gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-15779: app_full_path中包含ESNI和ECH

Browse Source
This commit is contained in:
liuxueli
2023-07-11 14:59:31 +08:00
parent 2665555f06
commit b50d05face
3 changed files with 165 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/bin/gtest_maat.json
View File

@@ -2312,6 +2312,8 @@
"68\thttps\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"rate_limit\",\"bps\":1000}\t0\t0\t0\t0\t0\t1",
"4\tunknown\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",
"199\tssl\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",
"8008\tSSL\\bwith\\bESNI\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",
"8173\tSSL\\bwith\\bECH\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",
"2521\tquic\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",
"240\tyoutube\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",
"15009\tuser_define_youtube\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",

109
test/src/gtest_master.cpp
View File

@@ -1010,6 +1010,115 @@ TEST(TSGMaster, SessionApplicationMetrics)
}
extern int session_app_gather_results_set_l7_protocol(const struct streaminfo *a_stream, unsigned int *app_id, int n_app_id);
TEST(TSGMaster, SessionApplicationFullPathTSG15779_HTTP)
{
const struct streaminfo a_stream={0};
char out_full_path[256]={0};
int out_full_path_len=sizeof(out_full_path);
struct gather_app_result *gather_result=(struct gather_app_result *)calloc(1, sizeof(struct gather_app_result));
gather_result->l7_protocol_num=1;
gather_result->l7_protocol=(struct app_attributes *)calloc(1, sizeof(struct app_attributes));
gather_result->l7_protocol->app_id=67;
gather_result->l7_protocol->surrogate_id=0;
gather_result->l7_protocol->packet_sequence=4;
session_gather_app_results_async(&a_stream, (void *)gather_result);
int n_app_id=1;
unsigned int app_id[1]={67};
session_app_gather_results_set_l7_protocol(&a_stream, app_id, n_app_id);
session_application_full_path_update(&a_stream, out_full_path, out_full_path_len);
EXPECT_STREQ("http", out_full_path);
free(gather_result->l7_protocol);
free(gather_result->qm_engine);
free(gather_result);
session_gather_app_results_async(&a_stream, NULL);
}
TEST(TSGMaster, SessionApplicationFullPathTSG15779_SSL)
{
const struct streaminfo a_stream={0};
char out_full_path[256]={0};
int out_full_path_len=sizeof(out_full_path);
struct gather_app_result *gather_result=(struct gather_app_result *)calloc(1, sizeof(struct gather_app_result));
gather_result->l7_protocol_num=1;
gather_result->l7_protocol=(struct app_attributes *)calloc(1, sizeof(struct app_attributes));
gather_result->l7_protocol->app_id=68;
gather_result->l7_protocol->surrogate_id=0;
gather_result->l7_protocol->packet_sequence=4;
session_gather_app_results_async(&a_stream, (void *)gather_result);
int n_app_id=1;
unsigned int app_id[1]={199};
session_app_gather_results_set_l7_protocol(&a_stream, app_id, n_app_id);
session_application_full_path_update(&a_stream, out_full_path, out_full_path_len);
EXPECT_STREQ("ssl.https", out_full_path);
free(gather_result->l7_protocol);
free(gather_result->qm_engine);
free(gather_result);
session_gather_app_results_async(&a_stream, NULL);
}
TEST(TSGMaster, SessionApplicationFullPathTSG15779_ECH)
{
const struct streaminfo a_stream={0};
char out_full_path[256]={0};
int out_full_path_len=sizeof(out_full_path);
struct gather_app_result *gather_result=(struct gather_app_result *)calloc(1, sizeof(struct gather_app_result));
gather_result->l7_protocol_num=1;
gather_result->l7_protocol=(struct app_attributes *)calloc(1, sizeof(struct app_attributes));
gather_result->l7_protocol->app_id=68;
gather_result->l7_protocol->surrogate_id=0;
gather_result->l7_protocol->packet_sequence=4;
session_gather_app_results_async(&a_stream, (void *)gather_result);
int n_app_id=2;
unsigned int app_id[2]={199, 8173};
session_app_gather_results_set_l7_protocol(&a_stream, app_id, n_app_id);
session_application_full_path_update(&a_stream, out_full_path, out_full_path_len);
EXPECT_STREQ("ssl.SSL with ECH.https", out_full_path);
free(gather_result->l7_protocol);
free(gather_result->qm_engine);
free(gather_result);
session_gather_app_results_async(&a_stream, NULL);
}
TEST(TSGMaster, SessionApplicationFullPathTSG15779_ESNI)
{
const struct streaminfo a_stream={0};
char out_full_path[256]={0};
int out_full_path_len=sizeof(out_full_path);
struct gather_app_result *gather_result=(struct gather_app_result *)calloc(1, sizeof(struct gather_app_result));
gather_result->l7_protocol_num=1;
gather_result->l7_protocol=(struct app_attributes *)calloc(1, sizeof(struct app_attributes));
gather_result->l7_protocol->app_id=68;
gather_result->l7_protocol->surrogate_id=0;
gather_result->l7_protocol->packet_sequence=4;
session_gather_app_results_async(&a_stream, (void *)gather_result);
int n_app_id=2;
unsigned int app_id[2]={199, 8008};
session_app_gather_results_set_l7_protocol(&a_stream, app_id, n_app_id);
session_application_full_path_update(&a_stream, out_full_path, out_full_path_len);
EXPECT_STREQ("ssl.SSL with ESNI.https", out_full_path);
free(gather_result->l7_protocol);
free(gather_result->qm_engine);
free(gather_result);
session_gather_app_results_async(&a_stream, NULL);
}
extern int session_application_full_path_update(const struct streaminfo *a_stream, char *app_full_path, int app_full_path_len);
TEST(TSGMaster, SessionApplicationFullPathTSG15999)