OpenWrt XBurst

OpenWrt XBurst Git Source Tree

Root/package/ead/src/ead.c

1	/*
2	* Emergency Access Daemon
3	* Copyright (C) 2008 Felix Fietkau <nbd@openwrt.org>
4	*
5	* This program is free software; you can redistribute it and/or modify
6	* it under the terms of the GNU General Public License version 2
7	* as published by the Free Software Foundation
8	*
9	* This program is distributed in the hope that it will be useful,
10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12	* GNU General Public License for more details.
13	*/
14
15	#include <sys/types.h>
16	#include <sys/time.h>
17	#include <sys/select.h>
18	#include <stdio.h>
19	#include <stddef.h>
20	#include <stdlib.h>
21	#include <string.h>
22	#include <unistd.h>
23	#include <stdbool.h>
24	#include <fcntl.h>
25	#include <signal.h>
26	#include <pcap.h>
27	#include <pcap-bpf.h>
28	#include <t_pwd.h>
29	#include <t_read.h>
30	#include <t_sha.h>
31	#include <t_defines.h>
32	#include <t_server.h>
33
34	#include "list.h"
35	#include "ead.h"
36	#include "ead-pcap.h"
37	#include "ead-crypt.h"
38
39	#include "filter.c"
40
41	#ifdef linux
42	#include "libbridge_init.c"
43	#endif
44
45	#ifdef linux
46	#include <linux/if_packet.h>
47	#endif
48
49	#define PASSWD_FILE "/etc/passwd"
50
51	#ifndef DEFAULT_IFNAME
52	#define DEFAULT_IFNAME "eth0"
53	#endif
54
55	#ifndef DEFAULT_DEVNAME
56	#define DEFAULT_DEVNAME "Unknown"
57	#endif
58
59	#define PCAP_MRU 1600
60	#define PCAP_TIMEOUT 200
61
62	#if EAD_DEBUGLEVEL >= 1
63	#define DEBUG(n, format, ...) do { \
64	if (EAD_DEBUGLEVEL >= n) \
65	fprintf(stderr, format, ##__VA_ARGS__); \
66	} while (0);
67
68	#else
69	#define DEBUG(n, format, ...) do {} while(0)
70	#endif
71
72	struct ead_instance {
73	struct list_head list;
74	char ifname[16];
75	int pid;
76	char id;
77	#ifdef linux
78	char bridge[16];
79	bool br_check;
80	#endif
81	};
82
83	static char ethmac[6] = "\x00\x13\x37\x00\x00\x00"; /* last 3 bytes will be randomized */
84	static pcap_t *pcap_fp = NULL;
85	static pcap_t *pcap_fp_rx = NULL;
86	static char pktbuf_b[PCAP_MRU];
87	static struct ead_packet pktbuf = (struct ead_packet )pktbuf_b;
88	static u16_t nid = 0xffff; /* node id */
89	static char username[32] = "";
90	static int state = EAD_TYPE_SET_USERNAME;
91	static const char *passwd_file = PASSWD_FILE;
92	static const char password[MAXPARAMLEN];
93	static bool child_pending = false;
94
95	static unsigned char abuf[MAXPARAMLEN + 1];
96	static unsigned char pwbuf[MAXPARAMLEN];
97	static unsigned char saltbuf[MAXSALTLEN];
98	static unsigned char pw_saltbuf[MAXSALTLEN];
99	static struct list_head instances;
100	static const char *dev_name = DEFAULT_DEVNAME;
101	static bool nonfork = false;
102	static struct ead_instance *instance = NULL;
103
104	static struct t_pwent tpe = {
105	.name = username,
106	.index = 1,
107	.password.data = pwbuf,
108	.password.len = 0,
109	.salt.data = saltbuf,
110	.salt.len = 0,
111	};
112	struct t_confent *tce = NULL;
113	static struct t_server *ts = NULL;
114	static struct t_num A, *B = NULL;
115	unsigned char *skey;
116
117	static void
118	set_recv_type(pcap_t *p, bool rx)
119	{
120	#ifdef PACKET_RECV_TYPE
121	struct sockaddr_ll sll;
122	struct ifreq ifr;
123	int ifindex, mask;
124	int fd, ret;
125
126	fd = pcap_get_selectable_fd(p);
127	if (fd < 0)
128	return;
129
130	if (rx)
131	mask = 1 << PACKET_BROADCAST;
132	else
133	mask = 0;
134
135	ret = setsockopt(fd, SOL_PACKET, PACKET_RECV_TYPE, &mask, sizeof(mask));
136	#endif
137	}
138
139
140	static pcap_t *
141	ead_open_pcap(const char ifname, char errbuf, bool rx)
142	{
143	pcap_t *p;
144
145	p = pcap_create(ifname, errbuf);
146	if (p == NULL)
147	goto out;
148
149	pcap_set_snaplen(p, PCAP_MRU);
150	pcap_set_promisc(p, rx);
151	pcap_set_timeout(p, PCAP_TIMEOUT);
152	#ifdef HAS_PROTO_EXTENSION
153	pcap_set_protocol(p, (rx ? htons(ETH_P_IP) : 0));
154	#endif
155	pcap_set_buffer_size(p, (rx ? 10 : 1) * PCAP_MRU);
156	pcap_activate(p);
157	set_recv_type(p, rx);
158	out:
159	return p;
160	}
161
162	static void
163	get_random_bytes(void *ptr, int len)
164	{
165	int fd;
166
167	fd = open("/dev/urandom", O_RDONLY);
168	if (fd < 0) {
169	perror("open");
170	exit(1);
171	}
172	read(fd, ptr, len);
173	close(fd);
174	}
175
176	static bool
177	prepare_password(void)
178	{
179	static char lbuf[1024];
180	unsigned char dig[SHA_DIGESTSIZE];
181	BigInteger x, v, n, g;
182	SHA1_CTX ctxt;
183	int ulen = strlen(username);
184	FILE *f;
185
186	lbuf[sizeof(lbuf) - 1] = 0;
187
188	f = fopen(passwd_file, "r");
189	if (!f)
190	return false;
191
192	while (fgets(lbuf, sizeof(lbuf) - 1, f) != NULL) {
193	char str, s2;
194
195	if (strncmp(lbuf, username, ulen) != 0)
196	continue;
197
198	if (lbuf[ulen] != ':')
199	continue;
200
201	str = &lbuf[ulen + 1];
202
203	if (strncmp(str, "$1$", 3) != 0)
204	continue;
205
206	s2 = strchr(str + 3, '$');
207	if (!s2)
208	continue;
209
210	if (s2 - str >= MAXSALTLEN)
211	continue;
212
213	strncpy((char *) pw_saltbuf, str, s2 - str);
214	pw_saltbuf[s2 - str] = 0;
215
216	s2 = strchr(s2, ':');
217	if (!s2)
218	continue;
219
220	*s2 = 0;
221	if (s2 - str >= MAXPARAMLEN)
222	continue;
223
224	strncpy((char *)password, str, MAXPARAMLEN);
225	fclose(f);
226	goto hash_password;
227	}
228
229	/* not found */
230	fclose(f);
231	return false;
232
233	hash_password:
234	tce = gettcid(tpe.index);
235	do {
236	t_random(tpe.password.data, SALTLEN);
237	} while (memcmp(saltbuf, (char *)dig, sizeof(saltbuf)) == 0);
238	if (saltbuf[0] == 0)
239	saltbuf[0] = 0xff;
240
241	n = BigIntegerFromBytes(tce->modulus.data, tce->modulus.len);
242	g = BigIntegerFromBytes(tce->generator.data, tce->generator.len);
243	v = BigIntegerFromInt(0);
244
245	SHA1Init(&ctxt);
246	SHA1Update(&ctxt, (unsigned char *) username, strlen(username));
247	SHA1Update(&ctxt, (unsigned char *) ":", 1);
248	SHA1Update(&ctxt, (unsigned char *) password, strlen(password));
249	SHA1Final(dig, &ctxt);
250
251	SHA1Init(&ctxt);
252	SHA1Update(&ctxt, saltbuf, tpe.salt.len);
253	SHA1Update(&ctxt, dig, sizeof(dig));
254	SHA1Final(dig, &ctxt);
255
256	/* x = H(s, H(u, ':', p)) */
257	x = BigIntegerFromBytes(dig, sizeof(dig));
258
259	BigIntegerModExp(v, g, x, n);
260	tpe.password.len = BigIntegerToBytes(v, (unsigned char *)pwbuf);
261
262	BigIntegerFree(v);
263	BigIntegerFree(x);
264	BigIntegerFree(g);
265	BigIntegerFree(n);
266	return true;
267	}
268
269	static u16_t
270	chksum(u16_t sum, const u8_t *data, u16_t len)
271	{
272	u16_t t;
273	const u8_t *dataptr;
274	const u8_t *last_byte;
275
276	dataptr = data;
277	last_byte = data + len - 1;
278
279	while(dataptr < last_byte) { /* At least two more bytes */
280	t = (dataptr[0] << 8) + dataptr[1];
281	sum += t;
282	if(sum < t) {
283	sum++; /* carry */
284	}
285	dataptr += 2;
286	}
287
288	if(dataptr == last_byte) {
289	t = (dataptr[0] << 8) + 0;
290	sum += t;
291	if(sum < t) {
292	sum++; /* carry */
293	}
294	}
295
296	/* Return sum in host byte order. */
297	return sum;
298	}
299
300	static void
301	ead_send_packet_clone(struct ead_packet *pkt)
302	{
303	u16_t len, sum;
304
305	memcpy(pktbuf, pkt, offsetof(struct ead_packet, msg));
306	memcpy(pktbuf->eh.ether_shost, ethmac, 6);
307	memcpy(pktbuf->eh.ether_dhost, pkt->eh.ether_shost, 6);
308
309	/* ip header */
310	len = sizeof(struct ead_packet) - sizeof(struct ether_header) + ntohl(pktbuf->msg.len);
311	pktbuf->len[0] = len >> 8;
312	pktbuf->len[1] = len & 0xff;
313	memcpy(pktbuf->srcipaddr, &pkt->msg.ip, 4);
314	memcpy(pktbuf->destipaddr, pkt->srcipaddr, 4);
315
316	/* ip checksum */
317	pktbuf->ipchksum = 0;
318	sum = chksum(0, (void *) &pktbuf->vhl, UIP_IPH_LEN);
319	if (sum == 0)
320	sum = 0xffff;
321	pktbuf->ipchksum = htons(~sum);
322
323	/* udp header */
324	pktbuf->srcport = pkt->destport;
325	pktbuf->destport = pkt->srcport;
326
327	/* udp checksum */
328	len -= UIP_IPH_LEN;
329	pktbuf->udplen = htons(len);
330	pktbuf->udpchksum = 0;
331	sum = len + UIP_PROTO_UDP;
332	sum = chksum(sum, (void ) &pktbuf->srcipaddr[0], 8); / src, dest ip */
333	sum = chksum(sum, (void *) &pktbuf->srcport, len);
334	if (sum == 0)
335	sum = 0xffff;
336	pktbuf->udpchksum = htons(~sum);
337	pcap_sendpacket(pcap_fp, (void *) pktbuf, sizeof(struct ead_packet) + ntohl(pktbuf->msg.len));
338	}
339
340	static void
341	set_state(int nstate)
342	{
343	if (state == nstate)
344	return;
345
346	if (nstate < state) {
347	if ((nstate < EAD_TYPE_GET_PRIME) &&
348	(state >= EAD_TYPE_GET_PRIME)) {
349	t_serverclose(ts);
350	ts = NULL;
351	}
352	goto done;
353	}
354
355	switch(state) {
356	case EAD_TYPE_SET_USERNAME:
357	if (!prepare_password())
358	goto error;
359	ts = t_serveropenraw(&tpe, tce);
360	if (!ts)
361	goto error;
362	break;
363	case EAD_TYPE_GET_PRIME:
364	B = t_servergenexp(ts);
365	break;
366	case EAD_TYPE_SEND_A:
367	skey = t_servergetkey(ts, &A);
368	if (!skey)
369	goto error;
370
371	ead_set_key(skey);
372	break;
373	}
374	done:
375	state = nstate;
376	error:
377	return;
378	}
379
380	static bool
381	handle_ping(struct ead_packet pkt, int len, int nstate)
382	{
383	struct ead_msg *msg = &pktbuf->msg;
384	struct ead_msg_pong *pong = EAD_DATA(msg, pong);
385	int slen;
386
387	slen = strlen(dev_name);
388	if (slen > 1024)
389	slen = 1024;
390
391	msg->len = htonl(sizeof(struct ead_msg_pong) + slen);
392	strncpy(pong->name, dev_name, slen);
393	pong->name[slen] = 0;
394	pong->auth_type = htons(EAD_AUTH_MD5);
395
396	return true;
397	}
398
399	static bool
400	handle_set_username(struct ead_packet pkt, int len, int nstate)
401	{
402	struct ead_msg *msg = &pkt->msg;
403	struct ead_msg_user *user = EAD_DATA(msg, user);
404
405	set_state(EAD_TYPE_SET_USERNAME); /* clear old state */
406	strncpy(username, user->username, sizeof(username));
407	username[sizeof(username) - 1] = 0;
408
409	msg = &pktbuf->msg;
410	msg->len = 0;
411
412	*nstate = EAD_TYPE_GET_PRIME;
413	return true;
414	}
415
416	static bool
417	handle_get_prime(struct ead_packet pkt, int len, int nstate)
418	{
419	struct ead_msg *msg = &pktbuf->msg;
420	struct ead_msg_salt *salt = EAD_DATA(msg, salt);
421
422	msg->len = htonl(sizeof(struct ead_msg_salt));
423	salt->prime = tce->index - 1;
424	salt->len = ts->s.len;
425	memcpy(salt->salt, ts->s.data, ts->s.len);
426	memcpy(salt->ext_salt, pw_saltbuf, MAXSALTLEN);
427
428	*nstate = EAD_TYPE_SEND_A;
429	return true;
430	}
431
432	static bool
433	handle_send_a(struct ead_packet pkt, int len, int nstate)
434	{
435	struct ead_msg *msg = &pkt->msg;
436	struct ead_msg_number *number = EAD_DATA(msg, number);
437	len = ntohl(msg->len) - sizeof(struct ead_msg_number);
438
439	if (len > MAXPARAMLEN + 1)
440	return false;
441
442	A.len = len;
443	A.data = abuf;
444	memcpy(A.data, number->data, len);
445
446	msg = &pktbuf->msg;
447	number = EAD_DATA(msg, number);
448	msg->len = htonl(sizeof(struct ead_msg_number) + B->len);
449	memcpy(number->data, B->data, B->len);
450
451	*nstate = EAD_TYPE_SEND_AUTH;
452	return true;
453	}
454
455	static bool
456	handle_send_auth(struct ead_packet pkt, int len, int nstate)
457	{
458	struct ead_msg *msg = &pkt->msg;
459	struct ead_msg_auth *auth = EAD_DATA(msg, auth);
460
461	if (t_serververify(ts, auth->data) != 0) {
462	DEBUG(2, "Client authentication failed\n");
463	*nstate = EAD_TYPE_SET_USERNAME;
464	return false;
465	}
466
467	msg = &pktbuf->msg;
468	auth = EAD_DATA(msg, auth);
469	msg->len = htonl(sizeof(struct ead_msg_auth));
470
471	DEBUG(2, "Client authentication successful\n");
472	memcpy(auth->data, t_serverresponse(ts), sizeof(auth->data));
473
474	*nstate = EAD_TYPE_SEND_CMD;
475	return true;
476	}
477
478	static bool
479	handle_send_cmd(struct ead_packet pkt, int len, int nstate)
480	{
481	struct ead_msg *msg = &pkt->msg;
482	struct ead_msg_cmd *cmd = EAD_ENC_DATA(msg, cmd);
483	struct ead_msg_cmd_data *cmddata;
484	struct timeval tv, to, tn;
485	int pfd[2], fd;
486	fd_set fds;
487	pid_t pid;
488	bool stream = false;
489	int timeout;
490	int type;
491	int datalen;
492
493	datalen = ead_decrypt_message(msg) - sizeof(struct ead_msg_cmd);
494	if (datalen <= 0)
495	return false;
496
497	type = ntohs(cmd->type);
498	timeout = ntohs(cmd->timeout);
499
500	FD_ZERO(&fds);
501	cmd->data[datalen] = 0;
502	switch(type) {
503	case EAD_CMD_NORMAL:
504	if (pipe(pfd) < 0)
505	return false;
506
507	fcntl(pfd[0], F_SETFL, O_NONBLOCK \| fcntl(pfd[0], F_GETFL));
508	child_pending = true;
509	pid = fork();
510	if (pid == 0) {
511	close(pfd[0]);
512	fd = open("/dev/null", O_RDWR);
513	if (fd > 0) {
514	dup2(fd, 0);
515	dup2(pfd[1], 1);
516	dup2(pfd[1], 2);
517	}
518	system((char *)cmd->data);
519	exit(0);
520	} else if (pid > 0) {
521	close(pfd[1]);
522	if (!timeout)
523	timeout = EAD_CMD_TIMEOUT;
524
525	stream = true;
526	break;
527	}
528	return false;
529	case EAD_CMD_BACKGROUND:
530	pid = fork();
531	if (pid == 0) {
532	/* close stdin, stdout, stderr, replace with fd to /dev/null */
533	fd = open("/dev/null", O_RDWR);
534	if (fd > 0) {
535	dup2(fd, 0);
536	dup2(fd, 1);
537	dup2(fd, 2);
538	}
539	system((char *)cmd->data);
540	exit(0);
541	} else if (pid > 0) {
542	break;
543	}
544	return false;
545	default:
546	return false;
547	}
548
549	msg = &pktbuf->msg;
550	cmddata = EAD_ENC_DATA(msg, cmd_data);
551
552	if (stream) {
553	int nfds, bytes;
554
555	/* send keepalive packets every 200 ms so that the client doesn't timeout */
556	gettimeofday(&to, NULL);
557	memcpy(&tn, &to, sizeof(tn));
558	tv.tv_usec = PCAP_TIMEOUT * 1000;
559	tv.tv_sec = 0;
560	do {
561	cmddata->done = 0;
562	FD_SET(pfd[0], &fds);
563	nfds = select(pfd[0] + 1, &fds, NULL, NULL, &tv);
564	bytes = 0;
565	if (nfds > 0) {
566	bytes = read(pfd[0], cmddata->data, 1024);
567	if (bytes < 0)
568	bytes = 0;
569	}
570	if (!bytes && !child_pending)
571	break;
572	DEBUG(3, "Sending %d bytes of console data, type=%d, timeout=%d\n", bytes, ntohl(msg->type), timeout);
573	ead_encrypt_message(msg, sizeof(struct ead_msg_cmd_data) + bytes);
574	ead_send_packet_clone(pkt);
575	gettimeofday(&tn, NULL);
576	} while (tn.tv_sec < to.tv_sec + timeout);
577	if (child_pending) {
578	kill(pid, SIGKILL);
579	return false;
580	}
581	}
582	cmddata->done = 1;
583	ead_encrypt_message(msg, sizeof(struct ead_msg_cmd_data));
584
585	return true;
586	}
587
588
589
590	static void
591	parse_message(struct ead_packet *pkt, int len)
592	{
593	bool (handler)(struct ead_packet pkt, int len, int *nstate);
594	int min_len = sizeof(struct ead_packet);
595	int nstate = state;
596	int type = ntohl(pkt->msg.type);
597
598	if ((type >= EAD_TYPE_GET_PRIME) &&
599	(state != type))
600	return;
601
602	if ((type != EAD_TYPE_PING) &&
603	((ntohs(pkt->msg.sid) & EAD_INSTANCE_MASK) >>
604	EAD_INSTANCE_SHIFT) != instance->id)
605	return;
606
607	switch(type) {
608	case EAD_TYPE_PING:
609	handler = handle_ping;
610	break;
611	case EAD_TYPE_SET_USERNAME:
612	handler = handle_set_username;
613	min_len += sizeof(struct ead_msg_user);
614	break;
615	case EAD_TYPE_GET_PRIME:
616	handler = handle_get_prime;
617	break;
618	case EAD_TYPE_SEND_A:
619	handler = handle_send_a;
620	min_len += sizeof(struct ead_msg_number);
621	break;
622	case EAD_TYPE_SEND_AUTH:
623	handler = handle_send_auth;
624	min_len += sizeof(struct ead_msg_auth);
625	break;
626	case EAD_TYPE_SEND_CMD:
627	handler = handle_send_cmd;
628	min_len += sizeof(struct ead_msg_cmd) + sizeof(struct ead_msg_encrypted);
629	break;
630	default:
631	return;
632	}
633
634	if (len < min_len) {
635	DEBUG(2, "discarding packet: message too small\n");
636	return;
637	}
638
639	pktbuf->msg.magic = htonl(EAD_MAGIC);
640	pktbuf->msg.type = htonl(type + 1);
641	pktbuf->msg.nid = htons(nid);
642	pktbuf->msg.sid = pkt->msg.sid;
643	pktbuf->msg.len = 0;
644
645	if (handler(pkt, len, &nstate)) {
646	DEBUG(2, "sending response to packet type %d: %d\n", type + 1, ntohl(pktbuf->msg.len));
647	/* format response packet */
648	ead_send_packet_clone(pkt);
649	}
650	set_state(nstate);
651	}
652
653	static void
654	handle_packet(u_char user, const struct pcap_pkthdr h, const u_char *bytes)
655	{
656	struct ead_packet pkt = (struct ead_packet ) bytes;
657
658	if (h->len < sizeof(struct ead_packet))
659	return;
660
661	if (pkt->eh.ether_type != htons(ETHERTYPE_IP))
662	return;
663
664	if (memcmp(pkt->eh.ether_dhost, "\xff\xff\xff\xff\xff\xff", 6) != 0)
665	return;
666
667	if (pkt->proto != UIP_PROTO_UDP)
668	return;
669
670	if (pkt->destport != htons(EAD_PORT))
671	return;
672
673	if (pkt->msg.magic != htonl(EAD_MAGIC))
674	return;
675
676	if (h->len < sizeof(struct ead_packet) + ntohl(pkt->msg.len))
677	return;
678
679	if ((pkt->msg.nid != 0xffff) &&
680	(pkt->msg.nid != htons(nid)))
681	return;
682
683	parse_message(pkt, h->len);
684	}
685
686	static void
687	ead_pcap_reopen(bool first)
688	{
689	static char errbuf[PCAP_ERRBUF_SIZE] = "";
690
691	if (pcap_fp_rx && (pcap_fp_rx != pcap_fp))
692	pcap_close(pcap_fp_rx);
693
694	if (pcap_fp)
695	pcap_close(pcap_fp);
696
697	pcap_fp_rx = NULL;
698	do {
699	#ifdef linux
700	if (instance->bridge[0]) {
701	pcap_fp_rx = ead_open_pcap(instance->bridge, errbuf, 1);
702	pcap_fp = ead_open_pcap(instance->ifname, errbuf, 0);
703	} else
704	#endif
705	{
706	pcap_fp = ead_open_pcap(instance->ifname, errbuf, 1);
707	}
708
709	if (!pcap_fp_rx)
710	pcap_fp_rx = pcap_fp;
711	if (first && !pcap_fp) {
712	DEBUG(1, "WARNING: unable to open interface '%s'\n", instance->ifname);
713	first = false;
714	}
715	if (!pcap_fp)
716	sleep(1);
717	} while (!pcap_fp);
718	pcap_setfilter(pcap_fp_rx, &pktfilter);
719	}
720
721
722	static void
723	ead_pktloop(void)
724	{
725	while (1) {
726	if (pcap_dispatch(pcap_fp_rx, 1, handle_packet, NULL) < 0) {
727	ead_pcap_reopen(false);
728	continue;
729	}
730	}
731	}
732
733
734	static int
735	usage(const char *prog)
736	{
737	fprintf(stderr, "Usage: %s [<options>]\n"
738	"Options:\n"
739	"\t-B Run in background mode\n"
740	"\t-d <device> Set the device to listen on\n"
741	"\t-D <name> Set the name of the device visible to clients\n"
742	"\t-p <file> Set the password file for authenticating\n"
743	"\t-P <file> Write a pidfile\n"
744	"\n", prog);
745	return -1;
746	}
747
748	static void
749	server_handle_sigchld(int sig)
750	{
751	struct ead_instance *in;
752	struct list_head *p;
753	int pid = 0;
754	wait(&pid);
755
756	list_for_each(p, &instances) {
757	in = list_entry(p, struct ead_instance, list);
758	if (pid != in->pid)
759	continue;
760
761	in->pid = 0;
762	break;
763	}
764	}
765
766	static void
767	instance_handle_sigchld(int sig)
768	{
769	int pid = 0;
770	wait(&pid);
771	child_pending = false;
772	}
773
774	static void
775	start_server(struct ead_instance *i)
776	{
777	if (!nonfork) {
778	i->pid = fork();
779	if (i->pid != 0) {
780	if (i->pid < 0)
781	i->pid = 0;
782	return;
783	}
784	}
785
786	instance = i;
787	signal(SIGCHLD, instance_handle_sigchld);
788	ead_pcap_reopen(true);
789	ead_pktloop();
790	pcap_close(pcap_fp);
791	if (pcap_fp_rx != pcap_fp)
792	pcap_close(pcap_fp_rx);
793
794	exit(0);
795	}
796
797
798	static void
799	start_servers(bool restart)
800	{
801	struct ead_instance *in;
802	struct list_head *p;
803
804	list_for_each(p, &instances) {
805	in = list_entry(p, struct ead_instance, list);
806	if (in->pid > 0)
807	continue;
808
809	sleep(1);
810	start_server(in);
811	}
812	}
813
814	static void
815	stop_server(struct ead_instance *in, bool do_free)
816	{
817	if (in->pid > 0)
818	kill(in->pid, SIGKILL);
819	in->pid = 0;
820	if (do_free) {
821	list_del(&in->list);
822	free(in);
823	}
824	}
825
826	static void
827	server_handle_sigint(int sig)
828	{
829	struct ead_instance *in;
830	struct list_head p, tmp;
831
832	list_for_each_safe(p, tmp, &instances) {
833	in = list_entry(p, struct ead_instance, list);
834	stop_server(in, true);
835	}
836	exit(1);
837	}
838
839	#ifdef linux
840	static int
841	check_bridge_port(const char br, const char port, void *arg)
842	{
843	struct ead_instance *in;
844	struct list_head p, tmp;
845
846	list_for_each(p, &instances) {
847	in = list_entry(p, struct ead_instance, list);
848
849	if (strcmp(in->ifname, port) != 0)
850	continue;
851
852	in->br_check = true;
853	if (strcmp(in->bridge, br) == 0)
854	break;
855
856	strncpy(in->bridge, br, sizeof(in->bridge));
857	DEBUG(2, "assigning port %s to bridge %s\n", in->ifname, in->bridge);
858	stop_server(in, false);
859	}
860	return 0;
861	}
862
863	static int
864	check_bridge(const char name, void arg)
865	{
866	br_foreach_port(name, check_bridge_port, arg);
867	return 0;
868	}
869	#endif
870
871	static void
872	check_all_interfaces(void)
873	{
874	#ifdef linux
875	struct ead_instance *in;
876	struct list_head p, tmp;
877
878	br_foreach_bridge(check_bridge, NULL);
879
880	/* look for interfaces that are no longer part of a bridge */
881	list_for_each(p, &instances) {
882	in = list_entry(p, struct ead_instance, list);
883
884	if (in->br_check) {
885	in->br_check = false;
886	} else if (in->bridge[0]) {
887	DEBUG(2, "removing port %s from bridge %s\n", in->ifname, in->bridge);
888	in->bridge[0] = 0;
889	stop_server(in, false);
890	}
891	}
892	#endif
893	}
894
895
896	int main(int argc, char **argv)
897	{
898	struct ead_instance *in;
899	struct timeval tv;
900	const char *pidfile = NULL;
901	bool background = false;
902	int n_iface = 0;
903	int fd, ch;
904
905	if (argc == 1)
906	return usage(argv[0]);
907
908	INIT_LIST_HEAD(&instances);
909	while ((ch = getopt(argc, argv, "Bd:D:fhp:P:")) != -1) {
910	switch(ch) {
911	case 'B':
912	background = true;
913	break;
914	case 'f':
915	nonfork = true;
916	break;
917	case 'h':
918	return usage(argv[0]);
919	case 'd':
920	in = malloc(sizeof(struct ead_instance));
921	memset(in, 0, sizeof(struct ead_instance));
922	INIT_LIST_HEAD(&in->list);
923	strncpy(in->ifname, optarg, sizeof(in->ifname) - 1);
924	list_add(&in->list, &instances);
925	in->id = n_iface++;
926	break;
927	case 'D':
928	dev_name = optarg;
929	break;
930	case 'p':
931	passwd_file = optarg;
932	break;
933	case 'P':
934	pidfile = optarg;
935	break;
936	}
937	}
938	signal(SIGCHLD, server_handle_sigchld);
939	signal(SIGINT, server_handle_sigint);
940	signal(SIGTERM, server_handle_sigint);
941	signal(SIGKILL, server_handle_sigint);
942
943	if (!n_iface) {
944	fprintf(stderr, "Error: ead needs at least one interface\n");
945	return -1;
946	}
947
948	if (background) {
949	if (fork() > 0)
950	exit(0);
951
952	fd = open("/dev/null", O_RDWR);
953	dup2(fd, 0);
954	dup2(fd, 1);
955	dup2(fd, 2);
956	}
957
958	if (pidfile) {
959	char pid[8];
960	int len;
961
962	unlink(pidfile);
963	fd = open(pidfile, O_CREAT\|O_WRONLY\|O_EXCL, 0644);
964	if (fd > 0) {
965	len = sprintf(pid, "%d\n", getpid());
966	write(fd, pid, len);
967	close(fd);
968	}
969	}
970
971	/* randomize the mac address */
972	get_random_bytes(ethmac + 3, 3);
973	nid = (((u16_t ) ethmac) + 2);
974
975	start_servers(false);
976	#ifdef linux
977	br_init();
978	#endif
979	tv.tv_sec = 1;
980	tv.tv_usec = 0;
981	while (1) {
982	check_all_interfaces();
983	start_servers(true);
984	sleep(1);
985	}
986	#ifdef linux
987	br_shutdown();
988	#endif
989
990	return 0;
991	}
992

Download this file

Branches:
backfire
history
master
release_2010-11-17
release_2010-12-14
release_2011-02-23
release_2011-05-28
release_2011-08-27
release_2011-11-13
release_2012-03-18
release_2012-04-09
release_2012-10-11
uclibc_nptl

OpenWrt XBurst

OpenWrt XBurst Git Source Tree

Root/package/ead/src/ead.c

interactive