TSG-14928: 接收通知的ssl_intercept_info信息,填充到Proxy_intercept_event日志中发送; 接收SCE/SHAPER通知的日志信息

2023-05-10 07:35:03 +00:00
parent c5e959492d
commit ee0f57d6d3
15 changed files with 1666 additions and 319 deletions
--- a/src/tsg_sync_state.h
+++ b/src/tsg_sync_state.h
@@ -11,30 +11,45 @@ enum policy_type
    POLICY_UPDATE_MAX
 };

-struct cmsg_int32_array
+enum ssl_intercept_info_index
 {
-    size_t num;
-    uint32_t value[8];
+    SSL_INTERCEPT_STATE = 0,
+    SSL_UPSTREAM_LATENCY,
+    SSL_DOWNSTREAM_LATENCY,
+    SSL_UPSTREAM_VERSION,
+    SSL_DOWNSTREAM_VERSION,
+    SSL_PINNING_STATE,
+    SSL_CERT_VERIFY,
+    SSL_ERROR,
+    SSL_PASSTHROUGH_REASON,
+    SSL_INTERCEPT_MAX_INDEX
 };

-struct cmsg_int16_array
+#define FQDN_CAT_ID_VALS 8
+
+struct fqdn_cat_id_val
 {
    size_t num;
-    uint16_t value[8];
+    uint32_t value[FQDN_CAT_ID_VALS];
 };

-struct cmsg_int8_array
+#define TCP_XXX_SIDS 8
+struct tcp_sids
 {
    size_t num;
-    uint8_t value[64];
+    uint16_t value[TCP_XXX_SIDS];
+};
+
+#define TCP_XXX_ROUTE_CTX 64
+struct tcp_route_ctx
+{
+    size_t num;
+    uint8_t value[TCP_XXX_ROUTE_CTX];
 };

 struct proxy_cmsg
 {
-    uint32_t tcp_seq;
-    uint32_t tcp_ack;
-    uint16_t tcp_mss_client;
-    uint16_t tcp_mss_server;
+    uint8_t tcp_info_packet_cur_dir;
    uint8_t tcp_wsacle_exist;
    uint8_t tcp_wsacle_client;
    uint8_t tcp_wsacle_server;
@@ -43,11 +58,15 @@ struct proxy_cmsg
    uint8_t tcp_ts_client;
    uint8_t tcp_ts_server;
    uint8_t tcp_protocol;
+    uint16_t tcp_mss_client;
+    uint16_t tcp_mss_server;
    uint16_t tcp_window_client;
    uint16_t tcp_window_server;
    uint32_t tcp_ts_client_val;
    uint32_t tcp_ts_server_val;
-    uint8_t tcp_info_packet_cur_dir;
+    uint32_t tcp_seq;
+    uint32_t tcp_ack;
+
    char *src_sub_id;
    char *dst_sub_id;
    char *src_asn;
@@ -63,25 +82,63 @@ struct proxy_cmsg
    char *src_ip_location_subdivision;
    char *dst_ip_location_subdivision;
    char *ssl_client_ja3_fingerprint;
-    struct cmsg_int32_array fqdn_cat_id_val;
-    struct cmsg_int16_array tcp_seq_sids;
-    struct cmsg_int16_array tcp_ack_sids;
-    struct cmsg_int8_array tcp_seq_route_ctx;
-    struct cmsg_int8_array tcp_ack_route_ctx;
+    struct fqdn_cat_id_val fqdn_cat_ids;
+    struct tcp_sids tcp_seq_sids;
+    struct tcp_sids tcp_ack_sids;
+    struct tcp_route_ctx tcp_seq_route_ctx;
+    struct tcp_route_ctx tcp_ack_route_ctx;
 };

+#define UPDATE_POLICY_RULE_IDS 8
+
 struct update_policy
 {
    enum policy_type type;
    int n_ids;
-    long long ids[8];
+    long long ids[UPDATE_POLICY_RULE_IDS];
    struct proxy_cmsg cmsg;
 };

+struct proxy_log_update
+{
+    uint8_t ssl_pinning_state;
+    uint8_t ssl_cert_verify;
+    uint8_t ssl_intercept_state;
+    uint64_t ssl_upstream_latency;
+    uint64_t ssl_downstream_latency;
+    char *ssl_upstream_version;
+    char *ssl_downstream_version;
+    char *ssl_error;
+    char *ssl_passthrough_reason;
+};
+
+#define SHAPR_PROFILE_IDS 8
+
+struct shaper_rule
+{
+    long long rule_id;
+    size_t n_profile_ids;
+    uint32_t profile_ids[SHAPR_PROFILE_IDS];
+};
+
+#define SHAPR_RULE_IDS 8
+struct shaper_log_update
+{
+    size_t n_shaper_rule;
+    struct shaper_rule shaper_rules[SHAPR_RULE_IDS];
+};
+
+#define SCE_PROFILE_IDS 8
+struct sce_log_update
+{
+    size_t n_profile_ids;
+    uint32_t profile_ids[SCE_PROFILE_IDS];
+};
+
 int tsg_sync_resetall_state(const struct streaminfo *a_stream);
 int tsg_send_session_state(const struct streaminfo *a_stream, unsigned char state);
 int tsg_sync_opening_state(const struct streaminfo *a_stream, unsigned char state);
 int tsg_sync_closing_state(const struct streaminfo *a_stream, unsigned char state);
 int tsg_sync_policy_update(const struct streaminfo *a_stream, struct update_policy *policy_update, size_t n_policy_update);

-// int tsg_recv_control_pkt(const struct streaminfo *a_stream, const void *payload, int payload_len);
+int tsg_parse_log_update_payload(const struct streaminfo *a_stream, const void *payload, unsigned int payload_len);