END_TEST
START_TEST(build_active_server_response_test)
{
std::string message;
set_active_pbs_server("", 15001);
fail_unless(build_active_server_response(message) == PBSE_NONE);
set_active_pbs_server("napali", 15001);
fail_unless(build_active_server_response(message) == PBSE_NONE);
fail_unless(!strcmp(message.c_str(), "0|6|napali|15001|"));
}
void *process_svr_conn(
void *sock)
{
const char *className = "trqauthd";
int rc = PBSE_NONE;
char *server_name = NULL;
int server_port = 0;
char *user_name = NULL;
int user_pid = 0;
int user_sock = 0;
std::string error_string;
std::string message;
int msg_len = 0;
int local_socket = *(int *)sock;
char msg_buf[1024];
long long req_type; /* Type of request coming in */
rc = socket_read_num(local_socket, &req_type);
if (rc == PBSE_NONE)
{
switch (req_type)
{
case TRQ_DOWN_TRQAUTHD:
{
rc = parse_terminate_request(local_socket, &user_name, &user_pid);
if (rc != PBSE_NONE)
break;
/* root is the only user that can terminate trqauthd */
if (strcmp(user_name, "root"))
{
rc = PBSE_PERM;
break;
}
rc = validate_user(local_socket, user_name, user_pid, msg_buf);
if (rc == PBSE_NONE)
{
trqauthd_up = false;
rc = build_active_server_response(message);
}
break;
}
case TRQ_PING_SERVER:
case TRQ_GET_ACTIVE_SERVER:
{
/* rc will get evaluated after the switch statement. */
rc = build_active_server_response(message);
break;
}
case TRQ_VALIDATE_ACTIVE_SERVER:
{
if ((rc = validate_server(server_name, server_port, NULL, NULL)) != PBSE_NONE)
{
break;
}
else if ((rc = build_active_server_response(message)) != PBSE_NONE)
{
break;
}
break;
}
case TRQ_AUTH_CONNECTION:
{
rc = authorize_socket(local_socket, message, msg_buf, &server_name, &user_name, error_string);
break;
}
default:
rc = PBSE_IVALREQ;
break;
}
}
else
{
sprintf(msg_buf, "socket_read_num failed: %d", rc);
log_record(PBSEVENT_CLIENTAUTH, PBS_EVENTCLASS_TRQAUTHD, __func__, msg_buf);
}
#ifdef UNIT_TEST
/* process_svr_conn_rc is used by ./test/trq_auth/test_trq_auth.c
to discover the status of unit test calls to process_svr_conn
*/
process_svr_conn_rc = rc;
#endif
if (rc != PBSE_NONE)
{
/* Failure case */
msg_len = 6 + 1 + 6 + 1 + 1;
if (error_string.size() == 0)
{
char *err = pbse_to_txt(rc);
if (err != NULL)
error_string = err;
}
msg_len += error_string.size();
message = string_format("%d|%d|%s|",rc, error_string.size(), error_string.c_str());
if (debug_mode == TRUE)
{
if (server_name != NULL)
fprintf(stderr, "Conn to %s port %d Fail. Conn %d not authorized (Err Num %d)\n",
server_name, server_port, user_sock, rc);
}
if (error_string.size() == 0)
{
if (server_name != NULL)
snprintf(msg_buf, sizeof(msg_buf),
"User %s at IP:port %s:%d login attempt failed --no message",
(user_name) ? user_name : "null",
server_name, server_port);
}
else
{
snprintf(msg_buf, sizeof(msg_buf),
"User %s at IP:port %s:%d login attempt failed --%s",
(user_name) ? user_name : "null",
(server_name) ? server_name : "null", server_port,
error_string.c_str());
}
log_record(PBSEVENT_CLIENTAUTH | PBSEVENT_FORCE, PBS_EVENTCLASS_TRQAUTHD,
className, msg_buf);
}
if (message.length() != 0)
rc = socket_write(local_socket, message.c_str(), message.length());
if (server_name != NULL)
free(server_name);
if (user_name != NULL)
free(user_name);
socket_close(local_socket);
free(sock);
return(NULL);
} /* END process_svr_conn() */
void *process_svr_conn(
void *sock)
{
const char *className = "trqauthd";
int rc = PBSE_NONE;
char *server_name = NULL;
int server_port = 0;
int auth_type = 0;
char *user_name = NULL;
int user_pid = 0;
int user_sock = 0;
char *error_msg = NULL;
std::string message;
int send_len = 0;
char *trq_server_addr = NULL;
int trq_server_addr_len = 0;
int svr_sock = -1;
int msg_len = 0;
int debug_mark = 0;
int local_socket = *(int *)sock;
char msg_buf[1024];
long long req_type; /* Type of request coming in */
rc = socket_read_num(local_socket, &req_type);
if (rc == PBSE_NONE)
{
switch (req_type)
{
case TRQ_DOWN_TRQAUTHD:
{
rc = parse_terminate_request(local_socket, &user_name, &user_pid);
if (rc != PBSE_NONE)
break;
/* root is the only user that can terminate trqauthd */
if (strcmp(user_name, "root"))
{
rc = PBSE_PERM;
break;
}
rc = validate_user(local_socket, user_name, user_pid, msg_buf);
if (rc == PBSE_NONE)
{
trqauthd_up = false;
rc = build_active_server_response(message);
}
break;
}
case TRQ_PING_SERVER:
case TRQ_GET_ACTIVE_SERVER:
{
/* rc will get evaluated after the switch statement. */
rc = build_active_server_response(message);
break;
}
case TRQ_VALIDATE_ACTIVE_SERVER:
{
if ((rc = validate_server(server_name, server_port, NULL, NULL)) != PBSE_NONE)
{
break;
}
else if ((rc = build_active_server_response(message)) != PBSE_NONE)
{
break;
}
break;
}
case TRQ_AUTH_CONNECTION:
{
int disconnect_svr = TRUE;
/* incoming message format is:
* trq_system_len|trq_system|trq_port|Validation_type|user_len|user|pid|psock|
* message format to pbs_server is:
* +2+22+492+user+sock+0
* format from pbs_server is:
* +2+2+0+0+1
* outgoing message format is:
* #|msg_len|message|
* Send response to client here!!
* Disconnect message to svr:
* +2+22+592+{user_len}{user}
*
* msg to client in the case of success:
* 0|0||
*/
if ((rc = parse_request_client(local_socket, &server_name, &server_port, &auth_type, &user_name, &user_pid, &user_sock)) != PBSE_NONE)
{
disconnect_svr = FALSE;
debug_mark = 1;
}
else
{
int retries = 0;
while (retries < MAX_RETRIES)
{
rc = PBSE_NONE;
disconnect_svr = TRUE;
if ((rc = validate_user(local_socket, user_name, user_pid, msg_buf)) != PBSE_NONE)
{
log_record(PBSEVENT_CLIENTAUTH | PBSEVENT_FORCE, PBS_EVENTCLASS_TRQAUTHD, __func__, msg_buf);
disconnect_svr = FALSE;
debug_mark = 1;
retries++;
usleep(20000);
continue;
}
else if ((rc = get_trq_server_addr(server_name, &trq_server_addr, &trq_server_addr_len)) != PBSE_NONE)
{
disconnect_svr = FALSE;
debug_mark = 2;
retries++;
usleep(20000);
continue;
}
else if ((svr_sock = socket_get_tcp_priv()) < 0)
{
rc = PBSE_SOCKET_FAULT;
disconnect_svr = FALSE;
debug_mark = 3;
retries++;
usleep(10000);
continue;
}
else if ((rc = socket_connect(&svr_sock, trq_server_addr, trq_server_addr_len, server_port, AF_INET, 1, &error_msg)) != PBSE_NONE)
{
/* for now we only need ssh_key and sign_key as dummys */
char *ssh_key = NULL;
char *sign_key = NULL;
char log_buf[LOCAL_LOG_BUF_SIZE];
validate_server(server_name, server_port, ssh_key, &sign_key);
sprintf(log_buf, "Active server is %s", active_pbs_server);
log_event(PBSEVENT_CLIENTAUTH, PBS_EVENTCLASS_TRQAUTHD, __func__, log_buf);
disconnect_svr = FALSE;
debug_mark = 4;
socket_close(svr_sock);
retries++;
usleep(50000);
continue;
}
else if ((rc = build_request_svr(auth_type, user_name, user_sock, message)) != PBSE_NONE)
{
socket_close(svr_sock);
disconnect_svr = FALSE;
debug_mark = 5;
retries++;
usleep(50000);
continue;
}
else if ((send_len = message.length()) <= 0)
{
socket_close(svr_sock);
disconnect_svr = FALSE;
rc = PBSE_INTERNAL;
debug_mark = 6;
retries++;
usleep(50000);
continue;
}
else if ((rc = socket_write(svr_sock, message.c_str(), send_len)) != send_len)
{
socket_close(svr_sock);
disconnect_svr = FALSE;
rc = PBSE_SOCKET_WRITE;
debug_mark = 7;
retries++;
usleep(50000);
continue;
}
else if ((rc = parse_response_svr(svr_sock, &error_msg)) != PBSE_NONE)
{
socket_close(svr_sock);
disconnect_svr = FALSE;
debug_mark = 8;
retries++;
usleep(50000);
continue;
}
else
{
/* Success case */
message = "0|0||";
if (debug_mode == TRUE)
{
fprintf(stderr, "Conn to %s port %d success. Conn %d authorized\n",
server_name, server_port, user_sock);
}
snprintf(msg_buf, sizeof(msg_buf),
"User %s at IP:port %s:%d logged in", user_name, server_name, server_port);
log_record(PBSEVENT_CLIENTAUTH | PBSEVENT_FORCE, PBS_EVENTCLASS_TRQAUTHD,
className, msg_buf);
}
break;
}
}
if (TRUE == disconnect_svr)
{
send_svr_disconnect(svr_sock, user_name);
socket_close(svr_sock);
}
break;
}
default:
rc = PBSE_IVALREQ;
break;
}
}
else
{
sprintf(msg_buf, "socket_read_num failed: %d", rc);
log_record(PBSEVENT_CLIENTAUTH, PBS_EVENTCLASS_TRQAUTHD, __func__, msg_buf);
}
#ifdef UNIT_TEST
/* process_svr_conn_rc is used by ./test/trq_auth/test_trq_auth.c
to discover the status of unit test calls to process_svr_conn
*/
process_svr_conn_rc = rc;
#endif
if (rc != PBSE_NONE)
{
/* Failure case */
msg_len = 6 + 1 + 6 + 1 + 1;
if (error_msg == NULL)
{
char *tmp_err = pbse_to_txt(rc);
if (tmp_err != NULL)
error_msg = strdup(tmp_err);
else
error_msg = strdup("");
}
msg_len += strlen(error_msg);
message = string_format("%d|%d|%s|",rc,strlen(error_msg),error_msg);
if (debug_mode == TRUE)
{
fprintf(stderr, "Conn to %s port %d Fail. Conn %d not authorized (dm = %d, Err Num %d)\n", server_name, server_port, user_sock, debug_mark, rc);
}
snprintf(msg_buf, sizeof(msg_buf),
"User %s at IP:port %s:%d login attempt failed --%s",
(user_name) ? user_name : "null",
(server_name) ? server_name : "null", server_port,
(error_msg) ? error_msg : "null");
log_record(PBSEVENT_CLIENTAUTH | PBSEVENT_FORCE, PBS_EVENTCLASS_TRQAUTHD,
className, msg_buf);
}
if (message.length() != 0)
rc = socket_write(local_socket, message.c_str(), message.length());
if (trq_server_addr != NULL)
free(trq_server_addr);
if (server_name != NULL)
free(server_name);
if (user_name != NULL)
free(user_name);
if (error_msg != NULL)
free(error_msg);
socket_close(local_socket);
free(sock);
return(NULL);
} /* END process_svr_conn() */
