Changeset 58368 in vbox for trunk/src/VBox

Timestamp:

Oct 22, 2015 10:23:35 AM (9 years ago)

Author:

vboxsync

Message:

Main: moved external auth library helpers to a separate source file.

Location:

trunk/src/VBox/Main

Files:

• Makefile.kmk (modified) (1 diff)
• include/AuthLibrary.h (added)
• include/ConsoleVRDPServer.h (modified) (2 diffs)
• src-all/AuthLibrary.cpp (added)
• src-client/ConsoleVRDPServer.cpp (modified) (8 diffs)

trunk/src/VBox/Main/Makefile.kmk

@@ -726 +726 @@
 VBoxC_SOURCES = \
         $(VBoxAPIWrap_0_OUTDIR)/VBoxAPI.d \
+        src-all/AuthLibrary.cpp \
         src-all/DisplayPNGUtil.cpp \
         src-all/DisplayResampleImage.cpp \

trunk/src/VBox/Main/include/ConsoleVRDPServer.h

@@ -23 +23 @@
 #include "HGCM.h"
 
-#include <VBox/VBoxAuth.h>
+#include "AuthLibrary.h"
 
 #include <VBox/RemoteDesktop/VRDEImage.h>
@@ -245 +245 @@
 #endif /* VBOX_WITH_USB */
 
-    /* External authentication library handle. The library is loaded in the
+    /* External authentication library context. The library is loaded in the
      * Authenticate method and unloaded at the object destructor.
      */
-    RTLDRMOD mAuthLibrary;
-    PAUTHENTRY mpfnAuthEntry;
-    PAUTHENTRY2 mpfnAuthEntry2;
-    PAUTHENTRY3 mpfnAuthEntry3;
+    AUTHLIBRARYCONTEXT mAuthLibCtx;
 
     uint32_t volatile mu32AudioInputClientId;

trunk/src/VBox/Main/src-client/ConsoleVRDPServer.cpp

@@ -1362 +1362 @@
     mVRDPBindPort = -1;
 
-    mAuthLibrary = 0;
+    RT_ZERO(mAuthLibCtx);
 
     mu32AudioInputClientId = 0;
@@ -3004 +3004 @@
     }
 
-    mpfnAuthEntry = NULL;
-    mpfnAuthEntry2 = NULL;
-    mpfnAuthEntry3 = NULL;
-
-    if (mAuthLibrary)
-    {
-        RTLdrClose(mAuthLibrary);
-        mAuthLibrary = 0;
-    }
+    AuthLibUnload(&mAuthLibCtx);
 }
 
@@ -3131 +3123 @@
 #endif /* VBOX_WITH_USB */
 
-typedef struct AuthCtx
-{
-    AuthResult result;
-
-    PAUTHENTRY3 pfnAuthEntry3;
-    PAUTHENTRY2 pfnAuthEntry2;
-    PAUTHENTRY  pfnAuthEntry;
-
-    const char         *pszCaller;
-    PAUTHUUID          pUuid;
-    AuthGuestJudgement guestJudgement;
-    const char         *pszUser;
-    const char         *pszPassword;
-    const char         *pszDomain;
-    int                fLogon;
-    unsigned           clientId;
-} AuthCtx;
-
-static DECLCALLBACK(int) authThread(RTTHREAD self, void *pvUser)
-{
-    AuthCtx *pCtx = (AuthCtx *)pvUser;
-
-    if (pCtx->pfnAuthEntry3)
-    {
-        pCtx->result = pCtx->pfnAuthEntry3(pCtx->pszCaller, pCtx->pUuid, pCtx->guestJudgement,
-                                           pCtx->pszUser, pCtx->pszPassword, pCtx->pszDomain,
-                                           pCtx->fLogon, pCtx->clientId);
-    }
-    else if (pCtx->pfnAuthEntry2)
-    {
-        pCtx->result = pCtx->pfnAuthEntry2(pCtx->pUuid, pCtx->guestJudgement,
-                                           pCtx->pszUser, pCtx->pszPassword, pCtx->pszDomain,
-                                           pCtx->fLogon, pCtx->clientId);
-    }
-    else if (pCtx->pfnAuthEntry)
-    {
-        pCtx->result = pCtx->pfnAuthEntry(pCtx->pUuid, pCtx->guestJudgement,
-                                          pCtx->pszUser, pCtx->pszPassword, pCtx->pszDomain);
-    }
-    return VINF_SUCCESS;
-}
-
-static AuthResult authCall(AuthCtx *pCtx)
-{
-    AuthResult result = AuthResultAccessDenied;
-
-    /* Use a separate thread because external modules might need a lot of stack space. */
-    RTTHREAD thread = NIL_RTTHREAD;
-    int rc = RTThreadCreate(&thread, authThread, pCtx, 512*_1K,
-                            RTTHREADTYPE_DEFAULT, RTTHREADFLAGS_WAITABLE, "VRDEAuth");
-    LogFlow(("authCall: RTThreadCreate %Rrc\n", rc));
-
-    if (RT_SUCCESS(rc))
-    {
-        rc = RTThreadWait(thread, RT_INDEFINITE_WAIT, NULL);
-        LogFlow(("authCall: RTThreadWait %Rrc\n", rc));
-    }
-
-    if (RT_SUCCESS(rc))
-    {
-        /* Only update the result if the thread finished without errors. */
-        result = pCtx->result;
-    }
-    else
-    {
-        LogRel(("AUTH: unable to execute the auth thread %Rrc\n", rc));
-    }
-
-    return result;
-}
-
 AuthResult ConsoleVRDPServer::Authenticate(const Guid &uuid, AuthGuestJudgement guestJudgement,
                                                 const char *pszUser, const char *pszPassword, const char *pszDomain,
                                                 uint32_t u32ClientId)
 {
-    AUTHUUID rawuuid;
-
-    memcpy(rawuuid, uuid.raw(), sizeof(rawuuid));
-
-    LogFlow(("ConsoleVRDPServer::Authenticate: uuid = %RTuuid, guestJudgement = %d, pszUser = %s, pszPassword = %s, pszDomain = %s, u32ClientId = %d\n",
-             rawuuid, guestJudgement, pszUser, pszPassword, pszDomain, u32ClientId));
+    LogFlowFunc(("uuid = %RTuuid, guestJudgement = %d, pszUser = %s, pszPassword = %s, pszDomain = %s, u32ClientId = %d\n",
+                 uuid.raw(), guestJudgement, pszUser, pszPassword, pszDomain, u32ClientId));
 
     /*
@@ -3217 +3134 @@
      */
 
-    if (!mAuthLibrary)
+    if (!mAuthLibCtx.hAuthLibrary)
     {
         /* Load the external authentication library. */
@@ -3225 +3142 @@
         Utf8Str filename = authLibrary;
 
-        LogRel(("AUTH: loading external authentication library '%ls'\n", authLibrary.raw()));
-
-        int rc;
-        if (RTPathHavePath(filename.c_str()))
-            rc = RTLdrLoad(filename.c_str(), &mAuthLibrary);
-        else
-        {
-            rc = RTLdrLoadAppPriv(filename.c_str(), &mAuthLibrary);
-            if (RT_FAILURE(rc))
-            {
-                /* Backward compatibility with old default 'VRDPAuth' name.
-                 * Try to load new default 'VBoxAuth' instead.
-                 */
-                if (filename == "VRDPAuth")
-                {
-                    LogRel(("AUTH: ConsoleVRDPServer::Authenticate: loading external authentication library VBoxAuth\n"));
-                    rc = RTLdrLoadAppPriv("VBoxAuth", &mAuthLibrary);
-                }
-            }
-        }
-
-        if (RT_FAILURE(rc))
-            LogRel(("AUTH: Failed to load external authentication library. Error code: %Rrc\n", rc));
-
-        if (RT_SUCCESS(rc))
-        {
-            typedef struct AuthEntryInfoStruct
-            {
-                const char *pszName;
-                void **ppvAddress;
-
-            } AuthEntryInfo;
-            AuthEntryInfo entries[] =
-            {
-                { AUTHENTRY3_NAME, (void **)&mpfnAuthEntry3 },
-                { AUTHENTRY2_NAME, (void **)&mpfnAuthEntry2 },
-                { AUTHENTRY_NAME,  (void **)&mpfnAuthEntry },
-                { NULL, NULL }
-            };
-
-            /* Get the entry point. */
-            AuthEntryInfo *pEntryInfo = &entries[0];
-            while (pEntryInfo->pszName)
-            {
-                *pEntryInfo->ppvAddress = NULL;
-
-                int rc2 = RTLdrGetSymbol(mAuthLibrary, pEntryInfo->pszName, pEntryInfo->ppvAddress);
-                if (RT_SUCCESS(rc2))
-                {
-                    /* Found an entry point. */
-                    LogRel(("AUTH: Using entry point '%s'.\n", pEntryInfo->pszName));
-                    rc = VINF_SUCCESS;
-                    break;
-                }
-
-                if (rc2 != VERR_SYMBOL_NOT_FOUND)
-                {
-                    LogRel(("AUTH: Could not resolve import '%s'. Error code: %Rrc\n", pEntryInfo->pszName, rc2));
-                }
-                rc = rc2;
-
-                pEntryInfo++;
-            }
-        }
+        int rc = AuthLibLoad(&mAuthLibCtx, filename.c_str());
 
         if (RT_FAILURE(rc))
@@ -3297 +3151 @@
                                rc);
 
-            mpfnAuthEntry = NULL;
-            mpfnAuthEntry2 = NULL;
-            mpfnAuthEntry3 = NULL;
-
-            if (mAuthLibrary)
-            {
-                RTLdrClose(mAuthLibrary);
-                mAuthLibrary = 0;
-            }
-
             return AuthResultAccessDenied;
         }
     }
 
-    Assert(mAuthLibrary && (mpfnAuthEntry || mpfnAuthEntry2 || mpfnAuthEntry3));
-
-    AuthCtx ctx;
-    ctx.result         = AuthResultAccessDenied; /* Denied by default. */
-    ctx.pfnAuthEntry3  = mpfnAuthEntry3;
-    ctx.pfnAuthEntry2  = mpfnAuthEntry2;
-    ctx.pfnAuthEntry   = mpfnAuthEntry;
-    ctx.pszCaller      = "vrde";
-    ctx.pUuid          = &rawuuid;
-    ctx.guestJudgement = guestJudgement;
-    ctx.pszUser        = pszUser;
-    ctx.pszPassword    = pszPassword;
-    ctx.pszDomain      = pszDomain;
-    ctx.fLogon         = true;
-    ctx.clientId       = u32ClientId;
-
-    AuthResult result = authCall(&ctx);
+    AuthResult result = AuthLibAuthenticate(&mAuthLibCtx,
+                                            uuid.raw(), guestJudgement,
+                                            pszUser, pszPassword, pszDomain,
+                                            u32ClientId);
 
     switch (result)
@@ -3345 +3176 @@
     }
 
-    LogFlow(("ConsoleVRDPServer::Authenticate: result = %d\n", result));
+    LogFlowFunc(("result = %d\n", result));
 
     return result;
@@ -3352 +3183 @@
 void ConsoleVRDPServer::AuthDisconnect(const Guid &uuid, uint32_t u32ClientId)
 {
-    AUTHUUID rawuuid;
-
-    memcpy(rawuuid, uuid.raw(), sizeof(rawuuid));
-
     LogFlow(("ConsoleVRDPServer::AuthDisconnect: uuid = %RTuuid, u32ClientId = %d\n",
-             rawuuid, u32ClientId));
-
-    Assert(mAuthLibrary && (mpfnAuthEntry || mpfnAuthEntry2 || mpfnAuthEntry3));
-
-    AuthCtx ctx;
-    ctx.result         = AuthResultAccessDenied; /* Not used. */
-    ctx.pfnAuthEntry3  = mpfnAuthEntry3;
-    ctx.pfnAuthEntry2  = mpfnAuthEntry2;
-    ctx.pfnAuthEntry   = NULL;                   /* Does not use disconnect notification. */
-    ctx.pszCaller      = "vrde";
-    ctx.pUuid          = &rawuuid;
-    ctx.guestJudgement = AuthGuestNotAsked;
-    ctx.pszUser        = NULL;
-    ctx.pszPassword    = NULL;
-    ctx.pszDomain      = NULL;
-    ctx.fLogon         = false;
-    ctx.clientId       = u32ClientId;
-
-    authCall(&ctx);
+             uuid.raw(), u32ClientId));
+
+    AuthLibDisconnect(&mAuthLibCtx, uuid.raw(), u32ClientId);
 }