cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mod aaa-12 修改获取客户端、服务端IP地址和端口号代码 

RCA:
SOL:
修改人:chenling
检视人:
This commit is contained in:
ChenLing 2019-10-09 17:44:03 +08:00
parent daddffdb7e
commit 0cdecd1c7e
2 changed files with 328 additions and 279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
libs/src/lighttpd-1.4.51/src/mod_portal.c
View File

@ -65,7 +65,8 @@ typedef struct user_auth_ret
} USER_AUTH_RET;
#endif
typedef struct {
typedef struct
{
char username[USERNAME_SIZE + 1]; /*用户名*/
uint32_t userip; /*用户IP*/
time_t login_time; /*用户登录时间*/
@ -73,7 +74,8 @@ typedef struct {
} USERDATA;
/*输出函数结构体 */
typedef struct {
typedef struct
{
auth_ret resultcode;
char message[MESSAGE_SIZE + 1]; /*返回描述用指针表示数组 */
USERDATA data; /*返回的数据内容*/
@ -82,17 +84,16 @@ typedef struct {
/*函数指针*/
typedef void (*mod_portal_cfg_exec_sync)(char *username, char *password, USER_AUTH_RET *auth_result);
typedef struct {
typedef struct
{
PLUGIN_DATA;
void *cfgm_lib;
mod_portal_cfg_exec_sync portal_cfg_exec;
USER_AUTH_LIST *portal_auth_list;
} mod_portal_plugin_data;
char *mes[] = {"认证成功", "用户名或密码错误", "不在有效时间范围内", "只允许单个用户登录", "用户锁定", "缺少配置信息", "输入错误", "超过最大用户连接数", "其他错误", "连接数据库失败"};
/**
* the basic and digest auth framework
*
@ -130,7 +131,8 @@ INIT_FUNC(mod_portal_init) {
}
#endif
INIT_FUNC(mod_portal_init) {
INIT_FUNC(mod_portal_init)
{
mod_portal_plugin_data *p;
p = calloc(1, sizeof(*p));
@ -140,10 +142,12 @@ INIT_FUNC(mod_portal_init) {
}
/*认证模块释放*/
FREE_FUNC(mod_portal_free) {
FREE_FUNC(mod_portal_free)
{
mod_portal_plugin_data *p = p_d;
srv = srv;
if (!p) return HANDLER_GO_ON;
if (!p)
return HANDLER_GO_ON;
//dlclose(p->cfgm_lib);
free(p);
@ -151,9 +155,48 @@ FREE_FUNC(mod_portal_free) {
return HANDLER_GO_ON;
}
void get_local_peer_ip(connection *con, uint32_t *serverip, in_port_t *serverport, uint32_t *clientip, in_port_t *clinetport)
{
char *tmp;
struct in_addr ipv4_addr;
buffer *p = con->request.http_host;
char *str = strdup(p->ptr);
if (clinetport)
{
*clinetport = ntohs(con->dst_addr.ipv4.sin_port);
}
if (clientip)
{
*clientip = con->dst_addr.ipv4.sin_addr.s_addr;
}
tmp = strrchr(str, ':');
if (tmp)
{
if (serverport)
{
*serverport = strtoul(&tmp[1], NULL, 10);
}
tmp[0] = 0;
}
inet_pton(AF_INET, str, &ipv4_addr);
if (serverip)
{
*serverip = ipv4_addr.s_addr;
}
free(str);
}
/*通过fd获取对端和远端的IP地址*/
void get_local_peer_ip(int listenfd, uint32_t *serverip, uint32_t *clientip, in_port_t *serverport, in_port_t *clinetport)
void get_local_peer_ip2(int listenfd, uint32_t *serverip, uint32_t *clientip, in_port_t *serverport, in_port_t *clinetport)
{
struct sockaddr_in listendAddr, connectedAddr, peerAddr; //分别表示监听的地址,连接的本地地址,连接的对端地址
socklen_t peerLen;
@ -195,8 +238,7 @@ static handler_t ouput_function(server *srv, connection *con, int resultcode, ch
/*json对象转换为json字符串*/
result_str = cJSON_PrintUnformatted(res);
buffer *result_info = buffer_init();
result_info = buffer_init_string(result_str);
buffer *result_info = buffer_init_string(result_str);
chunkqueue_append_buffer(con->write_queue, result_info);
buffer_free(result_info);
con->http_status = 200;
@ -205,7 +247,6 @@ static handler_t ouput_function(server *srv, connection *con, int resultcode, ch
return HANDLER_FINISHED;
}
/*post 先判断用户是否认证过 ip是唯一的*/
/*用户认证过-返回resultcode=0 message data(username、user_ip、login_time)*/
/*用户未认证通过-返回resultcode=1 message data(null)*/
@ -215,10 +256,10 @@ static handler_t judge_user_auth(server *srv, connection *con, void* p_d)
USER_INFO *uinfo;
//cJSON *cjson;
//cJSON *uip;
uint32_t serverip = 0;
uint32_t clientip = 0;
in_port_t serverport = 0;
in_port_t clientport = 0;
uint32_t serverip = 0;
in_port_t serverport = 0;
char str[INET_ADDRSTRLEN];
char dtr[INET_ADDRSTRLEN];
@ -230,12 +271,15 @@ static handler_t judge_user_auth(server *srv, connection *con, void* p_d)
}
log_error_write(srv, __FILE__, __LINE__, "s","test");
get_local_peer_ip(con->fd, &serverip, &clientip, &serverport, &clientport);
get_local_peer_ip(con, &serverip, &serverport, &clientip, &clientport);
memset(dtr, 0, INET_ADDRSTRLEN);
inet_ntop(AF_INET, &clientip, dtr, sizeof(dtr));
log_error_write(srv, __FILE__, __LINE__, "ssd","test", dtr, clientport);
memset(str, 0, INET_ADDRSTRLEN);
inet_ntop(AF_INET, &serverip, str, sizeof(str));
log_error_write(srv, __FILE__, __LINE__, "ssd", "test", str, serverport);
/*通过用户IP判断用户是否认证通过*/
uinfo = ufind_user(clientip);
@ -299,8 +343,7 @@ static handler_t judge_user_auth(server *srv, connection *con, void* p_d)
/*json对象转换为json字符串*/
result_str = cJSON_Print(res);
buffer *result_info = buffer_init();
result_info = buffer_init_string(result_str);
buffer *result_info = buffer_init_string(result_str);
chunkqueue_append_buffer(con->write_queue, result_info);
buffer_free(result_info);
con->http_status = 200;
@ -312,7 +355,6 @@ static handler_t judge_user_auth(server *srv, connection *con, void* p_d)
return HANDLER_FINISHED;
}
/*判断用户名和密码是否正确*/
static handler_t judge_account_pwd(server *srv, connection *con, void *p_d)
{
@ -323,14 +365,14 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
char *account = NULL;
char *pwd = NULL;
RESULT *uresult;
uint32_t serverip = 0;
uint32_t clientip = 0;
in_port_t serverport = 0;
in_port_t clientport = 0;
uint32_t serverip = 0;
in_port_t serverport = 0;
char str[INET_ADDRSTRLEN];
char dtr[INET_ADDRSTRLEN];
get_local_peer_ip(con->fd, &serverip, &clientip, &serverport, &clientport);
get_local_peer_ip(con, &serverip, &serverport, &clientip, &clientport);
memset(dtr, 0, INET_ADDRSTRLEN);
inet_ntop(AF_INET, &clientip, dtr, sizeof(dtr));
@ -440,7 +482,8 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
log_error_write(srv, __FILE__, __LINE__, "sd", "test", MAX_ONLINE_NUM);
/*创建json对象*/
res = cJSON_CreateObject();
if(!res) return HANDLER_ERROR;
if (!res)
return HANDLER_ERROR;
cJSON_AddNumberToObject(res, "resultcode", 8);
cJSON_AddStringToObject(res, "message", "用户达到最大数量");
@ -448,8 +491,7 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
/*json对象转换为json字符串*/
result_str = cJSON_Print(res);
buffer *result_info = buffer_init();
result_info = buffer_init_string(result_str);
buffer *result_info = buffer_init_string(result_str);
chunkqueue_append_buffer(con->write_queue, result_info);
buffer_free(result_info);
con->http_status = 200;
@ -487,12 +529,13 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
cJSON_AddStringToObject(data, "user_ip", str);
cJSON_AddNumberToObject(data, "login_time", uresult->data.login_time);
uresult->resultcode = resultinfo->ret;; /*表示用户未认证成功*/
uresult->resultcode = resultinfo->ret; /*表示用户未认证成功*/
strncpy(uresult->message, mes[resultinfo->ret], 60);
/*创建json对象*/
res = cJSON_CreateObject();
if(!res) return HANDLER_ERROR;
if (!res)
return HANDLER_ERROR;
cJSON_AddNumberToObject(res, "resultcode", uresult->resultcode);
cJSON_AddStringToObject(res, "message", uresult->message);
@ -502,8 +545,7 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
/*json对象转换为json字符串*/
result_str = cJSON_Print(res);
buffer *result_info = buffer_init();
result_info = buffer_init_string(result_str);
buffer *result_info = buffer_init_string(result_str);
log_error_write(srv, __FILE__, __LINE__, "s", "test");
chunkqueue_append_buffer(con->write_queue, result_info);
buffer_free(result_info);
@ -514,7 +556,6 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
cJSON_Delete(res);
return HANDLER_FINISHED;
#if 0
/*1.跳转到认证成功界面*/
buffer *return_info = buffer_init();
@ -551,12 +592,13 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
uresult->data.remain_time = resultinfo->remain_lock_time;
cJSON_AddNumberToObject(data, "remain_lock_time", uresult->data.remain_time);
uresult->resultcode = resultinfo->ret;; /*表示用户未认证锁定*/
uresult->resultcode = resultinfo->ret; /*表示用户未认证锁定*/
strncpy(uresult->message, mes[resultinfo->ret], MESSAGE_SIZE);
/*创建json对象*/
res = cJSON_CreateObject();
if(!res) return HANDLER_ERROR;
if (!res)
return HANDLER_ERROR;
cJSON_AddNumberToObject(res, "resultcode", uresult->resultcode);
cJSON_AddStringToObject(res, "message", uresult->message);
@ -564,8 +606,7 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
/*json对象转换为json字符串*/
result_str = cJSON_Print(res);
buffer *result_info = buffer_init();
result_info = buffer_init_string(result_str);
buffer *result_info = buffer_init_string(result_str);
chunkqueue_append_buffer(con->write_queue, result_info);
buffer_free(result_info);
con->http_status = 200;
@ -573,7 +614,6 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
cJSON_Delete(cjson);
cJSON_Delete(res);
return HANDLER_FINISHED;
}
else /*认证失败*/
{
@ -588,9 +628,10 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
/*创建json对象*/
res = cJSON_CreateObject();
if(!res) return HANDLER_ERROR;
if (!res)
return HANDLER_ERROR;
uresult->resultcode = resultinfo->ret;; /*表示用户认证失败*/
uresult->resultcode = resultinfo->ret; /*表示用户认证失败*/
strncpy(uresult->message, mes[resultinfo->ret], MESSAGE_SIZE);
log_error_write(srv, __FILE__, __LINE__, "sd", "test", uresult->resultcode);
@ -601,8 +642,7 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
/*json对象转换为json字符串*/
result_str = cJSON_PrintUnformatted(res);
buffer *result_info = buffer_init();
result_info = buffer_init_string(result_str);
buffer *result_info = buffer_init_string(result_str);
chunkqueue_append_buffer(con->write_queue, result_info);
buffer_free(result_info);
@ -611,7 +651,6 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
cJSON_Delete(cjson);
cJSON_Delete(res);
return HANDLER_FINISHED;
}
cJSON_Delete(cjson);
@ -620,7 +659,6 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
return HANDLER_FINISHED;
}
/*认证模块处理函数*/
/*根据传输过来的url分情况执行*/
static handler_t mod_portal_uri_handler(server *srv, connection *con, void *p_d)
@ -638,11 +676,14 @@ static handler_t mod_portal_uri_handler(server *srv, connection *con, void* p_d)
log_error_write(srv, __FILE__, __LINE__, "s", "test");
if (con->state == CON_STATE_READ_POST) {
if (con->state == CON_STATE_READ_POST)
{
chunkqueue *cq = con->request_content_queue;
if (cq->bytes_in != (off_t)con->request.content_length) {
if (cq->bytes_in != (off_t)con->request.content_length)
{
handler_t r = connection_handle_read_post_state(srv, con);
if (r != HANDLER_GO_ON) return r;
if (r != HANDLER_GO_ON)
return r;
}
}
else if (0 == con->request.content_length)
@ -661,16 +702,15 @@ static handler_t mod_portal_uri_handler(server *srv, connection *con, void* p_d)
{
t = judge_account_pwd(srv, con, p_d);
log_error_write(srv, __FILE__, __LINE__, "s", "test");
}
log_error_write(srv, __FILE__, __LINE__, "s", "test");
//http_header_response_set(con, HTTP_HEADER_CONTENT_TYPE, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/xml; charset=\"utf-8\""));
con->http_status = 200;
con->file_finished = 1;
return t;
}
SETDEFAULTS_FUNC(mod_portal_set_defaults)
{
mod_portal_plugin_data *p = p_d;
@ -682,9 +722,9 @@ SETDEFAULTS_FUNC(mod_portal_set_defaults)
return HANDLER_GO_ON;
}
int mod_portal_plugin_init(plugin *p);
int mod_portal_plugin_init(plugin *p) {
int mod_portal_plugin_init(plugin *p)
{
p->version = LIGHTTPD_VERSION_ID;
p->name = buffer_init_string("portal");
p->init = mod_portal_init;

47
libs/src/lighttpd-1.4.51/src/mod_redirect.c
View File

@ -153,28 +153,37 @@ static int mod_redirect_patch_connection(server *srv, connection *con, plugin_da
}
/*通过fd获取对端和远端的IP地址*/
void get_local_peer_ip(int listenfd, uint32_t *serverip, uint32_t *clientip)
void get_local_peer_ip(connection *con, uint32_t *serverip, uint32_t *clientip)
{
struct sockaddr_in listendAddr, connectedAddr, peerAddr;//分别表示监听的地址,连接的本地地址,连接的对端地址
socklen_t peerLen;
char ipAddr[INET_ADDRSTRLEN];//保存点分十进制的地址
char *tmp;
struct in_addr ipv4_addr;
buffer *p = con->request.http_host;
char *str = strdup(p->ptr);
listen(listenfd, LISTENQ);
socklen_t listendAddrLen = sizeof(listendAddr);
getsockname(listenfd, (struct sockaddr *)&listendAddr, &listendAddrLen);//获取监听的地址和端口
printf("listen address = %s:%d\n", inet_ntoa(listendAddr.sin_addr), ntohs(listendAddr.sin_port));
socklen_t connectedAddrLen = sizeof(connectedAddr);
getsockname(listenfd, (struct sockaddr *)&connectedAddr, &connectedAddrLen);//获取connfd表示的连接上的本地地址(服务端的地址)
printf("connected server address = %s:%d\n", inet_ntoa(connectedAddr.sin_addr), ntohs(connectedAddr.sin_port));
*serverip = connectedAddr.sin_addr.s_addr;
getpeername(listenfd, (struct sockaddr *)&peerAddr, &peerLen); //获取connfd表示的连接上的对端地址(客户端的地址)
printf("connected peer address = %s:%d\n", inet_ntop(AF_INET, &peerAddr.sin_addr, ipAddr, sizeof(ipAddr)), ntohs(peerAddr.sin_port));
*clientip = peerAddr.sin_addr.s_addr;
return;
if (clientip)
{
*clientip = con->dst_addr.ipv4.sin_addr.s_addr;
}
tmp = strrchr(str, ':');
if (tmp)
{
tmp[0] = 0;
}
inet_pton(AF_INET, str, &ipv4_addr);
if (serverip)
{
*serverip = ipv4_addr.s_addr;
}
free(str);
}
URIHANDLER_FUNC(mod_redirect_uri_handler) {
plugin_data *p = p_d;
//struct burl_parts_t burl;
@ -184,7 +193,7 @@ URIHANDLER_FUNC(mod_redirect_uri_handler) {
uint32_t clientip = 0;
struct sockaddr_in ip_addr;
get_local_peer_ip(con->fd, &serverip, &clientip);
get_local_peer_ip(con, &serverip, &clientip);
mod_redirect_patch_connection(srv, con, p);
if (!p->conf.redirect->used) return HANDLER_GO_ON;