cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mod aaa-12 调用数据库接口,完成数据持久化到数据库 

RCA:
RCA:
SOL:
修改人:chenling
检视人:
This commit is contained in:
ChenLing 2019-08-15 14:24:41 +08:00
parent c85337eb78
commit d7b4fd3080
10 changed files with 959 additions and 783 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Platform/build/user.configm.Makefile
View File

@ -31,6 +31,8 @@ COMMON_SRCS = configserver.c \
netconfig/ipconfig/ipconfig.c \
netconfig/bridge/brconfig.c netconfig/bridge/brnetlink.c \
netconfig/bridge/libbridge/libbridge_if.c netconfig/bridge/libbridge/libbridge_init.c netconfig/bridge/libbridge/libbridge_devif.c\
web_config/config-adm/user_authpara.c \
web_config/config-adm/user_authfree.c \
web_config/authfree.c web_config/auth_parameters.c\
user_manager_config/user_group_config.c user_manager_config/user_account_config.c user_manager_config/usermanager-server/array_index.c \
user_manager_config/usermanager-server/user_group.c user_manager_config/usermanager-server/user_mod.c user_manager_config/usermanager-server/user.c \

24
Platform/build/user.freeauth.Makefile
View File

@ -21,32 +21,32 @@ DEBUG = TRUE
PLAT_LINUX ?= TRUE
PLAT_ARM64 ?= TRUE
VPATH = ../user/configm/config-server
VPATH = ../user/configm/config-server ../user/configm/config-server/web_config
# source code
# set the source file, don't used .o because of ...
COMMON_SRCS = web_config/auth_parameters.c
COMMON_SRCS = auth_parameters.c \
config-adm/user_authpara.c
# MRS Board Source Files
PLAT_LINUX_SRCS = $(COMMON_SRCS)
PLAT_ARM64_SRCS = $(COMMON_SRCS)
COMMOM_CFLAGS = -I../user/configm/config-server/include -I../../Common -I../common/redismq -I../common/database -I../common/configm -I../common/rpc -I../common/rpc/hashtable -I../common/ulog -I../user/configm/config-server/netconfig/ -I../user/configm/config-server/netconfig/bridge/include
COMMOM_CFLAGS = -DUSED_MAIN -I../user/configm/config-server/include -I../../Common -I../common/redismq -I../common/database -I../common/configm -I../common/rpc -I../common/rpc/hashtable -I../common/ulog -I../user/configm/config-server/netconfig/ -I../user/configm/config-server/netconfig/bridge/include
# gcc CFLAGS
PLAT_ARM64_CFLAGS := $(COMMOM_CFLAGS)
PLAT_LINUX_CFLAGS := $(COMMOM_CFLAGS)
PLAT_ARM64_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/arm64/usr/local/include
PLAT_LINUX_CFLAGS := $(COMMOM_CFLAGS) -I../thirdparty/x86_64/usr/local/include
PLAT_ARM64_LDFLAGS :=
PLAT_LINUX_LDFLAGS :=
PLAT_ARM64_LDFLAGS := -L ../../Platform/build/debug
PLAT_LINUX_LDFLAGS := $(PLAT_LINUX_LDFLAGS)
#gcc libs
ARM64_LIBS := -lopenrpc-arm64 -lnetlinku-arm64 -lredismq-arm64 -ldatabase-arm64
LINUX_LIBS := -lopenrpc-linux -lnetlinku-linux -lredismq-linux -ldatabase-linux
ARM64_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev -lodbc
ARM64_LIBS := -lopenrpc-arm64 -lnetlinku-arm64 -lredismq-arm64 -lulogapi-arm64 -ldatabase-arm64
ARM64_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev
LINUX_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lodbc
LINUX_LIBS := -lopenrpc-linux -lnetlinku-linux -lredismq-linux -lulogapi-linux -ldatabase-linux
LINUX_LIBS += -lpthread -lm -lcjson -levent -ljson-c -lhiredis -lev
# this line must be at below of thus, because of...
include ../../Common/common.Makefile

440
Platform/user/configm/config-server/web_config/auth_parameters.c
View File

@ -1,12 +1,16 @@
#include "../include/parsefile.h"
#include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h"
#include "../../../../common/rpc/rpc.h"
#include "authfree.h"
#include <cjson/cJSON.h>
#include "../../../../../Common/s2j/s2j.h"
#include "../../../../../Common/commuapinl.h"
#include "s2j/s2j.h"
#include "commuapinl.h"
#include "auth_parameters.h"
#include "rpc.h"
#include "../Platform/common/database/database.h"
#include "include/user_authpara.h"
#include "config_manager.h"
/*定义结构体 存认证参数*/
auth_parameters_t *auth_para;
@ -27,7 +31,6 @@ int authparInit()
return 0;
}
/*下发用户老化时间配置到内核态 */
int set_agingtimecfg_waitack(int *agingtime)
{
@ -103,7 +106,7 @@ return 0;
}
/*检查IP地址是否有效端口号是否被占用 */
int _valid_ipv4_port(const char *str, int port)
int _valid_port(int port)
{
int ret;
int fd;
@ -117,18 +120,9 @@ int _valid_ipv4_port(const char *str, int port)
return -1;
}
errno = 0;
local_errno = errno;
ret = inet_pton(AF_INET, str ,&addr.sin_addr);
printf("the value of ret is:%d\n",ret);
if(ret > 0)
{
fprintf(stderr, "\"%s\" is a vaild IPv4 address\n", str);
addr.sin_family = AF_INET; /*地址结构的协议簇 */
addr.sin_port=htons(port); /*地址结构的端口地址,网络字节序 */
printf("the value of str:%s\n", str);
i = (bind(fd, (struct sockaddr*)&addr, sizeof(struct sockaddr)));
printf("the value of i:%d\n", i);
@ -139,33 +133,22 @@ int _valid_ipv4_port(const char *str, int port)
return -1;
}
printf("port %d is ok. \n", port);
close(fd);
return 0;
}
else if (ret < 0)
{
fprintf(stderr, "EAFNOSUPPORT: %s\n", strerror(local_errno));
close(fd);
return -1;
}
else
{
fprintf(stderr, "\"%s\" is not a vaild IPv4 address\n", str);
close(fd);
return -1;
}
//if(port > 0 && port < 65535) printf("port %d is ok. \n", port);
}
/* iuput格式{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
/* iuput格式{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff)
{
char* pString = (char*)input;
ret_code ret = RET_OK;
cJSON *cjson, *type, *data;
printf("json:[%s]\n", pString);
/*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input);
cjson = cJSON_Parse(pString);
if(!cjson)
{
ret = RET_INPUTERR;
@ -190,7 +173,6 @@ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_paramet
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
cJSON_Delete(type);
return ret;
}
@ -199,353 +181,141 @@ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_paramet
if(auth_parameters == NULL)
{
cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_NOMEM;
}
/*反序列化数据到freeauth_configure_t结构体对象 */
s2j_struct_get_basic_element(auth_parameters, data, int, ip);
s2j_struct_get_basic_element(auth_parameters, data, int, port);
s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon);
s2j_struct_get_basic_element(auth_parameters, data, int, failcount);
s2j_struct_get_basic_element(auth_parameters, data, int, locktime);
s2j_struct_get_basic_element(auth_parameters, data, int, aging_time);
authpara_buff->ip = auth_parameters->ip;
authpara_buff->port = auth_parameters->port;
authpara_buff->timehorizon = auth_parameters->timehorizon;
authpara_buff->failcount = auth_parameters->failcount;
authpara_buff->locktime = auth_parameters->locktime;
authpara_buff->aging_time = auth_parameters->aging_time;
s2j_delete_struct_obj(auth_parameters);
//s2j_delete_struct_obj(auth_parameters);
cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_OK;
}
/*检查增加的参数格式是否正确 */
ret_code authpara_config_add_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
char str[32] = {0};
if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*判断IP地址格式是否正确、端口号是否被占用*/
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&auth_parameters->ip, str, 32);
char *ip_addr = str;
if( (_valid_ipv4_port(ip_addr, auth_parameters->port)) < 0 )
{
free(auth_parameters);
ret = RET_ERR;
return ret;
}
/*配置的用户失败次数如果小于0则配置错误 */
if(auth_parameters->failcount < FAIL_MIN_NUM )
{
free(auth_parameters);
printf("userlock configure error\n");
ret = RET_ERR;
return ret;
}
/*配置的用户锁定时间如果小于0则配置错误 */
if(auth_parameters->locktime < LOCK_MIN_TIME )
{
free(auth_parameters);
printf("locktime configure error\n");
ret = RET_ERR;
return ret;
}
/*配置的用户认证时间范围如果小于0则配置错误 */
if(auth_parameters->timehorizon < HORIZON_MIN_VALUE )
{
free(auth_parameters);
printf("timehorizon configure error\n");
ret = RET_ERR;
return ret;
}
free(auth_parameters);
return RET_OK;
}
/*修改认证参数 */
ret_code authpara_config_mod_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*判断认证参数是否存在*/
if(NULL == auth_para)
{
ret = RET_ERR;
return ret;
}
return RET_OK;
}
/*chk data格式 */
ret_code authpara_config_chk(uint source,uint *config_type,
ret_code authpara_config_chk(uint source, uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
auth_parameters_t auth_parameters = {0};
int config_len = sizeof(auth_parameters_t);
uint conf_type = AUTHPARA_CONFIG_GET;
int code = 0;
authpara_config_json_parse(input, &conf_type, &auth_parameters);
switch (conf_type)
{
case AUTHPARA_CONFIG_ADD:
ret = authpara_config_add_chk(source, conf_type,
&auth_parameters, config_len,
output, output_len);
break;
case AUTHPARA_CONFIG_MOD:
ret = authpara_config_mod_chk(source, conf_type,
&auth_parameters, config_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
}
if(config_len <= CM_BUFF_SIZE)
{
memset(input, 0, *input_len);
memcpy(input, &auth_parameters, config_len);
*config_type = conf_type;
*input_len = config_len;
}
else
{
ret = RET_NOMEM;
}
RET_ERR_FORMART(ret, code, output, *output_len);
return ret;
}
ret_code authpara_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
int r = -1;
/*增加数据库*/
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_agingtimecfg_waitack(&(auth_parameters->aging_time));
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(auth_parameters);
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "result", r);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(auth_parameters);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(auth_parameters);
return RET_OK;
}
ret_code authpara_config_mod_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
auth_parameters_t *auth_parameters;
auth_parameters = (auth_parameters_t *)input;
int r = -1;
/*数据库修改*/
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_agingtimecfg_waitack(&(auth_parameters->aging_time));
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(auth_parameters);
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "result", r);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(auth_parameters);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(auth_parameters);
return RET_OK;
}
ret_code authpara_config_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
uint conf_type = config_type;
ret_code ret = RET_OK;
auth_parameters_t conf_buff = {0};
auth_parameters_t *auth_parameters = &conf_buff;
auth_parameters_t auth_parameters = {0};
int config_len = sizeof(auth_parameters_t);
uint conf_type = AUTHPARA_CONFIG_MOD;
int code = 0;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
configure_result_t *configure_result;
int r = -1;
int portresult = 0;
auth_parameters = (auth_parameters_t *)input;
authpara_config_json_parse(input, &conf_type, &auth_parameters);
rpc_log_info("config type is %d, ip %d port %d timehorizon %d failcount %d locktime %d aging_time %d\n",
conf_type, auth_parameters->ip, auth_parameters->port,
auth_parameters->timehorizon, auth_parameters->failcount,
auth_parameters->locktime, auth_parameters->aging_time);
switch (conf_type)
if((input_len < sizeof(auth_parameters_t)) || (input_len > sizeof(auth_parameters_t)))
{
case AUTHPARA_CONFIG_ADD:
ret = authpara_config_add_proc(source, conf_type,
&auth_parameters, input_len,
output, output_len);
break;
case AUTHPARA_CONFIG_MOD:
ret = authpara_config_mod_proc(source, conf_type,
&auth_parameters, input_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
ret = RET_INPUTERR;
return ret;
}
portresult = _valid_port(auth_parameters.port);
if(portresult = 1)
{
return RET_CHKERR;
}
/*数据库修改 存入全局变量*/
configure_result = (configure_result_t *)malloc(sizeof(configure_result_t));
if (NULL == configure_result)
{
return RET_NOMEM;
}
mod_authpara(auth_parameters.port, auth_parameters.timehorizon, auth_parameters.failcount,
auth_parameters.locktime, auth_parameters.aging_time, configure_result);
/*共享内存 传送用户态和内核态之间的配置信息*/
#if 0
/*存数据库成功则下发到内核态auth_hook*/
if(0 == configure_result->resultcode )
{
/*用户态下发到内核态auth_hook */
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_agingtimecfg_waitack(&(auth_parameters.aging_time));
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
}
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "resultcode", configure_result->resultcode);
cJSON_AddStringToObject(res, "message", configure_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
return RET_OK;
}

35
Platform/user/configm/config-server/web_config/auth_parameters.h
View File

@ -14,13 +14,11 @@
#define LOCK_MIN_TIME 0 /*锁定的最小时间 */
#define HORIZON_MIN_VALUE 0 /*认证时间范围的最小值 */
#define AUTHPARA_CONFIG_ADD 0
#define AUTHPARA_CONFIG_MOD 1
#define AUTHPARA_CONFIG_GET 2
#define AUTHPARA_CONFIG_MOD 0
/*配置消息 */
typedef struct {
uint32_t ip; /*认证服务器IP地址*/
int port; /*认证服务器端口号*/
int timehorizon; /*用户认证时间范围*/
int failcount; /*用户认证时间范围*/
@ -28,6 +26,11 @@ typedef struct {
int aging_time; /*老化时间*/
}auth_parameters_t;
typedef struct {
int resultcode;
char *message;
}configure_result_t;
/*全局变量初始化 失败为1 成功为0*/
int authparInit();
@ -35,37 +38,19 @@ int authparInit();
int set_agingtimecfg_waitack(int *agingtime);
/*检查IP地址是否有效端口号是否被占用 */
int _valid_ipv4_port(const char *str, int port);
int _valid_port(int port);
/* iuput格式{"type": 0, "data": {"ip": 1028737217,"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
/* iuput格式{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff);
/*检查增加的参数格式是否正确 */
ret_code authpara_config_add_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
ret_code authpara_config_mod_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
ret_code authpara_config_chk(uint source,uint *config_type,
ret_code authpara_config_chk(uint source, uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len);
ret_code authpara_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
ret_code authpara_config_mod_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
ret_code authpara_config_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len);
#endif

409
Platform/user/configm/config-server/web_config/authfree.c
View File

@ -1,32 +1,26 @@
#include "../include/parsefile.h"
#include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h"
#include "../../../../common/rpc/rpc.h"
#include "rpc.h"
#include "authfree.h"
#include "auth_parameters.h"
#include <cjson/cJSON.h>
#include "../../../../../Common/s2j/s2j.h"
#include "../../../../../Common/commuapinl.h"
#include "s2j/s2j.h"
#include "commuapinl.h"
#include "../Platform/common/database/database.h"
#include "include/user_authfree.h"
#include "config_manager.h"
/*定义结构体数组 存在免认证规则 */
freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0};
#define UNAMESIZE (127 + 1)
#define SPECHAR(element) (strpbrk((element), "~!@#$%^&*()_+{}|:\"<>?\\,./;\'[]-=`")) //校验特殊字符
#ifdef FREEAUTH_ACK_COOKIES
#define CFG_FREEAUTH_ACK_COOKIES
#endif
/*全局变量初始化 失败为1 成功为0*/
int authfreeInit(freeauth_configure_t **localuser)
{
*localuser = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t));
if (NULL == *localuser)
{
return 1;
}
return 0;
}
/* 判断IPv4格式是否正确*/
int isIpV4Addr(const char *ipAddr)
{
@ -35,17 +29,16 @@ int isIpV4Addr(const char *ipAddr)
int ip_part_3 = 0;
int ip_part_4 = 0;
char end_char = 0;
if((NULL == ipAddr) || (0 == strlen(ipAddr)))
if ((NULL == ipAddr) || (0 == strlen(ipAddr)))
{
return -1;
}
if(4 == sscanf(ipAddr,"%d.%d.%d.%d%c",&ip_part_1,&ip_part_2,&ip_part_3,&ip_part_4,&end_char))
if (4 == sscanf(ipAddr, "%d.%d.%d.%d%c", &ip_part_1, &ip_part_2, &ip_part_3, &ip_part_4, &end_char))
{
if((ip_part_1 >= 0) && (ip_part_1 <= 255) &&
if ((ip_part_1 >= 0) && (ip_part_1 <= 255) &&
(ip_part_2 >= 0) && (ip_part_2 <= 255) &&
(ip_part_3 >= 0) && (ip_part_3 <= 255) &&
(ip_part_4 >= 0) && (ip_part_4 <= 255)
)
(ip_part_4 >= 0) && (ip_part_4 <= 255))
{
return 0;
}
@ -60,27 +53,29 @@ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth)
struct nlmsghdr *ack = NULL;
struct nlmsghdr **answer = &ack;
struct{
struct
{
struct nlmsghdr n;
char buf[1024];
} req ={
} req = {
.n.nlmsg_len = NLMSG_LENGTH(0),
#ifdef CFG_FREEAUTH_ACK_COOKIES
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACKuse kernel auto ack*/
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK, /*set NLM_F_ACKuse kernel auto ack*/
#else
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
#endif
.n.nlmsg_type = FREEAUTH_CFG,
.n.nlmsg_pid = getpid(),
};
};
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
if (struct_freeauth == NULL)
{
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
if (struct_freeauth == NULL)
{
printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n");
return -1;
}else
{
}
else
{
char str[32];
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
@ -92,7 +87,7 @@ if (struct_freeauth == NULL)
printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n",
struct_freeauth->name, sip_addr, dip_addr,
struct_freeauth->dport);
}
}
/*计算需要发送的数据的长度 */
freeauth_len = sizeof(freeauth_configure_t);
@ -101,7 +96,7 @@ if (struct_freeauth == NULL)
commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len);
/*发送组装好的netlink消息 */
if(pdeliv_talk(1, &req.n, answer) < 0)
if (pdeliv_talk(1, &req.n, answer) < 0)
{
printf("set_user_freeauth_waitack rcv ack msg faild.\r\n");
return -2;
@ -111,41 +106,44 @@ if (struct_freeauth == NULL)
printf("set_user_freeauth_waitack rcv ack msg success.\r\n");
}
if(*answer != NULL)
if (*answer != NULL)
{
printf("set_user_freeauth_waitack rcv answer.\r\n");
}
else{
else
{
printf("set_user_freeauth_waitack rcv answer error.\r\n");
return -3;
}
#ifdef CFG_FREEAUTH_ACK_COOKIES
/*recv answer*/
if((*answer)->nlmsg_type == NLMSG_ERROR){
if ((*answer)->nlmsg_type == NLMSG_ERROR)
{
nl_debugfs_extack(*answer);
}
#else
/*recv answer*/
if((*answer)->nlmsg_type == FREEAUTH_CFG)
if ((*answer)->nlmsg_type == FREEAUTH_CFG)
{
nl_debugfs(*answer);
}
#endif
return 0;
return 0;
}
/* 判断免认证规则格式
* iuput格式{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/
/* 判断免认证规则格式 iuput格式{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/
ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff)
{
char *pString = (char *)input;
ret_code ret = RET_OK;
cJSON *cjson, *type, *data;
printf("json:[%s]\n", pString);
/*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input);
if(!cjson)
cjson = cJSON_Parse(pString);
if (!cjson)
{
ret = RET_INPUTERR;
ASSERT_RET(ret);
@ -154,7 +152,7 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con
/*获取操作类型 add、mod、del */
type = cJSON_GetObjectItem(cjson, "type");
if(!type)
if (!type)
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
@ -165,21 +163,18 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con
/*获取免认证规则的data部分 */
data = cJSON_GetObjectItem(cjson, "data");
if(!data)
if (!data)
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
cJSON_Delete(type);
return ret;
}
/*创建freeauth_configure_t结构体对象 */
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
if(struct_freeauth == NULL)
if (struct_freeauth == NULL)
{
cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_NOMEM;
}
@ -189,21 +184,26 @@ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_con
s2j_struct_get_basic_element(struct_freeauth, data, int, dip);
s2j_struct_get_basic_element(struct_freeauth, data, int, dport);
memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char)*32);
memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char) * 32);
freeauth_buff->sip = struct_freeauth->sip;
freeauth_buff->dip = struct_freeauth->dip;
freeauth_buff->dport = struct_freeauth->dport;
s2j_delete_struct_obj(struct_freeauth);
cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_OK;
}
/*检查增加的参数格式是否正确 */
ret_code freeauth_config_add_chk(uint source,uint config_type,
/*chk data格式 */
ret_code freeauth_config_chk(uint source, uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
return ret;
}
ret_code freeauth_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
@ -212,6 +212,11 @@ ret_code freeauth_config_add_chk(uint source,uint config_type,
freeauth_configure = (freeauth_configure_t *)input;
char str[32] = {0};
char dtr[32] = {0};
cJSON *res;
char *ret_char = NULL;
unsigned int ret_int = 0;
authfree_result_t *authfree_result;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
@ -219,153 +224,72 @@ ret_code freeauth_config_add_chk(uint source,uint config_type,
return ret;
}
/*校验用户名长度 特殊字符等*/
if (NULL == freeauth_configure->name || (UNAMESIZE) < strlen(freeauth_configure->name) || 0 >= strlen(freeauth_configure->name))
{
ret = RET_INPUTERR;
return ret;
}
/* 校验用户名中不含特殊字符 */
if (SPECHAR(freeauth_configure->name))
{
ret = RET_INPUTERR;
return ret;
}
/*校验源IP地址是否符合格式*/
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&freeauth_configure->sip, str, 32);
char *sip_addr = str;
if( isIpV4Addr(sip_addr) < 0 )
if (isIpV4Addr(sip_addr) < 0)
{
ret = RET_IPINVALID;
return ret;
}
/*校验目的IP地址是否符合格式*/
memset(dtr, 0, 32);
inet_ntop(AF_INET, (void *)&freeauth_configure->dip, dtr, 32);
char *dip_addr = dtr;
if( isIpV4Addr(dip_addr) < 0 )
if (isIpV4Addr(dip_addr) < 0)
{
ret = RET_IPINVALID;
return ret;
}
if ( (freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM ))
if ((freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM))
{
ret = RET_IPINVALID; /*先用IPVAILD表示后面加PORTVAILD */
return ret;
}
return RET_OK;
}
/*删除的时候以免认证规则名作为参数,检查免认证规则名是否存在 */
ret_code freeauth_config_del_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
/*查找要增加的未认证权限是否重名 该名字已存在 则退出程序 */
for (i = 0; i < RULE_MAX_NUM; i++)
{
ret = RET_INPUTERR;
return ret;
}
for(i = 0; i < RULE_MAX_NUM; i++)
/*两个字符串相等 strcmp值为0*/
if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name))
{
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name))
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
return RET_NOTFOUND;
}
return RET_OK;
}
/*修改 查询要修改的内容是否存在 */
ret_code freeauth_config_mod_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*检查修改的内容是否存在 */
for(i = 0; i < RULE_MAX_NUM; i++)
{
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name))
return RET_NOTFOUND;
}
return RET_OK;
}
/*chk data格式 */
ret_code freeauth_config_chk(uint source,uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t freeauth_configure = {0};
int config_len = sizeof(freeauth_configure_t);
uint conf_type = FREEAUTH_CONFIG_GET;
int code = 0;
freeauth_config_json_parse(input, &conf_type, &freeauth_configure);
switch (conf_type)
{
case FREEAUTH_CONFIG_ADD:
ret = freeauth_config_add_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
case FREEAUTH_CONFIG_MOD:
ret = freeauth_config_mod_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
case FREEAUTH_CONFIG_DEL:
ret = freeauth_config_del_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
}
if(config_len <= CM_BUFF_SIZE)
{
memset(input, 0, *input_len);
memcpy(input, &freeauth_configure, config_len);
*config_type = conf_type;
*input_len = config_len;
}
else
{
ret = RET_NOMEM;
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
}
}
RET_ERR_FORMART(ret, code, output, *output_len);
/*数据库修改 存入全局变量*/
authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
if (NULL == authfree_result)
{
return RET_NOMEM;
}
return ret;
}
ret_code freeauth_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
/*增加数据库*/
/*存入全局变量*/
add_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport, authfree_result);
#if 0
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
@ -389,10 +313,11 @@ ret_code freeauth_config_add_proc(uint source, uint config_type,
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
if (!res)
{
free(freeauth_configure);
ret = RET_ERR;
@ -400,48 +325,67 @@ ret_code freeauth_config_add_proc(uint source, uint config_type,
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "result", r);
cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode);
cJSON_AddStringToObject(res, "message", authfree_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
if (output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
if (ret_int >= 1024 * 2)
{
free(freeauth_configure);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
free(freeauth_configure);
return RET_OK;
}
ret_code freeauth_config_mod_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
ret_code ret = RET_OK;
cJSON *res;
char *ret_char = NULL;
unsigned int ret_int = 0;
int i;
authfree_result_t *authfree_result;
/*数据库修改*/
if ((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*存入全局变量*/
/*查找要修改的免认证规则名字,不存在则退出程序 */
for (i = 0; i < RULE_MAX_NUM; i++)
{
/*两个字符串相等 strcmp值为0*/
if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name))
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
/*数据库修改 存入全局变量*/
authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
if (NULL == authfree_result)
{
return RET_NOMEM;
}
mod_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport, authfree_result);
#if 0
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
@ -465,42 +409,42 @@ ret_code freeauth_config_mod_proc(uint source, uint config_type,
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
if (!res)
{
free(freeauth_configure);
ret = RET_ERR;
return ret;
}
cJSON_AddNumberToObject(res, "result", r);
/*将json对象转换成json字符串 */
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode);
cJSON_AddStringToObject(res, "message", authfree_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
if (output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
if (ret_int >= 1024 * 2)
{
free(freeauth_configure);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
free(freeauth_configure);
return RET_OK;
}
}
}
@ -509,16 +453,39 @@ ret_code freeauth_config_del_proc(uint source, uint config_type,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
cJSON *res;
char *ret_char = NULL;
unsigned int ret_int = 0;
int i;
authfree_result_t *authfree_result;
/*数据库删除*/
/*存入全局变量*/
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*查找要删除的免认证规则名字,不存在则退出程序 */
for (i = 0; i < RULE_MAX_NUM; i++)
{
/*两个字符串相等 strcmp值为0*/
if (0 == strcmp(freeauth_array[i].name, freeauth_configure->name))
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
/*数据库修改 存入全局变量*/
authfree_result = (authfree_result_t *)malloc(sizeof(authfree_result_t));
if (NULL == authfree_result)
{
return RET_NOMEM;
}
del_authfree(freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport, authfree_result);
#if 0
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
@ -542,66 +509,64 @@ ret_code freeauth_config_del_proc(uint source, uint config_type,
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
if (!res)
{
free(freeauth_configure);
ret = RET_ERR;
return ret;
}
cJSON_AddNumberToObject(res, "result", r);
/*将json对象转换成json字符串 */
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "resultcode", authfree_result->resultcode);
cJSON_AddStringToObject(res, "message", authfree_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
if (output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
if (ret_int >= 1024 * 2)
{
free(freeauth_configure);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
free(freeauth_configure);
return RET_OK;
}
}
}
ret_code freeauth_config_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
uint conf_type = config_type;
ret_code ret = RET_OK;
freeauth_configure_t freeauth_configure = {0};
int config_len = sizeof(freeauth_configure_t);
uint conf_type = FREEAUTH_CONFIG_GET;
char *ret_char = NULL;
unsigned int ret_int = 0;
int r = -1;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t conf_buff = {0};
freeauth_configure_t *freeauth_configure = &conf_buff;
int code = 0;
freeauth_configure = (freeauth_configure_t *)input;
freeauth_config_json_parse(input, &conf_type, &freeauth_configure);
rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n",
conf_type, freeauth_configure->name,
freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport);
conf_type, freeauth_configure.name,
freeauth_configure.sip, freeauth_configure.dip,
freeauth_configure.dport);
switch (conf_type)
{
@ -628,5 +593,3 @@ ret_code freeauth_config_proc(uint source, uint config_type,
}

9
Platform/user/configm/config-server/web_config/authfree.h
View File

@ -18,8 +18,8 @@
#define RULE_MAX_NUM 10
#define FREEAUTH_CONFIG_ADD 0
#define FREEAUTH_CONFIG_DEL 1
#define FREEAUTH_CONFIG_MOD 2
#define FREEAUTH_CONFIG_MOD 1
#define FREEAUTH_CONFIG_DEL 2
#define FREEAUTH_CONFIG_GET 3
@ -31,6 +31,11 @@ typedef struct {
char name[32];
}freeauth_configure_t;
typedef struct {
int resultcode;
char *message;
}authfree_result_t;
/*全局变量初始化 失败为1 成功为0*/
int authfreeInit(freeauth_configure_t **localuser);

323
Platform/user/configm/config-server/web_config/config-adm/user_authfree.c Normal file
View File

@ -0,0 +1,323 @@
#include <stdint.h>
#include "../authfree.h"
#include "../Platform/common/database/database.h"
#include "../include/user_authfree.h"
#include "string.h"
#define AUTHFREE_DATABASE_ID 16
#define AUTHFREE_TABLE "authfree"
extern freeauth_configure_t freeauth_array[];
#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功
#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败
#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在
#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功
#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败
#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在
#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功
#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败
#define RULENUM_EXCEED 8 //未认证权限数量超过最大值
char * authfreemes[] = {"addrule success", "addrule fail", "rule existed", "modrule success",
"modrule failure", "rule not found", "delrule success", "delrule fail", "rulenum exceed maxnum"};
/*增加未认证权限规则*/
void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result)
{
void * authfree_hdbc;
char * ret_sql = NULL;
int ret_add;
int ret;
int num;
int i;
int num_sql;
if (NULL == authfree_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID);
if(NULL == authfree_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authfree_hdbc = %p\n", authfree_hdbc);
ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)");
printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL != ret_sql)
{
/*用户名已存在*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
authfree_result->resultcode = 2;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
else
{
/* 根据指定信息查询数据库的获取的结果的条目数 条目数大于10 则不能再添加 */
char * select_num = "SELECT name, sip, dip, dport FROM `authfree`";
ret = get_select_datebase_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_num , &num_sql, 4,
DB_DATA_STRING_TYPE, strlen(name)+1, name,
DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport);
printf("num_sql = %d \n", num_sql);
printf("ret = %d \n", ret);
if (num_sql > RULE_MAX_NUM)
{
/*添加失败*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 8;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
/* 向authfree表中添加未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */
char *addfree_sql = "INSERT INTO `authfree` SET name = ?, sip = ?, dip = ?, dport = ?";
ret_add = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_INSERT, AUTHFREE_TABLE, addfree_sql, 4,
DB_DATA_STRING_TYPE, strlen(name)+1, name,
DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport);
printf("the value of ret:%d\n", ret_add);
if(0 != ret_add)
{
/*添加失败*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 1;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
}
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
/*存未认证权限数数组*/
for(i = 0; i < RULE_MAX_NUM; i++)
{
printf("the name is :%s\n", freeauth_array[i].name );
/*两个字符串相等 strcmp值为0*/
int a = strlen(freeauth_array[i].name);
printf("%d\n", a);
if (0 == strlen(freeauth_array[i].name))
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
memcpy(freeauth_array[i].name, name, sizeof(char)*32);
freeauth_array[i].sip = sip;
freeauth_array[i].dip = dip;
freeauth_array[i].dport = dport;
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
break;
}
}
#if 0
/*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
}
#endif
/*添加成功*/
authfree_result->resultcode = 0;
authfree_result->message = authfreemes[authfree_result->resultcode];
}
/*修改未认证权限*/
void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result)
{
void * authfree_hdbc;
char * ret_sql = NULL;
int ret_mod;
int ret;
int num;
int i;
if (NULL == authfree_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID);
if(NULL == authfree_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authfree_hdbc = %p\n", authfree_hdbc);
ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)");
printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL == ret_sql)
{
/*未认证权限用户名不存在*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
authfree_result->resultcode = 5;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
else
{
/*修改authfree表中内部源IP地址、目的IP地址、目的端口号 未认证权限名称不能修改 */
char *modfree_sql = "UPDATE `authfree` SET sip = ?, dip = ?, dport = ? WHERE name = ?";
ret_mod = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_UPDATE, AUTHFREE_TABLE, modfree_sql, 4,
DB_DATA_INT_TYPE, sizeof(sip), sip,
DB_DATA_INT_TYPE, sizeof(dip), dip,
DB_DATA_INT_TYPE, sizeof(dport), dport,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
printf("the value of ret:%d\n", ret_mod);
if(0 != ret_mod)
{
/*修改失败*/
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 4;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
}
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
/*修改对应未认证权限数数组*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
/*两个字符串相等 strcmp值为0*/
if (0 == strcmp(freeauth_array[i].name, name))
{
printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]);
freeauth_array[i].sip = sip;
freeauth_array[i].dip = dip;
freeauth_array[i].dport = dport;
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
break;
}
}
#if 0
/*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
}
#endif
/*修改成功*/
authfree_result->resultcode = 3;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
/*删除未认证权限*/
void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result)
{
void * authfree_hdbc;
char * ret_sql = NULL;
int ret_del;
int ret;
int num;
int i;
if (NULL == authfree_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authfree_hdbc = connect_database(AUTHFREE_DATABASE_ID);
if(NULL == authfree_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authfree_hdbc = %p\n", authfree_hdbc);
ret = create_database_table(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", "create table authfree(name character(32), sip bigint, dip bigint, dport bigint)");
printf("%d \n",ret);
/*查询数据库是否存在该权限规则*/
char * select_sql = "SELECT name, sip, dip, dport FROM `authfree`WHERE name = ?";
ret_sql = select_datebase_by_number(AUTHFREE_DATABASE_ID, authfree_hdbc, "authfree", select_sql, 1, 0, &num, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
if(NULL == ret_sql)
{
/*未认证权限用户名不存在*/
authfree_result->resultcode = 5;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
else
{
/*删除authfree表中未认证权限名称、内部源IP地址、目的IP地址、目的端口号 */
char* delfree_sql = "DELETE FROM authfree WHERE name = ?";
int ret_del = update_database(AUTHFREE_DATABASE_ID, authfree_hdbc, DB_OP_DEL, AUTHFREE_TABLE, delfree_sql, 1,
DB_DATA_STRING_TYPE, strlen(name)+1, name);
printf("the value of ret:%d\n", ret_del);
if(0 != ret_del)
{
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc); // ret_release记录日志
authfree_result->resultcode = 7; /*删除失败*/
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}
}
disconnect_database(AUTHFREE_DATABASE_ID , authfree_hdbc);
/*删除对应未认证权限数数组*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
/*两个字符串相等 strcmp值为0*/
printf("%s(%d) freeauth_array[i] = %p\n", __FUNCTION__, __LINE__, &freeauth_array[i]);
if (0 == strcmp(freeauth_array[i].name, name))
{
printf("index:%d\n", i);
int delectIndex = i;
for(i = delectIndex; i <= RULE_MAX_NUM; i++)
{
freeauth_array[i] = freeauth_array[i+1];
}
}
}
#if 0
/*打印数组内全部元素*/
for (i = 0; i < RULE_MAX_NUM; i++)
{
printf("%s %d %d %d %d\n",freeauth_array[i].name, freeauth_array[i].sip,freeauth_array[i].dip ,freeauth_array[i].dport, i);
}
#endif
/*删除成功*/
authfree_result->resultcode = 6;
authfree_result->message = authfreemes[authfree_result->resultcode];
return;
}

88
Platform/user/configm/config-server/web_config/config-adm/user_authpara.c Normal file
View File

@ -0,0 +1,88 @@
#include "../include/parsefile.h"
#include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h"
#include "../../../../common/rpc/rpc.h"
#include "../authfree.h"
#include <cjson/cJSON.h>
#include "../../../../../Common/s2j/s2j.h"
#include "../../../../../Common/commuapinl.h"
#include "../auth_parameters.h"
#include "../Platform/common/database/database.h"
#define AUTHPARA_DATABASE_ID 15
#define AUTHPARA_TABLE "authparas"
extern auth_parameters_t *auth_para;
char * mes[]={"ADDSUCCESS", "ADDFAILURE"};
/*前端type类型只有修改修改数据库中的内容返回值为code message——修改成功 修改失败*/
void mod_authpara(int port, int timehorizon, int failcount, int locktime, int aging_time, configure_result_t *configure_result)
{
void * authpara_hdbc;
char * ret_sql = NULL;
int ret;
int num;
int r = -1;
if (NULL == configure_result)
{
return;
}
printf("开始连接数据库\n");
/* 连接数据库 */
authpara_hdbc = connect_database(AUTHPARA_DATABASE_ID);
if(NULL == authpara_hdbc)
{
printf("connetc failure\n");
return;
}
/*长整型bigint 浮点型double 字符串character(10)*/
printf("authpara_hdbc = %p\n", authpara_hdbc);
ret = create_database_table(AUTHPARA_DATABASE_ID, authpara_hdbc, "authparas", "create table authparas(port bigint, timehorizon bigint, failcount bigint, locktime bigint, aging_time bigint)");
printf("%d \n",ret);
/* 存authpara表 默认值 */
char *user1_authpara = "INSERT INTO `authparas` SET port = 8080, timehorizon = 1, failcount = 5, locktime = 10, aging_time = 10";
int ret_addauthpara = update_database(AUTHPARA_DATABASE_ID, authpara_hdbc, DB_OP_INSERT, AUTHPARA_TABLE, user1_authpara, 0);
if(0 != ret_addauthpara)
{
disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc); // ret_release记录日志
configure_result->resultcode = 1;
configure_result->message = mes[configure_result->resultcode];
return;
}
char *user_authpara = "UPDATE `authparas` SET port = ?, timehorizon = ?, failcount = ?, locktime = ?, aging_time = ?";
ret = update_database(AUTHPARA_DATABASE_ID, authpara_hdbc, DB_OP_UPDATE, AUTHPARA_TABLE, user_authpara, 5,
DB_DATA_INT_TYPE, sizeof(port), port,
DB_DATA_INT_TYPE, sizeof(timehorizon), timehorizon,
DB_DATA_INT_TYPE, sizeof(failcount), failcount,
DB_DATA_INT_TYPE, sizeof(locktime), locktime,
DB_DATA_INT_TYPE, sizeof(aging_time), aging_time);
printf("the value of ret:%d\n", ret);
if(0 != ret)
{
disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc); // ret_release记录日志
configure_result->resultcode = 1;
configure_result->message = mes[configure_result->resultcode];
return;
}
disconnect_database(AUTHPARA_DATABASE_ID , authpara_hdbc);
/*存全局变量*/
auth_para->port = port;
auth_para->timehorizon = timehorizon;
auth_para->failcount = failcount;
auth_para->locktime = locktime;
auth_para->aging_time = aging_time;
configure_result->resultcode = 0;
configure_result->message = mes[configure_result->resultcode];
return;
}

22
Platform/user/configm/config-server/web_config/include/user_authfree.h Normal file
View File

@ -0,0 +1,22 @@
#ifndef USER_AUTHFREE_H_
#define USER_AUTHFREE_H_
#define ADDAUTFREE_SUCCESS 0 //增加未认证权限成功
#define ADDAUTFREE_FAIL_DATABASE 1 //增加未认证权限成功失败
#define AUTHFREE_NAME_EXISTED 2 //未认证权限名称已存在
#define MODAUTHFREE_SUCCESS 3 //修改未认证权限成功
#define MODAUTHFREE_FAIL_DATABASE 4 //修改未认证权限失败
#define AUTHFREE_NAME_NOTFOUND 5 //未认证权限名称不存在
#define DELAUTHFREE_SUCCESS 6 //删除未认证权限成功
#define DELAUTHFREE_FAIL_DATABASE 7 //删除未认证权限失败
/*增加未认证权限规则*/
void add_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result);
/*修改未认证权限*/
void mod_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result);
/*删除未认证权限*/
void del_authfree(char *name, uint32_t sip, uint32_t dip, int dport, authfree_result_t *authfree_result);
#endif

18
Platform/user/configm/config-server/web_config/include/user_authpara.h Normal file
View File

@ -0,0 +1,18 @@
#ifndef USER_AUTHPARA_H_
#define USER_AUTHPARA_H_
#include <stdint.h>
#include "../Platform/user/configm/config-server/web_config/auth_parameters.h"
#define ADDUSER_FAIL_NAMEDUP 4 //用户名重名
#define MODAUTHPARA_SUCCESS 0 //修改认证信息成功
#define MODAUTHPARE_FAIL_DATABASE 1 //修改数据库信息失败
/*前端type类型为修改修改数据库中的内容返回值为code message——修改成功 修改失败*/
/*修改认证参数*/
void mod_authpara( int port, int timehorizon, int failcount, int locktime, int aging_time, configure_result_t *configure_result);
#endif