#include "../include/parsefile.h" #include "../include/configm.h" #include "../../../netlink_uapi/libnetlinku.h" #include "authfree.h" #include #include "s2j/s2j.h" #include "commuapinl.h" #include "auth_parameters.h" #include "rpc.h" #include "../Platform/common/database/database.h" #include "include/user_authpara.h" #include "config_manager.h" #include #include "stdlib.h" #include "redisMq.h" /*定义结构体 存认证参数*/ auth_parameters_t *auth_para; #define LOCAL_PORTALSERVER_PORT "local_portalserver_port" #ifdef AGINGTIME_ACK_COOKIES #define CFG_AGINGTIME_ACK_COOKIES #endif /*全局变量初始化 失败为1 成功为0*/ int authparInit() { auth_para = (auth_parameters_t *)malloc(sizeof(auth_parameters_t)); if(NULL == auth_para) { return 1; } return 0; } /*下发用户老化时间配置到内核态 */ int set_agingtimecfg_waitack(int *agingtime) { int agingtime_len = 0; struct nlmsghdr *ack = NULL; struct nlmsghdr **answer = &ack; struct { struct nlmsghdr n; char buf[1024]; } req = { .n.nlmsg_len = NLMSG_LENGTH(0), #ifdef CFG_AGINGTIME_ACK_COOKIES .n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK, /*set NLM_F_ACK:use kernel auto ack*/ #else .n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */ #endif .n.nlmsg_type = AGINGTIME_CFG, /*用户态发送给内核态的用户老化时间消息 */ .n.nlmsg_pid = getpid(), }; /*判断要发送的数据是否为NULL,不为NULL,打印出来 */ if(agingtime == NULL) { printf("set_agingtimecfg_waitack is error: input struct_agingtime is NULL.\r\n"); return -1; } else { printf("set_freeauthcfg_waitack :agingtime %d\n", *agingtime); } /*计算需要发送的数据的长度 */ agingtime_len = sizeof(int); printf("%d\n", agingtime_len); /*可选属性 */ commnl_addattr_l(&req.n, sizeof(req), 1, agingtime, agingtime_len); /*发送组装好的netlink消息 */ if(pdeliv_talk(1, &req.n, answer) < 0) { printf("set_user_agingtime_waitack rcv ack msg faild.\r\n"); return -2; } else { printf("set_user_agingtime_waitack rcv ack msg success.\r\n"); } if(*answer != NULL) { printf("set_user_agingtime_waitack rcv answer.\r\n"); } else { printf("set_user_agingtime_waitack rcv answer error.\r\n"); return -3; } #ifdef CFG_AGINGTIME_ACK_COOKIES /*recv answer*/ if((*answer)->nlmsg_type == NLMSG_ERROR) { nl_debugfs_extack(*answer); } #else /*recv answer*/ if((*answer)->nlmsg_type == AGINGTIME_CFG) { nl_debugfs(*answer); } #endif return 0; } /*检查IP地址是否有效,端口号是否被占用 */ int _valid_port(int port) { int fd; int i; struct sockaddr_in addr; fd = socket(AF_INET, SOCK_STREAM, 0); /*初始化*/ if(fd == -1) { /*检查是否正常初始化socket */ return -1; } addr.sin_family = AF_INET; /*地址结构的协议簇 */ addr.sin_port = htons(port); /*地址结构的端口地址,网络字节序 */ i = (bind(fd, (struct sockaddr *)&addr, sizeof(struct sockaddr))); printf("the value of i:%d\n", i); close(fd); if(i < 0) { printf("port %d has been used. \n", port); return -1; } return 0; } /* iuput格式:{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/ ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff) { char *pString = (char *)input; cJSON *cjson, *type, *data; printf("json:[%s]\n", pString); /*JSON字符串到JSON格式 */ cjson = cJSON_Parse(pString); if(!cjson) { return RET_INPUTERR; } /*获取操作类型 add、mod、del */ type = cJSON_GetObjectItem(cjson, "type"); if(!type) { cJSON_Delete(cjson); return RET_INPUTERR; } if(conf_type) { *conf_type = type->valueint; } /*获取免认证规则的data部分 */ data = cJSON_GetObjectItem(cjson, "data"); if(!data) { cJSON_Delete(cjson); return RET_INPUTERR; } /*创建freeauth_configure_t结构体对象 */ s2j_create_struct_obj(auth_parameters, auth_parameters_t); if(auth_parameters == NULL) { cJSON_Delete(cjson); return RET_NOMEM; } /*反序列化数据到freeauth_configure_t结构体对象 */ s2j_struct_get_basic_element(auth_parameters, data, int, port); s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon); s2j_struct_get_basic_element(auth_parameters, data, int, failcount); s2j_struct_get_basic_element(auth_parameters, data, int, locktime); s2j_struct_get_basic_element(auth_parameters, data, int, aging_time); if(authpara_buff) { authpara_buff->port = auth_parameters->port; authpara_buff->timehorizon = auth_parameters->timehorizon; authpara_buff->failcount = auth_parameters->failcount; authpara_buff->locktime = auth_parameters->locktime; authpara_buff->aging_time = auth_parameters->aging_time; } s2j_delete_struct_obj(auth_parameters); cJSON_Delete(cjson); return RET_OK; } /* 发布配置的本地Portal server 的port*/ void local_portal_port(char *port) { printf("port of local portal server:%s\n", port); bool ret = redisPubInit(); if(!ret) { printf("Init failed.\n"); return; } ret = redisPubConnect(); if(!ret) { printf("connect failed."); return; } redisPublish(LOCAL_PORTALSERVER_PORT, port); redisPubDisconnect(); redisPubUninit(); return; } ret_code authpara_config_chk(uint source, uint *config_type, pointer input, int *input_len, pointer output, int *output_len) { ret_code ret = RET_OK; return ret; } ret_code authpara_config_proc(uint source, uint config_type, pointer input, int input_len, pointer output, int *output_len) { configure_result_t *configure_result; cJSON *res; char auth_port[20]; ret_code ret = RET_OK; auth_parameters_t auth_parameters = {0}; uint conf_type = AUTHPARA_CONFIG_MOD; char *ret_char = NULL; unsigned int ret_int = 0; int portresult = 0; authpara_config_json_parse(input, &conf_type, &auth_parameters); if(input_len < sizeof(auth_parameters_t)) { return RET_INPUTERR; } portresult = _valid_port(auth_parameters.port); printf("portresult:%d\n", portresult); if(portresult == 1) { return RET_CHKERR; } /*数据库修改 存入全局变量*/ configure_result = (configure_result_t *)malloc(sizeof(configure_result_t)); if(NULL == configure_result) { return RET_NOMEM; } mod_authpara(auth_parameters.port, auth_parameters.timehorizon, auth_parameters.failcount, auth_parameters.locktime, auth_parameters.aging_time, configure_result); /*共享内存 传送用户态和内核态之间的配置信息*/ #if 0 /*存数据库成功,则下发到内核态auth_hook*/ int r = -1; if(0 == configure_result->resultcode) { /*用户态下发到内核态auth_hook */ printf("cfgchannel main begin:\r\n"); /*创建通道 */ r = commcfgnl_open(); if(r < 0) { printf(" pdlivnl_open fail, exit.\r\n"); return RET_ERR; } /*下发配置到内核态 */ r = set_agingtimecfg_waitack(&(auth_parameters.aging_time)); if(r < 0) { printf("set_cfg_debug_waitack failed.\r\n"); return RET_ERR; } /*关闭netlink通道 */ commcfgnl_close(); printf("cfgchannel main exit!\r\n"); } #endif #if 0 /*Portal server的port通过redis消息队列接口发布给web server*/ memset(auth_port, 0, 20); sprintf(auth_port, "%d ", auth_parameters.port); printf("The number 'port' is %d and the string 'port' is %s. \n", auth_parameters.port, auth_port); local_portal_port(auth_port); #endif /*创建json对象 */ res = cJSON_CreateObject(); if(!res) { free(configure_result); ret = RET_ERR; return ret; } /*将json对象转换成json字符串 返回处理结果*/ printf("resultcode = %d\n", configure_result->resultcode); printf("message = %s\n", configure_result->message); cJSON_AddNumberToObject(res, "resultcode", configure_result->resultcode); cJSON_AddStringToObject(res, "message", configure_result->message); ret_char = cJSON_PrintUnformatted(res); ret_int = strlen(ret_char); if(output_len) { *output_len = ret_int; } /*超出2k的内存,报错 */ if(ret_int >= 1024 * 2) { free(configure_result); free(ret_char); cJSON_Delete(res); return RET_NOMEM; } memcpy(output, ret_char, ret_int + 1); free(ret_char); cJSON_Delete(res); free(configure_result); return RET_OK; }