summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-06-26 21:52:21 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-06-26 21:52:21 -0500
commit9c9085621bf01f9b39e15eb856ff521ecb01fccf (patch)
tree0d912f472a89ffccbcc3bb79ceed6a2b3a350118
parentb2f2dba837c0d28bf73ec36933af901f484633f5 (diff)
downloadulab-9c9085621bf01f9b39e15eb856ff521ecb01fccf.tar.gz
ulab-9c9085621bf01f9b39e15eb856ff521ecb01fccf.zip
Fix krb client/server sockets
-rw-r--r--clients/tde/src/app/remotemdi.cpp1
-rw-r--r--lib/libtdekrb/src/tdekrbclientsocket.cpp17
-rw-r--r--lib/libtdekrb/src/tdekrbserversocket.cpp17
-rw-r--r--protocol.txt8
-rw-r--r--servers/auth_server_lin/src/auth_conn.cpp62
-rw-r--r--servers/auth_server_lin/src/auth_conn.h1
-rw-r--r--servers/fpga_server_lin/src/fpga_conn.cpp38
7 files changed, 121 insertions, 23 deletions
diff --git a/clients/tde/src/app/remotemdi.cpp b/clients/tde/src/app/remotemdi.cpp
index 9d40365..4d355e3 100644
--- a/clients/tde/src/app/remotemdi.cpp
+++ b/clients/tde/src/app/remotemdi.cpp
@@ -174,6 +174,7 @@ void RemoteMDI::promptForStationType() {
ds << TQString("BIND");
ds << select.m_selectedStation;
ds >> result;
+printf("[RAJA DEBUG 100.0] '%s'\n\r", result.ascii()); fflush(stdout);
if (result == "OK") {
// Success, do nothing
}
diff --git a/lib/libtdekrb/src/tdekrbclientsocket.cpp b/lib/libtdekrb/src/tdekrbclientsocket.cpp
index 647da73..96833a2 100644
--- a/lib/libtdekrb/src/tdekrbclientsocket.cpp
+++ b/lib/libtdekrb/src/tdekrbclientsocket.cpp
@@ -171,7 +171,7 @@ bool TDEKerberosClientSocket::atEnd() const {
bool ret;
if (m_kerberosRequested) {
- return (m_buffer->at() >= (unsigned long)m_bufferLength);
+ ret = TQSocket::atEnd();
}
else {
ret = TQSocket::atEnd();
@@ -230,6 +230,9 @@ TQ_LONG TDEKerberosClientSocket::readBlock(char *data, TQ_ULONG maxlen) {
}
free(buf);
+ if (maxlen > (unsigned int)m_bufferLength) {
+ maxlen = m_bufferLength;
+ }
m_buffer->at(0);
ret = m_buffer->readBlock(data, maxlen);
if (ret > 0) {
@@ -284,6 +287,9 @@ TQ_LONG TDEKerberosClientSocket::readLine(char *data, TQ_ULONG maxlen) {
}
free(buf);
+ if (maxlen > (unsigned int)m_bufferLength) {
+ maxlen = m_bufferLength;
+ }
m_buffer->at(0);
ret = m_buffer->readLine(data, maxlen);
if (ret > 0) {
@@ -310,11 +316,13 @@ TQ_LONG TDEKerberosClientSocket::readLine(char *data, TQ_ULONG maxlen) {
TQString TDEKerberosClientSocket::readLine() {
long i;
TQString ret;
+ long maxlen;
if (m_kerberosRequested) {
int reclen;
int wrlen;
int readlen;
+ maxlen = m_negotiatedMaxBufferSize;
char* buf = (char*)malloc(m_negotiatedMaxBufferSize);
reclen = receiveEncryptedData(buf, m_negotiatedMaxBufferSize);
if (reclen > 0) {
@@ -326,9 +334,12 @@ TQString TDEKerberosClientSocket::readLine() {
}
free(buf);
+ if (maxlen > m_bufferLength) {
+ maxlen = m_bufferLength;
+ }
m_buffer->at(0);
- buf = (char*)malloc(m_negotiatedMaxBufferSize);
- readlen = m_buffer->readLine(buf, m_negotiatedMaxBufferSize);
+ buf = (char*)malloc(maxlen);
+ readlen = m_buffer->readLine(buf, maxlen);
if (readlen > 0) {
// Remove the read bytes from the buffer
m_bufferLength = m_bufferLength-readlen;
diff --git a/lib/libtdekrb/src/tdekrbserversocket.cpp b/lib/libtdekrb/src/tdekrbserversocket.cpp
index 2b4d7d2..d99ddaa 100644
--- a/lib/libtdekrb/src/tdekrbserversocket.cpp
+++ b/lib/libtdekrb/src/tdekrbserversocket.cpp
@@ -171,7 +171,7 @@ bool TDEKerberosServerSocket::atEnd() const {
bool ret;
if (m_kerberosRequested) {
- return (m_buffer->at() >= (unsigned long)m_bufferLength);
+ ret = TQSocket::atEnd();
}
else {
ret = TQSocket::atEnd();
@@ -230,6 +230,9 @@ TQ_LONG TDEKerberosServerSocket::readBlock(char *data, TQ_ULONG maxlen) {
}
free(buf);
+ if (maxlen > (unsigned int)m_bufferLength) {
+ maxlen = m_bufferLength;
+ }
m_buffer->at(0);
ret = m_buffer->readBlock(data, maxlen);
if (ret > 0) {
@@ -284,6 +287,9 @@ TQ_LONG TDEKerberosServerSocket::readLine(char *data, TQ_ULONG maxlen) {
}
free(buf);
+ if (maxlen > (unsigned int)m_bufferLength) {
+ maxlen = m_bufferLength;
+ }
m_buffer->at(0);
ret = m_buffer->readLine(data, maxlen);
if (ret > 0) {
@@ -310,11 +316,13 @@ TQ_LONG TDEKerberosServerSocket::readLine(char *data, TQ_ULONG maxlen) {
TQString TDEKerberosServerSocket::readLine() {
long i;
TQString ret;
+ long maxlen;
if (m_kerberosRequested) {
int reclen;
int wrlen;
int readlen;
+ maxlen = m_negotiatedMaxBufferSize;
char* buf = (char*)malloc(m_negotiatedMaxBufferSize);
reclen = receiveEncryptedData(buf, m_negotiatedMaxBufferSize);
if (reclen > 0) {
@@ -326,9 +334,12 @@ TQString TDEKerberosServerSocket::readLine() {
}
free(buf);
+ if (maxlen > m_bufferLength) {
+ maxlen = m_bufferLength;
+ }
m_buffer->at(0);
- buf = (char*)malloc(m_negotiatedMaxBufferSize);
- readlen = m_buffer->readLine(buf, m_negotiatedMaxBufferSize);
+ buf = (char*)malloc(maxlen);
+ readlen = m_buffer->readLine(buf, maxlen);
if (readlen > 0) {
// Remove the read bytes from the buffer
m_bufferLength = m_bufferLength-readlen;
diff --git a/protocol.txt b/protocol.txt
index 184906e..f01b23d 100644
--- a/protocol.txt
+++ b/protocol.txt
@@ -58,4 +58,10 @@ Example: SERV
QUIT:
Gracefully terminates the connection.
-The server should return the case-sensitive text "OK" and must immediately close all active connections for the current user. \ No newline at end of file
+The server should return the case-sensitive text "OK" and must immediately close all active connections for the current user.
+
+==================================================================================
+Backend Server
+==================================================================================
+
+On initial connection from the client container, the master server must negotiate a successful Kerberos connection. Once this connection is established, the server must transmit a string containing the case-sensitive text "OK". The server has now fully established a secure bidirectional channel to the client and may proceeed to use the channel for any purpose. If the server wishes to reject the connection, for example due to a hardware failure, it must transmit a string containing the case-sensitive text "ERRNOTAVL", after which the server should close the client connection. \ No newline at end of file
diff --git a/servers/auth_server_lin/src/auth_conn.cpp b/servers/auth_server_lin/src/auth_conn.cpp
index b71b608..e531099 100644
--- a/servers/auth_server_lin/src/auth_conn.cpp
+++ b/servers/auth_server_lin/src/auth_conn.cpp
@@ -115,6 +115,8 @@ int AuthSocket::initiateKerberosHandshake() {
}
int AuthSocket::enterCommandLoop() {
+ bool bound = false;
+
m_criticalSection++;
try {
TQString command;
@@ -194,6 +196,8 @@ int AuthSocket::enterCommandLoop() {
ds << TQString("ERRUNAVAL");
}
else {
+ bound = true;
+
// Update database
TQSqlRecord *buffer = m_databaseActivityCursor->primeInsert();
buffer->setValue("station", m_stationID);
@@ -201,12 +205,66 @@ int AuthSocket::enterCommandLoop() {
buffer->setValue("realmname", m_authenticatedRealmName);
buffer->setValue("logontime", TQDateTime::currentDateTime().toTime_t());
m_databaseActivityCursor->insert();
-
+
ds << TQString("OK");
}
}
+ else if (command == "SERV") {
+ // Get desired Service ID from client
+ TQ_UINT32 sid;
+ ds >> sid;
+
+ m_databaseActivityCursor->select(TQString("username='%1' AND realmname='%2'").arg(m_authenticatedUserName).arg(m_authenticatedRealmName));
+ if (m_databaseActivityCursor->next()) {
+ m_stationID = m_databaseActivityCursor->value("station").toInt();
+ }
+
+ if (bound == true) {
+ ds << TQString("ERRINVCMD");
+ }
+
+ if (m_stationID < 0) {
+ ds << TQString("ERRNOCONN");
+ }
+
+ // Attempt to connect to the backend server
+ m_databaseServicesCursor->select(TQString("pk=%1 AND station=%2").arg(sid).arg(m_stationID));
+ if (m_databaseServicesCursor->next()) {
+ TQString serviceHostName = m_databaseServicesCursor->value("hostname").toString();
+ int servicePort = m_databaseServicesCursor->value("port").toInt();
+
+ TDEKerberosClientSocket clientSocket;
+ clientSocket.setServiceName("remotefpga");
+
+ clientSocket.setServerFQDN(serviceHostName);
+ clientSocket.connectToHost(serviceHostName, servicePort);
+
+ while ((clientSocket.state() == TQSocket::Connecting) || (clientSocket.state() == TQSocket::HostLookup)) {
+ tqApp->processEvents();
+ }
+ if (clientSocket.state() == TQSocket::Connected) {
+ if (clientSocket.setUsingKerberos(true) != 0) {
+ clientSocket.close();
+ ds << TQString("ERRNOTAVL");
+ printf("[DEBUG] Connection failed to %s:%d for user %s@%s due to Kerberos failure\n\r", serviceHostName.ascii(), servicePort, m_authenticatedUserName.ascii(), m_authenticatedRealmName.ascii()); fflush(stdout);
+ }
+ else {
+ printf("[RAJA DEBUG 600.0] Connect OK!\n\r"); fflush(stdout);
+ // RAJA FIXME
+ }
+ }
+ else {
+ clientSocket.close();
+ ds << TQString("ERRNOTAVL");
+ printf("[DEBUG] Connection failed to %s:%d for user %s@%s\n\r", serviceHostName.ascii(), servicePort, m_authenticatedUserName.ascii(), m_authenticatedRealmName.ascii()); fflush(stdout);
+ }
+ }
+ else {
+ ds << TQString("ERRNOTAVL");
+ }
+ }
else {
- ds << "ERRINVCMD";
+ ds << TQString("ERRINVCMD");
}
}
tqApp->processEvents();
diff --git a/servers/auth_server_lin/src/auth_conn.h b/servers/auth_server_lin/src/auth_conn.h
index 710b4c0..aea8a48 100644
--- a/servers/auth_server_lin/src/auth_conn.h
+++ b/servers/auth_server_lin/src/auth_conn.h
@@ -34,6 +34,7 @@
#include <ksimpleconfig.h>
#include <tdekrbserversocket.h>
+#include <tdekrbclientsocket.h>
#include <tqtrla.h>
diff --git a/servers/fpga_server_lin/src/fpga_conn.cpp b/servers/fpga_server_lin/src/fpga_conn.cpp
index 1b0927c..1335a5a 100644
--- a/servers/fpga_server_lin/src/fpga_conn.cpp
+++ b/servers/fpga_server_lin/src/fpga_conn.cpp
@@ -110,9 +110,15 @@ int FPGASocket::setupSerial() {
tcgetattr(m_fd_tty, &oldtio); // Save current port settings
long serialBaud;
- if (desiredBaudRate == "9600") {
+ if (desiredBaudRate == "1200") {
+ serialBaud = B1200;
+ }
+ else if (desiredBaudRate == "9600") {
serialBaud = B9600;
}
+ else if (desiredBaudRate == "19200") {
+ serialBaud = B19200;
+ }
else if (desiredBaudRate == "115200") {
serialBaud = B115200;
}
@@ -139,22 +145,26 @@ int FPGASocket::setupSerial() {
}
int FPGASocket::enterCommandLoop() {
+ int cc;
+ char buffer[10000];
+
m_criticalSection++;
try {
while (state() == TQSocket::Connected) {
- // RAJA FIXME
-// cc = read(fd_tty, readbuf, 100000);
-// if (cc > 0) {
-// write_data_to_client(fd, readbuf, cc);
-// fsync(fd_tty);
-// printf("[DEBUG] Got %d bytes from the serial port\n\r", cc); fflush(stdout);
-// }
-// cc = read(fd, writebuf, 100000);
-// if (cc > 0) {
-// write(fd_tty, writebuf, cc);
-// fsync(fd);
-// printf("[DEBUG] Got %d bytes from the network interface\n\r", cc); fflush(stdout);
-// }
+ cc = read(m_fd_tty, buffer, 10000);
+ if (cc > 0) {
+ writeBlock(buffer, cc);
+ printf("[DEBUG] Got %d bytes from the serial port\n\r", cc); fflush(stdout);
+ }
+ if (canReadLine()) {
+ cc = readBlock(buffer, 10000);
+ if (cc > 0) {
+ if (write(m_fd_tty, buffer, cc) < 0) {
+ // ERROR
+ }
+ printf("[DEBUG] Got %d bytes from the network interface\n\r", cc); fflush(stdout);
+ }
+ }
}
m_criticalSection--;