diff --git a/Platform/user/configm/config-server/web_config/authfree.c b/Platform/user/configm/config-server/web_config/authfree.c index 1516b3d3e..a9b2efdd3 100644 --- a/Platform/user/configm/config-server/web_config/authfree.c +++ b/Platform/user/configm/config-server/web_config/authfree.c @@ -1,4 +1,5 @@ #include +#include #include "../include/parsefile.h" #include "../include/configm.h" #include "../../../netlink_uapi/libnetlinku.h" @@ -25,25 +26,16 @@ freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0}; /* 判断IPv4格式是否正确*/ int isIpV4Addr(const char *ipAddr) { - int ip_part_1 = 0; - int ip_part_2 = 0; - int ip_part_3 = 0; - int ip_part_4 = 0; - char end_char = 0; - if ((NULL == ipAddr) || (0 == strlen(ipAddr))) - { + unsigned char buf[sizeof(struct sockaddr_in)]; + + if((NULL == ipAddr) || (0 == strlen(ipAddr))) { return -1; } - if (4 == sscanf(ipAddr, "%d.%d.%d.%d%c", &ip_part_1, &ip_part_2, &ip_part_3, &ip_part_4, &end_char)) - { - if ((ip_part_1 >= 0) && (ip_part_1 <= 255) && - (ip_part_2 >= 0) && (ip_part_2 <= 255) && - (ip_part_3 >= 0) && (ip_part_3 <= 255) && - (ip_part_4 >= 0) && (ip_part_4 <= 255)) - { - return 0; - } + + if(inet_pton(AF_INET, ipAddr, buf) == 1) { + return 0; } + return -1; } @@ -52,10 +44,8 @@ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth) { int freeauth_len = 0; struct nlmsghdr *ack = NULL; - struct nlmsghdr **answer = &ack; - struct - { + struct { struct nlmsghdr n; char buf[1024]; } req = { @@ -70,23 +60,21 @@ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth) }; /*判断要发送的数据是否为NULL,不为NULL,打印出来 */ - if (struct_freeauth == NULL) - { + if(struct_freeauth == NULL) { printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n"); return -1; - } - else - { - char str[32]; - memset(str, 0, 32); - inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32); - char *sip_addr = str; - char dtr[32]; - memset(dtr, 0, 32); - inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32); - char *dip_addr = dtr; + } else { + unsigned char str[INET_ADDRSTRLEN]; + unsigned char dtr[INET_ADDRSTRLEN]; + + memset(str, 0, INET_ADDRSTRLEN); + inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, INET_ADDRSTRLEN); + + memset(dtr, 0, INET_ADDRSTRLEN); + inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, INET_ADDRSTRLEN); + printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n", - struct_freeauth->name, sip_addr, dip_addr, + struct_freeauth->name, str, dtr, struct_freeauth->dport); } @@ -97,40 +85,40 @@ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth) commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len); /*发送组装好的netlink消息 */ - if (pdeliv_talk(1, &req.n, answer) < 0) - { + if(pdeliv_talk(1, &req.n, &ack) < 0) { printf("set_user_freeauth_waitack rcv ack msg faild.\r\n"); return -2; - } - else - { + } else { printf("set_user_freeauth_waitack rcv ack msg success.\r\n"); } - if (*answer != NULL) - { + if(ack != NULL) { printf("set_user_freeauth_waitack rcv answer.\r\n"); - } - else - { + } else { printf("set_user_freeauth_waitack rcv answer error.\r\n"); return -3; } #ifdef CFG_FREEAUTH_ACK_COOKIES + /*recv answer*/ - if ((*answer)->nlmsg_type == NLMSG_ERROR) - { - nl_debugfs_extack(*answer); + if(ack->nlmsg_type == NLMSG_ERROR) { + nl_debugfs_extack(ack); } + #else + /*recv answer*/ - if ((*answer)->nlmsg_type == FREEAUTH_CFG) - { - nl_debugfs(*answer); + if(ack->nlmsg_type == FREEAUTH_CFG) { + nl_debugfs(ack); } + #endif + if(ack) { + free(ack); + } + return 0; } @@ -138,31 +126,33 @@ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth) /*获取json串类型*/ ret_code freeauth_config_json_type(pointer input, uint *conf_type) { - char* pString = (char*)input; - ret_code ret = RET_OK; + const char *pString = (char *)input; cJSON *cjson, *type; + if(!pString) { + return RET_INPUTERR; + } + printf("json:[%s]\n", pString); - + /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(input); - if(!cjson) - { - ret = RET_INPUTERR; - ASSERT_RET(ret); - return ret; + + if(!cjson) { + return RET_INPUTERR; } /*获取操作类型 add、mod、del */ type = cJSON_GetObjectItem(cjson, "type"); - if(!type) - { - ret = RET_INPUTERR; + + if(!type) { cJSON_Delete(cjson); - return ret; + return RET_INPUTERR; } - *conf_type = type->valueint; + if(conf_type) { + *conf_type = type->valueint; + } cJSON_Delete(cjson); return RET_OK; @@ -173,44 +163,45 @@ ret_code freeauth_config_json_type(pointer input, uint *conf_type) /*iuput格式:{"type": 0, "data": {"rule_priority": 1, "name": "armink","sip": 1027824,"dip": 103427824,"dport": 24, "flag":0}}*/ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff) { - char *pString = (char *)input; - ret_code ret = RET_OK; + const char *pString = (char *)input; cJSON *cjson, *type, *data; + if(!pString) { + return RET_INPUTERR; + } + printf("json:[%s]\n", pString); /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(pString); - if (!cjson) - { - ret = RET_INPUTERR; - ASSERT_RET(ret); - return ret; + + if(!cjson) { + return RET_INPUTERR; } /*获取操作类型 add、mod、del */ type = cJSON_GetObjectItem(cjson, "type"); - if (!type) - { - ret = RET_INPUTERR; + + if(!type) { cJSON_Delete(cjson); - return ret; + return RET_INPUTERR; } - *conf_type = type->valueint; + if(conf_type) { + *conf_type = type->valueint; + } /*获取免认证规则的data部分 */ data = cJSON_GetObjectItem(cjson, "data"); - if (!data) - { - ret = RET_INPUTERR; + + if(!data) { cJSON_Delete(cjson); - return ret; + return RET_INPUTERR; } /*创建freeauth_configure_t结构体对象 */ s2j_create_struct_obj(struct_freeauth, freeauth_configure_t); - if (struct_freeauth == NULL) - { + + if(struct_freeauth == NULL) { cJSON_Delete(cjson); return RET_NOMEM; } @@ -223,14 +214,18 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con s2j_struct_get_basic_element(struct_freeauth, data, int, dport); s2j_struct_get_basic_element(struct_freeauth, data, int, flag); - freeauth_buff->rule_priority = struct_freeauth->rule_priority; - memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char) * 32); - freeauth_buff->sip = struct_freeauth->sip; - freeauth_buff->dip = struct_freeauth->dip; - freeauth_buff->dport = struct_freeauth->dport; - freeauth_buff->flag = struct_freeauth->flag; + if(freeauth_buff) { + memset(freeauth_buff, 0, sizeof(freeauth_configure_t)); + freeauth_buff->rule_priority = struct_freeauth->rule_priority; + strncpy(freeauth_buff->name, struct_freeauth->name, 31); + freeauth_buff->sip = struct_freeauth->sip; + freeauth_buff->dip = struct_freeauth->dip; + freeauth_buff->dport = struct_freeauth->dport; + freeauth_buff->flag = struct_freeauth->flag; + } cJSON_Delete(cjson); + s2j_delete_struct_obj(struct_freeauth); return RET_OK; } @@ -248,123 +243,89 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con */ ret_code authpara_config_json_parse_array(pointer input, uint *conf_type, freeauth_configure_t **fb, int *cnt) { - ret_code ret = RET_OK; - cJSON *cjson, *type, *data, *rule_priority, *name, *sip, *dip, *dport, *flag; - cJSON* pArrayItem; - freeauth_configure_t* pbuf, *freeauth_buff = *fb; + cJSON *cjson, *data, *rule_priority, *name, *sip, *dip, *dport, *flag; + freeauth_configure_t *freeauth_buff = *fb; int iCount = 0, i = 0; - + + *fb = NULL; /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(input); - if(!cjson) - { - ret = RET_INPUTERR; - ASSERT_RET(ret); - return ret; + + if(!cjson) { + return RET_INPUTERR; } rpc_log_info("json input:%s \n", cJSON_Print(cjson)); /*获取免认证规则的data部分 */ data = cJSON_GetObjectItem(cjson, "data"); - if(!data) - { - ret = RET_INPUTERR; + + if(!data) { cJSON_Delete(cjson); - return ret; + return RET_INPUTERR; } /*获取数组长度*/ iCount = cJSON_GetArraySize(data); - printf("iCount=[%d]\n",iCount); + printf("iCount=[%d]\n", iCount); + + freeauth_buff = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t) * iCount); - freeauth_buff = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t) * iCount); if(!freeauth_buff) { - ret = RET_NOMEM; - cJSON_Delete(cjson); - return ret; - } - - memset(freeauth_buff, 0, sizeof(freeauth_configure_t) * iCount); - *fb = freeauth_buff; - - /*创建freeauth_configure_t结构体对象 */ - s2j_create_struct_obj(struct_freeauth, freeauth_configure_t); - if (struct_freeauth == NULL) - { cJSON_Delete(cjson); return RET_NOMEM; } - pbuf = freeauth_buff; - *cnt = 0; - for(i = 0; i < iCount; i++) - { - - pArrayItem = cJSON_GetArrayItem(data, i); - if(pArrayItem) - { + memset(freeauth_buff, 0, sizeof(freeauth_configure_t) * iCount); + + for(i = 0; i < iCount; i++) { + + cJSON *pArrayItem = cJSON_GetArrayItem(data, i); + + if(pArrayItem) { /*获取未认证权限优先级键值对*/ rule_priority = cJSON_GetObjectItem(pArrayItem, "rule_priority"); - if(!rule_priority) - { - ret = RET_INPUTERR; - cJSON_Delete(data); - return ret; + + if(rule_priority) { + freeauth_buff->rule_priority = rule_priority->valueint; } - freeauth_buff->rule_priority = rule_priority->valueint; /*未认证权限名称*/ name = cJSON_GetObjectItem(pArrayItem, "name"); - if(!name) - { - ret = RET_INPUTERR; - cJSON_Delete(data); - return ret; + + if(name) { + strncpy(freeauth_buff->name, name->valuestring, 31); } - char *rule_name = name->valuestring; - memcpy(freeauth_buff->name, rule_name, sizeof(char) * 32); /*源IP地址*/ sip = cJSON_GetObjectItem(pArrayItem, "sip"); - if(!sip) - { - ret = RET_INPUTERR; - cJSON_Delete(data); - return ret; + + if(sip) { + freeauth_buff->sip = sip->valueint; } - freeauth_buff->sip = sip->valueint; /*目的IP地址*/ dip = cJSON_GetObjectItem(pArrayItem, "dip"); - if(!sip) - { - ret = RET_INPUTERR; - cJSON_Delete(data); - return ret; + + if(dip) { + freeauth_buff->dip = dip->valueint; } - freeauth_buff->dip = dip->valueint; /*目的端口号*/ dport = cJSON_GetObjectItem(pArrayItem, "dport"); - if(!dport) - { - ret = RET_INPUTERR; - cJSON_Delete(data); - return ret; + + if(dport) { + freeauth_buff->dport = dport->valueint; } - freeauth_buff->dport = dport->valueint; /*状态标志位*/ flag = cJSON_GetObjectItem(pArrayItem, "flag"); - if(!flag) - { - ret = RET_INPUTERR; - cJSON_Delete(data); - return ret; - } - freeauth_buff->flag = flag->valueint; + if(flag) { + freeauth_buff->flag = flag->valueint; + } + + #if 0 printf("freeauth_buff->name = %p\n", &freeauth_buff->name); for (int j = 0; j < iCount; j++) @@ -372,103 +333,25 @@ ret_code authpara_config_json_parse_array(pointer input, uint *conf_type, freeau printf("[%d %s %d %d %d %d]\n",pbuf[j].rule_priority, pbuf[j].name, pbuf[j].sip, pbuf[j].dip, pbuf[j].dport, pbuf[j].flag); } - + #endif + freeauth_buff++; - (*cnt)++; } - } - - //s2j_delete_struct_obj(auth_parameters); + } + + if(cnt) { + *cnt = iCount; + } + cJSON_Delete(cjson); + *fb = freeauth_buff; return RET_OK; } ret_code authpara_config_json_parse_del_array(pointer input, uint *conf_type, freeauth_configure_t **fb, int *cnt) { - ret_code ret = RET_OK; - cJSON *cjson, *type, *data, *name; - cJSON* pArrayItem; - freeauth_configure_t* pbuf, *freeauth_buff = *fb; - int iCount = 0, i = 0; - - /*JSON字符串到JSON格式 */ - cjson = cJSON_Parse(input); - if(!cjson) - { - ret = RET_INPUTERR; - ASSERT_RET(ret); - return ret; - } - - rpc_log_info("json input:%s \n", cJSON_Print(cjson)); - - /*获取免认证规则的data部分 */ - data = cJSON_GetObjectItem(cjson, "data"); - if(!data) - { - ret = RET_INPUTERR; - cJSON_Delete(cjson); - return ret; - } - - /*获取数组长度*/ - iCount = cJSON_GetArraySize(data); - printf("iCount=[%d]\n",iCount); - - freeauth_buff = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t) * iCount); - - if(!freeauth_buff) { - ret = RET_INPUTERR; - cJSON_Delete(cjson); - return ret; - } - - memset(freeauth_buff, 0, sizeof(freeauth_configure_t) * iCount); - *fb = freeauth_buff; - - /*创建freeauth_configure_t结构体对象 */ - s2j_create_struct_obj(struct_freeauth, freeauth_configure_t); - if (struct_freeauth == NULL) - { - cJSON_Delete(cjson); - return RET_NOMEM; - } - - pbuf = freeauth_buff; - *cnt = 0; - for(i = 0; i < iCount; i++) - { - - pArrayItem = cJSON_GetArrayItem(data, i); - if(pArrayItem) - { - name = cJSON_GetObjectItem(pArrayItem, "name"); - if(!name) - { - ret = RET_INPUTERR; - cJSON_Delete(data); - return ret; - } - char *rule_name = name->valuestring; - memcpy(freeauth_buff->name, rule_name, sizeof(char) * 32); - printf("freeauth_buff->name = %p name = %s\n", &freeauth_buff->name, freeauth_buff->name); - - printf("\n"); - for (int j = 0; j < iCount; j++) - { - printf("[%s] %d\n",pbuf[j].name, j); - } - - freeauth_buff++; - (*cnt)++; - } - } - - //s2j_delete_struct_obj(auth_parameters); - cJSON_Delete(cjson); - - return RET_OK; + return authpara_config_json_parse_array(input, conf_type, fb, cnt); } @@ -481,99 +364,58 @@ ret_code freeauth_config_chk(uint source, uint *config_type, return ret; } +/*增加未认证权限规则*/ ret_code freeauth_config_add_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { - ret_code ret = RET_OK; - freeauth_configure_t *freeauth_configure; - uint conf_type = FREEAUTH_CONFIG_GET; - char str[32] = {0}; - char dtr[32] = {0}; - cJSON *res; - char *ret_char = NULL; - unsigned int ret_int = 0; - authfree_result_t *authfree_result; int i; - - freeauth_configure = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t)); - if(freeauth_configure == NULL) - { - return RET_NAMEINVAL; + cJSON *res; + freeauth_configure_t *freeauth_configure; + uint conf_type = FREEAUTH_CONFIG_GET; + char *ret_char = NULL; + unsigned int ret_int = 0; + authfree_result_t authfree_result; + + freeauth_configure = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t)); + + if(freeauth_configure == NULL) { + return RET_NOMEM; } freeauth_config_json_parse(input, &conf_type, freeauth_configure); - if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) - { - ret = RET_INPUTERR; - return ret; - } - - /*校验用户名长度 特殊字符等*/ - if (NULL == freeauth_configure->name || (UNAMESIZE) < strlen(freeauth_configure->name) || 0 >= strlen(freeauth_configure->name)) - { - ret = RET_INPUTERR; - return ret; + /*校验用户名长度*/ + if(input_len != sizeof(freeauth_configure_t) || NULL == freeauth_configure->name || + (UNAMESIZE) < strlen(freeauth_configure->name) || 0 == strlen(freeauth_configure->name)) { + free(freeauth_configure); + return RET_INPUTERR; } /* 校验用户名中不含特殊字符 */ - if (SPECHAR(freeauth_configure->name)) - { - ret = RET_INPUTERR; - return ret; + if(SPECHAR(freeauth_configure->name)) { + free(freeauth_configure); + return RET_INPUTERR; } - /*校验源IP地址是否符合格式*/ - memset(str, 0, 32); - inet_ntop(AF_INET, (void *)&freeauth_configure->sip, str, 32); - char *sip_addr = str; - if (isIpV4Addr(sip_addr) < 0) - { - ret = RET_IPINVALID; - return ret; - } - - /*校验目的IP地址是否符合格式*/ - memset(dtr, 0, 32); - inet_ntop(AF_INET, (void *)&freeauth_configure->dip, dtr, 32); - char *dip_addr = dtr; - if (isIpV4Addr(dip_addr) < 0) - { - ret = RET_IPINVALID; - return ret; - } - - if ((freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM)) - { - ret = RET_IPINVALID; /*先用IPVAILD表示,后面加PORTVAILD */ - return ret; + if((freeauth_configure->dport < DPORT_MIN_NUM) || (freeauth_configure->dport > DPORT_MAX_NUM)) { + free(freeauth_configure); + return RET_IPINVALID; } /*查找要增加的未认证权限是否重名 该名字已存在 则退出程序 */ - for (i = 0; i < RULE_MAX_NUM; i++) - { + for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ - if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) - { - printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); - return RET_NOTFOUND; - } - else - { + if(0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) { printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + free(freeauth_configure); + return RET_EXIST; } } /*数据库修改 存入全局变量*/ - authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); - if (NULL == authfree_result) - { - return RET_NOMEM; - } - add_authfree(freeauth_configure->rule_priority, freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, - freeauth_configure->dport, freeauth_configure->flag, authfree_result); + freeauth_configure->dport, freeauth_configure->flag, &authfree_result); #if 0 /*用户态下发到内核态auth_hook */ @@ -582,48 +424,47 @@ ret_code freeauth_config_add_proc(uint source, uint config_type, /*创建通道 */ r = commcfgnl_open(); - if(r < 0) - { + + if(r < 0) { printf(" pdlivnl_open fail, exit.\r\n"); return RET_ERR; } /*下发配置到内核态 */ r = set_freeauthcfg_waitack(freeauth_configure); - if(r < 0) - { + + if(r < 0) { printf("set_cfg_debug_waitack failed.\r\n"); return RET_ERR; } - /*关闭netlink通道 */ + /*关闭netlink通道 */ commcfgnl_close(); printf("cfgchannel main exit!\r\n"); #endif /*创建json对象 */ res = cJSON_CreateObject(); - if (!res) - { + + if(!res) { free(freeauth_configure); - ret = RET_ERR; - return ret; + return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ - cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode); - cJSON_AddStringToObject(res, "message", authfree_result->message); + cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); + cJSON_AddStringToObject(res, "message", authfree_result.message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); - if (output_len) - { + + if(output_len) { *output_len = ret_int; } /*超出2k的内存,报错 */ - if (ret_int >= 1024 * 2) - { + if(ret_int >= 1024 * 2) { free(ret_char); + free(freeauth_configure); cJSON_Delete(res); return RET_NOMEM; } @@ -632,6 +473,8 @@ ret_code freeauth_config_add_proc(uint source, uint config_type, free(ret_char); cJSON_Delete(res); + free(freeauth_configure); + return RET_OK; } @@ -639,116 +482,79 @@ ret_code freeauth_config_mod_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { - freeauth_configure_t* freeauth_configure = NULL; - ret_code ret = RET_OK; - uint conf_type = FREEAUTH_CONFIG_GET; - cJSON *res; - char *ret_char = NULL; - unsigned int ret_int = 0; int i; int cnt; - authfree_result_t *authfree_result; + cJSON *res; + authfree_result_t authfree_result; + freeauth_configure_t *freeauth_configure = NULL; + uint conf_type = FREEAUTH_CONFIG_GET; + char *ret_char = NULL; + unsigned int ret_int = 0; - - #if 0 - freeauth_configure = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t)); - if(freeauth_configure == NULL) - { - return RET_NAMEINVAL; - } - #endif + authpara_config_json_parse_array(input, &conf_type, &freeauth_configure, &cnt); - authpara_config_json_parse_array(input, &conf_type, &freeauth_configure, &cnt); - - if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) - { - ret = RET_INPUTERR; - return ret; - } - - - /**/ - for (i = 0; i < RULE_MAX_NUM; i++) - { - printf("%d %s %d %d %d %d %d\n",freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, - freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i); - } - - for (int j = 0; j < cnt; j++) - { - printf("%d %s %d %d %d %d %d\n",freeauth_configure[j].rule_priority, freeauth_configure[j].name, freeauth_configure[j].sip, - freeauth_configure[j].dip, freeauth_configure[j].dport, freeauth_configure[j].flag, j); + if(input_len != sizeof(freeauth_configure_t)) { + return RET_INPUTERR; } /*查找要修改的免认证规则名字,不存在则退出程序 */ - for (i = 0; i < RULE_MAX_NUM; i++) - { + for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ - for(int j = 0; j < cnt; j++) - { - - if (0 == strcmp(freeauth_array[i].name, freeauth_configure[j].name)) - { + for(int j = 0; j < cnt; j++) { + + if(0 == strcmp(freeauth_array[i].name, freeauth_configure[j].name)) { printf("%s %d\n", freeauth_array[i].name, i); printf("%s %d\n", freeauth_configure[j].name, j); printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[j]); /*数据库修改 存入全局变量*/ - authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); - if (NULL == authfree_result) - { - return RET_NOMEM; - } + mod_authfree(freeauth_configure[j].rule_priority, freeauth_configure[j].name, freeauth_configure[j].sip, freeauth_configure[j].dip, + freeauth_configure[j].dport, freeauth_configure[j].flag, &authfree_result); - mod_authfree(freeauth_configure[j].rule_priority,freeauth_configure[j].name, freeauth_configure[j].sip, freeauth_configure[j].dip, - freeauth_configure[j].dport, freeauth_configure[j].flag, authfree_result); - - #if 0 +#if 0 /*用户态下发到内核态auth_hook */ int r = -1; printf("cfgchannel main begin:\r\n"); /*创建通道 */ r = commcfgnl_open(); - if(r < 0) - { + + if(r < 0) { printf(" pdlivnl_open fail, exit.\r\n"); return RET_ERR; } /*下发配置到内核态 */ r = set_freeauthcfg_waitack(freeauth_configure); - if(r < 0) - { + + if(r < 0) { printf("set_cfg_debug_waitack failed.\r\n"); return RET_ERR; } - /*关闭netlink通道 */ + /*关闭netlink通道 */ commcfgnl_close(); printf("cfgchannel main exit!\r\n"); - #endif +#endif /*创建json对象 */ res = cJSON_CreateObject(); - if (!res) - { - ret = RET_ERR; - return ret; + + if(!res) { + return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ - cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode); - cJSON_AddStringToObject(res, "message", authfree_result->message); + cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); + cJSON_AddStringToObject(res, "message", authfree_result.message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); - if (output_len) - { + + if(output_len) { *output_len = ret_int; } /*超出2k的内存,报错 */ - if (ret_int >= 1024 * 2) - { + if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; @@ -759,7 +565,7 @@ ret_code freeauth_config_mod_proc(uint source, uint config_type, free(ret_char); cJSON_Delete(res); } - } + } } if(freeauth_configure) { @@ -775,114 +581,87 @@ ret_code freeauth_config_del_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { - freeauth_configure_t* freeauth_configure = NULL; - ret_code ret = RET_OK; - uint conf_type = FREEAUTH_CONFIG_GET; - cJSON *res; - char *ret_char = NULL; - unsigned int ret_int = 0; int i; int cnt; - authfree_result_t *authfree_result; + cJSON *res; + authfree_result_t authfree_result; + freeauth_configure_t *freeauth_configure = NULL; + uint conf_type = FREEAUTH_CONFIG_GET; + char *ret_char = NULL; + unsigned int ret_int = 0; - - #if 0 - freeauth_configure = (freeauth_configure_t*)malloc(sizeof(freeauth_configure_t)); - if(freeauth_configure == NULL) - { +#if 0 + freeauth_configure = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t)); + + if(freeauth_configure == NULL) { return RET_NAMEINVAL; } - #endif - authpara_config_json_parse_del_array(input, &conf_type, &freeauth_configure, &cnt); - - if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) - { - ret = RET_INPUTERR; - return ret; - } +#endif + authpara_config_json_parse_del_array(input, &conf_type, &freeauth_configure, &cnt); - for (i = 0; i < RULE_MAX_NUM; i++) - { - printf("%d %s %d %d %d %d %d\n",freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, - freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i); - } - - for (int j = 0; j < cnt; j++) - { - printf("%d %s %d %d %d %d %d\n",freeauth_configure[j].rule_priority, freeauth_configure[j].name, freeauth_configure[j].sip, - freeauth_configure[j].dip, freeauth_configure[j].dport, freeauth_configure[j].flag, j); + if(input_len != sizeof(freeauth_configure_t)) { + return RET_INPUTERR; } /*查找要修改的免认证规则名字,不存在则退出程序 */ - for (i = 0; i < RULE_MAX_NUM; i++) - { + for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ - for(int j = 0; j < cnt; j++) - { - - if (0 == strcmp(freeauth_array[i].name, freeauth_configure[j].name)) - { + for(int j = 0; j < cnt; j++) { + + if(0 == strcmp(freeauth_array[i].name, freeauth_configure[j].name)) { printf("%s %d\n", freeauth_array[i].name, i); printf("%s %d\n", freeauth_configure[j].name, j); printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[j]); /*数据库修改 存入全局变量*/ - authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); - if (NULL == authfree_result) - { - return RET_NOMEM; - } - - del_authfree(freeauth_configure[j].name, authfree_result); - - #if 0 + del_authfree(freeauth_configure[j].name, &authfree_result); + +#if 0 /*用户态下发到内核态auth_hook */ int r = -1; printf("cfgchannel main begin:\r\n"); /*创建通道 */ r = commcfgnl_open(); - if(r < 0) - { + + if(r < 0) { printf(" pdlivnl_open fail, exit.\r\n"); return RET_ERR; } /*下发配置到内核态 */ r = set_freeauthcfg_waitack(freeauth_configure); - if(r < 0) - { + + if(r < 0) { printf("set_cfg_debug_waitack failed.\r\n"); return RET_ERR; } - /*关闭netlink通道 */ + /*关闭netlink通道 */ commcfgnl_close(); printf("cfgchannel main exit!\r\n"); - #endif +#endif /*创建json对象 */ res = cJSON_CreateObject(); - if (!res) - { - ret = RET_ERR; - return ret; + + if(!res) { + return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ - cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode); - cJSON_AddStringToObject(res, "message", authfree_result->message); + cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); + cJSON_AddStringToObject(res, "message", authfree_result.message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); - if (output_len) - { + + if(output_len) { *output_len = ret_int; } /*超出2k的内存,报错 */ - if (ret_int >= 1024 * 2) - { + if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; @@ -893,7 +672,7 @@ ret_code freeauth_config_del_proc(uint source, uint config_type, free(ret_char); cJSON_Delete(res); } - } + } } if(freeauth_configure) { @@ -901,7 +680,6 @@ ret_code freeauth_config_del_proc(uint source, uint config_type, } return RET_OK; - } @@ -922,25 +700,27 @@ ret_code freeauth_config_proc(uint source, uint config_type, freeauth_config_json_type(input, &conf_type); rpc_log_info("config type is %d\n", conf_type); - switch (conf_type) - { - case FREEAUTH_CONFIG_ADD: - ret = freeauth_config_add_proc(source, conf_type, - input, input_len, - output, output_len); - break; - case FREEAUTH_CONFIG_MOD: - ret = freeauth_config_mod_proc(source, conf_type, - input, input_len, - output, output_len); - break; - case FREEAUTH_CONFIG_DEL: - ret = freeauth_config_del_proc(source, conf_type, - input, input_len, - output, output_len); - break; - default: - ret = RET_NOTSUPPORT; + switch(conf_type) { + case FREEAUTH_CONFIG_ADD: + ret = freeauth_config_add_proc(source, conf_type, + input, input_len, + output, output_len); + break; + + case FREEAUTH_CONFIG_MOD: + ret = freeauth_config_mod_proc(source, conf_type, + input, input_len, + output, output_len); + break; + + case FREEAUTH_CONFIG_DEL: + ret = freeauth_config_del_proc(source, conf_type, + input, input_len, + output, output_len); + break; + + default: + ret = RET_NOTSUPPORT; } return RET_OK; @@ -948,3 +728,5 @@ ret_code freeauth_config_proc(uint source, uint config_type, + + diff --git a/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c b/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c index 4ae740e29..58811e2cc 100644 --- a/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c +++ b/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c @@ -4,46 +4,63 @@ #include "../include/user_authfree.h" #include "string.h" -#define AUTHFREE_DATABASE_ID 16 +#define AUTHFREE_DATABASE_ID (16) #define AUTHFREE_TABLE "authfree" extern freeauth_configure_t freeauth_array[]; -#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功 -#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败 -#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在 -#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功 -#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败 -#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在 -#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功 -#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败 -#define RULENUM_EXCEED 8 //未认证权限数量超过最大值 +static char *authfreemes[] = {"addrule success", "addrule fail", "rule existed", "modrule success", + "modrule failure", "rule not found", "delrule success", "delrule fail", "rulenum exceed maxnum", + "rule full" + }; -char * authfreemes[] = {"addrule success", "addrule fail", "rule existed", "modrule success", - "modrule failure", "rule not found", "delrule success", "delrule fail", "rulenum exceed maxnum"}; +static char *get_sql_ret_message(SQL_RET_CODE code) +{ + if(code >= 0 && code < CODE_MAX) { + return authfreemes[code]; + } + + return "Unknown code"; +} + +static int is_rule_full(void) +{ + for(int i = 0; i < RULE_MAX_NUM; i++) { + if(strlen(freeauth_array[i].name) == 0) { + return 0; + } + } + + return 1; +} /*增加未认证权限规则*/ void add_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int dport, int flag, authfree_result_t *authfree_result) { - void * authfree_hdbc; - char * ret_sql = NULL; + void *authfree_hdbc; + char *ret_sql = NULL; int ret_add; int ret; int num; int i; int num_sql; - if (NULL == authfree_result) - { + if(NULL == authfree_result) { return; - } - + } + + if(is_rule_full()) { + authfree_result->resultcode = RULE_FULL; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); + return; + } + printf("开始连接数据库\n"); /* 连接数据库 */ authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID); - if(NULL == authfree_hdbc) - { + + if(NULL == authfree_hdbc) { printf("connetc failure\n"); return; } @@ -51,114 +68,110 @@ void add_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int /*长整型bigint 浮点型double 字符串character(10)*/ printf("authfree_hdbc = %p\n", authfree_hdbc); ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(rule_priority bigint, name character(32), sip bigint, dip bigint, dport bigint, flag bigint)"); - printf("%d \n",ret); - - + printf("%d \n", ret); + + /*查询数据库是否存在该权限规则*/ - char * select_sql = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree` WHERE name = ?"; - ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, - DB_DATA_STRING_TYPE, strlen(name)+1, name); - if(NULL != ret_sql) - { + char *select_sql = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree` WHERE name = ?"; + ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, + DB_DATA_STRING_TYPE, strlen(name) + 1, name); + + if(NULL != ret_sql) { /*用户名已存在*/ - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); - authfree_result->resultcode = 2; - authfree_result->message = authfreemes[authfree_result->resultcode]; + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); + authfree_result->resultcode = RULE_EXISTED; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); return; - } - else - { + } else { /* 根据指定信息查询数据库的获取的结果的条目数 条目数大于10 则不能再添加 */ - char * select_num = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree`"; - ret = get_select_datebase_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_num , &num_sql, 6, - DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority, - DB_DATA_STRING_TYPE, strlen(name)+1, name, - DB_DATA_INT_TYPE, sizeof(sip), sip, - DB_DATA_INT_TYPE, sizeof(dip), dip, - DB_DATA_INT_TYPE, sizeof(dport), dport, - DB_DATA_INT_TYPE, sizeof(flag), flag); - printf("num_sql = %d \n", num_sql); - printf("ret = %d \n", ret); - if (num_sql > RULE_MAX_NUM) - { + char *select_num = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree`"; + ret = get_select_datebase_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_num, &num_sql, 6, + DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority, + DB_DATA_STRING_TYPE, strlen(name) + 1, name, + DB_DATA_INT_TYPE, sizeof(sip), sip, + DB_DATA_INT_TYPE, sizeof(dip), dip, + DB_DATA_INT_TYPE, sizeof(dport), dport, + DB_DATA_INT_TYPE, sizeof(flag), flag); + printf("num_sql = %d \n", num_sql); + printf("ret = %d \n", ret); + + if(num_sql > RULE_MAX_NUM) { /*添加失败*/ - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 - authfree_result->resultcode = 8; - authfree_result->message = authfreemes[authfree_result->resultcode]; + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = RULE_ID_MAX; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); return; } - + /* 向authfree表中添加:未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */ char *addfree_sql = "INSERT INTO `authfree` SET rule_priority = ?, name = ?, sip = ?, dip = ?, dport = ?, flag = ?"; ret_add = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_INSERT, AUTHFREE_TABLE, addfree_sql, 6, - DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority, - DB_DATA_STRING_TYPE, strlen(name)+1, name, - DB_DATA_INT_TYPE, sizeof(sip), sip, - DB_DATA_INT_TYPE, sizeof(dip), dip, - DB_DATA_INT_TYPE, sizeof(dport), dport, - DB_DATA_INT_TYPE, sizeof(flag), flag); - printf("the value of ret:%d\n", ret_add); - if(0 != ret_add) - { + DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority, + DB_DATA_STRING_TYPE, strlen(name) + 1, name, + DB_DATA_INT_TYPE, sizeof(sip), sip, + DB_DATA_INT_TYPE, sizeof(dip), dip, + DB_DATA_INT_TYPE, sizeof(dport), dport, + DB_DATA_INT_TYPE, sizeof(flag), flag); + printf("the value of ret:%d\n", ret_add); + + if(0 != ret_add) { /*添加失败*/ - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 - authfree_result->resultcode = 1; - authfree_result->message = authfreemes[authfree_result->resultcode]; + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = ADD_RULE_ERR; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); return; } } - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); /*存未认证权限数数组*/ - for(i = 0; i < RULE_MAX_NUM; i++) - { - printf("the name is :%s\n", freeauth_array[i].name ); + for(i = 0; i < RULE_MAX_NUM; i++) { + printf("the name is :%s\n", freeauth_array[i].name); /*两个字符串相等 strcmp值为0*/ int a = strlen(freeauth_array[i].name); printf("%d\n", a); - if (0 == strlen(freeauth_array[i].name)) - { + + if(0 == strlen(freeauth_array[i].name)) { printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + memset(&freeauth_array[i], 0, sizeof(freeauth_configure_t)); freeauth_array[i].rule_priority = rule_priority; - memcpy(freeauth_array[i].name, name, sizeof(char)*32); + strncpy(freeauth_array[i].name, name, 32); freeauth_array[i].sip = sip; freeauth_array[i].dip = dip; freeauth_array[i].dport = dport; freeauth_array[i].flag = flag; - printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip, - freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i); + printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, + freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].dport, i); break; } } /*添加成功*/ - authfree_result->resultcode = 0; - authfree_result->message = authfreemes[authfree_result->resultcode]; + authfree_result->resultcode = ADD_RULE_OK; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); } - /*修改未认证权限*/ void mod_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int dport, int flag, authfree_result_t *authfree_result) { - void * authfree_hdbc; - char * ret_sql = NULL; + void *authfree_hdbc; + char *ret_sql = NULL; int ret_mod; int ret; int num; int i; - if (NULL == authfree_result) - { + if(NULL == authfree_result) { return; - } - + } + printf("开始连接数据库\n"); /* 连接数据库 */ authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID); - if(NULL == authfree_hdbc) - { + + if(NULL == authfree_hdbc) { printf("connetc failure\n"); return; } @@ -166,98 +179,93 @@ void mod_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int /*长整型bigint 浮点型double 字符串character(10)*/ printf("authfree_hdbc = %p\n", authfree_hdbc); ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)"); - printf("%d \n",ret); - + printf("%d \n", ret); + /*查询数据库是否存在该权限规则*/ - char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?"; - ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, - DB_DATA_STRING_TYPE, strlen(name)+1, name); - if(NULL == ret_sql) - { + char *select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?"; + ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, + DB_DATA_STRING_TYPE, strlen(name) + 1, name); + + if(NULL == ret_sql) { /*未认证权限用户名不存在*/ - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); - authfree_result->resultcode = 5; - authfree_result->message = authfreemes[authfree_result->resultcode]; + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); + authfree_result->resultcode = RULE_NOT_FOUNT; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); return; - } - else - { + } else { /*修改authfree表中内部源IP地址、目的IP地址、目的端口号 未认证权限名称不能修改 */ char *modfree_sql = "UPDATE `authfree` SET rule_priority = ?, sip = ?, dip = ?, dport = ? ,flag = ? WHERE name = ?"; ret_mod = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_UPDATE, AUTHFREE_TABLE, modfree_sql, 6, - DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority, - DB_DATA_INT_TYPE, sizeof(sip), sip, - DB_DATA_INT_TYPE, sizeof(dip), dip, - DB_DATA_INT_TYPE, sizeof(dport), dport, - DB_DATA_INT_TYPE, sizeof(flag), flag, - DB_DATA_STRING_TYPE, strlen(name)+1, name); - printf("the value of ret:%d\n", ret_mod); - if(0 != ret_mod) - { + DB_DATA_INT_TYPE, sizeof(rule_priority), rule_priority, + DB_DATA_INT_TYPE, sizeof(sip), sip, + DB_DATA_INT_TYPE, sizeof(dip), dip, + DB_DATA_INT_TYPE, sizeof(dport), dport, + DB_DATA_INT_TYPE, sizeof(flag), flag, + DB_DATA_STRING_TYPE, strlen(name) + 1, name); + printf("the value of ret:%d\n", ret_mod); + + if(0 != ret_mod) { /*修改失败*/ - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 - authfree_result->resultcode = 4; - authfree_result->message = authfreemes[authfree_result->resultcode]; + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = MOD_RULE_ERR; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); return; } } - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); /*修改对应未认证权限数数组*/ - for (i = 0; i < RULE_MAX_NUM; i++) - { + for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ - if (0 == strcmp(freeauth_array[i].name, name)) - { + if(0 == strcmp(freeauth_array[i].name, name)) { printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); freeauth_array[i].rule_priority = rule_priority; freeauth_array[i].sip = sip; freeauth_array[i].dip = dip; freeauth_array[i].dport = dport; freeauth_array[i].flag = flag; - printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip, - freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i); + printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, + freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].dport, i); break; } } - #if 0 +#if 0 + /*打印数组内全部元素*/ - for (i = 0; i < RULE_MAX_NUM; i++) - { - printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); + for(i = 0; i < RULE_MAX_NUM; i++) { + printf("%s %d %d %d %d\n", freeauth_array[i].name, freeauth_array[i].sip, freeauth_array[i].dip, freeauth_array[i].dport, i); } - #endif - + +#endif + /*修改成功*/ - authfree_result->resultcode = 3; - authfree_result->message = authfreemes[authfree_result->resultcode]; - return; + authfree_result->resultcode = MOD_RULE_OK; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); } /*删除未认证权限*/ void del_authfree(char *name, authfree_result_t *authfree_result) { - void * authfree_hdbc; - char * ret_sql = NULL; + void *authfree_hdbc; + char *ret_sql = NULL; int ret_del; int ret; int num; int i; - if (NULL == authfree_result) - { + if(NULL == authfree_result) { return; - } - + } + printf("开始连接数据库\n"); /* 连接数据库 */ authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID); - if(NULL == authfree_hdbc) - { + + if(NULL == authfree_hdbc) { printf("connetc failure\n"); return; } @@ -265,67 +273,58 @@ void del_authfree(char *name, authfree_result_t *authfree_result) /*长整型bigint 浮点型double 字符串character(10)*/ printf("authfree_hdbc = %p\n", authfree_hdbc); ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)"); - printf("%d \n",ret); - + printf("%d \n", ret); + /*查询数据库是否存在该权限规则*/ - char * select_sql = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree`WHERE name = ?"; - ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, - DB_DATA_STRING_TYPE, strlen(name)+1, name); - if(NULL == ret_sql) - { + char *select_sql = "SELECT rule_priority, name, sip, dip, dport, flag FROM `authfree`WHERE name = ?"; + ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, + DB_DATA_STRING_TYPE, strlen(name) + 1, name); + + if(NULL == ret_sql) { /*未认证权限用户名不存在*/ - authfree_result->resultcode = 5; - authfree_result->message = authfreemes[authfree_result->resultcode]; + authfree_result->resultcode = RULE_NOT_FOUNT; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); return; - } - else - { + } else { /*删除authfree表中未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */ - char* delfree_sql = "DELETE FROM authfree WHERE name = ?"; - int ret_del = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_DEL, AUTHFREE_TABLE, delfree_sql, 1, - DB_DATA_STRING_TYPE, strlen(name)+1, name); - printf("the value of ret:%d\n", ret_del); - if(0 != ret_del) - { - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 - authfree_result->resultcode = 7; /*删除失败*/ - authfree_result->message = authfreemes[authfree_result->resultcode]; + char *delfree_sql = "DELETE FROM authfree WHERE name = ?"; + int ret_del = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_DEL, AUTHFREE_TABLE, delfree_sql, 1, + DB_DATA_STRING_TYPE, strlen(name) + 1, name); + printf("the value of ret:%d\n", ret_del); + + if(0 != ret_del) { + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = DEL_RULE_ERR; /*删除失败*/ + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); return; } } - disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + disconnect_database(AUTHFREE_DATABASE_ID, authfree_hdbc); /*修改对应未认证权限数数组*/ - for (i = 0; i < RULE_MAX_NUM; i++) - { + for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ - if (0 == strcmp(freeauth_array[i].name, name)) - { + if(0 == strcmp(freeauth_array[i].name, name)) { printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); - freeauth_array[i].rule_priority = 0; - memcpy(freeauth_array[i].name, "0" , sizeof(char)*32); - freeauth_array[i].sip = 0; - freeauth_array[i].dip = 0; - freeauth_array[i].dport = 0; - freeauth_array[i].flag = 0; - printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip, - freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i); + memset(&freeauth_array[i], 0, sizeof(freeauth_configure_t)); + printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, + freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].dport, i); break; } } - - #if 0 + +#if 0 + /*打印数组内全部元素*/ - for (i = 0; i < RULE_MAX_NUM; i++) - { - printf("[%d %s %d %d %d %d %d]\n",freeauth_array[i].rule_priority,freeauth_array[i].name, freeauth_array[i].sip, - freeauth_array[i].dip ,freeauth_array[i].dport, freeauth_array[i].dport, i); + for(i = 0; i < RULE_MAX_NUM; i++) { + printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, + freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].dport, i); } - #endif - + +#endif + /*删除成功*/ - authfree_result->resultcode = 6; - authfree_result->message = authfreemes[authfree_result->resultcode]; - return; + authfree_result->resultcode = DEL_RUL_OK; + authfree_result->message = get_sql_ret_message(authfree_result->resultcode); } \ No newline at end of file diff --git a/Platform/user/configm/config-server/web_config/include/user_authfree.h b/Platform/user/configm/config-server/web_config/include/user_authfree.h index bec2ba816..4c3496268 100644 --- a/Platform/user/configm/config-server/web_config/include/user_authfree.h +++ b/Platform/user/configm/config-server/web_config/include/user_authfree.h @@ -1,14 +1,30 @@ #ifndef USER_AUTHFREE_H_ #define USER_AUTHFREE_H_ -#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功 -#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败 -#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在 -#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功 -#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败 -#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在 -#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功 -#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败 +#define ADDAUTFREE_SUCCESS (0) //增加未认证权限成功 +#define ADDAUTFREE_FAIL_DATABASE (1) //增加未认证权限成功失败 +#define AUTHFREE_NAME_EXISTED (2) //未认证权限名称已存在 +#define MODAUTHFREE_SUCCESS (3) //修改未认证权限成功 +#define MODAUTHFREE_FAIL_DATABASE (4) //修改未认证权限失败 +#define AUTHFREE_NAME_NOTFOUND (5) //未认证权限名称不存在 +#define DELAUTHFREE_SUCCESS (6) //删除未认证权限成功 +#define DELAUTHFREE_FAIL_DATABASE (7) //删除未认证权限失败 +#define RULENUM_EXCEED (8) //未认证权限数量超过最大值 + + +typedef enum { + ADD_RULE_OK = 0, + ADD_RULE_ERR = 1, + RULE_EXISTED = 2, + MOD_RULE_OK = 3, + MOD_RULE_ERR = 4, + RULE_NOT_FOUNT = 5, + DEL_RUL_OK = 6, + DEL_RULE_ERR = 7, + RULE_ID_MAX = 8, + RULE_FULL = 9, + CODE_MAX, +} SQL_RET_CODE; /*增加未认证权限规则*/ void add_authfree(int rule_priority, char *name, uint32_t sip, uint32_t dip, int dport, int flag, authfree_result_t *authfree_result);