *) mgr->ssl_session_context,
sizeof(mgr->ssl_session_context)); sizeof(mgr->ssl_session_context));
ret = SSL_CTX_set_ex_data(sslctx, SSL_EX_DATA_IDX_SSLMGR, mgr);
assert(ret == 1);
if (mgr->dh) if (mgr->dh)
{ {
SSL_CTX_set_tmp_dh(sslctx, mgr->dh); SSL_CTX_set_tmp_dh(sslctx, mgr->dh);

77
platform/src/tcp_stream.cpp
View File

@@ -1,5 +1,6 @@
#include <netinet/in.h> #include <netinet/in.h>
#include <sys/socket.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
@@ -337,10 +338,15 @@ static void __stream_bev_readcb(struct bufferevent * bev, void * arg)
if (_stream->is_plugin_opened == 0) if (_stream->is_plugin_opened == 0)
{ {
p_info_iter->on_open(&_stream->head, _stream->thread_ref->thread_id, dir, &(plug_ctx->pme)); if (p_info_iter->on_open != NULL)
{
p_info_iter->on_open(&_stream->head, _stream->thread_ref->thread_id, dir, &(plug_ctx->pme));
}
_stream->is_plugin_opened = 1; _stream->is_plugin_opened = 1;
} }
else
if (p_info_iter->on_data != NULL)
{ {
action_tmp = p_info_iter->on_data(&_stream->head, _stream->thread_ref->thread_id, action_tmp = p_info_iter->on_data(&_stream->head, _stream->thread_ref->thread_id,
dir, contiguous_data, contigous_len, &(plug_ctx->pme)); dir, contiguous_data, contigous_len, &(plug_ctx->pme));
@@ -634,6 +640,67 @@ void tfe_stream_destory(struct tfe_stream_private * stream)
thread->load--; thread->load--;
} }
static struct tfe_stream_addr * __stream_addr_create_by_fds(struct tfe_stream * stream, evutil_socket_t fd_downstream)
{
struct tfe_stream_addr * __stream_addr = NULL;
struct sockaddr_storage sk_src_storage{};
struct sockaddr * sk_src_ptr = (struct sockaddr *) &sk_src_storage;
socklen_t sk_src_len = sizeof(sk_src_storage);
struct sockaddr_storage sk_dst_storage{};
struct sockaddr * sk_dst_ptr = (struct sockaddr *) &sk_dst_storage;
socklen_t sk_dst_len = sizeof(sk_dst_storage);
int ret = getsockname(fd_downstream, sk_src_ptr, &sk_src_len);
if (unlikely(ret < 0))
{
TFE_STREAM_LOG_ERROR(stream, "Failed at calling getsockaddr() for fd %d : %s", fd_downstream, strerror(errno));
goto __errout;
}
ret = getpeername(fd_downstream, sk_dst_ptr, &sk_dst_len);
if (unlikely(ret < 0))
{
TFE_STREAM_LOG_ERROR(stream, "Failed at calling getpeername() for fd %d : %s", fd_downstream, strerror(errno));
goto __errout;
}
assert(sk_src_ptr->sa_family == sk_dst_ptr->sa_family);
if (sk_src_ptr->sa_family == AF_INET)
{
__stream_addr = (struct tfe_stream_addr *) malloc(
sizeof(struct tfe_stream_addr) + sizeof(struct tfe_stream_addr_tuple4_v4));
struct tfe_stream_addr_ipv4 * st_addr_v4 = __stream_addr->ipv4;
struct sockaddr_in * sk_v4_src_ptr = (struct sockaddr_in *)sk_src_ptr;
struct sockaddr_in * sk_v4_dst_ptr = (struct sockaddr_in *)sk_dst_ptr;
__stream_addr->addrtype = TFE_ADDR_STREAM_TUPLE4_V4;
__stream_addr->addrlen = sizeof(struct tfe_stream_addr_tuple4_v4);
st_addr_v4->saddr.s_addr = sk_v4_src_ptr->sin_addr.s_addr;
st_addr_v4->source = sk_v4_src_ptr->sin_port;
st_addr_v4->daddr.s_addr = sk_v4_dst_ptr->sin_addr.s_addr;
st_addr_v4->dest = sk_v4_dst_ptr->sin_port;
}
else if (sk_src_ptr->sa_family == AF_INET6)
{
assert(0);
}
else
{
TFE_STREAM_LOG_ERROR(stream, "Invalid sockaddr family for fd %d: sa_family is %d.",
fd_downstream, sk_src_ptr->sa_family); goto __errout;
}
return __stream_addr;
__errout:
if (__stream_addr != NULL) free(__stream_addr);
return NULL;
}
void tfe_stream_init_by_fds(struct tfe_stream * stream, evutil_socket_t fd_downstream, evutil_socket_t fd_upstream) void tfe_stream_init_by_fds(struct tfe_stream * stream, evutil_socket_t fd_downstream, evutil_socket_t fd_upstream)
{ {
struct tfe_stream_private * _stream = container_of(stream, struct tfe_stream_private, head); struct tfe_stream_private * _stream = container_of(stream, struct tfe_stream_private, head);
@@ -645,6 +712,12 @@ void tfe_stream_init_by_fds(struct tfe_stream * stream, evutil_socket_t fd_downs
evutil_make_socket_nonblocking(fd_downstream); evutil_make_socket_nonblocking(fd_downstream);
evutil_make_socket_nonblocking(fd_upstream); evutil_make_socket_nonblocking(fd_upstream);
_stream->head.addr = __stream_addr_create_by_fds(stream, fd_downstream);
if(unlikely(_stream->head.addr == NULL))
{
assert(0);
}
if (_stream->session_type == STREAM_PROTO_PLAIN) if (_stream->session_type == STREAM_PROTO_PLAIN)
{ {
_stream->conn_downstream = __conn_private_create_by_fd(_stream, fd_downstream); _stream->conn_downstream = __conn_private_create_by_fd(_stream, fd_downstream);