* 提交策略验证框架及实现

2019-10-22 15:13:14 +08:00
parent ab92cb8ca9
commit cbc3cc52be
24 changed files with 2859 additions and 0 deletions
--- a/common/include/verify_policy.h
+++ b/common/include/verify_policy.h
@@ -0,0 +1,79 @@
+/*************************************************************************
+	> File Name: verify_policy.h
+	> Author: 
+	> Mail: 
+	> Created Time: 2019年08月23日 星期五 18时06分03秒
+ ************************************************************************/
+
+#ifndef _VERIFY_POLICY_H
+#define _VERIFY_POLICY_H
+
+#include <event2/event.h>
+#include "verify_policy_utils.h"
+
+enum scan_table
+{
+	PXY_CTRL_IP,
+	PXY_CTRL_HTTP_URL,
+	PXY_CTRL_HTTP_FQDN,
+	PXY_CTRL_HTTP_REQ_HDR,
+	PXY_CTRL_HTTP_REQ_BODY,
+	PXY_CTRL_HTTP_RES_HDR,
+	PXY_CTRL_HTTP_RES_BODY,
+	PXY_CTRL_SUBSCRIBE_ID,
+	__SCAN_TABLE_MAX
+};
+
+enum http_ev_bit_number
+{
+	IP_BITNUM = 0,
+	URL_BITNUM,
+	FQDN_BITNUM,
+	REQ_HDR_BITNUM,
+	RESP_HDR_BITNUM,
+	CONTENT_BITNUM,
+	SUBSCRIBE_ID
+};
+
+enum tfe_http_event
+{
+	EV_HTTP_IP = 1ULL << IP_BITNUM,
+	EV_HTTP_URL = 1ULL << URL_BITNUM,		
+	EV_HTTP_FQDN = 1ULL << FQDN_BITNUM,
+	EV_HTTP_REQ_HDR = 1ULL << REQ_HDR_BITNUM,
+	EV_HTTP_RESP_HDR = 1ULL << RESP_HDR_BITNUM,
+	EV_HTTP_CONTENT = 1ULL << CONTENT_BITNUM,
+	EV_HTTP_SUBSCRIBE_ID = 1ULL << SUBSCRIBE_ID,
+};
+
+struct verify_proxy_thread
+{
+	int  id;
+	pthread_t pid;        
+	evutil_socket_t accept_fd;
+	pthread_attr_t *attr;	
+	struct evhttp *http;
+	struct event_base *base;
+	void * (*routine)(void *);  
+};
+
+struct verify_proxy
+{	
+	char name[VERIFY_SYMBOL_MAX];		
+	void * logger;
+	unsigned int log_level;
+	unsigned int nr_work_threads;
+	unsigned int listen_port;	
+	struct verify_proxy_thread *work_threads[TFE_THREAD_MAX];
+};
+
+extern struct verify_proxy * g_verify_proxy;
+
+void * pangu_http_ctx_new(unsigned int thread_id);
+
+void http_scan(const char * value, enum tfe_http_event events,
+	const unsigned char * body_frag, size_t frag_size, void *pme);
+
+char *web_json_table_add(void *pme);
+
+#endif
--- a/common/include/verify_policy_logging.h
+++ b/common/include/verify_policy_logging.h
@@ -0,0 +1,51 @@
+/*************************************************************************
+	> File Name: logging.h
+	> Author:
+	> Mail:
+	> Created Time: 2018年06月18日 星期一 22时45分58秒
+ ************************************************************************/
+
+#ifndef _LOGGING_H
+#define _LOGGING_H
+
+#define MODULE_NAME "verify_policy"
+
+#define RLOG_LV_DEBUG       10
+#define RLOG_LV_INFO        20
+#define RLOG_LV_FATAL       30
+
+typedef struct RTLogInit2Data_ {
+    int debug_switch;
+
+	int run_log_level;
+
+	char run_log_path[256];
+
+	void *run_log_handle;
+} RTLogInit2Data;
+
+extern RTLogInit2Data logging_sc_lid;
+
+/* The maximum length of the log message */
+#define RT_LOG_MAX_LOG_MSG_LEN 2048
+
+extern void mesa_logging_print(int log_level, const char *module, const char *msg);
+
+#define mesa_log(x, y, z, ...)         do {                                       \
+                                  char _sc_log_msg[RT_LOG_MAX_LOG_MSG_LEN] = ""; \
+                                  char *_sc_log_temp = _sc_log_msg;      \
+                                  if ( !x )                       \
+                                  { } else {                             \
+                                      snprintf(_sc_log_temp,             \
+                                               (RT_LOG_MAX_LOG_MSG_LEN - \
+                                                (_sc_log_temp - _sc_log_msg)), \
+                                               __VA_ARGS__);             \
+                                      mesa_logging_print(y, z, _sc_log_msg); \
+                                  }                                      \
+                              } while(0)
+
+#define mesa_runtime_log(level, module, ...)   mesa_log(logging_sc_lid.debug_switch, level, module, __VA_ARGS__)
+
+extern void * verify_syslog_init(const char *config);
+
+#endif
--- a/common/include/verify_policy_utils.h
+++ b/common/include/verify_policy_utils.h
@@ -0,0 +1,54 @@
+#ifndef __RT_COMMON_H__
+#define __RT_COMMON_H__
+
+#include <assert.h>
+#define EVAL_TM_STYLE   "%Y-%m-%d"
+
+#define VERIFY_SYMBOL_MAX			64
+#define VERIFY_STRING_MAX			2048
+#define TFE_THREAD_MAX			128
+
+/** Alway treated the expr as true */
+#ifndef likely
+#define likely(expr) __builtin_expect(!!(expr), 1)
+#endif
+
+/** Alway treated the expr as false */
+#ifndef unlikely
+#define unlikely(expr) __builtin_expect(!!(expr), 0)
+#endif
+
+#ifndef FOREVER
+#define FOREVER for(;;)
+#endif
+
+#ifdef SOCK_NONBLOCK
+#define EVUTIL_SOCK_NONBLOCK SOCK_NONBLOCK
+#else
+#define EVUTIL_SOCK_NONBLOCK 0x4000000
+#endif
+#ifdef SOCK_CLOEXEC
+#define EVUTIL_SOCK_CLOEXEC SOCK_CLOEXEC
+#else
+#define EVUTIL_SOCK_CLOEXEC 0x80000000
+#endif
+#ifdef EFD_NONBLOCK
+#define EVUTIL_EFD_NONBLOCK EFD_NONBLOCK
+#else
+#define EVUTIL_EFD_NONBLOCK 0x4000
+#endif
+#ifdef EFD_CLOEXEC
+#define EVUTIL_EFD_CLOEXEC EFD_CLOEXEC
+#else
+#define EVUTIL_EFD_CLOEXEC 0x8000
+#endif
+
+#define	__rt_always_inline__	__attribute__((always_inline)) inline
+
+#define ALLOC(type, number) ((type *)calloc(sizeof(type), number))
+#define	FREE(p)	{free(*p);*p=NULL;}
+
+#define CHECK_OR_EXIT(condition, fmt, ...)                                                                          \
+do { if(!(condition)) { mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, fmt, ##__VA_ARGS__); exit(EXIT_FAILURE);   }  } while(0) \
+
+#endif