TSG-6016 修复请求应答头未解析district

2021-04-19 16:35:36 +08:00
parent 0983935dfd
commit 51b607ea34
3 changed files with 15 additions and 16 deletions
--- a/common/include/verify_policy.h
+++ b/common/include/verify_policy.h
@@ -142,6 +142,7 @@ struct verify_policy_query_obj
 	int protocol_field;
 	char *keyword;
    char *district;
 	char *attri_name;
 	struct ipaddr *ip_addr;
--- a/platform/src/verify_policy.cpp
+++ b/platform/src/verify_policy.cpp
@@ -269,7 +269,16 @@ static int get_attribute_from_json(int curr_id, cJSON* subchild, struct verify_p
 		policy_query->verify_object[curr_id].ip_addr = get_ip_from_json(attributeValue, policy_query->verify_object[curr_id].attri_name);
 		goto end;
 	}
 	item = cJSON_GetObjectItem(attributeValue,"district");
 	if(item!=NULL)
 	{
 		policy_query->verify_object[curr_id].district = item->valuestring;
 		p += snprintf(p, sizeof(buff) - (p - buff), ", district = %s",policy_query->verify_object[curr_id].district);
 	}
 	item = cJSON_GetObjectItem(attributeValue,"string");
 	if(item!=NULL)
 	{
 		policy_query->verify_object[curr_id].keyword = item->valuestring;
 		p += snprintf(p, sizeof(buff) - (p - buff), ", content = %s",policy_query->verify_object[curr_id].keyword);
--- a/scan/src/policy_scan.cpp
+++ b/scan/src/policy_scan.cpp
@@ -991,13 +991,6 @@ finish:
 size_t verify_policy_scan(enum verify_policy_type policy_type, struct verify_policy_query_obj *query_obj, cJSON *data_obj, void *pme)
 {
 	int scan_ret=0, n_read;
 	//size_t hit_cnt=0;
 	struct http_field_name req_fields[]={	{"User-Agent", HTTP_USER_AGENT},
 									        {"Cookie", HTTP_COOKIE}};
 	struct http_field_name resp_fields[]={	{"Set-Cookie", HTTP_SET_COOKIE},
 											{"Content-Type", HTTP_CONT_TYPE}};
 	struct pangu_http_ctx * ctx = (struct pangu_http_ctx *) pme;
 	size_t hit_cnt = ctx->hit_cnt;
@@ -1048,11 +1041,9 @@ size_t verify_policy_scan(enum verify_policy_type policy_type, struct verify_pol
 	if ((protocol_field == PXY_CTRL_HTTP_REQ_HDR) || protocol_field == PXY_CTRL_HTTP_RES_HDR)
 	{
-		struct http_field_name *field_name = (protocol_field == PXY_CTRL_HTTP_REQ_HDR) ? req_fields : resp_fields;
+		if(query_obj->district != NULL)
 		for(size_t i=0;i<sizeof(req_fields)/sizeof(struct http_field_name);i++)
 		{
-			const char * str_field_name = field_name[i].field_name;
+			const char * str_field_name = query_obj->district;
 			scan_ret = Maat_set_scan_status(g_pangu_rt->maat[policy_type], &(ctx->scan_mid), MAAT_SET_SCAN_DISTRICT,
 					   str_field_name, strlen(str_field_name));
 			assert(scan_ret == 0);
@@ -1063,12 +1054,10 @@ size_t verify_policy_scan(enum verify_policy_type policy_type, struct verify_pol
 			{
 				hit_cnt += scan_ret;
 			}
 		}
 			n_read=Maat_get_scan_status(g_pangu_rt->maat[policy_type], &(ctx->scan_mid), MAAT_GET_SCAN_HIT_PATH, ctx->hit_path, sizeof(ctx->hit_path));
 			query_obj->nth_scan[0] = ctx->hit_path[ctx->n_read].Nth_scan;
 			ctx->n_read=n_read;
-		goto decide;
+		}
 	}
 	if(policy_type == PXY_TABLE_SECURITY &&(protocol_field == PXY_SECURITY_HTTP_FQDN ||