gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-20091 适配控制报文格式修改

Browse Source
This commit is contained in:
wangmenglan
2024-03-26 18:24:53 +08:00
committed by luwenpeng
parent 9efdf917a4
commit fc380a65c8
5 changed files with 458 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/include/tfe_ctrl_packet.h
View File

@@ -50,7 +50,7 @@ void ctrl_packet_parser_init(struct ctrl_pkt_parser *handler);
// return 0 : success
// return -1 : error
int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger);
int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger, int debug);
void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger);
void ctrl_packet_cmsg_destroy(struct ctrl_pkt_parser *handler);

360
common/src/tfe_ctrl_packet.cpp
View File

@@ -29,13 +29,16 @@ enum {
};
enum {
MPACK_ARRAY_FQDN_IDS,
MPACK_ARRAY_SRC_IP_LOCATION,
MPACK_ARRAY_DST_IP_LOCATION,
MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID,
MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID,
MPACK_ARRAY_SEQ_SIDS,
MPACK_ARRAY_ACK_SIDS,
MPACK_ARRAY_SEQ_ROUTE_CTX,
MPACK_ARRAY_ACK_ROUTE_CTX,
MPACK_ARRAY_SEQ_PKG_HEADER,
MPACK_ARRAY_ACK_PKG_HEADER,
MPACK_ARRAY_SEQ_PKT_HEADER,
MPACK_ARRAY_ACK_PKT_HEADER,
MPACK_ARRAY_MAX,
};
@@ -48,6 +51,30 @@ enum {
MPACK_VAR_MAX,
};
enum {
INDEX_SRC_IP_LOCATION,
INDEX_DST_IP_LOCATION,
INDEX_SRC_IP_LOCATION_OBJ_ID,
INDEX_DST_IP_LOCATION_OBJ_ID,
};
int ip_location_cmsg_map[4][4] = {
{TFE_CMSG_SRC_REGION_STR, TFE_CMSG_SRC_PROVINCE_STR, TFE_CMSG_SRC_CITY_STR, TFE_CMSG_SRC_SUBDIVISION_STR},
{TFE_CMSG_DST_REGION_STR, TFE_CMSG_DST_PROVINCE_STR, TFE_CMSG_DST_CITY_STR, TFE_CMSG_DST_SUBDIVISION_STR},
{TFE_CMSG_SRC_REGION_ID, TFE_CMSG_SRC_PROVINCE_ID, TFE_CMSG_SRC_CITY_ID, TFE_CMSG_SRC_SUBDIVISION_ID},
{TFE_CMSG_DST_REGION_ID, TFE_CMSG_DST_PROVINCE_ID, TFE_CMSG_DST_CITY_ID, TFE_CMSG_DST_SUBDIVISION_ID}
};
struct ip_location_string_s {
const char *name[4];
};
struct ip_location_string_s ip_location_string_map[4] = {
{"TFE_CMSG_SRC_REGION_STR", "TFE_CMSG_SRC_PROVINCE_STR", "TFE_CMSG_SRC_CITY_STR", "TFE_CMSG_SRC_SUBDIVISION_STR"},
{"TFE_CMSG_DST_REGION_STR", "TFE_CMSG_DST_PROVINCE_STR", "TFE_CMSG_DST_CITY_STR", "TFE_CMSG_DST_SUBDIVISION_STR"},
{"TFE_CMSG_SRC_REGION_ID", "TFE_CMSG_SRC_PROVINCE_ID", "TFE_CMSG_SRC_CITY_ID", "TFE_CMSG_SRC_SUBDIVISION_ID"},
{"TFE_CMSG_DST_REGION_ID", "TFE_CMSG_DST_PROVINCE_ID", "TFE_CMSG_DST_CITY_ID", "TFE_CMSG_DST_SUBDIVISION_ID"}
};
struct mpack_mmap_id2type
{
int id;
@@ -76,44 +103,26 @@ struct mpack_mmap_id2type
{.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1},
{.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256},
{.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256},
{.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN, .str_name = "TFE_CMSG_SRC_ASN", .size = 64},
{.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN, .str_name = "TFE_CMSG_DST_ASN", .size = 64},
{.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ORGANIZATION, .str_name = "TFE_CMSG_SRC_ORGANIZATION", .size = 256},
{.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ORGANIZATION, .str_name = "TFE_CMSG_DST_ORGANIZATION", .size = 256},
{.id = 24, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IP_LOCATION, .str_name = "TFE_CMSG_SRC_IP_LOCATION", .size = 1024},
{.id = 25, .mode = CMSG_MODE, .type = TFE_CMSG_DST_IP_LOCATION, .str_name = "TFE_CMSG_DST_IP_LOCATION", .size = 1024},
{.id = 26, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32},
{.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_FQDN_IDS, .str_name = "TFE_CMSG_FQDN_CAT_ID_VAL", .size = 4},
{.id = 28, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2},
{.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2},
{.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_ROUTE_CTX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1},
{.id = 31, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_ROUTE_CTX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1},
{.id = 32, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_PKG_HEADER, .str_name = "TFE_SEQ_PKG_HEADER", .size = 1},
{.id = 33, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_PKG_HEADER, .str_name = "TFE_ACK_PKG_HEADER", .size = 1},
{.id = 34, .mode = VARIABLE_MODE, .type = MPACK_VAR_FLAG, .str_name = "TFE_FLAG", .size = 1}
{.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_VAL, .str_name = "TFE_CMSG_SRC_ASN_VAL", .size = 8},
{.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_VAL, .str_name = "TFE_CMSG_DST_ASN_VAL", .size = 8},
{.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_ID, .str_name = "TFE_CMSG_SRC_ASN_ID", .size = 8},
{.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_ID, .str_name = "TFE_CMSG_DST_ASN_ID", .size = 8},
{.id = 24, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION", .size = 256},
{.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION, .str_name = "MPACK_ARRAY_DST_IP_LOCATION", .size = 256},
{.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID", .size = 8},
{.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID", .size = 8},
{.id = 28, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32},
{.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2},
{.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2},
{.id = 31, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_ROUTE_CTX, .str_name = "TFE_SEQ_ROUTE_CTX", .size = 1},
{.id = 32, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_ROUTE_CTX, .str_name = "TFE_ACK_ROUTE_CTX", .size = 1},
{.id = 33, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_PKT_HEADER, .str_name = "TFE_SEQ_PKT_HEADER", .size = 1},
{.id = 34, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_PKT_HEADER, .str_name = "TFE_ACK_PKT_HEADER", .size = 1},
{.id = 35, .mode = VARIABLE_MODE, .type = MPACK_VAR_FLAG, .str_name = "TFE_FLAG", .size = 1}
};
extern void * g_packet_io_logger;
static int fqdn_id_set_cmsg(struct ctrl_pkt_parser *handler, mpack_node_t node)
{
char empty_str[4] = {0};
uint32_t fqdn_val[8] = {0};
uint32_t array_cnt = mpack_node_array_length(node);
tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_NUM, (const unsigned char *)&array_cnt, sizeof(uint32_t));
if (array_cnt > 0) {
for (uint32_t i = 0; i < array_cnt; i++) {
fqdn_val[i] = mpack_node_u32(mpack_node_array_at(node, i));
}
tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char*)fqdn_val, array_cnt * sizeof(uint32_t));
}
else {
tfe_cmsg_set(handler->cmsg, TFE_CMSG_FQDN_CAT_ID_VAL, (const unsigned char *)empty_str, 0);
}
return 0;
}
static int sids_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int is_seq)
{
struct sids *sid = is_seq ? &handler->seq_sids : &handler->ack_sids;
@@ -163,6 +172,57 @@ static int pkt_header_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t
return 0;
}
static int ip_location_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index)
{
char location_str[1024] = {0};
uint32_t array_cnt = mpack_node_array_length(node);
if (array_cnt != 4) {
TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION ? "src" : "dst", array_cnt);
return -1;
}
for (uint32_t i = 0; i < array_cnt; i++) {
mpack_node_t ptr = mpack_node_array_at(node, i);
switch (mpack_node_type(ptr)) {
case mpack_type_str:
if (mpack_node_strlen(ptr) == 0)
break;
memset(location_str, 0, sizeof(location_str));
mpack_node_copy_cstr(ptr, location_str, sizeof(location_str));
tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)location_str, mpack_node_strlen(ptr));
break;
default:
break;
}
}
return 0;
}
static int ip_location_obj_id_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index)
{
uint64_t object_id = 0;
uint32_t array_cnt = mpack_node_array_length(node);
if (array_cnt != 4) {
TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION_OBJ_ID ? "src" : "dst", array_cnt);
return -1;
}
for (uint32_t i = 0; i < array_cnt; i++) {
mpack_node_t ptr = mpack_node_array_at(node, i);
switch (mpack_node_type(ptr)) {
case mpack_type_uint:
object_id = mpack_node_u64(ptr);
tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)&object_id, 8);
break;
default:
break;
}
}
return 0;
}
static int mpack_parse_uint(struct ctrl_pkt_parser *handler, mpack_node_t node, int table_index)
{
uint64_t value = 0;
@@ -266,19 +326,16 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node,
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_SEQ_PKG_HEADER:
case MPACK_ARRAY_SEQ_PKT_HEADER:
ret = pkt_header_parse_mpack(handler, node, 1);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_ACK_PKG_HEADER:
case MPACK_ARRAY_ACK_PKT_HEADER:
ret = pkt_header_parse_mpack(handler, node, 0);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_FQDN_IDS:
fqdn_id_set_cmsg(handler, node);
break;
case MPACK_ARRAY_SEQ_SIDS:
ret = sids_array_parse_mpack(handler, node, 1);
if (ret != 0)
@@ -289,6 +346,26 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node,
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_SRC_IP_LOCATION:
ret = ip_location_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_DST_IP_LOCATION:
ret = ip_location_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID:
ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION_OBJ_ID);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID:
ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION_OBJ_ID);
if (ret != 0)
return -1;
break;
default:
break;
}
@@ -346,7 +423,7 @@ static int proxy_parse_messagepack(mpack_node_t node, void *ctx, void *logger)
// return 0 : success
// return -1 : error
int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger)
int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *logger, int debug)
{
int ret = 0;
struct ctrl_pkt_parser *handler = (struct ctrl_pkt_parser *)ctx;
@@ -410,7 +487,7 @@ int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *l
}
else
{
TFE_LOG_DEBUG(logger, "%s: session %lu unexpected control packet: (invalid state value) %s", LOG_TAG_CTRLPKT, handler->session_id, buff);
TFE_LOG_ERROR(logger, "%s: session %lu unexpected control packet: (invalid state value) %s", LOG_TAG_CTRLPKT, handler->session_id, buff);
}
if (mpack_node_is_nil(mpack_node_map_cstr(root, "method")))
@@ -450,6 +527,8 @@ int ctrl_packet_parser_parse(void *ctx, const char* data, size_t length, void *l
handler->cmsg = tfe_cmsg_init();
proxy_map = mpack_node_map_cstr(params, "proxy");
ret = proxy_parse_messagepack(proxy_map, handler, logger);
if (debug)
ctrl_packet_parser_dump(handler, logger);
if (ret != 0)
goto error;
@@ -503,86 +582,129 @@ void ctrl_packet_cmsg_destroy(struct ctrl_pkt_parser *handler)
void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger)
{
if (handler)
{
TFE_LOG_INFO(logger, "%s: tsync: %s, session_id: %lu, state: %s, method: %s, tfe policy_id_num: %d, tfe policy_ids[%03lu], sce policy_id_num: %d",
LOG_TAG_POLICY,
int ret = 0;
uint16_t size = 0;
char cmsg_data[256] = {0};
struct route_ctx *route_ctx = NULL;
char *header = NULL;
int header_len = 0;
struct sids *sid = NULL;
int map_index = 0;
if (handler) {
int log_len = 0;
char log_str[4096] = {0};
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%s: tsync: %s, session_id: %lu, state: %s, method: %s",
LOG_TAG_CTRLPKT,
handler->tsync,
handler->session_id,
session_state_to_string(handler->state),
handler->method,
handler->tfe_policy_id_num,
handler->tfe_policy_ids[0],
handler->sce_policy_id_num);
handler->method
);
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", tfe policy_id_num: %d, tfe policy_ids[", handler->tfe_policy_id_num);
for (int i = 0; i < handler->sce_policy_id_num; i++)
{
TFE_LOG_INFO(logger, "%s: %d session %lu sce policy_ids[%03lu]", LOG_TAG_POLICY, i, handler->session_id, handler->sce_policy_ids[i]);
for (int i = 0; i < handler->tfe_policy_id_num; i++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->tfe_policy_ids[i]);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "], sce policy_id_num: %d, sce policy_ids[", handler->sce_policy_id_num);
for (int i = 0; i < handler->sce_policy_id_num; i++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->sce_policy_ids[i]);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
int mpack_table_num = sizeof(mpack_table)/sizeof(struct mpack_mmap_id2type);
for (int i = 0; i < mpack_table_num; i++) {
if (mpack_table[i].mode == CMSG_MODE) {
memset(cmsg_data, 0, sizeof(cmsg_data));
ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[i].type, (unsigned char *)cmsg_data, mpack_table[i].size, &size);
if (ret < 0) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", mpack_table[i].str_name);
continue;
}
if (mpack_table[i].size <= 8)
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", mpack_table[i].str_name, *((uint64_t *)cmsg_data));
else
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", mpack_table[i].str_name, cmsg_data);
}
else if (mpack_table[i].mode == ARRAY_MODE) {
switch(mpack_table[i].type) {
case MPACK_ARRAY_SEQ_ROUTE_CTX:
case MPACK_ARRAY_ACK_ROUTE_CTX:
route_ctx = mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? &handler->seq_route_ctx : &handler->ack_route_ctx;
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s ROUTE CTX len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? "SEQ" : "ACK", route_ctx->len);
for (int j = 0; j < route_ctx->len; j++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", route_ctx->data[j]&0xff);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
break;
case MPACK_ARRAY_SEQ_PKT_HEADER:
case MPACK_ARRAY_ACK_PKT_HEADER:
header = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_header : handler->ack_header;
header_len = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_len : handler->ack_len;
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s HEADER len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? "SEQ" : "ACK", header_len);
for (int j = 0; j < header_len; j++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", header[j]&0xff);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
break;
case MPACK_ARRAY_SEQ_SIDS:
case MPACK_ARRAY_ACK_SIDS:
sid = mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? &handler->seq_sids : &handler->ack_sids;
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s SID count:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? "SEQ" : "ACK", sid->num);
for (int j = 0; j < sid->num; j++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%hu ", sid->elems[j]);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
break;
case MPACK_ARRAY_SRC_IP_LOCATION:
case MPACK_ARRAY_DST_IP_LOCATION:
map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION ? INDEX_SRC_IP_LOCATION : INDEX_DST_IP_LOCATION;
for (int j = 0; j < 4; j++) {
memset(cmsg_data, 0, sizeof(cmsg_data));
ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size);
if (ret < 0) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]);
continue;
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", ip_location_string_map[map_index].name[j], cmsg_data);
}
break;
case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID:
case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID:
map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID ? INDEX_SRC_IP_LOCATION_OBJ_ID : INDEX_DST_IP_LOCATION_OBJ_ID;
for (int j = 0; j < 4; j++) {
memset(cmsg_data, 0, sizeof(cmsg_data));
ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size);
if (ret < 0) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]);
continue;
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", ip_location_string_map[map_index].name[j], *((uint64_t *)cmsg_data));
}
break;
default:
break;
}
}
else if (mpack_table[i].mode == VARIABLE_MODE) {
switch(mpack_table[i].type) {
case MPACK_VAR_FLAG:
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->intercpet_data);
break;
case MPACK_VAR_WSACLE_CLIENT_FLAG:
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_client_flag);
break;
case MPACK_VAR_WSACLE_SERVER_FLAG:
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_server_flag);
break;
default:
break;
}
}
}
const char * tfe_cmsg_tlv_type_to_string[TFE_CMSG_TLV_NR_MAX];
void tfe_cmsg_enum_to_string()
{
memset(tfe_cmsg_tlv_type_to_string, 0 ,sizeof(tfe_cmsg_tlv_type_to_string));
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_SEQ] = "TFE_CMSG_TCP_RESTORE_SEQ";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_ACK] = "TFE_CMSG_TCP_RESTORE_ACK";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_MSS_CLIENT] = "TFE_CMSG_TCP_RESTORE_MSS_CLIENT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_MSS_SERVER] = "TFE_CMSG_TCP_RESTORE_MSS_SERVER";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT] = "TFE_CMSG_TCP_RESTORE_WSACLE_CLIENT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WSACLE_SERVER] = "TFE_CMSG_TCP_RESTORE_WSACLE_SERVER";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_SACK_CLIENT] = "TFE_CMSG_TCP_RESTORE_SACK_CLIENT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_SACK_SERVER] = "TFE_CMSG_TCP_RESTORE_SACK_SERVER";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_CLIENT] = "TFE_CMSG_TCP_RESTORE_TS_CLIENT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_SERVER] = "TFE_CMSG_TCP_RESTORE_TS_SERVER";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_PROTOCOL] = "TFE_CMSG_TCP_RESTORE_PROTOCOL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT] = "TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_WINDOW_SERVER] = "TFE_CMSG_TCP_RESTORE_WINDOW_SERVER";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR] = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL] = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL] = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_POLICY_ID] = "TFE_CMSG_POLICY_ID";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_STREAM_TRACE_ID] = "TFE_CMSG_STREAM_TRACE_ID";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_INTERCEPT_STATE] = "TFE_CMSG_SSL_INTERCEPT_STATE";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_SERVER_SIDE_LATENCY] = "TFE_CMSG_SSL_SERVER_SIDE_LATENCY";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CLIENT_SIDE_LATENCY] = "TFE_CMSG_SSL_CLIENT_SIDE_LATENCY";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_SERVER_SIDE_VERSION] = "TFE_CMSG_SSL_SERVER_SIDE_VERSION";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CLIENT_SIDE_VERSION] = "TFE_CMSG_SSL_CLIENT_SIDE_VERSION";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_PINNING_STATE] = "TFE_CMSG_SSL_PINNING_STATE";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CERT_VERIFY] = "TFE_CMSG_SSL_CERT_VERIFY";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_ERROR] = "TFE_CMSG_SSL_ERROR";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_MAC] = "TFE_CMSG_SRC_MAC";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_MAC] = "TFE_CMSG_DST_MAC";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_NODELAY] = "TFE_CMSG_DOWNSTREAM_TCP_NODELAY";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_TTL] = "TFE_CMSG_DOWNSTREAM_TCP_TTL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPALIVE] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPALIVE";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPCNT] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPCNT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPIDLE] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPIDLE";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_KEEPINTVL] = "TFE_CMSG_DOWNSTREAM_TCP_KEEPINTVL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DOWNSTREAM_TCP_USER_TIMEOUT] = "TFE_CMSG_DOWNSTREAM_TCP_USER_TIMEOUT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_NODELAY] = "TFE_CMSG_UPSTREAM_TCP_NODELAY";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_TTL] = "TFE_CMSG_UPSTREAM_TCP_TTL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPALIVE] = "TFE_CMSG_UPSTREAM_TCP_KEEPALIVE";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPCNT] = "TFE_CMSG_UPSTREAM_TCP_KEEPCNT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPIDLE] = "TFE_CMSG_UPSTREAM_TCP_KEEPIDLE";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_KEEPINTVL] = "TFE_CMSG_UPSTREAM_TCP_KEEPINTVL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_UPSTREAM_TCP_USER_TIMEOUT] = "TFE_CMSG_UPSTREAM_TCP_USER_TIMEOUT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_TCP_PASSTHROUGH] = "TFE_CMSG_TCP_PASSTHROUGH";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_SUB_ID] = "TFE_CMSG_SRC_SUB_ID";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_SUB_ID] = "TFE_CMSG_DST_SUB_ID";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_ASN] = "TFE_CMSG_SRC_ASN";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_ASN] = "TFE_CMSG_DST_ASN";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_ORGANIZATION] = "TFE_CMSG_SRC_ORGANIZATION";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_ORGANIZATION] = "TFE_CMSG_DST_ORGANIZATION";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SRC_IP_LOCATION] = "TFE_CMSG_SRC_IP_LOCATION";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_DST_IP_LOCATION] = "TFE_CMSG_DST_IP_LOCATION";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT] = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_FQDN_CAT_ID_NUM] = "TFE_CMSG_FQDN_CAT_ID_NUM";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_FQDN_CAT_ID_VAL] = "TFE_CMSG_FQDN_CAT_ID_VAL";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_COMMON_DIRECTION] = "TFE_CMSG_COMMON_DIRECTION";
tfe_cmsg_tlv_type_to_string[TFE_CMSG_SSL_PASSTHROUGH_REASON] = "TFE_CMSG_SSL_PASSTHROUGH_REASON";
TFE_LOG_DEBUG(logger, "%s", log_str);
}
}

2
common/src/tfe_packet_io.cpp
View File

@@ -1387,7 +1387,7 @@ static int handle_control_packet(struct packet_io *handle, marsio_buff_t *rx_buf
struct ctrl_pkt_parser ctrl_parser;
ctrl_packet_parser_init(&ctrl_parser);
if (ctrl_packet_parser_parse(&ctrl_parser, meta.raw_data + meta.l7offset, meta.raw_len - meta.l7offset, logger) == -1)
if (ctrl_packet_parser_parse(&ctrl_parser, meta.raw_data + meta.l7offset, meta.raw_len - meta.l7offset, logger, thread->ref_acceptor_ctx->debug) == -1)
{
TFE_LOG_ERROR(logger, "%s: unexpected control packet, metadata's session %lu unable to parse data", LOG_TAG_PKTIO, meta.session_id);
return -1;

9
common/test/CMakeLists.txt
View File

@@ -22,6 +22,14 @@ add_executable(gtest_session_table test_session_table.cpp)
target_include_directories(gtest_session_table PUBLIC ${CMAKE_SOURCE_DIR}/common/include)
target_link_libraries(gtest_session_table common gtest)
###############################################################################
# gtest_mpack
###############################################################################
add_executable(gtest_mpack test_mpack.cpp)
target_include_directories(gtest_mpack PUBLIC ${CMAKE_SOURCE_DIR}/common/include)
target_link_libraries(gtest_mpack common gtest)
###############################################################################
# gtest_discover_tests
###############################################################################
@@ -30,3 +38,4 @@ include(GoogleTest)
gtest_discover_tests(gtest_addr)
gtest_discover_tests(gtest_cmsg)
gtest_discover_tests(gtest_session_table)
gtest_discover_tests(gtest_mpack)

207
common/test/test_mpack.cpp
View File

@@ -1,12 +1,211 @@
#include <gtest/gtest.h>
#include <arpa/inet.h>
#include "mpack.h"
#include "tfe_cmsg.h"
#include "tfe_utils.h"
#include "tfe_ctrl_packet.h"
// TEST(MPACK, PARSE)
// {
// struct ctrl_pkt_parser handler;
// }
bool g_print_to_stderr = true;
void *g_packet_io_logger = NULL;
void build_mpack_data(char **data, size_t *size)
{
mpack_writer_t writer;
uint32_t tcp_seq = 3750033295;
uint32_t tcp_ack = 739256665;
uint16_t mss_client = 1460;
uint16_t mss_server = 1460;
uint8_t wsacle_client_flag = 1;
uint8_t wsacle_server_flag = 1;
uint8_t wsacle_client = 10;
uint8_t wsacle_server = 10;
uint8_t sack_client = 1;
uint8_t sack_server = 1;
uint8_t ts_client = 1;
uint8_t ts_server = 1;
uint8_t protocol = 0;
uint16_t window_client = 64240;
uint16_t window_server = 65160;
uint32_t ts_client_val = 4213358146;
uint32_t ts_server_val = 1218524397;
uint8_t packet_cur_dir = 1;
uint8_t src_sub_id[256] = {0};
uint8_t dst_sub_id[256] = {0};
uint64_t src_asn_val = 7676;
uint64_t dst_asn_val = 7878;
uint64_t src_asn_id = 1234;
uint64_t dst_asn_id = 4321;
// ip location array
const char *src_ip_location[4] = {
"src_region",
"src_province",
"src_city",
"src_subdivision"
};
const char *dst_ip_location[4] = {
"dst_region",
"dst_province",
"dst_city",
"dst_subdivision"
};
uint64_t src_ip_location_obj_id[4] = {1, 2, 3, 4};
uint64_t dst_ip_location_obj_id[4] = {1, 2, 3, 4};
uint8_t ja3_fingerprint[32] = {0};
uint16_t seq_sid[4] = {1000, 1001, 1002, 1003};
uint16_t ack_sid[4] = {1003, 1002, 1001, 1000};
uint8_t seq_route_ctx[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
uint8_t ack_route_ctx[] = {0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
uint8_t seq_header[] = {0x00, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70};
uint8_t ack_header[] = {0x80, 0x90, 0xA0, 0xB0, 0xC0, 0xD0, 0xE0, 0xF0};
uint8_t tfe_flag = 0;
mpack_writer_init_growable(&writer, data, size);
mpack_build_map(&writer);
mpack_write_cstr(&writer, "tsync");
mpack_write_cstr(&writer, "2.0");
mpack_write_cstr(&writer, "session_id");
mpack_write_u64(&writer, 290591070686249153);
mpack_write_cstr(&writer, "state");
mpack_write_cstr(&writer, "active");
mpack_write_cstr(&writer, "method");
mpack_write_cstr(&writer, "policy_update");
mpack_write_cstr(&writer, "params");
// params map
mpack_build_map(&writer);
mpack_write_cstr(&writer, "sce");
mpack_build_map(&writer);
mpack_write_cstr(&writer, "rule_ids");
mpack_build_array(&writer);
mpack_write_u64(&writer, 1);
mpack_complete_array(&writer);
mpack_complete_map(&writer);
mpack_write_cstr(&writer, "proxy");
mpack_build_map(&writer);
mpack_write_cstr(&writer, "rule_ids");
mpack_build_array(&writer);
mpack_write_u64(&writer, 3);
mpack_complete_array(&writer);
mpack_write_cstr(&writer, "tcp_handshake");
mpack_build_array(&writer);
mpack_write_u32(&writer, tcp_seq);
mpack_write_u32(&writer, tcp_ack);
mpack_write_u16(&writer, mss_client);
mpack_write_u16(&writer, mss_server);
mpack_write_u8(&writer, wsacle_client_flag);
mpack_write_u8(&writer, wsacle_server_flag);
mpack_write_u8(&writer, wsacle_client);
mpack_write_u8(&writer, wsacle_server);
mpack_write_u8(&writer, sack_client);
mpack_write_u8(&writer, sack_server);
mpack_write_u8(&writer, ts_client);
mpack_write_u8(&writer, ts_server);
mpack_write_u8(&writer, protocol);
mpack_write_u16(&writer, window_client);
mpack_write_u16(&writer, window_server);
mpack_write_u32(&writer, ts_client_val);
mpack_write_u32(&writer, ts_server_val);
mpack_write_u8(&writer, packet_cur_dir);
mpack_write_str(&writer, (const char*)src_sub_id, 0);
mpack_write_str(&writer, (const char*)dst_sub_id, 0);
mpack_write_u64(&writer, src_asn_val);
mpack_write_u64(&writer, dst_asn_val);
mpack_write_u64(&writer, src_asn_id);
mpack_write_u64(&writer, dst_asn_id);
mpack_build_array(&writer);
mpack_write_str(&writer, src_ip_location[0], strlen(src_ip_location[0]));
mpack_write_str(&writer, src_ip_location[1], strlen(src_ip_location[1]));
mpack_write_str(&writer, src_ip_location[2], strlen(src_ip_location[2]));
mpack_write_str(&writer, src_ip_location[3], strlen(src_ip_location[3]));
mpack_complete_array(&writer);
mpack_build_array(&writer);
mpack_write_str(&writer, dst_ip_location[0], strlen(dst_ip_location[0]));
mpack_write_str(&writer, dst_ip_location[1], strlen(dst_ip_location[1]));
mpack_write_str(&writer, dst_ip_location[2], strlen(dst_ip_location[2]));
mpack_write_str(&writer, dst_ip_location[3], strlen(dst_ip_location[3]));
mpack_complete_array(&writer);
mpack_build_array(&writer);
mpack_write_u64(&writer, src_ip_location_obj_id[0]);
mpack_write_u64(&writer, src_ip_location_obj_id[1]);
mpack_write_u64(&writer, src_ip_location_obj_id[2]);
mpack_write_u64(&writer, src_ip_location_obj_id[3]);
mpack_complete_array(&writer);
mpack_build_array(&writer);
mpack_write_u64(&writer, dst_ip_location_obj_id[0]);
mpack_write_u64(&writer, dst_ip_location_obj_id[1]);
mpack_write_u64(&writer, dst_ip_location_obj_id[2]);
mpack_write_u64(&writer, dst_ip_location_obj_id[3]);
mpack_complete_array(&writer);
mpack_write_str(&writer, (const char*)ja3_fingerprint, 0);
mpack_build_array(&writer);
int cnt = sizeof(seq_sid)/sizeof(uint16_t);
for (int i = 0; i < cnt; i++) {
mpack_write_u16(&writer, seq_sid[i]);
}
mpack_complete_array(&writer);
mpack_build_array(&writer);
cnt = sizeof(ack_sid)/sizeof(uint16_t);
for (int i = 0; i < cnt; i++) {
mpack_write_u16(&writer, ack_sid[i]);
}
mpack_complete_array(&writer);
mpack_write_bin(&writer, (const char*)seq_route_ctx, sizeof(seq_route_ctx));
mpack_write_bin(&writer, (const char*)ack_route_ctx, sizeof(ack_route_ctx));
mpack_write_bin(&writer, (const char*)seq_header, sizeof(seq_header));
mpack_write_bin(&writer, (const char*)ack_header, sizeof(ack_header));
mpack_write_u8(&writer, tfe_flag);
mpack_complete_array(&writer);
mpack_complete_map(&writer);
mpack_complete_map(&writer);
mpack_complete_map(&writer);
// finish writing
if (mpack_writer_destroy(&writer) != mpack_ok) {
assert(0);
if (*data) {
free(*data);
*data = NULL;
}
return;
}
}
TEST(CONTROL_PACKET, PARSER)
{
int ret = 0;
char *data = NULL;
size_t size = 0;
build_mpack_data(&data, &size);
if (data == NULL) {
printf("build mpack data error");
return;
}
struct ctrl_pkt_parser ctrl_parser;
memset(&ctrl_parser, 0, sizeof(struct ctrl_pkt_parser));
ret = ctrl_packet_parser_parse((void *)&ctrl_parser, (const char*)data, size, g_packet_io_logger, 1);
EXPECT_TRUE(ret == 0);
}
int main(int argc, char **argv)
{