2592c8f15ef278deb65b5917bd874d1481618910
2 * Client for the Emergency Access Daemon
3 * Copyright (C) 2008 Felix Fietkau <nbd@openwrt.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
15 #include <sys/types.h>
16 #include <sys/socket.h>
18 #include <netinet/in.h>
19 #include <arpa/inet.h>
31 #include <t_defines.h>
34 #include "ead-crypt.h"
36 #include "pw_encrypt_md5.c"
38 #define EAD_TIMEOUT 400
39 #define EAD_TIMEOUT_LONG 2000
41 static char msgbuf
[1500];
42 static struct ead_msg
*msg
= (struct ead_msg
*) msgbuf
;
43 static uint16_t nid
= 0xffff;
44 struct sockaddr_in local
, remote
;
47 static struct in_addr serverip
= {
48 .s_addr
= 0x01010101 /* dummy */
51 static unsigned char *skey
= NULL
;
52 static unsigned char bbuf
[MAXPARAMLEN
];
53 static unsigned char saltbuf
[MAXSALTLEN
];
54 static char *username
= NULL
;
55 static char password
[MAXPARAMLEN
] = "";
56 static char pw_md5
[MD5_OUT_BUFSIZE
];
57 static char pw_salt
[MAXSALTLEN
];
59 static struct t_client
*tc
= NULL
;
60 static struct t_num salt
= { .data
= saltbuf
};
61 static struct t_num
*A
, B
;
62 static struct t_preconf
*tcp
;
63 static int auth_type
= EAD_AUTH_DEFAULT
;
64 static int timeout
= EAD_TIMEOUT
;
67 set_nonblock(int enable
)
69 if (enable
== !!(sockflags
& O_NONBLOCK
));
72 sockflags
^= O_NONBLOCK
;
73 fcntl(s
, F_SETFL
, sockflags
);
77 send_packet(int type
, bool (*handler
)(void), unsigned int max
)
86 memcpy(&msg
->ip
, &serverip
.s_addr
, sizeof(msg
->ip
));
88 sendto(s
, msgbuf
, sizeof(struct ead_msg
) + ntohl(msg
->len
), 0, (struct sockaddr
*) &remote
, sizeof(remote
));
91 tv
.tv_sec
= timeout
/ 1000;
92 tv
.tv_usec
= (timeout
% 1000) * 1000;
97 nfds
= select(s
+ 1, &fds
, NULL
, NULL
, &tv
);
102 if (!FD_ISSET(s
, &fds
))
105 len
= read(s
, msgbuf
, sizeof(msgbuf
));
109 if (len
< sizeof(struct ead_msg
))
112 if (len
< sizeof(struct ead_msg
) + ntohl(msg
->len
))
115 if (msg
->magic
!= htonl(EAD_MAGIC
))
118 if ((nid
!= 0xffff) && (ntohs(msg
->nid
) != nid
))
121 if (msg
->type
!= type
)
127 if ((max
> 0) && (res
>= max
))
135 prepare_password(void)
138 case EAD_AUTH_DEFAULT
:
141 md5_crypt(pw_md5
, (unsigned char *) password
, (unsigned char *) pw_salt
);
142 strncpy(password
, pw_md5
, sizeof(password
));
150 struct ead_msg_pong
*pong
= EAD_DATA(msg
, pong
);
151 int len
= ntohl(msg
->len
) - sizeof(struct ead_msg_pong
);
157 auth_type
= ntohs(pong
->auth_type
);
159 printf("%04x: %s\n", ntohs(msg
->nid
), pong
->name
);
166 struct ead_msg_salt
*sb
= EAD_DATA(msg
, salt
);
169 memcpy(salt
.data
, sb
->salt
, salt
.len
);
171 if (auth_type
== EAD_AUTH_MD5
) {
172 memcpy(pw_salt
, sb
->ext_salt
, MAXSALTLEN
);
173 pw_salt
[MAXSALTLEN
- 1] = 0;
176 tcp
= t_getpreparam(sb
->prime
);
177 tc
= t_clientopen(username
, &tcp
->modulus
, &tcp
->generator
, &salt
);
179 fprintf(stderr
, "Client open failed\n");
189 struct ead_msg_number
*num
= EAD_DATA(msg
, number
);
190 int len
= ntohl(msg
->len
) - sizeof(struct ead_msg_number
);
194 memcpy(bbuf
, num
->data
, len
);
205 handle_done_auth(void)
207 struct ead_msg_auth
*auth
= EAD_DATA(msg
, auth
);
208 if (t_clientverify(tc
, auth
->data
) != 0) {
209 fprintf(stderr
, "Client auth verify failed\n");
216 handle_cmd_data(void)
218 struct ead_msg_cmd_data
*cmd
= EAD_ENC_DATA(msg
, cmd_data
);
219 int datalen
= ead_decrypt_message(msg
) - sizeof(struct ead_msg_cmd_data
);
225 write(1, cmd
->data
, datalen
);
233 msg
->type
= htonl(EAD_TYPE_PING
);
235 return send_packet(EAD_TYPE_PONG
, handle_pong
, (nid
== 0xffff ? 0 : 1));
241 msg
->type
= htonl(EAD_TYPE_SET_USERNAME
);
242 msg
->len
= htonl(sizeof(struct ead_msg_user
));
243 strcpy(EAD_DATA(msg
, user
)->username
, username
);
244 return send_packet(EAD_TYPE_ACK_USERNAME
, handle_none
, 1);
250 msg
->type
= htonl(EAD_TYPE_GET_PRIME
);
252 return send_packet(EAD_TYPE_PRIME
, handle_prime
, 1);
258 struct ead_msg_number
*num
= EAD_DATA(msg
, number
);
259 A
= t_clientgenexp(tc
);
260 msg
->type
= htonl(EAD_TYPE_SEND_A
);
261 msg
->len
= htonl(sizeof(struct ead_msg_number
) + A
->len
);
262 memcpy(num
->data
, A
->data
, A
->len
);
263 return send_packet(EAD_TYPE_SEND_B
, handle_b
, 1);
269 struct ead_msg_auth
*auth
= EAD_DATA(msg
, auth
);
272 t_clientpasswd(tc
, password
);
273 skey
= t_clientgetkey(tc
, &B
);
278 msg
->type
= htonl(EAD_TYPE_SEND_AUTH
);
279 msg
->len
= htonl(sizeof(struct ead_msg_auth
));
280 memcpy(auth
->data
, t_clientresponse(tc
), sizeof(auth
->data
));
281 return send_packet(EAD_TYPE_DONE_AUTH
, handle_done_auth
, 1);
285 send_command(const char *command
)
287 struct ead_msg_cmd
*cmd
= EAD_ENC_DATA(msg
, cmd
);
289 msg
->type
= htonl(EAD_TYPE_SEND_CMD
);
290 cmd
->type
= htons(EAD_CMD_NORMAL
);
291 cmd
->timeout
= htons(10);
292 strncpy((char *)cmd
->data
, command
, 1024);
293 ead_encrypt_message(msg
, sizeof(struct ead_msg_cmd
) + strlen(command
) + 1);
294 return send_packet(EAD_TYPE_RESULT_CMD
, handle_cmd_data
, 1);
299 usage(const char *prog
)
301 fprintf(stderr
, "Usage: %s [-s <addr>] [-b <addr>] <node> <username>[:<password>] <command>\n"
303 "\t-s <addr>: Set the server's source address to <addr>\n"
304 "\t-b <addr>: Set the broadcast address to <addr>\n"
305 "\t<node>: Node ID (4 digits hex)\n"
306 "\t<username>: Username to authenticate with\n"
308 "\tPassing no arguments shows a list of active nodes on the network\n"
314 int main(int argc
, char **argv
)
318 const char *command
= NULL
;
319 const char *prog
= argv
[0];
322 msg
->magic
= htonl(EAD_MAGIC
);
325 memset(&local
, 0, sizeof(local
));
326 memset(&remote
, 0, sizeof(remote
));
328 remote
.sin_family
= AF_INET
;
329 remote
.sin_addr
.s_addr
= 0xffffffff;
330 remote
.sin_port
= htons(EAD_PORT
);
332 local
.sin_family
= AF_INET
;
333 local
.sin_addr
.s_addr
= INADDR_ANY
;
336 while ((ch
= getopt(argc
, argv
, "b:s:h")) != -1) {
339 inet_aton(optarg
, &serverip
);
342 inet_aton(optarg
, &remote
.sin_addr
);
357 st
= strchr(username
, ':');
361 strncpy(password
, st
, sizeof(password
));
362 password
[sizeof(password
) - 1] = 0;
363 /* hide command line password */
364 memset(st
, 0, strlen(st
));
368 nid
= strtoul(argv
[0], &st
, 16);
369 if (st
&& st
[0] != 0)
378 msg
->nid
= htons(nid
);
379 s
= socket(AF_INET
, SOCK_DGRAM
, IPPROTO_UDP
);
385 setsockopt(s
, SOL_SOCKET
, SO_BROADCAST
, &val
, sizeof(val
));
387 if (bind(s
, (struct sockaddr
*)&local
, sizeof(local
)) < 0) {
391 sockflags
= fcntl(s
, F_GETFL
);
394 fprintf(stderr
, "No devices found\n");
401 if (!username
|| !password
[0])
404 if (!send_username()) {
405 fprintf(stderr
, "Device did not accept user name\n");
409 fprintf(stderr
, "Failed to get user password info\n");
413 timeout
= EAD_TIMEOUT_LONG
;
415 fprintf(stderr
, "Failed to send local authentication data\n");
419 fprintf(stderr
, "Authentication failed\n");
423 fprintf(stderr
, "Authentication succesful\n");
426 if (!send_command(command
)) {
427 fprintf(stderr
, "Command failed\n");