TSG-1280 修改 decryption profile 功能的接口
This commit is contained in:
luwenpeng
@@ -277,30 +277,26 @@ void profile_param_free(struct decryption_param* param)
|
||||
}
|
||||
void profile_param_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
|
||||
{
|
||||
int i;
|
||||
int ret=0;
|
||||
size_t offset[3]={0} , len[3]={0};
|
||||
char* json_str[3]={NULL};
|
||||
cJSON *json[3]={NULL}, *exclusions=NULL, *cert_verify=NULL, *approach=NULL, *ssl_ver=NULL, *item=NULL;
|
||||
size_t offset=0, len=0;
|
||||
char* json_str=NULL;
|
||||
cJSON *json=NULL, *exclusions=NULL, *cert_verify=NULL, *approach=NULL, *ssl_ver=NULL, *item=NULL;
|
||||
struct decryption_param* param=NULL;
|
||||
struct ssl_policy_enforcer* enforcer=(struct ssl_policy_enforcer*)argp;
|
||||
|
||||
for (i=0; i<3; i++)
|
||||
ret=Maat_helper_read_column(table_line, 3, &offset, &len);
|
||||
if(ret<0)
|
||||
{
|
||||
ret=Maat_helper_read_column(table_line, i+3, &offset[i], &len[i]);
|
||||
if(ret<0)
|
||||
{
|
||||
TFE_LOG_ERROR(enforcer->logger, "Get decryption param: %s", table_line);
|
||||
goto error_out;
|
||||
}
|
||||
json_str[i]=ALLOC(char, len[i]+1);
|
||||
memcpy(json_str[i], table_line+offset[i], len[i]);
|
||||
json[i]=cJSON_Parse(json_str[i]);
|
||||
if(json[i]==NULL)
|
||||
{
|
||||
TFE_LOG_ERROR(enforcer->logger, "Invalid decryption parameter: %s", table_line);
|
||||
goto error_out;
|
||||
}
|
||||
TFE_LOG_ERROR(enforcer->logger, "Get decryption param: %s", table_line);
|
||||
goto error_out;
|
||||
}
|
||||
json_str=ALLOC(char, len+1);
|
||||
memcpy(json_str, table_line+offset, len);
|
||||
json=cJSON_Parse(json_str);
|
||||
if(json==NULL)
|
||||
{
|
||||
TFE_LOG_ERROR(enforcer->logger, "Invalid decryption parameter: %s", table_line);
|
||||
goto error_out;
|
||||
}
|
||||
|
||||
param=ALLOC(struct decryption_param, 1);
|
||||
@@ -309,7 +305,7 @@ void profile_param_new_cb(int table_id, const char* key, const char* table_line,
|
||||
param->bypass_pinning=1;
|
||||
param->mirror_client_version=1;
|
||||
|
||||
exclusions=cJSON_GetObjectItem(json[0], "dynamic_bypass");
|
||||
exclusions=cJSON_GetObjectItem(json, "dynamic_bypass");
|
||||
if(exclusions)
|
||||
{
|
||||
item=cJSON_GetObjectItem(exclusions, "ev_cert");
|
||||
@@ -324,7 +320,7 @@ void profile_param_new_cb(int table_id, const char* key, const char* table_line,
|
||||
if(item && item->type==cJSON_Number) param->bypass_protocol_errors=item->valueint;
|
||||
|
||||
}
|
||||
ssl_ver=cJSON_GetObjectItem(json[1], "protocol_version");
|
||||
ssl_ver=cJSON_GetObjectItem(json, "protocol_version");
|
||||
if(ssl_ver)
|
||||
{
|
||||
item=cJSON_GetObjectItem(ssl_ver, "mirror_client");
|
||||
@@ -344,7 +340,7 @@ void profile_param_new_cb(int table_id, const char* key, const char* table_line,
|
||||
item=cJSON_GetObjectItem(ssl_ver, "allow_http2");
|
||||
if(item && item->type==cJSON_Number) param->allow_http2=item->valueint;
|
||||
}
|
||||
cert_verify=cJSON_GetObjectItem(json[2], "certificate_checks");
|
||||
cert_verify=cJSON_GetObjectItem(json, "certificate_checks");
|
||||
if(cert_verify)
|
||||
{
|
||||
approach=cJSON_GetObjectItem(cert_verify, "approach");
|
||||
@@ -370,15 +366,12 @@ void profile_param_new_cb(int table_id, const char* key, const char* table_line,
|
||||
}
|
||||
|
||||
*ad=param;
|
||||
TFE_LOG_INFO(enforcer->logger, "decryption profile key=%s, value=%s, %s, %s", key, json_str[0], json_str[1], json_str[2]);
|
||||
TFE_LOG_INFO(enforcer->logger, "decryption profile key=%s, value=%s", key, json_str);
|
||||
error_out:
|
||||
for (i=0; i<3; i++)
|
||||
{
|
||||
if (json[i])
|
||||
cJSON_Delete(json[i]);
|
||||
if (json_str[i])
|
||||
free(json_str[i]);
|
||||
}
|
||||
if (json)
|
||||
cJSON_Delete(json);
|
||||
if (json_str)
|
||||
free(json_str);
|
||||
return;
|
||||
}
|
||||
struct ssl_policy_enforcer* ssl_policy_enforcer_create(void* logger)
|
||||
|
||||
Reference in New Issue
Block a user