X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fsession.c;h=eded14165b743330549d103534d7bdcc6ac88694;hb=1205c90cccd3144bab24b4b5fd8dcbf0d0e6b570;hp=743f825470ac85cb848625f56cd0a639eec27fa7;hpb=8ca3d16606a99ef91d01a623dbe5ce1331688953;p=src%2Fapp-framework-binder.git diff --git a/src/session.c b/src/session.c index 743f8254..eded1416 100644 --- a/src/session.c +++ b/src/session.c @@ -29,7 +29,12 @@ #include #include #include +#include +#include "afb-apis.h" +#include "session.h" + +#define NOW (time(NULL)) // Session UUID are store in a simple array [for 10 sessions this should be enough] static struct { @@ -37,6 +42,9 @@ static struct { AFB_clientCtx **store; // sessions store int count; // current number of sessions int max; + int timeout; + int apicount; + const char *initok; } sessions; static const char key_uuid[] = "uuid"; @@ -45,34 +53,33 @@ static const char key_token[] = "token"; // Free context [XXXX Should be protected again memory abort XXXX] static void ctxUuidFreeCB (AFB_clientCtx *client) { - - AFB_plugin **plugins = client->plugins; - AFB_freeCtxCB freeCtxCB; int idx; // If application add a handle let's free it now if (client->contexts != NULL) { // Free client handle with a standard Free function, with app callback or ignore it - for (idx=0; client->plugins[idx] != NULL; idx ++) { + for (idx=0; idx < sessions.apicount; idx ++) { if (client->contexts[idx] != NULL) { - freeCtxCB = client->plugins[idx]->freeCtxCB; - if (freeCtxCB == NULL) - free (client->contexts[idx]); - else if (freeCtxCB != (void*)-1) - freeCtxCB(client->contexts[idx], plugins[idx]->handle, client->uuid); + afb_apis_free_context(idx, client->contexts[idx]); } } } } // Create a new store in RAM, not that is too small it will be automatically extended -void ctxStoreInit (int nbSession) +void ctxStoreInit (int nbSession, int timeout, int apicount, const char *initok) { - - // let's create as store as hashtable does not have any - sessions.store = calloc (1 + (unsigned)nbSession, sizeof(AFB_clientCtx)); - sessions.max = nbSession; + // let's create as store as hashtable does not have any + sessions.store = calloc (1 + (unsigned)nbSession, sizeof(AFB_clientCtx)); + sessions.max = nbSession; + sessions.timeout = timeout; + sessions.apicount = apicount; + if (strlen(initok) >= 37) { + fprintf(stderr, "Error: initial token '%s' too long (max length 36)", initok); + exit(1); + } + sessions.initok = initok; } static AFB_clientCtx *ctxStoreSearch (const char* uuid) @@ -80,19 +87,19 @@ static AFB_clientCtx *ctxStoreSearch (const char* uuid) int idx; AFB_clientCtx *client; - if (uuid == NULL) - return NULL; + assert (uuid != NULL); pthread_mutex_lock(&sessions.mutex); for (idx=0; idx < sessions.max; idx++) { - if (sessions.store[idx] && (0 == strcmp (uuid, sessions.store[idx]->uuid))) break; + client = sessions.store[idx]; + if (client && (0 == strcmp (uuid, client->uuid))) + goto found; } + client = NULL; - if (idx == sessions.max) client=NULL; - else client= sessions.store[idx]; +found: pthread_mutex_unlock(&sessions.mutex); - return client; } @@ -101,24 +108,21 @@ static AFB_error ctxStoreDel (AFB_clientCtx *client) int idx; int status; - if (client == NULL) - return AFB_FAIL; + assert (client != NULL); pthread_mutex_lock(&sessions.mutex); for (idx=0; idx < sessions.max; idx++) { - if (sessions.store[idx] && (0 == strcmp (client->uuid, sessions.store[idx]->uuid))) break; + if (sessions.store[idx] == client) { + sessions.store[idx]=NULL; + sessions.count--; + ctxUuidFreeCB (client); + status = AFB_SUCCESS; + goto deleted; + } } - - if (idx == sessions.max) - status = AFB_FAIL; - else { - sessions.count--; - ctxUuidFreeCB (sessions.store[idx]); - sessions.store[idx]=NULL; - status = AFB_SUCCESS; - } - + status = AFB_FAIL; +deleted: pthread_mutex_unlock(&sessions.mutex); return status; } @@ -135,46 +139,44 @@ static AFB_error ctxStoreAdd (AFB_clientCtx *client) pthread_mutex_lock(&sessions.mutex); for (idx=0; idx < sessions.max; idx++) { - if (NULL == sessions.store[idx]) break; - } - - if (idx == sessions.max) status=AFB_FAIL; - else { - status=AFB_SUCCESS; - sessions.count ++; - sessions.store[idx]= client; + if (NULL == sessions.store[idx]) { + sessions.store[idx]= client; + sessions.count++; + status = AFB_SUCCESS; + goto added; + } } + status = AFB_FAIL; +added: pthread_mutex_unlock(&sessions.mutex); return status; } // Check if context timeout or not -static int ctxStoreToOld (AFB_clientCtx *ctx, int timeout) +static int ctxStoreTooOld (AFB_clientCtx *ctx, time_t now) { - int res; - time_t now = time(NULL); - res = (ctx->timeStamp + timeout) <= now; - return res; + return ctx->timeStamp <= now; } // Loop on every entry and remove old context sessions.hash -void ctxStoreGarbage (const int timeout) +void ctxStoreGarbage () { AFB_clientCtx *ctx; long idx; + time_t now = NOW; // Loop on Sessions Table and remove anything that is older than timeout for (idx=0; idx < sessions.max; idx++) { - ctx=sessions.store[idx]; - if ((ctx != NULL) && (ctxStoreToOld(ctx, timeout))) { + ctx = sessions.store[idx]; + if ((ctx != NULL) && (ctxStoreTooOld(ctx, now))) { ctxStoreDel (ctx); } } } // This function will return exiting client context or newly created client context -AFB_clientCtx *ctxClientGet (AFB_request *request, int idx) +AFB_clientCtx *ctxClientGet (AFB_request *request) { AFB_clientCtx *clientCtx=NULL; const char *uuid; @@ -183,7 +185,7 @@ AFB_clientCtx *ctxClientGet (AFB_request *request, int idx) if (request->config->token == NULL) return NULL; // Check if client as a context or not inside the URL - uuid = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_uuid); + uuid = NULL; //MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_uuid); // if UUID in query we're restfull with no cookies otherwise check for cookie if (uuid != NULL) @@ -192,7 +194,7 @@ AFB_clientCtx *ctxClientGet (AFB_request *request, int idx) char cookie[64]; request->restfull = FALSE; snprintf(cookie, sizeof cookie, "%s-%d", COOKIE_NAME, request->config->httpdPort); - uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, cookie); + uuid = NULL; //MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, cookie); }; // Warning when no cookie defined MHD_lookup_connection_value may return something !!! @@ -201,14 +203,11 @@ AFB_clientCtx *ctxClientGet (AFB_request *request, int idx) clientCtx = ctxStoreSearch (uuid); if (clientCtx) { - if (ctxStoreToOld (clientCtx, request->config->cntxTimeout)) { + if (ctxStoreTooOld (clientCtx, NOW)) { // this session is too old let's delete it ctxStoreDel (clientCtx); clientCtx = NULL; } else { - request->context=clientCtx->contexts[idx]; - request->handle = clientCtx->plugins[idx]->handle; - request->uuid= uuid; return clientCtx; } } @@ -217,26 +216,20 @@ AFB_clientCtx *ctxClientGet (AFB_request *request, int idx) // we have no session let's create one otherwise let's clean any exiting values if (clientCtx == NULL) { clientCtx = calloc(1, sizeof(AFB_clientCtx)); // init NULL clientContext - clientCtx->contexts = calloc (1, (unsigned)request->config->pluginCount * (sizeof (void*))); - clientCtx->plugins = request->plugins; + clientCtx->contexts = calloc ((unsigned)sessions.apicount, sizeof (void*)); } uuid_generate(newuuid); // create a new UUID uuid_unparse_lower(newuuid, clientCtx->uuid); // if table is full at 50% let's clean it up - if(sessions.count > (sessions.max / 2)) ctxStoreGarbage(request->config->cntxTimeout); + if(sessions.count > (sessions.max / 2)) ctxStoreGarbage(); // finally add uuid into hashtable if (AFB_SUCCESS != ctxStoreAdd (clientCtx)) { free (clientCtx); return NULL; } - - // if (verbose) fprintf (stderr, "ctxClientGet New uuid=[%s] token=[%s] timestamp=%d\n", clientCtx->uuid, clientCtx->token, clientCtx->timeStamp); - request->context = clientCtx->contexts[idx]; - request->handle = clientCtx->plugins[idx]->handle; - request->uuid=clientCtx->uuid; return clientCtx; } @@ -249,14 +242,14 @@ AFB_error ctxTokenCheck (AFB_clientCtx *clientCtx, AFB_request *request) return AFB_EMPTY; // this time have to extract token from query list - token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); + token = NULL; //MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); // if not token is providing we refuse the exchange if ((token == NULL) || (clientCtx->token == NULL)) return AFB_FALSE; // compare current token with previous one - if ((0 == strcmp (token, clientCtx->token)) && (!ctxStoreToOld (clientCtx, request->config->cntxTimeout))) { + if ((0 == strcmp (token, clientCtx->token)) && (!ctxStoreTooOld (clientCtx, NOW))) { return AFB_SUCCESS; } @@ -295,7 +288,7 @@ AFB_error ctxTokenCreate (AFB_clientCtx *clientCtx, AFB_request *request) if (request->config->token[0] != '\0') { // check for initial token secret and return if not presented - token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); + token = NULL; //MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token); if (token == NULL) return AFB_UNAUTH; @@ -309,7 +302,7 @@ AFB_error ctxTokenCreate (AFB_clientCtx *clientCtx, AFB_request *request) uuid_unparse_lower(newuuid, clientCtx->token); // keep track of time for session timeout and further clean up - clientCtx->timeStamp=time(NULL); + clientCtx->timeStamp = time(NULL) + sessions.timeout; // Token is also store in context but it might be convenient for plugin to access it directly return AFB_SUCCESS; @@ -333,8 +326,162 @@ AFB_error ctxTokenRefresh (AFB_clientCtx *clientCtx, AFB_request *request) uuid_unparse_lower(newuuid, clientCtx->token); // keep track of time for session timeout and further clean up - clientCtx->timeStamp=time(NULL); + clientCtx->timeStamp = time(NULL) + sessions.timeout; return AFB_SUCCESS; } + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +// This function will return exiting client context or newly created client context +AFB_clientCtx *_ctxClientGet (const char *uuid) +{ + uuid_t newuuid; + AFB_clientCtx *clientCtx; + + /* search for an existing one not too old */ + clientCtx = uuid != NULL ? ctxStoreSearch (uuid) : NULL; + if (clientCtx) { + if (!ctxStoreTooOld (clientCtx, NOW)) + return clientCtx; + ctxStoreDel (clientCtx); + } + + /* mimic old behaviour */ + if (sessions.initok == NULL) + return NULL; + + /* cleanup before creating */ + if(2 * sessions.count >= sessions.max) + ctxStoreGarbage(); + + /* returns a new one */ + clientCtx = calloc(1, sizeof(AFB_clientCtx)); // init NULL clientContext + if (clientCtx != NULL) { + clientCtx->contexts = calloc ((unsigned)sessions.apicount, sizeof (void*)); + if (clientCtx->contexts != NULL) { + /* generate the uuid */ + uuid_generate(newuuid); + uuid_unparse_lower(newuuid, clientCtx->uuid); + clientCtx->timeStamp = time(NULL) + sessions.timeout; + strcpy(clientCtx->token, sessions.initok); + if (AFB_SUCCESS == ctxStoreAdd (clientCtx)) + return clientCtx; + free(clientCtx->contexts); + } + free(clientCtx); + } + return NULL; +} + +// Free Client Session Context +AFB_error _ctxClientDel (AFB_clientCtx *clientCtx) +{ + assert(clientCtx != NULL); + return ctxStoreDel (clientCtx); +} + +// Sample Generic Ping Debug API +AFB_error _ctxTokenCheck (AFB_clientCtx *clientCtx, const char *token) +{ + assert(clientCtx != NULL); + assert(token != NULL); + + // compare current token with previous one + if (ctxStoreTooOld (clientCtx, NOW)) + return AFB_FAIL; + if (!clientCtx->token[0] || 0 == strcmp (token, clientCtx->token)) { + clientCtx->timeStamp = time(NULL) + sessions.timeout; + return AFB_SUCCESS; + } + + // Token is not valid let move level of assurance to zero and free attached client handle + return AFB_FAIL; +} + +// generate a new token and update client context +AFB_error _ctxTokenNew (AFB_clientCtx *clientCtx) +{ + uuid_t newuuid; + + assert(clientCtx != NULL); + + // Old token was valid let's regenerate a new one + uuid_generate(newuuid); // create a new UUID + uuid_unparse_lower(newuuid, clientCtx->token); + + // keep track of time for session timeout and further clean up + clientCtx->timeStamp = time(NULL) + sessions.timeout; + + return AFB_SUCCESS; +} +