//检查一个端口是否安全.然后根据配置进行处理 int Ogre_Comm_Manger::check_safe_port(ZCE_Sockaddr_In &inetadd) { //如果打开了保险检查,检查配置的端口 if ( false == inetadd.check_safeport() ) { //如果使用保险打开(TRUE) if (ogre_config_->ogre_cfg_data_.ogre_insurance_) { ZCE_LOG(RS_ERROR, "Unsafe port [%s|%u],if you need to open this port,please close insurance. \n", inetadd.get_host_addr(), inetadd.get_port_number()); return SOAR_RET::ERR_OGRE_UNSAFE_PORT_WARN; } //如果不使用保险(FALSE) else { //给出警告 ZCE_LOG(RS_INFO, "Warn!Warn! Unsafe port [%s|%u] listen.Please notice! \n", inetadd.get_host_addr(), inetadd.get_port_number()); } } // return 0; }
int Ogre_TCPAccept_Hdl::handle_input(ZCE_HANDLE /*handle*/) { ZCE_Socket_Stream sockstream; ZCE_Sockaddr_In remoteaddress; int ret = 0; ret = peer_acceptor_.accept(sockstream, &remoteaddress); //如果出现错误,如何处理? return -1? if (ret != 0) { sockstream.close(); //记录错误 int accept_error = ZCE_LIB::last_error(); ZCE_LOG(RS_ERROR, "Accept [%s|%u] handler fail! peer_acceptor_.accept ret =%d errno=%u|%s \n", remoteaddress.get_host_addr(), remoteaddress.get_port_number(), ret, accept_error, strerror(accept_error)); //如果是这些错误继续。 if ( accept_error == EWOULDBLOCK || accept_error == EINVAL || accept_error == ECONNABORTED || accept_error == EPROTOTYPE ) { return 0; } //这儿应该退出进程 //return -1; return 0; } //如果允许的连接的服务器地址中间没有.或者在拒绝的服务列表中... kill ret = ip_restrict_->check_ip_restrict(remoteaddress) ; if (ret != 0) { return ret; } Ogre_TCP_Svc_Handler *phandler = Ogre_TCP_Svc_Handler::alloc_svchandler_from_pool(Ogre_TCP_Svc_Handler::HANDLER_MODE_ACCEPTED); if (phandler != NULL) { phandler->init_tcp_svc_handler(sockstream, peer_module_info_.fp_judge_whole_frame_); } else { sockstream.close(); } return 0; }
//检查一个端口是否安全 int Zerg_Comm_Manager::check_safeport(const ZCE_Sockaddr_In &inetadd) { //高危端口检查常量 const unsigned short UNSAFE_PORT1 = 1024; const unsigned short UNSAFE_PORT2 = 3306; const unsigned short UNSAFE_PORT3 = 36000; const unsigned short UNSAFE_PORT4 = 56000; const unsigned short SAFE_PORT1 = 80; //如果打开了保险检查,检查配置的端口 if ((inetadd.get_port_number() <= UNSAFE_PORT1 && inetadd.get_port_number() != SAFE_PORT1) || inetadd.get_port_number() == UNSAFE_PORT2 || inetadd.get_port_number() == UNSAFE_PORT3 || inetadd.get_port_number() == UNSAFE_PORT4 ) { //如果使用保险打开(TRUE) if (zerg_config_->zerg_cfg_data_.zerg_insurance_) { ZCE_LOG(RS_ERROR, "[zergsvr] Unsafe port %u,if you need to open this port,please close insurance. ", inetadd.get_port_number()); return SOAR_RET::ERR_ZERG_UNSAFE_PORT_WARN; } //如果不使用保险(FALSE) else { //给出警告 ZCE_LOG(RS_INFO, "[zergsvr] Warn!Warn! Unsafe port %u.Please notice! ", inetadd.get_port_number()); } } // return 0; }
int ZCE_Conf_PropertyTree::path_get_leaf(const std::string &path_str, const std::string &key_str, ZCE_Sockaddr_In &val) const { std::string value_str; int ret = path_get_leaf<std::string>(path_str, key_str, value_str); if (0 != ret) { return ret; } val.set(value_str.c_str()); return 0; }
ZCE_Sockaddr_In str_to_value(const char *str) { ZCE_Sockaddr_In val; val.set(str); return val; }