// WELCOME|name=FXP.Oned|version=0.1|build=359|protocol=1.2|SSL=optional
void site_cmd_welcome(char **keys, char **values, int items,void *optarg)
{
fxpone_t *the_engine = optarg;
char *ssl;
ssl = parser_findkey(keys, values, items, "SSL");
if (ssl && !mystrccmp("disabled", ssl)) {
send_auth(the_engine);
return;
}
lion_printf(the_engine->handle, "SSL\r\n");
}
int site_handler(lion_t *handle, void *user_data,
int status, int size, char *line)
{
fxpone_t *fxpone = (fxpone_t *)user_data;
switch(status) {
case LION_CONNECTION_CONNECTED:
debugf("connected to FXP.One\n");
connected = 1;
break;
case LION_CONNECTION_LOST:
printf("Failed to connect to FXP.One: %d\n", size);
//do_exit=1;
connected = 0;
if (fxpone)
fxpone->handle = NULL;
break;
case LION_CONNECTION_CLOSED:
printf("Connection closed to FXP.One\n");
// We attempt reconnects with clomps-irc
//do_exit=1;
connected = 0;
if (fxpone)
fxpone->handle = NULL;
break;
case LION_CONNECTION_SECURE_ENABLED:
debugf("successfully negotiated SSL\n");
send_auth(fxpone);
break;
case LION_CONNECTION_SECURE_FAILED:
printf("SSL negotiation failed\n");
do_exit=1;
if (fxpone)
fxpone->handle = NULL;
break;
case LION_INPUT:
//debugf("FXP.One: %s\n", line);
parser_command(site_command_list, line, (void *)fxpone);
}
return 0;
}
void auth_update( fd_set *in_set, fd_set *out_set, fd_set *exc_set )
{
struct auth_data *auth;
struct auth_data *a_next;
for ( auth = first_auth; auth; auth = a_next )
{
a_next = auth->next;
/* if ( FD_ISSET(auth->auth_fd, exc_set) )
{
FD_CLR(auth->auth_fd, in_set );
FD_CLR(auth->auth_fd, out_set);
close(auth->auth_fd);
free_string(auth->d->user);
auth->d->user = str_dup("(fd exception)");
UNLINK(auth, first_auth, last_auth, next, prev);
PUT_FREE(auth, auth_free);
continue;
}*/
switch(auth->auth_state)
{
case AUTH_UNSENT:
if ( FD_ISSET(auth->auth_fd, out_set) )
send_auth(auth);
break;
case AUTH_SENT:
if ( FD_ISSET(auth->auth_fd, in_set ) )
read_auth(auth);
break;
case AUTH_RETRY:
if ( !start_auth(auth->d) )
{
UNLINK(auth, first_auth, last_auth, next, prev);
/* PUT_FREE(auth, auth_free);*/
continue;
}
break;
}
}
return;
}
void HTTPS_Proxy::connect_ready()
{
if (m_state != Connect){
log(L_WARN, "Proxy::connect_ready in bad state");
error_state(CONNECT_ERROR, 0);
return;
}
bIn.packetStart();
bOut << "CONNECT "
<< m_host.c_str()
<< ":"
<< number(m_port).c_str()
<< " HTTP/1.0\r\n"
<< "User-Agent: "
<< get_user_agent().c_str()
<< "\r\n";
send_auth();
bOut << "\r\n";
m_state = WaitConnect;
write();
}
void read_auth(struct params *p, struct ieee80211_frame *wh, int len)
{
unsigned short *ptr;
char mac[6*3];
if (memcmp(wh->i_addr1, p->mac, 6) != 0)
return;
ptr = (unsigned short*) (wh+1);
if (le16toh(*ptr) != 0) {
printf("Unknown auth algo %d\n", le16toh(*ptr));
return;
}
ptr++;
if (le16toh(*ptr) == 1) {
mac2str(mac, wh->i_addr2);
printf("Got auth from %s\n", mac);
send_auth(p, wh->i_addr2);
} else {
printf("Weird seq in auth %d\n", le16toh(*ptr));
}
}
int main(int argc, char **argv)
{
int val = 1;
char *st = NULL;
const char *command = NULL;
const char *prog = argv[0];
int ch;
msg->magic = htonl(EAD_MAGIC);
msg->sid = 0;
memset(&local, 0, sizeof(local));
memset(&remote, 0, sizeof(remote));
remote.sin_family = AF_INET;
remote.sin_addr.s_addr = 0xffffffff;
remote.sin_port = htons(EAD_PORT);
local.sin_family = AF_INET;
local.sin_addr.s_addr = INADDR_ANY;
local.sin_port = 0;
while ((ch = getopt(argc, argv, "b:s:h")) != -1) {
switch(ch) {
case 's':
inet_aton(optarg, &serverip);
break;
case 'b':
inet_aton(optarg, &remote.sin_addr);
break;
case 'h':
return usage(prog);
}
}
argv += optind;
argc -= optind;
switch(argc) {
case 3:
command = argv[2];
/* fall through */
case 2:
username = argv[1];
st = strchr(username, ':');
if (st) {
*st = 0;
st++;
strncpy(password, st, sizeof(password));
password[sizeof(password) - 1] = 0;
/* hide command line password */
memset(st, 0, strlen(st));
}
/* fall through */
case 1:
nid = strtoul(argv[0], &st, 16);
if (st && st[0] != 0)
return usage(prog);
/* fall through */
case 0:
break;
default:
return usage(prog);
}
msg->nid = htons(nid);
s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
if (s < 0) {
perror("socket");
return -1;
}
setsockopt(s, SOL_SOCKET, SO_BROADCAST, &val, sizeof(val));
if (bind(s, (struct sockaddr *)&local, sizeof(local)) < 0) {
perror("bind");
return -1;
}
sockflags = fcntl(s, F_GETFL);
if (!send_ping()) {
fprintf(stderr, "No devices found\n");
return 1;
}
if (nid == 0xffff)
return 0;
if (!username || !password[0])
return 0;
if (!send_username()) {
fprintf(stderr, "Device did not accept user name\n");
return 1;
}
timeout = EAD_TIMEOUT_LONG;
if (!get_prime()) {
fprintf(stderr, "Failed to get user password info\n");
return 1;
}
if (!send_a()) {
fprintf(stderr, "Failed to send local authentication data\n");
return 1;
}
if (!send_auth()) {
fprintf(stderr, "Authentication failed\n");
return 1;
}
if (!command) {
fprintf(stderr, "Authentication succesful\n");
return 0;
}
if (!send_command(command)) {
fprintf(stderr, "Command failed\n");
return 1;
}
return 0;
}
static int handle_packet(unsigned char *data, int data_len) {
struct mt_mactelnet_hdr pkthdr;
parse_packet(data, &pkthdr);
/* We only care about packets with correct sessionkey */
if (pkthdr.seskey != sessionkey) {
return -1;
}
/* Handle data packets */
if (pkthdr.ptype == MT_PTYPE_DATA) {
struct mt_packet odata;
struct mt_mactelnet_control_hdr cpkt;
int success = 0;
/* Always transmit ACKNOWLEDGE packets in response to DATA packets */
init_packet(&odata, MT_PTYPE_ACK, srcmac, dstmac, sessionkey, pkthdr.counter + (data_len - MT_HEADER_LEN));
send_udp(&odata, 0);
/* Accept first packet, and all packets greater than incounter, and if counter has
wrapped around. */
if (incounter == 0 || pkthdr.counter > incounter || (incounter - pkthdr.counter) > 65535) {
incounter = pkthdr.counter;
} else {
/* Ignore double or old packets */
return -1;
}
/* Parse controlpacket data */
success = parse_control_packet(data + MT_HEADER_LEN, data_len - MT_HEADER_LEN, &cpkt);
while (success) {
/* If we receive encryptionkey, transmit auth data back */
if (cpkt.cptype == MT_CPTYPE_ENCRYPTIONKEY) {
memcpy(encryptionkey, cpkt.data, cpkt.length);
send_auth(username, password);
}
/* If the (remaining) data did not have a control-packet magic byte sequence,
the data is raw terminal data to be outputted to the terminal. */
else if (cpkt.cptype == MT_CPTYPE_PLAINDATA) {
cpkt.data[cpkt.length] = 0;
printf("%s", cpkt.data);
}
/* END_AUTH means that the user/password negotiation is done, and after this point
terminal data may arrive, so we set up the terminal to raw mode. */
else if (cpkt.cptype == MT_CPTYPE_END_AUTH) {
/* we have entered "terminal mode" */
terminal_mode = 1;
if (is_a_tty) {
/* stop input buffering at all levels. Give full control of terminal to RouterOS */
raw_term();
setvbuf(stdin, (char*)NULL, _IONBF, 0);
/* Add resize signal handler */
signal(SIGWINCH, sig_winch);
}
}
/* Parse next controlpacket */
success = parse_control_packet(NULL, 0, &cpkt);
}
}
else if (pkthdr.ptype == MT_PTYPE_ACK) {
/* Handled elsewhere */
}
/* The server wants to terminate the connection, we have to oblige */
else if (pkthdr.ptype == MT_PTYPE_END) {
struct mt_packet odata;
/* Acknowledge the disconnection by sending a END packet in return */
init_packet(&odata, MT_PTYPE_END, srcmac, dstmac, pkthdr.seskey, 0);
send_udp(&odata, 0);
if (!quiet_mode) {
fprintf(stderr, "Connection closed.\n");
}
/* exit */
running = 0;
} else {
fprintf(stderr, "Unhandeled packet type: %d received from server %s\n", pkthdr.ptype, ether_ntoa((struct ether_addr *)dstmac));
return -1;
}
return pkthdr.ptype;
}
void HTTP_Proxy::write(const char *buf, unsigned int size)
{
if (!m_bHTTP){
HTTPS_Proxy::write(buf, size);
return;
}
if (m_state == Data){
unsigned out_size = size;
if (out_size > m_size)
out_size = m_size;
if (out_size == 0)
return;
bOut.pack(buf, out_size);
m_size -= out_size;
HTTPS_Proxy::write();
return;
}
m_out.pack(buf, size);
string line;
if (m_state == WaitHeader){
if (!m_out.scan("\r\n", line))
return;
bOut
<< getToken(line, ' ', false).c_str()
<< " http://"
<< m_host.c_str();
if (m_port != 80)
bOut << ":" << number(m_port).c_str();
bOut << getToken(line, ' ', false).c_str();
bOut << " HTTP/1.1\r\n";
m_state = Headers;
}
if (m_state == Headers){
for (;;){
if (!m_out.scan("\r\n", line)){
HTTPS_Proxy::write();
return;
}
if (line.empty())
break;
string param = getToken(line, ':');
if (param == "Content-Length"){
const char *p = line.c_str();
for (; *p; p++){
if (*p != ' ')
break;
}
m_size = atol(p);
}
bOut << param.c_str() << ":" << line.c_str() << "\r\n";
}
send_auth();
bOut << "\r\n";
if (m_out.readPos() < m_out.writePos()){
unsigned out_size = m_out.writePos() - m_out.readPos();
if (out_size > m_size)
out_size = m_size;
bOut.pack(m_out.data(m_out.readPos()), out_size);
m_size -= out_size;
}
m_out.init(0);
m_state = Data;
HTTPS_Proxy::write();
}
}
