diff --git a/Platform/build/user.configm.Makefile b/Platform/build/user.configm.Makefile index 930f98073..cb9f2ae6c 100755 --- a/Platform/build/user.configm.Makefile +++ b/Platform/build/user.configm.Makefile @@ -31,7 +31,9 @@ COMMON_SRCS = configserver.c \ netconfig/ipconfig/ipconfig.c \ netconfig/bridge/brconfig.c netconfig/bridge/brnetlink.c \ netconfig/bridge/libbridge/libbridge_if.c netconfig/bridge/libbridge/libbridge_init.c netconfig/bridge/libbridge/libbridge_devif.c\ - web_config/authfree.c web_config/auth_parameters.c\ + web_config/config-adm/user_authpara.c \ + web_config/config-adm/user_authfree.c \ + web_config/authfree.c web_config/auth_parameters.c\ user_manager_config/user_group_config.c user_manager_config/user_account_config.c user_manager_config/usermanager-server/array_index.c \ user_manager_config/usermanager-server/user_group.c user_manager_config/usermanager-server/user_mod.c user_manager_config/usermanager-server/user.c \ log_config/log_config_console.c log_config/log_config_init.c log_config/log_config_cm.c log_config/log_config_monitor.c log_config/log_config_remote.c log_config/log_config_file.c diff --git a/Platform/build/user.freeauth.Makefile b/Platform/build/user.freeauth.Makefile index 1581f1d3d..28241f7a1 100755 --- a/Platform/build/user.freeauth.Makefile +++ b/Platform/build/user.freeauth.Makefile @@ -1,19 +1,19 @@ # target name, the target name must have the same name of c source file TARGET_NAME=freeauth -# target +# target # for linux module driver: KO # for application: EXE # for dynamic library: DLL TARGET_TYPE = EXE - + # target object # for application: APP # for device driver: DRV TARGET_OBJ = APP # custom install dir -TARGET_BOX = +TARGET_BOX = #debug mode or release mode DEBUG = TRUE @@ -21,34 +21,34 @@ DEBUG = TRUE PLAT_LINUX ?= TRUE PLAT_ARM64 ?= TRUE -VPATH = ../user/configm/config-server +VPATH = ../user/configm/config-server ../user/configm/config-server/web_config # source code # set the source file, don't used .o because of ... -COMMON_SRCS = web_config/auth_parameters.c +COMMON_SRCS = auth_parameters.c \ + config-adm/user_authpara.c # MRS Board Source Files PLAT_LINUX_SRCS = $(COMMON_SRCS) PLAT_ARM64_SRCS = $(COMMON_SRCS) -COMMOM_CFLAGS = -I../user/configm/config-server/include -I../../Common -I../common/redismq -I../common/database -I../common/configm -I../common/rpc -I../common/rpc/hashtable -I../common/ulog -I../user/configm/config-server/netconfig/ -I../user/configm/config-server/netconfig/bridge/include +COMMOM_CFLAGS = -DUSED_MAIN -I../user/configm/config-server/include -I../../Common -I../common/redismq -I../common/database -I../common/configm -I../common/rpc -I../common/rpc/hashtable -I../common/ulog -I../user/configm/config-server/netconfig/ -I../user/configm/config-server/netconfig/bridge/include # gcc CFLAGS -PLAT_ARM64_CFLAGS := $(COMMOM_CFLAGS) -PLAT_LINUX_CFLAGS := $(COMMOM_CFLAGS) +PLAT_ARM64_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/arm64/usr/local/include +PLAT_LINUX_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/x86_64/usr/local/include -PLAT_ARM64_LDFLAGS := -PLAT_LINUX_LDFLAGS := +PLAT_ARM64_LDFLAGS := -L ../../Platform/build/debug +PLAT_LINUX_LDFLAGS := $(PLAT_LINUX_LDFLAGS) #gcc libs -ARM64_LIBS := -lopenrpc-arm64 -lnetlinku-arm64 -lredismq-arm64 -ldatabase-arm64 -LINUX_LIBS := -lopenrpc-linux -lnetlinku-linux -lredismq-linux -ldatabase-linux -ARM64_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev -lodbc +ARM64_LIBS := -lopenrpc-arm64 -lnetlinku-arm64 -lredismq-arm64 -lulogapi-arm64 -ldatabase-arm64 +ARM64_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev +LINUX_LIBS := -lopenrpc-linux -lnetlinku-linux -lredismq-linux -lulogapi-linux -ldatabase-linux +LINUX_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev -LINUX_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lodbc - -# this line must be at below of thus, because of... +# this line must be at below of thus, because of... include ../../Common/common.Makefile ifneq ($(MAKECMDGOALS), clean) diff --git a/Platform/user/configm/config-server/web_config/auth_parameters.c b/Platform/user/configm/config-server/web_config/auth_parameters.c index a338fb774..04697bf45 100644 --- a/Platform/user/configm/config-server/web_config/auth_parameters.c +++ b/Platform/user/configm/config-server/web_config/auth_parameters.c @@ -1,12 +1,16 @@ #include "../include/parsefile.h" #include "../include/configm.h" #include "../../../netlink_uapi/libnetlinku.h" -#include "../../../../common/rpc/rpc.h" #include "authfree.h" #include -#include "../../../../../Common/s2j/s2j.h" -#include "../../../../../Common/commuapinl.h" +#include "s2j/s2j.h" +#include "commuapinl.h" #include "auth_parameters.h" +#include "rpc.h" +#include "../Platform/common/database/database.h" +#include "include/user_authpara.h" +#include "config_manager.h" + /*定义结构体 存认证参数*/ auth_parameters_t *auth_para; @@ -27,7 +31,6 @@ int authparInit() return 0; } - /*下发用户老化时间配置到内核态 */ int set_agingtimecfg_waitack(int *agingtime) { @@ -103,7 +106,7 @@ return 0; } /*检查IP地址是否有效,端口号是否被占用 */ -int _valid_ipv4_port(const char *str, int port) +int _valid_port(int port) { int ret; int fd; @@ -117,55 +120,35 @@ int _valid_ipv4_port(const char *str, int port) return -1; } - errno = 0; - local_errno = errno; + addr.sin_family = AF_INET; /*地址结构的协议簇 */ + addr.sin_port=htons(port); /*地址结构的端口地址,网络字节序 */ + + i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr))); + printf("the value of i:%d\n", i); - ret = inet_pton(AF_INET, str ,&addr.sin_addr); - printf("the value of ret is:%d\n",ret); - if(ret > 0) + if( i < 0) { - fprintf(stderr, "\"%s\" is a vaild IPv4 address\n", str); - - addr.sin_family = AF_INET; /*地址结构的协议簇 */ - addr.sin_port=htons(port); /*地址结构的端口地址,网络字节序 */ - printf("the value of str:%s\n", str); - i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr))); - printf("the value of i:%d\n", i); - - if( i < 0) - { - printf("port %d has been used. \n", port); - close(fd); - return -1; - } - - printf("port %d is ok. \n", port); - close(fd); - return 0; - } - - else if (ret < 0) - { - fprintf(stderr, "EAFNOSUPPORT: %s\n", strerror(local_errno)); - close(fd); - return -1; - } - else - { - fprintf(stderr, "\"%s\" is not a vaild IPv4 address\n", str); + printf("port %d has been used. \n", port); close(fd); return -1; } + + close(fd); + return 0; + + //if(port > 0 && port < 65535) printf("port %d is ok. \n", port); } -/* iuput格式:{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ +/* iuput格式:{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff) { + char* pString = (char*)input; ret_code ret = RET_OK; cJSON *cjson, *type, *data; + printf("json:[%s]\n", pString); /*JSON字符串到JSON格式 */ - cjson = cJSON_Parse(input); + cjson = cJSON_Parse(pString); if(!cjson) { ret = RET_INPUTERR; @@ -190,7 +173,6 @@ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_paramet { ret = RET_INPUTERR; cJSON_Delete(cjson); - cJSON_Delete(type); return ret; } @@ -199,353 +181,141 @@ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_paramet if(auth_parameters == NULL) { cJSON_Delete(cjson); - cJSON_Delete(type); - cJSON_Delete(data); return RET_NOMEM; } /*反序列化数据到freeauth_configure_t结构体对象 */ - s2j_struct_get_basic_element(auth_parameters, data, int, ip); s2j_struct_get_basic_element(auth_parameters, data, int, port); s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon); s2j_struct_get_basic_element(auth_parameters, data, int, failcount); s2j_struct_get_basic_element(auth_parameters, data, int, locktime); s2j_struct_get_basic_element(auth_parameters, data, int, aging_time); - authpara_buff->ip = auth_parameters->ip; authpara_buff->port = auth_parameters->port; authpara_buff->timehorizon = auth_parameters->timehorizon; authpara_buff->failcount = auth_parameters->failcount; authpara_buff->locktime = auth_parameters->locktime; authpara_buff->aging_time = auth_parameters->aging_time; - s2j_delete_struct_obj(auth_parameters); + //s2j_delete_struct_obj(auth_parameters); cJSON_Delete(cjson); - cJSON_Delete(type); - cJSON_Delete(data); return RET_OK; } -/*检查增加的参数格式是否正确 */ -ret_code authpara_config_add_chk(uint source,uint config_type, - pointer input, int input_len, - pointer output, int *output_len) -{ + +ret_code authpara_config_chk(uint source, uint *config_type, + pointer input, int *input_len, + pointer output, int *output_len) +{ ret_code ret = RET_OK; - auth_parameters_t *auth_parameters; - auth_parameters = (auth_parameters_t *)input; - char str[32] = {0}; - - if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t))) - { - ret = RET_INPUTERR; - return ret; - } - - /*判断IP地址格式是否正确、端口号是否被占用*/ - memset(str, 0, 32); - inet_ntop(AF_INET, (void *)&auth_parameters->ip, str, 32); - char *ip_addr = str; - if( (_valid_ipv4_port(ip_addr, auth_parameters->port)) < 0 ) - { - free(auth_parameters); - ret = RET_ERR; - return ret; - } - - /*配置的用户失败次数如果小于0,则配置错误 */ - if(auth_parameters->failcount < FAIL_MIN_NUM ) - { - free(auth_parameters); - printf("userlock configure error\n"); - ret = RET_ERR; - return ret; - } - - /*配置的用户锁定时间如果小于0,则配置错误 */ - if(auth_parameters->locktime < LOCK_MIN_TIME ) - { - free(auth_parameters); - printf("locktime configure error\n"); - ret = RET_ERR; - return ret; - } - - /*配置的用户认证时间范围如果小于0,则配置错误 */ - if(auth_parameters->timehorizon < HORIZON_MIN_VALUE ) - { - free(auth_parameters); - printf("timehorizon configure error\n"); - ret = RET_ERR; - return ret; - } - - free(auth_parameters); - return RET_OK; -} - -/*修改认证参数 */ -ret_code authpara_config_mod_chk(uint source,uint config_type, - pointer input, int input_len, - pointer output, int *output_len) -{ - ret_code ret = RET_OK; - auth_parameters_t *auth_parameters; - auth_parameters = (auth_parameters_t *)input; - - if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t))) - { - ret = RET_INPUTERR; - return ret; - } - - /*判断认证参数是否存在*/ - if(NULL == auth_para) - { - ret = RET_ERR; - return ret; - } - - return RET_OK; -} - -/*chk data格式 */ -ret_code authpara_config_chk(uint source,uint *config_type, - pointer input, int *input_len, - pointer output, int *output_len) -{ - - ret_code ret = RET_OK; - auth_parameters_t auth_parameters = {0}; - int config_len = sizeof(auth_parameters_t); - uint conf_type = AUTHPARA_CONFIG_GET; - int code = 0; - - authpara_config_json_parse(input, &conf_type, &auth_parameters); - - switch (conf_type) - { - case AUTHPARA_CONFIG_ADD: - ret = authpara_config_add_chk(source, conf_type, - &auth_parameters, config_len, - output, output_len); - break; - case AUTHPARA_CONFIG_MOD: - ret = authpara_config_mod_chk(source, conf_type, - &auth_parameters, config_len, - output, output_len); - break; - default: - ret = RET_NOTSUPPORT; - } - - if(config_len <= CM_BUFF_SIZE) - { - memset(input, 0, *input_len); - memcpy(input, &auth_parameters, config_len); - *config_type = conf_type; - *input_len = config_len; - } - else - { - ret = RET_NOMEM; - } - - RET_ERR_FORMART(ret, code, output, *output_len); - return ret; } - -ret_code authpara_config_add_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len) -{ - ret_code ret = RET_OK; - cJSON *res; - char * ret_char = NULL; - unsigned int ret_int = 0; - auth_parameters_t *auth_parameters; - auth_parameters = (auth_parameters_t *)input; - int r = -1; - - /*增加数据库*/ - - /*存入全局变量*/ - - /*用户态下发到内核态auth_hook */ - printf("cfgchannel main begin:\r\n"); - - /*创建通道 */ - r = commcfgnl_open(); - if(r < 0) - { - printf(" pdlivnl_open fail, exit.\r\n"); - return RET_ERR; - } - - /*下发配置到内核态 */ - r = set_agingtimecfg_waitack(&(auth_parameters->aging_time)); - if(r < 0) - { - printf("set_cfg_debug_waitack failed.\r\n"); - return RET_ERR; - } - - /*关闭netlink通道 */ - commcfgnl_close(); - printf("cfgchannel main exit!\r\n"); - - /*创建json对象 */ - res = cJSON_CreateObject(); - if(!res) - { - free(auth_parameters); - ret = RET_ERR; - return ret; - } - - /*将json对象转换成json字符串 返回处理结果*/ - cJSON_AddNumberToObject(res, "result", r); - ret_char = cJSON_PrintUnformatted(res); - ret_int = strlen(ret_char); - if(output_len) - { - *output_len = ret_int; - } - - /*超出2k的内存,报错 */ - if(ret_int >= 1024 * 2) - { - free(auth_parameters); - free(ret_char); - cJSON_Delete(res); - return RET_NOMEM; - } - - memcpy(output, 0, ret_int + 1); - strcpy(output, ret_char); - - free(ret_char); - cJSON_Delete(res); - free(auth_parameters); - return RET_OK; -} - - -ret_code authpara_config_mod_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len) -{ - ret_code ret = RET_OK; - cJSON *res; - char * ret_char = NULL; - unsigned int ret_int = 0; - auth_parameters_t *auth_parameters; - auth_parameters = (auth_parameters_t *)input; - int r = -1; - - /*数据库修改*/ - - /*存入全局变量*/ - - /*用户态下发到内核态auth_hook */ - printf("cfgchannel main begin:\r\n"); - - /*创建通道 */ - r = commcfgnl_open(); - if(r < 0) - { - printf(" pdlivnl_open fail, exit.\r\n"); - return RET_ERR; - } - - /*下发配置到内核态 */ - r = set_agingtimecfg_waitack(&(auth_parameters->aging_time)); - if(r < 0) - { - printf("set_cfg_debug_waitack failed.\r\n"); - return RET_ERR; - } - - /*关闭netlink通道 */ - commcfgnl_close(); - printf("cfgchannel main exit!\r\n"); - - /*创建json对象 */ - res = cJSON_CreateObject(); - if(!res) - { - free(auth_parameters); - ret = RET_ERR; - return ret; - } - - /*将json对象转换成json字符串 返回处理结果*/ - cJSON_AddNumberToObject(res, "result", r); - ret_char = cJSON_PrintUnformatted(res); - ret_int = strlen(ret_char); - if(output_len) - { - *output_len = ret_int; - } - - /*超出2k的内存,报错 */ - if(ret_int >= 1024 * 2) - { - free(auth_parameters); - free(ret_char); - cJSON_Delete(res); - return RET_NOMEM; - } - - memcpy(output, 0, ret_int + 1); - strcpy(output, ret_char); - - free(ret_char); - cJSON_Delete(res); - free(auth_parameters); - return RET_OK; -} - + ret_code authpara_config_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len) + pointer input, int input_len, + pointer output, int *output_len) { - uint conf_type = config_type; ret_code ret = RET_OK; - auth_parameters_t conf_buff = {0}; - auth_parameters_t *auth_parameters = &conf_buff; + auth_parameters_t auth_parameters = {0}; + int config_len = sizeof(auth_parameters_t); + uint conf_type = AUTHPARA_CONFIG_MOD; + int code = 0; cJSON *res; char * ret_char = NULL; unsigned int ret_int = 0; + configure_result_t *configure_result; + int r = -1; + int portresult = 0; - auth_parameters = (auth_parameters_t *)input; - - rpc_log_info("config type is %d, ip %d port %d timehorizon %d failcount %d locktime %d aging_time %d\n", - conf_type, auth_parameters->ip, auth_parameters->port, - auth_parameters->timehorizon, auth_parameters->failcount, - auth_parameters->locktime, auth_parameters->aging_time); - - switch (conf_type) - { - case AUTHPARA_CONFIG_ADD: - ret = authpara_config_add_proc(source, conf_type, - &auth_parameters, input_len, - output, output_len); - break; - case AUTHPARA_CONFIG_MOD: - ret = authpara_config_mod_proc(source, conf_type, - &auth_parameters, input_len, - output, output_len); - break; - default: - ret = RET_NOTSUPPORT; + authpara_config_json_parse(input, &conf_type, &auth_parameters); + + if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t))) + { + ret = RET_INPUTERR; + return ret; + } + + portresult = _valid_port(auth_parameters.port); + if(portresult = 1) + { + return RET_CHKERR; } + + /*数据库修改 存入全局变量*/ + configure_result = (configure_result_t *)malloc(sizeof(configure_result_t)); + if (NULL == configure_result) + { + return RET_NOMEM; + } + + mod_authpara(auth_parameters.port, auth_parameters.timehorizon, auth_parameters.failcount, + auth_parameters.locktime, auth_parameters.aging_time, configure_result); + + /*共享内存 传送用户态和内核态之间的配置信息*/ + + #if 0 + /*存数据库成功,则下发到内核态auth_hook*/ + if(0 == configure_result->resultcode ) + { + /*用户态下发到内核态auth_hook */ + printf("cfgchannel main begin:\r\n"); + + /*创建通道 */ + r = commcfgnl_open(); + if(r < 0) + { + printf(" pdlivnl_open fail, exit.\r\n"); + return RET_ERR; + } + + /*下发配置到内核态 */ + r = set_agingtimecfg_waitack(&(auth_parameters.aging_time)); + if(r < 0) + { + printf("set_cfg_debug_waitack failed.\r\n"); + return RET_ERR; + } + + /*关闭netlink通道 */ + commcfgnl_close(); + printf("cfgchannel main exit!\r\n"); + } + #endif + + /*创建json对象 */ + res = cJSON_CreateObject(); + if(!res) + { + ret = RET_ERR; + return ret; + } + + /*将json对象转换成json字符串 返回处理结果*/ + cJSON_AddNumberToObject(res, "resultcode", configure_result->resultcode); + cJSON_AddStringToObject(res, "message", configure_result->message); + ret_char = cJSON_PrintUnformatted(res); + ret_int = strlen(ret_char); + if(output_len) + { + *output_len = ret_int; + } + + /*超出2k的内存,报错 */ + if(ret_int >= 1024 * 2) + { + free(ret_char); + cJSON_Delete(res); + return RET_NOMEM; + } + + memcpy(output, ret_char, ret_int + 1); + + free(ret_char); + cJSON_Delete(res); return RET_OK; } - diff --git a/Platform/user/configm/config-server/web_config/auth_parameters.h b/Platform/user/configm/config-server/web_config/auth_parameters.h index 13f16d593..98285600c 100644 --- a/Platform/user/configm/config-server/web_config/auth_parameters.h +++ b/Platform/user/configm/config-server/web_config/auth_parameters.h @@ -14,13 +14,11 @@ #define LOCK_MIN_TIME 0 /*锁定的最小时间 */ #define HORIZON_MIN_VALUE 0 /*认证时间范围的最小值 */ -#define AUTHPARA_CONFIG_ADD 0 -#define AUTHPARA_CONFIG_MOD 1 -#define AUTHPARA_CONFIG_GET 2 +#define AUTHPARA_CONFIG_MOD 0 + /*配置消息 */ typedef struct { - uint32_t ip; /*认证服务器IP地址*/ int port; /*认证服务器端口号*/ int timehorizon; /*用户认证时间范围*/ int failcount; /*用户认证时间范围*/ @@ -28,6 +26,11 @@ typedef struct { int aging_time; /*老化时间*/ }auth_parameters_t; +typedef struct { + int resultcode; + char *message; +}configure_result_t; + /*全局变量初始化 失败为1 成功为0*/ int authparInit(); @@ -35,37 +38,19 @@ int authparInit(); int set_agingtimecfg_waitack(int *agingtime); /*检查IP地址是否有效,端口号是否被占用 */ -int _valid_ipv4_port(const char *str, int port); +int _valid_port(int port); -/* iuput格式:{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ +/* iuput格式:{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff); /*检查增加的参数格式是否正确 */ -ret_code authpara_config_add_chk(uint source,uint config_type, - pointer input, int input_len, - pointer output, int *output_len); - -ret_code authpara_config_mod_chk(uint source,uint config_type, - pointer input, int input_len, - pointer output, int *output_len); - -ret_code authpara_config_chk(uint source,uint *config_type, - pointer input, int *input_len, - pointer output, int *output_len); - -ret_code authpara_config_add_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len); - -ret_code authpara_config_mod_proc(uint source, uint config_type, - pointer input, int input_len, +ret_code authpara_config_chk(uint source, uint *config_type, + pointer input, int *input_len, pointer output, int *output_len); ret_code authpara_config_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len); - - + pointer input, int input_len, + pointer output, int *output_len); #endif diff --git a/Platform/user/configm/config-server/web_config/authfree.c b/Platform/user/configm/config-server/web_config/authfree.c index 30b42bd73..74093a26b 100644 --- a/Platform/user/configm/config-server/web_config/authfree.c +++ b/Platform/user/configm/config-server/web_config/authfree.c @@ -1,32 +1,26 @@ #include "../include/parsefile.h" #include "../include/configm.h" #include "../../../netlink_uapi/libnetlinku.h" -#include "../../../../common/rpc/rpc.h" +#include "rpc.h" #include "authfree.h" +#include "auth_parameters.h" #include -#include "../../../../../Common/s2j/s2j.h" -#include "../../../../../Common/commuapinl.h" +#include "s2j/s2j.h" +#include "commuapinl.h" +#include "../Platform/common/database/database.h" +#include "include/user_authfree.h" +#include "config_manager.h" /*定义结构体数组 存在免认证规则 */ freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0}; +#define UNAMESIZE (127 + 1) +#define SPECHAR(element) (strpbrk((element), "~!@#$%^&*()_+{}|:\"<>?\\,./;\'[]-=`")) //校验特殊字符 #ifdef FREEAUTH_ACK_COOKIES #define CFG_FREEAUTH_ACK_COOKIES #endif -/*全局变量初始化 失败为1 成功为0*/ -int authfreeInit(freeauth_configure_t **localuser) -{ - *localuser = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t)); - if (NULL == *localuser) - { - return 1; - } - - return 0; -} - /* 判断IPv4格式是否正确*/ int isIpV4Addr(const char *ipAddr) { @@ -35,17 +29,16 @@ int isIpV4Addr(const char *ipAddr) int ip_part_3 = 0; int ip_part_4 = 0; char end_char = 0; - if((NULL == ipAddr) || (0 == strlen(ipAddr))) + if ((NULL == ipAddr) || (0 == strlen(ipAddr))) { return -1; } - if(4 == sscanf(ipAddr,"%d.%d.%d.%d%c",&ip_part_1,&ip_part_2,&ip_part_3,&ip_part_4,&end_char)) + if (4 == sscanf(ipAddr, "%d.%d.%d.%d%c", &ip_part_1, &ip_part_2, &ip_part_3, &ip_part_4, &end_char)) { - if((ip_part_1 >= 0) && (ip_part_1 <= 255) && - (ip_part_2 >= 0) && (ip_part_2 <= 255) && - (ip_part_3 >= 0) && (ip_part_3 <= 255) && - (ip_part_4 >= 0) && (ip_part_4 <= 255) - ) + if ((ip_part_1 >= 0) && (ip_part_1 <= 255) && + (ip_part_2 >= 0) && (ip_part_2 <= 255) && + (ip_part_3 >= 0) && (ip_part_3 <= 255) && + (ip_part_4 >= 0) && (ip_part_4 <= 255)) { return 0; } @@ -53,55 +46,57 @@ int isIpV4Addr(const char *ipAddr) return -1; } -/*下发配置到内核态 */ +/*下发配置到内核态 */ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth) { int freeauth_len = 0; struct nlmsghdr *ack = NULL; struct nlmsghdr **answer = &ack; - - struct{ + + struct + { struct nlmsghdr n; char buf[1024]; - } req ={ + } req = { .n.nlmsg_len = NLMSG_LENGTH(0), #ifdef CFG_FREEAUTH_ACK_COOKIES - .n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACK:use kernel auto ack*/ + .n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK, /*set NLM_F_ACK:use kernel auto ack*/ #else .n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */ #endif .n.nlmsg_type = FREEAUTH_CFG, .n.nlmsg_pid = getpid(), -}; + }; + + /*判断要发送的数据是否为NULL,不为NULL,打印出来 */ + if (struct_freeauth == NULL) + { + printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n"); + return -1; + } + else + { + char str[32]; + memset(str, 0, 32); + inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32); + char *sip_addr = str; + char dtr[32]; + memset(dtr, 0, 32); + inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32); + char *dip_addr = dtr; + printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n", + struct_freeauth->name, sip_addr, dip_addr, + struct_freeauth->dport); + } -/*判断要发送的数据是否为NULL,不为NULL,打印出来 */ -if (struct_freeauth == NULL) -{ - printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n"); - return -1; -}else -{ - char str[32]; - memset(str, 0, 32); - inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32); - char *sip_addr = str; - char dtr[32]; - memset(dtr, 0, 32); - inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32); - char *dip_addr = dtr; - printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n", - struct_freeauth->name, sip_addr, dip_addr, - struct_freeauth->dport); -} - /*计算需要发送的数据的长度 */ freeauth_len = sizeof(freeauth_configure_t); /*可选属性 */ commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len); - + /*发送组装好的netlink消息 */ - if(pdeliv_talk(1, &req.n, answer) < 0) + if (pdeliv_talk(1, &req.n, answer) < 0) { printf("set_user_freeauth_waitack rcv ack msg faild.\r\n"); return -2; @@ -110,51 +105,54 @@ if (struct_freeauth == NULL) { printf("set_user_freeauth_waitack rcv ack msg success.\r\n"); } - - if(*answer != NULL) - { - printf("set_user_freeauth_waitack rcv answer.\r\n"); - } - else{ - printf("set_user_freeauth_waitack rcv answer error.\r\n"); - return -3; - } + + if (*answer != NULL) + { + printf("set_user_freeauth_waitack rcv answer.\r\n"); + } + else + { + printf("set_user_freeauth_waitack rcv answer error.\r\n"); + return -3; + } #ifdef CFG_FREEAUTH_ACK_COOKIES - /*recv answer*/ - if((*answer)->nlmsg_type == NLMSG_ERROR){ - nl_debugfs_extack(*answer); - } + /*recv answer*/ + if ((*answer)->nlmsg_type == NLMSG_ERROR) + { + nl_debugfs_extack(*answer); + } #else - /*recv answer*/ - if((*answer)->nlmsg_type == FREEAUTH_CFG) - { - nl_debugfs(*answer); - } + /*recv answer*/ + if ((*answer)->nlmsg_type == FREEAUTH_CFG) + { + nl_debugfs(*answer); + } #endif -return 0; + return 0; } -/* 判断免认证规则格式 -* iuput格式:{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/ +/* 判断免认证规则格式 iuput格式:{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff) { + char *pString = (char *)input; ret_code ret = RET_OK; cJSON *cjson, *type, *data; + printf("json:[%s]\n", pString); /*JSON字符串到JSON格式 */ - cjson = cJSON_Parse(input); - if(!cjson) + cjson = cJSON_Parse(pString); + if (!cjson) { ret = RET_INPUTERR; ASSERT_RET(ret); return ret; } - + /*获取操作类型 add、mod、del */ type = cJSON_GetObjectItem(cjson, "type"); - if(!type) + if (!type) { ret = RET_INPUTERR; cJSON_Delete(cjson); @@ -165,21 +163,18 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con /*获取免认证规则的data部分 */ data = cJSON_GetObjectItem(cjson, "data"); - if(!data) + if (!data) { ret = RET_INPUTERR; cJSON_Delete(cjson); - cJSON_Delete(type); return ret; } /*创建freeauth_configure_t结构体对象 */ s2j_create_struct_obj(struct_freeauth, freeauth_configure_t); - if(struct_freeauth == NULL) + if (struct_freeauth == NULL) { cJSON_Delete(cjson); - cJSON_Delete(type); - cJSON_Delete(data); return RET_NOMEM; } @@ -189,183 +184,112 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con s2j_struct_get_basic_element(struct_freeauth, data, int, dip); s2j_struct_get_basic_element(struct_freeauth, data, int, dport); - memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char)*32); - freeauth_buff->sip = struct_freeauth->sip; - freeauth_buff->dip = struct_freeauth->dip; - freeauth_buff->dport = struct_freeauth->dport; + memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char) * 32); + freeauth_buff->sip = struct_freeauth->sip; + freeauth_buff->dip = struct_freeauth->dip; + freeauth_buff->dport = struct_freeauth->dport; - s2j_delete_struct_obj(struct_freeauth); cJSON_Delete(cjson); - cJSON_Delete(type); - cJSON_Delete(data); return RET_OK; } -/*检查增加的参数格式是否正确 */ -ret_code freeauth_config_add_chk(uint source,uint config_type, - pointer input, int input_len, - pointer output, int *output_len) +/*chk data格式 */ +ret_code freeauth_config_chk(uint source, uint *config_type, + pointer input, int *input_len, + pointer output, int *output_len) +{ + ret_code ret = RET_OK; + return ret; +} + +ret_code freeauth_config_add_proc(uint source, uint config_type, + pointer input, int input_len, + pointer output, int *output_len) { ret_code ret = RET_OK; freeauth_configure_t *freeauth_configure; freeauth_configure = (freeauth_configure_t *)input; char str[32] = {0}; char dtr[32] = {0}; + cJSON *res; + char *ret_char = NULL; + unsigned int ret_int = 0; + authfree_result_t *authfree_result; + int i; if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) { ret = RET_INPUTERR; return ret; } - + + /*校验用户名长度 特殊字符等*/ + if (NULL == freeauth_configure->name || (UNAMESIZE) < strlen(freeauth_configure->name) || 0 >= strlen(freeauth_configure->name)) + { + ret = RET_INPUTERR; + return ret; + } + + /* 校验用户名中不含特殊字符 */ + if (SPECHAR(freeauth_configure->name)) + { + ret = RET_INPUTERR; + return ret; + } + + /*校验源IP地址是否符合格式*/ memset(str, 0, 32); inet_ntop(AF_INET, (void *)&freeauth_configure->sip, str, 32); char *sip_addr = str; - if( isIpV4Addr(sip_addr) < 0 ) + if (isIpV4Addr(sip_addr) < 0) { ret = RET_IPINVALID; return ret; } + /*校验目的IP地址是否符合格式*/ memset(dtr, 0, 32); inet_ntop(AF_INET, (void *)&freeauth_configure->dip, dtr, 32); char *dip_addr = dtr; - if( isIpV4Addr(dip_addr) < 0 ) + if (isIpV4Addr(dip_addr) < 0) { ret = RET_IPINVALID; return ret; } - if ( (freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM )) + if ((freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM)) { ret = RET_IPINVALID; /*先用IPVAILD表示,后面加PORTVAILD */ return ret; } - - return RET_OK; -} - -/*删除的时候以免认证规则名作为参数,检查免认证规则名是否存在 */ -ret_code freeauth_config_del_chk(uint source,uint config_type, - pointer input, int input_len, - pointer output, int *output_len) -{ - ret_code ret = RET_OK; - freeauth_configure_t *freeauth_configure; - freeauth_configure = (freeauth_configure_t *)input; - int i; - - if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) - { - ret = RET_INPUTERR; - return ret; - } - - for(i = 0; i < RULE_MAX_NUM; i++) + /*查找要增加的未认证权限是否重名 该名字已存在 则退出程序 */ + for (i = 0; i < RULE_MAX_NUM; i++) { - if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name)) - return RET_NOTFOUND; + /*两个字符串相等 strcmp值为0*/ + if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) + { + printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + return RET_NOTFOUND; + } + else + { + printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + } } - - return RET_OK; -} -/*修改 查询要修改的内容是否存在 */ -ret_code freeauth_config_mod_chk(uint source,uint config_type, - pointer input, int input_len, - pointer output, int *output_len) -{ - ret_code ret = RET_OK; - freeauth_configure_t *freeauth_configure; - freeauth_configure = (freeauth_configure_t *)input; - int i; - - if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) - { - ret = RET_INPUTERR; - return ret; - } - - /*检查修改的内容是否存在 */ - for(i = 0; i < RULE_MAX_NUM; i++) + /*数据库修改 存入全局变量*/ + authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); + if (NULL == authfree_result) { - if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name)) - return RET_NOTFOUND; - } - return RET_OK; - -} - -/*chk data格式 */ -ret_code freeauth_config_chk(uint source,uint *config_type, - pointer input, int *input_len, - pointer output, int *output_len) -{ - - ret_code ret = RET_OK; - freeauth_configure_t freeauth_configure = {0}; - int config_len = sizeof(freeauth_configure_t); - uint conf_type = FREEAUTH_CONFIG_GET; - int code = 0; - - freeauth_config_json_parse(input, &conf_type, &freeauth_configure); - - switch (conf_type) - { - case FREEAUTH_CONFIG_ADD: - ret = freeauth_config_add_chk(source, conf_type, - &freeauth_configure, config_len, - output, output_len); - break; - case FREEAUTH_CONFIG_MOD: - ret = freeauth_config_mod_chk(source, conf_type, - &freeauth_configure, config_len, - output, output_len); - break; - case FREEAUTH_CONFIG_DEL: - ret = freeauth_config_del_chk(source, conf_type, - &freeauth_configure, config_len, - output, output_len); - break; - default: - ret = RET_NOTSUPPORT; + return RET_NOMEM; } - if(config_len <= CM_BUFF_SIZE) - { - memset(input, 0, *input_len); - memcpy(input, &freeauth_configure, config_len); - *config_type = conf_type; - *input_len = config_len; - } - else - { - ret = RET_NOMEM; - } - - RET_ERR_FORMART(ret, code, output, *output_len); - - return ret; -} - - -ret_code freeauth_config_add_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len) -{ - ret_code ret = RET_OK; - cJSON *res; - char * ret_char = NULL; - unsigned int ret_int = 0; - freeauth_configure_t *freeauth_configure; - freeauth_configure = (freeauth_configure_t *)input; - - /*增加数据库*/ - - /*存入全局变量*/ + add_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, + freeauth_configure->dport, authfree_result); +#if 0 /*用户态下发到内核态auth_hook */ int r = -1; printf("cfgchannel main begin:\r\n"); @@ -389,244 +313,283 @@ ret_code freeauth_config_add_proc(uint source, uint config_type, /*关闭netlink通道 */ commcfgnl_close(); printf("cfgchannel main exit!\r\n"); +#endif /*创建json对象 */ res = cJSON_CreateObject(); - if(!res) - { + if (!res) + { free(freeauth_configure); ret = RET_ERR; return ret; } /*将json对象转换成json字符串 返回处理结果*/ - cJSON_AddNumberToObject(res, "result", r); + cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode); + cJSON_AddStringToObject(res, "message", authfree_result->message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); - if(output_len) + if (output_len) { *output_len = ret_int; } - + /*超出2k的内存,报错 */ - if(ret_int >= 1024 * 2) + if (ret_int >= 1024 * 2) { - free(freeauth_configure); free(ret_char); cJSON_Delete(res); return RET_NOMEM; } - memcpy(output, 0, ret_int + 1); - strcpy(output, ret_char); + memcpy(output, ret_char, ret_int + 1); free(ret_char); cJSON_Delete(res); - free(freeauth_configure); - return RET_OK; + return RET_OK; } - ret_code freeauth_config_mod_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len) + pointer input, int input_len, + pointer output, int *output_len) { - ret_code ret = RET_OK; - cJSON *res; - char * ret_char = NULL; - unsigned int ret_int = 0; freeauth_configure_t *freeauth_configure; freeauth_configure = (freeauth_configure_t *)input; + ret_code ret = RET_OK; + cJSON *res; + char *ret_char = NULL; + unsigned int ret_int = 0; + int i; + authfree_result_t *authfree_result; - /*数据库修改*/ - - /*存入全局变量*/ - - /*用户态下发到内核态auth_hook */ - int r = -1; - printf("cfgchannel main begin:\r\n"); - - /*创建通道 */ - r = commcfgnl_open(); - if(r < 0) + if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) { - printf(" pdlivnl_open fail, exit.\r\n"); - return RET_ERR; - } - - /*下发配置到内核态 */ - r = set_freeauthcfg_waitack(freeauth_configure); - if(r < 0) - { - printf("set_cfg_debug_waitack failed.\r\n"); - return RET_ERR; - } - - /*关闭netlink通道 */ - commcfgnl_close(); - printf("cfgchannel main exit!\r\n"); - - /*创建json对象 */ - res = cJSON_CreateObject(); - if(!res) - { - free(freeauth_configure); - ret = RET_ERR; + ret = RET_INPUTERR; return ret; } - cJSON_AddNumberToObject(res, "result", r); - - /*将json对象转换成json字符串 */ - ret_char = cJSON_PrintUnformatted(res); - ret_int = strlen(ret_char); - if(output_len) + /*查找要修改的免认证规则名字,不存在则退出程序 */ + for (i = 0; i < RULE_MAX_NUM; i++) { - *output_len = ret_int; - } - - /*超出2k的内存,报错 */ - if(ret_int >= 1024 * 2) - { - free(freeauth_configure); - free(ret_char); - cJSON_Delete(res); - return RET_NOMEM; - } + /*两个字符串相等 strcmp值为0*/ + if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) + { + printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + /*数据库修改 存入全局变量*/ + authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); + if (NULL == authfree_result) + { + return RET_NOMEM; + } - memcpy(output, 0, ret_int + 1); - strcpy(output, ret_char); + mod_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, + freeauth_configure->dport, authfree_result); - free(ret_char); - cJSON_Delete(res); - free(freeauth_configure); - return RET_OK; + #if 0 + /*用户态下发到内核态auth_hook */ + int r = -1; + printf("cfgchannel main begin:\r\n"); + + /*创建通道 */ + r = commcfgnl_open(); + if(r < 0) + { + printf(" pdlivnl_open fail, exit.\r\n"); + return RET_ERR; + } + + /*下发配置到内核态 */ + r = set_freeauthcfg_waitack(freeauth_configure); + if(r < 0) + { + printf("set_cfg_debug_waitack failed.\r\n"); + return RET_ERR; + } + + /*关闭netlink通道 */ + commcfgnl_close(); + printf("cfgchannel main exit!\r\n"); + #endif + + /*创建json对象 */ + res = cJSON_CreateObject(); + if (!res) + { + ret = RET_ERR; + return ret; + } + + /*将json对象转换成json字符串 返回处理结果*/ + cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode); + cJSON_AddStringToObject(res, "message", authfree_result->message); + ret_char = cJSON_PrintUnformatted(res); + ret_int = strlen(ret_char); + if (output_len) + { + *output_len = ret_int; + } + + /*超出2k的内存,报错 */ + if (ret_int >= 1024 * 2) + { + free(ret_char); + cJSON_Delete(res); + return RET_NOMEM; + } + + memcpy(output, ret_char, ret_int + 1); + + free(ret_char); + cJSON_Delete(res); + return RET_OK; + } + + } } ret_code freeauth_config_del_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len) + pointer input, int input_len, + pointer output, int *output_len) { ret_code ret = RET_OK; - cJSON *res; - char * ret_char = NULL; - unsigned int ret_int = 0; freeauth_configure_t *freeauth_configure; freeauth_configure = (freeauth_configure_t *)input; + cJSON *res; + char *ret_char = NULL; + unsigned int ret_int = 0; + int i; + authfree_result_t *authfree_result; - /*数据库删除*/ - /*存入全局变量*/ - - /*用户态下发到内核态auth_hook */ - int r = -1; - printf("cfgchannel main begin:\r\n"); - - /*创建通道 */ - r = commcfgnl_open(); - if(r < 0) - { - printf(" pdlivnl_open fail, exit.\r\n"); - return RET_ERR; - } - - /*下发配置到内核态 */ - r = set_freeauthcfg_waitack(freeauth_configure); - if(r < 0) - { - printf("set_cfg_debug_waitack failed.\r\n"); - return RET_ERR; - } - - /*关闭netlink通道 */ - commcfgnl_close(); - printf("cfgchannel main exit!\r\n"); - - /*创建json对象 */ - res = cJSON_CreateObject(); - if(!res) + if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) { - free(freeauth_configure); - ret = RET_ERR; + ret = RET_INPUTERR; return ret; } - - cJSON_AddNumberToObject(res, "result", r); - - /*将json对象转换成json字符串 */ - ret_char = cJSON_PrintUnformatted(res); - ret_int = strlen(ret_char); - if(output_len) - { - *output_len = ret_int; - } - /*超出2k的内存,报错 */ - if(ret_int >= 1024 * 2) + + /*查找要删除的免认证规则名字,不存在则退出程序 */ + for (i = 0; i < RULE_MAX_NUM; i++) { - free(freeauth_configure); - free(ret_char); - cJSON_Delete(res); - return RET_NOMEM; + /*两个字符串相等 strcmp值为0*/ + if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) + { + printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + /*数据库修改 存入全局变量*/ + authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t)); + if (NULL == authfree_result) + { + return RET_NOMEM; + } + del_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, + freeauth_configure->dport, authfree_result); + + #if 0 + /*用户态下发到内核态auth_hook */ + int r = -1; + printf("cfgchannel main begin:\r\n"); + + /*创建通道 */ + r = commcfgnl_open(); + if(r < 0) + { + printf(" pdlivnl_open fail, exit.\r\n"); + return RET_ERR; + } + + /*下发配置到内核态 */ + r = set_freeauthcfg_waitack(freeauth_configure); + if(r < 0) + { + printf("set_cfg_debug_waitack failed.\r\n"); + return RET_ERR; + } + + /*关闭netlink通道 */ + commcfgnl_close(); + printf("cfgchannel main exit!\r\n"); + #endif + + /*创建json对象 */ + res = cJSON_CreateObject(); + if (!res) + { + free(freeauth_configure); + ret = RET_ERR; + return ret; + } + + /*将json对象转换成json字符串 返回处理结果*/ + cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode); + cJSON_AddStringToObject(res, "message", authfree_result->message); + ret_char = cJSON_PrintUnformatted(res); + ret_int = strlen(ret_char); + if (output_len) + { + *output_len = ret_int; + } + + /*超出2k的内存,报错 */ + if (ret_int >= 1024 * 2) + { + free(ret_char); + cJSON_Delete(res); + return RET_NOMEM; + } + + memcpy(output, ret_char, ret_int + 1); + + free(ret_char); + cJSON_Delete(res); + return RET_OK; + } } - - memcpy(output, 0, ret_int + 1); - strcpy(output, ret_char); - - free(ret_char); - cJSON_Delete(res); - free(freeauth_configure); - return RET_OK; - } - ret_code freeauth_config_proc(uint source, uint config_type, - pointer input, int input_len, - pointer output, int *output_len) + pointer input, int input_len, + pointer output, int *output_len) { - - uint conf_type = config_type; ret_code ret = RET_OK; + freeauth_configure_t freeauth_configure = {0}; + int config_len = sizeof(freeauth_configure_t); + uint conf_type = FREEAUTH_CONFIG_GET; + char *ret_char = NULL; + unsigned int ret_int = 0; int r = -1; cJSON *res; - char * ret_char = NULL; - unsigned int ret_int = 0; - freeauth_configure_t conf_buff = {0}; - freeauth_configure_t *freeauth_configure = &conf_buff; + int code = 0; - freeauth_configure = (freeauth_configure_t *)input; + freeauth_config_json_parse(input, &conf_type, &freeauth_configure); - rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n", - conf_type, freeauth_configure->name, - freeauth_configure->sip, freeauth_configure->dip, - freeauth_configure->dport); + rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n", + conf_type, freeauth_configure.name, + freeauth_configure.sip, freeauth_configure.dip, + freeauth_configure.dport); switch (conf_type) - { - case FREEAUTH_CONFIG_ADD: - ret = freeauth_config_add_proc(source, conf_type, - &freeauth_configure, input_len, - output, output_len); - break; - case FREEAUTH_CONFIG_MOD: - ret = freeauth_config_mod_proc(source, conf_type, - &freeauth_configure, input_len, - output, output_len); - break; - case FREEAUTH_CONFIG_DEL: - ret = freeauth_config_del_proc(source, conf_type, - &freeauth_configure, input_len, - output, output_len); - break; - default: - ret = RET_NOTSUPPORT; + { + case FREEAUTH_CONFIG_ADD: + ret = freeauth_config_add_proc(source, conf_type, + &freeauth_configure, input_len, + output, output_len); + break; + case FREEAUTH_CONFIG_MOD: + ret = freeauth_config_mod_proc(source, conf_type, + &freeauth_configure, input_len, + output, output_len); + break; + case FREEAUTH_CONFIG_DEL: + ret = freeauth_config_del_proc(source, conf_type, + &freeauth_configure, input_len, + output, output_len); + break; + default: + ret = RET_NOTSUPPORT; } - return RET_OK; + return RET_OK; } - - diff --git a/Platform/user/configm/config-server/web_config/authfree.h b/Platform/user/configm/config-server/web_config/authfree.h index a6b609de4..36e17205d 100644 --- a/Platform/user/configm/config-server/web_config/authfree.h +++ b/Platform/user/configm/config-server/web_config/authfree.h @@ -18,8 +18,8 @@ #define RULE_MAX_NUM 10 #define FREEAUTH_CONFIG_ADD 0 -#define FREEAUTH_CONFIG_DEL 1 -#define FREEAUTH_CONFIG_MOD 2 +#define FREEAUTH_CONFIG_MOD 1 +#define FREEAUTH_CONFIG_DEL 2 #define FREEAUTH_CONFIG_GET 3 @@ -31,6 +31,11 @@ typedef struct { char name[32]; }freeauth_configure_t; +typedef struct { + int resultcode; + char *message; +}authfree_result_t; + /*全局变量初始化 失败为1 成功为0*/ int authfreeInit(freeauth_configure_t **localuser); diff --git a/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c b/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c new file mode 100644 index 000000000..0cb6263a4 --- /dev/null +++ b/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c @@ -0,0 +1,323 @@ +#include +#include "../authfree.h" +#include "../Platform/common/database/database.h" +#include "../include/user_authfree.h" +#include "string.h" + +#define AUTHFREE_DATABASE_ID 16 +#define AUTHFREE_TABLE "authfree" + +extern freeauth_configure_t freeauth_array[]; + +#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功 +#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败 +#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在 +#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功 +#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败 +#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在 +#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功 +#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败 +#define RULENUM_EXCEED 8 //未认证权限数量超过最大值 + +char * authfreemes[] = {"addrule success", "addrule fail", "rule existed", "modrule success", + "modrule failure", "rule not found", "delrule success", "delrule fail", "rulenum exceed maxnum"}; + +/*增加未认证权限规则*/ +void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result) +{ + void * authfree_hdbc; + char * ret_sql = NULL; + int ret_add; + int ret; + int num; + int i; + int num_sql; + + if (NULL == authfree_result) + { + return; + } + + printf("开始连接数据库\n"); + + /* 连接数据库 */ + authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID); + if(NULL == authfree_hdbc) + { + printf("connetc failure\n"); + return; + } + + /*长整型bigint 浮点型double 字符串character(10)*/ + printf("authfree_hdbc = %p\n", authfree_hdbc); + ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)"); + printf("%d \n",ret); + + + /*查询数据库是否存在该权限规则*/ + char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?"; + ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, + DB_DATA_STRING_TYPE, strlen(name)+1, name); + if(NULL != ret_sql) + { + /*用户名已存在*/ + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + authfree_result->resultcode = 2; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; + } + else + { + /* 根据指定信息查询数据库的获取的结果的条目数 条目数大于10 则不能再添加 */ + char * select_num = "SELECT name, sip, dip, dport FROM `authfree`"; + ret = get_select_datebase_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_num , &num_sql, 4, + DB_DATA_STRING_TYPE, strlen(name)+1, name, + DB_DATA_INT_TYPE, sizeof(sip), sip, + DB_DATA_INT_TYPE, sizeof(dip), dip, + DB_DATA_INT_TYPE, sizeof(dport), dport); + printf("num_sql = %d \n", num_sql); + printf("ret = %d \n", ret); + if (num_sql > RULE_MAX_NUM) + { + /*添加失败*/ + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = 8; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; + } + + /* 向authfree表中添加:未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */ + char *addfree_sql = "INSERT INTO `authfree` SET name = ?, sip = ?, dip = ?, dport = ?"; + ret_add = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_INSERT, AUTHFREE_TABLE, addfree_sql, 4, + DB_DATA_STRING_TYPE, strlen(name)+1, name, + DB_DATA_INT_TYPE, sizeof(sip), sip, + DB_DATA_INT_TYPE, sizeof(dip), dip, + DB_DATA_INT_TYPE, sizeof(dport), dport); + printf("the value of ret:%d\n", ret_add); + if(0 != ret_add) + { + /*添加失败*/ + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = 1; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; + } + } + + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + + /*存未认证权限数数组*/ + for(i = 0; i < RULE_MAX_NUM; i++) + { + printf("the name is :%s\n", freeauth_array[i].name ); + /*两个字符串相等 strcmp值为0*/ + int a = strlen(freeauth_array[i].name); + printf("%d\n", a); + if (0 == strlen(freeauth_array[i].name)) + { + printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + memcpy(freeauth_array[i].name, name, sizeof(char)*32); + freeauth_array[i].sip = sip; + freeauth_array[i].dip = dip; + freeauth_array[i].dport = dport; + printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); + break; + } + } + + #if 0 + /*打印数组内全部元素*/ + for (i = 0; i < RULE_MAX_NUM; i++) + { + printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); + } + #endif + + /*添加成功*/ + authfree_result->resultcode = 0; + authfree_result->message = authfreemes[authfree_result->resultcode]; +} + + +/*修改未认证权限*/ +void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result) +{ + void * authfree_hdbc; + char * ret_sql = NULL; + int ret_mod; + int ret; + int num; + int i; + + if (NULL == authfree_result) + { + return; + } + + printf("开始连接数据库\n"); + + /* 连接数据库 */ + authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID); + if(NULL == authfree_hdbc) + { + printf("connetc failure\n"); + return; + } + + /*长整型bigint 浮点型double 字符串character(10)*/ + printf("authfree_hdbc = %p\n", authfree_hdbc); + ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)"); + printf("%d \n",ret); + + /*查询数据库是否存在该权限规则*/ + char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?"; + ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, + DB_DATA_STRING_TYPE, strlen(name)+1, name); + if(NULL == ret_sql) + { + /*未认证权限用户名不存在*/ + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + authfree_result->resultcode = 5; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; + } + else + { + /*修改authfree表中内部源IP地址、目的IP地址、目的端口号 未认证权限名称不能修改 */ + char *modfree_sql = "UPDATE `authfree` SET sip = ?, dip = ?, dport = ? WHERE name = ?"; + ret_mod = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_UPDATE, AUTHFREE_TABLE, modfree_sql, 4, + DB_DATA_INT_TYPE, sizeof(sip), sip, + DB_DATA_INT_TYPE, sizeof(dip), dip, + DB_DATA_INT_TYPE, sizeof(dport), dport, + DB_DATA_STRING_TYPE, strlen(name)+1, name); + printf("the value of ret:%d\n", ret_mod); + if(0 != ret_mod) + { + /*修改失败*/ + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = 4; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; + } + } + + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + + /*修改对应未认证权限数数组*/ + for (i = 0; i < RULE_MAX_NUM; i++) + { + /*两个字符串相等 strcmp值为0*/ + if (0 == strcmp(freeauth_array[i].name, name)) + { + printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); + freeauth_array[i].sip = sip; + freeauth_array[i].dip = dip; + freeauth_array[i].dport = dport; + printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); + break; + } + } + + #if 0 + /*打印数组内全部元素*/ + for (i = 0; i < RULE_MAX_NUM; i++) + { + printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); + } + #endif + + /*修改成功*/ + authfree_result->resultcode = 3; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; +} + + +/*删除未认证权限*/ +void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result) +{ + void * authfree_hdbc; + char * ret_sql = NULL; + int ret_del; + int ret; + int num; + int i; + + if (NULL == authfree_result) + { + return; + } + + printf("开始连接数据库\n"); + + /* 连接数据库 */ + authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID); + if(NULL == authfree_hdbc) + { + printf("connetc failure\n"); + return; + } + + /*长整型bigint 浮点型double 字符串character(10)*/ + printf("authfree_hdbc = %p\n", authfree_hdbc); + ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)"); + printf("%d \n",ret); + + /*查询数据库是否存在该权限规则*/ + char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?"; + ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1, + DB_DATA_STRING_TYPE, strlen(name)+1, name); + if(NULL == ret_sql) + { + /*未认证权限用户名不存在*/ + authfree_result->resultcode = 5; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; + } + else + { + /*删除authfree表中未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */ + char* delfree_sql = "DELETE FROM authfree WHERE name = ?"; + int ret_del = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_DEL, AUTHFREE_TABLE, delfree_sql, 1, + DB_DATA_STRING_TYPE, strlen(name)+1, name); + printf("the value of ret:%d\n", ret_del); + if(0 != ret_del) + { + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志 + authfree_result->resultcode = 7; /*删除失败*/ + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; + } + } + + disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); + + /*删除对应未认证权限数数组*/ + for (i = 0; i < RULE_MAX_NUM; i++) + { + /*两个字符串相等 strcmp值为0*/ + printf("%s(%d) freeauth_array[i] = %p\n", __FUNCTION__, __LINE__, &freeauth_array[i]); + if (0 == strcmp(freeauth_array[i].name, name)) + { + printf("index:%d\n", i); + int delectIndex = i; + for(i = delectIndex; i <= RULE_MAX_NUM; i++) + { + freeauth_array[i] = freeauth_array[i+1]; + } + } + } + + #if 0 + /*打印数组内全部元素*/ + for (i = 0; i < RULE_MAX_NUM; i++) + { + printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i); + } + #endif + + /*删除成功*/ + authfree_result->resultcode = 6; + authfree_result->message = authfreemes[authfree_result->resultcode]; + return; +} \ No newline at end of file diff --git a/Platform/user/configm/config-server/web_config/config-adm/user_authpara.c b/Platform/user/configm/config-server/web_config/config-adm/user_authpara.c new file mode 100644 index 000000000..2c0574f8d --- /dev/null +++ b/Platform/user/configm/config-server/web_config/config-adm/user_authpara.c @@ -0,0 +1,88 @@ +#include "../include/parsefile.h" +#include "../include/configm.h" +#include "../../../netlink_uapi/libnetlinku.h" +#include "../../../../common/rpc/rpc.h" +#include "../authfree.h" +#include +#include "../../../../../Common/s2j/s2j.h" +#include "../../../../../Common/commuapinl.h" +#include "../auth_parameters.h" +#include "../Platform/common/database/database.h" + +#define AUTHPARA_DATABASE_ID 15 +#define AUTHPARA_TABLE "authparas" + +extern auth_parameters_t *auth_para; + +char * mes[]={"ADDSUCCESS", "ADDFAILURE"}; + +/*前端type类型只有修改,修改数据库中的内容,返回值为code message——修改成功 修改失败*/ +void mod_authpara(int port, int timehorizon, int failcount, int locktime, int aging_time, configure_result_t *configure_result) +{ + void * authpara_hdbc; + char * ret_sql = NULL; + int ret; + int num; + int r = -1; + + if (NULL == configure_result) + { + return; + } + + printf("开始连接数据库\n"); + + /* 连接数据库 */ + authpara_hdbc = connect_database(AUTHPARA_DATABASE_ID); + if(NULL == authpara_hdbc) + { + printf("connetc failure\n"); + return; + } + + /*长整型bigint 浮点型double 字符串character(10)*/ + printf("authpara_hdbc = %p\n", authpara_hdbc); + ret = create_database_table(AUTHPARA_DATABASE_ID, authpara_hdbc, "authparas", "create table authparas(port bigint, timehorizon bigint, failcount bigint, locktime bigint, aging_time bigint)"); + printf("%d \n",ret); + + /* 存authpara表 默认值 */ + char *user1_authpara = "INSERT INTO `authparas` SET port = 8080, timehorizon = 1, failcount = 5, locktime = 10, aging_time = 10"; + int ret_addauthpara = update_database(AUTHPARA_DATABASE_ID, authpara_hdbc, DB_OP_INSERT, AUTHPARA_TABLE, user1_authpara, 0); + if(0 != ret_addauthpara) + { + disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc); // ret_release记录日志 + configure_result->resultcode = 1; + configure_result->message = mes[configure_result->resultcode]; + return; + } + + + char *user_authpara = "UPDATE `authparas` SET port = ?, timehorizon = ?, failcount = ?, locktime = ?, aging_time = ?"; + ret = update_database(AUTHPARA_DATABASE_ID, authpara_hdbc, DB_OP_UPDATE, AUTHPARA_TABLE, user_authpara, 5, + DB_DATA_INT_TYPE, sizeof(port), port, + DB_DATA_INT_TYPE, sizeof(timehorizon), timehorizon, + DB_DATA_INT_TYPE, sizeof(failcount), failcount, + DB_DATA_INT_TYPE, sizeof(locktime), locktime, + DB_DATA_INT_TYPE, sizeof(aging_time), aging_time); + printf("the value of ret:%d\n", ret); + if(0 != ret) + { + disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc); // ret_release记录日志 + configure_result->resultcode = 1; + configure_result->message = mes[configure_result->resultcode]; + return; + } + + disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc); + + /*存全局变量*/ + auth_para->port = port; + auth_para->timehorizon = timehorizon; + auth_para->failcount = failcount; + auth_para->locktime = locktime; + auth_para->aging_time = aging_time; + + configure_result->resultcode = 0; + configure_result->message = mes[configure_result->resultcode]; + return; +} diff --git a/Platform/user/configm/config-server/web_config/include/user_authfree.h b/Platform/user/configm/config-server/web_config/include/user_authfree.h new file mode 100644 index 000000000..6543260a3 --- /dev/null +++ b/Platform/user/configm/config-server/web_config/include/user_authfree.h @@ -0,0 +1,22 @@ +#ifndef USER_AUTHFREE_H_ +#define USER_AUTHFREE_H_ + +#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功 +#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败 +#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在 +#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功 +#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败 +#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在 +#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功 +#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败 + +/*增加未认证权限规则*/ +void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result); + +/*修改未认证权限*/ +void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result); + +/*删除未认证权限*/ +void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result); + +#endif \ No newline at end of file diff --git a/Platform/user/configm/config-server/web_config/include/user_authpara.h b/Platform/user/configm/config-server/web_config/include/user_authpara.h new file mode 100644 index 000000000..c5df56948 --- /dev/null +++ b/Platform/user/configm/config-server/web_config/include/user_authpara.h @@ -0,0 +1,18 @@ +#ifndef USER_AUTHPARA_H_ +#define USER_AUTHPARA_H_ + +#include +#include "../Platform/user/configm/config-server/web_config/auth_parameters.h" + + +#define ADDUSER_FAIL_NAMEDUP 4 //用户名重名 + +#define MODAUTHPARA_SUCCESS 0 //修改认证信息成功 +#define MODAUTHPARE_FAIL_DATABASE 1 //修改数据库信息失败 + + +/*前端type类型为修改,修改数据库中的内容,返回值为code message——修改成功 修改失败*/ +/*修改认证参数*/ +void mod_authpara( int port, int timehorizon, int failcount, int locktime, int aging_time, configure_result_t *configure_result); + +#endif \ No newline at end of file