fix compile errors for adapting maat
This commit is contained in:
luwenpeng
@@ -1,7 +1,9 @@
|
||||
find_package(SYSTEMD REQUIRED)
|
||||
find_package(NFNETLINK REQUIRED)
|
||||
|
||||
add_executable(tfe src/acceptor_kni_v1.cpp src/acceptor_kni_v2.cpp src/acceptor_kni_v3.cpp src/acceptor_kni_v4.cpp src/ssl_stream.cpp src/key_keeper.cpp src/ssl_fetch_cert.cpp
|
||||
add_executable(tfe
|
||||
#src/acceptor_kni_v1.cpp src/acceptor_kni_v2.cpp src/acceptor_kni_v3.cpp
|
||||
src/acceptor_kni_v4.cpp src/ssl_stream.cpp src/key_keeper.cpp src/ssl_fetch_cert.cpp
|
||||
src/ssl_sess_cache.cpp src/ssl_sess_ticket.cpp src/ssl_service_cache.cpp
|
||||
src/ssl_trusted_cert_storage.cpp src/ev_root_ca_metadata.cpp src/ssl_utils.cpp
|
||||
src/tcp_stream.cpp src/main.cpp src/proxy.cpp src/sender_scm.cpp src/watchdog_kni.cpp src/watchdog_tfe.cpp src/ssl_ja3.cpp src/watchdog_3rd_device.cpp)
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
#include <event2/event.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <tfe_future.h>
|
||||
#include <uuid/uuid.h>
|
||||
|
||||
struct keyring
|
||||
{
|
||||
|
||||
@@ -137,14 +137,14 @@ struct tfe_proxy
|
||||
struct chaining_policy_enforcer *chain_ply_enforcer;
|
||||
struct key_keeper * key_keeper_handler;
|
||||
|
||||
unsigned int en_kni_v1_acceptor;
|
||||
unsigned int en_kni_v2_acceptor;
|
||||
unsigned int en_kni_v3_acceptor;
|
||||
unsigned int en_kni_v4_acceptor;
|
||||
//unsigned int en_kni_v1_acceptor;
|
||||
//unsigned int en_kni_v2_acceptor;
|
||||
//unsigned int en_kni_v3_acceptor;
|
||||
//unsigned int en_kni_v4_acceptor;
|
||||
|
||||
struct acceptor_kni_v1 * kni_v1_acceptor;
|
||||
struct acceptor_kni_v2 * kni_v2_acceptor;
|
||||
struct acceptor_kni_v3 * kni_v3_acceptor;
|
||||
//struct acceptor_kni_v1 * kni_v1_acceptor;
|
||||
//struct acceptor_kni_v2 * kni_v2_acceptor;
|
||||
//struct acceptor_kni_v3 * kni_v3_acceptor;
|
||||
struct acceptor_kni_v4 * kni_v4_acceptor;
|
||||
struct sender_scm * scm_sender;
|
||||
struct watchdog_kni * watchdog_kni;
|
||||
|
||||
@@ -692,7 +692,7 @@ static uchar* get_key_by_cert(X509* cert, const char *keyring_uuid_str, unsigned
|
||||
}
|
||||
char* key = ALLOC(char, HTABLE_MAX_KEY_LEN);
|
||||
memset(key, 0, HTABLE_MAX_KEY_LEN);
|
||||
snprintf(key, HTABLE_MAX_KEY_LEN, "%d:%d:", keyring_uuid_str, is_cert_valid);
|
||||
snprintf(key, HTABLE_MAX_KEY_LEN, "%s:%d:", keyring_uuid_str, is_cert_valid);
|
||||
strncat(key, cert_fingerprint, HTABLE_MAX_KEY_LEN);
|
||||
*len = strnlen(key, HTABLE_MAX_KEY_LEN);
|
||||
free(cert_fingerprint);
|
||||
|
||||
@@ -45,9 +45,9 @@
|
||||
#include <platform.h>
|
||||
#include <proxy.h>
|
||||
#include <tcp_stream.h>
|
||||
#include <acceptor_kni_v1.h>
|
||||
#include <acceptor_kni_v2.h>
|
||||
#include <acceptor_kni_v3.h>
|
||||
//#include <acceptor_kni_v1.h>
|
||||
//#include <acceptor_kni_v2.h>
|
||||
//#include <acceptor_kni_v3.h>
|
||||
#include <acceptor_kni_v4.h>
|
||||
#include <watchdog_kni.h>
|
||||
#include <watchdog_tfe.h>
|
||||
@@ -549,41 +549,46 @@ int tfe_stat_init(struct tfe_proxy * proxy, const char * profile)
|
||||
return 0;
|
||||
}
|
||||
|
||||
void tfe_proxy_acceptor_init(struct tfe_proxy * proxy, const char * profile)
|
||||
void tfe_proxy_acceptor_init(struct tfe_proxy *proxy, const char *profile)
|
||||
{
|
||||
MESA_load_profile_uint_def(profile, "system", "enable_kni_v1", &proxy->en_kni_v1_acceptor, 0);
|
||||
MESA_load_profile_uint_def(profile, "system", "enable_kni_v2", &proxy->en_kni_v2_acceptor, 0);
|
||||
#if 0
|
||||
MESA_load_profile_uint_def(profile, "system", "enable_kni_v1", &proxy->en_kni_v1_acceptor, 0);
|
||||
MESA_load_profile_uint_def(profile, "system", "enable_kni_v2", &proxy->en_kni_v2_acceptor, 0);
|
||||
MESA_load_profile_uint_def(profile, "system", "enable_kni_v3", &proxy->en_kni_v3_acceptor, 0);
|
||||
MESA_load_profile_uint_def(profile, "system", "enable_kni_v4", &proxy->en_kni_v4_acceptor, 0);
|
||||
|
||||
int ret = proxy->en_kni_v1_acceptor + proxy->en_kni_v2_acceptor + proxy->en_kni_v3_acceptor + proxy->en_kni_v4_acceptor;
|
||||
CHECK_OR_EXIT((ret == 1), "Invalid KNI acceptor. Exit.");
|
||||
|
||||
if (proxy->en_kni_v1_acceptor)
|
||||
{
|
||||
g_default_proxy->kni_v1_acceptor = acceptor_kni_v1_create(proxy, profile, proxy->logger);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v1_acceptor, "Failed at init KNIv1 acceptor. Exit. ");
|
||||
}
|
||||
if (proxy->en_kni_v1_acceptor)
|
||||
{
|
||||
g_default_proxy->kni_v1_acceptor = acceptor_kni_v1_create(proxy, profile, proxy->logger);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v1_acceptor, "Failed at init KNIv1 acceptor. Exit. ");
|
||||
}
|
||||
|
||||
if (proxy->en_kni_v2_acceptor)
|
||||
{
|
||||
g_default_proxy->kni_v2_acceptor = acceptor_kni_v2_create(g_default_proxy, profile, g_default_logger);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v2_acceptor, "Failed at init KNIv2 acceptor. Exit. ");
|
||||
}
|
||||
if (proxy->en_kni_v2_acceptor)
|
||||
{
|
||||
g_default_proxy->kni_v2_acceptor = acceptor_kni_v2_create(g_default_proxy, profile, g_default_logger);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v2_acceptor, "Failed at init KNIv2 acceptor. Exit. ");
|
||||
}
|
||||
|
||||
if (proxy->en_kni_v3_acceptor)
|
||||
{
|
||||
g_default_proxy->kni_v3_acceptor = acceptor_kni_v3_create(g_default_proxy, profile, g_default_logger);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v3_acceptor, "Failed at init KNIv3 acceptor. Exit. ");
|
||||
}
|
||||
{
|
||||
g_default_proxy->kni_v3_acceptor = acceptor_kni_v3_create(g_default_proxy, profile, g_default_logger);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v3_acceptor, "Failed at init KNIv3 acceptor. Exit. ");
|
||||
}
|
||||
|
||||
if (proxy->en_kni_v4_acceptor)
|
||||
{
|
||||
g_default_proxy->kni_v4_acceptor = acceptor_kni_v4_create(g_default_proxy, profile);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v4_acceptor, "Failed at init KNIv4 acceptor. Exit. ");
|
||||
}
|
||||
{
|
||||
g_default_proxy->kni_v4_acceptor = acceptor_kni_v4_create(g_default_proxy, profile);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v4_acceptor, "Failed at init KNIv4 acceptor. Exit. ");
|
||||
}
|
||||
#endif
|
||||
|
||||
return;
|
||||
g_default_proxy->kni_v4_acceptor = acceptor_kni_v4_create(g_default_proxy, profile);
|
||||
CHECK_OR_EXIT(g_default_proxy->kni_v4_acceptor, "Failed at init KNIv4 acceptor. Exit. ");
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
static void usage(char *cmd)
|
||||
@@ -732,7 +737,7 @@ int main(int argc, char * argv[])
|
||||
g_default_proxy->tcp_ply_enforcer = tcp_policy_enforcer_create(g_default_logger);
|
||||
CHECK_OR_EXIT(g_default_proxy->tcp_ply_enforcer != NULL, "Failed at creating tcp policy enforcer. Exit.");
|
||||
|
||||
g_default_proxy->ssl_ply_enforcer = ssl_policy_enforcer_create(g_default_logger);
|
||||
g_default_proxy->ssl_ply_enforcer = ssl_policy_enforcer_create();
|
||||
CHECK_OR_EXIT(g_default_proxy->ssl_ply_enforcer != NULL, "Failed at creating ssl policy enforcer. Exit.");
|
||||
|
||||
g_default_proxy->chain_ply_enforcer = chaining_policy_enforcer_create(g_default_logger);
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
#include <MESA/maat.h>
|
||||
#include <tfe_resource.h>
|
||||
#include <ssl_stream.h>
|
||||
#include <cjson/cJSON.h>
|
||||
|
||||
struct ssl_svc_ja3
|
||||
{
|
||||
@@ -138,7 +139,7 @@ static int ssl_svc_ja3_init()
|
||||
NULL) != 0)
|
||||
{
|
||||
TFE_LOG_ERROR(g_default_logger, "failed at Maat_plugin_EX_register(PXY_SSL_FINGERPRINT)");
|
||||
return -1
|
||||
return -1;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user