OPENVPN_EXPORT void
openvpn_plugin_close_v1(openvpn_plugin_handle_t handle)
{
struct down_root_context *context = (struct down_root_context *) handle;
if (DEBUG(context->verb))
{
fprintf(stderr, "DOWN-ROOT: close\n");
}
if (context->foreground_fd >= 0)
{
/* tell background process to exit */
if (send_control(context->foreground_fd, COMMAND_EXIT) == -1)
{
warn("DOWN-ROOT: Error signalling background process to exit");
}
/* wait for background process to exit */
if (context->background_pid > 0)
{
waitpid(context->background_pid, NULL, 0);
}
close(context->foreground_fd);
context->foreground_fd = -1;
}
free_context(context);
}
void
ReliableSession::send_naks(DisjointSequence& received)
{
const std::vector<SequenceRange> ranges(received.missing_sequence_ranges());
CORBA::ULong size = ACE_Utils::truncate_cast<CORBA::ULong>(ranges.size());
size_t len = sizeof(this->remote_peer_)
+ sizeof(size)
+ size * 2 * sizeof(SequenceNumber);
ACE_Message_Block* data;
ACE_NEW(data, ACE_Message_Block(len));
Serializer serializer(data);
serializer << this->remote_peer_;
serializer << size;
for (std::vector<SequenceRange>::const_iterator iter = ranges.begin();
iter != ranges.end(); ++iter) {
serializer << iter->first;
serializer << iter->second;
if (OpenDDS::DCPS::DCPS_debug_level > 0) {
ACE_DEBUG ((LM_DEBUG, ACE_TEXT ("(%P|%t) ReliableSession::send_naks")
ACE_TEXT (" local %d remote %d [%q - %q]\n"),
this->link_->local_peer(), remote_peer_,
iter->first.getValue(), iter->second.getValue()));
}
}
// Send control sample to remote peer:
send_control(MULTICAST_NAK, data);
}
void
MulticastSession::send_synack()
{
size_t len = sizeof(this->remote_peer_);
Message_Block_Ptr data(new ACE_Message_Block(len));
Serializer serializer(data.get());
serializer << this->remote_peer_;
VDBG_LVL((LM_DEBUG, "(%P|%t) MulticastSession[%C]::send_synack "
"local %#08x%08x remote %#08x%08x active %d\n",
this->link()->config()->name().c_str(),
(unsigned int)(this->link()->local_peer() >> 32),
(unsigned int) this->link()->local_peer(),
(unsigned int)(this->remote_peer_ >> 32),
(unsigned int) this->remote_peer_,
this->active_ ? 1 : 0), 2);
// Send control sample to remote peer:
send_control(MULTICAST_SYNACK, move(data));
// Send naks before sending synack to
// reduce wait time for resends from remote.
send_naks();
}
OPENVPN_EXPORT int
openvpn_plugin_func_v1 (openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
{
struct auth_pam_context *context = (struct auth_pam_context *) handle;
if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY && context->foreground_fd >= 0)
{
/* get username/password from envp string array */
const char *username = get_env ("username", envp);
const char *password = get_env ("password", envp);
const char *common_name = get_env ("common_name", envp) ? get_env ("common_name", envp) : "";
if (username && strlen (username) > 0 && password)
{
if (send_control (context->foreground_fd, COMMAND_VERIFY) == -1
|| send_string (context->foreground_fd, username) == -1
|| send_string (context->foreground_fd, password) == -1
|| send_string (context->foreground_fd, common_name) == -1)
{
fprintf (stderr, "AUTH-PAM: Error sending auth info to background process\n");
}
else
{
const int status = recv_control (context->foreground_fd);
if (status == RESPONSE_VERIFY_SUCCEEDED)
return OPENVPN_PLUGIN_FUNC_SUCCESS;
if (status == -1)
fprintf (stderr, "AUTH-PAM: Error receiving auth confirmation from background process\n");
}
}
}
return OPENVPN_PLUGIN_FUNC_ERROR;
}
static int get_passive_sock(UrlResource *rsrc, int control)
{
unsigned char *addr;
struct sockaddr_in sa;
int sock;
int x;
char *line, *orig_line;
send_control(control, "PASV\r\n", NULL);
if( !((line = get_line(rsrc, control)) &&
check_numeric("227", line)) ) {
nvfree(line);
return 0;
}
orig_line = line;
if (strlen(line) < 4) {
nvfree(line);
return 0;
}
if (!(sock = sock_init(rsrc->op, &sa, control))) return -1;
/* skip the numeric response */
line += 4;
/* then find the digits */
while (!(isdigit(*line))) line++;
/* ugliness from snarf 1.x */
sa.sin_family = AF_INET;
addr = (unsigned char *)&sa.sin_addr;
for(x = 0; x < 4; x++) {
addr[x] = atoi(line);
line = strchr(line,',') + 1;
}
addr = (unsigned char *)&sa.sin_port ;
addr[0] = atoi(line);
line = strchr(line,',') + 1;
addr[1] = atoi(line);
if (connect(sock, (struct sockaddr *)&sa, sizeof(sa)) < 0) {
nvfree(orig_line);
ui_error(rsrc->op, "unable to connect (%s)", strerror(errno));
return -1;
}
nvfree(orig_line);
return sock;
} /* get_passive_sock() */
void AP_Gimbal::receive_feedback(mavlink_channel_t chan, mavlink_message_t *msg)
{
mavlink_gimbal_report_t report_msg;
mavlink_msg_gimbal_report_decode(msg, &report_msg);
_gimbalParams.set_channel(chan);
if(report_msg.target_system != 1) {
// gimbal must have been power cycled or reconnected
_gimbalParams.reset();
_gimbalParams.set_param(GMB_PARAM_GMB_SYSID, 1);
return;
}
_gimbalParams.update();
if(!_gimbalParams.initialized()){
return;
}
_last_report_msg_ms = hal.scheduler->millis();
extract_feedback(report_msg);
update_mode();
update_state();
switch(_mode) {
case GIMBAL_MODE_IDLE:
_gimbalParams.set_param(GMB_PARAM_GMB_POS_HOLD, 0);
break;
case GIMBAL_MODE_POS_HOLD:
_gimbalParams.set_param(GMB_PARAM_GMB_POS_HOLD, 1);
break;
case GIMBAL_MODE_POS_HOLD_FF:
case GIMBAL_MODE_STABILIZE:
send_control(chan);
_gimbalParams.set_param(GMB_PARAM_GMB_POS_HOLD, 0);
default:
break;
}
float max_torque;
_gimbalParams.get_param(GMB_PARAM_GMB_MAX_TORQUE, max_torque, 0);
if (max_torque != _max_torque && max_torque != 0) {
_max_torque = max_torque;
}
if (!hal.util->get_soft_armed() || joints_near_limits()) {
_gimbalParams.set_param(GMB_PARAM_GMB_MAX_TORQUE, _max_torque);
} else {
_gimbalParams.set_param(GMB_PARAM_GMB_MAX_TORQUE, 0);
}
}
OPENVPN_EXPORT void
openvpn_plugin_abort_v1 (openvpn_plugin_handle_t handle)
{
struct auth_pam_context *context = (struct auth_pam_context *) handle;
/* tell background process to exit */
if (context && context->foreground_fd >= 0)
{
send_control (context->foreground_fd, COMMAND_EXIT);
close (context->foreground_fd);
context->foreground_fd = -1;
}
}
void
port_share_abort (struct port_share *ps)
{
if (ps)
{
/* tell background process to exit */
if (ps->foreground_fd >= 0)
{
send_control (ps->foreground_fd, COMMAND_EXIT);
openvpn_close_socket (ps->foreground_fd);
ps->foreground_fd = -1;
}
}
}
void
ReliableSession::send_nakack(SequenceNumber low)
{
size_t len = sizeof(low.getValue());
ACE_Message_Block* data;
ACE_NEW(data, ACE_Message_Block(len));
Serializer serializer(data);
serializer << low;
// Broadcast control sample to all peers:
send_control(MULTICAST_NAKACK, data);
}
void
ReliableSession::send_syn()
{
size_t len = sizeof(this->remote_peer_);
ACE_Message_Block* data;
ACE_NEW(data, ACE_Message_Block(len));
Serializer serializer(
data, this->link_->transport()->swap_bytes());
serializer << this->remote_peer_;
// Send control sample to remote peer:
send_control(MULTICAST_SYN, data);
}
/* Get the hardware serial number. Returns a static string containing 8 chars */
char *pmd_serial(libusb_device_handle* pmdhandle) {
int ret, rxlength;
static char serialno[9];
unsigned char msgbuf[64] = {0x55, 0x00, 0x00, 0x20, 0x08};
uint16_t msgsize = 5;
ret = send_control(pmdhandle, msgbuf, msgsize, 3000);
if (ret < 0) {
return "????????";
}
ret = get_data(pmdhandle, msgbuf, 64, &rxlength, 5000);
if (ret) {
return "????????";
}
strncpy(serialno, (char*)msgbuf+1, 8);
serialno[8] = '\0';
return serialno;
}
void AP_Gimbal::receive_feedback(mavlink_channel_t chan, mavlink_message_t *msg)
{
decode_feedback(msg);
update_state();
if (_ekf.getStatus() && !isCopterFlipped() && _gimbalParams.K_gimbalRate!=0.0f){
send_control(chan);
}
Quaternion quatEst;_ekf.getQuat(quatEst);Vector3f eulerEst;quatEst.to_euler(eulerEst.x, eulerEst.y, eulerEst.z);
//::printf("est=%1.1f %1.1f %1.1f %d\t", eulerEst.x,eulerEst.y,eulerEst.z,_ekf.getStatus());
//::printf("joint_angles=(%+1.2f %+1.2f %+1.2f)\t", _measurement.joint_angles.x,_measurement.joint_angles.y,_measurement.joint_angles.z);
//::printf("delta_ang=(%+1.3f %+1.3f %+1.3f)\t",_measurement.delta_angles.x,_measurement.delta_angles.y,_measurement.delta_angles.z);
//::printf("delta_vel=(%+1.3f %+1.3f %+1.3f)\t",_measurement.delta_velocity.x,_measurement.delta_velocity.y,_measurement.delta_velocity.z);
//::printf("rate=(%+1.3f %+1.3f %+1.3f)\t",gimbalRateDemVec.x,gimbalRateDemVec.y,gimbalRateDemVec.z);
//::printf("target=(%+1.3f %+1.3f %+1.3f)\t",_angle_ef_target_rad.x,_angle_ef_target_rad.y,_angle_ef_target_rad.z);
//::printf("\n");
}
int get_sock(UrlResource *rsrc, int control)
{
struct sockaddr_in sa;
unsigned char *addr;
unsigned char *port;
char *line;
char port_string[BUFSIZE];
int sock;
socklen_t i;
if ( (sock = sock_init(&sa, control)) < 0 )
return -1;
if ( S_LISTEN(sock, 0) < 0 )
{
S_CLOSE(sock);
LIBNET_DEBUG("listen");
return -1;
}
i = sizeof(sa);
S_GETSOCKNAME(sock, (struct sockaddr *)&sa, &i);
addr = (unsigned char *)(&sa.sin_addr.s_addr);
port = (unsigned char *)(&sa.sin_port);
sprintf(port_string, "PORT %d,%d,%d,%d,%d,%d\r\n",
addr[0], addr[1], addr[2], addr[3],
port[0], (unsigned char)port[1]);
send_control(control, port_string, NULL);
if ( !((line = get_line(rsrc, control)) &&
check_numeric("200", line)) )
{
safe_free(line);
S_CLOSE(sock);
return -1;
}
safe_free(line);
return sock;
}
/* Set the range for an analogue input channel and take one reading.
* Succesful return values are is in the range -2048..+2047.
* Errors return -2049+(negative usb error code) */
int pmd_ain(libusb_device_handle* pmdhandle, int channel, int range) {
unsigned char msgbuf[64];
int ret, rxlength;
if (channel < 0 || channel > 3 || range < 0 || range > 7) {
err("invalid ain argument\n");
return -2049 + LIBUSB_ERROR_INVALID_PARAM;
}
msgbuf[0] = 0x10;
msgbuf[1] = (unsigned char) channel;
msgbuf[2] = (unsigned char) range;
ret = send_control(pmdhandle, msgbuf, 3, 3000);
if (ret < 0) {
return -2049 + ret;
}
ret = get_data(pmdhandle, msgbuf, 64, &rxlength, 5000);
if (ret < 0) {
return -2049 + ret;
}
return (*(int16_t*)(msgbuf+1))/16;
}
void
ReliableSession::send_naks (DisjointSequence& missing)
{
std::vector<DisjointSequence::range_iterator> ranges;
for (DisjointSequence::range_iterator range(missing.range_begin());
range != missing.range_end(); ++range) {
// Send MULTICAST_NAK control samples to remote peer; the
// peer should respond with a resend of the missing data or
// a MULTICAST_NAKACK indicating the data is unrecoverable:
ranges.push_back (range);
}
CORBA::ULong size = ACE_Utils::truncate_cast<CORBA::ULong> (ranges.size());
size_t len = sizeof(this->remote_peer_)
+ sizeof(size)
+ size * 2 * sizeof(SequenceNumber);
ACE_Message_Block* data;
ACE_NEW(data, ACE_Message_Block(len));
Serializer serializer(
data, this->link_->transport()->swap_bytes());
serializer << this->remote_peer_;
serializer << size;
for (CORBA::ULong i = 0; i < size; ++i) {
serializer << ranges[i]->first.getValue();
serializer << ranges[i]->second.getValue();
if (OpenDDS::DCPS::DCPS_debug_level > 0) {
ACE_DEBUG ((LM_DEBUG, ACE_TEXT ("(%P|%t) ReliableSession::send_naks")
ACE_TEXT (" %d -> %d %d - %d \n"),
this->link_->local_peer(), remote_peer_,
ranges[i]->first.getValue(), ranges[i]->second.getValue()));
}
}
// Send control sample to remote peer:
send_control(MULTICAST_NAK, data);
}
static int get_sock(UrlResource *rsrc, int control)
{
struct sockaddr_in sa;
unsigned char *addr;
unsigned char *port;
char *line;
char port_string[SNARF_BUFSIZE];
unsigned int sock;
socklen_t i;
if (!(sock = sock_init(rsrc->op, &sa, control))) return 0;
if (listen(sock, 0) < 0) {
ui_error(rsrc->op, "unable to listen (%s)", strerror(errno));
return 0;
}
i = sizeof(sa);
getsockname(sock, (struct sockaddr *)&sa, &i);
addr = (unsigned char *)(&sa.sin_addr.s_addr);
port = (unsigned char *)(&sa.sin_port);
sprintf(port_string, "PORT %d,%d,%d,%d,%d,%d\r\n",
addr[0], addr[1], addr[2], addr[3],
port[0],(unsigned char)port[1]);
send_control(control, port_string, NULL);
if (!((line = get_line(rsrc, control)) && check_numeric("200", line))) {
nvfree(line);
return 0;
}
nvfree(line);
return sock;
} /* get_sock() */
void
MulticastSession::send_syn()
{
size_t len = sizeof(this->remote_peer_);
Message_Block_Ptr data( new ACE_Message_Block(len));
Serializer serializer(data.get());
serializer << this->remote_peer_;
VDBG_LVL((LM_DEBUG, "(%P|%t) MulticastSession[%C]::send_syn "
"local %#08x%08x remote %#08x%08x\n",
this->link()->config()->name().c_str(),
(unsigned int)(this->link()->local_peer() >> 32),
(unsigned int) this->link()->local_peer(),
(unsigned int)(this->remote_peer_ >> 32),
(unsigned int) this->remote_peer_), 2);
// Send control sample to remote peer:
send_control(MULTICAST_SYN, move(data));
}
void
ReliableSession::send_synack()
{
// Send nakack before sending synack to
// reduce naks from remote.
TransportSendBuffer* send_buffer = this->link_->send_buffer();
if (!send_buffer->empty() && send_buffer->low() > ++SequenceNumber()) {
send_nakack(send_buffer->low());
}
size_t len = sizeof(this->remote_peer_);
ACE_Message_Block* data;
ACE_NEW(data, ACE_Message_Block(len));
Serializer serializer(
data, this->link_->transport()->swap_bytes());
serializer << this->remote_peer_;
// Send control sample to remote peer:
send_control(MULTICAST_SYNACK, data);
}
OPENVPN_EXPORT void
openvpn_plugin_close_v1 (openvpn_plugin_handle_t handle)
{
struct auth_pam_context *context = (struct auth_pam_context *) handle;
if (DEBUG (context->verb))
fprintf (stderr, "AUTH-PAM: close\n");
if (context->foreground_fd >= 0)
{
/* tell background process to exit */
if (send_control (context->foreground_fd, COMMAND_EXIT) == -1)
fprintf (stderr, "AUTH-PAM: Error signaling background process to exit\n");
/* wait for background process to exit */
if (context->background_pid > 0)
waitpid (context->background_pid, NULL, 0);
close (context->foreground_fd);
context->foreground_fd = -1;
}
free (context);
}
void
MulticastDataLink::syn_received_no_session(MulticastPeer source,
ACE_Message_Block* data,
bool swap_bytes)
{
Serializer serializer_read(data, swap_bytes);
MulticastPeer local_peer;
serializer_read >> local_peer;
if (local_peer != local_peer_) {
return;
}
VDBG_LVL((LM_DEBUG, "(%P|%t) MulticastDataLink[%C]::syn_received_no_session "
"send_synack local 0x%x remote 0x%x\n",
config_->name().c_str(), local_peer, source), 2);
ACE_Message_Block* synack_data = new ACE_Message_Block(sizeof(MulticastPeer));
Serializer serializer_write(synack_data);
serializer_write << source;
DataSampleHeader header;
ACE_Message_Block* control =
create_control(MULTICAST_SYNACK, header, synack_data);
const int error = send_control(header, control);
if (error != SEND_CONTROL_OK) {
ACE_ERROR((LM_ERROR, "(%P|%t) MulticastDataLink::syn_received_no_session: "
"ERROR: send_control failed: %d!\n", error));
return;
}
transport_->passive_connection(local_peer, source);
}
/*
* This is the main function for the port share proxy background process.
*/
static void
port_share_proxy (const in_addr_t hostaddr,
const int port,
const socket_descriptor_t sd_control,
const int max_initial_buf,
const char *journal_dir)
{
if (send_control (sd_control, RESPONSE_INIT_SUCCEEDED) >= 0)
{
void *sd_control_marker = (void *)1;
int maxevents = 256;
struct event_set *es;
struct event_set_return esr[64];
struct proxy_connection *list = NULL;
time_t last_housekeeping = 0;
msg (D_PS_PROXY, "PORT SHARE PROXY: proxy starting");
es = event_set_init (&maxevents, 0);
event_ctl (es, sd_control, EVENT_READ, sd_control_marker);
while (true)
{
int n_events;
struct timeval tv;
time_t current;
tv.tv_sec = 10;
tv.tv_usec = 0;
n_events = event_wait (es, &tv, esr, SIZE(esr));
/*dmsg (D_PS_PROXY_DEBUG, "PORT SHARE PROXY: event_wait returned %d", n_events);*/
current = time(NULL);
if (n_events > 0)
{
int i;
for (i = 0; i < n_events; ++i)
{
const struct event_set_return *e = &esr[i];
if (e->arg == sd_control_marker)
{
if (!control_message_from_parent (sd_control, &list, es, hostaddr, port, max_initial_buf, journal_dir))
goto done;
}
else
{
struct proxy_connection *pc = (struct proxy_connection *)e->arg;
if (pc->defined)
proxy_connection_io_dispatch (pc, e->rwflags, es);
}
}
}
else if (n_events < 0)
{
dmsg (D_PS_PROXY_DEBUG, "PORT SHARE PROXY: event_wait failed");
}
if (current > last_housekeeping)
{
proxy_list_housekeeping (&list);
last_housekeeping = current;
}
}
done:
proxy_list_close (&list);
event_free (es);
}
msg (M_INFO, "PORT SHARE PROXY: proxy exiting");
}
/*
* Background process -- runs with privilege.
*/
static void
pam_server (int fd, const char *service, int verb, const struct name_value_list *name_value_list)
{
struct user_pass up;
int command;
#ifdef USE_PAM_DLOPEN
static const char pam_so[] = "libpam.so";
#endif
/*
* Do initialization
*/
if (DEBUG (verb))
fprintf (stderr, "AUTH-PAM: BACKGROUND: INIT service='%s'\n", service);
#ifdef USE_PAM_DLOPEN
/*
* Load PAM shared object
*/
if (!dlopen_pam (pam_so))
{
fprintf (stderr, "AUTH-PAM: BACKGROUND: could not load PAM lib %s: %s\n", pam_so, dlerror());
send_control (fd, RESPONSE_INIT_FAILED);
goto done;
}
#endif
/*
* Tell foreground that we initialized successfully
*/
if (send_control (fd, RESPONSE_INIT_SUCCEEDED) == -1)
{
fprintf (stderr, "AUTH-PAM: BACKGROUND: write error on response socket [1]\n");
goto done;
}
/*
* Event loop
*/
while (1)
{
memset (&up, 0, sizeof (up));
up.verb = verb;
up.name_value_list = name_value_list;
/* get a command from foreground process */
command = recv_control (fd);
if (DEBUG (verb))
fprintf (stderr, "AUTH-PAM: BACKGROUND: received command code: %d\n", command);
switch (command)
{
case COMMAND_VERIFY:
if (recv_string (fd, up.username, sizeof (up.username)) == -1
|| recv_string (fd, up.password, sizeof (up.password)) == -1
|| recv_string (fd, up.common_name, sizeof (up.common_name)) == -1)
{
fprintf (stderr, "AUTH-PAM: BACKGROUND: read error on command channel: code=%d, exiting\n",
command);
goto done;
}
if (DEBUG (verb))
{
#if 0
fprintf (stderr, "AUTH-PAM: BACKGROUND: USER/PASS: %s/%s\n",
up.username, up.password);
#else
fprintf (stderr, "AUTH-PAM: BACKGROUND: USER: %s\n", up.username);
#endif
}
if (pam_auth (service, &up)) /* Succeeded */
{
if (send_control (fd, RESPONSE_VERIFY_SUCCEEDED) == -1)
{
fprintf (stderr, "AUTH-PAM: BACKGROUND: write error on response socket [2]\n");
goto done;
}
}
else /* Failed */
{
if (send_control (fd, RESPONSE_VERIFY_FAILED) == -1)
{
fprintf (stderr, "AUTH-PAM: BACKGROUND: write error on response socket [3]\n");
goto done;
}
}
break;
case COMMAND_EXIT:
goto done;
case -1:
fprintf (stderr, "AUTH-PAM: BACKGROUND: read error on command channel\n");
goto done;
default:
fprintf (stderr, "AUTH-PAM: BACKGROUND: unknown command code: code=%d, exiting\n",
command);
goto done;
}
}
done:
#ifdef USE_PAM_DLOPEN
dlclose_pam ();
#endif
if (DEBUG (verb))
fprintf (stderr, "AUTH-PAM: BACKGROUND: EXIT\n");
return;
}
int get_passive_sock(UrlResource *rsrc, int control)
{
unsigned char *addr;
struct sockaddr_in sa;
int sock;
int x;
char *line, *orig_line;
send_control(control, "PASV\r\n", NULL);
if ( !((line = get_line(rsrc, control)) &&
check_numeric("227", line)) )
{
safe_free(line);
return -1;
}
orig_line = line;
if ( strlen(line) < 4 )
{
safe_free(line);
return -1;
}
if ( (sock = sock_init(&sa, control)) < 0 )
{
safe_free(orig_line);
return -1;
}
/* skip the numeric response */
line += 4;
/* then find the digits */
while ( !(isdigit(*line)) )
line++;
sa.sin_family = AF_INET;
addr = (unsigned char *) & sa.sin_addr;
for (x = 0; x < 4; x++)
{
addr[x] = ATOI(line);
line = strchr(line, ',') + 1;
}
addr = (unsigned char *) & sa.sin_port ;
addr[0] = ATOI(line);
line = strchr(line, ',') + 1;
addr[1] = ATOI(line);
if ( S_CONNECT(sock, (struct sockaddr *)&sa, sizeof(sa)) < 0 )
{
S_CLOSE(sock);
safe_free(orig_line);
LIBNET_DEBUG("connect");
return -1;
}
safe_free(orig_line);
return sock;
}
/*
* Background process -- runs with privilege.
*/
static void
down_root_server (const int fd, char *command, const char *argv[], const char *envp[], const int verb)
{
const char *p[3];
char *command_line = NULL;
char *argv_cat = NULL;
int i;
/*
* Do initialization
*/
if (DEBUG (verb))
fprintf (stderr, "DOWN-ROOT: BACKGROUND: INIT command='%s'\n", command);
/*
* Tell foreground that we initialized successfully
*/
if (send_control (fd, RESPONSE_INIT_SUCCEEDED) == -1)
{
fprintf (stderr, "DOWN-ROOT: BACKGROUND: write error on response socket [1]\n");
goto done;
}
/*
* Build command line
*/
if (string_array_len (argv) >= 2)
argv_cat = build_command_line (&argv[1]);
else
argv_cat = build_command_line (NULL);
p[0] = command;
p[1] = argv_cat;
p[2] = NULL;
command_line = build_command_line (p);
/*
* Save envp in environment
*/
for (i = 0; envp[i]; ++i)
{
putenv ((char *)envp[i]);
}
/*
* Event loop
*/
while (1)
{
int command_code;
int status;
/* get a command from foreground process */
command_code = recv_control (fd);
if (DEBUG (verb))
fprintf (stderr, "DOWN-ROOT: BACKGROUND: received command code: %d\n", command_code);
switch (command_code)
{
case COMMAND_RUN_SCRIPT:
status = system (command_line);
if (system_ok (status)) /* Succeeded */
{
if (send_control (fd, RESPONSE_SCRIPT_SUCCEEDED) == -1)
{
fprintf (stderr, "DOWN-ROOT: BACKGROUND: write error on response socket [2]\n");
goto done;
}
}
else /* Failed */
{
if (send_control (fd, RESPONSE_SCRIPT_FAILED) == -1)
{
fprintf (stderr, "DOWN-ROOT: BACKGROUND: write error on response socket [3]\n");
goto done;
}
}
break;
case COMMAND_EXIT:
goto done;
case -1:
fprintf (stderr, "DOWN-ROOT: BACKGROUND: read error on command channel\n");
goto done;
default:
fprintf (stderr, "DOWN-ROOT: BACKGROUND: unknown command code: code=%d, exiting\n",
command_code);
goto done;
}
}
done:
if (argv_cat)
free (argv_cat);
if (command_line)
free (command_line);
if (DEBUG (verb))
fprintf (stderr, "DOWN-ROOT: BACKGROUND: EXIT\n");
return;
}
int ftp_transfer(UrlResource *rsrc)
{
Url *u = NULL;
char *line = NULL;
int sock = 0;
int data_sock = 0;
int passive = 1;
int retval = 0;
u = rsrc->url;
/*
* first of all, if this is proxied, just pass it off to the
* http module, since that's how we support proxying.
*/
rsrc->proxy = get_proxy("FTP_PROXY");
if (rsrc->proxy && (rsrc->proxy[0] != '\0')) {
return http_transfer(rsrc);
}
ftp_set_defaults(rsrc, u);
if (!(sock = tcp_connect(rsrc->op, u->host, u->port)))
return FALSE;
if (!(line = get_line(rsrc, sock)))
return FALSE;
if (!check_numeric("220", line)) {
ui_error(rsrc->op, "bad ftp server greeting: %s", line);
nvfree(line);
return FALSE;
}
send_control(sock, "USER ", u->username, "\r\n", NULL);
if (!(line = get_line(rsrc, sock))) return FALSE;
/* do the password dance */
if (!check_numeric("230", line)) {
if (!check_numeric("331", line)) {
ui_error(rsrc->op, "bad/unexpected response: %s", line);
nvfree(line);
return FALSE;
} else {
nvfree(line);
send_control(sock, "PASS ", u->password, "\r\n", NULL);
if (!((line = get_line(rsrc, sock)) &&
check_numeric("230", line)) ) {
nvfree(line);
ui_error(rsrc->op, "login failed");
return FALSE;
}
nvfree(line);
}
}
/* set binmode */
send_control(sock, "TYPE I\r\n", NULL);
if (!(line = get_line(rsrc, sock))) return 0;
nvfree(line);
if (u->path) {
send_control(sock, "CWD ", u->path, "\r\n", NULL);
if (!((line = get_line(rsrc, sock)) &&
check_numeric("250", line))) {
nvfree(line);
close_quit(sock);
return 0;
}
nvfree(line);
}
/* finally, the good stuff */
/* get a socket for reading. try passive first. */
if ((data_sock = get_passive_sock(rsrc, sock)) == -1) {
return FALSE;
}
if (!data_sock) {
if ((data_sock = get_sock(rsrc, sock)) < 1)
return 0;
else
passive = 0;
}
if (u->file) {
send_control(sock, "SIZE ", u->file, "\r\n", NULL);
line = get_line(rsrc, sock);
if (line && check_numeric("213", line)) {
rsrc->outfile_size = atoi(line + 3);
} else {
rsrc->outfile_size = 0;
}
}
if (u->file)
send_control(sock, "RETR ", u->file, "\r\n", NULL);
else
send_control(sock, "NLST\r\n", NULL);
if (!((line = get_line(rsrc, sock)) &&
(check_numeric("150", line) || check_numeric("125", line)))) {
nvfree(line);
close_quit(sock);
return 0;
}
if (!passive)
data_sock = accept(data_sock, NULL, NULL);
nvfree(line);
retval = dump_data(rsrc, data_sock);
line = get_line(rsrc, sock); /* 226 Transfer complete */
nvfree(line);
send_control(sock, "QUIT\r\n", NULL);
line = get_line(rsrc, sock); /* 221 Goodbye */
nvfree(line);
close(sock);
close(data_sock);
return retval;
} /* ftp_transfer() */
/* Flash the device LED. Return 2 (bytes sent) or negative libusb error */
int pmd_flash(libusb_device_handle* pmdhandle) {
unsigned char msgbuf[64] = {0x40, 0x00};
uint16_t msgsize = 2;
return send_control(pmdhandle, msgbuf, msgsize, 3000);
}
/*
* Background process -- runs with privilege.
*/
static void
down_root_server(const int fd, char *const *argv, char *const *envp, const int verb)
{
/*
* Do initialization
*/
if (DEBUG(verb))
{
fprintf(stderr, "DOWN-ROOT: BACKGROUND: INIT command='%s'\n", argv[0]);
}
/*
* Tell foreground that we initialized successfully
*/
if (send_control(fd, RESPONSE_INIT_SUCCEEDED) == -1)
{
warn("DOWN-ROOT: BACKGROUND: write error on response socket [1]");
goto done;
}
/*
* Event loop
*/
while (1)
{
int command_code;
int exit_code = -1;
/* get a command from foreground process */
command_code = recv_control(fd);
if (DEBUG(verb))
{
fprintf(stderr, "DOWN-ROOT: BACKGROUND: received command code: %d\n", command_code);
}
switch (command_code)
{
case COMMAND_RUN_SCRIPT:
if ( (exit_code = run_script(argv, envp)) == 0) /* Succeeded */
{
if (send_control(fd, RESPONSE_SCRIPT_SUCCEEDED) == -1)
{
warn("DOWN-ROOT: BACKGROUND: write error on response socket [2]");
goto done;
}
}
else /* Failed */
{
fprintf(stderr, "DOWN-ROOT: BACKGROUND: %s exited with exit code %i\n", argv[0], exit_code);
if (send_control(fd, RESPONSE_SCRIPT_FAILED) == -1)
{
warn("DOWN-ROOT: BACKGROUND: write error on response socket [3]");
goto done;
}
}
break;
case COMMAND_EXIT:
goto done;
case -1:
warn("DOWN-ROOT: BACKGROUND: read error on command channel");
goto done;
default:
fprintf(stderr, "DOWN-ROOT: BACKGROUND: unknown command code: code=%d, exiting\n",
command_code);
goto done;
}
}
done:
if (DEBUG(verb))
{
fprintf(stderr, "DOWN-ROOT: BACKGROUND: EXIT\n");
}
return;
}
int ftp_transfer(UrlResource *rsrc, libnet_callback notify)
{
Url *u = NULL;
FILE *out = NULL;
char *line = NULL;
int sock = -1;
int data_sock = -1;
int passive = 1;
int retval = 0;
int msg_code = 0;
u = rsrc->url;
/* first of all, if this is proxied, just pass it off to the
http module, since that's how we support proxying. */
rsrc->proxy = get_proxy("FTP_PROXY");
if ( rsrc->proxy )
{
return http_transfer(rsrc, notify);
}
ftp_set_defaults(rsrc, u);
sock = util_tcp_connect(u->host, u->port);
if (sock < 0)
{
if (rsrc->running)
{
notify(NET_MSG_DOWNLOAD_FINISH, (UINT32)-NET_ERR_CONNECT_FAILED);
}
//S_CLOSE(sock);
return 0;
}
if ( !(line = get_line(rsrc, sock)) )
{
if (rsrc->running)
{
notify(NET_MSG_DOWNLOAD_FINISH, (UINT32)-NET_ERR_FTP_SERVER_ERROR);
}
S_CLOSE(sock);
return 0;
}
if ( !check_numeric("220", line) )
{
safe_free(line);
S_CLOSE(sock);
LIBNET_DEBUG("bad server greeting");
if (rsrc->running)
{
notify(NET_MSG_DOWNLOAD_FINISH, (UINT32)-NET_ERR_FTP_SERVER_ERROR);
}
return 0;
}
safe_free(line);
send_control(sock, "USER ", u->username, "\r\n", NULL);
if ( !(line = get_line(rsrc, sock)) )
{
msg_code = -NET_ERR_LOGIN_FAILED;
goto cleanup;
}
/* do the password dance */
if ( !check_numeric("230", line) )
{
if ( !check_numeric("331", line))
{
safe_free(line);
LIBNET_DEBUG("bad/unexpected response: %s", line);
msg_code = -NET_ERR_LOGIN_FAILED;
goto cleanup;
}
else
{
safe_free(line);
send_control(sock, "PASS ", u->password, "\r\n", NULL);
if ( !((line = get_line(rsrc, sock)) &&
check_numeric("230", line)) )
{
safe_free(line);
LIBNET_DEBUG("login failed");
msg_code = -NET_ERR_LOGIN_FAILED;
goto cleanup;
}
//safe_free(line);
}
}
safe_free(line);
/* set binmode */
send_control(sock, "TYPE I\r\n", NULL);
if ( !(line = get_line(rsrc, sock)) )
{
msg_code = -NET_ERR_FTP_SERVER_ERROR;
goto cleanup;
}
safe_free(line);
#if 1 // user can't change ftp path to "/" if server don't support it
if ( u->path && (STRCMP(u->path, "/") != 0))
{
/* CWD using relative path */
char *relative_path = u->path[0] == '/' ? &u->path[1] : &u->path[0];
send_control(sock, "CWD ", relative_path, "\r\n", NULL);
if ( !((line = get_line(rsrc, sock)) &&
check_numeric("250", line)) )
{
safe_free(line);
msg_code = -NET_ERR_OPERATION_NOT_PERMIT;
goto cleanup;
}
safe_free(line);
}
#endif
/* finally, the good stuff */
/* get a socket for reading. try passive first. */
if ( ! (rsrc->options & OPT_ACTIVE) )
{
if ( (data_sock = get_passive_sock(rsrc, sock)) < 0 )
{
msg_code = -NET_ERR_CONNECT_FAILED;
goto cleanup;
}
}
if ( data_sock < 0 )
{
if ( (data_sock = get_sock(rsrc, sock)) < 1 )
{
msg_code = -NET_ERR_CONNECT_FAILED;
goto cleanup;
}
else
passive = 0;
}
if (u->file)
{
send_control(sock, "SIZE ", u->file, "\r\n", NULL);
line = get_line(rsrc, sock);
if (line && check_numeric("213", line))
{
rsrc->outfile_size = ATOI(line + 4);
}
else if (line && check_numeric("550", line))
{
safe_free(line);
msg_code = -NET_ERR_FILE_NOT_FOUND;
goto cleanup;
}
else
{
rsrc->outfile_size = 0;
}
if (line) FREE(line);
}
/* handle resume */
if ( rsrc->outfile_offset && (rsrc->options & OPT_RESUME) )
{
char numstring[32]; /* ugly hack */
sprintf(numstring, "%ld", (long int )rsrc->outfile_offset);
send_control(sock, "REST ", numstring, "\r\n", NULL);
if ( !((line = get_line(rsrc, sock)) &&
check_numeric("350", line)) )
{
safe_free(line);
LIBNET_DEBUG("server does not support FTP resume, try again without -r");
msg_code = -NET_ERR_OPERATION_NOT_PERMIT;
goto cleanup;
}
safe_free(line);
}
if (u->file)
send_control(sock, "RETR ", u->file, "\r\n", NULL);
else
send_control(sock, "NLST\r\n", NULL);
if ( !((line = get_line(rsrc, sock)) &&
(check_numeric("150", line) || check_numeric("125", line))) )
{
safe_free(line);
msg_code = -NET_ERR_OPERATION_NOT_PERMIT;
goto cleanup;
}
LIBNET_DEBUG("ftp reply(RETR): %s\n", line);
if ( !passive )
data_sock = S_ACCEPT(data_sock, NULL, NULL);
/* rsrc->outfile_size = guess_file_size(line); */
safe_free(line);
if (rsrc->outfile)
{
if (get_file_size(rsrc->outfile) > 0)
out = fopen(rsrc->outfile, "rb+");
else
out = fopen(rsrc->outfile, "wb");
if ( !out )
{
//report(ERR, "opening %s: %s", rsrc->outfile,
// strerror(errno));
msg_code = -NET_ERR_FILE_SAVE_ERROR;
goto cleanup;
}
}
retval = dump_data(rsrc, data_sock, out, notify);
if (rsrc->running)
{
line = get_line(rsrc, sock); /* 226 Transfer complete */
LIBNET_DEBUG("ftp(done): %s\n", line);
safe_free(line);
}
cleanup:
send_control(sock, "QUIT\r\n", NULL);
line = get_line(rsrc, sock); /* 221 Goodbye */
LIBNET_DEBUG("ftp(QUIT): %s\n", line);
safe_free(line);
if (out)
fclose(out);
if (data_sock >= 0)
{
S_CLOSE(data_sock);
}
if (sock >= 0)
{
S_CLOSE(sock);
}
#ifndef WIN32
if (rsrc->outfile)
fs_sync(rsrc->outfile);
#endif
if (msg_code < 0 && rsrc->running)
{
notify(NET_MSG_DOWNLOAD_FINISH, (UINT32)msg_code);
}
return retval;
}
/* Tell analogue input to stop sending. Returns 2 (bytes sent) or negative libusb error
* Should not be needed in user code */
int pmd_ainstop(libusb_device_handle* pmdhandle) {
unsigned char msgbuf[64] = {0x12, 0x00};
uint16_t msgsize = 2;
return(send_control(pmdhandle, msgbuf, msgsize, 3000));
}
OPENVPN_EXPORT int
openvpn_plugin_func_v1 (openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[])
{
struct down_root_context *context = (struct down_root_context *) handle;
if (type == OPENVPN_PLUGIN_UP && context->foreground_fd == -1) /* fork off a process to hold onto root */
{
pid_t pid;
int fd[2];
/*
* Make a socket for foreground and background processes
* to communicate.
*/
if (socketpair (PF_UNIX, SOCK_DGRAM, 0, fd) == -1)
{
fprintf (stderr, "DOWN-ROOT: socketpair call failed\n");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
/*
* Fork off the privileged process. It will remain privileged
* even after the foreground process drops its privileges.
*/
pid = fork ();
if (pid)
{
int status;
/*
* Foreground Process
*/
context->background_pid = pid;
/* close our copy of child's socket */
close (fd[1]);
/* don't let future subprocesses inherit child socket */
if (fcntl (fd[0], F_SETFD, FD_CLOEXEC) < 0)
fprintf (stderr, "DOWN-ROOT: Set FD_CLOEXEC flag on socket file descriptor failed\n");
/* wait for background child process to initialize */
status = recv_control (fd[0]);
if (status == RESPONSE_INIT_SUCCEEDED)
{
context->foreground_fd = fd[0];
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
}
else
{
/*
* Background Process
*/
/* close all parent fds except our socket back to parent */
close_fds_except (fd[1]);
/* Ignore most signals (the parent will receive them) */
set_signals ();
/* Daemonize if --daemon option is set. */
daemonize (envp);
/* execute the event loop */
down_root_server (fd[1], context->command, argv, envp, context->verb);
close (fd[1]);
exit (0);
return 0; /* NOTREACHED */
}
}
else if (type == OPENVPN_PLUGIN_DOWN && context->foreground_fd >= 0)
{
if (send_control (context->foreground_fd, COMMAND_RUN_SCRIPT) == -1)
{
fprintf (stderr, "DOWN-ROOT: Error sending script execution signal to background process\n");
}
else
{
const int status = recv_control (context->foreground_fd);
if (status == RESPONSE_SCRIPT_SUCCEEDED)
return OPENVPN_PLUGIN_FUNC_SUCCESS;
if (status == -1)
fprintf (stderr, "DOWN-ROOT: Error receiving script execution confirmation from background process\n");
}
}
return OPENVPN_PLUGIN_FUNC_ERROR;
}
