From f106facd7bc39a639a04732601ba031af47483dc Mon Sep 17 00:00:00 2001 From: fengweihao Date: Tue, 28 May 2019 14:59:39 +0800 Subject: [PATCH] =?UTF-8?q?1.Manipulate=E5=8A=A8=E4=BD=9C=E9=87=8D?= =?UTF-8?q?=E6=9E=84=E4=BF=AE=E6=94=B9=202.=E4=BF=AE=E6=94=B9pangu=5Fsend?= =?UTF-8?q?=5Flog=E4=B8=ADlog=E5=AD=97=E6=AE=B5=E5=90=8D=203.=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=E5=8F=AF=E4=BF=A1=E8=AF=81=E4=B9=A6=E9=A2=81=E5=8F=91?= =?UTF-8?q?=E6=9C=BA=E6=9E=84=E8=A1=A8=E5=90=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugin/business/pangu-http/src/pangu_http.cpp | 569 +++++++++--------- .../business/pangu-http/src/pangu_logger.cpp | 25 +- .../pangu-http/src/pattern_replace.cpp | 101 ++-- .../business/pangu-http/src/pattern_replace.h | 2 +- plugin/protocol/http2/src/http2_stream.cpp | 1 + resource/pangu/table_info.conf | 2 +- 6 files changed, 347 insertions(+), 353 deletions(-) diff --git a/plugin/business/pangu-http/src/pangu_http.cpp b/plugin/business/pangu-http/src/pangu_http.cpp index 6b8703b..4944090 100644 --- a/plugin/business/pangu-http/src/pangu_http.cpp +++ b/plugin/business/pangu-http/src/pangu_http.cpp @@ -43,7 +43,7 @@ enum pangu_action //Bigger action number is prior. __PG_ACTION_MAX }; -enum manipulate_actin +enum manipulate_action { MA_ACTION_REDIRECT = 0, MA_ACTION_BLOCK, @@ -81,17 +81,17 @@ enum pangu_http_stat __PG_STAT_MAX }; -enum policy_table +enum manipulate_profile_table { - POLICY_TABLE_REJECT, - POLICY_TABLE_HIJACK, - POLICY_TABLE_INSERT, - POLICY_TABLE_MAX + POLICY_PROFLIE_TABLE_REJECT, + POLICY_PROFILE_TABLE_HIJACK, + POLICY_PROFILE_TABLE_INSERT, + POLICY_PROFILE_TABLE_MAX }; -struct policy_object +struct manipulate_profile { - int cfg_id; + int profile_id; size_t msg_len; char *profile_name; char *profile_msg; @@ -99,10 +99,10 @@ struct policy_object ctemplate::Template * tpl; }; -struct plolicy_param +struct policy_action_param { int ref_cnt; - int action; + enum manipulate_action action; char *message; char *position; @@ -119,13 +119,13 @@ struct pangu_rt { Maat_feather_t maat; Maat_feather_t dyn_maat; - int subscribe_id_table_id; + int subscriber_id_table_id; struct pangu_logger * send_logger; void * local_logger; int log_level; int thread_num; int scan_table_id[__SCAN_TABLE_MAX]; - int plolicy_table_id[POLICY_TABLE_MAX]; + int plolicy_table_id[POLICY_PROFILE_TABLE_MAX]; ctemplate::Template * tpl_403, * tpl_404, * tpl_451; char * reject_page; int page_size; @@ -140,7 +140,7 @@ struct pangu_rt struct event_base* gc_evbase; struct event* gcev; - int plolicy_param_idx; + int ctrl_compile_idx; int ca_store_reseting; }; @@ -443,26 +443,26 @@ void subscribe_id_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *ad=NULL; } -static -int to_val_idx(const char *key) +static enum manipulate_action manipulate_action_str2idx(const char *action_str) { - const char *clue_action_map[] = {"redirect", - "block", - "replace", - "hijack", - "insert" - }; + const char *clue_action_map[__MA_ACTION_MAX]; + clue_action_map[MA_ACTION_REDIRECT]= "redirect"; + clue_action_map[MA_ACTION_BLOCK]= "block"; + clue_action_map[MA_ACTION_REPLACE]= "replace"; + clue_action_map[MA_ACTION_HIJACK]= "hijack"; + clue_action_map[MA_ACTION_INSERT]= "insert"; + size_t i = 0; for (i = 0; i < sizeof(clue_action_map) / sizeof(const char *); i++) { - if (0 == strcasecmp(key, clue_action_map[i])) + if (0 == strcasecmp(action_str, clue_action_map[i])) break; } - return i; + return (enum manipulate_action)i; } -void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, +void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp) { *ad=NULL; @@ -470,6 +470,7 @@ void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_d { return; } + int rule_id; cJSON *json=NULL, *rules=NULL, *item=NULL; json=cJSON_Parse(srv_def_large); if(json==NULL) @@ -478,64 +479,71 @@ void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_d return; } - struct plolicy_param* param=ALLOC(struct plolicy_param, 1); + struct policy_action_param* param=ALLOC(struct policy_action_param, 1); param->ref_cnt=1; pthread_mutex_init(&(param->lock), NULL); item=cJSON_GetObjectItem(json,"method"); - if(item && item->type==cJSON_String){ - param->action =to_val_idx(item->valuestring); + if(item && item->type==cJSON_String) + { + param->action =manipulate_action_str2idx(item->valuestring); } switch(param->action) { case MA_ACTION_REDIRECT: item=cJSON_GetObjectItem(json,"code"); - if(item && item->type==cJSON_Number){ + if(item && item->type==cJSON_Number) + { param->status_code = item->valueint; } item=cJSON_GetObjectItem(json,"to"); - if(item && item->type==cJSON_String){ + if(item && item->type==cJSON_String) + { param->message = tfe_strdup(item->valuestring); } break; case MA_ACTION_BLOCK: item=cJSON_GetObjectItem(json,"code"); - if(item && item->type==cJSON_Number){ + if(item && item->type==cJSON_Number) + { param->status_code = item->valueint; } item=cJSON_GetObjectItem(json,"message"); - if(item && item->type==cJSON_String){ + if(item && item->type==cJSON_String) + { param->message = tfe_strdup(item->valuestring); } item=cJSON_GetObjectItem(json,"html_profile"); - if(item && item->type==cJSON_Number){ + if(item && item->type==cJSON_Number) + { param->profile_id = item->valueint; } break; case MA_ACTION_REPLACE: rules = cJSON_GetObjectItem(json, "rules"); - if(rules) + if(rules == NULL) { - size_t idx = 0; - param->rule = ALLOC(struct replace_rule, MAX_EDIT_ZONE_NUM); - for (item = rules->child; item != NULL; item = item->next) - { - char * search = cJSON_GetObjectItem(item , "search_in")->valuestring; - if (search == NULL) break; - - param->rule[idx].zone = zone_name_to_id(search); - if (param->rule[idx].zone == kZoneMax) - { - break; - } - param->rule[idx].find = tfe_strdup(cJSON_GetObjectItem(item , "find")->valuestring); - param->rule[idx].replace_with = tfe_strdup(cJSON_GetObjectItem(item , "replace_with")->valuestring); - idx++; - } - param->n_rule = idx; + break; } + rule_id = 0; + param->rule = ALLOC(struct replace_rule, MAX_EDIT_ZONE_NUM); + for (item = rules->child; item != NULL; item = item->next) + { + char * search = cJSON_GetObjectItem(item , "search_in")->valuestring; + if (search == NULL) break; + + param->rule[rule_id].zone = zone_name_to_id(search); + if (param->rule[rule_id].zone == kZoneMax) + { + break; + } + param->rule[rule_id].find = tfe_strdup(cJSON_GetObjectItem(item , "find")->valuestring); + param->rule[rule_id].replace_with = tfe_strdup(cJSON_GetObjectItem(item , "replace_with")->valuestring); + rule_id++; + } + param->n_rule = rule_id; break; case MA_ACTION_HIJACK: item=cJSON_GetObjectItem(json,"hijack_profile"); @@ -561,14 +569,14 @@ void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_d return; } -void policy_param_free(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp) +void policy_action_param_free_cb(int table_id, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp) { unsigned int i=0; if(*ad==NULL) { return; } - struct plolicy_param* param=(struct plolicy_param*)*ad; + struct policy_action_param* param=(struct policy_action_param*)*ad; pthread_mutex_lock(&(param->lock)); param->ref_cnt--; if(param->ref_cnt>0) @@ -592,52 +600,58 @@ void policy_param_free(int idx, const struct Maat_rule_t* rule, const char* srv_ return; } -void policy_param_dup(int idx, MAAT_RULE_EX_DATA *to, MAAT_RULE_EX_DATA *from, long argl, void *argp) +void policy_action_param_free(struct policy_action_param* param) { - struct plolicy_param* from_param=*((struct plolicy_param**)from); - pthread_mutex_lock(&(from_param->lock)); - from_param->ref_cnt++; - pthread_mutex_unlock(&(from_param->lock)); - *((struct plolicy_param**)to)=from_param; + policy_action_param_free_cb(0, NULL, NULL, (void**)¶m, 0, NULL); return; } -void policy_table_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp) +void policy_action_param_dup(int idx, MAAT_RULE_EX_DATA *to, MAAT_RULE_EX_DATA *from, long argl, void *argp) { - int ret=0, cfg_id=0, is_valid=0; + struct policy_action_param* from_param=*((struct policy_action_param**)from); + pthread_mutex_lock(&(from_param->lock)); + from_param->ref_cnt++; + pthread_mutex_unlock(&(from_param->lock)); + *((struct policy_action_param**)to)=from_param; + return; +} + +void ma_profile_table_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp) +{ + int ret=0, profile_id=0, is_valid=0; char profile_name[128]={0}, formate[128]={0}; char profile_path[TFE_PATH_MAX]={0}; - ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%d", &cfg_id, profile_name, formate, profile_path, &is_valid); + ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%d", &profile_id, profile_name, formate, profile_path, &is_valid); if(ret!=5) { TFE_LOG_ERROR(g_pangu_rt->local_logger, "Policy table parse config failed: %s", table_line); return; } - struct policy_object* ply_obj=ALLOC(struct policy_object, 1); + struct manipulate_profile* ply_profile=ALLOC(struct manipulate_profile, 1); - ply_obj->cfg_id=cfg_id; + ply_profile->profile_id=profile_id; if(strcasecmp(formate, "template") == 0) { - ply_obj->tpl = ctemplate::Template::GetTemplate(profile_path, ctemplate::DO_NOT_STRIP); + ply_profile->tpl = ctemplate::Template::GetTemplate(profile_path, ctemplate::DO_NOT_STRIP); }else { - ply_obj->profile_msg = execute_read_file(profile_path, &ply_obj->msg_len); - if (ply_obj->profile_msg == NULL) + ply_profile->profile_msg = execute_read_file(profile_path, &ply_profile->msg_len); + if (ply_profile->profile_msg == NULL) { - TFE_LOG_ERROR(g_pangu_rt->local_logger, "Read file failed %d:%s:%s", cfg_id, profile_name, profile_path); + TFE_LOG_ERROR(g_pangu_rt->local_logger, "Read file failed %d:%s:%s", profile_id, profile_name, profile_path); } } - ply_obj->profile_name=tfe_strdup(profile_name); - ply_obj->profile_type=tfe_strdup(formate); + ply_profile->profile_name=tfe_strdup(profile_name); + ply_profile->profile_type=tfe_strdup(formate); - *ad = ply_obj; + *ad = ply_profile; return; } -void policy_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp) +void ma_profile_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp) { - struct policy_object* ply_obj=(struct policy_object*)(*ad); + struct manipulate_profile* ply_obj=(struct manipulate_profile*)(*ad); FREE(&ply_obj->profile_type); FREE(&ply_obj->profile_msg); FREE(&ply_obj->profile_name); @@ -645,9 +659,9 @@ void policy_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *ad=NULL; } -void policy_table_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp) +void ma_profile_table_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp) { - struct policy_object* ply_obj=(struct policy_object*)(*from); + struct manipulate_profile* ply_obj=(struct manipulate_profile*)(*from); *to=ply_obj; } @@ -658,103 +672,46 @@ int maat_table_init(const char* table_name, int table_id=0; table_id=Maat_table_register(g_pangu_rt->maat, table_name); - if(table_id<0) + if(table_id>=0) { - goto finish; + Maat_table_callback_register(g_pangu_rt->maat, table_id, + start, update, finish, u_para); } - Maat_table_callback_register(g_pangu_rt->maat, table_id, - start, update, finish, u_para); -finish: return table_id; } -int maat_table_ex_init(const char* table_name, int policy_id, +int maat_table_ex_init(int profile_idx, Maat_plugin_EX_new_func_t* new_func, Maat_plugin_EX_free_func_t* free_func, Maat_plugin_EX_dup_func_t* dup_func) { int table_id = 0; - - table_id=g_pangu_rt->plolicy_table_id[policy_id]=Maat_table_register(g_pangu_rt->maat, table_name); - if(table_id<0) - { - goto finish; - } - table_id=Maat_plugin_EX_register(g_pangu_rt->maat, - table_id, - new_func,free_func, - dup_func,NULL,0,NULL); -finish: - return table_id; -} - -int panggu_policy_init() -{ - int table_id=0, policy_id = 0; - const char *table_name_map[] = {"PXY_PROFILE_RESPONSE_PAGES", - "PXY_PROFILE_HIJACK_FILES", - "PXY_PROFILE_INSERT_SCRIPTS", - }; + "PXY_PROFILE_HIJACK_FILES", + "PXY_PROFILE_INSERT_SCRIPTS"}; - table_id = maat_table_init("PXY_OBJ_TRUSTED_CA_CERT", - trusted_CA_update_start_cb, - trusted_CA_update_cert_cb, - trusted_CA_update_finish_cb, - g_pangu_rt); - if(table_id<0) + table_id=g_pangu_rt->plolicy_table_id[profile_idx]=Maat_table_register(g_pangu_rt->maat, table_name_map[profile_idx]); + if(table_id >= 0) { - TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CERT failed."); - goto finish; + table_id=Maat_plugin_EX_register(g_pangu_rt->maat, + table_id, + new_func, + free_func, + dup_func, + NULL, 0, NULL); + return 0; } + TFE_LOG_INFO(NULL, "Pangu HTTP register table %s failed.", table_name_map[profile_idx]); - table_id = maat_table_init("PXY_OBJ_TRUSTED_CA_CRL", - trusted_CA_update_start_cb, - trusted_CA_update_crl_cb, - trusted_CA_update_finish_cb, - g_pangu_rt); - if(table_id<0) - { - TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CRL failed."); - goto finish; - } - - for (policy_id = 0; policy_id thread_num = tfe_proxy_get_work_thread_count(); - g_pangu_rt->gc_evbase=tfe_proxy_get_gc_evbase(); - MESA_load_profile_int_def(profile, "DEBUG", "LOG_LEVEL", &(g_pangu_rt->log_level), 0); - g_pangu_rt->local_logger = MESA_create_runtime_log_handle(logfile, g_pangu_rt->log_level); - g_pangu_rt->send_logger = pangu_log_handle_create(profile, "LOG", g_pangu_rt->local_logger); - if (!g_pangu_rt->send_logger) - { - goto error_out; - } - g_pangu_rt->fs_handle = tfe_proxy_get_fs_handle(); - pangu_http_stat_init(g_pangu_rt); - - g_pangu_rt->maat = create_maat_feather("static", profile, "MAAT", g_pangu_rt->thread_num, g_pangu_rt->local_logger); + g_pangu_rt->maat = create_maat_feather("static", profile_path, static_section, g_pangu_rt->thread_num, g_pangu_rt->local_logger); if (!g_pangu_rt->maat) { goto error_out; @@ -778,57 +735,119 @@ int pangu_http_init(struct tfe_proxy * proxy) } } - g_pangu_rt->plolicy_param_idx=Maat_rule_get_ex_new_index(g_pangu_rt->maat, "PXY_CTRL_COMPILE", - policy_param_new, policy_param_free, policy_param_dup, + g_pangu_rt->ctrl_compile_idx=Maat_rule_get_ex_new_index(g_pangu_rt->maat, "PXY_CTRL_COMPILE", + policy_action_param_new, + policy_action_param_free_cb, + policy_action_param_dup, 0, NULL); - table_id = panggu_policy_init(); - if(table_id<0) + ret = maat_table_init("PXY_PROFILE_TRUSTED_CA_CERT", + trusted_CA_update_start_cb, + trusted_CA_update_cert_cb, + trusted_CA_update_finish_cb, + g_pangu_rt); + if(ret<0) { + TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CERT failed."); goto error_out; } - g_pangu_rt->dyn_maat = create_maat_feather("dyn", profile, "DYNAMIC_MAAT", g_pangu_rt->thread_num, g_pangu_rt->local_logger); + ret = maat_table_init("PXY_OBJ_TRUSTED_CA_CRL", + trusted_CA_update_start_cb, + trusted_CA_update_crl_cb, + trusted_CA_update_finish_cb, + g_pangu_rt); + if(ret<0) + { + TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CRL failed."); + goto error_out; + } + + + for (profile_table_idx = 0; profile_table_idx dyn_maat = create_maat_feather("dyn", profile_path, dynamic_section, g_pangu_rt->thread_num, g_pangu_rt->local_logger); if (!g_pangu_rt->maat) { goto error_out; } - g_pangu_rt->subscribe_id_table_id=Maat_table_register(g_pangu_rt->dyn_maat, "IPD_DYN_SUBSCRIBE_IP"); - temp=Maat_plugin_EX_register(g_pangu_rt->dyn_maat, - g_pangu_rt->subscribe_id_table_id, + g_pangu_rt->subscriber_id_table_id=Maat_table_register(g_pangu_rt->dyn_maat, "IPD_DYN_SUBSCRIBE_IP"); + ret=Maat_plugin_EX_register(g_pangu_rt->dyn_maat, + g_pangu_rt->subscriber_id_table_id, subscribe_id_new_cb, subscribe_id_free_cb, subscribe_id_dup_cb, NULL, 0, NULL); - if(temp!=0) + if(ret!=0) { TFE_LOG_ERROR(NULL, "Pangu HTTP Dynamic Maat IPD_DYN_SUBSCIBE_IP EX data register failed."); goto error_out; } +error_out: + return ret; +} + +int pangu_http_init(struct tfe_proxy * proxy) +{ + const char * profile_path = "./conf/pangu/pangu_pxy.conf"; + const char * logfile = "./log/pangu_pxy.log"; + int temp=0; + + g_pangu_rt = ALLOC(struct pangu_rt, 1); + + g_pangu_rt->thread_num = tfe_proxy_get_work_thread_count(); + g_pangu_rt->gc_evbase=tfe_proxy_get_gc_evbase(); + + MESA_load_profile_int_def(profile_path, "DEBUG", "LOG_LEVEL", &(g_pangu_rt->log_level), 0); + g_pangu_rt->local_logger = MESA_create_runtime_log_handle(logfile, g_pangu_rt->log_level); + + g_pangu_rt->send_logger = pangu_log_handle_create(profile_path, "LOG", g_pangu_rt->local_logger); + if (!g_pangu_rt->send_logger) + { + goto error_out; + } + + g_pangu_rt->fs_handle = tfe_proxy_get_fs_handle(); + pangu_http_stat_init(g_pangu_rt); + + if(pangu_policy_init(profile_path, "MAAT", "DYNAMIC_MAAT")<0) + { + goto error_out; + } + char page_path[256]; memset(page_path, 0, sizeof(page_path)); - MESA_load_profile_string_def(profile, "TEMPLATE", "PAGE_403", page_path, sizeof(page_path), + MESA_load_profile_string_def(profile_path, "TEMPLATE", "PAGE_403", page_path, sizeof(page_path), "./resource/pangu/HTTP403.html"); g_pangu_rt->tpl_403 = ctemplate::Template::GetTemplate(page_path, ctemplate::DO_NOT_STRIP); memset(page_path, 0, sizeof(page_path)); - MESA_load_profile_string_def(profile, "TEMPLATE", "PAGE_404", page_path, sizeof(page_path), + MESA_load_profile_string_def(profile_path, "TEMPLATE", "PAGE_404", page_path, sizeof(page_path), "./resource/pangu/HTTP404.html"); g_pangu_rt->tpl_404 = ctemplate::Template::GetTemplate(page_path, ctemplate::DO_NOT_STRIP); memset(page_path, 0, sizeof(page_path)); - MESA_load_profile_string_def(profile, "TEMPLATE", "PAGE_451", page_path, sizeof(page_path), + MESA_load_profile_string_def(profile_path, "TEMPLATE", "PAGE_451", page_path, sizeof(page_path), "./resource/pangu/HTTP451.html"); g_pangu_rt->tpl_451 = ctemplate::Template::GetTemplate(page_path, ctemplate::DO_NOT_STRIP); - MESA_load_profile_int_def(profile, "TANGO_CACHE", "suspend_max", &(temp), 1024*1024); + MESA_load_profile_int_def(profile_path, "TANGO_CACHE", "suspend_max", &(temp), 1024*1024); g_pangu_rt->suspend_max=temp; - MESA_load_profile_int_def(profile, "TANGO_CACHE", "enable_cache", &(g_pangu_rt->cache_enabled), 1); + MESA_load_profile_int_def(profile_path, "TANGO_CACHE", "enable_cache", &(g_pangu_rt->cache_enabled), 1); if(g_pangu_rt->cache_enabled) { - g_pangu_rt->cache = create_web_cache_handle(profile, "TANGO_CACHE", g_pangu_rt->gc_evbase, + g_pangu_rt->cache = create_web_cache_handle(profile_path, "TANGO_CACHE", g_pangu_rt->gc_evbase, g_pangu_rt->maat, g_pangu_rt->local_logger); if(!g_pangu_rt->cache) { @@ -874,7 +893,7 @@ struct pangu_http_ctx struct Maat_rule_t * enforce_rules; size_t n_enforce; char * enforce_para; - struct plolicy_param *param; + struct policy_action_param *param; struct evbuffer* log_req_body, *log_resp_body; struct replace_ctx * rep_ctx; @@ -910,6 +929,10 @@ void http_repl_ctx_free(struct replace_ctx* rep_ctx) void http_ins_ctx_free(struct insert_ctx* ins_ctx) { + FREE(&ins_ctx->rule->script); + FREE(&ins_ctx->rule->type); + if (ins_ctx->rule->position) + FREE(&ins_ctx->rule->position); FREE(&(ins_ctx->rule)); if (ins_ctx->http_body) { @@ -1009,6 +1032,18 @@ static inline void addr_tfe2sapp(const struct tfe_stream_addr * tfe_addr, struct return; } +static struct manipulate_profile* get_profile_by_id(int profile_table, int profile_id) +{ + struct manipulate_profile* result=NULL; + + char cfg_id_str[16] = {0}; + snprintf(cfg_id_str, sizeof(cfg_id_str), "%d", profile_id); + int table_id = g_pangu_rt->plolicy_table_id[profile_table]; + + result = (struct manipulate_profile*)Maat_plugin_get_EX_data(g_pangu_rt->maat, table_id, (const char*)cfg_id_str); + return result; +} + static int pangu_action_weight[__PG_ACTION_MAX] = {0}; void __pangu_action_weight_init() __attribute__((constructor, used)); void __pangu_action_weight_init() @@ -1027,7 +1062,7 @@ static inline int action_cmp(enum pangu_action a1, enum pangu_action a2) //enforce_rules[0] contains execute action. static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules, size_t n_hit, - struct Maat_rule_t ** enforce_rules, size_t * n_enforce, struct plolicy_param **param) + struct Maat_rule_t ** enforce_rules, size_t * n_enforce, struct policy_action_param **param) { size_t n_monit = 0, exist_enforce_num = 0, i = 0; const struct Maat_rule_t * prior_rule = hit_rules; @@ -1089,10 +1124,10 @@ static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules memcpy(*enforce_rules + exist_enforce_num + 1, monit_rule, n_monit * sizeof(struct Maat_rule_t)); } - void *ex_data=Maat_rule_get_ex_data(g_pangu_rt->maat, prior_rule, g_pangu_rt->plolicy_param_idx); + void *ex_data=Maat_rule_get_ex_data(g_pangu_rt->maat, prior_rule, g_pangu_rt->ctrl_compile_idx); if(ex_data!=NULL) { - *param=(struct plolicy_param*)ex_data; + *param=(struct policy_action_param*)ex_data; } return prior_action; @@ -1122,68 +1157,50 @@ static void template_generate(int status_code, int cfg_id, const char* msg, char *page_buff = tfe_strdup(output.c_str()); } -static int html_generate(int cfg_id, const char* msg, char ** page_buff, size_t * page_size) +void manipulate_profile_free(struct manipulate_profile* ma_profile) +{ + FREE(&ma_profile->profile_type); + FREE(&ma_profile->profile_msg); + FREE(&ma_profile->profile_name); + FREE(&ma_profile); +} + +static int html_generate(int profile_id, const char* msg, char ** page_buff, size_t * page_size) { -#define KEY_LEN 16 int ret = 0; - struct policy_object* ply_obj=NULL; - int tables_id = g_pangu_rt->plolicy_table_id[POLICY_TABLE_REJECT]; - - char cfg_id_str[KEY_LEN] = {0}; - snprintf(cfg_id_str, KEY_LEN, "%d", cfg_id); - - ply_obj = (struct policy_object*)Maat_plugin_get_EX_data(g_pangu_rt->maat, tables_id, (const char*)cfg_id_str); - if(ply_obj==NULL) + struct manipulate_profile* block_profile=get_profile_by_id(POLICY_PROFLIE_TABLE_REJECT, profile_id); + if(block_profile==NULL) { ret=-1; return ret; } - if(!strncmp(ply_obj->profile_type, "template", strlen(ply_obj->profile_type))) + if(!strncmp(block_profile->profile_type, "template", strlen(block_profile->profile_type))) { ctemplate::TemplateDictionary dict("pg_page_dict"); //dict is automatically finalized after function returned. - dict.SetIntValue("cfg_id", cfg_id); + dict.SetIntValue("cfg_id", profile_id); dict.SetValue("msg", msg); std::string output; - ply_obj->tpl->Expand(&output, &dict); + block_profile->tpl->Expand(&output, &dict); *page_size = output.length() + 1; *page_buff = tfe_strdup(output.c_str()); } else { - *page_size = ply_obj->msg_len; - *page_buff = ply_obj->profile_msg; + *page_size = block_profile->msg_len; + *page_buff = tfe_strdup(block_profile->profile_msg); } + block_profile=NULL; return ret; } static void html_free(char ** page_buff) { - if (*page_buff) - FREE(page_buff); + FREE(page_buff); return; } -static struct policy_object* get_obj_for_id(int cfg_id) -{ -#define KEY_LEN 16 - struct policy_object* ply_obj=NULL; - - char cfg_id_str[KEY_LEN] = {0}; - - snprintf(cfg_id_str, KEY_LEN, "%d", cfg_id); - - int tables_id = g_pangu_rt->plolicy_table_id[POLICY_TABLE_HIJACK]; - ply_obj = (struct policy_object*)Maat_plugin_get_EX_data(g_pangu_rt->maat, tables_id, (const char*)cfg_id_str); - if(ply_obj==NULL) - { - goto finish; - } -finish: - return ply_obj; -} - void http_replace(const struct tfe_stream * stream, const struct tfe_http_session * session, enum tfe_http_event events, const unsigned char * body_frag, size_t frag_size, struct pangu_http_ctx * ctx) { @@ -1206,7 +1223,7 @@ void http_replace(const struct tfe_stream * stream, const struct tfe_http_sessio * the header has been forwarded, only replace the body but not modify header will raise exception */ if ((events & EV_HTTP_REQ_HDR) || (events & EV_HTTP_RESP_HDR)) { - struct plolicy_param *param = ctx->param; + struct policy_action_param *param = ctx->param; ctx->rep_ctx = rep_ctx = ALLOC(struct replace_ctx, 1); rep_ctx->rule = param->rule; rep_ctx->n_rule = param->n_rule; @@ -1344,7 +1361,7 @@ static void http_reject(const struct tfe_http_session * session, enum tfe_http_e char *msg = NULL; struct tfe_http_session * to_write_sess = NULL; - struct plolicy_param *param = ctx->param; + struct policy_action_param *param = ctx->param; resp_code = param->status_code; msg = param->message; @@ -1384,7 +1401,7 @@ static void http_redirect(const struct tfe_http_session * session, enum tfe_http struct tfe_http_half * response = NULL; struct tfe_http_session * to_write = NULL; - struct plolicy_param *param = ctx->param; + struct policy_action_param *param = ctx->param; int resp_code = param->status_code; char *rd_url = param->message; @@ -1422,13 +1439,13 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev char cont_len_str[16]; - struct plolicy_param *param = ctx->param; + struct policy_action_param *param = ctx->param; int resp_code = param->status_code; - int cfg_id = param->profile_id; + int profile_id = param->profile_id; char *message = param->message; - if (resp_code <= 0 || cfg_id <= 0){ + if (resp_code <= 0 || profile_id <= 0){ TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid block rule %d", ctx->enforce_rules[0].config_id); ctx->action = PG_ACTION_NONE; return; @@ -1441,10 +1458,10 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev to_write_sess = tfe_http_session_allow_write(session); response = tfe_http_session_response_create(to_write_sess, resp_code); - ret = html_generate(cfg_id, message, &page_buff, &page_size); + ret = html_generate(profile_id, message, &page_buff, &page_size); if (ret != 0) { - TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", cfg_id); + TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", profile_id); ctx->action = PG_ACTION_NONE; } tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8"); @@ -1468,91 +1485,65 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev static void http_hijack(const struct tfe_http_session * session, enum tfe_http_event events, struct pangu_http_ctx * ctx) { - struct plolicy_param *param = ctx->param; + struct policy_action_param *param = ctx->param; + struct tfe_http_half * response = NULL; - int cfg_id = param->profile_id; - - if (cfg_id <= 0){ + if (param->profile_id <= 0 || !(events & EV_HTTP_RESP_HDR || tfe_http_in_request(events))) + { TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid hijack rule %d", ctx->enforce_rules[0].config_id); ctx->action = PG_ACTION_NONE; return; } - struct tfe_http_half * response = NULL; - char cont_len_str[16]; + struct manipulate_profile* hijack_profile=get_profile_by_id(POLICY_PROFILE_TABLE_HIJACK, param->profile_id); + if (NULL == hijack_profile) + { + TFE_LOG_ERROR(g_pangu_rt->local_logger, "get table obj faild, table_id = %d", param->profile_id); + ctx->action = PG_ACTION_NONE; + return; + } struct tfe_http_session * to_write_sess = NULL; - if(events & EV_HTTP_RESP_HDR || tfe_http_in_request(events)) - { - to_write_sess = tfe_http_session_allow_write(session); - response = tfe_http_session_response_create(to_write_sess, 200); + char cont_len_str[16]; - struct policy_object* ply_obj=get_obj_for_id(cfg_id); - if (NULL == ply_obj){ - TFE_LOG_ERROR(g_pangu_rt->local_logger, "get table obj faild, table_id = %d", cfg_id); - ctx->action = PG_ACTION_NONE; - return; - } - int hijack_len = strlen(ply_obj->profile_name)+strlen("filename=\"\"")+1; - char *hijack_name = ALLOC(char, hijack_len); - snprintf(hijack_name, hijack_len, "filename=\"%s\"", ply_obj->profile_name); - tfe_http_nonstd_field_write(response, "Content-Disposition", hijack_name); - FREE(&hijack_name); - tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, ply_obj->profile_type); - snprintf(cont_len_str, sizeof(cont_len_str), "%lu", ply_obj->msg_len); - tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str); + to_write_sess = tfe_http_session_allow_write(session); + response = tfe_http_session_response_create(to_write_sess, 200); - char * page_buff = ply_obj->profile_msg; - size_t page_size = ply_obj->msg_len; + int hijack_len = strlen(hijack_profile->profile_name)+strlen("filename=\"\"")+1; + char *hijack_name = ALLOC(char, hijack_len); + snprintf(hijack_name, hijack_len, "filename=\"%s\"", hijack_profile->profile_name); + tfe_http_nonstd_field_write(response, "Content-Disposition", hijack_name); + FREE(&hijack_name); + tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, hijack_profile->profile_type); + snprintf(cont_len_str, sizeof(cont_len_str), "%lu", hijack_profile->msg_len); + tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str); - size_t frag_size=8192; size_t sendlen=0; - unsigned char body_frag[frag_size + 1]; + tfe_http_half_append_body(response, hijack_profile->profile_msg, hijack_profile->msg_len, 0); + tfe_http_half_append_body(response, NULL, 0, 0); + tfe_http_session_response_set(to_write_sess, response); + tfe_http_session_detach(session); + hijack_profile=NULL; - tfe_http_session_response_set(to_write_sess, response); - tfe_http_half_write_body_begin(response, 1); - for (sendlen= 0; sendlen < page_size; sendlen+=frag_size) - { - memcpy(body_frag, page_buff+sendlen, frag_size); - tfe_http_half_write_body_data(response, body_frag, frag_size); - memset(body_frag, 0, frag_size); - } - tfe_http_half_write_body_end(response); - tfe_http_session_detach(session); - } - else - { - to_write_sess = tfe_http_session_allow_write(session); - tfe_http_session_kill(to_write_sess); - } return; } -static int format_insert_rule(struct plolicy_param *param, int cfg_id, struct insert_rule *rule) +static int format_insert_rule(int profile_id, const char* insert_position, struct insert_rule *rule) { -#define KEY_LEN 16 int ret = 0; - struct policy_object* ply_obj=NULL; - int tables_id = g_pangu_rt->plolicy_table_id[POLICY_TABLE_INSERT]; - - char cfg_id_str[KEY_LEN] = {0}; - snprintf(cfg_id_str, KEY_LEN, "%d", cfg_id); - - ply_obj = (struct policy_object*)Maat_plugin_get_EX_data(g_pangu_rt->maat, tables_id, (const char*)cfg_id_str); - if(ply_obj==NULL) + struct manipulate_profile* insert_profile=get_profile_by_id(POLICY_PROFILE_TABLE_INSERT, profile_id); + if(insert_profile==NULL) { ret=-1; return ret; } - rule->stype = ply_obj->profile_msg; - rule->type = ply_obj->profile_type; + rule->script = tfe_strdup(insert_profile->profile_msg); + rule->type = tfe_strdup(insert_profile->profile_type); - if (param->position == NULL){ - rule->position = NULL; - }else{ - rule->position = param->position; - } + if (insert_position) + rule->position=tfe_strdup(insert_position); + insert_profile=NULL; return ret; } @@ -1563,7 +1554,7 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_ char * rewrite_buff = NULL; size_t rewrite_sz = 0; - struct plolicy_param *param = ctx->param; + struct policy_action_param *param = ctx->param; to_write_sess = tfe_http_session_allow_write(session); if (to_write_sess == NULL) //fail to wirte, abandon. @@ -1576,15 +1567,16 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_ struct insert_ctx *ins_ctx = ctx->ins_ctx; if (ctx->ins_ctx == NULL) { + /* we must determinate the replace action on HTTP header, otherwise, + * the header has been forwarded, only replace the body but not modify header will raise exception */ if ((events & EV_HTTP_REQ_HDR) || (events & EV_HTTP_RESP_HDR)) { - int cfg_id = param->profile_id; ctx->ins_ctx = ins_ctx = ALLOC(struct insert_ctx, 1); ins_ctx->rule = ALLOC(struct insert_rule, 1); - int ret=format_insert_rule(param, cfg_id, ins_ctx->rule); + int ret=format_insert_rule(param->profile_id, param->position, ins_ctx->rule); if (ret<0) { - TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", cfg_id); + TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", param->profile_id); ctx->action = PG_ACTION_NONE; return; } @@ -1643,21 +1635,22 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_ if ((events & EV_HTTP_REQ_BODY_END) || (events & EV_HTTP_RESP_BODY_END)) { - char * __http_body = (char *) evbuffer_pullup(ins_ctx->http_body, -1); - size_t __http_body_len = evbuffer_get_length(ins_ctx->http_body); + char * http_body = (char *) evbuffer_pullup(ins_ctx->http_body, -1); + size_t http_body_len = evbuffer_get_length(ins_ctx->http_body); + const char* cont_type_val=tfe_http_std_field_read(ins_ctx->replacing, TFE_HTTP_CONT_TYPE); rewrite_buff = NULL; rewrite_sz = 0; - rewrite_sz = execute_insert_rule(__http_body, __http_body_len, ins_ctx->rule, &rewrite_buff); - if (rewrite_sz >0 ) + rewrite_sz = execute_insert_rule(http_body, http_body_len, ins_ctx->rule, &rewrite_buff); + if (rewrite_sz >0 && strstr(cont_type_val, "text/html")) { tfe_http_half_append_body(ins_ctx->replacing, rewrite_buff, rewrite_sz, 0); ins_ctx->actually_replaced=1; } else { - tfe_http_half_append_body(ins_ctx->replacing, __http_body, __http_body_len, 0); + tfe_http_half_append_body(ins_ctx->replacing, http_body, http_body_len, 0); } if (rewrite_buff != NULL) @@ -1684,7 +1677,7 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_ static void http_manipulate(const struct tfe_stream * stream, const struct tfe_http_session * session, enum tfe_http_event events, const unsigned char * body_frag, size_t frag_size, struct pangu_http_ctx * ctx) { - struct plolicy_param *param = ctx->param; + struct policy_action_param *param = ctx->param; if (param == NULL) { TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get the json format parsed. config_id = %d", @@ -2138,8 +2131,8 @@ void pangu_on_http_begin(const struct tfe_stream * stream, tmp=tfe_stream_addr_str_split(addr_string, &sip, NULL, &dip, NULL); assert(tmp==0); - source_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscribe_id_table_id, sip); - dest_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscribe_id_table_id, dip); + source_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscriber_id_table_id, sip); + dest_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscriber_id_table_id, dip); if(source_subscribe_id!=NULL) { diff --git a/plugin/business/pangu-http/src/pangu_logger.cpp b/plugin/business/pangu-http/src/pangu_logger.cpp index 2416495..862f0b5 100644 --- a/plugin/business/pangu-http/src/pangu_logger.cpp +++ b/plugin/business/pangu-http/src/pangu_logger.cpp @@ -173,8 +173,9 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg) common_obj=cJSON_CreateObject(); cur_time = time(NULL); - - cJSON_AddNumberToObject(common_obj, "found_time", cur_time); + + cJSON_AddNumberToObject(common_obj, "start_time", cur_time); + cJSON_AddNumberToObject(common_obj, "end_time", cur_time); cJSON_AddNumberToObject(common_obj, "recv_time", cur_time); switch(addr->addrtype) @@ -183,20 +184,20 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg) cJSON_AddNumberToObject(common_obj, "addr_type", 4); inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str)); inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str)); - cJSON_AddStringToObject(common_obj, "s_ip", src_ip_str); - cJSON_AddStringToObject(common_obj, "d_ip", dst_ip_str); - cJSON_AddNumberToObject(common_obj, "s_port", ntohs(addr->tuple4_v4->source)); - cJSON_AddNumberToObject(common_obj, "d_port", ntohs(addr->tuple4_v4->dest)); + cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str); + cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str); + cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source)); + cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest)); cJSON_AddStringToObject(common_obj, "trans_proto", "IPv4_TCP"); break; case TFE_ADDR_STREAM_TUPLE4_V6: cJSON_AddNumberToObject(common_obj, "addr_type", 6); inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str)); inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str)); - cJSON_AddStringToObject(common_obj, "s_ip", src_ip_str); - cJSON_AddStringToObject(common_obj, "d_ip", dst_ip_str); - cJSON_AddNumberToObject(common_obj, "s_port", ntohs(addr->tuple4_v6->source)); - cJSON_AddNumberToObject(common_obj, "d_port", ntohs(addr->tuple4_v6->dest)); + cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str); + cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str); + cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source)); + cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest)); cJSON_AddStringToObject(common_obj, "trans_proto", "IPv6_TCP"); break; default: @@ -207,7 +208,6 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg) cJSON_AddStringToObject(common_obj, "cap_ip", handle->local_ip_str); cJSON_AddNumberToObject(common_obj, "entrance_id", handle->entry_id); cJSON_AddNumberToObject(common_obj, "device_id", 0); - cJSON_AddStringToObject(common_obj, "user_region", "null"); cJSON_AddStringToObject(common_obj, "url", http->req->req_spec.url); for(size_t i=0;iresult[i].config_id); + cJSON_AddNumberToObject(per_hit_obj, "policy_id", log_msg->result[i].config_id); cJSON_AddNumberToObject(per_hit_obj, "service", log_msg->result[i].service_id); + cJSON_AddNumberToObject(per_hit_obj, "action", log_msg->result[i].action); log_payload = cJSON_Print(per_hit_obj); TFE_LOG_DEBUG(handle->local_logger, "%s", log_payload); diff --git a/plugin/business/pangu-http/src/pattern_replace.cpp b/plugin/business/pangu-http/src/pattern_replace.cpp index a627c31..48ed794 100644 --- a/plugin/business/pangu-http/src/pattern_replace.cpp +++ b/plugin/business/pangu-http/src/pattern_replace.cpp @@ -279,72 +279,71 @@ size_t execute_replace_rule(const char * in, size_t in_sz, } } -size_t insert_string(char * in, size_t in_sz, const char *insert_on, const char *stype, const char *type, char** out) +size_t insert_string(char * in, size_t in_sz, const char *insert_on, const char *script, const char *type, char** out) { char *target=NULL; - size_t outlen=0, target_size=0; - char position[]=""; + size_t target_size=0; - /* ""*/ - int js_type_len = 58; - /*""*/ - int css_type_len = 49; - - char* head_string=NULL; - - if (0==strcasecmp(type, "css")) - { - target_size = in_sz+strlen(stype)+1+css_type_len; - target = ALLOC(char, target_size + 1); - } - - if (0==strcasecmp(type, "js")) - { - target_size = in_sz+strlen(stype)+1+js_type_len; - target = ALLOC(char, target_size + 1); - } + const char* js_style=""; + const char* css_style= ""; + const char* this_style=NULL; + size_t concat_len=0, concat_size=0; + char* concat_style=NULL; + char* insert_from=NULL; + size_t offset=0; if (insert_on != NULL && 0==strcasecmp(insert_on, "after-page-load")) { - memcpy(position, "", sizeof(position)); + insert_from=strstr(in, ""); } - head_string=strstr(in, position); - if (head_string != NULL) + else { - strncat(target, in, MIN((unsigned int)(head_string-in), target_size)); - size_t style_len = 0; char *style_msg = NULL; - if (0==strcasecmp(type, "js")) - { - style_len = strlen(stype)+1+js_type_len; - style_msg = ALLOC(char, style_len); - snprintf(style_msg, style_len, "", stype); - } - if (0==strcasecmp(type, "css")) - { - style_len = strlen(stype)+1+css_type_len; - style_msg = ALLOC(char, style_len); - snprintf(style_msg, style_len, "", stype); - } + insert_from=strstr(in, ""); + } + if(!insert_from) + { + return 0; + } - strncat(target, style_msg, MIN(style_len, target_size)); - free(style_msg); - style_msg = NULL; - strncat(target, head_string, (target_size - (head_string-in) - style_len)); - target[target_size-1] = '\0'; - outlen = target_size; - *out = target; - }else + if (0==strcasecmp(type, "css")) { - free(target); - target = NULL; - outlen = 0; + this_style=css_style; } - return outlen; + else if (0==strcasecmp(type, "js")) + { + this_style=js_style; + } + else + { + assert(0); + } + concat_size = strlen(script)+1+strlen(this_style); + concat_style = ALLOC(char, concat_size); + concat_len=snprintf(concat_style, concat_size, + this_style, + script); + + target_size = in_sz+concat_len; + target = ALLOC(char, target_size); + assert((unsigned int)(insert_from-in) <= target_size); + offset=0; + memcpy(target+offset, in, insert_from-in); + offset+=insert_from-in; + memcpy(target+offset, concat_style, concat_len); + offset+=concat_len; + memcpy(target+offset, insert_from, in_sz-(insert_from-in)); + offset+=in_sz-(insert_from-in); + assert(target_size==offset+1); + + free(concat_style); + concat_style = NULL; + *out=target; + return target_size; } size_t execute_insert_rule(char * in, size_t in_sz, const struct insert_rule * rules, char** out) { - return insert_string(in, in_sz, rules->position, rules->stype, rules->type, out); + return insert_string(in, in_sz, rules->position, rules->script, rules->type, out); } void simple_replace(const char* find, const char* replacement, const char* input, size_t in_sz, char** output, size_t *output_sz) diff --git a/plugin/business/pangu-http/src/pattern_replace.h b/plugin/business/pangu-http/src/pattern_replace.h index 639a02d..7430ff1 100644 --- a/plugin/business/pangu-http/src/pattern_replace.h +++ b/plugin/business/pangu-http/src/pattern_replace.h @@ -23,7 +23,7 @@ struct replace_rule struct insert_rule { - char * stype; + char * script; char * type; char * position; }; diff --git a/plugin/protocol/http2/src/http2_stream.cpp b/plugin/protocol/http2/src/http2_stream.cpp index 583dd31..7dde107 100644 --- a/plugin/protocol/http2/src/http2_stream.cpp +++ b/plugin/protocol/http2/src/http2_stream.cpp @@ -629,6 +629,7 @@ tfe_half_private_init(enum tfe_http_direction direction, int32_t stream_id, memset(half_private, 0, sizeof(struct http2_half_private)); half_private->half_public.direction = direction; + half_private->half_public.major_version = 2; half_private->half_public.ops = &h2_half_ops; headers_init(&half_private->headers); diff --git a/resource/pangu/table_info.conf b/resource/pangu/table_info.conf index 6598c77..9da1e97 100644 --- a/resource/pangu/table_info.conf +++ b/resource/pangu/table_info.conf @@ -28,7 +28,7 @@ 10 PXY_CACHE_GROUP group -- 11 PXY_CACHE_HTTP_URL expr UTF8 UTF8 yes 0 quickoff 12 PXY_CACHE_HTTP_COOKIE expr UTF8 UTF8 yes 0 quickoff -13 PXY_OBJ_TRUSTED_CA_CERT plugin {"valid":4,"foreign":"3"} +13 PXY_PROFILE_TRUSTED_CA_CERT plugin {"valid":4,"foreign":"3"} 14 PXY_OBJ_TRUSTED_CA_CRL plugin {"valid":4,"foreign":"3"} 15 PXY_PROFILE_RESPONSE_PAGES plugin {"key":1,"valid":5} 16 PXY_PROFILE_HIJACK_FILES plugin {"key":1,"valid":5}