static void
idman_finish_session (void)
{
int r;
spinlock_lock (&idman_lock);
if (idman_ready) {
r = IDMan_IPFinalize (idman_session);
if (r)
printf ("IDMan_IPFinalize failed. ignored.\n");
r = IDMan_IPFinalizeReader ();
if (r)
printf ("IDMan_IPFinalizeReader failed. ignored.\n");
idman_ready = false;
}
spinlock_unlock (&idman_lock);
}
int
main (int argc, char **argv)
{
FILE *fp;
static char buf[8192];
int ret;
unsigned short certlen;
int retrycount = 0;
static unsigned char cert[4096];
static unsigned short keymap[256][256];
if (mount ("none", "/dev/bus/usb", "usbfs", MS_MGC_VAL, ""))
perror ("mount");
klogctl (8, 0, 1);
fp = fopen ("/conf/keymap", "r");
if (fp) {
if (fread (keymap, sizeof keymap, 1, fp) == 1)
loadkeymap (keymap);
else
perror ("fread");
fclose (fp);
} else {
perror ("keymap");
}
fp = fopen ("/conf/bitvisor.conf", "r");
if (!fp) {
perror ("init");
return 1;
}
configparser (buf, sizeof buf, fp, &config, setconfig);
retry:
retrycount++;
if (retrycount > 3) {
fprintf (stderr, "Authentication failed");
return 1;
}
switch (config.idman.authenticationMethod) {
case IDMAN_AUTH_NONE:
break;
case IDMAN_AUTH_PKI:
if (passinput (config.idman.pin, sizeof config.idman.pin))
return 1;
if (IDMan_IPInitializeReader ()) {
fprintf (stderr, "IDMan_IPInitializeReader failed\n");
return 1;
}
ret = IDMan_IPInitialize (config.idman.pin, &session);
if (ret == -4) /* RET_IPNG_PIN_INCORREC */
goto finalize_and_retry;
if (ret) {
fprintf (stderr, "IDMan_IPInitialize %d\n", ret);
return 1;
}
idmaninit = 1;
ret = IDMan_userAuthPKCS11ByIndex (session, 1, 544);
if (ret) {
fprintf (stderr, "IDMan_userAuthPKCS11ByIndex %d\n",
ret);
return 1;
}
break;
finalize_and_retry:
if (idmaninit) {
if (IDMan_IPFinalize (session)) {
fprintf (stderr, "IDMan_IPFinalize failed\n");
return 1;
}
idmaninit = 0;
}
if (IDMan_IPFinalizeReader ()) {
fprintf (stderr, "IDMan_IPFinalizeReader failed\n");
return 1;
}
goto retry;
default:
fprintf (stderr, "authenticationMethod error\n");
return 1;
}
rewind (fp);
secondboot = 1;
configparser (buf, sizeof buf, fp, &config, setconfig);
fclose (fp);
if (strcasecmp (config.vpn.vpnAuthMethodV4, "Cert-IC") == 0) {
if (!idmaninit) {
fprintf (stderr, "VPN configuration error\n");
return 1;
}
ret = IDMan_getCertificateByIndex (session, 'x', INDEX_VPN,
cert, &certlen);
if (ret || certlen >= sizeof config.vpn.vpnCertV4 ||
certlen >= sizeof cert) {
fprintf (stderr, "IDMan_getCertificateByIndex %d\n",
ret);
return 1;
}
memcpy (config.vpn.vpnCertV4, cert, certlen);
}
if (strcasecmp (config.vpn.vpnAuthMethodV4, "Password-IC") == 0) {
void *val;
int len;
strcpy (config.vpn.vpnAuthMethodV4, "Password");
val = malloc (1);
get_ic_static_passwd (INDEX_VPN, &val, &len);
if (len >= sizeof config.vpn.vpnPasswordV4) {
fprintf (stderr, "vpnPasswordV4 too long\n");
return 1;
}
memset (config.vpn.vpnPasswordV4, 0,
sizeof config.vpn.vpnPasswordV4);
memcpy (config.vpn.vpnPasswordV4, val, len);
free (val);
}
if (strcasecmp (config.vpn.vpnAuthMethodV6, "Cert-IC") == 0) {
if (!idmaninit) {
fprintf (stderr, "VPN configuration error\n");
return 1;
}
ret = IDMan_getCertificateByIndex (session, 'x', INDEX_VPN,
cert, &certlen);
if (ret || certlen >= sizeof config.vpn.vpnCertV6 ||
certlen >= sizeof cert) {
fprintf (stderr, "IDMan_getCertificateByIndex %d\n",
ret);
return 1;
}
memcpy (config.vpn.vpnCertV6, cert, certlen);
}
if (strcasecmp (config.vpn.vpnAuthMethodV6, "Password-IC") == 0) {
void *val;
int len;
strcpy (config.vpn.vpnAuthMethodV6, "Password");
val = malloc (1);
get_ic_static_passwd (INDEX_VPN, &val, &len);
if (len >= sizeof config.vpn.vpnPasswordV6) {
fprintf (stderr, "vpnPasswordV6 too long\n");
return 1;
}
memset (config.vpn.vpnPasswordV6, 0,
sizeof config.vpn.vpnPasswordV6);
memcpy (config.vpn.vpnPasswordV6, val, len);
free (val);
}
load_random_seed (&config, "/dev/urandom");
boot_guest ();
return 0;
}
static enum ioact
kbdio_dbg_monitor (enum iotype type, u32 port, void *data)
{
static int led = 0;
static u8 lk = 0;
#ifdef NTTCOM_TEST
unsigned long int session;
int i, j;
char sig[1024];
unsigned short int siglen ;
#endif
do_io_default (type, port, data);
if (type == IOTYPE_INB) {
#ifdef CARDSTATUS
extern int ps2_locked;
if (ps2_locked) {
printf ("Ignoring PS/2 input\n");
*(u8 *)data = 0;
return IOACT_CONT;
}
#endif
switch (*(u8 *)data) {
#if defined(F10USBTEST)
case 0x44 | 0x80: /* F10 */
if (lk == 0x44) {
extern void usb_api_batchtest(void);
printf ("F10 pressed.\n");
usb_api_batchtest();
}
break;
#endif /* defined(F10USBTEST) */
case 0x57 | 0x80: /* F11 */
if (lk == 0x57) {
#ifdef NTTCOM_TEST
printf ("F11 pressed.\n");
printf ("IDMan_IPInitializeReader.\n");
i = IDMan_IPInitializeReader( );
printf ("IDMan_IPInitializeReader return = %d.\n", i);
printf ("IDMan_IPInitialize.\n");
i = IDMan_IPInitialize("123456789@ABCDEF", &session);
printf ("IDMan_IPInitialize return = %d.\n", i);
printf ("IDMan_generateSignatureByIndex.\n");
i = IDMan_generateSignatureByIndex( session, 1, "1234567890abcdef", strlen("1234567890abcdef"), sig, &siglen, 544);
printf ("IDMan_generateSignatureByIndex return = %d siglen=%d\n", i, siglen);
printf ("IDMan_IPFinalize.\n");
i = IDMan_IPFinalize(session);
printf ("IDMan_IPFinalize return = %d.\n", i);
printf ("IDMan_IPFinalizeReader.\n");
i = IDMan_IPFinalizeReader( );
printf ("IDMan_IPFinalizeReader return = %d.\n", i);
#else
#ifdef F11PANIC
if (config.vmm.f11panic)
panic ("F11 pressed.");
#endif
#endif
}
break;
case 0x58 | 0x80: /* F12 */
if (lk == 0x58) {
#if defined(F12DUMPEHCI)
extern void ehci_dump_all(int, void *);
#endif /* defined(F12DUMPEHCI) */
#if defined(F12MSG)
if (config.vmm.f12msg) {
debug_gdb ();
led ^= LED_CAPSLOCK_BIT |
LED_NUMLOCK_BIT;
setkbdled (led);
printf ("F12 pressed.\n");
}
#endif /* defined(F12MSG) */
#if defined(F12DUMPEHCI)
ehci_dump_all(0, NULL);
#endif /* defined(F12DUMPEHCI) */
}
break;
}
lk = *(u8 *)data;
}
return IOACT_CONT;
}
