1: /*************************************************************************
2: * (C) 2011 AITNET - Sofia/Bulgaria - <office@aitnet.org>
3: * by Michael Pounov <misho@elwix.org>
4: *
5: * $Author: misho $
6: * $Id: utils.c,v 1.4 2012/07/22 22:41:33 misho Exp $
7: *
8: *************************************************************************
9: The ELWIX and AITNET software is distributed under the following
10: terms:
11:
12: All of the documentation and software included in the ELWIX and AITNET
13: Releases is copyrighted by ELWIX - Sofia/Bulgaria <info@elwix.org>
14:
15: Copyright 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
16: by Michael Pounov <misho@elwix.org>. All rights reserved.
17:
18: Redistribution and use in source and binary forms, with or without
19: modification, are permitted provided that the following conditions
20: are met:
21: 1. Redistributions of source code must retain the above copyright
22: notice, this list of conditions and the following disclaimer.
23: 2. Redistributions in binary form must reproduce the above copyright
24: notice, this list of conditions and the following disclaimer in the
25: documentation and/or other materials provided with the distribution.
26: 3. All advertising materials mentioning features or use of this software
27: must display the following acknowledgement:
28: This product includes software developed by Michael Pounov <misho@elwix.org>
29: ELWIX - Embedded LightWeight unIX and its contributors.
30: 4. Neither the name of AITNET nor the names of its contributors
31: may be used to endorse or promote products derived from this software
32: without specific prior written permission.
33:
34: THIS SOFTWARE IS PROVIDED BY AITNET AND CONTRIBUTORS ``AS IS'' AND
35: ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
36: IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
37: ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
38: FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
39: DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
40: OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
41: HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
42: LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
43: OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
44: SUCH DAMAGE.
45: */
46: #include "global.h"
47:
48:
49: void
50: Get1stEth(char *psDev, int devlen)
51: {
52: struct ifaddrs *ifa;
53:
54: assert(psDev);
55: assert(devlen > 0);
56:
57: getifaddrs(&ifa);
58: strlcpy(psDev, ifa->ifa_name, devlen);
59: freeifaddrs(ifa);
60: }
61:
62: int
63: PrepareL2(const char *psDev, int *bpflen)
64: {
65: int h, n = 1;
66: register int i;
67: char szStr[STRSIZ];
68: struct ifreq ifr;
69: struct bpf_program fcode = { 0 };
70: struct bpf_insn insns[] = {
71: BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 12),
72: BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ANSH_ID, 0, 1),
73: BPF_STMT(BPF_RET + BPF_K, -1),
74: BPF_STMT(BPF_RET + BPF_K, 0),
75: };
76:
77: FTRACE(3);
78: assert(psDev);
79:
80: fcode.bf_len = sizeof(insns) / sizeof(struct bpf_insn);
81: fcode.bf_insns = insns;
82:
83: for (i = 0; i < 10; i++) {
84: memset(szStr, 0, sizeof szStr);
85: snprintf(szStr, sizeof szStr, "/dev/bpf%d", i);
86: h = open(szStr, O_RDWR);
87: if (h > 2)
88: break;
89: }
90: if (h < 3) {
91: printf("Error:: open bpf %s #%d - %s\n", szStr, errno, strerror(errno));
92: return -1;
93: }
94:
95: if (ioctl(h, BIOCIMMEDIATE, &n) == -1) {
96: printf("Error:: set interface %s to bpf #%d - %s\n", psDev, errno, strerror(errno));
97: close(h);
98: return -1;
99: }
100: n = USHRT_MAX + 1;
101: if (ioctl(h, BIOCSBLEN, &n) == -1) {
102: printf("Error:: set buffer interface %s buffer length #%d - %s\n", psDev, errno, strerror(errno));
103: close(h);
104: return -1;
105: }
106: strlcpy(ifr.ifr_name, psDev, sizeof ifr.ifr_name);
107: if (ioctl(h, BIOCSETIF, &ifr) == -1) {
108: printf("Error:: bind interface %s to bpf #%d - %s\n", psDev, errno, strerror(errno));
109: close(h);
110: return -1;
111: }
112: if (ioctl(h, BIOCSETF, &fcode) == -1) {
113: printf("Error:: set filter interface %s to bpf #%d - %s\n", psDev, errno, strerror(errno));
114: close(h);
115: return -1;
116: }
117: if (ioctl(h, BIOCGBLEN, bpflen) == -1) {
118: printf("Error:: get buffer interface %s buffer length #%d - %s\n", psDev, errno, strerror(errno));
119: close(h);
120: return -1;
121: }
122:
123: n = fcntl(h, F_GETFL);
124: fcntl(h, F_SETFL, n | O_NONBLOCK);
125:
126: VERB(3) LOG("Openned device handle %d with bpf buflen %d", h, *bpflen);
127: return h;
128: }
129:
130: int
131: PrepareL3(const io_sockaddr_t *sa, int *bpflen)
132: {
133: int h, n = 1;
134:
135: FTRACE(3);
136: assert(sa);
137:
138: h = socket(sa->sa.sa_family ? sa->sa.sa_family : AF_INET, SOCK_RAW, IPPROTO_ICMP);
139: if (h == -1) {
140: printf("Error:: Cant open raw socket #%d - %s\n", errno, strerror(errno));
141: return -1;
142: }
143: /*
144: if (setsockopt(h, SOL_SOCKET, SO_REUSEADDR, &n, sizeof n) == -1) {
145: printf("Error:: Cant set raw socket #%d - %s\n", errno, strerror(errno));
146: close(h);
147: return -1;
148: }
149: */
150: if (sa->sa.sa_family && bind(h, &sa->sa, sa->sa.sa_len) == -1) {
151: printf("Error:: Cant bind to raw socket #%d - %s\n", errno, strerror(errno));
152: close(h);
153: return -1;
154: }
155:
156: n = fcntl(h, F_GETFL);
157: fcntl(h, F_SETFL, n | O_NONBLOCK);
158:
159: *bpflen = USHRT_MAX;
160: VERB(3) LOG("Openned socket handle %d", h);
161: return h;
162: }
163:
164: char
165: icmpRecv(int s, u_int * __restrict seq, u_short * __restrict id, u_int * __restrict crypted,
166: u_char * __restrict data, int * __restrict datlen, io_sockaddr_t *sa, socklen_t *salen)
167: {
168: int ret = 0;
169: struct icmp *icmp;
170: struct ansh_hdr *hdr;
171: u_char buf[USHRT_MAX] = { 0 };
172: u_int crc;
173:
174: ret = recvfrom(s, buf, sizeof buf, 0, &sa->sa, salen);
175: if (ret == -1) {
176: ERR("Receive recvfrom() #%d - %s", errno, strerror(errno));
177: return ANSH_FLG_ERR;
178: } else
179: VERB(4) LOG("Get packet with len=%d", ret);
180:
181: /* check header len */
182: if (ret < (sizeof(struct ip) + sizeof(struct icmp) + sizeof(struct ansh_hdr))) {
183: VERB(1) LOG("Discard packet too short %d ...", ret);
184: return ANSH_FLG_ERR;
185: } else
186: icmp = (struct icmp*) (buf + sizeof(struct ip));
187:
188: /* check echo magic ansh code */
189: if (icmp->icmp_type != ICMP_ECHOREPLY || icmp->icmp_code != ANSH_CODE) {
190: VERB(3) LOG("Packet isnt for me %d ... icmp_code=%d", ret, icmp->icmp_code);
191: return ANSH_FLG_ERR;
192: } else
193: hdr = (struct ansh_hdr*) (buf + sizeof(struct ip) + sizeof(struct icmp));
194:
195: /* check version and total size of packet */
196: if (hdr->ansh_ver != ANSH_VERSION) {
197: VERB(3) LOG("Packet with wrong version ...");
198: return ANSH_FLG_ERR;
199: }
200: if (crypted) {
201: if (hdr->ansh_nonce && !*crypted) {
202: VERB(3) LOG("Channel INSECURED:: Crypted communication not supported at this moment ...");
203: return ANSH_FLG_ERR;
204: }
205: if (!hdr->ansh_nonce && *crypted) {
206: VERB(3) LOG("Channel SECURED:: Plain text communication not supported at this moment ...");
207: return ANSH_FLG_ERR;
208: }
209: if (ntohl(hdr->ansh_nonce) != *crypted)
210: VERB(4) LOG("Detect change of nonce from %x to %x", *crypted, ntohl(hdr->ansh_nonce));
211:
212: *crypted = ntohl(hdr->ansh_nonce);
213: }
214:
215: /* check crc of packet */
216: crc = hdr->ansh_crc;
217: hdr->ansh_crc ^= hdr->ansh_crc;
218: hdr->ansh_crc = htonl(crcAdler((u_char*) hdr, ntohs(hdr->ansh_len)));
219: if (crc != hdr->ansh_crc) {
220: VERB(3) LOG("Packet with wrong crc ...");
221: return ANSH_FLG_ERR;
222: }
223:
224: /* copy data */
225: if (data && datlen) {
226: memset(data, 0, *datlen);
227: *datlen = ntohs(hdr->ansh_len) - sizeof(struct ansh_hdr);
228: memcpy(data, buf + sizeof(struct ip) + sizeof(struct icmp) + sizeof(struct ansh_hdr), *datlen);
229: }
230:
231: if (seq)
232: *seq = ntohl(hdr->ansh_seq);
233: if (id)
234: *id = ntohs(icmp->icmp_id);
235: return hdr->ansh_flg;
236: }
237:
238: int
239: icmpSend(int s, u_int seq, u_short id, char flg, u_int crypted, u_char *data, int datlen,
240: io_sockaddr_t *sa, socklen_t salen)
241: {
242: u_char *pos, buf[USHRT_MAX] = { 0 };
243: struct icmp *icmp;
244: struct ansh_hdr *hdr;
245: int ret = 0;
246:
247: assert(data);
248: if ((sizeof buf - sizeof(struct icmp) + sizeof(struct ansh_hdr)) < datlen)
249: return ANSH_FLG_ERR;
250:
251: icmp = (struct icmp*) buf;
252: hdr = (struct ansh_hdr*) (buf + sizeof(struct icmp));
253: pos = buf + sizeof(struct icmp) + sizeof(struct ansh_hdr);
254:
255: memcpy(pos, data, datlen);
256:
257: hdr->ansh_ver = ANSH_VERSION;
258: hdr->ansh_flg = flg;
259: hdr->ansh_len = htons(datlen + sizeof(struct ansh_hdr));
260: hdr->ansh_nonce = htonl(crypted);
261: hdr->ansh_seq = htonl(seq);
262: hdr->ansh_crc = 0;
263: hdr->ansh_crc = htonl(crcAdler((u_char*) hdr, ntohs(hdr->ansh_len)));
264:
265: icmp->icmp_type = ICMP_ECHOREPLY;
266: icmp->icmp_code = ANSH_CODE;
267: icmp->icmp_id = htons(id);
268: icmp->icmp_seq = htons(datlen);
269: icmp->icmp_cksum = 0;
270: icmp->icmp_cksum = crcIP(buf, sizeof(struct icmp) + sizeof(struct ansh_hdr) + datlen);
271:
272: if ((ret = sendto(s, buf, sizeof(struct icmp) + sizeof(struct ansh_hdr) + datlen,
273: 0, &sa->sa, salen)) == -1) {
274: ERR("Send sendto() #%d - %s", errno, strerror(errno));
275: return ANSH_FLG_ERR;
276: } else
277: VERB(4) LOG("Put packet with len=%d", ret);
278: if (ret != sizeof(struct icmp) + sizeof(struct ansh_hdr) + datlen) {
279: VERB(3) LOG("Sended data %d is different from source data len %d", ret,
280: (int) (sizeof(struct icmp) + sizeof(struct ansh_hdr) + datlen));
281: return ANSH_FLG_ERR;
282: }
283:
284: return ret;
285: }
286:
287: static int
288: _pkt_Send(int s, u_int seq, char flg, u_int crypted, u_char *data, int datlen, io_ether_addr_t *ea)
289: {
290: u_char *pos, *str, buf[USHRT_MAX] = { 0 };
291: struct ether_header *e = (struct ether_header*) buf;
292: struct ansh_hdr *hdr;
293: int ret = 0;
294:
295: assert(data);
296: if ((sizeof buf - ETHER_HDR_LEN + sizeof(struct ansh_hdr)) < datlen)
297: return ANSH_FLG_ERR;
298:
299: e->ether_type = ntohs(ANSH_ID);
300: memcpy(e->ether_dhost, ea->ether_addr_octet, ETHER_ADDR_LEN);
301: hdr = (struct ansh_hdr*) (buf + ETHER_HDR_LEN);
302: pos = ((u_char*) hdr) + sizeof(struct ansh_hdr);
303:
304: memcpy(pos, data, datlen);
305:
306: if (Crypted) {
307: str = cryptBuffer(pos, datlen, Crypted);
308: if (str) {
309: memcpy(pos, str, datlen);
310: io_free(str);
311: }
312: }
313:
314: hdr->ansh_ver = ANSH_VERSION;
315: hdr->ansh_flg = flg;
316: hdr->ansh_len = htons(datlen + sizeof(struct ansh_hdr));
317: hdr->ansh_nonce = htonl(crypted);
318: hdr->ansh_seq = htonl(seq);
319: hdr->ansh_crc = 0;
320: hdr->ansh_crc = htonl(crcAdler((u_char*) hdr, ntohs(hdr->ansh_len)));
321:
322: if ((ret = write(s, buf, ETHER_HDR_LEN + sizeof(struct ansh_hdr) + datlen)) == -1) {
323: ERR("Send packet() #%d - %s", errno, strerror(errno));
324: return ANSH_FLG_ERR;
325: } else
326: VERB(4) LOG("Put packet with len=%d", ret);
327: if (ret != ETHER_HDR_LEN + sizeof(struct ansh_hdr) + datlen) {
328: VERB(3) LOG("Sended data %d is different from source data len %d", ret,
329: (int) (ETHER_HDR_LEN + sizeof(struct ansh_hdr) + datlen));
330: return ANSH_FLG_ERR;
331: }
332:
333: return ret;
334: }
335:
336: int
337: pktSend(int s, u_int seq, char flg, u_int crypted, u_char *data, int datlen, struct io_ether_addr *ea)
338: {
339: int wlen, ret = 0;
340: u_char *pos = data;
341:
342: while (datlen > -1) {
343: wlen = _pkt_Send(s, seq, flg, crypted, pos, (datlen > 512) ? 512 : datlen, ea);
344: if (wlen == -1)
345: return -1;
346: else {
347: pos += wlen;
348: datlen -= wlen;
349: ret += wlen;
350: }
351: }
352:
353: return ret;
354: }
355:
356: static char
357: _pkt_Recv(u_char * __restrict buf, int rlen, u_int * __restrict seq, u_int * __restrict crypted,
358: u_char * __restrict data, int * __restrict datlen,
359: u_char ** __restrict next, int * __restrict nextlen)
360: {
361: int bias;
362: struct bpf_hdr *bpf;
363: struct ansh_hdr *hdr;
364: u_int crc;
365: u_char *str;
366:
367: if (rlen < (sizeof(struct bpf_hdr) + ETHER_HDR_LEN + sizeof(struct ansh_hdr))) {
368: VERB(1) LOG("Discard packet too short %d ...", rlen);
369: return ANSH_FLG_ERR;
370: } else {
371: bpf = (struct bpf_hdr*) buf;
372: hdr = (struct ansh_hdr*) (buf + bpf->bh_hdrlen + ETHER_HDR_LEN);
373: }
374:
375: /* slice readed data to packets */
376: if ((bias = BPF_WORDALIGN(bpf->bh_hdrlen + bpf->bh_caplen)) < rlen) {
377: *next = buf + bias;
378: *nextlen = rlen - bias;
379: } else {
380: *next = NULL;
381: *nextlen = 0;
382: }
383:
384: /* check version and total size of packet */
385: if (hdr->ansh_ver != ANSH_VERSION) {
386: VERB(3) LOG("Packet with wrong version ... %d", hdr->ansh_ver);
387: return ANSH_FLG_ERR;
388: }
389: if (crypted) {
390: if (hdr->ansh_nonce && !*crypted) {
391: VERB(3) LOG("Channel INSECURED:: Crypted communication not supported at this moment ...");
392: return ANSH_FLG_ERR;
393: }
394: if (!hdr->ansh_nonce && *crypted) {
395: VERB(3) LOG("Channel SECURED:: Plain text communication not supported at this moment ...");
396: return ANSH_FLG_ERR;
397: }
398: if (ntohl(hdr->ansh_nonce) != *crypted)
399: VERB(4) LOG("Detect change of nonce from %x to %x", *crypted, ntohl(hdr->ansh_nonce));
400:
401: *crypted = ntohl(hdr->ansh_nonce);
402: }
403:
404: /* check crc of packet */
405: crc = hdr->ansh_crc;
406: hdr->ansh_crc ^= hdr->ansh_crc;
407: hdr->ansh_crc = htonl(crcAdler((u_char*) hdr, ntohs(hdr->ansh_len)));
408: if (crc != hdr->ansh_crc) {
409: VERB(3) LOG("Packet with wrong crc ...");
410: return ANSH_FLG_ERR;
411: }
412:
413: /* select data */
414: if (data) {
415: *datlen = ntohs(hdr->ansh_len) - sizeof(struct ansh_hdr);
416: if (Crypted) {
417: str = cryptBuffer(buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr),
418: *datlen, Crypted);
419: if (str) {
420: memcpy(buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr),
421: str, *datlen);
422: io_free(str);
423: }
424: }
425:
426: memcpy(data, buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr), *datlen);
427: }
428:
429: if (seq)
430: *seq = ntohl(hdr->ansh_seq);
431: return hdr->ansh_flg;
432: }
433:
434: char
435: pktRecv(int s, u_int * __restrict seq, u_int * __restrict crypted, u_char * __restrict data,
436: int * __restrict datlen, struct ether_header *eth)
437: {
438: u_char *buf, *next, *ptr, *pos = data;
439: int nextlen, rlen, buflen, ptrlen;
440: char flg;
441: struct bpf_hdr *bpf;
442: struct ether_header *e;
443:
444: if (!eth || !data || !datlen)
445: return ANSH_FLG_ERR;
446: else
447: memset(data, 0, *datlen);
448:
449: if (!(buf = io_malloc(*datlen))) {
450: ERR("malloc() #%d - %s", errno, strerror(errno));
451: return ANSH_FLG_ERR;
452: }
453:
454: rlen = read(s, buf, *datlen);
455: if (rlen == -1) {
456: ERR("Receive packet() #%d - %s", errno, strerror(errno));
457: io_free(buf);
458: return ANSH_FLG_ERR;
459: } else
460: VERB(4) LOG("Get packet with len=%d", rlen);
461:
462: /* check header len */
463: if (rlen < (sizeof(struct bpf_hdr) + ETHER_HDR_LEN + sizeof(struct ansh_hdr))) {
464: VERB(1) LOG("Discard packet too short %d ...", rlen);
465: io_free(buf);
466: return ANSH_FLG_ERR;
467: } else {
468: bpf = (struct bpf_hdr*) buf;
469: e = (struct ether_header*) (buf + bpf->bh_hdrlen);
470: memcpy(eth, e, ETHER_HDR_LEN);
471: }
472:
473: ptr = next = buf;
474: ptrlen = nextlen = rlen;
475: if ((flg = _pkt_Recv(ptr, ptrlen, seq, crypted, pos, &buflen, &next, &nextlen)) == -1) {
476: io_free(buf);
477: return ANSH_FLG_ERR;
478: } else {
479: pos += buflen;
480: *datlen = buflen;
481: ptr = next;
482: ptrlen = nextlen;
483: }
484: /* get additional packets from buffer */
485: while (next && nextlen > 0)
486: if (_pkt_Recv(ptr, ptrlen, seq, crypted, pos, &buflen, &next, &nextlen) == -1)
487: break;
488: else {
489: pos += buflen;
490: *datlen += buflen;
491: ptr = next;
492: ptrlen = nextlen;
493: }
494:
495: io_free(buf);
496:
497: return flg;
498: }
499:
500: void *
501: TOfunc(sched_task_t *task)
502: {
503: struct tagProc *proc;
504:
505: FTRACE(3);
506:
507: /* not found argument, drop data */
508: if (!(proc = TASK_ARG(task)))
509: return (void*) -1;
510:
511: if (proc->proc_pid)
512: kill(proc->proc_pid, SIGTERM);
513:
514: return NULL;
515: }
516:
517: u_char *
518: cryptBuffer(u_char *buf, int rlen, u_int ctr)
519: {
520: u_char *str, ivec[AES_BLOCK_SIZE] = { 0 };
521: u_int rctr = htonl(ctr);
522:
523: FTRACE(3);
524:
525: if (!buf)
526: return NULL;
527:
528: memcpy(ivec, &ctr, sizeof ctr);
529: memcpy(ivec + 4, &rctr, sizeof rctr);
530: memcpy(ivec + 8, &ctr, sizeof ctr);
531: memcpy(ivec + 12, &rctr, sizeof rctr);
532:
533: if (io_ctr_AES(buf, rlen, &str, (u_char*) Key, ivec) == -1)
534: return NULL;
535:
536: return str;
537: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to utils.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / ansh / src