diff options
Diffstat (limited to 'servers/auth_server_lin/src')
| -rw-r--r-- | servers/auth_server_lin/src/Makefile.am | 2 | ||||
| -rw-r--r-- | servers/auth_server_lin/src/auth_conn.cpp | 87 | ||||
| -rw-r--r-- | servers/auth_server_lin/src/auth_conn.h | 11 | ||||
| -rw-r--r-- | servers/auth_server_lin/src/main.cpp | 40 |
4 files changed, 95 insertions, 45 deletions
diff --git a/servers/auth_server_lin/src/Makefile.am b/servers/auth_server_lin/src/Makefile.am index fb0b5f5..57d4949 100644 --- a/servers/auth_server_lin/src/Makefile.am +++ b/servers/auth_server_lin/src/Makefile.am @@ -6,6 +6,6 @@ bin_PROGRAMS = ulab_authserver ulab_authserver_SOURCES = main.cpp auth_conn.cpp ulab_authserver_METASOURCES = AUTO -ulab_authserver_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_TDEIO) -ltdetexteditor -ltdekrbsocket -ltqtrla +ulab_authserver_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_TDEIO) -ltdetexteditor -ltdekrbsocket -ltqtrla -ltdeldap KDE_OPTIONS = nofinal diff --git a/servers/auth_server_lin/src/auth_conn.cpp b/servers/auth_server_lin/src/auth_conn.cpp index 2ccbae0..ddaf902 100644 --- a/servers/auth_server_lin/src/auth_conn.cpp +++ b/servers/auth_server_lin/src/auth_conn.cpp @@ -15,13 +15,20 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * - * (c) 2012-2013 Timothy Pearson + * (c) 2012-2014 Timothy Pearson * Raptor Engineering * http://www.raptorengineeringinc.com */ #include <stdlib.h> +// getLocalMachineFQDN +#include <unistd.h> +#include <netdb.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <arpa/inet.h> + #include <grp.h> #include <pwd.h> @@ -37,6 +44,8 @@ #define STATISTICS_NEW_CONNECTION_EVENT 2 #define STATISTICS_DISCONNECTION_EVENT 3 +#define DB_SCHEMA_VERSION 1 + /* exception handling */ struct exit_exception { int c; @@ -48,8 +57,8 @@ struct exit_exception { For every client that connects to the server, the server creates a new instance of this class. */ -AuthSocket::AuthSocket(int sock, int serverID, TQObject *parent, const char *name) : - TDEKerberosServerSocket(parent, name), m_criticalSection(0), m_stationID(-1), m_bound(false), m_serviceID(0), m_serverID(serverID), m_pollInterval(10), m_terminationStamp(0), m_servActive(false), m_servState(0), m_servClientSocket(NULL), m_servClientTimeout(NULL), m_loopTimer(NULL), m_pollTimer(NULL), m_config(static_cast<AuthServer*>(parent)->m_config), m_database(NULL), m_databaseStationsCursor(NULL), +AuthSocket::AuthSocket(int sock, TQString localMachineFQDN, TQObject *parent, const char *name) : + TDEKerberosServerSocket(parent, name), m_criticalSection(0), m_stationID(-1), m_bound(false), m_serviceID(0), m_localMachineFQDN(localMachineFQDN), m_pollInterval(10), m_terminationStamp(0), m_servActive(false), m_servState(0), m_servClientSocket(NULL), m_servClientTimeout(NULL), m_loopTimer(NULL), m_pollTimer(NULL), m_config(static_cast<AuthServer*>(parent)->m_config), m_database(NULL), m_databaseStationsCursor(NULL), m_databaseServicesCursor(NULL), m_databaseServiceTypesCursor(NULL), m_databasePermissionsCursor(NULL), m_databaseActivityCursor(NULL), m_databaseStatisticsCursor(NULL), m_databaseStatusCursor(NULL) { // Read settings @@ -368,7 +377,7 @@ void AuthSocket::pollFlags() { void AuthSocket::updateStatistics(int eventType) { // Update statistics long long sessionID = -1; - m_databaseActivityCursor->select(TQString("station='%1' AND username='%2' AND realmname='%3' AND serverid='%4' AND serviceid='%5'").arg(m_stationID).arg(m_authenticatedUserName).arg(m_authenticatedRealmName).arg(m_serverID).arg(m_serviceID)); + m_databaseActivityCursor->select(TQString("station='%1' AND username='%2' AND realmname='%3' AND arbiter='%4' AND serviceid='%5'").arg(m_stationID).arg(m_authenticatedUserName).arg(m_authenticatedRealmName).arg(m_localMachineFQDN).arg(m_serviceID)); if (m_databaseActivityCursor->next()) { sessionID = m_databaseActivityCursor->value("pk").toInt(); } @@ -376,7 +385,8 @@ void AuthSocket::updateStatistics(int eventType) { TQSqlRecord *buffer = m_databaseStatisticsCursor->primeInsert(); buffer->setValue("timestamp", TQDateTime::currentDateTime().toTime_t()); buffer->setValue("eventtypeid", eventType); - buffer->setValue("serverid", m_stationID); + buffer->setValue("arbiter", m_localMachineFQDN); + buffer->setValue("stationid", m_stationID); buffer->setValue("sessionid", sessionID); buffer->setValue("typeid", m_serviceID); buffer->setValue("userid", userID); @@ -554,10 +564,10 @@ void AuthSocket::commandLoop() { // Update database TQSqlRecord *buffer = m_databaseActivityCursor->primeInsert(); buffer->setValue("station", m_stationID); + buffer->setValue("arbiter", m_localMachineFQDN); buffer->setValue("username", m_authenticatedUserName); buffer->setValue("realmname", m_authenticatedRealmName); buffer->setValue("logontime", TQDateTime::currentDateTime().toTime_t()); - buffer->setValue("serverid", m_serverID); buffer->setValue("serviceid", m_serviceID); buffer->setValue("terminate", 0); m_databaseActivityCursor->insert(); @@ -645,10 +655,10 @@ void AuthSocket::commandLoop() { m_serviceID = sid; TQSqlRecord *buffer = m_databaseActivityCursor->primeInsert(); buffer->setValue("station", m_stationID); + buffer->setValue("arbiter", m_localMachineFQDN); buffer->setValue("username", m_authenticatedUserName); buffer->setValue("realmname", m_authenticatedRealmName); buffer->setValue("logontime", TQDateTime::currentDateTime().toTime_t()); - buffer->setValue("serverid", m_serverID); buffer->setValue("serviceid", m_serviceID); buffer->setValue("terminate", 0); m_databaseActivityCursor->insert(); @@ -745,21 +755,32 @@ int AuthSocket::connectToDatabase() { AuthServer::AuthServer(TQObject* parent) : TQServerSocket( 4004, 1, parent ), m_database(NULL) { + m_localMachineFQDN = getLocalMachineFQDN(); m_config = new KSimpleConfig("ulab_authserver.conf", false); if (connectToDatabase() != 0) { exit(1); } - m_serverID = 0; - TDECmdLineArgs* const args = TDECmdLineArgs::parsedArgs(); - if ((args) && (args->count() > 0)) { - m_serverID = TQString(args->arg(0)).toInt(); + // Verify schema version + bool schemaValid = 0; + uint schemaVersion = 0; + TQSqlCursor databaseDBSchemaCursor("dbschema", TRUE, m_database); + databaseDBSchemaCursor.select(TQString("skey='revision'")); + if (databaseDBSchemaCursor.next()) { + schemaVersion = databaseDBSchemaCursor.value("value").toUInt(); + if (schemaVersion == DB_SCHEMA_VERSION) { + schemaValid = 1; + } + } + if (!schemaValid) { + printf("[ERROR] Schema version not present or incorrect (got %d expected %d)\n\r", schemaVersion, DB_SCHEMA_VERSION); + exit(1); } // Delete existing activity entries for this server ID TQSqlCursor databaseActivityCursor("activity", TRUE, m_database); - databaseActivityCursor.select(TQString("serverid='%1'").arg(m_serverID)); + databaseActivityCursor.select(TQString("arbiter='%1'").arg(m_localMachineFQDN)); while (databaseActivityCursor.next()) { databaseActivityCursor.primeDelete(); databaseActivityCursor.del(false); @@ -805,12 +826,17 @@ AuthServer::~AuthServer() { int AuthServer::connectToDatabase() { m_config->setGroup("Database"); - m_database = TQSqlDatabase::addDatabase(m_config->readEntry("driver")); + TQString databaseDriver = m_config->readEntry("driver"); + m_database = TQSqlDatabase::addDatabase(databaseDriver); m_database->setDatabaseName(m_config->readEntry("database")); m_database->setUserName(m_config->readEntry("username")); m_database->setPassword(m_config->readEntry("password")); m_database->setHostName(m_config->readEntry("server")); + if (databaseDriver.contains("MYSQL")) { + m_database->setConnectOptions("MYSQL_OPT_RECONNECT"); + } + if(!m_database->open()) { printf("[ERROR] Failed to connect to control database on server '%s' [%s]\n\r", m_database->hostName().ascii(), m_database->lastError().text().ascii()); fflush(stdout); TQSqlDatabase::removeDatabase(m_database); @@ -858,10 +884,8 @@ int AuthServer::connectToDatabase() { return -1; } - // FIXME - // We currently have no way to handle something as simple as the database server going offline! - // Start database ping process + // When combined with the MYSQL_OPT_RECONNECT flag passed above, this will keep the connection open even if the database server goes offline and then comes back online m_sqlPingTimer = new TQTimer(); connect(m_sqlPingTimer, SIGNAL(timeout()), this, SLOT(pingSQLServer())); m_sqlPingTimer->start(60*1000); @@ -870,14 +894,35 @@ int AuthServer::connectToDatabase() { } void AuthServer::pingSQLServer() { - // FIXME - // We might as well gather statistics here... - TQSqlQuery query; - query.exec("SELECT * FROM activity"); + if (m_database) { + m_database->ping(); + } +} + +TQString AuthServer::getLocalMachineFQDN() { + struct addrinfo hints, *res; + int err; + + char hostname[1024]; + hostname[1023] = '\0'; + gethostname(hostname, 1023); + + memset(&hints, 0, sizeof hints); + hints.ai_socktype = SOCK_STREAM; + hints.ai_family = AF_UNSPEC; + hints.ai_flags = AI_CANONNAME; + + if ((err = getaddrinfo(hostname, NULL, &hints, &res)) != 0) { + return TQString::null; + } + + TQString ret(res->ai_canonname); + freeaddrinfo(res); + return ret; } void AuthServer::newConnection(int socket) { - AuthSocket *s = new AuthSocket(socket, m_serverID, this); + AuthSocket *s = new AuthSocket(socket, m_localMachineFQDN, this); s->m_remoteHost = s->peerAddress().toString(); printf("[DEBUG] New connection from %s\n\r", s->m_remoteHost.ascii()); connect(s, SIGNAL(connectionClosed()), s, SLOT(deleteLater())); diff --git a/servers/auth_server_lin/src/auth_conn.h b/servers/auth_server_lin/src/auth_conn.h index ab0eff9..3b3ed58 100644 --- a/servers/auth_server_lin/src/auth_conn.h +++ b/servers/auth_server_lin/src/auth_conn.h @@ -15,7 +15,7 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * - * (c) 2012-2013 Timothy Pearson + * (c) 2012-2014 Timothy Pearson * Raptor Engineering * http://www.raptorengineeringinc.com */ @@ -46,7 +46,7 @@ class AuthSocket : public TDEKerberosServerSocket Q_OBJECT public: - AuthSocket(int sock, int serverID, TQObject *parent=0, const char *name=0); + AuthSocket(int sock, TQString localMachineFQDN, TQObject *parent=0, const char *name=0); ~AuthSocket(); public: @@ -72,7 +72,7 @@ class AuthSocket : public TDEKerberosServerSocket int m_stationID; bool m_bound; int m_serviceID; - int m_serverID; + TQString m_localMachineFQDN; int m_pollInterval; TQ_ULLONG m_terminationStamp; @@ -121,10 +121,13 @@ class AuthServer : public TQServerSocket void newConnect(AuthSocket*); private: + TQString getLocalMachineFQDN(); + + private: KSimpleConfig* m_config; TQSqlDatabase* m_database; TQTimer* m_sqlPingTimer; - int m_serverID; + TQString m_localMachineFQDN; friend class AuthSocket; diff --git a/servers/auth_server_lin/src/main.cpp b/servers/auth_server_lin/src/main.cpp index 2dc8b11..4757eb1 100644 --- a/servers/auth_server_lin/src/main.cpp +++ b/servers/auth_server_lin/src/main.cpp @@ -1,22 +1,24 @@ -/*************************************************************************** - * Copyright (C) 2012 by Timothy Pearson * - * kb9vqf@pearsoncomputing.net * - * * - * This program is free software; you can redistribute it and/or modify * - * it under the terms of the GNU General Public License as published by * - * the Free Software Foundation; either version 2 of the License, or * - * (at your option) any later version. * - * * - * This program is distributed in the hope that it will be useful, * - * but WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * - * GNU General Public License for more details. * - * * - * You should have received a copy of the GNU General Public License * - * along with this program; if not, write to the * - * Free Software Foundation, Inc., * - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * - ***************************************************************************/ +/* + * Remote Laboratory Authentication Server + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * (c) 2012-2014 Timothy Pearson + * Raptor Engineering + * http://www.raptorengineeringinc.com + */ #include <sys/types.h> #include <sys/socket.h> |