/*
*函数名称:plugin_deal_client
*函数功能:处理客户端数据
*输入参数:dtts:提供待处理的数据
*输出参数:yixin_rec:存放截取数据
*返回值: 0成功 -1失败
*/
static int plugin_deal_client(const struct data_transit *dtts, struct yixin_record *yixin_rec, const int thread_num)
{
if(!yixin_rec){
return YT_FAILED;
}
time_t yixin_time;
struct tm *yixin_time_now;
do {
//iphone yixin登陆 识别
if (!memcmp(YIXIN_MARK_HEAD_IPHONE,dtts->l4_data,YIXIN_MARK_HEAD_IPHONE_SIZE)) {
if (strstr(dtts->l4_data+YIXIN_MARK_HEAD_IPHONE_SIZE,YIXIN_MARK_FEATURE_IPHONE)) {
// 获取不到账号
// plugin_data_extract(dtts->l4_data, WEIXIN_EXTRACT_HEAD_ACCOUNT_IPHONE,
// WEIXIN_EXTRACT_TAIL_ACCOUNT_IPHONE, yixin_rec->account, ACCOUNT_LENGTH);
yixin_rec->action = 1;
break;
}
}
//安卓版输入密码方式账号获取
if (!memcmp(YIXIN_MARK_HEAD_ANDROID,dtts->l4_data,YIXIN_MARK_HEAD_ANDROID_SIZE)) {
if (strstr(dtts->l4_data+YIXIN_MARK_HEAD_ANDROID_SIZE,YIXIN_MARK_FEATURE_ANDROID)) {
// 获取到账号
plugin_data_extract(dtts->l4_data, YIXIN_EXTRACT_HEAD_ACCOUNT_ANDROID,
YIXIN_EXTRACT_TAIL_ACCOUNT_ANDROID, yixin_rec->account, ACCOUNT_LENGTH);
yixin_rec->action = 1;
break;
}
}
plugin_done(yixin_rec);
(dtts->deal_record)->record = NULL;
return YT_FAILED;
}while (0);
//先获得下时间
time(&yixin_time);
yixin_time_now = localtime(&yixin_time);
sprintf(yixin_rec->date, "%04d-%02d-%02d", yixin_time_now->tm_year + 1900,
yixin_time_now->tm_mon + 1, yixin_time_now->tm_mday);
sprintf(yixin_suffix, "%04d%02d%02d", yixin_time_now->tm_year + 1900,
yixin_time_now->tm_mon + 1, yixin_time_now->tm_mday);
sprintf(yixin_rec->time, "%02d:%02d:%02d", yixin_time_now->tm_hour,
yixin_time_now->tm_min, yixin_time_now->tm_sec);
plugin_data_storage(dtts, yixin_rec, thread_num);
plugin_done(yixin_rec);
(dtts->deal_record)->record = NULL;
//匹配上了返回成功
return YT_SUCCESSFUL;
}
/*
*函数名称:plugin_deal_client
*函数功能:处理客户端数据
*输入参数:dtts:提供待处理的数据
*输出参数:weibo_rec:存放截取数据
*返回值: 0成功 -1失败
*/
static int plugin_deal_client(const struct data_transit *dtts, struct weibo_record *weibo_rec, const int thread_num)
{
if(!weibo_rec){
return YT_FAILED;
}
time_t weibo_time;
struct tm *weibo_time_now;
do {
//iphone weibo登陆 识别
if (!memcmp("GET /interface/f/ttt",dtts->l4_data,20)) {
if (strstr(dtts->l4_data+20,"wbapp.mobile.sina.cn")) {
// 获取到账号
plugin_data_extract(dtts->l4_data, "X-Log-Uid: ", "\r", weibo_rec->account, ACCOUNT_LENGTH);
weibo_rec->action = 1;
break;
}
}
//android weibo登陆 识别
if (!memcmp("GET /interface/win/winad",dtts->l4_data,24)) {
if (strstr(dtts->l4_data+24,"wbapp.mobile.sina.cn")) {
// 获取到账号
plugin_data_extract(dtts->l4_data, "uid=", "&", weibo_rec->account, ACCOUNT_LENGTH);
weibo_rec->action = 1;
break;
}
}
plugin_done(weibo_rec);
(dtts->deal_record)->record = NULL;
return YT_FAILED;
}while (0);
//先获得下时间
time(&weibo_time);
weibo_time_now = localtime(&weibo_time);
sprintf(weibo_rec->date, "%04d-%02d-%02d", weibo_time_now->tm_year + 1900,
weibo_time_now->tm_mon + 1, weibo_time_now->tm_mday);
sprintf(weibo_suffix, "%04d%02d%02d", weibo_time_now->tm_year + 1900,
weibo_time_now->tm_mon + 1, weibo_time_now->tm_mday);
sprintf(weibo_rec->time, "%02d:%02d:%02d", weibo_time_now->tm_hour,
weibo_time_now->tm_min, weibo_time_now->tm_sec);
plugin_data_storage(dtts, weibo_rec, thread_num);
plugin_done(weibo_rec);
(dtts->deal_record)->record = NULL;
//匹配上了返回成功
return YT_SUCCESSFUL;
}
/*
*函数名称:plugin_deal_server
*函数功能:处理客户端数据
*输入参数:dtts:提供待处理的数据
*输出参数:webqq_rec:存放截取数据
*返回值: 0成功 -1失败
*/
static int plugin_deal_server(const struct data_transit *dtts, struct webqq_record *webqq_rec, const int thread_num)
{
if(!webqq_rec){
return YT_FAILED;
}
time_t webqq_time;
struct tm *webqq_time_now;
do {
//消息接收
char *mark = strstr(dtts->l4_data,"\"message\"");
if (mark) {
char *mark1 = strstr(mark,"\"name\"");
if (!mark1) {
return YT_FAILED;
}
//message
plugin_data_extract(mark1, ",\">", "\"", webqq_rec->content, COMMON_LENGTH_512);
//convert_encodes(webqq_rec->content, sizeof(webqq_rec->content), ENCODE_UTF8, NULL);
webqq_rec->action = 4;
break;
}
plugin_done(webqq_rec);
(dtts->deal_record)->record = NULL;
return YT_FAILED;
}while (0);
//先获得下时间
time(&webqq_time);
webqq_time_now = localtime(&webqq_time);
sprintf(webqq_rec->date, "%04d-%02d-%02d", webqq_time_now->tm_year + 1900,
webqq_time_now->tm_mon + 1, webqq_time_now->tm_mday);
sprintf(webqq_suffix, "%04d%02d%02d", webqq_time_now->tm_year + 1900,
webqq_time_now->tm_mon + 1, webqq_time_now->tm_mday);
sprintf(webqq_rec->time, "%02d:%02d:%02d", webqq_time_now->tm_hour,
webqq_time_now->tm_min, webqq_time_now->tm_sec);
plugin_data_storage(dtts, webqq_rec, thread_num);
plugin_done(webqq_rec);
(dtts->deal_record)->record = NULL;
//匹配上了返回成功
return YT_SUCCESSFUL;
}
static int plugin_deal(const struct data_transit *dtts, const int thread_num)
{
if(!dtts){
return YT_FAILED;
}
struct bilin_record *bilin_rec = NULL;
bilin_rec = (struct bilin_record*)((dtts->deal_record)->record);
//连接关闭或超时存储
if(dtts->session_status == SESSION_STATUS_CLOSE ||
dtts->session_status == SESSION_STATUS_TIMEOUT){
//超时了或关闭连接了,服务端响应还没来也不管了
plugin_done(bilin_rec);
(dtts->deal_record)->record = NULL;
(dtts->deal_record)->record_destory_flag = RECORD_CAN_DESTORY;
return YT_SUCCESSFUL;
}
//判断是否是bbs处理后的后续杂包
if(bilin_rec && bilin_rec->plugin_ds.plugin_type == PLUGIN_TYPE_BBS) {
return YT_FAILED;
}
//bilin客户端数据
if((dtts->pkt_info).client_or_server == FROM_CLIENT_DATA){
plugin_done(bilin_rec);
(dtts->deal_record)->record = NULL;
bilin_rec = (struct bilin_record*)mempool_malloc(sizeof(struct bilin_record));
if(!bilin_rec){
log_write(LOG_ERROR, "bilin_rec malloc() error\n");
return YT_FAILED;
}
(dtts->deal_record)->record = bilin_rec;
if(plugin_deal_client(dtts, bilin_rec, thread_num) == YT_FAILED) {
return YT_FAILED;
}
return YT_SUCCESSFUL;
}
return YT_FAILED;
}
static int plugin_deal(const struct data_transit *dtts, const int thread_num)
{
if(!dtts){
return YT_FAILED;
}
struct webqq_record *webqq_rec = NULL;
webqq_rec = (struct webqq_record*)((dtts->deal_record)->record);
//连接关闭或超时存储
if(dtts->session_status == SESSION_STATUS_CLOSE ||
dtts->session_status == SESSION_STATUS_TIMEOUT){
//超时了或关闭连接了,服务端响应还没来也不管了
plugin_done(webqq_rec);
(dtts->deal_record)->record = NULL;
(dtts->deal_record)->record_destory_flag = RECORD_CAN_DESTORY;
return YT_SUCCESSFUL;
}
//判断是否是该插件的数据包
if(webqq_rec) {
if (webqq_rec->plugin_ds.plugin_type != PLUGIN_TYPE_IM_WEBQQ) {
return YT_FAILED;
}
} else {
webqq_rec = (struct webqq_record*)mempool_malloc(sizeof(struct webqq_record));
if(!webqq_rec){
log_write(LOG_ERROR, "webqq_rec malloc() error\n");
return YT_FAILED;
}
webqq_rec->plugin_ds.plugin_type = PLUGIN_TYPE_IM_WEBQQ;
(dtts->deal_record)->record = webqq_rec;
}
//webqq客户端数据
if((dtts->pkt_info).client_or_server == FROM_CLIENT_DATA){
if(plugin_deal_client(dtts, webqq_rec, thread_num) == YT_FAILED) {
return YT_FAILED;
}
return YT_SUCCESSFUL;
}
//webqq服务器端数据
if((dtts->pkt_info).client_or_server == FROM_SERVER_DATA){
if(plugin_deal_server(dtts, webqq_rec, thread_num) == YT_FAILED) {
return YT_FAILED;
}
return YT_SUCCESSFUL;
}
return YT_FAILED;
}
gint plugin_init (gchar **error)
{
if (!check_plugin_version(MAKE_NUMERIC_VERSION(2,9,2,72),
VERSION_NUMERIC, _("NewMail"), error))
return -1;
hook_id = hooks_register_hook (MAIL_POSTFILTERING_HOOKLIST, newmail_hook, NULL);
if (hook_id == -1) {
*error = g_strdup (_("Failed to register newmail hook"));
return (-1);
}
if (!NewLog) {
auto char *mode = truncLog ? "w" : "a";
if (!LogName) {
LogName = g_strconcat(getenv ("HOME"), G_DIR_SEPARATOR_S, DEFAULT_DIR,
G_DIR_SEPARATOR_S, LOG_NAME, NULL);
}
if (!(NewLog = fopen (LogName, mode))) {
debug_print ("Failed to open default log %s\n", LogName);
/* try fallback location */
g_free(LogName);
LogName = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, LOG_NAME, NULL);
if (!(NewLog = fopen (LogName, mode))) {
char buf[BUFSIZE];
debug_print ("Failed to open fallback log %s\n", LogName);
#if (_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600) && ! _GNU_SOURCE
strerror_r(errno, buf, BUFSIZE);
*error = g_strdup_printf(_("Could not open log file %s: %s\n"),
LogName, buf);
#else /* use GNU version */
*error = g_strdup_printf(_("Could not open log file %s: %s\n"),
LogName, strerror_r(errno, buf, BUFSIZE));
#endif
plugin_done ();
return (-1);
}
}
setbuf (NewLog, NULL);
}
debug_print ("Newmail plugin loaded\n"
"Message header summaries written to %s\n", LogName);
if (pluginDesc == NULL)
pluginDesc = g_strdup_printf(
_("This plugin writes a header summary to a log file for each "
"mail received after sorting.\n\n"
"Default is ~/Mail/NewLog\n\nCurrent log is %s"), LogName);
return (0);
} /* plugin_init */
/*
*函数名称:plugin_deal_client
*函数功能:处理客户端数据
*输入参数:dtts:提供待处理的数据
*输出参数:webqq_rec:存放截取数据
*返回值: 0成功 -1失败
*/
static int plugin_deal_client(const struct data_transit *dtts, struct webqq_record *webqq_rec, const int thread_num)
{
if(!webqq_rec){
return YT_FAILED;
}
time_t webqq_time;
struct tm *webqq_time_now;
do {
//webqq登陆 识别
if (!memcmp("GET /check_sig",dtts->l4_data,14)) {
if (strstr(dtts->l4_data+14,"ptlogin4.web2.qq.com")) {
// 获取账号
plugin_data_extract(dtts->l4_data,"uin=","&", webqq_rec->account, ACCOUNT_LENGTH);
webqq_rec->action = 1;
break;
}
}
const struct net_tuple *net_tuple_tmp = &((dtts->pkt_info).tuple);
//消息发送
if (!memcmp("POST /channel/send_buddy_msg2",dtts->l4_data, 29)) {
//message
plugin_data_extract(dtts->l4_data + 200, "content%22%3A%22%5B%5C%22",
"%5C%22%2C%5B%5C%22", webqq_rec->content, COMMON_LENGTH_512);
convert_encodes(webqq_rec->content, strlen(webqq_rec->content), "1", NULL);
plugin_data_extract(dtts->l4_data + 100, "ptui_loginuin=",
";",webqq_rec->account, ACCOUNT_LENGTH);
webqq_rec->action = 3;
break;
}
plugin_done(webqq_rec);
(dtts->deal_record)->record = NULL;
return YT_FAILED;
}while (0);
//先获得下时间
time(&webqq_time);
webqq_time_now = localtime(&webqq_time);
sprintf(webqq_rec->date, "%04d-%02d-%02d", webqq_time_now->tm_year + 1900,
webqq_time_now->tm_mon + 1, webqq_time_now->tm_mday);
sprintf(webqq_suffix, "%04d%02d%02d", webqq_time_now->tm_year + 1900,
webqq_time_now->tm_mon + 1, webqq_time_now->tm_mday);
sprintf(webqq_rec->time, "%02d:%02d:%02d", webqq_time_now->tm_hour,
webqq_time_now->tm_min, webqq_time_now->tm_sec);
plugin_data_storage(dtts, webqq_rec, thread_num);
plugin_done(webqq_rec);
(dtts->deal_record)->record = NULL;
//匹配上了返回成功
return YT_SUCCESSFUL;
}
/*
*函数名称:plugin_deal_server
*函数功能:处理客户端数据
*输入参数:dtts:提供待处理的数据
*输出参数:fetion_rec:存放截取数据
*返回值: 0成功 -1失败
*/
static int plugin_deal_server(const struct data_transit *dtts, struct fetion_record *fetion_rec, const int thread_num)
{
if(!fetion_rec){
return YT_FAILED;
}
time_t fetion_time;
struct tm *fetion_time_now;
do {
const struct net_tuple *net_tuple_tmp = &((dtts->pkt_info).tuple);
if (ntohs(net_tuple_tmp->port_source) == 8023) {
//android 消息接收
char *mark = strstr(dtts->l4_data+70,"Font FaceEx=\"mrfont\">");
if (mark) {
//message
plugin_data_extract(dtts->l4_data + 70, "Font FaceEx=\"mrfont\">",
"</Font>", fetion_rec->content, COMMON_LENGTH_512);
//convert_encodes(fetion_rec->content, sizeof(fetion_rec->content), ENCODE_UTF8, NULL);
plugin_data_extract(dtts->l4_data+70,"sip:",";",fetion_rec->remote_account, ACCOUNT_LENGTH);
fetion_rec->action = 4;
break;
}
//ios 消息发送
mark = strstr(dtts->l4_data+30,"font faceex=\"\">");
if (mark) {
//message
plugin_data_extract(dtts->l4_data + 30, "font faceex=\"\">",
"</font>", fetion_rec->content, COMMON_LENGTH_512);
//convert_encodes(fetion_rec->content, sizeof(fetion_rec->content), ENCODE_UTF8, NULL);
plugin_data_extract(dtts->l4_data+30,"sip:",";",fetion_rec->remote_account, ACCOUNT_LENGTH);
fetion_rec->action = 4;
break;
}
}
plugin_done(fetion_rec);
(dtts->deal_record)->record = NULL;
return YT_FAILED;
}while (0);
//先获得下时间
time(&fetion_time);
fetion_time_now = localtime(&fetion_time);
sprintf(fetion_rec->date, "%04d-%02d-%02d", fetion_time_now->tm_year + 1900,
fetion_time_now->tm_mon + 1, fetion_time_now->tm_mday);
sprintf(fetion_suffix, "%04d%02d%02d", fetion_time_now->tm_year + 1900,
fetion_time_now->tm_mon + 1, fetion_time_now->tm_mday);
sprintf(fetion_rec->time, "%02d:%02d:%02d", fetion_time_now->tm_hour,
fetion_time_now->tm_min, fetion_time_now->tm_sec);
plugin_data_storage(dtts, fetion_rec, thread_num);
plugin_done(fetion_rec);
(dtts->deal_record)->record = NULL;
//匹配上了返回成功
return YT_SUCCESSFUL;
}
/*
*函数名称:plugin_deal_client
*函数功能:处理客户端数据
*输入参数:dtts:提供待处理的数据
*输出参数:fetion_rec:存放截取数据
*返回值: 0成功 -1失败
*/
static int plugin_deal_client(const struct data_transit *dtts, struct fetion_record *fetion_rec, const int thread_num)
{
if(!fetion_rec){
return YT_FAILED;
}
time_t fetion_time;
struct tm *fetion_time_now;
do {
//iphone fetion登陆 识别 android登陆识别与pc相同
if (!memcmp(FETION_MARK_HEAD_IPHONE,dtts->l4_data,FETION_MARK_HEAD_IA_SIZE) ||
!memcmp(FETION_MARK_HEAD_ANDROID,dtts->l4_data,FETION_MARK_HEAD_IA_SIZE)) {
if (strstr(dtts->l4_data+FETION_MARK_HEAD_IA_SIZE,FETION_MARK_FEATURE_IA)) {
// 获取账号
plugin_data_extract(dtts->l4_data, FETION_EXTRACT_HEAD_ACCOUNT_IA,
FETION_EXTRACT_TAIL_ACCOUNT_IA, fetion_rec->account, ACCOUNT_LENGTH);
fetion_rec->action = 1;
break;
}
}
const struct net_tuple *net_tuple_tmp = &((dtts->pkt_info).tuple);
if (ntohs(net_tuple_tmp->port_dest) == 8023) {
//android 消息发送
if (!memcmp("font faceex",dtts->l4_data + 40, 11)) {
//message
plugin_data_extract(dtts->l4_data + 38, "<font faceex=\"\">",
"</font>", fetion_rec->content, COMMON_LENGTH_512);
//convert_encodes(fetion_rec->content, sizeof(fetion_rec->content), ENCODE_UTF8, NULL);
char *p = strstr(dtts->l4_data + 38, "</font>");
if (p) {
// send to num
plugin_data_extract(p, "sip:",
";", fetion_rec->remote_account, ACCOUNT_LENGTH);
}
char *str = strstr(p, "sip:");
if (str) {
// send to num
plugin_data_extract(str+19, "sip:",
";", fetion_rec->account, ACCOUNT_LENGTH);
}
fetion_rec->action = 3;
break;
}
//ios 消息发送
char *mark = strstr(dtts->l4_data+27,"Font FaceEx=\"mrfont\">");
if (mark) {
//message
plugin_data_extract(dtts->l4_data + 27, "Font FaceEx=\"mrfont\">",
"</Font>", fetion_rec->content, COMMON_LENGTH_512);
//convert_encodes(fetion_rec->content, sizeof(fetion_rec->content), ENCODE_UTF8, NULL);
plugin_data_extract(dtts->l4_data+27,"sip:",";",fetion_rec->remote_account, ACCOUNT_LENGTH);
fetion_rec->action = 3;
break;
}
}
plugin_done(fetion_rec);
(dtts->deal_record)->record = NULL;
return YT_FAILED;
}while (0);
//先获得下时间
time(&fetion_time);
fetion_time_now = localtime(&fetion_time);
sprintf(fetion_rec->date, "%04d-%02d-%02d", fetion_time_now->tm_year + 1900,
fetion_time_now->tm_mon + 1, fetion_time_now->tm_mday);
sprintf(fetion_suffix, "%04d%02d%02d", fetion_time_now->tm_year + 1900,
fetion_time_now->tm_mon + 1, fetion_time_now->tm_mday);
sprintf(fetion_rec->time, "%02d:%02d:%02d", fetion_time_now->tm_hour,
fetion_time_now->tm_min, fetion_time_now->tm_sec);
plugin_data_storage(dtts, fetion_rec, thread_num);
plugin_done(fetion_rec);
(dtts->deal_record)->record = NULL;
//匹配上了返回成功
return YT_SUCCESSFUL;
}
