X-Git-Url: https://git.stg.codes/stg.git/blobdiff_plain/3a0773b72ce785fd13021f4624f525a23cd65f18..a258b9f408911f1a0e6f221180ee9993d100f58b:/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp diff --git a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp index 0319ef8d..9fc12ecc 100644 --- a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp +++ b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp @@ -30,44 +30,36 @@ #include #include +#include // usleep, close + #include #include +#include // snprintf +#include #include +#include "stg/common.h" +#include "stg/locker.h" +#include "stg/tariff.h" +#include "stg/user_property.h" +#include "stg/settings.h" +#include "stg/plugin_creator.h" #include "inetaccess.h" -#include "common.h" extern volatile const time_t stgTime; -//----------------------------------------------------------------------------- -class IA_CREATOR -{ -private: - AUTH_IA * ia; +void InitEncrypt(BLOWFISH_CTX * ctx, const string & password); +void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8); +void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8); -public: - IA_CREATOR() - : ia(new AUTH_IA()) - { - }; - ~IA_CREATOR() - { - delete ia; - }; - - AUTH_IA * GetPlugin() - { - return ia; - }; -}; //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- -IA_CREATOR iac; +PLUGIN_CREATOR iac; //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- -BASE_PLUGIN * GetPlugin() +PLUGIN * GetPlugin() { return iac.GetPlugin(); } @@ -82,21 +74,6 @@ AUTH_IA_SETTINGS::AUTH_IA_SETTINGS() { } //----------------------------------------------------------------------------- -int AUTH_IA_SETTINGS::ParseIntInRange(const string & str, int min, int max, int * val) -{ -if (str2x(str.c_str(), *val)) - { - errorStr = "Incorrect value \'" + str + "\'."; - return -1; - } -if (*val < min || *val > max) - { - errorStr = "Value \'" + str + "\' out of range."; - return -1; - } -return 0; -} -//----------------------------------------------------------------------------- int AUTH_IA_SETTINGS::ParseSettings(const MODULE_SETTINGS & s) { int p; @@ -236,8 +213,6 @@ void IA_PHASE::WritePhaseChange(int newPhase) UTIME newPhaseTime; gettimeofday(&newPhaseTime, NULL); flog = fopen(log.c_str(), "at"); -/*int64_t tn = newPhaseTime.GetSec()*1000000 + newPhaseTime.GetUSec(); -int64_t to = phaseTime.GetSec()*1000000 + phaseTime.GetUSec();*/ if (flog) { string action = newPhase == phase ? "U" : "C"; @@ -323,6 +298,9 @@ AUTH_IA::AUTH_IA() : nonstop(false), isRunningRun(false), isRunningRunTimeouter(false), + users(NULL), + stgSettings(NULL), + listenSocket(-1), WriteServLog(GetStgLogger()), enabledDirs(0xFFffFFff), onDelUserNotifier(*this) @@ -436,7 +414,6 @@ if (isRunningRun) //after 5 seconds waiting thread still running. now killing it if (isRunningRun) { - //TODO pthread_cancel() if (pthread_kill(recvThread, SIGINT)) { errorStr = "Cannot kill thread."; @@ -470,7 +447,6 @@ if (isRunningRunTimeouter) //after 5 seconds waiting thread still running. now killing it if (isRunningRunTimeouter) { - //TODO pthread_cancel() if (pthread_kill(timeouterThread, SIGINT)) { errorStr = "Cannot kill thread."; @@ -531,8 +507,8 @@ while (ia->nonstop) { usleep(20000); ia->Timeouter(); - // TODO cahange counter to timer and MONITOR_TIME_DELAY_SEC - if (++a % (50*60) == 0 && ia->stgSettings->GetMonitoring()) + // TODO change counter to timer and MONITOR_TIME_DELAY_SEC + if (++a % (50 * 60) == 0 && ia->stgSettings->GetMonitoring()) { TouchFile(monFile.c_str()); } @@ -572,16 +548,6 @@ if (bind(listenSocket, (struct sockaddr*)&listenAddr, sizeof(listenAddr)) < 0) return -1; } -/*int buffLen; -if (getsockopt(listenSocket, SOL_SOCKET, SO_SNDBUF, &buffLen, sizeof(buffLen)) < 0) - { - - errorStr = "Getsockopt failed. " + string(strerror(errno)); - return -1; - }*/ - -//WriteServLog("buffLen = %d", buffLen); - return 0; } //----------------------------------------------------------------------------- @@ -629,26 +595,45 @@ memset(login, 0, PASSWD_LEN); Decrypt(&ctxS, login, buffer + 8, PASSWD_LEN / 8); -uint32_t sip = *((uint32_t*)&outerAddr.sin_addr); +uint32_t sip = outerAddr.sin_addr.s_addr; uint16_t sport = htons(outerAddr.sin_port); -user_iter user; -if (users->FindByName(login, &user) == 0) - { - printfd(__FILE__, "User %s FOUND!\n", user->GetLogin().c_str()); - PacketProcessor(buffer, dataLen, sip, sport, protoVer, &user); - } -else +USER_PTR user; +if (users->FindByName(login, &user)) { - WriteServLog("User\'s connect failed:: user \'%s\' not found. IP \'%s\'", + WriteServLog("User's connect failed: user '%s' not found. IP %s", login, inet_ntostring(sip).c_str()); - printfd(__FILE__, "User %s NOT found!\n", login); - SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!"); + printfd(__FILE__, "User '%s' NOT found!\n", login); + SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ!"); + return -1; } -return 0; +printfd(__FILE__, "User '%s' FOUND!\n", user->GetLogin().c_str()); + +if (user->GetProperty().disabled.Get()) + { + SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ"); + return 0; + } + +if (user->GetProperty().passive.Get()) + { + SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ"); + return 0; + } +if (!user->GetProperty().ips.Get().IsIPInIPS(sip)) + { + printfd(__FILE__, "User %s. IP address is incorrect. IP %s\n", + user->GetLogin().c_str(), inet_ntostring(sip).c_str()); + WriteServLog("User %s. IP address is incorrect. IP %s", + user->GetLogin().c_str(), inet_ntostring(sip).c_str()); + SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ."); + return 0; + } + +return PacketProcessor(buffer, dataLen, sip, sport, protoVer, user); } //----------------------------------------------------------------------------- int AUTH_IA::CheckHeader(const char * buffer, int * protoVer) @@ -702,6 +687,8 @@ while (it != ip2user.end()) { it->second.phase.SetPhase1(); printfd(__FILE__, "Phase changed from 2 to 1. Reason: timeout\n"); + ip2user.erase(it++); + continue; } if (it->second.phase.GetPhase() == 3) @@ -740,7 +727,7 @@ while (it != ip2user.end()) if ((currTime - it->second.phase.GetTime()) > iaSettings.GetUserTimeout()) { - it->second.user->Unauthorize(this); + users->Unauthorize(it->second.user->GetLogin(), this); ip2user.erase(it++); continue; } @@ -759,57 +746,64 @@ while (it != ip2user.end()) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, user_iter * user) +int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR user) { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); -// ôÕÔ ÓÏÂÒÁÎÙ ÏÂÒÁÂÏÔÞÉËÉ ÒÁÚÎÙÈ ÐÁËÅÔÏ× -int pn = -1; +std::string login(user->GetLogin()); const int offset = LOGIN_LEN + 2 + 6; // LOGIN_LEN + sizeOfMagic + sizeOfVer; -IA_USER * iaUser = NULL; - -CONN_SYN_6 * connSyn6; -CONN_SYN_7 * connSyn7; -CONN_SYN_8 * connSyn8; - -CONN_ACK_6 * connAck; -ALIVE_ACK_6 * aliveAck; -DISCONN_SYN_6 * disconnSyn; -DISCONN_ACK_6 * disconnAck; - -map::iterator it; -it = ip2user.find(sip); +STG_LOCKER lock(&mutex, __FILE__, __LINE__); +map::iterator it(ip2user.find(sip)); -if (it == ip2user.end() || (*user)->GetID() != it->second.user->GetID()) +if (it == ip2user.end()) { - // åÝÅ ÎÅ ÂÙÌÏ ÚÁÐÒÏÓÏ× Ó ÜÔÏÇÏ IP - printfd(__FILE__, "Add new user\n"); - ip2user[sip].protoVer = protoVer; - ip2user[sip].user = *user; - ip2user[sip].port = sport; - #ifdef IA_PHASE_DEBUG - ip2user[sip].phase.SetLogFileName(stgSettings->GetLogFileName()); - ip2user[sip].phase.SetUserLogin((*user)->GetLogin()); - #endif - - - it = ip2user.find(sip); //TODO - if (it == ip2user.end()) + USER_PTR userPtr; + if (!users->FindByIPIdx(sip, &userPtr)) { - printfd(__FILE__, "+++ ERROR +++\n"); - return -1; + if (userPtr->GetID() != user->GetID()) + { + printfd(__FILE__, "IP address already in use by user '%s'. IP %s, login: '%s'\n", + userPtr->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + login.c_str()); + WriteServLog("IP address already in use by user '%s'. IP %s, login: '%s'", + userPtr->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + login.c_str()); + SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); + return 0; + } } - } -iaUser = &(it->second); + printfd(__FILE__, "Add new user '%s' from ip %s\n", + login.c_str(), inet_ntostring(sip).c_str()); + std::pair::iterator, bool> res; + res = ip2user.insert(std::make_pair(sip, IA_USER(login, user, sport, protoVer))); + it = res.first; + #ifdef IA_PHASE_DEBUG + it->second.phase.SetLogFileName(stgSettings->GetLogFileName()); + it->second.phase.SetUserLogin(login); + #endif + } +else if (user->GetID() != it->second.user->GetID()) + { + printfd(__FILE__, "IP address already in use by user '%s'. IP %s, login: '%s'\n", + it->second.user->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + user->GetLogin().c_str()); + WriteServLog("IP address already in use by user '%s'. IP %s, login: '%s'", + it->second.user->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + user->GetLogin().c_str()); + SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); + return 0; + } -if (iaUser->port != sport) - iaUser->port = sport; +IA_USER * iaUser = &(it->second); -if (iaUser->password != (*user)->property.password.Get()) +if (iaUser->password != user->GetProperty().password.Get()) { - InitEncrypt(&iaUser->ctx, (*user)->property.password.Get()); - iaUser->password = (*user)->property.password.Get(); + InitEncrypt(&iaUser->ctx, user->GetProperty().password.Get()); + iaUser->password = user->GetProperty().password.Get(); } buff += offset; @@ -819,222 +813,124 @@ char packetName[IA_MAX_TYPE_LEN]; strncpy(packetName, buff + 4, IA_MAX_TYPE_LEN); packetName[IA_MAX_TYPE_LEN - 1] = 0; -map::iterator pi; -pi = packetTypes.find(packetName); +map::iterator pi(packetTypes.find(packetName)); if (pi == packetTypes.end()) { SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!"); printfd(__FILE__, "Login or password is wrong!\n"); - WriteServLog("User's connect failed. IP \'%s\'. Wrong login or password", inet_ntostring(sip).c_str()); - return 0; - } -else - { - pn = pi->second; - } - -if ((*user)->property.disabled.Get()) - { - SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ"); - return 0; - } - -if ((*user)->property.passive.Get()) - { - SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ"); + WriteServLog("User's connect failed. User: '%s', ip %s. Wrong login or password", + login.c_str(), + inet_ntostring(sip).c_str()); + ip2user.erase(it); return 0; } -if ((*user)->GetAuthorized() && (*user)->GetCurrIP() != sip) +if (user->IsAuthorizedBy(this) && user->GetCurrIP() != sip) { - printfd(__FILE__, "Login %s alredy in use. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - WriteServLog("Login %s alredy in use. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); + printfd(__FILE__, "Login %s already in use from ip %s. IP %s\n", + login.c_str(), inet_ntostring(user->GetCurrIP()).c_str(), + inet_ntostring(sip).c_str()); + WriteServLog("Login %s already in use from ip %s. IP %s", + login.c_str(), + inet_ntostring(user->GetCurrIP()).c_str(), + inet_ntostring(sip).c_str()); SendError(sip, sport, protoVer, "÷ÁÛ ÌÏÇÉÎ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); + ip2user.erase(it); return 0; } -user_iter u; -if (users->FindByIPIdx(sip, &u) == 0 && u->GetLogin() != (*user)->GetLogin()) - { - printfd(__FILE__, "IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str()); - WriteServLog("IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str()); - SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); - return 0; - } - -// ôÅÐÅÒØ ÍÙ ÄÏÌÖÎÙ ÐÒÏ×ÅÒÉÔØ, ÍÏÖÅÔ ÌÉ ÐÏÌØÚÏ×ÁÔÅÌØ ÐÏÄËÌÀÞÉÔÓÑ Ó ÜÔÏÇÏ ÁÄÒÅÓÁ. -int ipFound = (*user)->property.ips.Get().IsIPInIPS(sip); -if (!ipFound) - { - printfd(__FILE__, "User %s. IP address is incorrect. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - WriteServLog("User %s. IP address is incorrect. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ."); - return 0; - } - -int ret = -1; - -switch (pn) +switch (pi->second) { case CONN_SYN_N: switch (protoVer) { case 6: - connSyn6 = (CONN_SYN_6*)(buff - offset); - ret = Process_CONN_SYN_6(connSyn6, &(it->second), user, sip); - break; + if (Process_CONN_SYN_6((CONN_SYN_6 *)(buff - offset), &(it->second), sip)) + return -1; + return Send_CONN_SYN_ACK_6(iaUser, sip); case 7: - connSyn7 = (CONN_SYN_7*)(buff - offset); - ret = Process_CONN_SYN_7(connSyn7, &(it->second), user, sip); - break; + if (Process_CONN_SYN_7((CONN_SYN_7 *)(buff - offset), &(it->second), sip)) + return -1; + return Send_CONN_SYN_ACK_7(iaUser, sip); case 8: - connSyn8 = (CONN_SYN_8*)(buff - offset); - ret = Process_CONN_SYN_8(connSyn8, &(it->second), user, sip); - break; - } - - if (ret != 0) - { - return 0; - } - switch (protoVer) - { - case 6: - Send_CONN_SYN_ACK_6(iaUser, user, sip); - break; - case 7: - Send_CONN_SYN_ACK_7(iaUser, user, sip); - break; - case 8: - Send_CONN_SYN_ACK_8(iaUser, user, sip); - break; + if (Process_CONN_SYN_8((CONN_SYN_8 *)(buff - offset), &(it->second), sip)) + return -1; + return Send_CONN_SYN_ACK_8(iaUser, sip); } break; case CONN_ACK_N: - connAck = (CONN_ACK_6*)(buff - offset); - switch (protoVer) - { - case 6: - ret = Process_CONN_ACK_6(connAck, iaUser, user, sip); - break; - case 7: - ret = Process_CONN_ACK_7(connAck, iaUser, user, sip); - break; - case 8: - ret = Process_CONN_ACK_8((CONN_ACK_8*)(buff - offset), iaUser, user, sip); - break; - } - - if (ret != 0) - { - SendError(sip, sport, protoVer, errorStr); - return 0; - } - switch (protoVer) { case 6: - Send_ALIVE_SYN_6(iaUser, sip); - break; + if (Process_CONN_ACK_6((CONN_ACK_6 *)(buff - offset), iaUser, sip)) + return -1; + return Send_ALIVE_SYN_6(iaUser, sip); case 7: - Send_ALIVE_SYN_7(iaUser, sip); - break; + if (Process_CONN_ACK_7((CONN_ACK_6 *)(buff - offset), iaUser, sip)) + return -1; + return Send_ALIVE_SYN_7(iaUser, sip); case 8: - Send_ALIVE_SYN_8(iaUser, sip); - break; + if (Process_CONN_ACK_8((CONN_ACK_8 *)(buff - offset), iaUser, sip)) + return -1; + return Send_ALIVE_SYN_8(iaUser, sip); } - break; - // ðÒÉÂÙÌ ÏÔ×ÅÔ Ó ÐÏÄÔ×ÅÒÖÄÅÎÉÅÍ ALIVE case ALIVE_ACK_N: - aliveAck = (ALIVE_ACK_6*)(buff - offset); switch (protoVer) { case 6: - ret = Process_ALIVE_ACK_6(aliveAck, iaUser, user, sip); - break; + return Process_ALIVE_ACK_6((ALIVE_ACK_6 *)(buff - offset), iaUser, sip); case 7: - ret = Process_ALIVE_ACK_7(aliveAck, iaUser, user, sip); - break; + return Process_ALIVE_ACK_7((ALIVE_ACK_6 *)(buff - offset), iaUser, sip); case 8: - ret = Process_ALIVE_ACK_8((ALIVE_ACK_8*)(buff - offset), iaUser, user, sip); - break; + return Process_ALIVE_ACK_8((ALIVE_ACK_8 *)(buff - offset), iaUser, sip); } break; - // úÁÐÒÏÓ ÎÁ ÏÔËÌÀÞÅÎÉÅ case DISCONN_SYN_N: - - disconnSyn = (DISCONN_SYN_6*)(buff - offset); switch (protoVer) { case 6: - ret = Process_DISCONN_SYN_6(disconnSyn, iaUser, user, sip); - break; + if (Process_DISCONN_SYN_6((DISCONN_SYN_6 *)(buff - offset), iaUser, sip)) + return -1; + return Send_DISCONN_SYN_ACK_6(iaUser, sip); case 7: - ret = Process_DISCONN_SYN_7(disconnSyn, iaUser, user, sip); - break; + if (Process_DISCONN_SYN_7((DISCONN_SYN_6 *)(buff - offset), iaUser, sip)) + return -1; + return Send_DISCONN_SYN_ACK_7(iaUser, sip); case 8: - ret = Process_DISCONN_SYN_8((DISCONN_SYN_8*)(buff - offset), iaUser, user, sip); - break; - } - - if (ret != 0) - return 0; - - switch (protoVer) - { - case 6: - Send_DISCONN_SYN_ACK_6(iaUser, sip); - break; - case 7: - Send_DISCONN_SYN_ACK_7(iaUser, sip); - break; - case 8: - Send_DISCONN_SYN_ACK_8(iaUser, sip); - break; + if (Process_DISCONN_SYN_8((DISCONN_SYN_8 *)(buff - offset), iaUser, sip)) + return -1; + return Send_DISCONN_SYN_ACK_8(iaUser, sip); } break; case DISCONN_ACK_N: - disconnAck = (DISCONN_ACK_6*)(buff - offset); - switch (protoVer) { case 6: - ret = Process_DISCONN_ACK_6(disconnAck, iaUser, user, sip, it); - break; + if (Process_DISCONN_ACK_6((DISCONN_ACK_6 *)(buff - offset), iaUser, sip, it)) + return -1; + return Send_FIN_6(iaUser, sip, it); case 7: - ret = Process_DISCONN_ACK_7(disconnAck, iaUser, user, sip, it); - break; + if (Process_DISCONN_ACK_7((DISCONN_ACK_6 *)(buff - offset), iaUser, sip, it)) + return -1; + return Send_FIN_7(iaUser, sip, it); case 8: - ret = Process_DISCONN_ACK_8((DISCONN_ACK_8*)(buff - offset), iaUser, user, sip, it); - break; - } - - switch (protoVer) - { - case 6: - Send_FIN_6(iaUser, sip, it); - break; - case 7: - Send_FIN_7(iaUser, sip, it); - break; - case 8: - Send_FIN_8(iaUser, sip, it); - break; + if (Process_DISCONN_ACK_8((DISCONN_ACK_8 *)(buff - offset), iaUser, sip, it)) + return -1; + return Send_FIN_8(iaUser, sip, it); } break; } -return 0; +return -1; } //----------------------------------------------------------------------------- -void AUTH_IA::DelUser(user_iter u) +void AUTH_IA::DelUser(USER_PTR u) { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); uint32_t ip = u->GetCurrIP(); @@ -1042,6 +938,8 @@ if (!ip) return; map::iterator it; + +STG_LOCKER lock(&mutex, __FILE__, __LINE__); it = ip2user.find(ip); if (it == ip2user.end()) { @@ -1053,7 +951,7 @@ if (it == ip2user.end()) if (it->second.user == u) { printfd(__FILE__, "User removed!\n"); - it->second.user->Unauthorize(this); + users->Unauthorize(u->GetLogin(), this); ip2user.erase(it); } } @@ -1071,8 +969,7 @@ switch (protoVer) sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); - - sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ + sendAddr.sin_addr.s_addr = ip; err.len = 1; strncpy((char*)err.type, "ERR", 16); @@ -1092,8 +989,7 @@ switch (protoVer) sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); - - sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ + sendAddr.sin_addr.s_addr = ip; err8.len = 256; strncpy((char*)err8.type, "ERR", 16); @@ -1114,51 +1010,26 @@ return 0; int AUTH_IA::Send(uint32_t ip, uint16_t port, const char * buffer, int len) { struct sockaddr_in sendAddr; -int res; sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); sendAddr.sin_addr.s_addr = ip; -res = sendto(listenSocket, buffer, len, 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr)); - -static struct timeval tv; -gettimeofday(&tv, NULL); +int res = sendto(listenSocket, buffer, len, 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr)); -return res; -} -//----------------------------------------------------------------------------- -void AUTH_IA::InitEncrypt(BLOWFISH_CTX * ctx, const string & password) -{ -unsigned char keyL[PASSWD_LEN]; // ðÁÒÏÌØ ÄÌÑ ÛÉÆÒÏ×ËÉ -memset(keyL, 0, PASSWD_LEN); -strncpy((char *)keyL, password.c_str(), PASSWD_LEN); -Blowfish_Init(ctx, keyL, PASSWD_LEN); -} -//----------------------------------------------------------------------------- -void AUTH_IA::Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8) -{ -// len8 - ÄÌÉÎÁ × 8-ÍÉ ÂÁÊÔÏ×ÙÈ ÂÌÏËÁÈ - -for (int i = 0; i < len8; i++) - DecodeString(dst + i * 8, src + i * 8, ctx); -} -//----------------------------------------------------------------------------- -void AUTH_IA::Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8) -{ -// len8 - ÄÌÉÎÁ × 8-ÍÉ ÂÁÊÔÏ×ÙÈ ÂÌÏËÁÈ +if (res == len) + return 0; -for (int i = 0; i < len8; i++) - EncodeString(dst + i * 8, src + i * 8, ctx); +return -1; } //----------------------------------------------------------------------------- int AUTH_IA::SendMessage(const STG_MSG & msg, uint32_t ip) const { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); - printfd(__FILE__, "SendMessage userIP=%s\n", inet_ntostring(ip).c_str()); map::iterator it; + +STG_LOCKER lock(&mutex, __FILE__, __LINE__); it = ip2user.find(ip); if (it == ip2user.end()) { @@ -1171,11 +1042,9 @@ return 0; //----------------------------------------------------------------------------- int AUTH_IA::RealSendMessage6(const STG_MSG & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.user->GetLogin().c_str()); +printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.login.c_str()); -char buffer[256]; INFO_6 info; - memset(&info, 0, sizeof(INFO_6)); info.len = 256; @@ -1189,27 +1058,23 @@ size_t len = info.len; SwapBytes(info.len); #endif +char buffer[256]; memcpy(buffer, &info, sizeof(INFO_6)); Encrypt(&user.ctx, buffer, buffer, len / 8); -Send(ip, iaSettings.GetUserPort(), buffer, len); - -return 0; +return Send(ip, iaSettings.GetUserPort(), buffer, len); } //----------------------------------------------------------------------------- int AUTH_IA::RealSendMessage7(const STG_MSG & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.user->GetLogin().c_str()); +printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.login.c_str()); -char buffer[300]; INFO_7 info; - memset(&info, 0, sizeof(INFO_7)); info.len = 264; strncpy((char*)info.type, "INFO_7", 16); info.infoType = msg.header.type; info.showTime = msg.header.showTime; - info.sendTime = msg.header.creationTime; size_t len = info.len; @@ -1221,23 +1086,18 @@ SwapBytes(info.sendTime); strncpy((char*)info.text, msg.text.c_str(), MAX_MSG_LEN - 1); info.text[MAX_MSG_LEN - 1] = 0; +char buffer[300]; memcpy(buffer, &info, sizeof(INFO_7)); Encrypt(&user.ctx, buffer, buffer, len / 8); -Send(ip, iaSettings.GetUserPort(), buffer, len); - -return 0; +return Send(ip, iaSettings.GetUserPort(), buffer, len); } //----------------------------------------------------------------------------- int AUTH_IA::RealSendMessage8(const STG_MSG & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.user->GetLogin().c_str()); - -char buffer[1500]; -memset(buffer, 0, sizeof(buffer)); +printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.login.c_str()); INFO_8 info; - memset(&info, 0, sizeof(INFO_8)); info.len = 1056; @@ -1255,15 +1115,14 @@ SwapBytes(info.len); SwapBytes(info.sendTime); #endif +char buffer[1500]; memcpy(buffer, &info, sizeof(INFO_8)); Encrypt(&user.ctx, buffer, buffer, len / 8); -Send(ip, user.port, buffer, len); - -return 0; +return Send(ip, user.port, buffer, len); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_CONN_SYN_6(CONN_SYN_6 *, IA_USER * iaUser, user_iter *, uint32_t) +int AUTH_IA::Process_CONN_SYN_6(CONN_SYN_6 *, IA_USER * iaUser, uint32_t) { if (!(iaUser->phase.GetPhase() == 1 || iaUser->phase.GetPhase() == 3)) return -1; @@ -1275,35 +1134,35 @@ printfd(__FILE__, "Phase changed from %d to 2. Reason: CONN_SYN_6\n", iaUser->ph return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_CONN_SYN_7(CONN_SYN_7 * connSyn, IA_USER * iaUser, user_iter * user, uint32_t sip) +int AUTH_IA::Process_CONN_SYN_7(CONN_SYN_7 * connSyn, IA_USER * iaUser, uint32_t sip) { -return Process_CONN_SYN_6(connSyn, iaUser, user, sip); +return Process_CONN_SYN_6(connSyn, iaUser, sip); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_CONN_SYN_8(CONN_SYN_8 * connSyn, IA_USER * iaUser, user_iter * user, uint32_t sip) +int AUTH_IA::Process_CONN_SYN_8(CONN_SYN_8 * connSyn, IA_USER * iaUser, uint32_t sip) { #ifdef ARCH_BE SwapBytes(connSyn->dirs); #endif -int ret = Process_CONN_SYN_6((CONN_SYN_6*)connSyn, iaUser, user, sip); +int ret = Process_CONN_SYN_6((CONN_SYN_6*)connSyn, iaUser, sip); enabledDirs = connSyn->dirs; return ret; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_CONN_ACK_6(CONN_ACK_6 * connAck, IA_USER * iaUser, user_iter *, uint32_t sip) +int AUTH_IA::Process_CONN_ACK_6(CONN_ACK_6 * connAck, IA_USER * iaUser, uint32_t sip) { #ifdef ARCH_BE SwapBytes(connAck->len); SwapBytes(connAck->rnd); #endif printfd( __FILE__, "CONN_ACK_6 %s\n", connAck->type); -// ÕÓÔÁÎÏ×ÉÔØ ÎÏ×ÕÀ ÆÁÚÕ É ×ÒÅÍÑ É ÒÁÚÒÅÛÉÔØ ÉÎÅÔ + if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { iaUser->phase.UpdateTime(); iaUser->lastSendAlive = iaUser->phase.GetTime(); - if (iaUser->user->Authorize(sip, "", enabledDirs, this) == 0) + if (users->Authorize(iaUser->login, sip, enabledDirs, this)) { iaUser->phase.SetPhase3(); printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_6\n"); @@ -1313,6 +1172,7 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { errorStr = iaUser->user->GetStrError(); iaUser->phase.SetPhase1(); + ip2user.erase(sip); printfd(__FILE__, "Phase changed from 2 to 1. Reason: failed to authorize user\n"); return -1; } @@ -1321,12 +1181,12 @@ printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: % return -1; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_CONN_ACK_7(CONN_ACK_7 * connAck, IA_USER * iaUser, user_iter * user, uint32_t sip) +int AUTH_IA::Process_CONN_ACK_7(CONN_ACK_7 * connAck, IA_USER * iaUser, uint32_t sip) { -return Process_CONN_ACK_6(connAck, iaUser, user, sip); +return Process_CONN_ACK_6(connAck, iaUser, sip); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_CONN_ACK_8(CONN_ACK_8 * connAck, IA_USER * iaUser, user_iter *, uint32_t sip) +int AUTH_IA::Process_CONN_ACK_8(CONN_ACK_8 * connAck, IA_USER * iaUser, uint32_t sip) { #ifdef ARCH_BE SwapBytes(connAck->len); @@ -1338,7 +1198,7 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { iaUser->phase.UpdateTime(); iaUser->lastSendAlive = iaUser->phase.GetTime(); - if (iaUser->user->Authorize(sip, "", enabledDirs, this) == 0) + if (users->Authorize(iaUser->login, sip, enabledDirs, this)) { iaUser->phase.SetPhase3(); printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_8\n"); @@ -1348,6 +1208,7 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { errorStr = iaUser->user->GetStrError(); iaUser->phase.SetPhase1(); + ip2user.erase(sip); printfd(__FILE__, "Phase changed from 2 to 1. Reason: failed to authorize user\n"); return -1; } @@ -1356,7 +1217,7 @@ printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: % return -1; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_ALIVE_ACK_6(ALIVE_ACK_6 * aliveAck, IA_USER * iaUser, user_iter *, uint32_t) +int AUTH_IA::Process_ALIVE_ACK_6(ALIVE_ACK_6 * aliveAck, IA_USER * iaUser, uint32_t) { #ifdef ARCH_BE SwapBytes(aliveAck->len); @@ -1373,12 +1234,12 @@ if ((iaUser->phase.GetPhase() == 3) && (aliveAck->rnd == iaUser->rnd + 1)) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_ALIVE_ACK_7(ALIVE_ACK_7 * aliveAck, IA_USER * iaUser, user_iter * user, uint32_t sip) +int AUTH_IA::Process_ALIVE_ACK_7(ALIVE_ACK_7 * aliveAck, IA_USER * iaUser, uint32_t sip) { -return Process_ALIVE_ACK_6(aliveAck, iaUser, user, sip); +return Process_ALIVE_ACK_6(aliveAck, iaUser, sip); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_ALIVE_ACK_8(ALIVE_ACK_8 * aliveAck, IA_USER * iaUser, user_iter *, uint32_t) +int AUTH_IA::Process_ALIVE_ACK_8(ALIVE_ACK_8 * aliveAck, IA_USER * iaUser, uint32_t) { #ifdef ARCH_BE SwapBytes(aliveAck->len); @@ -1395,7 +1256,7 @@ if ((iaUser->phase.GetPhase() == 3) && (aliveAck->rnd == iaUser->rnd + 1)) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_SYN_6(DISCONN_SYN_6 *, IA_USER * iaUser, user_iter *, uint32_t) +int AUTH_IA::Process_DISCONN_SYN_6(DISCONN_SYN_6 *, IA_USER * iaUser, uint32_t) { printfd(__FILE__, "DISCONN_SYN_6\n"); if (iaUser->phase.GetPhase() != 3) @@ -1411,12 +1272,12 @@ printfd(__FILE__, "Phase changed from 3 to 4. Reason: DISCONN_SYN_6\n"); return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_SYN_7(DISCONN_SYN_7 * disconnSyn, IA_USER * iaUser, user_iter * user, uint32_t sip) +int AUTH_IA::Process_DISCONN_SYN_7(DISCONN_SYN_7 * disconnSyn, IA_USER * iaUser, uint32_t sip) { -return Process_DISCONN_SYN_6(disconnSyn, iaUser, user, sip); +return Process_DISCONN_SYN_6(disconnSyn, iaUser, sip); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_SYN_8(DISCONN_SYN_8 *, IA_USER * iaUser, user_iter *, uint32_t) +int AUTH_IA::Process_DISCONN_SYN_8(DISCONN_SYN_8 *, IA_USER * iaUser, uint32_t) { if (iaUser->phase.GetPhase() != 3) { @@ -1433,7 +1294,6 @@ return 0; //----------------------------------------------------------------------------- int AUTH_IA::Process_DISCONN_ACK_6(DISCONN_ACK_6 * disconnAck, IA_USER * iaUser, - user_iter *, uint32_t, map::iterator) { @@ -1451,12 +1311,12 @@ if (!((iaUser->phase.GetPhase() == 4) && (disconnAck->rnd == iaUser->rnd + 1))) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_ACK_7(DISCONN_ACK_7 * disconnAck, IA_USER * iaUser, user_iter * user, uint32_t sip, map::iterator it) +int AUTH_IA::Process_DISCONN_ACK_7(DISCONN_ACK_7 * disconnAck, IA_USER * iaUser, uint32_t sip, map::iterator it) { -return Process_DISCONN_ACK_6(disconnAck, iaUser, user, sip, it); +return Process_DISCONN_ACK_6(disconnAck, iaUser, sip, it); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_ACK_8(DISCONN_ACK_8 * disconnAck, IA_USER * iaUser, user_iter *, uint32_t, map::iterator) +int AUTH_IA::Process_DISCONN_ACK_8(DISCONN_ACK_8 * disconnAck, IA_USER * iaUser, uint32_t, map::iterator) { #ifdef ARCH_BE SwapBytes(disconnAck->len); @@ -1472,7 +1332,7 @@ if (!((iaUser->phase.GetPhase() == 4) && (disconnAck->rnd == iaUser->rnd + 1))) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Send_CONN_SYN_ACK_6(IA_USER * iaUser, user_iter *, uint32_t sip) +int AUTH_IA::Send_CONN_SYN_ACK_6(IA_USER * iaUser, uint32_t sip) { //+++ Fill static data in connSynAck +++ // TODO Move this code. It must be executed only once @@ -1505,12 +1365,12 @@ Encrypt(&iaUser->ctx, (char*)&connSynAck6, (char*)&connSynAck6, Min8(sizeof(CONN return Send(sip, iaSettings.GetUserPort(), (char*)&connSynAck6, Min8(sizeof(CONN_SYN_ACK_6)));; } //----------------------------------------------------------------------------- -int AUTH_IA::Send_CONN_SYN_ACK_7(IA_USER * iaUser, user_iter * user, uint32_t sip) +int AUTH_IA::Send_CONN_SYN_ACK_7(IA_USER * iaUser, uint32_t sip) { -return Send_CONN_SYN_ACK_6(iaUser, user, sip); +return Send_CONN_SYN_ACK_6(iaUser, sip); } //----------------------------------------------------------------------------- -int AUTH_IA::Send_CONN_SYN_ACK_8(IA_USER * iaUser, user_iter *, uint32_t sip) +int AUTH_IA::Send_CONN_SYN_ACK_8(IA_USER * iaUser, uint32_t sip) { strcpy((char*)connSynAck8.hdr.magic, IA_ID); connSynAck8.hdr.protoVer[0] = 0; @@ -1545,7 +1405,6 @@ SwapBytes(connSynAck8.aliveDelay); Encrypt(&iaUser->ctx, (char*)&connSynAck8, (char*)&connSynAck8, Min8(sizeof(CONN_SYN_ACK_8))/8); return Send(sip, iaUser->port, (char*)&connSynAck8, Min8(sizeof(CONN_SYN_ACK_8))); -//return Send(sip, iaUser->port, (char*)&connSynAck8, 384); } //----------------------------------------------------------------------------- int AUTH_IA::Send_ALIVE_SYN_6(IA_USER * iaUser, uint32_t sip) @@ -1557,8 +1416,8 @@ strcpy((char*)aliveSyn6.type, "ALIVE_SYN"); for (int i = 0; i < DIR_NUM; i++) { - aliveSyn6.md[i] = iaUser->user->property.down.Get()[i]; - aliveSyn6.mu[i] = iaUser->user->property.up.Get()[i]; + aliveSyn6.md[i] = iaUser->user->GetProperty().down.Get()[i]; + aliveSyn6.mu[i] = iaUser->user->GetProperty().up.Get()[i]; aliveSyn6.sd[i] = iaUser->user->GetSessionDownload()[i]; aliveSyn6.su[i] = iaUser->user->GetSessionUpload()[i]; @@ -1581,7 +1440,7 @@ if (dn < DIR_NUM) } else { - double fmb = iaUser->user->property.freeMb; + double fmb = iaUser->user->GetProperty().freeMb; fmb = fmb < 0 ? 0 : fmb; snprintf((char*)aliveSyn6.freeMb, IA_FREEMB_LEN, "%.3f", fmb / p); } @@ -1594,7 +1453,7 @@ else } else { - double fmb = iaUser->user->property.freeMb; + double fmb = iaUser->user->GetProperty().freeMb; fmb = fmb < 0 ? 0 : fmb; snprintf((char*)aliveSyn6.freeMb, IA_FREEMB_LEN, "C%.3f", fmb); } @@ -1603,12 +1462,12 @@ else #ifdef IA_DEBUG if (iaUser->aliveSent) { - printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->user->GetLogin().c_str()); + printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->login.c_str()); } iaUser->aliveSent = true; #endif -aliveSyn6.cash =(int64_t) (iaUser->user->property.cash.Get() * 1000.0); +aliveSyn6.cash =(int64_t) (iaUser->user->GetProperty().cash.Get() * 1000.0); if (!stgSettings->GetShowFeeInCash()) aliveSyn6.cash -= (int64_t)(tf->GetFee() * 1000.0); @@ -1647,8 +1506,8 @@ strcpy((char*)aliveSyn8.type, "ALIVE_SYN"); for (int i = 0; i < DIR_NUM; i++) { - aliveSyn8.md[i] = iaUser->user->property.down.Get()[i]; - aliveSyn8.mu[i] = iaUser->user->property.up.Get()[i]; + aliveSyn8.md[i] = iaUser->user->GetProperty().down.Get()[i]; + aliveSyn8.mu[i] = iaUser->user->GetProperty().up.Get()[i]; aliveSyn8.sd[i] = iaUser->user->GetSessionDownload()[i]; aliveSyn8.su[i] = iaUser->user->GetSessionUpload()[i]; @@ -1671,7 +1530,7 @@ if (dn < DIR_NUM) } else { - double fmb = iaUser->user->property.freeMb; + double fmb = iaUser->user->GetProperty().freeMb; fmb = fmb < 0 ? 0 : fmb; snprintf((char*)aliveSyn8.freeMb, IA_FREEMB_LEN, "%.3f", fmb / p); } @@ -1684,7 +1543,7 @@ else } else { - double fmb = iaUser->user->property.freeMb; + double fmb = iaUser->user->GetProperty().freeMb; fmb = fmb < 0 ? 0 : fmb; snprintf((char*)aliveSyn8.freeMb, IA_FREEMB_LEN, "C%.3f", fmb); } @@ -1700,7 +1559,7 @@ iaUser->aliveSent = true; const TARIFF * tf = iaUser->user->GetTariff(); -aliveSyn8.cash =(int64_t) (iaUser->user->property.cash.Get() * 1000.0); +aliveSyn8.cash =(int64_t) (iaUser->user->GetProperty().cash.Get() * 1000.0); if (!stgSettings->GetShowFeeInCash()) aliveSyn8.cash -= (int64_t)(tf->GetFee() * 1000.0); @@ -1773,11 +1632,13 @@ SwapBytes(fin6.len); Encrypt(&iaUser->ctx, (char*)&fin6, (char*)&fin6, Min8(sizeof(fin6))/8); -iaUser->user->Unauthorize(this); +users->Unauthorize(iaUser->login, this); + +int res = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6))); -int ret = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6))); ip2user.erase(it); -return ret; + +return res; } //----------------------------------------------------------------------------- int AUTH_IA::Send_FIN_7(IA_USER * iaUser, uint32_t sip, map::iterator it) @@ -1801,37 +1662,34 @@ SwapBytes(fin8.len); Encrypt(&iaUser->ctx, (char*)&fin8, (char*)&fin8, Min8(sizeof(fin8))/8); -iaUser->user->Unauthorize(this); +users->Unauthorize(iaUser->login, this); + +int res = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8))); -int ret = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8))); ip2user.erase(it); -return ret; + +return res; } //----------------------------------------------------------------------------- -bool AUTH_IA::WaitPackets(int sd) const +inline +void InitEncrypt(BLOWFISH_CTX * ctx, const string & password) { -fd_set rfds; -FD_ZERO(&rfds); -FD_SET(sd, &rfds); - -struct timeval tv; -tv.tv_sec = 0; -tv.tv_usec = 500000; - -int res = select(sd + 1, &rfds, NULL, NULL, &tv); -if (res == -1) // Error - { - if (errno != EINTR) - { - printfd(__FILE__, "Error on select: '%s'\n", strerror(errno)); - } - return false; - } - -if (res == 0) // Timeout - { - return false; - } - -return true; +unsigned char keyL[PASSWD_LEN]; +memset(keyL, 0, PASSWD_LEN); +strncpy((char *)keyL, password.c_str(), PASSWD_LEN); +Blowfish_Init(ctx, keyL, PASSWD_LEN); +} +//----------------------------------------------------------------------------- +inline +void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8) +{ +for (int i = 0; i < len8; i++) + DecodeString(dst + i * 8, src + i * 8, ctx); +} +//----------------------------------------------------------------------------- +inline +void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8) +{ +for (int i = 0; i < len8; i++) + EncodeString(dst + i * 8, src + i * 8, ctx); }