gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

排查部分网站打不开的原因,增加get_keyring_from_response的日志信息

Browse Source
This commit is contained in:
luqiuwen
2019-01-16 15:36:28 +06:00
parent 124b7f083f
commit dd5bc45edc
3 changed files with 114 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
common/include/tfe_utils.h
View File

@@ -34,14 +34,14 @@
extern void * g_default_logger; extern void * g_default_logger;
#define TFE_LOG_ERROR(handler, fmt, ...) \ #define TFE_LOG_ERROR(handler, fmt, ...) \
do { fprintf(stderr, fmt "\n" , ##__VA_ARGS__); \ do { fprintf(stderr, fmt "\n" , ##__VA_ARGS__); \
MESA_handle_runtime_log(handler, RLOG_LV_FATAL, "tfe", fmt, ##__VA_ARGS__); } while(0) MESA_handle_runtime_log(handler, RLOG_LV_FATAL, __FUNCTION__, fmt, ##__VA_ARGS__); } while(0)
#define TFE_LOG_INFO(handler, fmt, ...) \ #define TFE_LOG_INFO(handler, fmt, ...) \
do { fprintf(stderr, fmt "\n", ##__VA_ARGS__); \ do { fprintf(stderr, fmt "\n", ##__VA_ARGS__); \
MESA_handle_runtime_log(handler, RLOG_LV_INFO, "tfe", fmt, ##__VA_ARGS__); } while(0) \ MESA_handle_runtime_log(handler, RLOG_LV_INFO, __FUNCTION__, fmt, ##__VA_ARGS__); } while(0) \
#define TFE_LOG_DEBUG(handler, fmt, ...) \ #define TFE_LOG_DEBUG(handler, fmt, ...) \
do { MESA_handle_runtime_log(handler, RLOG_LV_DEBUG, "tfe", fmt, ##__VA_ARGS__); } while(0) \ do { MESA_handle_runtime_log(handler, RLOG_LV_DEBUG, __FUNCTION__, fmt, ##__VA_ARGS__); } while(0) \
#define CHECK_OR_EXIT(condition, fmt, ...) \ #define CHECK_OR_EXIT(condition, fmt, ...) \
do { if(!(condition)) { TFE_LOG_ERROR(g_default_logger, fmt, ##__VA_ARGS__); exit(EXIT_FAILURE); } } while(0) \ do { if(!(condition)) { TFE_LOG_ERROR(g_default_logger, fmt, ##__VA_ARGS__); exit(EXIT_FAILURE); } } while(0) \

110
platform/CMakeLists.txt
View File

@@ -35,58 +35,58 @@ endif()
install(TARGETS tfe RUNTIME DESTINATION bin COMPONENT Program) install(TARGETS tfe RUNTIME DESTINATION bin COMPONENT Program)
### test_key_keeper #### test_key_keeper
add_executable(test_key_keeper test/test_key_keeper.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp ) #add_executable(test_key_keeper test/test_key_keeper.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp )
#
target_include_directories(test_key_keeper PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) #target_include_directories(test_key_keeper PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal)
#
target_link_libraries(test_key_keeper common) #target_link_libraries(test_key_keeper common)
target_link_libraries(test_key_keeper pthread dl #target_link_libraries(test_key_keeper pthread dl
openssl-ssl-static # openssl-ssl-static
openssl-crypto-static # openssl-crypto-static
pthread libevent-static # pthread libevent-static
libevent-static-openssl # libevent-static-openssl
libevent-static-pthreads # libevent-static-pthreads
MESA_handle_logger # MESA_handle_logger
MESA_prof_load # MESA_prof_load
cjson # cjson
curl # curl
MESA_htable wiredcfg # MESA_htable wiredcfg
MESA_field_stat) # MESA_field_stat)
#
### test_tfe_rpc #### test_tfe_rpc
add_executable(test_tfe_rpc test/test_tfe_rpc.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp) #add_executable(test_tfe_rpc test/test_tfe_rpc.cpp src/key_keeper.cpp src/ssl_sess_cache.cpp src/ssl_utils.cpp)
#
target_include_directories(test_tfe_rpc PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) #target_include_directories(test_tfe_rpc PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal)
#
target_link_libraries(test_tfe_rpc common) #target_link_libraries(test_tfe_rpc common)
target_link_libraries(test_tfe_rpc pthread dl #target_link_libraries(test_tfe_rpc pthread dl
openssl-ssl-static # openssl-ssl-static
openssl-crypto-static # openssl-crypto-static
pthread libevent-static # pthread libevent-static
libevent-static-openssl # libevent-static-openssl
libevent-static-pthreads # libevent-static-pthreads
MESA_handle_logger # MESA_handle_logger
MESA_prof_load # MESA_prof_load
MESA_htable wiredcfg # MESA_htable wiredcfg
cjson # cjson
curl # curl
MESA_field_stat) # MESA_field_stat)
#
### test_chello_parse #### test_chello_parse
add_executable(test_chello_parse test/test_chello_parse.cpp src/ssl_utils.cpp) #add_executable(test_chello_parse test/test_chello_parse.cpp src/ssl_utils.cpp)
#
target_include_directories(test_chello_parse PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal) #target_include_directories(test_chello_parse PRIVATE ${CMAKE_CURRENT_LIST_DIR}/include/internal)
#
target_link_libraries(test_chello_parse common) #target_link_libraries(test_chello_parse common)
target_link_libraries(test_chello_parse pthread dl #target_link_libraries(test_chello_parse pthread dl
openssl-ssl-static # openssl-ssl-static
openssl-crypto-static # openssl-crypto-static
pthread libevent-static # pthread libevent-static
libevent-static-openssl # libevent-static-openssl
libevent-static-pthreads # libevent-static-pthreads
MESA_handle_logger # MESA_handle_logger
MESA_prof_load # MESA_prof_load
MESA_htable wiredcfg # MESA_htable wiredcfg
cjson # cjson
MESA_field_stat) # MESA_field_stat)

84
platform/src/key_keeper.cpp
View File

@@ -16,6 +16,7 @@
#include <event2/http.h> #include <event2/http.h>
#include <cjson/cJSON.h> #include <cjson/cJSON.h>
#include <curl/curl.h> #include <curl/curl.h>
#include <MESA/cJSON.h>
#define HTABLE_MAX_KEY_LEN 256 #define HTABLE_MAX_KEY_LEN 256
#define KEYRING_EXSITED 0 #define KEYRING_EXSITED 0
@@ -230,56 +231,83 @@ static struct keyring_private* get_keyring_from_response(const char* data)
cJSON* key_json = NULL; cJSON* key_json = NULL;
cJSON* chain_json = NULL; cJSON* chain_json = NULL;
if(data == NULL) assert(data != NULL);
{
goto error_out;
}
data_json = cJSON_Parse(data); data_json = cJSON_Parse(data);
if(data_json == NULL) if(unlikely(data_json == NULL))
{ {
TFE_LOG_ERROR(g_default_logger, "Illegal JSON format: %s", data);
goto error_out; goto error_out;
} }
cert_json = cJSON_GetObjectItemCaseSensitive(data_json, "CERTIFICATE"); cert_json = cJSON_GetObjectItemCaseSensitive(data_json, "CERTIFICATE");
key_json = cJSON_GetObjectItemCaseSensitive(data_json, "PRIVATE_KEY"); key_json = cJSON_GetObjectItemCaseSensitive(data_json, "PRIVATE_KEY");
chain_json = cJSON_GetObjectItemCaseSensitive(data_json, "CERTIFICATE_CHAIN"); chain_json = cJSON_GetObjectItemCaseSensitive(data_json, "CERTIFICATE_CHAIN");
if (cert_json && cert_json->valuestring != NULL)
{ if(unlikely(cert_json == NULL))
cert = transform_cert_to_x509(cert_json->valuestring);
}
if(cert == NULL)
{ {
TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No CERTIFICATE section: %s", data);
goto error_out; goto error_out;
} }
if (key_json && key_json->valuestring != NULL)
{ if(unlikely(key_json == NULL))
key = transform_key_to_EVP(key_json->valuestring);
}
if(key == NULL)
{ {
TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No PRIVATE_KEY section: %s", data);
goto error_out; goto error_out;
} }
if(chain_json == NULL)
if(unlikely(chain_json == NULL))
{
TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No CERTIFICATE_CHAIN section: %s", data);
goto error_out;
}
if(unlikely(cert_json->valuestring == NULL))
{ {
TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No CERTIFICATE value: %s", data);
goto error_out; goto error_out;
} }
chain = sk_X509_new_null();
if(unlikely(key_json->valuestring == NULL))
{
TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, No PRIVATE_KEY value: %s", data);
goto error_out;
}
cert = transform_cert_to_x509(cert_json->valuestring);
if(unlikely(cert == NULL))
{
TFE_LOG_ERROR(g_default_logger, "Transform certificate to X509 failed: %s", cert_json->valuestring);
goto error_out;
}
key = transform_key_to_EVP(key_json->valuestring);
if(unlikely(key == NULL))
{
TFE_LOG_ERROR(g_default_logger, "Transform PRIVATE KEY to EVP failed: %s", key_json->valuestring);
goto error_out;
}
chain = sk_X509_new_null();
cJSON_ArrayForEach(chain_cert_json, chain_json) cJSON_ArrayForEach(chain_cert_json, chain_json)
{ {
chain_cert = NULL; if(unlikely(chain_cert_json->valuestring == NULL))
if (chain_cert_json && chain_cert_json->valuestring != NULL)
{
chain_cert = transform_cert_to_x509(chain_cert_json->valuestring);
}
if(chain_cert == NULL)
{ {
TFE_LOG_ERROR(g_default_logger, "Illegal JSON format, empty CERTIFICATE_CHAIN value.");
goto error_out; goto error_out;
} }
sk_X509_push(chain, chain_cert);
// ssl_x509_refcount_inc(chain_cert);
}
_kyr= keyring_new(cert, key, chain);
chain_cert = transform_cert_to_x509(chain_cert_json->valuestring);
if(unlikely(chain_cert == NULL))
{
TFE_LOG_ERROR(g_default_logger, "Transform certificate chain entry to X509 failed: %s",
chain_cert_json->valuestring); goto error_out;
}
sk_X509_push(chain, chain_cert);
}
_kyr= keyring_new(cert, key, chain);
cJSON_Delete(data_json); cJSON_Delete(data_json);
return _kyr; return _kyr;
@@ -287,7 +315,7 @@ error_out:
if(data_json!=NULL) cJSON_Delete(data_json); if(data_json!=NULL) cJSON_Delete(data_json);
if(cert) X509_free(cert); if(cert) X509_free(cert);
if(key) EVP_PKEY_free(key); if(key) EVP_PKEY_free(key);
if(chain) sk_X509_pop_free(chain, X509_free); if(chain) sk_X509_pop_free(chain, X509_free);
return NULL; return NULL;
} }