Skip to content

Commit

Permalink
Fixed websns version1 bug and n2h2 alive size
Browse files Browse the repository at this point in the history
  • Loading branch information
Jeroen Nijhof committed Sep 18, 2011
1 parent 22fa698 commit f13a2b7
Show file tree
Hide file tree
Showing 8 changed files with 63 additions and 50 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
* 2011/09/13 v1.06 Jeroen Nijhof <[email protected]>
Using more defines
Fixed n2h2 alive size
Fixed websense version 1 bug
Using hash as key for caching improvements
Using structs and check for overflows
Expand Down
6 changes: 4 additions & 2 deletions cache.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,11 +26,13 @@ DB *open_cache() {

if ((ret = db_create(&dbp, NULL, 0)) != 0) {
syslog(LOG_WARNING, "cache: %s.", db_strerror(ret));
free(dbp);
return NULL;
}
if ((ret = dbp->open(dbp, NULL, DATABASE, NULL, DB_BTREE, DB_CREATE, 0664)) != 0) {
syslog(LOG_WARNING, "cache: %s.", db_strerror(ret));
close_cache(dbp, 0);
free(dbp);
return NULL;
}
return dbp;
Expand Down Expand Up @@ -95,7 +97,7 @@ int add_cache(DB *dbp, char hash[10], int debug) {
bzero(&key, sizeof(key));
bzero(&data, sizeof(data));
key.data = hash;
key.size = sizeof(hash);
key.size = strlen(hash)+1;
data.data = sec;
data.size = strlen(sec)+1;

Expand Down Expand Up @@ -123,7 +125,7 @@ int rm_cache(DB *dbp, char hash[10], int debug) {

bzero(&key, sizeof(key));
key.data = hash;
key.size = sizeof(hash);
key.size = strlen(hash)+1;

if ((ret = dbp->del(dbp, NULL, &key, 0)) == 0) {
dbp->sync(dbp, 0);
Expand Down
12 changes: 6 additions & 6 deletions n2h2.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
void n2h2_alive(int fd, struct n2h2_req *n2h2_request) {
struct n2h2_resp n2h2_resp_alive;

n2h2_resp_alive.code = htons(770);
n2h2_resp_alive.code = htons(N2H2_ALIVE_RESP);
n2h2_resp_alive.serial = n2h2_request->serial;
n2h2_resp_alive.unknown = htons(0);
n2h2_resp_alive.urlsize = htons(0);
Expand All @@ -23,7 +23,7 @@ void n2h2_alive(int fd, struct n2h2_req *n2h2_request) {
void n2h2_accept(int fd, struct n2h2_req *n2h2_request) {
struct n2h2_resp n2h2_resp_accept;

n2h2_resp_accept.code = htons(2);
n2h2_resp_accept.code = htons(N2H2_REQ_ACCEPT);
n2h2_resp_accept.serial = n2h2_request->serial;
n2h2_resp_accept.unknown = htons(0);
n2h2_resp_accept.urlsize = htons(0);
Expand All @@ -37,7 +37,7 @@ void n2h2_deny(int fd, struct n2h2_req *n2h2_request, char *redirect_url) {
int urlsize = 0;
int i;

n2h2_resp_deny.code = htons(258);
n2h2_resp_deny.code = htons(N2H2_REQ_DENY);
n2h2_resp_deny.serial = n2h2_request->serial;
n2h2_resp_deny.unknown = htons(0);
n2h2_resp_deny.urlsize = htons(0);
Expand All @@ -62,15 +62,15 @@ struct uf_request n2h2_validate(struct n2h2_req *n2h2_request, int msgsize) {

request.type = UNKNOWN;

if (msgsize == N2H2_HDR && ntohs(n2h2_request->code) == N2H2_ALIVE) {
if (msgsize == N2H2_ALIVE_SIZE && ntohs(n2h2_request->code) == N2H2_ALIVE) {
request.type = N2H2_ALIVE;
return request;
}

if (msgsize > N2H2_REQ_SIZE && ntohs(n2h2_request->code) == N2H2_REQ && ntohs(n2h2_request->urlsize) < URL_SIZE) {
request.type = N2H2_REQ;
request.srcip = n2h2_request->srcip;
request.dstip = n2h2_request->dstip;
request.srcip.s_addr = n2h2_request->srcip;
request.dstip.s_addr = n2h2_request->dstip;
for(i = 0; i < ntohs(n2h2_request->urlsize); i++)
request.url[i] = n2h2_request->url[i];
return request;
Expand Down
24 changes: 14 additions & 10 deletions n2h2.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,24 +9,28 @@
#define N2H2 1
#define N2H2_HDR 10
#define N2H2_ALIVE 515
#define N2H2_ALIVE_RESP 770
#define N2H2_ALIVE_SIZE 20
#define N2H2_REQ 512
#define N2H2_REQ_ACCEPT 2
#define N2H2_REQ_DENY 258
#define N2H2_REQ_SIZE 18

struct n2h2_req {
u_int16_t code;
u_int32_t serial;
struct in_addr srcip;
struct in_addr dstip;
u_int16_t urlsize;
u_int16_t usrsize;
uint16_t code;
uint32_t serial;
uint32_t srcip;
uint32_t dstip;
uint16_t urlsize;
uint16_t usrsize;
char url[URL_SIZE];
} __attribute__((__packed__));

struct n2h2_resp {
u_int16_t code;
u_int32_t serial;
u_int16_t unknown;
u_int16_t urlsize;
uint16_t code;
uint32_t serial;
uint16_t unknown;
uint16_t urlsize;
char url[URL_SIZE];
} __attribute__((__packed__));

Expand Down
10 changes: 5 additions & 5 deletions openufp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -202,8 +202,8 @@ int main(int argc, char**argv) {

int cached = 0;
char hash[10];
struct websns_req *websns_request = NULL;
struct n2h2_req *n2h2_request = NULL;
struct websns_req *websns_request = NULL;
for(;;) {
bzero(&msg, sizeof(msg));
msgsize = recvfrom(cli_fd, msg, REQ_SIZE, 0, (struct sockaddr *)&cli_addr, &cli_size);
Expand Down Expand Up @@ -268,9 +268,9 @@ int main(int argc, char**argv) {
}

// parse url to proxy
if (!cached && !denied && squidguard) {
/*if (!cached && !denied && squidguard) {
denied = squidguard_backend(sg_fd, request.srcip, request.url, debug);
}
}*/

if (denied) {
if (frontend == N2H2) {
Expand All @@ -279,7 +279,7 @@ int main(int argc, char**argv) {
websns_deny(cli_fd, websns_request, redirect_url);
}
if (debug > 0)
syslog(LOG_INFO, "url denied: srcip %s, dstip %s, url %s.",
syslog(LOG_INFO, "url denied: srcip %s, dstip %s, url %s",
inet_ntoa(request.srcip), inet_ntoa(request.dstip), request.url);
} else {
if (frontend == N2H2) {
Expand All @@ -290,7 +290,7 @@ int main(int argc, char**argv) {
if (!cached)
add_cache(cachedb, hash, debug);
if (debug > 0)
syslog(LOG_INFO, "url accepted: srcip %s, dstip %s, url %s.",
syslog(LOG_INFO, "url accepted: srcip %s, dstip %s, url %s",
inet_ntoa(request.srcip), inet_ntoa(request.dstip), request.url);
}
// reset denied
Expand Down
2 changes: 1 addition & 1 deletion openufp.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
// request struct and defs
#define UNKNOWN 65535
struct uf_request {
u_int16_t type;
uint16_t type;
struct in_addr srcip;
struct in_addr dstip;
char url[URL_SIZE];
Expand Down
15 changes: 8 additions & 7 deletions websense.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ void websns_alive(int fd, struct websns_req *websns_request) {
websns_resp_alive.vers_min = websns_request->vers_min;
websns_resp_alive.vers_pat = websns_request->vers_pat;
websns_resp_alive.serial = websns_request->serial;
websns_resp_alive.code = htons(0);
websns_resp_alive.code = htons(WEBSNS_ALIVE_RESP);
websns_resp_alive.desc = htons(65535);
websns_resp_alive.cat = htons(0);
websns_resp_alive.urlsize = htons(0);
Expand All @@ -33,7 +33,7 @@ void websns_accept(int fd, struct websns_req *websns_request) {
websns_resp_accept.vers_min = websns_request->vers_min;
websns_resp_accept.vers_pat = websns_request->vers_pat;
websns_resp_accept.serial = websns_request->serial;
websns_resp_accept.code = htons(0);
websns_resp_accept.code = htons(WEBSNS_REQ_ACCEPT);
websns_resp_accept.desc = htons(0);
websns_resp_accept.cat = htons(0);
websns_resp_accept.urlsize = htons(0);
Expand All @@ -52,7 +52,7 @@ void websns_deny(int fd, struct websns_req *websns_request, char *redirect_url)
websns_resp_deny.vers_min = websns_request->vers_min;
websns_resp_deny.vers_pat = websns_request->vers_pat;
websns_resp_deny.serial = websns_request->serial;
websns_resp_deny.code = htons(1);
websns_resp_deny.code = htons(WEBSNS_REQ_DENY);
websns_resp_deny.desc = htons(1);
websns_resp_deny.cat = htons(0);
websns_resp_deny.urlsize = htons(0);
Expand All @@ -77,15 +77,15 @@ struct uf_request websns_validate(struct websns_req *websns_request, int msgsize

request.type = UNKNOWN;

if (msgsize == WEBSNS_ALIVE) {
if (msgsize == WEBSNS_ALIVE_SIZE) {
request.type = WEBSNS_ALIVE;
return request;
}

if (msgsize > WEBSNS_REQ_SIZE && ntohs(websns_request->code) == WEBSNS_REQ && ntohs(websns_request->urlsize) < URL_SIZE) {
request.type = WEBSNS_REQ;
request.srcip = websns_request->srcip;
request.dstip = websns_request->dstip;
request.srcip.s_addr = websns_request->srcip;
request.dstip.s_addr = websns_request->dstip;
for(i = 0; i < ntohs(websns_request->urlsize); i++)
request.url[i] = websns_request->url[i];
return request;
Expand All @@ -107,6 +107,7 @@ void websns_convert(struct websns_req *websns_request, char msg[REQ_SIZE], int m
offset = 2;
newmsg[i] = msg[i + offset];
}
websns_request = (struct websns_req *)newmsg;
struct websns_req *websns_vers1 = (struct websns_req *)newmsg;
*websns_request = *websns_vers1;
}
}
42 changes: 23 additions & 19 deletions websense.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,33 +9,37 @@
#define WEBSNS 2
#define WEBSNS_HDR 20
#define WEBSNS_ALIVE 12
#define WEBSNS_ALIVE_RESP 0
#define WEBSNS_ALIVE_SIZE 12
#define WEBSNS_REQ 1
#define WEBSNS_REQ_ACCEPT 0
#define WEBSNS_REQ_DENY 1
#define WEBSNS_REQ_SIZE 26

struct websns_req {
u_int16_t size;
u_int16_t vers_maj;
u_int16_t vers_min;
u_int16_t vers_pat;
u_int32_t serial;
u_int16_t code;
u_int16_t desc;
struct in_addr srcip;
struct in_addr dstip;
u_int16_t urlsize;
uint16_t size;
uint16_t vers_maj;
uint16_t vers_min;
uint16_t vers_pat;
uint32_t serial;
uint16_t code;
uint16_t desc;
uint32_t srcip;
uint32_t dstip;
uint16_t urlsize;
char url[URL_SIZE];
} __attribute__((__packed__));

struct websns_resp {
u_int16_t size;
u_int16_t vers_maj;
u_int16_t vers_min;
u_int16_t vers_pat;
u_int32_t serial;
u_int16_t code;
u_int16_t desc;
u_int16_t cat;
u_int16_t urlsize;
uint16_t size;
uint16_t vers_maj;
uint16_t vers_min;
uint16_t vers_pat;
uint32_t serial;
uint16_t code;
uint16_t desc;
uint16_t cat;
uint16_t urlsize;
char url[URL_SIZE];
} __attribute__((__packed__));

Expand Down

0 comments on commit f13a2b7

Please sign in to comment.