standard/demo.go

package main

/*
#cgo CFLAGS : -I./
#cgo LDFLAGS: -L./ -ltde_sdk
#include <stdio.h>
#include <stdlib.h>
#include "libtde_sdk.h"
*/
import "C"
import (
	"encoding/binary"
	"fmt"
	"github.com/golang/protobuf/proto"
	"go_sdk/tde" //tde.proto生成的文件引入
	"time"
	"unsafe"
)

var initSign C.int
var offUp C.int

func init() {
	// 初始化
	initSign = C.int(C.InitConfig(C.CString("./config.ini")))
	// initSign = C.int(C.InitConfigFromHdfs(C.CString("xx.xx.xx.xx:xxx"), C.CString("hdfs:/home/ti/tde/config/config.ini")))
}

func run() {
	// 调用方的服务
	if initSign != C.int(0) {
		fmt.Println("tde sdk init failed! InitConfig return: ", initSign)
		return
	}
	// 离线升级任务
	// offlineUpgrade()
	for {
		time.Sleep(1 * time.Second)
		url := C.CString("download.adobe-air.com")
		data := C.GetUrlInfo(url, 0)
		resp := tde.GetUrlInfo_Response{}
		// data := C.GetDomainInfo(url, 0)
		// resp := tde.GetDomainInfo_Response{}
		lenBytes := C.GoBytes(data, C.int(4))
		dataLen := uint32(binary.LittleEndian.Uint32(lenBytes))
		allLen := dataLen + 4
		result := C.GoBytes(data, C.int(allLen))
		C.free(unsafe.Pointer(url))
		C.free(unsafe.Pointer(data))
		proto.Unmarshal(result[4:], &resp)
		fmt.Println("resp info size: ", len(resp.Info))
		for index, info := range resp.Info {
			fmt.Println("========info ", index+1, "========")
			meta := info.Meta
			security := info.Security
			fmt.Println("ioc域名：", meta.Value1)
			fmt.Println("ioc端口：", meta.Value2)
			fmt.Println("ioc uri：", meta.Value3)
			fmt.Println("action：", meta.Action)
			fmt.Println("恶意家族：", security.MaliciousFamily)
		}
	}
}

func offlineUpgrade() {
	// 离线升级
	offUp = C.int(C.DoOfflineUpgrade(C.CString("/var/lib/tde/data/offline/TI_virsec_compromise_0_2020.04.16.1157.dat")))
	fmt.Println("offlineUpgrade return: ", offUp)
}

func main() {
	run()
}