增加HTTP重定向业务发送应答体的功能支持,调通发送403, 404等告警页面的功能。
This commit is contained in:
Lu Qiuwen
@@ -14,7 +14,6 @@
|
|||||||
#include <event2/buffer.h>
|
#include <event2/buffer.h>
|
||||||
|
|
||||||
#include <ctemplate/template.h>
|
#include <ctemplate/template.h>
|
||||||
|
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
@@ -25,6 +24,7 @@
|
|||||||
#define MAX_SCAN_RESULT 16
|
#define MAX_SCAN_RESULT 16
|
||||||
#define MAX_EDIT_ZONE_NUM 64
|
#define MAX_EDIT_ZONE_NUM 64
|
||||||
#define MAX_EDIT_MATCHES 16
|
#define MAX_EDIT_MATCHES 16
|
||||||
|
|
||||||
enum pangu_action//Bigger action number is prior.
|
enum pangu_action//Bigger action number is prior.
|
||||||
{
|
{
|
||||||
PG_ACTION_NONE = 0x00,
|
PG_ACTION_NONE = 0x00,
|
||||||
@@ -38,6 +38,7 @@ enum pangu_action//Bigger action number is prior.
|
|||||||
PG_ACTION_LOOP = 0x60, /* N/A */
|
PG_ACTION_LOOP = 0x60, /* N/A */
|
||||||
PG_ACTION_WHITELIST = 0x80
|
PG_ACTION_WHITELIST = 0x80
|
||||||
};
|
};
|
||||||
|
|
||||||
enum scan_table
|
enum scan_table
|
||||||
{
|
{
|
||||||
PXY_CTRL_IP,
|
PXY_CTRL_IP,
|
||||||
@@ -48,6 +49,7 @@ enum scan_table
|
|||||||
PXY_CTRL_HTTP_RES_BODY,
|
PXY_CTRL_HTTP_RES_BODY,
|
||||||
__SCAN_TABLE_MAX
|
__SCAN_TABLE_MAX
|
||||||
};
|
};
|
||||||
|
|
||||||
struct pangu_rt
|
struct pangu_rt
|
||||||
{
|
{
|
||||||
Maat_feather_t maat;
|
Maat_feather_t maat;
|
||||||
@@ -61,6 +63,7 @@ struct pangu_rt
|
|||||||
int page_size;
|
int page_size;
|
||||||
};
|
};
|
||||||
struct pangu_rt * g_pangu_rt;
|
struct pangu_rt * g_pangu_rt;
|
||||||
|
|
||||||
#define MAAT_INPUT_JSON 0
|
#define MAAT_INPUT_JSON 0
|
||||||
#define MAAT_INPUT_REDIS 1
|
#define MAAT_INPUT_REDIS 1
|
||||||
#define MAAT_INPUT_FILE 2
|
#define MAAT_INPUT_FILE 2
|
||||||
@@ -115,6 +118,7 @@ static Maat_feather_t create_maat_feather(const char * profile, const char * sec
|
|||||||
goto error_out;
|
goto error_out;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (maat_stat_on)
|
if (maat_stat_on)
|
||||||
{
|
{
|
||||||
Maat_set_feather_opt(target, MAAT_OPT_STAT_FILE_PATH, maat_stat_file, strlen(maat_stat_file) + 1);
|
Maat_set_feather_opt(target, MAAT_OPT_STAT_FILE_PATH, maat_stat_file, strlen(maat_stat_file) + 1);
|
||||||
@@ -126,19 +130,21 @@ static Maat_feather_t create_maat_feather(const char * profile, const char * sec
|
|||||||
}
|
}
|
||||||
|
|
||||||
Maat_set_feather_opt(target, MAAT_OPT_EFFECT_INVERVAL_MS, &effect_interval, sizeof(effect_interval));
|
Maat_set_feather_opt(target, MAAT_OPT_EFFECT_INVERVAL_MS, &effect_interval, sizeof(effect_interval));
|
||||||
|
|
||||||
Maat_set_feather_opt(target, MAAT_OPT_SCAN_DETAIL, &scan_detail, sizeof(scan_detail));
|
Maat_set_feather_opt(target, MAAT_OPT_SCAN_DETAIL, &scan_detail, sizeof(scan_detail));
|
||||||
|
|
||||||
ret = Maat_initiate_feather(target);
|
ret = Maat_initiate_feather(target);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
{
|
{
|
||||||
TFE_LOG_ERROR(logger, "%s MAAT init failed.", __FUNCTION__);
|
TFE_LOG_ERROR(logger, "%s MAAT init failed.", __FUNCTION__);
|
||||||
goto error_out;
|
goto error_out;
|
||||||
}
|
}
|
||||||
|
|
||||||
return target;
|
return target;
|
||||||
error_out:
|
error_out:
|
||||||
Maat_burn_feather(target);
|
Maat_burn_feather(target);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
int pangu_http_init(struct tfe_proxy * proxy)
|
int pangu_http_init(struct tfe_proxy * proxy)
|
||||||
{
|
{
|
||||||
const char * profile = "./pangu_conf/pangu_pxy.conf";
|
const char * profile = "./pangu_conf/pangu_pxy.conf";
|
||||||
@@ -356,13 +362,13 @@ static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules
|
|||||||
return prior_action;
|
return prior_action;
|
||||||
}
|
}
|
||||||
//https://github.com/AndiDittrich/HttpErrorPages
|
//https://github.com/AndiDittrich/HttpErrorPages
|
||||||
static void html_generate(int cfg_id, int status_code,
|
static void html_generate(int cfg_id, int status_code, char ** page_buff, size_t * page_size)
|
||||||
char ** page_buff, size_t * page_size)
|
|
||||||
{
|
{
|
||||||
ctemplate::TemplateDictionary dict("pg_page_dict");
|
ctemplate::TemplateDictionary dict("pg_page_dict");
|
||||||
dict.SetIntValue("cfg_id", cfg_id);
|
dict.SetIntValue("cfg_id", cfg_id);
|
||||||
std::string output;
|
std::string output;
|
||||||
ctemplate::Template * tpl = NULL;
|
ctemplate::Template * tpl = NULL;
|
||||||
|
|
||||||
switch (status_code)
|
switch (status_code)
|
||||||
{
|
{
|
||||||
case 403: tpl = g_pangu_rt->tpl_403;
|
case 403: tpl = g_pangu_rt->tpl_403;
|
||||||
@@ -373,12 +379,14 @@ static void html_generate(int cfg_id, int status_code,
|
|||||||
break;
|
break;
|
||||||
default: return;
|
default: return;
|
||||||
}
|
}
|
||||||
|
|
||||||
tpl->Expand(&output, &dict);
|
tpl->Expand(&output, &dict);
|
||||||
//todo: do I need to delete dict?
|
//todo: do I need to delete dict?
|
||||||
*page_size = output.length();
|
*page_size = output.length();
|
||||||
*page_buff = ALLOC(char, *page_size);
|
*page_buff = ALLOC(char, *page_size);
|
||||||
memcpy(*page_buff, output.c_str(), *page_size);
|
memcpy(*page_buff, output.c_str(), *page_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void html_free(char ** page_buff)
|
static void html_free(char ** page_buff)
|
||||||
{
|
{
|
||||||
FREE(page_buff);
|
FREE(page_buff);
|
||||||
@@ -734,11 +742,11 @@ void http_replace(const struct tfe_stream * stream, const struct tfe_http_sessio
|
|||||||
static void http_reject(const struct tfe_http_session * session, enum tfe_http_event events,
|
static void http_reject(const struct tfe_http_session * session, enum tfe_http_event events,
|
||||||
struct pangu_http_ctx * ctx)
|
struct pangu_http_ctx * ctx)
|
||||||
{
|
{
|
||||||
|
|
||||||
int resp_code = 0, ret = 0;
|
int resp_code = 0, ret = 0;
|
||||||
struct tfe_http_half * response = NULL;
|
struct tfe_http_half * response = NULL;
|
||||||
char * page_buff = NULL;
|
char * page_buff = NULL;
|
||||||
size_t page_size = 0;
|
size_t page_size = 0;
|
||||||
|
|
||||||
char cont_len_str[TFE_STRING_MAX];
|
char cont_len_str[TFE_STRING_MAX];
|
||||||
struct tfe_http_session * to_write_sess = NULL;
|
struct tfe_http_session * to_write_sess = NULL;
|
||||||
|
|
||||||
@@ -746,9 +754,9 @@ static void http_reject(const struct tfe_http_session * session, enum tfe_http_e
|
|||||||
if (ret != 1)
|
if (ret != 1)
|
||||||
{
|
{
|
||||||
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid reject rule %d paramter %s",
|
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid reject rule %d paramter %s",
|
||||||
ctx->enforce_rules[0].config_id, ctx->enforce_para);
|
ctx->enforce_rules[0].config_id, ctx->enforce_para); goto error_out;
|
||||||
goto error_out;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
to_write_sess = tfe_http_session_allow_write(session);
|
to_write_sess = tfe_http_session_allow_write(session);
|
||||||
response = tfe_http_session_response_create(to_write_sess, resp_code);
|
response = tfe_http_session_response_create(to_write_sess, resp_code);
|
||||||
|
|
||||||
@@ -756,13 +764,15 @@ static void http_reject(const struct tfe_http_session * session, enum tfe_http_e
|
|||||||
_wrap_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8");
|
_wrap_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8");
|
||||||
snprintf(cont_len_str, sizeof(cont_len_str), "%lu", page_size);
|
snprintf(cont_len_str, sizeof(cont_len_str), "%lu", page_size);
|
||||||
_wrap_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str);
|
_wrap_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str);
|
||||||
|
|
||||||
tfe_http_half_append_body(response, page_buff, page_size, 0);
|
tfe_http_half_append_body(response, page_buff, page_size, 0);
|
||||||
tfe_http_session_response_set(to_write_sess, response);
|
tfe_http_session_response_set(to_write_sess, response);
|
||||||
response = NULL;
|
tfe_http_session_detach(session);
|
||||||
|
|
||||||
error_out:
|
error_out:
|
||||||
html_free(&page_buff);
|
html_free(&page_buff);
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void http_redirect(const struct tfe_http_session * session, enum tfe_http_event events,
|
static void http_redirect(const struct tfe_http_session * session, enum tfe_http_event events,
|
||||||
struct pangu_http_ctx * ctx)
|
struct pangu_http_ctx * ctx)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -422,7 +422,9 @@ const char * hf_ops_field_iterate(const struct tfe_http_half * half, void ** ite
|
|||||||
|
|
||||||
int hf_ops_append_body(struct tfe_http_half * half, char * buff, size_t size, int flag)
|
int hf_ops_append_body(struct tfe_http_half * half, char * buff, size_t size, int flag)
|
||||||
{
|
{
|
||||||
return 0;
|
struct http_half_private * hf_private = to_hf_private(half);
|
||||||
|
if (hf_private->evbuf_body == NULL) { hf_private->evbuf_body = evbuffer_new(); }
|
||||||
|
return evbuffer_add(hf_private->evbuf_body, buff, size);
|
||||||
}
|
}
|
||||||
|
|
||||||
void hf_private_destory(struct http_half_private * hf_private)
|
void hf_private_destory(struct http_half_private * hf_private)
|
||||||
@@ -651,6 +653,13 @@ void hf_private_construct(struct http_half_private * hf_private)
|
|||||||
|
|
||||||
/* delimitor between header and body */
|
/* delimitor between header and body */
|
||||||
evbuffer_add_printf(hf_private->evbuf_raw, "\r\n");
|
evbuffer_add_printf(hf_private->evbuf_raw, "\r\n");
|
||||||
|
/* add body */
|
||||||
|
if (hf_private->evbuf_body)
|
||||||
|
{
|
||||||
|
evbuffer_add_buffer(hf_private->evbuf_raw, hf_private->evbuf_body);
|
||||||
|
}
|
||||||
|
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
struct http_session_private * hs_private_create(struct http_connection_private * hc_private,
|
struct http_session_private * hs_private_create(struct http_connection_private * hc_private,
|
||||||
|
|||||||
Reference in New Issue
Block a user