gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改文件编码

Browse Source
This commit is contained in:
wangmenglan
2023-04-24 10:48:40 +08:00
parent 11a46269f1
commit 8a7c196c20
18 changed files with 1588 additions and 1194 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
cache/src/tango_cache_client.cpp vendored
View File

@@ -47,7 +47,7 @@ void caculate_sha256(const char *data, unsigned long len, char *result, u_int32_
SHA256_Update(&c, data, len);
SHA256_Final(sha256, &c);
length = (size > 64)?32:(size-1)/2; //Ԥ<><D4A4>һ<EFBFBD><D2BB><EFBFBD>ռ<EFBFBD>
length = (size > 64)?32:(size-1)/2; //Ԥ<><D4A4>һ<EFBFBD><D2BB><EFBFBD>ռ<EFBFBD>
for(u_int32_t i=0; i<length; i++)
{
sprintf(result + i*2, "%02x", sha256[i]);
@@ -192,7 +192,7 @@ void easy_string_savedata(struct easy_string *estr, const char *data, size_t len
estr->buff[estr->len]='\0';
}
//callback: <20>Ƿ<EFBFBD><C7B7><EFBFBD>ûص<C3BB><D8B5><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ҪΪ<D2AA><CEAA><EFBFBD>ֱ<EFBFBD>ӵ<EFBFBD><D3B5><EFBFBD>APIʱʧ<CAB1>ܣ<EFBFBD><DCA3><EFBFBD><EFBFBD>ٵ<EFBFBD><D9B5>ûص<C3BB><D8B5><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͨ<EFBFBD><CDA8><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ֵ<EFBFBD>ж<EFBFBD>
//callback: <20>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD>ûص<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ҪΪ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>ֱ<EFBFBD>ӵ<EFBFBD><EFBFBD><EFBFBD>APIʱʧ<EFBFBD>ܣ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>ٵ<EFBFBD><EFBFBD>ûص<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͨ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ֵ<EFBFBD>ж<EFBFBD>
void tango_cache_ctx_destroy(struct tango_cache_ctx *ctx, bool callback)
{
struct multipart_etag_list *etag;
@@ -255,7 +255,7 @@ void tango_cache_ctx_destroy(struct tango_cache_ctx *ctx, bool callback)
free(ctx);
}
//<2F>ж<EFBFBD>session<6F>Ƿ񳬹<C7B7><F1B3ACB9><EFBFBD><EFBFBD>ƣ<EFBFBD><C6A3><EFBFBD><EFBFBD><EFBFBD>ȡ<EFBFBD><C8A1>ʼ<EFBFBD><CABC><EFBFBD>ж<EFBFBD>where_to_get<65>Ƿ<EFBFBD>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD>MINIO<49><4F>
//<2F>ж<EFBFBD>session<6F>Ƿ񳬹<C7B7><F1B3ACB9><EFBFBD><EFBFBD>ƣ<EFBFBD><C6A3><EFBFBD><EFBFBD><EFBFBD>ȡ<EFBFBD><C8A1>ʼ<EFBFBD><CABC><EFBFBD>ж<EFBFBD>where_to_get<65>Ƿ<EFBFBD>ȫ<EFBFBD><C8AB><EFBFBD><EFBFBD>MINIO<49><4F>
bool sessions_exceeds_limit(struct tango_cache_instance *instance, enum OBJECT_LOCATION where_to_get)
{
if(where_to_get == OBJECT_IN_HOS)
@@ -269,7 +269,7 @@ bool sessions_exceeds_limit(struct tango_cache_instance *instance, enum OBJECT_L
}
//<2F><><EFBFBD><EFBFBD><EFBFBD>ϴ<EFBFBD>API<50><49>ʹ<EFBFBD><CAB9>ctx<74><78>evbuffer<65><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>޷<EFBFBD><DEB7><EFBFBD><EFBFBD><EFBFBD>ctx<74><78>ȡ<EFBFBD><C8A1><EFBFBD><EFBFBD>
//<2F><><EFBFBD><EFBFBD><EFBFBD>ϴ<EFBFBD>API<50><49>ʹ<EFBFBD><CAB9>ctx<74><78>evbuffer<65><72><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>޷<EFBFBD><DEB7><EFBFBD><EFBFBD><EFBFBD>ctx<74><78>ȡ<EFBFBD><C8A1><EFBFBD><EFBFBD>
enum OBJECT_LOCATION tango_cache_object_locate(struct tango_cache_instance *instance, size_t object_size)
{
if(instance->param->fsstatid_trig)
@@ -340,7 +340,7 @@ int tango_cache_update_frag_data(struct tango_cache_ctx *ctx, const char *data,
{
if(ctx->fail_state)
{
return 0; //TODO: <20><>ʱ<EFBFBD><CAB1><EFBFBD>Է<EFBFBD><D4B7><EFBFBD>ֵ!!
return 0; //TODO: <20><>ʱ<EFBFBD><CAB1><EFBFBD>Է<EFBFBD><D4B7><EFBFBD>ֵ!!
}
if(evbuffer_add(ctx->put.evbuf, data, size))
{
@@ -362,7 +362,7 @@ int tango_cache_update_frag_evbuf(struct tango_cache_ctx *ctx, enum EVBUFFER_COP
if(ctx->fail_state)
{
return 0;//TODO: <20><>ʱ<EFBFBD><CAB1><EFBFBD>Է<EFBFBD><D4B7><EFBFBD>ֵ!!
return 0;//TODO: <20><>ʱ<EFBFBD><CAB1><EFBFBD>Է<EFBFBD><D4B7><EFBFBD>ֵ!!
}
size = evbuffer_get_length(evbuf);
@@ -424,7 +424,7 @@ struct tango_cache_ctx *tango_cache_update_prepare(struct tango_cache_instance *
{
snprintf(ctx->object_key, 256, "%s/%c%c_%c%c_%s", instance->param->bucketname, buffer[0], buffer[1], buffer[2], buffer[3], buffer+4);
}
//<2F><><EFBFBD><EFBFBD>ԭʼURL
//<2F><><EFBFBD><EFBFBD>ԭʼURL
snprintf(buffer, 2064, "x-amz-meta-url: %s", meta->url);
ctx->headers = curl_slist_append(ctx->headers, buffer);
}
@@ -441,7 +441,7 @@ struct tango_cache_ctx *tango_cache_update_prepare(struct tango_cache_instance *
return NULL;
}
//Expires<65>ֶΣ<D6B6><CEA3><EFBFBD><EFBFBD>ڻ<EFBFBD><DABB><EFBFBD><EFBFBD>ڲ<EFBFBD><DAB2>ж<EFBFBD><D0B6><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD>ʱ
//Expires<65>ֶΣ<D6B6><CEA3><EFBFBD><EFBFBD>ڻ<EFBFBD><DABB><EFBFBD><EFBFBD>ڲ<EFBFBD><DAB2>ж<EFBFBD><D0B6><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><EFBFBD><EFBFBD>ʱ
now = time(NULL);
expires = (meta->put.timeout==0||meta->put.timeout>instance->param->relative_ttl)?instance->param->relative_ttl:meta->put.timeout;
if(expires_timestamp2hdr_str(now + expires, buffer, 256))
@@ -449,7 +449,7 @@ struct tango_cache_ctx *tango_cache_update_prepare(struct tango_cache_instance *
ctx->headers = curl_slist_append(ctx->headers, buffer);
}
ctx->put.object_ttl = expires;
//Last-Modify<66>ֶΣ<D6B6><CEA3><EFBFBD><EFBFBD><EFBFBD>GETʱ<54>ж<EFBFBD><D0B6>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD>
//Last-Modify<66>ֶΣ<D6B6><CEA3><EFBFBD><EFBFBD><EFBFBD>GETʱ<54>ж<EFBFBD><D0B6>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD>
last_modify = (meta->put.date > meta->put.last_modified)?meta->put.date:meta->put.last_modified;
if(last_modify == 0)
{
@@ -457,7 +457,7 @@ struct tango_cache_ctx *tango_cache_update_prepare(struct tango_cache_instance *
}
sprintf(buffer, "x-amz-meta-lm: %lu", last_modify);
ctx->headers = curl_slist_append(ctx->headers, buffer);
//<2F>б<EFBFBD><D0B1><EFBFBD>֧<EFBFBD>ֵı<D6B5>׼ͷ<D7BC><CDB7>
//<2F>б<EFBFBD><D0B1><EFBFBD>֧<EFBFBD>ֵı<D6B5>׼ͷ<D7BC><CDB7>
for(int i=0; i<HDR_CONTENT_NUM; i++)
{
if(meta->std_hdr[i] != NULL)
@@ -478,11 +478,11 @@ struct tango_cache_ctx *tango_cache_update_prepare(struct tango_cache_instance *
easy_string_savedata(&hdr_estr, "Content-Type: application/octet-stream\r\n", strlen("Content-Type: application/octet-stream\r\n"));
}
}
ctx->headers = curl_slist_append(ctx->headers, "Expect:");//ע<><D7A2>POST<53><54><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Expect<63><74>ϵ<EFBFBD><CFB5>Ҫ<EFBFBD><D2AA>ȷ<EFBFBD><C8B7><EFBFBD><EFBFBD>CURLOPT_POSTFIELDSIZE
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͷ<EFBFBD><CDB7><EFBFBD><EFBFBD>GETʱ<54><CAB1>ԭ<EFBFBD><D4AD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
ctx->headers = curl_slist_append(ctx->headers, "Expect:");//ע<><D7A2>POST<53><54><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Expect<63><74>ϵ<EFBFBD><CFB5>Ҫ<EFBFBD><D2AA>ȷ<EFBFBD><C8B7><EFBFBD><EFBFBD>CURLOPT_POSTFIELDSIZE
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͷ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>GETʱ<EFBFBD><EFBFBD>ԭ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
if(meta->usertag_len>0 && meta->usertag_len<=USER_TAG_MAX_LEN)
{
user_tag = (char *)malloc((meta->usertag_len/3 + 1)*4 + 18); //<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ռ䣻18=17+1: ͷ<><CDB7>+<2B>ַ<EFBFBD><D6B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
user_tag = (char *)malloc((meta->usertag_len/3 + 1)*4 + 18); //<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ռ䣻18=17+1: ͷ<><CDB7>+<2B>ַ<EFBFBD><D6B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
memcpy(user_tag, "x-amz-meta-user: ", 17);
user_tag_value = user_tag+17;
Base64_EncodeBlock((const unsigned char*)meta->usertag, meta->usertag_len, (unsigned char*)user_tag_value);
@@ -535,7 +535,7 @@ struct tango_cache_ctx *tango_cache_update_start(struct tango_cache_instance *in
return ctx;
}
//һ<><D2BB><EFBFBD><EFBFBD><EFBFBD>ϴ<EFBFBD>ʱ<EFBFBD><CAB1>ֱ<EFBFBD>Ӷ<EFBFBD>λ<EFBFBD><CEBB><EFBFBD><EFBFBD><EFBFBD>ϴ<EFBFBD><CFB4><EFBFBD>λ<EFBFBD><CEBB>
//һ<><D2BB><EFBFBD><EFBFBD><EFBFBD>ϴ<EFBFBD>ʱ<EFBFBD><CAB1>ֱ<EFBFBD>Ӷ<EFBFBD>λ<EFBFBD><CEBB><EFBFBD><EFBFBD><EFBFBD>ϴ<EFBFBD><CFB4><EFBFBD>λ<EFBFBD><CEBB>
struct tango_cache_ctx *tango_cache_update_once_prepare(struct tango_cache_instance *instance, struct future* f, struct tango_cache_meta_put *meta,
size_t object_size, char *path, size_t pathsize)
{
@@ -600,7 +600,7 @@ struct tango_cache_ctx *tango_cache_fetch_prepare(struct tango_cache_instance *i
ctx = (struct tango_cache_ctx *)calloc(1, sizeof(struct tango_cache_ctx));
ctx->instance = instance;
ctx->promise = future_to_promise(f);
promise_allow_many_successes(ctx->promise); //<2F><>λص<CEBB><D8B5><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʱ<EFBFBD><CAB1><EFBFBD><EFBFBD>promise_finish
promise_allow_many_successes(ctx->promise); //<2F><><EFBFBD>λص<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʱ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>promise_finish
ctx->method = method;
ctx->get.state = GET_STATE_START;
ctx->get.max_age = meta->get.max_age;
@@ -647,7 +647,7 @@ int tango_cache_head_object(struct tango_cache_instance *instance, struct future
struct tango_cache_ctx *ctx;
enum OBJECT_LOCATION location;
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Redis<69><73><EFBFBD><EFBFBD>Ԫ<EFBFBD><D4AA>Ϣ<EFBFBD><EFBFBD><E6B4A2>Redis<69><73>
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Redis<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ԫ<EFBFBD><EFBFBD>Ϣ<EFBFBD><EFBFBD><EFBFBD>Redis<EFBFBD><EFBFBD>
location = (instance->param->object_store_way != CACHE_ALL_HOS)?OBJECT_IN_REDIS:OBJECT_IN_HOS;
ctx = tango_cache_fetch_prepare(instance, CACHE_REQUEST_HEAD, f, meta, location);
if(ctx == NULL)

1
common/CMakeLists.txt
View File

@@ -10,6 +10,7 @@ target_include_directories(common PUBLIC ${CMAKE_CURRENT_LIST_DIR}/include)
target_include_directories(common PRIVATE ${CMAKE_CURRENT_LIST_DIR}/../platform/include/internal)
target_link_libraries(common PUBLIC libevent-static libevent-static-openssl libevent-static-pthreads rdkafka)
target_link_libraries(common PUBLIC MESA_handle_logger cjson msgpack)
target_link_libraries(common PUBLIC pthread)
if (SUPPORT_LIBURING)
target_link_libraries(common PUBLIC uring)

27
common/include/tfe_acceptor_kni.h
View File

@@ -7,6 +7,7 @@ extern "C"
#endif
#include <sched.h>
#include <pthread.h>
// #include "proxy.h"
#include "tfe_utils.h"
@@ -84,35 +85,31 @@ extern "C"
struct packet_info
{
int dir_is_e2i;
int is_e2i_dir;
struct addr_tuple4 tuple4;
char *addr_string;
char *header_data;
int header_len;
struct sids sids;
struct route_ctx route_ctx;
};
struct session_ctx
{
int policy_ids;
uint64_t session_id;
char *session_addr;
uint16_t user_field;
char client_mac[6];
char server_mac[6];
struct route_ctx raw_pkt_i2e_route_ctx;
struct route_ctx raw_pkt_e2i_route_ctx;
struct packet_info c2s_info;
struct packet_info s2c_info;
struct sids raw_pkt_i2e_sids;
struct sids raw_pkt_e2i_sids;
struct metadata *raw_meta_i2e;
struct metadata *raw_meta_e2i;
struct metadata *ctrl_meta;
// depending on first control packet
struct packet_info first_ctrl_pkt;
// 加锁
struct tfe_cmsg *cmsg;
struct acceptor_thread_ctx *ref_thread_ctx;
};
@@ -133,10 +130,8 @@ extern "C"
cpu_set_t coremask;
struct tap_config *config;
struct timestamp *ts;
struct packet_io *io;
struct global_metrics *metrics;
struct policy_enforcer *enforcer;
struct acceptor_thread_ctx work_threads[TFE_THREAD_MAX];
struct tfe_proxy *ref_proxy;

5
common/include/tfe_ctrl_packet.h
View File

@@ -27,6 +27,11 @@ struct ctrl_pkt_parser
uint64_t sce_policy_ids[32];
int sce_policy_id_num;
struct tfe_cmsg *cmsg;
struct sids seq_sids;
struct route_ctx seq_route_ctx;
struct sids ack_sids;
struct route_ctx ack_route_ctx;
};
const char *session_state_to_string(enum session_state state);

8
common/include/tfe_metrics.h
View File

@@ -32,6 +32,14 @@ struct global_metrics
struct throughput_metrics decrypt_rx; // 累计值
struct throughput_metrics ctrl_pkt_rx; // 累计值
struct throughput_metrics ctrl_pkt_tx; // 累计值
struct throughput_metrics tap_pkt_rx; // 累计值
struct throughput_metrics tap_pkt_tx; // 累计值
struct throughput_metrics tap_c_pkt_rx; // 累计值
struct throughput_metrics tap_c_pkt_tx; // 累计值
struct throughput_metrics tap_s_pkt_rx; // 累计值
struct throughput_metrics tap_s_pkt_tx; // 累计值
uint64_t ctrl_pkt_opening_num; // 累计值
uint64_t ctrl_pkt_active_num; // 累计值

26
common/src/tfe_acceptor_kni.cpp
View File

@@ -21,18 +21,6 @@ void session_ctx_free(struct session_ctx *ctx)
{
if (ctx)
{
if (ctx->first_ctrl_pkt.addr_string)
{
free(ctx->first_ctrl_pkt.addr_string);
ctx->first_ctrl_pkt.addr_string = NULL;
}
if (ctx->first_ctrl_pkt.header_data)
{
free(ctx->first_ctrl_pkt.header_data);
ctx->first_ctrl_pkt.header_data = NULL;
}
if (ctx->cmsg)
{
tfe_cmsg_destroy(ctx->cmsg);
@@ -43,13 +31,11 @@ void session_ctx_free(struct session_ctx *ctx)
}
}
/******************************************************************************
* acceptor_ctx
******************************************************************************/
struct acceptor_ctx *acceptor_ctx_create(const char *profile)
{
int ret = 0;
struct acceptor_ctx *ctx = ALLOC(struct acceptor_ctx, 1);
MESA_load_profile_int_def(profile, "system", "firewall_sids", (int *)&(ctx->firewall_sids), 1001);
@@ -83,17 +69,6 @@ struct acceptor_ctx *acceptor_ctx_create(const char *profile)
goto error_out;
}
// ctx->enforcer = policy_enforcer_create("KNI", profile, ctx->nr_worker_threads, NULL);
// if (ctx->enforcer == NULL)
// {
// goto error_out;
// }
// if (policy_enforcer_register(ctx->enforcer) == -1)
// {
// goto error_out;
// }
return ctx;
error_out:
@@ -107,6 +82,7 @@ void acceptor_ctx_destory(struct acceptor_ctx * ctx)
{
packet_io_destory(ctx->io);
tfe_tap_destory(ctx->config);
global_metrics_destory(ctx->metrics);
free(ctx);
ctx = NULL;

31
common/src/tfe_cmsg.cpp
View File

@@ -3,6 +3,7 @@
#include <string.h>
#include <arpa/inet.h>
#include <errno.h>
#include <pthread.h>
#include "tfe_types.h"
#include "tfe_utils.h"
@@ -23,6 +24,7 @@ struct tfe_cmsg_tlv
struct tfe_cmsg
{
pthread_rwlock_t rwlock;
uint16_t nr_tlvs;
struct tfe_cmsg_tlv* tlvs[TFE_CMSG_TLV_NR_MAX];
uint16_t size;
@@ -39,6 +41,8 @@ struct tfe_cmsg* tfe_cmsg_init()
{
struct tfe_cmsg *cmsg = ALLOC(struct tfe_cmsg, 1);
cmsg->size = sizeof(struct tfe_cmsg_serialize_header);
pthread_rwlock_init(&(cmsg->rwlock), NULL);
return cmsg;
}
@@ -46,11 +50,15 @@ void tfe_cmsg_destroy(struct tfe_cmsg *cmsg)
{
if(cmsg != NULL)
{
pthread_rwlock_wrlock(&cmsg->rwlock);
for(int i = 0; i < TFE_CMSG_TLV_NR_MAX; i++)
{
FREE(&(cmsg->tlvs[i]));
}
pthread_rwlock_unlock(&cmsg->rwlock);
pthread_rwlock_destroy(&cmsg->rwlock);
}
FREE(&cmsg);
}
@@ -60,6 +68,7 @@ int tfe_cmsg_set(struct tfe_cmsg * cmsg, enum tfe_cmsg_tlv_type type, const unsi
{
return TFE_CMSG_INVALID_TYPE;
}
pthread_rwlock_wrlock(&cmsg->rwlock);
struct tfe_cmsg_tlv *tlv = cmsg->tlvs[type];
uint16_t length = sizeof(struct tfe_cmsg_tlv) + size;
@@ -83,6 +92,7 @@ int tfe_cmsg_set(struct tfe_cmsg * cmsg, enum tfe_cmsg_tlv_type type, const unsi
tlv->length = length;
memcpy(tlv->value_as_string, value, size);
cmsg->tlvs[type] = tlv;
pthread_rwlock_unlock(&cmsg->rwlock);
return 0;
}
@@ -99,6 +109,7 @@ int tfe_cmsg_get_value(struct tfe_cmsg * cmsg, enum tfe_cmsg_tlv_type type, unsi
goto errout;
}
pthread_rwlock_rdlock(&cmsg->rwlock);
tlv = cmsg->tlvs[type];
if (unlikely(tlv == NULL))
{
@@ -115,31 +126,38 @@ int tfe_cmsg_get_value(struct tfe_cmsg * cmsg, enum tfe_cmsg_tlv_type type, unsi
memcpy(out_value, tlv->value_as_string, value_length);
*out_size = value_length;
pthread_rwlock_unlock(&cmsg->rwlock);
return 0;
errout:
pthread_rwlock_unlock(&cmsg->rwlock);
return result;
}
uint16_t tfe_cmsg_serialize_size_get(struct tfe_cmsg *cmsg)
{
return cmsg->size;
pthread_rwlock_rdlock(&cmsg->rwlock);
uint16_t size = cmsg->size;
pthread_rwlock_unlock(&cmsg->rwlock);
return size;
}
int tfe_cmsg_serialize(struct tfe_cmsg *cmsg, unsigned char *buff, uint16_t bufflen, uint16_t *serialize_len)
{
//size是serialize之后的实际长度
pthread_rwlock_rdlock(&cmsg->rwlock);
uint16_t size = cmsg->size;
//传入buff是否够长
if(bufflen < size)
{
pthread_rwlock_unlock(&cmsg->rwlock);
return TFE_CMSG_BUFF_NOT_ENOUGH;
}
//size是否正确
if(size < sizeof(struct tfe_cmsg_serialize_header))
{
return TFE_CMSG_INVALID_FORMAT;
pthread_rwlock_unlock(&cmsg->rwlock);
return TFE_CMSG_BUFF_NOT_ENOUGH;
}
struct tfe_cmsg_serialize_header *header = (struct tfe_cmsg_serialize_header*)buff;
header->__magic__[0] = 0x4d;
@@ -156,6 +174,7 @@ int tfe_cmsg_serialize(struct tfe_cmsg *cmsg, unsigned char *buff, uint16_t buff
}
if(count != cmsg->nr_tlvs)
{
pthread_rwlock_unlock(&cmsg->rwlock);
return TFE_CMSG_INVALID_FORMAT;
}
//序列化
@@ -168,11 +187,13 @@ int tfe_cmsg_serialize(struct tfe_cmsg *cmsg, unsigned char *buff, uint16_t buff
}
if(i != tlv->type)
{
pthread_rwlock_unlock(&cmsg->rwlock);
return TFE_CMSG_INVALID_FORMAT;
}
uint16_t length = tlv->length;
if(length < sizeof(struct tfe_cmsg_tlv) || offset + length > size)
{
pthread_rwlock_unlock(&cmsg->rwlock);
return TFE_CMSG_INVALID_FORMAT;
}
memcpy((char*)header + offset, (void*)tlv, length);
@@ -184,9 +205,11 @@ int tfe_cmsg_serialize(struct tfe_cmsg *cmsg, unsigned char *buff, uint16_t buff
//检查size是否正确
if(offset != size)
{
pthread_rwlock_unlock(&cmsg->rwlock);
return TFE_CMSG_INVALID_FORMAT;
}
*serialize_len = size;
pthread_rwlock_unlock(&cmsg->rwlock);
return 0;
}
@@ -235,7 +258,9 @@ int tfe_cmsg_deserialize(const unsigned char *data, uint16_t len, struct tfe_cms
offset += length;
}
cmsg->size = offset;
pthread_rwlock_wrlock(&((*pcmsg)->rwlock));
*pcmsg = cmsg;
pthread_rwlock_unlock(&((*pcmsg)->rwlock));
return 0;
error_out:

9
common/src/tfe_ctrl_packet.cpp
View File

@@ -34,7 +34,6 @@ void ctrl_packet_parser_init(struct ctrl_pkt_parser *handler)
// return -1 : error
int ctrl_packet_parser_parse(struct ctrl_pkt_parser *handler, const char *data, size_t length)
{
// TODO FREE
return parse_messagepack(data, length, handler);
}
@@ -59,14 +58,6 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler)
{
TFE_LOG_INFO(g_default_logger, "%s: %d sce policy_ids[%03lu]", LOG_TAG_POLICY, i, handler->sce_policy_ids[i]);
}
uint64_t policy_id = 0;
tfe_cmsg_get_value(handler->cmsg, TFE_CMSG_POLICY_ID, (unsigned char *)&policy_id, 64, &cmsg_len);
TFE_LOG_INFO(g_default_logger, "TFE_CMSG_POLICY_ID: %lu", policy_id);
uint16_t client_mss = 0;
tfe_cmsg_get_value(handler->cmsg, TFE_CMSG_TCP_RESTORE_MSS_CLIENT, (unsigned char *)&client_mss, 16, &cmsg_len);
TFE_LOG_INFO(g_default_logger, "TFE_CMSG_TCP_RESTORE_MSS_CLIENT: %u", client_mss);
}
}

47
common/src/tfe_metrics.cpp
View File

@@ -19,7 +19,6 @@ enum SCE_STAT_FIELD
STAT_RAW_PKT_TX_PKT,
STAT_RAW_PKT_TX_B,
// steering
STAT_DECRYPTED_TX_PKT,
STAT_DECRYPTED_TX_B,
STAT_DECRYPTED_RX_PKT,
@@ -28,6 +27,23 @@ enum SCE_STAT_FIELD
// control packet
STAT_CONTROL_RX_PKT,
STAT_CONTROL_RX_B,
STAT_CONTROL_TX_PKT,
STAT_CONTROL_TX_B,
STAT_TAP_RX_PKT,
STAT_TAP_RX_B,
STAT_TAP_TX_PKT,
STAT_TAP_TX_B,
STAT_TAP_C_RX_PKT,
STAT_TAP_C_RX_B,
STAT_TAP_C_TX_PKT,
STAT_TAP_C_TX_B,
STAT_TAP_S_RX_PKT,
STAT_TAP_S_RX_B,
STAT_TAP_S_TX_PKT,
STAT_TAP_S_TX_B,
STAT_CTRL_PKT_OPENING,
STAT_CTRL_PKT_ACTIVE,
@@ -64,6 +80,22 @@ static const char *stat_map[] =
// control packet
[STAT_CONTROL_RX_PKT] = "ctrl_rx_pkt",
[STAT_CONTROL_RX_B] = "ctrl_rx_B",
[STAT_CONTROL_TX_PKT] = "ctrl_tx_pkt",
[STAT_CONTROL_TX_B] = "ctrl_tx_B",
// tap packet
[STAT_TAP_RX_PKT] = "tap_rx_pkt",
[STAT_TAP_RX_B] = "tap_rx_B",
[STAT_TAP_TX_PKT] = "tap_tx_pkt",
[STAT_TAP_TX_B] = "tap_tx_B",
[STAT_TAP_C_RX_PKT] = "tap_c_rx_pkt",
[STAT_TAP_C_RX_B] = "tap_c_rx_B",
[STAT_TAP_C_TX_PKT] = "tap_c_tx_pkt",
[STAT_TAP_C_TX_B] = "tap_c_tx_B",
[STAT_TAP_S_RX_PKT] = "tap_s_rx_pkt",
[STAT_TAP_S_RX_B] = "tap_s_rx_B",
[STAT_TAP_S_TX_PKT] = "tap_s_tx_pkt",
[STAT_TAP_S_TX_B] = "tap_s_tx_B",
[STAT_CTRL_PKT_OPENING] = "ctrl_pkt_open",
[STAT_CTRL_PKT_ACTIVE] = "ctrl_pkt_avtive",
@@ -94,7 +126,6 @@ void global_metrics_destory(struct global_metrics *metrics)
{
if (metrics)
{
FS_library_destroy();
free(metrics);
metrics = NULL;
}
@@ -121,6 +152,18 @@ void global_metrics_dump(struct global_metrics *metrics)
// control packet
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_CONTROL_RX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_CONTROL_RX_B], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_CONTROL_RX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_CONTROL_RX_B], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_RX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_RX_B], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_TX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_TX_B], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_C_RX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_C_RX_B], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_C_TX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_TAP_C_TX_B], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_CTRL_PKT_OPENING], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_opening_num), 0, __ATOMIC_RELAXED));
FS_operate(metrics->fs_handle, metrics->fs_id[STAT_CTRL_PKT_ACTIVE], 0, FS_OP_SET, __atomic_fetch_add(&(metrics->ctrl_pkt_active_num), 0, __ATOMIC_RELAXED));

197
common/src/tfe_mpack.cpp
View File

@@ -16,18 +16,30 @@ enum ctr_pkt_index
INDEX_SESSION_ID,
INDEX_STATE,
INDEX_METHOD,
INDEX_SCE,
INDEX_SHAPER,
INDEX_PROXY,
INDEX_KEY_SCE,
INDEX_VALUE_SCE,
INDEX_KEY_SHAPER,
INDEX_VALUE_SHAPER,
INDEX_KEY_PROXY,
INDEX_VALUE_PROXY,
INDEX_MAX
};
enum {
MPACK_ARRAY_FQDN_IDS,
MPACK_ARRAY_SEQ_SIDS,
MPACK_ARRAY_ACK_SIDS,
MPACK_ARRAY_SEQ_ROUTE_CTX,
MPACK_ARRAY_ACK_ROUTE_CTX,
};
struct mpack_mmap_id2type
{
int id;
enum tfe_cmsg_tlv_type type;
char *str_name;
int size;
int array_index;
}mpack_table[] = {
{.id = 0, .type = TFE_CMSG_POLICY_ID, .str_name = "TFE_CMSG_POLICY_ID", .size = 8},
{.id = 1, .type = TFE_CMSG_TCP_RESTORE_SEQ, .str_name = "TFE_CMSG_TCP_RESTORE_SEQ", .size = 4},
@@ -61,49 +73,116 @@ struct mpack_mmap_id2type
{.id = 29, .type = TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, .str_name = "TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION", .size = 256},
{.id = 30, .type = TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, .str_name = "TFE_CMSG_DST_IP_LOCATION_SUBDIVISION", .size = 256},
{.id = 31, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32},
{.id = 32, .type = TFE_CMSG_FQDN_CAT_ID_VAL, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4}
{.id = 32, .type = TFE_CMSG_FQDN_CAT_ID_VAL, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4, .array_index = MPACK_ARRAY_FQDN_IDS},
{.id = 33, .str_name = "TFE_SEQ_SIDS", .size = 2, .array_index = MPACK_ARRAY_SEQ_SIDS},
{.id = 34, .str_name = "TFE_ACK_SIDS", .size = 2, .array_index = MPACK_ARRAY_ACK_SIDS},
{.id = 35, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1, .array_index = MPACK_ARRAY_SEQ_ROUTE_CTX},
{.id = 36, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1, .array_index = MPACK_ARRAY_ACK_ROUTE_CTX}
};
static int proxy_parse_messagepack(msgpack_object obj, void *ctx)
static void fqdn_id_set_cmsg(struct ctrl_pkt_parser *handler, msgpack_object *ptr, int table_index)
{
struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx;
uint32_t fqdn_val[8] = {0};
for (unsigned int i = 0; i < obj.via.array.size; i++) {
msgpack_object ptr = obj.via.array.ptr[i];
tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_NUM, (const unsigned char *)&ptr->via.array.size, sizeof(uint32_t));
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu array fqdn_id num: [%u]", LOG_TAG_CTRLPKT, handler->session_id, ptr->via.array.size);
for (uint32_t j = 0; j < ptr->via.array.size; j++) {
fqdn_val[j] = ptr->via.array.ptr[j].via.u64;
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu array fqdn_id msgpack cmsg: [%s] -> [%lu]", LOG_TAG_CTRLPKT, handler->session_id, mpack_table[table_index].str_name, ptr->via.array.ptr[j].via.u64);
}
tfe_cmsg_set(handler->cmsg ,TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)fqdn_val, ptr->via.array.size * sizeof(uint32_t));
return;
}
static void sids_array_parse_mpack(struct ctrl_pkt_parser *handler, msgpack_object *ptr, int table_index, int is_seq)
{
struct sids *sid= is_seq ? &handler->seq_sids : &handler->ack_sids;
sid->num = ptr->via.array.size > MR_SID_LIST_MAXLEN ? MR_SID_LIST_MAXLEN : ptr->via.array.size;
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu array sids num: [%u]", LOG_TAG_CTRLPKT, handler->session_id, ptr->via.array.size);
for (int i = 0; i < sid->num; i++)
{
sid->elems[i] = ptr->via.array.ptr[i].via.u64;
}
return;
}
static void route_ctx_parse_mpack(struct ctrl_pkt_parser *handler, msgpack_object *ptr, int table_index, int is_seq)
{
struct route_ctx *ctx = is_seq ? &handler->seq_route_ctx : &handler->ack_route_ctx;
ctx->len = ptr->via.array.size > 64 ? 64 : ptr->via.array.size;
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu array route ctx num: [%u]", LOG_TAG_CTRLPKT, handler->session_id, ptr->via.array.size);
for (int i = 0; i < ctx->len; i++)
{
memcpy(ctx->data+i, &ptr->via.array.ptr[i].via.u64, 1);
}
return;
}
static int proxy_parse_messagepack(msgpack_object *obj, void *ctx)
{
struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx;
for (unsigned int i = 0; i < obj->via.array.size; i++) {
msgpack_object *ptr = &obj->via.array.ptr[i];
if (i == 0) {
if (ptr.type == MSGPACK_OBJECT_ARRAY) {
handler->tfe_policy_id_num = ptr.via.array.size;
for (uint32_t j = 0; j < ptr.via.array.size; j++) {
handler->tfe_policy_ids[j] = ptr.via.array.ptr[j].via.u64;
if (ptr->type == MSGPACK_OBJECT_ARRAY) {
handler->tfe_policy_id_num = ptr->via.array.size;
for (uint32_t j = 0; j < ptr->via.array.size; j++) {
handler->tfe_policy_ids[j] = ptr->via.array.ptr[j].via.u64;
}
tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)&handler->tfe_policy_ids[0], sizeof(uint64_t));
TFE_LOG_DEBUG(g_default_logger, "%s: interger msgpack cmsg: [%s] num: [%d]", LOG_TAG_CTRLPKT, mpack_table[i].str_name, handler->tfe_policy_id_num);
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu interger msgpack cmsg: [%s] num: [%d]", LOG_TAG_CTRLPKT, handler->session_id, mpack_table[i].str_name, handler->tfe_policy_id_num);
for (int j = 0; j < handler->tfe_policy_id_num; j++) {
TFE_LOG_DEBUG(g_default_logger, "%s: policy id:%lu ", LOG_TAG_CTRLPKT, handler->tfe_policy_ids[j]);
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu policy id:%lu ", LOG_TAG_CTRLPKT, handler->session_id, handler->tfe_policy_ids[j]);
}
}
continue;
}
switch (ptr.type) {
switch (ptr->type) {
case MSGPACK_OBJECT_POSITIVE_INTEGER:
tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)&ptr.via.u64, mpack_table[i].size);
TFE_LOG_DEBUG(g_default_logger, "%s: interger msgpack cmsg: [%s] -> [%lu]", LOG_TAG_CTRLPKT, mpack_table[i].str_name, ptr.via.u64);
// TFE_CMSG_TCP_RESTORE_PROTOCOL tsg master 发送数据错误临时强制设置为1
if (i == 11)
{
uint8_t protocol = 1;
tfe_cmsg_set(handler->cmsg, TFE_CMSG_TCP_RESTORE_PROTOCOL, (const unsigned char *)&protocol, 1);
}
else
{
tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)&ptr->via.u64, mpack_table[i].size);
}
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu interger msgpack cmsg: [%s] -> [%lu]", LOG_TAG_CTRLPKT, handler->session_id, mpack_table[i].str_name, ptr->via.u64);
break;
case MSGPACK_OBJECT_STR:
tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)ptr.via.str.ptr, ptr.via.str.size);
TFE_LOG_DEBUG(g_default_logger, "%s: string msgpack cmsg: [%s] -> [%s]", LOG_TAG_CTRLPKT, mpack_table[i].str_name, ptr.via.str.ptr);
tfe_cmsg_set(handler->cmsg, mpack_table[i].type, (const unsigned char *)ptr->via.str.ptr, ptr->via.str.size);
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu string msgpack cmsg: [%s] -> [%s]", LOG_TAG_CTRLPKT, handler->session_id, mpack_table[i].str_name, ptr->via.str.ptr);
break;
case MSGPACK_OBJECT_NIL:
TFE_LOG_DEBUG(g_default_logger, "%s: session: %lu msgpack cmsg: [%s] -> [nil]", LOG_TAG_CTRLPKT, handler->session_id, mpack_table[i].str_name);
break;
case MSGPACK_OBJECT_ARRAY:
if (i == 32) {
tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_NUM, (const unsigned char *)&ptr.via.array.size, sizeof(uint32_t));
for (uint32_t j = 0; j < ptr.via.array.size; j++) {
fqdn_val[j] = ptr.via.array.ptr[j].via.u64;
TFE_LOG_DEBUG(g_default_logger, "%s: array msgpack cmsg: [%s] -> [%lu]", LOG_TAG_CTRLPKT, mpack_table[i].str_name, ptr.via.array.ptr[j].via.u64);
}
tfe_cmsg_set(handler->cmsg ,TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)fqdn_val, ptr.via.array.size * sizeof(uint32_t));
switch(mpack_table[i].array_index)
{
case MPACK_ARRAY_FQDN_IDS:
fqdn_id_set_cmsg(handler, ptr, i);
break;
case MPACK_ARRAY_SEQ_SIDS:
sids_array_parse_mpack(handler, ptr, i, 1);
break;
case MPACK_ARRAY_ACK_SIDS:
sids_array_parse_mpack(handler, ptr, i, 0);
break;
case MPACK_ARRAY_SEQ_ROUTE_CTX:
route_ctx_parse_mpack(handler, ptr, i, 1);
break;
case MPACK_ARRAY_ACK_ROUTE_CTX:
route_ctx_parse_mpack(handler, ptr, i, 0);
break;
default:
break;
}
break;
default:
@@ -117,6 +196,8 @@ int parse_messagepack(const char* data, size_t length, void *ctx)
{
struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx;
size_t off = 0;
msgpack_object *obj = NULL;
msgpack_object *ptr = NULL;
msgpack_unpacked unpacked;
msgpack_unpacked_init(&unpacked);
@@ -124,93 +205,91 @@ int parse_messagepack(const char* data, size_t length, void *ctx)
msgpack_unpack_return ret = msgpack_unpack_next(&unpacked, data, length, &off);
if (ret != MSGPACK_UNPACK_SUCCESS) {
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: data[%s]", LOG_TAG_CTRLPKT, data);
return -1;
goto end;
}
msgpack_object obj = unpacked.data;
if (obj.type != MSGPACK_OBJECT_ARRAY || obj.via.array.size < INDEX_PROXY) {
// TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: msgpack type[%02x], array size:%d", LOG_TAG_CTRLPKT, obj.type, obj.via.array.size);
return -1;
obj = &unpacked.data;
if (obj->type != MSGPACK_OBJECT_ARRAY) {
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: msgpack type is not MSGPACK_OBJECT_ARRAY", LOG_TAG_CTRLPKT);
goto end;
}
for (unsigned int i = 0; i < obj.via.array.size; i++) {
msgpack_object ptr = obj.via.array.ptr[i];
for (unsigned int i = 0; i < obj->via.array.size; i++) {
ptr = &obj->via.array.ptr[i];
switch (i) {
case INDEX_TSYNC:
if (ptr.type == MSGPACK_OBJECT_STR) {
memcpy(handler->tsync, ptr.via.str.ptr, ptr.via.str.size);
if (ptr->type == MSGPACK_OBJECT_STR) {
memcpy(handler->tsync, ptr->via.str.ptr, ptr->via.str.size);
}
else {
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid tsync type) %02x", LOG_TAG_CTRLPKT, ptr.type);
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid tsync type) %02x", LOG_TAG_CTRLPKT, ptr->type);
}
break;
case INDEX_SESSION_ID:
if (ptr.type == MSGPACK_OBJECT_STR) {
char session_id[64] = {0};
memcpy(session_id, ptr.via.str.ptr, ptr.via.str.size);
handler->session_id = atoll(session_id);
if (ptr->type == MSGPACK_OBJECT_POSITIVE_INTEGER) {
handler->session_id = ptr->via.u64;
}
else {
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid session id type) %02x", LOG_TAG_CTRLPKT, ptr.type);
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid session id type) %02x", LOG_TAG_CTRLPKT, ptr->type);
}
break;
case INDEX_STATE:
if (ptr.type == MSGPACK_OBJECT_STR) {
if (strncasecmp(ptr.via.str.ptr, "opening", ptr.via.str.size) == 0)
if (ptr->type == MSGPACK_OBJECT_STR) {
if (strncasecmp(ptr->via.str.ptr, "opening", ptr->via.str.size) == 0)
{
handler->state = SESSION_STATE_OPENING;
}
else if (strncasecmp(ptr.via.str.ptr, "active", ptr.via.str.size) == 0)
else if (strncasecmp(ptr->via.str.ptr, "active", ptr->via.str.size) == 0)
{
handler->state = SESSION_STATE_ACTIVE;
}
else if (strncasecmp(ptr.via.str.ptr, "closing", ptr.via.str.size) == 0)
else if (strncasecmp(ptr->via.str.ptr, "closing", ptr->via.str.size) == 0)
{
handler->state = SESSION_STATE_CLOSING;
}
else if (strncasecmp(ptr.via.str.ptr, "resetall", ptr.via.str.size) == 0)
else if (strncasecmp(ptr->via.str.ptr, "resetall", ptr->via.str.size) == 0)
{
handler->state = SESSION_STATE_RESETALL;
}
else
{
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid state value) %s", LOG_TAG_CTRLPKT, ptr.via.str.ptr);
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid state value) %s", LOG_TAG_CTRLPKT, ptr->via.str.ptr);
}
}
else {
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid state type) %02x", LOG_TAG_CTRLPKT, ptr.type);
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid state type) %02x", LOG_TAG_CTRLPKT, ptr->type);
}
break;
case INDEX_METHOD:
if (ptr.type == MSGPACK_OBJECT_STR) {
memcpy(handler->method, ptr.via.str.ptr, ptr.via.str.size);
if (ptr->type == MSGPACK_OBJECT_STR) {
memcpy(handler->method, ptr->via.str.ptr, ptr->via.str.size);
}
else {
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid method type) %02x", LOG_TAG_CTRLPKT, ptr.type);
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid method type) %02x", LOG_TAG_CTRLPKT, ptr->type);
}
break;
case INDEX_SCE:
if (ptr.type == MSGPACK_OBJECT_ARRAY) {
msgpack_object rule_id = ptr.via.array.ptr[0];
case INDEX_VALUE_SCE:
if (ptr->type == MSGPACK_OBJECT_ARRAY) {
msgpack_object rule_id = ptr->via.array.ptr[0];
handler->sce_policy_id_num = rule_id.via.array.size;
for (uint32_t j = 0; j < rule_id.via.array.size; j++) {
handler->sce_policy_ids[j] = rule_id.via.array.ptr[j].via.u64;
}
}
break;
case INDEX_SHAPER:
break;
case INDEX_PROXY:
if (ptr.type == MSGPACK_OBJECT_ARRAY) {
case INDEX_VALUE_PROXY:
if (ptr->type == MSGPACK_OBJECT_ARRAY) {
proxy_parse_messagepack(ptr, handler);
}
else {
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid proxy type) %02x", LOG_TAG_CTRLPKT, ptr.type);
TFE_LOG_DEBUG(g_default_logger, "%s: unexpected control packet: (invalid proxy type) %02x", LOG_TAG_CTRLPKT, ptr->type);
}
break;
default:
break;
}
}
end:
msgpack_unpacked_destroy(&unpacked);
return 0;
}

2076
common/src/tfe_packet_io.cpp
View File

File diff suppressed because it is too large Load Diff

2
common/src/tfe_utils.cpp
View File

@@ -376,7 +376,7 @@ int get_mac_by_device_name(const char *dev_name, char *mac_buff)
}
unsigned char *mac = (unsigned char *)ifr.ifr_hwaddr.sa_data;
sprintf(mac_buff, "%02hhx:%02hhx:%02hhx:%02hhx:%02hhx:%02hhx", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
memcpy(mac_buff, mac, 6);
close(fd);
return 0;

16
common/test/test_mpack.cpp Normal file
View File

@@ -0,0 +1,16 @@
#include <gtest/gtest.h>
#include <arpa/inet.h>
#include "tfe_ctrl_packet.h"
// TEST(MPACK, PARSE)
// {
// struct ctrl_pkt_parser handler;
// parse_messagepack();
// }
int main(int argc, char **argv)
{
::testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

274
common/test/test_session_table.cpp Normal file
View File

@@ -0,0 +1,274 @@
#include <gtest/gtest.h>
#include <arpa/inet.h>
#include "tfe_session_table.h"
TEST(STREAM_TABLE, INSERT)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == -1);
EXPECT_TRUE(session_table_count(table) == 1);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == -1);
EXPECT_TRUE(session_table_count(table) == 2);
// TEST Destory
session_table_destory(table);
}
TEST(STREAM_TABLE, SEARCH_BY_ID)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
INIT_ADDR_V4(addr3, "1.1.1.1", 1111, "2.2.2.2", 2222);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_count(table) == 2);
// TEST Search By Session ID
struct session_node *node = NULL;
node = session_table_search_by_id(table, 1);
EXPECT_TRUE(node != nullptr);
EXPECT_STREQ((const char *)node->value, "HELLO");
node = session_table_search_by_id(table, 2);
EXPECT_TRUE(node != nullptr);
EXPECT_STREQ((const char *)node->value, "WORLD");
node = session_table_search_by_id(table, 3);
EXPECT_TRUE(node == nullptr);
// TEST Destory
session_table_destory(table);
}
TEST(STREAM_TABLE, SEARCH_BY_ADDR)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
INIT_ADDR_V4(addr3, "1.1.1.1", 1111, "2.2.2.2", 2222);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_count(table) == 2);
// TEST Search By Session Addr
struct session_node *node = NULL;
node = session_table_search_by_addr(table, &addr1);
EXPECT_TRUE(node != nullptr);
EXPECT_STREQ((const char *)node->value, "HELLO");
node = session_table_search_by_addr(table, &addr2);
EXPECT_TRUE(node != nullptr);
EXPECT_STREQ((const char *)node->value, "WORLD");
node = session_table_search_by_addr(table, &addr3);
EXPECT_TRUE(node == nullptr);
// TEST Destory
session_table_destory(table);
}
TEST(STREAM_TABLE, SEARCH_BY_REVERSE_ADDR)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
struct addr_tuple4 addr1_reverse;
struct addr_tuple4 addr2_reverse;
addr_tuple4_reverse(&addr1, &addr1_reverse);
addr_tuple4_reverse(&addr2, &addr2_reverse);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_count(table) == 2);
// TEST Search By Session Reverse Addr
struct session_node *node = NULL;
node = session_table_search_by_addr(table, &addr1_reverse);
EXPECT_TRUE(node != nullptr);
EXPECT_STREQ((const char *)node->value, "HELLO");
node = session_table_search_by_addr(table, &addr2_reverse);
EXPECT_TRUE(node != nullptr);
EXPECT_STREQ((const char *)node->value, "WORLD");
// TEST Destory
session_table_destory(table);
}
TEST(STREAM_TABLE, DELETE_BY_ID)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
struct addr_tuple4 addr1_reverse;
struct addr_tuple4 addr2_reverse;
addr_tuple4_reverse(&addr1, &addr1_reverse);
addr_tuple4_reverse(&addr2, &addr2_reverse);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_count(table) == 2);
// TEST Delete By Session ID
EXPECT_TRUE(session_table_delete_by_id(table, 1) == 0);
EXPECT_TRUE(session_table_search_by_id(table, 1) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr1) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr1_reverse) == NULL);
EXPECT_TRUE(session_table_count(table) == 1);
EXPECT_TRUE(session_table_delete_by_id(table, 2) == 0);
EXPECT_TRUE(session_table_search_by_id(table, 2) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr2) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr2_reverse) == NULL);
EXPECT_TRUE(session_table_count(table) == 0);
// TEST Destory
session_table_destory(table);
}
TEST(STREAM_TABLE, DELETE_BY_ADDR)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
struct addr_tuple4 addr1_reverse;
struct addr_tuple4 addr2_reverse;
addr_tuple4_reverse(&addr1, &addr1_reverse);
addr_tuple4_reverse(&addr2, &addr2_reverse);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_count(table) == 2);
// TEST Delete By Session Addr
EXPECT_TRUE(session_table_delete_by_addr(table, &addr1) == 0);
EXPECT_TRUE(session_table_search_by_id(table, 1) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr1) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr1_reverse) == NULL);
EXPECT_TRUE(session_table_count(table) == 1);
EXPECT_TRUE(session_table_delete_by_addr(table, &addr2) == 0);
EXPECT_TRUE(session_table_search_by_id(table, 2) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr2) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr2_reverse) == NULL);
EXPECT_TRUE(session_table_count(table) == 0);
// TEST Destory
session_table_destory(table);
}
TEST(STREAM_TABLE, DELETE_BY_REVERSE_ADDR)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
struct addr_tuple4 addr1_reverse;
struct addr_tuple4 addr2_reverse;
addr_tuple4_reverse(&addr1, &addr1_reverse);
addr_tuple4_reverse(&addr2, &addr2_reverse);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_count(table) == 2);
// TEST Delete By Session Reverse Addr
EXPECT_TRUE(session_table_delete_by_addr(table, &addr1_reverse) == 0);
EXPECT_TRUE(session_table_search_by_id(table, 1) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr1) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr1_reverse) == NULL);
EXPECT_TRUE(session_table_count(table) == 1);
EXPECT_TRUE(session_table_delete_by_addr(table, &addr2_reverse) == 0);
EXPECT_TRUE(session_table_search_by_id(table, 2) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr2) == NULL);
EXPECT_TRUE(session_table_search_by_addr(table, &addr2_reverse) == NULL);
EXPECT_TRUE(session_table_count(table) == 0);
// TEST Destory
session_table_destory(table);
}
TEST(STREAM_TABLE, RESET)
{
// TEST Create
struct session_table *table = session_table_create();
EXPECT_TRUE(table != nullptr);
char *val_hello = strdup("HELLO");
char *val_world = strdup("WORLD");
INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321);
INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342);
// TEST Insert
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0);
EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == -1);
EXPECT_TRUE(session_table_count(table) == 1);
// TEST Reset
session_table_reset(table);
EXPECT_TRUE(session_table_search_by_id(table, 1) == nullptr);
EXPECT_TRUE(session_table_search_by_addr(table, &addr1) == nullptr);
EXPECT_TRUE(session_table_count(table) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == 0);
EXPECT_TRUE(session_table_insert(table, 2, &addr2, val_world, free) == -1);
EXPECT_TRUE(session_table_search_by_id(table, 2) != nullptr);
EXPECT_TRUE(session_table_search_by_addr(table, &addr2) != nullptr);
EXPECT_TRUE(session_table_count(table) == 1);
// TEST Destory
session_table_destory(table);
}
int main(int argc, char **argv)
{
::testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

26
platform/src/acceptor_kni_v4.cpp
View File

@@ -63,22 +63,22 @@ static void *worker_thread_cycle(void *arg)
handle_raw_packet_from_tap(thread_ctx->tap_ctx->buff, pkg_len, thread_ctx);
}
if ((pkg_len = tfe_tap_read_per_thread(thread_ctx->tap_ctx->tap_c, thread_ctx->tap_ctx->buff, thread_ctx->tap_ctx->buff_size, g_default_logger)) > 0)
{
handle_decryption_packet_from_tap(thread_ctx->tap_ctx->buff, pkg_len, thread_ctx);
}
// if ((pkg_len = tfe_tap_read_per_thread(thread_ctx->tap_ctx->tap_c, thread_ctx->tap_ctx->buff, thread_ctx->tap_ctx->buff_size, g_default_logger)) > 0)
// {
// handle_decryption_packet_from_tap(thread_ctx->tap_ctx->buff, pkg_len, thread_ctx);
// }
if ((pkg_len = tfe_tap_read_per_thread(thread_ctx->tap_ctx->tap_s, thread_ctx->tap_ctx->buff, thread_ctx->tap_ctx->buff_size, g_default_logger)) > 0)
{
handle_decryption_packet_from_tap(thread_ctx->tap_ctx->buff, pkg_len, thread_ctx);
}
// if ((pkg_len = tfe_tap_read_per_thread(thread_ctx->tap_ctx->tap_s, thread_ctx->tap_ctx->buff, thread_ctx->tap_ctx->buff_size, g_default_logger)) > 0)
// {
// handle_decryption_packet_from_tap(thread_ctx->tap_ctx->buff, pkg_len, thread_ctx);
// }
}
global_metrics_dump(acceptor_ctx->metrics);
if (n_pkt_recv_from_nf == 0)
{
packet_io_thread_wait(handle, thread_ctx, 0);
}
// if (n_pkt_recv_from_nf == 0)
// {
// packet_io_thread_wait(handle, thread_ctx, 0);
// }
if (__atomic_fetch_add(&thread_ctx->session_table_need_reset, 0, __ATOMIC_RELAXED) > 0)
{

3
platform/src/proxy.cpp
View File

@@ -60,6 +60,7 @@
/* Systemd */
#include <systemd/sd-daemon.h>
#include "tfe_acceptor_kni.h"
extern struct tcp_policy_enforcer *tcp_policy_enforcer_create(void *logger);
extern struct chaining_policy_enforcer *chaining_policy_enforcer_create(void *logger);
@@ -292,6 +293,8 @@ static void __gc_handler_cb(evutil_socket_t fd, short what, void * arg)
FS_operate(ctx->fs_handle, ctx->fs_id[i], 0, FS_OP_SET, ATOMIC_READ(&(ctx->stat_val[i])));
}
// global_metrics_dump(ctx->kni_v4_acceptor->acceptor->metrics);
FS_passive_output(ctx->fs_handle);
return;
}

2
vendor/CMakeLists.txt vendored
View File

@@ -379,7 +379,7 @@ set_property(TARGET libnetfilter_queue-static PROPERTY INTERFACE_INCLUDE_DIRECTO
### msgpack-c 6.0.0
ExternalProject_Add(msgpack-c PREFIX msgpack-c
URL ${CMAKE_CURRENT_SOURCE_DIR}/msgpack-c-6.0.0.tar.gz
URL_MD5 f930a80b118a20de2be3211b0706f562
URL_MD5 adc08f48550ce772fe24c0b41166b0de
CMAKE_ARGS -DCMAKE_INSTALL_PREFIX=<INSTALL_DIR>
-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}
-DMSGPACK_BUILD_TESTS=OFF)

BIN
vendor/msgpack-c-6.0.0.tar.gz vendored
View File

Binary file not shown.