cmhi
/
secgateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
secgateway/Platform/user/configm/config-server/web_config/auth_parameters.c

350 lines
9.2 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#include "../include/parsefile.h"
#include "../include/configm.h"
#include "../../../netlink_uapi/libnetlinku.h"
#include "authfree.h"
#include <cjson/cJSON.h>
#include "s2j/s2j.h"
#include "commuapinl.h"
#include "auth_parameters.h"
#include "rpc.h"
#include "../Platform/common/database/database.h"
#include "include/user_authpara.h"
#include "config_manager.h"
#include <stdbool.h>
#include "stdlib.h"
#include "redisMq.h"
/*定义结构体 存认证参数*/
auth_parameters_t *auth_para;
#define LOCAL_PORTALSERVER_PORT "local_portalserver_port"
#ifdef AGINGTIME_ACK_COOKIES
#define CFG_AGINGTIME_ACK_COOKIES
#endif
/*全局变量初始化 失败为1 成功为0*/
int authparInit()
{
auth_para = (auth_parameters_t *)malloc(sizeof(auth_parameters_t));
if(NULL == auth_para) {
return 1;
}
return 0;
}
/*下发用户老化时间配置到内核态 */
int set_agingtimecfg_waitack(int *agingtime)
{
int agingtime_len = 0;
struct nlmsghdr *ack = NULL;
struct nlmsghdr **answer = &ack;
struct {
struct nlmsghdr n;
char buf[1024];
} req = {
.n.nlmsg_len = NLMSG_LENGTH(0),
#ifdef CFG_AGINGTIME_ACK_COOKIES
.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK, /*set NLM_F_ACKuse kernel auto ack*/
#else
.n.nlmsg_flags = NLM_F_REQUEST, /*not use kernel auto ack */
#endif
.n.nlmsg_type = AGINGTIME_CFG, /*用户态发送给内核态的用户老化时间消息 */
.n.nlmsg_pid = getpid(),
};
/*判断要发送的数据是否为NULL,不为NULL,打印出来 */
if(agingtime == NULL) {
printf("set_agingtimecfg_waitack is error: input struct_agingtime is NULL.\r\n");
return -1;
} else {
printf("set_freeauthcfg_waitack :agingtime %d\n", *agingtime);
}
/*计算需要发送的数据的长度 */
agingtime_len = sizeof(int);
printf("%d\n", agingtime_len);
/*可选属性 */
commnl_addattr_l(&req.n, sizeof(req), 1, agingtime, agingtime_len);
/*发送组装好的netlink消息 */
if(pdeliv_talk(1, &req.n, answer) < 0) {
printf("set_user_agingtime_waitack rcv ack msg faild.\r\n");
return -2;
} else {
printf("set_user_agingtime_waitack rcv ack msg success.\r\n");
}
if(*answer != NULL) {
printf("set_user_agingtime_waitack rcv answer.\r\n");
} else {
printf("set_user_agingtime_waitack rcv answer error.\r\n");
return -3;
}
#ifdef CFG_AGINGTIME_ACK_COOKIES
/*recv answer*/
if((*answer)->nlmsg_type == NLMSG_ERROR) {
nl_debugfs_extack(*answer);
}
#else
/*recv answer*/
if((*answer)->nlmsg_type == AGINGTIME_CFG) {
nl_debugfs(*answer);
}
#endif
return 0;
}
/*检查IP地址是否有效端口号是否被占用 */
int _valid_port(int port)
{
int fd;
int i;
struct sockaddr_in addr;
fd = socket(AF_INET, SOCK_STREAM, 0); /*初始化*/
if(fd == -1) { /*检查是否正常初始化socket */
return -1;
}
addr.sin_family = AF_INET; /*地址结构的协议簇 */
addr.sin_port = htons(port); /*地址结构的端口地址,网络字节序 */
i = (bind(fd, (struct sockaddr *)&addr, sizeof(struct sockaddr)));
printf("the value of i:%d\n", i);
close(fd);
if(i < 0) {
printf("port %d has been used. \n", port);
return -1;
}
return 0;
}
/* iuput格式{"type": 0, "data": {"port": 1010,"timehorizon": 10,"failcount": 20,"locktime":30, "aging_time":10}}*/
ret_code authpara_config_json_parse(pointer input, uint *conf_type, auth_parameters_t *authpara_buff)
{
char *pString = (char *)input;
cJSON *cjson, *type, *data;
printf("json:[%s]\n", pString);
/*JSON字符串到JSON格式 */
cjson = cJSON_Parse(pString);
if(!cjson) {
return RET_INPUTERR;
}
/*获取操作类型 add、mod、del */
type = cJSON_GetObjectItem(cjson, "type");
if(!type) {
cJSON_Delete(cjson);
return RET_INPUTERR;
}
if(conf_type) {
*conf_type = type->valueint;
}
/*获取免认证规则的data部分 */
data = cJSON_GetObjectItem(cjson, "data");
if(!data) {
cJSON_Delete(cjson);
return RET_INPUTERR;
}
/*创建freeauth_configure_t结构体对象 */
s2j_create_struct_obj(auth_parameters, auth_parameters_t);
if(auth_parameters == NULL) {
cJSON_Delete(cjson);
return RET_NOMEM;
}
/*反序列化数据到freeauth_configure_t结构体对象 */
s2j_struct_get_basic_element(auth_parameters, data, int, port);
s2j_struct_get_basic_element(auth_parameters, data, int, timehorizon);
s2j_struct_get_basic_element(auth_parameters, data, int, failcount);
s2j_struct_get_basic_element(auth_parameters, data, int, locktime);
s2j_struct_get_basic_element(auth_parameters, data, int, aging_time);
if(authpara_buff) {
authpara_buff->port = auth_parameters->port;
authpara_buff->timehorizon = auth_parameters->timehorizon;
authpara_buff->failcount = auth_parameters->failcount;
authpara_buff->locktime = auth_parameters->locktime;
authpara_buff->aging_time = auth_parameters->aging_time;
}
s2j_delete_struct_obj(auth_parameters);
cJSON_Delete(cjson);
return RET_OK;
}
/* 发布配置的本地Portal server 的port*/
void local_portal_port(char *port)
{
printf("port of local portal server%s\n", port);
bool ret = redisPubInit();
if(!ret) {
printf("Init failed.\n");
return;
}
ret = redisPubConnect();
if(!ret) {
printf("connect failed.");
return;
}
redisPublish(LOCAL_PORTALSERVER_PORT, port);
redisPubDisconnect();
redisPubUninit();
return;
}
ret_code authpara_config_chk(uint source, uint *config_type,
pointer input, int *input_len,
pointer output, int *output_len)
{
ret_code ret = RET_OK;
return ret;
}
ret_code authpara_config_proc(uint source, uint config_type,
pointer input, int input_len,
pointer output, int *output_len)
{
configure_result_t *configure_result;
cJSON *res;
char auth_port[20];
ret_code ret = RET_OK;
auth_parameters_t auth_parameters = {0};
uint conf_type = AUTHPARA_CONFIG_MOD;
char *ret_char = NULL;
unsigned int ret_int = 0;
int portresult = 0;
authpara_config_json_parse(input, &conf_type, &auth_parameters);
if(input_len < sizeof(auth_parameters_t)) {
return RET_INPUTERR;
}
portresult = _valid_port(auth_parameters.port);
printf("portresult:%d\n", portresult);
if(portresult == 1) {
return RET_CHKERR;
}
/*数据库修改 存入全局变量*/
configure_result = (configure_result_t *)malloc(sizeof(configure_result_t));
if(NULL == configure_result) {
return RET_NOMEM;
}
mod_authpara(auth_parameters.port, auth_parameters.timehorizon, auth_parameters.failcount,
auth_parameters.locktime, auth_parameters.aging_time, configure_result);
/*共享内存 传送用户态和内核态之间的配置信息*/
#if 0
/*存数据库成功则下发到内核态auth_hook*/
int r = -1;
if(0 == configure_result->resultcode) {
/*用户态下发到内核态auth_hook */
printf("cfgchannel main begin:\r\n");
/*创建通道 */
r = commcfgnl_open();
if(r < 0) {
printf(" pdlivnl_open fail, exit.\r\n");
return RET_ERR;
}
/*下发配置到内核态 */
r = set_agingtimecfg_waitack(&(auth_parameters.aging_time));
if(r < 0) {
printf("set_cfg_debug_waitack failed.\r\n");
return RET_ERR;
}
/*关闭netlink通道 */
commcfgnl_close();
printf("cfgchannel main exit!\r\n");
}
#endif
#if 0
/*Portal server的port通过redis消息队列接口发布给web server*/
memset(auth_port, 0, 20);
sprintf(auth_port, "%d ", auth_parameters.port);
printf("The number 'port' is %d and the string 'port' is %s. \n", auth_parameters.port, auth_port);
local_portal_port(auth_port);
#endif
/*创建json对象 */
res = cJSON_CreateObject();
if(!res) {
free(configure_result);
ret = RET_ERR;
return ret;
}
/*将json对象转换成json字符串 返回处理结果*/
printf("resultcode = %d\n", configure_result->resultcode);
printf("message = %s\n", configure_result->message);
cJSON_AddNumberToObject(res, "resultcode", configure_result->resultcode);
cJSON_AddStringToObject(res, "message", configure_result->message);
ret_char = cJSON_PrintUnformatted(res);
ret_int = strlen(ret_char);
if(output_len) {
*output_len = ret_int;
}
/*超出2k的内存报错 */
if(ret_int >= 1024 * 2) {
free(configure_result);
free(ret_char);
cJSON_Delete(res);
return RET_NOMEM;
}
memcpy(output, ret_char, ret_int + 1);
free(ret_char);
cJSON_Delete(res);
free(configure_result);
return RET_OK;
}
Reference in New Issue View Git Blame Copy Permalink