From 04963fe1bfb56ce4712817d2683796d8833362e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B4=94=E4=B8=80=E9=B8=A3?= Date: Tue, 26 Nov 2019 17:41:43 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0http=E8=A7=A3=E6=9E=90?= =?UTF-8?q?=E9=83=A8=E5=88=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/tsg_rule.cpp | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp index dcdd430..460110b 100644 --- a/src/tsg_rule.cpp +++ b/src/tsg_rule.cpp @@ -9,6 +9,7 @@ #include "MESA/MESA_handle_logger.h" #include "Maat_rule.h" #include "Maat_command.h" +#include "MESA/http.h" #include "tsg_ssl_utils.h" #include "tsg_rule.h" #include "tsg_entry.h" @@ -17,6 +18,10 @@ Maat_feather_t g_tsg_maat_feather; #define MAX_PATH_LEN 1024 +#ifndef MIN +#define MIN(a, b) (((a) < (b)) ? (a) : (b)) +#endif + enum kni_scan_table{ TSG_FIELD_SSL_SNI, TSG_FIELD_HTTP_HOST, @@ -149,13 +154,21 @@ int tsg_rule_init(const char* conffile, void *logger) static void protocol_identify(char *buff, int buff_len, struct _identify_info *result){ result->proto = PROTO_UNKONWN; - //TODO: http: get from http protocol plugin - /* - if(is_http){ - result->protocol = PROTO_HTTP; + //http + char *host = NULL; + int ret = http_host_parser(buff, (uint32_t)buff_len, DIR_C2S, &host); + //printf("http_host_parse: ret = %d, buff_len = %d, buff = %s\n", ret, buff_len, buff); + if(ret >= 0){ + result->proto = PROTO_HTTP; + if(ret == 0){ + result->domain_len = 0; + } + else{ + result->domain_len = MIN(ret, (int)sizeof(result->domain) - 1); + strncpy(result->domain, host, result->domain_len); + } return; } - */ //ssl enum chello_parse_result chello_status = CHELLO_PARSE_INVALID_FORMAT; struct ssl_chello *chello = NULL;