static int md5(lua_State *L) {
size_t len;
const char *input = lua_tolstring(L, 1, &len);
if (input == NULL) {
lua_pushstring(L, "first argument: should be the input string");
lua_error(L);
__builtin_unreachable();
}
unsigned char digest[MD5_DIGEST_LEN];
char output[MD5_STRLEN];
struct md5_ctx ctx;
md5_begin(&ctx);
md5_hash(input, len, &ctx);
md5_end(digest, &ctx);
// fill the digest bytewise in the output string
int i;
for (i = 0; i < MD5_DIGEST_LEN; i++) {
sprintf(output + 2*i, "%02x", digest[i]);
}
lua_pushstring(L, output);
return 1;
}
/* Generate the UUID for a UPnPdevice */
void
upnp_gen_uuid(char *uuid, char *deviceType)
{
unsigned char new_uuid[16];
unsigned char mac[6];
md5_ctx_t mdContext;
upnp_osl_primary_lanmac((char *)mac);
/* Generate hash */
md5_begin(&mdContext);
md5_hash(mac, sizeof(mac),&mdContext);
md5_hash((unsigned char *)deviceType, strlen(deviceType),&mdContext);
md5_end(new_uuid, &mdContext);
sprintf(uuid,
"%02X%02X%02X%02X-%02X%02X-%02X%02X-%02X%02X-%02X%02X%02X%02X%02X%02X",
new_uuid[0], new_uuid[1], new_uuid[2], new_uuid[3],
new_uuid[4], new_uuid[5], new_uuid[6], new_uuid[7],
new_uuid[8], new_uuid[9], new_uuid[10], new_uuid[11],
new_uuid[12], new_uuid[13], new_uuid[14], new_uuid[15]);
uuid[36] = '\0';
return;
}
int md5sum(char *file, uint32_t *md5)
{
char buf[256];
md5_ctx_t ctx;
int len, fd;
int ret = 0;
memset(md5, 0, sizeof(*md5) * 4);
fd = open(file, O_RDONLY);
if (fd < 0)
return -1;
md5_begin(&ctx);
do {
len = read(fd, buf, sizeof(buf));
if (len < 0) {
if (errno == EINTR)
continue;
ret = -1;
goto out;
}
if (!len)
break;
md5_hash(buf, len, &ctx);
} while(1);
md5_end(md5, &ctx);
out:
close(fd);
return ret;
}
/*
* generate one key from a string using the de facto standard
*
* resultant key is stored in
* one 128 bit key: keys[0-15]
*
* (NOTE: I'm not sure why, but it seems that only values 0-12 are used,
* resulting in 104 bits of keying, not 128)
*/
void
wep_keygen128(char *str, u_char *keys)
{
md5_ctx_t ctx;
u_char buf[64];
int i, j;
/* repeat str until buf is full */
j = 0;
for(i = 0; i < 64; i++) {
if(str[j] == 0)
j = 0;
buf[i] = str[j++];
}
md5_begin(&ctx);
md5_hash(buf, sizeof buf, &ctx);
md5_end(buf, &ctx);
memcpy(keys, buf, WEPKEYSTORE);
for(i = 0; i < WEPSTRONGKEYSIZE; i++) {
keys[i] = buf[i];
}
for(; i < WEPKEYSTORE; i++) {
keys[i] = 0;
}
return;
}
static void
compute_cram_md5(uschar *secret, uschar *challenge, uschar *digestptr)
{
md5 base;
int i;
int len = Ustrlen(secret);
uschar isecret[64];
uschar osecret[64];
uschar md5secret[16];
/* If the secret is longer than 64 characters, we compute its MD5 digest
and use that. */
if (len > 64)
{
md5_start(&base);
md5_end(&base, (uschar *)secret, len, md5secret);
secret = (uschar *)md5secret;
len = 16;
}
/* The key length is now known to be <= 64. Set up the padded and xor'ed
versions. */
memcpy(isecret, secret, len);
memset(isecret+len, 0, 64-len);
memcpy(osecret, isecret, 64);
for (i = 0; i < 64; i++)
{
isecret[i] ^= 0x36;
osecret[i] ^= 0x5c;
}
/* Compute the inner MD5 digest */
md5_start(&base);
md5_mid(&base, isecret);
md5_end(&base, (uschar *)challenge, Ustrlen(challenge), md5secret);
/* Compute the outer MD5 digest */
md5_start(&base);
md5_mid(&base, osecret);
md5_end(&base, md5secret, 16, digestptr);
}
static int
mtd_verify(const char *mtd, char *file)
{
uint32_t f_md5[4], m_md5[4];
struct stat s;
md5_ctx_t ctx;
int ret = 0;
int fd;
if (quiet < 2)
fprintf(stderr, "Verifying %s against %s ...\n", mtd, file);
if (stat(file, &s) || md5sum(file, f_md5)) {
fprintf(stderr, "Failed to hash %s\n", file);
return -1;
}
fd = mtd_check_open(mtd);
if(fd < 0) {
fprintf(stderr, "Could not open mtd device: %s\n", mtd);
return -1;
}
md5_begin(&ctx);
do {
char buf[256];
int len = (s.st_size > sizeof(buf)) ? (sizeof(buf)) : (s.st_size);
int rlen = read(fd, buf, len);
if (rlen < 0) {
if (errno == EINTR)
continue;
ret = -1;
goto out;
}
if (!rlen)
break;
md5_hash(buf, rlen, &ctx);
s.st_size -= rlen;
} while (s.st_size > 0);
md5_end(m_md5, &ctx);
fprintf(stderr, "%08x%08x%08x%08x - %s\n", m_md5[0], m_md5[1], m_md5[2], m_md5[3], mtd);
fprintf(stderr, "%08x%08x%08x%08x - %s\n", f_md5[0], f_md5[1], f_md5[2], f_md5[3], file);
ret = memcmp(f_md5, m_md5, sizeof(m_md5));
if (!ret)
fprintf(stderr, "Success\n");
else
fprintf(stderr, "Failed\n");
out:
close(fd);
return ret;
}
static int nw_clients_start_acquire_data(struct nodewatcher_module *module,
struct ubus_context *ubus,
struct uci_context *uci)
{
json_object *object = json_object_new_object();
/* Iterate over DHCP leases */
FILE *leases_file = fopen("/tmp/dhcp.leases", "r");
if (leases_file) {
while (!feof(leases_file)) {
unsigned int expiry;
char mac[18];
char ip_address[46];
if (fscanf(leases_file, "%u %17s %45s %*[^\n]\n", &expiry, mac, ip_address) == 3) {
json_object *client = json_object_new_object();
json_object *addresses = json_object_new_array();
json_object *address = json_object_new_object();
json_object_object_add(address, "family", json_object_new_string("ipv4"));
json_object_object_add(address, "address", json_object_new_string(ip_address));
json_object_object_add(address, "expires", json_object_new_int(expiry));
json_object_array_add(addresses, address);
json_object_object_add(client, "addresses", addresses);
/* Compute salted hash of MAC address */
md5_ctx_t ctx;
uint8_t raw_mac_id[16];
char mac_id[33];
md5_begin(&ctx);
md5_hash(NW_CLIENT_ID_SALT, NW_CLIENT_ID_SALT_LENGTH, &ctx);
md5_hash(mac, 17, &ctx);
md5_end(raw_mac_id, &ctx);
/* Base64 encode the hash so it is more compact */
if (nw_base64_encode(raw_mac_id, sizeof(raw_mac_id), mac_id, sizeof(mac_id)) == 0) {
json_object_object_add(object, mac_id, client);
} else {
json_object_put(client);
}
}
}
fclose(leases_file);
}
/* Store resulting JSON object */
return nw_module_finish_acquire_data(module, object);
}
void start_milkfish_boot(void)
{
md5_ctx_t MD;
if (strlen(nvram_safe_get("milkfish_routerid")) != 32) {
unsigned char hash[32];
char *et0 = nvram_safe_get("et0macaddr");
md5_begin(&MD);
md5_hash(et0, 17, &MD);
md5_end((unsigned char *)hash, &MD);
char request[32];
int i;
for (i = 0; i < 16; i++)
sprintf(&request[2 * i], "%02x", hash[i]);
nvram_set("milkfish_routerid", request);
nvram_set("need_commit", "1");
}
// Start the milkfish services
eval("milkfish_services", "start");
// dbtext module setup
mkdir("/var/openser", 0700);
mkdir("/var/openser/dbtext", 0700);
eval("cp", "/etc/openser/dbtext/aliases", "/var/openser/dbtext/");
eval("cp", "/etc/openser/dbtext/location", "/var/openser/dbtext/");
eval("cp", "/etc/openser/dbtext/subscriber", "/var/openser/dbtext/");
eval("cp", "/etc/openser/dbtext/version", "/var/openser/dbtext/");
eval("cp", "/etc/openser/dbtext/uri", "/var/openser/dbtext/");
eval("cp", "/etc/openser/dbtext/grp", "/var/openser/dbtext/");
// restore dbtext parts which may have been saved into nvram
eval("milkfish_services", "sipdb", "restorenvdd");
// firewall configuration in networking/firewall.c
return;
}
void hotspotsys_config(void)
{
FILE *fp;
char *next;
char var[64];
char *dnslist;
int i;
md5_ctx_t MD;
if (strlen(nvram_safe_get("hotss_remotekey")) != 12) {
unsigned char hash[32];
char *et0 = nvram_safe_get("et0macaddr");
md5_begin(&MD);
md5_hash(et0, 17, &MD);
md5_end((unsigned char *)hash, &MD);
char idkey[16];
int i;
for (i = 0; i < 6; i++)
sprintf(&idkey[2 * i], "%02d",
(hash[i] + hash[i + 1]) % 100);
idkey[12] = '\0';
nvram_set("hotss_remotekey", idkey);
nvram_commit();
char sendid[256];
sprintf(sendid,
"/usr/bin/wget http://tech.hotspotsystem.com/up.php?mac=`nvram get wl0_hwaddr|sed s/:/-/g`\\&operator=%s\\&location=%s\\&remotekey=%s",
nvram_get("hotss_operatorid"),
nvram_get("hotss_locationid"),
nvram_get("hotss_remotekey"));
system2(sendid);
}
if (!(fp = fopen("/tmp/chilli/hotss.conf", "w"))) {
perror("/tmp/chilli/hotss.conf");
return;
}
fprintf(fp, "ipup /tmp/chilli/ip-up.sh\n");
fprintf(fp, "ipdown /tmp/chilli/ip-down.sh\n");
fprintf(fp, "radiusserver1 radius.hotspotsystem.com\n");
fprintf(fp, "radiusserver2 radius2.hotspotsystem.com\n");
fprintf(fp, "radiussecret hotsys123\n");
fprintf(fp, "dhcpif %s\n", nvram_safe_get("hotss_interface"));
if (nvram_invmatch("hotss_net", ""))
fprintf(fp, "net %s\n", nvram_get("hotss_net"));
char *uamdomain = "customer.hotspotsystem.com";
if (!nvram_match("hotss_customuam", "")) {
uamdomain = nvram_safe_get("hotss_customuam");
}
fprintf(fp,
"uamserver %s://%s/customer/hotspotlogin.php\n",
nvram_default_get("hotss_customuamproto", "https"), uamdomain);
if (nvram_invmatch("wan_get_dns", "0.0.0.0")
&& nvram_invmatch("wan_get_dns", "")) {
dnslist = nvram_safe_get("wan_get_dns");
i = 1;
foreach(var, dnslist, next) {
if (i > 2)
break;
fprintf(fp, "dns%d %s\n", i, var);
i++;
}
} else if (nvram_invmatch("wan_dns", "0.0.0.0")
int popmaildir_main(int argc UNUSED_PARAM, char **argv)
{
char *buf;
unsigned nmsg;
char *hostname;
pid_t pid;
const char *retr;
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
const char *delivery;
#endif
unsigned opt_nlines = 0;
enum {
OPT_b = 1 << 0, // -b binary mode. Ignored
OPT_d = 1 << 1, // -d,-dd,-ddd debug. Ignored
OPT_m = 1 << 2, // -m show ugsed memory. Ignored
OPT_V = 1 << 3, // -V version. Ignored
OPT_c = 1 << 4, // -c use tcpclient. Ignored
OPT_a = 1 << 5, // -a use APOP protocol
OPT_s = 1 << 6, // -s skip authorization
OPT_T = 1 << 7, // -T get messages with TOP instead with RETR
OPT_k = 1 << 8, // -k keep retrieved messages on the server
OPT_t = 1 << 9, // -t90 set timeout to 90 sec
OPT_R = 1 << 10, // -R20000 remove old messages on the server >= 20000 bytes (requires -k). Ignored
OPT_Z = 1 << 11, // -Z11-23 remove messages from 11 to 23 (dangerous). Ignored
OPT_L = 1 << 12, // -L50000 not retrieve new messages >= 50000 bytes. Ignored
OPT_H = 1 << 13, // -H30 type first 30 lines of a message; (-L12000 -H30). Ignored
OPT_M = 1 << 14, // -M\"program arg1 arg2 ...\"; deliver by program. Treated like -F
OPT_F = 1 << 15, // -F\"program arg1 arg2 ...\"; filter by program. Treated like -M
};
// init global variables
INIT_G();
// parse options
opt_complementary = "-1:dd:t+:R+:L+:H+";
opts = getopt32(argv,
"bdmVcasTkt:" "R:Z:L:H:" IF_FEATURE_POPMAILDIR_DELIVERY("M:F:"),
&timeout, NULL, NULL, NULL, &opt_nlines
IF_FEATURE_POPMAILDIR_DELIVERY(, &delivery, &delivery) // we treat -M and -F the same
);
//argc -= optind;
argv += optind;
// get auth info
if (!(opts & OPT_s))
get_cred_or_die(STDIN_FILENO);
// goto maildir
xchdir(*argv++);
// launch connect helper, if any
if (*argv)
launch_helper((const char **)argv);
// get server greeting
pop3_checkr(NULL, NULL, &buf);
// authenticate (if no -s given)
if (!(opts & OPT_s)) {
// server supports APOP and we want it?
if ('<' == buf[0] && (opts & OPT_a)) {
union { // save a bit of stack
md5_ctx_t ctx;
char hex[16 * 2 + 1];
} md5;
uint32_t res[16 / 4];
char *s = strchr(buf, '>');
if (s)
s[1] = '\0';
// get md5 sum of "<stamp>password" string
md5_begin(&md5.ctx);
md5_hash(&md5.ctx, buf, strlen(buf));
md5_hash(&md5.ctx, G.pass, strlen(G.pass));
md5_end(&md5.ctx, res);
*bin2hex(md5.hex, (char*)res, 16) = '\0';
// APOP
s = xasprintf("%s %s", G.user, md5.hex);
pop3_check("APOP %s", s);
free(s);
free(buf);
// server ignores APOP -> use simple text authentication
} else {
// USER
pop3_check("USER %s", G.user);
// PASS
pop3_check("PASS %s", G.pass);
}
}
// get mailbox statistics
pop3_checkr("STAT", NULL, &buf);
// prepare message filename suffix
hostname = safe_gethostname();
pid = getpid();
// get messages counter
// NOTE: we don't use xatou(buf) since buf is "nmsg nbytes"
// we only need nmsg and atoi is just exactly what we need
// if atoi fails to convert buf into number it returns 0
// in this case the following loop simply will not be executed
nmsg = atoi(buf);
free(buf);
// loop through messages
retr = (opts & OPT_T) ? xasprintf("TOP %%u %u", opt_nlines) : "RETR %u";
for (; nmsg; nmsg--) {
char *filename;
char *target;
char *answer;
FILE *fp;
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
int rc;
#endif
// generate unique filename
filename = xasprintf("tmp/%llu.%u.%s",
monotonic_us(), (unsigned)pid, hostname);
// retrieve message in ./tmp/ unless filter is specified
pop3_check(retr, (const char *)(ptrdiff_t)nmsg);
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
// delivery helper ordered? -> setup pipe
if (opts & (OPT_F|OPT_M)) {
// helper will have $FILENAME set to filename
xsetenv("FILENAME", filename);
fp = popen(delivery, "w");
unsetenv("FILENAME");
if (!fp) {
bb_perror_msg("delivery helper");
break;
}
} else
#endif
// create and open file filename
fp = xfopen_for_write(filename);
// copy stdin to fp (either filename or delivery helper)
while ((answer = xmalloc_fgets_str(stdin, "\r\n")) != NULL) {
char *s = answer;
if ('.' == answer[0]) {
if ('.' == answer[1])
s++;
else if ('\r' == answer[1] && '\n' == answer[2] && '\0' == answer[3])
break;
}
//*strchrnul(s, '\r') = '\n';
fputs(s, fp);
free(answer);
}
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
// analyse delivery status
if (opts & (OPT_F|OPT_M)) {
rc = pclose(fp);
if (99 == rc) // 99 means bail out
break;
// if (rc) // !0 means skip to the next message
goto skip;
// // 0 means continue
} else {
// close filename
fclose(fp);
}
#endif
// delete message from server
if (!(opts & OPT_k))
pop3_check("DELE %u", (const char*)(ptrdiff_t)nmsg);
// atomically move message to ./new/
target = xstrdup(filename);
strncpy(target, "new", 3);
// ... or just stop receiving on failure
if (rename_or_warn(filename, target))
break;
free(target);
#if ENABLE_FEATURE_POPMAILDIR_DELIVERY
skip:
#endif
free(filename);
}
// Bye
pop3_check("QUIT", NULL);
if (ENABLE_FEATURE_CLEAN_UP) {
free(G.user);
free(G.pass);
}
return EXIT_SUCCESS;
}
