cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mod aaa-12 增加配置管理-认证参数批量修改、删除的功能 

RCA:
SOL:
修改人:chenling
检视人:
This commit is contained in:
ChenLing 2019-08-19 16:18:47 +08:00
parent 43899b54f7
commit 07b225cbb9
5 changed files with 623 additions and 219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
Platform/user/configm/config-server/web_config/auth_parameters.c
View File

@ -10,11 +10,17 @@
#include "../Platform/common/database/database.h" #include "../Platform/common/database/database.h"
#include "include/user_authpara.h" #include "include/user_authpara.h"
#include "config_manager.h" #include "config_manager.h"
#include <stdbool.h>
#include "stdlib.h"
#include "redisMq.h"
/*定义结构体 存认证参数*/ /*定义结构体 存认证参数*/
auth_parameters_t *auth_para; auth_parameters_t *auth_para;
#define LOCAL_PORTALSERVER_PORT "local_portalserver_port"
#ifdef AGINGTIME_ACK_COOKIES #ifdef AGINGTIME_ACK_COOKIES
#define CFG_AGINGTIME_ACK_COOKIES #define CFG_AGINGTIME_ACK_COOKIES
#endif #endif
@ -136,7 +142,6 @@ int _valid_port(int port)
close(fd); close(fd);
return 0; return 0;
//if(port > 0 && port < 65535) printf("port %d is ok. \n", port);
} }
/* iuput格式{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ /* iuput格式{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
@ -204,6 +209,32 @@ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_paramet
} }
/* 发布配置的本地Portal server 的port*/
void local_portal_port(char *port)
{
printf("port of local portal server%s\n", port);
bool ret = redisPubInit();
if (!ret)
{
printf("Init failed.\n");
return;
}
ret = redisPubConnect();
if (!ret)
{
printf("connect failed.");
return;
}
redisPublish(LOCAL_PORTALSERVER_PORT, port);
redisPubDisconnect();
redisPubUninit();
return;
}
ret_code authpara_config_chk(uint source, uint *config_type, ret_code authpara_config_chk(uint source, uint *config_type,
pointer input, int *input_len, pointer input, int *input_len,
pointer output, int *output_len) pointer output, int *output_len)
@ -238,7 +269,8 @@ ret_code authpara_config_proc(uint source, uint config_type,
} }
portresult = _valid_port(auth_parameters.port); portresult = _valid_port(auth_parameters.port);
if(portresult = 1) printf("portresult:%d\n", portresult);
if(portresult == 1)
{ {
return RET_CHKERR; return RET_CHKERR;
} }
@ -285,6 +317,12 @@ ret_code authpara_config_proc(uint source, uint config_type,
} }
#endif #endif
/*Portal server的port通过redis消息队列接口发布给web server*/
char auth_port[20];
sprintf(auth_port, "%d ",auth_parameters.port);
printf("The number 'port' is %d and the string 'port' is %s. \n",auth_parameters.port, auth_port);
local_portal_port(auth_port);
/*创建json对象 */ /*创建json对象 */
res = cJSON_CreateObject(); res = cJSON_CreateObject();
if(!res) if(!res)
@ -317,5 +355,3 @@ ret_code authpara_config_proc(uint source, uint config_type,
cJSON_Delete(res); cJSON_Delete(res);
return RET_OK; return RET_OK;
} }

417
Platform/user/configm/config-server/web_config/authfree.c
View File

@ -1,3 +1,4 @@
#include <unistd.h>
#include "../include/parsefile.h" #include "../include/parsefile.h"
#include "../include/configm.h" #include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h" #include "../../../netlink_uapi/libnetlinku.h"
@ -133,7 +134,43 @@ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth)
return 0; return 0;
} }
/* 判断免认证规则格式 iuput格式{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/
/*获取json串类型*/
ret_code freeauth_config_json_type(pointer input, uint *conf_type)
{
char* pString = (char*)input;
ret_code ret = RET_OK;
cJSON *cjson, *type;
printf("json:[%s]\n", pString);
/*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input);
if(!cjson)
{
ret = RET_INPUTERR;
ASSERT_RET(ret);
return ret;
}
/*获取操作类型 add、mod、del */
type = cJSON_GetObjectItem(cjson, "type");
if(!type)
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
return ret;
}
*conf_type = type->valueint;
cJSON_Delete(cjson);
return RET_OK;
}
/*json字符串转为结构体*/
/*iuput格式{"type": 0, "data": {"rule_priority": 1, "name": "armink","sip": 1027824,"dip": 103427824,"dport": 24, "flag":0}}*/
ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff) ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff)
{ {
char *pString = (char *)input; char *pString = (char *)input;
@ -179,21 +216,262 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con
} }
/*反序列化数据到freeauth_configure_t结构体对象 */ /*反序列化数据到freeauth_configure_t结构体对象 */
s2j_struct_get_basic_element(struct_freeauth, data, int, rule_priority);
s2j_struct_get_basic_element(struct_freeauth, data, string, name); s2j_struct_get_basic_element(struct_freeauth, data, string, name);
s2j_struct_get_basic_element(struct_freeauth, data, int, sip); s2j_struct_get_basic_element(struct_freeauth, data, int, sip);
s2j_struct_get_basic_element(struct_freeauth, data, int, dip); s2j_struct_get_basic_element(struct_freeauth, data, int, dip);
s2j_struct_get_basic_element(struct_freeauth, data, int, dport); s2j_struct_get_basic_element(struct_freeauth, data, int, dport);
s2j_struct_get_basic_element(struct_freeauth, data, int, flag);
freeauth_buff->rule_priority = struct_freeauth->rule_priority;
memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char) * 32); memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char) * 32);
freeauth_buff->sip = struct_freeauth->sip; freeauth_buff->sip = struct_freeauth->sip;
freeauth_buff->dip = struct_freeauth->dip; freeauth_buff->dip = struct_freeauth->dip;
freeauth_buff->dport = struct_freeauth->dport; freeauth_buff->dport = struct_freeauth->dport;
freeauth_buff->flag = struct_freeauth->flag;
cJSON_Delete(cjson); cJSON_Delete(cjson);
return RET_OK; return RET_OK;
} }
/*iuput格式
{
"type": 0,
"data": [
{"rule_priority": 1,"name": "cary","sip": 2323790,"dip": 13546465478,"dport": 120, "flag":0},
{"rule_priority": 2,"name": "nicole","sip": 2323790,"dip": 13546465478,"dport": 130, "flag":0},
{"rule_priority": 3,"name": "arwrgmink","sip": 2323790,"dip": 13546465478,"dport": 90, "flag":0}
]
}
*/
ret_code authpara_config_json_parse_array(pointer input, uint *conf_type, freeauth_configure_t **fb, int *cnt)
{
ret_code ret = RET_OK;
cJSON *cjson, *type, *data, *rule_priority, *name, *sip, *dip, *dport, *flag;
cJSON* pArrayItem;
freeauth_configure_t* pbuf, *freeauth_buff = *fb;
int iCount = 0, i = 0;
/*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input);
if(!cjson)
{
ret = RET_INPUTERR;
ASSERT_RET(ret);
return ret;
}
rpc_log_info("json input:%s \n", cJSON_Print(cjson));
/*获取免认证规则的data部分 */
data = cJSON_GetObjectItem(cjson, "data");
if(!data)
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
return ret;
}
/*获取数组长度*/
iCount = cJSON_GetArraySize(data);
printf("iCount=[%d]\n",iCount);
freeauth_buff = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t) * iCount);
if(!freeauth_buff) {
ret = RET_NOMEM;
cJSON_Delete(cjson);
return ret;
}
memset(freeauth_buff, 0, sizeof(freeauth_configure_t) * iCount);
*fb = freeauth_buff;
/*创建freeauth_configure_t结构体对象 */
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
if (struct_freeauth == NULL)
{
cJSON_Delete(cjson);
return RET_NOMEM;
}
pbuf = freeauth_buff;
*cnt = 0;
for(i = 0; i < iCount; i++)
{
pArrayItem = cJSON_GetArrayItem(data, i);
if(pArrayItem)
{
/*获取未认证权限优先级键值对*/
rule_priority = cJSON_GetObjectItem(pArrayItem, "rule_priority");
if(!rule_priority)
{
ret = RET_INPUTERR;
cJSON_Delete(data);
return ret;
}
freeauth_buff->rule_priority = rule_priority->valueint;
/*未认证权限名称*/
name = cJSON_GetObjectItem(pArrayItem, "name");
if(!name)
{
ret = RET_INPUTERR;
cJSON_Delete(data);
return ret;
}
char *rule_name = name->valuestring;
memcpy(freeauth_buff->name, rule_name, sizeof(char) * 32);
/*源IP地址*/
sip = cJSON_GetObjectItem(pArrayItem, "sip");
if(!sip)
{
ret = RET_INPUTERR;
cJSON_Delete(data);
return ret;
}
freeauth_buff->sip = sip->valueint;
/*目的IP地址*/
dip = cJSON_GetObjectItem(pArrayItem, "dip");
if(!sip)
{
ret = RET_INPUTERR;
cJSON_Delete(data);
return ret;
}
freeauth_buff->dip = dip->valueint;
/*目的端口号*/
dport = cJSON_GetObjectItem(pArrayItem, "dport");
if(!dport)
{
ret = RET_INPUTERR;
cJSON_Delete(data);
return ret;
}
freeauth_buff->dport = dport->valueint;
/*状态标志位*/
flag = cJSON_GetObjectItem(pArrayItem, "flag");
if(!flag)
{
ret = RET_INPUTERR;
cJSON_Delete(data);
return ret;
}
freeauth_buff->flag = flag->valueint;
printf("freeauth_buff->name = %p\n", &freeauth_buff->name);
for (int j = 0; j < iCount; j++)
{
printf("[%d %s %d %d %d %d]\n",pbuf[j].rule_priority, pbuf[j].name, pbuf[j].sip,
pbuf[j].dip, pbuf[j].dport, pbuf[j].flag);
}
freeauth_buff++;
(*cnt)++;
}
}
//s2j_delete_struct_obj(auth_parameters);
cJSON_Delete(cjson);
return RET_OK;
}
ret_code authpara_config_json_parse_del_array(pointer input, uint *conf_type, freeauth_configure_t **fb, int *cnt)
{
ret_code ret = RET_OK;
cJSON *cjson, *type, *data, *name;
cJSON* pArrayItem;
freeauth_configure_t* pbuf, *freeauth_buff = *fb;
int iCount = 0, i = 0;
/*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input);
if(!cjson)
{
ret = RET_INPUTERR;
ASSERT_RET(ret);
return ret;
}
rpc_log_info("json input:%s \n", cJSON_Print(cjson));
/*获取免认证规则的data部分 */
data = cJSON_GetObjectItem(cjson, "data");
if(!data)
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
return ret;
}
/*获取数组长度*/
iCount = cJSON_GetArraySize(data);
printf("iCount=[%d]\n",iCount);
freeauth_buff = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t) * iCount);
if(!freeauth_buff) {
ret = RET_INPUTERR;
cJSON_Delete(cjson);
return ret;
}
memset(freeauth_buff, 0, sizeof(freeauth_configure_t) * iCount);
*fb = freeauth_buff;
/*创建freeauth_configure_t结构体对象 */
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
if (struct_freeauth == NULL)
{
cJSON_Delete(cjson);
return RET_NOMEM;
}
pbuf = freeauth_buff;
*cnt = 0;
for(i = 0; i < iCount; i++)
{
pArrayItem = cJSON_GetArrayItem(data, i);
if(pArrayItem)
{
name = cJSON_GetObjectItem(pArrayItem, "name");
if(!name)
{
ret = RET_INPUTERR;
cJSON_Delete(data);
return ret;
}
char *rule_name = name->valuestring;
memcpy(freeauth_buff->name, rule_name, sizeof(char) * 32);
printf("freeauth_buff->name = %p name = %s\n", &freeauth_buff->name, freeauth_buff->name);
printf("\n");
for (int j = 0; j < iCount; j++)
{
printf("[%s] %d\n",pbuf[j].name, j);
}
freeauth_buff++;
(*cnt)++;
}
}
//s2j_delete_struct_obj(auth_parameters);
cJSON_Delete(cjson);
return RET_OK;
}
/*chk data格式 */ /*chk data格式 */
ret_code freeauth_config_chk(uint source, uint *config_type, ret_code freeauth_config_chk(uint source, uint *config_type,
pointer input, int *input_len, pointer input, int *input_len,
@ -209,7 +487,7 @@ ret_code freeauth_config_add_proc(uint source, uint config_type,
{ {
ret_code ret = RET_OK; ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure; freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input; uint conf_type = FREEAUTH_CONFIG_GET;
char str[32] = {0}; char str[32] = {0};
char dtr[32] = {0}; char dtr[32] = {0};
cJSON *res; cJSON *res;
@ -218,6 +496,14 @@ ret_code freeauth_config_add_proc(uint source, uint config_type,
authfree_result_t *authfree_result; authfree_result_t *authfree_result;
int i; int i;
freeauth_configure = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t));
if(freeauth_configure == NULL)
{
return RET_NAMEINVAL;
}
freeauth_config_json_parse(input, &conf_type, freeauth_configure);
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
@ -286,8 +572,8 @@ ret_code freeauth_config_add_proc(uint source, uint config_type,
return RET_NOMEM; return RET_NOMEM;
} }
add_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, add_authfree(freeauth_configure->rule_priority, freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport, authfree_result); freeauth_configure->dport, freeauth_configure->flag, authfree_result);
#if 0 #if 0
/*用户态下发到内核态auth_hook */ /*用户态下发到内核态auth_hook */
@ -353,28 +639,59 @@ ret_code freeauth_config_mod_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
freeauth_configure_t *freeauth_configure; freeauth_configure_t* freeauth_configure = NULL;
freeauth_configure = (freeauth_configure_t *)input;
ret_code ret = RET_OK; ret_code ret = RET_OK;
uint conf_type = FREEAUTH_CONFIG_GET;
cJSON *res; cJSON *res;
char *ret_char = NULL; char *ret_char = NULL;
unsigned int ret_int = 0; unsigned int ret_int = 0;
int i; int i;
int cnt;
authfree_result_t *authfree_result; authfree_result_t *authfree_result;
#if 0
freeauth_configure = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t));
if(freeauth_configure == NULL)
{
return RET_NAMEINVAL;
}
#endif
authpara_config_json_parse_array(input, &conf_type, &freeauth_configure, &cnt);
if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
return ret; return ret;
} }
/**/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%d %s %d %d %d %d %d\n",freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip,
freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i);
}
for (int j = 0; j < cnt; j++)
{
printf("%d %s %d %d %d %d %d\n",freeauth_configure[j].rule_priority, freeauth_configure[j].name, freeauth_configure[j].sip,
freeauth_configure[j].dip, freeauth_configure[j].dport, freeauth_configure[j].flag, j);
}
/*查找要修改的免认证规则名字,不存在则退出程序 */ /*查找要修改的免认证规则名字,不存在则退出程序 */
for (i = 0; i < RULE_MAX_NUM; i++) for (i = 0; i < RULE_MAX_NUM; i++)
{ {
/*两个字符串相等 strcmp值为0*/ /*两个字符串相等 strcmp值为0*/
if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) for(int j = 0; j < cnt; j++)
{ {
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
if (0 == strcmp(freeauth_array[i].name, freeauth_configure[j].name))
{
printf("%s %d\n", freeauth_array[i].name, i);
printf("%s %d\n", freeauth_configure[j].name, j);
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[j]);
/*数据库修改 存入全局变量*/ /*数据库修改 存入全局变量*/
authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
if (NULL == authfree_result) if (NULL == authfree_result)
@ -382,8 +699,8 @@ ret_code freeauth_config_mod_proc(uint source, uint config_type,
return RET_NOMEM; return RET_NOMEM;
} }
mod_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, mod_authfree(freeauth_configure[j].rule_priority,freeauth_configure[j].name, freeauth_configure[j].sip, freeauth_configure[j].dip,
freeauth_configure->dport, authfree_result); freeauth_configure[j].dport, freeauth_configure[j].flag, authfree_result);
#if 0 #if 0
/*用户态下发到内核态auth_hook */ /*用户态下发到内核态auth_hook */
@ -441,49 +758,83 @@ ret_code freeauth_config_mod_proc(uint source, uint config_type,
free(ret_char); free(ret_char);
cJSON_Delete(res); cJSON_Delete(res);
return RET_OK; }
}
} }
if(freeauth_configure) {
free(freeauth_configure);
} }
return RET_OK;
} }
ret_code freeauth_config_del_proc(uint source, uint config_type, ret_code freeauth_config_del_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
freeauth_configure_t* freeauth_configure = NULL;
ret_code ret = RET_OK; ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure; uint conf_type = FREEAUTH_CONFIG_GET;
freeauth_configure = (freeauth_configure_t *)input;
cJSON *res; cJSON *res;
char *ret_char = NULL; char *ret_char = NULL;
unsigned int ret_int = 0; unsigned int ret_int = 0;
int i; int i;
int cnt;
authfree_result_t *authfree_result; authfree_result_t *authfree_result;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) #if 0
freeauth_configure = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t));
if(freeauth_configure == NULL)
{
return RET_NAMEINVAL;
}
#endif
authpara_config_json_parse_del_array(input, &conf_type, &freeauth_configure, &cnt);
if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
return ret; return ret;
} }
/*查找要删除的免认证规则名字,不存在则退出程序 */ for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%d %s %d %d %d %d %d\n",freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip,
freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i);
}
for (int j = 0; j < cnt; j++)
{
printf("%d %s %d %d %d %d %d\n",freeauth_configure[j].rule_priority, freeauth_configure[j].name, freeauth_configure[j].sip,
freeauth_configure[j].dip, freeauth_configure[j].dport, freeauth_configure[j].flag, j);
}
/*查找要修改的免认证规则名字,不存在则退出程序 */
for (i = 0; i < RULE_MAX_NUM; i++) for (i = 0; i < RULE_MAX_NUM; i++)
{ {
/*两个字符串相等 strcmp值为0*/ /*两个字符串相等 strcmp值为0*/
if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) for(int j = 0; j < cnt; j++)
{ {
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
if (0 == strcmp(freeauth_array[i].name, freeauth_configure[j].name))
{
printf("%s %d\n", freeauth_array[i].name, i);
printf("%s %d\n", freeauth_configure[j].name, j);
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[j]);
/*数据库修改 存入全局变量*/ /*数据库修改 存入全局变量*/
authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
if (NULL == authfree_result) if (NULL == authfree_result)
{ {
return RET_NOMEM; return RET_NOMEM;
} }
del_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport, authfree_result); del_authfree(freeauth_configure[j].name, authfree_result);
#if 0 #if 0
/*用户态下发到内核态auth_hook */ /*用户态下发到内核态auth_hook */
@ -515,7 +866,6 @@ ret_code freeauth_config_del_proc(uint source, uint config_type,
res = cJSON_CreateObject(); res = cJSON_CreateObject();
if (!res) if (!res)
{ {
free(freeauth_configure);
ret = RET_ERR; ret = RET_ERR;
return ret; return ret;
} }
@ -542,11 +892,19 @@ ret_code freeauth_config_del_proc(uint source, uint config_type,
free(ret_char); free(ret_char);
cJSON_Delete(res); cJSON_Delete(res);
}
}
}
if(freeauth_configure) {
free(freeauth_configure);
}
return RET_OK; return RET_OK;
}
}
} }
ret_code freeauth_config_proc(uint source, uint config_type, ret_code freeauth_config_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
@ -561,28 +919,24 @@ ret_code freeauth_config_proc(uint source, uint config_type,
cJSON *res; cJSON *res;
int code = 0; int code = 0;
freeauth_config_json_parse(input, &conf_type, &freeauth_configure); freeauth_config_json_type(input, &conf_type);
rpc_log_info("config type is %d\n", conf_type);
rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n",
conf_type, freeauth_configure.name,
freeauth_configure.sip, freeauth_configure.dip,
freeauth_configure.dport);
switch (conf_type) switch (conf_type)
{ {
case FREEAUTH_CONFIG_ADD: case FREEAUTH_CONFIG_ADD:
ret = freeauth_config_add_proc(source, conf_type, ret = freeauth_config_add_proc(source, conf_type,
&freeauth_configure, input_len, input, input_len,
output, output_len); output, output_len);
break; break;
case FREEAUTH_CONFIG_MOD: case FREEAUTH_CONFIG_MOD:
ret = freeauth_config_mod_proc(source, conf_type, ret = freeauth_config_mod_proc(source, conf_type,
&freeauth_configure, input_len, input, input_len,
output, output_len); output, output_len);
break; break;
case FREEAUTH_CONFIG_DEL: case FREEAUTH_CONFIG_DEL:
ret = freeauth_config_del_proc(source, conf_type, ret = freeauth_config_del_proc(source, conf_type,
&freeauth_configure, input_len, input, input_len,
output, output_len); output, output_len);
break; break;
default: default:
@ -593,3 +947,4 @@ ret_code freeauth_config_proc(uint source, uint config_type,
} }

55
Platform/user/configm/config-server/web_config/authfree.h
View File

@ -25,10 +25,13 @@
/*配置消息 */ /*配置消息 */
typedef struct { typedef struct {
uint32_t sip; int rule_priority; /*未认证权限优先级*/
uint32_t dip; char name[32]; /*未认证权限名称*/
int dport; uint32_t sip; /*未认证权限源IP地址*/
char name[32]; uint32_t dip; /*未认证权限目的IP地址*/
int dport; /*未认证权限目的端口号*/
int flag; /*状态标志位0表示状态启动1表示状态禁用*/
}freeauth_configure_t; }freeauth_configure_t;
typedef struct { typedef struct {
@ -37,10 +40,6 @@ typedef struct {
}authfree_result_t; }authfree_result_t;
/*全局变量初始化 失败为1 成功为0*/
int authfreeInit(freeauth_configure_t **localuser);
/* 判断IPv4格式是否正确*/ /* 判断IPv4格式是否正确*/
int isIpV4Addr(const char *ipAddr); int isIpV4Addr(const char *ipAddr);
@ -48,45 +47,51 @@ int isIpV4Addr(const char *ipAddr);
/*下发配置到内核态 */ /*下发配置到内核态 */
int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth); int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth);
/*获取json串类型*/
ret_code freeauth_config_json_type(pointer input, uint *conf_type);
/*检查增加的参数格式是否正确 */ /*json字符串转为结构体*/
ret_code freeauth_config_add_chk(uint source,uint config_type, /*iuput格式{"type": 0, "data": {"rule_priority": 1, "name": "armink","sip": 1027824,"dip": 103427824,"dport": 24, "flag":0}}*/
pointer input, int input_len, ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff);
pointer output, int *output_len);
/*删除的时候以免认证规则名作为参数,检查免认证规则名是否存在 */
ret_code freeauth_config_del_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
/*修改 查询要修改的内容是否存在 */ /*iuput格式
ret_code freeauth_config_mod_chk(uint source,uint config_type, {
pointer input, int input_len, "type": 0,
pointer output, int *output_len); "data": [
{"rule_priority": 1,"name": "cary","sip": 2323790,"dip": 13546465478,"dport": 120, "flag":0},
{"rule_priority": 2,"name": "nicole","sip": 2323790,"dip": 13546465478,"dport": 130, "flag":0},
{"rule_priority": 3,"name": "arwrgmink","sip": 2323790,"dip": 13546465478,"dport": 90, "flag":0}
]
}
*/
ret_code authpara_config_json_parse_array(pointer input, uint *conf_type, freeauth_configure_t **fb, int *cnt);
ret_code authpara_config_json_parse_del_array(pointer input, uint *conf_type, freeauth_configure_t **fb, int *cnt);
/*chk data格式 */ /*chk data格式 */
ret_code freeauth_config_chk(uint source,uint *config_type, ret_code freeauth_config_chk(uint source, uint *config_type,
pointer input, int *input_len, pointer input, int *input_len,
pointer output, int *output_len); pointer output, int *output_len);
/*增加未认证权限规则 */
ret_code freeauth_config_add_proc(uint source, uint config_type, ret_code freeauth_config_add_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len); pointer output, int *output_len);
/*修改未认证权限规则 */
ret_code freeauth_config_mod_proc(uint source, uint config_type, ret_code freeauth_config_mod_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len); pointer output, int *output_len);
/*删除未认证权限规则 */
ret_code freeauth_config_del_proc(uint source, uint config_type, ret_code freeauth_config_del_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len); pointer output, int *output_len);
ret_code freeauth_config_proc(uint source, uint config_type, ret_code freeauth_config_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len); pointer output, int *output_len);
#endif #endif

74
Platform/user/configm/config-server/web_config/config-adm/user_authfree.c
View File

@ -23,7 +23,7 @@ char * authfreemes[] = {"addrule success", "addrule fail", "rule existed", "modr
"modrule failure", "rule not found", "delrule success", "delrule fail", "rulenum exceed maxnum"}; "modrule failure", "rule not found", "delrule success", "delrule fail", "rulenum exceed maxnum"};
/*增加未认证权限规则*/ /*增加未认证权限规则*/
void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result) void add_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int dport, int flag, authfree_result_t *authfree_result)
{ {
void * authfree_hdbc; void * authfree_hdbc;
char * ret_sql = NULL; char * ret_sql = NULL;
@ -50,12 +50,12 @@ void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
/*长整型bigint 浮点型double 字符串character(10)*/ /*长整型bigint 浮点型double 字符串character(10)*/
printf("authfree_hdbc = %p\n", authfree_hdbc); printf("authfree_hdbc = %p\n", authfree_hdbc);
ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)"); ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(rule_priority bigint, name character(32), sip bigint, dip bigint, dport bigint, flag bigint)");
printf("%d \n",ret); printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/ /*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?"; char * select_sql = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree` WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name); DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL != ret_sql) if(NULL != ret_sql)
@ -69,12 +69,14 @@ void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
else else
{ {
/* 根据指定信息查询数据库的获取的结果的条目数 条目数大于10 则不能再添加 */ /* 根据指定信息查询数据库的获取的结果的条目数 条目数大于10 则不能再添加 */
char * select_num = "SELECT name, sip, dip, dport FROM `authfree`"; char * select_num = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree`";
ret = get_select_datebase_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_num , &num_sql, 4, ret = get_select_datebase_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_num , &num_sql, 6,
DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority,
DB_DATA_STRING_TYPE, strlen(name)+1, name, DB_DATA_STRING_TYPE, strlen(name)+1, name,
DB_DATA_INT_TYPE, sizeof(sip), sip, DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip, DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport); DB_DATA_INT_TYPE, sizeof(dport), dport,
DB_DATA_INT_TYPE, sizeof(flag), flag);
printf("num_sql = %d \n", num_sql); printf("num_sql = %d \n", num_sql);
printf("ret = %d \n", ret); printf("ret = %d \n", ret);
if (num_sql > RULE_MAX_NUM) if (num_sql > RULE_MAX_NUM)
@ -87,12 +89,14 @@ void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
} }
/* 向authfree表中添加未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */ /* 向authfree表中添加未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */
char *addfree_sql = "INSERT INTO `authfree` SET name = ?, sip = ?, dip = ?, dport = ?"; char *addfree_sql = "INSERT INTO `authfree` SET rule_priority = ?, name = ?, sip = ?, dip = ?, dport = ?, flag = ?";
ret_add = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_INSERT, AUTHFREE_TABLE, addfree_sql, 4, ret_add = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_INSERT, AUTHFREE_TABLE, addfree_sql, 6,
DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority,
DB_DATA_STRING_TYPE, strlen(name)+1, name, DB_DATA_STRING_TYPE, strlen(name)+1, name,
DB_DATA_INT_TYPE, sizeof(sip), sip, DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip, DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport); DB_DATA_INT_TYPE, sizeof(dport), dport,
DB_DATA_INT_TYPE, sizeof(flag), flag);
printf("the value of ret:%d\n", ret_add); printf("the value of ret:%d\n", ret_add);
if(0 != ret_add) if(0 != ret_add)
{ {
@ -116,23 +120,18 @@ void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
if (0 == strlen(freeauth_array[i].name)) if (0 == strlen(freeauth_array[i].name))
{ {
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
freeauth_array[i].rule_priority = rule_priority;
memcpy(freeauth_array[i].name, name, sizeof(char)*32); memcpy(freeauth_array[i].name, name, sizeof(char)*32);
freeauth_array[i].sip = sip; freeauth_array[i].sip = sip;
freeauth_array[i].dip = dip; freeauth_array[i].dip = dip;
freeauth_array[i].dport = dport; freeauth_array[i].dport = dport;
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); freeauth_array[i].flag = flag;
printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip,
freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i);
break; break;
} }
} }
#if 0
/*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
}
#endif
/*添加成功*/ /*添加成功*/
authfree_result->resultcode = 0; authfree_result->resultcode = 0;
authfree_result->message = authfreemes[authfree_result->resultcode]; authfree_result->message = authfreemes[authfree_result->resultcode];
@ -140,7 +139,7 @@ void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
/*修改未认证权限*/ /*修改未认证权限*/
void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result) void mod_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int dport, int flag, authfree_result_t *authfree_result)
{ {
void * authfree_hdbc; void * authfree_hdbc;
char * ret_sql = NULL; char * ret_sql = NULL;
@ -184,11 +183,13 @@ void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
else else
{ {
/*修改authfree表中内部源IP地址、目的IP地址、目的端口号 未认证权限名称不能修改 */ /*修改authfree表中内部源IP地址、目的IP地址、目的端口号 未认证权限名称不能修改 */
char *modfree_sql = "UPDATE `authfree` SET sip = ?, dip = ?, dport = ? WHERE name = ?"; char *modfree_sql = "UPDATE `authfree` SET rule_priority = ?, sip = ?, dip = ?, dport = ? ,flag = ? WHERE name = ?";
ret_mod = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_UPDATE, AUTHFREE_TABLE, modfree_sql, 4, ret_mod = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_UPDATE, AUTHFREE_TABLE, modfree_sql, 6,
DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority,
DB_DATA_INT_TYPE, sizeof(sip), sip, DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip, DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport, DB_DATA_INT_TYPE, sizeof(dport), dport,
DB_DATA_INT_TYPE, sizeof(flag), flag,
DB_DATA_STRING_TYPE, strlen(name)+1, name); DB_DATA_STRING_TYPE, strlen(name)+1, name);
printf("the value of ret:%d\n", ret_mod); printf("the value of ret:%d\n", ret_mod);
if(0 != ret_mod) if(0 != ret_mod)
@ -210,10 +211,13 @@ void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
if (0 == strcmp(freeauth_array[i].name, name)) if (0 == strcmp(freeauth_array[i].name, name))
{ {
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
freeauth_array[i].rule_priority = rule_priority;
freeauth_array[i].sip = sip; freeauth_array[i].sip = sip;
freeauth_array[i].dip = dip; freeauth_array[i].dip = dip;
freeauth_array[i].dport = dport; freeauth_array[i].dport = dport;
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); freeauth_array[i].flag = flag;
printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip,
freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i);
break; break;
} }
} }
@ -234,7 +238,7 @@ void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
/*删除未认证权限*/ /*删除未认证权限*/
void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result) void del_authfree(char *name, authfree_result_t *authfree_result)
{ {
void * authfree_hdbc; void * authfree_hdbc;
char * ret_sql = NULL; char * ret_sql = NULL;
@ -264,7 +268,7 @@ void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
printf("%d \n",ret); printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/ /*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?"; char * select_sql = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree`WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name); DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL == ret_sql) if(NULL == ret_sql)
@ -292,19 +296,22 @@ void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
/*删除对应未认证权限数数组*/ /*修改对应未认证权限数数组*/
for (i = 0; i < RULE_MAX_NUM; i++) for (i = 0; i < RULE_MAX_NUM; i++)
{ {
/*两个字符串相等 strcmp值为0*/ /*两个字符串相等 strcmp值为0*/
printf("%s(%d) freeauth_array[i] = %p\n", __FUNCTION__, __LINE__, &freeauth_array[i]);
if (0 == strcmp(freeauth_array[i].name, name)) if (0 == strcmp(freeauth_array[i].name, name))
{ {
printf("index:%d\n", i); printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
int delectIndex = i; freeauth_array[i].rule_priority = 0;
for(i = delectIndex; i <= RULE_MAX_NUM; i++) memcpy(freeauth_array[i].name, "0" , sizeof(char)*32);
{ freeauth_array[i].sip = 0;
freeauth_array[i] = freeauth_array[i+1]; freeauth_array[i].dip = 0;
} freeauth_array[i].dport = 0;
freeauth_array[i].flag = 0;
printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip,
freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i);
break;
} }
} }
@ -312,7 +319,8 @@ void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_re
/*打印数组内全部元素*/ /*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++) for (i = 0; i < RULE_MAX_NUM; i++)
{ {
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip,
freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i);
} }
#endif #endif

6
Platform/user/configm/config-server/web_config/include/user_authfree.h
View File

@ -11,12 +11,12 @@
#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败 #define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败
/*增加未认证权限规则*/ /*增加未认证权限规则*/
void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result); void add_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int dport, int flag, authfree_result_t *authfree_result);
/*修改未认证权限*/ /*修改未认证权限*/
void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result); void mod_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int dport, int flag, authfree_result_t *authfree_result);
/*删除未认证权限*/ /*删除未认证权限*/
void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result); void del_authfree(char *name, authfree_result_t *authfree_result);
#endif #endif