diff --git a/common/include/tfe_ctrl_packet.h b/common/include/tfe_ctrl_packet.h index ab9b6c7..696fafd 100644 --- a/common/include/tfe_ctrl_packet.h +++ b/common/include/tfe_ctrl_packet.h @@ -50,7 +50,7 @@ void ctrl_packet_parser_init(struct ctrl_pkt_parser *handler); // return 0 : success // return -1 : error -int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger); +int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger, int debug); void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger); void ctrl_packet_cmsg_destroy(struct ctrl_pkt_parser *handler); diff --git a/common/src/tfe_ctrl_packet.cpp b/common/src/tfe_ctrl_packet.cpp index 2af8876..ccc05e3 100644 --- a/common/src/tfe_ctrl_packet.cpp +++ b/common/src/tfe_ctrl_packet.cpp @@ -29,13 +29,16 @@ enum { }; enum { - MPACK_ARRAY_FQDN_IDS, + MPACK_ARRAY_SRC_IP_LOCATION, + MPACK_ARRAY_DST_IP_LOCATION, + MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID, + MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID, MPACK_ARRAY_SEQ_SIDS, MPACK_ARRAY_ACK_SIDS, MPACK_ARRAY_SEQ_ROUTE_CTX, MPACK_ARRAY_ACK_ROUTE_CTX, - MPACK_ARRAY_SEQ_PKG_HEADER, - MPACK_ARRAY_ACK_PKG_HEADER, + MPACK_ARRAY_SEQ_PKT_HEADER, + MPACK_ARRAY_ACK_PKT_HEADER, MPACK_ARRAY_MAX, }; @@ -48,6 +51,30 @@ enum { MPACK_VAR_MAX, }; +enum { + INDEX_SRC_IP_LOCATION, + INDEX_DST_IP_LOCATION, + INDEX_SRC_IP_LOCATION_OBJ_ID, + INDEX_DST_IP_LOCATION_OBJ_ID, +}; + +int ip_location_cmsg_map[4][4] = { + {TFE_CMSG_SRC_REGION_STR, TFE_CMSG_SRC_PROVINCE_STR, TFE_CMSG_SRC_CITY_STR, TFE_CMSG_SRC_SUBDIVISION_STR}, + {TFE_CMSG_DST_REGION_STR, TFE_CMSG_DST_PROVINCE_STR, TFE_CMSG_DST_CITY_STR, TFE_CMSG_DST_SUBDIVISION_STR}, + {TFE_CMSG_SRC_REGION_ID, TFE_CMSG_SRC_PROVINCE_ID, TFE_CMSG_SRC_CITY_ID, TFE_CMSG_SRC_SUBDIVISION_ID}, + {TFE_CMSG_DST_REGION_ID, TFE_CMSG_DST_PROVINCE_ID, TFE_CMSG_DST_CITY_ID, TFE_CMSG_DST_SUBDIVISION_ID} +}; + +struct ip_location_string_s { + const char *name[4]; +}; +struct ip_location_string_s ip_location_string_map[4] = { + {"TFE_CMSG_SRC_REGION_STR", "TFE_CMSG_SRC_PROVINCE_STR", "TFE_CMSG_SRC_CITY_STR", "TFE_CMSG_SRC_SUBDIVISION_STR"}, + {"TFE_CMSG_DST_REGION_STR", "TFE_CMSG_DST_PROVINCE_STR", "TFE_CMSG_DST_CITY_STR", "TFE_CMSG_DST_SUBDIVISION_STR"}, + {"TFE_CMSG_SRC_REGION_ID", "TFE_CMSG_SRC_PROVINCE_ID", "TFE_CMSG_SRC_CITY_ID", "TFE_CMSG_SRC_SUBDIVISION_ID"}, + {"TFE_CMSG_DST_REGION_ID", "TFE_CMSG_DST_PROVINCE_ID", "TFE_CMSG_DST_CITY_ID", "TFE_CMSG_DST_SUBDIVISION_ID"} +}; + struct mpack_mmap_id2type { int id; @@ -74,46 +101,28 @@ struct mpack_mmap_id2type {.id = 15, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL", .size = 4}, {.id = 16, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL", .size = 4}, {.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1}, - {.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256}, - {.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256}, - {.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN, .str_name = "TFE_CMSG_SRC_ASN", .size = 64}, - {.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN, .str_name = "TFE_CMSG_DST_ASN", .size = 64}, - {.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ORGANIZATION, .str_name = "TFE_CMSG_SRC_ORGANIZATION", .size = 256}, - {.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ORGANIZATION, .str_name = "TFE_CMSG_DST_ORGANIZATION", .size = 256}, - {.id = 24, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IP_LOCATION, .str_name = "TFE_CMSG_SRC_IP_LOCATION", .size = 1024}, - {.id = 25, .mode = CMSG_MODE, .type = TFE_CMSG_DST_IP_LOCATION, .str_name = "TFE_CMSG_DST_IP_LOCATION", .size = 1024}, - {.id = 26, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32}, - {.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_FQDN_IDS, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4}, - {.id = 28, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2}, - {.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2}, - {.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_ROUTE_CTX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1}, - {.id = 31, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_ROUTE_CTX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1}, - {.id = 32, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_PKG_HEADER, .str_name = "TFE_SEQ_PKG_HEADER", .size = 1}, - {.id = 33, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_PKG_HEADER, .str_name = "TFE_ACK_PKG_HEADER", .size = 1}, - {.id = 34, .mode = VARIABLE_MODE, .type = MPACK_VAR_FLAG, .str_name = "TFE_FLAG", .size = 1} + {.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256}, + {.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256}, + {.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_VAL, .str_name = "TFE_CMSG_SRC_ASN_VAL", .size = 8}, + {.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_VAL, .str_name = "TFE_CMSG_DST_ASN_VAL", .size = 8}, + {.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_ID, .str_name = "TFE_CMSG_SRC_ASN_ID", .size = 8}, + {.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_ID, .str_name = "TFE_CMSG_DST_ASN_ID", .size = 8}, + {.id = 24, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION", .size = 256}, + {.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION, .str_name = "MPACK_ARRAY_DST_IP_LOCATION", .size = 256}, + {.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID", .size = 8}, + {.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID", .size = 8}, + {.id = 28, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32}, + {.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2}, + {.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2}, + {.id = 31, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_ROUTE_CTX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1}, + {.id = 32, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_ROUTE_CTX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1}, + {.id = 33, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_PKT_HEADER, .str_name = "TFE_SEQ_PKT_HEADER", .size = 1}, + {.id = 34, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_PKT_HEADER, .str_name = "TFE_ACK_PKT_HEADER", .size = 1}, + {.id = 35, .mode = VARIABLE_MODE, .type = MPACK_VAR_FLAG, .str_name = "TFE_FLAG", .size = 1} }; extern void * g_packet_io_logger; -static int fqdn_id_set_cmsg(struct ctrl_pkt_parser *handler, mpack_node_t node) -{ - char empty_str[4] = {0}; - uint32_t fqdn_val[8] = {0}; - - uint32_t array_cnt = mpack_node_array_length(node); - tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_NUM, (const unsigned char *)&array_cnt, sizeof(uint32_t)); - if (array_cnt > 0) { - for (uint32_t i = 0; i < array_cnt; i++) { - fqdn_val[i] = mpack_node_u32(mpack_node_array_at(node, i)); - } - tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)fqdn_val, array_cnt * sizeof(uint32_t)); - } - else { - tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char *)empty_str, 0); - } - return 0; -} - static int sids_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int is_seq) { struct sids *sid = is_seq ? &handler->seq_sids : &handler->ack_sids; @@ -163,6 +172,57 @@ static int pkt_header_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t return 0; } +static int ip_location_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index) +{ + char location_str[1024] = {0}; + + uint32_t array_cnt = mpack_node_array_length(node); + if (array_cnt != 4) { + TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION ? "src" : "dst", array_cnt); + return -1; + } + + for (uint32_t i = 0; i < array_cnt; i++) { + mpack_node_t ptr = mpack_node_array_at(node, i); + switch (mpack_node_type(ptr)) { + case mpack_type_str: + if (mpack_node_strlen(ptr) == 0) + break; + memset(location_str, 0, sizeof(location_str)); + mpack_node_copy_cstr(ptr, location_str, sizeof(location_str)); + tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)location_str, mpack_node_strlen(ptr)); + break; + default: + break; + } + } + return 0; +} + +static int ip_location_obj_id_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index) +{ + uint64_t object_id = 0; + + uint32_t array_cnt = mpack_node_array_length(node); + if (array_cnt != 4) { + TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION_OBJ_ID ? "src" : "dst", array_cnt); + return -1; + } + + for (uint32_t i = 0; i < array_cnt; i++) { + mpack_node_t ptr = mpack_node_array_at(node, i); + switch (mpack_node_type(ptr)) { + case mpack_type_uint: + object_id = mpack_node_u64(ptr); + tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)&object_id, 8); + break; + default: + break; + } + } + return 0; +} + static int mpack_parse_uint(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index) { uint64_t value = 0; @@ -266,19 +326,16 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node, if (ret != 0) return -1; break; - case MPACK_ARRAY_SEQ_PKG_HEADER: + case MPACK_ARRAY_SEQ_PKT_HEADER: ret = pkt_header_parse_mpack(handler, node, 1); if (ret != 0) return -1; break; - case MPACK_ARRAY_ACK_PKG_HEADER: + case MPACK_ARRAY_ACK_PKT_HEADER: ret = pkt_header_parse_mpack(handler, node, 0); if (ret != 0) return -1; break; - case MPACK_ARRAY_FQDN_IDS: - fqdn_id_set_cmsg(handler, node); - break; case MPACK_ARRAY_SEQ_SIDS: ret = sids_array_parse_mpack(handler, node, 1); if (ret != 0) @@ -289,6 +346,26 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node, if (ret != 0) return -1; break; + case MPACK_ARRAY_SRC_IP_LOCATION: + ret = ip_location_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_DST_IP_LOCATION: + ret = ip_location_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID: + ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION_OBJ_ID); + if (ret != 0) + return -1; + break; + case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID: + ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION_OBJ_ID); + if (ret != 0) + return -1; + break; default: break; } @@ -346,7 +423,7 @@ static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger) // return 0 : success // return -1 : error -int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger) +int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger, int debug) { int ret = 0; struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx; @@ -410,7 +487,7 @@ int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *l } else { - TFE_LOG_DEBUG(logger, "%s: session %lu unexpected control packet: (invalid state value) %s", LOG_TAG_CTRLPKT, handler->session_id, buff); + TFE_LOG_ERROR(logger, "%s: session %lu unexpected control packet: (invalid state value) %s", LOG_TAG_CTRLPKT, handler->session_id, buff); } if (mpack_node_is_nil(mpack_node_map_cstr(root, "method"))) @@ -450,6 +527,8 @@ int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *l handler->cmsg = tfe_cmsg_init(); proxy_map = mpack_node_map_cstr(params, "proxy"); ret = proxy_parse_messagepack(proxy_map, handler, logger); + if (debug) + ctrl_packet_parser_dump(handler, logger); if (ret != 0) goto error; @@ -503,86 +582,129 @@ void ctrl_packet_cmsg_destroy(struct ctrl_pkt_parser *handler) void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger) { - if (handler) - { - TFE_LOG_INFO(logger, "%s: tsync: %s, session_id: %lu, state: %s, method: %s, tfe policy_id_num: %d, tfe policy_ids[%03lu], sce policy_id_num: %d", - LOG_TAG_POLICY, + int ret = 0; + uint16_t size = 0; + char cmsg_data[256] = {0}; + struct route_ctx *route_ctx = NULL; + char *header = NULL; + int header_len = 0; + struct sids *sid = NULL; + int map_index = 0; + + if (handler) { + int log_len = 0; + char log_str[4096] = {0}; + + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%s: tsync: %s, session_id: %lu, state: %s, method: %s", + LOG_TAG_CTRLPKT, handler->tsync, handler->session_id, session_state_to_string(handler->state), - handler->method, - handler->tfe_policy_id_num, - handler->tfe_policy_ids[0], - handler->sce_policy_id_num); + handler->method + ); + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", tfe policy_id_num: %d, tfe policy_ids[", handler->tfe_policy_id_num); - for (int i = 0; i < handler->sce_policy_id_num; i++) - { - TFE_LOG_INFO(logger, "%s: %d session %lu sce policy_ids[%03lu]", LOG_TAG_POLICY, i, handler->session_id, handler->sce_policy_ids[i]); + for (int i = 0; i < handler->tfe_policy_id_num; i++) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->tfe_policy_ids[i]); } + + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "], sce policy_id_num: %d, sce policy_ids[", handler->sce_policy_id_num); + for (int i = 0; i < handler->sce_policy_id_num; i++) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->sce_policy_ids[i]); + } + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); + + int mpack_table_num = sizeof(mpack_table)/sizeof(struct mpack_mmap_id2type); + for (int i = 0; i < mpack_table_num; i++) { + if (mpack_table[i].mode == CMSG_MODE) { + memset(cmsg_data, 0, sizeof(cmsg_data)); + ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[i].type, (unsigned char *)cmsg_data, mpack_table[i].size, &size); + if (ret < 0) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", mpack_table[i].str_name); + continue; + } + + if (mpack_table[i].size <= 8) + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", mpack_table[i].str_name, *((uint64_t *)cmsg_data)); + else + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", mpack_table[i].str_name, cmsg_data); + } + else if (mpack_table[i].mode == ARRAY_MODE) { + switch(mpack_table[i].type) { + case MPACK_ARRAY_SEQ_ROUTE_CTX: + case MPACK_ARRAY_ACK_ROUTE_CTX: + route_ctx = mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? &handler->seq_route_ctx : &handler->ack_route_ctx; + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s ROUTE CTX len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? "SEQ" : "ACK", route_ctx->len); + for (int j = 0; j < route_ctx->len; j++) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", route_ctx->data[j]&0xff); + } + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); + break; + case MPACK_ARRAY_SEQ_PKT_HEADER: + case MPACK_ARRAY_ACK_PKT_HEADER: + header = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_header : handler->ack_header; + header_len = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_len : handler->ack_len; + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s HEADER len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? "SEQ" : "ACK", header_len); + for (int j = 0; j < header_len; j++) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", header[j]&0xff); + } + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); + break; + case MPACK_ARRAY_SEQ_SIDS: + case MPACK_ARRAY_ACK_SIDS: + sid = mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? &handler->seq_sids : &handler->ack_sids; + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s SID count:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? "SEQ" : "ACK", sid->num); + for (int j = 0; j < sid->num; j++) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%hu ", sid->elems[j]); + } + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); + break; + case MPACK_ARRAY_SRC_IP_LOCATION: + case MPACK_ARRAY_DST_IP_LOCATION: + map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION ? INDEX_SRC_IP_LOCATION : INDEX_DST_IP_LOCATION; + for (int j = 0; j < 4; j++) { + memset(cmsg_data, 0, sizeof(cmsg_data)); + ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size); + if (ret < 0) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]); + continue; + } + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", ip_location_string_map[map_index].name[j], cmsg_data); + } + break; + case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID: + case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID: + map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID ? INDEX_SRC_IP_LOCATION_OBJ_ID : INDEX_DST_IP_LOCATION_OBJ_ID; + for (int j = 0; j < 4; j++) { + memset(cmsg_data, 0, sizeof(cmsg_data)); + ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size); + if (ret < 0) { + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]); + continue; + } + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", ip_location_string_map[map_index].name[j], *((uint64_t *)cmsg_data)); + } + break; + default: + break; + } + } + else if (mpack_table[i].mode == VARIABLE_MODE) { + switch(mpack_table[i].type) { + case MPACK_VAR_FLAG: + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->intercpet_data); + break; + case MPACK_VAR_WSACLE_CLIENT_FLAG: + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_client_flag); + break; + case MPACK_VAR_WSACLE_SERVER_FLAG: + log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_server_flag); + break; + default: + break; + } + } + } + TFE_LOG_DEBUG(logger, "%s", log_str); } } - -const char * tfe_cmsg_tlv_type_to_string[TFE_CMSG_TLV_NR_MAX]; -void tfe_cmsg_enum_to_string() -{ - memset(tfe_cmsg_tlv_type_to_string, 0 ,sizeof(tfe_cmsg_tlv_type_to_string)); - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_SEQ] = "TFE_CMSG_TCP_RESTORE_SEQ"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_ACK] = "TFE_CMSG_TCP_RESTORE_ACK"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_MSS_CLIENT] = "TFE_CMSG_TCP_RESTORE_MSS_CLIENT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_MSS_SERVER] = "TFE_CMSG_TCP_RESTORE_MSS_SERVER"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT] = "TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WSACLE_SERVER] = "TFE_CMSG_TCP_RESTORE_WSACLE_SERVER"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_SACK_CLIENT] = "TFE_CMSG_TCP_RESTORE_SACK_CLIENT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_SACK_SERVER] = "TFE_CMSG_TCP_RESTORE_SACK_SERVER"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_CLIENT] = "TFE_CMSG_TCP_RESTORE_TS_CLIENT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_SERVER] = "TFE_CMSG_TCP_RESTORE_TS_SERVER"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_PROTOCOL] = "TFE_CMSG_TCP_RESTORE_PROTOCOL"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT] = "TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WINDOW_SERVER] = "TFE_CMSG_TCP_RESTORE_WINDOW_SERVER"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR] = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL] = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL] = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_POLICY_ID] = "TFE_CMSG_POLICY_ID"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_STREAM_TRACE_ID] = "TFE_CMSG_STREAM_TRACE_ID"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_INTERCEPT_STATE] = "TFE_CMSG_SSL_INTERCEPT_STATE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_SERVER_SIDE_LATENCY] = "TFE_CMSG_SSL_SERVER_SIDE_LATENCY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CLIENT_SIDE_LATENCY] = "TFE_CMSG_SSL_CLIENT_SIDE_LATENCY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_SERVER_SIDE_VERSION] = "TFE_CMSG_SSL_SERVER_SIDE_VERSION"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CLIENT_SIDE_VERSION] = "TFE_CMSG_SSL_CLIENT_SIDE_VERSION"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_PINNING_STATE] = "TFE_CMSG_SSL_PINNING_STATE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CERT_VERIFY] = "TFE_CMSG_SSL_CERT_VERIFY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_ERROR] = "TFE_CMSG_SSL_ERROR"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_MAC] = "TFE_CMSG_SRC_MAC"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_MAC] = "TFE_CMSG_DST_MAC"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_NODELAY] = "TFE_CMSG_DOWNSTREAM_TCP_NODELAY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_TTL] = "TFE_CMSG_DOWNSTREAM_TCP_TTL"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPALIVE] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPALIVE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPCNT] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPCNT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPIDLE] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPIDLE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPINTVL] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPINTVL"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_USER_TIMEOUT] = "TFE_CMSG_DOWNSTREAM_TCP_USER_TIMEOUT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_NODELAY] = "TFE_CMSG_UPSTREAM_TCP_NODELAY"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_TTL] = "TFE_CMSG_UPSTREAM_TCP_TTL"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPALIVE] = "TFE_CMSG_UPSTREAM_TCP_KEEPALIVE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPCNT] = "TFE_CMSG_UPSTREAM_TCP_KEEPCNT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPIDLE] = "TFE_CMSG_UPSTREAM_TCP_KEEPIDLE"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPINTVL] = "TFE_CMSG_UPSTREAM_TCP_KEEPINTVL"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_USER_TIMEOUT] = "TFE_CMSG_UPSTREAM_TCP_USER_TIMEOUT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_PASSTHROUGH] = "TFE_CMSG_TCP_PASSTHROUGH"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_SUB_ID] = "TFE_CMSG_SRC_SUB_ID"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_SUB_ID] = "TFE_CMSG_DST_SUB_ID"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_ASN] = "TFE_CMSG_SRC_ASN"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_ASN] = "TFE_CMSG_DST_ASN"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_ORGANIZATION] = "TFE_CMSG_SRC_ORGANIZATION"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_ORGANIZATION] = "TFE_CMSG_DST_ORGANIZATION"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION] = "TFE_CMSG_SRC_IP_LOCATION"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION] = "TFE_CMSG_DST_IP_LOCATION"; - - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT] = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_FQDN_CAT_ID_NUM] = "TFE_CMSG_FQDN_CAT_ID_NUM"; - tfe_cmsg_tlv_type_to_string[TFE_CMSG_FQDN_CAT_ID_VAL] = "TFE_CMSG_FQDN_CAT_ID_VAL"; - - tfe_cmsg_tlv_type_to_string[TFE_CMSG_COMMON_DIRECTION] = "TFE_CMSG_COMMON_DIRECTION"; - - tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_PASSTHROUGH_REASON] = "TFE_CMSG_SSL_PASSTHROUGH_REASON"; -} diff --git a/common/src/tfe_packet_io.cpp b/common/src/tfe_packet_io.cpp index 43195cd..b2d052d 100644 --- a/common/src/tfe_packet_io.cpp +++ b/common/src/tfe_packet_io.cpp @@ -1387,7 +1387,7 @@ static int handle_control_packet(struct packet_io *handle, marsio_buff_t *rx_buf struct ctrl_pkt_parser ctrl_parser; ctrl_packet_parser_init(&ctrl_parser); - if (ctrl_packet_parser_parse(&ctrl_parser, meta.raw_data + meta.l7offset, meta.raw_len - meta.l7offset, logger) == -1) + if (ctrl_packet_parser_parse(&ctrl_parser, meta.raw_data + meta.l7offset, meta.raw_len - meta.l7offset, logger, thread->ref_acceptor_ctx->debug) == -1) { TFE_LOG_ERROR(logger, "%s: unexpected control packet, metadata's session %lu unable to parse data", LOG_TAG_PKTIO, meta.session_id); return -1; diff --git a/common/test/CMakeLists.txt b/common/test/CMakeLists.txt index 412c12f..26fcd2d 100644 --- a/common/test/CMakeLists.txt +++ b/common/test/CMakeLists.txt @@ -22,6 +22,14 @@ add_executable(gtest_session_table test_session_table.cpp) target_include_directories(gtest_session_table PUBLIC ${CMAKE_SOURCE_DIR}/common/include) target_link_libraries(gtest_session_table common gtest) +############################################################################### +# gtest_mpack +############################################################################### + +add_executable(gtest_mpack test_mpack.cpp) +target_include_directories(gtest_mpack PUBLIC ${CMAKE_SOURCE_DIR}/common/include) +target_link_libraries(gtest_mpack common gtest) + ############################################################################### # gtest_discover_tests ############################################################################### @@ -30,3 +38,4 @@ include(GoogleTest) gtest_discover_tests(gtest_addr) gtest_discover_tests(gtest_cmsg) gtest_discover_tests(gtest_session_table) +gtest_discover_tests(gtest_mpack) diff --git a/common/test/test_mpack.cpp b/common/test/test_mpack.cpp index 4eecf3b..268a23e 100644 --- a/common/test/test_mpack.cpp +++ b/common/test/test_mpack.cpp @@ -1,12 +1,211 @@ #include #include +#include "mpack.h" +#include "tfe_cmsg.h" +#include "tfe_utils.h" #include "tfe_ctrl_packet.h" -// TEST(MPACK, PARSE) -// { -// struct ctrl_pkt_parser handler; -// } +bool g_print_to_stderr = true; +void *g_packet_io_logger = NULL; + +void build_mpack_data(char **data, size_t *size) +{ + mpack_writer_t writer; + + uint32_t tcp_seq = 3750033295; + uint32_t tcp_ack = 739256665; + uint16_t mss_client = 1460; + uint16_t mss_server = 1460; + uint8_t wsacle_client_flag = 1; + uint8_t wsacle_server_flag = 1; + uint8_t wsacle_client = 10; + uint8_t wsacle_server = 10; + uint8_t sack_client = 1; + uint8_t sack_server = 1; + uint8_t ts_client = 1; + uint8_t ts_server = 1; + uint8_t protocol = 0; + uint16_t window_client = 64240; + uint16_t window_server = 65160; + uint32_t ts_client_val = 4213358146; + uint32_t ts_server_val = 1218524397; + uint8_t packet_cur_dir = 1; + uint8_t src_sub_id[256] = {0}; + uint8_t dst_sub_id[256] = {0}; + uint64_t src_asn_val = 7676; + uint64_t dst_asn_val = 7878; + uint64_t src_asn_id = 1234; + uint64_t dst_asn_id = 4321; + // ip location array + const char *src_ip_location[4] = { + "src_region", + "src_province", + "src_city", + "src_subdivision" + }; + const char *dst_ip_location[4] = { + "dst_region", + "dst_province", + "dst_city", + "dst_subdivision" + }; + + uint64_t src_ip_location_obj_id[4] = {1, 2, 3, 4}; + uint64_t dst_ip_location_obj_id[4] = {1, 2, 3, 4}; + uint8_t ja3_fingerprint[32] = {0}; + uint16_t seq_sid[4] = {1000, 1001, 1002, 1003}; + uint16_t ack_sid[4] = {1003, 1002, 1001, 1000}; + uint8_t seq_route_ctx[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}; + uint8_t ack_route_ctx[] = {0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; + uint8_t seq_header[] = {0x00, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70}; + uint8_t ack_header[] = {0x80, 0x90, 0xA0, 0xB0, 0xC0, 0xD0, 0xE0, 0xF0}; + uint8_t tfe_flag = 0; + + mpack_writer_init_growable(&writer, data, size); + mpack_build_map(&writer); + + mpack_write_cstr(&writer, "tsync"); + mpack_write_cstr(&writer, "2.0"); + + mpack_write_cstr(&writer, "session_id"); + mpack_write_u64(&writer, 290591070686249153); + + mpack_write_cstr(&writer, "state"); + mpack_write_cstr(&writer, "active"); + + mpack_write_cstr(&writer, "method"); + mpack_write_cstr(&writer, "policy_update"); + + mpack_write_cstr(&writer, "params"); + // params map + mpack_build_map(&writer); + + mpack_write_cstr(&writer, "sce"); + mpack_build_map(&writer); + mpack_write_cstr(&writer, "rule_ids"); + mpack_build_array(&writer); + mpack_write_u64(&writer, 1); + mpack_complete_array(&writer); + mpack_complete_map(&writer); + + mpack_write_cstr(&writer, "proxy"); + mpack_build_map(&writer); + mpack_write_cstr(&writer, "rule_ids"); + mpack_build_array(&writer); + mpack_write_u64(&writer, 3); + mpack_complete_array(&writer); + + mpack_write_cstr(&writer, "tcp_handshake"); + mpack_build_array(&writer); + mpack_write_u32(&writer, tcp_seq); + mpack_write_u32(&writer, tcp_ack); + mpack_write_u16(&writer, mss_client); + mpack_write_u16(&writer, mss_server); + mpack_write_u8(&writer, wsacle_client_flag); + mpack_write_u8(&writer, wsacle_server_flag); + mpack_write_u8(&writer, wsacle_client); + mpack_write_u8(&writer, wsacle_server); + mpack_write_u8(&writer, sack_client); + mpack_write_u8(&writer, sack_server); + mpack_write_u8(&writer, ts_client); + mpack_write_u8(&writer, ts_server); + mpack_write_u8(&writer, protocol); + mpack_write_u16(&writer, window_client); + mpack_write_u16(&writer, window_server); + mpack_write_u32(&writer, ts_client_val); + mpack_write_u32(&writer, ts_server_val); + mpack_write_u8(&writer, packet_cur_dir); + mpack_write_str(&writer, (const char*)src_sub_id, 0); + mpack_write_str(&writer, (const char*)dst_sub_id, 0); + mpack_write_u64(&writer, src_asn_val); + mpack_write_u64(&writer, dst_asn_val); + mpack_write_u64(&writer, src_asn_id); + mpack_write_u64(&writer, dst_asn_id); + + mpack_build_array(&writer); + mpack_write_str(&writer, src_ip_location[0], strlen(src_ip_location[0])); + mpack_write_str(&writer, src_ip_location[1], strlen(src_ip_location[1])); + mpack_write_str(&writer, src_ip_location[2], strlen(src_ip_location[2])); + mpack_write_str(&writer, src_ip_location[3], strlen(src_ip_location[3])); + mpack_complete_array(&writer); + + mpack_build_array(&writer); + mpack_write_str(&writer, dst_ip_location[0], strlen(dst_ip_location[0])); + mpack_write_str(&writer, dst_ip_location[1], strlen(dst_ip_location[1])); + mpack_write_str(&writer, dst_ip_location[2], strlen(dst_ip_location[2])); + mpack_write_str(&writer, dst_ip_location[3], strlen(dst_ip_location[3])); + mpack_complete_array(&writer); + + mpack_build_array(&writer); + mpack_write_u64(&writer, src_ip_location_obj_id[0]); + mpack_write_u64(&writer, src_ip_location_obj_id[1]); + mpack_write_u64(&writer, src_ip_location_obj_id[2]); + mpack_write_u64(&writer, src_ip_location_obj_id[3]); + mpack_complete_array(&writer); + + mpack_build_array(&writer); + mpack_write_u64(&writer, dst_ip_location_obj_id[0]); + mpack_write_u64(&writer, dst_ip_location_obj_id[1]); + mpack_write_u64(&writer, dst_ip_location_obj_id[2]); + mpack_write_u64(&writer, dst_ip_location_obj_id[3]); + mpack_complete_array(&writer); + + mpack_write_str(&writer, (const char*)ja3_fingerprint, 0); + + mpack_build_array(&writer); + int cnt = sizeof(seq_sid)/sizeof(uint16_t); + for (int i = 0; i < cnt; i++) { + mpack_write_u16(&writer, seq_sid[i]); + } + mpack_complete_array(&writer); + + mpack_build_array(&writer); + cnt = sizeof(ack_sid)/sizeof(uint16_t); + for (int i = 0; i < cnt; i++) { + mpack_write_u16(&writer, ack_sid[i]); + } + mpack_complete_array(&writer); + + mpack_write_bin(&writer, (const char*)seq_route_ctx, sizeof(seq_route_ctx)); + mpack_write_bin(&writer, (const char*)ack_route_ctx, sizeof(ack_route_ctx)); + mpack_write_bin(&writer, (const char*)seq_header, sizeof(seq_header)); + mpack_write_bin(&writer, (const char*)ack_header, sizeof(ack_header)); + mpack_write_u8(&writer, tfe_flag); + + mpack_complete_array(&writer); + mpack_complete_map(&writer); + mpack_complete_map(&writer); + mpack_complete_map(&writer); + + // finish writing + if (mpack_writer_destroy(&writer) != mpack_ok) { + assert(0); + if (*data) { + free(*data); + *data = NULL; + } + return; + } +} + +TEST(CONTROL_PACKET, PARSER) +{ + int ret = 0; + char *data = NULL; + size_t size = 0; + + build_mpack_data(&data, &size); + if (data == NULL) { + printf("build mpack data error"); + return; + } + + struct ctrl_pkt_parser ctrl_parser; + memset(&ctrl_parser, 0, sizeof(struct ctrl_pkt_parser)); + ret = ctrl_packet_parser_parse((void *)&ctrl_parser, (const char*)data, size, g_packet_io_logger, 1); + EXPECT_TRUE(ret == 0); +} int main(int argc, char **argv) {