X-Git-Url: https://git.stg.codes/stg.git/blobdiff_plain/ede91934442fd804d7b818971a44e3ad795cb01f..eb343675a4fe177df5be5a3dd75952a7264212f9:/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp diff --git a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp index 3918f0b3..e474d299 100644 --- a/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp +++ b/projects/stargazer/plugins/authorization/inetaccess/inetaccess.cpp @@ -30,6 +30,7 @@ #include #include +#include // usleep, close #include #include @@ -37,12 +38,13 @@ #include #include +#include "stg/common.h" +#include "stg/locker.h" +#include "stg/tariff.h" +#include "stg/user_property.h" +#include "stg/settings.h" +#include "stg/plugin_creator.h" #include "inetaccess.h" -#include "common.h" -#include "stg_locker.h" -#include "tariff.h" -#include "../../../settings.h" -#include "../../../user_property.h" extern volatile const time_t stgTime; @@ -50,31 +52,10 @@ void InitEncrypt(BLOWFISH_CTX * ctx, const string & password); void Decrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8); void Encrypt(BLOWFISH_CTX * ctx, char * dst, const char * src, int len8); -//----------------------------------------------------------------------------- -class IA_CREATOR -{ -private: - AUTH_IA * ia; - -public: - IA_CREATOR() - : ia(new AUTH_IA()) - { - }; - ~IA_CREATOR() - { - delete ia; - }; - - AUTH_IA * GetPlugin() - { - return ia; - }; -}; //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- -IA_CREATOR iac; +PLUGIN_CREATOR iac; //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- @@ -93,21 +74,6 @@ AUTH_IA_SETTINGS::AUTH_IA_SETTINGS() { } //----------------------------------------------------------------------------- -int AUTH_IA_SETTINGS::ParseIntInRange(const string & str, int min, int max, int * val) -{ -if (str2x(str.c_str(), *val)) - { - errorStr = "Incorrect value \'" + str + "\'."; - return -1; - } -if (*val < min || *val > max) - { - errorStr = "Value \'" + str + "\' out of range."; - return -1; - } -return 0; -} -//----------------------------------------------------------------------------- int AUTH_IA_SETTINGS::ParseSettings(const MODULE_SETTINGS & s) { int p; @@ -545,8 +511,8 @@ while (ia->nonstop) { usleep(20000); ia->Timeouter(); - // TODO cahange counter to timer and MONITOR_TIME_DELAY_SEC - if (++a % (50*60) == 0 && ia->stgSettings->GetMonitoring()) + // TODO change counter to timer and MONITOR_TIME_DELAY_SEC + if (++a % (50 * 60) == 0 && ia->stgSettings->GetMonitoring()) { TouchFile(monFile.c_str()); } @@ -586,16 +552,6 @@ if (bind(listenSocket, (struct sockaddr*)&listenAddr, sizeof(listenAddr)) < 0) return -1; } -/*int buffLen; -if (getsockopt(listenSocket, SOL_SOCKET, SO_SNDBUF, &buffLen, sizeof(buffLen)) < 0) - { - - errorStr = "Getsockopt failed. " + string(strerror(errno)); - return -1; - }*/ - -//WriteServLog("buffLen = %d", buffLen); - return 0; } //----------------------------------------------------------------------------- @@ -650,7 +606,7 @@ USER_PTR user; if (users->FindByName(login, &user) == 0) { printfd(__FILE__, "User %s FOUND!\n", user->GetLogin().c_str()); - PacketProcessor(buffer, dataLen, sip, sport, protoVer, &user); + PacketProcessor(buffer, dataLen, sip, sport, protoVer, user); } else { @@ -662,7 +618,6 @@ else } return 0; - } //----------------------------------------------------------------------------- int AUTH_IA::CheckHeader(const char * buffer, int * protoVer) @@ -754,7 +709,7 @@ while (it != ip2user.end()) if ((currTime - it->second.phase.GetTime()) > iaSettings.GetUserTimeout()) { - it->second.user->Unauthorize(this); + users->Unauthorize(it->second.user->GetLogin(), this); ip2user.erase(it++); continue; } @@ -773,11 +728,10 @@ while (it != ip2user.end()) return 0; } //----------------------------------------------------------------------------- -int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR * user) +int AUTH_IA::PacketProcessor(char * buff, int dataLen, uint32_t sip, uint16_t sport, int protoVer, USER_PTR user) { -STG_LOCKER lock(&mutex, __FILE__, __LINE__); +std::string login(user->GetLogin()); // ôÕÔ ÓÏÂÒÁÎÙ ÏÂÒÁÂÏÔÞÉËÉ ÒÁÚÎÙÈ ÐÁËÅÔÏ× -int pn = -1; const int offset = LOGIN_LEN + 2 + 6; // LOGIN_LEN + sizeOfMagic + sizeOfVer; IA_USER * iaUser = NULL; @@ -791,19 +745,20 @@ ALIVE_ACK_6 * aliveAck; DISCONN_SYN_6 * disconnSyn; DISCONN_ACK_6 * disconnAck; -map::iterator it; -it = ip2user.find(sip); +STG_LOCKER lock(&mutex, __FILE__, __LINE__); +map::iterator it(ip2user.find(sip)); -if (it == ip2user.end() || (*user)->GetID() != it->second.user->GetID()) +if (it == ip2user.end()) { // åÝÅ ÎÅ ÂÙÌÏ ÚÁÐÒÏÓÏ× Ó ÜÔÏÇÏ IP printfd(__FILE__, "Add new user\n"); + ip2user[sip].login = user->GetLogin(); + ip2user[sip].user = user; ip2user[sip].protoVer = protoVer; - ip2user[sip].user = *user; ip2user[sip].port = sport; #ifdef IA_PHASE_DEBUG ip2user[sip].phase.SetLogFileName(stgSettings->GetLogFileName()); - ip2user[sip].phase.SetUserLogin((*user)->GetLogin()); + ip2user[sip].phase.SetUserLogin(login); #endif @@ -814,16 +769,23 @@ if (it == ip2user.end() || (*user)->GetID() != it->second.user->GetID()) return -1; } } +else if (user->GetID() != it->second.user->GetID()) + { + printfd(__FILE__, "IP address already in use. IP \'%s\'\n", inet_ntostring(sip).c_str()); + WriteServLog("IP address already in use. IP \'%s\'", inet_ntostring(sip).c_str()); + SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); + return 0; + } iaUser = &(it->second); if (iaUser->port != sport) iaUser->port = sport; -if (iaUser->password != (*user)->GetProperty().password.Get()) +if (iaUser->password != user->GetProperty().password.Get()) { - InitEncrypt(&iaUser->ctx, (*user)->GetProperty().password.Get()); - iaUser->password = (*user)->GetProperty().password.Get(); + InitEncrypt(&iaUser->ctx, user->GetProperty().password.Get()); + iaUser->password = user->GetProperty().password.Get(); } buff += offset; @@ -833,8 +795,7 @@ char packetName[IA_MAX_TYPE_LEN]; strncpy(packetName, buff + 4, IA_MAX_TYPE_LEN); packetName[IA_MAX_TYPE_LEN - 1] = 0; -map::iterator pi; -pi = packetTypes.find(packetName); +map::iterator pi(packetTypes.find(packetName)); if (pi == packetTypes.end()) { SendError(sip, sport, protoVer, "îÅÐÒÁ×ÉÌØÎÙÊ ÌÏÇÉÎ ÉÌÉ ÐÁÒÏÌØ!"); @@ -842,53 +803,40 @@ if (pi == packetTypes.end()) WriteServLog("User's connect failed. IP \'%s\'. Wrong login or password", inet_ntostring(sip).c_str()); return 0; } -else - { - pn = pi->second; - } -if ((*user)->GetProperty().disabled.Get()) +if (user->GetProperty().disabled.Get()) { SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÂÌÏËÉÒÏ×ÁÎÁ"); return 0; } -if ((*user)->GetProperty().passive.Get()) +if (user->GetProperty().passive.Get()) { SendError(sip, sport, protoVer, "õÞÅÔÎÁÑ ÚÁÐÉÓØ ÚÁÍÏÒÏÖÅÎÁ"); return 0; } -if ((*user)->GetAuthorized() && (*user)->GetCurrIP() != sip) +if (user->IsAuthorizedBy(this) && user->GetCurrIP() != sip) { - printfd(__FILE__, "Login %s alredy in use. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - WriteServLog("Login %s alredy in use. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); + printfd(__FILE__, "Login %s already in use. IP \'%s\'\n", login.c_str(), inet_ntostring(sip).c_str()); + WriteServLog("Login %s already in use. IP \'%s\'", login.c_str(), inet_ntostring(sip).c_str()); SendError(sip, sport, protoVer, "÷ÁÛ ÌÏÇÉÎ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); return 0; } -USER_PTR u; -if (users->FindByIPIdx(sip, &u) == 0 && u->GetLogin() != (*user)->GetLogin()) - { - printfd(__FILE__, "IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str()); - WriteServLog("IP address alredy in use. IP \'%s\'", inet_ntostring(sip).c_str()); - SendError(sip, sport, protoVer, "÷ÁÛ IP ÁÄÒÅÓ ÕÖÅ ÉÓÐÏÌØÚÕÅÔÓÑ!"); - return 0; - } - // ôÅÐÅÒØ ÍÙ ÄÏÌÖÎÙ ÐÒÏ×ÅÒÉÔØ, ÍÏÖÅÔ ÌÉ ÐÏÌØÚÏ×ÁÔÅÌØ ÐÏÄËÌÀÞÉÔÓÑ Ó ÜÔÏÇÏ ÁÄÒÅÓÁ. -int ipFound = (*user)->GetProperty().ips.Get().IsIPInIPS(sip); +int ipFound = user->GetProperty().ips.Get().IsIPInIPS(sip); if (!ipFound) { - printfd(__FILE__, "User %s. IP address is incorrect. IP \'%s\'\n", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); - WriteServLog("User %s. IP address is incorrect. IP \'%s\'", (*user)->GetLogin().c_str(), inet_ntostring(sip).c_str()); + printfd(__FILE__, "User %s. IP address is incorrect. IP \'%s\'\n", login.c_str(), inet_ntostring(sip).c_str()); + WriteServLog("User %s. IP address is incorrect. IP \'%s\'", login.c_str(), inet_ntostring(sip).c_str()); SendError(sip, sport, protoVer, "ðÏÌØÚÏ×ÁÔÅÌØ ÎÅ ÏÐÏÚÎÁÎ! ðÒÏ×ÅÒØÔÅ IP ÁÄÒÅÓ."); return 0; } int ret = -1; -switch (pn) +switch (pi->second) { case CONN_SYN_N: switch (protoVer) @@ -1067,7 +1015,7 @@ if (it == ip2user.end()) if (it->second.user == u) { printfd(__FILE__, "User removed!\n"); - it->second.user->Unauthorize(this); + users->Unauthorize(u->GetLogin(), this); ip2user.erase(it); } } @@ -1161,7 +1109,7 @@ return 0; //----------------------------------------------------------------------------- int AUTH_IA::RealSendMessage6(const STG_MSG & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.user->GetLogin().c_str()); +printfd(__FILE__, "RealSendMessage 6 user=%s\n", user.login.c_str()); char buffer[256]; INFO_6 info; @@ -1188,7 +1136,7 @@ return 0; //----------------------------------------------------------------------------- int AUTH_IA::RealSendMessage7(const STG_MSG & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.user->GetLogin().c_str()); +printfd(__FILE__, "RealSendMessage 7 user=%s\n", user.login.c_str()); char buffer[300]; INFO_7 info; @@ -1221,7 +1169,7 @@ return 0; //----------------------------------------------------------------------------- int AUTH_IA::RealSendMessage8(const STG_MSG & msg, uint32_t ip, IA_USER & user) { -printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.user->GetLogin().c_str()); +printfd(__FILE__, "RealSendMessage 8 user=%s\n", user.login.c_str()); char buffer[1500]; memset(buffer, 0, sizeof(buffer)); @@ -1293,7 +1241,7 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) iaUser->phase.UpdateTime(); iaUser->lastSendAlive = iaUser->phase.GetTime(); - if (iaUser->user->Authorize(sip, "", enabledDirs, this) == 0) + if (users->Authorize(iaUser->login, sip, enabledDirs, this)) { iaUser->phase.SetPhase3(); printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_6\n"); @@ -1328,7 +1276,7 @@ if ((iaUser->phase.GetPhase() == 2) && (connAck->rnd == iaUser->rnd + 1)) { iaUser->phase.UpdateTime(); iaUser->lastSendAlive = iaUser->phase.GetTime(); - if (iaUser->user->Authorize(sip, "", enabledDirs, this) == 0) + if (users->Authorize(iaUser->login, sip, enabledDirs, this)) { iaUser->phase.SetPhase3(); printfd(__FILE__, "Phase changed from 2 to 3. Reason: CONN_ACK_8\n"); @@ -1592,7 +1540,7 @@ else #ifdef IA_DEBUG if (iaUser->aliveSent) { - printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->user->GetLogin().c_str()); + printfd(__FILE__, "========= ALIVE_ACK_6(7) TIMEOUT !!! %s =========\n", iaUser->login.c_str()); } iaUser->aliveSent = true; #endif @@ -1762,7 +1710,7 @@ SwapBytes(fin6.len); Encrypt(&iaUser->ctx, (char*)&fin6, (char*)&fin6, Min8(sizeof(fin6))/8); -iaUser->user->Unauthorize(this); +users->Unauthorize(iaUser->login, this); int ret = Send(sip, iaSettings.GetUserPort(), (char*)&fin6, Min8(sizeof(fin6))); ip2user.erase(it); @@ -1790,41 +1738,13 @@ SwapBytes(fin8.len); Encrypt(&iaUser->ctx, (char*)&fin8, (char*)&fin8, Min8(sizeof(fin8))/8); -iaUser->user->Unauthorize(this); +users->Unauthorize(iaUser->login, this); int ret = Send(sip, iaUser->port, (char*)&fin8, Min8(sizeof(fin8))); ip2user.erase(it); return ret; } //----------------------------------------------------------------------------- -bool AUTH_IA::WaitPackets(int sd) const -{ -fd_set rfds; -FD_ZERO(&rfds); -FD_SET(sd, &rfds); - -struct timeval tv; -tv.tv_sec = 0; -tv.tv_usec = 500000; - -int res = select(sd + 1, &rfds, NULL, NULL, &tv); -if (res == -1) // Error - { - if (errno != EINTR) - { - printfd(__FILE__, "Error on select: '%s'\n", strerror(errno)); - } - return false; - } - -if (res == 0) // Timeout - { - return false; - } - -return true; -} -//----------------------------------------------------------------------------- inline void InitEncrypt(BLOWFISH_CTX * ctx, const string & password) {