Mod aaa-12 修改用户认证缺陷问题

RCA： SOL：修改人：chenling 检视人：
2019-09-16 19:24:22 +08:00 · 2019-09-16 19:24:22 +08:00 · f2548f80e1
parent 6bb080a18c
commit f2548f80e1
6 changed files with 112 additions and 84 deletions
--- a/Platform/user/configm/config-server/web_config/auth_parameters.c
+++ b/Platform/user/configm/config-server/web_config/auth_parameters.c
@ -454,7 +454,6 @@ ret_code authpara_config_get_proc(uint source, uint config_type,
    cJSON *data;
    ret_code          ret             = RET_OK;
    uint              conf_type       = AUTHPARA_CONFIG_MOD;
    char              *ret_data       = NULL;
    char              *ret_char       = NULL;
    unsigned          int ret_int     = 0;
    int               portresult      = 0;
@ -475,7 +474,7 @@ ret_code authpara_config_get_proc(uint source, uint config_type,
    cJSON_AddNumberToObject(data, "locktime", auth_para->locktime);
    cJSON_AddNumberToObject(data, "aging_time", auth_para->aging_time);
-    ret_data = cJSON_PrintUnformatted(data);
+    //ret_data = cJSON_PrintUnformatted(data);
    /*创建json对象 */
    res = cJSON_CreateObject();
@ -488,7 +487,7 @@ ret_code authpara_config_get_proc(uint source, uint config_type,
    /*将json对象转换成json字符串 返回处理结果*/
    cJSON_AddNumberToObject(res, "resultcode", GET_AUTHPARA_SUCCESS);
    cJSON_AddStringToObject(res, "message", "get success");
-    cJSON_AddStringToObject(res, "data", ret_data);
+    cJSON_AddItemToObject(res, "data", data);
    ret_char = cJSON_PrintUnformatted(res);
    ret_int  = strlen(ret_char);
@ -506,7 +505,6 @@ ret_code authpara_config_get_proc(uint source, uint config_type,
    memcpy(output, ret_char, ret_int);
    free(ret_char);
    free(ret_data);
    cJSON_Delete(res);
    cJSON_Delete(data);
    return RET_OK;
@ -518,7 +516,7 @@ ret_code authpara_config_proc(uint source, uint config_type,
                              pointer output, int *output_len)
 {
    ret_code ret = RET_OK;
-    uint conf_type = AUTHPARA_CONFIG_GET;
+    uint conf_type;
    authpara_config_json_type(input, &conf_type);
    rpc_log_info("config type is %d\n", conf_type);
--- a/Platform/user/configm/config-server/web_config/authfree.c
+++ b/Platform/user/configm/config-server/web_config/authfree.c
@ -210,6 +210,7 @@ ret_code freeauth_config_json_type(pointer input, uint *conf_type)
    cjson = cJSON_Parse(input);
    if(!cjson) {
        printf("JSON格式错误\n");
        return RET_INPUTERR;
    }
@ -698,7 +699,6 @@ ret_code freeauth_config_mov_proc(uint source, uint config_type,
                                  pointer output, int *output_len)
 {
    int i;
    int num;
    int cnt;
    cJSON *res;
    authfree_result_t authfree_result;
@ -732,8 +732,7 @@ ret_code freeauth_config_mov_proc(uint source, uint config_type,
    }
-    num = i + 1;
+    if ((rule_mod->after > i) || (rule_mod->after < 1))
    if ((rule_mod->after > num) || (rule_mod->after < 0))
    {
        printf("mov number is not vaild\n");
@ -1173,7 +1172,7 @@ ret_code freeauth_config_proc(uint source, uint config_type,
    ret_code ret = RET_OK;
    freeauth_configure_t freeauth_configure = {0};
    int config_len = sizeof(freeauth_configure_t);
-    uint conf_type = FREEAUTH_CONFIG_GET;
+    uint conf_type;
    char *ret_char = NULL;
    unsigned int ret_int = 0;
    int r = -1;
--- a/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c
+++ b/Platform/user/configm/config-server/web_config/config-adm/user_authfree.c
@ -206,21 +206,21 @@ void mov_authfree(char *name, int after_arry, authfree_result_t *authfree_result
                    before_array[i].dip, before_array[i].dport, before_array[i].flag, i);
    }
-    /*比如说2移动到5前面*/
+  /*比如说2移动到5*/
    /*0 1 2 3 4 5 6 7 8 9*/
-    /*0 1 3 4 2 5 6 7 8 9*/
+    /*0 1 3 4 5 2 6 7 8 9*/
-    /*4的值变为2(after-1的值变为before), 同时2~5之间的值,也就是 3 4的值都减1*/
+    /*5的值变为2(after的值变为before), 同时2~6之间的值,也就是 3 4 5的值都减1*/
    if(before < after)
    {  
-        /*after-1 change before*/
+        /*after change before*/
-        //freeauth_array[after - 1].rule_priority = after;
+        //freeauth_array[after].rule_priority = after;
-        strncpy(freeauth_array[after - 1].name, before_array[before].name, UNAMESIZE);
+        strncpy(freeauth_array[after].name, before_array[before].name, UNAMESIZE);
-        freeauth_array[after - 1].sip = before_array[before].sip;
+        freeauth_array[after].sip = before_array[before].sip;
-        freeauth_array[after - 1].dip = before_array[before].dip;
+        freeauth_array[after].dip = before_array[before].dip;
-        freeauth_array[after - 1].dport = before_array[before].dport;
+        freeauth_array[after].dport = before_array[before].dport;
-        freeauth_array[after - 1].flag = before_array[before].flag;
+        freeauth_array[after].flag = before_array[before].flag;
-        for(i = (before + 1); i < after; i++)
+        for(i = (before + 1); i < (after + 1); i++)
        {
            //freeauth_array[i - 1].rule_priority = i;
            strncpy(freeauth_array[i - 1].name, before_array[i].name, UNAMESIZE);
--- a/libs/src/lighttpd-1.4.51/src/mod_portal.c
+++ b/libs/src/lighttpd-1.4.51/src/mod_portal.c
@ -19,9 +19,13 @@
 #include "stddef.h"
 #include "/usr/include/x86_64-linux-gnu/sys/socket.h"  
-#define USERNAME_MAXLEN 65
+#define USERNAME_MAXLEN  63
-#define PASSWORD_MAXLEN 25
+#define PASSWORD_MAXLEN  25
-#define LISTENQ 1024
+#define LISTENQ          1024
 #define USERNAME_SIZE   63
 #define MESSAGE_SIZE    63
 #define MAX_ONLINE_NUM  100
 typedef void* pointer;
@ -63,7 +67,7 @@ typedef struct user_auth_ret
 #endif
 typedef struct {
-	char username[32];   /*用户名*/
+	char username[USERNAME_SIZE + 1];   /*用户名*/
 	uint32_t userip;     /*用户IP*/
 	time_t login_time;   /*用户登录时间*/
 	time_t remain_time;  /*剩余实际*/
@ -72,7 +76,7 @@ typedef struct {
 /*输出函数结构体 */
 typedef struct {
    auth_ret resultcode;
-    char message[60];   /*返回描述用指针表示数组 */
+    char message[MESSAGE_SIZE + 1];   /*返回描述用指针表示数组 */
    USERDATA  data;      /*返回的数据内容*/
 }RESULT;
@ -172,18 +176,46 @@ void get_local_peer_ip(int listenfd, uint32_t *serverip, uint32_t *clientip)
    return;
 }
 static handler_t ouput_function(server *srv, connection *con, int resultcode, char *message, char *data)
 {
 	cJSON *res;
 	const char *result_str; 
-/*post 先判断用户是否认证过*/
+	/*创建json对象*/
 	res = cJSON_CreateObject();
 	if(!res) return HANDLER_ERROR;
 	cJSON_AddNumberToObject(res, "resultcode", resultcode);
 	cJSON_AddStringToObject(res, "message", message);
 	cJSON_AddStringToObject(res, "data", data);
    log_error_write(srv, __FILE__, __LINE__, "s","test");
 	/*json对象转换为json字符串*/
    result_str = cJSON_PrintUnformatted(res);
 	buffer *result_info = buffer_init();
 	result_info = buffer_init_string(result_str);
 	chunkqueue_append_buffer(con->write_queue, result_info);
 	buffer_free(result_info); 
 	con->http_status = 200;
 	con->file_finished = 1;
 	cJSON_Delete(res);
 	return HANDLER_FINISHED;
 }
 /*post 先判断用户是否认证过 ip是唯一的*/
 /*用户认证过-返回resultcode=0 message data(username、user_ip、login_time)*/
 /*用户未认证通过-返回resultcode=1 message data(null)*/
 static handler_t judge_user_auth(server *srv, connection *con,  void* p_d)
 {
 	p_d = p_d;
 	USER_INFO *uinfo;
-	cJSON *cjson;
+	//cJSON *cjson;
-	cJSON *uip;
+	//cJSON *uip;
-	uint32_t ip;
+	uint32_t serverip = 0;
-	
+	uint32_t clientip = 0;
 	RESULT *uresult;
    uresult = ( RESULT *)malloc(sizeof(RESULT));
 	if(NULL == uresult)
@ -192,6 +224,7 @@ static handler_t judge_user_auth(server *srv, connection *con,  void* p_d)
 	}
 	log_error_write(srv, __FILE__, __LINE__, "s","test");
 	#if 0
 	/*get payload*/
   	handler_t result = connection_handle_read_post_state(srv, con);
@ -236,51 +269,30 @@ static handler_t judge_user_auth(server *srv, connection *con,  void* p_d)
    ip = uip->valueint;
   	log_error_write(srv, __FILE__, __LINE__, "sd", "test", ip);
-           
+	#endif
 	get_local_peer_ip(con->fd, &serverip, &clientip);
    log_error_write(srv, __FILE__, __LINE__, "sd","test", "clientip"); 
 	/*通过用户IP判断用户是否认证通过*/
-	uinfo = ufind_user(ip);
+	uinfo = ufind_user(clientip);
 	if (NULL == uinfo)
 	{	
-		cJSON *res;
+		char *name = "";
 		const char *result_str;
 		char *messgae = "the user is not authenticated";
 		#if 0
 		result->data.login_time = 0;
 		result->data.userip = 0;
 		strncpy(result->data.username, "", 32);
 		#endif
 		uresult->resultcode = 0; /*表示用户未认证成功*/
-		strncpy(uresult->message, messgae, 60);
+		strncpy(uresult->message, messgae, MESSAGE_SIZE);
-		/*创建json对象*/
+		ouput_function(srv, con, uresult->resultcode, uresult->message, name);
 		res = cJSON_CreateObject();
 		if(!res) return HANDLER_ERROR;
 		cJSON_AddNumberToObject(res, "resultcode", uresult->resultcode);
 		cJSON_AddStringToObject(res, "message", uresult->message);
 		cJSON_AddStringToObject(res, "data", "");
        log_error_write(srv, __FILE__, __LINE__, "s","test");
 		/*json对象转换为json字符串*/
        result_str = cJSON_PrintUnformatted(res);
 		buffer *result_info = buffer_init();
 		result_info = buffer_init_string(result_str);
 		chunkqueue_append_buffer(con->write_queue, result_info);
 		buffer_free(result_info); 
 		con->http_status = 200;
 		con->file_finished = 1;
 		cJSON_Delete(res);
 		return HANDLER_FINISHED;
 	}
 	else
 	{
 		cJSON *res;
 		cJSON *data;
 		//char *ret_char = NULL;
 		char *result_str = NULL;
 		char *messgae = "the user is authenticated";
 		time_t tmpcal_ptr;
@ -298,15 +310,13 @@ static handler_t judge_user_auth(server *srv, connection *con,  void* p_d)
 		log_error_write(srv, __FILE__, __LINE__, "d", tmpcal_ptr);
 		uresult->data.login_time = tmpcal_ptr;
-		uresult->data.userip = ip;
+		uresult->data.userip = clientip;
 		strncpy(uresult->data.username, uinfo->auth_user.user_name, 32);
 		cJSON_AddStringToObject(data, "username", uresult->data.username);
 		cJSON_AddNumberToObject(data, "userip", uresult->data.userip);
 		cJSON_AddNumberToObject(data, "login_time", uresult->data.login_time);
 		//ret_char = cJSON_PrintUnformatted(data);
 		/*创建json对象*/
 		res = cJSON_CreateObject();
 		if(!res) return HANDLER_ERROR;
@ -332,11 +342,10 @@ static handler_t judge_user_auth(server *srv, connection *con,  void* p_d)
 		return HANDLER_FINISHED;
 		}  
 		cJSON_Delete(cjson);
 		cJSON_Delete(uip);
 		return HANDLER_FINISHED;
 }
 /*判断用户名和密码是否正确*/
 static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
 {
@ -433,23 +442,49 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
    /*调用认证接口函数 */
 	user_auth_login(account, pwd, resultinfo);
 	//resultinfo->ret = AUTH_SUCCESS;
   	/*auth success*/
   	if(resultinfo->ret == AUTH_SUCCESS)
   	{
 	   	cJSON *res;
 		cJSON *data;
 		//char *ret_char;
       	const char *result_str;
 		time_t tmpcal_ptr;
 		int num;
 	   	log_error_write(srv, __FILE__, __LINE__, "s","test");
 		/*获取目前在线用户数 超过最大在线用户数则失败*/
 		num = uprintf_users();
 		log_error_write(srv, __FILE__, __LINE__, "sd","test", num);
 		if(num >= MAX_ONLINE_NUM)
 		{
 			/*创建json对象*/
 			res = cJSON_CreateObject();
 			if(!res) return HANDLER_ERROR;
 			cJSON_AddNumberToObject(res, "resultcode", 7);
 			cJSON_AddStringToObject(res, "message", "用户达到最大数量");
 			cJSON_AddStringToObject(res, "data", "");
 			/*json对象转换为json字符串*/
        	result_str = cJSON_Print(res);
 			buffer *result_info = buffer_init();
 			result_info = buffer_init_string(result_str);
 			chunkqueue_append_buffer(con->write_queue, result_info);
 			buffer_free(result_info); 
 			con->http_status = 200;
 			con->file_finished = 1;
 			cJSON_Delete(cjson);
 			cJSON_Delete(res);
 			return HANDLER_FINISHED;
 		}
       	/*auth success-用户信息保存在本地IP监测表*/
 		/*获取下行报文数、字节数、在线时间 目前设置默认值为0*/
       	uadd_user(clientip, account, resultinfo->user_id, resultinfo->group_id, 0, 0, 0);
-       	uprintf_users();
+       	int add_num = uprintf_users();
 		log_error_write(srv, __FILE__, __LINE__, "sd","test", add_num);
 		/*创建json对象*/
 		data = cJSON_CreateObject();
@ -469,12 +504,9 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
 		cJSON_AddStringToObject(data, "username", uresult->data.username);
 		cJSON_AddNumberToObject(data, "userip", uresult->data.userip);
 		cJSON_AddNumberToObject(data, "login_time", uresult->data.login_time);
 		//ret_char = cJSON_PrintUnformatted(data);
 		uresult->resultcode = resultinfo->ret;; /*表示用户未认证成功*/
 		strncpy(uresult->message, mes[resultinfo->ret], 60);
 		//uresult->message = mes[resultinfo->ret];
 		/*创建json对象*/
 		res = cJSON_CreateObject();
@ -483,7 +515,6 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
 		cJSON_AddNumberToObject(res, "resultcode", uresult->resultcode);
 		cJSON_AddStringToObject(res, "message", uresult->message);
 		cJSON_AddItemToObject(res, "data", data);
 		//cJSON_AddStringToObject(res, "data", ret_char);
        log_error_write(srv, __FILE__, __LINE__, "s","test");
@ -526,7 +557,6 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
 		log_error_write(srv, __FILE__, __LINE__, "s","test");
 		cJSON *res;
 		cJSON *data;
 		//char *ret_char = NULL;
        const char *result_str;
        /*创建json对象*/
@ -538,12 +568,9 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
 		uresult->data.remain_time = resultinfo->remain_lock_time;
 		cJSON_AddNumberToObject(data, "remain_lock_time", uresult->data.remain_time);
 		//ret_char = cJSON_PrintUnformatted(data);
 		uresult->resultcode = resultinfo->ret;; /*表示用户未认证锁定*/
-		strncpy(uresult->message, mes[resultinfo->ret], 60);
+		strncpy(uresult->message, mes[resultinfo->ret], MESSAGE_SIZE);
        printf("resultcode:%d remain_lock_time:%ld message:%s\n",uresult->resultcode,
                                uresult->data.remain_time, uresult->message );
 		/*创建json对象*/
 		res = cJSON_CreateObject();
@ -552,7 +579,6 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
 		cJSON_AddNumberToObject(res, "resultcode", uresult->resultcode);
 		cJSON_AddStringToObject(res, "message", uresult->message);
 		cJSON_AddItemToObject(res, "data", data);
 		//cJSON_AddStringToObject(res, "data", ret_char);
 		/*json对象转换为json字符串*/
        result_str = cJSON_Print(res);
@ -574,10 +600,11 @@ static handler_t judge_account_pwd(server *srv, connection *con, void* p_d)
 		cJSON *res;
        const char *result_str;
-	
+
 		uadd_user(clientip, account, resultinfo->user_id, resultinfo->group_id, 0, 0, 0);
 		uresult->resultcode = resultinfo->ret;; /*表示用户未认证锁定*/
-		strncpy(uresult->message, mes[resultinfo->ret], 60);
+		strncpy(uresult->message, mes[resultinfo->ret], MESSAGE_SIZE);
        printf("resultcode:%d remain_lock_time:%ld message:%s\n",uresult->resultcode,
                                uresult->data.remain_time, uresult->message );
--- a/libs/src/lighttpd-1.4.51/src/user_hashtable.c
+++ b/libs/src/lighttpd-1.4.51/src/user_hashtable.c
@ -80,7 +80,7 @@ USER_INFO *ufind_user(uint32_t user_ip)
    * 表示得到p所指地址的这个结构体的首地址
    */
    pNode = hlist_entry(p, struct user_info, hnode);
-    if (pNode != NULL)
+    if ((pNode != NULL) && (user_ip == pNode->auth_user.user_ip))
    {
 //      printf("[%d %s %d %d %ld %ld %ld]\n", userinfo->auth_user.user_ip, userinfo->auth_user.user_name, userinfo->auth_user.user_id,
 //             userinfo->auth_user.group_id, userinfo->auth_user.message_num, userinfo->auth_user.byte_num, userinfo->auth_user.online_time);
@ -172,11 +172,11 @@ void udelete_all()
  }
 }
-/*打印所有信息信息 */
+int uprintf_users()
 void uprintf_users()
 {
  struct hlist_node *p = NULL, *n = NULL ;
  int i = 0;
  int online_num = 0;
  for(i = 0; i < 100; i++)
  {
@ -186,11 +186,15 @@ void uprintf_users()
      pNode = hlist_entry(p, struct user_info ,hnode);
      if(pNode != NULL)
      {
        online_num++;
        inet_ntop(AF_INET, (void *)&(pNode->auth_user.user_ip), str, 32);
        printf("[%s %s %d %d %ld %ld %ld]\n", str, pNode->auth_user.user_name, pNode->auth_user.user_id,
                  pNode->auth_user.group_id, pNode->auth_user.message_num,pNode->auth_user.byte_num, pNode->auth_user.online_time);
        return online_num;
      }
    }
  }
  return 0;
 }
--- a/libs/src/lighttpd-1.4.51/src/user_hashtable.h
+++ b/libs/src/lighttpd-1.4.51/src/user_hashtable.h
@ -39,6 +39,6 @@ void udelete_user(int user_ip);
 void udelete_all();
 /*打印所有信息信息 */
-void uprintf_users();
+int uprintf_users();
 #endif