gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

适配控制报文格式修改

Browse Source
This commit is contained in:
wangmenglan
2023-11-16 19:34:43 +08:00
parent a63b66fe14
commit 30922a45a8
2 changed files with 51 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/include/tfe_ctrl_packet.h
View File

@@ -39,6 +39,8 @@ struct ctrl_pkt_parser
// 0x01 is_single // 0x01 is_single
// 0x02 is_tunnel // 0x02 is_tunnel
uint8_t intercpet_data; uint8_t intercpet_data;
uint8_t wsacle_client_flag;
uint8_t wsacle_server_flag;
}; };
const char *session_state_to_string(enum session_state state); const char *session_state_to_string(enum session_state state);

79
common/src/tfe_ctrl_packet.cpp
View File

@@ -42,6 +42,8 @@ enum {
enum { enum {
MPACK_VAR_FLAG, MPACK_VAR_FLAG,
MPACK_VAR_WSACLE_CLIENT_FLAG,
MPACK_VAR_WSACLE_SERVER_FLAG,
MPACK_VAR_MAX, MPACK_VAR_MAX,
}; };
@@ -58,35 +60,37 @@ struct mpack_mmap_id2type
{.id = 1, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_ACK, .str_name = "TFE_CMSG_TCP_RESTORE_ACK", .size = 4}, {.id = 1, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_ACK, .str_name = "TFE_CMSG_TCP_RESTORE_ACK", .size = 4},
{.id = 2, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_MSS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_CLIENT", .size = 2}, {.id = 2, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_MSS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_CLIENT", .size = 2},
{.id = 3, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_MSS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_SERVER", .size = 2}, {.id = 3, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_MSS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_MSS_SERVER", .size = 2},
{.id = 4, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT", .size = 1}, {.id = 4, .mode = VARIABLE_MODE, .type = MPACK_VAR_WSACLE_CLIENT_FLAG, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT_FLAG", .size = 1},
{.id = 5, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WSACLE_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_SERVER", .size = 1}, {.id = 5, .mode = VARIABLE_MODE, .type = MPACK_VAR_WSACLE_SERVER_FLAG, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_SERVER_FLAG", .size = 1},
{.id = 6, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_SACK_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_CLIENT", .size = 1}, {.id = 6, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT", .size = 1},
{.id = 7, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_SACK_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_SERVER", .size = 1}, {.id = 7, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WSACLE_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WSACLE_SERVER", .size = 1},
{.id = 8, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT", .size = 1}, {.id = 8, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_SACK_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_CLIENT", .size = 1},
{.id = 9, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER", .size = 1}, {.id = 9, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_SACK_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_SACK_SERVER", .size = 1},
{.id = 10, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_PROTOCOL, .str_name = "TFE_CMSG_TCP_RESTORE_PROTOCOL", .size = 1}, {.id = 10, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT", .size = 1},
{.id = 11, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT", .size = 2}, {.id = 11, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER", .size = 1},
{.id = 12, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WINDOW_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_SERVER", .size = 2}, {.id = 12, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_PROTOCOL, .str_name = "TFE_CMSG_TCP_RESTORE_PROTOCOL", .size = 1},
{.id = 13, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL", .size = 4}, {.id = 13, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT", .size = 2},
{.id = 14, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL", .size = 4}, {.id = 14, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WINDOW_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_SERVER", .size = 2},
{.id = 15, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1}, {.id = 15, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL", .size = 4},
{.id = 16, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256}, {.id = 16, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL", .size = 4},
{.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256}, {.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1},
{.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN, .str_name = "TFE_CMSG_SRC_ASN", .size = 64}, {.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256},
{.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN, .str_name = "TFE_CMSG_DST_ASN", .size = 64}, {.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256},
{.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ORGANIZATION, .str_name = "TFE_CMSG_SRC_ORGANIZATION", .size = 256}, {.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN, .str_name = "TFE_CMSG_SRC_ASN", .size = 64},
{.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ORGANIZATION, .str_name = "TFE_CMSG_DST_ORGANIZATION", .size = 256}, {.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN, .str_name = "TFE_CMSG_DST_ASN", .size = 64},
{.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IP_LOCATION, .str_name = "TFE_CMSG_SRC_IP_LOCATION", .size = 1024}, {.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ORGANIZATION, .str_name = "TFE_CMSG_SRC_ORGANIZATION", .size = 256},
{.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_IP_LOCATION, .str_name = "TFE_CMSG_DST_IP_LOCATION", .size = 1024}, {.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ORGANIZATION, .str_name = "TFE_CMSG_DST_ORGANIZATION", .size = 256},
{.id = 24, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32}, {.id = 24, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IP_LOCATION, .str_name = "TFE_CMSG_SRC_IP_LOCATION", .size = 1024},
{.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_FQDN_IDS, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4}, {.id = 25, .mode = CMSG_MODE, .type = TFE_CMSG_DST_IP_LOCATION, .str_name = "TFE_CMSG_DST_IP_LOCATION", .size = 1024},
{.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2}, {.id = 26, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32},
{.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2}, {.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_FQDN_IDS, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4},
{.id = 28, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_ROUTE_CTX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1}, {.id = 28, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2},
{.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_ROUTE_CTX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1}, {.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2},
{.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_PKG_HEADER, .str_name = "TFE_SEQ_PKG_HEADER", .size = 1}, {.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_ROUTE_CTX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1},
{.id = 31, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_PKG_HEADER, .str_name = "TFE_ACK_PKG_HEADER", .size = 1}, {.id = 31, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_ROUTE_CTX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1},
{.id = 32, .mode = VARIABLE_MODE, .type = MPACK_VAR_FLAG, .str_name = "TFE_FLAG", .size = 1} {.id = 32, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_PKG_HEADER, .str_name = "TFE_SEQ_PKG_HEADER", .size = 1},
{.id = 33, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_PKG_HEADER, .str_name = "TFE_ACK_PKG_HEADER", .size = 1},
{.id = 34, .mode = VARIABLE_MODE, .type = MPACK_VAR_FLAG, .str_name = "TFE_FLAG", .size = 1}
}; };
extern void * g_packet_io_logger; extern void * g_packet_io_logger;
@@ -165,6 +169,12 @@ static void mpack_parse_uint(struct ctrl_pkt_parser *handler, mpack_node_t node,
switch(mode) { switch(mode) {
case CMSG_MODE: case CMSG_MODE:
if (mpack_table[table_index].type == TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT && handler->wsacle_client_flag == 0)
break;
if (mpack_table[table_index].type == TFE_CMSG_TCP_RESTORE_WSACLE_SERVER && handler->wsacle_server_flag == 0)
break;
value = mpack_node_u64(node); value = mpack_node_u64(node);
tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[table_index].type, (const unsigned char *)&value, mpack_table[table_index].size); tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[table_index].type, (const unsigned char *)&value, mpack_table[table_index].size);
break; break;
@@ -172,6 +182,12 @@ static void mpack_parse_uint(struct ctrl_pkt_parser *handler, mpack_node_t node,
if (mpack_table[table_index].type == MPACK_VAR_FLAG) { if (mpack_table[table_index].type == MPACK_VAR_FLAG) {
handler->intercpet_data = mpack_node_u8(node); handler->intercpet_data = mpack_node_u8(node);
} }
else if (mpack_table[table_index].type == MPACK_VAR_WSACLE_CLIENT_FLAG) {
handler->wsacle_client_flag = mpack_node_u8(node);
}
else if (mpack_table[table_index].type == MPACK_VAR_WSACLE_SERVER_FLAG) {
handler->wsacle_server_flag = mpack_node_u8(node);
}
break; break;
} }
return; return;
@@ -255,6 +271,7 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node,
static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger) static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger)
{ {
int ret = 0; int ret = 0;
uint64_t tfe_policy_max_id = 0;
struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx; struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx;
if (mpack_node_is_nil(mpack_node_map_cstr(node, "rule_ids"))) if (mpack_node_is_nil(mpack_node_map_cstr(node, "rule_ids")))
@@ -265,10 +282,12 @@ static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger)
handler->tfe_policy_id_num = mpack_node_array_length(mpack_node_map_cstr(node, "rule_ids")); handler->tfe_policy_id_num = mpack_node_array_length(mpack_node_map_cstr(node, "rule_ids"));
for (int i = 0; i < handler->tfe_policy_id_num; i++) { for (int i = 0; i < handler->tfe_policy_id_num; i++) {
handler->tfe_policy_ids[i] = mpack_node_u64(mpack_node_array_at(mpack_node_map_cstr(node, "rule_ids"), i)); handler->tfe_policy_ids[i] = mpack_node_u64(mpack_node_array_at(mpack_node_map_cstr(node, "rule_ids"), i));
if (tfe_policy_max_id < handler->tfe_policy_ids[i])
tfe_policy_max_id = handler->tfe_policy_ids[i];
} }
if (handler->tfe_policy_id_num) { if (handler->tfe_policy_id_num) {
tfe_cmsg_set(handler->cmsg, TFE_CMSG_POLICY_ID, (const unsigned char *)&handler->tfe_policy_ids[0], sizeof(uint64_t)); tfe_cmsg_set(handler->cmsg, TFE_CMSG_POLICY_ID, (const unsigned char *)&tfe_policy_max_id, sizeof(uint64_t));
} }
mpack_node_t tcp_handshake = mpack_node_map_cstr(node, "tcp_handshake"); mpack_node_t tcp_handshake = mpack_node_map_cstr(node, "tcp_handshake");