X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fsession.c;h=936bb4dff8060a6f48a0c8b8bf86204c611654fd;hb=56f9ef4581d567248b6f83a3b15f39a0aca42895;hp=9569b46c1cf51721aef24b973f3c14cfc493b0f9;hpb=ca208671cc79bbc05c574df788035878e5d39382;p=src%2Fapp-framework-binder.git diff --git a/src/session.c b/src/session.c index 9569b46c..936bb4df 100644 --- a/src/session.c +++ b/src/session.c @@ -20,313 +20,266 @@ * */ - -#include "local-def.h" -#include -#include +#define _GNU_SOURCE +#include #include -#include -#include #include -#include +#include +#include +#include +#include #include "afb-apis.h" +#include "session.h" + +#define NOW (time(NULL)) // Session UUID are store in a simple array [for 10 sessions this should be enough] static struct { pthread_mutex_t mutex; // declare a mutex to protect hash table - AFB_clientCtx **store; // sessions store + struct AFB_clientCtx **store; // sessions store int count; // current number of sessions int max; + int timeout; + int apicount; + const char *initok; } sessions; -static const char key_uuid[] = "uuid"; -static const char key_token[] = "token"; - // Free context [XXXX Should be protected again memory abort XXXX] -static void ctxUuidFreeCB (AFB_clientCtx *client) +static void ctxUuidFreeCB (struct AFB_clientCtx *client) { - int idx, cnt; - - // If application add a handle let's free it now - if (client->contexts != NULL) { - - cnt = afb_apis_count(); - // Free client handle with a standard Free function, with app callback or ignore it - for (idx=0; idx < cnt; idx ++) { - if (client->contexts[idx] != NULL) { - afb_apis_free_context(idx, client->contexts[idx]); - } - } - } + int idx; + + // If application add a handle let's free it now + assert (client->contexts != NULL); + + // Free client handle with a standard Free function, with app callback or ignore it + for (idx=0; idx < sessions.apicount; idx ++) { + if (client->contexts[idx] != NULL) { + afb_apis_free_context(idx, client->contexts[idx]); + client->contexts[idx] = NULL; + } + } } // Create a new store in RAM, not that is too small it will be automatically extended -void ctxStoreInit (int nbSession) +void ctxStoreInit (int nbSession, int timeout, const char *initok) { - - // let's create as store as hashtable does not have any - sessions.store = calloc (1 + (unsigned)nbSession, sizeof(AFB_clientCtx)); - sessions.max = nbSession; + // let's create as store as hashtable does not have any + sessions.store = calloc (1 + (unsigned)nbSession, sizeof(struct AFB_clientCtx)); + sessions.max = nbSession; + sessions.timeout = timeout; + sessions.apicount = afb_apis_count(); + if (strlen(initok) >= 37) { + fprintf(stderr, "Error: initial token '%s' too long (max length 36)", initok); + exit(1); + } + sessions.initok = initok; } -static AFB_clientCtx *ctxStoreSearch (const char* uuid) +static struct AFB_clientCtx *ctxStoreSearch (const char* uuid) { int idx; - AFB_clientCtx *client; + struct AFB_clientCtx *client; - if (uuid == NULL) - return NULL; + assert (uuid != NULL); pthread_mutex_lock(&sessions.mutex); for (idx=0; idx < sessions.max; idx++) { - if (sessions.store[idx] && (0 == strcmp (uuid, sessions.store[idx]->uuid))) break; + client = sessions.store[idx]; + if (client && (0 == strcmp (uuid, client->uuid))) + goto found; } + client = NULL; - if (idx == sessions.max) client=NULL; - else client= sessions.store[idx]; +found: pthread_mutex_unlock(&sessions.mutex); - return client; } -static AFB_error ctxStoreDel (AFB_clientCtx *client) +static int ctxStoreDel (struct AFB_clientCtx *client) { int idx; int status; - if (client == NULL) - return AFB_FAIL; + assert (client != NULL); pthread_mutex_lock(&sessions.mutex); for (idx=0; idx < sessions.max; idx++) { - if (sessions.store[idx] && (0 == strcmp (client->uuid, sessions.store[idx]->uuid))) break; - } - - if (idx == sessions.max) - status = AFB_FAIL; - else { - sessions.count--; - ctxUuidFreeCB (sessions.store[idx]); - sessions.store[idx]=NULL; - status = AFB_SUCCESS; + if (sessions.store[idx] == client) { + sessions.store[idx]=NULL; + sessions.count--; + status = 1; + goto deleted; + } } - + status = 0; +deleted: pthread_mutex_unlock(&sessions.mutex); return status; } -static AFB_error ctxStoreAdd (AFB_clientCtx *client) +static int ctxStoreAdd (struct AFB_clientCtx *client) { int idx; int status; - if (client == NULL) - return AFB_FAIL; + + assert (client != NULL); //fprintf (stderr, "ctxStoreAdd request uuid=%s count=%d\n", client->uuid, sessions.count); pthread_mutex_lock(&sessions.mutex); for (idx=0; idx < sessions.max; idx++) { - if (NULL == sessions.store[idx]) break; - } - - if (idx == sessions.max) status=AFB_FAIL; - else { - status=AFB_SUCCESS; - sessions.count ++; - sessions.store[idx]= client; + if (NULL == sessions.store[idx]) { + sessions.store[idx]= client; + sessions.count++; + status = 1; + goto added; + } } - + status = 0; +added: pthread_mutex_unlock(&sessions.mutex); return status; } // Check if context timeout or not -static int ctxStoreTooOld (AFB_clientCtx *ctx, int timeout) +static int ctxStoreTooOld (struct AFB_clientCtx *ctx, time_t now) { - int res; - time_t now = time(NULL); - res = (ctx->timeStamp + timeout) <= now; - return res; + return ctx->expiration <= now; } // Loop on every entry and remove old context sessions.hash -void ctxStoreGarbage (const int timeout) +static void ctxStoreCleanUp (time_t now) { - AFB_clientCtx *ctx; - long idx; - - // Loop on Sessions Table and remove anything that is older than timeout - for (idx=0; idx < sessions.max; idx++) { - ctx = sessions.store[idx]; - if ((ctx != NULL) && (ctxStoreTooOld(ctx, timeout))) { - ctxStoreDel (ctx); - } - } + struct AFB_clientCtx *ctx; + long idx; + + // Loop on Sessions Table and remove anything that is older than timeout + for (idx=0; idx < sessions.max; idx++) { + ctx = sessions.store[idx]; + if (ctx != NULL && ctxStoreTooOld(ctx, now)) { + ctxClientClose (ctx); + } + } } // This function will return exiting client context or newly created client context -AFB_clientCtx *ctxClientGet (AFB_request *request, int apiidx) +struct AFB_clientCtx *ctxClientGetForUuid (const char *uuid) { - AFB_clientCtx *clientCtx=NULL; - const char *uuid; - uuid_t newuuid; - - if (request->config->token == NULL) return NULL; - - // Check if client as a context or not inside the URL - uuid = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_uuid); - - // if UUID in query we're restfull with no cookies otherwise check for cookie - if (uuid != NULL) - request->restfull = TRUE; - else { - char cookie[64]; - request->restfull = FALSE; - snprintf(cookie, sizeof cookie, "%s-%d", COOKIE_NAME, request->config->httpdPort); - uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, cookie); - }; - - // Warning when no cookie defined MHD_lookup_connection_value may return something !!! - if ((uuid != NULL) && (strnlen (uuid, 10) >= 10)) { - // search if client context exist and it not timeout let's use it - clientCtx = ctxStoreSearch (uuid); - + uuid_t newuuid; + struct AFB_clientCtx *clientCtx; + time_t now; + + /* search for an existing one not too old */ + now = NOW; + ctxStoreCleanUp (now); + clientCtx = uuid != NULL ? ctxStoreSearch (uuid) : NULL; if (clientCtx) { - if (ctxStoreTooOld (clientCtx, request->config->cntxTimeout)) { - // this session is too old let's delete it - ctxStoreDel (clientCtx); - clientCtx = NULL; - } else { - request->context = clientCtx->contexts[apiidx]; - request->uuid = uuid; - return clientCtx; - } + clientCtx->refcount++; + return clientCtx; } - } - - // we have no session let's create one otherwise let's clean any exiting values - if (clientCtx == NULL) { - clientCtx = calloc(1, sizeof(AFB_clientCtx)); // init NULL clientContext - clientCtx->contexts = calloc ((unsigned)afb_apis_count(), sizeof (void*)); - } - uuid_generate(newuuid); // create a new UUID - uuid_unparse_lower(newuuid, clientCtx->uuid); - - // if table is full at 50% let's clean it up - if(sessions.count > (sessions.max / 2)) ctxStoreGarbage(request->config->cntxTimeout); - - // finally add uuid into hashtable - if (AFB_SUCCESS != ctxStoreAdd (clientCtx)) { - free (clientCtx); - return NULL; - } - - // if (verbose) fprintf (stderr, "ctxClientGet New uuid=[%s] token=[%s] timestamp=%d\n", clientCtx->uuid, clientCtx->token, clientCtx->timeStamp); - request->context = clientCtx->contexts[apiidx]; - request->uuid = clientCtx->uuid; - return clientCtx; + /* mimic old behaviour */ + if (sessions.initok == NULL) + return NULL; + + /* check the uuid if given */ + if (uuid != NULL && 1 + strlen(uuid) >= sizeof clientCtx->uuid) + return NULL; + + /* returns a new one */ + clientCtx = calloc(1, sizeof(struct AFB_clientCtx)); // init NULL clientContext + if (clientCtx != NULL) { + clientCtx->contexts = calloc ((unsigned)sessions.apicount, sizeof (void*)); + if (clientCtx->contexts != NULL) { + /* generate the uuid */ + if (uuid == NULL) { + uuid_generate(newuuid); + uuid_unparse_lower(newuuid, clientCtx->uuid); + } else { + strcpy(clientCtx->uuid, uuid); + } + strcpy(clientCtx->token, sessions.initok); + clientCtx->expiration = now + sessions.timeout; + clientCtx->refcount = 1; + if (ctxStoreAdd (clientCtx)) + return clientCtx; + free(clientCtx->contexts); + } + free(clientCtx); + } + return NULL; } -// Sample Generic Ping Debug API -AFB_error ctxTokenCheck (AFB_clientCtx *clientCtx, AFB_request *request) +struct AFB_clientCtx *ctxClientGet(struct AFB_clientCtx *clientCtx) { - const char *token; - - if (clientCtx->contexts == NULL) - return AFB_EMPTY; - - // this time have to extract token from query list - token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); - - // if not token is providing we refuse the exchange - if ((token == NULL) || (clientCtx->token == NULL)) - return AFB_FALSE; - - // compare current token with previous one - if ((0 == strcmp (token, clientCtx->token)) && (!ctxStoreTooOld (clientCtx, request->config->cntxTimeout))) { - return AFB_SUCCESS; - } + if (clientCtx != NULL) + clientCtx->refcount++; + return clientCtx; +} - // Token is not valid let move level of assurance to zero and free attached client handle - return AFB_FAIL; +void ctxClientPut(struct AFB_clientCtx *clientCtx) +{ + if (clientCtx != NULL) { + assert(clientCtx->refcount != 0); + --clientCtx->refcount; + } } // Free Client Session Context -AFB_error ctxTokenReset (AFB_clientCtx *clientCtx, AFB_request *request) +void ctxClientClose (struct AFB_clientCtx *clientCtx) { - if (clientCtx == NULL) - return AFB_EMPTY; - //if (verbose) fprintf (stderr, "ctxClientReset New uuid=[%s] token=[%s] timestamp=%d\n", clientCtx->uuid, clientCtx->token, clientCtx->timeStamp); - - // Search for an existing client with the same UUID - clientCtx = ctxStoreSearch (clientCtx->uuid); - if (clientCtx == NULL) - return AFB_FALSE; - - // Remove client from table - ctxStoreDel (clientCtx); - - return AFB_SUCCESS; + assert(clientCtx != NULL); + if (clientCtx->created) { + clientCtx->created = 0; + ctxUuidFreeCB (clientCtx); + } + if (clientCtx->refcount == 0) + ctxStoreDel (clientCtx); } -// generate a new token -AFB_error ctxTokenCreate (AFB_clientCtx *clientCtx, AFB_request *request) +// Sample Generic Ping Debug API +int ctxTokenCheckLen (struct AFB_clientCtx *clientCtx, const char *token, size_t length) { - uuid_t newuuid; - const char *token; + assert(clientCtx != NULL); + assert(token != NULL); - if (clientCtx == NULL) - return AFB_EMPTY; + // compare current token with previous one + if (ctxStoreTooOld (clientCtx, NOW)) + return 0; - // if config->token!="" then verify that we have the right initial share secret - if (request->config->token[0] != '\0') { - - // check for initial token secret and return if not presented - token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); - if (token == NULL) - return AFB_UNAUTH; - - // verify that it fits with initial tokens fit - if (strcmp(request->config->token, token)) - return AFB_UNAUTH; - } + if (clientCtx->token[0] && (length >= sizeof(clientCtx->token) || strncmp (token, clientCtx->token, length) || clientCtx->token[length])) + return 0; - // create a UUID as token value - uuid_generate(newuuid); - uuid_unparse_lower(newuuid, clientCtx->token); + clientCtx->created = 1; /* creates by default */ + return 1; +} - // keep track of time for session timeout and further clean up - clientCtx->timeStamp=time(NULL); +// Sample Generic Ping Debug API +int ctxTokenCheck (struct AFB_clientCtx *clientCtx, const char *token) +{ + assert(clientCtx != NULL); + assert(token != NULL); - // Token is also store in context but it might be convenient for plugin to access it directly - return AFB_SUCCESS; + return ctxTokenCheckLen(clientCtx, token, strlen(token)); } - // generate a new token and update client context -AFB_error ctxTokenRefresh (AFB_clientCtx *clientCtx, AFB_request *request) +void ctxTokenNew (struct AFB_clientCtx *clientCtx) { - uuid_t newuuid; - - if (clientCtx == NULL) - return AFB_EMPTY; - - // Check if the old token is valid - if (ctxTokenCheck (clientCtx, request) != AFB_SUCCESS) - return AFB_FAIL; + uuid_t newuuid; - // Old token was valid let's regenerate a new one - uuid_generate(newuuid); // create a new UUID - uuid_unparse_lower(newuuid, clientCtx->token); + assert(clientCtx != NULL); - // keep track of time for session timeout and further clean up - clientCtx->timeStamp=time(NULL); + // Old token was valid let's regenerate a new one + uuid_generate(newuuid); // create a new UUID + uuid_unparse_lower(newuuid, clientCtx->token); - return AFB_SUCCESS; + // keep track of time for session timeout and further clean up + clientCtx->expiration = NOW + sessions.timeout; }