static LDAP *ldap_init_and_bind (const char *host,
const char *user_dn,
const char *password)
{
LDAP *ld;
int res;
int desired_version = LDAP_VERSION3;
res = ldap_initialize (&ld, host);
if (res != LDAP_SUCCESS) {
ccnet_warning ("ldap_initialize failed: %s.\n", ldap_err2string(res));
return NULL;
}
/* set the LDAP version to be 3 */
res = ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &desired_version);
if (res != LDAP_OPT_SUCCESS) {
ccnet_warning ("ldap_set_option failed: %s.\n", ldap_err2string(res));
return NULL;
}
if (user_dn) {
res = ldap_bind_s (ld, user_dn, password, LDAP_AUTH_SIMPLE);
if (res != LDAP_SUCCESS ) {
ccnet_warning ("ldap_bind failed: %s.\n", ldap_err2string(res));
ldap_unbind_s (ld);
return NULL;
}
}
return ld;
}
static evutil_socket_t
createSocket (int family, int nonblock)
{
evutil_socket_t fd;
int ret;
fd = socket (family, SOCK_STREAM, 0);
if (fd < 0) {
ccnet_warning("create Socket failed %d\n", fd);
} else if (nonblock) {
int nodelay = 1;
fd = makeSocketNonBlocking( fd );
ret = setsockopt (fd, IPPROTO_TCP, TCP_NODELAY,
(char *)&nodelay, sizeof(nodelay));
if (ret < 0) {
ccnet_warning("setsockopt failed\n");
evutil_closesocket(fd);
return -1;
}
}
return fd;
}
static int try_load_ldap_settings (CcnetUserManager *manager)
{
GKeyFile *config = manager->session->keyf;
manager->ldap_host = g_key_file_get_string (config, "LDAP", "HOST", NULL);
if (!manager->ldap_host)
return 0;
manager->use_ldap = TRUE;
manager->base = g_key_file_get_string (config, "LDAP", "BASE", NULL);
if (!manager->base) {
ccnet_warning ("LDAP: BASE not found in config file.\n");
return -1;
}
manager->user_dn = g_key_file_get_string (config, "LDAP", "USER_DN", NULL);
if (manager->user_dn) {
manager->password = g_key_file_get_string (config, "LDAP", "PASSWORD", NULL);
if (!manager->password) {
ccnet_warning ("LDAP: PASSWORD not found in config file.\n");
return -1;
}
}
/* Use anonymous if user_dn is not set. */
manager->login_attr = g_key_file_get_string (config, "LDAP", "LOGIN_ATTR", NULL);
if (!manager->login_attr)
manager->login_attr = g_strdup("mail");
return 0;
}
static int
write_pidfile (const char *pidfile_path)
{
if (!pidfile_path)
return -1;
pid_t pid = getpid();
FILE *pidfile = fopen(pidfile_path, "w");
if (!pidfile) {
ccnet_warning ("Failed to fopen() pidfile %s: %s\n",
pidfile_path, strerror(errno));
return -1;
}
char buf[32];
snprintf (buf, sizeof(buf), "%d\n", pid);
if (fputs(buf, pidfile) < 0) {
ccnet_warning ("Failed to write pidfile %s: %s\n",
pidfile_path, strerror(errno));
return -1;
}
fflush (pidfile);
fclose (pidfile);
return 0;
}
static LDAP *ldap_init_and_bind (const char *host,
#ifdef WIN32
gboolean use_ssl,
#endif
const char *user_dn,
const char *password)
{
LDAP *ld;
int res;
int desired_version = LDAP_VERSION3;
#ifndef WIN32
res = ldap_initialize (&ld, host);
if (res != LDAP_SUCCESS) {
ccnet_warning ("ldap_initialize failed: %s.\n", ldap_err2string(res));
return NULL;
}
#else
char *host_copy = g_strdup (host);
if (!use_ssl)
ld = ldap_init (host_copy, LDAP_PORT);
else
ld = ldap_sslinit (host_copy, LDAP_SSL_PORT, 1);
g_free (host_copy);
if (!ld) {
ccnet_warning ("ldap_init failed: %ul.\n", LdapGetLastError());
return NULL;
}
#endif
/* set the LDAP version to be 3 */
res = ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &desired_version);
if (res != LDAP_OPT_SUCCESS) {
ccnet_warning ("ldap_set_option failed: %s.\n", ldap_err2string(res));
return NULL;
}
if (user_dn) {
#ifndef WIN32
res = ldap_bind_s (ld, user_dn, password, LDAP_AUTH_SIMPLE);
#else
char *dn_copy = g_strdup(user_dn);
char *password_copy = g_strdup(password);
res = ldap_bind_s (ld, dn_copy, password_copy, LDAP_AUTH_SIMPLE);
g_free (dn_copy);
g_free (password_copy);
#endif
if (res != LDAP_SUCCESS ) {
ccnet_warning ("ldap_bind failed: %s.\n", ldap_err2string(res));
ldap_unbind_s (ld);
return NULL;
}
}
return ld;
}
static void *
dns_lookup (void *vdata)
{
DNSLookupData *data = vdata;
struct evutil_addrinfo hints;
struct evutil_addrinfo *answer = NULL;
int err;
void *addr;
char *addr_str;
socklen_t size;
/* Build the hints to tell getaddrinfo how to act. */
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_INET; /* only use IPv4 now. */
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP; /* We want a TCP socket */
/* Only return addresses we can use. */
hints.ai_flags = EVUTIL_AI_ADDRCONFIG;
/* Look up the hostname. */
err = evutil_getaddrinfo(data->peer->public_addr, NULL, &hints, &answer);
if (err != 0) {
ccnet_warning("Error while resolving '%s': %s\n",
data->peer->public_addr, evutil_gai_strerror(err));
return vdata;
}
/* just use the first answer */
if (answer->ai_family == AF_INET) {
size = INET_ADDRSTRLEN;
addr = &((struct sockaddr_in *)(answer->ai_addr))->sin_addr;
} else if (answer->ai_family == AF_INET6) {
size = INET6_ADDRSTRLEN;
addr = &((struct sockaddr_in6 *)(answer->ai_addr))->sin6_addr;
} else
goto out;
addr_str = (char *)calloc(size, sizeof(char));
if (addr_str == NULL) {
ccnet_error("Out of memory\n");
goto out;
}
if (!inet_ntop(answer->ai_family, addr, addr_str, size)) {
ccnet_warning("Peer %s domain name %s lookup fail\n",
data->peer->name, data->peer->public_addr);
free(addr_str);
goto out;
}
data->addr_str = addr_str;
out:
evutil_freeaddrinfo (answer);
return vdata;
}
static void
handle_update (CcnetProcessor *processor,
char *code, char *code_msg,
char *content, int clen)
{
USE_PRIV;
if (strcmp(code, SC_SESSION_KEY) == 0) {
if (processor->peer->session_key) {
ccnet_processor_send_response (processor,
SC_ALREADY_HAS_KEY,
SS_ALREADY_HAS_KEY,
NULL, 0);
ccnet_processor_done (processor, TRUE);
return;
}
if (update_peer_session_key (processor->peer, content, clen) < 0) {
ccnet_processor_send_response (processor,
SC_BAD_KEY, SS_BAD_KEY,
NULL, 0);
ccnet_processor_done (processor, FALSE);
return;
}
if (priv->encrypt_channel) {
/* peer ask to encrypt channel, check whether we want it too */
if (ccnet_session_should_encrypt_channel(processor->session)) {
/* send the ok reply first */
ccnet_processor_send_response (processor,
SC_OK, SS_OK,
NULL, 0);
/* now setup encryption */
if (ccnet_peer_prepare_channel_encryption (processor->peer) < 0)
/* this is very rare, we just print a warning */
ccnet_warning ("Error in prepare channel encryption\n");
} else
ccnet_processor_send_response (
processor, SC_NO_ENCRYPT, SS_NO_ENCRYPT, NULL, 0);
} else
ccnet_processor_send_response (
processor, SC_OK, SS_OK, NULL, 0);
ccnet_peer_manager_on_peer_session_key_received (processor->peer->manager,
processor->peer);
ccnet_processor_done (processor, TRUE);
return;
}
ccnet_warning ("[recv session key] bad update %s:%s\n",
code, code_msg);
ccnet_processor_done (processor, FALSE);
}
evutil_socket_t
ccnet_net_bind_v4 (const char *ipaddr, int *port)
{
evutil_socket_t sockfd;
struct sockaddr_in addr;
int on = 1;
sockfd = socket (AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
ccnet_warning("create socket failed: %s\n", strerror(errno));
exit(-1);
}
memset (&addr, 0, sizeof (struct sockaddr_in));
addr.sin_family = AF_INET;
if (inet_aton(ipaddr, &addr.sin_addr) == 0) {
ccnet_warning ("Bad ip address %s\n", ipaddr);
return -1;
}
addr.sin_port = htons (*port);
if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)) < 0)
{
ccnet_warning ("setsockopt of SO_REUSEADDR error: %s\n",
strerror(errno));
return -1;
}
if ( bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
ccnet_warning ("Bind error: %s\n", strerror (errno));
return -1;
}
if (*port == 0) {
struct sockaddr_storage ss;
socklen_t len;
len = sizeof(ss);
if (getsockname(sockfd, (struct sockaddr *)&ss, &len) < 0) {
ccnet_warning ("getsockname error: %s\n", strerror(errno));
return -1;
}
*port = sock_port ((struct sockaddr *)&ss);
}
return sockfd;
}
void
ccnet_session_save_config (CcnetSession *session)
{
GError *error = NULL;
char *str;
FILE *fp;
ccnet_message ("[Session] Saving configure file\n");
if (session->saving_pub) {
/* only update timestamp when pubinfo changes */
save_pubinfo (session);
session->saving_pub = 0;
}
g_key_file_set_string (session->keyf, "General", "NAME",
session->base.name);
g_key_file_set_string (session->keyf, "General", "ID",
session->base.id);
g_key_file_set_string (session->keyf, "General", "USER_NAME",
session->base.user_name);
#ifdef CCNET_SERVER
g_key_file_set_string (session->keyf, "General", "SERVICE_URL",
session->base.service_url?session->base.service_url:"");
#endif
g_key_file_set_integer (session->keyf, "Network", "PORT",
session->base.public_port);
g_key_file_set_integer (session->keyf, "Client", "PORT", session->local_port);
str = g_key_file_to_data (session->keyf, NULL, &error);
if (error) {
ccnet_warning ("Can't save unauth peer info: %s\n",
error->message);
return;
}
if ((fp = g_fopen (session->config_file, "wb")) == NULL) {
ccnet_warning ("Can't save session conf: %s\n", strerror(errno));
g_free (str);
return;
}
fputs (str, fp);
fclose (fp);
g_free (str);
return;
}
CcnetPeer*
ccnet_peer_from_string (char *content)
{
CcnetPeer *peer = NULL;
char *ptr, *start = content;
if ( !(ptr = strchr(start, '\n')) ) return NULL;
*ptr = '\0';
char *object_id = start;
start = ptr + 1;
char *object_type = ccnet_object_type_from_id (object_id);
if (g_strcmp0(object_type, OBJECT_TYPE_STRING) != 0)
goto out;
char *pure_id = object_id + strlen(object_type) + 1;
if (!peer_id_valid(pure_id)) {
ccnet_warning ("Wrong peer id %s\n", pure_id);
goto out;
}
peer = ccnet_peer_new (pure_id);
parse_key_value_pairs (
start, (KeyValueFunc)parse_field, peer);
out:
g_free (object_type);
return peer;
}
static void
read_peer_id (CcnetHandshake *handshake, ccnet_packet *packet)
{
uint16_t len;
char *id;
/* get id */
len = packet->header.length;
id = g_malloc (len + 1);
memcpy (id, packet->data, len);
id[len] = '\0';
handshake->id = id;
if (handshake->state == INIT) {
/* we are the slave */
ccnet_debug ("[Conn] Incoming: Read peer id %.8s\n", id);
send_handshake_message (handshake);
handshake->state = ID_RECEIVED;
} else if (handshake->state == ID_SENT) {
/* we are the master */
ccnet_debug ("[Conn] Outgoing: Read peer %s id %.8s\n",
handshake->peer->name, id);
if (g_strcmp0 (handshake->peer->id, handshake->id) != 0) {
ccnet_warning ("[Conn] Received peer id does not match.\n");
ccnet_handshake_done (handshake, FALSE);
return;
}
send_ack (handshake);
ccnet_handshake_done (handshake, TRUE);
}
}
int
server_session_prepare (CcnetSession *session)
{
CcnetServerSession *server_session = (CcnetServerSession *)session;
char *service_url = NULL;
service_url = ccnet_key_file_get_string (session->keyf, "General", "SERVICE_URL");
session->base.service_url = service_url;
if (load_database_config (session) < 0) {
ccnet_warning ("Failed to load database config.\n");
return -1;
}
/* */
char *enc;
enc = ccnet_key_file_get_string (session->keyf, "NETWORK", "ENCRYPT_CHANNEL");
if (enc && g_ascii_strncasecmp(enc, "false", 5) == 0)
session->encrypt_channel = 0;
else
/* encrypt channel on default */
session->encrypt_channel = 1;
if (ccnet_user_manager_prepare (server_session->user_mgr) < 0)
return -1;
if (ccnet_group_manager_prepare (server_session->group_mgr) < 0)
return -1;
if (ccnet_org_manager_prepare (server_session->org_mgr) < 0)
return -1;
return 0;
}
int
ccnet_user_manager_prepare (CcnetUserManager *manager)
{
int ret;
#ifdef HAVE_LDAP
if (try_load_ldap_settings (manager) < 0)
return -1;
#endif
manager->userdb_path = g_build_filename (manager->session->config_dir,
"user-db", NULL);
ret = open_db(manager);
if (ret < 0)
return ret;
manager->priv->cur_users = ccnet_user_manager_count_emailusers (manager);
if (manager->priv->max_users != 0
&& manager->priv->cur_users > manager->priv->max_users) {
ccnet_warning ("The number of users exceeds limit, max %d, current %d\n",
manager->priv->max_users, manager->priv->cur_users);
return -1;
}
return 0;
}
void ccnet_peer_set_pubkey (CcnetPeer *peer, char *str)
{
g_object_set (peer, "pubkey", str, NULL);
if (!peer->pubkey)
ccnet_warning("Wrong public key format\n");
peer->need_saving = 1;
}
int
ccnet_user_manager_prepare (CcnetUserManager *manager)
{
int ret;
#ifdef HAVE_LDAP
if (try_load_ldap_settings (manager) < 0)
return -1;
#endif
int iter = g_key_file_get_integer (manager->session->keyf,
"USER", "PASSWORD_HASH_ITERATIONS",
NULL);
if (iter <= 0)
iter = DEFAULT_PASSWD_HASH_ITER;
manager->passwd_hash_iter = iter;
manager->userdb_path = g_build_filename (manager->session->config_dir,
"user-db", NULL);
ret = open_db(manager);
if (ret < 0)
return ret;
manager->priv->cur_users = ccnet_user_manager_count_emailusers (manager);
if (manager->priv->max_users != 0
&& manager->priv->cur_users > manager->priv->max_users) {
ccnet_warning ("The number of users exceeds limit, max %d, current %d\n",
manager->priv->max_users, manager->priv->cur_users);
return -1;
}
return 0;
}
static void
hash_password_pbkdf2_sha256 (const char *passwd,
int iterations,
char **db_passwd)
{
guint8 sha[SHA256_DIGEST_LENGTH];
guint8 salt[SHA256_DIGEST_LENGTH];
char hashed_passwd[SHA256_DIGEST_LENGTH*2+1];
char salt_str[SHA256_DIGEST_LENGTH*2+1];
if (!RAND_bytes (salt, sizeof(salt))) {
ccnet_warning ("Failed to generate salt "
"with RAND_bytes(), use RAND_pseudo_bytes().\n");
RAND_pseudo_bytes (salt, sizeof(salt));
}
PKCS5_PBKDF2_HMAC (passwd, strlen(passwd),
salt, sizeof(salt),
iterations,
EVP_sha256(),
sizeof(sha), sha);
rawdata_to_hex (sha, hashed_passwd, SHA256_DIGEST_LENGTH);
rawdata_to_hex (salt, salt_str, SHA256_DIGEST_LENGTH);
/* Encode password hash related information into one string, similar to Django. */
GString *buf = g_string_new (NULL);
g_string_printf (buf, "PBKDF2SHA256$%d$%s$%s",
iterations, salt_str, hashed_passwd);
*db_passwd = g_string_free (buf, FALSE);
}
static gboolean
validate_passwd_pbkdf2_sha256 (const char *passwd, const char *db_passwd)
{
char **tokens;
char *salt_str, *hash;
int iter;
guint8 sha[SHA256_DIGEST_LENGTH];
guint8 salt[SHA256_DIGEST_LENGTH];
char hashed_passwd[SHA256_DIGEST_LENGTH*2+1];
tokens = g_strsplit (db_passwd, "$", -1);
if (!tokens || g_strv_length (tokens) != 4) {
ccnet_warning ("Invalide db passwd format %s.\n", db_passwd);
return FALSE;
}
iter = atoi (tokens[1]);
salt_str = tokens[2];
hash = tokens[3];
hex_to_rawdata (salt_str, salt, SHA256_DIGEST_LENGTH);
PKCS5_PBKDF2_HMAC (passwd, strlen(passwd),
salt, sizeof(salt),
iter,
EVP_sha256(),
sizeof(sha), sha);
rawdata_to_hex (sha, hashed_passwd, SHA256_DIGEST_LENGTH);
gboolean ret = (strcmp (hash, hashed_passwd) == 0);
g_strfreev (tokens);
return ret;
}
static void
save_peerinfo (CcnetSession *session)
{
FILE *fp;
char *path;
char filename[64];
sprintf(filename, "%s%s", session->base.id, ".peer");
path = g_build_filename (session->config_dir, "misc", filename, NULL);
if ((fp = g_fopen(path, "wb")) == NULL) {
ccnet_warning ("Open public info file %s error: %s\n",
path, strerror(errno));
g_free (path);
return;
}
g_free (path);
ccnet_message ("Update pubinfo file\n");
session->myself->public_port = session->base.public_port;
GString *str = ccnet_peer_to_string (session->myself);
fputs (str->str, fp);
fclose (fp);
g_string_free (str, TRUE);
}
static void response_challenge_user(CcnetProcessor *processor,
char *code, char *code_msg,
char *content, int clen)
{
unsigned char *buf;
int decrypt_len;
if (clen == 0) {
ccnet_warning("Peer %s(%.8s) send bad format challenge\n",
processor->peer->name, processor->peer->id);
ccnet_processor_send_response (
processor, SC_BAD_CHALLENGE, SS_BAD_CHALLENGE, NULL, 0);
ccnet_processor_done(processor, FALSE);
return;
}
buf = private_key_decrypt(processor->session->user_privkey,
(unsigned char *)content, clen, &decrypt_len);
if (decrypt_len < 0) {
ccnet_processor_send_response (
processor, SC_DECRYPT_ERROR, SS_DECRYPT_ERROR, NULL, 0);
ccnet_processor_done(processor, FALSE);
} else
ccnet_processor_send_response (
processor, code, "", (char *)buf, decrypt_len);
g_free(buf);
}
void ccnet_processor_handle_response (CcnetProcessor *processor,
char *code, char *code_msg,
char *content, int clen)
{
if ((code[0] == '5' || code[0] == '4') &&
!CCNET_IS_KEEPALIVE2_PROC(processor))
{
ccnet_warning ("[Proc] peer %.10s, Shutdown processor %s(%d) for bad response: %s %s\n",
processor->peer->id, GET_PNAME(processor), PRINT_ID(processor->id),
code, code_msg);
/* Stub proc should relay the message before it shuts down. */
if (CCNET_IS_SERVICE_PROXY_PROC(processor) ||
CCNET_IS_SERVICE_STUB_PROC(processor)) {
CCNET_PROCESSOR_GET_CLASS (processor)->handle_response (
processor, code, code_msg, content, clen);
}
if (memcmp(code, SC_UNKNOWN_SERVICE, 3) == 0)
processor->failure = PROC_NO_SERVICE;
else if (memcmp(code, SC_PERM_ERR, 3) == 0)
processor->failure = PROC_PERM_ERR;
else if (memcmp(code, SC_CON_TIMEOUT, 3) == 0)
processor->failure = PROC_CON_TIMEOUT;
else if (memcmp(code, SC_KEEPALIVE_TIMEOUT, 3) == 0)
processor->failure = PROC_TIMEOUT;
else if (memcmp(code, SC_NETDOWN, 3) == 0)
processor->failure = PROC_NETDOWN;
else
processor->failure = PROC_BAD_RESP;
ccnet_processor_done (processor, FALSE);
return;
}
processor->t_packet_recv = time(NULL);
if (memcmp (code, SC_PROC_KEEPALIVE, 3) == 0) {
ccnet_processor_keep_alive_response (processor);
} else if (memcmp (code, SC_PROC_ALIVE, 3) == 0) {
/* do nothing */
} else if (memcmp (code, SC_PROC_DEAD, 3) == 0) {
ccnet_debug ("[Proc] Shutdown processor %s(%d) when remote processor dies\n",
GET_PNAME(processor), PRINT_ID(processor->id));
if (CCNET_IS_SERVICE_PROXY_PROC(processor) ||
CCNET_IS_SERVICE_STUB_PROC(processor)) {
CCNET_PROCESSOR_GET_CLASS (processor)->handle_response (
processor, code, code_msg, content, clen);
}
processor->failure = PROC_REMOTE_DEAD;
ccnet_processor_done (processor, FALSE);
} else
CCNET_PROCESSOR_GET_CLASS (processor)->handle_response (processor,
code, code_msg,
content, clen);
}
static BHandle *
block_backend_fs_open_block (BlockBackend *bend,
const char *store_id,
int version,
const char *block_id,
int rw_type)
{
BHandle *handle;
int fd = -1;
char *tmp_file;
g_return_val_if_fail (block_id != NULL, NULL);
g_return_val_if_fail (strlen(block_id) == 40, NULL);
g_return_val_if_fail (rw_type == BLOCK_READ || rw_type == BLOCK_WRITE, NULL);
if (rw_type == BLOCK_READ) {
char path[SEAF_PATH_MAX];
get_block_path (bend, block_id, path, store_id, version);
fd = g_open (path, O_RDONLY | O_BINARY, 0);
if (fd < 0) {
ccnet_warning ("[block bend] failed to open block %s for read: %s\n",
block_id, strerror(errno));
return NULL;
}
} else {
fd = open_tmp_file (bend, block_id, &tmp_file);
if (fd < 0) {
ccnet_warning ("[block bend] failed to open block %s for write: %s\n",
block_id, strerror(errno));
return NULL;
}
}
handle = g_new0(BHandle, 1);
handle->fd = fd;
memcpy (handle->block_id, block_id, 41);
handle->rw_type = rw_type;
if (rw_type == BLOCK_WRITE)
handle->tmp_file = tmp_file;
if (store_id)
handle->store_id = g_strdup(store_id);
handle->version = version;
return handle;
}
static void
handle_request (CcnetPeer *peer, int req_id, char *data, int len)
{
char *msg;
gchar **commands;
gchar **pcmd;
int i, perm;
/* TODO: remove string copy */
if (len < 1)
return;
msg = g_malloc (len+1);
memcpy (msg, data, len);
msg[len] = '\0';
commands = g_strsplit_set (msg, " \t", 10);
for (i=0, pcmd = commands; *pcmd; pcmd++)
i++;
if (i <= 0) return;
g_free (msg);
/* permission checking */
if (!peer->is_local) {
perm = ccnet_perm_manager_check_permission(peer->manager->session->perm_mgr,
peer, commands[0],
req_id,
i, commands);
if (perm == PERM_CHECK_ERROR) {
ccnet_peer_send_response (peer, req_id, SC_PERM_ERR, SS_PERM_ERR,
NULL, 0);
goto ret;
} else if (perm == PERM_CHECK_DELAY) {
ccnet_peer_send_response (peer, req_id, SC_PERM_ERR, SS_PERM_ERR,
NULL, 0);
goto ret;
} else if (perm == PERM_CHECK_NOSERVICE) {
ccnet_peer_send_response (peer, req_id, SC_UNKNOWN_SERVICE_IN_PERM,
SS_UNKNOWN_SERVICE_IN_PERM, NULL, 0);
goto ret;
}
}
/* check duplication request */
CcnetProcessor *processor;
processor = ccnet_peer_get_processor (peer, SLAVE_ID(req_id));
if (processor != NULL) {
ccnet_warning ("Received duplication request, id is %d\n", req_id);
goto ret;
}
create_processor (peer, req_id, i, commands);
ret:
g_strfreev (commands);
}
void
ccnet_conn_manager_add_to_conn_list (CcnetConnManager *manager,
CcnetPeer *peer)
{
if (g_list_find (manager->conn_list, peer)) {
ccnet_warning ("[Conn] peer %s(%.8s) is already in conn_list\n",
peer->name, peer->id);
return;
}
manager->conn_list = g_list_prepend (manager->conn_list, peer);
g_object_ref (peer);
}
void start_keepalive (CcnetPeer *peer)
{
CcnetProcessor *processor;
CcnetProcFactory *factory = peer->manager->session->proc_factory;
processor = ccnet_proc_factory_create_master_processor (factory,
"keepalive2", peer);
if (processor == NULL) {
ccnet_warning ("Create keepalive2 processor failed\n");
return;
}
ccnet_processor_startl (processor, NULL);
}
evutil_socket_t
udp_client (const char *host, const char *serv,
struct sockaddr **saptr, socklen_t *lenp)
{
evutil_socket_t sockfd;
int n;
struct addrinfo hints, *res, *ressave;
memset (&hints, 0, sizeof(struct addrinfo));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_DGRAM;
if ((n = getaddrinfo(host, serv, &hints, &res)) != 0) {
ccnet_warning ("udp_client error for %s, %s: %s",
host, serv, gai_strerror(n));
return -1;
}
ressave = res;
do {
sockfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
if (sockfd >= 0)
break; /* success */
} while ( (res = res->ai_next) != NULL);
if (res == NULL) { /* errno set from final socket() */
ccnet_warning ("udp_client error for %s, %s", host, serv);
freeaddrinfo (ressave);
return -1;
}
*saptr = malloc(res->ai_addrlen);
memcpy(*saptr, res->ai_addr, res->ai_addrlen);
*lenp = res->ai_addrlen;
freeaddrinfo(ressave);
return (sockfd);
}
static int try_load_ldap_settings (CcnetUserManager *manager)
{
GKeyFile *config = manager->session->keyf;
manager->ldap_host = g_key_file_get_string (config, "LDAP", "HOST", NULL);
if (!manager->ldap_host)
return 0;
manager->use_ldap = TRUE;
#ifdef WIN32
manager->use_ssl = g_key_file_get_boolean (config, "LDAP", "USE_SSL", NULL);
#endif
char *base_list = g_key_file_get_string (config, "LDAP", "BASE", NULL);
if (!base_list) {
ccnet_warning ("LDAP: BASE not found in config file.\n");
return -1;
}
manager->base_list = g_strsplit (base_list, ";", -1);
manager->filter = g_key_file_get_string (config, "LDAP", "FILTER", NULL);
manager->user_dn = g_key_file_get_string (config, "LDAP", "USER_DN", NULL);
if (manager->user_dn) {
manager->password = g_key_file_get_string (config, "LDAP", "PASSWORD", NULL);
if (!manager->password) {
ccnet_warning ("LDAP: PASSWORD not found in config file.\n");
return -1;
}
}
/* Use anonymous if user_dn is not set. */
manager->login_attr = g_key_file_get_string (config, "LDAP", "LOGIN_ATTR", NULL);
if (!manager->login_attr)
manager->login_attr = g_strdup("mail");
return 0;
}
static void
read_ok (CcnetHandshake *handshake, ccnet_packet *packet)
{
if (packet->header.type != CCNET_MSG_OK) {
ccnet_warning ("[Conn] Read wrong ack format\n");
ccnet_handshake_done (handshake, FALSE);
} else {
ccnet_debug ("[Conn] Incoming: Read ack (%.10s)\n", handshake->id);
ccnet_handshake_done (handshake, TRUE);
}
return;
}
static void get_user_pubinfo (CcnetPeer *peer)
{
CcnetProcessor *newp;
CcnetProcFactory *factory = peer->manager->session->proc_factory;
newp = ccnet_proc_factory_create_master_processor (factory,
"get-user", peer);
if (newp == NULL) {
ccnet_warning ("Create get user info processor failed\n");
return;
}
ccnet_processor_startl (newp, NULL);
}
int
ccnet_session_prepare (CcnetSession *session, const char *config_dir_r, gboolean test_config)
{
char *misc_path;
int ret;
if (ccnet_session_load_config (session, config_dir_r) < 0)
return -1;
misc_path = g_build_filename (session->config_dir, "misc", NULL);
if (checkdir_with_mkdir (misc_path) < 0) {
ccnet_error ("mkdir %s error", misc_path);
return -1;
}
/* config db */
session->config_db = ccnet_session_config_open_db (misc_path);
if (!session->config_db) {
ccnet_warning ("Failed to open config db.\n");
return -1;
}
/* call subclass prepare */
ret = CCNET_SESSION_GET_CLASS (session)->prepare(session);
if (ret < 0)
return ret;
/* peer */
ccnet_peer_manager_prepare(session->peer_mgr);
g_signal_connect (session->peer_mgr, "peer-auth-done",
G_CALLBACK(on_peer_auth_done), session);
/* permission manager */
ccnet_perm_manager_prepare (session->perm_mgr);
g_free (misc_path);
if (test_config) {
return 0;
} else {
/* Open localhost, if failed, then the program will exists. This is used
* to prevent two instance of ccnet on the same port.
*/
listen_on_localhost (session);
/* refresh pubinfo on every startup */
save_pubinfo (session);
}
return 0;
}
/*
* @uid: user's uid, list all users if * is passed in.
*/
static int ldap_count_users (CcnetUserManager *manager, const char *uid)
{
LDAP *ld = NULL;
int res;
GString *filter;
char *filter_str;
char *attrs[2];
LDAPMessage *msg = NULL;
ld = ldap_init_and_bind (manager->ldap_host,
#ifdef WIN32
manager->use_ssl,
#endif
manager->user_dn,
manager->password);
if (!ld)
return -1;
filter = g_string_new (NULL);
if (!manager->filter)
g_string_printf (filter, "(%s=%s)", manager->login_attr, uid);
else
g_string_printf (filter, "(&(%s=%s) (%s))",
manager->login_attr, uid, manager->filter);
filter_str = g_string_free (filter, FALSE);
attrs[0] = manager->login_attr;
attrs[1] = NULL;
char **base;
int count = 0;
for (base = manager->base_list; *base; ++base) {
res = ldap_search_s (ld, *base, LDAP_SCOPE_SUBTREE,
filter_str, attrs, 0, &msg);
if (res != LDAP_SUCCESS) {
ccnet_warning ("ldap_search failed: %s.\n", ldap_err2string(res));
ldap_msgfree (msg);
count = -1;
goto out;
}
count += ldap_count_entries (ld, msg);
ldap_msgfree (msg);
}
out:
g_free (filter_str);
if (ld) ldap_unbind_s (ld);
return count;
}
