2 * Emergency Access Daemon
3 * Copyright (C) 2008 Felix Fietkau <nbd@openwrt.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
15 #include <sys/types.h>
17 #include <sys/select.h>
31 #include <t_defines.h>
37 #include "ead-crypt.h"
42 #include "libbridge_init.c"
45 #define PASSWD_FILE "/etc/passwd"
47 #ifndef DEFAULT_IFNAME
48 #define DEFAULT_IFNAME "eth0"
51 #ifndef DEFAULT_DEVNAME
52 #define DEFAULT_DEVNAME "Unknown"
56 #define PCAP_TIMEOUT 200
58 #if EAD_DEBUGLEVEL >= 1
59 #define DEBUG(n, format, ...) do { \
60 if (EAD_DEBUGLEVEL >= n) \
61 fprintf(stderr, format, ##__VA_ARGS__); \
65 #define DEBUG(n, format, ...) do {} while(0)
69 struct list_head list
;
79 static char ethmac
[6] = "\x00\x13\x37\x00\x00\x00"; /* last 3 bytes will be randomized */
80 static pcap_t
*pcap_fp
= NULL
;
81 static pcap_t
*pcap_fp_rx
= NULL
;
82 static char pktbuf_b
[PCAP_MRU
];
83 static struct ead_packet
*pktbuf
= (struct ead_packet
*)pktbuf_b
;
84 static u16_t nid
= 0xffff; /* node id */
85 static char username
[32] = "";
86 static int state
= EAD_TYPE_SET_USERNAME
;
87 static const char *passwd_file
= PASSWD_FILE
;
88 static const char password
[MAXPARAMLEN
];
89 static bool child_pending
= false;
91 static unsigned char abuf
[MAXPARAMLEN
+ 1];
92 static unsigned char pwbuf
[MAXPARAMLEN
];
93 static unsigned char saltbuf
[MAXSALTLEN
];
94 static unsigned char pw_saltbuf
[MAXSALTLEN
];
95 static struct list_head instances
;
96 static const char *dev_name
= DEFAULT_DEVNAME
;
97 static bool nonfork
= false;
98 static struct ead_instance
*instance
= NULL
;
100 static struct t_pwent tpe
= {
103 .password
.data
= pwbuf
,
105 .salt
.data
= saltbuf
,
108 struct t_confent
*tce
= NULL
;
109 static struct t_server
*ts
= NULL
;
110 static struct t_num A
, *B
= NULL
;
114 get_random_bytes(void *ptr
, int len
)
118 fd
= open("/dev/urandom", O_RDONLY
);
128 prepare_password(void)
130 static char lbuf
[1024];
131 unsigned char dig
[SHA_DIGESTSIZE
];
132 BigInteger x
, v
, n
, g
;
134 int ulen
= strlen(username
);
137 lbuf
[sizeof(lbuf
) - 1] = 0;
139 f
= fopen(passwd_file
, "r");
143 while (fgets(lbuf
, sizeof(lbuf
) - 1, f
) != NULL
) {
146 if (strncmp(lbuf
, username
, ulen
) != 0)
149 if (lbuf
[ulen
] != ':')
152 str
= &lbuf
[ulen
+ 1];
154 if (strncmp(str
, "$1$", 3) != 0)
157 s2
= strchr(str
+ 3, '$');
161 if (s2
- str
>= MAXSALTLEN
)
164 strncpy((char *) pw_saltbuf
, str
, s2
- str
);
165 pw_saltbuf
[s2
- str
] = 0;
167 s2
= strchr(s2
, ':');
172 if (s2
- str
>= MAXPARAMLEN
)
175 strncpy((char *)password
, str
, MAXPARAMLEN
);
185 tce
= gettcid(tpe
.index
);
187 t_random(tpe
.password
.data
, SALTLEN
);
188 } while (memcmp(saltbuf
, (char *)dig
, sizeof(saltbuf
)) == 0);
192 n
= BigIntegerFromBytes(tce
->modulus
.data
, tce
->modulus
.len
);
193 g
= BigIntegerFromBytes(tce
->generator
.data
, tce
->generator
.len
);
194 v
= BigIntegerFromInt(0);
197 SHA1Update(&ctxt
, (unsigned char *) username
, strlen(username
));
198 SHA1Update(&ctxt
, (unsigned char *) ":", 1);
199 SHA1Update(&ctxt
, (unsigned char *) password
, strlen(password
));
200 SHA1Final(dig
, &ctxt
);
203 SHA1Update(&ctxt
, saltbuf
, tpe
.salt
.len
);
204 SHA1Update(&ctxt
, dig
, sizeof(dig
));
205 SHA1Final(dig
, &ctxt
);
207 /* x = H(s, H(u, ':', p)) */
208 x
= BigIntegerFromBytes(dig
, sizeof(dig
));
210 BigIntegerModExp(v
, g
, x
, n
);
211 tpe
.password
.len
= BigIntegerToBytes(v
, (unsigned char *)pwbuf
);
221 chksum(u16_t sum
, const u8_t
*data
, u16_t len
)
225 const u8_t
*last_byte
;
228 last_byte
= data
+ len
- 1;
230 while(dataptr
< last_byte
) { /* At least two more bytes */
231 t
= (dataptr
[0] << 8) + dataptr
[1];
239 if(dataptr
== last_byte
) {
240 t
= (dataptr
[0] << 8) + 0;
247 /* Return sum in host byte order. */
252 ead_send_packet_clone(struct ead_packet
*pkt
)
256 memcpy(pktbuf
, pkt
, offsetof(struct ead_packet
, msg
));
257 memcpy(pktbuf
->eh
.ether_shost
, ethmac
, 6);
258 memcpy(pktbuf
->eh
.ether_dhost
, pkt
->eh
.ether_shost
, 6);
261 len
= sizeof(struct ead_packet
) - sizeof(struct ether_header
) + ntohl(pktbuf
->msg
.len
);
262 pktbuf
->len
[0] = len
>> 8;
263 pktbuf
->len
[1] = len
& 0xff;
264 memcpy(pktbuf
->srcipaddr
, &pkt
->msg
.ip
, 4);
265 memcpy(pktbuf
->destipaddr
, pkt
->srcipaddr
, 4);
268 pktbuf
->ipchksum
= 0;
269 sum
= chksum(0, (void *) &pktbuf
->vhl
, UIP_IPH_LEN
);
272 pktbuf
->ipchksum
= htons(~sum
);
275 pktbuf
->srcport
= pkt
->destport
;
276 pktbuf
->destport
= pkt
->srcport
;
280 pktbuf
->udplen
= htons(len
);
281 pktbuf
->udpchksum
= 0;
282 sum
= len
+ UIP_PROTO_UDP
;
283 sum
= chksum(sum
, (void *) &pktbuf
->srcipaddr
[0], 8); /* src, dest ip */
284 sum
= chksum(sum
, (void *) &pktbuf
->srcport
, len
);
287 pktbuf
->udpchksum
= htons(~sum
);
288 pcap_sendpacket(pcap_fp
, (void *) pktbuf
, sizeof(struct ead_packet
) + ntohl(pktbuf
->msg
.len
));
292 set_state(int nstate
)
297 if (nstate
< state
) {
298 if ((nstate
< EAD_TYPE_GET_PRIME
) &&
299 (state
>= EAD_TYPE_GET_PRIME
)) {
307 case EAD_TYPE_SET_USERNAME
:
308 if (!prepare_password())
310 ts
= t_serveropenraw(&tpe
, tce
);
314 case EAD_TYPE_GET_PRIME
:
315 B
= t_servergenexp(ts
);
317 case EAD_TYPE_SEND_A
:
318 skey
= t_servergetkey(ts
, &A
);
332 handle_ping(struct ead_packet
*pkt
, int len
, int *nstate
)
334 struct ead_msg
*msg
= &pktbuf
->msg
;
335 struct ead_msg_pong
*pong
= EAD_DATA(msg
, pong
);
338 slen
= strlen(dev_name
);
342 msg
->len
= htonl(sizeof(struct ead_msg_pong
) + slen
);
343 strncpy(pong
->name
, dev_name
, slen
);
344 pong
->name
[slen
] = 0;
345 pong
->auth_type
= htons(EAD_AUTH_MD5
);
351 handle_set_username(struct ead_packet
*pkt
, int len
, int *nstate
)
353 struct ead_msg
*msg
= &pkt
->msg
;
354 struct ead_msg_user
*user
= EAD_DATA(msg
, user
);
356 set_state(EAD_TYPE_SET_USERNAME
); /* clear old state */
357 strncpy(username
, user
->username
, sizeof(username
));
358 username
[sizeof(username
) - 1] = 0;
363 *nstate
= EAD_TYPE_GET_PRIME
;
368 handle_get_prime(struct ead_packet
*pkt
, int len
, int *nstate
)
370 struct ead_msg
*msg
= &pktbuf
->msg
;
371 struct ead_msg_salt
*salt
= EAD_DATA(msg
, salt
);
373 msg
->len
= htonl(sizeof(struct ead_msg_salt
));
374 salt
->prime
= tce
->index
- 1;
375 salt
->len
= ts
->s
.len
;
376 memcpy(salt
->salt
, ts
->s
.data
, ts
->s
.len
);
377 memcpy(salt
->ext_salt
, pw_saltbuf
, MAXSALTLEN
);
379 *nstate
= EAD_TYPE_SEND_A
;
384 handle_send_a(struct ead_packet
*pkt
, int len
, int *nstate
)
386 struct ead_msg
*msg
= &pkt
->msg
;
387 struct ead_msg_number
*number
= EAD_DATA(msg
, number
);
388 len
= ntohl(msg
->len
) - sizeof(struct ead_msg_number
);
390 if (len
> MAXPARAMLEN
+ 1)
395 memcpy(A
.data
, number
->data
, len
);
398 number
= EAD_DATA(msg
, number
);
399 msg
->len
= htonl(sizeof(struct ead_msg_number
) + B
->len
);
400 memcpy(number
->data
, B
->data
, B
->len
);
402 *nstate
= EAD_TYPE_SEND_AUTH
;
407 handle_send_auth(struct ead_packet
*pkt
, int len
, int *nstate
)
409 struct ead_msg
*msg
= &pkt
->msg
;
410 struct ead_msg_auth
*auth
= EAD_DATA(msg
, auth
);
412 if (t_serververify(ts
, auth
->data
) != 0) {
413 DEBUG(2, "Client authentication failed\n");
414 *nstate
= EAD_TYPE_SET_USERNAME
;
419 auth
= EAD_DATA(msg
, auth
);
420 msg
->len
= htonl(sizeof(struct ead_msg_auth
));
422 DEBUG(2, "Client authentication successful\n");
423 memcpy(auth
->data
, t_serverresponse(ts
), sizeof(auth
->data
));
425 *nstate
= EAD_TYPE_SEND_CMD
;
430 handle_send_cmd(struct ead_packet
*pkt
, int len
, int *nstate
)
432 struct ead_msg
*msg
= &pkt
->msg
;
433 struct ead_msg_cmd
*cmd
= EAD_ENC_DATA(msg
, cmd
);
434 struct ead_msg_cmd_data
*cmddata
;
435 struct timeval tv
, to
, tn
;
444 datalen
= ead_decrypt_message(msg
) - sizeof(struct ead_msg_cmd
);
448 type
= ntohs(cmd
->type
);
449 timeout
= ntohs(cmd
->timeout
);
452 cmd
->data
[datalen
] = 0;
458 fcntl(pfd
[0], F_SETFL
, O_NONBLOCK
| fcntl(pfd
[0], F_GETFL
));
459 child_pending
= true;
463 fd
= open("/dev/null", O_RDWR
);
469 system((char *)cmd
->data
);
471 } else if (pid
> 0) {
474 timeout
= EAD_CMD_TIMEOUT
;
480 case EAD_CMD_BACKGROUND
:
483 /* close stdin, stdout, stderr, replace with fd to /dev/null */
484 fd
= open("/dev/null", O_RDWR
);
490 system((char *)cmd
->data
);
492 } else if (pid
> 0) {
501 cmddata
= EAD_ENC_DATA(msg
, cmd_data
);
506 /* send keepalive packets every 200 ms so that the client doesn't timeout */
507 gettimeofday(&to
, NULL
);
508 memcpy(&tn
, &to
, sizeof(tn
));
509 tv
.tv_usec
= PCAP_TIMEOUT
* 1000;
513 FD_SET(pfd
[0], &fds
);
514 nfds
= select(pfd
[0] + 1, &fds
, NULL
, NULL
, &tv
);
517 bytes
= read(pfd
[0], cmddata
->data
, 1024);
521 if (!bytes
&& !child_pending
)
523 DEBUG(3, "Sending %d bytes of console data, type=%d, timeout=%d\n", bytes
, ntohl(msg
->type
), timeout
);
524 ead_encrypt_message(msg
, sizeof(struct ead_msg_cmd_data
) + bytes
);
525 ead_send_packet_clone(pkt
);
526 gettimeofday(&tn
, NULL
);
527 } while (tn
.tv_sec
< to
.tv_sec
+ timeout
);
534 ead_encrypt_message(msg
, sizeof(struct ead_msg_cmd_data
));
542 parse_message(struct ead_packet
*pkt
, int len
)
544 bool (*handler
)(struct ead_packet
*pkt
, int len
, int *nstate
);
545 int min_len
= sizeof(struct ead_packet
);
547 int type
= ntohl(pkt
->msg
.type
);
549 if ((type
>= EAD_TYPE_GET_PRIME
) &&
553 if ((type
!= EAD_TYPE_PING
) &&
554 ((ntohs(pkt
->msg
.sid
) & EAD_INSTANCE_MASK
) >>
555 EAD_INSTANCE_SHIFT
) != instance
->id
)
560 handler
= handle_ping
;
562 case EAD_TYPE_SET_USERNAME
:
563 handler
= handle_set_username
;
564 min_len
+= sizeof(struct ead_msg_user
);
566 case EAD_TYPE_GET_PRIME
:
567 handler
= handle_get_prime
;
569 case EAD_TYPE_SEND_A
:
570 handler
= handle_send_a
;
571 min_len
+= sizeof(struct ead_msg_number
);
573 case EAD_TYPE_SEND_AUTH
:
574 handler
= handle_send_auth
;
575 min_len
+= sizeof(struct ead_msg_auth
);
577 case EAD_TYPE_SEND_CMD
:
578 handler
= handle_send_cmd
;
579 min_len
+= sizeof(struct ead_msg_cmd
) + sizeof(struct ead_msg_encrypted
);
586 DEBUG(2, "discarding packet: message too small\n");
590 pktbuf
->msg
.magic
= htonl(EAD_MAGIC
);
591 pktbuf
->msg
.type
= htonl(type
+ 1);
592 pktbuf
->msg
.nid
= htons(nid
);
593 pktbuf
->msg
.sid
= pkt
->msg
.sid
;
596 if (handler(pkt
, len
, &nstate
)) {
597 DEBUG(2, "sending response to packet type %d: %d\n", type
+ 1, ntohl(pktbuf
->msg
.len
));
598 /* format response packet */
599 ead_send_packet_clone(pkt
);
605 handle_packet(u_char
*user
, const struct pcap_pkthdr
*h
, const u_char
*bytes
)
607 struct ead_packet
*pkt
= (struct ead_packet
*) bytes
;
609 if (h
->len
< sizeof(struct ead_packet
))
612 if (pkt
->eh
.ether_type
!= htons(ETHERTYPE_IP
))
615 if (memcmp(pkt
->eh
.ether_dhost
, "\xff\xff\xff\xff\xff\xff", 6) != 0)
618 if (pkt
->proto
!= UIP_PROTO_UDP
)
621 if (pkt
->destport
!= htons(EAD_PORT
))
624 if (pkt
->msg
.magic
!= htonl(EAD_MAGIC
))
627 if (h
->len
< sizeof(struct ead_packet
) + ntohl(pkt
->msg
.len
))
630 if ((pkt
->msg
.nid
!= 0xffff) &&
631 (pkt
->msg
.nid
!= htons(nid
)))
634 parse_message(pkt
, h
->len
);
638 ead_pcap_reopen(bool first
)
640 static char errbuf
[PCAP_ERRBUF_SIZE
] = "";
642 if (pcap_fp_rx
&& (pcap_fp_rx
!= pcap_fp
))
643 pcap_close(pcap_fp_rx
);
650 pcap_fp
= pcap_open_live(instance
->ifname
, PCAP_MRU
, 1, PCAP_TIMEOUT
, errbuf
);
652 if (instance
->bridge
[0])
653 pcap_fp_rx
= pcap_open_live(instance
->bridge
, PCAP_MRU
, 1, PCAP_TIMEOUT
, errbuf
);
656 pcap_fp_rx
= pcap_fp
;
657 pcap_setfilter(pcap_fp_rx
, &pktfilter
);
658 if (first
&& !pcap_fp
) {
659 DEBUG(1, "WARNING: unable to open interface '%s'\n", instance
->ifname
);
672 if (pcap_dispatch(pcap_fp_rx
, 1, handle_packet
, NULL
) < 0) {
673 ead_pcap_reopen(false);
681 usage(const char *prog
)
683 fprintf(stderr
, "Usage: %s [<options>]\n"
685 "\t-B Run in background mode\n"
686 "\t-d <device> Set the device to listen on\n"
687 "\t-D <name> Set the name of the device visible to clients\n"
688 "\t-p <file> Set the password file for authenticating\n"
689 "\t-P <file> Write a pidfile\n"
695 server_handle_sigchld(int sig
)
697 struct ead_instance
*in
;
702 list_for_each(p
, &instances
) {
703 in
= list_entry(p
, struct ead_instance
, list
);
713 instance_handle_sigchld(int sig
)
717 child_pending
= false;
721 start_server(struct ead_instance
*i
)
733 signal(SIGCHLD
, instance_handle_sigchld
);
734 ead_pcap_reopen(true);
737 if (pcap_fp_rx
!= pcap_fp
)
738 pcap_close(pcap_fp_rx
);
745 start_servers(bool restart
)
747 struct ead_instance
*in
;
750 list_for_each(p
, &instances
) {
751 in
= list_entry(p
, struct ead_instance
, list
);
761 stop_server(struct ead_instance
*in
, bool do_free
)
764 kill(in
->pid
, SIGKILL
);
773 server_handle_sigint(int sig
)
775 struct ead_instance
*in
;
776 struct list_head
*p
, *tmp
;
778 list_for_each_safe(p
, tmp
, &instances
) {
779 in
= list_entry(p
, struct ead_instance
, list
);
780 stop_server(in
, true);
787 check_bridge_port(const char *br
, const char *port
, void *arg
)
789 struct ead_instance
*in
;
790 struct list_head
*p
, *tmp
;
792 list_for_each(p
, &instances
) {
793 in
= list_entry(p
, struct ead_instance
, list
);
795 if (strcmp(in
->ifname
, port
) != 0)
799 if (strcmp(in
->bridge
, br
) == 0)
802 strncpy(in
->bridge
, br
, sizeof(in
->bridge
));
803 DEBUG(2, "assigning port %s to bridge %s\n", in
->ifname
, in
->bridge
);
804 stop_server(in
, false);
810 check_bridge(const char *name
, void *arg
)
812 br_foreach_port(name
, check_bridge_port
, arg
);
818 check_all_interfaces(void)
821 struct ead_instance
*in
;
822 struct list_head
*p
, *tmp
;
824 br_foreach_bridge(check_bridge
, NULL
);
826 /* look for interfaces that are no longer part of a bridge */
827 list_for_each(p
, &instances
) {
828 in
= list_entry(p
, struct ead_instance
, list
);
831 in
->br_check
= false;
832 } else if (in
->bridge
[0]) {
833 DEBUG(2, "removing port %s from bridge %s\n", in
->ifname
, in
->bridge
);
835 stop_server(in
, false);
842 int main(int argc
, char **argv
)
844 struct ead_instance
*in
;
846 const char *pidfile
= NULL
;
847 bool background
= false;
852 return usage(argv
[0]);
854 INIT_LIST_HEAD(&instances
);
855 while ((ch
= getopt(argc
, argv
, "Bd:D:fhp:P:")) != -1) {
864 return usage(argv
[0]);
866 in
= malloc(sizeof(struct ead_instance
));
867 memset(in
, 0, sizeof(struct ead_instance
));
868 INIT_LIST_HEAD(&in
->list
);
869 strncpy(in
->ifname
, optarg
, sizeof(in
->ifname
) - 1);
870 list_add(&in
->list
, &instances
);
877 passwd_file
= optarg
;
884 signal(SIGCHLD
, server_handle_sigchld
);
885 signal(SIGINT
, server_handle_sigint
);
886 signal(SIGTERM
, server_handle_sigint
);
887 signal(SIGKILL
, server_handle_sigint
);
890 fprintf(stderr
, "Error: ead needs at least one interface\n");
898 fd
= open("/dev/null", O_RDWR
);
909 fd
= open(pidfile
, O_CREAT
|O_WRONLY
|O_EXCL
, 0644);
911 len
= sprintf(pid
, "%d\n", getpid());
917 /* randomize the mac address */
918 get_random_bytes(ethmac
+ 3, 3);
919 nid
= *(((u16_t
*) ethmac
) + 2);
921 start_servers(false);
928 check_all_interfaces();
This page took 0.081786 seconds and 5 git commands to generate.