TSG-10278 Proxy Policy的Deny动作支持设置携带策略、用户信息

plugin/business/pangu-http/src/pangu_http.cpp

@@ -1564,53 +1564,6 @@ void http_replace(const struct tfe_stream * stream, const struct tfe_http_sessio
 	}
 }
 
-static UNUSED void http_reject(const struct tfe_http_session * session, enum tfe_http_event events,
-	struct pangu_http_ctx * ctx)
-{
-	int resp_code = 0;
-	struct tfe_http_half * response = NULL;
-	char * page_buff = NULL;
-	size_t page_size = 0;
-
-	char cont_len_str[16];
-
-	char *msg = NULL;
-	struct tfe_http_session * to_write_sess = NULL;
-
-	struct policy_action_param *param = ctx->param;
-
-	resp_code = param->status_code;
-	msg = param->message;
-	if (resp_code <= 0){
-		TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid block rule %d", ctx->enforce_rules[0].config_id);
-		ctx->action = PG_ACTION_NONE;
-		return;
-	}
-
-	if(events & EV_HTTP_RESP_HDR || tfe_http_in_request(events))
-	{
-		to_write_sess = tfe_http_session_allow_write(session);
-		response = tfe_http_session_response_create(to_write_sess, resp_code);
-
-		template_generate(resp_code, ctx->enforce_rules[0].config_id, msg, &page_buff, &page_size);
-		tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8");
-		snprintf(cont_len_str, sizeof(cont_len_str), "%lu", page_size);
-		tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str);
-
-		tfe_http_half_append_body(response, page_buff, page_size, 0);
-		tfe_http_half_append_body(response, NULL, 0, 0);
-		tfe_http_session_response_set(to_write_sess, response);
-		tfe_http_session_detach(session);
-		html_free(&page_buff);
-	}
-	else
-	{
-		to_write_sess = tfe_http_session_allow_write(session);
-		tfe_http_session_kill(to_write_sess);
-	}
-	return;
-}
-
 static void http_get_client_id(const struct tfe_stream * stream, char *replace_regex)
 {
 	const char *sip,*dip,*sport,*dport;
@@ -1745,13 +1698,13 @@ error_out:
 	return;
 }
 
-static void http_block(const struct tfe_http_session * session, enum tfe_http_event events,
+static void http_block(const struct tfe_stream * stream, const struct tfe_http_session * session, enum tfe_http_event events,
 	struct pangu_http_ctx * ctx)
 {
 	int ret = -1;
 	struct tfe_http_half * response = NULL;
-	char * page_buff = NULL;
+	char * page_buff = NULL; size_t page_size = 0;
-	size_t page_size = 0;
+	size_t rewrite_message_sz=0; char *rewrite_message=NULL;
 
 	char cont_len_str[16];
 
@@ -1776,8 +1729,18 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev
 		ret = html_generate(profile_id, message, &page_buff, &page_size);
 		if (ret != 0)
 		{
-			/*read local configuration**/
+			rewrite_message_sz = http_decoder_url(stream, message, ctx->enforce_rules[0].config_id, &rewrite_message);
-			template_generate(resp_code, ctx->enforce_rules[0].config_id, message, &page_buff, &page_size);
+			if(rewrite_message_sz>0 && rewrite_message!= NULL)
+			{
+				/*read local configuration**/
+				template_generate(resp_code, ctx->enforce_rules[0].config_id, rewrite_message, &page_buff, &page_size);
+				FREE(&rewrite_message);
+			}
+			else
+			{
+				/*read local configuration**/
+				template_generate(resp_code, ctx->enforce_rules[0].config_id, message, &page_buff, &page_size);
+			}
 		}
 		tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8");
 		snprintf(cont_len_str, sizeof(cont_len_str), "%lu", page_size);
@@ -2196,7 +2159,7 @@ static void http_manipulate(const struct tfe_stream * stream, const struct tfe_h
 			http_redirect(stream, session, events, ctx);
 			break;
 		case MA_ACTION_BLOCK:
-			http_block(session, events, ctx);
+			http_block(stream, session, events, ctx);
 			break;
 		case MA_ACTION_REPLACE:
 			http_replace(stream, session, events, body_frag, frag_size, ctx);
@@ -2378,7 +2341,7 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h
 			//send log on close.
 			break;
 		case PG_ACTION_REJECT:
-			http_block(session, events, ctx);
+			http_block(stream, session, events, ctx);
 			break;
 		case PG_ACTION_MANIPULATE:
 			http_manipulate(stream, session, events, body_frag, frag_size, ctx);