Changeset 2848


Ignore:
Timestamp:
01/04/10 00:27:01 (10 years ago)
Author:
kent1
Message:

Pas mal de modifications pour le faire fonctionner correctement sur debian

Location:
Serveur/flashpolicyd/flashpolicyd-2.1
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • Serveur/flashpolicyd/flashpolicyd-2.1/flashpolicy.xml

    r2844 r2848  
    33<cross-domain-policy>
    44<site-control permitted-cross-domain-policies="master-only"/>
    5 <allow-access-from domain="*.your.net" to-ports="*" />
     5<allow-access-from domain="*" to-ports="*" />
    66</cross-domain-policy>
  • Serveur/flashpolicyd/flashpolicyd-2.1/flashpolicyd.rb

    r2844 r2848  
    99#
    1010# See http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_04.html
    11 # for more information, this needs to run as root since it should listen on 
     11# for more information, this needs to run as root since it should listen on
    1212# port 843 which on a unix machine needs root to listen on that socket.
    1313#
     
    1616#   normal running this stat will be printed every 30 minutes by default, settable
    1717#   using --logfreq
    18 # * USR2 signal dumps the current threads and their statusses 
     18# * USR2 signal dumps the current threads and their statusses
    1919# * HUP signal will toggle debug mode which will print more lines in the log file
    2020# * TERM signal will exit the process closing all the sockets
     
    3131# --xml
    3232#   XML File to Serve to clients, read at startup only
    33 # 
     33#
    3434# --timeout, -t
    3535#   If a request does not complete within this time, close the socket,
     
    4141# --logfile
    4242#   Where to write log lines too
     43#
     44# --pidfile
     45#   Name of the pid file (ex: /var/run/flashpolicyd.pid)
    4346#
    4447# == Download and Further Information
     
    6265    [ '--logfreq', '-l', GetoptLong::OPTIONAL_ARGUMENT],
    6366    [ '--logfile', GetoptLong::REQUIRED_ARGUMENT],
    64     [ '--help', '-h', GetoptLong::NO_ARGUMENT]
     67    [ '--help', '-h', GetoptLong::NO_ARGUMENT],
     68    [ '--pidfile','-p',GetoptLong::REQUIRED_ARGUMENT]
    6569)
    6670
     
    7276xmlfile = ""
    7377logfile = ""
     78pidfile = "/var/run/flashpolicyd.pid"
    7479
    7580opts.each { |opt, arg|
     
    97102    when '--logfile'
    98103      logfile = arg
     104    when '--pidfile'
     105      pidfile = arg
    99106  end
    100107}
     
    127134    @logger.add(severity) { "#{Thread.current.object_id}: #{msg}" }
    128135  end
    129  
     136
    130137  # Log a msg at level INFO
    131138  def info(msg)
    132139    log(Logger::INFO, msg)
    133140  end
    134  
     141
    135142  # Log a msg at level WARN
    136143  def warn(msg)
    137144    log(Logger::WARN, msg)
    138145  end
    139  
     146
    140147  # Log a msg at level DEBUG
    141148  def debug(msg)
    142149    log(Logger::DEBUG, msg)
    143150  end
    144  
     151
    145152  # Log a msg at level FATAL
    146153  def fatal(msg)
    147154    log(Logger::FATAL, msg)
    148155  end
    149  
     156
    150157  # Log a msg at level ERROR
    151158  def error(msg)
    152159    log(Logger::ERROR, msg)
    153160  end
    154  
     161
    155162  # === Synopsis
    156163  # Initializes the server
     
    190197    end
    191198  end
    192  
     199
    193200  # If the logger instanse is in DEBUG mode, put it into INFO and vica versa
    194201  def toggledebug
     
    201208    end
    202209  end
    203  
     210
    204211  # Walks the list of active connections and dump them to the logger at INFO level
    205212  def dumpconnections
    206213    if (@connections.size == 0)
    207214      info("No active connections to dump")
    208     else 
     215    else
    209216      connections = @connections
    210      
     217
    211218      info("Dumping current #{connections.size} connections:")
    212    
     219
    213220      connections.each{ |c|
    214221        addr = c.addr
     
    219226
    220227  # Dump the current thread list
    221   def dumpthreads 
     228  def dumpthreads
    222229    Thread.list.each {|t|
    223230      info("Thread: #{t.id} status #{t.status}")
     
    228235  def printstats
    229236    u = sec2dhms(Time.new - @@starttime)
    230    
     237
    231238    info("Had #{@@totalclients} clients and #{@@bogusclients} bogus clients. Uptime #{u[0]} days #{u[1]} hours #{u[2]} min. #{@connections.size} connection(s) in use now.")
    232239  end
    233  
     240
    234241  # Logs a message passed to it and increment the bogus client counter inside a mutex
    235242  def bogusclient(msg, client)
    236243    addr = client.addr
    237    
     244
    238245    warn("Client #{addr[2]} #{msg}")
    239246
     
    242249    }
    243250  end
    244  
     251
    245252  # The main logic of client handling, waits for @timeout seconds to receive a null terminated
    246253  # request containing "policy-file-request" and sends back the data, else marks the client as
     
    250257  def serve(connection)
    251258    client = connection.client
    252        
     259
    253260    # Flash clients send a null terminate request
    254261    $/ = "\000"
     
    262269          if request =~ /policy-file-request/
    263270            client.puts(@xml)
    264            
     271
    265272            debug("Sent xml data to client")
    266273            break
     
    278285    end
    279286  end
    280  
     287
    281288  # === Synopsis
    282289  # Starts the main loop of the server and handles connections, logic is more or less:
    283   # 
     290  #
    284291  # 1. Opens the port for listening
    285292  # 1. Create a new thread so the connection handling happens seperate from the main loop
     
    287294  # 1. Increment the totalclient variable for stats handling
    288295  # 1. Create a OpenStruct structure with detail about the current connection and put it in the @connections array
    289   # 1. Pass the connection to the serve method for handling 
     296  # 1. Pass the connection to the serve method for handling
    290297  # 1. Once handling completes, remove the connection from the active list and close the socket
    291298  def start
     
    298305      exit
    299306    end
    300    
     307
    301308    begin
    302309      @serverThread = Thread.new {
    303310        while (session = server.accept)
    304           Thread.new(session) do |client| 
    305             begin 
     311          Thread.new(session) do |client|
     312            begin
    306313              debug("Handling new connection from #{client.peeraddr[2]}, #{Thread.list.size} total threads ")
    307314
     
    315322              connection.thread = Thread.current
    316323              connection.addr = client.peeraddr
    317          
     324
    318325              @@connMutex.synchronize {
    319326                @connections << connection
    320327                debug("Pushed connection thread to @connections, now #{@connections.size} connections")
    321328              }
    322              
     329
    323330              debug("Calling serve on connection")
    324331              serve(connection)
    325          
     332
    326333              client.close
    327          
     334
    328335              @@connMutex.synchronize {
    329336                @connections.delete(connection)
    330337                debug("Removed connection from @connections, now #{@connections.size} connections")
    331338              }
    332          
     339
    333340            rescue Errno::ENOTCONN => e
    334341              warn("Unexpected disconnection while handling request")
     
    339346              error("Unexpected #{e.class} exception while handling client connection: #{e.backtrace.join("\n")}")
    340347              client.close
    341             end # block around main logic 
     348            end # block around main logic
    342349          end # while
    343350        end # around Thread.new for client connections
     
    346353      fatal("Got #{e.class} exception in main listening thread: #{e}")
    347354    end
    348   end   
     355  end
    349356end
    350357
     
    355362    Process.setsid
    356363    exit if fork
    357     Dir.chdir('/tmp')
    358     STDIN.reopen('/dev/null')
    359     STDOUT.reopen('/dev/null', 'a')
    360     STDERR.reopen('/dev/null', 'a')
    361 
    362     trap("TERM") {
    363       @logger.debug("Caught TERM signal") 
     364      Dir.chdir('/tmp')
     365      STDIN.reopen('/dev/null')
     366      STDOUT.reopen('/dev/null', 'a')
     367      STDERR.reopen('/dev/null', 'a')
     368
     369     trap("TERM") {
     370      @logger.debug("Caught TERM signal")
    364371      exit
    365     }
     372     }
    366373    yield
    367374  end
     
    374381  sec = time % 60
    375382  time /= 60
    376  
     383
    377384  mins = time % 60
    378385  time /= 60
     
    390397  begin
    391398    @logger.info("Starting server on port 843 in process #{$$}")
    392    
     399    File.open(pidfile, 'w') {|f| f.write("#{$$}") }
    393400    server = PolicyServer.new(843, "0.0.0.0", @xmldata, @logger, @timeout, @verbose)
    394401    server.start
     
    397404    trap("HUP") {
    398405      server.toggledebug
    399     }   
     406    }
    400407
    401408    # send a USR1 signal for a full connection list dump
    402     trap("USR1") { 
    403       server.dumpconnections 
     409    trap("USR1") {
     410      server.dumpconnections
    404411      server.printstats
    405412    }
    406    
     413
    407414    # Send USR2 to dump all threads
    408415    trap("USR2") {
    409416      server.dumpthreads
    410417    }
    411    
     418
    412419    # Cycle and print stats every now and then
    413420    loop do
     
    421428    @logger.fatal("Unexpected exception #{e.class} from main loop: #{e.backtrace.join("\n")}")
    422429  end
    423  
     430
    424431  @logger.info("Server process #{$$} shutting down")
    425432end
  • Serveur/flashpolicyd/flashpolicyd-2.1/flashpolicyd.sh

    r2844 r2848  
    33# Init file for the flashpolicy server daemon
    44#
    5 # chkconfig: 2345 20 20
    65# description: Starts a server on port 843 to server flash policy requests
    76#
    87# processname: flashpolicyd.rb
    98
     9### BEGIN INIT INFO
     10# Provides:             flashpolicyd
     11# Required-Start:       $syslog
     12# Required-Stop:        $syslog
     13# Should-Start:         $network
     14# Should-Stop:          $network
     15# Default-Start:        2 3 4 5
     16# Default-Stop:         0 1 6
     17# Short-Description:    flashpolicyd -  Flash socket policy server
     18# Description:          flashpolicyd provide a flash sochet policy server.
     19### END INIT INFO
     20
     21#####################
     22#BEGIN CONFIG SECTION
     23
    1024# Source function library.
    11 . /etc/rc.d/init.d/functions
     25. /lib/lsb/init-functions
    1226
    13 desc="Flash policy server"
    14 prog="flashpolicyd"
     27NAME=flashpolicyd
     28DESC="Flashpolicy server"
    1529
    16 # these can be overrode in /etc/sysconfig/flashpolicyd
    17 RETVAL=0
    18 TIMEOUT=10
    19 XML=/etc/flashpolicy.xml
    20 LOGFREQ=1800
     30# Location of daemon
     31DAEMON=/usr/local/sbin/flashpolicyd.rb
     32
     33# Location of socket policy file (configuration)
     34XML=/usr/local/etc/flashpolicy.xml
     35
     36# Log file in /var/log/ for logging
    2137LOGFILE=/var/log/flashpolicyd.log
    2238
    23 if [ -r /etc/sysconfig/$prog ]; then
    24         source /etc/sysconfig/$prog
     39# Time refreshing the log file
     40LOGFREQ=1800
     41
     42# Time where people can connect
     43TIMEOUT=10
     44
     45# Pid file
     46PIDFILE="/var/run/$NAME.pid"
     47
     48# User
     49USER=root
     50
     51# Include flashpolicyd defaults if available
     52if [ -f /etc/default/flashpolicyd ] ; then
     53        . /etc/default/flashpolicyd
    2554fi
    2655
     56# Options of the daemon
     57DAEMON_OPTS="--timeout=$TIMEOUT --xml=$XML --pidfile=$PIDFILE --logfreq=$LOGFREQ --logfile=$LOGFILE"
     58
     59[ "$NETWORKING" = "no" ] && exit 0
     60[ -f "$DAEMON" ] || exit 1
     61[ -f "$XML" ] || exit 1
     62
     63RETVAL=0
     64
    2765start() {
    28         echo -n $"Starting $desc ($prog): "
    29         daemon --check=$prog /usr/sbin/${prog} --timeout=${TIMEOUT} --xml=${XML} --logfreq=${LOGFREQ} --logfile=${LOGFILE}
    30         RETVAL=$?
    31         echo
    32         [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
    33         return $RETVAL
     66        echo -n "Starting $DESC: "
     67        start-stop-daemon --start --quiet --pidfile $PIDFILE \
     68                --chuid $USER \
     69                --exec $DAEMON -- $DAEMON_OPTS
     70        echo "$NAME."
    3471}
    3572
    3673stop() {
    37         echo -n $"Stopping $desc ($prog): "
    38         killproc $prog
    39         RETVAL=$?
    40         echo
    41         [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
    42         return $RETVAL
     74        echo -n "Stopping $DESC : "
     75        start-stop-daemon --stop --quiet --pidfile $PIDFILE \
     76                --oknodo
     77        echo "$NAME."
    4378}
    4479
    4580restart() {
    4681        stop
     82        sleep 1
    4783        start
     84}
     85
     86status() {
     87        PID=$(cat $PIDFILE)
     88        if [ -n "$PID" ]; then
     89                log_success_msg "$DESC is running (pid $PID)."
     90                        exit 0
     91        else
     92                log_failure_msg "$DESC is not running."
     93                        exit 1
     94        fi
    4895}
    4996
    5097case "$1" in
    5198  start)
    52         start
     99                start
    53100        ;;
    54101  stop)
    55         stop
    56         ;;
    57   restart)
    58         restart
    59         ;;
    60   condrestart)
    61         [ -e /var/lock/subsys/$prog ] && restart
    62         RETVAL=$?
     102                stop
    63103        ;;
    64104  status)
    65         status $prog
    66         RETVAL=$?
     105                status
    67106        ;;
     107  restart|reload)
     108        restart
     109    ;;
    68110  *)
    69         echo $"Usage: $0 {start|stop|restart|condrestart|status}"
    70         RETVAL=1
     111    echo "Usage: flashpolicyd {start|stop|status|restart}"
     112    RETVAL=1
    71113esac
    72114
  • Serveur/flashpolicyd/flashpolicyd-2.1/install.sh

    r2844 r2848  
    1111install -m644 flashpolicy.xml /usr/local/etc/
    1212# Copie du serveur au bon endroit et avec les bons droits
    13 install -m755 flashpolicyd.py /usr/local/sbin/
     13install -m755 flashpolicyd.rb /usr/local/sbin/
    1414# Copie du script d'initialisation au bon endroit et avec les bons droits
    1515install -m755 flashpolicyd.sh /etc/init.d/flashpolicyd
    1616
    1717# On installe les differents scripts dans les bon runlevels
     18sudo chmod +x /etc/init.d/flashpolicyd
    1819update-rc.d flashpolicyd defaults
    1920/etc/init.d/flashpolicyd restart
Note: See TracChangeset for help on using the changeset viewer.