Merge branch 'master' of http://git.komect.net/ISG/secogateway
This commit is contained in:
dongxiancun
commit
15fc6d20bf
|
|
@ -1,79 +0,0 @@
|
|||
|
||||
# target name, the target name must have the same name of c source file
|
||||
TARGET_NAME=userlock
|
||||
|
||||
# target
|
||||
# for linux module driver: KO
|
||||
# for application: EXE
|
||||
# for dynamic library: DLL
|
||||
TARGET_TYPE = EXE
|
||||
|
||||
# target object
|
||||
# for application: APP
|
||||
# for device driver: DRV
|
||||
TARGET_OBJ = APP
|
||||
|
||||
# custom install dir
|
||||
TARGET_BOX =
|
||||
|
||||
#debug mode or release mode
|
||||
DEBUG = TRUE
|
||||
|
||||
PLAT_LINUX ?= TRUE
|
||||
PLAT_ARM64 ?= FALSE
|
||||
|
||||
VPATH = ../user/configm/config-server/userlock_config/
|
||||
|
||||
# source code
|
||||
|
||||
# set the source file, don't used .o because of ...
|
||||
|
||||
COMMON_SRCS = userlock.c
|
||||
|
||||
# MRS Board Source Files
|
||||
PLAT_LINUX_SRCS = $(COMMON_SRCS)
|
||||
PLAT_ARM64_SRCS = $(COMMON_SRCS)
|
||||
|
||||
# gcc CFLAGS
|
||||
PLAT_ARM64_CFLAGS := -I../user/configm/config-server/include -I../../Common -I../common/configm -I../common/rpc -I../common/rpc/hashtable
|
||||
PLAT_ARM64_CFLAGS += -I../include/
|
||||
PLAT_LINUX_CFLAGS := $(PLAT_ARM64_CFLAGS)
|
||||
|
||||
|
||||
PLAT_ARM64_LDFLAGS :=
|
||||
PLAT_LINUX_LDFLAGS :=
|
||||
|
||||
#gcc libs
|
||||
ARM64_LIBS := -lcjson ../thirdparty/arm64/libev-arm64.so ./libopenrpc-arm64.so ./libnetlinku-arm64.so -lpthread -lm
|
||||
LINUX_LIBS := -lcjson ../thirdparty/x86_64/libev-linux.so ./libopenrpc-linux.so ./libnetlinku-linux.so -lpthread -lm
|
||||
|
||||
ifeq ($(PLAT_ARM64), TRUE)
|
||||
DEPEND_LIB += ../thirdparty/arm64/libev-arm64.so ./debug/libopenrpc-arm64.so
|
||||
USER_CLEAN_ITEMS += ./libopenrpc-arm64.so
|
||||
endif
|
||||
|
||||
ifeq ($(PLAT_LINUX), TRUE)
|
||||
DEPEND_LIB += ../thirdparty/x86_64/libev-linux.so ./debug/libopenrpc-linux.so
|
||||
USER_CLEAN_ITEMS += ./libopenrpc-linux.so
|
||||
endif
|
||||
|
||||
|
||||
# this line must be at below of thus, because of...
|
||||
include ../../Common/common.Makefile
|
||||
|
||||
ifneq ($(MAKECMDGOALS), clean)
|
||||
ifneq ($(MAKECMDGOALS), cleanall)
|
||||
ifneq ($(notdir $(DEPEND_LIB)), $(wildcard $(DEPEND_LIB)))
|
||||
$(shell $(CP) $(DEPEND_LIB) ./)
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
||||
ifeq ($(MAKECMDGOALS), )
|
||||
$(shell find ./ -name "$(TARGET)-*.ko" -delete)
|
||||
else
|
||||
ifeq ($(MAKECMDGOALS), all)
|
||||
$(shell find ./ -name "$(TARGET)-*.ko" -delete)
|
||||
endif
|
||||
endif
|
||||
|
||||
|
|
@ -31,11 +31,7 @@ COMMON_SRCS = configserver.c \
|
|||
netconfig/ipconfig/ipconfig.c \
|
||||
netconfig/bridge/brconfig.c netconfig/bridge/brnetlink.c \
|
||||
netconfig/bridge/libbridge/libbridge_if.c netconfig/bridge/libbridge/libbridge_init.c netconfig/bridge/libbridge/libbridge_devif.c\
|
||||
authfree_config/authfree.c \
|
||||
localportal_config/localportal.c \
|
||||
userlock_config/userlock.c \
|
||||
jumppage_config/jumppage.c \
|
||||
agingtime_config/agingtime.c \
|
||||
web_config/authfree.c web_config/auth_parameters.c
|
||||
user_manager_config/user_group_config.c user_manager_config/user_account_config.c user_manager_config/usermanager-server/array_index.c \
|
||||
user_manager_config/usermanager-server/user_group.c user_manager_config/usermanager-server/user_mod.c user_manager_config/usermanager-server/user.c \
|
||||
log_config/log_config_console.c log_config/log_config_init.c
|
||||
|
|
|
|||
|
|
@ -0,0 +1,92 @@
|
|||
# target name, the target name must have the same name of c source file
|
||||
TARGET_NAME=freeauth
|
||||
|
||||
# target
|
||||
# for linux module driver: KO
|
||||
# for application: EXE
|
||||
# for dynamic library: DLL
|
||||
TARGET_TYPE = EXE
|
||||
|
||||
# target object
|
||||
# for application: APP
|
||||
# for device driver: DRV
|
||||
TARGET_OBJ = APP
|
||||
|
||||
# custom install dir
|
||||
TARGET_BOX =
|
||||
|
||||
#debug mode or release mode
|
||||
DEBUG = TRUE
|
||||
|
||||
PLAT_LINUX ?= TRUE
|
||||
PLAT_ARM64 ?= TRUE
|
||||
|
||||
VPATH = ../user/configm/config-server
|
||||
# source code
|
||||
|
||||
# set the source file, don't used .o because of ...
|
||||
|
||||
COMMON_SRCS = web_config/auth_parameters.c
|
||||
|
||||
# MRS Board Source Files
|
||||
PLAT_LINUX_SRCS = $(COMMON_SRCS)
|
||||
PLAT_ARM64_SRCS = $(COMMON_SRCS)
|
||||
|
||||
COMMOM_CFLAGS = -I../user/configm/config-server/include -I../../Common -I../common/redismq -I../common/database -I../common/configm -I../common/rpc -I../common/rpc/hashtable -I../common/ulog -I../user/configm/config-server/netconfig/ -I../user/configm/config-server/netconfig/bridge/include
|
||||
# gcc CFLAGS
|
||||
PLAT_ARM64_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/arm64/usr/local/include
|
||||
PLAT_LINUX_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/x86_64/usr/local/include
|
||||
|
||||
PLAT_ARM64_LDFLAGS :=
|
||||
PLAT_LINUX_LDFLAGS :=
|
||||
|
||||
#gcc libs
|
||||
ARM64_LIBS := ../thirdparty/arm64/libev-arm64.so ./libopenrpc-arm64.so ./libnetlinku-arm64.so ./libredismq-arm64.so ./libdatabase-arm64.so
|
||||
ARM64_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis
|
||||
ARM64_LIBS += ../thirdparty/arm64/usr/local/lib/libodbc.so
|
||||
|
||||
LINUX_LIBS := ../thirdparty/x86_64/libev-linux.so ./libopenrpc-linux.so ./libnetlinku-linux.so ./libredismq-linux.so ./libdatabase-linux.so
|
||||
LINUX_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis
|
||||
LINUX_LIBS += ../thirdparty/x86_64/usr/local/lib/libodbc.so
|
||||
|
||||
ifeq ($(PLAT_ARM64), TRUE)
|
||||
DEPEND_LIB += ../thirdparty/arm64/libev-arm64.so ./debug/libopenrpc-arm64.so ./debug/libnetlinku-arm64.so ./debug/libredismq-arm64.so ./debug/libdatabase-arm64.so
|
||||
DEPEND_LIB += ../thirdparty/arm64/usr/local/lib/libodbc.so
|
||||
USER_CLEAN_ITEMS += ./libopenrpc-arm64.so ./libnetlinku-arm64.so ./libredismq-arm64.so ./libdatabase-arm64.so
|
||||
endif
|
||||
|
||||
ifeq ($(PLAT_LINUX), TRUE)
|
||||
DEPEND_LIB += ../thirdparty/x86_64/libev-linux.so ./debug/libopenrpc-linux.so ./libnetlinku-linux.so ./debug/libredismq-linux.so ./debug/libdatabase-linux.so
|
||||
DEPEND_LIB += ../thirdparty/x86_64/usr/local/lib/libodbc.so
|
||||
USER_CLEAN_ITEMS += ./libopenrpc-linux.so ./libnetlinku-linux.so ./libredismq-linux.so ./libdatabase-linux.so
|
||||
|
||||
endif
|
||||
|
||||
|
||||
# this line must be at below of thus, because of...
|
||||
include ../../Common/common.Makefile
|
||||
|
||||
ifneq ($(MAKECMDGOALS), clean)
|
||||
ifneq ($(MAKECMDGOALS), cleanall)
|
||||
ifneq ($(notdir $(DEPEND_LIB)), $(wildcard $(DEPEND_LIB)))
|
||||
$(shell $(CP) $(DEPEND_LIB) ./)
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
||||
ifeq ($(MAKECMDGOALS), )
|
||||
$(shell find ./ -name "$(TARGET)-*.ko" -delete)
|
||||
else
|
||||
ifeq ($(MAKECMDGOALS), all)
|
||||
$(shell find ./ -name "$(TARGET)-*.ko" -delete)
|
||||
endif
|
||||
endif
|
||||
|
||||
ifeq ($(MAKECMDGOALS), )
|
||||
$(shell find ./ -name "$(TARGET)-*.ko" -delete)
|
||||
else
|
||||
ifeq ($(MAKECMDGOALS), all)
|
||||
$(shell find ./ -name "$(TARGET)-*.ko" -delete)
|
||||
endif
|
||||
endif
|
||||
|
||||
|
|
@ -1,264 +0,0 @@
|
|||
#include "../include/parsefile.h"
|
||||
#include "../include/configm.h"
|
||||
#include "../../../netlink_uapi/libnetlinku.h"
|
||||
#include "../../../../common/rpc/rpc.h"
|
||||
#include "../include/agingtime.h"
|
||||
#include <cjson/cJSON.h>
|
||||
#include "../../../../../Common/s2j/s2j.h"
|
||||
#include "../../../../../Common/commuapinl.h"
|
||||
|
||||
#ifdef AGINGTIME_ACK_COOKIES
|
||||
#define CFG_AGINGTIME_ACK_COOKIES
|
||||
#endif
|
||||
|
||||
/*全局变量,存放配置的用户老化时间 */
|
||||
int *aging_time = NULL;
|
||||
|
||||
/*下发用户老化时间配置到内核态 */
|
||||
int set_agingtimecfg_waitack(int *agingtime)
|
||||
{
|
||||
int agingtime_len = 0;
|
||||
struct nlmsghdr *ack = NULL;
|
||||
struct nlmsghdr **answer = &ack;
|
||||
|
||||
struct{
|
||||
struct nlmsghdr n;
|
||||
char buf[1024];
|
||||
} req ={
|
||||
.n.nlmsg_len = NLMSG_LENGTH(0),
|
||||
#ifdef CFG_AGINGTIME_ACK_COOKIES
|
||||
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACK:use kernel auto ack*/
|
||||
#else
|
||||
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
|
||||
#endif
|
||||
.n.nlmsg_type = AGINGTIME_CFG, /*用户态发送给内核态的用户老化时间消息 */
|
||||
.n.nlmsg_pid = getpid(),
|
||||
};
|
||||
|
||||
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
|
||||
if (agingtime == NULL)
|
||||
{
|
||||
printf("set_agingtimecfg_waitack is error: input struct_agingtime is NULL.\r\n");
|
||||
return -1;
|
||||
}else
|
||||
{
|
||||
printf("set_freeauthcfg_waitack :agingtime %d\n", *agingtime);
|
||||
}
|
||||
|
||||
/*计算需要发送的数据的长度 */
|
||||
agingtime_len = sizeof(int);
|
||||
printf("%d\n", agingtime_len);
|
||||
|
||||
/*可选属性 */
|
||||
commnl_addattr_l(&req.n, sizeof(req), 1, agingtime, agingtime_len);
|
||||
|
||||
/*发送组装好的netlink消息 */
|
||||
if(pdeliv_talk(1, &req.n, answer) < 0)
|
||||
{
|
||||
printf("set_user_agingtime_waitack rcv ack msg faild.\r\n");
|
||||
return -2;
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("set_user_agingtime_waitack rcv ack msg success.\r\n");
|
||||
}
|
||||
|
||||
if(*answer != NULL)
|
||||
{
|
||||
printf("set_user_agingtime_waitack rcv answer.\r\n");
|
||||
}
|
||||
else{
|
||||
printf("set_user_agingtime_waitack rcv answer error.\r\n");
|
||||
return -3;
|
||||
}
|
||||
|
||||
#ifdef CFG_AGINGTIME_ACK_COOKIES
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == NLMSG_ERROR){
|
||||
nl_debugfs_extack(*answer);
|
||||
}
|
||||
#else
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == AGINGTIME_CFG)
|
||||
{
|
||||
nl_debugfs(*answer);
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*判断配置的老化时间是否有效,老化时间大于0 */
|
||||
/*input格式 '{\"type\":0, \"time\":24}' */
|
||||
ret_code agingtime_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson,*time;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*获取键值内容 */
|
||||
time = cJSON_GetObjectItem(cjson , "time");
|
||||
if(!time)
|
||||
{
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
if(time->valueint < 0)
|
||||
{
|
||||
cJSON_Delete(cjson);
|
||||
free(time);
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
cJSON_Delete(cjson);
|
||||
free(time);
|
||||
|
||||
ASSERT_RET(ret);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
/*系统管理模块将配置的用户老化时间通过netlink下发到内核态 */
|
||||
/*输入和输出的参数形式都为JSON字符串 '{"time": 30}' */
|
||||
ret_code agingtime_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *res, *time;
|
||||
int * agingtime = NULL;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*获取键值内容 */
|
||||
time = cJSON_GetObjectItem(cjson , "time");
|
||||
if(!time)
|
||||
{
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
else
|
||||
{
|
||||
int a = time->valueint;
|
||||
agingtime = &a;
|
||||
}
|
||||
|
||||
rpc_log_info("agingtime configure: agingtime %d\n", *agingtime);
|
||||
|
||||
/*用户态下发到内核态auth_hook */
|
||||
int r = -1;
|
||||
printf("cfgchannel main begin:\r\n");
|
||||
|
||||
/*创建通道 */
|
||||
r = commcfgnl_open();
|
||||
if(r < 0)
|
||||
{
|
||||
printf(" pdlivnl_open fail, exit.\r\n");
|
||||
cJSON_Delete(cjson);
|
||||
free(time);
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
r = set_agingtimecfg_waitack(agingtime);
|
||||
if(r < 0)
|
||||
{
|
||||
printf("set_cfg_debug_waitack failed.\r\n");
|
||||
cJSON_Delete(cjson);
|
||||
free(time);
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*关闭netlink通道 */
|
||||
commcfgnl_close();
|
||||
|
||||
printf("cfgchannel main exit!\r\n");
|
||||
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
|
||||
/*将json对象转换成json字符串 */
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(time);
|
||||
cJSON_Delete(cjson);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
cJSON_Delete(cjson);
|
||||
free(time);
|
||||
|
||||
|
||||
/*把免认证规则的配置信息存入全局变量 */
|
||||
*aging_time= *agingtime;
|
||||
|
||||
free(aging_time);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
ret_code agingtime_config_get(uint source,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
return ret;
|
||||
}
|
||||
|
||||
ret_code agingtime_config_get_all(uint source,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
return ret;
|
||||
}
|
||||
|
|
@ -1,337 +0,0 @@
|
|||
#include "../include/parsefile.h"
|
||||
#include "../include/configm.h"
|
||||
#include "../../../netlink_uapi/libnetlinku.h"
|
||||
#include "../../../../common/rpc/rpc.h"
|
||||
#include "../include/authfree.h"
|
||||
#include <cjson/cJSON.h>
|
||||
#include "../../../../../Common/s2j/s2j.h"
|
||||
#include "../../../../../Common/commuapinl.h"
|
||||
|
||||
#ifdef FREEAUTH_ACK_COOKIES
|
||||
#define CFG_FREEAUTH_ACK_COOKIES
|
||||
#endif
|
||||
|
||||
/*全局变量,存放用户信息 */
|
||||
freeauth_configure_t *localuser;
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int authfreeInit(freeauth_configure_t **localuser)
|
||||
{
|
||||
*localuser = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t));
|
||||
if (NULL == *localuser)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* 判断IPv4格式是否正确*/
|
||||
int isIpV4Addr(const char *ipAddr)
|
||||
{
|
||||
int ip_part_1 = 0;
|
||||
int ip_part_2 = 0;
|
||||
int ip_part_3 = 0;
|
||||
int ip_part_4 = 0;
|
||||
char end_char = 0;
|
||||
if((NULL == ipAddr) || (0 == strlen(ipAddr)))
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
if(4 == sscanf(ipAddr,"%d.%d.%d.%d%c",&ip_part_1,&ip_part_2,&ip_part_3,&ip_part_4,&end_char))
|
||||
{
|
||||
if((ip_part_1 >= 0) && (ip_part_1 <= 255) &&
|
||||
(ip_part_2 >= 0) && (ip_part_2 <= 255) &&
|
||||
(ip_part_3 >= 0) && (ip_part_3 <= 255) &&
|
||||
(ip_part_4 >= 0) && (ip_part_4 <= 255)
|
||||
)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth)
|
||||
{
|
||||
int freeauth_len = 0;
|
||||
struct nlmsghdr *ack = NULL;
|
||||
struct nlmsghdr **answer = &ack;
|
||||
|
||||
struct{
|
||||
struct nlmsghdr n;
|
||||
char buf[1024];
|
||||
} req ={
|
||||
.n.nlmsg_len = NLMSG_LENGTH(0),
|
||||
#ifdef CFG_FREEAUTH_ACK_COOKIES
|
||||
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACK:use kernel auto ack*/
|
||||
#else
|
||||
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
|
||||
#endif
|
||||
.n.nlmsg_type = FREEAUTH_CFG,
|
||||
.n.nlmsg_pid = getpid(),
|
||||
};
|
||||
|
||||
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
|
||||
if (struct_freeauth == NULL)
|
||||
{
|
||||
printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n");
|
||||
return -1;
|
||||
}else
|
||||
{
|
||||
char str[32];
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
|
||||
char *sip_addr = str;
|
||||
char dtr[32];
|
||||
memset(dtr, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32);
|
||||
char *dip_addr = dtr;
|
||||
printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n",
|
||||
struct_freeauth->name, sip_addr, dip_addr,
|
||||
struct_freeauth->dport);
|
||||
}
|
||||
|
||||
/*计算需要发送的数据的长度 */
|
||||
freeauth_len = sizeof(freeauth_configure_t);
|
||||
|
||||
/*可选属性 */
|
||||
commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len);
|
||||
|
||||
/*发送组装好的netlink消息 */
|
||||
if(pdeliv_talk(1, &req.n, answer) < 0)
|
||||
{
|
||||
printf("set_user_freeauth_waitack rcv ack msg faild.\r\n");
|
||||
return -2;
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("set_user_freeauth_waitack rcv ack msg success.\r\n");
|
||||
}
|
||||
|
||||
if(*answer != NULL)
|
||||
{
|
||||
printf("set_user_freeauth_waitack rcv answer.\r\n");
|
||||
}
|
||||
else{
|
||||
printf("set_user_freeauth_waitack rcv answer error.\r\n");
|
||||
return -3;
|
||||
}
|
||||
|
||||
#ifdef CFG_FREEAUTH_ACK_COOKIES
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == NLMSG_ERROR){
|
||||
nl_debugfs_extack(*answer);
|
||||
}
|
||||
#else
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == FREEAUTH_CFG)
|
||||
{
|
||||
nl_debugfs(*answer);
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*判断免认证规则源IP地址、目的IP地址是否有效,判断端口号是否有效 */
|
||||
/*input格式 "{\"type\":0, \"dport\":24, \"name\":\"armink\", \"sip\":1027824, \"dip\":103427824}";*/
|
||||
ret_code freeauth_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, string, name);
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, int, sip);
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, int, dip);
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, int, dport);
|
||||
printf("freeauth configure: name: %s sip: %d dip: %d dport: %d\n",
|
||||
struct_freeauth->name,struct_freeauth->sip, struct_freeauth->dip, struct_freeauth->dport);
|
||||
|
||||
if((*input_len < sizeof(freeauth_configure_t)) || (*input_len > sizeof(freeauth_configure_t)))
|
||||
{
|
||||
free(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
char str[32];
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
|
||||
char *sip_addr = str;
|
||||
if( isIpV4Addr(sip_addr) < 0 )
|
||||
{
|
||||
free(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_IPINVALID;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
char dtr[32];
|
||||
memset(dtr, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32);
|
||||
char *dip_addr = dtr;
|
||||
if( isIpV4Addr(dip_addr) < 0 )
|
||||
{
|
||||
free(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_IPINVALID;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
if ( (struct_freeauth->dport < DPORT_MIN_NUM) && (struct_freeauth->dport > DPORT_MAX_NUM ))
|
||||
{
|
||||
free(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_IPINVALID; /*先用IPVAILD表示,后面加PORTVAILD */
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
free(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
/*免认证规则有效,将免认证规则通过netlink下发到内核态 */
|
||||
ret_code freeauth_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, string, name);
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, int, sip);
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, int, dip);
|
||||
s2j_struct_get_basic_element(struct_freeauth, cjson, int, dport);
|
||||
|
||||
char str[32];
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
|
||||
char *sip_addr = str;
|
||||
char dtr[32];
|
||||
memset(dtr, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32);
|
||||
char *dip_addr = dtr;
|
||||
rpc_log_info("freeauth configure: name %s sip %s dip %s dport %d\n",
|
||||
struct_freeauth->name,sip_addr, dip_addr, struct_freeauth->dport);
|
||||
|
||||
/*用户态下发到内核态auth_hook */
|
||||
int r = -1;
|
||||
printf("cfgchannel main begin:\r\n");
|
||||
|
||||
/*创建通道 */
|
||||
r = commcfgnl_open();
|
||||
if(r < 0)
|
||||
{
|
||||
printf(" pdlivnl_open fail, exit.\r\n");
|
||||
free(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
r = set_freeauthcfg_waitack(struct_freeauth);
|
||||
if(r < 0)
|
||||
{
|
||||
printf("set_cfg_debug_waitack failed.\r\n");
|
||||
free(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*关闭netlink通道 */
|
||||
commcfgnl_close();
|
||||
printf("cfgchannel main exit!\r\n");
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
free(struct_freeauth);
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
|
||||
/*将json对象转换成json字符串 */
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(struct_freeauth);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
cJSON_Delete(cjson);
|
||||
|
||||
|
||||
/*把免认证规则的配置信息存入全局变量 */
|
||||
localuser->sip = struct_freeauth->sip;
|
||||
|
||||
|
||||
free(struct_freeauth);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
@ -1,34 +0,0 @@
|
|||
#ifndef AGINGTIME_H_
|
||||
#define AGINGTIME_H_
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include "../../../../common/rpc/rpc_common.h"
|
||||
|
||||
|
||||
/*判断配置的老化时间是否有效,老化时间大于0 */
|
||||
ret_code agingtime_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
/*系统管理模块将配置的用户老化时间通过netlink下发到内核态 */
|
||||
ret_code agingtime_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
ret_code agingtime_config_get(uint source,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
ret_code agingtime_config_get_all(uint source,
|
||||
pointer output, int *output_len);
|
||||
|
||||
#endif
|
||||
|
|
@ -1,52 +0,0 @@
|
|||
#ifndef FREEAUTH_H_
|
||||
#define FREEAUTH_H_
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include "../../../../common/rpc/rpc_common.h"
|
||||
|
||||
#define DPORT_MIN_NUM 0
|
||||
#define DPORT_MAX_NUM 65535
|
||||
|
||||
/*配置消息 */
|
||||
typedef struct {
|
||||
uint32_t sip;
|
||||
uint32_t dip;
|
||||
int dport;
|
||||
char name[32];
|
||||
}freeauth_configure_t;
|
||||
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int authfreeInit(freeauth_configure_t **localuser);
|
||||
|
||||
|
||||
/* 判断IPv4格式是否正确*/
|
||||
int isIpV4Addr(const char *ipAddr);
|
||||
|
||||
|
||||
/*下发配置到内核态 */
|
||||
int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth);
|
||||
|
||||
/*判断免认证规则源IP地址、目的IP地址是否有效,判断端口号是否有效 */
|
||||
/*input格式 "{\"type\":0, \"dport\":24, \"name\":\"armink\", \"sip\":1027824, \"dip\":103427824}";*/
|
||||
ret_code freeauth_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
|
||||
/*免认证规则有效,将免认证规则通过netlink下发到内核态 */
|
||||
ret_code freeauth_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
#endif
|
||||
|
|
@ -8,7 +8,7 @@
|
|||
#include "../user_manager_config/user_account_config.h"
|
||||
#include "netconfig.h"
|
||||
#include "log_config.h"
|
||||
#include "authfree.h"
|
||||
#include "../web_config/authfree.h"
|
||||
#include "localportal.h"
|
||||
#include "jumppage.h"
|
||||
#include "userlock.h"
|
||||
|
|
@ -42,11 +42,9 @@
|
|||
#define USER_MANAGER_CONFIG_GROUP (uint64)((uint64)USER_MANAGER_CONFIG_MODULE<<32|1)
|
||||
#define USER_MANAGER_CONFIG_USER (uint64)((uint64)USER_MANAGER_CONFIG_MODULE<<32|2)
|
||||
|
||||
#define PORTALSERVER_CONFIG (uint64)((uint64)LOCALAUTH_CONFIG_MODULE<<32|1)
|
||||
#define AUTHFREE_CONFIG (uint64)((uint64)LOCALAUTH_CONFIG_MODULE<<32|2)
|
||||
#define USERLOCK_CONFIG (uint64)((uint64)LOCALAUTH_CONFIG_MODULE<<32|3)
|
||||
#define JUMPPAGE_CONFIG (uint64)((uint64)LOCALAUTH_CONFIG_MODULE<<32|4)
|
||||
#define AGINGTIME_CONFIG (uint64)((uint64)LOCALAUTH_CONFIG_MODULE<<32|5)
|
||||
#define AUTHFREE_CONFIG (uint64)((uint64)LOCALAUTH_CONFIG_MODULE<<32|1)
|
||||
#define FREEPARAMETERS_CONFIG (uint64)((uint64)LOCALAUTH_CONFIG_MODULE<<32|2)
|
||||
|
||||
|
||||
#define LOG_CONFIG_CONSOLE (uint64)((uint64)LOG_CONFIG_MODULE<<32|1)
|
||||
#define NAT4_CONFIG (uint64)((uint64)NAT_CONFIG_MODULE<<32|1)
|
||||
|
|
@ -121,15 +119,6 @@
|
|||
usergroup_config_get, \
|
||||
usergroup_config_get_all \
|
||||
},\
|
||||
{\
|
||||
PORTALSERVER_CONFIG, \
|
||||
CONFIG_FROM_WEB|CONFIG_FROM_NETOPEER, \
|
||||
FALSE, \
|
||||
portalserver_config_chk, \
|
||||
portalserver_config_proc, \
|
||||
NULL, \
|
||||
NULL \
|
||||
}, \
|
||||
{ \
|
||||
AUTHFREE_CONFIG, \
|
||||
CONFIG_FROM_WEB|CONFIG_FROM_NETOPEER, \
|
||||
|
|
@ -140,32 +129,14 @@
|
|||
NULL \
|
||||
},\
|
||||
{\
|
||||
USERLOCK_CONFIG, \
|
||||
FREEPARAMETERS_CONFIG, \
|
||||
CONFIG_FROM_WEB|CONFIG_FROM_NETOPEER, \
|
||||
FALSE, \
|
||||
userlock_config_chk, \
|
||||
userlock_config_proc, \
|
||||
authpara_config_chk, \
|
||||
authpara_config_proc, \
|
||||
NULL, \
|
||||
NULL \
|
||||
},\
|
||||
{\
|
||||
JUMPPAGE_CONFIG, \
|
||||
CONFIG_FROM_WEB|CONFIG_FROM_NETOPEER, \
|
||||
FALSE, \
|
||||
NULL, \
|
||||
jumppage_config_proc, \
|
||||
NULL, \
|
||||
NULL \
|
||||
}, \
|
||||
{\
|
||||
AGINGTIME_CONFIG, \
|
||||
CONFIG_FROM_WEB|CONFIG_FROM_NETOPEER, \
|
||||
FALSE, \
|
||||
agingtime_config_chk, \
|
||||
agingtime_config_proc, \
|
||||
agingtime_config_get, \
|
||||
agingtime_config_get_all \
|
||||
}, \
|
||||
{\
|
||||
USER_MANAGER_CONFIG_USER, \
|
||||
CONFIG_FROM_WEB, \
|
||||
|
|
|
|||
|
|
@ -1,22 +0,0 @@
|
|||
#ifndef JUMPPAGE_H_
|
||||
#define JUMPPAGE_H_
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include "../../../../common/rpc/rpc_common.h"
|
||||
|
||||
|
||||
/*系统管理模块将数据内容(URL地址)发送给web server */
|
||||
ret_code jumppage_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
#endif
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
#ifndef LOCALPORTAL_H_
|
||||
#define LOCALPORTAL_H_
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include "../../../../common/rpc/rpc_common.h"
|
||||
|
||||
|
||||
/*配置消息 */
|
||||
typedef struct {
|
||||
uint32_t ip;
|
||||
int port;
|
||||
}localportal_configure_t;
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int localportalInit(localportal_configure_t **localportal);
|
||||
|
||||
|
||||
/*检查IP地址是否有效,端口号是否被占用 */
|
||||
int _valid_ipv4_port(const char *str, int port);
|
||||
|
||||
|
||||
/*判断配置本地Portal服务器的IP地址是否有效,端口号是否被占用 */
|
||||
ret_code portalserver_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
/*系统管理模块将数据内容(IP地址、端口号)发送给web server */
|
||||
ret_code portalserver_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
#endif
|
||||
|
|
@ -1,45 +0,0 @@
|
|||
#ifndef USERLOCK_H_
|
||||
#define USERLOCK_H_
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include "../../../../common/rpc/rpc_common.h"
|
||||
|
||||
|
||||
#define FAIL_MIN_NUM 0 /*失败次数的最小值*/
|
||||
#define LOCK_MIN_TIME 0 /*锁定的最小时间 */
|
||||
#define HORIZON_MIN_VALUE 0 /*认证时间范围的最小值 */
|
||||
|
||||
/*配置消息 */
|
||||
typedef struct {
|
||||
time_t logintime;
|
||||
int timehorizon;
|
||||
int failcount;
|
||||
int locktime;
|
||||
}userlock_configure_t;
|
||||
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int Init(userlock_configure_t **userlock);
|
||||
|
||||
|
||||
/*判断锁定配置信息是否有效,时间范围大于0,失败的次数大于0,锁定时间大于0 */
|
||||
ret_code userlock_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
/*系统管理模块将数据内容(IP地址、端口号)发送给web server */
|
||||
ret_code userlock_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
#endif
|
||||
|
|
@ -1,100 +0,0 @@
|
|||
#include "../../../../common/rpc/rpc.h"
|
||||
#include "../include/parsefile.h"
|
||||
#include "../include/configm.h"
|
||||
#include "../../../netlink_uapi/libnetlinku.h"
|
||||
#include "../include/jumppage.h"
|
||||
#include <cjson/cJSON.h>
|
||||
#include "../../../../../Common/s2j/s2j.h"
|
||||
#include "../../../../../Common/commuapinl.h"
|
||||
|
||||
/*全局变量,存放用户跳转的页面 */
|
||||
char *jumpurl = NULL;
|
||||
|
||||
/*系统管理模块将数据内容(URL地址)发送给web server */
|
||||
/*input格式:"{\"type\":0,\"url\":\"http://www.baidu.com\"}"*/
|
||||
ret_code jumppage_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *url, *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*获取键值内容 */
|
||||
url= cJSON_GetObjectItem(cjson , "url");
|
||||
if(!url)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
cJSON_Delete(cjson);
|
||||
return ret;
|
||||
}
|
||||
|
||||
rpc_log_info("jumppage configure: url %s\n", url->valuestring);
|
||||
|
||||
|
||||
/*将配置信息发送到web server 发送结果int表示,0表示发送成功,-1表示发送失败*/
|
||||
int r;
|
||||
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
|
||||
/*将json对象转换成json字符串 */
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(url);
|
||||
cJSON_Delete(cjson);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(url);
|
||||
cJSON_Delete(cjson);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
|
||||
|
||||
|
||||
|
||||
return RET_OK;
|
||||
|
||||
/*把本地Portal server的配置信息存入全局变量 */
|
||||
jumpurl = url->valuestring;
|
||||
|
||||
|
||||
free(jumpurl);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
|
@ -1,221 +0,0 @@
|
|||
#include "../../../../common/rpc/rpc.h"
|
||||
#include "../include/parsefile.h"
|
||||
#include "../include/configm.h"
|
||||
#include "../../../netlink_uapi/libnetlinku.h"
|
||||
#include "../include/localportal.h"
|
||||
#include <cjson/cJSON.h>
|
||||
#include "../../../../../Common/s2j/s2j.h"
|
||||
#include "../../../../../Common/commuapinl.h"
|
||||
|
||||
/*全局变量,存放本地Portal服务器的IP地址和端口号 */
|
||||
localportal_configure_t *localportal;
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int localportalInit(localportal_configure_t **localportal)
|
||||
{
|
||||
*localportal = (localportal_configure_t *)malloc(sizeof(localportal_configure_t));
|
||||
if (NULL == *localportal)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*检查IP地址是否有效,端口号是否被占用 */
|
||||
int _valid_ipv4_port(const char *str, int port)
|
||||
{
|
||||
int ret;
|
||||
int fd;
|
||||
int i;
|
||||
volatile int local_errno;
|
||||
struct sockaddr_in addr;
|
||||
fd = socket(AF_INET,SOCK_STREAM,0); /*初始化*/
|
||||
|
||||
if(fd ==-1) /*检查是否正常初始化socket */
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
|
||||
errno = 0;
|
||||
local_errno = errno;
|
||||
|
||||
ret = inet_pton(AF_INET, str ,&addr.sin_addr);
|
||||
printf("the value of ret is:%d\n",ret);
|
||||
if(ret > 0)
|
||||
{
|
||||
fprintf(stderr, "\"%s\" is a vaild IPv4 address\n", str);
|
||||
|
||||
addr.sin_family = AF_INET; /*地址结构的协议簇 */
|
||||
addr.sin_port=htons(port); /*地址结构的端口地址,网络字节序 */
|
||||
printf("the value of str:%s\n", str);
|
||||
i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr)));
|
||||
printf("the value of i:%d\n", i);
|
||||
|
||||
if( i < 0)
|
||||
{
|
||||
printf("port %d has been used. \n", port);
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
printf("port %d is ok. \n", port);
|
||||
close(fd);
|
||||
return 0;
|
||||
}
|
||||
|
||||
else if (ret < 0)
|
||||
{
|
||||
fprintf(stderr, "EAFNOSUPPORT: %s\n", strerror(local_errno));
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "\"%s\" is not a vaild IPv4 address\n", str);
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/*判断配置本地Portal服务器的IP地址是否有效,端口号是否被占用 */
|
||||
/*input格式 "{\"type\":0, \"ip\":1027824, \"port\":1010}"*/
|
||||
ret_code portalserver_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *res;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(struct_portal, localportal_configure_t);
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(struct_portal, cjson, int, ip);
|
||||
s2j_struct_get_basic_element(struct_portal, cjson, int, port);
|
||||
rpc_log_info("localport configure: ip: %d port: %d\n",
|
||||
struct_portal->ip,struct_portal->port);
|
||||
|
||||
if((*input_len < sizeof(localportal_configure_t)) || (*input_len > sizeof(localportal_configure_t)) )
|
||||
{
|
||||
cJSON_Delete(cjson);
|
||||
free(struct_portal);
|
||||
ret = RET_INPUTERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
char str[32];
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_portal->ip, str, 32);
|
||||
char *ip_addr = str;
|
||||
if( (_valid_ipv4_port(ip_addr, struct_portal->port)) < 0 )
|
||||
{
|
||||
cJSON_Delete(cjson);
|
||||
free(struct_portal);
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
ASSERT_RET(ret);
|
||||
|
||||
cJSON_Delete(cjson);
|
||||
free(struct_portal);
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
/*系统管理模块将数据内容(IP地址、端口号)发送给web server */
|
||||
ret_code portalserver_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(struct_portal, localportal_configure_t);
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(struct_portal, cjson, int, ip);
|
||||
s2j_struct_get_basic_element(struct_portal, cjson, int, port);
|
||||
|
||||
char str[32];
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_portal->ip, str, 32);
|
||||
char *ip_addr = str;
|
||||
rpc_log_info("portalserver configure: ip: %s port: %d\n",
|
||||
ip_addr, struct_portal->port);
|
||||
|
||||
/*将配置信息发送到web server,发送结果int类型表示,0表示发送成功,-1表示发送失败 */
|
||||
int r;
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
free(struct_portal);
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
|
||||
/*将json对象转换成json字符串 */
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(struct_portal);
|
||||
cJSON_Delete(cjson);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
cJSON_Delete(cjson);
|
||||
|
||||
/*把本地Portal server的配置信息存入全局变量 */
|
||||
localportal->ip = struct_portal->ip;
|
||||
localportal->port = struct_portal->port;
|
||||
|
||||
|
||||
free(struct_portal);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
|
@ -1,193 +0,0 @@
|
|||
#include "../../../../common/rpc/rpc.h"
|
||||
#include "../include/parsefile.h"
|
||||
#include "../include/configm.h"
|
||||
#include "../../../netlink_uapi/libnetlinku.h"
|
||||
#include <cjson/cJSON.h>
|
||||
#include "../../../../../Common/s2j/s2j.h"
|
||||
#include "../../../../../Common/commuapinl.h"
|
||||
#include "../include/userlock.h"
|
||||
|
||||
|
||||
/*全局变量,存放锁定功能的信息 */
|
||||
userlock_configure_t *userlock;
|
||||
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int Init(userlock_configure_t **userlock)
|
||||
{
|
||||
*userlock = (userlock_configure_t *)malloc(sizeof(userlock_configure_t));
|
||||
if (NULL == *userlock)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*判断锁定配置信息是否有效,时间范围大于0,失败的次数大于0,锁定时间大于0 */
|
||||
/*input格式 "{\"type\":0, \"failcount\":10, \"locktime\":30, \"timehorizon\":30, \"logintime\":3213250}"*/
|
||||
ret_code userlock_config_chk(uint source, uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(struct_userlock, userlock_configure_t);
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, failcount);
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, locktime);
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, timehorizon);
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, logintime);
|
||||
|
||||
|
||||
rpc_log_info("userlock configure: 登录时间: %d 用户认证失败次数: %d 用户认证的时间范围: %d 用户锁定时间: %ld\n",
|
||||
struct_userlock->logintime, struct_userlock->failcount,
|
||||
struct_userlock->timehorizon, struct_userlock->locktime);
|
||||
|
||||
if((*input_len < sizeof(userlock_configure_t)) || (*input_len > sizeof(userlock_configure_t)))
|
||||
{
|
||||
free(struct_userlock);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*配置的用户失败次数如果小于0,则配置错误 */
|
||||
if(struct_userlock->failcount < FAIL_MIN_NUM )
|
||||
{
|
||||
free(struct_userlock);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
printf("userlock configure error\n");
|
||||
}
|
||||
|
||||
/*配置的用户锁定时间如果小于0,则配置错误 */
|
||||
if(struct_userlock->locktime < LOCK_MIN_TIME )
|
||||
{
|
||||
free(struct_userlock);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
printf("locktime configure error\n");
|
||||
}
|
||||
|
||||
/*配置的用户认证时间范围如果小于0,则配置错误 */
|
||||
if(struct_userlock->timehorizon < HORIZON_MIN_VALUE )
|
||||
{
|
||||
free(struct_userlock);
|
||||
cJSON_Delete(cjson);
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
printf("timehorizon configure error\n");
|
||||
}
|
||||
|
||||
ASSERT_RET(ret);
|
||||
free(struct_userlock);
|
||||
cJSON_Delete(cjson);
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
/*系统管理模块将数据内容(IP地址、端口号)发送给web server */
|
||||
ret_code userlock_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *res;
|
||||
char *ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(struct_userlock, userlock_configure_t);
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, failcount);
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, locktime);
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, timehorizon);
|
||||
s2j_struct_get_basic_element(struct_userlock, cjson, int, logintime);
|
||||
|
||||
rpc_log_info("userlock configure: 登录时间: %d 用户认证失败次数: %d 用户认证的时间范围: %d 用户锁定时间: %ld\n",
|
||||
struct_userlock->logintime, struct_userlock->failcount,
|
||||
struct_userlock->timehorizon, struct_userlock->locktime);
|
||||
|
||||
|
||||
/*将配置信息struct_userlock发送到数据库 发送结果int类型表示,0表示发送成功,-1表示发送失败 */
|
||||
int r;
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
ret = RET_ERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
|
||||
/*将json对象转换成json字符串 */
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(struct_userlock);
|
||||
cJSON_Delete(cjson);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
cJSON_Delete(cjson);
|
||||
|
||||
|
||||
/*把本地Portal server的配置信息存入全局变量 */
|
||||
userlock->failcount = struct_userlock->failcount;
|
||||
|
||||
|
||||
free(struct_userlock);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,556 @@
|
|||
#include "../include/parsefile.h"
|
||||
#include "../include/configm.h"
|
||||
#include "../../../netlink_uapi/libnetlinku.h"
|
||||
#include "../../../../common/rpc/rpc.h"
|
||||
#include "authfree.h"
|
||||
#include <cjson/cJSON.h>
|
||||
#include "../../../../../Common/s2j/s2j.h"
|
||||
#include "../../../../../Common/commuapinl.h"
|
||||
#include "auth_parameters.h"
|
||||
|
||||
/*定义结构体 存认证参数*/
|
||||
auth_parameters_t *auth_para;
|
||||
|
||||
#ifdef AGINGTIME_ACK_COOKIES
|
||||
#define CFG_AGINGTIME_ACK_COOKIES
|
||||
#endif
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int authparInit()
|
||||
{
|
||||
auth_para = (auth_parameters_t *)malloc(sizeof(auth_parameters_t));
|
||||
if (NULL == auth_para)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*下发用户老化时间配置到内核态 */
|
||||
int set_agingtimecfg_waitack(int *agingtime)
|
||||
{
|
||||
int agingtime_len = 0;
|
||||
struct nlmsghdr *ack = NULL;
|
||||
struct nlmsghdr **answer = &ack;
|
||||
|
||||
struct{
|
||||
struct nlmsghdr n;
|
||||
char buf[1024];
|
||||
} req ={
|
||||
.n.nlmsg_len = NLMSG_LENGTH(0),
|
||||
#ifdef CFG_AGINGTIME_ACK_COOKIES
|
||||
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACK:use kernel auto ack*/
|
||||
#else
|
||||
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
|
||||
#endif
|
||||
.n.nlmsg_type = AGINGTIME_CFG, /*用户态发送给内核态的用户老化时间消息 */
|
||||
.n.nlmsg_pid = getpid(),
|
||||
};
|
||||
|
||||
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
|
||||
if (agingtime == NULL)
|
||||
{
|
||||
printf("set_agingtimecfg_waitack is error: input struct_agingtime is NULL.\r\n");
|
||||
return -1;
|
||||
}else
|
||||
{
|
||||
printf("set_freeauthcfg_waitack :agingtime %d\n", *agingtime);
|
||||
}
|
||||
|
||||
/*计算需要发送的数据的长度 */
|
||||
agingtime_len = sizeof(int);
|
||||
printf("%d\n", agingtime_len);
|
||||
|
||||
/*可选属性 */
|
||||
commnl_addattr_l(&req.n, sizeof(req), 1, agingtime, agingtime_len);
|
||||
|
||||
/*发送组装好的netlink消息 */
|
||||
if(pdeliv_talk(1, &req.n, answer) < 0)
|
||||
{
|
||||
printf("set_user_agingtime_waitack rcv ack msg faild.\r\n");
|
||||
return -2;
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("set_user_agingtime_waitack rcv ack msg success.\r\n");
|
||||
}
|
||||
|
||||
if(*answer != NULL)
|
||||
{
|
||||
printf("set_user_agingtime_waitack rcv answer.\r\n");
|
||||
}
|
||||
else{
|
||||
printf("set_user_agingtime_waitack rcv answer error.\r\n");
|
||||
return -3;
|
||||
}
|
||||
|
||||
#ifdef CFG_AGINGTIME_ACK_COOKIES
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == NLMSG_ERROR){
|
||||
nl_debugfs_extack(*answer);
|
||||
}
|
||||
#else
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == AGINGTIME_CFG)
|
||||
{
|
||||
nl_debugfs(*answer);
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*检查IP地址是否有效,端口号是否被占用 */
|
||||
int _valid_ipv4_port(const char *str, int port)
|
||||
{
|
||||
int ret;
|
||||
int fd;
|
||||
int i;
|
||||
volatile int local_errno;
|
||||
struct sockaddr_in addr;
|
||||
fd = socket(AF_INET,SOCK_STREAM,0); /*初始化*/
|
||||
|
||||
if(fd ==-1) /*检查是否正常初始化socket */
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
|
||||
errno = 0;
|
||||
local_errno = errno;
|
||||
|
||||
ret = inet_pton(AF_INET, str ,&addr.sin_addr);
|
||||
printf("the value of ret is:%d\n",ret);
|
||||
if(ret > 0)
|
||||
{
|
||||
fprintf(stderr, "\"%s\" is a vaild IPv4 address\n", str);
|
||||
|
||||
addr.sin_family = AF_INET; /*地址结构的协议簇 */
|
||||
addr.sin_port=htons(port); /*地址结构的端口地址,网络字节序 */
|
||||
printf("the value of str:%s\n", str);
|
||||
i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr)));
|
||||
printf("the value of i:%d\n", i);
|
||||
|
||||
if( i < 0)
|
||||
{
|
||||
printf("port %d has been used. \n", port);
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
printf("port %d is ok. \n", port);
|
||||
close(fd);
|
||||
return 0;
|
||||
}
|
||||
|
||||
else if (ret < 0)
|
||||
{
|
||||
fprintf(stderr, "EAFNOSUPPORT: %s\n", strerror(local_errno));
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "\"%s\" is not a vaild IPv4 address\n", str);
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
/* iuput格式:{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
|
||||
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *type, *data;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*获取操作类型 add、mod、del */
|
||||
type = cJSON_GetObjectItem(cjson, "type");
|
||||
if(!type)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
cJSON_Delete(cjson);
|
||||
return ret;
|
||||
}
|
||||
|
||||
*conf_type = type->valueint;
|
||||
|
||||
/*获取免认证规则的data部分 */
|
||||
data = cJSON_GetObjectItem(cjson, "data");
|
||||
if(!data)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
cJSON_Delete(cjson);
|
||||
cJSON_Delete(type);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(auth_parameters, auth_parameters_t);
|
||||
if(auth_parameters == NULL)
|
||||
{
|
||||
cJSON_Delete(cjson);
|
||||
cJSON_Delete(type);
|
||||
cJSON_Delete(data);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(auth_parameters, data, int, ip);
|
||||
s2j_struct_get_basic_element(auth_parameters, data, int, port);
|
||||
s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon);
|
||||
s2j_struct_get_basic_element(auth_parameters, data, int, failcount);
|
||||
s2j_struct_get_basic_element(auth_parameters, data, int, locktime);
|
||||
s2j_struct_get_basic_element(auth_parameters, data, int, aging_time);
|
||||
|
||||
authpara_buff->ip = auth_parameters->ip;
|
||||
authpara_buff->port = auth_parameters->port;
|
||||
authpara_buff->timehorizon = auth_parameters->timehorizon;
|
||||
authpara_buff->failcount = auth_parameters->failcount;
|
||||
authpara_buff->locktime = auth_parameters->locktime;
|
||||
authpara_buff->aging_time = auth_parameters->aging_time;
|
||||
|
||||
s2j_delete_struct_obj(auth_parameters);
|
||||
cJSON_Delete(cjson);
|
||||
cJSON_Delete(type);
|
||||
cJSON_Delete(data);
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
/*检查增加的参数格式是否正确 */
|
||||
ret_code authpara_config_add_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
auth_parameters_t *auth_parameters;
|
||||
auth_parameters = (auth_parameters_t *)input;
|
||||
char str[32] = {0};
|
||||
|
||||
if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*判断IP地址格式是否正确、端口号是否被占用*/
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&auth_parameters->ip, str, 32);
|
||||
char *ip_addr = str;
|
||||
if( (_valid_ipv4_port(ip_addr, auth_parameters->port)) < 0 )
|
||||
{
|
||||
free(auth_parameters);
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*配置的用户失败次数如果小于0,则配置错误 */
|
||||
if(auth_parameters->failcount < FAIL_MIN_NUM )
|
||||
{
|
||||
free(auth_parameters);
|
||||
printf("userlock configure error\n");
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*配置的用户锁定时间如果小于0,则配置错误 */
|
||||
if(auth_parameters->locktime < LOCK_MIN_TIME )
|
||||
{
|
||||
free(auth_parameters);
|
||||
printf("locktime configure error\n");
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*配置的用户认证时间范围如果小于0,则配置错误 */
|
||||
if(auth_parameters->timehorizon < HORIZON_MIN_VALUE )
|
||||
{
|
||||
free(auth_parameters);
|
||||
printf("timehorizon configure error\n");
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
free(auth_parameters);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
/*修改认证参数 */
|
||||
ret_code authpara_config_mod_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
auth_parameters_t *auth_parameters;
|
||||
auth_parameters = (auth_parameters_t *)input;
|
||||
|
||||
if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*判断认证参数是否存在*/
|
||||
if(NULL == auth_para)
|
||||
{
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
/*chk data格式 */
|
||||
ret_code authpara_config_chk(uint source,uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
|
||||
ret_code ret = RET_OK;
|
||||
auth_parameters_t auth_parameters = {0};
|
||||
int config_len = sizeof(auth_parameters_t);
|
||||
uint conf_type = AUTHPARA_CONFIG_GET;
|
||||
int code = 0;
|
||||
|
||||
authpara_config_json_parse(input, &conf_type, &auth_parameters);
|
||||
|
||||
switch (conf_type)
|
||||
{
|
||||
case AUTHPARA_CONFIG_ADD:
|
||||
ret = authpara_config_add_chk(source, conf_type,
|
||||
&auth_parameters, config_len,
|
||||
output, output_len);
|
||||
break;
|
||||
case AUTHPARA_CONFIG_MOD:
|
||||
ret = authpara_config_mod_chk(source, conf_type,
|
||||
&auth_parameters, config_len,
|
||||
output, output_len);
|
||||
break;
|
||||
default:
|
||||
ret = RET_NOTSUPPORT;
|
||||
}
|
||||
|
||||
if(config_len <= CM_BUFF_SIZE)
|
||||
{
|
||||
memset(input, 0, *input_len);
|
||||
memcpy(input, &auth_parameters, config_len);
|
||||
*config_type = conf_type;
|
||||
*input_len = config_len;
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = RET_NOMEM;
|
||||
}
|
||||
|
||||
RET_ERR_FORMART(ret, code, output, *output_len);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
ret_code authpara_config_add_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
auth_parameters_t *auth_parameters;
|
||||
auth_parameters = (auth_parameters_t *)input;
|
||||
int r = -1;
|
||||
|
||||
/*增加数据库*/
|
||||
|
||||
/*存入全局变量*/
|
||||
|
||||
/*用户态下发到内核态auth_hook */
|
||||
printf("cfgchannel main begin:\r\n");
|
||||
|
||||
/*创建通道 */
|
||||
r = commcfgnl_open();
|
||||
if(r < 0)
|
||||
{
|
||||
printf(" pdlivnl_open fail, exit.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
r = set_agingtimecfg_waitack(&(auth_parameters->aging_time));
|
||||
if(r < 0)
|
||||
{
|
||||
printf("set_cfg_debug_waitack failed.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*关闭netlink通道 */
|
||||
commcfgnl_close();
|
||||
printf("cfgchannel main exit!\r\n");
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
free(auth_parameters);
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*将json对象转换成json字符串 返回处理结果*/
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(auth_parameters);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
free(auth_parameters);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
ret_code authpara_config_mod_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
auth_parameters_t *auth_parameters;
|
||||
auth_parameters = (auth_parameters_t *)input;
|
||||
int r = -1;
|
||||
|
||||
/*数据库修改*/
|
||||
|
||||
/*存入全局变量*/
|
||||
|
||||
/*用户态下发到内核态auth_hook */
|
||||
printf("cfgchannel main begin:\r\n");
|
||||
|
||||
/*创建通道 */
|
||||
r = commcfgnl_open();
|
||||
if(r < 0)
|
||||
{
|
||||
printf(" pdlivnl_open fail, exit.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
r = set_agingtimecfg_waitack(&(auth_parameters->aging_time));
|
||||
if(r < 0)
|
||||
{
|
||||
printf("set_cfg_debug_waitack failed.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*关闭netlink通道 */
|
||||
commcfgnl_close();
|
||||
printf("cfgchannel main exit!\r\n");
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
free(auth_parameters);
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*将json对象转换成json字符串 返回处理结果*/
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(auth_parameters);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
free(auth_parameters);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
ret_code authpara_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
uint conf_type = config_type;
|
||||
ret_code ret = RET_OK;
|
||||
auth_parameters_t conf_buff = {0};
|
||||
auth_parameters_t *auth_parameters = &conf_buff;
|
||||
cJSON *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
|
||||
auth_parameters = (auth_parameters_t *)input;
|
||||
|
||||
rpc_log_info("config type is %d, ip %d port %d timehorizon %d failcount %d locktime %d aging_time %d\n",
|
||||
conf_type, auth_parameters->ip, auth_parameters->port,
|
||||
auth_parameters->timehorizon, auth_parameters->failcount,
|
||||
auth_parameters->locktime, auth_parameters->aging_time);
|
||||
|
||||
switch (conf_type)
|
||||
{
|
||||
case AUTHPARA_CONFIG_ADD:
|
||||
ret = authpara_config_add_proc(source, conf_type,
|
||||
&auth_parameters, input_len,
|
||||
output, output_len);
|
||||
break;
|
||||
case AUTHPARA_CONFIG_MOD:
|
||||
ret = authpara_config_mod_proc(source, conf_type,
|
||||
&auth_parameters, input_len,
|
||||
output, output_len);
|
||||
break;
|
||||
default:
|
||||
ret = RET_NOTSUPPORT;
|
||||
}
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
int main()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,71 @@
|
|||
#ifndef AUTH_PARAMETERS_H_
|
||||
#define AUTH_PARAMETERS_H_
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include "rpc_common.h"
|
||||
|
||||
#define FAIL_MIN_NUM 0 /*失败次数的最小值*/
|
||||
#define LOCK_MIN_TIME 0 /*锁定的最小时间 */
|
||||
#define HORIZON_MIN_VALUE 0 /*认证时间范围的最小值 */
|
||||
|
||||
#define AUTHPARA_CONFIG_ADD 0
|
||||
#define AUTHPARA_CONFIG_MOD 1
|
||||
#define AUTHPARA_CONFIG_GET 2
|
||||
|
||||
/*配置消息 */
|
||||
typedef struct {
|
||||
uint32_t ip; /*认证服务器IP地址*/
|
||||
int port; /*认证服务器端口号*/
|
||||
int timehorizon; /*用户认证时间范围*/
|
||||
int failcount; /*用户认证时间范围*/
|
||||
int locktime; /*锁定时间*/
|
||||
int aging_time; /*老化时间*/
|
||||
}auth_parameters_t;
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int authparInit();
|
||||
|
||||
/*下发用户老化时间配置到内核态 */
|
||||
int set_agingtimecfg_waitack(int *agingtime);
|
||||
|
||||
/*检查IP地址是否有效,端口号是否被占用 */
|
||||
int _valid_ipv4_port(const char *str, int port);
|
||||
|
||||
/* iuput格式:{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
|
||||
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff);
|
||||
|
||||
/*检查增加的参数格式是否正确 */
|
||||
ret_code authpara_config_add_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
|
||||
ret_code authpara_config_mod_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
ret_code authpara_config_chk(uint source,uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len)
|
||||
|
||||
ret_code authpara_config_add_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
ret_code authpara_config_mod_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
ret_code authpara_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
|
|
@ -0,0 +1,636 @@
|
|||
#include "../include/parsefile.h"
|
||||
#include "../include/configm.h"
|
||||
#include "../../../netlink_uapi/libnetlinku.h"
|
||||
#include "../../../../common/rpc/rpc.h"
|
||||
#include "authfree.h"
|
||||
#include <cjson/cJSON.h>
|
||||
#include "../../../../../Common/s2j/s2j.h"
|
||||
#include "../../../../../Common/commuapinl.h"
|
||||
|
||||
/*定义结构体数组 存在免认证规则 */
|
||||
freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0};
|
||||
|
||||
|
||||
#ifdef FREEAUTH_ACK_COOKIES
|
||||
#define CFG_FREEAUTH_ACK_COOKIES
|
||||
#endif
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int authfreeInit(freeauth_configure_t **localuser)
|
||||
{
|
||||
*localuser = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t));
|
||||
if (NULL == *localuser)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* 判断IPv4格式是否正确*/
|
||||
int isIpV4Addr(const char *ipAddr)
|
||||
{
|
||||
int ip_part_1 = 0;
|
||||
int ip_part_2 = 0;
|
||||
int ip_part_3 = 0;
|
||||
int ip_part_4 = 0;
|
||||
char end_char = 0;
|
||||
if((NULL == ipAddr) || (0 == strlen(ipAddr)))
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
if(4 == sscanf(ipAddr,"%d.%d.%d.%d%c",&ip_part_1,&ip_part_2,&ip_part_3,&ip_part_4,&end_char))
|
||||
{
|
||||
if((ip_part_1 >= 0) && (ip_part_1 <= 255) &&
|
||||
(ip_part_2 >= 0) && (ip_part_2 <= 255) &&
|
||||
(ip_part_3 >= 0) && (ip_part_3 <= 255) &&
|
||||
(ip_part_4 >= 0) && (ip_part_4 <= 255)
|
||||
)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth)
|
||||
{
|
||||
int freeauth_len = 0;
|
||||
struct nlmsghdr *ack = NULL;
|
||||
struct nlmsghdr **answer = &ack;
|
||||
|
||||
struct{
|
||||
struct nlmsghdr n;
|
||||
char buf[1024];
|
||||
} req ={
|
||||
.n.nlmsg_len = NLMSG_LENGTH(0),
|
||||
#ifdef CFG_FREEAUTH_ACK_COOKIES
|
||||
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACK:use kernel auto ack*/
|
||||
#else
|
||||
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
|
||||
#endif
|
||||
.n.nlmsg_type = FREEAUTH_CFG,
|
||||
.n.nlmsg_pid = getpid(),
|
||||
};
|
||||
|
||||
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
|
||||
if (struct_freeauth == NULL)
|
||||
{
|
||||
printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n");
|
||||
return -1;
|
||||
}else
|
||||
{
|
||||
char str[32];
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
|
||||
char *sip_addr = str;
|
||||
char dtr[32];
|
||||
memset(dtr, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32);
|
||||
char *dip_addr = dtr;
|
||||
printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n",
|
||||
struct_freeauth->name, sip_addr, dip_addr,
|
||||
struct_freeauth->dport);
|
||||
}
|
||||
|
||||
/*计算需要发送的数据的长度 */
|
||||
freeauth_len = sizeof(freeauth_configure_t);
|
||||
|
||||
/*可选属性 */
|
||||
commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len);
|
||||
|
||||
/*发送组装好的netlink消息 */
|
||||
if(pdeliv_talk(1, &req.n, answer) < 0)
|
||||
{
|
||||
printf("set_user_freeauth_waitack rcv ack msg faild.\r\n");
|
||||
return -2;
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("set_user_freeauth_waitack rcv ack msg success.\r\n");
|
||||
}
|
||||
|
||||
if(*answer != NULL)
|
||||
{
|
||||
printf("set_user_freeauth_waitack rcv answer.\r\n");
|
||||
}
|
||||
else{
|
||||
printf("set_user_freeauth_waitack rcv answer error.\r\n");
|
||||
return -3;
|
||||
}
|
||||
|
||||
#ifdef CFG_FREEAUTH_ACK_COOKIES
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == NLMSG_ERROR){
|
||||
nl_debugfs_extack(*answer);
|
||||
}
|
||||
#else
|
||||
/*recv answer*/
|
||||
if((*answer)->nlmsg_type == FREEAUTH_CFG)
|
||||
{
|
||||
nl_debugfs(*answer);
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* 判断免认证规则格式
|
||||
* iuput格式:{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/
|
||||
ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *cjson, *type, *data;
|
||||
|
||||
/*JSON字符串到JSON格式 */
|
||||
cjson = cJSON_Parse(input);
|
||||
if(!cjson)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
ASSERT_RET(ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*获取操作类型 add、mod、del */
|
||||
type = cJSON_GetObjectItem(cjson, "type");
|
||||
if(!type)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
cJSON_Delete(cjson);
|
||||
return ret;
|
||||
}
|
||||
|
||||
*conf_type = type->valueint;
|
||||
|
||||
/*获取免认证规则的data部分 */
|
||||
data = cJSON_GetObjectItem(cjson, "data");
|
||||
if(!data)
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
cJSON_Delete(cjson);
|
||||
cJSON_Delete(type);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*创建freeauth_configure_t结构体对象 */
|
||||
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
|
||||
if(struct_freeauth == NULL)
|
||||
{
|
||||
cJSON_Delete(cjson);
|
||||
cJSON_Delete(type);
|
||||
cJSON_Delete(data);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
/*反序列化数据到freeauth_configure_t结构体对象 */
|
||||
s2j_struct_get_basic_element(struct_freeauth, data, string, name);
|
||||
s2j_struct_get_basic_element(struct_freeauth, data, int, sip);
|
||||
s2j_struct_get_basic_element(struct_freeauth, data, int, dip);
|
||||
s2j_struct_get_basic_element(struct_freeauth, data, int, dport);
|
||||
|
||||
memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char)*32);
|
||||
freeauth_buff->sip = struct_freeauth->sip;
|
||||
freeauth_buff->dip = struct_freeauth->dip;
|
||||
freeauth_buff->dport = struct_freeauth->dport;
|
||||
|
||||
s2j_delete_struct_obj(struct_freeauth);
|
||||
cJSON_Delete(cjson);
|
||||
cJSON_Delete(type);
|
||||
cJSON_Delete(data);
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
/*检查增加的参数格式是否正确 */
|
||||
ret_code freeauth_config_add_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
freeauth_configure_t *freeauth_configure;
|
||||
freeauth_configure = (freeauth_configure_t *)input;
|
||||
char str[32] = {0};
|
||||
char dtr[32] = {0};
|
||||
|
||||
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
memset(str, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&freeauth_configure->sip, str, 32);
|
||||
char *sip_addr = str;
|
||||
if( isIpV4Addr(sip_addr) < 0 )
|
||||
{
|
||||
ret = RET_IPINVALID;
|
||||
return ret;
|
||||
}
|
||||
|
||||
memset(dtr, 0, 32);
|
||||
inet_ntop(AF_INET, (void *)&freeauth_configure->dip, dtr, 32);
|
||||
char *dip_addr = dtr;
|
||||
if( isIpV4Addr(dip_addr) < 0 )
|
||||
{
|
||||
ret = RET_IPINVALID;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if ( (freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM ))
|
||||
{
|
||||
ret = RET_IPINVALID; /*先用IPVAILD表示,后面加PORTVAILD */
|
||||
return ret;
|
||||
}
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
/*删除的时候以免认证规则名作为参数,检查免认证规则名是否存在 */
|
||||
ret_code freeauth_config_del_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
freeauth_configure_t *freeauth_configure;
|
||||
freeauth_configure = (freeauth_configure_t *)input;
|
||||
int i;
|
||||
|
||||
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
for(i = 0; i < RULE_MAX_NUM; i++)
|
||||
{
|
||||
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name))
|
||||
return RET_NOTFOUND;
|
||||
}
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
/*修改 查询要修改的内容是否存在 */
|
||||
ret_code freeauth_config_mod_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
freeauth_configure_t *freeauth_configure;
|
||||
freeauth_configure = (freeauth_configure_t *)input;
|
||||
int i;
|
||||
|
||||
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
|
||||
{
|
||||
ret = RET_INPUTERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*检查修改的内容是否存在 */
|
||||
for(i = 0; i < RULE_MAX_NUM; i++)
|
||||
{
|
||||
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name))
|
||||
return RET_NOTFOUND;
|
||||
}
|
||||
return RET_OK;
|
||||
|
||||
}
|
||||
|
||||
/*chk data格式 */
|
||||
ret_code freeauth_config_chk(uint source,uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
|
||||
ret_code ret = RET_OK;
|
||||
freeauth_configure_t freeauth_configure = {0};
|
||||
int config_len = sizeof(freeauth_configure_t);
|
||||
uint conf_type = FREEAUTH_CONFIG_GET;
|
||||
int code = 0;
|
||||
|
||||
freeauth_config_json_parse(input, &conf_type, &freeauth_configure);
|
||||
|
||||
switch (conf_type)
|
||||
{
|
||||
case FREEAUTH_CONFIG_ADD:
|
||||
ret = freeauth_config_add_chk(source, conf_type,
|
||||
&freeauth_configure, config_len,
|
||||
output, output_len);
|
||||
break;
|
||||
case FREEAUTH_CONFIG_MOD:
|
||||
ret = freeauth_config_mod_chk(source, conf_type,
|
||||
&freeauth_configure, config_len,
|
||||
output, output_len);
|
||||
break;
|
||||
case FREEAUTH_CONFIG_DEL:
|
||||
ret = freeauth_config_del_chk(source, conf_type,
|
||||
&freeauth_configure, config_len,
|
||||
output, output_len);
|
||||
break;
|
||||
default:
|
||||
ret = RET_NOTSUPPORT;
|
||||
}
|
||||
|
||||
if(config_len <= CM_BUFF_SIZE)
|
||||
{
|
||||
memset(input, 0, *input_len);
|
||||
memcpy(input, &freeauth_configure, config_len);
|
||||
*config_type = conf_type;
|
||||
*input_len = config_len;
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = RET_NOMEM;
|
||||
}
|
||||
|
||||
RET_ERR_FORMART(ret, code, output, *output_len);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
ret_code freeauth_config_add_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
freeauth_configure_t *freeauth_configure;
|
||||
freeauth_configure = (freeauth_configure_t *)input;
|
||||
|
||||
/*增加数据库*/
|
||||
|
||||
/*存入全局变量*/
|
||||
|
||||
/*用户态下发到内核态auth_hook */
|
||||
int r = -1;
|
||||
printf("cfgchannel main begin:\r\n");
|
||||
|
||||
/*创建通道 */
|
||||
r = commcfgnl_open();
|
||||
if(r < 0)
|
||||
{
|
||||
printf(" pdlivnl_open fail, exit.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
r = set_freeauthcfg_waitack(freeauth_configure);
|
||||
if(r < 0)
|
||||
{
|
||||
printf("set_cfg_debug_waitack failed.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*关闭netlink通道 */
|
||||
commcfgnl_close();
|
||||
printf("cfgchannel main exit!\r\n");
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
free(freeauth_configure);
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*将json对象转换成json字符串 返回处理结果*/
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(freeauth_configure);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
free(freeauth_configure);
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
ret_code freeauth_config_mod_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
freeauth_configure_t *freeauth_configure;
|
||||
freeauth_configure = (freeauth_configure_t *)input;
|
||||
|
||||
/*数据库修改*/
|
||||
|
||||
/*存入全局变量*/
|
||||
|
||||
/*用户态下发到内核态auth_hook */
|
||||
int r = -1;
|
||||
printf("cfgchannel main begin:\r\n");
|
||||
|
||||
/*创建通道 */
|
||||
r = commcfgnl_open();
|
||||
if(r < 0)
|
||||
{
|
||||
printf(" pdlivnl_open fail, exit.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
r = set_freeauthcfg_waitack(freeauth_configure);
|
||||
if(r < 0)
|
||||
{
|
||||
printf("set_cfg_debug_waitack failed.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*关闭netlink通道 */
|
||||
commcfgnl_close();
|
||||
printf("cfgchannel main exit!\r\n");
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
free(freeauth_configure);
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
|
||||
/*将json对象转换成json字符串 */
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(freeauth_configure);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
free(freeauth_configure);
|
||||
return RET_OK;
|
||||
|
||||
}
|
||||
|
||||
ret_code freeauth_config_del_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
ret_code ret = RET_OK;
|
||||
cJSON *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
freeauth_configure_t *freeauth_configure;
|
||||
freeauth_configure = (freeauth_configure_t *)input;
|
||||
|
||||
/*数据库删除*/
|
||||
|
||||
/*存入全局变量*/
|
||||
|
||||
/*用户态下发到内核态auth_hook */
|
||||
int r = -1;
|
||||
printf("cfgchannel main begin:\r\n");
|
||||
|
||||
/*创建通道 */
|
||||
r = commcfgnl_open();
|
||||
if(r < 0)
|
||||
{
|
||||
printf(" pdlivnl_open fail, exit.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*下发配置到内核态 */
|
||||
r = set_freeauthcfg_waitack(freeauth_configure);
|
||||
if(r < 0)
|
||||
{
|
||||
printf("set_cfg_debug_waitack failed.\r\n");
|
||||
return RET_ERR;
|
||||
}
|
||||
|
||||
/*关闭netlink通道 */
|
||||
commcfgnl_close();
|
||||
printf("cfgchannel main exit!\r\n");
|
||||
|
||||
/*创建json对象 */
|
||||
res = cJSON_CreateObject();
|
||||
if(!res)
|
||||
{
|
||||
free(freeauth_configure);
|
||||
ret = RET_ERR;
|
||||
return ret;
|
||||
}
|
||||
|
||||
cJSON_AddNumberToObject(res, "result", r);
|
||||
|
||||
/*将json对象转换成json字符串 */
|
||||
ret_char = cJSON_PrintUnformatted(res);
|
||||
ret_int = strlen(ret_char);
|
||||
if(output_len)
|
||||
{
|
||||
*output_len = ret_int;
|
||||
}
|
||||
|
||||
/*超出2k的内存,报错 */
|
||||
if(ret_int >= 1024 * 2)
|
||||
{
|
||||
free(freeauth_configure);
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
return RET_NOMEM;
|
||||
}
|
||||
|
||||
memcpy(output, 0, ret_int + 1);
|
||||
strcpy(output, ret_char);
|
||||
|
||||
free(ret_char);
|
||||
cJSON_Delete(res);
|
||||
free(freeauth_configure);
|
||||
return RET_OK;
|
||||
|
||||
}
|
||||
|
||||
|
||||
ret_code freeauth_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len)
|
||||
{
|
||||
|
||||
uint conf_type = config_type;
|
||||
ret_code ret = RET_OK;
|
||||
int r = -1;
|
||||
cJSON *res;
|
||||
char * ret_char = NULL;
|
||||
unsigned int ret_int = 0;
|
||||
freeauth_configure_t conf_buff = {0};
|
||||
freeauth_configure_t *freeauth_configure = &conf_buff;
|
||||
|
||||
freeauth_configure = (freeauth_configure_t *)input;
|
||||
|
||||
rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n",
|
||||
conf_type, freeauth_configure->name,
|
||||
freeauth_configure->sip, freeauth_configure->dip,
|
||||
freeauth_configure->dport);
|
||||
|
||||
switch (conf_type)
|
||||
{
|
||||
case FREEAUTH_CONFIG_ADD:
|
||||
ret = freeauth_config_add_proc(source, conf_type,
|
||||
&freeauth_configure, input_len,
|
||||
output, output_len);
|
||||
break;
|
||||
case FREEAUTH_CONFIG_MOD:
|
||||
ret = freeauth_config_mod_proc(source, conf_type,
|
||||
&freeauth_configure, input_len,
|
||||
output, output_len);
|
||||
break;
|
||||
case FREEAUTH_CONFIG_DEL:
|
||||
ret = freeauth_config_del_proc(source, conf_type,
|
||||
&freeauth_configure, input_len,
|
||||
output, output_len);
|
||||
break;
|
||||
default:
|
||||
ret = RET_NOTSUPPORT;
|
||||
}
|
||||
|
||||
return RET_OK;
|
||||
}
|
||||
|
||||
|
||||
int main()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,87 @@
|
|||
#ifndef FREEAUTH_H_
|
||||
#define FREEAUTH_H_
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include "../../../../common/rpc/rpc_common.h"
|
||||
|
||||
#define DPORT_MIN_NUM 0
|
||||
#define DPORT_MAX_NUM 65535
|
||||
#define RULE_MAX_NUM 10
|
||||
|
||||
#define FREEAUTH_CONFIG_ADD 0
|
||||
#define FREEAUTH_CONFIG_DEL 1
|
||||
#define FREEAUTH_CONFIG_MOD 2
|
||||
#define FREEAUTH_CONFIG_GET 3
|
||||
|
||||
|
||||
/*配置消息 */
|
||||
typedef struct {
|
||||
uint32_t sip;
|
||||
uint32_t dip;
|
||||
int dport;
|
||||
char name[32];
|
||||
}freeauth_configure_t;
|
||||
|
||||
|
||||
/*全局变量初始化 失败为1 成功为0*/
|
||||
int authfreeInit(freeauth_configure_t **localuser);
|
||||
|
||||
|
||||
/* 判断IPv4格式是否正确*/
|
||||
int isIpV4Addr(const char *ipAddr);
|
||||
|
||||
|
||||
/*下发配置到内核态 */
|
||||
int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth);
|
||||
|
||||
|
||||
/*检查增加的参数格式是否正确 */
|
||||
ret_code freeauth_config_add_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
/*删除的时候以免认证规则名作为参数,检查免认证规则名是否存在 */
|
||||
ret_code freeauth_config_del_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
/*修改 查询要修改的内容是否存在 */
|
||||
ret_code freeauth_config_mod_chk(uint source,uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
/*chk data格式 */
|
||||
ret_code freeauth_config_chk(uint source,uint *config_type,
|
||||
pointer input, int *input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
ret_code freeauth_config_add_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
ret_code freeauth_config_mod_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
ret_code freeauth_config_del_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
|
||||
ret_code freeauth_config_proc(uint source, uint config_type,
|
||||
pointer input, int input_len,
|
||||
pointer output, int *output_len);
|
||||
|
||||
#endif
|
||||
Loading…
Reference in New Issue