static void idman_finish_session (void) { int r; spinlock_lock (&idman_lock); if (idman_ready) { r = IDMan_IPFinalize (idman_session); if (r) printf ("IDMan_IPFinalize failed. ignored.\n"); r = IDMan_IPFinalizeReader (); if (r) printf ("IDMan_IPFinalizeReader failed. ignored.\n"); idman_ready = false; } spinlock_unlock (&idman_lock); }
int main (int argc, char **argv) { FILE *fp; static char buf[8192]; int ret; unsigned short certlen; int retrycount = 0; static unsigned char cert[4096]; static unsigned short keymap[256][256]; if (mount ("none", "/dev/bus/usb", "usbfs", MS_MGC_VAL, "")) perror ("mount"); klogctl (8, 0, 1); fp = fopen ("/conf/keymap", "r"); if (fp) { if (fread (keymap, sizeof keymap, 1, fp) == 1) loadkeymap (keymap); else perror ("fread"); fclose (fp); } else { perror ("keymap"); } fp = fopen ("/conf/bitvisor.conf", "r"); if (!fp) { perror ("init"); return 1; } configparser (buf, sizeof buf, fp, &config, setconfig); retry: retrycount++; if (retrycount > 3) { fprintf (stderr, "Authentication failed"); return 1; } switch (config.idman.authenticationMethod) { case IDMAN_AUTH_NONE: break; case IDMAN_AUTH_PKI: if (passinput (config.idman.pin, sizeof config.idman.pin)) return 1; if (IDMan_IPInitializeReader ()) { fprintf (stderr, "IDMan_IPInitializeReader failed\n"); return 1; } ret = IDMan_IPInitialize (config.idman.pin, &session); if (ret == -4) /* RET_IPNG_PIN_INCORREC */ goto finalize_and_retry; if (ret) { fprintf (stderr, "IDMan_IPInitialize %d\n", ret); return 1; } idmaninit = 1; ret = IDMan_userAuthPKCS11ByIndex (session, 1, 544); if (ret) { fprintf (stderr, "IDMan_userAuthPKCS11ByIndex %d\n", ret); return 1; } break; finalize_and_retry: if (idmaninit) { if (IDMan_IPFinalize (session)) { fprintf (stderr, "IDMan_IPFinalize failed\n"); return 1; } idmaninit = 0; } if (IDMan_IPFinalizeReader ()) { fprintf (stderr, "IDMan_IPFinalizeReader failed\n"); return 1; } goto retry; default: fprintf (stderr, "authenticationMethod error\n"); return 1; } rewind (fp); secondboot = 1; configparser (buf, sizeof buf, fp, &config, setconfig); fclose (fp); if (strcasecmp (config.vpn.vpnAuthMethodV4, "Cert-IC") == 0) { if (!idmaninit) { fprintf (stderr, "VPN configuration error\n"); return 1; } ret = IDMan_getCertificateByIndex (session, 'x', INDEX_VPN, cert, &certlen); if (ret || certlen >= sizeof config.vpn.vpnCertV4 || certlen >= sizeof cert) { fprintf (stderr, "IDMan_getCertificateByIndex %d\n", ret); return 1; } memcpy (config.vpn.vpnCertV4, cert, certlen); } if (strcasecmp (config.vpn.vpnAuthMethodV4, "Password-IC") == 0) { void *val; int len; strcpy (config.vpn.vpnAuthMethodV4, "Password"); val = malloc (1); get_ic_static_passwd (INDEX_VPN, &val, &len); if (len >= sizeof config.vpn.vpnPasswordV4) { fprintf (stderr, "vpnPasswordV4 too long\n"); return 1; } memset (config.vpn.vpnPasswordV4, 0, sizeof config.vpn.vpnPasswordV4); memcpy (config.vpn.vpnPasswordV4, val, len); free (val); } if (strcasecmp (config.vpn.vpnAuthMethodV6, "Cert-IC") == 0) { if (!idmaninit) { fprintf (stderr, "VPN configuration error\n"); return 1; } ret = IDMan_getCertificateByIndex (session, 'x', INDEX_VPN, cert, &certlen); if (ret || certlen >= sizeof config.vpn.vpnCertV6 || certlen >= sizeof cert) { fprintf (stderr, "IDMan_getCertificateByIndex %d\n", ret); return 1; } memcpy (config.vpn.vpnCertV6, cert, certlen); } if (strcasecmp (config.vpn.vpnAuthMethodV6, "Password-IC") == 0) { void *val; int len; strcpy (config.vpn.vpnAuthMethodV6, "Password"); val = malloc (1); get_ic_static_passwd (INDEX_VPN, &val, &len); if (len >= sizeof config.vpn.vpnPasswordV6) { fprintf (stderr, "vpnPasswordV6 too long\n"); return 1; } memset (config.vpn.vpnPasswordV6, 0, sizeof config.vpn.vpnPasswordV6); memcpy (config.vpn.vpnPasswordV6, val, len); free (val); } load_random_seed (&config, "/dev/urandom"); boot_guest (); return 0; }
static enum ioact kbdio_dbg_monitor (enum iotype type, u32 port, void *data) { static int led = 0; static u8 lk = 0; #ifdef NTTCOM_TEST unsigned long int session; int i, j; char sig[1024]; unsigned short int siglen ; #endif do_io_default (type, port, data); if (type == IOTYPE_INB) { #ifdef CARDSTATUS extern int ps2_locked; if (ps2_locked) { printf ("Ignoring PS/2 input\n"); *(u8 *)data = 0; return IOACT_CONT; } #endif switch (*(u8 *)data) { #if defined(F10USBTEST) case 0x44 | 0x80: /* F10 */ if (lk == 0x44) { extern void usb_api_batchtest(void); printf ("F10 pressed.\n"); usb_api_batchtest(); } break; #endif /* defined(F10USBTEST) */ case 0x57 | 0x80: /* F11 */ if (lk == 0x57) { #ifdef NTTCOM_TEST printf ("F11 pressed.\n"); printf ("IDMan_IPInitializeReader.\n"); i = IDMan_IPInitializeReader( ); printf ("IDMan_IPInitializeReader return = %d.\n", i); printf ("IDMan_IPInitialize.\n"); i = IDMan_IPInitialize("123456789@ABCDEF", &session); printf ("IDMan_IPInitialize return = %d.\n", i); printf ("IDMan_generateSignatureByIndex.\n"); i = IDMan_generateSignatureByIndex( session, 1, "1234567890abcdef", strlen("1234567890abcdef"), sig, &siglen, 544); printf ("IDMan_generateSignatureByIndex return = %d siglen=%d\n", i, siglen); printf ("IDMan_IPFinalize.\n"); i = IDMan_IPFinalize(session); printf ("IDMan_IPFinalize return = %d.\n", i); printf ("IDMan_IPFinalizeReader.\n"); i = IDMan_IPFinalizeReader( ); printf ("IDMan_IPFinalizeReader return = %d.\n", i); #else #ifdef F11PANIC if (config.vmm.f11panic) panic ("F11 pressed."); #endif #endif } break; case 0x58 | 0x80: /* F12 */ if (lk == 0x58) { #if defined(F12DUMPEHCI) extern void ehci_dump_all(int, void *); #endif /* defined(F12DUMPEHCI) */ #if defined(F12MSG) if (config.vmm.f12msg) { debug_gdb (); led ^= LED_CAPSLOCK_BIT | LED_NUMLOCK_BIT; setkbdled (led); printf ("F12 pressed.\n"); } #endif /* defined(F12MSG) */ #if defined(F12DUMPEHCI) ehci_dump_all(0, NULL); #endif /* defined(F12DUMPEHCI) */ } break; } lk = *(u8 *)data; } return IOACT_CONT; }