static void session_init(tls_session_t *session)
{
session->ssl = NULL;
session->into_ssl = session->from_ssl = NULL;
record_init(&session->clean_in);
record_init(&session->clean_out);
record_init(&session->dirty_in);
record_init(&session->dirty_out);
memset(&session->info, 0, sizeof(session->info));
session->mtu = 0;
session->opaque = NULL;
}
/* intialize the record to the first record of the tree
* which is (per design) the root node.
*/
int record_init_root(record* r, btree* tree)
{
// Position to first leaf node ...
UInt32 leaf_head = tree->head.leaf_head;
node_buf* buf = btree_node_by_index(tree, leaf_head);
if (!buf)
return -1;
return record_init(r, tree, buf, 0);
}
int main(int argc, char **argv) {
char c = 0;
record_init();
while (c != '.') {
print_prompt();
c = read_char();
eat_extra_input();
if (c != '.') {
record_char(c);
echo_char(c);
}
}
record_print();
return 0;
}
int
main(int argc, char *argv[])
{
int c;
u_long ip;
u_short lport, rport;
lport = rport = 22;
while ((c = getopt(argc, argv, "dIp:h?V")) != -1) {
switch (c) {
case 'd':
Opt_debug = 1;
break;
case 'I':
Opt_interact = 1;
break;
case 'p':
if ((lport = atoi(optarg)) == 0)
usage();
break;
default:
usage();
break;
}
}
argc -= optind;
argv += optind;
if (argc < 1)
usage();
if ((ip = libnet_name_resolve(argv[0], 1)) == -1)
usage();
if (argc == 2 && (rport = atoi(argv[1])) == 0)
usage();
record_init(NULL);
mitm_init(lport, ip, rport);
warnx("relaying to %s", argv[0]);
mitm_run();
exit(0);
}
/* move record foreward to next entry.
*
* In case of an error the value of *r is undefined !
*/
int record_next(record* r)
{
btree* tree = r->tree;
UInt16 index = r->keyind +1;
UInt32 parent;
node_buf* buf = prepare_next(tree, r->node_index, &index);
if (!buf)
return ENOENT; // No (more) such file or directory
parent = r->key.parent_cnid;
if (record_init(r, tree, buf, index))
return -1;
if (r->key.parent_cnid != parent || // end of current directory
index != r->keyind) // internal error ?
return ENOENT; // No (more) such file or directory
return 0;
}
int
main(int argc, char *argv[])
{
int c;
char *services, *savefile, *triggers;
services = savefile = triggers = NULL;
while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) {
switch (c) {
case 'c':
Opt_client = 1;
break;
case 'd':
Opt_debug++;
break;
case 'f':
services = optarg;
break;
case 'i':
nids_params.device = optarg;
break;
case 'm':
Opt_magic = 1;
break;
case 'n':
Opt_dns = 0;
break;
case 'r':
Opt_read = 1;
savefile = optarg;
break;
case 's':
if ((Opt_snaplen = atoi(optarg)) == 0)
usage();
break;
case 't':
triggers = optarg;
break;
case 'w':
Opt_write = 1;
savefile = optarg;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (Opt_read && Opt_write)
usage();
if (!record_init(savefile))
err(1, "record_init");
signal(SIGHUP, sig_hup);
signal(SIGINT, sig_die);
signal(SIGTERM, sig_die);
if (Opt_read) {
record_dump();
record_close();
exit(0);
}
if (argc != 0)
nids_params.pcap_filter = copy_argv(argv);
nids_params.scan_num_hosts = 0;
nids_params.syslog = null_syslog;
if (!nids_init()) {
record_close();
errx(1, "nids_init: %s", nids_errbuf);
}
if (Opt_magic) {
trigger_init_magic(DSNIFF_LIBDIR DSNIFF_MAGIC);
}
if (triggers) {
trigger_init_list(triggers);
}
if (services == NULL) {
services = DSNIFF_LIBDIR DSNIFF_SERVICES;
}
trigger_init_services(services);
nids_register_ip(trigger_ip);
nids_register_ip(trigger_udp);
if (Opt_client) {
nids_register_ip(trigger_tcp_raw);
signal(SIGALRM, trigger_tcp_raw_timeout);
alarm(TRIGGER_TCP_RAW_TIMEOUT);
}
else nids_register_tcp(trigger_tcp);
if (nids_params.pcap_filter != NULL) {
warnx("listening on %s [%s]", nids_params.device,
nids_params.pcap_filter);
}
else warnx("listening on %s", nids_params.device);
nids_run();
/* NOTREACHED */
exit(0);
}
int main()
{
ALCdevice* device;
ALint sample;
void* buffer;
void* audio_buffer;
void* buffer_point;
WAVPROP* wavp;
WAVEHDR* wavheader;
pthread_t tid;
int i, j, final_size, err, counter;
int ctl = 0;
int threshold = 10000; /* Threshold of wave strength to be considered speaking */
int buffersize = sizeof(WAVEHDR) + BUF_SIZE;
struct curl_slist *headers = NULL;
upload_init(headers);
device = record_init(AL_FORMAT_MONO16, SPEED, FRAME_SIZE * 2);
alcCaptureStart(device);
while (1)
{
buffer = malloc(buffersize);
audio_buffer = buffer + sizeof(WAVEHDR);
buffer_point = audio_buffer;
/* Wait until speek */
counter = 0;
while(1)
{
alcCaptureSamples(device, (ALCvoid*)buffer_point, (ALCsizei)2000);
usleep((useconds_t)250000);
//printf("%d\n", maxwav(buffer_point));
if (maxwav(buffer_point) > threshold)
{
printf("%s\n", "Start recording");
buffer_point += FRAME_SIZE;
break;
}
}
/* Record */
for (i = 0; i < 239; i++)
{
alcCaptureSamples(device, (ALCvoid*)buffer_point, (ALCsizei)2000);
usleep((useconds_t)250000);
//printf("%d\n", maxwav(buffer_point));
if (maxwav(buffer_point) < threshold)
{
counter += 1;
}
else
{
counter = 0;
}
if (counter > 3) /* 1 secs */
{
printf("%s\n", "Stop recording");
i -= 2;
break;
}
buffer_point += FRAME_SIZE;
ctl = kbhit();
if (ctl > 0)
{
printf("%s\n", "Key pressed");
for (j=0; j < ctl; j++)
{
getchar();
}
break;
}
}
if (i == 239)
{
printf("%s\n", "Time up!");
final_size = BUF_SIZE;
}
else
{
final_size = (i + 1) * FRAME_SIZE;
}
/* Finalize header */
wavheader = (WAVEHDR*)buffer;
wav_finalize_header(wavheader, final_size);
/* upload it */
wavp = (WAVPROP*)malloc(sizeof(WAVPROP));
wavp->ptr = buffer;
wavp->len = (size_t)(final_size + sizeof(WAVEHDR));
err = pthread_create(&tid, NULL, upload, (void*)wavp);
if (err != 0) {
fprintf(stderr, "can't create thread: %s\n", strerror(err));
exit(1);
}
}
alcCaptureStop(device);
record_clean(device);
upload_clean(headers);
return 0;
}
/** Continue a TLS handshake
*
* Advance the TLS handshake by feeding OpenSSL data from dirty_in,
* and reading data from OpenSSL into dirty_out.
*
* @param request The current request.
* @param session The current TLS session.
* @return
* - 0 on error.
* - 1 on success.
*/
int tls_session_handshake(REQUEST *request, tls_session_t *session)
{
int ret;
/*
* This is a logic error. tls_session_handshake
* must not be called if the handshake is
* complete tls_session_recv must be
* called instead.
*/
if (SSL_is_init_finished(session->ssl)) {
REDEBUG("Attempted to continue TLS handshake, but handshake has completed");
return 0;
}
if (session->invalid) {
REDEBUG("Preventing invalid session from continuing");
return 0;
}
/*
* Feed dirty data into OpenSSL, so that is can either
* process it as Application data (decrypting it)
* or continue the TLS handshake.
*/
if (session->dirty_in.used) {
ret = BIO_write(session->into_ssl, session->dirty_in.data, session->dirty_in.used);
if (ret != (int)session->dirty_in.used) {
REDEBUG("Failed writing %zd bytes to TLS BIO: %d", session->dirty_in.used, ret);
record_init(&session->dirty_in);
return 0;
}
record_init(&session->dirty_in);
}
/*
* Magic/More magic? Although SSL_read is normally
* used to read application data, it will also
* continue the TLS handshake. Removing this call will
* cause the handshake to fail.
*
* We don't ever expect to actually *receive* application
* data here.
*
* The reason why we call SSL_read instead of SSL_accept,
* or SSL_connect, as it allows this function
* to be used, irrespective or whether we're acting
* as a client or a server.
*
* If acting as a client SSL_set_connect_state must have
* been called before this function.
*
* If acting as a server SSL_set_accept_state must have
* been called before this function.
*/
ret = SSL_read(session->ssl, session->clean_out.data + session->clean_out.used,
sizeof(session->clean_out.data) - session->clean_out.used);
if (ret > 0) {
session->clean_out.used += ret;
return 1;
}
if (!tls_log_io_error(request, session, ret, "Failed in SSL_read")) return 0;
/*
* This only occurs once per session, where calling
* SSL_read updates the state of the SSL session, setting
* this flag to true.
*
* Callbacks provide enough info so we don't need to
* print debug statements when the handshake is in other
* states.
*/
if (SSL_is_init_finished(session->ssl)) {
SSL_CIPHER const *cipher;
VALUE_PAIR *vp;
char const *str_version;
char cipher_desc[256], cipher_desc_clean[256];
char *p = cipher_desc, *q = cipher_desc_clean;
cipher = SSL_get_current_cipher(session->ssl);
SSL_CIPHER_description(cipher, cipher_desc, sizeof(cipher_desc));
/*
* Cleanup the output from OpenSSL
* Seems to print info in a tabular format.
*/
while (*p != '\0') {
if (isspace(*p)) {
*q++ = *p;
while (isspace(*++p));
continue;
}
*q++ = *p++;
}
*q = '\0';
RDEBUG2("Cipher suite: %s", cipher_desc_clean);
vp = fr_pair_afrom_num(request->state_ctx, 0, FR_TLS_SESSION_CIPHER_SUITE);
if (vp) {
fr_pair_value_strcpy(vp, SSL_CIPHER_get_name(cipher));
fr_pair_add(&request->state, vp);
RDEBUG2(" &session-state:TLS-Session-Cipher-Suite := \"%s\"", vp->vp_strvalue);
}
switch (session->info.version) {
case SSL2_VERSION:
str_version = "SSL 2.0";
break;
case SSL3_VERSION:
str_version = "SSL 3.0";
break;
case TLS1_VERSION:
str_version = "TLS 1.0";
break;
#ifdef TLS1_1_VERSION
case TLS1_1_VERSION:
str_version = "TLS 1.1";
break;
#endif
#ifdef TLS1_2_VERSION
case TLS1_2_VERSION:
str_version = "TLS 1.2";
break;
#endif
#ifdef TLS1_3_VERSON
case TLS1_3_VERSION:
str_version = "TLS 1.3";
break;
#endif
default:
str_version = "UNKNOWN";
break;
}
vp = fr_pair_afrom_num(request->state_ctx, 0, FR_TLS_SESSION_VERSION);
if (vp) {
fr_pair_value_strcpy(vp, str_version);
fr_pair_add(&request->state, vp);
RDEBUG2(" &session-state:TLS-Session-Version := \"%s\"", str_version);
}
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
/*
* Cache the SSL_SESSION pointer.
*
* Which contains all the data we need for session resumption.
*/
if (!session->ssl_session) {
session->ssl_session = SSL_get_session(session->ssl);
if (!session->ssl_session) {
REDEBUG("Failed getting TLS session");
return 0;
}
}
if (RDEBUG_ENABLED3) {
BIO *ssl_log = BIO_new(BIO_s_mem());
if (ssl_log) {
if (SSL_SESSION_print(ssl_log, session->ssl_session) == 1) {
SSL_DRAIN_ERROR_QUEUE(RDEBUG3, "", ssl_log);
} else {
RDEBUG3("Failed retrieving session data");
}
BIO_free(ssl_log);
}
}
#endif
/*
* Session was resumed, add attribute to mark it as such.
*/
if (SSL_session_reused(session->ssl)) {
/*
* Mark the request as resumed.
*/
MEM(pair_update_request(&vp, attr_eap_session_resumed) >= 0);
vp->vp_bool = true;
}
}
/*
* Get data to pack and send back to the TLS peer.
*/
ret = BIO_ctrl_pending(session->from_ssl);
if (ret > 0) {
ret = BIO_read(session->from_ssl, session->dirty_out.data,
sizeof(session->dirty_out.data));
if (ret > 0) {
session->dirty_out.used = ret;
} else if (BIO_should_retry(session->from_ssl)) {
record_init(&session->dirty_in);
RDEBUG2("Asking for more data in tunnel");
return 1;
} else {
tls_log_error(NULL, NULL);
record_init(&session->dirty_in);
return 0;
}
} else {
/* Its clean application data, do whatever we want */
record_init(&session->clean_out);
}
/*
* W would prefer to latch on info.content_type but
* (I think its...) tls_session_msg_cb() updates it
* after the call to tls_session_handshake_alert()
*/
if (session->handshake_alert.level) {
/*
* FIXME RFC 4851 section 3.6.1 - peer might ACK alert and include a restarted ClientHello
* which eap_tls_session_status() will fail on
*/
session->info.content_type = SSL3_RT_ALERT;
session->dirty_out.data[0] = session->info.content_type;
session->dirty_out.data[1] = 3;
session->dirty_out.data[2] = 1;
session->dirty_out.data[3] = 0;
session->dirty_out.data[4] = 2;
session->dirty_out.data[5] = session->handshake_alert.level;
session->dirty_out.data[6] = session->handshake_alert.description;
session->dirty_out.used = 7;
session->handshake_alert.level = 0;
}
/* We are done with dirty_in, reinitialize it */
record_init(&session->dirty_in);
return 1;
}
/** Decrypt application data
*
* @note Handshake must have completed before this function may be called.
*
* Feed data from dirty_in to OpenSSL, and read the clean data into clean_out.
*
* @param[in] request The current #REQUEST.
* @param[in] session The current TLS session.
* @return
* - -1 on error.
* - 1 if more fragments are required to fully reassemble the record for decryption.
* - 0 if we decrypted a complete record.
*/
int tls_session_recv(REQUEST *request, tls_session_t *session)
{
int ret;
if (!SSL_is_init_finished(session->ssl)) {
REDEBUG("Attempted to read application data before handshake completed");
return -1;
}
/*
* Decrypt the complete record.
*/
if (session->dirty_in.used) {
ret = BIO_write(session->into_ssl, session->dirty_in.data, session->dirty_in.used);
if (ret != (int) session->dirty_in.used) {
record_init(&session->dirty_in);
REDEBUG("Failed writing %zd bytes to SSL BIO: %d", session->dirty_in.used, ret);
return -1;
}
record_init(&session->dirty_in);
}
/*
* Clear the dirty buffer now that we are done with it
* and init the clean_out buffer to store decrypted data
*/
record_init(&session->clean_out);
/*
* Read (and decrypt) the tunneled data from the
* SSL session, and put it into the decrypted
* data buffer.
*/
ret = SSL_read(session->ssl, session->clean_out.data, sizeof(session->clean_out.data));
if (ret < 0) {
int code;
code = SSL_get_error(session->ssl, ret);
switch (code) {
case SSL_ERROR_WANT_READ:
RWDEBUG("Peer indicated record was complete, but OpenSSL returned SSL_WANT_READ. "
"Attempting to continue");
return 1;
case SSL_ERROR_WANT_WRITE:
REDEBUG("Error in fragmentation logic: SSL_WANT_WRITE");
break;
default:
REDEBUG("Error in fragmentation logic");
tls_log_io_error(request, session, ret, "Failed in SSL_read");
break;
}
return -1;
}
if (ret == 0) RWDEBUG("No data inside of the tunnel");
/*
* Passed all checks, successfully decrypted data
*/
session->clean_out.used = ret;
RDEBUG2("Decrypted TLS application data (%zu bytes)", session->clean_out.used);
log_request_hex(L_DBG, L_DBG_LVL_3, request, session->clean_out.data, session->clean_out.used);
return 0;
}
RECORD *dbf_read_next(DBF *dbf)
{
RECORD *record = NULL;
CELL *cell = NULL;
DBF_FIELD *field;
ssize_t count;
char *buf, *cur, *tmp;
int i;
uint32 len = dbf->record_length;
DBUG_ENTER("dbf_read_next");
buf = cur = memset(dbf->record_buffer, 0, dbf->record_length+1);
if((count=read(dbf->fd, buf, dbf->record_length+1)) < dbf->record_length+1)
{
if(count == 1 && buf[0] == DBF_EOF)
{
goto endoffile;
}
fprintf(stderr, "DBF: Error reading record: read only %i bytes, expected %i bytes\n", count, dbf->record_length+1);
close(dbf->fd);
DBUG_RETURN(NULL);
}
if(!(record = record_init(dbf)))
DBUG_RETURN(NULL);
/* status = cur[0] */
cur++;
for(field=dbf->fields, i=0; i<dbf->numfields; field++, i++)
{
cell = cell_init(field, &field->metadata);
switch(field->type)
{
case DBF_CHARACTER:
if(!(cell->data.character = (char *)strndup(cur, field->size)))
goto oom;
mygis_trim(cell->data.character, field->size);
break;
case DBF_DATE:
if(!(cell->data.date = (char *)strndup(cur, field->size)))
goto oom;
break;
case DBF_NUMBER:
/* if field->decimals > 0, fall through to FLOATING */
if(field->decimals == 0)
{
if(!(tmp = (char *)strndup(cur, field->size)))
goto oom;
cell->data.number = atoll(tmp);
free(tmp);
break;
}
case DBF_FLOATING:
if(!(tmp = (char *)strndup(cur, field->size)))
goto oom;
cell->data.floating = atof(tmp);
free(tmp);
break;
case DBF_LOGICAL:
cell->data.logical = cur[0];
break;
case DBF_GENERAL:
case DBF_MEMO:
case DBF_PICTURE:
fprintf(stderr, "Unsupported field type %c! Please ask for support from the author!\n", field->type);
return NULL;
default:
fprintf(stderr, "Unknown field type %c!\n", field->type);
return NULL;
}
record_append(record, cell);
cur += field->size;
}
endoffile:
dbf->position++;
DBUG_RETURN(record);
oom:
fprintf(stderr, "DBF: Out of memory!\n");
DBUG_RETURN(NULL);
}
