diff options
author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2012-06-26 21:52:21 -0500 |
---|---|---|
committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2012-06-26 21:52:21 -0500 |
commit | 9c9085621bf01f9b39e15eb856ff521ecb01fccf (patch) | |
tree | 0d912f472a89ffccbcc3bb79ceed6a2b3a350118 | |
parent | b2f2dba837c0d28bf73ec36933af901f484633f5 (diff) | |
download | ulab-9c9085621bf01f9b39e15eb856ff521ecb01fccf.tar.gz ulab-9c9085621bf01f9b39e15eb856ff521ecb01fccf.zip |
Fix krb client/server sockets
-rw-r--r-- | clients/tde/src/app/remotemdi.cpp | 1 | ||||
-rw-r--r-- | lib/libtdekrb/src/tdekrbclientsocket.cpp | 17 | ||||
-rw-r--r-- | lib/libtdekrb/src/tdekrbserversocket.cpp | 17 | ||||
-rw-r--r-- | protocol.txt | 8 | ||||
-rw-r--r-- | servers/auth_server_lin/src/auth_conn.cpp | 62 | ||||
-rw-r--r-- | servers/auth_server_lin/src/auth_conn.h | 1 | ||||
-rw-r--r-- | servers/fpga_server_lin/src/fpga_conn.cpp | 38 |
7 files changed, 121 insertions, 23 deletions
diff --git a/clients/tde/src/app/remotemdi.cpp b/clients/tde/src/app/remotemdi.cpp index 9d40365..4d355e3 100644 --- a/clients/tde/src/app/remotemdi.cpp +++ b/clients/tde/src/app/remotemdi.cpp @@ -174,6 +174,7 @@ void RemoteMDI::promptForStationType() { ds << TQString("BIND"); ds << select.m_selectedStation; ds >> result; +printf("[RAJA DEBUG 100.0] '%s'\n\r", result.ascii()); fflush(stdout); if (result == "OK") { // Success, do nothing } diff --git a/lib/libtdekrb/src/tdekrbclientsocket.cpp b/lib/libtdekrb/src/tdekrbclientsocket.cpp index 647da73..96833a2 100644 --- a/lib/libtdekrb/src/tdekrbclientsocket.cpp +++ b/lib/libtdekrb/src/tdekrbclientsocket.cpp @@ -171,7 +171,7 @@ bool TDEKerberosClientSocket::atEnd() const { bool ret; if (m_kerberosRequested) { - return (m_buffer->at() >= (unsigned long)m_bufferLength); + ret = TQSocket::atEnd(); } else { ret = TQSocket::atEnd(); @@ -230,6 +230,9 @@ TQ_LONG TDEKerberosClientSocket::readBlock(char *data, TQ_ULONG maxlen) { } free(buf); + if (maxlen > (unsigned int)m_bufferLength) { + maxlen = m_bufferLength; + } m_buffer->at(0); ret = m_buffer->readBlock(data, maxlen); if (ret > 0) { @@ -284,6 +287,9 @@ TQ_LONG TDEKerberosClientSocket::readLine(char *data, TQ_ULONG maxlen) { } free(buf); + if (maxlen > (unsigned int)m_bufferLength) { + maxlen = m_bufferLength; + } m_buffer->at(0); ret = m_buffer->readLine(data, maxlen); if (ret > 0) { @@ -310,11 +316,13 @@ TQ_LONG TDEKerberosClientSocket::readLine(char *data, TQ_ULONG maxlen) { TQString TDEKerberosClientSocket::readLine() { long i; TQString ret; + long maxlen; if (m_kerberosRequested) { int reclen; int wrlen; int readlen; + maxlen = m_negotiatedMaxBufferSize; char* buf = (char*)malloc(m_negotiatedMaxBufferSize); reclen = receiveEncryptedData(buf, m_negotiatedMaxBufferSize); if (reclen > 0) { @@ -326,9 +334,12 @@ TQString TDEKerberosClientSocket::readLine() { } free(buf); + if (maxlen > m_bufferLength) { + maxlen = m_bufferLength; + } m_buffer->at(0); - buf = (char*)malloc(m_negotiatedMaxBufferSize); - readlen = m_buffer->readLine(buf, m_negotiatedMaxBufferSize); + buf = (char*)malloc(maxlen); + readlen = m_buffer->readLine(buf, maxlen); if (readlen > 0) { // Remove the read bytes from the buffer m_bufferLength = m_bufferLength-readlen; diff --git a/lib/libtdekrb/src/tdekrbserversocket.cpp b/lib/libtdekrb/src/tdekrbserversocket.cpp index 2b4d7d2..d99ddaa 100644 --- a/lib/libtdekrb/src/tdekrbserversocket.cpp +++ b/lib/libtdekrb/src/tdekrbserversocket.cpp @@ -171,7 +171,7 @@ bool TDEKerberosServerSocket::atEnd() const { bool ret; if (m_kerberosRequested) { - return (m_buffer->at() >= (unsigned long)m_bufferLength); + ret = TQSocket::atEnd(); } else { ret = TQSocket::atEnd(); @@ -230,6 +230,9 @@ TQ_LONG TDEKerberosServerSocket::readBlock(char *data, TQ_ULONG maxlen) { } free(buf); + if (maxlen > (unsigned int)m_bufferLength) { + maxlen = m_bufferLength; + } m_buffer->at(0); ret = m_buffer->readBlock(data, maxlen); if (ret > 0) { @@ -284,6 +287,9 @@ TQ_LONG TDEKerberosServerSocket::readLine(char *data, TQ_ULONG maxlen) { } free(buf); + if (maxlen > (unsigned int)m_bufferLength) { + maxlen = m_bufferLength; + } m_buffer->at(0); ret = m_buffer->readLine(data, maxlen); if (ret > 0) { @@ -310,11 +316,13 @@ TQ_LONG TDEKerberosServerSocket::readLine(char *data, TQ_ULONG maxlen) { TQString TDEKerberosServerSocket::readLine() { long i; TQString ret; + long maxlen; if (m_kerberosRequested) { int reclen; int wrlen; int readlen; + maxlen = m_negotiatedMaxBufferSize; char* buf = (char*)malloc(m_negotiatedMaxBufferSize); reclen = receiveEncryptedData(buf, m_negotiatedMaxBufferSize); if (reclen > 0) { @@ -326,9 +334,12 @@ TQString TDEKerberosServerSocket::readLine() { } free(buf); + if (maxlen > m_bufferLength) { + maxlen = m_bufferLength; + } m_buffer->at(0); - buf = (char*)malloc(m_negotiatedMaxBufferSize); - readlen = m_buffer->readLine(buf, m_negotiatedMaxBufferSize); + buf = (char*)malloc(maxlen); + readlen = m_buffer->readLine(buf, maxlen); if (readlen > 0) { // Remove the read bytes from the buffer m_bufferLength = m_bufferLength-readlen; diff --git a/protocol.txt b/protocol.txt index 184906e..f01b23d 100644 --- a/protocol.txt +++ b/protocol.txt @@ -58,4 +58,10 @@ Example: SERV QUIT: Gracefully terminates the connection. -The server should return the case-sensitive text "OK" and must immediately close all active connections for the current user.
\ No newline at end of file +The server should return the case-sensitive text "OK" and must immediately close all active connections for the current user. + +================================================================================== +Backend Server +================================================================================== + +On initial connection from the client container, the master server must negotiate a successful Kerberos connection. Once this connection is established, the server must transmit a string containing the case-sensitive text "OK". The server has now fully established a secure bidirectional channel to the client and may proceeed to use the channel for any purpose. If the server wishes to reject the connection, for example due to a hardware failure, it must transmit a string containing the case-sensitive text "ERRNOTAVL", after which the server should close the client connection.
\ No newline at end of file diff --git a/servers/auth_server_lin/src/auth_conn.cpp b/servers/auth_server_lin/src/auth_conn.cpp index b71b608..e531099 100644 --- a/servers/auth_server_lin/src/auth_conn.cpp +++ b/servers/auth_server_lin/src/auth_conn.cpp @@ -115,6 +115,8 @@ int AuthSocket::initiateKerberosHandshake() { } int AuthSocket::enterCommandLoop() { + bool bound = false; + m_criticalSection++; try { TQString command; @@ -194,6 +196,8 @@ int AuthSocket::enterCommandLoop() { ds << TQString("ERRUNAVAL"); } else { + bound = true; + // Update database TQSqlRecord *buffer = m_databaseActivityCursor->primeInsert(); buffer->setValue("station", m_stationID); @@ -201,12 +205,66 @@ int AuthSocket::enterCommandLoop() { buffer->setValue("realmname", m_authenticatedRealmName); buffer->setValue("logontime", TQDateTime::currentDateTime().toTime_t()); m_databaseActivityCursor->insert(); - + ds << TQString("OK"); } } + else if (command == "SERV") { + // Get desired Service ID from client + TQ_UINT32 sid; + ds >> sid; + + m_databaseActivityCursor->select(TQString("username='%1' AND realmname='%2'").arg(m_authenticatedUserName).arg(m_authenticatedRealmName)); + if (m_databaseActivityCursor->next()) { + m_stationID = m_databaseActivityCursor->value("station").toInt(); + } + + if (bound == true) { + ds << TQString("ERRINVCMD"); + } + + if (m_stationID < 0) { + ds << TQString("ERRNOCONN"); + } + + // Attempt to connect to the backend server + m_databaseServicesCursor->select(TQString("pk=%1 AND station=%2").arg(sid).arg(m_stationID)); + if (m_databaseServicesCursor->next()) { + TQString serviceHostName = m_databaseServicesCursor->value("hostname").toString(); + int servicePort = m_databaseServicesCursor->value("port").toInt(); + + TDEKerberosClientSocket clientSocket; + clientSocket.setServiceName("remotefpga"); + + clientSocket.setServerFQDN(serviceHostName); + clientSocket.connectToHost(serviceHostName, servicePort); + + while ((clientSocket.state() == TQSocket::Connecting) || (clientSocket.state() == TQSocket::HostLookup)) { + tqApp->processEvents(); + } + if (clientSocket.state() == TQSocket::Connected) { + if (clientSocket.setUsingKerberos(true) != 0) { + clientSocket.close(); + ds << TQString("ERRNOTAVL"); + printf("[DEBUG] Connection failed to %s:%d for user %s@%s due to Kerberos failure\n\r", serviceHostName.ascii(), servicePort, m_authenticatedUserName.ascii(), m_authenticatedRealmName.ascii()); fflush(stdout); + } + else { + printf("[RAJA DEBUG 600.0] Connect OK!\n\r"); fflush(stdout); + // RAJA FIXME + } + } + else { + clientSocket.close(); + ds << TQString("ERRNOTAVL"); + printf("[DEBUG] Connection failed to %s:%d for user %s@%s\n\r", serviceHostName.ascii(), servicePort, m_authenticatedUserName.ascii(), m_authenticatedRealmName.ascii()); fflush(stdout); + } + } + else { + ds << TQString("ERRNOTAVL"); + } + } else { - ds << "ERRINVCMD"; + ds << TQString("ERRINVCMD"); } } tqApp->processEvents(); diff --git a/servers/auth_server_lin/src/auth_conn.h b/servers/auth_server_lin/src/auth_conn.h index 710b4c0..aea8a48 100644 --- a/servers/auth_server_lin/src/auth_conn.h +++ b/servers/auth_server_lin/src/auth_conn.h @@ -34,6 +34,7 @@ #include <ksimpleconfig.h> #include <tdekrbserversocket.h> +#include <tdekrbclientsocket.h> #include <tqtrla.h> diff --git a/servers/fpga_server_lin/src/fpga_conn.cpp b/servers/fpga_server_lin/src/fpga_conn.cpp index 1b0927c..1335a5a 100644 --- a/servers/fpga_server_lin/src/fpga_conn.cpp +++ b/servers/fpga_server_lin/src/fpga_conn.cpp @@ -110,9 +110,15 @@ int FPGASocket::setupSerial() { tcgetattr(m_fd_tty, &oldtio); // Save current port settings long serialBaud; - if (desiredBaudRate == "9600") { + if (desiredBaudRate == "1200") { + serialBaud = B1200; + } + else if (desiredBaudRate == "9600") { serialBaud = B9600; } + else if (desiredBaudRate == "19200") { + serialBaud = B19200; + } else if (desiredBaudRate == "115200") { serialBaud = B115200; } @@ -139,22 +145,26 @@ int FPGASocket::setupSerial() { } int FPGASocket::enterCommandLoop() { + int cc; + char buffer[10000]; + m_criticalSection++; try { while (state() == TQSocket::Connected) { - // RAJA FIXME -// cc = read(fd_tty, readbuf, 100000); -// if (cc > 0) { -// write_data_to_client(fd, readbuf, cc); -// fsync(fd_tty); -// printf("[DEBUG] Got %d bytes from the serial port\n\r", cc); fflush(stdout); -// } -// cc = read(fd, writebuf, 100000); -// if (cc > 0) { -// write(fd_tty, writebuf, cc); -// fsync(fd); -// printf("[DEBUG] Got %d bytes from the network interface\n\r", cc); fflush(stdout); -// } + cc = read(m_fd_tty, buffer, 10000); + if (cc > 0) { + writeBlock(buffer, cc); + printf("[DEBUG] Got %d bytes from the serial port\n\r", cc); fflush(stdout); + } + if (canReadLine()) { + cc = readBlock(buffer, 10000); + if (cc > 0) { + if (write(m_fd_tty, buffer, cc) < 0) { + // ERROR + } + printf("[DEBUG] Got %d bytes from the network interface\n\r", cc); fflush(stdout); + } + } } m_criticalSection--; |