static void dot1x_logon_send_username(int id)
{
BUFFER *buf;
BYTE tmpbuf[100];
EAPOL_PACKET_HEADER *pkt;
STRING *strUserAtIp = NULL;
buf = buffer_new(sizeof(EAPOL_PACKET_HEADER));
pkt = (EAPOL_PACKET_HEADER *)buf->data;
memcpy(pkt->dest, hex2buf(DOT1XMAC, tmpbuf, NULL), 6);
memcpy(pkt->src, hex2buf(userconfig.szMac, tmpbuf, NULL), 6);
pkt->tags[0] = 0x88;
pkt->tags[1] = 0x8e;
pkt->eapol_version = 1;
pkt->eapol_type = EAPOL_PACKET;
strUserAtIp = string_append(strUserAtIp, userconfig.szUsername);
strUserAtIp = string_append(strUserAtIp, "@");
strUserAtIp = string_append(strUserAtIp, userconfig.szIp);
pkt->eapol_length = htons((u_short)(strlen(strUserAtIp->str) + 5));
pkt->code = EAP_RESPONSE;
pkt->identifier = id;
pkt->length = pkt->eapol_length;
pkt->type = EAP_TYPE_ID;
buf->len = sizeof(EAPOL_PACKET_HEADER);
buf = buffer_append(buf, (BYTE *)strUserAtIp->str, strlen(strUserAtIp->str));
if(buf->len < 60)
buf = buffer_append(buf, null_buffer_60, 60 - buf->len);
ethcard_send_packet(ethcard, buf->data, buf->len);
logs_append(g_logs, "DOT1X_LOGON_SEND_USERNAME", NULL, buf->data, buf->len);
//if(ethcard_send_packet(ethcard, buf->data, buf->len) != 0)
//{
// dprintf("Error with WinPCap\n");
//}
strUserAtIp = string_free(strUserAtIp);
buf = buffer_free(buf);
}
INT DecodePasswordByUsername(CHAR *username, CHAR *encodedstr, CHAR *decoded)
{
BYTE md5[16];
des3_context ctx3;
BYTE output[16];
BYTE encoded[16];
CHAR vn[200];
#ifdef _WIN32
DWORD sn;
GetVolumeInformation("C:\\", vn, sizeof(vn), &sn, NULL, NULL, NULL, 0);
snprintf(vn, sizeof(vn), "%s%x", username, sn);
#else
snprintf(vn, sizeof(vn), "%s", username);
#endif
//MD5Buffer(username, strlen(username), md5);
MD5Buffer(vn, strlen(vn), md5);
hex2buf(encodedstr, encoded, NULL);
des3_set_3keys( &ctx3, md5, md5 + 8, md5);
des3_decrypt( &ctx3, (BYTE *)encoded, output);
des3_set_3keys( &ctx3, md5, md5 + 8, md5);
des3_decrypt( &ctx3, (BYTE *)encoded + 8, output + 8);
buf2hex(output, 16, decoded);
return OK;
}
VOID userconfig_set_password_by_md5(USERCONFIG *userconfig, CHAR *szMD5password)
{
BYTE tmp[16];
strcpy(userconfig->szMD5Password, "");
if(szMD5password)
strcpy(userconfig->szMD5Password, szMD5password);
memcpy(userconfig->md5Password, hex2buf(szMD5password, tmp, NULL), 16);
}
static void dot1x_logon_request()
{
BUFFER *buf;
BYTE tmpbuf[100];
buf = buffer_new(200);
buf = buffer_append(buf, hex2buf(DOT1XMAC, tmpbuf, NULL), 6);
buf = buffer_append(buf, hex2buf(userconfig.szMac, tmpbuf, NULL), 6);
buf = buffer_append(buf, hex2buf((CHAR *)"88 8e", tmpbuf, NULL), 2);
buf = buffer_append(buf, hex2buf((CHAR *)"01 01 00 00", tmpbuf, NULL), 4);
if(buf->len < 60)
buf = buffer_append(buf, null_buffer_60, 60 - buf->len);
ethcard_send_packet(ethcard, buf->data, buf->len);
logs_append(g_logs, "DOT1X_LOGON_REQUEST", NULL, buf->data, buf->len);
buf = buffer_free(buf);
}
static int tunet_logon_send_tunet_user()
{
BUFFER *buf;
BYTE tmpbuf[100];
int len;
UINT32 lang;
// BOOL sr, sw, se;
if(!main_socket) return OK;
// os_socket_tcp_status(main_socket, &sr, &sw, &se);
if(tunet_state != TUNET_STATE_LOGIN)
return OK;
/*
if(se)
{
logs_append(g_logs, "TUNET_NETWORK_ERROR", "SEND_TUNET_USER", NULL, 0);
return ERR;
}
if(!sw) return OK;
*/
buf = buffer_new(200);
//hex2buf("12 54 55 4e 45 54 20 55 53 45 52 00 00 4e ea 00 00 00 01", tmpbuf, &len);
// 00 for english
//buf = buffer_append(buf, tmpbuf, len);
hex2buf("12 54 55 4e 45 54 20 55 53 45 52 00 00 4e ea", tmpbuf, &len);
buf = buffer_append(buf, tmpbuf, len);
lang = htonl(userconfig.language);
buf = buffer_append(buf, (BYTE *)(&lang), 4);
os_socket_tcp_send(main_socket, buf->data, buf->len);
tunet_state = TUNET_STATE_RECV_WELCOME;
logs_append(g_logs, "TUNET_LOGON_SEND_TUNET_USER", NULL, buf->data, buf->len);
//dprintf("已经向主服务器发出登陆请求...\n");
buf = buffer_free(buf);
return OK;
}
static int tunet_logout_send_logout()
{
BOOL sr, sw, se;
BYTE tmpbuf[1024];
BUFFER *buf = NULL;
INT len;
if(!logout_socket) return OK;
os_socket_tcp_status(logout_socket, &sr, &sw, &se);
if(tunet_state != TUNET_STATE_LOGOUT)
return OK;
// printf("sending logout info.\n");
if(se)
{
logs_append(g_logs, "TUNET_NETWORK_ERROR", "SEND_LOGOUT", NULL, 0);
return ERR;
}
if(!sw) return OK;
hex2buf("0f 54 55 4e 45 54 20 55 53 45 52", tmpbuf, &len);
buf = buffer_append(buf, tmpbuf, len);
os_socket_tcp_send(logout_socket, buf->data, buf->len);
tunet_state = TUNET_STATE_LOGOUT_RECV_LOGOUT;
logs_append(g_logs, "TUNET_LOGON_SEND_LOGOUT", NULL, buf->data, buf->len);
//dprintf("向主服务器发出注销请求...\n");
buf = buffer_free(buf);
return OK;
}
static VOID dot1x_loop_recv_proc(ETHCARD *ethcard, BYTE *pkt_data, INT pkt_len)
{
BYTE tmpbuf[100];
EAPOL_RANDSTREAM_PACKET * stmpkt = (EAPOL_RANDSTREAM_PACKET *)pkt_data;
EAPOL_PACKET_HEADER *pkthdr = (EAPOL_PACKET_HEADER *)pkt_data;
/* INT i,j;
dprintf("dot1x_loop_recv_proc\n");
for (i=0; i<pkt_len; i++)
dprintf("%.2x ", pkt_data[i]);
dprintf("Recv: \n DEST: ");
for(i = 1, j = 0; j < 6; i++,j++)
{
dprintf("%.2x ", pkt_data[i-1]);
}
dprintf("\nSRC : ");
for(j = 0; j < 6; i++,j++)
{
dprintf("%.2x ", pkt_data[i-1]);
}
i += 2; //0x888E
dprintf("\nDATA:\n");
for (j =1 ; (i < pkt_len ) ; i++, j++)
{
dprintf("%.2x ", pkt_data[i-1]);
if ( (j % 16) == 0) dprintf("\n");
}
dprintf("\n");
*/
#define FNAME "dot1x_loop_recv_proc"
if (!pkt_data)
dprintf(FNAME": !pkt_data error\n");
if (!pkt_len)
dprintf(FNAME": !pkt_len error\n");
if (memcmp(pkthdr->dest, hex2buf(userconfig.szMac, tmpbuf, NULL), 6) != 0)
{
hex2buf(DOT1XMAC, tmpbuf, NULL);
if (memcmp(pkthdr->dest, tmpbuf, 6) != 0)
{
char tempbuf[100];
dprintf(FNAME": Not our packet\n");
buf2hex(pkthdr->dest, 6, tempbuf);
dprintf(FNAME": packet dest: %s\n", tempbuf);
dprintf(FNAME": our addr: %s\n", userconfig.szMac);
}
}
if (pkthdr->tag != 0x8e88)
dprintf(FNAME": proto error : %x\n", pkthdr->tag);
#undef FNAME
if(pkt_data && pkt_len && memcmp(pkthdr->dest, hex2buf(userconfig.szMac, tmpbuf, NULL), 6) == 0 && (pkthdr->tag == 0x8e88))
{
logs_append(g_logs, "DOT1X_RECV", NULL, pkt_data, pkt_len);
os_tick_clear(tick_timeout);
switch (pkthdr->eapol_type)
{
case EAP_PACK_TYPE:
//dprintf("EAP_PACK_TYPE receiveID = %d code = %d\n", pkthdr->identifier, pkthdr->code);
switch (pkthdr->code)
{
case EAP_REQUEST:
switch(pkthdr->type)
{
case EAP_TYPE_ID:
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_REQUEST", NULL, 0);
dot1x_state = DOT1X_STATE_RESPONSE;
dot1x_logon_send_username(pkthdr->identifier);
break;
case EAP_TYPE_MD5:
if(sizeof(EAPOL_PACKET_HEADER) + sizeof(stmpkt->streamlen) + stmpkt->streamlen <= (UINT32)pkt_len)
{
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_REQUEST(AUTH)", NULL, 0);
dot1x_state = DOT1X_STATE_AUTH;
dot1x_logon_auth(pkthdr->identifier, stmpkt->stream, stmpkt->streamlen);
}
else
{
dot1x_state = DOT1X_STATE_LOGIN;
dot1x_logon_request();
}
break;
}
//dprintf(" EAP_REQUEST\n");
/*
if( dot1x_state == DOT1X_STATE_LOGIN
|| dot1x_state == DOT1X_STATE_SUCCESS
|| dot1x_state == DOT1X_STATE_FAILURE)
{
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_REQUEST", NULL, 0);
dot1x_state = DOT1X_STATE_RESPONSE;
dot1x_logon_send_username(pkthdr->identifier);
}
else if(dot1x_state == DOT1X_STATE_RESPONSE)
{
//dprintf(" streamlen = %d\n", stmpkt->streamlen);
if(sizeof(EAPOL_PACKET_HEADER) + sizeof(stmpkt->streamlen) + stmpkt->streamlen <= (UINT32)pkt_len)
{
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_REQUEST(AUTH)", NULL, 0);
dot1x_state = DOT1X_STATE_AUTH;
dot1x_logon_auth(pkthdr->identifier, stmpkt->stream, stmpkt->streamlen);
}
else
{
//dprintf(" ERROR WHEN RECV STREAM !! Retry ...\n");
dot1x_state = DOT1X_STATE_LOGIN;
dot1x_logon_request();
}
}
*/
break;
case EAP_RESPONSE:
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_RESPONSE", NULL, 0);
//dprintf(" EAP_RESPONSE\n");
break;
case EAP_SUCCESS:
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_SUCCESS", NULL, 0);
//dprintf(" EAP_SUCCESS\n");
dot1x_state = DOT1X_STATE_SUCCESS;
break;
case EAP_FAILURE:
//TODO!!!!!!!!!!!!!!!!!!!!!!!!!!!!
if(dot1x_state == DOT1X_STATE_LOGOUT)
{
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_FAILURE(LOGOUT)", NULL, 0);
//dprintf(" EAP_FAILURE(LOGOUT)\n");
dot1x_state = DOT1X_STATE_NONE;
//Here, we finished stopping DOT1X !!!!
logs_append(g_logs, "DOT1X_STOP", "END", NULL, 0);
break;
}
else
{
logs_append(g_logs, "DOT1X_RECV_PACK", "EAP_FAILURE", NULL, 0);
//dprintf(" EAP_FAILURE\n");
dot1x_state = DOT1X_STATE_FAILURE;
if(userconfig.bRetryDot1x)
{
// keep retrying ...
dot1x_logon_request();
}
}
break;
default:
logs_append(g_logs, "DOT1X_RECV_PACK", "UNKNOWN", NULL, 0);
//dprintf(" Unknown EAP_TYPE\n");
}
break;
case EAPOL_START:
logs_append(g_logs, "DOT1X_RECV_START", NULL, NULL, 0);
//dprintf("EAPOL_START\n");
break;
case EAPOL_LOGOFF:
logs_append(g_logs, "DOT1X_RECV_LOGOFF", NULL, NULL, 0);
//dprintf("EAPOL_LOGOFF\n");
break;
case EAPOL_KEY:
logs_append(g_logs, "DOT1X_RECV_KEY", NULL, NULL, 0);
//dprintf("EAPOL_KEY\n");
break;
case EAPOL_ASF_ALERT:
logs_append(g_logs, "DOT1X_RECV_ASF_ALERT", NULL, NULL, 0);
//dprintf("EAPOL_ASF_ALERT\n");
break;
default:
logs_append(g_logs, "DOT1X_RECV_UNKNOWN", NULL, NULL, 0);
return;
}
//dprintf("\n\n");
}
else
{
//it's not the packet for us
}
}
static void dot1x_logon_auth(int id, BYTE *stream, int streamlen)
{
BUFFER *buf = buffer_new(1024);
EAPOL_PACKET_HEADER *pkt;
BYTE md5_result[16];
BYTE tmpbuf[100];
STRING *strUserAtIp = NULL;
buf = buffer_append(buf, (BYTE *)"?", 1);
buf->data[0] = id;
buf = buffer_append(buf, (BYTE *)userconfig.szMD5Password, strlen(userconfig.szMD5Password));
buf = buffer_append(buf, stream, streamlen);
MD5Buffer(buf->data, buf->len, md5_result);
buf = buffer_free(buf);
buf = buffer_new(sizeof(EAPOL_PACKET_HEADER));
pkt = (EAPOL_PACKET_HEADER *)buf->data;
memcpy(pkt->dest, hex2buf(DOT1XMAC, tmpbuf, NULL), 6);
memcpy(pkt->src, hex2buf(userconfig.szMac, tmpbuf, NULL), 6);
pkt->tags[0] = 0x88;
pkt->tags[1] = 0x8e;
pkt->eapol_version = 1;
pkt->eapol_type = EAPOL_PACKET;
strUserAtIp = string_append(strUserAtIp, userconfig.szUsername);
strUserAtIp = string_append(strUserAtIp, "@");
strUserAtIp = string_append(strUserAtIp, userconfig.szIp);
pkt->eapol_length = htons((u_short)(strlen(strUserAtIp->str) + 16/*md5*/ + 6));
pkt->code = EAP_RESPONSE;
pkt->identifier = id;
pkt->length = pkt->eapol_length;
pkt->type = EAP_TYPE_MD5;
buf->len = sizeof(EAPOL_PACKET_HEADER);
buf = buffer_append(buf, (BYTE *)"\x10", 1);
buf = buffer_append(buf, md5_result, 16);
buf = buffer_append(buf, (BYTE *)strUserAtIp->str, strlen(strUserAtIp->str));
if(buf->len < 60)
buf = buffer_append(buf, null_buffer_60, 60 - buf->len);
ethcard_send_packet(ethcard, buf->data, buf->len);
logs_append(g_logs, "DOT1X_LOGON_AUTH", NULL, buf->data, buf->len);
/*
if(ethcard_send_packet(ethcard, buf->data, buf->len) != 0)
{
dprintf("Error with WinPCap\n");
}
*/
strUserAtIp = string_free(strUserAtIp);
buf = buffer_free(buf);
}
int main(int argc, char **argv)
{
sbdclnt_t *sbdclnt;
int port;
int clicked;
clock_t timeout;
aeh_t aeh;
int ninst;
char comments[sendcrsh_COMMENT_MAXLEN];
int len, lensent;
char buf[sbd_MAXLEN];
int pos;
unsigned long crc;
char signature[10];
int i = 0;
logprint_setFile("sendcrsh.log");
if (!checkEnvironment()) {
DPRINT(("anet2.dll did not set our environment!\n"));
return 1;
}
if (!checkUnique()) {
DPRINT(("Another instance of sendcrsh was running!\n"));
return 1;
}
if (argc <= 3) { /* Usage: sendcrsh <host> <port> <hexdata> */
DPRINT(("sendcrsh invoked with fewer than 3 arguments\n"));
return 1;
}
DPRINT(("%s %s %s %s\n", argv[0], argv[1], argv[2], argv[3]));
port = atoi(argv[2]);
if ((port < 1024) || (port > 65536)) {
DPRINT(("sendcrsh invoked with invalid port %d\n", port));
return 1;
}
if (NULL == hex2buf(argv[3], buf, 2)) {
DPRINT(("hex2buf(datalen) failed\n"));
return 1;
}
len = dpMAKESHORT(buf[0], buf[1]);
if (NULL == hex2buf(argv[3] + 4, buf, len)) {
DPRINT(("hex2buf(data) failed\n"));
return 1;
}
if (argv[3][4 + 2*len] != '\0') {
DPRINT(("data does not end at datalen:%d\n", len));
return 1;
}
if (len > sbd_MAXLEN) {
DPRINT(("datalen:%d is greater than max:%d\n", len, sbd_MAXLEN));
return 1;
}
pos = getLastRecord(buf, len, &aeh, &ninst);
if (pos == -1) {
DPRINT(("getLastRecord failed\n"));
return 1;
}
if (aeh.nstk == 0) {
DPRINT(("exception has 0 length stack trace\n"));
}
crc = aeh_getSignature(&aeh);
if (crc == 0) {
DPRINT(("aeh_getSignature returns 0 crc, error?\n"));
}
aeh_signature_toString(crc, signature);
DPRINT(("%s to %s:%d len:%d data:%s\n", argv[0], argv[1], port, len,
argv[3] + 4));
sendbox_create(winCmdShow, signature, sendcrsh_COMMENT_MAXLEN, 120);
while (1) {
clock_t now = eclock();
clicked = sendbox_poll(comments);
if (clicked != sendbox_CLICKED_NONE) {
DPRINT(("t:%d, clicked:%d, breaking\n", now, clicked));
break;
}
Sleep(100);
if (!((++i)%10)) {
DPRINT(("%dth call to sendbox_poll at t:%d\n", i, now));
}
}
sendbox_destroy();
if (clicked != sendbox_CLICKED_OK) {
DPRINT(("User cancelled send, clicked:%d\n", clicked));
return 0;
}
timeout = eclock() + 30 * ECLOCKS_PER_SEC;
/* add the comments to the buffer */
if (comments[0]) {
aeh_buf_t aehbuf;
int commentlen = strlen(comments);
int nwritten;
if ((len + sizeof(unsigned int /* aeh_info_t.id */) + sizeof(commentlen) + commentlen) > sbd_MAXLEN) {
DPRINT(("no room in buf for comment\n"));
return 1;
}
/* stuff the comment into the info list */
if (aeh_RES_OK != aeh_addComment(&aeh, comments)) {
DPRINT(("aeh_addComment failed\n"));
return 1;
}
/* convert it back to a buf */
if (aeh_RES_OK != aeh_writeOutputStream(&aeh, &aehbuf)) {
DPRINT(("can't convert aeh back to aehbuf\n"));
return 1;
}
DPRINT(("writing new record at pos:%d buf:\n", pos));
dumpbuf(aehbuf.buf, aehbuf.buflen);
nwritten = aehlog_writetobuf(&aehbuf, ninst, buf+pos, sbd_MAXLEN-pos);
if (-1 == nwritten) {
DPRINT(("can't convert aehbuf back to buf\n"));
return 1;
}
len = pos + nwritten;
}
aeh_Destroy(&aeh);
/* send the buffer */
sbdclnt = sbdclnt_create(buf, len, argv[1], (unsigned short)port);
if (sbdclnt == NULL) {
DPRINT(("sbdclnt_create failed\n"));
return 1;
}
while ((long)(eclock() - timeout) < 0) {
lensent = sbdclnt_poll(sbdclnt);
if (lensent != 0)
break;
Sleep(100);
}
sbdclnt_destroy(sbdclnt);
if (lensent != len) {
DPRINT(("send only %d of %d bytes!\n", lensent, len));
return 1;
}
DPRINT(("send completed successfully\n"));
return 0;
}
int main(int argc, char *argv[]) {
char *binstr=NULL;
uint32_t ix, shift;
uint32_t inslice;
#define CHARS_LEN 3
uint32_t chars[CHARS_LEN] = {'M','a','n'};
uint32_t shiftedchars[CHARS_LEN];
uint32_t masks[] = {63 << 18, 63 << 12, 63 << 6, 63 << 0};
//uint32_t mask1=0x80000000, mask32=pow(2,32)-1;
unsigned int mask1 = 0x80000000;
//uint32_t mask1= pow(2,31);
uint32_t mask6=pow(2,6) -1;
uint32_t mask32=pow(2,32)-1;
long dick;
if (argc >1) {
for (ix=1; ix<argc; ix++) {
dick = strtol(argv[ix], NULL, 10);
printf("%s => %s\n", argv[ix], int2binstr(dick, &binstr));
}
}
for (ix=0; ix<=5; ix++) {
printf("%02i => %s\n", ix, int2binstr(ix, &binstr));
//printf(" 6-bit mask << %i (%08i) => %s\n", 12, 12, "asdf");
}
for (ix=0, shift=3; ix<4; ix++, shift--) {
printf(" 6-bit mask << %2i (%08i) => %s\n", shift*6, mask6<<(shift*6), int2binstr(mask6<<(shift*6), &binstr));
//printf(" 6-bit mask << %i (%08i) => %s\n", 12, 12, "asdf");
}
printf(" 1-bit mask (%11"PRIu32") => %s\n", mask1, int2binstr(mask1, &binstr));
printf("32-bit mask (%11"PRIu32") => %s\n", mask32, int2binstr(mask32, &binstr));
inslice = 0;
for (ix=0, shift=CHARS_LEN; ix<CHARS_LEN; ix++, shift--) {
shiftedchars[ix] = chars[ix] << 8 * (shift -1);
//mask = 255 << 8*shift;
printf("%c (%04i) => %s\n", chars[ix], (int)chars[ix],
int2binstr(chars[ix], &binstr));
printf(" %c<<%-2i => %s\n", chars[ix], 8*shift,
int2binstr(shiftedchars[ix], &binstr));
inslice = inslice | shiftedchars[ix];
printf(" in|shift => %s\n", int2binstr(inslice, &binstr));
}
printf("Man (inslice) => %s\n", int2binstr(inslice, &binstr));
char *wps[] = { "sur", "sure", "sure.", NULL };
for (ix=0; wps[ix]; ix++) {
printf("'%5s' ==b64==> '%s'\n", wps[ix], buf2b64( (unsigned char*) wps[ix], strlen(wps[ix]), &binstr));
}
char *wikipedia_sentence =
"Man is distinguished, not only by his reason, but by this singular passion from "
"other animals, which is a lust of the mind, that by a perseverance of delight "
"in the continued and indefatigable generation of knowledge, exceeds the short "
"vehemence of any carnal pleasure.";
printf("Wikipedia sentence: \n%s\nBase64'd: \n%s\n",
wikipedia_sentence, buf2b64( (unsigned char*) wikipedia_sentence, strlen(wikipedia_sentence), &binstr));
char *mathexstr =
"49276d206b696c6c696e6720796f757220627261696e206c696b65206120706f69736f6e6f7573206d757368726f6f6d";
unsigned char *matbuf;
size_t matbuf_len;
matbuf_len = hex2buf(mathexstr, &matbuf);
check(matbuf_len >=0, "hex2buf() failed? returned length was %zu", matbuf_len);
printf("matasano hex string: \n%s\nHex'd & Base64'd: \n%s\n",
mathexstr, buf2b64(matbuf, matbuf_len, &binstr));
free(matbuf);
free(binstr);
return 0;
error:
return -1;
}
static void bt_hid_send_data(const void *buf, uint16_t len)
{
const struct hal_cmd_hidhost_send_data *cmd = buf;
struct hid_device *dev;
GSList *l;
bdaddr_t dst;
int fd;
uint8_t *req = NULL;
uint8_t req_size;
uint8_t status;
DBG("");
if (len != sizeof(*cmd) + cmd->len) {
error("Invalid hid send data size (%u bytes), terminating",
len);
raise(SIGTERM);
return;
}
android2bdaddr(&cmd->bdaddr, &dst);
l = g_slist_find_custom(devices, &dst, device_cmp);
if (!l) {
status = HAL_STATUS_FAILED;
goto failed;
}
dev = l->data;
if (!(dev->intr_io)) {
status = HAL_STATUS_FAILED;
goto failed;
}
req_size = 1 + (cmd->len / 2);
req = g_try_malloc0(req_size);
if (!req) {
status = HAL_STATUS_NOMEM;
goto failed;
}
req[0] = HID_MSG_DATA | HID_DATA_TYPE_OUTPUT;
/*
* Report data coming to HAL is in ascii format, HAL sends
* data in hex to daemon, so convert to binary.
*/
if (!hex2buf(cmd->data, req + 1, req_size - 1)) {
status = HAL_STATUS_INVALID;
goto failed;
}
fd = g_io_channel_unix_get_fd(dev->intr_io);
if (write(fd, req, req_size) < 0) {
error("hidhost: error writing data to HID device: %s (%d)",
strerror(errno), errno);
status = HAL_STATUS_FAILED;
goto failed;
}
status = HAL_STATUS_SUCCESS;
failed:
g_free(req);
ipc_send_rsp(hal_ipc, HAL_SERVICE_ID_HIDHOST, HAL_OP_HIDHOST_SEND_DATA,
status);
}