VirtualBox

source: vbox/trunk/src/VBox/Main/webservice/vboxweb.cpp@ 106061

Last change on this file since 106061 was 106061, checked in by vboxsync, 8 weeks ago

Copyright year updates by scm.
  • Property filesplitter.c set to Makefile.kmk
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id Revision
File size: 82.8 KB
Line 
1/* $Id: vboxweb.cpp 106061 2024-09-16 14:03:52Z vboxsync $ */
2/** @file
3 * vboxweb.cpp:
4 * hand-coded parts of the webservice server. This is linked with the
5 * generated code in out/.../src/VBox/Main/webservice/methodmaps.cpp
6 * (plus static gSOAP server code) to implement the actual webservice
7 * server, to which clients can connect.
8 */
9
10/*
11 * Copyright (C) 2007-2024 Oracle and/or its affiliates.
12 *
13 * This file is part of VirtualBox base platform packages, as
14 * available from https://www.virtualbox.org.
15 *
16 * This program is free software; you can redistribute it and/or
17 * modify it under the terms of the GNU General Public License
18 * as published by the Free Software Foundation, in version 3 of the
19 * License.
20 *
21 * This program is distributed in the hope that it will be useful, but
22 * WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24 * General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, see <https://www.gnu.org/licenses>.
28 *
29 * SPDX-License-Identifier: GPL-3.0-only
30 */
31
32// shared webservice header
33#include "vboxweb.h"
34
35// vbox headers
36#include <VBox/com/com.h>
37#include <VBox/com/array.h>
38#include <VBox/com/string.h>
39#include <VBox/com/ErrorInfo.h>
40#include <VBox/com/errorprint.h>
41#include <VBox/com/listeners.h>
42#include <VBox/com/NativeEventQueue.h>
43#include <VBox/VBoxAuth.h>
44#include <VBox/version.h>
45#include <VBox/log.h>
46
47#include <iprt/buildconfig.h>
48#include <iprt/ctype.h>
49#include <iprt/getopt.h>
50#include <iprt/initterm.h>
51#include <iprt/ldr.h>
52#include <iprt/message.h>
53#include <iprt/process.h>
54#include <iprt/rand.h>
55#include <iprt/semaphore.h>
56#include <iprt/critsect.h>
57#include <iprt/string.h>
58#include <iprt/thread.h>
59#include <iprt/time.h>
60#include <iprt/path.h>
61#include <iprt/system.h>
62#include <iprt/base64.h>
63#include <iprt/stream.h>
64#include <iprt/asm.h>
65
66#ifdef WITH_OPENSSL
67# include <openssl/opensslv.h>
68#endif
69
70#ifndef RT_OS_WINDOWS
71# include <signal.h>
72#endif
73
74// workaround for compile problems on gcc 4.1
75#ifdef __GNUC__
76#pragma GCC visibility push(default)
77#endif
78
79// gSOAP headers (must come after vbox includes because it checks for conflicting defs)
80#include "soapH.h"
81
82// standard headers
83#include <map>
84#include <list>
85
86#ifdef __GNUC__
87#pragma GCC visibility pop
88#endif
89
90// include generated namespaces table
91#include "vboxwebsrv.nsmap"
92
93RT_C_DECLS_BEGIN
94
95// declarations for the generated WSDL text
96extern const unsigned char g_abVBoxWebWSDL[];
97extern const unsigned g_cbVBoxWebWSDL;
98
99RT_C_DECLS_END
100
101static void WebLogSoapError(struct soap *soap);
102
103/****************************************************************************
104 *
105 * private typedefs
106 *
107 ****************************************************************************/
108
109typedef std::map<uint64_t, ManagedObjectRef*> ManagedObjectsMapById;
110typedef ManagedObjectsMapById::iterator ManagedObjectsIteratorById;
111typedef std::map<uintptr_t, ManagedObjectRef*> ManagedObjectsMapByPtr;
112typedef ManagedObjectsMapByPtr::iterator ManagedObjectsIteratorByPtr;
113
114typedef std::map<uint64_t, WebServiceSession*> WebsessionsMap;
115typedef WebsessionsMap::iterator WebsessionsMapIterator;
116
117typedef std::map<RTTHREAD, com::Utf8Str> ThreadsMap;
118
119static DECLCALLBACK(int) fntWatchdog(RTTHREAD ThreadSelf, void *pvUser);
120
121/****************************************************************************
122 *
123 * Read-only global variables
124 *
125 ****************************************************************************/
126
127static ComPtr<IVirtualBoxClient> g_pVirtualBoxClient = NULL;
128
129// generated strings in methodmaps.cpp
130extern const char *g_pcszISession,
131 *g_pcszIVirtualBox,
132 *g_pcszIVirtualBoxErrorInfo;
133
134// globals for vboxweb command-line arguments
135#define DEFAULT_TIMEOUT_SECS 300
136#define DEFAULT_TIMEOUT_SECS_STRING "300"
137static int g_iWatchdogTimeoutSecs = DEFAULT_TIMEOUT_SECS;
138static int g_iWatchdogCheckInterval = 5;
139
140static const char *g_pcszBindToHost = NULL; // host; NULL = localhost
141static unsigned int g_uBindToPort = 18083; // port
142static unsigned int g_uBacklog = 100; // backlog = max queue size for connections
143
144#ifdef WITH_OPENSSL
145static bool g_fSSL = false; // if SSL is enabled
146static const char *g_pcszKeyFile = NULL; // server key file
147static const char *g_pcszPassword = NULL; // password for server key
148static const char *g_pcszCACert = NULL; // file with trusted CA certificates
149static const char *g_pcszCAPath = NULL; // directory with trusted CA certificates
150static const char *g_pcszDHFile = NULL; // DH file name or DH key length in bits, NULL=use RSA
151static const char *g_pcszRandFile = NULL; // file with random data seed
152static const char *g_pcszSID = "vboxwebsrv"; // server ID for SSL session cache
153#endif /* WITH_OPENSSL */
154
155static unsigned int g_cMaxWorkerThreads = 100; // max. no. of worker threads
156static unsigned int g_cMaxKeepAlive = 100; // maximum number of soap requests in one connection
157
158static const char *g_pcszAuthentication = NULL; // web service authentication
159
160static uint32_t g_cHistory = 10; // enable log rotation, 10 files
161static uint32_t g_uHistoryFileTime = RT_SEC_1DAY; // max 1 day per file
162static uint64_t g_uHistoryFileSize = 100 * _1M; // max 100MB per file
163bool g_fVerbose = false; // be verbose
164
165static bool g_fDaemonize = false; // run in background.
166static volatile bool g_fKeepRunning = true; // controlling the exit
167
168const WSDLT_ID g_EmptyWSDLID; // for NULL MORs
169
170/****************************************************************************
171 *
172 * Writeable global variables
173 *
174 ****************************************************************************/
175
176// The one global SOAP queue created by main().
177class SoapQ;
178static SoapQ *g_pSoapQ = NULL;
179
180// this mutex protects the auth lib and authentication
181static util::WriteLockHandle *g_pAuthLibLockHandle;
182
183// this mutex protects the global VirtualBox reference below
184static util::RWLockHandle *g_pVirtualBoxLockHandle;
185
186static ComPtr<IVirtualBox> g_pVirtualBox = NULL;
187
188// this mutex protects all of the below
189util::WriteLockHandle *g_pWebsessionsLockHandle;
190
191static WebsessionsMap g_mapWebsessions;
192static ULONG64 g_cManagedObjects = 0;
193
194// this mutex protects g_mapThreads
195static util::RWLockHandle *g_pThreadsLockHandle;
196
197// Threads map, so we can quickly map an RTTHREAD struct to a logger prefix
198static ThreadsMap g_mapThreads;
199
200/****************************************************************************
201 *
202 * Command line help
203 *
204 ****************************************************************************/
205
206static const RTGETOPTDEF g_aOptions[]
207 = {
208 { "--help", 'h', RTGETOPT_REQ_NOTHING }, /* for DisplayHelp() */
209#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX) || defined (RT_OS_SOLARIS) || defined(RT_OS_FREEBSD)
210 { "--background", 'b', RTGETOPT_REQ_NOTHING },
211#endif
212 { "--host", 'H', RTGETOPT_REQ_STRING },
213 { "--port", 'p', RTGETOPT_REQ_UINT32 },
214#ifdef WITH_OPENSSL
215 { "--ssl", 's', RTGETOPT_REQ_NOTHING },
216 { "--keyfile", 'K', RTGETOPT_REQ_STRING },
217 { "--passwordfile", 'a', RTGETOPT_REQ_STRING },
218 { "--cacert", 'c', RTGETOPT_REQ_STRING },
219 { "--capath", 'C', RTGETOPT_REQ_STRING },
220 { "--dhfile", 'D', RTGETOPT_REQ_STRING },
221 { "--randfile", 'r', RTGETOPT_REQ_STRING },
222#endif /* WITH_OPENSSL */
223 { "--timeout", 't', RTGETOPT_REQ_UINT32 },
224 { "--check-interval", 'i', RTGETOPT_REQ_UINT32 },
225 { "--threads", 'T', RTGETOPT_REQ_UINT32 },
226 { "--keepalive", 'k', RTGETOPT_REQ_UINT32 },
227 { "--authentication", 'A', RTGETOPT_REQ_STRING },
228 { "--verbose", 'v', RTGETOPT_REQ_NOTHING },
229 { "--pidfile", 'P', RTGETOPT_REQ_STRING },
230 { "--logfile", 'F', RTGETOPT_REQ_STRING },
231 { "--logrotate", 'R', RTGETOPT_REQ_UINT32 },
232 { "--logsize", 'S', RTGETOPT_REQ_UINT64 },
233 { "--loginterval", 'I', RTGETOPT_REQ_UINT32 }
234 };
235
236static void DisplayHelp()
237{
238 RTStrmPrintf(g_pStdErr, "\nUsage: vboxwebsrv [options]\n\nSupported options (default values in brackets):\n");
239 for (unsigned i = 0;
240 i < RT_ELEMENTS(g_aOptions);
241 ++i)
242 {
243 std::string str(g_aOptions[i].pszLong);
244 str += ", -";
245 str += g_aOptions[i].iShort;
246 str += ":";
247
248 const char *pcszDescr = "";
249
250 switch (g_aOptions[i].iShort)
251 {
252 case 'h':
253 pcszDescr = "Print this help message and exit.";
254 break;
255
256#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX) || defined (RT_OS_SOLARIS) || defined(RT_OS_FREEBSD)
257 case 'b':
258 pcszDescr = "Run in background (daemon mode).";
259 break;
260#endif
261
262 case 'H':
263 pcszDescr = "The host to bind to (localhost).";
264 break;
265
266 case 'p':
267 pcszDescr = "The port to bind to (18083).";
268 break;
269
270#ifdef WITH_OPENSSL
271 case 's':
272 pcszDescr = "Enable SSL/TLS encryption.";
273 break;
274
275 case 'K':
276 pcszDescr = "Server key and certificate file, PEM format (\"\").";
277 break;
278
279 case 'a':
280 pcszDescr = "File name for password to server key (\"\").";
281 break;
282
283 case 'c':
284 pcszDescr = "CA certificate file, PEM format (\"\").";
285 break;
286
287 case 'C':
288 pcszDescr = "CA certificate path (\"\").";
289 break;
290
291 case 'D':
292 pcszDescr = "DH file name or DH key length in bits (\"\").";
293 break;
294
295 case 'r':
296 pcszDescr = "File containing seed for random number generator (\"\").";
297 break;
298#endif /* WITH_OPENSSL */
299
300 case 't':
301 pcszDescr = "Session timeout in seconds; 0 = disable timeouts (" DEFAULT_TIMEOUT_SECS_STRING ").";
302 break;
303
304 case 'T':
305 pcszDescr = "Maximum number of worker threads to run in parallel (100).";
306 break;
307
308 case 'k':
309 pcszDescr = "Maximum number of requests before a connection will be closed (100).";
310 break;
311
312 case 'A':
313 pcszDescr = "Authentication method for the webservice (\"\").";
314 break;
315
316 case 'i':
317 pcszDescr = "Frequency of timeout checks in seconds (5).";
318 break;
319
320 case 'v':
321 pcszDescr = "Be verbose.";
322 break;
323
324 case 'P':
325 pcszDescr = "Name of the PID file which is created when the daemon was started.";
326 break;
327
328 case 'F':
329 pcszDescr = "Name of file to write log to (no file).";
330 break;
331
332 case 'R':
333 pcszDescr = "Number of log files (0 disables log rotation).";
334 break;
335
336 case 'S':
337 pcszDescr = "Maximum size of a log file to trigger rotation (bytes).";
338 break;
339
340 case 'I':
341 pcszDescr = "Maximum time interval to trigger log rotation (seconds).";
342 break;
343 }
344
345 RTStrmPrintf(g_pStdErr, "%-23s%s\n", str.c_str(), pcszDescr);
346 }
347}
348
349/****************************************************************************
350 *
351 * SoapQ, SoapThread (multithreading)
352 *
353 ****************************************************************************/
354
355class SoapQ;
356
357class SoapThread
358{
359public:
360 /**
361 * Constructor. Creates the new thread and makes it call process() for processing the queue.
362 * @param u Thread number. (So we can count from 1 and be readable.)
363 * @param q SoapQ instance which has the queue to process.
364 */
365 SoapThread(size_t u,
366 SoapQ &q)
367 : m_u(u),
368 m_pQ(&q)
369 {
370 m_strThread = com::Utf8StrFmt("SQW%02d", m_u);
371 int vrc = RTThreadCreate(&m_pThread,
372 fntWrapper,
373 this, // pvUser
374 0, // cbStack
375 RTTHREADTYPE_MAIN_HEAVY_WORKER,
376 0,
377 m_strThread.c_str());
378 if (RT_FAILURE(vrc))
379 {
380 RTMsgError("Cannot start worker thread %d: %Rrc\n", u, vrc);
381 exit(1);
382 }
383 }
384
385 void process();
386
387 static int fnHttpGet(struct soap *soap)
388 {
389 char *s = strchr(soap->path, '?');
390 if (!s || strcmp(s, "?wsdl"))
391 return SOAP_GET_METHOD;
392 soap_response(soap, SOAP_HTML);
393 soap_send_raw(soap, (const char *)g_abVBoxWebWSDL, g_cbVBoxWebWSDL);
394 soap_end_send(soap);
395 return SOAP_OK;
396 }
397
398 /**
399 * Static function that can be passed to RTThreadCreate and that calls
400 * process() on the SoapThread instance passed as the thread parameter.
401 *
402 * @param hThreadSelf
403 * @param pvThread
404 * @return
405 */
406 static DECLCALLBACK(int) fntWrapper(RTTHREAD hThreadSelf, void *pvThread)
407 {
408 RT_NOREF(hThreadSelf);
409 SoapThread *pst = (SoapThread*)pvThread;
410 pst->process();
411 return VINF_SUCCESS;
412 }
413
414 size_t m_u; // thread number
415 com::Utf8Str m_strThread; // thread name ("SoapQWrkXX")
416 SoapQ *m_pQ; // the single SOAP queue that all the threads service
417 RTTHREAD m_pThread; // IPRT thread struct for this thread
418};
419
420/**
421 * SOAP queue encapsulation. There is only one instance of this, to
422 * which add() adds a queue item (called on the main thread),
423 * and from which get() fetch items, called from each queue thread.
424 */
425class SoapQ
426{
427public:
428
429 /**
430 * Constructor. Creates the soap queue.
431 */
432 SoapQ()
433 : m_mutex(util::LOCKCLASS_OBJECTSTATE), // lowest lock order, no other may be held while this is held
434 m_cIdleThreads(0)
435 {
436 RTSemEventMultiCreate(&m_event);
437 }
438
439 ~SoapQ()
440 {
441 /* Tell the threads to terminate. */
442 RTSemEventMultiSignal(m_event);
443 {
444 util::AutoWriteLock qlock(m_mutex COMMA_LOCKVAL_SRC_POS);
445 int i = 0;
446 while (m_llAllThreads.size() && i++ <= 30)
447 {
448 qlock.release();
449 RTThreadSleep(1000);
450 RTSemEventMultiSignal(m_event);
451 qlock.acquire();
452 }
453 LogRel(("ending queue processing (%d out of %d threads idle)\n", m_cIdleThreads, m_llAllThreads.size()));
454 }
455
456 RTSemEventMultiDestroy(m_event);
457
458 while (!m_llSocketsQ.empty())
459 {
460 struct soap *pSoap = m_llSocketsQ.front();
461 m_llSocketsQ.pop_front();
462
463 if (pSoap == NULL || !soap_valid_socket(pSoap->socket))
464 continue;
465
466 soap_destroy(pSoap); // clean up class instances
467 soap_end(pSoap); // clean up everything and close socket
468 soap_free(pSoap); // free soap connection
469 }
470 }
471
472 /**
473 * Adds the given soap connection to the SOAP queue and posts the
474 * member event sem to wake up the workers. Called on the main thread
475 * whenever a connection comes in. Creates a new SOAP thread on the
476 * first call or when all existing threads are busy.
477 * @param pSoap connection
478 */
479 size_t add(const struct soap *pSoap)
480 {
481 size_t cItems;
482 util::AutoWriteLock qlock(m_mutex COMMA_LOCKVAL_SRC_POS);
483
484 // if no threads have yet been created, or if all threads are busy,
485 // create a new SOAP thread
486 if ( !m_cIdleThreads
487 // but only if we're not exceeding the global maximum (default is 100)
488 && (m_llAllThreads.size() < g_cMaxWorkerThreads)
489 )
490 {
491 SoapThread *pst = new SoapThread(m_llAllThreads.size() + 1,
492 *this);
493 m_llAllThreads.push_back(pst);
494 util::AutoWriteLock thrLock(g_pThreadsLockHandle COMMA_LOCKVAL_SRC_POS);
495 g_mapThreads[pst->m_pThread] = com::Utf8StrFmt("[%3u]", pst->m_u);
496 ++m_cIdleThreads;
497 }
498
499 // enqueue this connection and post eventsem so that one of the threads
500 // (possibly the one just created) can pick it up
501 m_llSocketsQ.push_back(soap_copy(pSoap));
502 cItems = m_llSocketsQ.size();
503 qlock.release();
504
505 // unblock one of the worker threads
506 RTSemEventMultiSignal(m_event);
507
508 return cItems;
509 }
510
511 /**
512 * Blocks the current thread until work comes in; then returns
513 * the SOAP connection which has work to do. This reduces m_cIdleThreads
514 * by one, and the caller MUST call done() when it's done processing.
515 * Called from the worker threads.
516 * @param cIdleThreads out: no. of threads which are currently idle (not counting the caller)
517 * @param cThreads out: total no. of SOAP threads running
518 * @return
519 */
520 struct soap *get(size_t &cIdleThreads, size_t &cThreads)
521 {
522 while (g_fKeepRunning)
523 {
524 // wait for something to happen
525 RTSemEventMultiWait(m_event, RT_INDEFINITE_WAIT);
526
527 if (!g_fKeepRunning)
528 break;
529
530 util::AutoWriteLock qlock(m_mutex COMMA_LOCKVAL_SRC_POS);
531 if (!m_llSocketsQ.empty())
532 {
533 struct soap *pSoap = m_llSocketsQ.front();
534 m_llSocketsQ.pop_front();
535 cIdleThreads = --m_cIdleThreads;
536 cThreads = m_llAllThreads.size();
537
538 // reset the multi event only if the queue is now empty; otherwise
539 // another thread will also wake up when we release the mutex and
540 // process another one
541 if (m_llSocketsQ.empty())
542 RTSemEventMultiReset(m_event);
543
544 qlock.release();
545
546 return pSoap;
547 }
548
549 // nothing to do: keep looping
550 }
551 return NULL;
552 }
553
554 /**
555 * To be called by a worker thread after fetching an item from the
556 * queue via get() and having finished its lengthy processing.
557 */
558 void done()
559 {
560 util::AutoWriteLock qlock(m_mutex COMMA_LOCKVAL_SRC_POS);
561 ++m_cIdleThreads;
562 }
563
564 /**
565 * To be called by a worker thread when signing off, i.e. no longer
566 * willing to process SOAP connections.
567 */
568 void signoff(SoapThread *th)
569 {
570 {
571 util::AutoWriteLock thrLock(g_pThreadsLockHandle COMMA_LOCKVAL_SRC_POS);
572 size_t c = g_mapThreads.erase(th->m_pThread);
573 AssertReturnVoid(c == 1);
574 }
575 {
576 util::AutoWriteLock qlock(m_mutex COMMA_LOCKVAL_SRC_POS);
577 m_llAllThreads.remove(th);
578 --m_cIdleThreads;
579 }
580 }
581
582 util::WriteLockHandle m_mutex;
583 RTSEMEVENTMULTI m_event; // posted by add(), blocked on by get()
584
585 std::list<SoapThread*> m_llAllThreads; // all the threads created by the constructor
586 size_t m_cIdleThreads; // threads which are currently idle (statistics)
587
588 // A std::list abused as a queue; this contains the actual jobs to do,
589 // each entry being a connection from soap_accept() passed through SoapQ::add.
590 std::list<struct soap *> m_llSocketsQ;
591};
592
593/**
594 * Thread function for each of the SOAP queue worker threads. This keeps
595 * running, blocks on the event semaphore in SoapThread.SoapQ and picks
596 * up a connection from the queue therein, which has been put there by
597 * SoapQ::add().
598 */
599void SoapThread::process()
600{
601 LogRel(("New SOAP thread started\n"));
602
603 while (g_fKeepRunning)
604 {
605 // wait for a job to arrive on the queue
606 size_t cIdleThreads = 0, cThreads = 0;
607 struct soap *pSoap = m_pQ->get(cIdleThreads, cThreads);
608
609 if (pSoap == NULL || !soap_valid_socket(pSoap->socket))
610 continue;
611
612 pSoap->fget = fnHttpGet;
613
614 /* The soap.max_keep_alive value can be set to the maximum keep-alive calls allowed,
615 * which is important to avoid a client from holding a thread indefinitely.
616 * http://www.cs.fsu.edu/~engelen/soapdoc2.html#sec:keepalive
617 *
618 * Strings with 8-bit content can hold ASCII (default) or UTF8. The latter is
619 * possible by enabling the SOAP_C_UTFSTRING flag.
620 */
621 soap_set_omode(pSoap, SOAP_IO_KEEPALIVE | SOAP_C_UTFSTRING);
622 soap_set_imode(pSoap, SOAP_IO_KEEPALIVE | SOAP_C_UTFSTRING);
623 pSoap->max_keep_alive = g_cMaxKeepAlive;
624
625 LogRel(("Processing connection from IP=%RTnaipv4 socket=%d (%d out of %d threads idle)\n",
626 RT_H2N_U32(pSoap->ip), pSoap->socket, cIdleThreads, cThreads));
627
628 // Ensure that we don't get stuck indefinitely for connections using
629 // keepalive, otherwise stale connections tie up worker threads.
630 pSoap->send_timeout = 60;
631 pSoap->recv_timeout = 60;
632 // Limit the maximum SOAP request size to a generous amount, just to
633 // be on the safe side (SOAP is quite wordy when representing arrays,
634 // and some API uses need to deal with large arrays). Good that binary
635 // data is no longer represented by byte arrays...
636 pSoap->recv_maxlength = _16M;
637 // process the request; this goes into the COM code in methodmaps.cpp
638
639 do {
640#ifdef WITH_OPENSSL
641 if (g_fSSL && soap_ssl_accept(pSoap))
642 {
643 WebLogSoapError(pSoap);
644 break;
645 }
646#endif /* WITH_OPENSSL */
647 soap_serve(pSoap);
648 } while (0);
649
650 soap_destroy(pSoap); // clean up class instances
651 soap_end(pSoap); // clean up everything and close connection
652 soap_free(pSoap); // free soap connection
653
654 // tell the queue we're idle again
655 m_pQ->done();
656 }
657 m_pQ->signoff(this);
658}
659
660/****************************************************************************
661 *
662 * VirtualBoxClient event listener
663 *
664 ****************************************************************************/
665
666class VirtualBoxClientEventListener
667{
668public:
669 VirtualBoxClientEventListener()
670 {
671 }
672
673 virtual ~VirtualBoxClientEventListener()
674 {
675 }
676
677 HRESULT init()
678 {
679 return S_OK;
680 }
681
682 void uninit()
683 {
684 }
685
686
687 STDMETHOD(HandleEvent)(VBoxEventType_T aType, IEvent *aEvent)
688 {
689 switch (aType)
690 {
691 case VBoxEventType_OnVBoxSVCAvailabilityChanged:
692 {
693 ComPtr<IVBoxSVCAvailabilityChangedEvent> pVSACEv = aEvent;
694 Assert(pVSACEv);
695 BOOL fAvailable = FALSE;
696 pVSACEv->COMGETTER(Available)(&fAvailable);
697 if (!fAvailable)
698 {
699 LogRel(("VBoxSVC became unavailable\n"));
700 {
701 util::AutoWriteLock vlock(g_pVirtualBoxLockHandle COMMA_LOCKVAL_SRC_POS);
702 g_pVirtualBox.setNull();
703 }
704 {
705 // we're messing with websessions, so lock them
706 util::AutoWriteLock lock(g_pWebsessionsLockHandle COMMA_LOCKVAL_SRC_POS);
707 WEBDEBUG(("SVC unavailable: deleting %d websessions\n", g_mapWebsessions.size()));
708
709 WebsessionsMapIterator it = g_mapWebsessions.begin(),
710 itEnd = g_mapWebsessions.end();
711 while (it != itEnd)
712 {
713 WebServiceSession *pWebsession = it->second;
714 WEBDEBUG(("SVC unavailable: websession %#llx stale, deleting\n", pWebsession->getID()));
715 delete pWebsession;
716 it = g_mapWebsessions.begin();
717 }
718 }
719 }
720 else
721 {
722 LogRel(("VBoxSVC became available\n"));
723 util::AutoWriteLock vlock(g_pVirtualBoxLockHandle COMMA_LOCKVAL_SRC_POS);
724 HRESULT hrc = g_pVirtualBoxClient->COMGETTER(VirtualBox)(g_pVirtualBox.asOutParam());
725 AssertComRC(hrc);
726 }
727 break;
728 }
729 default:
730 AssertFailed();
731 }
732
733 return S_OK;
734 }
735
736private:
737};
738
739typedef ListenerImpl<VirtualBoxClientEventListener> VirtualBoxClientEventListenerImpl;
740
741VBOX_LISTENER_DECLARE(VirtualBoxClientEventListenerImpl)
742
743/**
744 * Helper for printing SOAP error messages.
745 * @param soap
746 */
747/*static*/
748void WebLogSoapError(struct soap *soap)
749{
750 if (soap_check_state(soap))
751 {
752 LogRel(("Error: soap struct not initialized\n"));
753 return;
754 }
755
756 const char *pcszFaultString = *soap_faultstring(soap);
757 const char **ppcszDetail = soap_faultcode(soap);
758 LogRel(("#### SOAP FAULT: %s [%s]\n",
759 pcszFaultString ? pcszFaultString : "[no fault string available]",
760 (ppcszDetail && *ppcszDetail) ? *ppcszDetail : "no details available"));
761}
762
763/**
764 * Helper for decoding AuthResult.
765 * @param result AuthResult
766 */
767static const char * decodeAuthResult(AuthResult result)
768{
769 switch (result)
770 {
771 case AuthResultAccessDenied: return "access DENIED";
772 case AuthResultAccessGranted: return "access granted";
773 case AuthResultDelegateToGuest: return "delegated to guest";
774 default: return "unknown AuthResult";
775 }
776}
777
778#if defined(WITH_OPENSSL) && (OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER))
779/****************************************************************************
780 *
781 * OpenSSL convenience functions for multithread support.
782 * Not required for OpenSSL 1.1+
783 *
784 ****************************************************************************/
785
786static RTCRITSECT *g_pSSLMutexes = NULL;
787
788struct CRYPTO_dynlock_value
789{
790 RTCRITSECT mutex;
791};
792
793static unsigned long CRYPTO_id_function()
794{
795 return (unsigned long)RTThreadNativeSelf();
796}
797
798static void CRYPTO_locking_function(int mode, int n, const char * /*file*/, int /*line*/)
799{
800 if (mode & CRYPTO_LOCK)
801 RTCritSectEnter(&g_pSSLMutexes[n]);
802 else
803 RTCritSectLeave(&g_pSSLMutexes[n]);
804}
805
806static struct CRYPTO_dynlock_value *CRYPTO_dyn_create_function(const char * /*file*/, int /*line*/)
807{
808 static uint32_t s_iCritSectDynlock = 0;
809 struct CRYPTO_dynlock_value *value = (struct CRYPTO_dynlock_value *)RTMemAlloc(sizeof(struct CRYPTO_dynlock_value));
810 if (value)
811 RTCritSectInitEx(&value->mutex, RTCRITSECT_FLAGS_NO_LOCK_VAL,
812 NIL_RTLOCKVALCLASS, RTLOCKVAL_SUB_CLASS_NONE,
813 "openssl-dyn-%u", ASMAtomicIncU32(&s_iCritSectDynlock) - 1);
814
815 return value;
816}
817
818static void CRYPTO_dyn_lock_function(int mode, struct CRYPTO_dynlock_value *value, const char * /*file*/, int /*line*/)
819{
820 if (mode & CRYPTO_LOCK)
821 RTCritSectEnter(&value->mutex);
822 else
823 RTCritSectLeave(&value->mutex);
824}
825
826static void CRYPTO_dyn_destroy_function(struct CRYPTO_dynlock_value *value, const char * /*file*/, int /*line*/)
827{
828 if (value)
829 {
830 RTCritSectDelete(&value->mutex);
831 free(value);
832 }
833}
834
835static int CRYPTO_thread_setup()
836{
837 int num_locks = CRYPTO_num_locks();
838 g_pSSLMutexes = (RTCRITSECT *)RTMemAlloc(num_locks * sizeof(RTCRITSECT));
839 if (!g_pSSLMutexes)
840 return SOAP_EOM;
841
842 for (int i = 0; i < num_locks; i++)
843 {
844 int vrc = RTCritSectInitEx(&g_pSSLMutexes[i], RTCRITSECT_FLAGS_NO_LOCK_VAL,
845 NIL_RTLOCKVALCLASS, RTLOCKVAL_SUB_CLASS_NONE,
846 "openssl-%d", i);
847 if (RT_FAILURE(vrc))
848 {
849 for ( ; i >= 0; i--)
850 RTCritSectDelete(&g_pSSLMutexes[i]);
851 RTMemFree(g_pSSLMutexes);
852 g_pSSLMutexes = NULL;
853 return SOAP_EOM;
854 }
855 }
856
857 CRYPTO_set_id_callback(CRYPTO_id_function);
858 CRYPTO_set_locking_callback(CRYPTO_locking_function);
859 CRYPTO_set_dynlock_create_callback(CRYPTO_dyn_create_function);
860 CRYPTO_set_dynlock_lock_callback(CRYPTO_dyn_lock_function);
861 CRYPTO_set_dynlock_destroy_callback(CRYPTO_dyn_destroy_function);
862
863 return SOAP_OK;
864}
865
866static void CRYPTO_thread_cleanup()
867{
868 if (!g_pSSLMutexes)
869 return;
870
871 CRYPTO_set_id_callback(NULL);
872 CRYPTO_set_locking_callback(NULL);
873 CRYPTO_set_dynlock_create_callback(NULL);
874 CRYPTO_set_dynlock_lock_callback(NULL);
875 CRYPTO_set_dynlock_destroy_callback(NULL);
876
877 int num_locks = CRYPTO_num_locks();
878 for (int i = 0; i < num_locks; i++)
879 RTCritSectDelete(&g_pSSLMutexes[i]);
880
881 RTMemFree(g_pSSLMutexes);
882 g_pSSLMutexes = NULL;
883}
884#endif /* WITH_OPENSSL && (OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)) */
885
886/****************************************************************************
887 *
888 * SOAP queue pumper thread
889 *
890 ****************************************************************************/
891
892static void doQueuesLoop()
893{
894#if defined(WITH_OPENSSL) && (OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER))
895 if (g_fSSL && CRYPTO_thread_setup())
896 {
897 LogRel(("Failed to set up OpenSSL thread mutex!"));
898 exit(RTEXITCODE_FAILURE);
899 }
900#endif
901
902 // set up gSOAP
903 struct soap soap;
904 soap_init(&soap);
905
906#ifdef WITH_OPENSSL
907 if (g_fSSL && soap_ssl_server_context(&soap, SOAP_SSL_REQUIRE_SERVER_AUTHENTICATION | SOAP_TLSv1, g_pcszKeyFile,
908 g_pcszPassword, g_pcszCACert, g_pcszCAPath,
909 g_pcszDHFile, g_pcszRandFile, g_pcszSID))
910 {
911 WebLogSoapError(&soap);
912 exit(RTEXITCODE_FAILURE);
913 }
914#endif /* WITH_OPENSSL */
915
916 soap.accept_timeout = 60;
917 soap.bind_flags |= SO_REUSEADDR;
918 // avoid EADDRINUSE on bind()
919
920 SOAP_SOCKET m, s; // master and slave sockets
921 m = soap_bind(&soap,
922 g_pcszBindToHost ? g_pcszBindToHost : "localhost", // safe default host
923 g_uBindToPort, // port
924 g_uBacklog); // backlog = max queue size for connections
925 if (m == SOAP_INVALID_SOCKET)
926 WebLogSoapError(&soap);
927 else
928 {
929#ifdef WITH_OPENSSL
930 const char *pszSsl = g_fSSL ? "SSL, " : "";
931#else /* !WITH_OPENSSL */
932 const char *pszSsl = "";
933#endif /*!WITH_OPENSSL */
934 LogRel(("Socket connection successful: host = %s, port = %u, %smaster socket = %d\n",
935 (g_pcszBindToHost) ? g_pcszBindToHost : "default (localhost)",
936 g_uBindToPort, pszSsl, m));
937
938 // initialize thread queue, mutex and eventsem
939 g_pSoapQ = new SoapQ();
940
941 uint64_t cAccepted = 1;
942 while (g_fKeepRunning)
943 {
944 s = soap_accept(&soap);
945 if (!soap_valid_socket(s))
946 {
947 if (soap.errnum != SOAP_EINTR)
948 WebLogSoapError(&soap);
949 continue;
950 }
951
952 // add the connection to the queue and tell worker threads to
953 // pick up the job
954 size_t cItemsOnQ = g_pSoapQ->add(&soap);
955 LogRel(("Connection %llu on socket %d queued for processing (%d items on Q)\n", cAccepted, s, cItemsOnQ));
956 cAccepted++;
957 }
958
959 delete g_pSoapQ;
960 g_pSoapQ = NULL;
961
962 LogRel(("Ending SOAP connection handling\n"));
963
964 }
965 soap_done(&soap); // close master socket and detach environment
966
967#if defined(WITH_OPENSSL) && (OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER))
968 if (g_fSSL)
969 CRYPTO_thread_cleanup();
970#endif
971}
972
973/**
974 * Thread function for the "queue pumper" thread started from main(). This implements
975 * the loop that takes SOAP calls from HTTP and serves them by handing connections to the
976 * SOAP queue worker threads.
977 */
978static DECLCALLBACK(int) fntQPumper(RTTHREAD hThreadSelf, void *pvUser)
979{
980 RT_NOREF(hThreadSelf, pvUser);
981
982 // store a log prefix for this thread
983 util::AutoWriteLock thrLock(g_pThreadsLockHandle COMMA_LOCKVAL_SRC_POS);
984 g_mapThreads[RTThreadSelf()] = "[ P ]";
985 thrLock.release();
986
987 doQueuesLoop();
988
989 thrLock.acquire();
990 g_mapThreads.erase(RTThreadSelf());
991 return VINF_SUCCESS;
992}
993
994#ifdef RT_OS_WINDOWS
995/**
996 * "Signal" handler for cleanly terminating the event loop.
997 */
998static BOOL WINAPI websrvSignalHandler(DWORD dwCtrlType)
999{
1000 bool fEventHandled = FALSE;
1001 switch (dwCtrlType)
1002 {
1003 /* User pressed CTRL+C or CTRL+BREAK or an external event was sent
1004 * via GenerateConsoleCtrlEvent(). */
1005 case CTRL_BREAK_EVENT:
1006 case CTRL_CLOSE_EVENT:
1007 case CTRL_C_EVENT:
1008 case CTRL_LOGOFF_EVENT:
1009 case CTRL_SHUTDOWN_EVENT:
1010 {
1011 ASMAtomicWriteBool(&g_fKeepRunning, false);
1012 com::NativeEventQueue *pQ = com::NativeEventQueue::getMainEventQueue();
1013 pQ->interruptEventQueueProcessing();
1014 fEventHandled = TRUE;
1015 break;
1016 }
1017 default:
1018 break;
1019 }
1020 return fEventHandled;
1021}
1022#else
1023/**
1024 * Signal handler for cleanly terminating the event loop.
1025 */
1026static void websrvSignalHandler(int iSignal)
1027{
1028 NOREF(iSignal);
1029 ASMAtomicWriteBool(&g_fKeepRunning, false);
1030 com::NativeEventQueue *pQ = com::NativeEventQueue::getMainEventQueue();
1031 pQ->interruptEventQueueProcessing();
1032}
1033#endif
1034
1035
1036/**
1037 * Start up the webservice server. This keeps running and waits
1038 * for incoming SOAP connections; for each request that comes in,
1039 * it calls method implementation code, most of it in the generated
1040 * code in methodmaps.cpp.
1041 *
1042 * @param argc
1043 * @param argv[]
1044 * @return
1045 */
1046int main(int argc, char *argv[])
1047{
1048 // initialize runtime
1049 int vrc = RTR3InitExe(argc, &argv, 0);
1050 if (RT_FAILURE(vrc))
1051 return RTMsgInitFailure(vrc);
1052#ifdef RT_OS_WINDOWS
1053 ATL::CComModule _Module; /* Required internally by ATL (constructor records instance in global variable). */
1054#endif
1055
1056 // store a log prefix for this thread
1057 g_mapThreads[RTThreadSelf()] = "[M ]";
1058
1059 RTStrmPrintf(g_pStdErr, VBOX_PRODUCT " web service Version " VBOX_VERSION_STRING "\n"
1060 "Copyright (C) 2007-" VBOX_C_YEAR " " VBOX_VENDOR "\n");
1061
1062 int c;
1063 const char *pszLogFile = NULL;
1064 const char *pszPidFile = NULL;
1065 RTGETOPTUNION ValueUnion;
1066 RTGETOPTSTATE GetState;
1067 RTGetOptInit(&GetState, argc, argv, g_aOptions, RT_ELEMENTS(g_aOptions), 1, 0 /*fFlags*/);
1068 while ((c = RTGetOpt(&GetState, &ValueUnion)))
1069 {
1070 switch (c)
1071 {
1072 case 'H':
1073 if (!ValueUnion.psz || !*ValueUnion.psz)
1074 {
1075 /* Normalize NULL/empty string to NULL, which will be
1076 * interpreted as "localhost" below. */
1077 g_pcszBindToHost = NULL;
1078 }
1079 else
1080 g_pcszBindToHost = ValueUnion.psz;
1081 break;
1082
1083 case 'p':
1084 g_uBindToPort = ValueUnion.u32;
1085 break;
1086
1087#ifdef WITH_OPENSSL
1088 case 's':
1089 g_fSSL = true;
1090 break;
1091
1092 case 'K':
1093 g_pcszKeyFile = ValueUnion.psz;
1094 break;
1095
1096 case 'a':
1097 if (ValueUnion.psz[0] == '\0')
1098 g_pcszPassword = NULL;
1099 else
1100 {
1101 PRTSTREAM StrmIn;
1102 if (!strcmp(ValueUnion.psz, "-"))
1103 StrmIn = g_pStdIn;
1104 else
1105 {
1106 vrc = RTStrmOpen(ValueUnion.psz, "r", &StrmIn);
1107 if (RT_FAILURE(vrc))
1108 return RTMsgErrorExit(RTEXITCODE_FAILURE, "failed to open password file (%s, %Rrc)", ValueUnion.psz, vrc);
1109 }
1110 char szPasswd[512];
1111 vrc = RTStrmGetLine(StrmIn, szPasswd, sizeof(szPasswd));
1112 if (RT_FAILURE(vrc))
1113 return RTMsgErrorExit(RTEXITCODE_FAILURE, "failed to read password (%s, %Rrc)", ValueUnion.psz, vrc);
1114 g_pcszPassword = RTStrDup(szPasswd);
1115 memset(szPasswd, '\0', sizeof(szPasswd));
1116 if (StrmIn != g_pStdIn)
1117 RTStrmClose(StrmIn);
1118 }
1119 break;
1120
1121 case 'c':
1122 g_pcszCACert = ValueUnion.psz;
1123 break;
1124
1125 case 'C':
1126 g_pcszCAPath = ValueUnion.psz;
1127 break;
1128
1129 case 'D':
1130 g_pcszDHFile = ValueUnion.psz;
1131 break;
1132
1133 case 'r':
1134 g_pcszRandFile = ValueUnion.psz;
1135 break;
1136#endif /* WITH_OPENSSL */
1137
1138 case 't':
1139 g_iWatchdogTimeoutSecs = ValueUnion.u32;
1140 break;
1141
1142 case 'i':
1143 g_iWatchdogCheckInterval = ValueUnion.u32;
1144 break;
1145
1146 case 'F':
1147 pszLogFile = ValueUnion.psz;
1148 break;
1149
1150 case 'R':
1151 g_cHistory = ValueUnion.u32;
1152 break;
1153
1154 case 'S':
1155 g_uHistoryFileSize = ValueUnion.u64;
1156 break;
1157
1158 case 'I':
1159 g_uHistoryFileTime = ValueUnion.u32;
1160 break;
1161
1162 case 'P':
1163 pszPidFile = ValueUnion.psz;
1164 break;
1165
1166 case 'T':
1167 g_cMaxWorkerThreads = ValueUnion.u32;
1168 break;
1169
1170 case 'k':
1171 g_cMaxKeepAlive = ValueUnion.u32;
1172 break;
1173
1174 case 'A':
1175 g_pcszAuthentication = ValueUnion.psz;
1176 break;
1177
1178 case 'h':
1179 DisplayHelp();
1180 return 0;
1181
1182 case 'v':
1183 g_fVerbose = true;
1184 break;
1185
1186#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX) || defined (RT_OS_SOLARIS) || defined(RT_OS_FREEBSD)
1187 case 'b':
1188 g_fDaemonize = true;
1189 break;
1190#endif
1191 case 'V':
1192 RTPrintf("%sr%s\n", RTBldCfgVersion(), RTBldCfgRevisionStr());
1193 return 0;
1194
1195 default:
1196 return RTGetOptPrintError(c, &ValueUnion);
1197 }
1198 }
1199
1200 /* create release logger, to stdout */
1201 RTERRINFOSTATIC ErrInfo;
1202 vrc = com::VBoxLogRelCreate("web service", g_fDaemonize ? NULL : pszLogFile,
1203 RTLOGFLAGS_PREFIX_THREAD | RTLOGFLAGS_PREFIX_TIME_PROG,
1204 "all", "VBOXWEBSRV_RELEASE_LOG",
1205 RTLOGDEST_STDOUT, UINT32_MAX /* cMaxEntriesPerGroup */,
1206 g_cHistory, g_uHistoryFileTime, g_uHistoryFileSize,
1207 RTErrInfoInitStatic(&ErrInfo));
1208 if (RT_FAILURE(vrc))
1209 return RTMsgErrorExit(RTEXITCODE_FAILURE, "failed to open release log (%s, %Rrc)", ErrInfo.Core.pszMsg, vrc);
1210
1211#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX) || defined (RT_OS_SOLARIS) || defined(RT_OS_FREEBSD)
1212 if (g_fDaemonize)
1213 {
1214 /* prepare release logging */
1215 char szLogFile[RTPATH_MAX];
1216
1217 if (!pszLogFile || !*pszLogFile)
1218 {
1219 vrc = com::GetVBoxUserHomeDirectory(szLogFile, sizeof(szLogFile));
1220 if (RT_FAILURE(vrc))
1221 return RTMsgErrorExit(RTEXITCODE_FAILURE, "could not get base directory for logging: %Rrc", vrc);
1222 vrc = RTPathAppend(szLogFile, sizeof(szLogFile), "vboxwebsrv.log");
1223 if (RT_FAILURE(vrc))
1224 return RTMsgErrorExit(RTEXITCODE_FAILURE, "could not construct logging path: %Rrc", vrc);
1225 pszLogFile = szLogFile;
1226 }
1227
1228 vrc = RTProcDaemonizeUsingFork(false /* fNoChDir */, false /* fNoClose */, pszPidFile);
1229 if (RT_FAILURE(vrc))
1230 return RTMsgErrorExit(RTEXITCODE_FAILURE, "failed to daemonize, vrc=%Rrc. exiting.", vrc);
1231
1232 /* create release logger, to file */
1233 vrc = com::VBoxLogRelCreate("web service", pszLogFile,
1234 RTLOGFLAGS_PREFIX_THREAD | RTLOGFLAGS_PREFIX_TIME_PROG,
1235 "all", "VBOXWEBSRV_RELEASE_LOG",
1236 RTLOGDEST_FILE, UINT32_MAX /* cMaxEntriesPerGroup */,
1237 g_cHistory, g_uHistoryFileTime, g_uHistoryFileSize,
1238 RTErrInfoInitStatic(&ErrInfo));
1239 if (RT_FAILURE(vrc))
1240 return RTMsgErrorExit(RTEXITCODE_FAILURE, "failed to open release log (%s, %Rrc)", ErrInfo.Core.pszMsg, vrc);
1241 }
1242#endif
1243
1244 // initialize SOAP SSL support if enabled
1245#ifdef WITH_OPENSSL
1246 if (g_fSSL)
1247 soap_ssl_init();
1248#endif /* WITH_OPENSSL */
1249
1250 // initialize COM/XPCOM
1251 HRESULT hrc = com::Initialize();
1252#ifdef VBOX_WITH_XPCOM
1253 if (hrc == NS_ERROR_FILE_ACCESS_DENIED)
1254 {
1255 char szHome[RTPATH_MAX] = "";
1256 com::GetVBoxUserHomeDirectory(szHome, sizeof(szHome));
1257 return RTMsgErrorExit(RTEXITCODE_FAILURE,
1258 "Failed to initialize COM because the global settings directory '%s' is not accessible!", szHome);
1259 }
1260#endif
1261 if (FAILED(hrc))
1262 return RTMsgErrorExit(RTEXITCODE_FAILURE, "failed to initialize COM! hrc=%Rhrc\n", hrc);
1263
1264 hrc = g_pVirtualBoxClient.createInprocObject(CLSID_VirtualBoxClient);
1265 if (FAILED(hrc))
1266 {
1267 RTMsgError("failed to create the VirtualBoxClient object!");
1268 com::ErrorInfo info;
1269 if (!info.isFullAvailable() && !info.isBasicAvailable())
1270 {
1271 com::GluePrintRCMessage(hrc);
1272 RTMsgError("Most likely, the VirtualBox COM server is not running or failed to start.");
1273 }
1274 else
1275 com::GluePrintErrorInfo(info);
1276 return RTEXITCODE_FAILURE;
1277 }
1278
1279 hrc = g_pVirtualBoxClient->COMGETTER(VirtualBox)(g_pVirtualBox.asOutParam());
1280 if (FAILED(hrc))
1281 {
1282 RTMsgError("Failed to get VirtualBox object (hrc=%Rhrc)!", hrc);
1283 return RTEXITCODE_FAILURE;
1284 }
1285
1286 // set the authentication method if requested
1287 if (g_pVirtualBox && g_pcszAuthentication && g_pcszAuthentication[0])
1288 {
1289 ComPtr<ISystemProperties> pSystemProperties;
1290 g_pVirtualBox->COMGETTER(SystemProperties)(pSystemProperties.asOutParam());
1291 if (pSystemProperties)
1292 pSystemProperties->COMSETTER(WebServiceAuthLibrary)(com::Bstr(g_pcszAuthentication).raw());
1293 }
1294
1295 /* VirtualBoxClient events registration. */
1296 ComPtr<IEventListener> vboxClientListener;
1297 {
1298 ComPtr<IEventSource> pES;
1299 CHECK_ERROR(g_pVirtualBoxClient, COMGETTER(EventSource)(pES.asOutParam()));
1300 ComObjPtr<VirtualBoxClientEventListenerImpl> clientListener;
1301 clientListener.createObject();
1302 clientListener->init(new VirtualBoxClientEventListener());
1303 vboxClientListener = clientListener;
1304 com::SafeArray<VBoxEventType_T> eventTypes;
1305 eventTypes.push_back(VBoxEventType_OnVBoxSVCAvailabilityChanged);
1306 CHECK_ERROR(pES, RegisterListener(vboxClientListener, ComSafeArrayAsInParam(eventTypes), true));
1307 }
1308
1309 // create the global mutexes
1310 g_pAuthLibLockHandle = new util::WriteLockHandle(util::LOCKCLASS_WEBSERVICE);
1311 g_pVirtualBoxLockHandle = new util::RWLockHandle(util::LOCKCLASS_WEBSERVICE);
1312 g_pWebsessionsLockHandle = new util::WriteLockHandle(util::LOCKCLASS_WEBSERVICE);
1313 g_pThreadsLockHandle = new util::RWLockHandle(util::LOCKCLASS_OBJECTSTATE);
1314
1315 // SOAP queue pumper thread
1316 RTTHREAD threadQPumper;
1317 vrc = RTThreadCreate(&threadQPumper,
1318 fntQPumper,
1319 NULL, // pvUser
1320 0, // cbStack (default)
1321 RTTHREADTYPE_MAIN_WORKER,
1322 RTTHREADFLAGS_WAITABLE,
1323 "SQPmp");
1324 if (RT_FAILURE(vrc))
1325 return RTMsgErrorExit(RTEXITCODE_FAILURE, "Cannot start SOAP queue pumper thread: %Rrc", vrc);
1326
1327 // watchdog thread
1328 RTTHREAD threadWatchdog = NIL_RTTHREAD;
1329 if (g_iWatchdogTimeoutSecs > 0)
1330 {
1331 // start our watchdog thread
1332 vrc = RTThreadCreate(&threadWatchdog,
1333 fntWatchdog,
1334 NULL,
1335 0,
1336 RTTHREADTYPE_MAIN_WORKER,
1337 RTTHREADFLAGS_WAITABLE,
1338 "Watchdog");
1339 if (RT_FAILURE(vrc))
1340 return RTMsgErrorExit(RTEXITCODE_FAILURE, "Cannot start watchdog thread: %Rrc", vrc);
1341 }
1342
1343#ifdef RT_OS_WINDOWS
1344 if (!SetConsoleCtrlHandler((PHANDLER_ROUTINE)websrvSignalHandler, TRUE /* Add handler */))
1345 {
1346 vrc = RTErrConvertFromWin32(GetLastError());
1347 RTMsgError("Unable to install console control handler, vrc=%Rrc\n", vrc);
1348 }
1349#else
1350 signal(SIGINT, websrvSignalHandler);
1351 signal(SIGTERM, websrvSignalHandler);
1352# ifdef SIGBREAK
1353 signal(SIGBREAK, websrvSignalHandler);
1354# endif
1355#endif
1356
1357 com::NativeEventQueue *pQ = com::NativeEventQueue::getMainEventQueue();
1358 while (g_fKeepRunning)
1359 {
1360 // we have to process main event queue
1361 WEBDEBUG(("Pumping COM event queue\n"));
1362 vrc = pQ->processEventQueue(RT_INDEFINITE_WAIT);
1363 if (RT_FAILURE(vrc))
1364 RTMsgError("processEventQueue -> %Rrc", vrc);
1365 }
1366
1367 LogRel(("requested termination, cleaning up\n"));
1368
1369#ifdef RT_OS_WINDOWS
1370 if (!SetConsoleCtrlHandler((PHANDLER_ROUTINE)websrvSignalHandler, FALSE /* Remove handler */))
1371 {
1372 vrc = RTErrConvertFromWin32(GetLastError());
1373 RTMsgError("Unable to remove console control handler, vrc=%Rrc\n", vrc);
1374 }
1375#else
1376 signal(SIGINT, SIG_DFL);
1377 signal(SIGTERM, SIG_DFL);
1378# ifdef SIGBREAK
1379 signal(SIGBREAK, SIG_DFL);
1380# endif
1381#endif
1382
1383#ifndef RT_OS_WINDOWS
1384 RTThreadPoke(threadQPumper);
1385#endif
1386 RTThreadWait(threadQPumper, 30000, NULL);
1387 if (threadWatchdog != NIL_RTTHREAD)
1388 {
1389#ifndef RT_OS_WINDOWS
1390 RTThreadPoke(threadWatchdog);
1391#endif
1392 RTThreadWait(threadWatchdog, g_iWatchdogCheckInterval * 1000 + 10000, NULL);
1393 }
1394
1395 /* VirtualBoxClient events unregistration. */
1396 if (vboxClientListener)
1397 {
1398 ComPtr<IEventSource> pES;
1399 CHECK_ERROR(g_pVirtualBoxClient, COMGETTER(EventSource)(pES.asOutParam()));
1400 if (!pES.isNull())
1401 CHECK_ERROR(pES, UnregisterListener(vboxClientListener));
1402 vboxClientListener.setNull();
1403 }
1404
1405 {
1406 util::AutoWriteLock vlock(g_pVirtualBoxLockHandle COMMA_LOCKVAL_SRC_POS);
1407 g_pVirtualBox.setNull();
1408 }
1409 {
1410 util::AutoWriteLock lock(g_pWebsessionsLockHandle COMMA_LOCKVAL_SRC_POS);
1411 WebsessionsMapIterator it = g_mapWebsessions.begin(),
1412 itEnd = g_mapWebsessions.end();
1413 while (it != itEnd)
1414 {
1415 WebServiceSession *pWebsession = it->second;
1416 WEBDEBUG(("SVC unavailable: websession %#llx stale, deleting\n", pWebsession->getID()));
1417 delete pWebsession;
1418 it = g_mapWebsessions.begin();
1419 }
1420 }
1421 g_pVirtualBoxClient.setNull();
1422
1423 com::Shutdown();
1424
1425 return 0;
1426}
1427
1428/****************************************************************************
1429 *
1430 * Watchdog thread
1431 *
1432 ****************************************************************************/
1433
1434/**
1435 * Watchdog thread, runs in the background while the webservice is alive.
1436 *
1437 * This gets started by main() and runs in the background to check all websessions
1438 * for whether they have been no requests in a configurable timeout period. In
1439 * that case, the websession is automatically logged off.
1440 */
1441static DECLCALLBACK(int) fntWatchdog(RTTHREAD hThreadSelf, void *pvUser)
1442{
1443 RT_NOREF(hThreadSelf, pvUser);
1444
1445 // store a log prefix for this thread
1446 util::AutoWriteLock thrLock(g_pThreadsLockHandle COMMA_LOCKVAL_SRC_POS);
1447 g_mapThreads[RTThreadSelf()] = "[W ]";
1448 thrLock.release();
1449
1450 WEBDEBUG(("Watchdog thread started\n"));
1451
1452 uint32_t tNextStat = 0;
1453
1454 while (g_fKeepRunning)
1455 {
1456 WEBDEBUG(("Watchdog: sleeping %d seconds\n", g_iWatchdogCheckInterval));
1457 RTThreadSleep(g_iWatchdogCheckInterval * 1000);
1458
1459 uint32_t tNow = RTTimeProgramSecTS();
1460
1461 // we're messing with websessions, so lock them
1462 util::AutoWriteLock lock(g_pWebsessionsLockHandle COMMA_LOCKVAL_SRC_POS);
1463 WEBDEBUG(("Watchdog: checking %d websessions\n", g_mapWebsessions.size()));
1464
1465 WebsessionsMapIterator it = g_mapWebsessions.begin(),
1466 itEnd = g_mapWebsessions.end();
1467 while (it != itEnd)
1468 {
1469 WebServiceSession *pWebsession = it->second;
1470 WEBDEBUG(("Watchdog: tNow: %d, websession timestamp: %d\n", tNow, pWebsession->getLastObjectLookup()));
1471 if (tNow > pWebsession->getLastObjectLookup() + g_iWatchdogTimeoutSecs)
1472 {
1473 WEBDEBUG(("Watchdog: websession %#llx timed out, deleting\n", pWebsession->getID()));
1474 delete pWebsession;
1475 it = g_mapWebsessions.begin();
1476 }
1477 else
1478 ++it;
1479 }
1480
1481 // re-set the authentication method in case it has been changed
1482 if (g_pVirtualBox && g_pcszAuthentication && g_pcszAuthentication[0])
1483 {
1484 ComPtr<ISystemProperties> pSystemProperties;
1485 g_pVirtualBox->COMGETTER(SystemProperties)(pSystemProperties.asOutParam());
1486 if (pSystemProperties)
1487 pSystemProperties->COMSETTER(WebServiceAuthLibrary)(com::Bstr(g_pcszAuthentication).raw());
1488 }
1489
1490 // Log some MOR usage statistics every 5 minutes, but only if there's
1491 // something worth logging (at least one reference or a transition to
1492 // zero references). Avoids useless log spamming in idle webservice.
1493 if (tNow >= tNextStat)
1494 {
1495 size_t cMOR = 0;
1496 it = g_mapWebsessions.begin();
1497 itEnd = g_mapWebsessions.end();
1498 while (it != itEnd)
1499 {
1500 cMOR += it->second->CountRefs();
1501 ++it;
1502 }
1503 static bool fLastZero = false;
1504 if (cMOR || !fLastZero)
1505 LogRel(("Statistics: %zu websessions, %zu references\n",
1506 g_mapWebsessions.size(), cMOR));
1507 fLastZero = (cMOR == 0);
1508 while (tNextStat <= tNow)
1509 tNextStat += 5 * 60; /* 5 minutes */
1510 }
1511 }
1512
1513 thrLock.acquire();
1514 g_mapThreads.erase(RTThreadSelf());
1515
1516 LogRel(("ending Watchdog thread\n"));
1517 return 0;
1518}
1519
1520/****************************************************************************
1521 *
1522 * SOAP exceptions
1523 *
1524 ****************************************************************************/
1525
1526/**
1527 * Helper function to raise a SOAP fault. Called by the other helper
1528 * functions, which raise specific SOAP faults.
1529 *
1530 * @param soap
1531 * @param pcsz
1532 * @param extype
1533 * @param ex
1534 */
1535static void RaiseSoapFault(struct soap *soap,
1536 const char *pcsz,
1537 int extype,
1538 void *ex)
1539{
1540 // raise the fault
1541 soap_sender_fault(soap, pcsz, NULL);
1542
1543 struct SOAP_ENV__Detail *pDetail = (struct SOAP_ENV__Detail*)soap_malloc(soap, sizeof(struct SOAP_ENV__Detail));
1544
1545 // without the following, gSOAP crashes miserably when sending out the
1546 // data because it will try to serialize all fields (stupid documentation)
1547 memset(pDetail, 0, sizeof(struct SOAP_ENV__Detail));
1548
1549 // fill extended info depending on SOAP version
1550 if (soap->version == 2) // SOAP 1.2 is used
1551 {
1552 soap->fault->SOAP_ENV__Detail = pDetail;
1553 soap->fault->SOAP_ENV__Detail->__type = extype;
1554 soap->fault->SOAP_ENV__Detail->fault = ex;
1555 soap->fault->SOAP_ENV__Detail->__any = NULL; // no other XML data
1556 }
1557 else
1558 {
1559 soap->fault->detail = pDetail;
1560 soap->fault->detail->__type = extype;
1561 soap->fault->detail->fault = ex;
1562 soap->fault->detail->__any = NULL; // no other XML data
1563 }
1564}
1565
1566/**
1567 * Raises a SOAP fault that signals that an invalid object was passed.
1568 *
1569 * @param soap
1570 * @param obj
1571 */
1572void RaiseSoapInvalidObjectFault(struct soap *soap,
1573 WSDLT_ID obj)
1574{
1575 _vbox__InvalidObjectFault *ex = soap_new__vbox__InvalidObjectFault(soap, 1);
1576 ex->badObjectID = obj;
1577
1578 std::string str("VirtualBox error: ");
1579 str += "Invalid managed object reference \"" + obj + "\"";
1580
1581 RaiseSoapFault(soap,
1582 str.c_str(),
1583 SOAP_TYPE__vbox__InvalidObjectFault,
1584 ex);
1585}
1586
1587/**
1588 * Return a safe C++ string from the given COM string,
1589 * without crashing if the COM string is empty.
1590 * @param bstr
1591 * @return
1592 */
1593std::string ConvertComString(const com::Bstr &bstr)
1594{
1595 com::Utf8Str ustr(bstr);
1596 return ustr.c_str(); /// @todo r=dj since the length is known, we can probably use a better std::string allocator
1597}
1598
1599/**
1600 * Return a safe C++ string from the given COM UUID,
1601 * without crashing if the UUID is empty.
1602 * @param uuid
1603 * @return
1604 */
1605std::string ConvertComString(const com::Guid &uuid)
1606{
1607 com::Utf8Str ustr(uuid.toString());
1608 return ustr.c_str(); /// @todo r=dj since the length is known, we can probably use a better std::string allocator
1609}
1610
1611/** Code to handle string <-> byte arrays base64 conversion. */
1612std::string Base64EncodeByteArray(ComSafeArrayIn(BYTE, aData))
1613{
1614
1615 com::SafeArray<BYTE> sfaData(ComSafeArrayInArg(aData));
1616 ssize_t cbData = sfaData.size();
1617
1618 if (cbData == 0)
1619 return "";
1620
1621 ssize_t cchOut = RTBase64EncodedLength(cbData);
1622
1623 RTCString aStr;
1624
1625 aStr.reserve(cchOut+1);
1626 int vrc = RTBase64Encode(sfaData.raw(), cbData, aStr.mutableRaw(), aStr.capacity(), NULL);
1627 AssertRC(vrc);
1628 aStr.jolt();
1629
1630 return aStr.c_str();
1631}
1632
1633#define DECODE_STR_MAX _1M
1634void Base64DecodeByteArray(struct soap *soap, const std::string& aStr, ComSafeArrayOut(BYTE, aData), const WSDLT_ID &idThis, const char *pszMethodName, IUnknown *pObj, const com::Guid &iid)
1635{
1636 const char* pszStr = aStr.c_str();
1637 ssize_t cbOut = RTBase64DecodedSize(pszStr, NULL);
1638
1639 if (cbOut > DECODE_STR_MAX)
1640 {
1641 LogRel(("Decode string too long.\n"));
1642 RaiseSoapRuntimeFault(soap, idThis, pszMethodName, E_INVALIDARG, pObj, iid);
1643 }
1644
1645 com::SafeArray<BYTE> result(cbOut);
1646 int vrc = RTBase64Decode(pszStr, result.raw(), cbOut, NULL, NULL);
1647 if (FAILED(vrc))
1648 {
1649 LogRel(("String Decoding Failed. Error code: %Rrc\n", vrc));
1650 RaiseSoapRuntimeFault(soap, idThis, pszMethodName, E_INVALIDARG, pObj, iid);
1651 }
1652
1653 result.detachTo(ComSafeArrayOutArg(aData));
1654}
1655
1656/**
1657 * Raises a SOAP runtime fault.
1658 *
1659 * @param soap
1660 * @param idThis
1661 * @param pcszMethodName
1662 * @param apirc
1663 * @param pObj
1664 * @param iid
1665 */
1666void RaiseSoapRuntimeFault(struct soap *soap,
1667 const WSDLT_ID &idThis,
1668 const char *pcszMethodName,
1669 HRESULT apirc,
1670 IUnknown *pObj,
1671 const com::Guid &iid)
1672{
1673 com::ErrorInfo info(pObj, iid.ref());
1674
1675 WEBDEBUG((" error, raising SOAP exception\n"));
1676
1677 LogRel(("API method name: %s\n", pcszMethodName));
1678 LogRel(("API return code: %#10lx (%Rhrc)\n", apirc, apirc));
1679 if (info.isFullAvailable() || info.isBasicAvailable())
1680 {
1681 const com::ErrorInfo *pInfo = &info;
1682 do
1683 {
1684 LogRel(("COM error info result code: %#10lx (%Rhrc)\n", pInfo->getResultCode(), pInfo->getResultCode()));
1685 LogRel(("COM error info text: %ls\n", pInfo->getText().raw()));
1686
1687 pInfo = pInfo->getNext();
1688 }
1689 while (pInfo);
1690 }
1691
1692 // compose descriptive message
1693 com::Utf8StrFmt str("VirtualBox error: apirc=%#lx", apirc);
1694 if (info.isFullAvailable() || info.isBasicAvailable())
1695 {
1696 const com::ErrorInfo *pInfo = &info;
1697 do
1698 {
1699 str += com::Utf8StrFmt(" %ls (%#lx)", pInfo->getText().raw(), pInfo->getResultCode());
1700 pInfo = pInfo->getNext();
1701 }
1702 while (pInfo);
1703 }
1704
1705 // allocate our own soap fault struct
1706 _vbox__RuntimeFault *ex = soap_new__vbox__RuntimeFault(soap, 1);
1707 ComPtr<IVirtualBoxErrorInfo> pVirtualBoxErrorInfo;
1708 info.getVirtualBoxErrorInfo(pVirtualBoxErrorInfo);
1709 ex->resultCode = apirc;
1710 ex->returnval = createOrFindRefFromComPtr(idThis, g_pcszIVirtualBoxErrorInfo, pVirtualBoxErrorInfo);
1711
1712 RaiseSoapFault(soap,
1713 str.c_str(),
1714 SOAP_TYPE__vbox__RuntimeFault,
1715 ex);
1716}
1717
1718/****************************************************************************
1719 *
1720 * splitting and merging of object IDs
1721 *
1722 ****************************************************************************/
1723
1724/**
1725 * Splits a managed object reference (in string form, as passed in from a SOAP
1726 * method call) into two integers for websession and object IDs, respectively.
1727 *
1728 * @param id
1729 * @param pWebsessId
1730 * @param pObjId
1731 * @return
1732 */
1733static bool SplitManagedObjectRef(const WSDLT_ID &id,
1734 uint64_t *pWebsessId,
1735 uint64_t *pObjId)
1736{
1737 // 64-bit numbers in hex have 16 digits; hence
1738 // the object-ref string must have 16 + "-" + 16 characters
1739 if ( id.length() == 33
1740 && id[16] == '-'
1741 )
1742 {
1743 char psz[34];
1744 memcpy(psz, id.c_str(), 34);
1745 psz[16] = '\0';
1746 if (pWebsessId)
1747 RTStrToUInt64Full(psz, 16, pWebsessId);
1748 if (pObjId)
1749 RTStrToUInt64Full(psz + 17, 16, pObjId);
1750 return true;
1751 }
1752
1753 return false;
1754}
1755
1756/**
1757 * Creates a managed object reference (in string form) from
1758 * two integers representing a websession and object ID, respectively.
1759 *
1760 * @param sz Buffer with at least 34 bytes space to receive MOR string.
1761 * @param websessId
1762 * @param objId
1763 */
1764static void MakeManagedObjectRef(char *sz,
1765 uint64_t websessId,
1766 uint64_t objId)
1767{
1768 RTStrFormatNumber(sz, websessId, 16, 16, 0, RTSTR_F_64BIT | RTSTR_F_ZEROPAD);
1769 sz[16] = '-';
1770 RTStrFormatNumber(sz + 17, objId, 16, 16, 0, RTSTR_F_64BIT | RTSTR_F_ZEROPAD);
1771}
1772
1773/****************************************************************************
1774 *
1775 * class WebServiceSession
1776 *
1777 ****************************************************************************/
1778
1779class WebServiceSessionPrivate
1780{
1781 public:
1782 ManagedObjectsMapById _mapManagedObjectsById;
1783 ManagedObjectsMapByPtr _mapManagedObjectsByPtr;
1784};
1785
1786/**
1787 * Constructor for the websession object.
1788 *
1789 * Preconditions: Caller must have locked g_pWebsessionsLockHandle.
1790 */
1791WebServiceSession::WebServiceSession()
1792 : _uNextObjectID(1), // avoid 0 for no real reason
1793 _fDestructing(false),
1794 _tLastObjectLookup(0)
1795{
1796 _pp = new WebServiceSessionPrivate;
1797 _uWebsessionID = RTRandU64();
1798
1799 // register this websession globally
1800 Assert(g_pWebsessionsLockHandle->isWriteLockOnCurrentThread());
1801 g_mapWebsessions[_uWebsessionID] = this;
1802}
1803
1804/**
1805 * Destructor. Cleans up and destroys all contained managed object references on the way.
1806 *
1807 * Preconditions: Caller must have locked g_pWebsessionsLockHandle.
1808 */
1809WebServiceSession::~WebServiceSession()
1810{
1811 // delete us from global map first so we can't be found
1812 // any more while we're cleaning up
1813 Assert(g_pWebsessionsLockHandle->isWriteLockOnCurrentThread());
1814 g_mapWebsessions.erase(_uWebsessionID);
1815
1816 // notify ManagedObjectRef destructor so it won't
1817 // remove itself from the maps; this avoids rebalancing
1818 // the map's tree on every delete as well
1819 _fDestructing = true;
1820
1821 ManagedObjectsIteratorById it,
1822 end = _pp->_mapManagedObjectsById.end();
1823 for (it = _pp->_mapManagedObjectsById.begin();
1824 it != end;
1825 ++it)
1826 {
1827 ManagedObjectRef *pRef = it->second;
1828 delete pRef; // this frees the contained ComPtr as well
1829 }
1830
1831 delete _pp;
1832}
1833
1834/**
1835 * Authenticate the username and password against an authentication authority.
1836 *
1837 * @return 0 if the user was successfully authenticated, or an error code
1838 * otherwise.
1839 */
1840int WebServiceSession::authenticate(const char *pcszUsername,
1841 const char *pcszPassword,
1842 IVirtualBox **ppVirtualBox)
1843{
1844 int vrc = VERR_WEB_NOT_AUTHENTICATED;
1845 ComPtr<IVirtualBox> pVirtualBox;
1846 {
1847 util::AutoReadLock vlock(g_pVirtualBoxLockHandle COMMA_LOCKVAL_SRC_POS);
1848 pVirtualBox = g_pVirtualBox;
1849 }
1850 if (pVirtualBox.isNull())
1851 return vrc;
1852 pVirtualBox.queryInterfaceTo(ppVirtualBox);
1853
1854 util::AutoReadLock lock(g_pAuthLibLockHandle COMMA_LOCKVAL_SRC_POS);
1855
1856 static bool fAuthLibLoaded = false;
1857 static PAUTHENTRY pfnAuthEntry = NULL;
1858 static PAUTHENTRY2 pfnAuthEntry2 = NULL;
1859 static PAUTHENTRY3 pfnAuthEntry3 = NULL;
1860
1861 if (!fAuthLibLoaded)
1862 {
1863 // retrieve authentication library from system properties
1864 ComPtr<ISystemProperties> systemProperties;
1865 pVirtualBox->COMGETTER(SystemProperties)(systemProperties.asOutParam());
1866
1867 com::Bstr authLibrary;
1868 systemProperties->COMGETTER(WebServiceAuthLibrary)(authLibrary.asOutParam());
1869 com::Utf8Str filename = authLibrary;
1870
1871 LogRel(("External authentication library is '%ls'\n", authLibrary.raw()));
1872
1873 if (filename == "null")
1874 // authentication disabled, let everyone in:
1875 fAuthLibLoaded = true;
1876 else
1877 {
1878 RTLDRMOD hlibAuth = 0;
1879 do
1880 {
1881 if (RTPathHavePath(filename.c_str()))
1882 vrc = RTLdrLoad(filename.c_str(), &hlibAuth);
1883 else
1884 vrc = RTLdrLoadAppPriv(filename.c_str(), &hlibAuth);
1885 if (RT_FAILURE(vrc))
1886 {
1887 WEBDEBUG(("%s() Failed to load external authentication library '%s'. Error code: %Rrc\n",
1888 __FUNCTION__, filename.c_str(), vrc));
1889 break;
1890 }
1891
1892 if (RT_FAILURE(vrc = RTLdrGetSymbol(hlibAuth, AUTHENTRY3_NAME, (void**)&pfnAuthEntry3)))
1893 {
1894 WEBDEBUG(("%s(): Could not resolve import '%s'. Error code: %Rrc\n",
1895 __FUNCTION__, AUTHENTRY3_NAME, vrc));
1896
1897 if (RT_FAILURE(vrc = RTLdrGetSymbol(hlibAuth, AUTHENTRY2_NAME, (void**)&pfnAuthEntry2)))
1898 {
1899 WEBDEBUG(("%s(): Could not resolve import '%s'. Error code: %Rrc\n",
1900 __FUNCTION__, AUTHENTRY2_NAME, vrc));
1901
1902 if (RT_FAILURE(vrc = RTLdrGetSymbol(hlibAuth, AUTHENTRY_NAME, (void**)&pfnAuthEntry)))
1903 WEBDEBUG(("%s(): Could not resolve import '%s'. Error code: %Rrc\n",
1904 __FUNCTION__, AUTHENTRY_NAME, vrc));
1905 }
1906 }
1907
1908 if (pfnAuthEntry || pfnAuthEntry2 || pfnAuthEntry3)
1909 fAuthLibLoaded = true;
1910
1911 } while (0);
1912 }
1913 }
1914
1915 if (strlen(pcszUsername) >= _1K)
1916 {
1917 LogRel(("Access denied, excessive username length: %zu\n", strlen(pcszUsername)));
1918 vrc = VERR_WEB_NOT_AUTHENTICATED;
1919 }
1920 else if (strlen(pcszPassword) >= _1K)
1921 {
1922 LogRel(("Access denied, excessive password length: %zu\n", strlen(pcszPassword)));
1923 vrc = VERR_WEB_NOT_AUTHENTICATED;
1924 }
1925 else if (pfnAuthEntry3 || pfnAuthEntry2 || pfnAuthEntry)
1926 {
1927 const char *pszFn;
1928 AuthResult result;
1929 if (pfnAuthEntry3)
1930 {
1931 result = pfnAuthEntry3("webservice", NULL, AuthGuestNotAsked, pcszUsername, pcszPassword, NULL, true, 0);
1932 pszFn = AUTHENTRY3_NAME;
1933 }
1934 else if (pfnAuthEntry2)
1935 {
1936 result = pfnAuthEntry2(NULL, AuthGuestNotAsked, pcszUsername, pcszPassword, NULL, true, 0);
1937 pszFn = AUTHENTRY2_NAME;
1938 }
1939 else
1940 {
1941 result = pfnAuthEntry(NULL, AuthGuestNotAsked, pcszUsername, pcszPassword, NULL);
1942 pszFn = AUTHENTRY_NAME;
1943 }
1944 WEBDEBUG(("%s(): result of %s('%s', [%d]): %d (%s)\n",
1945 __FUNCTION__, pszFn, pcszUsername, strlen(pcszPassword), result, decodeAuthResult(result)));
1946 if (result == AuthResultAccessGranted)
1947 {
1948 LogRel(("Access for user '%s' granted\n", pcszUsername));
1949 vrc = VINF_SUCCESS;
1950 }
1951 else
1952 {
1953 if (result == AuthResultAccessDenied)
1954 LogRel(("Access for user '%s' denied\n", pcszUsername));
1955 vrc = VERR_WEB_NOT_AUTHENTICATED;
1956 }
1957 }
1958 else if (fAuthLibLoaded)
1959 {
1960 // fAuthLibLoaded = true but all pointers are NULL:
1961 // The authlib was "null" and auth was disabled
1962 vrc = VINF_SUCCESS;
1963 }
1964 else
1965 {
1966 WEBDEBUG(("Could not resolve AuthEntry, VRDPAuth2 or VRDPAuth entry point"));
1967 vrc = VERR_WEB_NOT_AUTHENTICATED;
1968 }
1969
1970 lock.release();
1971
1972 return vrc;
1973}
1974
1975/**
1976 * Look up, in this websession, whether a ManagedObjectRef has already been
1977 * created for the given COM pointer.
1978 *
1979 * Note how we require that a ComPtr<IUnknown> is passed, which causes a
1980 * queryInterface call when the caller passes in a different type, since
1981 * a ComPtr<IUnknown> will point to something different than a
1982 * ComPtr<IVirtualBox>, for example. As we store the ComPtr<IUnknown> in
1983 * our private hash table, we must search for one too.
1984 *
1985 * Preconditions: Caller must have locked g_pWebsessionsLockHandle.
1986 *
1987 * @param pObject pointer to a COM object.
1988 * @return The existing ManagedObjectRef that represents the COM object, or NULL if there's none yet.
1989 */
1990ManagedObjectRef* WebServiceSession::findRefFromPtr(const IUnknown *pObject)
1991{
1992 Assert(g_pWebsessionsLockHandle->isWriteLockOnCurrentThread());
1993
1994 uintptr_t ulp = (uintptr_t)pObject;
1995 // WEBDEBUG((" %s: looking up %#lx\n", __FUNCTION__, ulp));
1996 ManagedObjectsIteratorByPtr it = _pp->_mapManagedObjectsByPtr.find(ulp);
1997 if (it != _pp->_mapManagedObjectsByPtr.end())
1998 {
1999 ManagedObjectRef *pRef = it->second;
2000 WEBDEBUG((" %s: found existing ref %s (%s) for COM obj %#lx\n", __FUNCTION__, pRef->getWSDLID().c_str(), pRef->getInterfaceName(), ulp));
2001 return pRef;
2002 }
2003
2004 return NULL;
2005}
2006
2007/**
2008 * Static method which attempts to find the websession for which the given
2009 * managed object reference was created, by splitting the reference into the
2010 * websession and object IDs and then looking up the websession object.
2011 *
2012 * Preconditions: Caller must have locked g_pWebsessionsLockHandle in read mode.
2013 *
2014 * @param id Managed object reference (with combined websession and object IDs).
2015 * @return
2016 */
2017WebServiceSession *WebServiceSession::findWebsessionFromRef(const WSDLT_ID &id)
2018{
2019 Assert(g_pWebsessionsLockHandle->isWriteLockOnCurrentThread());
2020
2021 WebServiceSession *pWebsession = NULL;
2022 uint64_t websessId;
2023 if (SplitManagedObjectRef(id,
2024 &websessId,
2025 NULL))
2026 {
2027 WebsessionsMapIterator it = g_mapWebsessions.find(websessId);
2028 if (it != g_mapWebsessions.end())
2029 pWebsession = it->second;
2030 }
2031 return pWebsession;
2032}
2033
2034/**
2035 * Touches the websession to prevent it from timing out.
2036 *
2037 * Each websession has an internal timestamp that records the last request made
2038 * to it from the client that started it. If no request was made within a
2039 * configurable timeframe, then the client is logged off automatically,
2040 * by calling IWebsessionManager::logoff()
2041 */
2042void WebServiceSession::touch()
2043{
2044 _tLastObjectLookup = RTTimeProgramSecTS();
2045}
2046
2047/**
2048 * Counts the number of managed object references in this websession.
2049 */
2050size_t WebServiceSession::CountRefs()
2051{
2052 return _pp->_mapManagedObjectsById.size();
2053}
2054
2055
2056/****************************************************************************
2057 *
2058 * class ManagedObjectRef
2059 *
2060 ****************************************************************************/
2061
2062/**
2063 * Constructor, which assigns a unique ID to this managed object
2064 * reference and stores it in two hashes (living in the associated
2065 * WebServiceSession object):
2066 *
2067 * a) _mapManagedObjectsById, which maps ManagedObjectID's to
2068 * instances of this class; this hash is then used by the
2069 * findObjectFromRef() template function in vboxweb.h
2070 * to quickly retrieve the COM object from its managed
2071 * object ID (mostly in the context of the method mappers
2072 * in methodmaps.cpp, when a web service client passes in
2073 * a managed object ID);
2074 *
2075 * b) _mapManagedObjectsByPtr, which maps COM pointers to
2076 * instances of this class; this hash is used by
2077 * createRefFromObject() to quickly figure out whether an
2078 * instance already exists for a given COM pointer.
2079 *
2080 * This constructor calls AddRef() on the given COM object, and
2081 * the destructor will call Release(). We require two input pointers
2082 * for that COM object, one generic IUnknown* pointer which is used
2083 * as the map key, and a specific interface pointer (e.g. IMachine*)
2084 * which must support the interface given in guidInterface. All
2085 * three values are returned by getPtr(), which gives future callers
2086 * a chance to reuse the specific interface pointer without having
2087 * to call QueryInterface, which can be expensive.
2088 *
2089 * This does _not_ check whether another instance already
2090 * exists in the hash. This gets called only from the
2091 * createOrFindRefFromComPtr() template function in vboxweb.h, which
2092 * does perform that check.
2093 *
2094 * Preconditions: Caller must have locked g_pWebsessionsLockHandle.
2095 *
2096 * @param websession Websession to which the MOR will be added.
2097 * @param pobjUnknown Pointer to IUnknown* interface for the COM object; this will be used in the hashes.
2098 * @param pobjInterface Pointer to a specific interface for the COM object, described by guidInterface.
2099 * @param guidInterface Interface which pobjInterface points to.
2100 * @param pcszInterface String representation of that interface (e.g. "IMachine") for readability and logging.
2101 */
2102ManagedObjectRef::ManagedObjectRef(WebServiceSession &websession,
2103 IUnknown *pobjUnknown,
2104 void *pobjInterface,
2105 const com::Guid &guidInterface,
2106 const char *pcszInterface)
2107 : _websession(websession),
2108 _pobjUnknown(pobjUnknown),
2109 _pobjInterface(pobjInterface),
2110 _guidInterface(guidInterface),
2111 _pcszInterface(pcszInterface)
2112{
2113 Assert(pobjUnknown);
2114 Assert(pobjInterface);
2115
2116 // keep both stubs alive while this MOR exists (matching Release() calls are in destructor)
2117 uint32_t cRefs1 = pobjUnknown->AddRef();
2118 uint32_t cRefs2 = ((IUnknown*)pobjInterface)->AddRef();
2119 _ulp = (uintptr_t)pobjUnknown;
2120
2121 Assert(g_pWebsessionsLockHandle->isWriteLockOnCurrentThread());
2122 _id = websession.createObjectID();
2123 // and count globally
2124 ULONG64 cTotal = ++g_cManagedObjects; // raise global count and make a copy for the debug message below
2125
2126 char sz[34];
2127 MakeManagedObjectRef(sz, websession._uWebsessionID, _id);
2128 _strID = sz;
2129
2130 websession._pp->_mapManagedObjectsById[_id] = this;
2131 websession._pp->_mapManagedObjectsByPtr[_ulp] = this;
2132
2133 websession.touch();
2134
2135 WEBDEBUG((" * %s: MOR created for %s*=%#p (IUnknown*=%#p; COM refcount now %RI32/%RI32), new ID is %#llx; now %lld objects total\n",
2136 __FUNCTION__,
2137 pcszInterface,
2138 pobjInterface,
2139 pobjUnknown,
2140 cRefs1,
2141 cRefs2,
2142 _id,
2143 cTotal));
2144}
2145
2146/**
2147 * Destructor; removes the instance from the global hash of
2148 * managed objects. Calls Release() on the contained COM object.
2149 *
2150 * Preconditions: Caller must have locked g_pWebsessionsLockHandle.
2151 */
2152ManagedObjectRef::~ManagedObjectRef()
2153{
2154 Assert(g_pWebsessionsLockHandle->isWriteLockOnCurrentThread());
2155 ULONG64 cTotal = --g_cManagedObjects;
2156
2157 Assert(_pobjUnknown);
2158 Assert(_pobjInterface);
2159
2160 // we called AddRef() on both interfaces, so call Release() on
2161 // both as well, but in reverse order
2162 uint32_t cRefs2 = ((IUnknown*)_pobjInterface)->Release();
2163 uint32_t cRefs1 = _pobjUnknown->Release();
2164 WEBDEBUG((" * %s: deleting MOR for ID %#llx (%s; COM refcount now %RI32/%RI32); now %lld objects total\n", __FUNCTION__, _id, _pcszInterface, cRefs1, cRefs2, cTotal));
2165
2166 // if we're being destroyed from the websession's destructor,
2167 // then that destructor is iterating over the maps, so
2168 // don't remove us there! (data integrity + speed)
2169 if (!_websession._fDestructing)
2170 {
2171 WEBDEBUG((" * %s: removing from websession maps\n", __FUNCTION__));
2172 _websession._pp->_mapManagedObjectsById.erase(_id);
2173 if (_websession._pp->_mapManagedObjectsByPtr.erase(_ulp) != 1)
2174 WEBDEBUG((" WARNING: could not find %#llx in _mapManagedObjectsByPtr\n", _ulp));
2175 }
2176}
2177
2178/**
2179 * Static helper method for findObjectFromRef() template that actually
2180 * looks up the object from a given integer ID.
2181 *
2182 * This has been extracted into this non-template function to reduce
2183 * code bloat as we have the actual STL map lookup only in this function.
2184 *
2185 * This also "touches" the timestamp in the websession whose ID is encoded
2186 * in the given integer ID, in order to prevent the websession from timing
2187 * out.
2188 *
2189 * Preconditions: Caller must have locked g_pWebsessionsLockHandle.
2190 *
2191 * @param id
2192 * @param pRef
2193 * @param fNullAllowed
2194 * @return
2195 */
2196int ManagedObjectRef::findRefFromId(const WSDLT_ID &id,
2197 ManagedObjectRef **pRef,
2198 bool fNullAllowed)
2199{
2200 int vrc = VINF_SUCCESS;
2201
2202 do
2203 {
2204 // allow NULL (== empty string) input reference, which should return a NULL pointer
2205 if (!id.length() && fNullAllowed)
2206 {
2207 *pRef = NULL;
2208 return 0;
2209 }
2210
2211 uint64_t websessId;
2212 uint64_t objId;
2213 WEBDEBUG((" %s(): looking up objref %s\n", __FUNCTION__, id.c_str()));
2214 if (!SplitManagedObjectRef(id,
2215 &websessId,
2216 &objId))
2217 {
2218 vrc = VERR_WEB_INVALID_MANAGED_OBJECT_REFERENCE;
2219 break;
2220 }
2221
2222 WebsessionsMapIterator it = g_mapWebsessions.find(websessId);
2223 if (it == g_mapWebsessions.end())
2224 {
2225 WEBDEBUG((" %s: cannot find websession for objref %s\n", __FUNCTION__, id.c_str()));
2226 vrc = VERR_WEB_INVALID_SESSION_ID;
2227 break;
2228 }
2229
2230 WebServiceSession *pWebsession = it->second;
2231 // "touch" websession to prevent it from timing out
2232 pWebsession->touch();
2233
2234 ManagedObjectsIteratorById iter = pWebsession->_pp->_mapManagedObjectsById.find(objId);
2235 if (iter == pWebsession->_pp->_mapManagedObjectsById.end())
2236 {
2237 WEBDEBUG((" %s: cannot find comobj for objref %s\n", __FUNCTION__, id.c_str()));
2238 vrc = VERR_WEB_INVALID_OBJECT_ID;
2239 break;
2240 }
2241
2242 *pRef = iter->second;
2243
2244 } while (0);
2245
2246 return vrc;
2247}
2248
2249/****************************************************************************
2250 *
2251 * interface IManagedObjectRef
2252 *
2253 ****************************************************************************/
2254
2255/**
2256 * This is the hard-coded implementation for the IManagedObjectRef::getInterfaceName()
2257 * that our WSDL promises to our web service clients. This method returns a
2258 * string describing the interface that this managed object reference
2259 * supports, e.g. "IMachine".
2260 *
2261 * @param soap
2262 * @param req
2263 * @param resp
2264 * @return
2265 */
2266int __vbox__IManagedObjectRef_USCOREgetInterfaceName(
2267 struct soap *soap,
2268 _vbox__IManagedObjectRef_USCOREgetInterfaceName *req,
2269 _vbox__IManagedObjectRef_USCOREgetInterfaceNameResponse *resp)
2270{
2271 RT_NOREF(soap);
2272 HRESULT hrc = S_OK; /** @todo r=bird: hrc is not set.... */
2273 WEBDEBUG(("-- entering %s\n", __FUNCTION__));
2274
2275 do
2276 {
2277 // findRefFromId require the lock
2278 util::AutoWriteLock lock(g_pWebsessionsLockHandle COMMA_LOCKVAL_SRC_POS);
2279
2280 ManagedObjectRef *pRef;
2281 if (!ManagedObjectRef::findRefFromId(req->_USCOREthis, &pRef, false))
2282 resp->returnval = pRef->getInterfaceName();
2283
2284 } while (0);
2285
2286 WEBDEBUG(("-- leaving %s, hrc: %#lx\n", __FUNCTION__, hrc));
2287 if (FAILED(hrc))
2288 return SOAP_FAULT;
2289 return SOAP_OK;
2290}
2291
2292/**
2293 * This is the hard-coded implementation for the IManagedObjectRef::release()
2294 * that our WSDL promises to our web service clients. This method releases
2295 * a managed object reference and removes it from our stacks.
2296 *
2297 * @param soap
2298 * @param req
2299 * @param resp
2300 * @return
2301 */
2302int __vbox__IManagedObjectRef_USCORErelease(
2303 struct soap *soap,
2304 _vbox__IManagedObjectRef_USCORErelease *req,
2305 _vbox__IManagedObjectRef_USCOREreleaseResponse *resp)
2306{
2307 RT_NOREF(resp);
2308 HRESULT hrc;
2309 WEBDEBUG(("-- entering %s\n", __FUNCTION__));
2310
2311 {
2312 // findRefFromId and the delete call below require the lock
2313 util::AutoWriteLock lock(g_pWebsessionsLockHandle COMMA_LOCKVAL_SRC_POS);
2314
2315 ManagedObjectRef *pRef;
2316 hrc = ManagedObjectRef::findRefFromId(req->_USCOREthis, &pRef, false);
2317 if (hrc == S_OK)
2318 {
2319 WEBDEBUG((" found reference; deleting!\n"));
2320 // this removes the object from all stacks; since
2321 // there's a ComPtr<> hidden inside the reference,
2322 // this should also invoke Release() on the COM
2323 // object
2324 delete pRef;
2325 }
2326 else
2327 RaiseSoapInvalidObjectFault(soap, req->_USCOREthis);
2328 }
2329
2330 WEBDEBUG(("-- leaving %s, hrc: %#lx\n", __FUNCTION__, hrc));
2331 if (FAILED(hrc))
2332 return SOAP_FAULT;
2333 return SOAP_OK;
2334}
2335
2336/****************************************************************************
2337 *
2338 * interface IWebsessionManager
2339 *
2340 ****************************************************************************/
2341
2342/**
2343 * Hard-coded implementation for IWebsessionManager::logon. As opposed to the underlying
2344 * COM API, this is the first method that a webservice client must call before the
2345 * webservice will do anything useful.
2346 *
2347 * This returns a managed object reference to the global IVirtualBox object; into this
2348 * reference a websession ID is encoded which remains constant with all managed object
2349 * references returned by other methods.
2350 *
2351 * When the webservice client is done, it should call IWebsessionManager::logoff. This
2352 * will clean up internally (destroy all remaining managed object references and
2353 * related COM objects used internally).
2354 *
2355 * After logon, an internal timeout ensures that if the webservice client does not
2356 * call any methods, after a configurable number of seconds, the webservice will log
2357 * off the client automatically. This is to ensure that the webservice does not
2358 * drown in managed object references and eventually deny service. Still, it is
2359 * a much better solution, both for performance and cleanliness, for the webservice
2360 * client to clean up itself.
2361 *
2362 * @param soap
2363 * @param req
2364 * @param resp
2365 * @return
2366 */
2367int __vbox__IWebsessionManager_USCORElogon(
2368 struct soap *soap,
2369 _vbox__IWebsessionManager_USCORElogon *req,
2370 _vbox__IWebsessionManager_USCORElogonResponse *resp)
2371{
2372 RT_NOREF(soap);
2373 HRESULT hrc = S_OK;
2374 WEBDEBUG(("-- entering %s\n", __FUNCTION__));
2375
2376 do
2377 {
2378 // WebServiceSession constructor tinkers with global MOR map and requires a write lock
2379 util::AutoWriteLock lock(g_pWebsessionsLockHandle COMMA_LOCKVAL_SRC_POS);
2380
2381 // create new websession; the constructor stores the new websession
2382 // in the global map automatically
2383 WebServiceSession *pWebsession = new WebServiceSession();
2384 ComPtr<IVirtualBox> pVirtualBox;
2385
2386 // authenticate the user
2387 if (!(pWebsession->authenticate(req->username.c_str(),
2388 req->password.c_str(),
2389 pVirtualBox.asOutParam())))
2390 {
2391 // fake up a "root" MOR for this websession
2392 char sz[34];
2393 MakeManagedObjectRef(sz, pWebsession->getID(), 0ULL);
2394 WSDLT_ID id = sz;
2395
2396 // in the new websession, create a managed object reference (MOR) for the
2397 // global VirtualBox object; this encodes the websession ID in the MOR so
2398 // that it will be implicitly be included in all future requests of this
2399 // webservice client
2400 resp->returnval = createOrFindRefFromComPtr(id, g_pcszIVirtualBox, pVirtualBox);
2401 WEBDEBUG(("VirtualBox object ref is %s\n", resp->returnval.c_str()));
2402 }
2403 else
2404 hrc = E_FAIL;
2405 } while (0);
2406
2407 WEBDEBUG(("-- leaving %s, hrc: %#lx\n", __FUNCTION__, hrc));
2408 if (FAILED(hrc))
2409 return SOAP_FAULT;
2410 return SOAP_OK;
2411}
2412
2413/**
2414 * Returns a new ISession object every time.
2415 *
2416 * No longer connected in any way to logons, one websession can easily
2417 * handle multiple sessions.
2418 */
2419int __vbox__IWebsessionManager_USCOREgetSessionObject(
2420 struct soap*,
2421 _vbox__IWebsessionManager_USCOREgetSessionObject *req,
2422 _vbox__IWebsessionManager_USCOREgetSessionObjectResponse *resp)
2423{
2424 HRESULT hrc = S_OK;
2425 WEBDEBUG(("-- entering %s\n", __FUNCTION__));
2426
2427 do
2428 {
2429 // create a new ISession object
2430 ComPtr<ISession> pSession;
2431 hrc = g_pVirtualBoxClient->COMGETTER(Session)(pSession.asOutParam());
2432 if (FAILED(hrc))
2433 {
2434 WEBDEBUG(("ERROR: cannot create session object!"));
2435 break;
2436 }
2437
2438 // return its MOR
2439 resp->returnval = createOrFindRefFromComPtr(req->refIVirtualBox, g_pcszISession, pSession);
2440 WEBDEBUG(("Session object ref is %s\n", resp->returnval.c_str()));
2441 } while (0);
2442
2443 WEBDEBUG(("-- leaving %s, hrc: %#lx\n", __FUNCTION__, hrc));
2444 if (FAILED(hrc))
2445 return SOAP_FAULT;
2446 return SOAP_OK;
2447}
2448
2449/**
2450 * hard-coded implementation for IWebsessionManager::logoff.
2451 *
2452 * @param req
2453 * @param resp
2454 * @return
2455 */
2456int __vbox__IWebsessionManager_USCORElogoff(
2457 struct soap*,
2458 _vbox__IWebsessionManager_USCORElogoff *req,
2459 _vbox__IWebsessionManager_USCORElogoffResponse *resp)
2460{
2461 RT_NOREF(resp);
2462 HRESULT hrc = S_OK;
2463 WEBDEBUG(("-- entering %s\n", __FUNCTION__));
2464
2465 {
2466 // findWebsessionFromRef and the websession destructor require the lock
2467 util::AutoWriteLock lock(g_pWebsessionsLockHandle COMMA_LOCKVAL_SRC_POS);
2468
2469 WebServiceSession *pWebsession = WebServiceSession::findWebsessionFromRef(req->refIVirtualBox);
2470 if (pWebsession)
2471 {
2472 WEBDEBUG(("websession logoff, deleting websession %#llx\n", pWebsession->getID()));
2473 delete pWebsession;
2474 // destructor cleans up
2475
2476 WEBDEBUG(("websession destroyed, %d websessions left open\n", g_mapWebsessions.size()));
2477 }
2478 }
2479
2480 WEBDEBUG(("-- leaving %s, hrc: %#lx\n", __FUNCTION__, hrc));
2481 if (FAILED(hrc))
2482 return SOAP_FAULT;
2483 return SOAP_OK;
2484}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette