diff --git a/.gitignore b/.gitignore index ffb477f..5cdbef0 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,6 @@ secip.h ndr_secip.c ndr_secip.h tags +bin/.* +.lock-waf* +build/ diff --git a/Makefile b/Makefile index 5e3bbe2..ab6c21a 100644 --- a/Makefile +++ b/Makefile @@ -1,52 +1,14 @@ CC := gcc -# Enable for debug -CFLAGS := -g -ggdb -std=c99 -Wall -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Wdeclaration-after-statement -Werror-implicit-function-declaration -Wstrict-prototypes - -INCLUDES := -I/usr/include -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/samba-4.0 - -siahsd_LIB := -ltalloc -ldbi -lglib-2.0 -siahsd_OBJ := sia.o status.o database.o config.o siahsd.o - -secipd_LIB := -ltalloc -ldbi -lglib-2.0 -lndr -secipd_OBJ := sia.o status.o database.o config.o ndr_secip.o secipd.o - - -OBJ := $(siahsd_OBJ) $(secipd_OBJ) - -binaries := siahsd secipd - -all: $(binaries) +all: + bin/waf build clean: - rm -f $(binaries) - rm -f $(OBJ) - rm -f $(OBJ:.o=.d) - rm -f ndr_*.[ch] - rm -f secip.h + bin/waf clean -distclean: clean - rm -f tags - - -secipd: $(secipd_OBJ) - @echo Linking $@ - @$(CC) $(secipd_OBJ) $(secipd_LIB) -o secipd - -siahsd: $(siahsd_OBJ) - @echo Linking $@ - @$(CC) $(siahsd_OBJ) $(siahsd_LIB) -o siahsd +distclean: + bin/waf distclean ctags: ctags `find -name \*.[ch]` -idl: - pidl/pidl --ndr-parser=ndr_secip.c secip.idl - pidl/pidl --header=secip.h secip.idl - -%.o: %.c - @echo Compiling $*.c - @$(CC) -c $(CFLAGS) $(INCLUDES) -o $*.o $< - @$(CC) -MM $(CFLAGS) -MT $*.o $(INCLUDES) -o $*.d $< - --include $(OBJ:.o=.d) diff --git a/pidl/MANIFEST b/bin/pidl/MANIFEST similarity index 100% rename from pidl/MANIFEST rename to bin/pidl/MANIFEST diff --git a/pidl/META.yml b/bin/pidl/META.yml similarity index 100% rename from pidl/META.yml rename to bin/pidl/META.yml diff --git a/pidl/MYMETA.yml b/bin/pidl/MYMETA.yml similarity index 100% rename from pidl/MYMETA.yml rename to bin/pidl/MYMETA.yml diff --git a/pidl/Makefile b/bin/pidl/Makefile similarity index 100% rename from pidl/Makefile rename to bin/pidl/Makefile diff --git a/pidl/Makefile.PL b/bin/pidl/Makefile.PL similarity index 100% rename from pidl/Makefile.PL rename to bin/pidl/Makefile.PL diff --git a/pidl/README b/bin/pidl/README similarity index 100% rename from pidl/README rename to bin/pidl/README diff --git a/pidl/TODO b/bin/pidl/TODO similarity index 100% rename from pidl/TODO rename to bin/pidl/TODO diff --git a/pidl/expr.yp b/bin/pidl/expr.yp similarity index 100% rename from pidl/expr.yp rename to bin/pidl/expr.yp diff --git a/pidl/idl.yp b/bin/pidl/idl.yp similarity index 100% rename from pidl/idl.yp rename to bin/pidl/idl.yp diff --git a/pidl/lib/Parse/Pidl.pm b/bin/pidl/lib/Parse/Pidl.pm similarity index 100% rename from pidl/lib/Parse/Pidl.pm rename to bin/pidl/lib/Parse/Pidl.pm diff --git a/pidl/lib/Parse/Pidl/CUtil.pm b/bin/pidl/lib/Parse/Pidl/CUtil.pm similarity index 100% rename from pidl/lib/Parse/Pidl/CUtil.pm rename to bin/pidl/lib/Parse/Pidl/CUtil.pm diff --git a/pidl/lib/Parse/Pidl/Compat.pm b/bin/pidl/lib/Parse/Pidl/Compat.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Compat.pm rename to bin/pidl/lib/Parse/Pidl/Compat.pm diff --git a/pidl/lib/Parse/Pidl/Dump.pm b/bin/pidl/lib/Parse/Pidl/Dump.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Dump.pm rename to bin/pidl/lib/Parse/Pidl/Dump.pm diff --git a/pidl/lib/Parse/Pidl/Expr.pm b/bin/pidl/lib/Parse/Pidl/Expr.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Expr.pm rename to bin/pidl/lib/Parse/Pidl/Expr.pm diff --git a/pidl/lib/Parse/Pidl/IDL.pm b/bin/pidl/lib/Parse/Pidl/IDL.pm similarity index 100% rename from pidl/lib/Parse/Pidl/IDL.pm rename to bin/pidl/lib/Parse/Pidl/IDL.pm diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/bin/pidl/lib/Parse/Pidl/NDR.pm similarity index 100% rename from pidl/lib/Parse/Pidl/NDR.pm rename to bin/pidl/lib/Parse/Pidl/NDR.pm diff --git a/pidl/lib/Parse/Pidl/ODL.pm b/bin/pidl/lib/Parse/Pidl/ODL.pm similarity index 100% rename from pidl/lib/Parse/Pidl/ODL.pm rename to bin/pidl/lib/Parse/Pidl/ODL.pm diff --git a/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm b/bin/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm rename to bin/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm diff --git a/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm b/bin/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm rename to bin/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm diff --git a/pidl/lib/Parse/Pidl/Samba4.pm b/bin/pidl/lib/Parse/Pidl/Samba4.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4.pm rename to bin/pidl/lib/Parse/Pidl/Samba4.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/COM/Header.pm b/bin/pidl/lib/Parse/Pidl/Samba4/COM/Header.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/COM/Header.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/COM/Header.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/COM/Proxy.pm b/bin/pidl/lib/Parse/Pidl/Samba4/COM/Proxy.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/COM/Proxy.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/COM/Proxy.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm b/bin/pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/Header.pm b/bin/pidl/lib/Parse/Pidl/Samba4/Header.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/Header.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/Header.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm b/bin/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/bin/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm b/bin/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/bin/pidl/lib/Parse/Pidl/Samba4/Python.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/Python.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/Python.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/TDR.pm b/bin/pidl/lib/Parse/Pidl/Samba4/TDR.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/TDR.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/TDR.pm diff --git a/pidl/lib/Parse/Pidl/Samba4/Template.pm b/bin/pidl/lib/Parse/Pidl/Samba4/Template.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Samba4/Template.pm rename to bin/pidl/lib/Parse/Pidl/Samba4/Template.pm diff --git a/pidl/lib/Parse/Pidl/Typelist.pm b/bin/pidl/lib/Parse/Pidl/Typelist.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Typelist.pm rename to bin/pidl/lib/Parse/Pidl/Typelist.pm diff --git a/pidl/lib/Parse/Pidl/Util.pm b/bin/pidl/lib/Parse/Pidl/Util.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Util.pm rename to bin/pidl/lib/Parse/Pidl/Util.pm diff --git a/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm b/bin/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Wireshark/Conformance.pm rename to bin/pidl/lib/Parse/Pidl/Wireshark/Conformance.pm diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/bin/pidl/lib/Parse/Pidl/Wireshark/NDR.pm similarity index 100% rename from pidl/lib/Parse/Pidl/Wireshark/NDR.pm rename to bin/pidl/lib/Parse/Pidl/Wireshark/NDR.pm diff --git a/pidl/lib/Parse/Yapp/Driver.pm b/bin/pidl/lib/Parse/Yapp/Driver.pm similarity index 100% rename from pidl/lib/Parse/Yapp/Driver.pm rename to bin/pidl/lib/Parse/Yapp/Driver.pm diff --git a/pidl/lib/wscript_build b/bin/pidl/lib/wscript_build similarity index 100% rename from pidl/lib/wscript_build rename to bin/pidl/lib/wscript_build diff --git a/pidl/pidl b/bin/pidl/pidl similarity index 100% rename from pidl/pidl rename to bin/pidl/pidl diff --git a/pidl/tests/Util.pm b/bin/pidl/tests/Util.pm similarity index 100% rename from pidl/tests/Util.pm rename to bin/pidl/tests/Util.pm diff --git a/pidl/tests/cutil.pl b/bin/pidl/tests/cutil.pl similarity index 100% rename from pidl/tests/cutil.pl rename to bin/pidl/tests/cutil.pl diff --git a/pidl/tests/dump.pl b/bin/pidl/tests/dump.pl similarity index 100% rename from pidl/tests/dump.pl rename to bin/pidl/tests/dump.pl diff --git a/pidl/tests/header.pl b/bin/pidl/tests/header.pl similarity index 100% rename from pidl/tests/header.pl rename to bin/pidl/tests/header.pl diff --git a/pidl/tests/ndr.pl b/bin/pidl/tests/ndr.pl similarity index 100% rename from pidl/tests/ndr.pl rename to bin/pidl/tests/ndr.pl diff --git a/pidl/tests/ndr_align.pl b/bin/pidl/tests/ndr_align.pl similarity index 100% rename from pidl/tests/ndr_align.pl rename to bin/pidl/tests/ndr_align.pl diff --git a/pidl/tests/ndr_alloc.pl b/bin/pidl/tests/ndr_alloc.pl similarity index 100% rename from pidl/tests/ndr_alloc.pl rename to bin/pidl/tests/ndr_alloc.pl diff --git a/pidl/tests/ndr_array.pl b/bin/pidl/tests/ndr_array.pl similarity index 100% rename from pidl/tests/ndr_array.pl rename to bin/pidl/tests/ndr_array.pl diff --git a/pidl/tests/ndr_compat.pl b/bin/pidl/tests/ndr_compat.pl similarity index 100% rename from pidl/tests/ndr_compat.pl rename to bin/pidl/tests/ndr_compat.pl diff --git a/pidl/tests/ndr_deprecations.pl b/bin/pidl/tests/ndr_deprecations.pl similarity index 100% rename from pidl/tests/ndr_deprecations.pl rename to bin/pidl/tests/ndr_deprecations.pl diff --git a/pidl/tests/ndr_fullptr.pl b/bin/pidl/tests/ndr_fullptr.pl similarity index 100% rename from pidl/tests/ndr_fullptr.pl rename to bin/pidl/tests/ndr_fullptr.pl diff --git a/pidl/tests/ndr_refptr.pl b/bin/pidl/tests/ndr_refptr.pl similarity index 100% rename from pidl/tests/ndr_refptr.pl rename to bin/pidl/tests/ndr_refptr.pl diff --git a/pidl/tests/ndr_represent.pl b/bin/pidl/tests/ndr_represent.pl similarity index 100% rename from pidl/tests/ndr_represent.pl rename to bin/pidl/tests/ndr_represent.pl diff --git a/pidl/tests/ndr_simple.pl b/bin/pidl/tests/ndr_simple.pl similarity index 100% rename from pidl/tests/ndr_simple.pl rename to bin/pidl/tests/ndr_simple.pl diff --git a/pidl/tests/ndr_string.pl b/bin/pidl/tests/ndr_string.pl similarity index 100% rename from pidl/tests/ndr_string.pl rename to bin/pidl/tests/ndr_string.pl diff --git a/pidl/tests/ndr_tagtype.pl b/bin/pidl/tests/ndr_tagtype.pl similarity index 100% rename from pidl/tests/ndr_tagtype.pl rename to bin/pidl/tests/ndr_tagtype.pl diff --git a/pidl/tests/parse_idl.pl b/bin/pidl/tests/parse_idl.pl similarity index 100% rename from pidl/tests/parse_idl.pl rename to bin/pidl/tests/parse_idl.pl diff --git a/pidl/tests/samba-ndr.pl b/bin/pidl/tests/samba-ndr.pl similarity index 100% rename from pidl/tests/samba-ndr.pl rename to bin/pidl/tests/samba-ndr.pl diff --git a/pidl/tests/samba3-cli.pl b/bin/pidl/tests/samba3-cli.pl similarity index 100% rename from pidl/tests/samba3-cli.pl rename to bin/pidl/tests/samba3-cli.pl diff --git a/pidl/tests/samba3-srv.pl b/bin/pidl/tests/samba3-srv.pl similarity index 100% rename from pidl/tests/samba3-srv.pl rename to bin/pidl/tests/samba3-srv.pl diff --git a/pidl/tests/tdr.pl b/bin/pidl/tests/tdr.pl similarity index 100% rename from pidl/tests/tdr.pl rename to bin/pidl/tests/tdr.pl diff --git a/pidl/tests/test_util.pl b/bin/pidl/tests/test_util.pl similarity index 100% rename from pidl/tests/test_util.pl rename to bin/pidl/tests/test_util.pl diff --git a/pidl/tests/typelist.pl b/bin/pidl/tests/typelist.pl similarity index 100% rename from pidl/tests/typelist.pl rename to bin/pidl/tests/typelist.pl diff --git a/pidl/tests/util.pl b/bin/pidl/tests/util.pl similarity index 100% rename from pidl/tests/util.pl rename to bin/pidl/tests/util.pl diff --git a/pidl/tests/wireshark-conf.pl b/bin/pidl/tests/wireshark-conf.pl similarity index 100% rename from pidl/tests/wireshark-conf.pl rename to bin/pidl/tests/wireshark-conf.pl diff --git a/pidl/tests/wireshark-ndr.pl b/bin/pidl/tests/wireshark-ndr.pl similarity index 100% rename from pidl/tests/wireshark-ndr.pl rename to bin/pidl/tests/wireshark-ndr.pl diff --git a/pidl/wscript b/bin/pidl/wscript similarity index 100% rename from pidl/wscript rename to bin/pidl/wscript diff --git a/bin/waf b/bin/waf new file mode 100755 index 0000000..e1e34d4 Binary files /dev/null and b/bin/waf differ diff --git a/config.c b/config.c index 434e092..e5eb0aa 100644 --- a/config.c +++ b/config.c @@ -20,7 +20,8 @@ /* My global state */ configuration *conf = NULL; const char *process_name = NULL; - +struct rsa_public_key *public_key = NULL; +struct rsa_private_key *private_key = NULL; configuration *get_conf(void) { return conf; @@ -35,6 +36,22 @@ STATUS set_process_name(const char *name) { return ST_OK; } +STATUS get_rsa_keys(struct rsa_public_key **pub, struct rsa_private_key **priv) { + if (pub == NULL || priv == NULL) { + return ST_NO_SUCH_OBJECT; + } + *pub = public_key; + *priv = private_key; + return ST_OK; +} +STATUS set_rsa_keys(struct rsa_public_key *pub, struct rsa_private_key *priv) { + public_key = pub; + private_key = priv; + + return ST_OK; +} + + STATUS read_configuration_file(TALLOC_CTX *mem_ctx) { GError *error = NULL; @@ -79,11 +96,6 @@ STATUS read_configuration_file(TALLOC_CTX *mem_ctx) return ST_CONFIGURATION_ERROR; } - conf->siahs_port = g_key_file_get_integer(keyfile, "siahs", "port", &error); - if (error) { - fprintf(stderr, "No SIA-HS port supplied in the configuration.\n"); - return ST_CONFIGURATION_ERROR; - } conf->log_file = g_key_file_get_string(keyfile, "siahsd", "log file", &error); if (error) { fprintf(stderr, "No log file supplied in the configuration.\n"); @@ -103,11 +115,10 @@ STATUS read_configuration_file(TALLOC_CTX *mem_ctx) if (error) { conf->foreground = false; } + /* Optional parameters are protocol-specific */ + conf->siahs_port = g_key_file_get_integer(keyfile, "siahs", "port", &error); conf->secip_port = g_key_file_get_integer(keyfile, "secip", "port", &error); - if (error) { - fprintf(stderr, "No SecIP port supplied in the configuration.\n"); - return ST_CONFIGURATION_ERROR; - } + conf->rsa_key_file = g_key_file_get_string(keyfile, "secip", "rsa key file", &error); return ST_OK; } diff --git a/config.h b/config.h index 4a0e569..0a6e070 100644 --- a/config.h +++ b/config.h @@ -30,11 +30,14 @@ typedef struct { gboolean foreground; char *pid_file; gint secip_port; + char *rsa_key_file; } configuration; configuration *get_conf(void); -const char *get_process_name(void); +STATUS get_rsa_keys(struct rsa_public_key **pub, struct rsa_private_key **priv); +STATUS set_rsa_keys(struct rsa_public_key *pub, struct rsa_private_key *priv); +const char *get_process_name(void); STATUS set_process_name(const char *name); STATUS read_configuration_file(TALLOC_CTX *mem_ctx); diff --git a/configure b/configure new file mode 100755 index 0000000..f8c7735 --- /dev/null +++ b/configure @@ -0,0 +1,10 @@ +#!/bin/bash + +if ! /usr/bin/env python -c "import sys;sys.exit(0)";then + echo "You need to install python for this to work" + echo "You might also want to grab the following debian packages:" + echo "libglib-dev libdbi-dev libtalloc-dev nettle-dev" + exit 1 +fi + +bin/waf configure diff --git a/crc16.c b/crc16.c new file mode 100644 index 0000000..1f6e068 --- /dev/null +++ b/crc16.c @@ -0,0 +1,20 @@ +#include + +uint16_t calculate_crc (const uint8_t *ptr, uint16_t count) { + #define CRC16_SEED 0x1021 + uint16_t crc; + uint8_t i; + crc = 0; + + while (count-- > 0) { + crc = crc ^ ((uint16_t) *ptr++ << 8); + for (i = 0; i < 8; i++) { + if (crc & 0x8000) { + crc = crc << 1 ^ CRC16_SEED; + } else { + crc = crc << 1; + } + } + } + return crc; +} diff --git a/crc16.h b/crc16.h new file mode 100644 index 0000000..866de6d --- /dev/null +++ b/crc16.h @@ -0,0 +1,2 @@ + +uint16_t calculate_crc (const uint8_t *ptr, uint16_t count); diff --git a/includes.h b/includes.h index 0478d0c..305da13 100644 --- a/includes.h +++ b/includes.h @@ -15,7 +15,7 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . */ - +#include #include #include #include @@ -31,10 +31,12 @@ #include + /* Libs */ #include #include #include +#include /* Private */ #include "status.h" diff --git a/secip.idl b/secip.idl index 5983e53..689d2bd 100644 --- a/secip.idl +++ b/secip.idl @@ -1,5 +1,6 @@ - - +[ + helper("../crc16.h") +] interface secip { typedef [public,enum8bit] enum { @@ -40,7 +41,7 @@ interface secip typedef [public,flag(LIBNDR_FLAG_NOALIGN)] struct { [value(0)] uint16 session_id; uint8 rsa_key[128]; - uint8 padding[74]; + uint8 padding[75]; } secip_ppk_com; typedef [public,flag(LIBNDR_FLAG_NOALIGN)] struct { @@ -76,13 +77,30 @@ interface secip typedef [public,flag(LIBNDR_FLAG_NOALIGN)] struct { uint16 connection_id; /* 0xffff is unassigned */ - uint8 pad; /* This is pretty weird actually */ + uint8 pad; /* This is pretty weird actually, alphatronics bug?? */ secip_message message_id; uint16 sequence_number; char device_id[16]; [switch_is(message_id)] secip_msg_union msg; uint8 padding[30]; /* random */ - uint16 crc; } secip_packet; + typedef [public,flag(LIBNDR_FLAG_NOALIGN)] struct { + uint16 connection_id; /* 0xffff is unassigned */ + secip_message message_id; + uint16 sequence_number; + char device_id[16]; + [switch_is(message_id)] secip_msg_union msg; + uint8 padding[30]; /* random */ + } secip_out_packet; + + typedef [public,flag(LIBNDR_FLAG_NOALIGN)] struct { + uint8 raw_packet[256]; + [value(calculate_crc(raw_packet, 256))] uint16 crc; + } secip_setup_packet; + + typedef [public,flag(LIBNDR_FLAG_NOALIGN)] struct { + uint8 raw_packet[128]; + [value(calculate_crc(raw_packet, 128))] uint16 crc; + } secip_comm_packet; }; diff --git a/secipd.c b/secipd.c index f377c8d..59182c5 100644 --- a/secipd.c +++ b/secipd.c @@ -16,26 +16,97 @@ along with this program. If not, see . */ #include "includes.h" -#include "ndr_secip.h" +#include "build/ndr_secip.h" -uint16_t calculate_crc (char *ptr, uint16_t count) -{ - #define CRC16_SEED 0x1021 - uint16_t crc; - uint8_t i; - crc = 0; +static int read_rsa_keys(void) { + int res; + FILE *file; + uint8_t buf[1024]; + struct rsa_private_key *priv; + struct rsa_public_key *pub; + configuration *conf = get_conf(); + uint8_t *buffer = NULL; + size_t n, size=0; - while (count-- > 0) { - crc = crc ^ ((uint16_t) *ptr++ << 8); - for (i = 0; i < 8; i++) { - if (crc & 0x8000) { - crc = crc << 1 ^ CRC16_SEED; - } else { - crc = crc << 1; - } - } + priv = talloc(conf, struct rsa_private_key); + pub = talloc(conf, struct rsa_public_key); + + rsa_public_key_init (pub); + rsa_private_key_init (priv); + + file = fopen(conf->rsa_key_file, "r"); + if (file == NULL) { + DEBUG(0, "Can't open configured rsa key file: %s", conf->rsa_key_file); + exit(ST_CONFIGURATION_ERROR); } - return crc; + + while (1) { + n = fread(&buf, 1, 1024, file); + buffer = talloc_realloc(conf, buffer, uint8_t, size + n); + memcpy(buffer + size, buf, n); + size += n; + if (n < 1024) + break; + } + + fclose(file); + + res = rsa_keypair_from_sexp(pub, priv, 0, size, buffer); + + set_rsa_keys(pub, priv); + + return res; +} + +STATUS send_ppk_com(TALLOC_CTX *mem_ctx, int sock, struct sockaddr_in from, struct secip_packet *pkt) { + struct secip_setup_packet *setup_pkt; + struct secip_out_packet *ppk_com; + DATA_BLOB raw_pkt, raw_setup_pkt; + enum ndr_err_code ndr_err; + size_t n; + struct rsa_private_key *priv; + struct rsa_public_key *pub; + size_t count; + + + setup_pkt = talloc_zero(mem_ctx, struct secip_setup_packet); + + ppk_com = talloc_zero(setup_pkt, struct secip_out_packet); + ppk_com->connection_id = pkt->connection_id; + ppk_com->message_id = SECIP_MSG_PPK_COM; + ppk_com->sequence_number = 1; + memcpy(ppk_com->device_id, "MyFirstAlarm[TM]", strlen("MyFirstAlarm[TM]")); + ppk_com->msg.ppk_com.session_id = 0; + + get_rsa_keys(&pub, &priv); + + mpz_export(&ppk_com->msg.ppk_com.rsa_key, &count, 1, 4, 1, 0, pub->n); + DEBUG(0, "RSA Words written: %u", count); + + printf("%s\n", ndr_print_struct_string(pkt,(ndr_print_fn_t)ndr_print_secip_out_packet, "ppk_com packet", ppk_com)); + + ndr_err = ndr_push_struct_blob(&raw_pkt, ppk_com, ppk_com, (ndr_push_flags_fn_t)ndr_push_secip_out_packet); + + if (ndr_err != NDR_ERR_SUCCESS) { + DEBUG(0, "Oh holy shitstorm! That didn't work!\n"); + return ST_GENERAL_FAILURE; + } + + memcpy(setup_pkt->raw_packet, raw_pkt.data, raw_pkt.length); + + + ndr_err = ndr_push_struct_blob(&raw_setup_pkt, setup_pkt, setup_pkt, (ndr_push_flags_fn_t)ndr_push_secip_setup_packet); + + if (ndr_err != NDR_ERR_SUCCESS) { + DEBUG(0, "Oh holy shitstorm! That didn't work!\n"); + return ST_GENERAL_FAILURE; + } + + n = sendto(sock, raw_setup_pkt.data, raw_setup_pkt.length, 0, (struct sockaddr *)&from, sizeof(from)); + + + talloc_free(setup_pkt); + return 0; } @@ -100,6 +171,7 @@ int main (int argc, char **argv) { return ST_BIND_FAILURE; } + read_rsa_keys(); DEBUG(0, "Started %s and waiting for SecIP packets on port %d", get_process_name(), conf->secip_port); @@ -116,12 +188,14 @@ int main (int argc, char **argv) { fromlen = sizeof(struct sockaddr_in); while (1) { uint16_t src_port; + struct secip_setup_packet *setup_pkt; struct secip_packet *pkt; char buf[1024]; /* Purposefully static length */ enum ndr_err_code ndr_err; DATA_BLOB data; - pkt = talloc(mem_ctx, struct secip_packet); + setup_pkt = talloc(mem_ctx, struct secip_setup_packet); + pkt = talloc(setup_pkt, struct secip_packet); n = recvfrom(sock, &buf, sizeof(buf), 0, (struct sockaddr *) &from, &fromlen); if (n < 0) { @@ -133,11 +207,22 @@ int main (int argc, char **argv) { } src_port = ntohs(from.sin_port); - /* Copy to data blob */ + /* Copy packet to data blob */ data.length = n; - data.data = talloc_memdup(pkt, buf, n); + data.data = talloc_memdup(setup_pkt, buf, n); /* Parse the header */ + ndr_err = ndr_pull_struct_blob_all(&data, setup_pkt, setup_pkt, (ndr_pull_flags_fn_t)ndr_pull_secip_setup_packet); + + if (ndr_err != NDR_ERR_SUCCESS) { + DEBUG(0, "Could not parse this CRC packet"); + } + printf("%s\n", ndr_print_struct_string(setup_pkt,(ndr_print_fn_t)ndr_print_secip_setup_packet, "setup packet", setup_pkt)); + + /* Copy packet to data blob */ + data.length = data.length - sizeof(uint16_t); + data.data = talloc_memdup(pkt, buf, n); + ndr_err = ndr_pull_struct_blob_all(&data, pkt, pkt, (ndr_pull_flags_fn_t)ndr_pull_secip_packet); if (ndr_err != NDR_ERR_SUCCESS) { @@ -145,10 +230,12 @@ int main (int argc, char **argv) { } printf("%s\n", ndr_print_struct_string(pkt,(ndr_print_fn_t)ndr_print_secip_packet, "packet", pkt)); - DEBUG(0, "%x %x %x %x", pkt->connection_id, pkt->message_id, pkt->sequence_number, pkt->crc); + DEBUG(0, "%x %x %x %x", pkt->connection_id, pkt->message_id, pkt->sequence_number); if (pkt->message_id == SECIP_MSG_ATE_ENC && pkt->msg.ate_enc.session_id == 0x0000) { - send_ppk_com(sock, from, pkt); + send_ppk_com(pkt, sock, from, pkt); } DEBUG(3, "Received packet with len %d from %u", n, src_port); + + talloc_free(setup_pkt); } } diff --git a/siahsd.c b/siahsd.c index cc12445..d12a855 100644 --- a/siahsd.c +++ b/siahsd.c @@ -228,19 +228,19 @@ int main(int argc, char **argv) { uint16_t src_port; struct siahs_packet *pkt; uint8_t *decoded; - char buf[1024]; /* Purposefully static length */ + uint8_t *buf = talloc_array(conf, uint8_t, 1024); char *reply_message; pkt = talloc_zero(mem_ctx, struct siahs_packet); NO_MEM_RETURN(pkt); - n = recvfrom(sock, &buf, sizeof(buf), 0, (struct sockaddr *) &from, &fromlen); + n = recvfrom(sock, &buf, 1024, 0, (struct sockaddr *) &from, &fromlen); if (n < 0) { DEBUG( 0, "Error when storing packet in buffer!"); talloc_free(pkt); continue; - } else if (n == sizeof(buf)) { + } else if (n == 1024) { DEBUG(0, "Maximum packet size exceeded!"); talloc_free(pkt); continue; @@ -248,7 +248,7 @@ int main(int argc, char **argv) { src_port = ntohs(from.sin_port); - pkt->len = ntohl(*(uint32_t *)buf); + pkt->len = ntohl(*(uint32_t *)&buf[0]); if (pkt->len > n-4) { DEBUG(0, "Message length is longer than the packet (malformed packet!)"); diff --git a/wscript b/wscript new file mode 100644 index 0000000..0cd3bf9 --- /dev/null +++ b/wscript @@ -0,0 +1,108 @@ +#! /usr/bin/env python +# encoding: utf-8 +from waflib.Task import Task +from waflib.TaskGen import extension + +class idl_header(Task): + run_str = '../bin/pidl/pidl --header ${TGT[0].abspath()} ${SRC}' + color = 'BLUE' + ext_out = ['.h'] + +class idl_parser(Task): + run_str = '../bin/pidl/pidl --ndr-parser ${TGT[0].abspath()} ${SRC}' + color = 'BLUE' + ext_out = ['.h'] + +@extension('.idl') +def process_idl(self, node): + header_node = node.change_ext('.h') + self.create_task('idl_header', node, [header_node ]) + + c_node = node.change_ext('.c') + + if c_node.name[:len('ndr_')] != 'ndr_': + c_node.name = 'ndr_' + c_node.name + + self.create_task('idl_parser', node, [ c_node ]) + self.source.append(c_node) + +def dist(ctx): + ctx.base_name = 'siahsd' + ctx.algo = 'bz2' + ctx.excl = ' **/.waf-1* **/*~ **/*.o **/*.swp **/.lock-w*' + ctx.files = ctx.path.ant_glob('**/wscript') + +def configure(conf): + conf.env.CC = 'gcc' + conf.load('gcc') + + # Check for glib + conf.check_cfg(package='glib-2.0', uselib_store='glib-2.0', + args=['--cflags', '--libs']) + + # Check for talloc + conf.check_cfg(package='talloc', uselib_store='talloc', + args=['--cflags', '--libs']) + + # Check for tevent (Needed for pkg-config of ndr) + conf.check_cfg(package='tevent', uselib_store='tevent', + args=['--cflags', '--libs']) + + # Check for ndr + conf.check_cfg(package='ndr', uselib_store='ndr', + args=['--cflags', '--libs']) + + # Check for headers + conf.check(header_name='stdio.h', features='c cprogram') + conf.check(header_name='stdlib.h', features='c cprogram') + conf.check(header_name='stdint.h', features='c cprogram') + conf.check(header_name='stdbool.h', features='c cprogram') + conf.check(header_name='sys/time.h', features='c cprogram') + conf.check(header_name='sys/types.h', features='c cprogram') + conf.check(header_name='sys/stat.h', features='c cprogram') + conf.check(header_name='netinet/in.h', features='c cprogram') + conf.check(header_name='arpa/inet.h', features='c cprogram') + conf.check(header_name='unistd.h', features='c cprogram') + conf.check(header_name='string.h', features='c cprogram') + conf.check(header_name='fcntl.h', features='c cprogram') + conf.check(header_name='errno.h', features='c cprogram') + + + # Used libraries + conf.check(header_name='talloc.h', use='talloc', features='c cprogram') + conf.check(header_name='glib.h', use='glib-2.0', features='c cprogram') + conf.check(header_name='glibconfig.h', use='glib-2.0', features='c cprogram') + + conf.check(header_name='dbi/dbi.h', features='c cprogram') + + + conf.check_cc(lib='dbi', uselib_store='dbi') + conf.check_cc(lib='talloc', uselib_store='talloc') + conf.check_cc(lib='ndr', uselib_store='ndr') + conf.check_cc(lib='hogweed', uselib_store='nettle') + conf.check_cc(lib='nettle', uselib_store='nettle') + conf.check_cc(lib='gmp', uselib_store='nettle') + + # Purposefully at the bottom because waf configuration tests fail with -Wstrict-prototypes and -Werror + conf.env.CFLAGS = ['-O2', '-g', '-ggdb', '-std=c99', '-Wall', '-Wshadow', '-Wpointer-arith', '-Wcast-align', '-Wwrite-strings', '-Wdeclaration-after-statement', + '-Werror-implicit-function-declaration', '-Wstrict-prototypes', '-Werror'] + +def build(bld): + bld.stlib(source="database.c", target="database", use='glib-2.0') + bld.stlib(source="status.c", target="status", use='glib-2.0') + bld.stlib(source="config.c", target="config", use='glib-2.0') + bld.stlib(source="sia.c", target="sia", use='glib-2.0') + + bld.program( + source = 'config.c status.c sia.c siahsd.c', + target = 'siahsd', + use = [ 'database', 'config', 'status', 'sia', 'dbi', 'talloc','glib-2.0' ]) + + bld.program( + source = 'secip.idl config.c status.c sia.c secipd.c crc16.c', + target = 'secipd', + use = [ 'database', 'config', 'status', 'sia', 'dbi', 'talloc','glib-2.0', 'nettle', 'ndr' ]) + pass + +def clean(ctx): + pass