#include <sys/types.h>
#include <sys/socket.h>
-#include <sys/select.h>
#include <unistd.h> // usleep, close
#include <csignal>
#include "stg/tariff.h"
#include "stg/user_property.h"
#include "stg/settings.h"
+#include "stg/plugin_creator.h"
#include "inetaccess.h"
extern volatile const time_t stgTime;
void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8);
void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8);
-//-----------------------------------------------------------------------------
-class IA_CREATOR
-{
-private:
- AUTH_IA * ia;
-
-public:
- IA_CREATOR()
- : ia(new AUTH_IA())
- {
- };
- ~IA_CREATOR()
- {
- delete ia;
- };
-
- AUTH_IA * GetPlugin()
- {
- return ia;
- };
-};
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
-IA_CREATOR iac;
+PLUGIN_CREATOR<AUTH_IA> iac;
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
{
}
//-----------------------------------------------------------------------------
-int AUTH_IA_SETTINGS::ParseIntInRange(const string & str, int min, int max, int * val)
-{
-if (str2x(str.c_str(), *val))
- {
- errorStr = "Incorrect value \'" + str + "\'.";
- return -1;
- }
-if (*val < min || *val > max)
- {
- errorStr = "Value \'" + str + "\' out of range.";
- return -1;
- }
-return 0;
-}
-//-----------------------------------------------------------------------------
int AUTH_IA_SETTINGS::ParseSettings(const MODULE_SETTINGS & s)
{
int p;
{
usleep(20000);
ia->Timeouter();
- // TODO cahange counter to timer and MONITOR_TIME_DELAY_SEC
- if (++a % (50*60) == 0 && ia->stgSettings->GetMonitoring())
+ // TODO change counter to timer and MONITOR_TIME_DELAY_SEC
+ if (++a % (50 * 60) == 0 && ia->stgSettings->GetMonitoring())
{
TouchFile(monFile.c_str());
}
if (users->FindByName(login, &user) == 0)
{
printfd(__FILE__, "User %s FOUND!\n", user->GetLogin().c_str());
- PacketProcessor(buffer, dataLen, sip, sport, protoVer, &user);
+ PacketProcessor(buffer, dataLen, sip, sport, protoVer, user);
}
else
{
if ((currTime - it->second.phase.GetTime()) > iaSettings.GetUserTimeout())
{
- it->second.user->Unauthorize(this);
+ users->Unauthorize(it->second.user->GetLogin(), this);
ip2user.erase(it++);
continue;
}
return 0;
}
//-----------------------------------------------------------------------------
-int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR * user)
+int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR user)
{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::string login(user->GetLogin());
// ôÕÔ ÓÏÂÒÁÎÙ ÏÂÒÁÂÏÔÞÉËÉ ÒÁÚÎÙÈ ÐÁËÅÔÏ×
-int pn = -1;
const int offset = LOGIN_LEN + 2 + 6; // LOGIN_LEN + sizeOfMagic + sizeOfVer;
IA_USER * iaUser = NULL;
DISCONN_SYN_6 * disconnSyn;
DISCONN_ACK_6 * disconnAck;
-map<uint32_t, IA_USER>::iterator it;
-it = ip2user.find(sip);
+STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+map<uint32_t, IA_USER>::iterator it(ip2user.find(sip));
-if (it == ip2user.end() || (*user)->GetID() != it->second.user->GetID())
+if (it == ip2user.end())
{
// åÝÅ ÎÅ ÂÙÌÏ ÚÁÐÒÏÓÏ× Ó ÜÔÏÇÏ IP
printfd(__FILE__, "Add new user\n");
+ ip2user[sip].login = user->GetLogin();
+ ip2user[sip].user = user;
ip2user[sip].protoVer = protoVer;
- ip2user[sip].user = *user;
ip2user[sip].port = sport;
#ifdef IA_PHASE_DEBUG
ip2user[sip].phase.SetLogFileName(stgSettings->GetLogFileName());
- ip2user[sip].phase.SetUserLogin((*user)->GetLogin());
+ ip2user[sip].phase.SetUserLogin(login);
#endif
return -1;
}
}
+else if (user->GetID() != it->second.user->GetID())
+ {
+ printfd(__FILE__, "IP address already in use. IP \'%s\'\n", inet_ntostring(sip).c_str());
+ WriteServLog("IP address already in use. IP \'%s\'", inet_ntostring(sip).c_str());
+ SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!");
+ return 0;
+ }
iaUser = &(it->second);
if (iaUser->port != sport)
iaUser->port = sport;
-if (iaUser->password != (*user)->GetProperty().password.Get())
+if (iaUser->password != user->GetProperty().password.Get())
{
- InitEncrypt(&iaUser->ctx, (*user)->GetProperty().password.Get());
- iaUser->password = (*user)->GetProperty().password.Get();
+ InitEncrypt(&iaUser->ctx, user->GetProperty().password.Get());
+ iaUser->password = user->GetProperty().password.Get();
}
buff += offset;
strncpy(packetName, buff + 4, IA_MAX_TYPE_LEN);
packetName[IA_MAX_TYPE_LEN - 1] = 0;
-map<string, int>::iterator pi;
-pi = packetTypes.find(packetName);
+map<string, int>::iterator pi(packetTypes.find(packetName));
if (pi == packetTypes.end())
{
SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!");
WriteServLog("User's connect failed. IP \'%s\'. Wrong login or password", inet_ntostring(sip).c_str());
return 0;
}
-else
- {
- pn = pi->second;
- }
-if ((*user)->GetProperty().disabled.Get())
+if (user->GetProperty().disabled.Get())
{
SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ");
return 0;
}
-if ((*user)->GetProperty().passive.Get())
+if (user->GetProperty().passive.Get())
{
SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ");
return 0;
}
-if ((*user)->GetAuthorized() && (*user)->GetCurrIP() != sip)
+if (user->IsAuthorizedBy(this) && user->GetCurrIP() != sip)
{
- printfd(__FILE__, "Login %s already in use. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
- WriteServLog("Login %s already in use. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
+ printfd(__FILE__, "Login %s already in use. IP \'%s\'\n", login.c_str(), inet_ntostring(sip).c_str());
+ WriteServLog("Login %s already in use. IP \'%s\'", login.c_str(), inet_ntostring(sip).c_str());
SendError(sip, sport, protoVer, "÷ÁÛ ÌÏÇÉÎ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!");
return 0;
}
-USER_PTR u;
-if (users->FindByIPIdx(sip, &u) == 0 && u->GetLogin() != (*user)->GetLogin())
- {
- printfd(__FILE__, "IP address already in use. IP \'%s\'", inet_ntostring(sip).c_str());
- WriteServLog("IP address already in use. IP \'%s\'", inet_ntostring(sip).c_str());
- SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!");
- return 0;
- }
-
// ôÅÐÅÒØ ÍÙ ÄÏÌÖÎÙ ÐÒÏ×ÅÒÉÔØ, ÍÏÖÅÔ ÌÉ ÐÏÌØÚÏ×ÁÔÅÌØ ÐÏÄËÌÀÞÉÔÓÑ Ó ÜÔÏÇÏ ÁÄÒÅÓÁ.
-int ipFound = (*user)->GetProperty().ips.Get().IsIPInIPS(sip);
+int ipFound = user->GetProperty().ips.Get().IsIPInIPS(sip);
if (!ipFound)
{
- printfd(__FILE__, "User %s. IP address is incorrect. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
- WriteServLog("User %s. IP address is incorrect. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str());
+ printfd(__FILE__, "User %s. IP address is incorrect. IP \'%s\'\n", login.c_str(), inet_ntostring(sip).c_str());
+ WriteServLog("User %s. IP address is incorrect. IP \'%s\'", login.c_str(), inet_ntostring(sip).c_str());
SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ.");
return 0;
}
int ret = -1;
-switch (pn)
+switch (pi->second)
{
case CONN_SYN_N:
switch (protoVer)
if (it->second.user == u)
{
printfd(__FILE__, "User removed!\n");
- it->second.user->Unauthorize(this);
+ users->Unauthorize(u->GetLogin(), this);
ip2user.erase(it);
}
}
//-----------------------------------------------------------------------------
int AUTH_IA::RealSendMessage6(const STG_MSG & msg, uint32_t ip, IA_USER & user)
{
-printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.user->GetLogin().c_str());
+printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.login.c_str());
char buffer[256];
INFO_6 info;
//-----------------------------------------------------------------------------
int AUTH_IA::RealSendMessage7(const STG_MSG & msg, uint32_t ip, IA_USER & user)
{
-printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.user->GetLogin().c_str());
+printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.login.c_str());
char buffer[300];
INFO_7 info;
//-----------------------------------------------------------------------------
int AUTH_IA::RealSendMessage8(const STG_MSG & msg, uint32_t ip, IA_USER & user)
{
-printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.user->GetLogin().c_str());
+printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.login.c_str());
char buffer[1500];
memset(buffer, 0, sizeof(buffer));
iaUser->phase.UpdateTime();
iaUser->lastSendAlive = iaUser->phase.GetTime();
- if (iaUser->user->Authorize(sip, enabledDirs, this) == 0)
+ if (users->Authorize(iaUser->login, sip, enabledDirs, this))
{
iaUser->phase.SetPhase3();
printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_6\n");
{
iaUser->phase.UpdateTime();
iaUser->lastSendAlive = iaUser->phase.GetTime();
- if (iaUser->user->Authorize(sip, enabledDirs, this) == 0)
+ if (users->Authorize(iaUser->login, sip, enabledDirs, this))
{
iaUser->phase.SetPhase3();
printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_8\n");
#ifdef IA_DEBUG
if (iaUser->aliveSent)
{
- printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->user->GetLogin().c_str());
+ printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->login.c_str());
}
iaUser->aliveSent = true;
#endif
Encrypt(&iaUser->ctx, (char*)&fin6, (char*)&fin6, Min8(sizeof(fin6))/8);
-iaUser->user->Unauthorize(this);
+users->Unauthorize(iaUser->login, this);
int ret = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6)));
ip2user.erase(it);
Encrypt(&iaUser->ctx, (char*)&fin8, (char*)&fin8, Min8(sizeof(fin8))/8);
-iaUser->user->Unauthorize(this);
+users->Unauthorize(iaUser->login, this);
int ret = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8)));
ip2user.erase(it);
return ret;
}
//-----------------------------------------------------------------------------
-bool AUTH_IA::WaitPackets(int sd) const
-{
-fd_set rfds;
-FD_ZERO(&rfds);
-FD_SET(sd, &rfds);
-
-struct timeval tv;
-tv.tv_sec = 0;
-tv.tv_usec = 500000;
-
-int res = select(sd + 1, &rfds, NULL, NULL, &tv);
-if (res == -1) // Error
- {
- if (errno != EINTR)
- {
- printfd(__FILE__, "Error on select: '%s'\n", strerror(errno));
- }
- return false;
- }
-
-if (res == 0) // Timeout
- {
- return false;
- }
-
-return true;
-}
-//-----------------------------------------------------------------------------
inline
void InitEncrypt(BLOWFISH_CTX * ctx, const string & password)
{
git.stg.codes / stg.git / blobdiff