char clientAddr4[ADDRMAXLN]=""; /* client addr (nnn.nnn.nnn.nnn) */
char clientAddr6[ADDRMAXLN]=""; /* client addr (nnnn:nnnn:xxxx::xxxx) 128bit */
-
extern struct clientAddr *pClientAddr;
char macAddr4[ADDRMAXLN]="?"; /* client MAC address (format for arp) */
char extraId[USERMAXLN];
char userProperty[BUFFMAXLN];
time_t timeIn, timeOut;
+int ipStatus; /* flag for IPV4ONLY,IPV6ONLY or IPV46DUAL */
+int connectionMode; /* client connect mode */
+/* variable to measuring processing time (in msec) */
+struct timeval timeBeginCgi, timeBeginWait, timeConnect, timeDisconnect;
+
+char sessionId[BUFFMAXLN]; /* session ID */
void PutCloseMsg(time_t timeOut, time_t timeIn);
void SetProcessTitle(char *useridshort, char *clientAddr4, char * ruleNumber4, char *clientAddr6, char * ruleNumber6, int ipStatus);
+void logConnectMode();
void closeExit(int signo);
/***************************************************/
int port;
int dummyfd[2];
int pid;
+ int parentpid;
int duration; /* requested usage duration */
- int ipStatus; /* flag for IPv4 or IPv6 */
+ int durationEntered; /* the duration value is entered or not */
+ int authResult;
+
+ /* get time at the cgi starting (in msec) */
+ gettimeofday(&timeBeginCgi, NULL) ;
/* prepare config file */
if(OpenConfFile()==-1) return 0;
/* start log */
errToSyslog(atoi(GetConfValue("Syslog/Enable")));
- openlog(argv[0], LOG_PID, atoi(GetConfValue("Syslog/Facility")));
+ openlog(GetConfValue("MainCgi"), LOG_PID, atoi(GetConfValue("Syslog/Facility")));
- /* check and init config */
- CheckAndInitConf();
+ /* initialize config */
+ InitConf();
/* get default language at the top of lang list */
sscanf(GetConfValue("HtmlLangs"), "%s", language);
/* check referer */
if(CheckReferer()==FALSE){
PutClientRetry(language);
- CloseConfFile();
return 0;
}
/* get POST data */
- if(GetPostData(userid, password, clientAddr4, &duration)==FALSE){
+ if(GetPostData(userid, password, clientAddr4, &duration, &durationEntered)==FALSE){
PutClientRetry(language);
- CloseConfFile();
return 0;
}
/* split user@server to user and server */
SplitId(userid, useridshort, extraId);
- /* setup ID for config file */
- SetupConfId(extraId);
+ /* setup pointer to ExtraSet in config file */
+ SetupConfExtra(useridshort, extraId);
/* get address of client from getenv. it might be IPv4 or IPv6. */
GetClientAddr(clientAddr6);
GetMacAddr(clientAddr4, macAddr4, clientAddr6, macAddr6,ipStatus);
/* authenticate the user with authentication server */
- if(!AuthenticateUser(useridshort, password)){
+ authResult=AuthenticateUser(useridshort, password);
+ if(authResult==DENY){
/* if not authenticate, send deny */
- PutClientDeny();
+ PutClientDeny(clientAddr4);
err_msg("DENY: user %s from %s at %s", userid, clientAddr4, macAddr4);
return 0;
}
return 0;
}
- /* usage duration is restricted to permitted range */
- if(duration <= 0){
- duration=atoi(GetConfValue("Duration/Default"));
- }else{
- int durmax=atoi(GetConfValue("Duration/Max"));
- if(duration > durmax){
- duration=durmax;
- }
- }
+ /* create session ID */
+ CreateSessionId(sessionId);
+
/* set terminate signal handler */
- Signal(SIGTERM, closeExit);
+ if(Signal(SIGTERM, closeExit)==SIG_ERR){
+ PutClientMsg("Error: Please contact to the administrator");
+ return 0;
+ }
/* open firewall for the client */
if(OpenClientGate(clientAddr4,macAddr4,clientAddr6,macAddr6,
/* get temporary port for server-listen */
port=GetListenPort();
if(port<0){
- err_msg("ERR in main: cannot get unused listen port");
+ err_msg("ERR at %s#%d: cannot get unused listen port",__FILE__,__LINE__);
PutClientMsg("Error: Please contact to the administrator");
closeExit(1);
}
- if((pid=Fork())!=0){
+ parentpid=getpid();
+
+ /* fork */
+ if((pid=Fork())==-1){
+ err_msg("ERR at %s#%d: fork error",__FILE__,__LINE__);
+ PutClientMsg("Error: Please contact to the administrator");
+ closeExit(1);
+ }
+
+ if(pid!=0){
/** parent process **/
- /* send java */
- PutJavaApplet(userid, port, pid, clientAddr4, clientAddr6, ipStatus);
+ /* send accept page with java */
+ PutClientAccept(userid, sessionId, port, pid, clientAddr4, clientAddr6, ipStatus, duration, durationEntered);
/* detach from Web server */
return 0;
/** child process **/
/* detach from Web server */
- Close(0);Close(1); /* detach stdin and out pipe connected to Web */
- Close(2); /* detach stderr */
+ /* detach stdin and out pipe connected to Web */
+ /* detach stderr */
+ Close(0);Close(1);Close(2);
+
Pipe(dummyfd); /* connect dummy pipe for stdin and out */
- /* wait connection from the java applet */
+ /* get time at the client wait start (in msec) */
+ gettimeofday(&timeBeginWait, NULL) ;
+
+ /* wait connection from the client */
/* if no connection, close gate when duration is passed */
/* or ipaddr for the macAddr4 is changed */
- if(WaitAppletConnect(userid, clientAddr4, clientAddr6, duration, macAddr4, ipStatus, pClientAddr)==1){
+ connectionMode=WaitClientConnect(userid, userProperty, sessionId, clientAddr4, clientAddr6, duration, macAddr4, macAddr6, ipStatus, pClientAddr, language, port, parentpid);
- /* wait until the user quit */
+ /* get time at the client connection (in msec) */
+ gettimeofday(&timeConnect, NULL) ;
+
+ if(connectionMode==JAVACONNECT){
+
+ /* wait until the java applet quit */
/* close gate when no reply to temporal hello or end of TCP connection */
/* macAddr6 is used for NDP to search addition ipaddr */
- WaitClientClose(pClientAddr, userid, userProperty, macAddr6, ipStatus);
+ WaitJavaClose(pClientAddr, userid, userProperty, macAddr4, macAddr6, ipStatus);
+ }
+ else if(connectionMode==HTTPCONNECT){
+
+ /* wait until the http keep alive is closed */
+ WaitHttpClose(pClientAddr, userid, userProperty, macAddr4, macAddr6, ipStatus, sessionId, port);
}
+
/* close firewall and exit */
closeExit(1);
/*****************************/
void closeExit(int signo)
{
+ /* save the connect mode */
+ logConnectMode();
+
/* signal is disabled */
Signal(SIGTERM, SIG_DFL);
- /* send quit message to client java */
- SendQuitClient();
-
/* close firewalls */
while(pClientAddr!=NULL){
+
if(pClientAddr->ipType==IPV4){
- CloseClientGate4(pClientAddr,useridshort,macAddr4);
+ CloseClientGate4(pClientAddr,userid,macAddr4);
}else{
- CloseClientGate6(pClientAddr,useridshort,macAddr6);
+ CloseClientGate6(pClientAddr,userid,macAddr6);
DeleteNdpEntry(pClientAddr->ipAddr);
}
pClientAddr = pClientAddr->next;
/* put out time */
timeOut=time(NULL);
PutCloseMsg(timeOut,timeIn);
- if(debug) err_msg("DEBUG:terminated");
-
- /* release the conf file area */
- CloseConfFile();
+ if(debug>1) err_msg("DEBUG:terminated");
exit(1);
}
break;
default:
- err_msg("ERR in main: abnormal IP versions %d", ipStatus);
+ err_msg("ERR at %s#%d: abnormal IP versions %d",__FILE__,__LINE__,ipStatus);
+ }
+}
+
+
+/*****************************************/
+/* save connectMode and others to syslog */
+/*****************************************/
+void logConnectMode()
+{
+ char *mode[4]={"NONE","JAVA","HTTP","TIME"};
+ long time1sec,time2sec,time3sec;
+ long time1usec,time2usec,time3usec;
+
+ /* set value on failure */
+ if(connectionMode<0 || connectionMode>3) connectionMode=NOCONNECT;
+ if(connectionMode==NOCONNECT){
+ gettimeofday(&timeBeginWait, NULL) ;
+ gettimeofday(&timeConnect, NULL) ;
+ }
+
+ /* get time at the end of connection (in msec) */
+ gettimeofday(&timeDisconnect, NULL) ;
+
+ /* calc time difference (seconds(sec) and micro-seconds(usec)) */
+ time1sec=(timeBeginWait.tv_sec - timeBeginCgi.tv_sec);
+ time1usec=(timeBeginWait.tv_usec - timeBeginCgi.tv_usec);
+ /* if microsec diff is minus, bolow from sec diff */
+ if(time1usec<0){
+ time1usec += 1000000; time1sec--;
+ }
+ time2sec=(timeConnect.tv_sec - timeBeginWait.tv_sec);
+ time2usec=(timeConnect.tv_usec - timeBeginWait.tv_usec);
+ if(time2usec<0){
+ time2usec += 1000000; time2sec--;
}
+ time3sec=(timeDisconnect.tv_sec - timeConnect.tv_sec);
+ time3usec=(timeDisconnect.tv_usec - timeConnect.tv_usec);
+ if(time3usec<0){
+ time3usec += 1000000; time3sec--;
+ }
+
+ if(debug>0) err_msg("INFO: user=%s watchmode=%s procsec=%ld.%06ld,%ld.%06ld,%ld.%06ld ipversion=%d useragent=%s",
+ userid, mode[connectionMode],
+ time1sec,time1usec,
+ time2sec,time2usec,
+ time3sec,time3usec,
+ ipStatus, getenv("HTTP_USER_AGENT"));
}
+
+
/*****************************/
/*****************************/
void PutCloseMsg(time_t timeOut, time_t timeIn)
{
- if(debug) err_msg("DEBUG:=>putCloseMsg( )");
+ if(debug>1) err_msg("DEBUG:=>putCloseMsg( )");
putCloseMsg(timeOut,timeIn);
- if(debug) err_msg("DEBUG:<=putCloseMsg( )");
+ if(debug>1) err_msg("DEBUG:<=putCloseMsg( )");
}
void SetProcessTitle(char *useridshort, char *clientAddr4, char * ruleNumber4, char *clientAddr6, char * ruleNumber6, int ipStatus){
- if(debug) err_msg("DEBUG:=>setProcessTitle(%s,%s,%s,%s,%s,%d)",useridshort,
+ if(debug>1) err_msg("DEBUG:=>setProcessTitle(%s,%s,%s,%s,%s,%d)",useridshort,
clientAddr4,ruleNumber4,clientAddr6,ruleNumber6, ipStatus);
setProcessTitle(useridshort,clientAddr4,ruleNumber4,clientAddr6,ruleNumber6,ipStatus);
- if(debug) err_msg("DEBUG:<=setProcessTitle( )");
+ if(debug>1) err_msg("DEBUG:<=setProcessTitle( )");
}