X-Git-Url: https://git.stg.codes/stg.git/blobdiff_plain/b5e75bbd70279384c22f598a6f41f0714b537e4e..993289f9a8abcaa85250856d5940b569b7f21068:/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp?ds=sidebyside diff --git a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp index 4e4dd60c..d3c1b960 100644 --- a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp +++ b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp @@ -30,7 +30,7 @@ #include #include -#include // usleep, close +#include // close #include #include @@ -70,6 +70,7 @@ AUTH_IA_SETTINGS::AUTH_IA_SETTINGS() : userDelay(0), userTimeout(0), port(0), + errorStr(), freeMbShowType(freeMbCash) { } @@ -173,13 +174,15 @@ return 0; #ifdef IA_PHASE_DEBUG IA_PHASE::IA_PHASE() : phase(1), + phaseTime(), flog(NULL) { gettimeofday(&phaseTime, NULL); } #else IA_PHASE::IA_PHASE() - : phase(1) + : phase(1), + phaseTime() { gettimeofday(&phaseTime, NULL); } @@ -213,8 +216,6 @@ void IA_PHASE::WritePhaseChange(int newPhase) UTIME newPhaseTime; gettimeofday(&newPhaseTime, NULL); flog = fopen(log.c_str(), "at"); -/*int64_t tn = newPhaseTime.GetSec()*1000000 + newPhaseTime.GetUSec(); -int64_t to = phaseTime.GetSec()*1000000 + phaseTime.GetUSec();*/ if (flog) { string action = newPhase == phase ? "U" : "C"; @@ -297,15 +298,32 @@ return phaseTime; //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- AUTH_IA::AUTH_IA() - : nonstop(false), + : ctxS(), + errorStr(), + iaSettings(), + settings(), + nonstop(false), isRunningRun(false), isRunningRunTimeouter(false), users(NULL), stgSettings(NULL), + ip2user(), + recvThread(), + timeouterThread(), + mutex(), listenSocket(-1), - WriteServLog(GetStgLogger()), + connSynAck6(), + connSynAck8(), + disconnSynAck6(), + disconnSynAck8(), + aliveSyn6(), + aliveSyn8(), + fin6(), + fin8(), + packetTypes(), enabledDirs(0xFFffFFff), - onDelUserNotifier(*this) + onDelUserNotifier(*this), + logger(GetPluginLogger(GetStgLogger(), "auth_ia")) { InitEncrypt(&ctxS, "pr7Hhen"); @@ -375,6 +393,7 @@ if (!isRunningRun) { errorStr = "Cannot create thread."; printfd(__FILE__, "Cannot create recv thread\n"); + logger("Cannot create recv thread."); return -1; } } @@ -385,6 +404,7 @@ if (!isRunningRunTimeouter) { errorStr = "Cannot create thread."; printfd(__FILE__, "Cannot create timeouter thread\n"); + logger("Cannot create timeouter thread."); return -1; } } @@ -410,30 +430,8 @@ if (isRunningRun) //5 seconds to thread stops itself for (int i = 0; i < 25 && isRunningRun; i++) { - usleep(200000); - } - - //after 5 seconds waiting thread still running. now killing it - if (isRunningRun) - { - //TODO pthread_cancel() - if (pthread_kill(recvThread, SIGINT)) - { - errorStr = "Cannot kill thread."; - printfd(__FILE__, "Cannot kill thread\n"); - return -1; - } - for (int i = 0; i < 25 && isRunningRun; ++i) - usleep(200000); - if (isRunningRun) - { - printfd(__FILE__, "Failed to stop recv thread\n"); - } - else - { - pthread_join(recvThread, NULL); - } - printfd(__FILE__, "AUTH_IA killed Run\n"); + struct timespec ts = {0, 200000000}; + nanosleep(&ts, NULL); } } @@ -444,38 +442,26 @@ if (isRunningRunTimeouter) //5 seconds to thread stops itself for (int i = 0; i < 25 && isRunningRunTimeouter; i++) { - usleep(200000); - } - - //after 5 seconds waiting thread still running. now killing it - if (isRunningRunTimeouter) - { - //TODO pthread_cancel() - if (pthread_kill(timeouterThread, SIGINT)) - { - errorStr = "Cannot kill thread."; - return -1; - } - for (int i = 0; i < 25 && isRunningRunTimeouter; ++i) - usleep(200000); - if (isRunningRunTimeouter) - { - printfd(__FILE__, "Failed to stop timeouter thread\n"); - } - else - { - pthread_join(timeouterThread, NULL); - } - printfd(__FILE__, "AUTH_IA killed Timeouter\n"); + struct timespec ts = {0, 200000000}; + nanosleep(&ts, NULL); } } -printfd(__FILE__, "AUTH_IA::Stoped successfully.\n"); + users->DelNotifierUserDel(&onDelUserNotifier); + +if (isRunningRun || isRunningRunTimeouter) + return -1; + +printfd(__FILE__, "AUTH_IA::Stoped successfully.\n"); return 0; } //----------------------------------------------------------------------------- void * AUTH_IA::Run(void * d) { +sigset_t signalSet; +sigfillset(&signalSet); +pthread_sigmask(SIG_BLOCK, &signalSet, NULL); + AUTH_IA * ia = static_cast(d); ia->isRunningRun = true; @@ -501,6 +487,10 @@ return NULL; //----------------------------------------------------------------------------- void * AUTH_IA::RunTimeouter(void * d) { +sigset_t signalSet; +sigfillset(&signalSet); +pthread_sigmask(SIG_BLOCK, &signalSet, NULL); + AUTH_IA * ia = static_cast(d); ia->isRunningRunTimeouter = true; @@ -509,7 +499,8 @@ int a = -1; string monFile = ia->stgSettings->GetMonitorDir() + "/inetaccess_t"; while (ia->nonstop) { - usleep(20000); + struct timespec ts = {0, 20000000}; + nanosleep(&ts, NULL); ia->Timeouter(); // TODO change counter to timer and MONITOR_TIME_DELAY_SEC if (++a % (50 * 60) == 0 && ia->stgSettings->GetMonitoring()) @@ -539,6 +530,7 @@ listenSocket = socket(AF_INET, SOCK_DGRAM, 0); if (listenSocket < 0) { errorStr = "Cannot create socket."; + logger("Cannot create a socket: %s", strerror(errno)); return -1; } @@ -549,6 +541,7 @@ listenAddr.sin_addr.s_addr = inet_addr("0.0.0.0"); if (bind(listenSocket, (struct sockaddr*)&listenAddr, sizeof(listenAddr)) < 0) { errorStr = "AUTH_IA: Bind failed."; + logger("Cannot bind the socket: %s", strerror(errno)); return -1; } @@ -582,6 +575,7 @@ if (dataLen <= 0) // Error if (errno != EINTR) { printfd(__FILE__, "recvfrom res=%d, error: '%s'\n", dataLen, strerror(errno)); + logger("recvfrom error: %s", strerror(errno)); return -1; } return 0; @@ -603,25 +597,28 @@ uint32_t sip = outerAddr.sin_addr.s_addr; uint16_t sport = htons(outerAddr.sin_port); USER_PTR user; -if (users->FindByName(login, &user) == 0) +if (users->FindByName(login, &user)) { - WriteServLog("User's connect failed: user '%s' not found. IP %s", - login, - inet_ntostring(sip).c_str()); - printfd(__FILE__, "User %s NOT found!\n", login); + logger("User's connect failed: user '%s' not found. IP %s", + login, + inet_ntostring(sip).c_str()); + printfd(__FILE__, "User '%s' NOT found!\n", login); SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ!"); + return -1; } printfd(__FILE__, "User '%s' FOUND!\n", user->GetLogin().c_str()); if (user->GetProperty().disabled.Get()) { + logger("Cannont authorize '%s', user is disabled.", login); SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ"); return 0; } if (user->GetProperty().passive.Get()) { + logger("Cannont authorize '%s', user is passive.", login); SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ"); return 0; } @@ -630,8 +627,8 @@ if (!user->GetProperty().ips.Get().IsIPInIPS(sip)) { printfd(__FILE__, "User %s. IP address is incorrect. IP %s\n", user->GetLogin().c_str(), inet_ntostring(sip).c_str()); - WriteServLog("User %s. IP address is incorrect. IP %s", - user->GetLogin().c_str(), inet_ntostring(sip).c_str()); + logger("User %s. IP address is incorrect. IP %s", + user->GetLogin().c_str(), inet_ntostring(sip).c_str()); SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ."); return 0; } @@ -752,7 +749,6 @@ return 0; int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR user) { std::string login(user->GetLogin()); -// ôÕÔ ÓÏÂÒÁÎÙ ÏÂÒÁÂÏÔÞÉËÉ ÒÁÚÎÙÈ ÐÁËÅÔÏ× const int offset = LOGIN_LEN + 2 + 6; // LOGIN_LEN + sizeOfMagic + sizeOfVer; STG_LOCKER lock(&mutex, __FILE__, __LINE__); @@ -769,33 +765,24 @@ if (it == ip2user.end()) userPtr->GetLogin().c_str(), inet_ntostring(sip).c_str(), login.c_str()); - WriteServLog("IP address already in use by user '%s'. IP %s, login: '%s'", - userPtr->GetLogin().c_str(), - inet_ntostring(sip).c_str(), - login.c_str()); + logger("IP address is already in use by user '%s'. IP %s, login: '%s'", + userPtr->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + login.c_str()); SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); return 0; } } - // åÝÅ ÎÅ ÂÙÌÏ ÚÁÐÒÏÓÏ× Ó ÜÔÏÇÏ IP + printfd(__FILE__, "Add new user '%s' from ip %s\n", login.c_str(), inet_ntostring(sip).c_str()); - ip2user[sip].login = login; - ip2user[sip].user = user; - ip2user[sip].protoVer = protoVer; - ip2user[sip].port = sport; + std::pair::iterator, bool> res; + res = ip2user.insert(std::make_pair(sip, IA_USER(login, user, sport, protoVer))); + it = res.first; #ifdef IA_PHASE_DEBUG - ip2user[sip].phase.SetLogFileName(stgSettings->GetLogFileName()); - ip2user[sip].phase.SetUserLogin(login); + it->second.phase.SetLogFileName(stgSettings->GetLogFileName()); + it->second.phase.SetUserLogin(login); #endif - - - it = ip2user.find(sip); //TODO - if (it == ip2user.end()) - { - printfd(__FILE__, "+++ ERROR +++\n"); - return -1; - } } else if (user->GetID() != it->second.user->GetID()) { @@ -803,19 +790,16 @@ else if (user->GetID() != it->second.user->GetID()) it->second.user->GetLogin().c_str(), inet_ntostring(sip).c_str(), user->GetLogin().c_str()); - WriteServLog("IP address already in use by user '%s'. IP %s, login: '%s'", - it->second.user->GetLogin().c_str(), - inet_ntostring(sip).c_str(), - user->GetLogin().c_str()); + logger("IP address is already in use by user '%s'. IP %s, login: '%s'", + it->second.user->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + user->GetLogin().c_str()); SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); return 0; } IA_USER * iaUser = &(it->second); -if (iaUser->port != sport) - iaUser->port = sport; - if (iaUser->password != user->GetProperty().password.Get()) { InitEncrypt(&iaUser->ctx, user->GetProperty().password.Get()); @@ -834,9 +818,9 @@ if (pi == packetTypes.end()) { SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!"); printfd(__FILE__, "Login or password is wrong!\n"); - WriteServLog("User's connect failed. User: '%s', ip %s. Wrong login or password", - login.c_str(), - inet_ntostring(sip).c_str()); + logger("User's connect failed. User: '%s', ip %s. Wrong login or password", + login.c_str(), + inet_ntostring(sip).c_str()); ip2user.erase(it); return 0; } @@ -846,10 +830,10 @@ if (user->IsAuthorizedBy(this) && user->GetCurrIP() != sip) printfd(__FILE__, "Login %s already in use from ip %s. IP %s\n", login.c_str(), inet_ntostring(user->GetCurrIP()).c_str(), inet_ntostring(sip).c_str()); - WriteServLog("Login %s already in use from ip %s. IP %s", - login.c_str(), - inet_ntostring(user->GetCurrIP()).c_str(), - inet_ntostring(sip).c_str()); + logger("Login '%s' is already in use from ip %s. IP %s", + login.c_str(), + inet_ntostring(user->GetCurrIP()).c_str(), + inet_ntostring(sip).c_str()); SendError(sip, sport, protoVer, "÷ÁÛ ÌÏÇÉÎ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); ip2user.erase(it); return 0; @@ -985,8 +969,7 @@ switch (protoVer) sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); - - sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ + sendAddr.sin_addr.s_addr = ip; err.len = 1; strncpy((char*)err.type, "ERR", 16); @@ -1006,8 +989,7 @@ switch (protoVer) sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); - - sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ + sendAddr.sin_addr.s_addr = ip; err8.len = 256; strncpy((char*)err8.type, "ERR", 16); @@ -1035,9 +1017,6 @@ sendAddr.sin_addr.s_addr = ip; int res = sendto(listenSocket, buffer, len, 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr)); -static struct timeval tv; -gettimeofday(&tv, NULL); - if (res == len) return 0; @@ -1177,7 +1156,7 @@ SwapBytes(connAck->len); SwapBytes(connAck->rnd); #endif printfd( __FILE__, "CONN_ACK_6 %s\n", connAck->type); -// ÕÓÔÁÎÏ×ÉÔØ ÎÏ×ÕÀ ÆÁÚÕ É ×ÒÅÍÑ É ÒÁÚÒÅÛÉÔØ ÉÎÅÔ + if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { iaUser->phase.UpdateTime(); @@ -1654,9 +1633,12 @@ SwapBytes(fin6.len); Encrypt(&iaUser->ctx, (char*)&fin6, (char*)&fin6, Min8(sizeof(fin6))/8); users->Unauthorize(iaUser->login, this); + +int res = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6))); + ip2user.erase(it); -return Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6))); +return res; } //----------------------------------------------------------------------------- int AUTH_IA::Send_FIN_7(IA_USER * iaUser, uint32_t sip, map::iterator it) @@ -1681,9 +1663,12 @@ SwapBytes(fin8.len); Encrypt(&iaUser->ctx, (char*)&fin8, (char*)&fin8, Min8(sizeof(fin8))/8); users->Unauthorize(iaUser->login, this); + +int res = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8))); + ip2user.erase(it); -return Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8))); +return res; } //----------------------------------------------------------------------------- inline