#include #include #include "../include/parsefile.h" #include "../include/configm.h" #include "../../../netlink_uapi/libnetlinku.h" #include "rpc.h" #include "authfree.h" #include "auth_parameters.h" #include #include "s2j/s2j.h" #include "commuapinl.h" #include "../Platform/common/database/database.h" #include "include/user_authfree.h" #include "config_manager.h" /*定义结构体数组 存在免认证规则 */ freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0}; /*存储序列号的数组*/ int rule_order[RULE_MAX_NUM] = {0}; #define SPECHAR(element) (strpbrk((element), "~!@#$%^&*()_+{}|:\"<>?\\,./;\'[]-=`")) //校验特殊字符 #ifdef FREEAUTH_ACK_COOKIES #define CFG_FREEAUTH_ACK_COOKIES #endif #if 0 /* 判断IPv4格式是否正确*/ int isIpV4Addr(const char *ipAddr) { unsigned char buf[sizeof(struct sockaddr_in)]; if((NULL == ipAddr) || (0 == strlen(ipAddr))) { return -1; } if(inet_pton(AF_INET, ipAddr, buf) == 1) { return 0; } return -1; } #endif /*组播报文的目的地址使用D类IP地址,范围是从224.0.0.0到239.255.255.255*/ int isMulticastAddr(uint32_t address) { uint32_t addressInNetwork = htonl(address); printf("%d\n", addressInNetwork); if((addressInNetwork > 0xE00000FF) && (addressInNetwork <= 0xEFFFFFFF)) { printf("ip is multicast\n"); return 0; } printf("ip is not multicast\n"); return 1; } /*判断ip地址是广播地址 255.255.255.255*/ int isBroadcastIpV4Addr(const char *ipAddr) { int ip_part_1 = 0; int ip_part_2 = 0; int ip_part_3 = 0; int ip_part_4 = 0; if((NULL == ipAddr) || (0 == strlen(ipAddr))) { return 0; } if(4 == sscanf(ipAddr,"%d.%d.%d.%d", &ip_part_1, &ip_part_2, &ip_part_3, &ip_part_4)) { if((ip_part_1 == 255) &&(ip_part_2 == 255) && (ip_part_3 == 255) &&(ip_part_4 == 255)) { printf("ip is broadcast\n"); return 1; } } printf("ip is not broadcast\n"); return 0; } int isIpV4Addr(const char *ipAddr) { int ip_part_1 = 0; int ip_part_2 = 0; int ip_part_3 = 0; int ip_part_4 = 0; if((NULL == ipAddr) || (0 == strlen(ipAddr))) { return 1; } if(4 == sscanf(ipAddr,"%d.%d.%d.%d", &ip_part_1, &ip_part_2, &ip_part_3, &ip_part_4)) { if((ip_part_1 >= 0) && (ip_part_1 <= 255) && (ip_part_2 >= 0) && (ip_part_2 <= 255) && (ip_part_3 >= 0) && (ip_part_3 <= 255) && (ip_part_4 >= 0) && (ip_part_4 <= 255)) { return 0; } } return 1; } /*下发配置到内核态 */ int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth) { int freeauth_len = 0; struct nlmsghdr *ack = NULL; struct { struct nlmsghdr n; char buf[1024]; } req = { .n.nlmsg_len = NLMSG_LENGTH(0), #ifdef CFG_FREEAUTH_ACK_COOKIES .n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK, /*set NLM_F_ACK:use kernel auto ack*/ #else .n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */ #endif .n.nlmsg_type = FREEAUTH_CFG, .n.nlmsg_pid = getpid(), }; /*判断要发送的数据是否为NULL,不为NULL,打印出来 */ if(struct_freeauth == NULL) { printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n"); return -1; } else { unsigned char str[INET_ADDRSTRLEN]; unsigned char dtr[INET_ADDRSTRLEN]; memset(str, 0, INET_ADDRSTRLEN); inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, INET_ADDRSTRLEN); memset(dtr, 0, INET_ADDRSTRLEN); inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, INET_ADDRSTRLEN); printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n", struct_freeauth->name, str, dtr, struct_freeauth->dport); } /*计算需要发送的数据的长度 */ freeauth_len = sizeof(freeauth_configure_t); /*可选属性 */ commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len); /*发送组装好的netlink消息 */ if(pdeliv_talk(1, &req.n, &ack) < 0) { printf("set_user_freeauth_waitack rcv ack msg faild.\r\n"); return -2; } else { printf("set_user_freeauth_waitack rcv ack msg success.\r\n"); } if(ack != NULL) { printf("set_user_freeauth_waitack rcv answer.\r\n"); } else { printf("set_user_freeauth_waitack rcv answer error.\r\n"); return -3; } #ifdef CFG_FREEAUTH_ACK_COOKIES /*recv answer*/ if(ack->nlmsg_type == NLMSG_ERROR) { nl_debugfs_extack(ack); } #else /*recv answer*/ if(ack->nlmsg_type == FREEAUTH_CFG) { nl_debugfs(ack); } #endif if(ack) { free(ack); } return 0; } /*获取json串类型*/ ret_code freeauth_config_json_type(pointer input, uint *conf_type) { const char *pString = (char *)input; cJSON *cjson, *type; if(!pString) { return RET_INPUTERR; } printf("json:[%s]\n", pString); /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(input); if(!cjson) { printf("JSON格式错误\n"); return RET_INPUTERR; } /*获取操作类型 add、mod、del */ type = cJSON_GetObjectItem(cjson, "type"); if(!type) { cJSON_Delete(cjson); return RET_INPUTERR; } if(conf_type) { *conf_type = type->valueint; } cJSON_Delete(cjson); return RET_OK; } /*修改json字符串转为结构体 把未认证权限名称为name的序号移动到序号3前面*/ /*iuput格式:{"type": 1, "data": {"name": "armink", "after": 3}}*/ ret_code freeauth_mov_json_parse(pointer input, uint *conf_type, rule_mod_t *rule_mod) { const char *pString = (char *)input; cJSON *cjson, *type, *data; if(!pString) { return RET_INPUTERR; } printf("json:[%s]\n", pString); /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(pString); if(!cjson) { return RET_INPUTERR; } /*获取免认证规则的data部分 */ data = cJSON_GetObjectItem(cjson, "data"); if(!data) { cJSON_Delete(cjson); return RET_INPUTERR; } /*创建freeauth_configure_t结构体对象 */ s2j_create_struct_obj(struct_rulemod, rule_mod_t); if(struct_rulemod == NULL) { cJSON_Delete(cjson); return RET_NOMEM; } /*反序列化数据到freeauth_configure_t结构体对象 */ s2j_struct_get_basic_element(struct_rulemod, data, int, after); s2j_struct_get_basic_element(struct_rulemod, data, string, name); if(rule_mod) { memset(rule_mod, 0, sizeof(rule_mod_t)); rule_mod->after = struct_rulemod->after; strncpy(rule_mod->name, struct_rulemod->name, UNAMESIZE); } printf("移动数据解析完成\n"); cJSON_Delete(cjson); return RET_OK; } /*json字符串转为结构体*/ /*iuput格式:{"type": 0, "data": {"rule_priority": 1, "name": "armink","sip": "192.168.1.1","dip": "192.168.2.100","dport": 24, "flag":0}}*/ ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff) { const char *pString = (char *)input; cJSON *cjson, *type, *data; if(!pString) { return RET_INPUTERR; } printf("json:[%s]\n", pString); /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(pString); if(!cjson) { return RET_INPUTERR; } /*获取操作类型 add、mod、del */ type = cJSON_GetObjectItem(cjson, "type"); if(!type) { cJSON_Delete(cjson); return RET_INPUTERR; } if(conf_type) { *conf_type = type->valueint; } /*获取免认证规则的data部分 */ data = cJSON_GetObjectItem(cjson, "data"); if(!data) { cJSON_Delete(cjson); return RET_INPUTERR; } /*创建freeauth_configure_t结构体对象 */ s2j_create_struct_obj(struct_freeauth, freeauth_configure_json_t); if(struct_freeauth == NULL) { cJSON_Delete(cjson); return RET_NOMEM; } /*反序列化数据到freeauth_configure_t结构体对象 */ s2j_struct_get_basic_element(struct_freeauth, data, int, rule_priority); s2j_struct_get_basic_element(struct_freeauth, data, string, name); s2j_struct_get_basic_element(struct_freeauth, data, string, sip); s2j_struct_get_basic_element(struct_freeauth, data, string, dip); s2j_struct_get_basic_element(struct_freeauth, data, int, dport); s2j_struct_get_basic_element(struct_freeauth, data, int, flag); if(freeauth_buff) { memset(freeauth_buff, 0, sizeof(freeauth_configure_t)); freeauth_buff->rule_priority = struct_freeauth->rule_priority; strncpy(freeauth_buff->name, struct_freeauth->name, UNAMESIZE); inet_pton(AF_INET, struct_freeauth->sip, &freeauth_buff->sip); /*点分十进制-十进制*/ inet_pton(AF_INET, struct_freeauth->dip, &freeauth_buff->dip); freeauth_buff->dport = struct_freeauth->dport; freeauth_buff->flag = struct_freeauth->flag; } printf("添加数据解析完成\n"); cJSON_Delete(cjson); s2j_delete_struct_obj(struct_freeauth); return RET_OK; } /*iuput格式: { "type": 0, "data": [ {"rule_priority": 1,"name": "cary","sip": "192.168.1.1","dip": "192.168.5.1","dport": 120, "flag":0}, {"rule_priority": 2,"name": "nicole","sip": "192.168.1.1","dip": "192.168.5.1","dport": 130, "flag":0}, {"rule_priority": 3,"name": "arwrgmink","sip": "192.168.1.1","dip": "192.168.5.1","dport": 90, "flag":0} ] } */ ret_code authfree_config_json_parse_array(pointer input, uint *conf_type, freeauth_configure_t **fb, int *cnt) { cJSON *cjson, *data, *rule_priority, *name, *sip, *dip, *dport, *flag; freeauth_configure_t *freeauth_buff = *fb; int iCount = 0, i = 0; *fb = NULL; /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(input); if(!cjson) { return RET_INPUTERR; } rpc_log_info("json input:%s \n", cJSON_Print(cjson)); /*获取免认证规则的data部分 */ data = cJSON_GetObjectItem(cjson, "data"); if(!data) { cJSON_Delete(cjson); return RET_INPUTERR; } /*获取数组长度*/ iCount = cJSON_GetArraySize(data); printf("iCount=[%d]\n", iCount); freeauth_buff = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t) * iCount); if(!freeauth_buff) { cJSON_Delete(cjson); return RET_NOMEM; } memset(freeauth_buff, 0, sizeof(freeauth_configure_t) * iCount); *fb = freeauth_buff; for(i = 0; i < iCount; i++) { cJSON *pArrayItem = cJSON_GetArrayItem(data, i); if(pArrayItem) { /*获取未认证权限优先级键值对*/ rule_priority = cJSON_GetObjectItem(pArrayItem, "rule_priority"); if(rule_priority) { freeauth_buff->rule_priority = rule_priority->valueint; } /*未认证权限名称*/ name = cJSON_GetObjectItem(pArrayItem, "name"); if(name) { strncpy(freeauth_buff->name, name->valuestring, UNAMESIZE); printf("freeauth_buff->name = %s\n", freeauth_buff->name); } /*源IP地址*/ sip = cJSON_GetObjectItem(pArrayItem, "sip"); if(sip) { /*点分十进制转为十进制 192.168.1.1 12675138*/ inet_pton(AF_INET, sip->valuestring, &freeauth_buff->sip); } /*目的IP地址*/ dip = cJSON_GetObjectItem(pArrayItem, "dip"); if(dip) { /*点分十进制转为十进制 192.168.1.1 12675138*/ inet_pton(AF_INET, dip->valuestring, &freeauth_buff->dip); } /*目的端口号*/ dport = cJSON_GetObjectItem(pArrayItem, "dport"); if(dport) { freeauth_buff->dport = dport->valueint; } /*状态标志位*/ flag = cJSON_GetObjectItem(pArrayItem, "flag"); if(flag) { freeauth_buff->flag = flag->valueint; } printf("freeauth_buff->name = %p\n", &freeauth_buff->name); printf("freeauth_buff->name = %s\n", freeauth_buff->name); #if 0 for (int j = 0; j < iCount; j++) { printf("[%d %s %d %d %d %d]\n", freeauth_buff->rule_priority, freeauth_buff->name, freeauth_buff->sip, freeauth_buff->dip, freeauth_buff->dport, freeauth_buff->flag); freeauth_buff++; } #endif freeauth_buff++; } } if(cnt) { *cnt = iCount; } cJSON_Delete(cjson); printf("删除数据解析完成\n"); return RET_OK; } /*chk data格式 */ ret_code freeauth_config_chk(uint source, uint *config_type, pointer input, int *input_len, pointer output, int *output_len) { ret_code ret = RET_OK; return ret; } /*增加未认证权限规则*/ ret_code freeauth_config_add_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { int i; cJSON *res; freeauth_configure_t *freeauth_configure; uint conf_type = FREEAUTH_CONFIG_GET; char *ret_char = NULL; unsigned int ret_int = 0; authfree_result_t authfree_result; char* err_msg = NULL; char str[INET_ADDRSTRLEN]; char dtr[INET_ADDRSTRLEN]; freeauth_configure = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t)); if(freeauth_configure == NULL) { return RET_NOMEM; } freeauth_config_json_parse(input, &conf_type, freeauth_configure); /*校验用户名长度*/ if(input_len < sizeof(freeauth_configure_t) || NULL == freeauth_configure->name || (UNAMESIZE) < strlen(freeauth_configure->name) || 0 == strlen(freeauth_configure->name)) { free(freeauth_configure); printf("the lenth is error\n"); return RET_INPUTERR; } memset(str, 0, INET_ADDRSTRLEN); inet_ntop(AF_INET,&freeauth_configure->sip, str, sizeof(str)); memset(dtr, 0, INET_ADDRSTRLEN); inet_ntop(AF_INET,&freeauth_configure->dip, dtr, sizeof(dtr)); /*判断输入参数是否有效*/ if(SPECHAR(freeauth_configure->name)) { err_msg = "免认证规则名称含有特殊字符"; } else if ( 1 == isIpV4Addr(str)) { err_msg = "源IP地址无效"; } else if( 1 == isBroadcastIpV4Addr(str)) { err_msg = "源IP地址是广播地址"; } else if(0 == isMulticastAddr(freeauth_configure->sip)) { err_msg = "源IP地址是组播地址"; }else if ( 1 == isIpV4Addr(dtr)) { err_msg = "目的IP地址无效"; } else if( 1 == isBroadcastIpV4Addr(dtr)) { err_msg = "目的IP地址是广播地址"; } else if(0 == isMulticastAddr(freeauth_configure->dip)) { err_msg = "目的IP地址是组播地址"; }else if((freeauth_configure->dport < DPORT_MIN_NUM) || (freeauth_configure->dport > DPORT_MAX_NUM)) { err_msg = "免认证规则端口无效"; } if(err_msg != NULL) { char *ret_char = NULL; unsigned int ret_int = 0; cJSON *res; /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", 1); cJSON_AddStringToObject(res, "message", err_msg); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); free(freeauth_configure); return RET_INPUTERR; } /*查找要增加的未认证权限是否重名 该名字已存在 则退出程序 */ for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ if(0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) { printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); printf("local user is existed\n"); /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { free(freeauth_configure); return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", 1); cJSON_AddStringToObject(res, "message", "免认证规则名已存在"); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); return RET_OK; } } /*数据库修改 存入全局变量*/ add_authfree(freeauth_configure->rule_priority, freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, freeauth_configure->dport, freeauth_configure->flag, &authfree_result); #if 0 /*用户态下发到内核态auth_hook */ int r = -1; printf("cfgchannel main begin:\r\n"); /*创建通道 */ r = commcfgnl_open(); if(r < 0) { printf(" pdlivnl_open fail, exit.\r\n"); return RET_ERR; } /*下发配置到内核态 */ r = set_freeauthcfg_waitack(freeauth_configure); if(r < 0) { printf("set_cfg_debug_waitack failed.\r\n"); return RET_ERR; } /*关闭netlink通道 */ commcfgnl_close(); printf("cfgchannel main exit!\r\n"); #endif /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { free(freeauth_configure); return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); cJSON_AddStringToObject(res, "message", authfree_result.message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); free(freeauth_configure); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); free(freeauth_configure); return RET_OK; } ret_code freeauth_config_mov_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { int i; int cnt; cJSON *res; authfree_result_t authfree_result; rule_mod_t *rule_mod; uint conf_type = FREEAUTH_CONFIG_GET; char *ret_char = NULL; unsigned int ret_int = 0; cJSON *pJsonArry, *pJsonsub; rule_mod = (rule_mod_t *)malloc(sizeof(rule_mod_t)); if(rule_mod == NULL) { return RET_NOMEM; } freeauth_mov_json_parse(input, &conf_type, rule_mod); printf("%s %d\n", rule_mod->name, rule_mod->after); if(input_len < sizeof(rule_mod_t)) { return RET_INPUTERR; } /*判断一些目前全局变量存的数量 移动的数需要约束*/ for(i = 0; i < RULE_MAX_NUM; i++) { if (0 == strlen(freeauth_array[i].name)) { printf("the name is :%s i:%d\n", freeauth_array[i].name, i); break; } } if ((rule_mod->after > i) || (rule_mod->after < 1)) { printf("mov number is not vaild\n"); /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", 11); cJSON_AddStringToObject(res, "message", "移动规则失败"); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); return RET_ERR; } printf("打印全局数组内全部元素\n"); /*打印数组内全部元素*/ for(i = 0; i < RULE_MAX_NUM; i++) { printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i); } /*查找要移动的未认证权限是否存在 不存在 则退出程序 */ for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ if(0 == strcmp(freeauth_array[i].name, rule_mod->name)) { printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); mov_authfree(rule_mod->name, rule_mod->after, &authfree_result); /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); cJSON_AddStringToObject(res, "message", authfree_result.message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); return RET_OK; } } } /*单个删除、批量删除*/ ret_code freeauth_config_del_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { int i; int cnt; cJSON *res; authfree_result_t authfree_result; freeauth_configure_t *freeauth_configure = NULL; uint conf_type = FREEAUTH_CONFIG_GET; char *ret_char = NULL; unsigned int ret_int = 0; cJSON *pJsonArry, *pJsonsub; char name[256]; authfree_config_json_parse_array(input, &conf_type, &freeauth_configure, &cnt); printf("打印全局数组内全部元素\n"); /*打印数组内全部元素*/ for(i = 0; i < RULE_MAX_NUM; i++) { printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i); } printf("打印传过来的json串\n"); for(int j = 0; j < cnt; j++) { printf("[%s %d]\n", freeauth_configure[j].name, j); } pJsonArry = cJSON_CreateArray(); /*创建数组*/ /*数据库删除 存入全局变量*/ for(int j = 0; j < cnt; j++) { memset(name, 0, 256); strncpy(name, freeauth_configure[j].name, UNAMESIZE); del_authfree(freeauth_configure[j].name, &authfree_result); if(6 == authfree_result.resultcode) { cJSON_AddItemToArray(pJsonArry, pJsonsub = cJSON_CreateObject()); /* 给创建的数组增加对象*/ cJSON_AddStringToObject(pJsonsub, "name", name); } } /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); cJSON_AddStringToObject(res, "message", authfree_result.message); cJSON_AddItemToObject(res, "data", pJsonArry); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); return RET_OK; } /*修改未认证权限规则*/ ret_code freeauth_config_mod_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { int i; cJSON *res; freeauth_configure_t *freeauth_configure; uint conf_type = FREEAUTH_CONFIG_GET; char *ret_char = NULL; unsigned int ret_int = 0; authfree_result_t authfree_result; freeauth_configure = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t)); if(freeauth_configure == NULL) { return RET_NOMEM; } freeauth_config_json_parse(input, &conf_type, freeauth_configure); /*校验用户名长度*/ if(input_len < sizeof(freeauth_configure_t) || NULL == freeauth_configure->name || (UNAMESIZE) < strlen(freeauth_configure->name) || 0 == strlen(freeauth_configure->name)) { free(freeauth_configure); printf("the lenth is error\n"); return RET_INPUTERR; } /*查找要增加的未认证权限是否重名 该名字不存在 则退出程序 */ for(i = 0; i < RULE_MAX_NUM; i++) { /*两个字符串相等 strcmp值为0*/ if(0 == strcmp(freeauth_array[i].name, freeauth_configure->name)) { printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); /*数据库修改 存入全局变量*/ mod_authfree(freeauth_configure->rule_priority, freeauth_configure->name, freeauth_configure->sip, freeauth_configure->dip, freeauth_configure->dport, freeauth_configure->flag, &authfree_result); #if 0 /*用户态下发到内核态auth_hook */ int r = -1; printf("cfgchannel main begin:\r\n"); /*创建通道 */ r = commcfgnl_open(); if(r < 0) { printf(" pdlivnl_open fail, exit.\r\n"); return RET_ERR; } /*下发配置到内核态 */ r = set_freeauthcfg_waitack(freeauth_configure); if(r < 0) { printf("set_cfg_debug_waitack failed.\r\n"); return RET_ERR; } /*关闭netlink通道 */ commcfgnl_close(); printf("cfgchannel main exit!\r\n"); #endif /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { free(freeauth_configure); return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); cJSON_AddStringToObject(res, "message", authfree_result.message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); free(freeauth_configure); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); free(freeauth_configure); return RET_OK; } } if(freeauth_configure) { free(freeauth_configure); } return RET_OK; } /*查询未认证权限*/ ret_code freeauth_config_get_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { int i; int cnt; cJSON *res; char *ret_char = NULL; unsigned int ret_int = 0; uint conf_type = FREEAUTH_CONFIG_GET; cJSON *pJsonArry, *pJsonsub; char *name; printf("打印全局数组内全部元素\n"); /*打印数组内全部元素*/ for(i = 0; i < RULE_MAX_NUM; i++) { printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i); } pJsonArry= cJSON_CreateArray(); /*创建数组*/ /*打印数组内全部元素*/ /*查找免认证规则名字,不存在则退出程序 */ for(i = 0; i < RULE_MAX_NUM; i++) { if (0 != strlen(freeauth_array[i].name)) { char str[INET_ADDRSTRLEN]; printf("%s(%d) freeauth_array[%d] = %p\n", __FUNCTION__, __LINE__, i, &freeauth_array[i]); cJSON_AddItemToArray(pJsonArry, pJsonsub=cJSON_CreateObject()); /* 给创建的数组增加对象*/ cJSON_AddNumberToObject(pJsonsub, "rule_priority", (i + 1)); cJSON_AddStringToObject(pJsonsub, "name", freeauth_array[i].name); memset(str, 0, INET_ADDRSTRLEN); inet_ntop(AF_INET,&freeauth_array[i].sip, str, sizeof(str)); cJSON_AddStringToObject(pJsonsub, "sip", str); memset(str, 0, INET_ADDRSTRLEN); inet_ntop(AF_INET,&freeauth_array[i].dip, str, sizeof(str)); cJSON_AddStringToObject(pJsonsub, "dip", str); cJSON_AddNumberToObject(pJsonsub, "dport", freeauth_array[i].dport); cJSON_AddNumberToObject(pJsonsub, "flag", freeauth_array[i].flag); } } /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", 11); cJSON_AddStringToObject(res, "message", "查询规则成功"); cJSON_AddItemToObject(res, "data", pJsonArry); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); return RET_OK; } /*删除所有免认证规则*/ ret_code freeauth_config_del_all_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { int i; int cnt; cJSON *res; authfree_result_t authfree_result; freeauth_configure_t *freeauth_configure = NULL; uint conf_type = FREEAUTH_CONFIG_GET; char *ret_char = NULL; unsigned int ret_int = 0; freeauth_configure = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t)); if(freeauth_configure == NULL) { return RET_NOMEM; } freeauth_config_json_parse(input, &conf_type, freeauth_configure); printf("打印全局数组内全部元素\n"); /*打印数组内全部元素*/ for(i = 0; i < RULE_MAX_NUM; i++) { printf("[%d %s %d %d %d %d %d]\n", freeauth_array[i].rule_priority, freeauth_array[i].name, freeauth_array[i].sip, freeauth_array[i].dip, freeauth_array[i].dport, freeauth_array[i].flag, i); } /*删除所有未认证权限*/ del_all_authfree(freeauth_configure->name, &authfree_result); /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { return RET_ERR; } /*将json对象转换成json字符串 返回处理结果*/ cJSON_AddNumberToObject(res, "resultcode", authfree_result.resultcode); cJSON_AddStringToObject(res, "message", authfree_result.message); cJSON_AddStringToObject(res, "data", ""); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int + 1; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int); free(ret_char); cJSON_Delete(res); return RET_OK; } ret_code freeauth_config_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { ret_code ret = RET_OK; freeauth_configure_t freeauth_configure = {0}; int config_len = sizeof(freeauth_configure_t); uint conf_type; char *ret_char = NULL; unsigned int ret_int = 0; int r = -1; cJSON *res; int code = 0; freeauth_config_json_type(input, &conf_type); rpc_log_info("config type is %d\n", conf_type); switch(conf_type) { case FREEAUTH_CONFIG_ADD: ret = freeauth_config_add_proc(source, conf_type, input, input_len, output, output_len); break; case FREEAUTH_CONFIG_MOV: ret = freeauth_config_mov_proc(source, conf_type, input, input_len, output, output_len); break; case FREEAUTH_CONFIG_DEL: ret = freeauth_config_del_proc(source, conf_type, input, input_len, output, output_len); break; case FREEAUTH_CONFIG_MOD: ret = freeauth_config_mod_proc(source, conf_type, input, input_len, output, output_len); break; case FREEAUTH_CONFIG_GET: ret = freeauth_config_get_proc(source, conf_type, input, input_len, output, output_len); break; case FREEAUTH_CONFIG_DEL_ALL: ret = freeauth_config_del_all_proc(source, conf_type, input, input_len, output, output_len); break; default: ret = RET_NOTSUPPORT; } return RET_OK; }