secgateway/Platform/user/configm/config-server/web_config/auth_parameters.c

#include "../include/parsefile.h"
#include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h"
#include "authfree.h"
#include <cjson/cJSON.h>
#include "s2j/s2j.h"
#include "commuapinl.h"
#include "auth_parameters.h"
#include "rpc.h"
#include "../Platform/common/database/database.h"
#include "include/user_authpara.h"
#include "config_manager.h"


/*定义结构体 存认证参数*/
auth_parameters_t *auth_para;

#ifdef AGINGTIME_ACK_COOKIES
#define CFG_AGINGTIME_ACK_COOKIES
#endif

/*全局变量初始化 失败为1 成功为0*/
int authparInit()
{
    auth_para = (auth_parameters_t *)malloc(sizeof(auth_parameters_t));
    if (NULL == auth_para)
    {
        return 1;
    }

    return 0;
}

/*下发用户老化时间配置到内核态 */ 
int set_agingtimecfg_waitack(int *agingtime)
{
    int agingtime_len = 0;
    struct nlmsghdr *ack = NULL;
    struct nlmsghdr **answer = &ack;
    
    struct{
        struct nlmsghdr n;
        char buf[1024];
    } req ={
        .n.nlmsg_len = NLMSG_LENGTH(0),
#ifdef CFG_AGINGTIME_ACK_COOKIES
        .n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACK：use kernel auto ack*/
#else
        .n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
#endif
        .n.nlmsg_type = AGINGTIME_CFG,  /*用户态发送给内核态的用户老化时间消息 */
        .n.nlmsg_pid = getpid(),
};

/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
if (agingtime == NULL)
{
    printf("set_agingtimecfg_waitack is error: input struct_agingtime is NULL.\r\n");
    return -1;
}else
{   
    printf("set_freeauthcfg_waitack :agingtime %d\n", *agingtime);
}
    
    /*计算需要发送的数据的长度 */
    agingtime_len = sizeof(int);
    printf("%d\n", agingtime_len);

    /*可选属性 */
    commnl_addattr_l(&req.n, sizeof(req), 1, agingtime, agingtime_len);
	
    /*发送组装好的netlink消息 */
    if(pdeliv_talk(1, &req.n, answer) < 0)
    {
        printf("set_user_agingtime_waitack rcv ack msg faild.\r\n");
        return -2;
    }
    else
    {
        printf("set_user_agingtime_waitack rcv ack msg success.\r\n");
    }
    
	if(*answer != NULL)
		{
		printf("set_user_agingtime_waitack rcv answer.\r\n");	
		}
	else{
		printf("set_user_agingtime_waitack rcv answer error.\r\n");
		return -3;
	}

#ifdef CFG_AGINGTIME_ACK_COOKIES
	/*recv answer*/
	if((*answer)->nlmsg_type == NLMSG_ERROR){
	nl_debugfs_extack(*answer);	
	}
#else
	/*recv answer*/
	if((*answer)->nlmsg_type == AGINGTIME_CFG)
	{
		nl_debugfs(*answer);
	}
#endif

return 0;
}

/*检查IP地址是否有效，端口号是否被占用 */
int _valid_port(int port)
{
    int ret;
    int fd;
    int i;
    volatile int local_errno;
    struct sockaddr_in addr;
    fd = socket(AF_INET,SOCK_STREAM,0); /*初始化*/

    if(fd ==-1)  /*检查是否正常初始化socket */
    {
        return -1;
    }

    addr.sin_family = AF_INET;   /*地址结构的协议簇 */
    addr.sin_port=htons(port);   /*地址结构的端口地址，网络字节序 */
      
    i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr)));
    printf("the value of i:%d\n", i);

    if( i < 0)
    {
        printf("port %d has been used. \n", port);
        close(fd);
        return -1;
    }

    close(fd);
    return 0;

    //if(port > 0 && port < 65535) printf("port %d is ok. \n", port);
}

/* iuput格式：{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff)
{
    char* pString = (char*)input;
    ret_code ret = RET_OK;
    cJSON *cjson, *type, *data;

    printf("json:[%s]\n", pString);
    /*JSON字符串到JSON格式 */
    cjson = cJSON_Parse(pString);
    if(!cjson)
    {
        ret = RET_INPUTERR;
        ASSERT_RET(ret);
        return ret;
    }
    
    /*获取操作类型 add、mod、del */
    type = cJSON_GetObjectItem(cjson, "type");
    if(!type)
    {
        ret = RET_INPUTERR;
        cJSON_Delete(cjson);
        return ret;
    }

    *conf_type = type->valueint;

    /*获取免认证规则的data部分 */
    data = cJSON_GetObjectItem(cjson, "data");
    if(!data)
    {
        ret = RET_INPUTERR;
        cJSON_Delete(cjson);
        return ret;
    }

    /*创建freeauth_configure_t结构体对象 */
    s2j_create_struct_obj(auth_parameters, auth_parameters_t);
    if(auth_parameters == NULL)
    {
        cJSON_Delete(cjson);
        return RET_NOMEM;
    }

    /*反序列化数据到freeauth_configure_t结构体对象 */
    s2j_struct_get_basic_element(auth_parameters, data, int, port);
    s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon);
    s2j_struct_get_basic_element(auth_parameters, data, int, failcount);
    s2j_struct_get_basic_element(auth_parameters, data, int, locktime);
    s2j_struct_get_basic_element(auth_parameters, data, int, aging_time);
   
    authpara_buff->port = auth_parameters->port;
    authpara_buff->timehorizon = auth_parameters->timehorizon;
    authpara_buff->failcount = auth_parameters->failcount;
    authpara_buff->locktime = auth_parameters->locktime;
    authpara_buff->aging_time = auth_parameters->aging_time;

    //s2j_delete_struct_obj(auth_parameters);
    cJSON_Delete(cjson);

    return RET_OK;
}


ret_code authpara_config_chk(uint source, uint *config_type,
                        pointer input, int *input_len,
                        pointer output, int *output_len)
{ 
    ret_code ret = RET_OK;
    return ret;
}

       
ret_code authpara_config_proc(uint source, uint config_type,
                        pointer input, int input_len,
                        pointer output, int *output_len)
{
    ret_code ret = RET_OK;
    auth_parameters_t auth_parameters = {0};
    int config_len = sizeof(auth_parameters_t);
    uint conf_type = AUTHPARA_CONFIG_MOD;
    int code = 0;
    cJSON *res;
    char * ret_char = NULL;
    unsigned int ret_int = 0;
    configure_result_t *configure_result;
    int r = -1;
    int portresult = 0;
    
    authpara_config_json_parse(input, &conf_type, &auth_parameters);
    
    if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
    {   
        ret = RET_INPUTERR;
        return ret;
    }
   
    portresult = _valid_port(auth_parameters.port);
    if(portresult = 1)
    {
        return RET_CHKERR;
    }


    /*数据库修改 存入全局变量*/
    configure_result = (configure_result_t *)malloc(sizeof(configure_result_t));
    if (NULL == configure_result)
    {
        return RET_NOMEM;
    }

    mod_authpara(auth_parameters.port, auth_parameters.timehorizon, auth_parameters.failcount,
                        auth_parameters.locktime, auth_parameters.aging_time, configure_result);

    /*共享内存 传送用户态和内核态之间的配置信息*/
    
    #if 0
    /*存数据库成功，则下发到内核态auth_hook*/
    if(0 == configure_result->resultcode )
    {
        /*用户态下发到内核态auth_hook */
        printf("cfgchannel main begin:\r\n");

        /*创建通道 */
        r = commcfgnl_open();
        if(r < 0)
        {
            printf(" pdlivnl_open fail, exit.\r\n");
            return RET_ERR;
        }

        /*下发配置到内核态 */
        r = set_agingtimecfg_waitack(&(auth_parameters.aging_time));
        if(r < 0)
        {
            printf("set_cfg_debug_waitack failed.\r\n");
            return RET_ERR;
        }

        /*关闭netlink通道 */    
        commcfgnl_close();
        printf("cfgchannel main exit!\r\n");
        }
    #endif

    /*创建json对象 */
    res = cJSON_CreateObject();
    if(!res)
    {   
        ret = RET_ERR;
        return ret;
    }

    /*将json对象转换成json字符串 返回处理结果*/
    cJSON_AddNumberToObject(res, "resultcode", configure_result->resultcode); 
    cJSON_AddStringToObject(res, "message", configure_result->message);
    ret_char = cJSON_PrintUnformatted(res);
    ret_int = strlen(ret_char);
    if(output_len)
    {
        *output_len = ret_int;
    }
    
    /*超出2k的内存，报错 */
    if(ret_int >= 1024 * 2)
    {
        free(ret_char);
        cJSON_Delete(res);
        return RET_NOMEM;
    }

    memcpy(output, ret_char, ret_int + 1);

    free(ret_char);
    cJSON_Delete(res);
    return RET_OK;  
}