#include <sys/types.h>
#include <sys/socket.h>
-#include <sys/select.h>
+#include <unistd.h> // close
#include <csignal>
#include <cstdlib>
#include <cstdio> // snprintf
#include <cerrno>
+#include <cmath>
#include <algorithm>
+#include "stg/common.h"
+#include "stg/locker.h"
+#include "stg/tariff.h"
+#include "stg/user_property.h"
+#include "stg/settings.h"
+#include "stg/plugin_creator.h"
#include "inetaccess.h"
-#include "common.h"
-#include "stg_locker.h"
-#include "tariff.h"
-#include "user_property.h"
-#include "settings.h"
extern volatile const time_t stgTime;
void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8);
void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8);
-//-----------------------------------------------------------------------------
-class IA_CREATOR
-{
-private:
- AUTH_IA * ia;
-
-public:
- IA_CREATOR()
- : ia(new AUTH_IA())
- {
- };
- ~IA_CREATOR()
- {
- delete ia;
- };
-
- AUTH_IA * GetPlugin()
- {
- return ia;
- };
-};
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
-IA_CREATOR iac;
+PLUGIN_CREATOR<AUTH_IA> iac;
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
: userDelay(0),
userTimeout(0),
port(0),
+ errorStr(),
freeMbShowType(freeMbCash)
{
}
//-----------------------------------------------------------------------------
-int AUTH_IA_SETTINGS::ParseIntInRange(const string & str, int min, int max, int * val)
-{
-if (str2x(str.c_str(), *val))
- {
- errorStr = "Incorrect value \'" + str + "\'.";
- return -1;
- }
-if (*val < min || *val > max)
- {
- errorStr = "Value \'" + str + "\' out of range.";
- return -1;
- }
-return 0;
-}
-//-----------------------------------------------------------------------------
int AUTH_IA_SETTINGS::ParseSettings(const MODULE_SETTINGS & s)
{
int p;
#ifdef IA_PHASE_DEBUG
IA_PHASE::IA_PHASE()
: phase(1),
+ phaseTime(),
flog(NULL)
{
gettimeofday(&phaseTime, NULL);
}
#else
IA_PHASE::IA_PHASE()
- : phase(1)
+ : phase(1),
+ phaseTime()
{
gettimeofday(&phaseTime, NULL);
}
UTIME newPhaseTime;
gettimeofday(&newPhaseTime, NULL);
flog = fopen(log.c_str(), "at");
-/*int64_t tn = newPhaseTime.GetSec()*1000000 + newPhaseTime.GetUSec();
-int64_t to = phaseTime.GetSec()*1000000 + phaseTime.GetUSec();*/
if (flog)
{
string action = newPhase == phase ? "U" : "C";
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
AUTH_IA::AUTH_IA()
- : nonstop(false),
+ : ctxS(),
+ errorStr(),
+ iaSettings(),
+ settings(),
+ nonstop(false),
isRunningRun(false),
isRunningRunTimeouter(false),
users(NULL),
stgSettings(NULL),
+ ip2user(),
+ recvThread(),
+ timeouterThread(),
+ mutex(),
listenSocket(-1),
- WriteServLog(GetStgLogger()),
+ connSynAck6(),
+ connSynAck8(),
+ disconnSynAck6(),
+ disconnSynAck8(),
+ aliveSyn6(),
+ aliveSyn8(),
+ fin6(),
+ fin8(),
+ packetTypes(),
enabledDirs(0xFFffFFff),
- onDelUserNotifier(*this)
+ onDelUserNotifier(*this),
+ logger(GetPluginLogger(GetStgLogger(), "auth_ia"))
{
InitEncrypt(&ctxS, "pr7Hhen");
{
errorStr = "Cannot create thread.";
printfd(__FILE__, "Cannot create recv thread\n");
+ logger("Cannot create recv thread.");
return -1;
}
}
{
errorStr = "Cannot create thread.";
printfd(__FILE__, "Cannot create timeouter thread\n");
+ logger("Cannot create timeouter thread.");
return -1;
}
}
//5 seconds to thread stops itself
for (int i = 0; i < 25 && isRunningRun; i++)
{
- usleep(200000);
- }
-
- //after 5 seconds waiting thread still running. now killing it
- if (isRunningRun)
- {
- //TODO pthread_cancel()
- if (pthread_kill(recvThread, SIGINT))
- {
- errorStr = "Cannot kill thread.";
- printfd(__FILE__, "Cannot kill thread\n");
- return -1;
- }
- for (int i = 0; i < 25 && isRunningRun; ++i)
- usleep(200000);
- if (isRunningRun)
- {
- printfd(__FILE__, "Failed to stop recv thread\n");
- }
- else
- {
- pthread_join(recvThread, NULL);
- }
- printfd(__FILE__, "AUTH_IA killed Run\n");
+ struct timespec ts = {0, 200000000};
+ nanosleep(&ts, NULL);
}
}
//5 seconds to thread stops itself
for (int i = 0; i < 25 && isRunningRunTimeouter; i++)
{
- usleep(200000);
- }
-
- //after 5 seconds waiting thread still running. now killing it
- if (isRunningRunTimeouter)
- {
- //TODO pthread_cancel()
- if (pthread_kill(timeouterThread, SIGINT))
- {
- errorStr = "Cannot kill thread.";
- return -1;
- }
- for (int i = 0; i < 25 && isRunningRunTimeouter; ++i)
- usleep(200000);
- if (isRunningRunTimeouter)
- {
- printfd(__FILE__, "Failed to stop timeouter thread\n");
- }
- else
- {
- pthread_join(timeouterThread, NULL);
- }
- printfd(__FILE__, "AUTH_IA killed Timeouter\n");
+ struct timespec ts = {0, 200000000};
+ nanosleep(&ts, NULL);
}
}
-printfd(__FILE__, "AUTH_IA::Stoped successfully.\n");
+
users->DelNotifierUserDel(&onDelUserNotifier);
+
+if (isRunningRun || isRunningRunTimeouter)
+ return -1;
+
+printfd(__FILE__, "AUTH_IA::Stoped successfully.\n");
return 0;
}
//-----------------------------------------------------------------------------
void * AUTH_IA::Run(void * d)
{
+sigset_t signalSet;
+sigfillset(&signalSet);
+pthread_sigmask(SIG_BLOCK, &signalSet, NULL);
+
AUTH_IA * ia = static_cast<AUTH_IA *>(d);
ia->isRunningRun = true;
//-----------------------------------------------------------------------------
void * AUTH_IA::RunTimeouter(void * d)
{
+sigset_t signalSet;
+sigfillset(&signalSet);
+pthread_sigmask(SIG_BLOCK, &signalSet, NULL);
+
AUTH_IA * ia = static_cast<AUTH_IA *>(d);
ia->isRunningRunTimeouter = true;
string monFile = ia->stgSettings->GetMonitorDir() + "/inetaccess_t";
while (ia->nonstop)
{
- usleep(20000);
+ struct timespec ts = {0, 20000000};
+ nanosleep(&ts, NULL);
ia->Timeouter();
- // TODO cahange counter to timer and MONITOR_TIME_DELAY_SEC
- if (++a % (50*60) == 0 && ia->stgSettings->GetMonitoring())
+ // TODO change counter to timer and MONITOR_TIME_DELAY_SEC
+ if (++a % (50 * 60) == 0 && ia->stgSettings->GetMonitoring())
{
TouchFile(monFile.c_str());
}
if (listenSocket < 0)
{
errorStr = "Cannot create socket.";
+ logger("Cannot create a socket: %s", strerror(errno));
return -1;
}
if (bind(listenSocket, (struct sockaddr*)&listenAddr, sizeof(listenAddr)) < 0)
{
errorStr = "AUTH_IA: Bind failed.";
+ logger("Cannot bind the socket: %s", strerror(errno));
return -1;
}
-/*int buffLen;
-if (getsockopt(listenSocket, SOL_SOCKET, SO_SNDBUF, &buffLen, sizeof(buffLen)) < 0)
- {
-
- errorStr = "Getsockopt failed. " + string(strerror(errno));
- return -1;
- }*/
-
-//WriteServLog("buffLen = %d", buffLen);
-
return 0;
}
//-----------------------------------------------------------------------------
if (errno != EINTR)
{
printfd(__FILE__, "recvfrom res=%d, error: '%s'\n", dataLen, strerror(errno));
+ logger("recvfrom error: %s", strerror(errno));
return -1;
}
return 0;
Decrypt(&ctxS, login, buffer + 8, PASSWD_LEN / 8);
-uint32_t sip = *((uint32_t*)&outerAddr.sin_addr);
+uint32_t sip = outerAddr.sin_addr.s_addr;
uint16_t sport = htons(outerAddr.sin_port);
USER_PTR user;
-if (users->FindByName(login, &user) == 0)
+if (users->FindByName(login, &user))
{
- printfd(__FILE__, "User %s FOUND!\n", user->GetLogin().c_str());
- PacketProcessor(buffer, dataLen, sip, sport, protoVer, &user);
+ logger("User's connect failed: user '%s' not found. IP %s",
+ login,
+ inet_ntostring(sip).c_str());
+ printfd(__FILE__, "User '%s' NOT found!\n", login);
+ SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ!");
+ return -1;
}
-else
+
+printfd(__FILE__, "User '%s' FOUND!\n", user->GetLogin().c_str());
+
+if (user->GetProperty().disabled.Get())
{
- WriteServLog("User\'s connect failed:: user \'%s\' not found. IP \'%s\'",
- login,
- inet_ntostring(sip).c_str());
- printfd(__FILE__, "User %s NOT found!\n", login);
- SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!");
+ logger("Cannont authorize '%s', user is disabled.", login);
+ SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ");
+ return 0;
}
-return 0;
+if (user->GetProperty().passive.Get())
+ {
+ logger("Cannont authorize '%s', user is passive.", login);
+ SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ");
+ return 0;
+ }
+
+if (!user->GetProperty().ips.Get().IsIPInIPS(sip))
+ {
+ printfd(__FILE__, "User %s. IP address is incorrect. IP %s\n",
+ user->GetLogin().c_str(), inet_ntostring(sip).c_str());
+ logger("User %s. IP address is incorrect. IP %s",
+ user->GetLogin().c_str(), inet_ntostring(sip).c_str());
+ SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ.");
+ return 0;
+ }
+return PacketProcessor(buffer, dataLen, sip, sport, protoVer, user);
}
//-----------------------------------------------------------------------------
int AUTH_IA::CheckHeader(const char * buffer, int * protoVer)
{
it->second.phase.SetPhase1();
printfd(__FILE__, "Phase changed from 2 to 1. Reason: timeout\n");
+ ip2user.erase(it++);
+ continue;
}
if (it->second.phase.GetPhase() == 3)
if ((currTime - it->second.phase.GetTime()) > iaSettings.GetUserTimeout())
{
- it->second.user->Unauthorize(this);
+ users->Unauthorize(it->second.user->GetLogin(), this);
ip2user.erase(it++);
continue;
}
return 0;
}
//-----------------------------------------------------------------------------
-int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR * user)
+int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR user)
{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-// ôÕÔ ÓÏÂÒÁÎÙ ÏÂÒÁÂÏÔÞÉËÉ ÒÁÚÎÙÈ ÐÁËÅÔÏ×
-int pn = -1;
+std::string login(user->GetLogin());
const int offset = LOGIN_LEN + 2 + 6; // LOGIN_LEN + sizeOfMagic + sizeOfVer;
-IA_USER * iaUser = NULL;
-
-CONN_SYN_6 * connSyn6;
-CONN_SYN_7 * connSyn7;
-CONN_SYN_8 * connSyn8;
-
-CONN_ACK_6 * connAck;
-ALIVE_ACK_6 * aliveAck;
-DISCONN_SYN_6 * disconnSyn;
-DISCONN_ACK_6 * disconnAck;
-
-map<uint32_t, IA_USER>::iterator it;
-it = ip2user.find(sip);
+STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+map<uint32_t, IA_USER>::iterator it(ip2user.find(sip));
-if (it == ip2user.end() || (*user)->GetID() != it->second.user->GetID())
+if (it == ip2user.end())
{
- // åÝÅ ÎÅ ÂÙÌÏ ÚÁÐÒÏÓÏ× Ó ÜÔÏÇÏ IP
- printfd(__FILE__, "Add new user\n");
- ip2user[sip].protoVer = protoVer;
- ip2user[sip].user = *user;
- ip2user[sip].port = sport;
- #ifdef IA_PHASE_DEBUG
- ip2user[sip].phase.SetLogFileName(stgSettings->GetLogFileName());
- ip2user[sip].phase.SetUserLogin((*user)->GetLogin());
- #endif
-
-
- it = ip2user.find(sip); //TODO
- if (it == ip2user.end())
+ USER_PTR userPtr;
+ if (!users->FindByIPIdx(sip, &userPtr))
{
- printfd(__FILE__, "+++ ERROR +++\n");
- return -1;
+ if (userPtr->GetID() != user->GetID())
+ {
+ printfd(__FILE__, "IP address already in use by user '%s'. IP %s, login: '%s'\n",
+ userPtr->GetLogin().c_str(),
+ inet_ntostring(sip).c_str(),
+ login.c_str());
+ logger("IP address is already in use by user '%s'. IP %s, login: '%s'",
+ userPtr->GetLogin().c_str(),
+ inet_ntostring(sip).c_str(),
+ login.c_str());
+ SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!");
+ return 0;
+ }
}
- }
-iaUser = &(it->second);
+ printfd(__FILE__, "Add new user '%s' from ip %s\n",
+ login.c_str(), inet_ntostring(sip).c_str());
+ std::pair<std::map<uint32_t, IA_USER>::iterator, bool> res;
+ res = ip2user.insert(std::make_pair(sip, IA_USER(login, user, sport, protoVer)));
+ it = res.first;
+ #ifdef IA_PHASE_DEBUG
+ it->second.phase.SetLogFileName(stgSettings->GetLogFileName());
+ it->second.phase.SetUserLogin(login);
+ #endif
+ }
+else if (user->GetID() != it->second.user->GetID())
+ {
+ printfd(__FILE__, "IP address already in use by user '%s'. IP %s, login: '%s'\n",
+ it->second.user->GetLogin().c_str(),
+ inet_ntostring(sip).c_str(),
+ user->GetLogin().c_str());
+ logger("IP address is already in use by user '%s'. IP %s, login: '%s'",
+ it->second.user->GetLogin().c_str(),
+ inet_ntostring(sip).c_str(),
+ user->GetLogin().c_str());
+ SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!");
+ return 0;
+ }
-if (iaUser->port != sport)
- iaUser->port = sport;
+IA_USER * iaUser = &(it->second);
-if (iaUser->password != (*user)->GetProperty().password.Get())
+if (iaUser->password != user->GetProperty().password.Get())
{
- InitEncrypt(&iaUser->ctx, (*user)->GetProperty().password.Get());
- iaUser->password = (*user)->GetProperty().password.Get();
+ InitEncrypt(&iaUser->ctx, user->GetProperty().password.Get());
+ iaUser->password = user->GetProperty().password.Get();
}
buff += offset;
strncpy(packetName, buff + 4, IA_MAX_TYPE_LEN);
packetName[IA_MAX_TYPE_LEN - 1] = 0;
-map<string, int>::iterator pi;
-pi = packetTypes.find(packetName);
+map<string, int>::iterator pi(packetTypes.find(packetName));
if (pi == packetTypes.end())
{
SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!");
printfd(__FILE__, "Login or password is wrong!\n");
- WriteServLog("User's connect failed. IP \'%s\'. Wrong login or password", inet_ntostring(sip).c_str());
- return 0;
- }
-else
- {
- pn = pi->second;
- }
-
-if ((*user)->GetProperty().disabled.Get())
- {
- SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ");
- return 0;
- }
-
-if ((*user)->GetProperty().passive.Get())
- {
- SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ");
+ logger("User's connect failed. User: '%s', ip %s. Wrong login or password",
+ login.c_str(),
+ inet_ntostring(sip).c_str());
+ ip2user.erase(it);
return 0;
}
-if ((*user)->GetAuthorized() && (*user)->GetCurrIP() != sip)
+if (user->IsAuthorizedBy(this) && user->GetCurrIP() != sip)
{
- printfd(__FILE__, "Login %s alredy in use. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
- WriteServLog("Login %s alredy in use. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
+ printfd(__FILE__, "Login %s already in use from ip %s. IP %s\n",
+ login.c_str(), inet_ntostring(user->GetCurrIP()).c_str(),
+ inet_ntostring(sip).c_str());
+ logger("Login '%s' is already in use from ip %s. IP %s",
+ login.c_str(),
+ inet_ntostring(user->GetCurrIP()).c_str(),
+ inet_ntostring(sip).c_str());
SendError(sip, sport, protoVer, "÷ÁÛ ÌÏÇÉÎ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!");
+ ip2user.erase(it);
return 0;
}
-USER_PTR u;
-if (users->FindByIPIdx(sip, &u) == 0 && u->GetLogin() != (*user)->GetLogin())
- {
- printfd(__FILE__, "IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str());
- WriteServLog("IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str());
- SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!");
- return 0;
- }
-
-// ôÅÐÅÒØ ÍÙ ÄÏÌÖÎÙ ÐÒÏ×ÅÒÉÔØ, ÍÏÖÅÔ ÌÉ ÐÏÌØÚÏ×ÁÔÅÌØ ÐÏÄËÌÀÞÉÔÓÑ Ó ÜÔÏÇÏ ÁÄÒÅÓÁ.
-int ipFound = (*user)->GetProperty().ips.Get().IsIPInIPS(sip);
-if (!ipFound)
- {
- printfd(__FILE__, "User %s. IP address is incorrect. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
- WriteServLog("User %s. IP address is incorrect. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
- SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ.");
- return 0;
- }
-
-int ret = -1;
-
-switch (pn)
+switch (pi->second)
{
case CONN_SYN_N:
switch (protoVer)
{
case 6:
- connSyn6 = (CONN_SYN_6*)(buff - offset);
- ret = Process_CONN_SYN_6(connSyn6, &(it->second), sip);
- break;
- case 7:
- connSyn7 = (CONN_SYN_7*)(buff - offset);
- ret = Process_CONN_SYN_7(connSyn7, &(it->second), sip);
- break;
- case 8:
- connSyn8 = (CONN_SYN_8*)(buff - offset);
- ret = Process_CONN_SYN_8(connSyn8, &(it->second), sip);
- break;
- }
-
- if (ret != 0)
- {
- return 0;
- }
- switch (protoVer)
- {
- case 6:
- Send_CONN_SYN_ACK_6(iaUser, sip);
- break;
+ if (Process_CONN_SYN_6((CONN_SYN_6 *)(buff - offset), &(it->second), sip))
+ return -1;
+ return Send_CONN_SYN_ACK_6(iaUser, sip);
case 7:
- Send_CONN_SYN_ACK_7(iaUser, sip);
- break;
+ if (Process_CONN_SYN_7((CONN_SYN_7 *)(buff - offset), &(it->second), sip))
+ return -1;
+ return Send_CONN_SYN_ACK_7(iaUser, sip);
case 8:
- Send_CONN_SYN_ACK_8(iaUser, sip);
- break;
+ if (Process_CONN_SYN_8((CONN_SYN_8 *)(buff - offset), &(it->second), sip))
+ return -1;
+ return Send_CONN_SYN_ACK_8(iaUser, sip);
}
break;
case CONN_ACK_N:
- connAck = (CONN_ACK_6*)(buff - offset);
- switch (protoVer)
- {
- case 6:
- ret = Process_CONN_ACK_6(connAck, iaUser, sip);
- break;
- case 7:
- ret = Process_CONN_ACK_7(connAck, iaUser, sip);
- break;
- case 8:
- ret = Process_CONN_ACK_8((CONN_ACK_8*)(buff - offset), iaUser, sip);
- break;
- }
-
- if (ret != 0)
- {
- SendError(sip, sport, protoVer, errorStr);
- return 0;
- }
-
switch (protoVer)
{
case 6:
- Send_ALIVE_SYN_6(iaUser, sip);
- break;
+ if (Process_CONN_ACK_6((CONN_ACK_6 *)(buff - offset), iaUser, sip))
+ return -1;
+ return Send_ALIVE_SYN_6(iaUser, sip);
case 7:
- Send_ALIVE_SYN_7(iaUser, sip);
- break;
+ if (Process_CONN_ACK_7((CONN_ACK_6 *)(buff - offset), iaUser, sip))
+ return -1;
+ return Send_ALIVE_SYN_7(iaUser, sip);
case 8:
- Send_ALIVE_SYN_8(iaUser, sip);
- break;
+ if (Process_CONN_ACK_8((CONN_ACK_8 *)(buff - offset), iaUser, sip))
+ return -1;
+ return Send_ALIVE_SYN_8(iaUser, sip);
}
-
break;
- // ðÒÉÂÙÌ ÏÔ×ÅÔ Ó ÐÏÄÔ×ÅÒÖÄÅÎÉÅÍ ALIVE
case ALIVE_ACK_N:
- aliveAck = (ALIVE_ACK_6*)(buff - offset);
switch (protoVer)
{
case 6:
- ret = Process_ALIVE_ACK_6(aliveAck, iaUser, sip);
- break;
+ return Process_ALIVE_ACK_6((ALIVE_ACK_6 *)(buff - offset), iaUser, sip);
case 7:
- ret = Process_ALIVE_ACK_7(aliveAck, iaUser, sip);
- break;
+ return Process_ALIVE_ACK_7((ALIVE_ACK_6 *)(buff - offset), iaUser, sip);
case 8:
- ret = Process_ALIVE_ACK_8((ALIVE_ACK_8*)(buff - offset), iaUser, sip);
- break;
+ return Process_ALIVE_ACK_8((ALIVE_ACK_8 *)(buff - offset), iaUser, sip);
}
break;
- // úÁÐÒÏÓ ÎÁ ÏÔËÌÀÞÅÎÉÅ
case DISCONN_SYN_N:
-
- disconnSyn = (DISCONN_SYN_6*)(buff - offset);
- switch (protoVer)
- {
- case 6:
- ret = Process_DISCONN_SYN_6(disconnSyn, iaUser, sip);
- break;
- case 7:
- ret = Process_DISCONN_SYN_7(disconnSyn, iaUser, sip);
- break;
- case 8:
- ret = Process_DISCONN_SYN_8((DISCONN_SYN_8*)(buff - offset), iaUser, sip);
- break;
- }
-
- if (ret != 0)
- return 0;
-
switch (protoVer)
{
case 6:
- Send_DISCONN_SYN_ACK_6(iaUser, sip);
- break;
+ if (Process_DISCONN_SYN_6((DISCONN_SYN_6 *)(buff - offset), iaUser, sip))
+ return -1;
+ return Send_DISCONN_SYN_ACK_6(iaUser, sip);
case 7:
- Send_DISCONN_SYN_ACK_7(iaUser, sip);
- break;
+ if (Process_DISCONN_SYN_7((DISCONN_SYN_6 *)(buff - offset), iaUser, sip))
+ return -1;
+ return Send_DISCONN_SYN_ACK_7(iaUser, sip);
case 8:
- Send_DISCONN_SYN_ACK_8(iaUser, sip);
- break;
+ if (Process_DISCONN_SYN_8((DISCONN_SYN_8 *)(buff - offset), iaUser, sip))
+ return -1;
+ return Send_DISCONN_SYN_ACK_8(iaUser, sip);
}
break;
case DISCONN_ACK_N:
- disconnAck = (DISCONN_ACK_6*)(buff - offset);
-
switch (protoVer)
{
case 6:
- ret = Process_DISCONN_ACK_6(disconnAck, iaUser, sip, it);
- break;
+ if (Process_DISCONN_ACK_6((DISCONN_ACK_6 *)(buff - offset), iaUser, sip, it))
+ return -1;
+ return Send_FIN_6(iaUser, sip, it);
case 7:
- ret = Process_DISCONN_ACK_7(disconnAck, iaUser, sip, it);
- break;
+ if (Process_DISCONN_ACK_7((DISCONN_ACK_6 *)(buff - offset), iaUser, sip, it))
+ return -1;
+ return Send_FIN_7(iaUser, sip, it);
case 8:
- ret = Process_DISCONN_ACK_8((DISCONN_ACK_8*)(buff - offset), iaUser, sip, it);
- break;
- }
-
- switch (protoVer)
- {
- case 6:
- Send_FIN_6(iaUser, sip, it);
- break;
- case 7:
- Send_FIN_7(iaUser, sip, it);
- break;
- case 8:
- Send_FIN_8(iaUser, sip, it);
- break;
+ if (Process_DISCONN_ACK_8((DISCONN_ACK_8 *)(buff - offset), iaUser, sip, it))
+ return -1;
+ return Send_FIN_8(iaUser, sip, it);
}
break;
}
-return 0;
+return -1;
}
//-----------------------------------------------------------------------------
void AUTH_IA::DelUser(USER_PTR u)
{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
uint32_t ip = u->GetCurrIP();
return;
map<uint32_t, IA_USER>::iterator it;
+
+STG_LOCKER lock(&mutex, __FILE__, __LINE__);
it = ip2user.find(ip);
if (it == ip2user.end())
{
if (it->second.user == u)
{
printfd(__FILE__, "User removed!\n");
- it->second.user->Unauthorize(this);
+ users->Unauthorize(u->GetLogin(), this);
ip2user.erase(it);
}
}
sendAddr.sin_family = AF_INET;
sendAddr.sin_port = htons(port);
-
- sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ
+ sendAddr.sin_addr.s_addr = ip;
err.len = 1;
strncpy((char*)err.type, "ERR", 16);
sendAddr.sin_family = AF_INET;
sendAddr.sin_port = htons(port);
-
- sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ
+ sendAddr.sin_addr.s_addr = ip;
err8.len = 256;
strncpy((char*)err8.type, "ERR", 16);
int AUTH_IA::Send(uint32_t ip, uint16_t port, const char * buffer, int len)
{
struct sockaddr_in sendAddr;
-int res;
sendAddr.sin_family = AF_INET;
sendAddr.sin_port = htons(port);
sendAddr.sin_addr.s_addr = ip;
-res = sendto(listenSocket, buffer, len, 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr));
+int res = sendto(listenSocket, buffer, len, 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr));
-static struct timeval tv;
-gettimeofday(&tv, NULL);
+if (res == len)
+ return 0;
-return res;
+return -1;
}
//-----------------------------------------------------------------------------
int AUTH_IA::SendMessage(const STG_MSG & msg, uint32_t ip) const
{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-
printfd(__FILE__, "SendMessage userIP=%s\n", inet_ntostring(ip).c_str());
map<uint32_t, IA_USER>::iterator it;
+
+STG_LOCKER lock(&mutex, __FILE__, __LINE__);
it = ip2user.find(ip);
if (it == ip2user.end())
{
//-----------------------------------------------------------------------------
int AUTH_IA::RealSendMessage6(const STG_MSG & msg, uint32_t ip, IA_USER & user)
{
-printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.user->GetLogin().c_str());
+printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.login.c_str());
-char buffer[256];
INFO_6 info;
-
memset(&info, 0, sizeof(INFO_6));
info.len = 256;
SwapBytes(info.len);
#endif
+char buffer[256];
memcpy(buffer, &info, sizeof(INFO_6));
Encrypt(&user.ctx, buffer, buffer, len / 8);
-Send(ip, iaSettings.GetUserPort(), buffer, len);
-
-return 0;
+return Send(ip, iaSettings.GetUserPort(), buffer, len);
}
//-----------------------------------------------------------------------------
int AUTH_IA::RealSendMessage7(const STG_MSG & msg, uint32_t ip, IA_USER & user)
{
-printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.user->GetLogin().c_str());
+printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.login.c_str());
-char buffer[300];
INFO_7 info;
-
memset(&info, 0, sizeof(INFO_7));
info.len = 264;
strncpy((char*)info.type, "INFO_7", 16);
info.infoType = msg.header.type;
info.showTime = msg.header.showTime;
-
info.sendTime = msg.header.creationTime;
size_t len = info.len;
strncpy((char*)info.text, msg.text.c_str(), MAX_MSG_LEN - 1);
info.text[MAX_MSG_LEN - 1] = 0;
+char buffer[300];
memcpy(buffer, &info, sizeof(INFO_7));
Encrypt(&user.ctx, buffer, buffer, len / 8);
-Send(ip, iaSettings.GetUserPort(), buffer, len);
-
-return 0;
+return Send(ip, iaSettings.GetUserPort(), buffer, len);
}
//-----------------------------------------------------------------------------
int AUTH_IA::RealSendMessage8(const STG_MSG & msg, uint32_t ip, IA_USER & user)
{
-printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.user->GetLogin().c_str());
-
-char buffer[1500];
-memset(buffer, 0, sizeof(buffer));
+printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.login.c_str());
INFO_8 info;
-
memset(&info, 0, sizeof(INFO_8));
info.len = 1056;
SwapBytes(info.sendTime);
#endif
+char buffer[1500];
memcpy(buffer, &info, sizeof(INFO_8));
Encrypt(&user.ctx, buffer, buffer, len / 8);
-Send(ip, user.port, buffer, len);
-
-return 0;
+return Send(ip, user.port, buffer, len);
}
//-----------------------------------------------------------------------------
int AUTH_IA::Process_CONN_SYN_6(CONN_SYN_6 *, IA_USER * iaUser, uint32_t)
SwapBytes(connAck->rnd);
#endif
printfd( __FILE__, "CONN_ACK_6 %s\n", connAck->type);
-// ÕÓÔÁÎÏ×ÉÔØ ÎÏ×ÕÀ ÆÁÚÕ É ×ÒÅÍÑ É ÒÁÚÒÅÛÉÔØ ÉÎÅÔ
+
if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1))
{
iaUser->phase.UpdateTime();
iaUser->lastSendAlive = iaUser->phase.GetTime();
- if (iaUser->user->Authorize(sip, enabledDirs, this) == 0)
+ if (users->Authorize(iaUser->login, sip, enabledDirs, this))
{
iaUser->phase.SetPhase3();
printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_6\n");
{
errorStr = iaUser->user->GetStrError();
iaUser->phase.SetPhase1();
+ ip2user.erase(sip);
printfd(__FILE__, "Phase changed from 2 to 1. Reason: failed to authorize user\n");
return -1;
}
{
iaUser->phase.UpdateTime();
iaUser->lastSendAlive = iaUser->phase.GetTime();
- if (iaUser->user->Authorize(sip, enabledDirs, this) == 0)
+ if (users->Authorize(iaUser->login, sip, enabledDirs, this))
{
iaUser->phase.SetPhase3();
printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_8\n");
{
errorStr = iaUser->user->GetStrError();
iaUser->phase.SetPhase1();
+ ip2user.erase(sip);
printfd(__FILE__, "Phase changed from 2 to 1. Reason: failed to authorize user\n");
return -1;
}
Encrypt(&iaUser->ctx, (char*)&connSynAck8, (char*)&connSynAck8, Min8(sizeof(CONN_SYN_ACK_8))/8);
return Send(sip, iaUser->port, (char*)&connSynAck8, Min8(sizeof(CONN_SYN_ACK_8)));
-//return Send(sip, iaUser->port, (char*)&connSynAck8, 384);
}
//-----------------------------------------------------------------------------
int AUTH_IA::Send_ALIVE_SYN_6(IA_USER * iaUser, uint32_t sip)
aliveSyn6.md[dn],
dn,
stgTime);
- p *= (1024 * 1024);
- if (p == 0)
+ p *= 1024 * 1024;
+ if (std::fabs(p) < 1.0e-3)
{
snprintf((char*)aliveSyn6.freeMb, IA_FREEMB_LEN, "---");
}
#ifdef IA_DEBUG
if (iaUser->aliveSent)
{
- printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->user->GetLogin().c_str());
+ printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->login.c_str());
}
iaUser->aliveSent = true;
#endif
aliveSyn8.md[dn],
dn,
stgTime);
- p *= (1024 * 1024);
- if (p == 0)
+ p *= 1024 * 1024;
+ if (std::fabs(p) < 1.0e-3)
{
snprintf((char*)aliveSyn8.freeMb, IA_FREEMB_LEN, "---");
}
Encrypt(&iaUser->ctx, (char*)&fin6, (char*)&fin6, Min8(sizeof(fin6))/8);
-iaUser->user->Unauthorize(this);
+users->Unauthorize(iaUser->login, this);
+
+int res = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6)));
-int ret = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6)));
ip2user.erase(it);
-return ret;
+
+return res;
}
//-----------------------------------------------------------------------------
int AUTH_IA::Send_FIN_7(IA_USER * iaUser, uint32_t sip, map<uint32_t, IA_USER>::iterator it)
Encrypt(&iaUser->ctx, (char*)&fin8, (char*)&fin8, Min8(sizeof(fin8))/8);
-iaUser->user->Unauthorize(this);
-
-int ret = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8)));
-ip2user.erase(it);
-return ret;
-}
-//-----------------------------------------------------------------------------
-bool AUTH_IA::WaitPackets(int sd) const
-{
-fd_set rfds;
-FD_ZERO(&rfds);
-FD_SET(sd, &rfds);
-
-struct timeval tv;
-tv.tv_sec = 0;
-tv.tv_usec = 500000;
+users->Unauthorize(iaUser->login, this);
-int res = select(sd + 1, &rfds, NULL, NULL, &tv);
-if (res == -1) // Error
- {
- if (errno != EINTR)
- {
- printfd(__FILE__, "Error on select: '%s'\n", strerror(errno));
- }
- return false;
- }
+int res = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8)));
-if (res == 0) // Timeout
- {
- return false;
- }
+ip2user.erase(it);
-return true;
+return res;
}
//-----------------------------------------------------------------------------
inline
void InitEncrypt(BLOWFISH_CTX * ctx, const string & password)
{
-unsigned char keyL[PASSWD_LEN]; // ðÁÒÏÌØ ÄÌÑ ÛÉÆÒÏ×ËÉ
+unsigned char keyL[PASSWD_LEN];
memset(keyL, 0, PASSWD_LEN);
strncpy((char *)keyL, password.c_str(), PASSWD_LEN);
Blowfish_Init(ctx, keyL, PASSWD_LEN);
inline
void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8)
{
-// len8 - ÄÌÉÎÁ × 8-ÍÉ ÂÁÊÔÏ×ÙÈ ÂÌÏËÁÈ
-
for (int i = 0; i < len8; i++)
DecodeString(dst + i * 8, src + i * 8, ctx);
}
inline
void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8)
{
-// len8 - ÄÌÉÎÁ × 8-ÍÉ ÂÁÊÔÏ×ÙÈ ÂÌÏËÁÈ
-
for (int i = 0; i < len8; i++)
EncodeString(dst + i * 8, src + i * 8, ctx);
}