gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-8555,TSG-8556,修复tamper没有阻隔ssl协议登陆百度网址

Browse Source
This commit is contained in:
yangwenlin
2021-11-18 17:32:34 +08:00
parent 36c36102f3
commit f5ddca436a
4 changed files with 43 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/tsg_action.cpp
View File

@@ -741,6 +741,7 @@ static unsigned char do_action_tamper(const struct streaminfo *a_stream, Maat_ru
if(_context->method_type != TSG_METHOD_TYPE_TAMPER) if(_context->method_type != TSG_METHOD_TYPE_TAMPER)
{ {
_context->method_type=TSG_METHOD_TYPE_TAMPER; _context->method_type=TSG_METHOD_TYPE_TAMPER;
_context->tamper_count = 1;
} }
else else
{ {
@@ -756,7 +757,10 @@ static unsigned char do_action_tamper(const struct streaminfo *a_stream, Maat_ru
} }
} }
return send_tamper_xxx(a_stream, user_data); if(0 == send_tamper_xxx(a_stream, user_data)){
return STATE_DROPPKT;
}
return STATE_GIVEME;
} }
unsigned char tsg_deal_deny_action(const struct streaminfo *a_stream, Maat_rule_t *p_result, tsg_protocol_t protocol, enum ACTION_RETURN_TYPE type, const void *user_data) unsigned char tsg_deal_deny_action(const struct streaminfo *a_stream, Maat_rule_t *p_result, tsg_protocol_t protocol, enum ACTION_RETURN_TYPE type, const void *user_data)

11
src/tsg_entry.cpp
View File

@@ -1743,13 +1743,18 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
} }
break; break;
case TSG_METHOD_TYPE_TAMPER: case TSG_METHOD_TYPE_TAMPER:
ret = send_tamper_xxx(a_stream, a_packet); if(0 == send_tamper_xxx(a_stream, a_packet)){
context->tamper_count += 1;
if(ret==STATE_DROPPKT){
state|=APP_STATE_GIVEME|APP_STATE_DROPPKT; state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
}else{ }else{
state=APP_STATE_GIVEME; state=APP_STATE_GIVEME;
} }
context->tamper_count += 1;
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
__FUNCTION__,
"Addr: %s, send_tamper_xxx num %ld",
PRINTADDR(a_stream, g_tsg_para.level),
context->tamper_count);
break; break;
default: default:
break; break;

2
src/tsg_protocol_common.h
View File

@@ -117,7 +117,7 @@ int tsg_send_inject_packet(const struct streaminfo *a_stream, enum sapp_inject_o
unsigned char do_action_redirect_dns(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *user_data); unsigned char do_action_redirect_dns(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *user_data);
unsigned char send_icmp_unreachable(const struct streaminfo *a_stream, const void *raw_pkt); unsigned char send_icmp_unreachable(const struct streaminfo *a_stream, const void *raw_pkt);
unsigned char send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt); int send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt);
#endif #endif

45
src/tsg_tamper.cpp
View File

@@ -55,38 +55,51 @@ int tamper_calc(char *str, int endlen)
return 0; return 0;
} }
unsigned char send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt) int send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt)
{ {
const char *p_trans_payload = NULL; const char *p_trans_payload = NULL;
int trans_layload_len = 0; int trans_layload_len = 0;
char tamper_buf[MTU_LEN] = {0}; char tamper_buf[MTU_LEN] = {0};
int ret = 0; int tamper_index = 0;
int ret = -1;
if(a_stream==NULL){ if(a_stream==NULL){
return STATE_GIVEME; return -1;
} }
p_trans_payload = (char *)a_stream->ptcpdetail->pdata; p_trans_payload = (char *)a_stream->ptcpdetail->pdata;
trans_layload_len = a_stream->ptcpdetail->datalen; trans_layload_len = a_stream->ptcpdetail->datalen;
if((p_trans_payload==NULL)||(trans_layload_len<=4)){ if((p_trans_payload==NULL)||(trans_layload_len<=4)){
return STATE_GIVEME; MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
__FUNCTION__,
"Addr: %s Packet is not tamper because the payload is too short or there is no payload",
PRINTADDR(a_stream, g_tsg_para.level));
return -1;
} }
memcpy(tamper_buf, p_trans_payload, trans_layload_len); memcpy(tamper_buf, p_trans_payload, trans_layload_len);
ret = tamper_calc(tamper_buf, trans_layload_len); tamper_index = tamper_calc(tamper_buf, trans_layload_len);
if(ret > 0){ if(tamper_index > 0){
MESA_handle_runtime_log(g_tsg_para.logger, MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG, RLOG_LV_DEBUG,
__FUNCTION__, __FUNCTION__,
"Modify the index(%d) position of the payload:(old: %x %x %x %x, new: %x %x %x %x)", "Addr: %s,modify the index(%d) position of the payload:(old: %02x %02x %02x %02x, new: %02x %02x %02x %02x)",
ret, PRINTADDR(a_stream, g_tsg_para.level),
p_trans_payload[ret-1],p_trans_payload[ret],p_trans_payload[ret+1], p_trans_payload[ret+2], tamper_index,
tamper_buf[ret-1], tamper_buf[ret], tamper_buf[ret+1], tamper_buf[ret+2]); (uint8_t)p_trans_payload[tamper_index-1], (uint8_t)p_trans_payload[tamper_index], (uint8_t)p_trans_payload[tamper_index+1], (uint8_t)p_trans_payload[tamper_index+2],
ret=tsg_send_inject_packet(a_stream, SIO_DEFAULT, tamper_buf, trans_layload_len, a_stream->routedir); (uint8_t)tamper_buf[tamper_index-1], (uint8_t)tamper_buf[tamper_index], (uint8_t)tamper_buf[tamper_index+1], (uint8_t)tamper_buf[tamper_index+2]);
if(ret == 0){
return STATE_DROPPKT; if(0 == tsg_send_inject_packet(a_stream, SIO_DEFAULT, tamper_buf, trans_layload_len, a_stream->routedir)){
ret = 0;
} }
}else{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
__FUNCTION__,
"Addr: %s num , payload tamper failed because payload data same",
PRINTADDR(a_stream, g_tsg_para.level));
} }
return STATE_GIVEME; return ret;
} }