gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.Manipulate动作重构修改

Browse Source 
2.修改pangu_send_log中log字段名
3.修改可信证书颁发机构表名
This commit is contained in:
fengweihao
2019-05-28 14:59:39 +08:00
parent ea1f876eb7
commit f106facd7b
6 changed files with 347 additions and 353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

535
plugin/business/pangu-http/src/pangu_http.cpp
View File

@@ -43,7 +43,7 @@ enum pangu_action //Bigger action number is prior.
__PG_ACTION_MAX
};
enum manipulate_actin
enum manipulate_action
{
MA_ACTION_REDIRECT = 0,
MA_ACTION_BLOCK,
@@ -81,17 +81,17 @@ enum pangu_http_stat
__PG_STAT_MAX
};
enum policy_table
enum manipulate_profile_table
{
POLICY_TABLE_REJECT,
POLICY_TABLE_HIJACK,
POLICY_TABLE_INSERT,
POLICY_TABLE_MAX
POLICY_PROFLIE_TABLE_REJECT,
POLICY_PROFILE_TABLE_HIJACK,
POLICY_PROFILE_TABLE_INSERT,
POLICY_PROFILE_TABLE_MAX
};
struct policy_object
struct manipulate_profile
{
int cfg_id;
int profile_id;
size_t msg_len;
char *profile_name;
char *profile_msg;
@@ -99,10 +99,10 @@ struct policy_object
ctemplate::Template * tpl;
};
struct plolicy_param
struct policy_action_param
{
int ref_cnt;
int action;
enum manipulate_action action;
char *message;
char *position;
@@ -119,13 +119,13 @@ struct pangu_rt
{
Maat_feather_t maat;
Maat_feather_t dyn_maat;
int subscribe_id_table_id;
int subscriber_id_table_id;
struct pangu_logger * send_logger;
void * local_logger;
int log_level;
int thread_num;
int scan_table_id[__SCAN_TABLE_MAX];
int plolicy_table_id[POLICY_TABLE_MAX];
int plolicy_table_id[POLICY_PROFILE_TABLE_MAX];
ctemplate::Template * tpl_403, * tpl_404, * tpl_451;
char * reject_page;
int page_size;
@@ -140,7 +140,7 @@ struct pangu_rt
struct event_base* gc_evbase;
struct event* gcev;
int plolicy_param_idx;
int ctrl_compile_idx;
int ca_store_reseting;
};
@@ -443,26 +443,26 @@ void subscribe_id_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void
*ad=NULL;
}
static
int to_val_idx(const char *key)
static enum manipulate_action manipulate_action_str2idx(const char *action_str)
{
const char *clue_action_map[] = {"redirect",
"block",
"replace",
"hijack",
"insert"
};
const char *clue_action_map[__MA_ACTION_MAX];
clue_action_map[MA_ACTION_REDIRECT]= "redirect";
clue_action_map[MA_ACTION_BLOCK]= "block";
clue_action_map[MA_ACTION_REPLACE]= "replace";
clue_action_map[MA_ACTION_HIJACK]= "hijack";
clue_action_map[MA_ACTION_INSERT]= "insert";
size_t i = 0;
for (i = 0; i < sizeof(clue_action_map) / sizeof(const char *); i++)
{
if (0 == strcasecmp(key, clue_action_map[i]))
if (0 == strcasecmp(action_str, clue_action_map[i]))
break;
}
return i;
return (enum manipulate_action)i;
}
void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_def_large,
void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_def_large,
MAAT_RULE_EX_DATA* ad, long argl, void *argp)
{
*ad=NULL;
@@ -470,6 +470,7 @@ void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_d
{
return;
}
int rule_id;
cJSON *json=NULL, *rules=NULL, *item=NULL;
json=cJSON_Parse(srv_def_large);
if(json==NULL)
@@ -478,64 +479,71 @@ void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_d
return;
}
struct plolicy_param* param=ALLOC(struct plolicy_param, 1);
struct policy_action_param* param=ALLOC(struct policy_action_param, 1);
param->ref_cnt=1;
pthread_mutex_init(&(param->lock), NULL);
item=cJSON_GetObjectItem(json,"method");
if(item && item->type==cJSON_String){
param->action =to_val_idx(item->valuestring);
if(item && item->type==cJSON_String)
{
param->action =manipulate_action_str2idx(item->valuestring);
}
switch(param->action)
{
case MA_ACTION_REDIRECT:
item=cJSON_GetObjectItem(json,"code");
if(item && item->type==cJSON_Number){
if(item && item->type==cJSON_Number)
{
param->status_code = item->valueint;
}
item=cJSON_GetObjectItem(json,"to");
if(item && item->type==cJSON_String){
if(item && item->type==cJSON_String)
{
param->message = tfe_strdup(item->valuestring);
}
break;
case MA_ACTION_BLOCK:
item=cJSON_GetObjectItem(json,"code");
if(item && item->type==cJSON_Number){
if(item && item->type==cJSON_Number)
{
param->status_code = item->valueint;
}
item=cJSON_GetObjectItem(json,"message");
if(item && item->type==cJSON_String){
if(item && item->type==cJSON_String)
{
param->message = tfe_strdup(item->valuestring);
}
item=cJSON_GetObjectItem(json,"html_profile");
if(item && item->type==cJSON_Number){
if(item && item->type==cJSON_Number)
{
param->profile_id = item->valueint;
}
break;
case MA_ACTION_REPLACE:
rules = cJSON_GetObjectItem(json, "rules");
if(rules)
if(rules == NULL)
{
size_t idx = 0;
break;
}
rule_id = 0;
param->rule = ALLOC(struct replace_rule, MAX_EDIT_ZONE_NUM);
for (item = rules->child; item != NULL; item = item->next)
{
char * search = cJSON_GetObjectItem(item , "search_in")->valuestring;
if (search == NULL) break;
param->rule[idx].zone = zone_name_to_id(search);
if (param->rule[idx].zone == kZoneMax)
param->rule[rule_id].zone = zone_name_to_id(search);
if (param->rule[rule_id].zone == kZoneMax)
{
break;
}
param->rule[idx].find = tfe_strdup(cJSON_GetObjectItem(item , "find")->valuestring);
param->rule[idx].replace_with = tfe_strdup(cJSON_GetObjectItem(item , "replace_with")->valuestring);
idx++;
}
param->n_rule = idx;
param->rule[rule_id].find = tfe_strdup(cJSON_GetObjectItem(item , "find")->valuestring);
param->rule[rule_id].replace_with = tfe_strdup(cJSON_GetObjectItem(item , "replace_with")->valuestring);
rule_id++;
}
param->n_rule = rule_id;
break;
case MA_ACTION_HIJACK:
item=cJSON_GetObjectItem(json,"hijack_profile");
@@ -561,14 +569,14 @@ void policy_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_d
return;
}
void policy_param_free(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp)
void policy_action_param_free_cb(int table_id, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp)
{
unsigned int i=0;
if(*ad==NULL)
{
return;
}
struct plolicy_param* param=(struct plolicy_param*)*ad;
struct policy_action_param* param=(struct policy_action_param*)*ad;
pthread_mutex_lock(&(param->lock));
param->ref_cnt--;
if(param->ref_cnt>0)
@@ -592,52 +600,58 @@ void policy_param_free(int idx, const struct Maat_rule_t* rule, const char* srv_
return;
}
void policy_param_dup(int idx, MAAT_RULE_EX_DATA *to, MAAT_RULE_EX_DATA *from, long argl, void *argp)
void policy_action_param_free(struct policy_action_param* param)
{
struct plolicy_param* from_param=*((struct plolicy_param**)from);
pthread_mutex_lock(&(from_param->lock));
from_param->ref_cnt++;
pthread_mutex_unlock(&(from_param->lock));
*((struct plolicy_param**)to)=from_param;
policy_action_param_free_cb(0, NULL, NULL, (void**)&param, 0, NULL);
return;
}
void policy_table_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
void policy_action_param_dup(int idx, MAAT_RULE_EX_DATA *to, MAAT_RULE_EX_DATA *from, long argl, void *argp)
{
int ret=0, cfg_id=0, is_valid=0;
struct policy_action_param* from_param=*((struct policy_action_param**)from);
pthread_mutex_lock(&(from_param->lock));
from_param->ref_cnt++;
pthread_mutex_unlock(&(from_param->lock));
*((struct policy_action_param**)to)=from_param;
return;
}
void ma_profile_table_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{
int ret=0, profile_id=0, is_valid=0;
char profile_name[128]={0}, formate[128]={0};
char profile_path[TFE_PATH_MAX]={0};
ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%d", &cfg_id, profile_name, formate, profile_path, &is_valid);
ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%d", &profile_id, profile_name, formate, profile_path, &is_valid);
if(ret!=5)
{
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Policy table parse config failed: %s", table_line);
return;
}
struct policy_object* ply_obj=ALLOC(struct policy_object, 1);
struct manipulate_profile* ply_profile=ALLOC(struct manipulate_profile, 1);
ply_obj->cfg_id=cfg_id;
ply_profile->profile_id=profile_id;
if(strcasecmp(formate, "template") == 0)
{
ply_obj->tpl = ctemplate::Template::GetTemplate(profile_path, ctemplate::DO_NOT_STRIP);
ply_profile->tpl = ctemplate::Template::GetTemplate(profile_path, ctemplate::DO_NOT_STRIP);
}else
{
ply_obj->profile_msg = execute_read_file(profile_path, &ply_obj->msg_len);
if (ply_obj->profile_msg == NULL)
ply_profile->profile_msg = execute_read_file(profile_path, &ply_profile->msg_len);
if (ply_profile->profile_msg == NULL)
{
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Read file failed %d:%s:%s", cfg_id, profile_name, profile_path);
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Read file failed %d:%s:%s", profile_id, profile_name, profile_path);
}
}
ply_obj->profile_name=tfe_strdup(profile_name);
ply_obj->profile_type=tfe_strdup(formate);
ply_profile->profile_name=tfe_strdup(profile_name);
ply_profile->profile_type=tfe_strdup(formate);
*ad = ply_obj;
*ad = ply_profile;
return;
}
void policy_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp)
void ma_profile_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp)
{
struct policy_object* ply_obj=(struct policy_object*)(*ad);
struct manipulate_profile* ply_obj=(struct manipulate_profile*)(*ad);
FREE(&ply_obj->profile_type);
FREE(&ply_obj->profile_msg);
FREE(&ply_obj->profile_name);
@@ -645,9 +659,9 @@ void policy_table_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void
*ad=NULL;
}
void policy_table_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp)
void ma_profile_table_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp)
{
struct policy_object* ply_obj=(struct policy_object*)(*from);
struct manipulate_profile* ply_obj=(struct manipulate_profile*)(*from);
*to=ply_obj;
}
@@ -658,103 +672,46 @@ int maat_table_init(const char* table_name,
int table_id=0;
table_id=Maat_table_register(g_pangu_rt->maat, table_name);
if(table_id<0)
if(table_id>=0)
{
goto finish;
}
Maat_table_callback_register(g_pangu_rt->maat, table_id,
start, update, finish, u_para);
finish:
}
return table_id;
}
int maat_table_ex_init(const char* table_name, int policy_id,
int maat_table_ex_init(int profile_idx,
Maat_plugin_EX_new_func_t* new_func,
Maat_plugin_EX_free_func_t* free_func,
Maat_plugin_EX_dup_func_t* dup_func)
{
int table_id = 0;
table_id=g_pangu_rt->plolicy_table_id[policy_id]=Maat_table_register(g_pangu_rt->maat, table_name);
if(table_id<0)
{
goto finish;
}
table_id=Maat_plugin_EX_register(g_pangu_rt->maat,
table_id,
new_func,free_func,
dup_func,NULL,0,NULL);
finish:
return table_id;
}
int panggu_policy_init()
{
int table_id=0, policy_id = 0;
const char *table_name_map[] = {"PXY_PROFILE_RESPONSE_PAGES",
"PXY_PROFILE_HIJACK_FILES",
"PXY_PROFILE_INSERT_SCRIPTS",
};
"PXY_PROFILE_INSERT_SCRIPTS"};
table_id = maat_table_init("PXY_OBJ_TRUSTED_CA_CERT",
trusted_CA_update_start_cb,
trusted_CA_update_cert_cb,
trusted_CA_update_finish_cb,
g_pangu_rt);
if(table_id<0)
table_id=g_pangu_rt->plolicy_table_id[profile_idx]=Maat_table_register(g_pangu_rt->maat, table_name_map[profile_idx]);
if(table_id >= 0)
{
TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CERT failed.");
goto finish;
table_id=Maat_plugin_EX_register(g_pangu_rt->maat,
table_id,
new_func,
free_func,
dup_func,
NULL, 0, NULL);
return 0;
}
TFE_LOG_INFO(NULL, "Pangu HTTP register table %s failed.", table_name_map[profile_idx]);
table_id = maat_table_init("PXY_OBJ_TRUSTED_CA_CRL",
trusted_CA_update_start_cb,
trusted_CA_update_crl_cb,
trusted_CA_update_finish_cb,
g_pangu_rt);
if(table_id<0)
{
TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CRL failed.");
goto finish;
}
for (policy_id = 0; policy_id <POLICY_TABLE_MAX; policy_id++)
{
table_id = maat_table_ex_init(table_name_map[policy_id], policy_id,
policy_table_new_cb,
policy_table_free_cb,
policy_table_dup_cb);
if(table_id<0)
{
TFE_LOG_INFO(NULL, "Pangu HTTP register table %s failed.", table_name_map[policy_id]);
goto finish;
}
}
finish:
return table_id;
return -1;
}
int pangu_http_init(struct tfe_proxy * proxy)
int pangu_policy_init(const char* profile_path, const char* static_section, const char* dynamic_section)
{
const char * profile = "./conf/pangu/pangu_pxy.conf";
const char * logfile = "./log/pangu_pxy.log";
int table_id=0, temp=0;
int ret = 0;
int profile_table_idx = 0;
g_pangu_rt = ALLOC(struct pangu_rt, 1);
g_pangu_rt->thread_num = tfe_proxy_get_work_thread_count();
g_pangu_rt->gc_evbase=tfe_proxy_get_gc_evbase();
MESA_load_profile_int_def(profile, "DEBUG", "LOG_LEVEL", &(g_pangu_rt->log_level), 0);
g_pangu_rt->local_logger = MESA_create_runtime_log_handle(logfile, g_pangu_rt->log_level);
g_pangu_rt->send_logger = pangu_log_handle_create(profile, "LOG", g_pangu_rt->local_logger);
if (!g_pangu_rt->send_logger)
{
goto error_out;
}
g_pangu_rt->fs_handle = tfe_proxy_get_fs_handle();
pangu_http_stat_init(g_pangu_rt);
g_pangu_rt->maat = create_maat_feather("static", profile, "MAAT", g_pangu_rt->thread_num, g_pangu_rt->local_logger);
g_pangu_rt->maat = create_maat_feather("static", profile_path, static_section, g_pangu_rt->thread_num, g_pangu_rt->local_logger);
if (!g_pangu_rt->maat)
{
goto error_out;
@@ -778,57 +735,119 @@ int pangu_http_init(struct tfe_proxy * proxy)
}
}
g_pangu_rt->plolicy_param_idx=Maat_rule_get_ex_new_index(g_pangu_rt->maat, "PXY_CTRL_COMPILE",
policy_param_new, policy_param_free, policy_param_dup,
g_pangu_rt->ctrl_compile_idx=Maat_rule_get_ex_new_index(g_pangu_rt->maat, "PXY_CTRL_COMPILE",
policy_action_param_new,
policy_action_param_free_cb,
policy_action_param_dup,
0, NULL);
table_id = panggu_policy_init();
if(table_id<0)
ret = maat_table_init("PXY_PROFILE_TRUSTED_CA_CERT",
trusted_CA_update_start_cb,
trusted_CA_update_cert_cb,
trusted_CA_update_finish_cb,
g_pangu_rt);
if(ret<0)
{
TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CERT failed.");
goto error_out;
}
g_pangu_rt->dyn_maat = create_maat_feather("dyn", profile, "DYNAMIC_MAAT", g_pangu_rt->thread_num, g_pangu_rt->local_logger);
ret = maat_table_init("PXY_OBJ_TRUSTED_CA_CRL",
trusted_CA_update_start_cb,
trusted_CA_update_crl_cb,
trusted_CA_update_finish_cb,
g_pangu_rt);
if(ret<0)
{
TFE_LOG_INFO(NULL, "Pangu HTTP register table PXY_OBJ_TRUSTED_CA_CRL failed.");
goto error_out;
}
for (profile_table_idx = 0; profile_table_idx <POLICY_PROFILE_TABLE_MAX; profile_table_idx++)
{
ret = maat_table_ex_init(profile_table_idx,
ma_profile_table_new_cb,
ma_profile_table_free_cb,
ma_profile_table_dup_cb);
if(ret<0)
{
goto error_out;
}
}
g_pangu_rt->dyn_maat = create_maat_feather("dyn", profile_path, dynamic_section, g_pangu_rt->thread_num, g_pangu_rt->local_logger);
if (!g_pangu_rt->maat)
{
goto error_out;
}
g_pangu_rt->subscribe_id_table_id=Maat_table_register(g_pangu_rt->dyn_maat, "IPD_DYN_SUBSCRIBE_IP");
temp=Maat_plugin_EX_register(g_pangu_rt->dyn_maat,
g_pangu_rt->subscribe_id_table_id,
g_pangu_rt->subscriber_id_table_id=Maat_table_register(g_pangu_rt->dyn_maat, "IPD_DYN_SUBSCRIBE_IP");
ret=Maat_plugin_EX_register(g_pangu_rt->dyn_maat,
g_pangu_rt->subscriber_id_table_id,
subscribe_id_new_cb,
subscribe_id_free_cb,
subscribe_id_dup_cb,
NULL,
0,
NULL);
if(temp!=0)
if(ret!=0)
{
TFE_LOG_ERROR(NULL, "Pangu HTTP Dynamic Maat IPD_DYN_SUBSCIBE_IP EX data register failed.");
goto error_out;
}
error_out:
return ret;
}
int pangu_http_init(struct tfe_proxy * proxy)
{
const char * profile_path = "./conf/pangu/pangu_pxy.conf";
const char * logfile = "./log/pangu_pxy.log";
int temp=0;
g_pangu_rt = ALLOC(struct pangu_rt, 1);
g_pangu_rt->thread_num = tfe_proxy_get_work_thread_count();
g_pangu_rt->gc_evbase=tfe_proxy_get_gc_evbase();
MESA_load_profile_int_def(profile_path, "DEBUG", "LOG_LEVEL", &(g_pangu_rt->log_level), 0);
g_pangu_rt->local_logger = MESA_create_runtime_log_handle(logfile, g_pangu_rt->log_level);
g_pangu_rt->send_logger = pangu_log_handle_create(profile_path, "LOG", g_pangu_rt->local_logger);
if (!g_pangu_rt->send_logger)
{
goto error_out;
}
g_pangu_rt->fs_handle = tfe_proxy_get_fs_handle();
pangu_http_stat_init(g_pangu_rt);
if(pangu_policy_init(profile_path, "MAAT", "DYNAMIC_MAAT")<0)
{
goto error_out;
}
char page_path[256];
memset(page_path, 0, sizeof(page_path));
MESA_load_profile_string_def(profile, "TEMPLATE", "PAGE_403", page_path, sizeof(page_path),
MESA_load_profile_string_def(profile_path, "TEMPLATE", "PAGE_403", page_path, sizeof(page_path),
"./resource/pangu/HTTP403.html");
g_pangu_rt->tpl_403 = ctemplate::Template::GetTemplate(page_path, ctemplate::DO_NOT_STRIP);
memset(page_path, 0, sizeof(page_path));
MESA_load_profile_string_def(profile, "TEMPLATE", "PAGE_404", page_path, sizeof(page_path),
MESA_load_profile_string_def(profile_path, "TEMPLATE", "PAGE_404", page_path, sizeof(page_path),
"./resource/pangu/HTTP404.html");
g_pangu_rt->tpl_404 = ctemplate::Template::GetTemplate(page_path, ctemplate::DO_NOT_STRIP);
memset(page_path, 0, sizeof(page_path));
MESA_load_profile_string_def(profile, "TEMPLATE", "PAGE_451", page_path, sizeof(page_path),
MESA_load_profile_string_def(profile_path, "TEMPLATE", "PAGE_451", page_path, sizeof(page_path),
"./resource/pangu/HTTP451.html");
g_pangu_rt->tpl_451 = ctemplate::Template::GetTemplate(page_path, ctemplate::DO_NOT_STRIP);
MESA_load_profile_int_def(profile, "TANGO_CACHE", "suspend_max", &(temp), 1024*1024);
MESA_load_profile_int_def(profile_path, "TANGO_CACHE", "suspend_max", &(temp), 1024*1024);
g_pangu_rt->suspend_max=temp;
MESA_load_profile_int_def(profile, "TANGO_CACHE", "enable_cache", &(g_pangu_rt->cache_enabled), 1);
MESA_load_profile_int_def(profile_path, "TANGO_CACHE", "enable_cache", &(g_pangu_rt->cache_enabled), 1);
if(g_pangu_rt->cache_enabled)
{
g_pangu_rt->cache = create_web_cache_handle(profile, "TANGO_CACHE", g_pangu_rt->gc_evbase,
g_pangu_rt->cache = create_web_cache_handle(profile_path, "TANGO_CACHE", g_pangu_rt->gc_evbase,
g_pangu_rt->maat, g_pangu_rt->local_logger);
if(!g_pangu_rt->cache)
{
@@ -874,7 +893,7 @@ struct pangu_http_ctx
struct Maat_rule_t * enforce_rules;
size_t n_enforce;
char * enforce_para;
struct plolicy_param *param;
struct policy_action_param *param;
struct evbuffer* log_req_body, *log_resp_body;
struct replace_ctx * rep_ctx;
@@ -910,6 +929,10 @@ void http_repl_ctx_free(struct replace_ctx* rep_ctx)
void http_ins_ctx_free(struct insert_ctx* ins_ctx)
{
FREE(&ins_ctx->rule->script);
FREE(&ins_ctx->rule->type);
if (ins_ctx->rule->position)
FREE(&ins_ctx->rule->position);
FREE(&(ins_ctx->rule));
if (ins_ctx->http_body)
{
@@ -1009,6 +1032,18 @@ static inline void addr_tfe2sapp(const struct tfe_stream_addr * tfe_addr, struct
return;
}
static struct manipulate_profile* get_profile_by_id(int profile_table, int profile_id)
{
struct manipulate_profile* result=NULL;
char cfg_id_str[16] = {0};
snprintf(cfg_id_str, sizeof(cfg_id_str), "%d", profile_id);
int table_id = g_pangu_rt->plolicy_table_id[profile_table];
result = (struct manipulate_profile*)Maat_plugin_get_EX_data(g_pangu_rt->maat, table_id, (const char*)cfg_id_str);
return result;
}
static int pangu_action_weight[__PG_ACTION_MAX] = {0};
void __pangu_action_weight_init() __attribute__((constructor, used));
void __pangu_action_weight_init()
@@ -1027,7 +1062,7 @@ static inline int action_cmp(enum pangu_action a1, enum pangu_action a2)
//enforce_rules[0] contains execute action.
static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules, size_t n_hit,
struct Maat_rule_t ** enforce_rules, size_t * n_enforce, struct plolicy_param **param)
struct Maat_rule_t ** enforce_rules, size_t * n_enforce, struct policy_action_param **param)
{
size_t n_monit = 0, exist_enforce_num = 0, i = 0;
const struct Maat_rule_t * prior_rule = hit_rules;
@@ -1089,10 +1124,10 @@ static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules
memcpy(*enforce_rules + exist_enforce_num + 1, monit_rule, n_monit * sizeof(struct Maat_rule_t));
}
void *ex_data=Maat_rule_get_ex_data(g_pangu_rt->maat, prior_rule, g_pangu_rt->plolicy_param_idx);
void *ex_data=Maat_rule_get_ex_data(g_pangu_rt->maat, prior_rule, g_pangu_rt->ctrl_compile_idx);
if(ex_data!=NULL)
{
*param=(struct plolicy_param*)ex_data;
*param=(struct policy_action_param*)ex_data;
}
return prior_action;
@@ -1122,68 +1157,50 @@ static void template_generate(int status_code, int cfg_id, const char* msg, char
*page_buff = tfe_strdup(output.c_str());
}
static int html_generate(int cfg_id, const char* msg, char ** page_buff, size_t * page_size)
void manipulate_profile_free(struct manipulate_profile* ma_profile)
{
FREE(&ma_profile->profile_type);
FREE(&ma_profile->profile_msg);
FREE(&ma_profile->profile_name);
FREE(&ma_profile);
}
static int html_generate(int profile_id, const char* msg, char ** page_buff, size_t * page_size)
{
#define KEY_LEN 16
int ret = 0;
struct policy_object* ply_obj=NULL;
int tables_id = g_pangu_rt->plolicy_table_id[POLICY_TABLE_REJECT];
char cfg_id_str[KEY_LEN] = {0};
snprintf(cfg_id_str, KEY_LEN, "%d", cfg_id);
ply_obj = (struct policy_object*)Maat_plugin_get_EX_data(g_pangu_rt->maat, tables_id, (const char*)cfg_id_str);
if(ply_obj==NULL)
struct manipulate_profile* block_profile=get_profile_by_id(POLICY_PROFLIE_TABLE_REJECT, profile_id);
if(block_profile==NULL)
{
ret=-1;
return ret;
}
if(!strncmp(ply_obj->profile_type, "template", strlen(ply_obj->profile_type)))
if(!strncmp(block_profile->profile_type, "template", strlen(block_profile->profile_type)))
{
ctemplate::TemplateDictionary dict("pg_page_dict"); //dict is automatically finalized after function returned.
dict.SetIntValue("cfg_id", cfg_id);
dict.SetIntValue("cfg_id", profile_id);
dict.SetValue("msg", msg);
std::string output;
ply_obj->tpl->Expand(&output, &dict);
block_profile->tpl->Expand(&output, &dict);
*page_size = output.length() + 1;
*page_buff = tfe_strdup(output.c_str());
}
else
{
*page_size = ply_obj->msg_len;
*page_buff = ply_obj->profile_msg;
*page_size = block_profile->msg_len;
*page_buff = tfe_strdup(block_profile->profile_msg);
}
block_profile=NULL;
return ret;
}
static void html_free(char ** page_buff)
{
if (*page_buff)
FREE(page_buff);
return;
}
static struct policy_object* get_obj_for_id(int cfg_id)
{
#define KEY_LEN 16
struct policy_object* ply_obj=NULL;
char cfg_id_str[KEY_LEN] = {0};
snprintf(cfg_id_str, KEY_LEN, "%d", cfg_id);
int tables_id = g_pangu_rt->plolicy_table_id[POLICY_TABLE_HIJACK];
ply_obj = (struct policy_object*)Maat_plugin_get_EX_data(g_pangu_rt->maat, tables_id, (const char*)cfg_id_str);
if(ply_obj==NULL)
{
goto finish;
}
finish:
return ply_obj;
}
void http_replace(const struct tfe_stream * stream, const struct tfe_http_session * session, enum tfe_http_event events,
const unsigned char * body_frag, size_t frag_size, struct pangu_http_ctx * ctx)
{
@@ -1206,7 +1223,7 @@ void http_replace(const struct tfe_stream * stream, const struct tfe_http_sessio
* the header has been forwarded, only replace the body but not modify header will raise exception */
if ((events & EV_HTTP_REQ_HDR) || (events & EV_HTTP_RESP_HDR))
{
struct plolicy_param *param = ctx->param;
struct policy_action_param *param = ctx->param;
ctx->rep_ctx = rep_ctx = ALLOC(struct replace_ctx, 1);
rep_ctx->rule = param->rule;
rep_ctx->n_rule = param->n_rule;
@@ -1344,7 +1361,7 @@ static void http_reject(const struct tfe_http_session * session, enum tfe_http_e
char *msg = NULL;
struct tfe_http_session * to_write_sess = NULL;
struct plolicy_param *param = ctx->param;
struct policy_action_param *param = ctx->param;
resp_code = param->status_code;
msg = param->message;
@@ -1384,7 +1401,7 @@ static void http_redirect(const struct tfe_http_session * session, enum tfe_http
struct tfe_http_half * response = NULL;
struct tfe_http_session * to_write = NULL;
struct plolicy_param *param = ctx->param;
struct policy_action_param *param = ctx->param;
int resp_code = param->status_code;
char *rd_url = param->message;
@@ -1422,13 +1439,13 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev
char cont_len_str[16];
struct plolicy_param *param = ctx->param;
struct policy_action_param *param = ctx->param;
int resp_code = param->status_code;
int cfg_id = param->profile_id;
int profile_id = param->profile_id;
char *message = param->message;
if (resp_code <= 0 || cfg_id <= 0){
if (resp_code <= 0 || profile_id <= 0){
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid block rule %d", ctx->enforce_rules[0].config_id);
ctx->action = PG_ACTION_NONE;
return;
@@ -1441,10 +1458,10 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev
to_write_sess = tfe_http_session_allow_write(session);
response = tfe_http_session_response_create(to_write_sess, resp_code);
ret = html_generate(cfg_id, message, &page_buff, &page_size);
ret = html_generate(profile_id, message, &page_buff, &page_size);
if (ret != 0)
{
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", cfg_id);
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", profile_id);
ctx->action = PG_ACTION_NONE;
}
tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8");
@@ -1468,91 +1485,65 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev
static void http_hijack(const struct tfe_http_session * session, enum tfe_http_event events,
struct pangu_http_ctx * ctx)
{
struct plolicy_param *param = ctx->param;
struct policy_action_param *param = ctx->param;
struct tfe_http_half * response = NULL;
int cfg_id = param->profile_id;
if (cfg_id <= 0){
if (param->profile_id <= 0 || !(events & EV_HTTP_RESP_HDR || tfe_http_in_request(events)))
{
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid hijack rule %d",
ctx->enforce_rules[0].config_id);
ctx->action = PG_ACTION_NONE;
return;
}
struct tfe_http_half * response = NULL;
char cont_len_str[16];
struct tfe_http_session * to_write_sess = NULL;
if(events & EV_HTTP_RESP_HDR || tfe_http_in_request(events))
struct manipulate_profile* hijack_profile=get_profile_by_id(POLICY_PROFILE_TABLE_HIJACK, param->profile_id);
if (NULL == hijack_profile)
{
to_write_sess = tfe_http_session_allow_write(session);
response = tfe_http_session_response_create(to_write_sess, 200);
struct policy_object* ply_obj=get_obj_for_id(cfg_id);
if (NULL == ply_obj){
TFE_LOG_ERROR(g_pangu_rt->local_logger, "get table obj faild, table_id = %d", cfg_id);
TFE_LOG_ERROR(g_pangu_rt->local_logger, "get table obj faild, table_id = %d", param->profile_id);
ctx->action = PG_ACTION_NONE;
return;
}
int hijack_len = strlen(ply_obj->profile_name)+strlen("filename=\"\"")+1;
struct tfe_http_session * to_write_sess = NULL;
char cont_len_str[16];
to_write_sess = tfe_http_session_allow_write(session);
response = tfe_http_session_response_create(to_write_sess, 200);
int hijack_len = strlen(hijack_profile->profile_name)+strlen("filename=\"\"")+1;
char *hijack_name = ALLOC(char, hijack_len);
snprintf(hijack_name, hijack_len, "filename=\"%s\"", ply_obj->profile_name);
snprintf(hijack_name, hijack_len, "filename=\"%s\"", hijack_profile->profile_name);
tfe_http_nonstd_field_write(response, "Content-Disposition", hijack_name);
FREE(&hijack_name);
tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, ply_obj->profile_type);
snprintf(cont_len_str, sizeof(cont_len_str), "%lu", ply_obj->msg_len);
tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, hijack_profile->profile_type);
snprintf(cont_len_str, sizeof(cont_len_str), "%lu", hijack_profile->msg_len);
tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str);
char * page_buff = ply_obj->profile_msg;
size_t page_size = ply_obj->msg_len;
size_t frag_size=8192; size_t sendlen=0;
unsigned char body_frag[frag_size + 1];
tfe_http_half_append_body(response, hijack_profile->profile_msg, hijack_profile->msg_len, 0);
tfe_http_half_append_body(response, NULL, 0, 0);
tfe_http_session_response_set(to_write_sess, response);
tfe_http_half_write_body_begin(response, 1);
for (sendlen= 0; sendlen < page_size; sendlen+=frag_size)
{
memcpy(body_frag, page_buff+sendlen, frag_size);
tfe_http_half_write_body_data(response, body_frag, frag_size);
memset(body_frag, 0, frag_size);
}
tfe_http_half_write_body_end(response);
tfe_http_session_detach(session);
}
else
{
to_write_sess = tfe_http_session_allow_write(session);
tfe_http_session_kill(to_write_sess);
}
hijack_profile=NULL;
return;
}
static int format_insert_rule(struct plolicy_param *param, int cfg_id, struct insert_rule *rule)
static int format_insert_rule(int profile_id, const char* insert_position, struct insert_rule *rule)
{
#define KEY_LEN 16
int ret = 0;
struct policy_object* ply_obj=NULL;
int tables_id = g_pangu_rt->plolicy_table_id[POLICY_TABLE_INSERT];
char cfg_id_str[KEY_LEN] = {0};
snprintf(cfg_id_str, KEY_LEN, "%d", cfg_id);
ply_obj = (struct policy_object*)Maat_plugin_get_EX_data(g_pangu_rt->maat, tables_id, (const char*)cfg_id_str);
if(ply_obj==NULL)
struct manipulate_profile* insert_profile=get_profile_by_id(POLICY_PROFILE_TABLE_INSERT, profile_id);
if(insert_profile==NULL)
{
ret=-1;
return ret;
}
rule->stype = ply_obj->profile_msg;
rule->type = ply_obj->profile_type;
rule->script = tfe_strdup(insert_profile->profile_msg);
rule->type = tfe_strdup(insert_profile->profile_type);
if (param->position == NULL){
rule->position = NULL;
}else{
rule->position = param->position;
}
if (insert_position)
rule->position=tfe_strdup(insert_position);
insert_profile=NULL;
return ret;
}
@@ -1563,7 +1554,7 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_
char * rewrite_buff = NULL;
size_t rewrite_sz = 0;
struct plolicy_param *param = ctx->param;
struct policy_action_param *param = ctx->param;
to_write_sess = tfe_http_session_allow_write(session);
if (to_write_sess == NULL) //fail to wirte, abandon.
@@ -1576,15 +1567,16 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_
struct insert_ctx *ins_ctx = ctx->ins_ctx;
if (ctx->ins_ctx == NULL)
{
/* we must determinate the replace action on HTTP header, otherwise,
* the header has been forwarded, only replace the body but not modify header will raise exception */
if ((events & EV_HTTP_REQ_HDR) || (events & EV_HTTP_RESP_HDR))
{
int cfg_id = param->profile_id;
ctx->ins_ctx = ins_ctx = ALLOC(struct insert_ctx, 1);
ins_ctx->rule = ALLOC(struct insert_rule, 1);
int ret=format_insert_rule(param, cfg_id, ins_ctx->rule);
int ret=format_insert_rule(param->profile_id, param->position, ins_ctx->rule);
if (ret<0)
{
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", cfg_id);
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get policy table, table_id = %d", param->profile_id);
ctx->action = PG_ACTION_NONE;
return;
}
@@ -1643,21 +1635,22 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_
if ((events & EV_HTTP_REQ_BODY_END) || (events & EV_HTTP_RESP_BODY_END))
{
char * __http_body = (char *) evbuffer_pullup(ins_ctx->http_body, -1);
size_t __http_body_len = evbuffer_get_length(ins_ctx->http_body);
char * http_body = (char *) evbuffer_pullup(ins_ctx->http_body, -1);
size_t http_body_len = evbuffer_get_length(ins_ctx->http_body);
const char* cont_type_val=tfe_http_std_field_read(ins_ctx->replacing, TFE_HTTP_CONT_TYPE);
rewrite_buff = NULL;
rewrite_sz = 0;
rewrite_sz = execute_insert_rule(__http_body, __http_body_len, ins_ctx->rule, &rewrite_buff);
if (rewrite_sz >0 )
rewrite_sz = execute_insert_rule(http_body, http_body_len, ins_ctx->rule, &rewrite_buff);
if (rewrite_sz >0 && strstr(cont_type_val, "text/html"))
{
tfe_http_half_append_body(ins_ctx->replacing, rewrite_buff, rewrite_sz, 0);
ins_ctx->actually_replaced=1;
}
else
{
tfe_http_half_append_body(ins_ctx->replacing, __http_body, __http_body_len, 0);
tfe_http_half_append_body(ins_ctx->replacing, http_body, http_body_len, 0);
}
if (rewrite_buff != NULL)
@@ -1684,7 +1677,7 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_
static void http_manipulate(const struct tfe_stream * stream, const struct tfe_http_session * session,
enum tfe_http_event events, const unsigned char * body_frag, size_t frag_size, struct pangu_http_ctx * ctx)
{
struct plolicy_param *param = ctx->param;
struct policy_action_param *param = ctx->param;
if (param == NULL)
{
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Failed to get the json format parsed. config_id = %d",
@@ -2138,8 +2131,8 @@ void pangu_on_http_begin(const struct tfe_stream * stream,
tmp=tfe_stream_addr_str_split(addr_string, &sip, NULL, &dip, NULL);
assert(tmp==0);
source_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscribe_id_table_id, sip);
dest_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscribe_id_table_id, dip);
source_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscriber_id_table_id, sip);
dest_subscribe_id=(char*)Maat_plugin_get_EX_data(g_pangu_rt->dyn_maat, g_pangu_rt->subscriber_id_table_id, dip);
if(source_subscribe_id!=NULL)
{

23
plugin/business/pangu-http/src/pangu_logger.cpp
View File

@@ -174,7 +174,8 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
common_obj=cJSON_CreateObject();
cur_time = time(NULL);
cJSON_AddNumberToObject(common_obj, "found_time", cur_time);
cJSON_AddNumberToObject(common_obj, "start_time", cur_time);
cJSON_AddNumberToObject(common_obj, "end_time", cur_time);
cJSON_AddNumberToObject(common_obj, "recv_time", cur_time);
switch(addr->addrtype)
@@ -183,20 +184,20 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
cJSON_AddNumberToObject(common_obj, "addr_type", 4);
inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "s_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "d_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "s_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "d_port", ntohs(addr->tuple4_v4->dest));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest));
cJSON_AddStringToObject(common_obj, "trans_proto", "IPv4_TCP");
break;
case TFE_ADDR_STREAM_TUPLE4_V6:
cJSON_AddNumberToObject(common_obj, "addr_type", 6);
inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "s_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "d_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "s_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "d_port", ntohs(addr->tuple4_v6->dest));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest));
cJSON_AddStringToObject(common_obj, "trans_proto", "IPv6_TCP");
break;
default:
@@ -207,7 +208,6 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
cJSON_AddStringToObject(common_obj, "cap_ip", handle->local_ip_str);
cJSON_AddNumberToObject(common_obj, "entrance_id", handle->entry_id);
cJSON_AddNumberToObject(common_obj, "device_id", 0);
cJSON_AddStringToObject(common_obj, "user_region", "null");
cJSON_AddStringToObject(common_obj, "url", http->req->req_spec.url);
for(size_t i=0;i<sizeof(req_fields)/sizeof(struct json_spec);i++)
{
@@ -296,8 +296,9 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
}
per_hit_obj=cJSON_Duplicate(common_obj, 1);
cJSON_AddNumberToObject(per_hit_obj, "cfg_id", log_msg->result[i].config_id);
cJSON_AddNumberToObject(per_hit_obj, "policy_id", log_msg->result[i].config_id);
cJSON_AddNumberToObject(per_hit_obj, "service", log_msg->result[i].service_id);
cJSON_AddNumberToObject(per_hit_obj, "action", log_msg->result[i].action);
log_payload = cJSON_Print(per_hit_obj);
TFE_LOG_DEBUG(handle->local_logger, "%s", log_payload);

95
plugin/business/pangu-http/src/pattern_replace.cpp
View File

@@ -279,72 +279,71 @@ size_t execute_replace_rule(const char * in, size_t in_sz,
}
}
size_t insert_string(char * in, size_t in_sz, const char *insert_on, const char *stype, const char *type, char** out)
size_t insert_string(char * in, size_t in_sz, const char *insert_on, const char *script, const char *type, char** out)
{
char *target=NULL;
size_t outlen=0, target_size=0;
char position[]="</head>";
size_t target_size=0;
/* "<script type=\"text/javascript\" class=\"RQ_SCRIPT\"></script>"*/
int js_type_len = 58;
/*"<style type=\"text/css\" class=\"RQ_SCRIPT\"></style>"*/
int css_type_len = 49;
char* head_string=NULL;
if (0==strcasecmp(type, "css"))
{
target_size = in_sz+strlen(stype)+1+css_type_len;
target = ALLOC(char, target_size + 1);
}
if (0==strcasecmp(type, "js"))
{
target_size = in_sz+strlen(stype)+1+js_type_len;
target = ALLOC(char, target_size + 1);
}
const char* js_style="<script type=\"text/javascript\" class=\"RQ_SCRIPT\">%s</script>";
const char* css_style= "<style type=\"text/css\" class=\"RQ_SCRIPT\">%s</style>";
const char* this_style=NULL;
size_t concat_len=0, concat_size=0;
char* concat_style=NULL;
char* insert_from=NULL;
size_t offset=0;
if (insert_on != NULL && 0==strcasecmp(insert_on, "after-page-load"))
{
memcpy(position, "</body>", sizeof(position));
insert_from=strstr(in, "</body>");
}
head_string=strstr(in, position);
if (head_string != NULL)
else
{
strncat(target, in, MIN((unsigned int)(head_string-in), target_size));
size_t style_len = 0; char *style_msg = NULL;
if (0==strcasecmp(type, "js"))
{
style_len = strlen(stype)+1+js_type_len;
style_msg = ALLOC(char, style_len);
snprintf(style_msg, style_len, "<script type=\"text/javascript\" class=\"RQ_SCRIPT\">%s</script>", stype);
insert_from=strstr(in, "</head>");
}
if (0==strcasecmp(type, "css"))
if(!insert_from)
{
style_len = strlen(stype)+1+css_type_len;
style_msg = ALLOC(char, style_len);
snprintf(style_msg, style_len, "<style type=\"text/css\" class=\"RQ_SCRIPT\">%s</style>", stype);
return 0;
}
strncat(target, style_msg, MIN(style_len, target_size));
free(style_msg);
style_msg = NULL;
strncat(target, head_string, (target_size - (head_string-in) - style_len));
target[target_size-1] = '\0';
outlen = target_size;
*out = target;
}else
if (0==strcasecmp(type, "css"))
{
free(target);
target = NULL;
outlen = 0;
this_style=css_style;
}
return outlen;
else if (0==strcasecmp(type, "js"))
{
this_style=js_style;
}
else
{
assert(0);
}
concat_size = strlen(script)+1+strlen(this_style);
concat_style = ALLOC(char, concat_size);
concat_len=snprintf(concat_style, concat_size,
this_style,
script);
target_size = in_sz+concat_len;
target = ALLOC(char, target_size);
assert((unsigned int)(insert_from-in) <= target_size);
offset=0;
memcpy(target+offset, in, insert_from-in);
offset+=insert_from-in;
memcpy(target+offset, concat_style, concat_len);
offset+=concat_len;
memcpy(target+offset, insert_from, in_sz-(insert_from-in));
offset+=in_sz-(insert_from-in);
assert(target_size==offset+1);
free(concat_style);
concat_style = NULL;
*out=target;
return target_size;
}
size_t execute_insert_rule(char * in, size_t in_sz, const struct insert_rule * rules, char** out)
{
return insert_string(in, in_sz, rules->position, rules->stype, rules->type, out);
return insert_string(in, in_sz, rules->position, rules->script, rules->type, out);
}
void simple_replace(const char* find, const char* replacement, const char* input, size_t in_sz, char** output, size_t *output_sz)

2
plugin/business/pangu-http/src/pattern_replace.h
View File

@@ -23,7 +23,7 @@ struct replace_rule
struct insert_rule
{
char * stype;
char * script;
char * type;
char * position;
};

1
plugin/protocol/http2/src/http2_stream.cpp
View File

@@ -629,6 +629,7 @@ tfe_half_private_init(enum tfe_http_direction direction, int32_t stream_id,
memset(half_private, 0, sizeof(struct http2_half_private));
half_private->half_public.direction = direction;
half_private->half_public.major_version = 2;
half_private->half_public.ops = &h2_half_ops;
headers_init(&half_private->headers);

2
resource/pangu/table_info.conf
View File

@@ -28,7 +28,7 @@
10 PXY_CACHE_GROUP group --
11 PXY_CACHE_HTTP_URL expr UTF8 UTF8 yes 0 quickoff
12 PXY_CACHE_HTTP_COOKIE expr UTF8 UTF8 yes 0 quickoff
13 PXY_OBJ_TRUSTED_CA_CERT plugin {"valid":4,"foreign":"3"}
13 PXY_PROFILE_TRUSTED_CA_CERT plugin {"valid":4,"foreign":"3"}
14 PXY_OBJ_TRUSTED_CA_CRL plugin {"valid":4,"foreign":"3"}
15 PXY_PROFILE_RESPONSE_PAGES plugin {"key":1,"valid":5}
16 PXY_PROFILE_HIJACK_FILES plugin {"key":1,"valid":5}