diff options
Diffstat (limited to 'src/session.c')
-rw-r--r-- | src/session.c | 278 |
1 files changed, 29 insertions, 249 deletions
diff --git a/src/session.c b/src/session.c index eded1416..ad411239 100644 --- a/src/session.c +++ b/src/session.c @@ -20,16 +20,24 @@ * */ +#define _GNU_SOURCE +#include <stdio.h> +#include <time.h> +#include <pthread.h> +#include <stdlib.h> +#include <string.h> +#include <uuid/uuid.h> +#include <assert.h> + -#include "local-def.h" +/* #include <dirent.h> #include <string.h> -#include <time.h> #include <sys/stat.h> #include <sys/types.h> -#include <pthread.h> #include <search.h> #include <assert.h> +*/ #include "afb-apis.h" #include "session.h" @@ -103,7 +111,7 @@ found: return client; } -static AFB_error ctxStoreDel (AFB_clientCtx *client) +static int ctxStoreDel (AFB_clientCtx *client) { int idx; int status; @@ -117,22 +125,22 @@ static AFB_error ctxStoreDel (AFB_clientCtx *client) sessions.store[idx]=NULL; sessions.count--; ctxUuidFreeCB (client); - status = AFB_SUCCESS; + status = 1; goto deleted; } } - status = AFB_FAIL; + status = 0; deleted: pthread_mutex_unlock(&sessions.mutex); return status; } -static AFB_error ctxStoreAdd (AFB_clientCtx *client) +static int ctxStoreAdd (AFB_clientCtx *client) { int idx; int status; - if (client == NULL) - return AFB_FAIL; + + assert (client != NULL); //fprintf (stderr, "ctxStoreAdd request uuid=%s count=%d\n", client->uuid, sessions.count); @@ -142,12 +150,11 @@ static AFB_error ctxStoreAdd (AFB_clientCtx *client) if (NULL == sessions.store[idx]) { sessions.store[idx]= client; sessions.count++; - status = AFB_SUCCESS; + status = 1; goto added; } } - status = AFB_FAIL; - + status = 0; added: pthread_mutex_unlock(&sessions.mutex); return status; @@ -169,241 +176,14 @@ void ctxStoreGarbage () // Loop on Sessions Table and remove anything that is older than timeout for (idx=0; idx < sessions.max; idx++) { ctx = sessions.store[idx]; - if ((ctx != NULL) && (ctxStoreTooOld(ctx, now))) { + if (ctx != NULL && ctxStoreTooOld(ctx, now)) { ctxStoreDel (ctx); } } } // This function will return exiting client context or newly created client context -AFB_clientCtx *ctxClientGet (AFB_request *request) -{ - AFB_clientCtx *clientCtx=NULL; - const char *uuid; - uuid_t newuuid; - - if (request->config->token == NULL) return NULL; - - // Check if client as a context or not inside the URL - uuid = NULL; //MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_uuid); - - // if UUID in query we're restfull with no cookies otherwise check for cookie - if (uuid != NULL) - request->restfull = TRUE; - else { - char cookie[64]; - request->restfull = FALSE; - snprintf(cookie, sizeof cookie, "%s-%d", COOKIE_NAME, request->config->httpdPort); - uuid = NULL; //MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, cookie); - }; - - // Warning when no cookie defined MHD_lookup_connection_value may return something !!! - if ((uuid != NULL) && (strnlen (uuid, 10) >= 10)) { - // search if client context exist and it not timeout let's use it - clientCtx = ctxStoreSearch (uuid); - - if (clientCtx) { - if (ctxStoreTooOld (clientCtx, NOW)) { - // this session is too old let's delete it - ctxStoreDel (clientCtx); - clientCtx = NULL; - } else { - return clientCtx; - } - } - } - - // we have no session let's create one otherwise let's clean any exiting values - if (clientCtx == NULL) { - clientCtx = calloc(1, sizeof(AFB_clientCtx)); // init NULL clientContext - clientCtx->contexts = calloc ((unsigned)sessions.apicount, sizeof (void*)); - } - - uuid_generate(newuuid); // create a new UUID - uuid_unparse_lower(newuuid, clientCtx->uuid); - - // if table is full at 50% let's clean it up - if(sessions.count > (sessions.max / 2)) ctxStoreGarbage(); - - // finally add uuid into hashtable - if (AFB_SUCCESS != ctxStoreAdd (clientCtx)) { - free (clientCtx); - return NULL; - } - return clientCtx; -} - -// Sample Generic Ping Debug API -AFB_error ctxTokenCheck (AFB_clientCtx *clientCtx, AFB_request *request) -{ - const char *token; - - if (clientCtx->contexts == NULL) - return AFB_EMPTY; - - // this time have to extract token from query list - token = NULL; //MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); - - // if not token is providing we refuse the exchange - if ((token == NULL) || (clientCtx->token == NULL)) - return AFB_FALSE; - - // compare current token with previous one - if ((0 == strcmp (token, clientCtx->token)) && (!ctxStoreTooOld (clientCtx, NOW))) { - return AFB_SUCCESS; - } - - // Token is not valid let move level of assurance to zero and free attached client handle - return AFB_FAIL; -} - -// Free Client Session Context -AFB_error ctxTokenReset (AFB_clientCtx *clientCtx, AFB_request *request) -{ - if (clientCtx == NULL) - return AFB_EMPTY; - //if (verbose) fprintf (stderr, "ctxClientReset New uuid=[%s] token=[%s] timestamp=%d\n", clientCtx->uuid, clientCtx->token, clientCtx->timeStamp); - - // Search for an existing client with the same UUID - clientCtx = ctxStoreSearch (clientCtx->uuid); - if (clientCtx == NULL) - return AFB_FALSE; - - // Remove client from table - ctxStoreDel (clientCtx); - - return AFB_SUCCESS; -} - -// generate a new token -AFB_error ctxTokenCreate (AFB_clientCtx *clientCtx, AFB_request *request) -{ - uuid_t newuuid; - const char *token; - - if (clientCtx == NULL) - return AFB_EMPTY; - - // if config->token!="" then verify that we have the right initial share secret - if (request->config->token[0] != '\0') { - - // check for initial token secret and return if not presented - token = NULL; //MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); - if (token == NULL) - return AFB_UNAUTH; - - // verify that it fits with initial tokens fit - if (strcmp(request->config->token, token)) - return AFB_UNAUTH; - } - - // create a UUID as token value - uuid_generate(newuuid); - uuid_unparse_lower(newuuid, clientCtx->token); - - // keep track of time for session timeout and further clean up - clientCtx->timeStamp = time(NULL) + sessions.timeout; - - // Token is also store in context but it might be convenient for plugin to access it directly - return AFB_SUCCESS; -} - - -// generate a new token and update client context -AFB_error ctxTokenRefresh (AFB_clientCtx *clientCtx, AFB_request *request) -{ - uuid_t newuuid; - - if (clientCtx == NULL) - return AFB_EMPTY; - - // Check if the old token is valid - if (ctxTokenCheck (clientCtx, request) != AFB_SUCCESS) - return AFB_FAIL; - - // Old token was valid let's regenerate a new one - uuid_generate(newuuid); // create a new UUID - uuid_unparse_lower(newuuid, clientCtx->token); - - // keep track of time for session timeout and further clean up - clientCtx->timeStamp = time(NULL) + sessions.timeout; - - return AFB_SUCCESS; -} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// This function will return exiting client context or newly created client context -AFB_clientCtx *_ctxClientGet (const char *uuid) +AFB_clientCtx *ctxClientGet (const char *uuid) { uuid_t newuuid; AFB_clientCtx *clientCtx; @@ -434,7 +214,7 @@ AFB_clientCtx *_ctxClientGet (const char *uuid) uuid_unparse_lower(newuuid, clientCtx->uuid); clientCtx->timeStamp = time(NULL) + sessions.timeout; strcpy(clientCtx->token, sessions.initok); - if (AFB_SUCCESS == ctxStoreAdd (clientCtx)) + if (ctxStoreAdd (clientCtx)) return clientCtx; free(clientCtx->contexts); } @@ -444,32 +224,32 @@ AFB_clientCtx *_ctxClientGet (const char *uuid) } // Free Client Session Context -AFB_error _ctxClientDel (AFB_clientCtx *clientCtx) +int ctxClientClose (AFB_clientCtx *clientCtx) { assert(clientCtx != NULL); return ctxStoreDel (clientCtx); } // Sample Generic Ping Debug API -AFB_error _ctxTokenCheck (AFB_clientCtx *clientCtx, const char *token) +int ctxTokenCheck (AFB_clientCtx *clientCtx, const char *token) { assert(clientCtx != NULL); assert(token != NULL); // compare current token with previous one if (ctxStoreTooOld (clientCtx, NOW)) - return AFB_FAIL; + return 0; if (!clientCtx->token[0] || 0 == strcmp (token, clientCtx->token)) { clientCtx->timeStamp = time(NULL) + sessions.timeout; - return AFB_SUCCESS; + return 1; } // Token is not valid let move level of assurance to zero and free attached client handle - return AFB_FAIL; + return 0; } // generate a new token and update client context -AFB_error _ctxTokenNew (AFB_clientCtx *clientCtx) +int ctxTokenNew (AFB_clientCtx *clientCtx) { uuid_t newuuid; @@ -482,6 +262,6 @@ AFB_error _ctxTokenNew (AFB_clientCtx *clientCtx) // keep track of time for session timeout and further clean up clientCtx->timeStamp = time(NULL) + sessions.timeout; - return AFB_SUCCESS; + return 1; } |