2019-11-22 11:35:16 +01:00
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
|
|
|
|
"fmt"
|
|
|
|
|
"io/ioutil"
|
|
|
|
|
"log"
|
|
|
|
|
"net/http"
|
|
|
|
|
"net/http/httputil"
|
|
|
|
|
"regexp"
|
|
|
|
|
"strings"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func classifierDecide(resp *http.Response) error {
|
|
|
|
|
|
|
|
|
|
ProxyFlow.response = resp
|
|
|
|
|
ProxyFlow.seniority++
|
|
|
|
|
req := ProxyFlow.request
|
|
|
|
|
|
|
|
|
|
switch {
|
|
|
|
|
case resp.StatusCode == 401:
|
|
|
|
|
log.Println("401: We don't want to store credentials")
|
|
|
|
|
case resp.StatusCode > 399:
|
|
|
|
|
buf := bytes.NewBufferString(BlockMessage)
|
|
|
|
|
resp.Body = ioutil.NopCloser(buf)
|
|
|
|
|
resp.Status = "403 Forbidden"
|
|
|
|
|
resp.StatusCode = 403
|
|
|
|
|
resp.Header["Content-Length"] = []string{fmt.Sprint(buf.Len())}
|
|
|
|
|
resp.Header.Set("Content-Encoding", "none")
|
|
|
|
|
log.Println("Filing inside bad class")
|
|
|
|
|
feedRequest(req, "BAD")
|
|
|
|
|
default:
|
|
|
|
|
log.Println("Filing inside Good Class: ", resp.StatusCode)
|
|
|
|
|
feedRequest(req, "GOOD")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-24 12:56:29 +01:00
|
|
|
func blockWithoutLock(resp *http.Response) error {
|
|
|
|
|
|
|
|
|
|
ProxyFlow.response = resp
|
|
|
|
|
ProxyFlow.seniority++
|
|
|
|
|
req := ProxyFlow.request
|
|
|
|
|
|
|
|
|
|
buf := bytes.NewBufferString(BlockMessage)
|
|
|
|
|
resp.Body = ioutil.NopCloser(buf)
|
|
|
|
|
resp.Status = "403 Forbidden"
|
|
|
|
|
resp.StatusCode = 403
|
|
|
|
|
resp.Header["Content-Length"] = []string{fmt.Sprint(buf.Len())}
|
|
|
|
|
resp.Header.Set("Content-Encoding", "none")
|
|
|
|
|
|
|
|
|
|
switch {
|
|
|
|
|
case resp.StatusCode == 401:
|
|
|
|
|
log.Println("401: We don't want to store credentials")
|
|
|
|
|
case resp.StatusCode > 399:
|
|
|
|
|
log.Println("Filing inside bad class")
|
|
|
|
|
feedRequest(req, "BAD")
|
|
|
|
|
default:
|
|
|
|
|
log.Println("Filing inside Good Class: ", resp.StatusCode)
|
|
|
|
|
feedRequest(req, "GOOD")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-22 11:35:16 +01:00
|
|
|
func sanitizeHeaders(s string) string {
|
|
|
|
|
|
|
|
|
|
re := regexp.MustCompile(`[a-zA-Z]{3,32}|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})`)
|
|
|
|
|
matched := re.FindAllString(s, -1)
|
|
|
|
|
return strings.ToLower(strings.Join(matched, " "))
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func feedRequest(req *http.Request, class string) {
|
|
|
|
|
|
|
|
|
|
feed := formatRequest(req)
|
|
|
|
|
|
|
|
|
|
feed = sanitizeHeaders(feed)
|
|
|
|
|
|
|
|
|
|
feedarray := strings.Fields(feed)
|
|
|
|
|
|
|
|
|
|
if class == "BAD" {
|
|
|
|
|
for _, token := range feedarray {
|
|
|
|
|
|
|
|
|
|
ControPlane.BadTokens <- token
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if class == "GOOD" {
|
|
|
|
|
for _, token := range feedarray {
|
|
|
|
|
|
|
|
|
|
ControPlane.GoodTokens <- token
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func formatRequest(req *http.Request) string {
|
|
|
|
|
|
2019-11-24 16:33:38 +01:00
|
|
|
ingestBody := req.ContentLength < 2048 && req.ContentLength > 1
|
|
|
|
|
|
|
|
|
|
log.Println("Ingesting the body: ", ingestBody)
|
|
|
|
|
|
|
|
|
|
requestDump, err := httputil.DumpRequest(req, ingestBody)
|
2019-11-22 11:35:16 +01:00
|
|
|
if err != nil {
|
|
|
|
|
fmt.Println(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return fmt.Sprintf("%s\n", requestDump)
|
|
|
|
|
}
|
