gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

和tfe联调完成,修复一些已知问题,增加一些日志

Browse Source
This commit is contained in:
崔一鸣
2018-09-19 17:06:42 +08:00
parent 6733ff0686
commit a62d9ac7f6
9 changed files with 789 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@@ -38,4 +38,7 @@
cmake-build-*/
# Clion
.idea/
.idea/
# Vscode
.vscode/

16
.vscode/ftp-kr.json vendored Normal file
View File

@@ -0,0 +1,16 @@
{
"host": "192.168.11.241",
"username": "cuiyiming",
"password": "070708",
"remotePath": "/home/cuiyiming/tfe3a",
"protocol": "sftp",
"port": 22,
"fileNameEncoding": "utf8",
"autoUpload": true,
"autoDelete": false,
"autoDownload": false,
"ignore": [
".git",
"/.vscode"
]
}

568
.vscode/ftp-kr.sync.cache.json vendored Normal file
View File

@@ -0,0 +1,568 @@
{
"sftp://192.168.11.241:22@cuiyiming": {
"home": {
"cuiyiming": {
"tfe3a": {
".editorconfig": {
"type": "-",
"size": 189,
"lmtime": 1536117600714,
"modified": false
},
".gitattributes": {
"type": "-",
"size": 84,
"lmtime": 1536117600714,
"modified": false
},
".gitignore": {
"type": "-",
"size": 374,
"lmtime": 1536117600714,
"modified": false
},
"CMakeLists.txt": {
"type": "-",
"size": 315,
"lmtime": 1536117600714,
"modified": false
},
"cache": {
"CMakeLists.txt": {
"type": "-",
"size": 0,
"lmtime": 1536117600714,
"modified": false
},
"include": {
"tango_cache_client.h": {
"type": "-",
"size": 1141,
"lmtime": 1536117600715,
"modified": false
}
}
},
"common": {
"CMakeLists.txt": {
"type": "-",
"size": 316,
"lmtime": 1536825136570,
"modified": false
},
"include": {
"tfe_future.h": {
"type": "-",
"size": 1294,
"lmtime": 1536313488202,
"modified": false
},
"tfe_http.h": {
"type": "-",
"size": 10017,
"lmtime": 1536825156626,
"modified": false
},
"tfe_plugin.h": {
"type": "-",
"size": 2045,
"lmtime": 1536825156627,
"modified": false
},
"tfe_proxy.h": {
"type": "-",
"size": 117,
"lmtime": 1536117600715,
"modified": false
},
"tfe_stat.h": {
"type": "-",
"size": 308,
"lmtime": 1536117600716,
"modified": false
},
"tfe_stream.h": {
"type": "-",
"size": 2677,
"lmtime": 1536117600716,
"modified": false
},
"tfe_types.h": {
"type": "-",
"size": 3152,
"lmtime": 1536905455105,
"modified": false
},
"tfe_utils.h": {
"type": "-",
"size": 4218,
"lmtime": 1536927858885,
"modified": false
},
"tfe_rpc.h": {
"type": "-",
"size": 521,
"lmtime": 1536915527236,
"modified": false
}
},
"src": {
"tfe_future.cpp": {
"type": "-",
"size": 6032,
"lmtime": 1536825136572,
"modified": false
},
"tfe_stat.cpp": {
"type": "-",
"size": 123,
"lmtime": 1536117600717,
"modified": false
},
"tfe_utils.cpp": {
"type": "-",
"size": 534,
"lmtime": 1536117600717,
"modified": false
},
"tfe_rpc.cpp": {
"type": "-",
"size": 7725,
"lmtime": 1536915527237,
"modified": false
},
"tfe_http.cpp": {
"type": "-",
"size": 2266,
"lmtime": 1536825156627,
"modified": false
},
"tfe_plugin.cpp": {
"type": "-",
"size": 610,
"lmtime": 1536313603978,
"modified": false
}
},
".CMakeLists.txt.swp": {
"type": "-",
"size": 4096,
"lmtime": 1536313660869,
"modified": false
}
},
"platform": {
"CMakeLists.txt": {
"type": "-",
"size": 2574,
"lmtime": 1536915527238,
"modified": false
},
"include": {
"internal": {
"key_keeper.h": {
"type": "-",
"size": 710,
"lmtime": 1536927858887,
"modified": false
},
"kni_acceptor.h": {
"type": "-",
"size": 207,
"lmtime": 1536117600718,
"modified": false
},
"platform.h": {
"type": "-",
"size": 1908,
"lmtime": 1536313603979,
"modified": false
},
"proxy.h": {
"type": "-",
"size": 1178,
"lmtime": 1536117600718,
"modified": false
},
"ssl_sess_cache.h": {
"type": "-",
"size": 785,
"lmtime": 1536117600719,
"modified": false
},
"ssl_stream.h": {
"type": "-",
"size": 1371,
"lmtime": 1536313603980,
"modified": false
},
"ssl_utils.h": {
"type": "-",
"size": 6476,
"lmtime": 1536927858887,
"modified": false
},
"tcp_stream.h": {
"type": "-",
"size": 518,
"lmtime": 1536117600720,
"modified": false
}
}
},
"src": {
"key_keeper.cpp": {
"type": "-",
"size": 14236,
"lmtime": 1536927858888,
"modified": false
},
"kni_acceptor.cpp": {
"type": "-",
"size": 7906,
"lmtime": 1536117600721,
"modified": false
},
"main.cpp": {
"type": "-",
"size": 324,
"lmtime": 1536117600721,
"modified": false
},
"proxy.cpp": {
"type": "-",
"size": 7956,
"lmtime": 1536313603981,
"modified": false
},
"ssl_sess_cache.cpp": {
"type": "-",
"size": 9206,
"lmtime": 1536313603982,
"modified": false
},
"ssl_stream.cpp": {
"type": "-",
"size": 36309,
"lmtime": 1536927858889,
"modified": false
},
"ssl_utils.cc": {
"type": "-",
"size": 57284,
"lmtime": 1536927858890,
"modified": false
},
"tcp_stream.cpp": {
"type": "-",
"size": 20731,
"lmtime": 1536313603983,
"modified": false
},
".tfe_rpc.cpp.swp": {
"type": "-",
"size": 4096,
"lmtime": 1536290616868,
"modified": false
},
".key_keeper.cpp.swp": {
"type": "-",
"size": 4096,
"lmtime": 1536567592157,
"modified": false
},
"tfe_rpc.cpp": {
"type": "-",
"size": 9080,
"lmtime": 1536825131154,
"modified": false
},
".ssl_utils.cc.swp": {
"type": "-",
"size": 4096,
"lmtime": 1536824844454,
"modified": false
},
".ssl_.swp": {
"type": "-",
"size": 4096,
"lmtime": 1536824458902,
"modified": false
}
},
"test": {
"test_key_keeper.cpp": {
"type": "-",
"size": 1635,
"lmtime": 1536915434431,
"modified": false
},
"test_tfe_rpc.cpp": {
"type": "-",
"size": 6042,
"lmtime": 1536927858892,
"modified": false
},
"test_chello_parse.cpp": {
"type": "-",
"size": 7143,
"lmtime": 1536927858891,
"modified": false
},
".test_chello_parse.cpp.swp": {
"type": "-",
"size": 4096,
"lmtime": 1536928089520,
"modified": false
}
}
},
"plugin": {
"CMakeLists.txt": {
"type": "-",
"size": 81,
"lmtime": 1536117600723,
"modified": false
},
"business": {
"CMakeLists.txt": {
"type": "-",
"size": 64,
"lmtime": 1536927858893,
"modified": false
},
"decrypt-mirroring": {
"CMakeLists.txt": {
"type": "-",
"size": 289,
"lmtime": 1536117600723,
"modified": false
},
"include": {
"external": {
"decrypt_mirror_plugin.h": {
"type": "-",
"size": 626,
"lmtime": 1536117600724,
"modified": false
}
},
"internal": {
"mirror_stream.h": {
"type": "-",
"size": 2067,
"lmtime": 1536117600724,
"modified": false
},
"mirror_stream_inl.h": {
"type": "-",
"size": 2774,
"lmtime": 1536117600724,
"modified": false
},
"sendpkt-inl.h": {
"type": "-",
"size": 4606,
"lmtime": 1536117600724,
"modified": false
}
}
},
"src": {
"decrypt_mirror_plugin.cpp": {
"type": "-",
"size": 1494,
"lmtime": 1536825156629,
"modified": false
},
"mirror_stream.cpp": {
"type": "-",
"size": 24104,
"lmtime": 1536927858894,
"modified": false
},
"sendpkt.cpp": {
"type": "-",
"size": 11157,
"lmtime": 1536117600725,
"modified": false
}
},
"test": {
"test_deliver.c": {
"type": "-",
"size": 2373,
"lmtime": 1536117600725,
"modified": false
},
"test_deliver.h": {
"type": "-",
"size": 1,
"lmtime": 1536117600725,
"modified": false
}
}
},
"pangu-http": {
"CMakeLists.txt": {
"type": "-",
"size": 159,
"lmtime": 1536927858895,
"modified": false
},
"pangu_http.cpp": {
"type": "-",
"size": 25142,
"lmtime": 1536927858897,
"modified": false
},
"pangu_logger.cpp": {
"type": "-",
"size": 4827,
"lmtime": 1536927858898,
"modified": false
},
"pangu_logger.h": {
"type": "-",
"size": 2283,
"lmtime": 1536927858899,
"modified": false
}
}
},
"platform": {
"CMakeLists.txt": {
"type": "-",
"size": 0,
"lmtime": 1536117600725,
"modified": false
}
},
"protocol": {
"CMakeLists.txt": {
"type": "-",
"size": 23,
"lmtime": 1536117600725,
"modified": false
},
"http": {
"CMakeLists.txt": {
"type": "-",
"size": 298,
"lmtime": 1536313603985,
"modified": false
},
"src": {
"http.cpp": {
"type": "-",
"size": 1668,
"lmtime": 1536313512009,
"modified": false
},
"http_entry.cpp": {
"type": "-",
"size": 6874,
"lmtime": 1536825156630,
"modified": false
},
"http_half.cpp": {
"type": "-",
"size": 14144,
"lmtime": 1536825156630,
"modified": false
}
},
"include": {
"internal": {
"http_common.h": {
"type": "-",
"size": 2767,
"lmtime": 1536825156629,
"modified": false
},
"http_half.h": {
"type": "-",
"size": 612,
"lmtime": 1536313603986,
"modified": false
}
}
}
}
}
},
"vendor": {
"CMakeLists.txt": {
"type": "-",
"size": 8808,
"lmtime": 1536927858900,
"modified": false
},
"MESA_prof_load-3b2bfd.tar.gz": {
"type": "-",
"size": 8125,
"lmtime": 1536117600726,
"modified": false
},
"check-0.12.0.tar.gz": {
"type": "-",
"size": 764043,
"lmtime": 1536117600730,
"modified": false
},
"googletest-release-1.8.0.tar.gz": {
"type": "-",
"size": 1281617,
"lmtime": 1536117600736,
"modified": false
},
"http-parser-2.8.1.tar.gz": {
"type": "-",
"size": 50731,
"lmtime": 1536117600737,
"modified": false
},
"libevent-2.1.8-stable.tar.gz": {
"type": "-",
"size": 1026485,
"lmtime": 1536117600739,
"modified": false
},
"nghttp2-1.32.0.tar.gz": {
"type": "-",
"size": 2216104,
"lmtime": 1536117600748,
"modified": false
},
"openssl-1.1.0h.tar.gz": {
"type": "-",
"size": 5422717,
"lmtime": 1536117600768,
"modified": false
},
"cJSON-1.7.7.tar.gz": {
"type": "-",
"size": 345681,
"lmtime": 1536825136581,
"modified": false
},
"librdkafka-0.11.5.tar.gz": {
"type": "-",
"size": 1984510,
"lmtime": 1536927858916,
"modified": false
}
},
"build": {},
".gitlab-ci.yml": {
"type": "-",
"size": 125,
"lmtime": 1536905455105,
"modified": false
}
}
}
}
},
"$version": 1
}

31
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,31 @@
{
"files.associations": {
"iterator": "cpp",
"string": "cpp",
"string_view": "cpp",
"__locale": "cpp",
"ios": "cpp",
"__debug": "cpp",
"exception": "cpp",
"memory": "cpp",
"stdexcept": "cpp",
"typeinfo": "cpp",
"utility": "cpp",
"__bit_reference": "cpp",
"__functional_base": "cpp",
"algorithm": "cpp",
"atomic": "cpp",
"bitset": "cpp",
"chrono": "cpp",
"functional": "cpp",
"limits": "cpp",
"ratio": "cpp",
"system_error": "cpp",
"tuple": "cpp",
"type_traits": "cpp",
"initializer_list": "cpp",
"istream": "cpp",
"locale": "cpp",
"new": "cpp"
}
}

53
common/src/tfe_rpc.cpp
View File

@@ -54,10 +54,12 @@ static void _wrapped_promise_success(struct promise* p, void* result)
{
return;
}
/*
if(ctx->evbase)
{
event_base_loopexit(ctx->evbase, 0);
}
*/
//promise_dettach_ctx(p);
//tfe_rpc_promise_free_ctx(ctx);
promise_success(p, result);
@@ -66,11 +68,13 @@ static void _wrapped_promise_success(struct promise* p, void* result)
static void _wrapped_promise_failed(struct promise * p, enum e_future_error error, const char * what)
{
/*
struct tfe_rpc_ctx* ctx = (struct tfe_rpc_ctx*)promise_get_ctx(p);
if(ctx->evbase)
{
event_base_loopexit(ctx->evbase, 0);
}
*/
promise_failed(p, error, what);
//promise_dettach_ctx(p);
//ctx_destroy_cb(ctx);
@@ -151,6 +155,28 @@ void connection_close_cb(struct evhttp_connection* connection, void* arg)
//printf("call connection_close_cb\n");
}
char* get_request_url(struct evhttp_uri* uri, int url_len)
{
const char* path = evhttp_uri_get_path(uri);
const char* query = evhttp_uri_get_query(uri);
char *request_url = NULL;
request_url = (char*)malloc(url_len);
if(path == NULL || strnlen(path, url_len) == 0)
{
snprintf(request_url, url_len, "/");
}
else
{
snprintf(request_url, url_len, "%s", path);
}
if(query && strnlen(query, url_len))
{
strncat(request_url, "?", url_len);
strncat(request_url, query, url_len);
}
return request_url;
}
//data is for POST. if method is GET, data should be NULL
void tfe_rpc_async_ask(struct future* f, const char* url, enum TFE_RPC_METHOD method, enum TFE_RPC_FLAG flag, const char* data, int data_len, struct event_base * evbase)
{
@@ -163,7 +189,7 @@ void tfe_rpc_async_ask(struct future* f, const char* url, enum TFE_RPC_METHOD me
{
_wrapped_promise_failed(p, FUTURE_ERROR_EXCEPTION, "event base is NULL");
return;
}
}
struct evhttp_uri* uri = evhttp_uri_parse(url);
if(NULL == uri)
{
@@ -181,22 +207,6 @@ void tfe_rpc_async_ask(struct future* f, const char* url, enum TFE_RPC_METHOD me
{
port = 80;
}
const char* path = evhttp_uri_get_path(uri);
const char* query = evhttp_uri_get_query(uri);
char request_url[TFE_STRING_MAX] = "";
if(path == NULL || strnlen(path, TFE_STRING_MAX) == 0)
{
snprintf(request_url, TFE_STRING_MAX, "/");
}
else
{
snprintf(request_url, TFE_STRING_MAX, "%s", path);
}
if(query && strnlen(query, TFE_STRING_MAX))
{
strncat(request_url, "?", TFE_STRING_MAX);
strncat(request_url, query, TFE_STRING_MAX);
}
//printf("url:%s host:%s port:%d path:%s query:%s request_url:%s\n", url, host, port, path, query, request_url);
struct evdns_base* dnsbase = evdns_base_new(evbase, EVDNS_BASE_INITIALIZE_NAMESERVERS);
if (!dnsbase)
@@ -219,6 +229,14 @@ void tfe_rpc_async_ask(struct future* f, const char* url, enum TFE_RPC_METHOD me
}
evhttp_request_set_error_cb(request, request_error_cb);
evhttp_add_header(evhttp_request_get_output_headers(request), "Host", host);
int url_len = strlen(url);
char* request_url = get_request_url(uri, url_len);
//printf("request url is %s\n", request_url);
if(request_url == NULL)
{
_wrapped_promise_failed(p, FUTURE_ERROR_EXCEPTION, "get request url failed");
return;
}
switch(method)
{
case GET:
@@ -232,6 +250,7 @@ void tfe_rpc_async_ask(struct future* f, const char* url, enum TFE_RPC_METHOD me
_wrapped_promise_failed(p, FUTURE_ERROR_EXCEPTION, "method is invalid!");
return;
}
free(request_url);
}
struct tfe_rpc_response_result* tfe_rpc_release(void* result)

3
platform/CMakeLists.txt
View File

@@ -13,6 +13,7 @@ target_link_libraries(tfe pthread dl
MESA_handle_logger
MESA_prof_load
cjson
curl
MESA_htable wiredcfg
MESA_field_stat)
@@ -38,6 +39,7 @@ target_link_libraries(test_key_keeper pthread dl
MESA_handle_logger
MESA_prof_load
cjson
curl
MESA_htable wiredcfg
MESA_field_stat)
@@ -59,6 +61,7 @@ target_link_libraries(test_tfe_rpc pthread dl
MESA_prof_load
MESA_htable wiredcfg
cjson
curl
MESA_field_stat)
install(TARGETS test_tfe_rpc RUNTIME DESTINATION ./)

137
platform/src/key_keeper.cpp
View File

@@ -7,6 +7,8 @@
#include "tfe_rpc.h"
#include <event2/http.h>
#include <cjson/cJSON.h>
#include <curl/curl.h>
#define HTABLE_MAX_KEY_LEN 256
#define KEYRING_EXSITED 0
#define KEYRING_NOT_EXSITED -1
@@ -69,9 +71,6 @@ static struct keyring_private* keyring_new(void)
}
/*
* Passed OpenSSL objects are owned by cert_t; refcount will not be
* incremented, stack will not be duplicated.
*/
static struct keyring* keyring_new3(EVP_PKEY *key, X509 *cert, STACK_OF(X509) *chain)
{
struct keyring_private* kyr=NULL;
@@ -98,6 +97,7 @@ static struct keyring* keyring_new3(EVP_PKEY *key, X509 *cert, STACK_OF(X509) *c
}
return &(kyr->head);
}
*/
// Increment reference count.
static void keyring_ref_inc(struct keyring_private* kyr)
@@ -198,19 +198,60 @@ void key_keeper_free_keyring(struct keyring *kyr)
static X509* transform_cert_to_x509(const char* str)
{
BIO *bio;
X509 *cert;
//printf("cert: %s", str);
BIO *bio = NULL;
X509 *cert = NULL;
bio = BIO_new(BIO_s_mem());
BIO_write(bio, (const void*)str, strnlen(str, TFE_STRING_MAX));
if(bio == NULL)
{
return NULL;
}
int len = BIO_write(bio, (const void*)str, strlen(str));
if (len <= 0 )
{
BIO_free_all(bio);
return NULL;
}
cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
BIO_free_all(bio);
return cert;
}
static char* transform_cert_to_pem(X509* cert)
{
if (NULL == cert)
{
return NULL;
}
BIO* bio = NULL;
bio = BIO_new(BIO_s_mem());
if (NULL == bio)
{
return NULL;
}
if (0 == PEM_write_bio_X509(bio, cert))
{
BIO_free(bio);
return NULL;
}
char *p = NULL;
int len = BIO_get_mem_data(bio, &p);
char *pem = (char*)malloc(len + 1);
memset(pem, 0, len + 1);
BIO_read(bio, pem, len);
BIO_free(bio);
return pem;
}
static EVP_PKEY* transform_key_to_EVP(const char* str)
{
//printf("private key: %s", str);
BIO *mem;
mem = BIO_new_mem_buf(str, -1);
if(mem == NULL)
{
return NULL;
}
EVP_PKEY* key = PEM_read_bio_PrivateKey(mem, NULL, NULL, 0);
BIO_free(mem);
return key;
@@ -345,9 +386,10 @@ static struct keyring_private* generate_x509_keyring(X509* origin_cert, int keyr
static void certstore_rpc_on_succ(void* result, void* user)
{
//printf("call certstore_rpc_on_succ\n");
struct promise * p = (struct promise *) user;
struct key_keeper_promise_ctx* ctx = (struct key_keeper_promise_ctx*)promise_get_ctx(p);
TFE_LOG_INFO(ctx->logger, "certstore rpc success");
future_destroy(ctx->f_certstore_rpc);
MESA_htable_handle htable= ctx->htable;
const uchar* key = ctx->key;
unsigned int key_len = ctx->key_len;
@@ -360,6 +402,11 @@ static void certstore_rpc_on_succ(void* result, void* user)
{
*(data+len) = '\0';
struct keyring_private* kyr= get_keyring_from_response(data);
if(kyr == NULL)
{
promise_failed(p, FUTURE_ERROR_EXCEPTION, "get_keyring_from_response failed");
return;
}
keyring_ref_inc(kyr);
int ret = MESA_htable_add(htable, key, key_len, (void*)kyr);
if(ret<0)
@@ -373,7 +420,6 @@ static void certstore_rpc_on_succ(void* result, void* user)
{
promise_failed(p, FUTURE_ERROR_EXCEPTION, status_msg);
}
future_destroy(ctx->f_certstore_rpc);
//promise_dettach_ctx(p);
//ctx_destroy_cb((void*)ctx);
}
@@ -381,9 +427,10 @@ static void certstore_rpc_on_succ(void* result, void* user)
static void certstore_rpc_on_fail(enum e_future_error err, const char * what, void * user)
{
struct promise * p = (struct promise *) user;
promise_failed(p, err, what);
struct key_keeper_promise_ctx* ctx= (struct key_keeper_promise_ctx*)promise_get_ctx(p);
TFE_LOG_ERROR(ctx->logger, "certstore rpc failed, what is %s", what);
future_destroy(ctx->f_certstore_rpc);
promise_failed(p, err, what);
//promise_dettach_ctx(p);
//ctx_destroy_cb((void*)ctx);
}
@@ -433,6 +480,8 @@ struct key_keeper* key_keeper_init(const char * profile, const char* section, vo
MESA_load_profile_uint_def(profile, section, "hash_slot_size", &(keeper->hash_slot_size), 16);
MESA_load_profile_uint_def(profile, section, "hash_expire_seconds", &(keeper->hash_expire_seconds), 16);
keeper->htable = create_hash_table(keeper->hash_slot_size, keeper->hash_expire_seconds);
TFE_LOG_INFO(logger, "MESA_load_profile, [%s]: mode:%s, ca_path:%s, untrusted_ca_path:%s, cert_store_host:%s, cert_store_port:%d, hash_slot_size:%d, hash_expire_seconds:%d",
section, keeper->mode, keeper->ca_path, keeper->untrusted_ca_path, keeper->cert_store_host, keeper->cert_store_port, keeper->hash_slot_size, keeper->hash_expire_seconds);
return keeper;
}
@@ -451,17 +500,20 @@ struct keyring* key_keeper_release_keyring(future_result_t* result)
return &(kyr->head);
}
static uchar* get_key_by_cert(X509* cert, int keyring_id, unsigned int* len)
{
char* cert_fgr = NULL;
cert_fgr = ssl_x509_fingerprint(cert, 0);
char* key = (char*)malloc(HTABLE_MAX_KEY_LEN);
*key = '\0';
if(cert == NULL)
{
return NULL;
}
char* cert_fgr = NULL;
cert_fgr = ssl_x509_fingerprint(cert, 0);
if(cert_fgr == NULL)
{
return NULL;
}
char* key = (char*)malloc(HTABLE_MAX_KEY_LEN);
memset(key, 0, HTABLE_MAX_KEY_LEN);
snprintf(key, HTABLE_MAX_KEY_LEN, "%d:", keyring_id);
strncat(key, cert_fgr, HTABLE_MAX_KEY_LEN);
*len = strnlen(key, HTABLE_MAX_KEY_LEN);
@@ -470,12 +522,32 @@ static uchar* get_key_by_cert(X509* cert, int keyring_id, unsigned int* len)
}
char* url_escape(char* url)
{
if(url == NULL)
{
return NULL;
}
CURL *curl = curl_easy_init();
char* _url = NULL;
if(curl)
{
_url = curl_easy_escape(curl, url, strlen(url));
}
return _url;
}
void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const char* sni, int keyring_id, X509 * origin_cert, int is_cert_valid, struct event_base * evbase)
{
struct promise* p = future_to_promise(f);
struct key_keeper_promise_ctx* ctx = ALLOC(struct key_keeper_promise_ctx, 1);
unsigned int len = 0;
uchar* key = get_key_by_cert(origin_cert, keyring_id, &len);
if(key == NULL)
{
promise_failed(p, FUTURE_ERROR_EXCEPTION, "get hash key by_cert failed");
return;
}
struct key_keeper_promise_ctx* ctx = ALLOC(struct key_keeper_promise_ctx, 1);
ctx->logger = keeper->logger;
ctx->htable = keeper->htable;
ctx->key = key;
@@ -485,7 +557,7 @@ void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const c
MESA_htable_search_cb(ctx->htable, (const unsigned char*)(ctx->key), ctx->key_len, keyring_local_cache_query_cb, p, &cb_rtn);
if(cb_rtn == KEYRING_EXSITED)
{
printf("KEYRING_EXSITED\n");
//printf("KEYRING_EXSITED\n");
return;
}
int mode = 0;
@@ -496,22 +568,41 @@ void key_keeper_async_ask(struct future * f, struct key_keeper * keeper, const c
switch(mode){
case NORMAL:
{
char* origin_cert_pem = transform_cert_to_pem(origin_cert);
if(origin_cert_pem == NULL)
{
promise_failed(p, FUTURE_ERROR_EXCEPTION, "transform origin_cert to pem failed");
return;
}
char* escaped_origin_cert_pem = url_escape(origin_cert_pem);
free(origin_cert_pem);
if(escaped_origin_cert_pem == NULL)
{
promise_failed(p, FUTURE_ERROR_EXCEPTION, "url escape failed");
break;
}
struct future* f_certstore_rpc = future_create("tfe_rpc", certstore_rpc_on_succ, certstore_rpc_on_fail, p);
ctx->f_certstore_rpc = f_certstore_rpc;
char url[TFE_STRING_MAX];
char _sni[TFE_STRING_MAX] = "www.baidu.com";
if(sni)
char *url = NULL;
url = (char*)malloc(strlen(escaped_origin_cert_pem) + TFE_STRING_MAX);
//keyring_id = 1;
if(sni == NULL || sni[0] == '\0')
{
strncpy(_sni, sni, TFE_STRING_MAX);
sprintf(url, "http://%s:%d/ca?keyring_id=%d&is_valid=%d&origin_cert=%s",
keeper->cert_store_host, keeper->cert_store_port, keyring_id, is_cert_valid, escaped_origin_cert_pem);
}
snprintf(url, TFE_STRING_MAX, "http://%s:%d/ca?host=%s&flag=1&valid=1&keyring_id=%d", keeper->cert_store_host, keeper->cert_store_port, _sni, keyring_id);
printf("url is %s\n", url);
else
{
sprintf(url, "http://%s:%d/ca?keyring_id=%d&sni=%s&is_valid=%d&origin_cert=%s",
keeper->cert_store_host, keeper->cert_store_port, keyring_id, sni, is_cert_valid, escaped_origin_cert_pem);
}
curl_free(escaped_origin_cert_pem);
tfe_rpc_async_ask(f_certstore_rpc, url, GET, DONE_CB, NULL, 0, evbase);
free(url);
break;
}
case DEBUG:
{
//TOOD: generate X509 cert
char* filename = NULL;
if(is_cert_valid == 1)
{

12
platform/src/ssl_utils.cc
View File

@@ -1895,6 +1895,7 @@ static char* parse_cipher_suites(struct cipher_suite* _cipher_suite_list, int n,
char* cipher_suites_str = (char* )malloc(TFE_STRING_MAX);
cipher_suites_str[0] = '\0';
size_t pos = 0;
int flag = 0;
while(pos < buff_len)
{
int i = 0;
@@ -1903,18 +1904,27 @@ static char* parse_cipher_suites(struct cipher_suite* _cipher_suite_list, int n,
int val = (buff[pos] << 8) + buff[pos + 1];
if(_cipher_suite_list[i].value == val)
{
if(strnlen(_cipher_suite_list[i].name, TFE_STRING_MAX) + strnlen(cipher_suites_str, TFE_STRING_MAX) + 1 > TFE_STRING_MAX)
{
flag = 1;
break;
}
strncat(cipher_suites_str, _cipher_suite_list[i].name, TFE_STRING_MAX);
strncat(cipher_suites_str, ":", TFE_STRING_MAX);
}
}
pos += 2;
if(flag == 1)
{
break;
}
}
int len = strnlen(cipher_suites_str, TFE_STRING_MAX);
if(len > 0)
{
cipher_suites_str[len-1] = '\0';
}
if(pos != buff_len)
if(pos != buff_len && flag == 0)
{
*result = CHELLO_PARSE_INVALID_FORMAT;
return NULL;

10
platform/test/test_key_keeper.cpp
View File

@@ -20,19 +20,20 @@ int main()
printf("-------------------------------\n");
int i = 0;
printf("call key_keeper_async_ask, i = %d\n", i);
key_keeper_async_ask(f, keeper, NULL, 0, origin_cert, 0, evbase);
key_keeper_async_ask(f, keeper, "www.baidu.com", 1, origin_cert, 1, evbase);
event_base_dispatch(evbase);
/*
struct event_base* evbase1 = event_base_new();
struct future* f1 = future_create("key_keeper", ask_key_keeper_on_succ, ask_key_keeper_on_fail, user);
key_keeper_async_ask(f1, keeper, NULL, 0, origin_cert, 0, evbase1);
key_keeper_async_ask(f1, keeper, "www.baidu.com", 0, origin_cert, 0, evbase1);
event_base_dispatch(evbase1);
*/
}
void ask_key_keeper_on_succ(void* result, void* user)
{
printf("call ask_key_keeper_on_succ\n");
//printf("call ask_key_keeper_on_succ\n");
struct keyring* kyr = key_keeper_release_keyring(result);
X509* cert = kyr->cert;
EVP_PKEY* key = kyr->key;
@@ -55,4 +56,5 @@ void ask_key_keeper_on_succ(void* result, void* user)
void ask_key_keeper_on_fail(enum e_future_error error, const char * what, void * user)
{
printf("call ask_key_keeper_on_fail\n");
printf("what is %s\n", what);
}