|
Lines 59-64
Link Here
|
| 59 |
|
59 |
|
| 60 |
*********************************************************/ |
60 |
*********************************************************/ |
| 61 |
|
61 |
|
|
|
62 |
#include <stdlib.h> |
| 63 |
|
| 64 |
#ifdef _WIN32 |
| 65 |
#include <direct.h> |
| 66 |
#else |
| 67 |
#include <unistd.h> |
| 68 |
#include <signal.h> |
| 69 |
#include <sys/wait.h> |
| 70 |
#include <openssl/ssl.h> |
| 71 |
#include <tptp/TPTPConfig.h> |
| 72 |
#endif |
| 62 |
|
73 |
|
| 63 |
#include "SocketListener.h" |
74 |
#include "SocketListener.h" |
| 64 |
|
75 |
|
|
Lines 69-75
Link Here
|
| 69 |
|
80 |
|
| 70 |
#include "tptp/dime.h" |
81 |
#include "tptp/dime.h" |
| 71 |
|
82 |
|
| 72 |
#define DEFAULT_PORT_NUM 10002 |
83 |
#define DEFAULT_PORT_NUM 10002 |
|
|
84 |
#define CONFIGURATION_HOME "TPTP_AC_HOME" |
| 85 |
|
| 86 |
#define CERTF "cert.pem" |
| 87 |
#define KEYF "key.pem" |
| 73 |
|
88 |
|
| 74 |
/** thread status */ |
89 |
/** thread status */ |
| 75 |
enum ThreadStatus { IDLE, RUNNING } ; |
90 |
enum ThreadStatus { IDLE, RUNNING } ; |
|
Lines 95-101
Link Here
|
| 95 |
int handleCONNECT(request_block_ptr_t pBlk, char *pMsg) ; |
110 |
int handleCONNECT(request_block_ptr_t pBlk, char *pMsg) ; |
| 96 |
|
111 |
|
| 97 |
int handleCONNECT_DATA(request_block_ptr_t pBlk, char *pMsg) ; |
112 |
int handleCONNECT_DATA(request_block_ptr_t pBlk, char *pMsg) ; |
| 98 |
|
113 |
tptp_int32 writeData(request_block_ptr_t pBlock, char* buffer, int length); |
|
|
114 |
tptp_int32 closeSocket(request_block_ptr_t pBlock); |
| 115 |
int handleAUTHENTICATE(request_block_ptr_t pBlk, char *pMsg) ; |
| 116 |
|
| 117 |
BOOL vrfusrpwd(tptp_string *userid, tptp_string *password); |
| 118 |
|
| 119 |
static int sslinit = 1; |
| 120 |
static char* certFile = NULL; |
| 121 |
static char* keyFile = NULL; |
| 99 |
|
122 |
|
| 100 |
/** |
123 |
/** |
| 101 |
********************************************************* |
124 |
********************************************************* |
|
Lines 125-131
Link Here
|
| 125 |
int rc = 0 ; |
148 |
int rc = 0 ; |
| 126 |
char *buffer = NULL; |
149 |
char *buffer = NULL; |
| 127 |
int bufferLength = 0 ; |
150 |
int bufferLength = 0 ; |
| 128 |
BOOL shouldAddHeader = FALSE ; |
|
|
| 129 |
char *pCurr = NULL ; |
151 |
char *pCurr = NULL ; |
| 130 |
int uuidLength = 0 ; |
152 |
int uuidLength = 0 ; |
| 131 |
|
153 |
|
|
Lines 144-152
Link Here
|
| 144 |
strcpy(pCurr, ""); /* null uuid string */ |
166 |
strcpy(pCurr, ""); /* null uuid string */ |
| 145 |
|
167 |
|
| 146 |
addBasicMsgHeader(cmd, cmdLength, &buffer, &bufferLength, flags) ; |
168 |
addBasicMsgHeader(cmd, cmdLength, &buffer, &bufferLength, flags) ; |
| 147 |
|
|
|
| 148 |
/* send the response */ |
169 |
/* send the response */ |
| 149 |
sendThisMessage(pBlk->pServerData, pBlk->connectionId, bufferLength, buffer, shouldAddHeader) ; |
170 |
writeData(pBlk, buffer, bufferLength); |
| 150 |
|
171 |
|
| 151 |
if (cmd) tptp_free(cmd); |
172 |
if (cmd) tptp_free(cmd); |
| 152 |
if (buffer) tptp_free(buffer); |
173 |
if (buffer) tptp_free(buffer); |
|
Lines 154-159
Link Here
|
| 154 |
return ( rc ) ; |
175 |
return ( rc ) ; |
| 155 |
} |
176 |
} |
| 156 |
|
177 |
|
|
|
178 |
#ifndef _WIN32 |
| 179 |
int setSSL(request_block_ptr_t pBlk) { |
| 180 |
SSL_METHOD *meth; |
| 181 |
SSL_CTX* ctx; |
| 182 |
SSL* ssl; |
| 183 |
int err; |
| 184 |
|
| 185 |
if (sslinit) { |
| 186 |
SSL_load_error_strings(); |
| 187 |
SSL_library_init(); |
| 188 |
sslinit = 0; |
| 189 |
} |
| 190 |
|
| 191 |
meth = SSLv23_server_method(); |
| 192 |
|
| 193 |
ctx = SSL_CTX_new (meth); |
| 194 |
if (!ctx) { |
| 195 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: context error"); |
| 196 |
return -1; |
| 197 |
} |
| 198 |
|
| 199 |
if (certFile == NULL) { |
| 200 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: no certificate file found"); |
| 201 |
return -1; |
| 202 |
} |
| 203 |
|
| 204 |
if (SSL_CTX_use_certificate_file(ctx, certFile, SSL_FILETYPE_PEM) <= 0) { |
| 205 |
TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: illegal certificate file %s", certFile); |
| 206 |
return -1; |
| 207 |
} |
| 208 |
|
| 209 |
if (keyFile == NULL) { |
| 210 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: no key file found"); |
| 211 |
return -1; |
| 212 |
} |
| 213 |
|
| 214 |
if (SSL_CTX_use_PrivateKey_file(ctx, keyFile, SSL_FILETYPE_PEM) <= 0) { |
| 215 |
TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: illegal key file %s", keyFile); |
| 216 |
return -1; |
| 217 |
} |
| 218 |
|
| 219 |
if (!SSL_CTX_check_private_key(ctx)) { |
| 220 |
TPTP_LOG_DEBUG_MSG2(pBlk->pServerData, "SSL: Private key %s does not match the certificate public key %s", |
| 221 |
keyFile, certFile); |
| 222 |
return -1; |
| 223 |
} |
| 224 |
|
| 225 |
ssl = SSL_new (ctx); |
| 226 |
if (ssl < 0) { |
| 227 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL.new error"); |
| 228 |
return -1; |
| 229 |
} |
| 230 |
|
| 231 |
SSL_set_fd (ssl, pBlk->clientSock); |
| 232 |
err = SSL_accept (ssl); |
| 233 |
if (err < 0) { |
| 234 |
TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: ssl_accept error %d", SSL_get_error(ssl, err)); |
| 235 |
return -1; |
| 236 |
} |
| 237 |
|
| 238 |
pBlk->sslCtx = ctx; |
| 239 |
pBlk->ssl = ssl; |
| 240 |
pBlk->secured = TRUE; |
| 241 |
|
| 242 |
return 0; |
| 243 |
} |
| 244 |
#endif |
| 157 |
|
245 |
|
| 158 |
/** |
246 |
/** |
| 159 |
********************************************************* |
247 |
********************************************************* |
|
Lines 164-177
Link Here
|
| 164 |
*********************************************************/ |
252 |
*********************************************************/ |
| 165 |
int handleCONNECT(request_block_ptr_t pBlk, char *pMsg) |
253 |
int handleCONNECT(request_block_ptr_t pBlk, char *pMsg) |
| 166 |
{ |
254 |
{ |
| 167 |
HashTable *pTab = NULL ; |
255 |
HashTable *pTab = NULL; |
| 168 |
int connId = 0 ; |
256 |
int connId = 0; |
| 169 |
|
257 |
|
| 170 |
addConnectionEntry_ptr_t pFunc = NULL ; |
258 |
addConnectionEntry_ptr_t pFunc = NULL ; |
| 171 |
|
259 |
|
| 172 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "Socket: handle CONNECT request (Control channel)."); |
260 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "Socket: handle CONNECT request (Control channel)."); |
| 173 |
pBlk->connectionType = CONTROL_CHANNEL ; |
261 |
pBlk->connectionType = CONTROL_CHANNEL ; |
| 174 |
|
262 |
|
|
|
263 |
#ifndef _WIN32 |
| 264 |
if (pBlk->pServerData->securityEnabled && !pBlk->secured) { |
| 265 |
processCONNECTCall(pBlk, pMsg, CONNECTION_REFUSED | SECURITY_REQUIRED); |
| 266 |
// no race condition here since incoming ssl request |
| 267 |
return setSSL(pBlk); // will wait for processing in input buffer |
| 268 |
} |
| 269 |
#endif |
| 270 |
|
| 175 |
/* tell the agent controller about the new connection */ |
271 |
/* tell the agent controller about the new connection */ |
| 176 |
/* and receive the assigned connection id */ |
272 |
/* and receive the assigned connection id */ |
| 177 |
pFunc = pBlk->pServerData->agentControllerDataBlk.addConnectionEntry ; |
273 |
pFunc = pBlk->pServerData->agentControllerDataBlk.addConnectionEntry ; |
|
Lines 188-196
Link Here
|
| 188 |
pTab = pBlk->pServerData->connectionTable ; |
284 |
pTab = pBlk->pServerData->connectionTable ; |
| 189 |
tablePut(pTab, connId, (Entry_value_ptr_t) pBlk) ; |
285 |
tablePut(pTab, connId, (Entry_value_ptr_t) pBlk) ; |
| 190 |
|
286 |
|
|
|
287 |
#ifndef _WIN32 |
| 191 |
/* CONNECT command. Go handle it. */ |
288 |
/* CONNECT command. Go handle it. */ |
| 192 |
processCONNECTCall(pBlk, pMsg, CONNECTION_COMPLETE) ; |
289 |
if (pBlk->pServerData->securityEnabled) { |
|
|
290 |
processCONNECTCall(pBlk, pMsg, CONNECTION_COMPLETE | AUTHENTICATION_FAILED); |
| 291 |
} |
| 292 |
else { |
| 293 |
processCONNECTCall(pBlk, pMsg, CONNECTION_COMPLETE); |
| 294 |
pBlk->authenticated = TRUE; |
| 295 |
} |
| 296 |
#else |
| 297 |
processCONNECTCall(pBlk, pMsg, CONNECTION_COMPLETE); |
| 298 |
pBlk->authenticated = TRUE; |
| 299 |
#endif |
| 300 |
|
| 301 |
return 0 ; |
| 302 |
} |
| 303 |
|
| 304 |
/** |
| 305 |
********************************************************* |
| 306 |
* |
| 307 |
* @brief |
| 308 |
* handle the AUTHENTICATE request |
| 309 |
* |
| 310 |
*********************************************************/ |
| 311 |
int handleAUTHENTICATE(request_block_ptr_t pBlk, char *pMsg) { |
| 312 |
char *name=NULL, *psw=NULL; |
| 313 |
BOOL success; |
| 314 |
|
| 315 |
pMsg = readStringFromBuffer(pMsg, &name); |
| 316 |
pMsg = readStringFromBuffer(pMsg, &psw); |
| 317 |
|
| 318 |
if (name != NULL && psw != NULL) |
| 319 |
success = vrfusrpwd(name, psw); |
| 320 |
else |
| 321 |
success = FALSE; |
| 322 |
|
| 323 |
if (success) { |
| 324 |
TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "User %s is authenticated", name); |
| 325 |
} |
| 326 |
else if (name != NULL) { |
| 327 |
TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "User %s is not authenticated", name); |
| 328 |
} |
| 329 |
else { |
| 330 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "User <null> is not authenticated"); |
| 331 |
} |
| 332 |
|
| 333 |
pBlk->authenticated = success; |
| 334 |
if (success) { |
| 335 |
processCONNECTCall(pBlk, pMsg, AUTHENTICATION_SUCCESSFUL); |
| 336 |
} |
| 337 |
else { |
| 338 |
processCONNECTCall(pBlk, pMsg, AUTHENTICATION_FAILED); |
| 339 |
} |
| 193 |
|
340 |
|
|
|
341 |
if (name != NULL) tptp_free(name); |
| 342 |
if (psw != NULL) tptp_free(psw); |
| 343 |
|
| 194 |
return 0 ; |
344 |
return 0 ; |
| 195 |
} |
345 |
} |
| 196 |
|
346 |
|
|
Lines 209-214
Link Here
|
| 209 |
addDataConnectionEntry_ptr_t pFunc = NULL ; |
359 |
addDataConnectionEntry_ptr_t pFunc = NULL ; |
| 210 |
|
360 |
|
| 211 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "Socket: handle CONNECT_DATA/CONNECT_CONSOLE request (Data channel)."); |
361 |
TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "Socket: handle CONNECT_DATA/CONNECT_CONSOLE request (Data channel)."); |
|
|
362 |
|
| 363 |
#ifndef _WIN32 |
| 364 |
if (pBlk->pServerData->securityEnabled && !pBlk->secured) { |
| 365 |
processCONNECTCall(pBlk, pMsg, CONNECTION_REFUSED | SECURITY_REQUIRED); |
| 366 |
// no race condition here since incoming ssl request |
| 367 |
return setSSL(pBlk); // will wait for processing in input buffer |
| 368 |
} |
| 369 |
#endif |
| 370 |
|
| 212 |
pBlk->connectionType = DATA_CHANNEL ; |
371 |
pBlk->connectionType = DATA_CHANNEL ; |
| 213 |
|
372 |
|
| 214 |
/* tell the agent controller about the new connection */ |
373 |
/* tell the agent controller about the new connection */ |
|
Lines 305-317
Link Here
|
| 305 |
((flags & CONNECT_CONSOLE) != 0)) |
464 |
((flags & CONNECT_CONSOLE) != 0)) |
| 306 |
{ |
465 |
{ |
| 307 |
if ((flags & CONNECT_CONSOLE) != 0) |
466 |
if ((flags & CONNECT_CONSOLE) != 0) |
| 308 |
pBlk->isForConsole = TRUE ; |
467 |
pBlk->isForConsole = TRUE; |
| 309 |
|
468 |
|
| 310 |
handleCONNECT_DATA(pBlk, pMsg) ; |
469 |
handleCONNECT_DATA(pBlk, pMsg) ; |
| 311 |
|
470 |
|
| 312 |
/* prevent it from forwarding to the AC */ |
471 |
/* prevent it from forwarding to the AC */ |
| 313 |
pMsg = NULL ; |
472 |
pMsg = NULL ; |
| 314 |
} |
473 |
} |
|
|
474 |
#ifndef _WIN32 |
| 475 |
else if (pBlk->pServerData->securityEnabled && !pBlk->secured) { |
| 476 |
pMsg = NULL ; |
| 477 |
} |
| 478 |
else if ((flags & AUTHENTICATE) != 0) |
| 479 |
{ |
| 480 |
handleAUTHENTICATE(pBlk, pMsg) ; |
| 481 |
|
| 482 |
/* prevent it from forwarding to the AC */ |
| 483 |
pMsg = NULL ; |
| 484 |
} |
| 485 |
else if (pBlk->pServerData->securityEnabled && !pBlk->authenticated) { |
| 486 |
processCONNECTCall(pBlk, pMsg, AUTHENTICATION_FAILED); |
| 487 |
pMsg = NULL ; |
| 488 |
} |
| 489 |
#endif |
| 315 |
else if ((flags & DISCONNECT) != 0) |
490 |
else if ((flags & DISCONNECT) != 0) |
| 316 |
{ |
491 |
{ |
| 317 |
handleDISCONNECT(pBlk, pMsg) ; |
492 |
handleDISCONNECT(pBlk, pMsg) ; |
|
Lines 503-508
Link Here
|
| 503 |
return ( bytesToBeProcessed ) ; |
678 |
return ( bytesToBeProcessed ) ; |
| 504 |
} |
679 |
} |
| 505 |
|
680 |
|
|
|
681 |
#ifndef _WIN32 |
| 682 |
|
| 683 |
int recvData (request_block_ptr_t pRdb, char *buffer, int length, int *bytesRead) { |
| 684 |
int result; |
| 685 |
if (pRdb->secured) { |
| 686 |
result = SSL_read (pRdb->ssl, buffer, length); |
| 687 |
*bytesRead = result; |
| 688 |
} |
| 689 |
else { |
| 690 |
result = readFromSocket(pRdb->clientSock, buffer, length, bytesRead); |
| 691 |
} |
| 692 |
|
| 693 |
return result; |
| 694 |
} |
| 695 |
|
| 696 |
#else |
| 697 |
|
| 698 |
int recvData (request_block_ptr_t pRdb, char *buffer, int length, int *bytesRead) { |
| 699 |
return readFromSocket(pRdb->clientSock, buffer, length, bytesRead); |
| 700 |
} |
| 701 |
|
| 702 |
#endif |
| 506 |
|
703 |
|
| 507 |
/** |
704 |
/** |
| 508 |
********************************************************* |
705 |
********************************************************* |
|
Lines 517-525
Link Here
|
| 517 |
THREAD_USER_FUNC_RET_TYPE processClientRequest(LPVOID args) |
714 |
THREAD_USER_FUNC_RET_TYPE processClientRequest(LPVOID args) |
| 518 |
{ |
715 |
{ |
| 519 |
int rc = 1; |
716 |
int rc = 1; |
| 520 |
|
|
|
| 521 |
SOCKET clientSock ; |
| 522 |
|
| 523 |
unsigned int bytesRead; |
717 |
unsigned int bytesRead; |
| 524 |
unsigned char buffer[TPTP_DEFAULT_BUFFER_MAX_LENGTH]; |
718 |
unsigned char buffer[TPTP_DEFAULT_BUFFER_MAX_LENGTH]; |
| 525 |
unsigned int bufferLength = TPTP_DEFAULT_BUFFER_LENGTH ; |
719 |
unsigned int bufferLength = TPTP_DEFAULT_BUFFER_LENGTH ; |
|
Lines 529-535
Link Here
|
| 529 |
|
723 |
|
| 530 |
/* set up environmental info for this incoming message */ |
724 |
/* set up environmental info for this incoming message */ |
| 531 |
request_block_ptr_t pRdb = (request_block_ptr_t) args ; |
725 |
request_block_ptr_t pRdb = (request_block_ptr_t) args ; |
| 532 |
clientSock = pRdb->clientSock ; |
|
|
| 533 |
|
726 |
|
| 534 |
/* initial status before the thread is running */ |
727 |
/* initial status before the thread is running */ |
| 535 |
pRdb->threadStatus = RUNNING ; |
728 |
pRdb->threadStatus = RUNNING ; |
|
Lines 541-547
Link Here
|
| 541 |
|
734 |
|
| 542 |
/* Another message might come in while we're processing |
735 |
/* Another message might come in while we're processing |
| 543 |
* so we read until the pipe is empty */ |
736 |
* so we read until the pipe is empty */ |
| 544 |
while ( (rc = readFromSocket(clientSock, buffer, bufferLength, &bytesRead)) > 0) |
737 |
while ( (rc = recvData(pRdb, buffer, bufferLength, &bytesRead)) > 0) |
| 545 |
{ |
738 |
{ |
| 546 |
TPTP_LOG_DEBUG_MSG1(pRdb->pServerData, "Socket processClientRequest: Read %d bytes.", bytesRead) ; |
739 |
TPTP_LOG_DEBUG_MSG1(pRdb->pServerData, "Socket processClientRequest: Read %d bytes.", bytesRead) ; |
| 547 |
|
740 |
|
|
Lines 565-571
Link Here
|
| 565 |
pFunc(pRdb->pServerData->cmo, pRdb->connectionId); |
758 |
pFunc(pRdb->pServerData->cmo, pRdb->connectionId); |
| 566 |
} |
759 |
} |
| 567 |
|
760 |
|
| 568 |
freeRequestBlock( pRdb ); |
761 |
closeSocket(pRdb); |
|
|
762 |
freeRequestBlock(pRdb); |
| 569 |
|
763 |
|
| 570 |
return ( 0 ) ; |
764 |
return ( 0 ) ; |
| 571 |
} |
765 |
} |
|
Lines 593-598
Link Here
|
| 593 |
pRequestDataBlock->connectionType = 0 ; |
787 |
pRequestDataBlock->connectionType = 0 ; |
| 594 |
|
788 |
|
| 595 |
pRequestDataBlock->isForConsole = FALSE ; |
789 |
pRequestDataBlock->isForConsole = FALSE ; |
|
|
790 |
|
| 791 |
pRequestDataBlock->authenticated = FALSE; |
| 792 |
pRequestDataBlock->secured = FALSE; |
| 793 |
|
| 794 |
#ifndef _WIN32 |
| 795 |
pRequestDataBlock->ssl = NULL; |
| 796 |
pRequestDataBlock->sslCtx = NULL; |
| 797 |
#endif |
| 596 |
|
798 |
|
| 597 |
pRequestDataBlock->pSendFunc = NULL ; |
799 |
pRequestDataBlock->pSendFunc = NULL ; |
| 598 |
|
800 |
|
|
Lines 694-700
Link Here
|
| 694 |
return ( 0 ); |
896 |
return ( 0 ); |
| 695 |
} |
897 |
} |
| 696 |
|
898 |
|
|
|
899 |
int getACHome (char* buf, int len) { |
| 900 |
char* acHome; |
| 901 |
|
| 902 |
acHome = getenv(CONFIGURATION_HOME); |
| 903 |
if (acHome != NULL) { |
| 904 |
strncpy(buf, acHome, len); |
| 905 |
return 0; |
| 906 |
} |
| 907 |
|
| 908 |
#ifdef _WIN32 |
| 909 |
acHome = _getcwd(buf, 1024); |
| 910 |
if (acHome == NULL) return -1; |
| 911 |
|
| 912 |
strcat(buf, "\\.."); |
| 913 |
#else |
| 914 |
acHome = getcwd(buf, 1024); |
| 915 |
if (acHome == NULL) return -1; |
| 916 |
|
| 917 |
strcat(buf, "/.."); |
| 918 |
#endif |
| 919 |
|
| 920 |
return 0; |
| 921 |
} |
| 697 |
|
922 |
|
|
|
923 |
int initSSL() { |
| 924 |
char buf[1024]; |
| 925 |
|
| 926 |
if (getACHome(buf, 1024) < 0) { |
| 927 |
certFile = (char*) malloc(strlen(CERTF) + 1); |
| 928 |
strcpy(certFile, CERTF); |
| 929 |
|
| 930 |
keyFile = (char*) malloc(strlen(KEYF) + 1); |
| 931 |
strcpy(keyFile, CERTF); |
| 932 |
} |
| 933 |
else { |
| 934 |
#ifdef _WIN32 |
| 935 |
strcat(buf, "\\security\\"); |
| 936 |
#else |
| 937 |
strcat(buf, "/security/"); |
| 938 |
#endif |
| 939 |
|
| 940 |
certFile = (char*) malloc(strlen(buf) + strlen(CERTF) + 1); |
| 941 |
strcpy(certFile, buf); |
| 942 |
strcat(certFile, CERTF); |
| 943 |
|
| 944 |
keyFile = (char*) malloc(strlen(buf) + strlen(KEYF) + 1); |
| 945 |
strcpy(keyFile, buf); |
| 946 |
strcat(keyFile, KEYF); |
| 947 |
} |
| 948 |
|
| 949 |
return 0; |
| 950 |
} |
| 698 |
|
951 |
|
| 699 |
/** |
952 |
/** |
| 700 |
********************************************************* |
953 |
********************************************************* |
|
Lines 710-715
Link Here
|
| 710 |
{ |
963 |
{ |
| 711 |
int rc = 0 ; |
964 |
int rc = 0 ; |
| 712 |
|
965 |
|
|
|
966 |
initSSL(); |
| 967 |
|
| 713 |
rc = initForSocketCalls() ; |
968 |
rc = initForSocketCalls() ; |
| 714 |
|
969 |
|
| 715 |
if (rc == 0) |
970 |
if (rc == 0) |
|
Lines 730-739
Link Here
|
| 730 |
if (rc != -1) |
985 |
if (rc != -1) |
| 731 |
{ |
986 |
{ |
| 732 |
pServerData->port = socketInfo.portNumber; |
987 |
pServerData->port = socketInfo.portNumber; |
|
|
988 |
pServerData->securityEnabled = socketInfo.securityEnabled; |
| 733 |
} |
989 |
} |
| 734 |
else |
990 |
else |
| 735 |
{ |
991 |
{ |
| 736 |
pServerData->port = DEFAULT_PORT_NUM; |
992 |
pServerData->port = DEFAULT_PORT_NUM; |
|
|
993 |
pServerData->securityEnabled = 0; |
| 737 |
} |
994 |
} |
| 738 |
|
995 |
|
| 739 |
tlo->data = pServerData; |
996 |
tlo->data = pServerData; |
|
Lines 832-837
Link Here
|
| 832 |
return ( rc ) ; |
1089 |
return ( rc ) ; |
| 833 |
} |
1090 |
} |
| 834 |
|
1091 |
|
|
|
1092 |
tptp_int32 closeSocket(request_block_ptr_t pBlock) { |
| 1093 |
if (pBlock == NULL) return -1; |
| 1094 |
|
| 1095 |
#ifndef _WIN32 |
| 1096 |
if (pBlock->ssl != NULL) { |
| 1097 |
SSL_free(pBlock->ssl); |
| 1098 |
pBlock->ssl = NULL; |
| 1099 |
} |
| 1100 |
|
| 1101 |
if (pBlock->sslCtx != NULL) { |
| 1102 |
SSL_CTX_free(pBlock->sslCtx); |
| 1103 |
pBlock->sslCtx = NULL; |
| 1104 |
} |
| 1105 |
#endif |
| 1106 |
|
| 1107 |
pBlock->secured = FALSE; |
| 1108 |
|
| 1109 |
return closeThisSocket(pBlock->clientSock); |
| 1110 |
} |
| 835 |
|
1111 |
|
| 836 |
/** |
1112 |
/** |
| 837 |
********************************************************* |
1113 |
********************************************************* |
|
Lines 846-853
Link Here
|
| 846 |
|
1122 |
|
| 847 |
tptp_int32 terminateSocketConnection(server_block_t* pServerData, tptp_uint32 connectionID) |
1123 |
tptp_int32 terminateSocketConnection(server_block_t* pServerData, tptp_uint32 connectionID) |
| 848 |
{ |
1124 |
{ |
| 849 |
int rc = 0 ; |
|
|
| 850 |
SOCKET sock ; |
| 851 |
request_block_ptr_t pBlock ; |
1125 |
request_block_ptr_t pBlock ; |
| 852 |
|
1126 |
|
| 853 |
TPTP_LOG_DEBUG_MSG1(pServerData, "terminateConnection (socket): connection id(%d)", connectionID) ; |
1127 |
TPTP_LOG_DEBUG_MSG1(pServerData, "terminateConnection (socket): connection id(%d)", connectionID) ; |
|
Lines 855-866
Link Here
|
| 855 |
/* retrieve the corresponding socket */ |
1129 |
/* retrieve the corresponding socket */ |
| 856 |
pBlock = (request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
1130 |
pBlock = (request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
| 857 |
|
1131 |
|
| 858 |
sock = pBlock->clientSock ; |
|
|
| 859 |
|
| 860 |
/* go close it down */ |
1132 |
/* go close it down */ |
| 861 |
rc = closeThisSocket(sock) ; |
1133 |
return closeSocket(pBlock) ; |
| 862 |
|
|
|
| 863 |
return ( rc ) ; |
| 864 |
} |
1134 |
} |
| 865 |
|
1135 |
|
| 866 |
|
1136 |
|
|
Lines 883-888
Link Here
|
| 883 |
return ( sendThisMessage(pServerData, connectionID, cmdSize, pCmdBlock, TRUE ) ) ; |
1153 |
return ( sendThisMessage(pServerData, connectionID, cmdSize, pCmdBlock, TRUE ) ) ; |
| 884 |
} |
1154 |
} |
| 885 |
|
1155 |
|
|
|
1156 |
#ifndef _WIN32 |
| 1157 |
|
| 1158 |
tptp_int32 writeData(request_block_ptr_t pBlock, char* buffer, int length) { |
| 1159 |
if (pBlock->secured) { |
| 1160 |
return SSL_write(pBlock->ssl, buffer, length); |
| 1161 |
} |
| 1162 |
else { |
| 1163 |
return writeToSocket(pBlock->clientSock, buffer, length); |
| 1164 |
} |
| 1165 |
} |
| 1166 |
|
| 1167 |
#else |
| 1168 |
|
| 1169 |
tptp_int32 writeData(request_block_ptr_t pBlock, char* buffer, int length) { |
| 1170 |
return writeToSocket(pBlock->clientSock, buffer, length); |
| 1171 |
} |
| 1172 |
|
| 1173 |
#endif |
| 886 |
|
1174 |
|
| 887 |
/** |
1175 |
/** |
| 888 |
********************************************************* |
1176 |
********************************************************* |
|
Lines 899-905
Link Here
|
| 899 |
tptp_int32 sendThisMessage( server_block_t* pServerData, tptp_uint32 connectionID, tptp_uint32 cmdSize, tptp_string* pCmdBlock, BOOL shouldAddHeader) |
1187 |
tptp_int32 sendThisMessage( server_block_t* pServerData, tptp_uint32 connectionID, tptp_uint32 cmdSize, tptp_string* pCmdBlock, BOOL shouldAddHeader) |
| 900 |
{ |
1188 |
{ |
| 901 |
int rc = 0 ; |
1189 |
int rc = 0 ; |
| 902 |
SOCKET sock ; |
|
|
| 903 |
int bytesSent = 0 ; |
1190 |
int bytesSent = 0 ; |
| 904 |
char *buffer = NULL; |
1191 |
char *buffer = NULL; |
| 905 |
int bufferLength = 0 ; |
1192 |
int bufferLength = 0 ; |
|
Lines 911-917
Link Here
|
| 911 |
request_block_ptr_t pBlock = |
1198 |
request_block_ptr_t pBlock = |
| 912 |
(request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
1199 |
(request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
| 913 |
|
1200 |
|
| 914 |
|
1201 |
if (pBlock == NULL) { |
|
|
1202 |
return -1; |
| 1203 |
} |
| 915 |
|
1204 |
|
| 916 |
if (shouldAddHeader == TRUE) |
1205 |
if (shouldAddHeader == TRUE) |
| 917 |
{ |
1206 |
{ |
|
Lines 928-938
Link Here
|
| 928 |
/* synchronizing among threads. Single writer. */ |
1217 |
/* synchronizing among threads. Single writer. */ |
| 929 |
tptp_getWriteLock( & pBlock->locker ); |
1218 |
tptp_getWriteLock( & pBlock->locker ); |
| 930 |
|
1219 |
|
| 931 |
/* locate the socket to send */ |
|
|
| 932 |
sock = pBlock->clientSock ; |
| 933 |
|
| 934 |
/* go send the message */ |
1220 |
/* go send the message */ |
| 935 |
bytesSent = writeToSocket(sock, pSendBuffer, bufferLength); |
1221 |
bytesSent = writeData(pBlock, pSendBuffer, bufferLength); |
| 936 |
if (bytesSent < 0) |
1222 |
if (bytesSent < 0) |
| 937 |
{ |
1223 |
{ |
| 938 |
TPTP_LOG_ERROR_MSG1(pServerData, "Socket: Failed to send data on connection ID %d", connectionID); |
1224 |
TPTP_LOG_ERROR_MSG1(pServerData, "Socket: Failed to send data on connection ID %d", connectionID); |
|
Lines 1140-1146
Link Here
|
| 1140 |
request_block_ptr_t pBlock = |
1426 |
request_block_ptr_t pBlock = |
| 1141 |
(request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
1427 |
(request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
| 1142 |
|
1428 |
|
| 1143 |
|
|
|
| 1144 |
TPTP_LOG_DEBUG_MSG2(pServerData, "setIncomingDataFunc(socket) connectionID(%d) partnerID(%d)", |
1429 |
TPTP_LOG_DEBUG_MSG2(pServerData, "setIncomingDataFunc(socket) connectionID(%d) partnerID(%d)", |
| 1145 |
connectionID, partnerID) ; |
1430 |
connectionID, partnerID) ; |
| 1146 |
|
1431 |
|
|
Lines 1166-1173
Link Here
|
| 1166 |
|
1451 |
|
| 1167 |
tptp_int32 sendSocketData(server_block_t* pServerData, tptp_uint32 connectionID, tptp_uint32 dataSize, tptp_string* pDataBlock) |
1452 |
tptp_int32 sendSocketData(server_block_t* pServerData, tptp_uint32 connectionID, tptp_uint32 dataSize, tptp_string* pDataBlock) |
| 1168 |
{ |
1453 |
{ |
| 1169 |
SOCKET sock ; |
|
|
| 1170 |
|
| 1171 |
int bytesSent = 0 ; |
1454 |
int bytesSent = 0 ; |
| 1172 |
|
1455 |
|
| 1173 |
int rc = 0 ; |
1456 |
int rc = 0 ; |
|
Lines 1176-1186
Link Here
|
| 1176 |
request_block_ptr_t pBlock = |
1459 |
request_block_ptr_t pBlock = |
| 1177 |
(request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
1460 |
(request_block_ptr_t) tableGet(pServerData->connectionTable, connectionID) ; |
| 1178 |
|
1461 |
|
| 1179 |
/* locate the socket to send */ |
1462 |
if (pBlock == NULL) return -1; |
| 1180 |
sock = pBlock->clientSock ; |
|
|
| 1181 |
|
1463 |
|
| 1182 |
/* go send the message */ |
1464 |
/* go send the message */ |
| 1183 |
bytesSent = writeToSocket(sock, pDataBlock, dataSize); |
1465 |
bytesSent = writeData(pBlock, pDataBlock, dataSize); |
| 1184 |
if (bytesSent < 0) |
1466 |
if (bytesSent < 0) |
| 1185 |
{ |
1467 |
{ |
| 1186 |
TPTP_LOG_ERROR_MSG1(pServerData,"Socket: Failed to send data on connection ID %d", connectionID); |
1468 |
TPTP_LOG_ERROR_MSG1(pServerData,"Socket: Failed to send data on connection ID %d", connectionID); |
|
Lines 1246-1248
Link Here
|
| 1246 |
return (forwardDataToPartner(pBlk, dataLen, pBuffer)) ; |
1528 |
return (forwardDataToPartner(pBlk, dataLen, pBuffer)) ; |
| 1247 |
} |
1529 |
} |
| 1248 |
|
1530 |
|
|
|
1531 |
/* |
| 1532 |
* -------------------------------------------------------------------------------- |
| 1533 |
* All the platform-dependent vrfusrpwd() functions below |
| 1534 |
* -------------------------------------------------------------------------------- |
| 1535 |
*/ |
| 1536 |
|
| 1537 |
|
| 1538 |
#if defined(_WIN32) |
| 1539 |
/* |
| 1540 |
* Windows/IA32 section, in-process authentication |
| 1541 |
*/ |
| 1542 |
BOOL vrfusrpwd(tptp_string *userid, tptp_string *password) { |
| 1543 |
HANDLE handle; |
| 1544 |
|
| 1545 |
return LogonUser(userid, NULL, password, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &handle); |
| 1546 |
} |
| 1547 |
#elif defined(__MVS__) |
| 1548 |
/* |
| 1549 |
* OS/390 section, in-process authentication. BPX.DAEMON is needed. |
| 1550 |
*/ |
| 1551 |
BOOL vrfusrpwd(tptp_string *userid, tptp_string *password) { |
| 1552 |
return __passwd(userid, password, NULL) ? FALSE : TRUE; |
| 1553 |
} |
| 1554 |
#elif defined(__OS400__) |
| 1555 |
/* |
| 1556 |
* OS/400 section, in-process authentication |
| 1557 |
*/ |
| 1558 |
BOOL vrfusrpwd(tptp_string *userid, tptp_string *password) { |
| 1559 |
struct error_code_t errorCode; |
| 1560 |
char profileHandle[12]; /* profile handle, required by QSYGETPH API */ |
| 1561 |
char useridBuf[10] = " "; |
| 1562 |
|
| 1563 |
/* In descrypted case, the password is in code page of 437 */ |
| 1564 |
errorCode.bytesProvided = 64; |
| 1565 |
errorCode.bytesAvailable = 0; |
| 1566 |
|
| 1567 |
if(userid[0] == '*') { |
| 1568 |
return FALSE; |
| 1569 |
} |
| 1570 |
else if(strlen(userid) > 10) { |
| 1571 |
return FALSE; |
| 1572 |
} |
| 1573 |
else { |
| 1574 |
int i; |
| 1575 |
for(i = 0; i < strlen(userid); i++) { |
| 1576 |
useridBuf[i] = toupper(userid[i]); /* change it all to upper case */ |
| 1577 |
} |
| 1578 |
} |
| 1579 |
|
| 1580 |
QSYGETPH(useridBuf, password, profileHandle, &errorCode, strlen(password), 37); /* CCSID of password is 37 (EBCDIC) */ |
| 1581 |
|
| 1582 |
if(errorCode.bytesAvailable > 0) { |
| 1583 |
char *exc = (char*)ra_malloc(sizeof(char) * 8); |
| 1584 |
BZERO(exc, 8); |
| 1585 |
strncpy(exc, errorCode.exceptionID, 7); |
| 1586 |
ra_free(exc); |
| 1587 |
|
| 1588 |
return FALSE; |
| 1589 |
} |
| 1590 |
else { |
| 1591 |
return TRUE; /* authentication successful */ |
| 1592 |
} |
| 1593 |
} |
| 1594 |
#else /* non-Windows, non-OS/400 */ |
| 1595 |
/* |
| 1596 |
* Launch a separate process to authenticate user name and password |
| 1597 |
*/ |
| 1598 |
BOOL vrfusrpwd(tptp_string *userid, tptp_string *password) { |
| 1599 |
FILE *fp; |
| 1600 |
BOOL success = FALSE; |
| 1601 |
char *serverHome; |
| 1602 |
char *authCmd; |
| 1603 |
int authLen; |
| 1604 |
int status; |
| 1605 |
int rc = 0; |
| 1606 |
|
| 1607 |
struct sigaction ignoreHandler; /* Use this handler for bypassing pre-configured signal handler */ |
| 1608 |
struct sigaction oldHandler; /* Used to temporary storing the configured signal handler */ |
| 1609 |
|
| 1610 |
serverHome = getCacheEnv("default", "RASERVER_HOME"); |
| 1611 |
/* Do not pass user ID and password since they will be shown by running 'ps' */ |
| 1612 |
authLen = strlen(serverHome) + 1 + strlen("bin") + 1 + strlen("ChkPass") + 1; /* Bug 168705 : need a null at the end for strcat() */ |
| 1613 |
authCmd = (char*)malloc(sizeof(char) * authLen); |
| 1614 |
BZERO(authCmd, authLen); |
| 1615 |
strcpy(authCmd, serverHome); |
| 1616 |
strcat(authCmd, "/"); |
| 1617 |
strcat(authCmd, "bin"); |
| 1618 |
strcat(authCmd, "/"); |
| 1619 |
strcat(authCmd, "ChkPass"); |
| 1620 |
|
| 1621 |
/* Disable default SIGCHLD handler since system() call doesn't work with user-supplied signal handlers */ |
| 1622 |
BZERO(&ignoreHandler, sizeof(struct sigaction)); |
| 1623 |
BZERO(&oldHandler, sizeof(struct sigaction)); |
| 1624 |
|
| 1625 |
ignoreHandler.sa_handler = SIG_DFL; /* Reset to default SIGCHLD handler */ |
| 1626 |
sigaction(SIGCHLD, &ignoreHandler, &oldHandler); /* Store the previous signal handler */ |
| 1627 |
|
| 1628 |
fp = popen(authCmd, "w"); |
| 1629 |
fprintf(fp, "%s\n", userid); |
| 1630 |
fprintf(fp, "%s\n", password); |
| 1631 |
status = pclose(fp); |
| 1632 |
if(WIFEXITED(status)) { |
| 1633 |
rc = WEXITSTATUS(status); |
| 1634 |
} |
| 1635 |
|
| 1636 |
if(rc == 100) { /* 100 indicates success */ |
| 1637 |
success = TRUE; |
| 1638 |
} |
| 1639 |
else { |
| 1640 |
success = FALSE; |
| 1641 |
} |
| 1642 |
|
| 1643 |
/* Re-enable the user-specified SIGCHLD handler */ |
| 1644 |
sigaction(SIGCHLD, &oldHandler, NULL); |
| 1645 |
|
| 1646 |
free(authCmd); |
| 1647 |
|
| 1648 |
return success; |
| 1649 |
} |
| 1650 |
|
| 1651 |
#endif |
