cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mod aaa-12 调用数据库接口,完成数据持久化到数据库 

RCA:
RCA:
SOL:
修改人:chenling
检视人:
This commit is contained in:
ChenLing 2019-08-15 14:24:41 +08:00
parent c85337eb78
commit d7b4fd3080
10 changed files with 959 additions and 783 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Platform/build/user.configm.Makefile
View File

@ -31,7 +31,9 @@ COMMON_SRCS = configserver.c \
netconfig/ipconfig/ipconfig.c \ netconfig/ipconfig/ipconfig.c \
netconfig/bridge/brconfig.c netconfig/bridge/brnetlink.c \ netconfig/bridge/brconfig.c netconfig/bridge/brnetlink.c \
netconfig/bridge/libbridge/libbridge_if.c netconfig/bridge/libbridge/libbridge_init.c netconfig/bridge/libbridge/libbridge_devif.c\ netconfig/bridge/libbridge/libbridge_if.c netconfig/bridge/libbridge/libbridge_init.c netconfig/bridge/libbridge/libbridge_devif.c\
web_config/authfree.c web_config/auth_parameters.c\ web_config/config-adm/user_authpara.c \
web_config/config-adm/user_authfree.c \
web_config/authfree.c web_config/auth_parameters.c\
user_manager_config/user_group_config.c user_manager_config/user_account_config.c user_manager_config/usermanager-server/array_index.c \ user_manager_config/user_group_config.c user_manager_config/user_account_config.c user_manager_config/usermanager-server/array_index.c \
user_manager_config/usermanager-server/user_group.c user_manager_config/usermanager-server/user_mod.c user_manager_config/usermanager-server/user.c \ user_manager_config/usermanager-server/user_group.c user_manager_config/usermanager-server/user_mod.c user_manager_config/usermanager-server/user.c \
log_config/log_config_console.c log_config/log_config_init.c log_config/log_config_cm.c log_config/log_config_monitor.c log_config/log_config_remote.c log_config/log_config_file.c log_config/log_config_console.c log_config/log_config_init.c log_config/log_config_cm.c log_config/log_config_monitor.c log_config/log_config_remote.c log_config/log_config_file.c

32
Platform/build/user.freeauth.Makefile
View File

@ -1,19 +1,19 @@
# target name, the target name must have the same name of c source file # target name, the target name must have the same name of c source file
TARGET_NAME=freeauth TARGET_NAME=freeauth
# target # target
# for linux module driver: KO # for linux module driver: KO
# for application: EXE # for application: EXE
# for dynamic library: DLL # for dynamic library: DLL
TARGET_TYPE = EXE TARGET_TYPE = EXE
# target object # target object
# for application: APP # for application: APP
# for device driver: DRV # for device driver: DRV
TARGET_OBJ = APP TARGET_OBJ = APP
# custom install dir # custom install dir
TARGET_BOX = TARGET_BOX =
#debug mode or release mode #debug mode or release mode
DEBUG = TRUE DEBUG = TRUE
@ -21,34 +21,34 @@ DEBUG = TRUE
PLAT_LINUX ?= TRUE PLAT_LINUX ?= TRUE
PLAT_ARM64 ?= TRUE PLAT_ARM64 ?= TRUE
VPATH = ../user/configm/config-server VPATH = ../user/configm/config-server ../user/configm/config-server/web_config
# source code # source code
# set the source file, don't used .o because of ... # set the source file, don't used .o because of ...
COMMON_SRCS = web_config/auth_parameters.c COMMON_SRCS = auth_parameters.c \
config-adm/user_authpara.c
# MRS Board Source Files # MRS Board Source Files
PLAT_LINUX_SRCS = $(COMMON_SRCS) PLAT_LINUX_SRCS = $(COMMON_SRCS)
PLAT_ARM64_SRCS = $(COMMON_SRCS) PLAT_ARM64_SRCS = $(COMMON_SRCS)
COMMOM_CFLAGS = -I../user/configm/config-server/include -I../../Common -I../common/redismq -I../common/database -I../common/configm -I../common/rpc -I../common/rpc/hashtable -I../common/ulog -I../user/configm/config-server/netconfig/ -I../user/configm/config-server/netconfig/bridge/include COMMOM_CFLAGS = -DUSED_MAIN -I../user/configm/config-server/include -I../../Common -I../common/redismq -I../common/database -I../common/configm -I../common/rpc -I../common/rpc/hashtable -I../common/ulog -I../user/configm/config-server/netconfig/ -I../user/configm/config-server/netconfig/bridge/include
# gcc CFLAGS # gcc CFLAGS
PLAT_ARM64_CFLAGS := $(COMMOM_CFLAGS) PLAT_ARM64_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/arm64/usr/local/include
PLAT_LINUX_CFLAGS := $(COMMOM_CFLAGS) PLAT_LINUX_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/x86_64/usr/local/include
PLAT_ARM64_LDFLAGS := PLAT_ARM64_LDFLAGS := -L ../../Platform/build/debug
PLAT_LINUX_LDFLAGS := PLAT_LINUX_LDFLAGS := $(PLAT_LINUX_LDFLAGS)
#gcc libs #gcc libs
ARM64_LIBS := -lopenrpc-arm64 -lnetlinku-arm64 -lredismq-arm64 -ldatabase-arm64 ARM64_LIBS := -lopenrpc-arm64 -lnetlinku-arm64 -lredismq-arm64 -lulogapi-arm64 -ldatabase-arm64
LINUX_LIBS := -lopenrpc-linux -lnetlinku-linux -lredismq-linux -ldatabase-linux ARM64_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev
ARM64_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev -lodbc
LINUX_LIBS := -lopenrpc-linux -lnetlinku-linux -lredismq-linux -lulogapi-linux -ldatabase-linux
LINUX_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev
LINUX_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lodbc # this line must be at below of thus, because of...
# this line must be at below of thus, because of...
include ../../Common/common.Makefile include ../../Common/common.Makefile
ifneq ($(MAKECMDGOALS), clean) ifneq ($(MAKECMDGOALS), clean)

478
Platform/user/configm/config-server/web_config/auth_parameters.c
View File

@ -1,12 +1,16 @@
#include "../include/parsefile.h" #include "../include/parsefile.h"
#include "../include/configm.h" #include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h" #include "../../../netlink_uapi/libnetlinku.h"
#include "../../../../common/rpc/rpc.h"
#include "authfree.h" #include "authfree.h"
#include <cjson/cJSON.h> #include <cjson/cJSON.h>
#include "../../../../../Common/s2j/s2j.h" #include "s2j/s2j.h"
#include "../../../../../Common/commuapinl.h" #include "commuapinl.h"
#include "auth_parameters.h" #include "auth_parameters.h"
#include "rpc.h"
#include "../Platform/common/database/database.h"
#include "include/user_authpara.h"
#include "config_manager.h"
/*定义结构体 存认证参数*/ /*定义结构体 存认证参数*/
auth_parameters_t *auth_para; auth_parameters_t *auth_para;
@ -27,7 +31,6 @@ int authparInit()
return 0; return 0;
} }
/*下发用户老化时间配置到内核态 */ /*下发用户老化时间配置到内核态 */
int set_agingtimecfg_waitack(int *agingtime) int set_agingtimecfg_waitack(int *agingtime)
{ {
@ -103,7 +106,7 @@ return 0;
} }
/*检查IP地址是否有效端口号是否被占用 */ /*检查IP地址是否有效端口号是否被占用 */
int _valid_ipv4_port(const char *str, int port) int _valid_port(int port)
{ {
int ret; int ret;
int fd; int fd;
@ -117,55 +120,35 @@ int _valid_ipv4_port(const char *str, int port)
return -1; return -1;
} }
errno = 0; addr.sin_family = AF_INET; /*地址结构的协议簇 */
local_errno = errno; addr.sin_port=htons(port); /*地址结构的端口地址,网络字节序 */
i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr)));
printf("the value of i:%d\n", i);
ret = inet_pton(AF_INET, str ,&addr.sin_addr); if( i < 0)
printf("the value of ret is:%d\n",ret);
if(ret > 0)
{ {
fprintf(stderr, "\"%s\" is a vaild IPv4 address\n", str); printf("port %d has been used. \n", port);
addr.sin_family = AF_INET; /*地址结构的协议簇 */
addr.sin_port=htons(port); /*地址结构的端口地址,网络字节序 */
printf("the value of str:%s\n", str);
i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr)));
printf("the value of i:%d\n", i);
if( i < 0)
{
printf("port %d has been used. \n", port);
close(fd);
return -1;
}
printf("port %d is ok. \n", port);
close(fd);
return 0;
}
else if (ret < 0)
{
fprintf(stderr, "EAFNOSUPPORT: %s\n", strerror(local_errno));
close(fd);
return -1;
}
else
{
fprintf(stderr, "\"%s\" is not a vaild IPv4 address\n", str);
close(fd); close(fd);
return -1; return -1;
} }
close(fd);
return 0;
//if(port > 0 && port < 65535) printf("port %d is ok. \n", port);
} }
/* iuput格式{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ /* iuput格式{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff) ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff)
{ {
char* pString = (char*)input;
ret_code ret = RET_OK; ret_code ret = RET_OK;
cJSON *cjson, *type, *data; cJSON *cjson, *type, *data;
printf("json:[%s]\n", pString);
/*JSON字符串到JSON格式 */ /*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input); cjson = cJSON_Parse(pString);
if(!cjson) if(!cjson)
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
@ -190,7 +173,6 @@ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_paramet
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
cJSON_Delete(cjson); cJSON_Delete(cjson);
cJSON_Delete(type);
return ret; return ret;
} }
@ -199,353 +181,141 @@ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_paramet
if(auth_parameters == NULL) if(auth_parameters == NULL)
{ {
cJSON_Delete(cjson); cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_NOMEM; return RET_NOMEM;
} }
/*反序列化数据到freeauth_configure_t结构体对象 */ /*反序列化数据到freeauth_configure_t结构体对象 */
s2j_struct_get_basic_element(auth_parameters, data, int, ip);
s2j_struct_get_basic_element(auth_parameters, data, int, port); s2j_struct_get_basic_element(auth_parameters, data, int, port);
s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon); s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon);
s2j_struct_get_basic_element(auth_parameters, data, int, failcount); s2j_struct_get_basic_element(auth_parameters, data, int, failcount);
s2j_struct_get_basic_element(auth_parameters, data, int, locktime); s2j_struct_get_basic_element(auth_parameters, data, int, locktime);
s2j_struct_get_basic_element(auth_parameters, data, int, aging_time); s2j_struct_get_basic_element(auth_parameters, data, int, aging_time);
authpara_buff->ip = auth_parameters->ip;
authpara_buff->port = auth_parameters->port; authpara_buff->port = auth_parameters->port;
authpara_buff->timehorizon = auth_parameters->timehorizon; authpara_buff->timehorizon = auth_parameters->timehorizon;
authpara_buff->failcount = auth_parameters->failcount; authpara_buff->failcount = auth_parameters->failcount;
authpara_buff->locktime = auth_parameters->locktime; authpara_buff->locktime = auth_parameters->locktime;
authpara_buff->aging_time = auth_parameters->aging_time; authpara_buff->aging_time = auth_parameters->aging_time;
s2j_delete_struct_obj(auth_parameters); //s2j_delete_struct_obj(auth_parameters);
cJSON_Delete(cjson); cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_OK; return RET_OK;
} }
/*检查增加的参数格式是否正确 */
ret_code authpara_config_add_chk(uint source,uint config_type, ret_code authpara_config_chk(uint source, uint *config_type,
pointer input, int input_len, pointer input, int *input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
ret_code ret = RET_OK; ret_code ret = RET_OK;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
char str[32] = {0};
if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*判断IP地址格式是否正确、端口号是否被占用*/
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&auth_parameters->ip, str, 32);
char *ip_addr = str;
if( (_valid_ipv4_port(ip_addr, auth_parameters->port)) < 0 )
{
free(auth_parameters);
ret = RET_ERR;
return ret;
}
/*配置的用户失败次数如果小于0则配置错误 */
if(auth_parameters->failcount < FAIL_MIN_NUM )
{
free(auth_parameters);
printf("userlock configure error\n");
ret = RET_ERR;
return ret;
}
/*配置的用户锁定时间如果小于0则配置错误 */
if(auth_parameters->locktime < LOCK_MIN_TIME )
{
free(auth_parameters);
printf("locktime configure error\n");
ret = RET_ERR;
return ret;
}
/*配置的用户认证时间范围如果小于0则配置错误 */
if(auth_parameters->timehorizon < HORIZON_MIN_VALUE )
{
free(auth_parameters);
printf("timehorizon configure error\n");
ret = RET_ERR;
return ret;
}
free(auth_parameters);
return RET_OK;
}
/*修改认证参数 */
ret_code authpara_config_mod_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*判断认证参数是否存在*/
if(NULL == auth_para)
{
ret = RET_ERR;
return ret;
}
return RET_OK;
}
/*chk data格式 */
ret_code authpara_config_chk(uint source,uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
auth_parameters_t auth_parameters = {0};
int config_len = sizeof(auth_parameters_t);
uint conf_type = AUTHPARA_CONFIG_GET;
int code = 0;
authpara_config_json_parse(input, &conf_type, &auth_parameters);
switch (conf_type)
{
case AUTHPARA_CONFIG_ADD:
ret = authpara_config_add_chk(source, conf_type,
&auth_parameters, config_len,
output, output_len);
break;
case AUTHPARA_CONFIG_MOD:
ret = authpara_config_mod_chk(source, conf_type,
&auth_parameters, config_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
}
if(config_len <= CM_BUFF_SIZE)
{
memset(input, 0, *input_len);
memcpy(input, &auth_parameters, config_len);
*config_type = conf_type;
*input_len = config_len;
}
else
{
ret = RET_NOMEM;
}
RET_ERR_FORMART(ret, code, output, *output_len);
return ret; return ret;
} }
ret_code authpara_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
int r = -1;
/*增加数据库*/
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_agingtimecfg_waitack(&(auth_parameters->aging_time));
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(auth_parameters);
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "result", r);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(auth_parameters);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(auth_parameters);
return RET_OK;
}
ret_code authpara_config_mod_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
int r = -1;
/*数据库修改*/
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_agingtimecfg_waitack(&(auth_parameters->aging_time));
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(auth_parameters);
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "result", r);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(auth_parameters);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(auth_parameters);
return RET_OK;
}
ret_code authpara_config_proc(uint source, uint config_type, ret_code authpara_config_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
uint conf_type = config_type;
ret_code ret = RET_OK; ret_code ret = RET_OK;
auth_parameters_t conf_buff = {0}; auth_parameters_t auth_parameters = {0};
auth_parameters_t *auth_parameters = &conf_buff; int config_len = sizeof(auth_parameters_t);
uint conf_type = AUTHPARA_CONFIG_MOD;
int code = 0;
cJSON *res; cJSON *res;
char * ret_char = NULL; char * ret_char = NULL;
unsigned int ret_int = 0; unsigned int ret_int = 0;
configure_result_t *configure_result;
int r = -1;
int portresult = 0;
auth_parameters = (auth_parameters_t *)input; authpara_config_json_parse(input, &conf_type, &auth_parameters);
rpc_log_info("config type is %d, ip %d port %d timehorizon %d failcount %d locktime %d aging_time %d\n", if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
conf_type, auth_parameters->ip, auth_parameters->port, {
auth_parameters->timehorizon, auth_parameters->failcount, ret = RET_INPUTERR;
auth_parameters->locktime, auth_parameters->aging_time); return ret;
}
switch (conf_type)
{ portresult = _valid_port(auth_parameters.port);
case AUTHPARA_CONFIG_ADD: if(portresult = 1)
ret = authpara_config_add_proc(source, conf_type, {
&auth_parameters, input_len, return RET_CHKERR;
output, output_len);
break;
case AUTHPARA_CONFIG_MOD:
ret = authpara_config_mod_proc(source, conf_type,
&auth_parameters, input_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
} }
/*数据库修改 存入全局变量*/
configure_result = (configure_result_t *)malloc(sizeof(configure_result_t));
if (NULL == configure_result)
{
return RET_NOMEM;
}
mod_authpara(auth_parameters.port, auth_parameters.timehorizon, auth_parameters.failcount,
auth_parameters.locktime, auth_parameters.aging_time, configure_result);
/*共享内存 传送用户态和内核态之间的配置信息*/
#if 0
/*存数据库成功则下发到内核态auth_hook*/
if(0 == configure_result->resultcode )
{
/*用户态下发到内核态auth_hook */
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_agingtimecfg_waitack(&(auth_parameters.aging_time));
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
}
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "resultcode", configure_result->resultcode);
cJSON_AddStringToObject(res, "message", configure_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
return RET_OK; return RET_OK;
} }

41
Platform/user/configm/config-server/web_config/auth_parameters.h
View File

@ -14,13 +14,11 @@
#define LOCK_MIN_TIME 0 /*锁定的最小时间 */ #define LOCK_MIN_TIME 0 /*锁定的最小时间 */
#define HORIZON_MIN_VALUE 0 /*认证时间范围的最小值 */ #define HORIZON_MIN_VALUE 0 /*认证时间范围的最小值 */
#define AUTHPARA_CONFIG_ADD 0 #define AUTHPARA_CONFIG_MOD 0
#define AUTHPARA_CONFIG_MOD 1
#define AUTHPARA_CONFIG_GET 2
/*配置消息 */ /*配置消息 */
typedef struct { typedef struct {
uint32_t ip; /*认证服务器IP地址*/
int port; /*认证服务器端口号*/ int port; /*认证服务器端口号*/
int timehorizon; /*用户认证时间范围*/ int timehorizon; /*用户认证时间范围*/
int failcount; /*用户认证时间范围*/ int failcount; /*用户认证时间范围*/
@ -28,6 +26,11 @@ typedef struct {
int aging_time; /*老化时间*/ int aging_time; /*老化时间*/
}auth_parameters_t; }auth_parameters_t;
typedef struct {
int resultcode;
char *message;
}configure_result_t;
/*全局变量初始化 失败为1 成功为0*/ /*全局变量初始化 失败为1 成功为0*/
int authparInit(); int authparInit();
@ -35,37 +38,19 @@ int authparInit();
int set_agingtimecfg_waitack(int *agingtime); int set_agingtimecfg_waitack(int *agingtime);
/*检查IP地址是否有效端口号是否被占用 */ /*检查IP地址是否有效端口号是否被占用 */
int _valid_ipv4_port(const char *str, int port); int _valid_port(int port);
/* iuput格式{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ /* iuput格式{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff); ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff);
/*检查增加的参数格式是否正确 */ /*检查增加的参数格式是否正确 */
ret_code authpara_config_add_chk(uint source,uint config_type, ret_code authpara_config_chk(uint source, uint *config_type,
pointer input, int input_len, pointer input, int *input_len,
pointer output, int *output_len);
ret_code authpara_config_mod_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
ret_code authpara_config_chk(uint source,uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len);
ret_code authpara_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
ret_code authpara_config_mod_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len); pointer output, int *output_len);
ret_code authpara_config_proc(uint source, uint config_type, ret_code authpara_config_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len); pointer output, int *output_len);
#endif #endif

727
Platform/user/configm/config-server/web_config/authfree.c
View File

@ -1,32 +1,26 @@
#include "../include/parsefile.h" #include "../include/parsefile.h"
#include "../include/configm.h" #include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h" #include "../../../netlink_uapi/libnetlinku.h"
#include "../../../../common/rpc/rpc.h" #include "rpc.h"
#include "authfree.h" #include "authfree.h"
#include "auth_parameters.h"
#include <cjson/cJSON.h> #include <cjson/cJSON.h>
#include "../../../../../Common/s2j/s2j.h" #include "s2j/s2j.h"
#include "../../../../../Common/commuapinl.h" #include "commuapinl.h"
#include "../Platform/common/database/database.h"
#include "include/user_authfree.h"
#include "config_manager.h"
/*定义结构体数组 存在免认证规则 */ /*定义结构体数组 存在免认证规则 */
freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0}; freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0};
#define UNAMESIZE (127 + 1)
#define SPECHAR(element) (strpbrk((element), "~!@#$%^&*()_+{}|:\"<>?\\,./;\'[]-=`")) //校验特殊字符
#ifdef FREEAUTH_ACK_COOKIES #ifdef FREEAUTH_ACK_COOKIES
#define CFG_FREEAUTH_ACK_COOKIES #define CFG_FREEAUTH_ACK_COOKIES
#endif #endif
/*全局变量初始化 失败为1 成功为0*/
int authfreeInit(freeauth_configure_t **localuser)
{
*localuser = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t));
if (NULL == *localuser)
{
return 1;
}
return 0;
}
/* 判断IPv4格式是否正确*/ /* 判断IPv4格式是否正确*/
int isIpV4Addr(const char *ipAddr) int isIpV4Addr(const char *ipAddr)
{ {
@ -35,17 +29,16 @@ int isIpV4Addr(const char *ipAddr)
int ip_part_3 = 0; int ip_part_3 = 0;
int ip_part_4 = 0; int ip_part_4 = 0;
char end_char = 0; char end_char = 0;
if((NULL == ipAddr) || (0 == strlen(ipAddr))) if ((NULL == ipAddr) || (0 == strlen(ipAddr)))
{ {
return -1; return -1;
} }
if(4 == sscanf(ipAddr,"%d.%d.%d.%d%c",&ip_part_1,&ip_part_2,&ip_part_3,&ip_part_4,&end_char)) if (4 == sscanf(ipAddr, "%d.%d.%d.%d%c", &ip_part_1, &ip_part_2, &ip_part_3, &ip_part_4, &end_char))
{ {
if((ip_part_1 >= 0) && (ip_part_1 <= 255) && if ((ip_part_1 >= 0) && (ip_part_1 <= 255) &&
(ip_part_2 >= 0) && (ip_part_2 <= 255) && (ip_part_2 >= 0) && (ip_part_2 <= 255) &&
(ip_part_3 >= 0) && (ip_part_3 <= 255) && (ip_part_3 >= 0) && (ip_part_3 <= 255) &&
(ip_part_4 >= 0) && (ip_part_4 <= 255) (ip_part_4 >= 0) && (ip_part_4 <= 255))
)
{ {
return 0; return 0;
} }
@ -53,55 +46,57 @@ int isIpV4Addr(const char *ipAddr)
return -1; return -1;
} }
/*下发配置到内核态 */ /*下发配置到内核态 */
int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth) int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth)
{ {
int freeauth_len = 0; int freeauth_len = 0;
struct nlmsghdr *ack = NULL; struct nlmsghdr *ack = NULL;
struct nlmsghdr **answer = &ack; struct nlmsghdr **answer = &ack;
struct{ struct
{
struct nlmsghdr n; struct nlmsghdr n;
char buf[1024]; char buf[1024];
} req ={ } req = {
.n.nlmsg_len = NLMSG_LENGTH(0), .n.nlmsg_len = NLMSG_LENGTH(0),
#ifdef CFG_FREEAUTH_ACK_COOKIES #ifdef CFG_FREEAUTH_ACK_COOKIES
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACKuse kernel auto ack*/ .n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK, /*set NLM_F_ACKuse kernel auto ack*/
#else #else
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */ .n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
#endif #endif
.n.nlmsg_type = FREEAUTH_CFG, .n.nlmsg_type = FREEAUTH_CFG,
.n.nlmsg_pid = getpid(), .n.nlmsg_pid = getpid(),
}; };
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
if (struct_freeauth == NULL)
{
printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n");
return -1;
}
else
{
char str[32];
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
char *sip_addr = str;
char dtr[32];
memset(dtr, 0, 32);
inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32);
char *dip_addr = dtr;
printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n",
struct_freeauth->name, sip_addr, dip_addr,
struct_freeauth->dport);
}
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
if (struct_freeauth == NULL)
{
printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n");
return -1;
}else
{
char str[32];
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
char *sip_addr = str;
char dtr[32];
memset(dtr, 0, 32);
inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32);
char *dip_addr = dtr;
printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n",
struct_freeauth->name, sip_addr, dip_addr,
struct_freeauth->dport);
}
/*计算需要发送的数据的长度 */ /*计算需要发送的数据的长度 */
freeauth_len = sizeof(freeauth_configure_t); freeauth_len = sizeof(freeauth_configure_t);
/*可选属性 */ /*可选属性 */
commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len); commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len);
/*发送组装好的netlink消息 */ /*发送组装好的netlink消息 */
if(pdeliv_talk(1, &req.n, answer) < 0) if (pdeliv_talk(1, &req.n, answer) < 0)
{ {
printf("set_user_freeauth_waitack rcv ack msg faild.\r\n"); printf("set_user_freeauth_waitack rcv ack msg faild.\r\n");
return -2; return -2;
@ -110,51 +105,54 @@ if (struct_freeauth == NULL)
{ {
printf("set_user_freeauth_waitack rcv ack msg success.\r\n"); printf("set_user_freeauth_waitack rcv ack msg success.\r\n");
} }
if(*answer != NULL) if (*answer != NULL)
{ {
printf("set_user_freeauth_waitack rcv answer.\r\n"); printf("set_user_freeauth_waitack rcv answer.\r\n");
} }
else{ else
printf("set_user_freeauth_waitack rcv answer error.\r\n"); {
return -3; printf("set_user_freeauth_waitack rcv answer error.\r\n");
} return -3;
}
#ifdef CFG_FREEAUTH_ACK_COOKIES #ifdef CFG_FREEAUTH_ACK_COOKIES
/*recv answer*/ /*recv answer*/
if((*answer)->nlmsg_type == NLMSG_ERROR){ if ((*answer)->nlmsg_type == NLMSG_ERROR)
nl_debugfs_extack(*answer); {
} nl_debugfs_extack(*answer);
}
#else #else
/*recv answer*/ /*recv answer*/
if((*answer)->nlmsg_type == FREEAUTH_CFG) if ((*answer)->nlmsg_type == FREEAUTH_CFG)
{ {
nl_debugfs(*answer); nl_debugfs(*answer);
} }
#endif #endif
return 0; return 0;
} }
/* 判断免认证规则格式 /* 判断免认证规则格式 iuput格式{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/
* iuput格式{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/
ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff) ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff)
{ {
char *pString = (char *)input;
ret_code ret = RET_OK; ret_code ret = RET_OK;
cJSON *cjson, *type, *data; cJSON *cjson, *type, *data;
printf("json:[%s]\n", pString);
/*JSON字符串到JSON格式 */ /*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input); cjson = cJSON_Parse(pString);
if(!cjson) if (!cjson)
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
ASSERT_RET(ret); ASSERT_RET(ret);
return ret; return ret;
} }
/*获取操作类型 add、mod、del */ /*获取操作类型 add、mod、del */
type = cJSON_GetObjectItem(cjson, "type"); type = cJSON_GetObjectItem(cjson, "type");
if(!type) if (!type)
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
cJSON_Delete(cjson); cJSON_Delete(cjson);
@ -165,21 +163,18 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con
/*获取免认证规则的data部分 */ /*获取免认证规则的data部分 */
data = cJSON_GetObjectItem(cjson, "data"); data = cJSON_GetObjectItem(cjson, "data");
if(!data) if (!data)
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
cJSON_Delete(cjson); cJSON_Delete(cjson);
cJSON_Delete(type);
return ret; return ret;
} }
/*创建freeauth_configure_t结构体对象 */ /*创建freeauth_configure_t结构体对象 */
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t); s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
if(struct_freeauth == NULL) if (struct_freeauth == NULL)
{ {
cJSON_Delete(cjson); cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_NOMEM; return RET_NOMEM;
} }
@ -189,183 +184,112 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con
s2j_struct_get_basic_element(struct_freeauth, data, int, dip); s2j_struct_get_basic_element(struct_freeauth, data, int, dip);
s2j_struct_get_basic_element(struct_freeauth, data, int, dport); s2j_struct_get_basic_element(struct_freeauth, data, int, dport);
memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char)*32); memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char) * 32);
freeauth_buff->sip = struct_freeauth->sip; freeauth_buff->sip = struct_freeauth->sip;
freeauth_buff->dip = struct_freeauth->dip; freeauth_buff->dip = struct_freeauth->dip;
freeauth_buff->dport = struct_freeauth->dport; freeauth_buff->dport = struct_freeauth->dport;
s2j_delete_struct_obj(struct_freeauth);
cJSON_Delete(cjson); cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_OK; return RET_OK;
} }
/*检查增加的参数格式是否正确 */ /*chk data格式 */
ret_code freeauth_config_add_chk(uint source,uint config_type, ret_code freeauth_config_chk(uint source, uint *config_type,
pointer input, int input_len, pointer input, int *input_len,
pointer output, int *output_len) pointer output, int *output_len)
{
ret_code ret = RET_OK;
return ret;
}
ret_code freeauth_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{ {
ret_code ret = RET_OK; ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure; freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input; freeauth_configure = (freeauth_configure_t *)input;
char str[32] = {0}; char str[32] = {0};
char dtr[32] = {0}; char dtr[32] = {0};
cJSON *res;
char *ret_char = NULL;
unsigned int ret_int = 0;
authfree_result_t *authfree_result;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t))) if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{ {
ret = RET_INPUTERR; ret = RET_INPUTERR;
return ret; return ret;
} }
/*校验用户名长度 特殊字符等*/
if (NULL == freeauth_configure->name || (UNAMESIZE) < strlen(freeauth_configure->name) || 0 >= strlen(freeauth_configure->name))
{
ret = RET_INPUTERR;
return ret;
}
/* 校验用户名中不含特殊字符 */
if (SPECHAR(freeauth_configure->name))
{
ret = RET_INPUTERR;
return ret;
}
/*校验源IP地址是否符合格式*/
memset(str, 0, 32); memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&freeauth_configure->sip, str, 32); inet_ntop(AF_INET, (void *)&freeauth_configure->sip, str, 32);
char *sip_addr = str; char *sip_addr = str;
if( isIpV4Addr(sip_addr) < 0 ) if (isIpV4Addr(sip_addr) < 0)
{ {
ret = RET_IPINVALID; ret = RET_IPINVALID;
return ret; return ret;
} }
/*校验目的IP地址是否符合格式*/
memset(dtr, 0, 32); memset(dtr, 0, 32);
inet_ntop(AF_INET, (void *)&freeauth_configure->dip, dtr, 32); inet_ntop(AF_INET, (void *)&freeauth_configure->dip, dtr, 32);
char *dip_addr = dtr; char *dip_addr = dtr;
if( isIpV4Addr(dip_addr) < 0 ) if (isIpV4Addr(dip_addr) < 0)
{ {
ret = RET_IPINVALID; ret = RET_IPINVALID;
return ret; return ret;
} }
if ( (freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM )) if ((freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM))
{ {
ret = RET_IPINVALID; /*先用IPVAILD表示后面加PORTVAILD */ ret = RET_IPINVALID; /*先用IPVAILD表示后面加PORTVAILD */
return ret; return ret;
} }
return RET_OK;
}
/*查找要增加的未认证权限是否重名 该名字已存在 则退出程序 */
/*删除的时候以免认证规则名作为参数,检查免认证规则名是否存在 */ for (i = 0; i < RULE_MAX_NUM; i++)
ret_code freeauth_config_del_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
for(i = 0; i < RULE_MAX_NUM; i++)
{ {
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name)) /*两个字符串相等 strcmp值为0*/
return RET_NOTFOUND; if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name))
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
return RET_NOTFOUND;
}
else
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
}
} }
return RET_OK;
}
/*修改 查询要修改的内容是否存在 */ /*数据库修改 存入全局变量*/
ret_code freeauth_config_mod_chk(uint source,uint config_type, authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
pointer input, int input_len, if (NULL == authfree_result)
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*检查修改的内容是否存在 */
for(i = 0; i < RULE_MAX_NUM; i++)
{ {
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name)) return RET_NOMEM;
return RET_NOTFOUND;
}
return RET_OK;
}
/*chk data格式 */
ret_code freeauth_config_chk(uint source,uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t freeauth_configure = {0};
int config_len = sizeof(freeauth_configure_t);
uint conf_type = FREEAUTH_CONFIG_GET;
int code = 0;
freeauth_config_json_parse(input, &conf_type, &freeauth_configure);
switch (conf_type)
{
case FREEAUTH_CONFIG_ADD:
ret = freeauth_config_add_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
case FREEAUTH_CONFIG_MOD:
ret = freeauth_config_mod_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
case FREEAUTH_CONFIG_DEL:
ret = freeauth_config_del_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
} }
if(config_len <= CM_BUFF_SIZE) add_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
{ freeauth_configure->dport, authfree_result);
memset(input, 0, *input_len);
memcpy(input, &freeauth_configure, config_len);
*config_type = conf_type;
*input_len = config_len;
}
else
{
ret = RET_NOMEM;
}
RET_ERR_FORMART(ret, code, output, *output_len);
return ret;
}
ret_code freeauth_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
/*增加数据库*/
/*存入全局变量*/
#if 0
/*用户态下发到内核态auth_hook */ /*用户态下发到内核态auth_hook */
int r = -1; int r = -1;
printf("cfgchannel main begin:\r\n"); printf("cfgchannel main begin:\r\n");
@ -389,244 +313,283 @@ ret_code freeauth_config_add_proc(uint source, uint config_type,
/*关闭netlink通道 */ /*关闭netlink通道 */
commcfgnl_close(); commcfgnl_close();
printf("cfgchannel main exit!\r\n"); printf("cfgchannel main exit!\r\n");
#endif
/*创建json对象 */ /*创建json对象 */
res = cJSON_CreateObject(); res = cJSON_CreateObject();
if(!res) if (!res)
{ {
free(freeauth_configure); free(freeauth_configure);
ret = RET_ERR; ret = RET_ERR;
return ret; return ret;
} }
/*将json对象转换成json字符串 返回处理结果*/ /*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "result", r); cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode);
cJSON_AddStringToObject(res, "message", authfree_result->message);
ret_char = cJSON_PrintUnformatted(res); ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char); ret_int = strlen(ret_char);
if(output_len) if (output_len)
{ {
*output_len = ret_int; *output_len = ret_int;
} }
/*超出2k的内存报错 */ /*超出2k的内存报错 */
if(ret_int >= 1024 * 2) if (ret_int >= 1024 * 2)
{ {
free(freeauth_configure);
free(ret_char); free(ret_char);
cJSON_Delete(res); cJSON_Delete(res);
return RET_NOMEM; return RET_NOMEM;
} }
memcpy(output, 0, ret_int + 1); memcpy(output, ret_char, ret_int + 1);
strcpy(output, ret_char);
free(ret_char); free(ret_char);
cJSON_Delete(res); cJSON_Delete(res);
free(freeauth_configure); return RET_OK;
return RET_OK;
} }
ret_code freeauth_config_mod_proc(uint source, uint config_type, ret_code freeauth_config_mod_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure; freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input; freeauth_configure = (freeauth_configure_t *)input;
ret_code ret = RET_OK;
cJSON *res;
char *ret_char = NULL;
unsigned int ret_int = 0;
int i;
authfree_result_t *authfree_result;
/*数据库修改*/ if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{ {
printf(" pdlivnl_open fail, exit.\r\n"); ret = RET_INPUTERR;
return RET_ERR;
}
/*下发配置到内核态 */
r = set_freeauthcfg_waitack(freeauth_configure);
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(freeauth_configure);
ret = RET_ERR;
return ret; return ret;
} }
cJSON_AddNumberToObject(res, "result", r); /*查找要修改的免认证规则名字,不存在则退出程序 */
for (i = 0; i < RULE_MAX_NUM; i++)
/*将json对象转换成json字符串 */
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{ {
*output_len = ret_int; /*两个字符串相等 strcmp值为0*/
} if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name))
{
/*超出2k的内存报错 */ printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
if(ret_int >= 1024 * 2) /*数据库修改 存入全局变量*/
{ authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
free(freeauth_configure); if (NULL == authfree_result)
free(ret_char); {
cJSON_Delete(res); return RET_NOMEM;
return RET_NOMEM; }
}
memcpy(output, 0, ret_int + 1); mod_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
strcpy(output, ret_char); freeauth_configure->dport, authfree_result);
free(ret_char); #if 0
cJSON_Delete(res); /*用户态下发到内核态auth_hook */
free(freeauth_configure); int r = -1;
return RET_OK; printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_freeauthcfg_waitack(freeauth_configure);
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if (!res)
{
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode);
cJSON_AddStringToObject(res, "message", authfree_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if (output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if (ret_int >= 1024 * 2)
{
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
return RET_OK;
}
}
} }
ret_code freeauth_config_del_proc(uint source, uint config_type, ret_code freeauth_config_del_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
ret_code ret = RET_OK; ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure; freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input; freeauth_configure = (freeauth_configure_t *)input;
cJSON *res;
char *ret_char = NULL;
unsigned int ret_int = 0;
int i;
authfree_result_t *authfree_result;
/*数据库删除*/
/*存入全局变量*/ if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_freeauthcfg_waitack(freeauth_configure);
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{ {
free(freeauth_configure); ret = RET_INPUTERR;
ret = RET_ERR;
return ret; return ret;
} }
cJSON_AddNumberToObject(res, "result", r);
/*将json对象转换成json字符串 */
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2) /*查找要删除的免认证规则名字,不存在则退出程序 */
for (i = 0; i < RULE_MAX_NUM; i++)
{ {
free(freeauth_configure); /*两个字符串相等 strcmp值为0*/
free(ret_char); if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name))
cJSON_Delete(res); {
return RET_NOMEM; printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
/*数据库修改 存入全局变量*/
authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
if (NULL == authfree_result)
{
return RET_NOMEM;
}
del_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport, authfree_result);
#if 0
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_freeauthcfg_waitack(freeauth_configure);
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if (!res)
{
free(freeauth_configure);
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode);
cJSON_AddStringToObject(res, "message", authfree_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if (output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if (ret_int >= 1024 * 2)
{
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
return RET_OK;
}
} }
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(freeauth_configure);
return RET_OK;
} }
ret_code freeauth_config_proc(uint source, uint config_type, ret_code freeauth_config_proc(uint source, uint config_type,
pointer input, int input_len, pointer input, int input_len,
pointer output, int *output_len) pointer output, int *output_len)
{ {
uint conf_type = config_type;
ret_code ret = RET_OK; ret_code ret = RET_OK;
freeauth_configure_t freeauth_configure = {0};
int config_len = sizeof(freeauth_configure_t);
uint conf_type = FREEAUTH_CONFIG_GET;
char *ret_char = NULL;
unsigned int ret_int = 0;
int r = -1; int r = -1;
cJSON *res; cJSON *res;
char * ret_char = NULL; int code = 0;
unsigned int ret_int = 0;
freeauth_configure_t conf_buff = {0};
freeauth_configure_t *freeauth_configure = &conf_buff;
freeauth_configure = (freeauth_configure_t *)input; freeauth_config_json_parse(input, &conf_type, &freeauth_configure);
rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n", rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n",
conf_type, freeauth_configure->name, conf_type, freeauth_configure.name,
freeauth_configure->sip, freeauth_configure->dip, freeauth_configure.sip, freeauth_configure.dip,
freeauth_configure->dport); freeauth_configure.dport);
switch (conf_type) switch (conf_type)
{ {
case FREEAUTH_CONFIG_ADD: case FREEAUTH_CONFIG_ADD:
ret = freeauth_config_add_proc(source, conf_type, ret = freeauth_config_add_proc(source, conf_type,
&freeauth_configure, input_len, &freeauth_configure, input_len,
output, output_len); output, output_len);
break; break;
case FREEAUTH_CONFIG_MOD: case FREEAUTH_CONFIG_MOD:
ret = freeauth_config_mod_proc(source, conf_type, ret = freeauth_config_mod_proc(source, conf_type,
&freeauth_configure, input_len, &freeauth_configure, input_len,
output, output_len); output, output_len);
break; break;
case FREEAUTH_CONFIG_DEL: case FREEAUTH_CONFIG_DEL:
ret = freeauth_config_del_proc(source, conf_type, ret = freeauth_config_del_proc(source, conf_type,
&freeauth_configure, input_len, &freeauth_configure, input_len,
output, output_len); output, output_len);
break; break;
default: default:
ret = RET_NOTSUPPORT; ret = RET_NOTSUPPORT;
} }
return RET_OK; return RET_OK;
} }

9
Platform/user/configm/config-server/web_config/authfree.h
View File

@ -18,8 +18,8 @@
#define RULE_MAX_NUM 10 #define RULE_MAX_NUM 10
#define FREEAUTH_CONFIG_ADD 0 #define FREEAUTH_CONFIG_ADD 0
#define FREEAUTH_CONFIG_DEL 1 #define FREEAUTH_CONFIG_MOD 1
#define FREEAUTH_CONFIG_MOD 2 #define FREEAUTH_CONFIG_DEL 2
#define FREEAUTH_CONFIG_GET 3 #define FREEAUTH_CONFIG_GET 3
@ -31,6 +31,11 @@ typedef struct {
char name[32]; char name[32];
}freeauth_configure_t; }freeauth_configure_t;
typedef struct {
int resultcode;
char *message;
}authfree_result_t;
/*全局变量初始化 失败为1 成功为0*/ /*全局变量初始化 失败为1 成功为0*/
int authfreeInit(freeauth_configure_t **localuser); int authfreeInit(freeauth_configure_t **localuser);

323
Platform/user/configm/config-server/web_config/config-adm/user_authfree.c Normal file
View File

@ -0,0 +1,323 @@
#include <stdint.h>
#include "../authfree.h"
#include "../Platform/common/database/database.h"
#include "../include/user_authfree.h"
#include "string.h"
#define AUTHFREE_DATABASE_ID 16
#define AUTHFREE_TABLE "authfree"
extern freeauth_configure_t freeauth_array[];
#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功
#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败
#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在
#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功
#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败
#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在
#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功
#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败
#define RULENUM_EXCEED 8 //未认证权限数量超过最大值
char * authfreemes[] = {"addrule success", "addrule fail", "rule existed", "modrule success",
"modrule failure", "rule not found", "delrule success", "delrule fail", "rulenum exceed maxnum"};
/*增加未认证权限规则*/
void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result)
{
void * authfree_hdbc;
char * ret_sql = NULL;
int ret_add;
int ret;
int num;
int i;
int num_sql;
if (NULL == authfree_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID);
if(NULL == authfree_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authfree_hdbc = %p\n", authfree_hdbc);
ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)");
printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL != ret_sql)
{
/*用户名已存在*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
authfree_result->resultcode = 2;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
else
{
/* 根据指定信息查询数据库的获取的结果的条目数 条目数大于10 则不能再添加 */
char * select_num = "SELECT name, sip, dip, dport FROM `authfree`";
ret = get_select_datebase_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_num , &num_sql, 4,
DB_DATA_STRING_TYPE, strlen(name)+1, name,
DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport);
printf("num_sql = %d \n", num_sql);
printf("ret = %d \n", ret);
if (num_sql > RULE_MAX_NUM)
{
/*添加失败*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 8;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
/* 向authfree表中添加未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */
char *addfree_sql = "INSERT INTO `authfree` SET name = ?, sip = ?, dip = ?, dport = ?";
ret_add = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_INSERT, AUTHFREE_TABLE, addfree_sql, 4,
DB_DATA_STRING_TYPE, strlen(name)+1, name,
DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport);
printf("the value of ret:%d\n", ret_add);
if(0 != ret_add)
{
/*添加失败*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 1;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
}
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
/*存未认证权限数数组*/
for(i = 0; i < RULE_MAX_NUM; i++)
{
printf("the name is :%s\n", freeauth_array[i].name );
/*两个字符串相等 strcmp值为0*/
int a = strlen(freeauth_array[i].name);
printf("%d\n", a);
if (0 == strlen(freeauth_array[i].name))
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
memcpy(freeauth_array[i].name, name, sizeof(char)*32);
freeauth_array[i].sip = sip;
freeauth_array[i].dip = dip;
freeauth_array[i].dport = dport;
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
break;
}
}
#if 0
/*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
}
#endif
/*添加成功*/
authfree_result->resultcode = 0;
authfree_result->message = authfreemes[authfree_result->resultcode];
}
/*修改未认证权限*/
void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result)
{
void * authfree_hdbc;
char * ret_sql = NULL;
int ret_mod;
int ret;
int num;
int i;
if (NULL == authfree_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID);
if(NULL == authfree_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authfree_hdbc = %p\n", authfree_hdbc);
ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)");
printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL == ret_sql)
{
/*未认证权限用户名不存在*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
authfree_result->resultcode = 5;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
else
{
/*修改authfree表中内部源IP地址、目的IP地址、目的端口号 未认证权限名称不能修改 */
char *modfree_sql = "UPDATE `authfree` SET sip = ?, dip = ?, dport = ? WHERE name = ?";
ret_mod = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_UPDATE, AUTHFREE_TABLE, modfree_sql, 4,
DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
printf("the value of ret:%d\n", ret_mod);
if(0 != ret_mod)
{
/*修改失败*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 4;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
}
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
/*修改对应未认证权限数数组*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
/*两个字符串相等 strcmp值为0*/
if (0 == strcmp(freeauth_array[i].name, name))
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
freeauth_array[i].sip = sip;
freeauth_array[i].dip = dip;
freeauth_array[i].dport = dport;
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
break;
}
}
#if 0
/*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
}
#endif
/*修改成功*/
authfree_result->resultcode = 3;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
/*删除未认证权限*/
void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result)
{
void * authfree_hdbc;
char * ret_sql = NULL;
int ret_del;
int ret;
int num;
int i;
if (NULL == authfree_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID);
if(NULL == authfree_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authfree_hdbc = %p\n", authfree_hdbc);
ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)");
printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL == ret_sql)
{
/*未认证权限用户名不存在*/
authfree_result->resultcode = 5;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
else
{
/*删除authfree表中未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */
char* delfree_sql = "DELETE FROM authfree WHERE name = ?";
int ret_del = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_DEL, AUTHFREE_TABLE, delfree_sql, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
printf("the value of ret:%d\n", ret_del);
if(0 != ret_del)
{
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 7; /*删除失败*/
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
}
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
/*删除对应未认证权限数数组*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
/*两个字符串相等 strcmp值为0*/
printf("%s(%d) freeauth_array[i] = %p\n", __FUNCTION__, __LINE__, &freeauth_array[i]);
if (0 == strcmp(freeauth_array[i].name, name))
{
printf("index:%d\n", i);
int delectIndex = i;
for(i = delectIndex; i <= RULE_MAX_NUM; i++)
{
freeauth_array[i] = freeauth_array[i+1];
}
}
}
#if 0
/*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
}
#endif
/*删除成功*/
authfree_result->resultcode = 6;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}

88
Platform/user/configm/config-server/web_config/config-adm/user_authpara.c Normal file
View File

@ -0,0 +1,88 @@
#include "../include/parsefile.h"
#include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h"
#include "../../../../common/rpc/rpc.h"
#include "../authfree.h"
#include <cjson/cJSON.h>
#include "../../../../../Common/s2j/s2j.h"
#include "../../../../../Common/commuapinl.h"
#include "../auth_parameters.h"
#include "../Platform/common/database/database.h"
#define AUTHPARA_DATABASE_ID 15
#define AUTHPARA_TABLE "authparas"
extern auth_parameters_t *auth_para;
char * mes[]={"ADDSUCCESS", "ADDFAILURE"};
/*前端type类型只有修改修改数据库中的内容返回值为code message——修改成功 修改失败*/
void mod_authpara(int port, int timehorizon, int failcount, int locktime, int aging_time, configure_result_t *configure_result)
{
void * authpara_hdbc;
char * ret_sql = NULL;
int ret;
int num;
int r = -1;
if (NULL == configure_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authpara_hdbc = connect_database(AUTHPARA_DATABASE_ID);
if(NULL == authpara_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authpara_hdbc = %p\n", authpara_hdbc);
ret = create_database_table(AUTHPARA_DATABASE_ID, authpara_hdbc, "authparas", "create table authparas(port bigint, timehorizon bigint, failcount bigint, locktime bigint, aging_time bigint)");
printf("%d \n",ret);
/* 存authpara表 默认值 */
char *user1_authpara = "INSERT INTO `authparas` SET port = 8080, timehorizon = 1, failcount = 5, locktime = 10, aging_time = 10";
int ret_addauthpara = update_database(AUTHPARA_DATABASE_ID, authpara_hdbc, DB_OP_INSERT, AUTHPARA_TABLE, user1_authpara, 0);
if(0 != ret_addauthpara)
{
disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc); // ret_release记录日志
configure_result->resultcode = 1;
configure_result->message = mes[configure_result->resultcode];
return;
}
char *user_authpara = "UPDATE `authparas` SET port = ?, timehorizon = ?, failcount = ?, locktime = ?, aging_time = ?";
ret = update_database(AUTHPARA_DATABASE_ID, authpara_hdbc, DB_OP_UPDATE, AUTHPARA_TABLE, user_authpara, 5,
DB_DATA_INT_TYPE, sizeof(port), port,
DB_DATA_INT_TYPE, sizeof(timehorizon), timehorizon,
DB_DATA_INT_TYPE, sizeof(failcount), failcount,
DB_DATA_INT_TYPE, sizeof(locktime), locktime,
DB_DATA_INT_TYPE, sizeof(aging_time), aging_time);
printf("the value of ret:%d\n", ret);
if(0 != ret)
{
disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc); // ret_release记录日志
configure_result->resultcode = 1;
configure_result->message = mes[configure_result->resultcode];
return;
}
disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc);
/*存全局变量*/
auth_para->port = port;
auth_para->timehorizon = timehorizon;
auth_para->failcount = failcount;
auth_para->locktime = locktime;
auth_para->aging_time = aging_time;
configure_result->resultcode = 0;
configure_result->message = mes[configure_result->resultcode];
return;
}

22
Platform/user/configm/config-server/web_config/include/user_authfree.h Normal file
View File

@ -0,0 +1,22 @@
#ifndef USER_AUTHFREE_H_
#define USER_AUTHFREE_H_
#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功
#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败
#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在
#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功
#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败
#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在
#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功
#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败
/*增加未认证权限规则*/
void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result);
/*修改未认证权限*/
void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result);
/*删除未认证权限*/
void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result);
#endif

18
Platform/user/configm/config-server/web_config/include/user_authpara.h Normal file
View File

@ -0,0 +1,18 @@
#ifndef USER_AUTHPARA_H_
#define USER_AUTHPARA_H_
#include <stdint.h>
#include "../Platform/user/configm/config-server/web_config/auth_parameters.h"
#define ADDUSER_FAIL_NAMEDUP 4 //用户名重名
#define MODAUTHPARA_SUCCESS 0 //修改认证信息成功
#define MODAUTHPARE_FAIL_DATABASE 1 //修改数据库信息失败
/*前端type类型为修改修改数据库中的内容返回值为code message——修改成功 修改失败*/
/*修改认证参数*/
void mod_authpara( int port, int timehorizon, int failcount, int locktime, int aging_time, configure_result_t *configure_result);
#endif