gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-17862 Proxy支持Internal IP address和Exteral IP Address的扫描, 支持以Topic方式上传HTTP请求体/应答体

Browse Source
This commit is contained in:
fengweihao
2023-12-14 15:08:19 +08:00
parent b801ca9d3b
commit b3700966fd
15 changed files with 577 additions and 278 deletions
Download Patch File Download Diff File Expand all files Collapse all files

158
plugin/business/tsg-http/src/tsg_http.cpp
View File

@@ -75,6 +75,8 @@ enum scan_table
PXY_CTRL_HTTP_RES_HDR,
PXY_CTRL_HTTP_RES_BODY,
PXY_CTRL_APP_ID,
PXY_CTRL_INTERNAL_ADDR,
PXY_CTRL_EXTERNAL_ADDR,
__SCAN_TABLE_MAX
};
@@ -103,19 +105,9 @@ enum manipulate_profile_table
POLICY_PROFILE_TABLE_INSERT,
POLICY_PROFILE_TABLE_HIJACK,
POLICY_PROFILE_TABLE_LUA,
POLICY_PROFILE_TABLE_APP_ID,
POLICY_PROFILE_TABLE_MAX
};
struct app_id_dict
{
int ref_cnt;
int app_id;
long long int group_id;
pthread_mutex_t lock;
};
struct manipulate_profile
{
int profile_id;
@@ -968,76 +960,6 @@ void ma_profile_table_dup_cb(int table_id, void **to, void **from, long argl, vo
*to=ply_obj;
}
void app_dict_table_new_cb(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
{
int ret=0;
size_t offset=0, len=0;
char *app_id_str=NULL, *group_id_str=NULL;
struct app_id_dict *app_dict=ALLOC(struct app_id_dict, 1);
ret = maat_helper_read_column(table_line, 1, &offset, &len);
if(ret >= 0)
{
app_id_str=ALLOC(char, len+1);
memcpy(app_id_str, table_line+offset, len);
app_dict->app_id=atoi(app_id_str);
FREE(&app_id_str);
}
ret = maat_helper_read_column(table_line, 18, &offset, &len);
if(ret >= 0)
{
group_id_str=ALLOC(char, len+1);
memcpy(group_id_str, table_line+offset, len);
app_dict->group_id=atoll(group_id_str);
FREE(&group_id_str);
}
app_dict->ref_cnt=1;
pthread_mutex_init(&(app_dict->lock), NULL);
*ad=app_dict;
return;
}
void app_dict_table_free_cb(int table_id, void **ad, long argl, void* argp)
{
if(*ad==NULL)
{
return;
}
struct app_id_dict *app_dict=(struct app_id_dict *)(*ad);
pthread_mutex_lock(&(app_dict->lock));
app_dict->ref_cnt--;
if(app_dict->ref_cnt>0)
{
pthread_mutex_unlock(&(app_dict->lock));
return;
}
pthread_mutex_unlock(&(app_dict->lock));
pthread_mutex_destroy(&(app_dict->lock));
FREE(&app_dict);
*ad=NULL;
return;
}
void app_id_dict_free(struct app_id_dict *app_dict)
{
app_dict_table_free_cb(0, (void **)&app_dict, 0, NULL);
}
void app_dict_table_dup_cb(int table_id, void **to, void **from, long argl, void* argp)
{
struct app_id_dict *app_dict=(struct app_id_dict *)(*from);
pthread_mutex_lock(&(app_dict->lock));
app_dict->ref_cnt++;
pthread_mutex_unlock(&(app_dict->lock));
*to=app_dict;
return;
}
int maat_table_init(const char* table_name,
maat_start_callback_t *start, maat_update_callback_t *update, maat_finish_callback_t *finish,
void *u_para)
@@ -1107,6 +1029,9 @@ int proxy_policy_init(const char* profile_path, const char* static_section, cons
table_name[PXY_CTRL_HTTP_RES_HDR] = "ATTR_HTTP_RES_HDR";
table_name[PXY_CTRL_HTTP_RES_BODY] = "ATTR_HTTP_RES_BODY";
table_name[PXY_CTRL_APP_ID] = "ATTR_APP_ID";
table_name[PXY_CTRL_INTERNAL_ADDR] = "ATTR_INTERNAL_ADDR";
table_name[PXY_CTRL_EXTERNAL_ADDR] = "ATTR_EXTERNAL_ADDR";
for (int i = 0; i < __SCAN_TABLE_MAX; i++)
{
g_proxy_rt->scan_table_id[i] = maat_get_table_id(g_proxy_rt->feather, table_name[i]);
@@ -1124,13 +1049,6 @@ int proxy_policy_init(const char* profile_path, const char* static_section, cons
policy_action_param_dup,
0, NULL);
g_proxy_rt->plolicy_table_id[POLICY_PROFILE_TABLE_APP_ID]=maat_get_table_id(g_proxy_rt->feather, "APP_ID_DICT");
maat_plugin_table_ex_schema_register(g_proxy_rt->feather, "APP_ID_DICT",
app_dict_table_new_cb,
app_dict_table_free_cb,
app_dict_table_dup_cb,
0, NULL);
ret = maat_table_init("PXY_PROFILE_TRUSTED_CA_CERT",
trusted_CA_update_start_cb,
trusted_CA_update_cert_cb,
@@ -2783,6 +2701,12 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
{
hit_cnt += n_hit_result;
}
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_FQDN],
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
scan_ret = tfe_scan_fqdn_cat(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_FQDN_CAT]);
if (scan_ret > 0)
{
@@ -2792,7 +2716,6 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
const char * str_url = session->req->req_spec.url;
int str_url_length = (int) (strlen(session->req->req_spec.url));
scan_ret = maat_scan_string(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_URL],
str_url, str_url_length, result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
@@ -2800,6 +2723,12 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
{
hit_cnt += n_hit_result;
}
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_URL],
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
}
if ((events & EV_HTTP_REQ_HDR) || (events & EV_HTTP_RESP_HDR))
@@ -2817,7 +2746,6 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
const char * str_field_name = http_field_name_to_string(&field_name);
scan_ret = maat_state_set_scan_district(ctx->scan_mid, table_id, str_field_name, strlen(str_field_name));
assert(scan_ret == 0);
scan_ret = maat_scan_string(g_proxy_rt->feather, table_id, field_val, strlen(field_val),
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
@@ -3190,8 +3118,7 @@ void cache_write(const struct tfe_http_session * session, enum tfe_http_event ev
}
}
void proxy_on_http_begin(const struct tfe_stream * stream,
const struct tfe_http_session * session, unsigned int thread_id, void ** pme)
void proxy_on_http_begin(const struct tfe_stream *stream, const struct tfe_http_session *session, unsigned int thread_id, void **pme)
{
if (!g_proxy_rt->enable_plugin)
{
@@ -3205,73 +3132,58 @@ void proxy_on_http_begin(const struct tfe_stream * stream,
ATOMIC_INC(&(g_proxy_rt->stat_val[STAT_SESSION]));
ctx = proxy_http_ctx_new(thread_id);
long long *result = ctx->result;
size_t n_hit_result=0;
scan_ret = tfe_scan_subscribe_id(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger);
if(scan_ret>0)
{
hit_cnt+=scan_ret;
}
scan_ret = tfe_scan_ip_location(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger, &(ctx->ip_ctx.location_server), &(ctx->ip_ctx.location_client));
if(scan_ret>0)
{
hit_cnt+=scan_ret;
}
scan_ret = tfe_scan_ip_asn(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger, &(ctx->ip_ctx.asn_server), &(ctx->ip_ctx.asn_client));
if(scan_ret>0)
{
hit_cnt+=scan_ret;
}
long long app_id=67;
struct app_id_dict *app_dict = (struct app_id_dict*)maat_plugin_table_get_ex_data(g_proxy_rt->feather, g_proxy_rt->plolicy_table_id[POLICY_PROFILE_TABLE_APP_ID], (const char *)&app_id, sizeof(long long));
if(app_dict!=NULL)
scan_ret = tfe_scan_app_id(result, ctx->scan_mid, hit_cnt, app_id, g_proxy_rt->scan_table_id[PXY_CTRL_APP_ID]);
if(scan_ret > 0)
{
scan_ret = maat_scan_group(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_APP_ID], &app_dict->group_id, 1, result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &n_hit_result, ctx->scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt+=n_hit_result;
}
app_id_dict_free(app_dict);
hit_cnt += scan_ret;
}
addr_tfe2sapp(stream->addr, &sapp_addr);
if (sapp_addr.addrtype == ADDR_TYPE_IPV4)
{
scan_ret = maat_scan_ipv4(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_SOURCE_ADDR],
sapp_addr.v4->saddr, sapp_addr.v4->source, 6, result+hit_cnt, MAX_SCAN_RESULT-hit_cnt,
&n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
scan_ret = tfe_scan_ipv4_addr(result, ctx->scan_mid, hit_cnt, sapp_addr);
if (scan_ret > 0)
{
hit_cnt += n_hit_result;
hit_cnt += scan_ret;
}
scan_ret = maat_scan_ipv4(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_DESTINATION_ADDR],
sapp_addr.v4->daddr, sapp_addr.v4->dest, 6, result+hit_cnt, MAX_SCAN_RESULT-hit_cnt,
&n_hit_result, ctx->scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
scan_ret = tfe_scan_ipv4_internal_addr(stream, result, ctx->scan_mid, hit_cnt, sapp_addr);
if (scan_ret > 0)
{
hit_cnt += n_hit_result;
hit_cnt += scan_ret;
}
}
if (sapp_addr.addrtype == ADDR_TYPE_IPV6)
{
scan_ret = maat_scan_ipv6(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_SOURCE_ADDR],
sapp_addr.v6->saddr, sapp_addr.v6->source, 6, result+hit_cnt, MAX_SCAN_RESULT-hit_cnt,
&n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
scan_ret = tfe_scan_ipv6_addr(result, ctx->scan_mid, hit_cnt, sapp_addr);
if (scan_ret > 0)
{
hit_cnt += n_hit_result;
hit_cnt += scan_ret;
}
scan_ret = maat_scan_ipv6(g_proxy_rt->feather, g_proxy_rt->scan_table_id[PXY_CTRL_DESTINATION_ADDR],
sapp_addr.v6->daddr, sapp_addr.v6->dest, 6, result+hit_cnt, MAX_SCAN_RESULT-hit_cnt,
&n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
scan_ret = tfe_scan_ipv6_internal_addr(stream, result, ctx->scan_mid, hit_cnt, sapp_addr);
if (scan_ret > 0)
{
hit_cnt += n_hit_result;
hit_cnt += scan_ret;
}
}
if(hit_cnt > 0)
{
ctx->hit_cnt = hit_cnt;