cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
secgateway/Platform/user/configm/config-server/web_config/authfree.c

637 lines
16 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#include "../include/parsefile.h"
#include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h"
#include "../../../../common/rpc/rpc.h"
#include "authfree.h"
#include <cjson/cJSON.h>
#include "../../../../../Common/s2j/s2j.h"
#include "../../../../../Common/commuapinl.h"
/*定义结构体数组 存在免认证规则 */
freeauth_configure_t freeauth_array[RULE_MAX_NUM] = {0};
#ifdef FREEAUTH_ACK_COOKIES
#define CFG_FREEAUTH_ACK_COOKIES
#endif
/*全局变量初始化 失败为1 成功为0*/
int authfreeInit(freeauth_configure_t **localuser)
{
*localuser = (freeauth_configure_t *)malloc(sizeof(freeauth_configure_t));
if (NULL == *localuser)
{
return 1;
}
return 0;
}
/* 判断IPv4格式是否正确*/
int isIpV4Addr(const char *ipAddr)
{
int ip_part_1 = 0;
int ip_part_2 = 0;
int ip_part_3 = 0;
int ip_part_4 = 0;
char end_char = 0;
if((NULL == ipAddr) || (0 == strlen(ipAddr)))
{
return -1;
}
if(4 == sscanf(ipAddr,"%d.%d.%d.%d%c",&ip_part_1,&ip_part_2,&ip_part_3,&ip_part_4,&end_char))
{
if((ip_part_1 >= 0) && (ip_part_1 <= 255) &&
(ip_part_2 >= 0) && (ip_part_2 <= 255) &&
(ip_part_3 >= 0) && (ip_part_3 <= 255) &&
(ip_part_4 >= 0) && (ip_part_4 <= 255)
)
{
return 0;
}
}
return -1;
}
/*下发配置到内核态 */
int set_freeauthcfg_waitack(freeauth_configure_t *struct_freeauth)
{
int freeauth_len = 0;
struct nlmsghdr *ack = NULL;
struct nlmsghdr **answer = &ack;
struct{
struct nlmsghdr n;
char buf[1024];
} req ={
.n.nlmsg_len = NLMSG_LENGTH(0),
#ifdef CFG_FREEAUTH_ACK_COOKIES
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,/*set NLM_F_ACKuse kernel auto ack*/
#else
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
#endif
.n.nlmsg_type = FREEAUTH_CFG,
.n.nlmsg_pid = getpid(),
};
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
if (struct_freeauth == NULL)
{
printf("set_freeauthcfg_waitack is error: input struct_freeauth is NULL.\r\n");
return -1;
}else
{
char str[32];
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&struct_freeauth->sip, str, 32);
char *sip_addr = str;
char dtr[32];
memset(dtr, 0, 32);
inet_ntop(AF_INET, (void *)&struct_freeauth->dip, dtr, 32);
char *dip_addr = dtr;
printf("set_freeauthcfg_waitack :name %s sip %s dip %s dport %d\n",
struct_freeauth->name, sip_addr, dip_addr,
struct_freeauth->dport);
}
/*计算需要发送的数据的长度 */
freeauth_len = sizeof(freeauth_configure_t);
/*可选属性 */
commnl_addattr_l(&req.n, sizeof(req), 1, struct_freeauth, freeauth_len);
/*发送组装好的netlink消息 */
if(pdeliv_talk(1, &req.n, answer) < 0)
{
printf("set_user_freeauth_waitack rcv ack msg faild.\r\n");
return -2;
}
else
{
printf("set_user_freeauth_waitack rcv ack msg success.\r\n");
}
if(*answer != NULL)
{
printf("set_user_freeauth_waitack rcv answer.\r\n");
}
else{
printf("set_user_freeauth_waitack rcv answer error.\r\n");
return -3;
}
#ifdef CFG_FREEAUTH_ACK_COOKIES
/*recv answer*/
if((*answer)->nlmsg_type == NLMSG_ERROR){
nl_debugfs_extack(*answer);
}
#else
/*recv answer*/
if((*answer)->nlmsg_type == FREEAUTH_CFG)
{
nl_debugfs(*answer);
}
#endif
return 0;
}
/* 判断免认证规则格式
* iuput格式{"type": 0, "data": {"name": "armink","sip": 1027824,"dip": 103427824,"dport": 24}}*/
ret_code freeauth_config_json_parse(pointer input, uint *conf_type, freeauth_configure_t *freeauth_buff)
{
ret_code ret = RET_OK;
cJSON *cjson, *type, *data;
/*JSON字符串到JSON格式 */
cjson = cJSON_Parse(input);
if(!cjson)
{
ret = RET_INPUTERR;
ASSERT_RET(ret);
return ret;
}
/*获取操作类型 add、mod、del */
type = cJSON_GetObjectItem(cjson, "type");
if(!type)
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
return ret;
}
*conf_type = type->valueint;
/*获取免认证规则的data部分 */
data = cJSON_GetObjectItem(cjson, "data");
if(!data)
{
ret = RET_INPUTERR;
cJSON_Delete(cjson);
cJSON_Delete(type);
return ret;
}
/*创建freeauth_configure_t结构体对象 */
s2j_create_struct_obj(struct_freeauth, freeauth_configure_t);
if(struct_freeauth == NULL)
{
cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_NOMEM;
}
/*反序列化数据到freeauth_configure_t结构体对象 */
s2j_struct_get_basic_element(struct_freeauth, data, string, name);
s2j_struct_get_basic_element(struct_freeauth, data, int, sip);
s2j_struct_get_basic_element(struct_freeauth, data, int, dip);
s2j_struct_get_basic_element(struct_freeauth, data, int, dport);
memcpy(freeauth_buff->name, struct_freeauth->name, sizeof(char)*32);
freeauth_buff->sip = struct_freeauth->sip;
freeauth_buff->dip = struct_freeauth->dip;
freeauth_buff->dport = struct_freeauth->dport;
s2j_delete_struct_obj(struct_freeauth);
cJSON_Delete(cjson);
cJSON_Delete(type);
cJSON_Delete(data);
return RET_OK;
}
/*检查增加的参数格式是否正确 */
ret_code freeauth_config_add_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
char str[32] = {0};
char dtr[32] = {0};
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
memset(str, 0, 32);
inet_ntop(AF_INET, (void *)&freeauth_configure->sip, str, 32);
char *sip_addr = str;
if( isIpV4Addr(sip_addr) < 0 )
{
ret = RET_IPINVALID;
return ret;
}
memset(dtr, 0, 32);
inet_ntop(AF_INET, (void *)&freeauth_configure->dip, dtr, 32);
char *dip_addr = dtr;
if( isIpV4Addr(dip_addr) < 0 )
{
ret = RET_IPINVALID;
return ret;
}
if ( (freeauth_configure->dport < DPORT_MIN_NUM) && (freeauth_configure->dport > DPORT_MAX_NUM ))
{
ret = RET_IPINVALID; /*先用IPVAILD表示后面加PORTVAILD */
return ret;
}
return RET_OK;
}
/*删除的时候以免认证规则名作为参数,检查免认证规则名是否存在 */
ret_code freeauth_config_del_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
for(i = 0; i < RULE_MAX_NUM; i++)
{
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name))
return RET_NOTFOUND;
}
return RET_OK;
}
/*修改 查询要修改的内容是否存在 */
ret_code freeauth_config_mod_chk(uint source,uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
int i;
if((input_len < sizeof(freeauth_configure_t)) || (input_len > sizeof(freeauth_configure_t)))
{
ret = RET_INPUTERR;
return ret;
}
/*检查修改的内容是否存在 */
for(i = 0; i < RULE_MAX_NUM; i++)
{
if (0 != strcmp(freeauth_array[i].name, freeauth_configure->name))
return RET_NOTFOUND;
}
return RET_OK;
}
/*chk data格式 */
ret_code freeauth_config_chk(uint source,uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
freeauth_configure_t freeauth_configure = {0};
int config_len = sizeof(freeauth_configure_t);
uint conf_type = FREEAUTH_CONFIG_GET;
int code = 0;
freeauth_config_json_parse(input, &conf_type, &freeauth_configure);
switch (conf_type)
{
case FREEAUTH_CONFIG_ADD:
ret = freeauth_config_add_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
case FREEAUTH_CONFIG_MOD:
ret = freeauth_config_mod_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
case FREEAUTH_CONFIG_DEL:
ret = freeauth_config_del_chk(source, conf_type,
&freeauth_configure, config_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
}
if(config_len <= CM_BUFF_SIZE)
{
memset(input, 0, *input_len);
memcpy(input, &freeauth_configure, config_len);
*config_type = conf_type;
*input_len = config_len;
}
else
{
ret = RET_NOMEM;
}
RET_ERR_FORMART(ret, code, output, *output_len);
return ret;
}
ret_code freeauth_config_add_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
/*增加数据库*/
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_freeauthcfg_waitack(freeauth_configure);
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(freeauth_configure);
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
cJSON_AddNumberToObject(res, "result", r);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(freeauth_configure);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(freeauth_configure);
return RET_OK;
}
ret_code freeauth_config_mod_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
/*数据库修改*/
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_freeauthcfg_waitack(freeauth_configure);
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(freeauth_configure);
ret = RET_ERR;
return ret;
}
cJSON_AddNumberToObject(res, "result", r);
/*将json对象转换成json字符串 */
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(freeauth_configure);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(freeauth_configure);
return RET_OK;
}
ret_code freeauth_config_del_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t *freeauth_configure;
freeauth_configure = (freeauth_configure_t *)input;
/*数据库删除*/
/*存入全局变量*/
/*用户态下发到内核态auth_hook */
int r = -1;
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0)
{
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_freeauthcfg_waitack(freeauth_configure);
if(r < 0)
{
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
/*创建json对象 */
res = cJSON_CreateObject();
if(!res)
{
free(freeauth_configure);
ret = RET_ERR;
return ret;
}
cJSON_AddNumberToObject(res, "result", r);
/*将json对象转换成json字符串 */
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len)
{
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2)
{
free(freeauth_configure);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, 0, ret_int + 1);
strcpy(output, ret_char);
free(ret_char);
cJSON_Delete(res);
free(freeauth_configure);
return RET_OK;
}
ret_code freeauth_config_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
uint conf_type = config_type;
ret_code ret = RET_OK;
int r = -1;
cJSON *res;
char * ret_char = NULL;
unsigned int ret_int = 0;
freeauth_configure_t conf_buff = {0};
freeauth_configure_t *freeauth_configure = &conf_buff;
freeauth_configure = (freeauth_configure_t *)input;
rpc_log_info("config type is %d, name %s sip %d dip %d dport %d\n",
conf_type, freeauth_configure->name,
freeauth_configure->sip, freeauth_configure->dip,
freeauth_configure->dport);
switch (conf_type)
{
case FREEAUTH_CONFIG_ADD:
ret = freeauth_config_add_proc(source, conf_type,
&freeauth_configure, input_len,
output, output_len);
break;
case FREEAUTH_CONFIG_MOD:
ret = freeauth_config_mod_proc(source, conf_type,
&freeauth_configure, input_len,
output, output_len);
break;
case FREEAUTH_CONFIG_DEL:
ret = freeauth_config_del_proc(source, conf_type,
&freeauth_configure, input_len,
output, output_len);
break;
default:
ret = RET_NOTSUPPORT;
}
return RET_OK;
}
int main()
{
}
Reference in New Issue View Git Blame Copy Permalink