vboxweb.cpp@ 20851

Last change on this file since 20851 was 20851, checked in by vboxsync, 15 years ago
Webservice: handle NULL pointer object arguments in methods and return values correctly, both in raw webservice and OO JAX-WS wrappers
Property filesplitter.c set to `Makefile.kmk` Property svn:eol-style set to `native`
File size: 42.0 KB

Line
1	/**
2	* vboxweb.cpp:
3	* hand-coded parts of the webservice server. This is linked with the
4	* generated code in out/.../src/VBox/Main/webservice/methodmaps.cpp
5	* (and static gSOAP server code) to implement the actual webservice
6	* server, to which clients can connect.
7	*
8	* Copyright (C) 2006-2009 Sun Microsystems, Inc.
9	*
10	* This file is part of VirtualBox Open Source Edition (OSE), as
11	* available from http://www.virtualbox.org. This file is free software;
12	* you can redistribute it and/or modify it under the terms of the GNU
13	* General Public License (GPL) as published by the Free Software
14	* Foundation, in version 2 as it comes in the "COPYING" file of the
15	* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
16	* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
17	*
18	* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
19	* Clara, CA 95054 USA or visit http://www.sun.com if you need
20	* additional information or have any questions.
21	*/
22
23	// vbox headers
24	#include <VBox/com/com.h>
25	#include <VBox/com/string.h>
26	#include <VBox/com/Guid.h>
27	#include <VBox/com/ErrorInfo.h>
28	#include <VBox/com/errorprint2.h>
29	#include <VBox/com/EventQueue.h>
30	#include <VBox/com/VirtualBox.h>
31	#include <VBox/err.h>
32	#include <VBox/VRDPAuth.h>
33	#include <VBox/version.h>
34	#include <VBox/log.h>
35
36	#include <iprt/lock.h>
37	#include <iprt/rand.h>
38	#include <iprt/initterm.h>
39	#include <iprt/getopt.h>
40	#include <iprt/ctype.h>
41	#include <iprt/process.h>
42	#include <iprt/stream.h>
43	#include <iprt/string.h>
44	#include <iprt/ldr.h>
45
46	// workaround for compile problems on gcc 4.1
47	#ifdef __GNUC__
48	#pragma GCC visibility push(default)
49	#endif
50
51	// gSOAP headers (must come after vbox includes because it checks for conflicting defs)
52	#include "soapH.h"
53
54	// standard headers
55	#include <map>
56	#include <sstream>
57
58	#ifdef __GNUC__
59	#pragma GCC visibility pop
60	#endif
61
62	// shared webservice header
63	#include "vboxweb.h"
64
65	// include generated namespaces table
66	#include "vboxwebsrv.nsmap"
67
68	/****************************************************************************
69	*
70	* private typedefs
71	*
72	****************************************************************************/
73
74	typedef std::map<uint64_t, ManagedObjectRef*>
75	ManagedObjectsMapById;
76	typedef std::map<uint64_t, ManagedObjectRef*>::iterator
77	ManagedObjectsIteratorById;
78	typedef std::map<uintptr_t, ManagedObjectRef*>
79	ManagedObjectsMapByPtr;
80
81	typedef std::map<uint64_t, WebServiceSession*>
82	SessionsMap;
83	typedef std::map<uint64_t, WebServiceSession*>::iterator
84	SessionsMapIterator;
85
86	int fntWatchdog(RTTHREAD ThreadSelf, void *pvUser);
87
88	/****************************************************************************
89	*
90	* Read-only global variables
91	*
92	****************************************************************************/
93
94	ComPtr<IVirtualBox> g_pVirtualBox = NULL;
95
96	// generated strings in methodmaps.cpp
97	extern const char *g_pcszISession,
98	*g_pcszIVirtualBox;
99
100	#define DEFAULT_TIMEOUT_SECS 300
101	#define DEFAULT_TIMEOUT_SECS_STRING "300"
102
103	int g_iWatchdogTimeoutSecs = DEFAULT_TIMEOUT_SECS;
104	int g_iWatchdogCheckInterval = 5;
105
106	const char *g_pcszBindToHost = NULL; // host; NULL = current machine
107	unsigned int g_uBindToPort = 18083; // port
108	unsigned int g_uBacklog = 100; // backlog = max queue size for requests
109
110	bool g_fVerbose = false; // be verbose
111	PRTSTREAM g_pstrLog = NULL;
112
113	#if defined(RT_OS_DARWIN) \|\| defined(RT_OS_LINUX) \|\| defined (RT_OS_SOLARIS) \|\| defined(RT_OS_FREEBSD)
114	bool g_fDaemonize = false; // run in background.
115	#endif
116
117	/****************************************************************************
118	*
119	* Writeable global variables
120	*
121	****************************************************************************/
122
123	RTLockMtx g_mutexAuthLib;
124
125	// this mutex protects all of the below
126	RTLockMtx g_mutexSessions;
127
128	SessionsMap g_mapSessions;
129	ULONG64 g_iMaxManagedObjectID = 0;
130	ULONG64 g_cManagedObjects = 0;
131
132	/****************************************************************************
133	*
134	* main
135	*
136	****************************************************************************/
137
138	static const RTGETOPTDEF g_aOptions[]
139	= {
140	{ "--help", 'h', RTGETOPT_REQ_NOTHING },
141	#if defined(RT_OS_DARWIN) \|\| defined(RT_OS_LINUX) \|\| defined (RT_OS_SOLARIS) \|\| defined(RT_OS_FREEBSD)
142	{ "--background", 'b', RTGETOPT_REQ_NOTHING },
143	#endif
144	{ "--host", 'H', RTGETOPT_REQ_STRING },
145	{ "--port", 'p', RTGETOPT_REQ_UINT32 },
146	{ "--timeout", 't', RTGETOPT_REQ_UINT32 },
147	{ "--check-interval", 'i', RTGETOPT_REQ_UINT32 },
148	{ "--verbose", 'v', RTGETOPT_REQ_NOTHING },
149	{ "--logfile", 'F', RTGETOPT_REQ_STRING },
150	};
151
152	void DisplayHelp()
153	{
154	RTStrmPrintf(g_pStdErr, "\nUsage: vboxwebsrv [options]\n\nSupported options (default values in brackets):\n");
155	for (unsigned i = 0;
156	i < RT_ELEMENTS(g_aOptions);
157	++i)
158	{
159	std::string str(g_aOptions[i].pszLong);
160	str += ", -";
161	str += g_aOptions[i].iShort;
162	str += ":";
163
164	const char *pcszDescr = "";
165
166	switch (g_aOptions[i].iShort)
167	{
168	case 'h':
169	pcszDescr = "Print this help message and exit.";
170	break;
171
172	#if defined(RT_OS_DARWIN) \|\| defined(RT_OS_LINUX) \|\| defined (RT_OS_SOLARIS) \|\| defined(RT_OS_FREEBSD)
173	case 'b':
174	pcszDescr = "Run in background (daemon mode).";
175	break;
176	#endif
177
178	case 'H':
179	pcszDescr = "The host to bind to (localhost).";
180	break;
181
182	case 'p':
183	pcszDescr = "The port to bind to (18083).";
184	break;
185
186	case 't':
187	pcszDescr = "Session timeout in seconds; 0 = disable timeouts (" DEFAULT_TIMEOUT_SECS_STRING ").";
188	break;
189
190	case 'i':
191	pcszDescr = "Frequency of timeout checks in seconds (5).";
192	break;
193
194	case 'v':
195	pcszDescr = "Be verbose.";
196	break;
197
198	case 'F':
199	pcszDescr = "Name of file to write log to (no file).";
200	break;
201	}
202
203	RTStrmPrintf(g_pStdErr, "%-23s%s\n", str.c_str(), pcszDescr);
204	}
205	}
206
207	void WebLog(const char *pszFormat, ...)
208	{
209	va_list args;
210	va_start(args, pszFormat);
211	RTPrintfV(pszFormat, args);
212	va_end(args);
213
214	if (g_pstrLog)
215	{
216	va_list args2;
217	va_start(args2, pszFormat);
218	RTStrmPrintfV(g_pstrLog, pszFormat, args);
219	va_end(args2);
220
221	RTStrmFlush(g_pstrLog);
222	}
223	}
224
225	void WebLogSoapError(struct soap *soap)
226	{
227	if (soap_check_state(soap))
228	{
229	WebLog("Error: soap struct not initialized\n");
230	return;
231	}
232
233	const char pcszFaultString = soap_faultstring(soap);
234	const char **ppcszDetail = soap_faultcode(soap);
235	WebLog("#### SOAP FAULT: %s [%s]\n",
236	pcszFaultString ? pcszFaultString : "[no fault string available]",
237	(ppcszDetail && ppcszDetail) ? ppcszDetail : "no details available");
238	}
239
240
241	/**
242	* Start up the webservice server. This keeps running and waits
243	* for incoming SOAP connections.
244	*
245	* @param argc
246	* @param argv[]
247	* @return
248	*/
249	int main(int argc, char* argv[])
250	{
251	int rc;
252
253	// intialize runtime
254	RTR3Init();
255
256	RTStrmPrintf(g_pStdErr, "Sun VirtualBox Webservice Version %s\n"
257	"(C) 2005-2009 Sun Microsystems, Inc.\n"
258	"All rights reserved.\n", VBOX_VERSION_STRING);
259
260	int c;
261	RTGETOPTUNION ValueUnion;
262	RTGETOPTSTATE GetState;
263	RTGetOptInit(&GetState, argc, argv, g_aOptions, RT_ELEMENTS(g_aOptions), 1, 0 /* fFlags */);
264	while ((c = RTGetOpt(&GetState, &ValueUnion)))
265	{
266	switch (c)
267	{
268	case 'H':
269	g_pcszBindToHost = ValueUnion.psz;
270	break;
271
272	case 'p':
273	g_uBindToPort = ValueUnion.u32;
274	break;
275
276	case 't':
277	g_iWatchdogTimeoutSecs = ValueUnion.u32;
278	break;
279
280	case 'i':
281	g_iWatchdogCheckInterval = ValueUnion.u32;
282	break;
283
284	case 'F':
285	{
286	int rc2 = RTStrmOpen(ValueUnion.psz, "a", &g_pstrLog);
287	if (rc2)
288	{
289	RTPrintf("Error: Cannot open log file \"%s\" for writing, error %d.\n", ValueUnion.psz, rc2);
290	exit(2);
291	}
292
293	WebLog("Sun VirtualBox Webservice Version %s\n"
294	"Opened log file \"%s\"\n", VBOX_VERSION_STRING, ValueUnion.psz);
295	}
296	break;
297
298	case 'h':
299	DisplayHelp();
300	exit(0);
301	break;
302
303	case 'v':
304	g_fVerbose = true;
305	break;
306
307	#if defined(RT_OS_DARWIN) \|\| defined(RT_OS_LINUX) \|\| defined (RT_OS_SOLARIS) \|\| defined(RT_OS_FREEBSD)
308	case 'b':
309	g_fDaemonize = true;
310	break;
311	#endif
312	case VINF_GETOPT_NOT_OPTION:
313	RTStrmPrintf(g_pStdErr, "unhandled parameter: %s\n", ValueUnion.psz);
314	return 1;
315
316	default:
317	if (c > 0)
318	{
319	if (RT_C_IS_GRAPH(c))
320	RTStrmPrintf(g_pStdErr, "unhandled option: -%c", c);
321	else
322	RTStrmPrintf(g_pStdErr, "unhandled option: %i", c);
323	}
324	else if (c == VERR_GETOPT_UNKNOWN_OPTION)
325	RTStrmPrintf(g_pStdErr, "unknown option: %s", ValueUnion.psz);
326	else if (ValueUnion.pDef)
327	RTStrmPrintf(g_pStdErr, "%s: %Rrs", ValueUnion.pDef->pszLong, c);
328	else
329	RTStrmPrintf(g_pStdErr, "%Rrs", c);
330	exit(1);
331	break;
332	}
333	}
334
335	#if defined(RT_OS_DARWIN) \|\| defined(RT_OS_LINUX) \|\| defined (RT_OS_SOLARIS) \|\| defined(RT_OS_FREEBSD)
336	if (g_fDaemonize)
337	{
338	rc = RTProcDaemonize(false /* fNoChDir /, false / fNoClose */,
339	NULL);
340	if (RT_FAILURE(rc))
341	{
342	RTStrmPrintf(g_pStdErr, "vboxwebsrv: failed to daemonize, rc=%Rrc. exiting.\n", rc);
343	exit(1);
344	}
345	}
346	#endif
347
348	// intialize COM/XPCOM
349	rc = com::Initialize();
350	if (FAILED(rc))
351	{
352	RTPrintf("ERROR: failed to initialize COM!\n");
353	return rc;
354	}
355
356	ComPtr<ISession> session;
357
358	rc = g_pVirtualBox.createLocalObject(CLSID_VirtualBox);
359	if (FAILED(rc))
360	RTPrintf("ERROR: failed to create the VirtualBox object!\n");
361	else
362	{
363	rc = session.createInprocObject(CLSID_Session);
364	if (FAILED(rc))
365	RTPrintf("ERROR: failed to create a session object!\n");
366	}
367
368	if (FAILED(rc))
369	{
370	com::ErrorInfo info;
371	if (!info.isFullAvailable() && !info.isBasicAvailable())
372	{
373	com::GluePrintRCMessage(rc);
374	RTPrintf("Most likely, the VirtualBox COM server is not running or failed to start.\n");
375	}
376	else
377	com::GluePrintErrorInfo(info);
378	return rc;
379	}
380
381	if (g_iWatchdogTimeoutSecs > 0)
382	{
383	// start our watchdog thread
384	RTTHREAD tWatchdog;
385	if (RTThreadCreate(&tWatchdog,
386	fntWatchdog,
387	NULL,
388	32*1024,
389	RTTHREADTYPE_MAIN_WORKER,
390	0,
391	"Watchdog"))
392	{
393	RTStrmPrintf(g_pStdErr, "[!] Cannot start watchdog thread\n");
394	exit(1);
395	}
396	}
397
398	// set up gSOAP
399	struct soap soap;
400	soap_init(&soap);
401
402	soap.bind_flags \|= SO_REUSEADDR;
403	// avoid EADDRINUSE on bind()
404
405	int m, s; // master and slave sockets
406	m = soap_bind(&soap,
407	g_pcszBindToHost, // host: current machine
408	g_uBindToPort, // port
409	g_uBacklog); // backlog = max queue size for requests
410	if (m < 0)
411	WebLogSoapError(&soap);
412	else
413	{
414	WebLog("Socket connection successful: host = %s, port = %u, master socket = %d\n",
415	(g_pcszBindToHost) ? g_pcszBindToHost : "default (localhost)",
416	g_uBindToPort,
417	m);
418
419	for (unsigned long long i = 1;
420	;
421	i++)
422	{
423	s = soap_accept(&soap);
424	if (s < 0)
425	{
426	WebLogSoapError(&soap);
427	break;
428	}
429
430	WebLog("%llu: accepted connection from IP=%lu.%lu.%lu.%lu socket=%d... ",
431	i,
432	(soap.ip>>24)&0xFF,
433	(soap.ip>>16)&0xFF,
434	(soap.ip>>8)&0xFF,
435	soap.ip&0xFF,
436	s);
437
438	// enclose the entire RPC call in the sessions lock
439	// so that the watchdog cannot destroy COM objects
440	// while the RPC is ongoing
441	RTLock lock(g_mutexSessions);
442	// now process the RPC request (this goes into the
443	// generated code in methodmaps.cpp with all the COM calls)
444	if (soap_serve(&soap) != SOAP_OK)
445	{
446	WebLogSoapError(&soap);
447	}
448	lock.release();
449
450	WebLog("Request served\n");
451
452	soap_destroy(&soap); // clean up class instances
453	soap_end(&soap); // clean up everything and close socket
454	}
455	}
456	soap_done(&soap); // close master socket and detach environment
457
458	com::Shutdown();
459	}
460
461	/****************************************************************************
462	*
463	* Watchdog thread
464	*
465	****************************************************************************/
466
467	/**
468	* Watchdog thread, runs in the background while the webservice is alive.
469	*
470	* This gets started by main() and runs in the background to check all sessions
471	* for whether they have been no requests in a configurable timeout period. In
472	* that case, the session is automatically logged off.
473	*/
474	int fntWatchdog(RTTHREAD ThreadSelf, void *pvUser)
475	{
476	WEBDEBUG(("Watchdog thread started\n"));
477
478	while (1)
479	{
480	WEBDEBUG(("Watchdog: sleeping %d seconds\n", g_iWatchdogCheckInterval));
481	RTThreadSleep(g_iWatchdogCheckInterval*1000);
482
483	time_t tNow;
484	time(&tNow);
485
486	RTLock lock(g_mutexSessions);
487	WEBDEBUG(("Watchdog: checking %d sessions\n", g_mapSessions.size()));
488
489	SessionsMap::iterator
490	it = g_mapSessions.begin(),
491	itEnd = g_mapSessions.end();
492	while (it != itEnd)
493	{
494	WebServiceSession *pSession = it->second;
495	WEBDEBUG(("Watchdog: tNow: %d, session timestamp: %d\n", tNow, pSession->getLastObjectLookup()));
496	if ( tNow
497	> pSession->getLastObjectLookup() + g_iWatchdogTimeoutSecs
498	)
499	{
500	WEBDEBUG(("Watchdog: Session %llX timed out, deleting\n", pSession->getID()));
501	delete pSession;
502	it = g_mapSessions.begin();
503	}
504	else
505	++it;
506	}
507	lock.release();
508	}
509
510	WEBDEBUG(("Watchdog thread ending\n"));
511	return 0;
512	}
513
514	/****************************************************************************
515	*
516	* SOAP exceptions
517	*
518	****************************************************************************/
519
520	/**
521	* Helper function to raise a SOAP fault. Called by the other helper
522	* functions, which raise specific SOAP faults.
523	*
524	* @param soap
525	* @param str
526	* @param extype
527	* @param ex
528	*/
529	void RaiseSoapFault(struct soap *soap,
530	const std::string &str,
531	int extype,
532	void *ex)
533	{
534	// raise the fault
535	soap_sender_fault(soap, str.c_str(), NULL);
536
537	struct SOAP_ENV__Detail pDetail = (struct SOAP_ENV__Detail)soap_malloc(soap, sizeof(struct SOAP_ENV__Detail));
538
539	// without the following, gSOAP crashes miserably when sending out the
540	// data because it will try to serialize all fields (stupid documentation)
541	memset(pDetail, 0, sizeof(struct SOAP_ENV__Detail));
542
543	// fill extended info depending on SOAP version
544	if (soap->version == 2) // SOAP 1.2 is used
545	{
546	soap->fault->SOAP_ENV__Detail = pDetail;
547	soap->fault->SOAP_ENV__Detail->__type = extype;
548	soap->fault->SOAP_ENV__Detail->fault = ex;
549	soap->fault->SOAP_ENV__Detail->__any = NULL; // no other XML data
550	}
551	else
552	{
553	soap->fault->detail = pDetail;
554	soap->fault->detail->__type = extype;
555	soap->fault->detail->fault = ex;
556	soap->fault->detail->__any = NULL; // no other XML data
557	}
558	}
559
560	/**
561	* Raises a SOAP fault that signals that an invalid object was passed.
562	*
563	* @param soap
564	* @param obj
565	*/
566	void RaiseSoapInvalidObjectFault(struct soap *soap,
567	WSDLT_ID obj)
568	{
569	_vbox__InvalidObjectFault *ex = soap_new__vbox__InvalidObjectFault(soap, 1);
570	ex->badObjectID = obj;
571
572	/* std::ostringstream ostr;
573	ostr << std::hex << ex->badObjectID; */
574
575	std::string str("VirtualBox error: ");
576	str += "Invalid managed object reference \"" + obj + "\"";
577
578	RaiseSoapFault(soap,
579	str,
580	SOAP_TYPE__vbox__InvalidObjectFault,
581	ex);
582	}
583
584	/**
585	* Return a safe C++ string from the given COM string,
586	* without crashing if the COM string is empty.
587	* @param bstr
588	* @return
589	*/
590	std::string ConvertComString(const com::Bstr &bstr)
591	{
592	com::Utf8Str ustr(bstr);
593	const char *pcsz;
594	if ((pcsz = ustr.raw()))
595	return pcsz;
596	return "";
597	}
598
599	/**
600	* Return a safe C++ string from the given COM UUID,
601	* without crashing if the UUID is empty.
602	* @param bstr
603	* @return
604	*/
605	std::string ConvertComString(const com::Guid &bstr)
606	{
607	com::Utf8Str ustr(bstr);
608	const char *pcsz;
609	if ((pcsz = ustr.raw()))
610	return pcsz;
611	return "";
612	}
613
614	/**
615	* Raises a SOAP runtime fault.
616	*
617	* @param pObj
618	*/
619	void RaiseSoapRuntimeFault(struct soap *soap,
620	HRESULT apirc,
621	IUnknown *pObj)
622	{
623	com::ErrorInfo info(pObj);
624
625	WEBDEBUG((" error, raising SOAP exception\n"));
626
627	RTStrmPrintf(g_pStdErr, "API return code: 0x%08X (%Rhrc)\n", apirc, apirc);
628	RTStrmPrintf(g_pStdErr, "COM error info result code: 0x%lX\n", info.getResultCode());
629	RTStrmPrintf(g_pStdErr, "COM error info text: %ls\n", info.getText().raw());
630
631	// allocated our own soap fault struct
632	_vbox__RuntimeFault *ex = soap_new__vbox__RuntimeFault(soap, 1);
633	ex->resultCode = info.getResultCode();
634	ex->text = ConvertComString(info.getText());
635	ex->component = ConvertComString(info.getComponent());
636	ex->interfaceID = ConvertComString(info.getInterfaceID());
637
638	// compose descriptive message
639	std::ostringstream ostr;
640	ostr << std::hex << ex->resultCode;
641
642	std::string str("VirtualBox error: ");
643	str += ex->text;
644	str += " (0x";
645	str += ostr.str();
646	str += ")";
647
648	RaiseSoapFault(soap,
649	str,
650	SOAP_TYPE__vbox__RuntimeFault,
651	ex);
652	}
653
654	/****************************************************************************
655	*
656	* splitting and merging of object IDs
657	*
658	****************************************************************************/
659
660	uint64_t str2ulonglong(const char *pcsz)
661	{
662	uint64_t u = 0;
663	RTStrToUInt64Full(pcsz, 16, &u);
664	return u;
665	}
666
667	/**
668	* Splits a managed object reference (in string form, as
669	* passed in from a SOAP method call) into two integers for
670	* session and object IDs, respectively.
671	*
672	* @param id
673	* @param sessid
674	* @param objid
675	* @return
676	*/
677	bool SplitManagedObjectRef(const WSDLT_ID &id,
678	uint64_t *pSessid,
679	uint64_t *pObjid)
680	{
681	// 64-bit numbers in hex have 16 digits; hence
682	// the object-ref string must have 16 + "-" + 16 characters
683	std::string str;
684	if ( (id.length() == 33)
685	&& (id[16] == '-')
686	)
687	{
688	char psz[34];
689	memcpy(psz, id.c_str(), 34);
690	psz[16] = '\0';
691	if (pSessid)
692	*pSessid = str2ulonglong(psz);
693	if (pObjid)
694	*pObjid = str2ulonglong(psz + 17);
695	return true;
696	}
697
698	return false;
699	}
700
701	/**
702	* Creates a managed object reference (in string form) from
703	* two integers representing a session and object ID, respectively.
704	*
705	* @param sz Buffer with at least 34 bytes space to receive MOR string.
706	* @param sessid
707	* @param objid
708	* @return
709	*/
710	void MakeManagedObjectRef(char *sz,
711	uint64_t &sessid,
712	uint64_t &objid)
713	{
714	RTStrFormatNumber(sz, sessid, 16, 16, 0, RTSTR_F_64BIT \| RTSTR_F_ZEROPAD);
715	sz[16] = '-';
716	RTStrFormatNumber(sz + 17, objid, 16, 16, 0, RTSTR_F_64BIT \| RTSTR_F_ZEROPAD);
717	}
718
719	/****************************************************************************
720	*
721	* class WebServiceSession
722	*
723	****************************************************************************/
724
725	class WebServiceSessionPrivate
726	{
727	public:
728	ManagedObjectsMapById _mapManagedObjectsById;
729	ManagedObjectsMapByPtr _mapManagedObjectsByPtr;
730	};
731
732	/**
733	* Constructor for the session object.
734	*
735	* Preconditions: Caller must have locked g_mutexSessions.
736	*
737	* @param username
738	* @param password
739	*/
740	WebServiceSession::WebServiceSession()
741	: _fDestructing(false),
742	_pISession(NULL),
743	_tLastObjectLookup(0)
744	{
745	_pp = new WebServiceSessionPrivate;
746	_uSessionID = RTRandU64();
747
748	// register this session globally
749	g_mapSessions[_uSessionID] = this;
750	}
751
752	/**
753	* Destructor. Cleans up and destroys all contained managed object references on the way.
754	*
755	* Preconditions: Caller must have locked g_mutexSessions.
756	*/
757	WebServiceSession::~WebServiceSession()
758	{
759	// delete us from global map first so we can't be found
760	// any more while we're cleaning up
761	g_mapSessions.erase(_uSessionID);
762
763	// notify ManagedObjectRef destructor so it won't
764	// remove itself from the maps; this avoids rebalancing
765	// the map's tree on every delete as well
766	_fDestructing = true;
767
768	// if (_pISession)
769	// {
770	// delete _pISession;
771	// _pISession = NULL;
772	// }
773
774	ManagedObjectsMapById::iterator
775	it,
776	end = _pp->_mapManagedObjectsById.end();
777	for (it = _pp->_mapManagedObjectsById.begin();
778	it != end;
779	++it)
780	{
781	ManagedObjectRef *pRef = it->second;
782	delete pRef; // this frees the contained ComPtr as well
783	}
784
785	delete _pp;
786	}
787
788	/**
789	* Authenticate the username and password against an authentification authority.
790	*
791	* @return 0 if the user was successfully authenticated, or an error code
792	* otherwise.
793	*/
794
795	int WebServiceSession::authenticate(const char *pcszUsername,
796	const char *pcszPassword)
797	{
798	int rc = VERR_WEB_NOT_AUTHENTICATED;
799
800	RTLock lock(g_mutexAuthLib);
801
802	static bool fAuthLibLoaded = false;
803	static PVRDPAUTHENTRY pfnAuthEntry = NULL;
804	static PVRDPAUTHENTRY2 pfnAuthEntry2 = NULL;
805
806	if (!fAuthLibLoaded)
807	{
808	// retrieve authentication library from system properties
809	ComPtr<ISystemProperties> systemProperties;
810	g_pVirtualBox->COMGETTER(SystemProperties)(systemProperties.asOutParam());
811
812	com::Bstr authLibrary;
813	systemProperties->COMGETTER(WebServiceAuthLibrary)(authLibrary.asOutParam());
814	com::Utf8Str filename = authLibrary;
815
816	WEBDEBUG(("external authentication library is '%ls'\n", authLibrary.raw()));
817
818	if (filename == "null")
819	// authentication disabled, let everyone in:
820	fAuthLibLoaded = true;
821	else
822	{
823	RTLDRMOD hlibAuth = 0;
824	do
825	{
826	rc = RTLdrLoad(filename.raw(), &hlibAuth);
827	if (RT_FAILURE(rc))
828	{
829	WEBDEBUG(("%s() Failed to load external authentication library. Error code: %Rrc\n", __FUNCTION__, rc));
830	break;
831	}
832
833	if (RT_FAILURE(rc = RTLdrGetSymbol(hlibAuth, "VRDPAuth2", (void**)&pfnAuthEntry2)))
834	WEBDEBUG(("%s(): Could not resolve import '%s'. Error code: %Rrc\n", __FUNCTION__, "VRDPAuth2", rc));
835
836	if (RT_FAILURE(rc = RTLdrGetSymbol(hlibAuth, "VRDPAuth", (void**)&pfnAuthEntry)))
837	WEBDEBUG(("%s(): Could not resolve import '%s'. Error code: %Rrc\n", __FUNCTION__, "VRDPAuth", rc));
838
839	if (pfnAuthEntry \|\| pfnAuthEntry2)
840	fAuthLibLoaded = true;
841
842	} while (0);
843	}
844	}
845
846	rc = VERR_WEB_NOT_AUTHENTICATED;
847	VRDPAuthResult result;
848	if (pfnAuthEntry2)
849	{
850	result = pfnAuthEntry2(NULL, VRDPAuthGuestNotAsked, pcszUsername, pcszPassword, NULL, true, 0);
851	WEBDEBUG(("%s(): result of VRDPAuth2(): %d\n", __FUNCTION__, result));
852	if (result == VRDPAuthAccessGranted)
853	rc = 0;
854	}
855	else if (pfnAuthEntry)
856	{
857	result = pfnAuthEntry(NULL, VRDPAuthGuestNotAsked, pcszUsername, pcszPassword, NULL);
858	WEBDEBUG(("%s(): result of VRDPAuth(%s, [%d]): %d\n", __FUNCTION__, pcszUsername, strlen(pcszPassword), result));
859	if (result == VRDPAuthAccessGranted)
860	rc = 0;
861	}
862	else if (fAuthLibLoaded)
863	// fAuthLibLoaded = true but both pointers are NULL:
864	// then the authlib was "null" and auth was disabled
865	rc = 0;
866	else
867	{
868	WEBDEBUG(("Could not resolve VRDPAuth2 or VRDPAuth entry point"));
869	}
870
871	if (!rc)
872	{
873	do
874	{
875	// now create the ISession object that this webservice session can use
876	// (and of which IWebsessionManager::getSessionObject returns a managed object reference)
877	ComPtr<ISession> session;
878	if (FAILED(rc = session.createInprocObject(CLSID_Session)))
879	{
880	WEBDEBUG(("ERROR: cannot create session object!"));
881	break;
882	}
883
884	_pISession = new ManagedObjectRef(*this, g_pcszISession, session);
885
886	if (g_fVerbose)
887	{
888	ISession *p = session;
889	std::string strMOR = _pISession->toWSDL();
890	WEBDEBUG((" * %s: created session object with comptr 0x%lX, MOR = %s\n", __FUNCTION__, p, strMOR.c_str()));
891	}
892	} while (0);
893	}
894
895	return rc;
896	}
897
898	/**
899	* Look up, in this session, whether a ManagedObjectRef has already been
900	* created for the given COM pointer.
901	*
902	* Note how we require that a ComPtr<IUnknown> is passed, which causes a
903	* queryInterface call when the caller passes in a different type, since
904	* a ComPtr<IUnknown> will point to something different than a
905	* ComPtr<IVirtualBox>, for example. As we store the ComPtr<IUnknown> in
906	* our private hash table, we must search for one too.
907	*
908	* Preconditions: Caller must have locked g_mutexSessions.
909	*
910	* @param pcu pointer to a COM object.
911	* @return The existing ManagedObjectRef that represents the COM object, or NULL if there's none yet.
912	*/
913	ManagedObjectRef* WebServiceSession::findRefFromPtr(const ComPtr<IUnknown> &pcu)
914	{
915	IUnknown *p = pcu;
916	uintptr_t ulp = (uintptr_t)p;
917	ManagedObjectRef *pRef;
918	// WEBDEBUG((" %s: looking up 0x%lX\n", __FUNCTION__, ulp));
919	ManagedObjectsMapByPtr::iterator it = _pp->_mapManagedObjectsByPtr.find(ulp);
920	if (it != _pp->_mapManagedObjectsByPtr.end())
921	{
922	pRef = it->second;
923	WSDLT_ID id = pRef->toWSDL();
924	WEBDEBUG((" %s: found existing ref %s for COM obj 0x%lX\n", __FUNCTION__, id.c_str(), ulp));
925	}
926	else
927	pRef = NULL;
928	return pRef;
929	}
930
931	/**
932	* Static method which attempts to find the session for which the given managed
933	* object reference was created, by splitting the reference into the session and
934	* object IDs and then looking up the session object for that session ID.
935	*
936	* Preconditions: Caller must have locked g_mutexSessions.
937	*
938	* @param id Managed object reference (with combined session and object IDs).
939	* @return
940	*/
941	WebServiceSession* WebServiceSession::findSessionFromRef(const WSDLT_ID &id)
942	{
943	WebServiceSession *pSession = NULL;
944	uint64_t sessid;
945	if (SplitManagedObjectRef(id,
946	&sessid,
947	NULL))
948	{
949	SessionsMapIterator it = g_mapSessions.find(sessid);
950	if (it != g_mapSessions.end())
951	pSession = it->second;
952	}
953	return pSession;
954	}
955
956	/**
957	*
958	*/
959	WSDLT_ID WebServiceSession::getSessionObject() const
960	{
961	return _pISession->toWSDL();
962	}
963
964	/**
965	* Touches the webservice session to prevent it from timing out.
966	*
967	* Each webservice session has an internal timestamp that records
968	* the last request made to it from the client that started it.
969	* If no request was made within a configurable timeframe, then
970	* the client is logged off automatically,
971	* by calling IWebsessionManager::logoff()
972	*/
973	void WebServiceSession::touch()
974	{
975	time(&_tLastObjectLookup);
976	}
977
978	/**
979	*
980	*/
981	void WebServiceSession::DumpRefs()
982	{
983	WEBDEBUG((" dumping object refs:\n"));
984	ManagedObjectsIteratorById
985	iter = _pp->_mapManagedObjectsById.begin(),
986	end = _pp->_mapManagedObjectsById.end();
987	for (;
988	iter != end;
989	++iter)
990	{
991	ManagedObjectRef *pRef = iter->second;
992	uint64_t id = pRef->getID();
993	void *p = pRef->getComPtr();
994	WEBDEBUG((" objid %llX: comptr 0x%lX\n", id, p));
995	}
996	}
997
998	/****************************************************************************
999	*
1000	* class ManagedObjectRef
1001	*
1002	****************************************************************************/
1003
1004	/**
1005	* Constructor, which assigns a unique ID to this managed object
1006	* reference and stores it two global hashs:
1007	*
1008	* a) G_mapManagedObjectsById, which maps ManagedObjectID's to
1009	* instances of this class; this hash is then used by the
1010	* findObjectFromRef() template function in vboxweb.h
1011	* to quickly retrieve the COM object from its managed
1012	* object ID (mostly in the context of the method mappers
1013	* in methodmaps.cpp, when a web service client passes in
1014	* a managed object ID);
1015	*
1016	* b) G_mapManagedObjectsByComPtr, which maps COM pointers to
1017	* instances of this class; this hash is used by
1018	* createRefFromObject() to quickly figure out whether an
1019	* instance already exists for a given COM pointer.
1020	*
1021	* This does _not_ check whether another instance already
1022	* exists in the hash. This gets called only from the
1023	* createRefFromObject() template function in vboxweb.h, which
1024	* does perform that check.
1025	*
1026	* Preconditions: Caller must have locked g_mutexSessions.
1027	*
1028	* @param pObj
1029	*/
1030	ManagedObjectRef::ManagedObjectRef(WebServiceSession &session,
1031	const char *pcszInterface,
1032	const ComPtr<IUnknown> &pc)
1033	: _session(session),
1034	_pObj(pc),
1035	_pcszInterface(pcszInterface)
1036	{
1037	ComPtr<IUnknown> pcUnknown(pc);
1038	_ulp = (uintptr_t)(IUnknown*)pcUnknown;
1039
1040	_id = ++g_iMaxManagedObjectID;
1041	// and count globally
1042	ULONG64 cTotal = ++g_cManagedObjects; // raise global count and make a copy for the debug message below
1043
1044	char sz[34];
1045	MakeManagedObjectRef(sz, session._uSessionID, _id);
1046	_strID = sz;
1047
1048	session._pp->_mapManagedObjectsById[_id] = this;
1049	session._pp->_mapManagedObjectsByPtr[_ulp] = this;
1050
1051	session.touch();
1052
1053	WEBDEBUG((" * %s: MOR created for ulp 0x%lX (%s), new ID is %llX; now %lld objects total\n", __FUNCTION__, _ulp, pcszInterface, _id, cTotal));
1054	}
1055
1056	/**
1057	* Destructor; removes the instance from the global hash of
1058	* managed objects.
1059	*
1060	* Preconditions: Caller must have locked g_mutexSessions.
1061	*/
1062	ManagedObjectRef::~ManagedObjectRef()
1063	{
1064	ULONG64 cTotal = --g_cManagedObjects;
1065
1066	WEBDEBUG((" * %s: deleting MOR for ID %llX (%s); now %lld objects total\n", __FUNCTION__, _id, _pcszInterface, cTotal));
1067
1068	// if we're being destroyed from the session's destructor,
1069	// then that destructor is iterating over the maps, so
1070	// don't remove us there! (data integrity + speed)
1071	if (!_session._fDestructing)
1072	{
1073	WEBDEBUG((" * %s: removing from session maps\n", __FUNCTION__));
1074	_session._pp->_mapManagedObjectsById.erase(_id);
1075	if (_session._pp->_mapManagedObjectsByPtr.erase(_ulp) != 1)
1076	WEBDEBUG((" WARNING: could not find %llX in _mapManagedObjectsByPtr\n", _ulp));
1077	}
1078	}
1079
1080	/**
1081	* Converts the ID of this managed object reference to string
1082	* form, for returning with SOAP data or similar.
1083	*
1084	* @return The ID in string form.
1085	*/
1086	WSDLT_ID ManagedObjectRef::toWSDL() const
1087	{
1088	return _strID;
1089	}
1090
1091	/**
1092	* Static helper method for findObjectFromRef() template that actually
1093	* looks up the object from a given integer ID.
1094	*
1095	* This has been extracted into this non-template function to reduce
1096	* code bloat as we have the actual STL map lookup only in this function.
1097	*
1098	* This also "touches" the timestamp in the session whose ID is encoded
1099	* in the given integer ID, in order to prevent the session from timing
1100	* out.
1101	*
1102	* Preconditions: Caller must have locked g_mutexSessions.
1103	*
1104	* @param strId
1105	* @param iter
1106	* @return
1107	*/
1108	int ManagedObjectRef::findRefFromId(const WSDLT_ID &id,
1109	ManagedObjectRef **pRef,
1110	bool fNullAllowed)
1111	{
1112	int rc = 0;
1113
1114	do
1115	{
1116	// allow NULL (== empty string) input reference, which should return a NULL pointer
1117	if (!id.length() && fNullAllowed)
1118	{
1119	*pRef = NULL;
1120	return 0;
1121	}
1122
1123	uint64_t sessid;
1124	uint64_t objid;
1125	WEBDEBUG((" %s(): looking up objref %s\n", __FUNCTION__, id.c_str()));
1126	if (!SplitManagedObjectRef(id,
1127	&sessid,
1128	&objid))
1129	{
1130	rc = VERR_WEB_INVALID_MANAGED_OBJECT_REFERENCE;
1131	break;
1132	}
1133
1134	WEBDEBUG((" %s(): sessid %llX, objid %llX\n", __FUNCTION__, sessid, objid));
1135	SessionsMapIterator it = g_mapSessions.find(sessid);
1136	if (it == g_mapSessions.end())
1137	{
1138	WEBDEBUG((" %s: cannot find session for objref %s\n", __FUNCTION__, id.c_str()));
1139	rc = VERR_WEB_INVALID_SESSION_ID;
1140	break;
1141	}
1142
1143	WebServiceSession *pSess = it->second;
1144	// "touch" session to prevent it from timing out
1145	pSess->touch();
1146
1147	ManagedObjectsIteratorById iter = pSess->_pp->_mapManagedObjectsById.find(objid);
1148	if (iter == pSess->_pp->_mapManagedObjectsById.end())
1149	{
1150	WEBDEBUG((" %s: cannot find comobj for objref %s\n", __FUNCTION__, id.c_str()));
1151	rc = VERR_WEB_INVALID_OBJECT_ID;
1152	break;
1153	}
1154
1155	*pRef = iter->second;
1156
1157	} while (0);
1158
1159	return rc;
1160	}
1161
1162	/****************************************************************************
1163	*
1164	* interface IManagedObjectRef
1165	*
1166	****************************************************************************/
1167
1168	/**
1169	* This is the hard-coded implementation for the IManagedObjectRef::getInterfaceName()
1170	* that our WSDL promises to our web service clients. This method returns a
1171	* string describing the interface that this managed object reference
1172	* supports, e.g. "IMachine".
1173	*
1174	* @param soap
1175	* @param req
1176	* @param resp
1177	* @return
1178	*/
1179	int __vbox__IManagedObjectRef_USCOREgetInterfaceName(
1180	struct soap *soap,
1181	_vbox__IManagedObjectRef_USCOREgetInterfaceName *req,
1182	_vbox__IManagedObjectRef_USCOREgetInterfaceNameResponse *resp)
1183	{
1184	HRESULT rc = SOAP_OK;
1185	WEBDEBUG(("\n-- entering %s\n", __FUNCTION__));
1186
1187	do {
1188	ManagedObjectRef *pRef;
1189	if (!ManagedObjectRef::findRefFromId(req->_USCOREthis, &pRef, false))
1190	resp->returnval = pRef->getInterfaceName();
1191
1192	} while (0);
1193
1194	WEBDEBUG(("-- leaving %s, rc: 0x%lX\n", __FUNCTION__, rc));
1195	if (rc)
1196	return SOAP_FAULT;
1197	return SOAP_OK;
1198	}
1199
1200	/**
1201	* This is the hard-coded implementation for the IManagedObjectRef::release()
1202	* that our WSDL promises to our web service clients. This method releases
1203	* a managed object reference and removes it from our stacks.
1204	*
1205	* @param soap
1206	* @param req
1207	* @param resp
1208	* @return
1209	*/
1210	int __vbox__IManagedObjectRef_USCORErelease(
1211	struct soap *soap,
1212	_vbox__IManagedObjectRef_USCORErelease *req,
1213	_vbox__IManagedObjectRef_USCOREreleaseResponse *resp)
1214	{
1215	HRESULT rc = SOAP_OK;
1216	WEBDEBUG(("\n-- entering %s\n", __FUNCTION__));
1217
1218	do {
1219	ManagedObjectRef *pRef;
1220	if ((rc = ManagedObjectRef::findRefFromId(req->_USCOREthis, &pRef, false)))
1221	{
1222	RaiseSoapInvalidObjectFault(soap, req->_USCOREthis);
1223	break;
1224	}
1225
1226	WEBDEBUG((" found reference; deleting!\n"));
1227	delete pRef;
1228	// this removes the object from all stacks; since
1229	// there's a ComPtr<> hidden inside the reference,
1230	// this should also invoke Release() on the COM
1231	// object
1232	} while (0);
1233
1234	WEBDEBUG(("-- leaving %s, rc: 0x%lX\n", __FUNCTION__, rc));
1235	if (rc)
1236	return SOAP_FAULT;
1237	return SOAP_OK;
1238	}
1239
1240	/****************************************************************************
1241	*
1242	* interface IWebsessionManager
1243	*
1244	****************************************************************************/
1245
1246	/**
1247	* Hard-coded implementation for IWebsessionManager::logon. As opposed to the underlying
1248	* COM API, this is the first method that a webservice client must call before the
1249	* webservice will do anything useful.
1250	*
1251	* This returns a managed object reference to the global IVirtualBox object; into this
1252	* reference a session ID is encoded which remains constant with all managed object
1253	* references returned by other methods.
1254	*
1255	* This also creates an instance of ISession, which is stored internally with the
1256	* webservice session and can be retrieved with IWebsessionManager::getSessionObject
1257	* (__vbox__IWebsessionManager_USCOREgetSessionObject). In order for the
1258	* VirtualBox web service to do anything useful, one usually needs both a
1259	* VirtualBox and an ISession object, for which these two methods are designed.
1260	*
1261	* When the webservice client is done, it should call IWebsessionManager::logoff. This
1262	* will clean up internally (destroy all remaining managed object references and
1263	* related COM objects used internally).
1264	*
1265	* After logon, an internal timeout ensures that if the webservice client does not
1266	* call any methods, after a configurable number of seconds, the webservice will log
1267	* off the client automatically. This is to ensure that the webservice does not
1268	* drown in managed object references and eventually deny service. Still, it is
1269	* a much better solution, both for performance and cleanliness, for the webservice
1270	* client to clean up itself.
1271	*
1272	* Preconditions: Caller must have locked g_mutexSessions.
1273	* Since this gets called from main() like other SOAP method
1274	* implementations, this is ensured.
1275	*
1276	* @param
1277	* @param vbox__IWebsessionManager_USCORElogon
1278	* @param vbox__IWebsessionManager_USCORElogonResponse
1279	* @return
1280	*/
1281	int __vbox__IWebsessionManager_USCORElogon(
1282	struct soap*,
1283	_vbox__IWebsessionManager_USCORElogon *req,
1284	_vbox__IWebsessionManager_USCORElogonResponse *resp)
1285	{
1286	HRESULT rc = SOAP_OK;
1287	WEBDEBUG(("\n-- entering %s\n", __FUNCTION__));
1288
1289	do {
1290	// create new session; the constructor stores the new session
1291	// in the global map automatically
1292	WebServiceSession *pSession = new WebServiceSession();
1293
1294	// authenticate the user
1295	if (!(pSession->authenticate(req->username.c_str(),
1296	req->password.c_str())))
1297	{
1298	// in the new session, create a managed object reference (moref) for the
1299	// global VirtualBox object; this encodes the session ID in the moref so
1300	// that it will be implicitly be included in all future requests of this
1301	// webservice client
1302	ManagedObjectRef pRef = new ManagedObjectRef(pSession, g_pcszIVirtualBox, g_pVirtualBox);
1303	resp->returnval = pRef->toWSDL();
1304	WEBDEBUG(("VirtualBox object ref is %s\n", resp->returnval.c_str()));
1305	}
1306	} while (0);
1307
1308	WEBDEBUG(("-- leaving %s, rc: 0x%lX\n", __FUNCTION__, rc));
1309	if (rc)
1310	return SOAP_FAULT;
1311	return SOAP_OK;
1312	}
1313
1314	/**
1315	* Returns the ISession object that was created for the webservice client
1316	* on logon.
1317	*
1318	* Preconditions: Caller must have locked g_mutexSessions.
1319	* Since this gets called from main() like other SOAP method
1320	* implementations, this is ensured.
1321	*/
1322	int __vbox__IWebsessionManager_USCOREgetSessionObject(
1323	struct soap*,
1324	_vbox__IWebsessionManager_USCOREgetSessionObject *req,
1325	_vbox__IWebsessionManager_USCOREgetSessionObjectResponse *resp)
1326	{
1327	HRESULT rc = SOAP_OK;
1328	WEBDEBUG(("\n-- entering %s\n", __FUNCTION__));
1329
1330	do {
1331	WebServiceSession* pSession;
1332	if ((pSession = WebServiceSession::findSessionFromRef(req->refIVirtualBox)))
1333	{
1334	resp->returnval = pSession->getSessionObject();
1335	}
1336	} while (0);
1337
1338	WEBDEBUG(("-- leaving %s, rc: 0x%lX\n", __FUNCTION__, rc));
1339	if (rc)
1340	return SOAP_FAULT;
1341	return SOAP_OK;
1342	}
1343
1344	/**
1345	* hard-coded implementation for IWebsessionManager::logoff.
1346	*
1347	* Preconditions: Caller must have locked g_mutexSessions.
1348	* Since this gets called from main() like other SOAP method
1349	* implementations, this is ensured.
1350	*
1351	* @param
1352	* @param vbox__IWebsessionManager_USCORElogon
1353	* @param vbox__IWebsessionManager_USCORElogonResponse
1354	* @return
1355	*/
1356	int __vbox__IWebsessionManager_USCORElogoff(
1357	struct soap*,
1358	_vbox__IWebsessionManager_USCORElogoff *req,
1359	_vbox__IWebsessionManager_USCORElogoffResponse *resp)
1360	{
1361	HRESULT rc = SOAP_OK;
1362	WEBDEBUG(("\n-- entering %s\n", __FUNCTION__));
1363
1364	do {
1365	WebServiceSession* pSession;
1366	if ((pSession = WebServiceSession::findSessionFromRef(req->refIVirtualBox)))
1367	{
1368	delete pSession;
1369	// destructor cleans up
1370
1371	WEBDEBUG(("session destroyed, %d sessions left open\n", g_mapSessions.size()));
1372	}
1373	} while (0);
1374
1375	WEBDEBUG(("-- leaving %s, rc: 0x%lX\n", __FUNCTION__, rc));
1376	if (rc)
1377	return SOAP_FAULT;
1378	return SOAP_OK;
1379	}

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Main/webservice/vboxweb.cpp@ 20851

Download in other formats: