X-Git-Url: https://git.stg.codes/stg.git/blobdiff_plain/ede91934442fd804d7b818971a44e3ad795cb01f..1c324d5b2380a68f209e65969079677dbaf1c511:/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp?ds=sidebyside diff --git a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp index 3918f0b3..01162875 100644 --- a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp +++ b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp @@ -18,69 +18,36 @@ * Author : Boris Mikhailenko */ -/* - $Revision: 1.79 $ - $Date: 2010/03/25 15:18:48 $ - $Author: faust $ - */ - #ifndef _GNU_SOURCE #define _GNU_SOURCE #endif -#include -#include +#include "inetaccess.h" +#include "stg/common.h" +#include "stg/locker.h" +#include "stg/tariff.h" +#include "stg/settings.h" + +#include #include #include #include // snprintf #include -#include +#include -#include "inetaccess.h" -#include "common.h" -#include "stg_locker.h" -#include "tariff.h" -#include "../../../settings.h" -#include "../../../user_property.h" - -extern volatile const time_t stgTime; - -void InitEncrypt(BLOWFISH_CTX * ctx, const string & password); -void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8); -void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8); +#include +#include +#include // close -//----------------------------------------------------------------------------- -class IA_CREATOR -{ -private: - AUTH_IA * ia; +#define IA_PROTO_VER (6) -public: - IA_CREATOR() - : ia(new AUTH_IA()) - { - }; - ~IA_CREATOR() - { - delete ia; - }; +extern volatile time_t stgTime; - AUTH_IA * GetPlugin() - { - return ia; - }; -}; -//----------------------------------------------------------------------------- -//----------------------------------------------------------------------------- -//----------------------------------------------------------------------------- -IA_CREATOR iac; -//----------------------------------------------------------------------------- -//----------------------------------------------------------------------------- -//----------------------------------------------------------------------------- -PLUGIN * GetPlugin() +extern "C" STG::Plugin* GetPlugin() { -return iac.GetPlugin(); + static AUTH_IA plugin; + return &plugin; } //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- @@ -89,34 +56,20 @@ AUTH_IA_SETTINGS::AUTH_IA_SETTINGS() : userDelay(0), userTimeout(0), port(0), - freeMbShowType(freeMbCash) + freeMbShowType(freeMbCash), + logProtocolErrors(false) { } //----------------------------------------------------------------------------- -int AUTH_IA_SETTINGS::ParseIntInRange(const string & str, int min, int max, int * val) -{ -if (str2x(str.c_str(), *val)) - { - errorStr = "Incorrect value \'" + str + "\'."; - return -1; - } -if (*val < min || *val > max) - { - errorStr = "Value \'" + str + "\' out of range."; - return -1; - } -return 0; -} -//----------------------------------------------------------------------------- -int AUTH_IA_SETTINGS::ParseSettings(const MODULE_SETTINGS & s) +int AUTH_IA_SETTINGS::ParseSettings(const STG::ModuleSettings & s) { int p; -PARAM_VALUE pv; -vector::const_iterator pvi; +STG::ParamValue pv; +std::vector::const_iterator pvi; /////////////////////////// pv.param = "Port"; pvi = find(s.moduleParams.begin(), s.moduleParams.end(), pv); -if (pvi == s.moduleParams.end()) +if (pvi == s.moduleParams.end() || pvi->value.empty()) { errorStr = "Parameter \'Port\' not found."; printfd(__FILE__, "Parameter 'Port' not found\n"); @@ -128,11 +81,11 @@ if (ParseIntInRange(pvi->value[0], 2, 65535, &p)) printfd(__FILE__, "Cannot parse parameter 'Port'\n"); return -1; } -port = p; +port = static_cast(p); /////////////////////////// pv.param = "UserDelay"; pvi = find(s.moduleParams.begin(), s.moduleParams.end(), pv); -if (pvi == s.moduleParams.end()) +if (pvi == s.moduleParams.end() || pvi->value.empty()) { errorStr = "Parameter \'UserDelay\' not found."; printfd(__FILE__, "Parameter 'UserDelay' not found\n"); @@ -148,7 +101,7 @@ if (ParseIntInRange(pvi->value[0], 5, 600, &userDelay)) /////////////////////////// pv.param = "UserTimeout"; pvi = find(s.moduleParams.begin(), s.moduleParams.end(), pv); -if (pvi == s.moduleParams.end()) +if (pvi == s.moduleParams.end() || pvi->value.empty()) { errorStr = "Parameter \'UserTimeout\' not found."; printfd(__FILE__, "Parameter 'UserTimeout' not found\n"); @@ -161,12 +114,23 @@ if (ParseIntInRange(pvi->value[0], 15, 1200, &userTimeout)) printfd(__FILE__, "Cannot parse parameter 'UserTimeout'\n"); return -1; } +/////////////////////////// +pv.param = "LogProtocolErrors"; +pvi = find(s.moduleParams.begin(), s.moduleParams.end(), pv); +if (pvi == s.moduleParams.end() || pvi->value.empty()) + logProtocolErrors = false; +else if (ParseYesNo(pvi->value[0], &logProtocolErrors)) + { + errorStr = "Cannot parse parameter \'LogProtocolErrors\': " + errorStr; + printfd(__FILE__, "Cannot parse parameter 'LogProtocolErrors'\n"); + return -1; + } ///////////////////////////////////////////////////////////// -string freeMbType; +std::string freeMbType; int n = 0; pv.param = "FreeMb"; pvi = find(s.moduleParams.begin(), s.moduleParams.end(), pv); -if (pvi == s.moduleParams.end()) +if (pvi == s.moduleParams.end() || pvi->value.empty()) { errorStr = "Parameter \'FreeMb\' not found."; printfd(__FILE__, "Parameter 'FreeMb' not found\n"); @@ -190,7 +154,7 @@ else if (!str2x(freeMbType.c_str(), n)) printfd(__FILE__, "%s\n", errorStr.c_str()); return -1; } - freeMbShowType = (FREEMB)(freeMb0 + n); + freeMbShowType = static_cast(n); } else { @@ -247,8 +211,6 @@ void IA_PHASE::WritePhaseChange(int newPhase) UTIME newPhaseTime; gettimeofday(&newPhaseTime, NULL); flog = fopen(log.c_str(), "at"); -/*int64_t tn = newPhaseTime.GetSec()*1000000 + newPhaseTime.GetUSec(); -int64_t to = phaseTime.GetSec()*1000000 + phaseTime.GetUSec();*/ if (flog) { string action = newPhase == phase ? "U" : "C"; @@ -301,15 +263,6 @@ phase = 4; gettimeofday(&phaseTime, NULL); } //----------------------------------------------------------------------------- -void IA_PHASE::SetPhase5() -{ -#ifdef IA_PHASE_DEBUG -WritePhaseChange(5); -#endif -phase = 5; -gettimeofday(&phaseTime, NULL); -} -//----------------------------------------------------------------------------- int IA_PHASE::GetPhase() const { return phase; @@ -331,22 +284,16 @@ return phaseTime; //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- AUTH_IA::AUTH_IA() - : nonstop(false), - isRunningRun(false), + : isRunningRun(false), isRunningRunTimeouter(false), users(NULL), stgSettings(NULL), listenSocket(-1), - WriteServLog(GetStgLogger()), enabledDirs(0xFFffFFff), - onDelUserNotifier(*this) + onDelUserNotifier(*this), + logger(STG::PluginLogger::get("auth_ia")) { -InitEncrypt(&ctxS, "pr7Hhen"); - -pthread_mutexattr_t attr; -pthread_mutexattr_init(&attr); -pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE); -pthread_mutex_init(&mutex, &attr); +InitContext("pr7Hhen", 7, &ctxS); memset(&connSynAck6, 0, sizeof(CONN_SYN_ACK_6)); memset(&connSynAck8, 0, sizeof(CONN_SYN_ACK_8)); @@ -390,38 +337,23 @@ packetTypes["ERR"] = ERROR_N; //----------------------------------------------------------------------------- AUTH_IA::~AUTH_IA() { -pthread_mutex_destroy(&mutex); } //----------------------------------------------------------------------------- int AUTH_IA::Start() { users->AddNotifierUserDel(&onDelUserNotifier); -nonstop = true; if (PrepareNet()) { return -1; } -if (!isRunningRun) - { - if (pthread_create(&recvThread, NULL, Run, this)) - { - errorStr = "Cannot create thread."; - printfd(__FILE__, "Cannot create recv thread\n"); - return -1; - } - } +if (!m_thread.joinable()) + m_thread = std::jthread([this](auto token){ Run(std::move(token)); }); + +if (!m_timeouterThread.joinable()) + m_timeouterThread = std::jthread([this](auto token){ RunTimeouter(std::move(token)); }); -if (!isRunningRunTimeouter) - { - if (pthread_create(&timeouterThread, NULL, RunTimeouter, this)) - { - errorStr = "Cannot create thread."; - printfd(__FILE__, "Cannot create timeouter thread\n"); - return -1; - } - } errorStr = ""; return 0; } @@ -431,7 +363,8 @@ int AUTH_IA::Stop() if (!IsRunning()) return 0; -nonstop = false; +m_thread.request_stop(); +m_timeouterThread.request_stop(); std::for_each( ip2user.begin(), @@ -444,30 +377,8 @@ if (isRunningRun) //5 seconds to thread stops itself for (int i = 0; i < 25 && isRunningRun; i++) { - usleep(200000); - } - - //after 5 seconds waiting thread still running. now killing it - if (isRunningRun) - { - //TODO pthread_cancel() - if (pthread_kill(recvThread, SIGINT)) - { - errorStr = "Cannot kill thread."; - printfd(__FILE__, "Cannot kill thread\n"); - return -1; - } - for (int i = 0; i < 25 && isRunningRun; ++i) - usleep(200000); - if (isRunningRun) - { - printfd(__FILE__, "Failed to stop recv thread\n"); - } - else - { - pthread_join(recvThread, NULL); - } - printfd(__FILE__, "AUTH_IA killed Run\n"); + struct timespec ts = {0, 200000000}; + nanosleep(&ts, NULL); } } @@ -478,82 +389,79 @@ if (isRunningRunTimeouter) //5 seconds to thread stops itself for (int i = 0; i < 25 && isRunningRunTimeouter; i++) { - usleep(200000); - } - - //after 5 seconds waiting thread still running. now killing it - if (isRunningRunTimeouter) - { - //TODO pthread_cancel() - if (pthread_kill(timeouterThread, SIGINT)) - { - errorStr = "Cannot kill thread."; - return -1; - } - for (int i = 0; i < 25 && isRunningRunTimeouter; ++i) - usleep(200000); - if (isRunningRunTimeouter) - { - printfd(__FILE__, "Failed to stop timeouter thread\n"); - } - else - { - pthread_join(timeouterThread, NULL); - } - printfd(__FILE__, "AUTH_IA killed Timeouter\n"); + struct timespec ts = {0, 200000000}; + nanosleep(&ts, NULL); } } -printfd(__FILE__, "AUTH_IA::Stoped successfully.\n"); + users->DelNotifierUserDel(&onDelUserNotifier); + +if (isRunningRun) + m_thread.detach(); +else + m_thread.join(); + +if (isRunningRunTimeouter) + m_timeouterThread.detach(); +else + m_timeouterThread.join(); + +if (isRunningRun || isRunningRunTimeouter) + return -1; + +printfd(__FILE__, "AUTH_IA::Stoped successfully.\n"); return 0; } //----------------------------------------------------------------------------- -void * AUTH_IA::Run(void * d) +void AUTH_IA::Run(std::stop_token token) { -AUTH_IA * ia = static_cast(d); +sigset_t signalSet; +sigfillset(&signalSet); +pthread_sigmask(SIG_BLOCK, &signalSet, NULL); -ia->isRunningRun = true; +isRunningRun = true; char buffer[512]; time_t touchTime = stgTime - MONITOR_TIME_DELAY_SEC; -while (ia->nonstop) +while (!token.stop_requested()) { - ia->RecvData(buffer, sizeof(buffer)); - if ((touchTime + MONITOR_TIME_DELAY_SEC <= stgTime) && ia->stgSettings->GetMonitoring()) + RecvData(buffer, sizeof(buffer)); + if ((touchTime + MONITOR_TIME_DELAY_SEC <= stgTime) && stgSettings->GetMonitoring()) { touchTime = stgTime; - string monFile = ia->stgSettings->GetMonitorDir() + "/inetaccess_r"; - TouchFile(monFile.c_str()); + std::string monFile = stgSettings->GetMonitorDir() + "/inetaccess_r"; + TouchFile(monFile); } } -ia->isRunningRun = false; -return NULL; +isRunningRun = false; } //----------------------------------------------------------------------------- -void * AUTH_IA::RunTimeouter(void * d) +void AUTH_IA::RunTimeouter(std::stop_token token) { -AUTH_IA * ia = static_cast(d); +sigset_t signalSet; +sigfillset(&signalSet); +pthread_sigmask(SIG_BLOCK, &signalSet, NULL); -ia->isRunningRunTimeouter = true; +isRunningRunTimeouter = true; int a = -1; -string monFile = ia->stgSettings->GetMonitorDir() + "/inetaccess_t"; -while (ia->nonstop) - { - usleep(20000); - ia->Timeouter(); - // TODO cahange counter to timer and MONITOR_TIME_DELAY_SEC - if (++a % (50*60) == 0 && ia->stgSettings->GetMonitoring()) +std::string monFile = stgSettings->GetMonitorDir() + "/inetaccess_t"; +while (!token.stop_requested()) + { + struct timespec ts = {0, 20000000}; + nanosleep(&ts, NULL); + Timeouter(); + // TODO change counter to timer and MONITOR_TIME_DELAY_SEC + if (++a % (50 * 60) == 0 && stgSettings->GetMonitoring()) { - TouchFile(monFile.c_str()); + TouchFile(monFile); } } -ia->isRunningRunTimeouter = false; -return NULL; +isRunningRunTimeouter = false; } //----------------------------------------------------------------------------- int AUTH_IA::ParseSettings() @@ -564,6 +472,22 @@ if (ret) return ret; } //----------------------------------------------------------------------------- +int AUTH_IA::Reload(const STG::ModuleSettings & ms) +{ +AUTH_IA_SETTINGS newIaSettings; +if (newIaSettings.ParseSettings(ms)) + { + printfd(__FILE__, "AUTH_IA::Reload() - Failed to reload InetAccess.\n"); + logger("AUTH_IA: Cannot reload InetAccess. Errors found."); + return -1; + } + +printfd(__FILE__, "AUTH_IA::Reload() - Reloaded InetAccess successfully.\n"); +logger("AUTH_IA: Reloaded InetAccess successfully."); +iaSettings = newIaSettings; +return 0; +} +//----------------------------------------------------------------------------- int AUTH_IA::PrepareNet() { struct sockaddr_in listenAddr; @@ -573,6 +497,7 @@ listenSocket = socket(AF_INET, SOCK_DGRAM, 0); if (listenSocket < 0) { errorStr = "Cannot create socket."; + logger("Cannot create a socket: %s", strerror(errno)); return -1; } @@ -580,22 +505,13 @@ listenAddr.sin_family = AF_INET; listenAddr.sin_port = htons(iaSettings.GetUserPort()); listenAddr.sin_addr.s_addr = inet_addr("0.0.0.0"); -if (bind(listenSocket, (struct sockaddr*)&listenAddr, sizeof(listenAddr)) < 0) +if (bind(listenSocket, reinterpret_cast(&listenAddr), sizeof(listenAddr)) < 0) { errorStr = "AUTH_IA: Bind failed."; + logger("Cannot bind the socket: %s", strerror(errno)); return -1; } -/*int buffLen; -if (getsockopt(listenSocket, SOL_SOCKET, SO_SNDBUF, &buffLen, sizeof(buffLen)) < 0) - { - - errorStr = "Getsockopt failed. " + string(strerror(errno)); - return -1; - }*/ - -//WriteServLog("buffLen = %d", buffLen); - return 0; } //----------------------------------------------------------------------------- @@ -614,7 +530,7 @@ if (!WaitPackets(listenSocket)) // Timeout struct sockaddr_in outerAddr; socklen_t outerAddrLen(sizeof(outerAddr)); -int dataLen = recvfrom(listenSocket, buffer, bufferSize, 0, (struct sockaddr *)&outerAddr, &outerAddrLen); +ssize_t dataLen = recvfrom(listenSocket, buffer, bufferSize, 0, reinterpret_cast(&outerAddr), &outerAddrLen); if (!dataLen) // EOF { @@ -626,6 +542,7 @@ if (dataLen <= 0) // Error if (errno != EINTR) { printfd(__FILE__, "recvfrom res=%d, error: '%s'\n", dataLen, strerror(errno)); + logger("recvfrom error: %s", strerror(errno)); return -1; } return 0; @@ -634,59 +551,82 @@ if (dataLen <= 0) // Error if (dataLen > 256) return -1; +uint32_t sip = outerAddr.sin_addr.s_addr; +uint16_t sport = htons(outerAddr.sin_port); + int protoVer; -if (CheckHeader(buffer, &protoVer)) +if (CheckHeader(buffer, sip, &protoVer)) return -1; char login[PASSWD_LEN]; //TODO why PASSWD_LEN ? memset(login, 0, PASSWD_LEN); -Decrypt(&ctxS, login, buffer + 8, PASSWD_LEN / 8); +DecryptString(login, buffer + 8, PASSWD_LEN, &ctxS); -uint32_t sip = *((uint32_t*)&outerAddr.sin_addr); -uint16_t sport = htons(outerAddr.sin_port); +UserPtr user; +if (users->FindByName(login, &user)) + { + logger("User's connect failed: user '%s' not found. IP %s", + login, + inet_ntostring(sip).c_str()); + printfd(__FILE__, "User '%s' NOT found!\n", login); + SendError(sip, sport, protoVer, IconvString("Неправильный логин.", "utf8", "koi8-ru")); + return -1; + } -USER_PTR user; -if (users->FindByName(login, &user) == 0) +printfd(__FILE__, "User '%s' FOUND!\n", user->GetLogin().c_str()); + +if (user->GetProperties().disabled.Get()) { - printfd(__FILE__, "User %s FOUND!\n", user->GetLogin().c_str()); - PacketProcessor(buffer, dataLen, sip, sport, protoVer, &user); + logger("Cannont authorize '%s', user is disabled.", login); + SendError(sip, sport, protoVer, IconvString("Учетная запись заблокирована.", "utf8", "koi8-ru")); + return 0; } -else + +if (user->GetProperties().passive.Get()) { - WriteServLog("User\'s connect failed:: user \'%s\' not found. IP \'%s\'", - login, - inet_ntostring(sip).c_str()); - printfd(__FILE__, "User %s NOT found!\n", login); - SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!"); + logger("Cannont authorize '%s', user is passive.", login); + SendError(sip, sport, protoVer, IconvString("Учетная запись заморожена.", "utf8", "koi8-ru")); + return 0; } -return 0; +if (!user->GetProperties().ips.Get().find(sip)) + { + printfd(__FILE__, "User %s. IP address is incorrect. IP %s\n", + user->GetLogin().c_str(), inet_ntostring(sip).c_str()); + logger("User %s. IP address is incorrect. IP %s", + user->GetLogin().c_str(), inet_ntostring(sip).c_str()); + SendError(sip, sport, protoVer, IconvString("Пользователь не опознан. Проверьте IP-адрес.", "utf8", "koi8-ru")); + return 0; + } +return PacketProcessor(buffer, dataLen, sip, sport, protoVer, user); } //----------------------------------------------------------------------------- -int AUTH_IA::CheckHeader(const char * buffer, int * protoVer) +int AUTH_IA::CheckHeader(const char * buffer, uint32_t sip, int * protoVer) { if (strncmp(IA_ID, buffer, strlen(IA_ID)) != 0) { - //SendError(userIP, updateMsg); printfd(__FILE__, "update needed - IA_ID\n"); - //SendError(userIP, "Incorrect header!"); + if (iaSettings.LogProtocolErrors()) + logger("IP: %s. Header: invalid packed signature.", inet_ntostring(sip).c_str()); return -1; } if (buffer[6] != 0) //proto[0] shoud be 0 { printfd(__FILE__, "update needed - PROTO major: %d\n", buffer[6]); - //SendError(userIP, updateMsg); + if (iaSettings.LogProtocolErrors()) + logger("IP: %s. Header: invalid protocol major version: %d.", inet_ntostring(sip).c_str(), buffer[6]); return -1; } if (buffer[7] < 6) { // need update - //SendError(userIP, updateMsg); printfd(__FILE__, "update needed - PROTO minor: %d\n", buffer[7]); + if (iaSettings.LogProtocolErrors()) + logger("IP: %s. Header: invalid protocol minor version: %d.", inet_ntostring(sip).c_str(), buffer[7]); return -1; } else @@ -698,15 +638,14 @@ return 0; //----------------------------------------------------------------------------- int AUTH_IA::Timeouter() { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); +std::lock_guard lock(m_mutex); -map::iterator it; +std::map::iterator it; it = ip2user.begin(); -uint32_t sip; while (it != ip2user.end()) { - sip = it->first; + uint32_t sip = it->first; static UTIME currTime; gettimeofday(&currTime, NULL); @@ -714,8 +653,12 @@ while (it != ip2user.end()) if ((it->second.phase.GetPhase() == 2) && (currTime - it->second.phase.GetTime()) > iaSettings.GetUserDelay()) { + if (iaSettings.LogProtocolErrors()) + logger("User '%s'. Protocol version: %d. Phase 2: connect request timeout (%f > %d).", it->second.login.c_str(), it->second.protoVer, (currTime - it->second.phase.GetTime()).AsDouble(), iaSettings.GetUserDelay().GetSec()); it->second.phase.SetPhase1(); printfd(__FILE__, "Phase changed from 2 to 1. Reason: timeout\n"); + ip2user.erase(it++); + continue; } if (it->second.phase.GetPhase() == 3) @@ -754,7 +697,9 @@ while (it != ip2user.end()) if ((currTime - it->second.phase.GetTime()) > iaSettings.GetUserTimeout()) { - it->second.user->Unauthorize(this); + if (iaSettings.LogProtocolErrors()) + logger("User '%s'. Protocol version: %d. Phase 3: alive timeout (%f > %d).", it->second.login.c_str(), it->second.protoVer, (currTime - it->second.phase.GetTime()).AsDouble(), iaSettings.GetUserTimeout().GetSec()); + users->Unauthorize(it->second.user->GetLogin(), this); ip2user.erase(it++); continue; } @@ -763,6 +708,8 @@ while (it != ip2user.end()) if ((it->second.phase.GetPhase() == 4) && ((currTime - it->second.phase.GetTime()) > iaSettings.GetUserDelay())) { + if (iaSettings.LogProtocolErrors()) + logger("User '%s'. Protocol version: %d. Phase 4: disconnect request timeout (%f > %d).", it->second.login.c_str(), it->second.protoVer, (currTime - it->second.phase.GetTime()).AsDouble(), iaSettings.GetUserDelay().GetSec()); it->second.phase.SetPhase3(); printfd(__FILE__, "Phase changed from 4 to 3. Reason: timeout\n"); } @@ -773,289 +720,200 @@ while (it != ip2user.end()) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR * user) +int AUTH_IA::PacketProcessor(void * buff, size_t dataLen, uint32_t sip, uint16_t sport, int protoVer, UserPtr user) { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); -// ôÕÔ ÓÏÂÒÁÎÙ ÏÂÒÁÂÏÔÞÉËÉ ÒÁÚÎÙÈ ÐÁËÅÔÏ× -int pn = -1; -const int offset = LOGIN_LEN + 2 + 6; // LOGIN_LEN + sizeOfMagic + sizeOfVer; - -IA_USER * iaUser = NULL; +std::string login(user->GetLogin()); +const size_t offset = LOGIN_LEN + 2 + 6; // LOGIN_LEN + sizeOfMagic + sizeOfVer; -CONN_SYN_6 * connSyn6; -CONN_SYN_7 * connSyn7; -CONN_SYN_8 * connSyn8; +std::lock_guard lock(m_mutex); +std::map::iterator it(ip2user.find(sip)); -CONN_ACK_6 * connAck; -ALIVE_ACK_6 * aliveAck; -DISCONN_SYN_6 * disconnSyn; -DISCONN_ACK_6 * disconnAck; - -map::iterator it; -it = ip2user.find(sip); - -if (it == ip2user.end() || (*user)->GetID() != it->second.user->GetID()) +if (it == ip2user.end()) { - // åÝÅ ÎÅ ÂÙÌÏ ÚÁÐÒÏÓÏ× Ó ÜÔÏÇÏ IP - printfd(__FILE__, "Add new user\n"); - ip2user[sip].protoVer = protoVer; - ip2user[sip].user = *user; - ip2user[sip].port = sport; - #ifdef IA_PHASE_DEBUG - ip2user[sip].phase.SetLogFileName(stgSettings->GetLogFileName()); - ip2user[sip].phase.SetUserLogin((*user)->GetLogin()); - #endif - - - it = ip2user.find(sip); //TODO - if (it == ip2user.end()) + UserPtr userPtr; + if (!users->FindByIPIdx(sip, &userPtr)) { - printfd(__FILE__, "+++ ERROR +++\n"); - return -1; + if (userPtr->GetID() != user->GetID()) + { + printfd(__FILE__, "IP address already in use by user '%s'. IP %s, login: '%s'\n", + userPtr->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + login.c_str()); + logger("IP address is already in use by user '%s'. IP %s, login: '%s'", + userPtr->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + login.c_str()); + SendError(sip, sport, protoVer, IconvString("IP-адрес уже сипользуется.", "utf8", "koi8-ru")); + return 0; + } } - } -iaUser = &(it->second); + printfd(__FILE__, "Add new user '%s' from ip %s\n", + login.c_str(), inet_ntostring(sip).c_str()); + std::pair::iterator, bool> res; + res = ip2user.insert(std::make_pair(sip, IA_USER(login, user, sport, protoVer))); + it = res.first; + #ifdef IA_PHASE_DEBUG + it->second.phase.SetLogFileName(stgSettings->GetLogFileName()); + it->second.phase.SetUserLogin(login); + #endif + } +else if (user->GetID() != it->second.user->GetID()) + { + printfd(__FILE__, "IP address already in use by user '%s'. IP %s, login: '%s'\n", + it->second.user->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + user->GetLogin().c_str()); + logger("IP address is already in use by user '%s'. IP %s, login: '%s'", + it->second.user->GetLogin().c_str(), + inet_ntostring(sip).c_str(), + user->GetLogin().c_str()); + SendError(sip, sport, protoVer, IconvString("IP-адрес уже используется.", "utf8", "koi8-ru")); + return 0; + } -if (iaUser->port != sport) - iaUser->port = sport; +IA_USER * iaUser = &(it->second); -if (iaUser->password != (*user)->GetProperty().password.Get()) +if (iaUser->password != user->GetProperties().password.Get()) { - InitEncrypt(&iaUser->ctx, (*user)->GetProperty().password.Get()); - iaUser->password = (*user)->GetProperty().password.Get(); + const std::string & password = user->GetProperties().password.Get(); + InitContext(password.c_str(), password.length(), &iaUser->ctx); + iaUser->password = user->GetProperties().password.Get(); } -buff += offset; -Decrypt(&iaUser->ctx, buff, buff, (dataLen - offset) / 8); +DecryptString(static_cast(buff) + offset, static_cast(buff) + offset, (dataLen - offset), &iaUser->ctx); char packetName[IA_MAX_TYPE_LEN]; -strncpy(packetName, buff + 4, IA_MAX_TYPE_LEN); +strncpy(packetName, static_cast(buff) + offset + 4, IA_MAX_TYPE_LEN); packetName[IA_MAX_TYPE_LEN - 1] = 0; -map::iterator pi; -pi = packetTypes.find(packetName); +std::map::iterator pi(packetTypes.find(packetName)); if (pi == packetTypes.end()) { - SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!"); + SendError(sip, sport, protoVer, IconvString("Неправильный логин или пароль.", "utf8", "koi8-ru")); printfd(__FILE__, "Login or password is wrong!\n"); - WriteServLog("User's connect failed. IP \'%s\'. Wrong login or password", inet_ntostring(sip).c_str()); - return 0; - } -else - { - pn = pi->second; - } - -if ((*user)->GetProperty().disabled.Get()) - { - SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ"); - return 0; - } - -if ((*user)->GetProperty().passive.Get()) - { - SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ"); - return 0; - } - -if ((*user)->GetAuthorized() && (*user)->GetCurrIP() != sip) - { - printfd(__FILE__, "Login %s alredy in use. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - WriteServLog("Login %s alredy in use. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - SendError(sip, sport, protoVer, "÷ÁÛ ÌÏÇÉÎ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); - return 0; - } - -USER_PTR u; -if (users->FindByIPIdx(sip, &u) == 0 && u->GetLogin() != (*user)->GetLogin()) - { - printfd(__FILE__, "IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str()); - WriteServLog("IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str()); - SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); + logger("User's connect failed. User: '%s', ip %s. Wrong login or password", + login.c_str(), + inet_ntostring(sip).c_str()); + ip2user.erase(it); return 0; } -// ôÅÐÅÒØ ÍÙ ÄÏÌÖÎÙ ÐÒÏ×ÅÒÉÔØ, ÍÏÖÅÔ ÌÉ ÐÏÌØÚÏ×ÁÔÅÌØ ÐÏÄËÌÀÞÉÔÓÑ Ó ÜÔÏÇÏ ÁÄÒÅÓÁ. -int ipFound = (*user)->GetProperty().ips.Get().IsIPInIPS(sip); -if (!ipFound) +if (user->IsAuthorizedBy(this) && user->GetCurrIP() != sip) { - printfd(__FILE__, "User %s. IP address is incorrect. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - WriteServLog("User %s. IP address is incorrect. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ."); + printfd(__FILE__, "Login %s already in use from ip %s. IP %s\n", + login.c_str(), inet_ntostring(user->GetCurrIP()).c_str(), + inet_ntostring(sip).c_str()); + logger("Login '%s' is already in use from ip %s. IP %s", + login.c_str(), + inet_ntostring(user->GetCurrIP()).c_str(), + inet_ntostring(sip).c_str()); + SendError(sip, sport, protoVer, IconvString("Логин уже используется.", "utf8", "koi8-ru")); + ip2user.erase(it); return 0; } -int ret = -1; - -switch (pn) +switch (pi->second) { case CONN_SYN_N: switch (protoVer) { case 6: - connSyn6 = (CONN_SYN_6*)(buff - offset); - ret = Process_CONN_SYN_6(connSyn6, &(it->second), sip); - break; + if (Process_CONN_SYN_6(static_cast(buff), &(it->second), sip)) + return -1; + return Send_CONN_SYN_ACK_6(iaUser, sip); case 7: - connSyn7 = (CONN_SYN_7*)(buff - offset); - ret = Process_CONN_SYN_7(connSyn7, &(it->second), sip); - break; + if (Process_CONN_SYN_7(static_cast(buff), &(it->second), sip)) + return -1; + return Send_CONN_SYN_ACK_7(iaUser, sip); case 8: - connSyn8 = (CONN_SYN_8*)(buff - offset); - ret = Process_CONN_SYN_8(connSyn8, &(it->second), sip); - break; - } - - if (ret != 0) - { - return 0; - } - switch (protoVer) - { - case 6: - Send_CONN_SYN_ACK_6(iaUser, sip); - break; - case 7: - Send_CONN_SYN_ACK_7(iaUser, sip); - break; - case 8: - Send_CONN_SYN_ACK_8(iaUser, sip); - break; + if (Process_CONN_SYN_8(static_cast(buff), &(it->second), sip)) + return -1; + return Send_CONN_SYN_ACK_8(iaUser, sip); } break; case CONN_ACK_N: - connAck = (CONN_ACK_6*)(buff - offset); switch (protoVer) { case 6: - ret = Process_CONN_ACK_6(connAck, iaUser, sip); - break; + if (Process_CONN_ACK_6(static_cast(buff), iaUser, sip)) + return -1; + return Send_ALIVE_SYN_6(iaUser, sip); case 7: - ret = Process_CONN_ACK_7(connAck, iaUser, sip); - break; + if (Process_CONN_ACK_7(static_cast(buff), iaUser, sip)) + return -1; + return Send_ALIVE_SYN_7(iaUser, sip); case 8: - ret = Process_CONN_ACK_8((CONN_ACK_8*)(buff - offset), iaUser, sip); - break; + if (Process_CONN_ACK_8(static_cast(buff), iaUser, sip)) + return -1; + return Send_ALIVE_SYN_8(iaUser, sip); } - - if (ret != 0) - { - SendError(sip, sport, protoVer, errorStr); - return 0; - } - - switch (protoVer) - { - case 6: - Send_ALIVE_SYN_6(iaUser, sip); - break; - case 7: - Send_ALIVE_SYN_7(iaUser, sip); - break; - case 8: - Send_ALIVE_SYN_8(iaUser, sip); - break; - } - break; - // ðÒÉÂÙÌ ÏÔ×ÅÔ Ó ÐÏÄÔ×ÅÒÖÄÅÎÉÅÍ ALIVE case ALIVE_ACK_N: - aliveAck = (ALIVE_ACK_6*)(buff - offset); switch (protoVer) { case 6: - ret = Process_ALIVE_ACK_6(aliveAck, iaUser, sip); - break; + return Process_ALIVE_ACK_6(static_cast(buff), iaUser, sip); case 7: - ret = Process_ALIVE_ACK_7(aliveAck, iaUser, sip); - break; + return Process_ALIVE_ACK_7(static_cast(buff), iaUser, sip); case 8: - ret = Process_ALIVE_ACK_8((ALIVE_ACK_8*)(buff - offset), iaUser, sip); - break; + return Process_ALIVE_ACK_8(static_cast(buff), iaUser, sip); } break; - // úÁÐÒÏÓ ÎÁ ÏÔËÌÀÞÅÎÉÅ case DISCONN_SYN_N: - - disconnSyn = (DISCONN_SYN_6*)(buff - offset); switch (protoVer) { case 6: - ret = Process_DISCONN_SYN_6(disconnSyn, iaUser, sip); - break; + if (Process_DISCONN_SYN_6(static_cast(buff), iaUser, sip)) + return -1; + return Send_DISCONN_SYN_ACK_6(iaUser, sip); case 7: - ret = Process_DISCONN_SYN_7(disconnSyn, iaUser, sip); - break; + if (Process_DISCONN_SYN_7(static_cast(buff), iaUser, sip)) + return -1; + return Send_DISCONN_SYN_ACK_7(iaUser, sip); case 8: - ret = Process_DISCONN_SYN_8((DISCONN_SYN_8*)(buff - offset), iaUser, sip); - break; - } - - if (ret != 0) - return 0; - - switch (protoVer) - { - case 6: - Send_DISCONN_SYN_ACK_6(iaUser, sip); - break; - case 7: - Send_DISCONN_SYN_ACK_7(iaUser, sip); - break; - case 8: - Send_DISCONN_SYN_ACK_8(iaUser, sip); - break; + if (Process_DISCONN_SYN_8(static_cast(buff), iaUser, sip)) + return -1; + return Send_DISCONN_SYN_ACK_8(iaUser, sip); } break; case DISCONN_ACK_N: - disconnAck = (DISCONN_ACK_6*)(buff - offset); - - switch (protoVer) - { - case 6: - ret = Process_DISCONN_ACK_6(disconnAck, iaUser, sip, it); - break; - case 7: - ret = Process_DISCONN_ACK_7(disconnAck, iaUser, sip, it); - break; - case 8: - ret = Process_DISCONN_ACK_8((DISCONN_ACK_8*)(buff - offset), iaUser, sip, it); - break; - } - switch (protoVer) { case 6: - Send_FIN_6(iaUser, sip, it); - break; + if (Process_DISCONN_ACK_6(static_cast(buff), iaUser, sip, it)) + return -1; + return Send_FIN_6(iaUser, sip, it); case 7: - Send_FIN_7(iaUser, sip, it); - break; + if (Process_DISCONN_ACK_7(static_cast(buff), iaUser, sip, it)) + return -1; + return Send_FIN_7(iaUser, sip, it); case 8: - Send_FIN_8(iaUser, sip, it); - break; + if (Process_DISCONN_ACK_8(static_cast(buff), iaUser, sip, it)) + return -1; + return Send_FIN_8(iaUser, sip, it); } break; } -return 0; +return -1; } //----------------------------------------------------------------------------- -void AUTH_IA::DelUser(USER_PTR u) +void AUTH_IA::DelUser(UserPtr u) { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); uint32_t ip = u->GetCurrIP(); if (!ip) return; -map::iterator it; +std::map::iterator it; + +std::lock_guard lock(m_mutex); it = ip2user.find(ip); if (it == ip2user.end()) { @@ -1067,17 +925,17 @@ if (it == ip2user.end()) if (it->second.user == u) { printfd(__FILE__, "User removed!\n"); - it->second.user->Unauthorize(this); + users->Unauthorize(u->GetLogin(), this); ip2user.erase(it); } } //----------------------------------------------------------------------------- -int AUTH_IA::SendError(uint32_t ip, uint16_t port, int protoVer, const string & text) +int AUTH_IA::SendError(uint32_t ip, uint16_t port, int protoVer, const std::string & text) { struct sockaddr_in sendAddr; +ssize_t res; switch (protoVer) { - int res; case 6: case 7: ERR err; @@ -1085,18 +943,17 @@ switch (protoVer) sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); - - sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ + sendAddr.sin_addr.s_addr = ip; err.len = 1; - strncpy((char*)err.type, "ERR", 16); - strncpy((char*)err.text, text.c_str(), MAX_MSG_LEN); + memcpy(err.type, "ERR", 3); + memcpy(err.text, text.c_str(), std::min(text.length(), MAX_MSG_LEN)); #ifdef ARCH_BE SwapBytes(err.len); #endif - res = sendto(listenSocket, &err, sizeof(err), 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr)); + res = sendto(listenSocket, &err, sizeof(err), 0, reinterpret_cast(&sendAddr), sizeof(sendAddr)); printfd(__FILE__, "SendError %d bytes sent\n", res); break; @@ -1106,18 +963,17 @@ switch (protoVer) sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); - - sendAddr.sin_addr.s_addr = ip;// IP ÐÏÌØÚÏ×ÁÔÅÌÑ + sendAddr.sin_addr.s_addr = ip; err8.len = 256; - strncpy((char*)err8.type, "ERR", 16); - strncpy((char*)err8.text, text.c_str(), MAX_MSG_LEN); + memcpy(err8.type, "ERR", 3); + memcpy(err8.text, text.c_str(), std::min(text.length(), MAX_MSG_LEN)); #ifdef ARCH_BE SwapBytes(err8.len); #endif - res = sendto(listenSocket, &err8, sizeof(err8), 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr)); + res = sendto(listenSocket, &err8, sizeof(err8), 0, reinterpret_cast(&sendAddr), sizeof(sendAddr)); printfd(__FILE__, "SendError_8 %d bytes sent\n", res); break; } @@ -1125,30 +981,27 @@ switch (protoVer) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Send(uint32_t ip, uint16_t port, const char * buffer, int len) +int AUTH_IA::Send(uint32_t ip, uint16_t port, const void* buffer, size_t len) { struct sockaddr_in sendAddr; -int res; sendAddr.sin_family = AF_INET; sendAddr.sin_port = htons(port); sendAddr.sin_addr.s_addr = ip; -res = sendto(listenSocket, buffer, len, 0, (struct sockaddr*)&sendAddr, sizeof(sendAddr)); - -static struct timeval tv; -gettimeofday(&tv, NULL); +if (sendto(listenSocket, buffer, len, 0, reinterpret_cast(&sendAddr), sizeof(sendAddr)) == static_cast(len)) + return 0; -return res; +return -1; } //----------------------------------------------------------------------------- -int AUTH_IA::SendMessage(const STG_MSG & msg, uint32_t ip) const +int AUTH_IA::SendMessage(const STG::Message & msg, uint32_t ip) const { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); - printfd(__FILE__, "SendMessage userIP=%s\n", inet_ntostring(ip).c_str()); -map::iterator it; +std::map::iterator it; + +std::lock_guard lock(m_mutex); it = ip2user.find(ip); if (it == ip2user.end()) { @@ -1159,19 +1012,17 @@ it->second.messagesToSend.push_back(msg); return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::RealSendMessage6(const STG_MSG & msg, uint32_t ip, IA_USER & user) +int AUTH_IA::RealSendMessage6(const STG::Message & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.user->GetLogin().c_str()); +printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.login.c_str()); -char buffer[256]; INFO_6 info; - memset(&info, 0, sizeof(INFO_6)); info.len = 256; -strncpy((char*)info.type, "INFO", 16); +memcpy(info.type, "INFO", 4); info.infoType = 'I'; -strncpy((char*)info.text, msg.text.c_str(), 235); +memcpy(info.text, msg.text.c_str(), std::min(msg.text.length(), 235)); info.text[234] = 0; size_t len = info.len; @@ -1179,27 +1030,23 @@ size_t len = info.len; SwapBytes(info.len); #endif +char buffer[256]; memcpy(buffer, &info, sizeof(INFO_6)); -Encrypt(&user.ctx, buffer, buffer, len / 8); -Send(ip, iaSettings.GetUserPort(), buffer, len); - -return 0; +EncryptString(buffer, buffer, len, &user.ctx); +return Send(ip, iaSettings.GetUserPort(), buffer, len); } //----------------------------------------------------------------------------- -int AUTH_IA::RealSendMessage7(const STG_MSG & msg, uint32_t ip, IA_USER & user) +int AUTH_IA::RealSendMessage7(const STG::Message & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.user->GetLogin().c_str()); +printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.login.c_str()); -char buffer[300]; INFO_7 info; - memset(&info, 0, sizeof(INFO_7)); info.len = 264; -strncpy((char*)info.type, "INFO_7", 16); -info.infoType = msg.header.type; -info.showTime = msg.header.showTime; - +memcpy(info.type, "INFO_7", 6); +info.infoType = static_cast(msg.header.type); +info.showTime = static_cast(msg.header.showTime); info.sendTime = msg.header.creationTime; size_t len = info.len; @@ -1208,35 +1055,30 @@ SwapBytes(info.len); SwapBytes(info.sendTime); #endif -strncpy((char*)info.text, msg.text.c_str(), MAX_MSG_LEN - 1); +memcpy(info.text, msg.text.c_str(), std::min(msg.text.length(), MAX_MSG_LEN - 1)); info.text[MAX_MSG_LEN - 1] = 0; +char buffer[300]; memcpy(buffer, &info, sizeof(INFO_7)); -Encrypt(&user.ctx, buffer, buffer, len / 8); -Send(ip, iaSettings.GetUserPort(), buffer, len); - -return 0; +EncryptString(buffer, buffer, len, &user.ctx); +return Send(ip, iaSettings.GetUserPort(), buffer, len); } //----------------------------------------------------------------------------- -int AUTH_IA::RealSendMessage8(const STG_MSG & msg, uint32_t ip, IA_USER & user) +int AUTH_IA::RealSendMessage8(const STG::Message & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.user->GetLogin().c_str()); - -char buffer[1500]; -memset(buffer, 0, sizeof(buffer)); +printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.login.c_str()); INFO_8 info; - memset(&info, 0, sizeof(INFO_8)); info.len = 1056; -strncpy((char*)info.type, "INFO_8", 16); -info.infoType = msg.header.type; -info.showTime = msg.header.showTime; +memcpy(info.type, "INFO_8", 6); +info.infoType = static_cast(msg.header.type); +info.showTime = static_cast(msg.header.showTime); info.sendTime = msg.header.creationTime; -strncpy((char*)info.text, msg.text.c_str(), IA_MAX_MSG_LEN_8 - 1); +memcpy(info.text, msg.text.c_str(), std::min(msg.text.length(), IA_MAX_MSG_LEN_8 - 1)); info.text[IA_MAX_MSG_LEN_8 - 1] = 0; size_t len = info.len; @@ -1245,12 +1087,11 @@ SwapBytes(info.len); SwapBytes(info.sendTime); #endif +char buffer[1500]; memcpy(buffer, &info, sizeof(INFO_8)); -Encrypt(&user.ctx, buffer, buffer, len / 8); -Send(ip, user.port, buffer, len); - -return 0; +EncryptString(buffer, buffer, len, &user.ctx); +return Send(ip, user.port, buffer, len); } //----------------------------------------------------------------------------- int AUTH_IA::Process_CONN_SYN_6(CONN_SYN_6 *, IA_USER * iaUser, uint32_t) @@ -1275,7 +1116,7 @@ int AUTH_IA::Process_CONN_SYN_8(CONN_SYN_8 * connSyn, IA_USER * iaUser, uint32_t #ifdef ARCH_BE SwapBytes(connSyn->dirs); #endif -int ret = Process_CONN_SYN_6((CONN_SYN_6*)connSyn, iaUser, sip); +int ret = Process_CONN_SYN_6(reinterpret_cast(connSyn), iaUser, sip); enabledDirs = connSyn->dirs; return ret; } @@ -1287,13 +1128,13 @@ SwapBytes(connAck->len); SwapBytes(connAck->rnd); #endif printfd( __FILE__, "CONN_ACK_6 %s\n", connAck->type); -// ÕÓÔÁÎÏ×ÉÔØ ÎÏ×ÕÀ ÆÁÚÕ É ×ÒÅÍÑ É ÒÁÚÒÅÛÉÔØ ÉÎÅÔ + if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { iaUser->phase.UpdateTime(); iaUser->lastSendAlive = iaUser->phase.GetTime(); - if (iaUser->user->Authorize(sip, "", enabledDirs, this) == 0) + if (users->Authorize(iaUser->login, sip, enabledDirs, this)) { iaUser->phase.SetPhase3(); printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_6\n"); @@ -1302,12 +1143,22 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) else { errorStr = iaUser->user->GetStrError(); + if (iaSettings.LogProtocolErrors()) + logger("IP: %s. User '%s'. Protocol version: %d. CONN_ACK: phase 2, authorization error ('%s').", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, errorStr.c_str()); iaUser->phase.SetPhase1(); + ip2user.erase(sip); printfd(__FILE__, "Phase changed from 2 to 1. Reason: failed to authorize user\n"); return -1; } } -printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: %d\n", iaUser->phase.GetPhase(), connAck->rnd); +printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: %d, expected: %d\n", iaUser->phase.GetPhase(), connAck->rnd, iaUser->rnd + 1); +if (iaSettings.LogProtocolErrors()) + { + if (iaUser->phase.GetPhase() != 2) + logger("IP: %s. User '%s'. Protocol version: %d. CONN_ACK: invalid phase, expected 2, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, iaUser->phase.GetPhase()); + if (connAck->rnd != iaUser->rnd + 1) + logger("IP: %s. User '%s'. Protocol version: %d. CONN_ACK: invalid control number, expected %d, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, (iaUser->rnd + 1), connAck->rnd); + } return -1; } //----------------------------------------------------------------------------- @@ -1328,7 +1179,7 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { iaUser->phase.UpdateTime(); iaUser->lastSendAlive = iaUser->phase.GetTime(); - if (iaUser->user->Authorize(sip, "", enabledDirs, this) == 0) + if (users->Authorize(iaUser->login, sip, enabledDirs, this)) { iaUser->phase.SetPhase3(); printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_8\n"); @@ -1337,12 +1188,22 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) else { errorStr = iaUser->user->GetStrError(); + if (iaSettings.LogProtocolErrors()) + logger("IP: %s. User '%s'. Protocol version: %d. CONN_ACK: phase 2, authorization error ('%s').", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, errorStr.c_str()); iaUser->phase.SetPhase1(); + ip2user.erase(sip); printfd(__FILE__, "Phase changed from 2 to 1. Reason: failed to authorize user\n"); return -1; } } -printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: %d\n", iaUser->phase.GetPhase(), connAck->rnd); +printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: %d, expected: %d\n", iaUser->phase.GetPhase(), connAck->rnd, iaUser->rnd + 1); +if (iaSettings.LogProtocolErrors()) + { + if (iaUser->phase.GetPhase() != 2) + logger("IP: %s. User '%s'. Protocol version: %d. CONN_ACK: invalid phase, expected 2, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, iaUser->phase.GetPhase()); + if (connAck->rnd != iaUser->rnd + 1) + logger("IP: %s. User '%s'. Protocol version: %d. CONN_ACK: invalid control number, expected %d, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, (iaUser->rnd + 1), connAck->rnd); + } return -1; } //----------------------------------------------------------------------------- @@ -1385,11 +1246,13 @@ if ((iaUser->phase.GetPhase() == 3) && (aliveAck->rnd == iaUser->rnd + 1)) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_SYN_6(DISCONN_SYN_6 *, IA_USER * iaUser, uint32_t) +int AUTH_IA::Process_DISCONN_SYN_6(DISCONN_SYN_6 *, IA_USER * iaUser, uint32_t sip) { printfd(__FILE__, "DISCONN_SYN_6\n"); if (iaUser->phase.GetPhase() != 3) { + if (iaSettings.LogProtocolErrors()) + logger("IP: %s. User '%s'. Protocol version: %d. DISCONN_SYN: invalid phase, expected 3, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, iaUser->phase.GetPhase()); printfd(__FILE__, "Invalid phase. Expected 3, actual %d\n", iaUser->phase.GetPhase()); errorStr = "Incorrect request DISCONN_SYN"; return -1; @@ -1406,10 +1269,12 @@ int AUTH_IA::Process_DISCONN_SYN_7(DISCONN_SYN_7 * disconnSyn, IA_USER * iaUser, return Process_DISCONN_SYN_6(disconnSyn, iaUser, sip); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_SYN_8(DISCONN_SYN_8 *, IA_USER * iaUser, uint32_t) +int AUTH_IA::Process_DISCONN_SYN_8(DISCONN_SYN_8 *, IA_USER * iaUser, uint32_t sip) { if (iaUser->phase.GetPhase() != 3) { + if (iaSettings.LogProtocolErrors()) + logger("IP: %s. User '%s'. Protocol version: %d. DISCONN_SYN: invalid phase, expected 3, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, iaUser->phase.GetPhase()); errorStr = "Incorrect request DISCONN_SYN"; printfd(__FILE__, "Invalid phase. Expected 3, actual %d\n", iaUser->phase.GetPhase()); return -1; @@ -1423,8 +1288,8 @@ return 0; //----------------------------------------------------------------------------- int AUTH_IA::Process_DISCONN_ACK_6(DISCONN_ACK_6 * disconnAck, IA_USER * iaUser, - uint32_t, - map::iterator) + uint32_t sip, + std::map::iterator) { #ifdef ARCH_BE SwapBytes(disconnAck->len); @@ -1433,6 +1298,13 @@ SwapBytes(disconnAck->rnd); printfd(__FILE__, "DISCONN_ACK_6\n"); if (!((iaUser->phase.GetPhase() == 4) && (disconnAck->rnd == iaUser->rnd + 1))) { + if (iaSettings.LogProtocolErrors()) + { + if (iaUser->phase.GetPhase() != 4) + logger("IP: %s. User '%s'. Protocol version: %d. DISCONN_ACK: invalid phase, expected 4, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, iaUser->phase.GetPhase()); + if (disconnAck->rnd != iaUser->rnd + 1) + logger("IP: %s. User '%s'. Protocol version: %d. DISCONN_ACK: invalid control number, expected %d, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, (iaUser->rnd + 1), disconnAck->rnd); + } printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: %d\n", iaUser->phase.GetPhase(), disconnAck->rnd); return -1; } @@ -1440,12 +1312,12 @@ if (!((iaUser->phase.GetPhase() == 4) && (disconnAck->rnd == iaUser->rnd + 1))) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_ACK_7(DISCONN_ACK_7 * disconnAck, IA_USER * iaUser, uint32_t sip, map::iterator it) +int AUTH_IA::Process_DISCONN_ACK_7(DISCONN_ACK_7 * disconnAck, IA_USER * iaUser, uint32_t sip, std::map::iterator it) { return Process_DISCONN_ACK_6(disconnAck, iaUser, sip, it); } //----------------------------------------------------------------------------- -int AUTH_IA::Process_DISCONN_ACK_8(DISCONN_ACK_8 * disconnAck, IA_USER * iaUser, uint32_t, map::iterator) +int AUTH_IA::Process_DISCONN_ACK_8(DISCONN_ACK_8 * disconnAck, IA_USER * iaUser, uint32_t sip, std::map::iterator) { #ifdef ARCH_BE SwapBytes(disconnAck->len); @@ -1454,6 +1326,13 @@ SwapBytes(disconnAck->rnd); printfd(__FILE__, "DISCONN_ACK_8\n"); if (!((iaUser->phase.GetPhase() == 4) && (disconnAck->rnd == iaUser->rnd + 1))) { + if (iaSettings.LogProtocolErrors()) + { + if (iaUser->phase.GetPhase() != 4) + logger("IP: %s. User '%s'. Protocol version: %d. DISCONN_ACK: invalid phase, expected 4, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, iaUser->phase.GetPhase()); + if (disconnAck->rnd != iaUser->rnd + 1) + logger("IP: %s. User '%s'. Protocol version: %d. DISCONN_ACK: invalid control number, expected %d, got %d.", inet_ntostring(sip).c_str(), iaUser->login.c_str(), iaUser->protoVer, (iaUser->rnd + 1), disconnAck->rnd); + } printfd(__FILE__, "Invalid phase or control number. Phase: %d. Control number: %d\n", iaUser->phase.GetPhase(), disconnAck->rnd); return -1; } @@ -1466,22 +1345,24 @@ int AUTH_IA::Send_CONN_SYN_ACK_6(IA_USER * iaUser, uint32_t sip) //+++ Fill static data in connSynAck +++ // TODO Move this code. It must be executed only once connSynAck6.len = Min8(sizeof(CONN_SYN_ACK_6)); -strcpy((char*)connSynAck6.type, "CONN_SYN_ACK"); +memcpy(connSynAck6.type, "CONN_SYN_ACK", 12); for (int j = 0; j < DIR_NUM; j++) { - strncpy((char*)connSynAck6.dirName[j], - stgSettings->GetDirName(j).c_str(), - sizeof(string16)); + memcpy(connSynAck6.dirName[j], + stgSettings->GetDirName(j).c_str(), + std::min(stgSettings->GetDirName(j).length(), sizeof(string16))); connSynAck6.dirName[j][sizeof(string16) - 1] = 0; } //--- Fill static data in connSynAck --- -iaUser->rnd = random(); +iaUser->rnd = static_cast(random()); connSynAck6.rnd = iaUser->rnd; -connSynAck6.userTimeOut = iaSettings.GetUserTimeout(); -connSynAck6.aliveDelay = iaSettings.GetUserDelay(); +printfd(__FILE__, "Sending CONN_SYN_ACK with control number %d.\n", iaUser->rnd); + +connSynAck6.userTimeOut = iaSettings.GetUserTimeout().GetSec(); +connSynAck6.aliveDelay = iaSettings.GetUserDelay().GetSec(); #ifdef ARCH_BE SwapBytes(connSynAck6.len); @@ -1490,8 +1371,8 @@ SwapBytes(connSynAck6.userTimeOut); SwapBytes(connSynAck6.aliveDelay); #endif -Encrypt(&iaUser->ctx, (char*)&connSynAck6, (char*)&connSynAck6, Min8(sizeof(CONN_SYN_ACK_6))/8); -return Send(sip, iaSettings.GetUserPort(), (char*)&connSynAck6, Min8(sizeof(CONN_SYN_ACK_6)));; +EncryptString(&connSynAck6, &connSynAck6, Min8(sizeof(CONN_SYN_ACK_6)), &iaUser->ctx); +return Send(sip, iaSettings.GetUserPort(), &connSynAck6, Min8(sizeof(CONN_SYN_ACK_6)));; } //----------------------------------------------------------------------------- int AUTH_IA::Send_CONN_SYN_ACK_7(IA_USER * iaUser, uint32_t sip) @@ -1501,29 +1382,31 @@ return Send_CONN_SYN_ACK_6(iaUser, sip); //----------------------------------------------------------------------------- int AUTH_IA::Send_CONN_SYN_ACK_8(IA_USER * iaUser, uint32_t sip) { -strcpy((char*)connSynAck8.hdr.magic, IA_ID); +memcpy(connSynAck8.hdr.magic, IA_ID, strlen(IA_ID)); connSynAck8.hdr.protoVer[0] = 0; connSynAck8.hdr.protoVer[1] = 8; //+++ Fill static data in connSynAck +++ // TODO Move this code. It must be executed only once connSynAck8.len = Min8(sizeof(CONN_SYN_ACK_8)); -strcpy((char*)connSynAck8.type, "CONN_SYN_ACK"); +memcpy(connSynAck8.type, "CONN_SYN_ACK", 12); for (int j = 0; j < DIR_NUM; j++) { - strncpy((char*)connSynAck8.dirName[j], - stgSettings->GetDirName(j).c_str(), - sizeof(string16)); + memcpy(connSynAck8.dirName[j], + stgSettings->GetDirName(j).c_str(), + std::min(stgSettings->GetDirName(j).length(), sizeof(string16))); connSynAck8.dirName[j][sizeof(string16) - 1] = 0; } //--- Fill static data in connSynAck --- -iaUser->rnd = random(); +iaUser->rnd = static_cast(random()); connSynAck8.rnd = iaUser->rnd; -connSynAck8.userTimeOut = iaSettings.GetUserTimeout(); -connSynAck8.aliveDelay = iaSettings.GetUserDelay(); +printfd(__FILE__, "Sending CONN_SYN_ACK with control number %d.\n", iaUser->rnd); + +connSynAck8.userTimeOut = iaSettings.GetUserTimeout().GetSec(); +connSynAck8.aliveDelay = iaSettings.GetUserDelay().GetSec(); #ifdef ARCH_BE SwapBytes(connSynAck8.len); @@ -1532,22 +1415,21 @@ SwapBytes(connSynAck8.userTimeOut); SwapBytes(connSynAck8.aliveDelay); #endif -Encrypt(&iaUser->ctx, (char*)&connSynAck8, (char*)&connSynAck8, Min8(sizeof(CONN_SYN_ACK_8))/8); -return Send(sip, iaUser->port, (char*)&connSynAck8, Min8(sizeof(CONN_SYN_ACK_8))); -//return Send(sip, iaUser->port, (char*)&connSynAck8, 384); +EncryptString(&connSynAck8, &connSynAck8, Min8(sizeof(CONN_SYN_ACK_8)), &iaUser->ctx); +return Send(sip, iaUser->port, &connSynAck8, Min8(sizeof(CONN_SYN_ACK_8))); } //----------------------------------------------------------------------------- int AUTH_IA::Send_ALIVE_SYN_6(IA_USER * iaUser, uint32_t sip) { aliveSyn6.len = Min8(sizeof(ALIVE_SYN_6)); -aliveSyn6.rnd = iaUser->rnd = random(); +aliveSyn6.rnd = iaUser->rnd = static_cast(random()); -strcpy((char*)aliveSyn6.type, "ALIVE_SYN"); +memcpy(aliveSyn6.type, "ALIVE_SYN", 9); for (int i = 0; i < DIR_NUM; i++) { - aliveSyn6.md[i] = iaUser->user->GetProperty().down.Get()[i]; - aliveSyn6.mu[i] = iaUser->user->GetProperty().up.Get()[i]; + aliveSyn6.md[i] = iaUser->user->GetProperties().down.Get()[i]; + aliveSyn6.mu[i] = iaUser->user->GetProperties().up.Get()[i]; aliveSyn6.sd[i] = iaUser->user->GetSessionDownload()[i]; aliveSyn6.su[i] = iaUser->user->GetSessionUpload()[i]; @@ -1555,7 +1437,7 @@ for (int i = 0; i < DIR_NUM; i++) //TODO int dn = iaSettings.GetFreeMbShowType(); -const TARIFF * tf = iaUser->user->GetTariff(); +const auto tf = iaUser->user->GetTariff(); if (dn < DIR_NUM) { @@ -1563,16 +1445,16 @@ if (dn < DIR_NUM) aliveSyn6.md[dn], dn, stgTime); - p *= (1024 * 1024); - if (p == 0) + p *= 1024 * 1024; + if (std::fabs(p) < 1.0e-3) { - snprintf((char*)aliveSyn6.freeMb, IA_FREEMB_LEN, "---"); + memcpy(aliveSyn6.freeMb, "---", 3); } else { - double fmb = iaUser->user->GetProperty().freeMb; + double fmb = iaUser->user->GetProperties().freeMb; fmb = fmb < 0 ? 0 : fmb; - snprintf((char*)aliveSyn6.freeMb, IA_FREEMB_LEN, "%.3f", fmb / p); + snprintf(reinterpret_cast(aliveSyn6.freeMb), IA_FREEMB_LEN, "%.3f", fmb / p); } } else @@ -1583,23 +1465,23 @@ else } else { - double fmb = iaUser->user->GetProperty().freeMb; + double fmb = iaUser->user->GetProperties().freeMb; fmb = fmb < 0 ? 0 : fmb; - snprintf((char*)aliveSyn6.freeMb, IA_FREEMB_LEN, "C%.3f", fmb); + snprintf(reinterpret_cast(aliveSyn6.freeMb), IA_FREEMB_LEN, "C%.3f", fmb); } } #ifdef IA_DEBUG if (iaUser->aliveSent) { - printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->user->GetLogin().c_str()); + printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->login.c_str()); } iaUser->aliveSent = true; #endif -aliveSyn6.cash =(int64_t) (iaUser->user->GetProperty().cash.Get() * 1000.0); +aliveSyn6.cash = static_cast(iaUser->user->GetProperties().cash.Get() * 1000.0); if (!stgSettings->GetShowFeeInCash()) - aliveSyn6.cash -= (int64_t)(tf->GetFee() * 1000.0); + aliveSyn6.cash -= static_cast((tf->GetFee() * 1000.0)); #ifdef ARCH_BE SwapBytes(aliveSyn6.len); @@ -1614,8 +1496,8 @@ for (int i = 0; i < DIR_NUM; ++i) } #endif -Encrypt(&(iaUser->ctx), (char*)&aliveSyn6, (char*)&aliveSyn6, Min8(sizeof(aliveSyn6))/8); -return Send(sip, iaSettings.GetUserPort(), (char*)&aliveSyn6, Min8(sizeof(aliveSyn6))); +EncryptString(&aliveSyn6, &aliveSyn6, Min8(sizeof(aliveSyn6)), &iaUser->ctx); +return Send(sip, iaSettings.GetUserPort(), &aliveSyn6, Min8(sizeof(aliveSyn6))); } //----------------------------------------------------------------------------- int AUTH_IA::Send_ALIVE_SYN_7(IA_USER * iaUser, uint32_t sip) @@ -1625,19 +1507,19 @@ return Send_ALIVE_SYN_6(iaUser, sip); //----------------------------------------------------------------------------- int AUTH_IA::Send_ALIVE_SYN_8(IA_USER * iaUser, uint32_t sip) { -strcpy((char*)aliveSyn8.hdr.magic, IA_ID); +memcpy(aliveSyn8.hdr.magic, IA_ID, strlen(IA_ID)); aliveSyn8.hdr.protoVer[0] = 0; aliveSyn8.hdr.protoVer[1] = 8; aliveSyn8.len = Min8(sizeof(ALIVE_SYN_8)); -aliveSyn8.rnd = iaUser->rnd = random(); +aliveSyn8.rnd = iaUser->rnd = static_cast(random()); -strcpy((char*)aliveSyn8.type, "ALIVE_SYN"); +memcpy(aliveSyn8.type, "ALIVE_SYN", 9); for (int i = 0; i < DIR_NUM; i++) { - aliveSyn8.md[i] = iaUser->user->GetProperty().down.Get()[i]; - aliveSyn8.mu[i] = iaUser->user->GetProperty().up.Get()[i]; + aliveSyn8.md[i] = iaUser->user->GetProperties().down.Get()[i]; + aliveSyn8.mu[i] = iaUser->user->GetProperties().up.Get()[i]; aliveSyn8.sd[i] = iaUser->user->GetSessionDownload()[i]; aliveSyn8.su[i] = iaUser->user->GetSessionUpload()[i]; @@ -1648,21 +1530,21 @@ int dn = iaSettings.GetFreeMbShowType(); if (dn < DIR_NUM) { - const TARIFF * tf = iaUser->user->GetTariff(); + const auto tf = iaUser->user->GetTariff(); double p = tf->GetPriceWithTraffType(aliveSyn8.mu[dn], aliveSyn8.md[dn], dn, stgTime); - p *= (1024 * 1024); - if (p == 0) + p *= 1024 * 1024; + if (std::fabs(p) < 1.0e-3) { - snprintf((char*)aliveSyn8.freeMb, IA_FREEMB_LEN, "---"); + memcpy(aliveSyn8.freeMb, "---", 3); } else { - double fmb = iaUser->user->GetProperty().freeMb; + double fmb = iaUser->user->GetProperties().freeMb; fmb = fmb < 0 ? 0 : fmb; - snprintf((char*)aliveSyn8.freeMb, IA_FREEMB_LEN, "%.3f", fmb / p); + snprintf(reinterpret_cast(aliveSyn8.freeMb), IA_FREEMB_LEN, "%.3f", fmb / p); } } else @@ -1673,9 +1555,9 @@ else } else { - double fmb = iaUser->user->GetProperty().freeMb; + double fmb = iaUser->user->GetProperties().freeMb; fmb = fmb < 0 ? 0 : fmb; - snprintf((char*)aliveSyn8.freeMb, IA_FREEMB_LEN, "C%.3f", fmb); + snprintf(reinterpret_cast(aliveSyn8.freeMb), IA_FREEMB_LEN, "C%.3f", fmb); } } @@ -1687,11 +1569,11 @@ if (iaUser->aliveSent) iaUser->aliveSent = true; #endif -const TARIFF * tf = iaUser->user->GetTariff(); +const auto tf = iaUser->user->GetTariff(); -aliveSyn8.cash =(int64_t) (iaUser->user->GetProperty().cash.Get() * 1000.0); +aliveSyn8.cash = static_cast(iaUser->user->GetProperties().cash.Get() * 1000.0); if (!stgSettings->GetShowFeeInCash()) - aliveSyn8.cash -= (int64_t)(tf->GetFee() * 1000.0); + aliveSyn8.cash -= static_cast(tf->GetFee() * 1000.0); #ifdef ARCH_BE SwapBytes(aliveSyn8.len); @@ -1707,23 +1589,23 @@ for (int i = 0; i < DIR_NUM; ++i) } #endif -Encrypt(&(iaUser->ctx), (char*)&aliveSyn8, (char*)&aliveSyn8, Min8(sizeof(aliveSyn8))/8); -return Send(sip, iaUser->port, (char*)&aliveSyn8, Min8(sizeof(aliveSyn8))); +EncryptString(&aliveSyn8, &aliveSyn8, Min8(sizeof(aliveSyn8)), &iaUser->ctx); +return Send(sip, iaUser->port, &aliveSyn8, Min8(sizeof(aliveSyn8))); } //----------------------------------------------------------------------------- int AUTH_IA::Send_DISCONN_SYN_ACK_6(IA_USER * iaUser, uint32_t sip) { disconnSynAck6.len = Min8(sizeof(DISCONN_SYN_ACK_6)); -strcpy((char*)disconnSynAck6.type, "DISCONN_SYN_ACK"); -disconnSynAck6.rnd = iaUser->rnd = random(); +memcpy(disconnSynAck6.type, "DISCONN_SYN_ACK", 15); +disconnSynAck6.rnd = iaUser->rnd = static_cast(random()); #ifdef ARCH_BE SwapBytes(disconnSynAck6.len); SwapBytes(disconnSynAck6.rnd); #endif -Encrypt(&iaUser->ctx, (char*)&disconnSynAck6, (char*)&disconnSynAck6, Min8(sizeof(disconnSynAck6))/8); -return Send(sip, iaSettings.GetUserPort(), (char*)&disconnSynAck6, Min8(sizeof(disconnSynAck6))); +EncryptString(&disconnSynAck6, &disconnSynAck6, Min8(sizeof(disconnSynAck6)), &iaUser->ctx); +return Send(sip, iaSettings.GetUserPort(), &disconnSynAck6, Min8(sizeof(disconnSynAck6))); } //----------------------------------------------------------------------------- int AUTH_IA::Send_DISCONN_SYN_ACK_7(IA_USER * iaUser, uint32_t sip) @@ -1733,121 +1615,70 @@ return Send_DISCONN_SYN_ACK_6(iaUser, sip); //----------------------------------------------------------------------------- int AUTH_IA::Send_DISCONN_SYN_ACK_8(IA_USER * iaUser, uint32_t sip) { -strcpy((char*)disconnSynAck8.hdr.magic, IA_ID); +memcpy(disconnSynAck8.hdr.magic, IA_ID, strlen(IA_ID)); disconnSynAck8.hdr.protoVer[0] = 0; disconnSynAck8.hdr.protoVer[1] = 8; disconnSynAck8.len = Min8(sizeof(DISCONN_SYN_ACK_8)); -strcpy((char*)disconnSynAck8.type, "DISCONN_SYN_ACK"); -disconnSynAck8.rnd = iaUser->rnd = random(); +memcpy(disconnSynAck8.type, "DISCONN_SYN_ACK", 15); +disconnSynAck8.rnd = iaUser->rnd = static_cast(random()); #ifdef ARCH_BE SwapBytes(disconnSynAck8.len); SwapBytes(disconnSynAck8.rnd); #endif -Encrypt(&iaUser->ctx, (char*)&disconnSynAck8, (char*)&disconnSynAck8, Min8(sizeof(disconnSynAck8))/8); -return Send(sip, iaUser->port, (char*)&disconnSynAck8, Min8(sizeof(disconnSynAck8))); +EncryptString(&disconnSynAck8, &disconnSynAck8, Min8(sizeof(disconnSynAck8)), &iaUser->ctx); +return Send(sip, iaUser->port, &disconnSynAck8, Min8(sizeof(disconnSynAck8))); } //----------------------------------------------------------------------------- -int AUTH_IA::Send_FIN_6(IA_USER * iaUser, uint32_t sip, map::iterator it) +int AUTH_IA::Send_FIN_6(IA_USER * iaUser, uint32_t sip, std::map::iterator it) { fin6.len = Min8(sizeof(FIN_6)); -strcpy((char*)fin6.type, "FIN"); -strcpy((char*)fin6.ok, "OK"); +memcpy(fin6.type, "FIN", 3); +memcpy(fin6.ok, "OK", 2); #ifdef ARCH_BE SwapBytes(fin6.len); #endif -Encrypt(&iaUser->ctx, (char*)&fin6, (char*)&fin6, Min8(sizeof(fin6))/8); +EncryptString(&fin6, &fin6, Min8(sizeof(fin6)), &iaUser->ctx); + +users->Unauthorize(iaUser->login, this); -iaUser->user->Unauthorize(this); +int res = Send(sip, iaSettings.GetUserPort(), &fin6, Min8(sizeof(fin6))); -int ret = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6))); ip2user.erase(it); -return ret; + +return res; } //----------------------------------------------------------------------------- -int AUTH_IA::Send_FIN_7(IA_USER * iaUser, uint32_t sip, map::iterator it) +int AUTH_IA::Send_FIN_7(IA_USER * iaUser, uint32_t sip, std::map::iterator it) { return Send_FIN_6(iaUser, sip, it); } //----------------------------------------------------------------------------- -int AUTH_IA::Send_FIN_8(IA_USER * iaUser, uint32_t sip, map::iterator it) +int AUTH_IA::Send_FIN_8(IA_USER * iaUser, uint32_t sip, std::map::iterator it) { -strcpy((char*)fin8.hdr.magic, IA_ID); +memcpy(fin8.hdr.magic, IA_ID, strlen(IA_ID)); fin8.hdr.protoVer[0] = 0; fin8.hdr.protoVer[1] = 8; fin8.len = Min8(sizeof(FIN_8)); -strcpy((char*)fin8.type, "FIN"); -strcpy((char*)fin8.ok, "OK"); +memcpy(fin8.type, "FIN", 3); +memcpy(fin8.ok, "OK", 2); #ifdef ARCH_BE SwapBytes(fin8.len); #endif -Encrypt(&iaUser->ctx, (char*)&fin8, (char*)&fin8, Min8(sizeof(fin8))/8); +EncryptString(&fin8, &fin8, Min8(sizeof(fin8)), &iaUser->ctx); -iaUser->user->Unauthorize(this); +users->Unauthorize(iaUser->login, this); -int ret = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8))); -ip2user.erase(it); -return ret; -} -//----------------------------------------------------------------------------- -bool AUTH_IA::WaitPackets(int sd) const -{ -fd_set rfds; -FD_ZERO(&rfds); -FD_SET(sd, &rfds); +int res = Send(sip, iaUser->port, &fin8, Min8(sizeof(fin8))); -struct timeval tv; -tv.tv_sec = 0; -tv.tv_usec = 500000; - -int res = select(sd + 1, &rfds, NULL, NULL, &tv); -if (res == -1) // Error - { - if (errno != EINTR) - { - printfd(__FILE__, "Error on select: '%s'\n", strerror(errno)); - } - return false; - } - -if (res == 0) // Timeout - { - return false; - } - -return true; -} -//----------------------------------------------------------------------------- -inline -void InitEncrypt(BLOWFISH_CTX * ctx, const string & password) -{ -unsigned char keyL[PASSWD_LEN]; // ðÁÒÏÌØ ÄÌÑ ÛÉÆÒÏ×ËÉ -memset(keyL, 0, PASSWD_LEN); -strncpy((char *)keyL, password.c_str(), PASSWD_LEN); -Blowfish_Init(ctx, keyL, PASSWD_LEN); -} -//----------------------------------------------------------------------------- -inline -void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8) -{ -// len8 - ÄÌÉÎÁ × 8-ÍÉ ÂÁÊÔÏ×ÙÈ ÂÌÏËÁÈ - -for (int i = 0; i < len8; i++) - DecodeString(dst + i * 8, src + i * 8, ctx); -} -//----------------------------------------------------------------------------- -inline -void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8) -{ -// len8 - ÄÌÉÎÁ × 8-ÍÉ ÂÁÊÔÏ×ÙÈ ÂÌÏËÁÈ +ip2user.erase(it); -for (int i = 0; i < len8; i++) - EncodeString(dst + i * 8, src + i * 8, ctx); +return res; }