From 7213dc6dcbea0c7dd126ef1dfd5eed95816ab822 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Sun, 7 Sep 2025 10:02:15 +0200 Subject: [PATCH] ucentral-tools: the git repo is gone, move the code into the package Signed-off-by: John Crispin --- feeds/ucentral/ucentral-tools/Makefile | 6 - .../ucentral-tools/src/CMakeLists.txt | 36 + .../ucentral-tools/src/dhcpdiscover.c | 1345 +++++++++++++++++ feeds/ucentral/ucentral-tools/src/dnsprobe.c | 690 +++++++++ .../ucentral-tools/src/firstcontact.c | 100 ++ .../ucentral/ucentral-tools/src/ip-collide.c | 86 ++ .../ucentral/ucentral-tools/src/radiusprobe.c | 47 + 7 files changed, 2304 insertions(+), 6 deletions(-) create mode 100644 feeds/ucentral/ucentral-tools/src/CMakeLists.txt create mode 100644 feeds/ucentral/ucentral-tools/src/dhcpdiscover.c create mode 100644 feeds/ucentral/ucentral-tools/src/dnsprobe.c create mode 100644 feeds/ucentral/ucentral-tools/src/firstcontact.c create mode 100644 feeds/ucentral/ucentral-tools/src/ip-collide.c create mode 100644 feeds/ucentral/ucentral-tools/src/radiusprobe.c diff --git a/feeds/ucentral/ucentral-tools/Makefile b/feeds/ucentral/ucentral-tools/Makefile index 179c58f44..461311947 100644 --- a/feeds/ucentral/ucentral-tools/Makefile +++ b/feeds/ucentral/ucentral-tools/Makefile @@ -3,12 +3,6 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ucentral-tools PKG_RELEASE:=1 -PKG_SOURCE_URL=https://github.com/blogic/ucentral-tools.git -PKG_MIRROR_HASH:=9ae6a0cd431595871c233550427c4043c2ba7ddb3c5d87e46ab74a03b2b5a947 -PKG_SOURCE_PROTO:=git -PKG_SOURCE_DATE:=2021-01-28 -PKG_SOURCE_VERSION:=b013fc636e48d407870a46aaa68a09ed74de8d6f - PKG_MAINTAINER:=John Crispin PKG_LICENSE:=BSD-3-Clause diff --git a/feeds/ucentral/ucentral-tools/src/CMakeLists.txt b/feeds/ucentral/ucentral-tools/src/CMakeLists.txt new file mode 100644 index 000000000..e15bf82da --- /dev/null +++ b/feeds/ucentral/ucentral-tools/src/CMakeLists.txt @@ -0,0 +1,36 @@ +cmake_minimum_required(VERSION 2.6) + +PROJECT(openwifi-tools C) +INCLUDE(GNUInstallDirs) +ADD_DEFINITIONS(-Os -ggdb -Wall -Werror --std=gnu99 -Wmissing-declarations) + +SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "") + +ADD_EXECUTABLE(firstcontact firstcontact.c) +TARGET_LINK_LIBRARIES(firstcontact curl crypto ssl ubox) +INSTALL(TARGETS firstcontact + RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR} +) + +ADD_EXECUTABLE(dhcpdiscover dhcpdiscover.c) +INSTALL(TARGETS dhcpdiscover + RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR} +) + +ADD_EXECUTABLE(dnsprobe dnsprobe.c) +TARGET_LINK_LIBRARIES(dnsprobe ubox resolv) +INSTALL(TARGETS dnsprobe + RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR} +) + +ADD_EXECUTABLE(radiusprobe radiusprobe.c) +TARGET_LINK_LIBRARIES(radiusprobe radcli) +INSTALL(TARGETS radiusprobe + RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR} +) + +ADD_EXECUTABLE(ip-collide ip-collide.c) +TARGET_LINK_LIBRARIES(ip-collide ubox) +INSTALL(TARGETS ip-collide + RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR} +) diff --git a/feeds/ucentral/ucentral-tools/src/dhcpdiscover.c b/feeds/ucentral/ucentral-tools/src/dhcpdiscover.c new file mode 100644 index 000000000..2e8c0ebfd --- /dev/null +++ b/feeds/ucentral/ucentral-tools/src/dhcpdiscover.c @@ -0,0 +1,1345 @@ +/****************************************************************************** + * + * Original name: CHECK_DHCP.C + * Current name: DHCPDISCOVER.C + * + * License: GPL + * Copyright (c) 2001-2004 Ethan Galstad (nagios@nagios.org) + * Copyright (c) 2006-2013 OpenWRT.org + * + * License Information: + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + *****************************************************************************/ + +const char* COPYRIGHT = " \ +*\n \ +* License: GPL\n \ +* Copyright (c) 2001-2004 Ethan Galstad (nagios@nagios.org)\n \ +* Copyright (c) 2006-2013 OpenWRT.org \n \ +* ====================================================== \n \ +* Mike Gore 25 Aug 2005 \n \ +* Modified for standalone operation \n \ +* ====================================================== \n \ +* Pau Escrich Jun 2013 \n \ +* Added -b option and ported to OpenWRT \n \ +* ====================================================== \n \ +*\n \ +** License Information:\n \ +*\n \ +* This program is free software; you can redistribute it and/or modify\n \ +* it under the terms of the GNU General Public License as published by\n \ +* the Free Software Foundation; either version 2 of the License, or\n \ +* (at your option) any later version.\n \ +*\n \ +* This program is distributed in the hope that it will be useful,\n \ +* but WITHOUT ANY WARRANTY; without even the implied warranty of\n \ +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n \ +* GNU General Public License for more details.\n \ +*\n \ +* You should have received a copy of the GNU General Public License\n \ +* along with this program; if not, write to the Free Software\n \ +* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n \ +*\n \ +* $Id: dhcpdiscover.c,v 2$\n \ +*"; + +const char* progname = "dhcpdiscover"; +const char* revision = "$Revision: 2$"; +const char* copyright = "2006-2013"; +const char* email = "p4u@dabax.net"; + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#if defined(__linux__) + +#include +#include + +#elif defined(__bsd__) + +#include +#include +#include + +#elif defined(__sun__) || defined(__solaris__) || defined(__hpux__) + +#define INSAP 22 +#define OUTSAP 24 + +#include +#include +#include +#include +#include + +#define bcopy(source, destination, length) memcpy(destination, source, length) + +#define AREA_SZ 5000 /* buffer length in bytes */ +static u_long ctl_area[AREA_SZ]; +static u_long dat_area[AREA_SZ]; +static struct strbuf ctl = { AREA_SZ, 0, (char*)ctl_area }; +static struct strbuf dat = { AREA_SZ, 0, (char*)dat_area }; + +#define GOT_CTRL 1 +#define GOT_DATA 2 +#define GOT_BOTH 3 +#define GOT_INTR 4 +#define GOT_ERR 128 + +#define u_int8_t uint8_t +#define u_int16_t uint16_t +#define u_int32_t uint32_t + +static int get_msg(int); +static int check_ctrl(int); +static int put_ctrl(int, int, int); +static int put_both(int, int, int, int); +static int dl_open(const char*, int, int*); +static int dl_bind(int, int, u_char*); +long mac_addr_dlpi(const char*, int, u_char*); + +#endif + +#define HAVE_GETOPT_H + +#define usage printf + +/**** Common definitions ****/ + +#define STATE_OK 0 +#define STATE_WARNING 1 +#define STATE_CRITICAL 2 +#define STATE_UNKNOWN -1 + +#define OK 0 +#define ERROR -1 + +#define FALSE 0 +#define TRUE 1 + +/**** DHCP definitions ****/ + +#define MAX_DHCP_CHADDR_LENGTH 16 +#define MAX_DHCP_SNAME_LENGTH 64 +#define MAX_DHCP_FILE_LENGTH 128 +#define MAX_DHCP_OPTIONS_LENGTH 312 + +typedef struct dhcp_packet_struct { + u_int8_t op; /* packet type */ + u_int8_t htype; /* type of hardware address for this machine (Ethernet, etc) */ + u_int8_t hlen; /* length of hardware address (of this machine) */ + u_int8_t hops; /* hops */ + u_int32_t xid; /* random transaction id number - chosen by this machine */ + u_int16_t secs; /* seconds used in timing */ + u_int16_t flags; /* flags */ + struct in_addr ciaddr; /* IP address of this machine (if we already have one) */ + struct in_addr yiaddr; /* IP address of this machine (offered by the DHCP server) */ + struct in_addr siaddr; /* IP address of DHCP server */ + struct in_addr giaddr; /* IP address of DHCP relay */ + unsigned char chaddr[MAX_DHCP_CHADDR_LENGTH]; /* hardware address of this machine */ + char sname[MAX_DHCP_SNAME_LENGTH]; /* name of DHCP server */ + char file[MAX_DHCP_FILE_LENGTH]; /* boot file name (used for diskless + booting?) */ + char options[MAX_DHCP_OPTIONS_LENGTH]; /* options */ +} dhcp_packet; + +typedef struct dhcp_offer_struct { + struct in_addr server_address; /* address of DHCP server that sent this offer */ + struct in_addr offered_address; /* the IP address that was offered to us */ + u_int32_t lease_time; /* lease time in seconds */ + u_int32_t renewal_time; /* renewal time in seconds */ + u_int32_t rebinding_time; /* rebinding time in seconds */ + struct dhcp_offer_struct* next; +} dhcp_offer; + +typedef struct requested_server_struct { + struct in_addr server_address; + struct requested_server_struct* next; +} requested_server; + +#define BOOTREQUEST 1 +#define BOOTREPLY 2 + +#define DHCPDISCOVER 1 +#define DHCPOFFER 2 +#define DHCPREQUEST 3 +#define DHCPDECLINE 4 +#define DHCPACK 5 +#define DHCPNACK 6 +#define DHCPRELEASE 7 + +#define DHCP_OPTION_MESSAGE_TYPE 53 +#define DHCP_OPTION_HOST_NAME 12 +#define DHCP_OPTION_BROADCAST_ADDRESS 28 +#define DHCP_OPTION_REQUESTED_ADDRESS 50 +#define DHCP_OPTION_LEASE_TIME 51 +#define DHCP_OPTION_RENEWAL_TIME 58 +#define DHCP_OPTION_REBINDING_TIME 59 + +#define DHCP_INFINITE_TIME 0xFFFFFFFF + +#define DHCP_BROADCAST_FLAG 32768 + +#define DHCP_SERVER_PORT 67 +#define DHCP_CLIENT_PORT 68 + +#define ETHERNET_HARDWARE_ADDRESS 1 /* used in htype field of dhcp packet */ +#define ETHERNET_HARDWARE_ADDRESS_LENGTH 6 /* length of Ethernet hardware addresses */ + +unsigned char client_hardware_address[MAX_DHCP_CHADDR_LENGTH] = ""; +unsigned int my_client_mac[MAX_DHCP_CHADDR_LENGTH]; +int mymac = 0; + +struct in_addr banned_ip; +int banned = 0; +char baddr[16]; + +char network_interface_name[16] = "eth0"; + +u_int32_t packet_xid = 0; + +u_int32_t dhcp_lease_time = 0; +u_int32_t dhcp_renewal_time = 0; +u_int32_t dhcp_rebinding_time = 0; + +int dhcpoffer_timeout = 2; + +dhcp_offer* dhcp_offer_list = NULL; +requested_server* requested_server_list = NULL; + +int valid_responses = 0; /* number of valid DHCPOFFERs we received */ +int requested_servers = 0; +int requested_responses = 0; + +int request_specific_address = FALSE; +int received_requested_address = FALSE; +int verbose = 0; +int prometheus = 0; +struct in_addr requested_address; + +static void print_revision(const char* progname, const char* revision) { + fprintf(stderr, "Program: %s %s\n", progname, revision); +} + +int process_arguments(int, char**); +int call_getopt(int, char**); +int validate_arguments(void); +void print_usage(void); +void print_help(void); + +int get_hardware_address(int, char*); + +int send_dhcp_discover(int); +int get_dhcp_offer(int); + +int get_results(void); + +int add_dhcp_offer(struct in_addr, dhcp_packet*); +int free_dhcp_offer_list(void); +int free_requested_server_list(void); + +int create_dhcp_socket(void); +int close_dhcp_socket(int); +int send_dhcp_packet(void*, int, int, struct sockaddr_in*); +int receive_dhcp_packet(void*, int, int, int, struct sockaddr_in*); + +int main(int argc, char** argv) +{ + int dhcp_socket; + int result = STATE_UNKNOWN; + + setlocale(LC_ALL, ""); + // bindtextdomain (PACKAGE, LOCALEDIR); + // textdomain (PACKAGE); + + if (process_arguments(argc, argv) != OK) { + printf("Could not parse arguments"); + } + + // Set banned addr in string format in global var baddr + if (banned) { + inet_ntop(AF_INET, &(banned_ip), baddr, INET_ADDRSTRLEN); + if (verbose) + fprintf(stderr, "Banned addr:%s\n", baddr); + } + + /* create socket for DHCP communications */ + dhcp_socket = create_dhcp_socket(); + + /* get hardware address of client machine */ + get_hardware_address(dhcp_socket, network_interface_name); + + /* send DHCPDISCOVER packet */ + send_dhcp_discover(dhcp_socket); + + /* wait for a DHCPOFFER packet */ + get_dhcp_offer(dhcp_socket); + + /* close socket we created */ + close_dhcp_socket(dhcp_socket); + + /* determine state/plugin output to return */ + if (!prometheus) { + result = get_results(); + } + + /* free allocated memory */ + free_dhcp_offer_list(); + free_requested_server_list(); + + return result; +} + +/* determines hardware address on client machine */ +int get_hardware_address(int sock, char* interface_name) +{ + int i; + +#if defined(__linux__) + struct ifreq ifr; + + strncpy((char*)&ifr.ifr_name, interface_name, sizeof(ifr.ifr_name)); + + // Added code to try to set local MAC address just to be through + // If this fails the test will still work since + // we do encode the MAC as part of the DHCP frame - tests show it works + if (mymac) { + int i; + for (i = 0; i < MAX_DHCP_CHADDR_LENGTH; ++i) + client_hardware_address[i] = my_client_mac[i]; + memcpy(&ifr.ifr_hwaddr.sa_data, &client_hardware_address[0], 6); + if (ioctl(sock, SIOCSIFHWADDR, &ifr) < 0) { + fprintf(stderr, "Could not set hardware address of interface '%s'\n", interface_name); + // perror("Error"); + // exit(STATE_UNKNOWN); + } + } else { + /* try and grab hardware address of requested interface */ + if (ioctl(sock, SIOCGIFHWADDR, &ifr) < 0) { + fprintf(stderr, "Could not get hardware address of interface '%s'\n", interface_name); + exit(STATE_UNKNOWN); + } + memcpy(&client_hardware_address[0], &ifr.ifr_hwaddr.sa_data, 6); + } + +#elif defined(__bsd__) + /* King 2004 see ACKNOWLEDGEMENTS */ + + int mib[6], len; + char* buf; + unsigned char* ptr; + struct if_msghdr* ifm; + struct sockaddr_dl* sdl; + + mib[0] = CTL_NET; + mib[1] = AF_ROUTE; + mib[2] = 0; + mib[3] = AF_LINK; + mib[4] = NET_RT_IFLIST; + + if ((mib[5] = if_nametoindex(interface_name)) == 0) { + fprintf(stderr, "if_nametoindex error - %s.\n", strerror(errno); + exit(STATE_UNKNOWN); + } + + if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) { + fprintf(stderr, "Couldn't get hardware address from %s. sysctl 1 error - %s.\n", interface_name, strerror(errno); + exit(STATE_UNKNOWN); + } + + if ((buf = malloc(len)) == NULL) { + fprintf(stderr, "Couldn't get hardware address from interface %s. malloc error - %s.\n", interface_name, strerror(errno); + exit(4); + } + + if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) { + fprintf(stderr, "Couldn't get hardware address from %s. sysctl 2 error - %s.\n", interface_name, strerror(errno); + exit(STATE_UNKNOWN); + } + + ifm = (struct if_msghdr*)buf; + sdl = (struct sockaddr_dl*)(ifm + 1); + ptr = (unsigned char*)LLADDR(sdl); + memcpy(&client_hardware_address[0], ptr, 6); + /* King 2004 */ + +#elif defined(__sun__) || defined(__solaris__) + + /* Kompf 2000-2003 see ACKNOWLEDGEMENTS */ + long stat; + char dev[20] = "/dev/"; + char* p; + int unit; + + for (p = interface_name; *p && isalpha(*p); p++) + /* no-op */; + if (p != '\0') { + unit = atoi(p); + *p = '\0'; + strncat(dev, interface_name, 6); + } else { + fprintf(stderr, "can't find unit number in interface_name (%s) - expecting " + "TypeNumber eg lnc0.\n", interface_name); + exit(STATE_UNKNOWN); + } + stat = mac_addr_dlpi(dev, unit, client_hardware_address); + if (stat != 0) { + fprintf(stderr, "can't read MAC address from DLPI streams interface for " + "device %s unit %d.\n", dev, unit); + exit(STATE_UNKNOWN); + } + +#elif defined(__hpux__) + + long stat; + char dev[20] = "/dev/dlpi"; + int unit = 0; + + stat = mac_addr_dlpi(dev, unit, client_hardware_address); + if (stat != 0) { + fprintf(stderr, "can't read MAC address from DLPI streams interface for " + "device %s unit %d.\n", dev, unit); + exit(STATE_UNKNOWN); + } + /* Kompf 2000-2003 */ + +#else + fprintf(stderr, "can't get MAC address for this architecture.\n"); + exit(STATE_UNKNOWN); +#endif + + if (verbose) { + fprintf(stderr, "Hardware address: "); + for (i = 0; i < 6; ++i) + fprintf(stderr, "%2.2x", client_hardware_address[i]); + fprintf(stderr, "\n"); + } + + return OK; +} + +/* sends a DHCPDISCOVER broadcast message in an attempt to find DHCP servers */ +int send_dhcp_discover(int sock) +{ + dhcp_packet discover_packet; + struct sockaddr_in sockaddr_broadcast; + + /* clear the packet data structure */ + bzero(&discover_packet, sizeof(discover_packet)); + + /* boot request flag (backward compatible with BOOTP servers) */ + discover_packet.op = BOOTREQUEST; + + /* hardware address type */ + discover_packet.htype = ETHERNET_HARDWARE_ADDRESS; + + /* length of our hardware address */ + discover_packet.hlen = ETHERNET_HARDWARE_ADDRESS_LENGTH; + + discover_packet.hops = 0; + + /* transaction id is supposed to be random */ + srand(time(NULL)); + packet_xid = random(); + discover_packet.xid = htonl(packet_xid); + + /**** WHAT THE HECK IS UP WITH THIS?!? IF I DON'T MAKE THIS CALL, ONLY ONE + * SERVER RESPONSE IS PROCESSED!!!! ****/ + /* downright bizzarre... */ + ntohl(discover_packet.xid); + + /*discover_packet.secs=htons(65535);*/ + discover_packet.secs = 0xFF; + + /* tell server it should broadcast its response */ + discover_packet.flags = htons(DHCP_BROADCAST_FLAG); + + /* our hardware address */ + memcpy(discover_packet.chaddr, client_hardware_address, ETHERNET_HARDWARE_ADDRESS_LENGTH); + + /* first four bytes of options field is magic cookie (as per RFC 2132) */ + discover_packet.options[0] = '\x63'; + discover_packet.options[1] = '\x82'; + discover_packet.options[2] = '\x53'; + discover_packet.options[3] = '\x63'; + + /* DHCP message type is embedded in options field */ + discover_packet.options[4] = DHCP_OPTION_MESSAGE_TYPE; /* DHCP message type option identifier */ + discover_packet.options[5] = '\x01'; /* DHCP message option length in bytes */ + discover_packet.options[6] = DHCPDISCOVER; + + /* the IP address we're requesting */ + if (request_specific_address == TRUE) { + discover_packet.options[7] = DHCP_OPTION_REQUESTED_ADDRESS; + discover_packet.options[8] = '\x04'; + memcpy(&discover_packet.options[9], &requested_address, sizeof(requested_address)); + } + + /* send the DHCPDISCOVER packet to broadcast address */ + sockaddr_broadcast.sin_family = AF_INET; + sockaddr_broadcast.sin_port = htons(DHCP_SERVER_PORT); + sockaddr_broadcast.sin_addr.s_addr = INADDR_BROADCAST; + bzero(&sockaddr_broadcast.sin_zero, sizeof(sockaddr_broadcast.sin_zero)); + + if (verbose) { + fprintf(stderr, "DHCPDISCOVER to %s port %d\n", + inet_ntoa(sockaddr_broadcast.sin_addr), + ntohs(sockaddr_broadcast.sin_port)); + fprintf(stderr, "DHCPDISCOVER XID: %lu (0x%X)\n", + (unsigned long)ntohl(discover_packet.xid), + ntohl(discover_packet.xid)); + fprintf(stderr, "DHCDISCOVER ciaddr: %s\n", inet_ntoa(discover_packet.ciaddr)); + fprintf(stderr, "DHCDISCOVER yiaddr: %s\n", inet_ntoa(discover_packet.yiaddr)); + fprintf(stderr, "DHCDISCOVER siaddr: %s\n", inet_ntoa(discover_packet.siaddr)); + fprintf(stderr, "DHCDISCOVER giaddr: %s\n", inet_ntoa(discover_packet.giaddr)); + } + + /* send the DHCPDISCOVER packet out */ + send_dhcp_packet(&discover_packet, sizeof(discover_packet), sock, &sockaddr_broadcast); + + if (verbose) + fprintf(stderr, "\n\n"); + + return OK; +} + +/* waits for a DHCPOFFER message from one or more DHCP servers */ +int get_dhcp_offer(int sock) +{ + dhcp_packet offer_packet; + struct sockaddr_in source; + int result = OK; + int responses = 0; + int x; + time_t start_time; + time_t current_time; + + time(&start_time); + + /* receive as many responses as we can */ + for (responses = 0, valid_responses = 0;;) { + time(¤t_time); + if ((current_time - start_time) >= dhcpoffer_timeout) + break; + + if (verbose) + fprintf(stderr, "\n\n"); + + bzero(&source, sizeof(source)); + bzero(&offer_packet, sizeof(offer_packet)); + + result = OK; + result = receive_dhcp_packet(&offer_packet, sizeof(offer_packet), sock, + dhcpoffer_timeout, &source); + + // checks if the source address is the banned one + char saddr[16]; + inet_ntop(AF_INET, &(source.sin_addr), saddr, INET_ADDRSTRLEN); + + if (banned && strcmp(saddr, baddr) == 0) { + fprintf(stderr, "DHCP offer comming from the banned addr %s, ignoring it\n", + baddr); + result = 1; + } + + if (result != OK) { + if (verbose) + fprintf(stderr, "Result=ERROR\n"); + continue; + } else { + if (verbose) + fprintf(stderr, "Result=OK\n"); + responses++; + } + + if (verbose) { + fprintf(stderr, "DHCPOFFER from IP address %s\n", inet_ntoa(source.sin_addr)); + fprintf(stderr, "DHCPOFFER XID: %lu (0x%X)\n", + (unsigned long)ntohl(offer_packet.xid), ntohl(offer_packet.xid)); + } + + /* check packet xid to see if its the same as the one we used in the + * discover packet */ + if (ntohl(offer_packet.xid) != packet_xid) { + if (verbose) + fprintf(stderr, "DHCPOFFER XID (%lu) did not match DHCPDISCOVER XID (%lu) - " + "ignoring packet\n", + (unsigned long)ntohl(offer_packet.xid), + (unsigned long)packet_xid); + continue; + } + + /* check hardware address */ + result = OK; + if (verbose) + fprintf(stderr, "DHCPOFFER chaddr: "); + + for (x = 0; x < ETHERNET_HARDWARE_ADDRESS_LENGTH; x++) { + if (verbose) + fprintf(stderr, "%02X", (unsigned char)offer_packet.chaddr[x]); + + if (offer_packet.chaddr[x] != client_hardware_address[x]) + result = ERROR; + } + + if (verbose) + fprintf(stderr, "\n"); + + if (result == ERROR) { + if (verbose) + fprintf(stderr, "DHCPOFFER hardware address did not match our own - ignoring " + "packet\n"); + continue; + } + + if (verbose) { + fprintf(stderr, "DHCPOFFER ciaddr: %s\n", inet_ntoa(offer_packet.ciaddr)); + fprintf(stderr, "DHCPOFFER yiaddr: %s\n", inet_ntoa(offer_packet.yiaddr)); + fprintf(stderr, "DHCPOFFER siaddr: %s\n", inet_ntoa(offer_packet.siaddr)); + fprintf(stderr, "DHCPOFFER giaddr: %s\n", inet_ntoa(offer_packet.giaddr)); + } + + add_dhcp_offer(source.sin_addr, &offer_packet); + + valid_responses++; + } + + if (verbose) { + fprintf(stderr, "Total responses seen on the wire: %d\n", responses); + fprintf(stderr, "Valid responses for this machine: %d\n", valid_responses); + } + + return OK; +} + +/* sends a DHCP packet */ +int send_dhcp_packet(void* buffer, int buffer_size, int sock, struct sockaddr_in* dest) +{ + int result; + + result = sendto(sock, (char*)buffer, buffer_size, 0, (struct sockaddr*)dest, sizeof(*dest)); + + if (verbose) + fprintf(stderr, "send_dhcp_packet result: %d\n", result); + + if (result < 0) + return ERROR; + + return OK; +} + +/* receives a DHCP packet */ +int receive_dhcp_packet(void* buffer, int buffer_size, int sock, int timeout, struct sockaddr_in* address) +{ + struct timeval tv; + fd_set readfds; + int recv_result; + socklen_t address_size; + struct sockaddr_in source_address; + + /* wait for data to arrive (up time timeout) */ + tv.tv_sec = timeout; + tv.tv_usec = 0; + FD_ZERO(&readfds); + FD_SET(sock, &readfds); + select(sock + 1, &readfds, NULL, NULL, &tv); + + /* make sure some data has arrived */ + if (!FD_ISSET(sock, &readfds)) { + if (verbose) + fprintf(stderr, "No (more) data received\n"); + return ERROR; + } + else { + /* why do we need to peek first? i don't know, its a hack. without it, the + source address of the first packet received was not being interpreted + correctly. sigh... */ + bzero(&source_address, sizeof(source_address)); + address_size = sizeof(source_address); + recv_result = recvfrom(sock, (char*)buffer, buffer_size, MSG_PEEK, (struct sockaddr*)&source_address, &address_size); + + if (verbose) + fprintf(stderr, "recv_result_1: %d\n", recv_result); + + recv_result = recvfrom(sock, (char *)buffer, buffer_size, 0, + (struct sockaddr *)&source_address, &address_size); + if (verbose) + fprintf(stderr, "recv_result_2: %d\n", recv_result); + + if (recv_result == -1) { + if (verbose) { + fprintf(stderr, "recvfrom() failed, "); + fprintf(stderr, "errno: (%d) -> %s\n", errno, strerror(errno)); + } + return ERROR; + } else { + if (verbose) { + fprintf(stderr, "receive_dhcp_packet() result: %d\n", recv_result); + fprintf(stderr, "receive_dhcp_packet() source: %s\n", + inet_ntoa(source_address.sin_addr)); + } + + memcpy(address, &source_address, sizeof(source_address)); + return OK; + } + } + + return OK; +} + +/* creates a socket for DHCP communication */ +int create_dhcp_socket(void) +{ + struct sockaddr_in myname; + struct ifreq interface; + int sock; + int flag = 1; + + /* Set up the address we're going to bind to. */ + bzero(&myname, sizeof(myname)); + myname.sin_family = AF_INET; + myname.sin_port = htons(DHCP_CLIENT_PORT); + myname.sin_addr.s_addr = INADDR_ANY; /* listen on any address */ + bzero(&myname.sin_zero, sizeof(myname.sin_zero)); + + /* create a socket for DHCP communications */ + sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + if (sock < 0) { + fprintf(stderr, "Could not create socket!\n"); + exit(STATE_UNKNOWN); + } + + if (verbose) + fprintf(stderr, "DHCP socket: %d\n", sock); + + /* set the reuse address flag so we don't get errors when restarting */ + flag = 1; + if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (char *)&flag, sizeof(flag)) < 0) { + fprintf(stderr, "Could not set reuse address option on DHCP socket!\n"); + exit(STATE_UNKNOWN); + } + + /* set the broadcast option - we need this to listen to DHCP broadcast + * messages */ + if (setsockopt(sock, SOL_SOCKET, SO_BROADCAST, (char *)&flag, sizeof flag) < 0) { + fprintf(stderr, "Could not set broadcast option on DHCP socket!\n"); + exit(STATE_UNKNOWN); + } + + /* bind socket to interface */ +#if defined(__linux__) + strncpy(interface.ifr_ifrn.ifrn_name, network_interface_name, IFNAMSIZ); + if (setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, (char *)&interface, + sizeof(interface)) < 0) { + fprintf(stderr, "Could not bind socket to interface %s. Check your " + "privileges...\n", + network_interface_name); + perror("foo"); + exit(STATE_UNKNOWN); + } +#else + strncpy(interface.ifr_name, network_interface_name, IFNAMSIZ); +#endif + + /* bind the socket */ + if (bind(sock, (struct sockaddr *)&myname, sizeof(myname)) < 0) { + fprintf(stderr, "Could not bind to DHCP socket (port %d)! Check your " + "privileges...\n", DHCP_CLIENT_PORT); + exit(STATE_UNKNOWN); + } + + return sock; +} + +/* closes DHCP socket */ +int close_dhcp_socket(int sock) +{ + close(sock); + return OK; +} + +/* adds a requested server address to list in memory */ +static int add_requested_server(struct in_addr server_address) +{ + requested_server* new_server; + + new_server = (requested_server*)malloc(sizeof(requested_server)); + if (new_server == NULL) + return ERROR; + + new_server->server_address = server_address; + + new_server->next = requested_server_list; + requested_server_list = new_server; + + requested_servers++; + + if (verbose) + fprintf(stderr, "Requested server address: %s\n", + inet_ntoa(new_server->server_address)); + + return OK; +} + +/* adds a DHCP OFFER to list in memory */ +int add_dhcp_offer(struct in_addr source, dhcp_packet* offer_packet) +{ + dhcp_offer* new_offer; + int x; + int y; + unsigned option_type; + unsigned option_length; + + if (offer_packet == NULL) + return ERROR; + + /* process all DHCP options present in the packet */ + for (x = 4; x < MAX_DHCP_OPTIONS_LENGTH;) { + + /* end of options (0 is really just a pad, but bail out anyway) */ + if ((int)offer_packet->options[x] == -1 || (int)offer_packet->options[x] == 0) + break; + + /* get option type */ + option_type = offer_packet->options[x++]; + + /* get option length */ + option_length = offer_packet->options[x++]; + + if (verbose) + fprintf(stderr, "Option: %d (0x%02X)\n", option_type, option_length); + + /* get option data */ + if (option_type == DHCP_OPTION_LEASE_TIME) { + memcpy(&dhcp_lease_time, &offer_packet->options[x], sizeof(dhcp_lease_time)); + dhcp_lease_time = ntohl(dhcp_lease_time); + } + if (option_type == DHCP_OPTION_RENEWAL_TIME) { + memcpy(&dhcp_renewal_time, &offer_packet->options[x], sizeof(dhcp_renewal_time)); + dhcp_renewal_time = ntohl(dhcp_renewal_time); + } + if (option_type == DHCP_OPTION_REBINDING_TIME) { + memcpy(&dhcp_rebinding_time, &offer_packet->options[x], sizeof(dhcp_rebinding_time)); + dhcp_rebinding_time = ntohl(dhcp_rebinding_time); + } + + /* skip option data we're ignoring */ + else + for (y = 0; y < option_length; y++, x++); + } + + if (verbose) { + if (dhcp_lease_time == DHCP_INFINITE_TIME) + fprintf(stderr, "Lease Time: Infinite\n"); + else + fprintf(stderr, "Lease Time: %lu seconds\n", (unsigned long)dhcp_lease_time); + if (dhcp_renewal_time == DHCP_INFINITE_TIME) + fprintf(stderr, "Renewal Time: Infinite\n"); + else + fprintf(stderr, "Renewal Time: %lu seconds\n", (unsigned long)dhcp_renewal_time); + if (dhcp_rebinding_time == DHCP_INFINITE_TIME) + fprintf(stderr, "Rebinding Time: Infinite\n"); + fprintf(stderr, "Rebinding Time: %lu seconds\n", (unsigned long)dhcp_rebinding_time); + } + + new_offer = (dhcp_offer*)malloc(sizeof(dhcp_offer)); + + if (new_offer == NULL) + return ERROR; + + new_offer->server_address = source; + new_offer->offered_address = offer_packet->yiaddr; + new_offer->lease_time = dhcp_lease_time; + new_offer->renewal_time = dhcp_renewal_time; + new_offer->rebinding_time = dhcp_rebinding_time; + + if (verbose) { + fprintf(stderr, "Added offer from server @ %s", + inet_ntoa(new_offer->server_address)); + fprintf(stderr, " of IP address %s\n", inet_ntoa(new_offer->offered_address)); + } + + if (prometheus) { + fprintf(stderr, "dhcpdiscover_offer{ "); + fprintf(stderr, "server=\"%s\",", inet_ntoa(new_offer->server_address)); + fprintf(stderr, "address=\"%s\",", inet_ntoa(new_offer->offered_address)); + fprintf(stderr, "dev=\"%s\" } 1\n", network_interface_name); + } + + /* add new offer to head of list */ + new_offer->next = dhcp_offer_list; + dhcp_offer_list = new_offer; + + return OK; +} + +/* frees memory allocated to DHCP OFFER list */ +int free_dhcp_offer_list(void) +{ + dhcp_offer* this_offer; + dhcp_offer* next_offer; + + for (this_offer = dhcp_offer_list; this_offer != NULL; this_offer = next_offer) { + next_offer = this_offer->next; + free(this_offer); + } + + return OK; +} + +/* frees memory allocated to requested server list */ +int free_requested_server_list(void) +{ + requested_server* this_server; + requested_server* next_server; + + for (this_server = requested_server_list; this_server != NULL; this_server = next_server) { + next_server = this_server->next; + free(this_server); + } + + return OK; +} + +/* gets state and plugin output to return */ +int get_results(void) +{ + dhcp_offer* temp_offer; + requested_server* temp_server; + int result; + u_int32_t max_lease_time = 0; + + received_requested_address = FALSE; + + /* checks responses from requested servers */ + requested_responses = 0; + if (requested_servers > 0) { + + for (temp_server = requested_server_list; temp_server != NULL; temp_server = temp_server->next) { + + for (temp_offer = dhcp_offer_list; temp_offer != NULL; temp_offer = temp_offer->next) { + + /* get max lease time we were offered */ + if (temp_offer->lease_time > max_lease_time || temp_offer->lease_time == DHCP_INFINITE_TIME) + max_lease_time = temp_offer->lease_time; + + /* see if we got the address we requested */ + if (!memcmp(&requested_address, &temp_offer->offered_address, sizeof(requested_address))) + received_requested_address = TRUE; + + /* see if the servers we wanted a response from talked to us or not */ + if (!memcmp(&temp_offer->server_address, &temp_server->server_address, sizeof(temp_server->server_address))) { + if (verbose) { + fprintf(stderr, "DHCP Server Match: Offerer=%s", + inet_ntoa(temp_offer->server_address)); + fprintf(stderr, " Requested=%s\n", inet_ntoa(temp_server->server_address)); + } + requested_responses++; + } + } + } + } + + /* else check and see if we got our requested address from any server */ + else { + for (temp_offer = dhcp_offer_list; temp_offer != NULL; temp_offer = temp_offer->next) { + + /* get max lease time we were offered */ + if (temp_offer->lease_time > max_lease_time || temp_offer->lease_time == DHCP_INFINITE_TIME) + max_lease_time = temp_offer->lease_time; + + /* see if we got the address we requested */ + if (!memcmp(&requested_address, &temp_offer->offered_address, sizeof(requested_address))) + received_requested_address = TRUE; + } + } + + result = STATE_OK; + if (valid_responses == 0) + result = STATE_CRITICAL; + else if (requested_servers > 0 && requested_responses == 0) + result = STATE_CRITICAL; + else if (requested_responses < requested_servers) + result = STATE_WARNING; + else if (request_specific_address == TRUE && received_requested_address == FALSE) + result = STATE_WARNING; + + fprintf(stderr, "DHCP %s: ", (result == STATE_OK) ? "ok" : "problem"); + + /* we didn't receive any DHCPOFFERs */ + if (dhcp_offer_list == NULL) { + fprintf(stderr, "No DHCPOFFERs were received.\n"); + return result; + } + + fprintf(stderr, "Received %d DHCPOFFER(s)", valid_responses); + + if (requested_servers > 0) + fprintf(stderr, ", %s%d of %d requested servers responded", + ((requested_responses < requested_servers) && requested_responses > 0) + ? "only " : "", + requested_responses, requested_servers); + + if (request_specific_address == TRUE) + fprintf(stderr, ", requested address (%s) was %soffered", + inet_ntoa(requested_address), + (received_requested_address == TRUE) ? "" : "not "); + + fprintf(stderr, ", max lease time = "); + if (max_lease_time == DHCP_INFINITE_TIME) + fprintf(stderr, "Infinity"); + else + fprintf(stderr, "%lu sec", (unsigned long)max_lease_time); + + fprintf(stderr, ".\n"); + + return result; +} + +/* process command-line arguments */ +int process_arguments(int argc, char** argv) +{ + int c; + + if (argc < 1) + return ERROR; + + c = 0; + while ((c += (call_getopt(argc - c, &argv[c]))) < argc) { + /* + if(is_option(argv[c])) + continue; + */ + } + + return validate_arguments(); +} + +int call_getopt(int argc, char** argv) +{ + int c = 0; + int i = 0; + struct in_addr ipaddress; + +#ifdef HAVE_GETOPT_H + int option_index = 0; + int ret; + static struct option long_options[] = { { "serverip", required_argument, 0, 's' }, { "requestedip", required_argument, 0, 'r' }, { "timeout", required_argument, 0, 't' }, { "interface", required_argument, 0, 'i' }, { "mac", required_argument, 0, 'm' }, { "bannedip", required_argument, 0, 'b' }, { "verbose", no_argument, 0, 'v' }, { "prometheus", no_argument, 0, 'p' }, { "version", no_argument, 0, 'V' }, { "help", no_argument, 0, 'h' }, { 0, 0, 0, 0 } }; +#endif + + while (1) { +#ifdef HAVE_GETOPT_H + c = getopt_long(argc, argv, "+hVvpt:s:r:t:i:m:b:", long_options, &option_index); +#else + c = getopt(argc, argv, "+?hVvpt:s:r:t:i:m:b:"); +#endif + + i++; + + if (c == -1 || c == EOF || c == 1) + break; + + switch (c) { + case 'w': + case 'r': + case 't': + case 'i': + i++; + break; + default: + break; + } + + switch (c) { + + case 'm': /* Our MAC address */ + { + ret = sscanf(optarg, "%x:%x:%x:%x:%x:%x", my_client_mac + 0, my_client_mac + 1, my_client_mac + 2, my_client_mac + 3, my_client_mac + 4, my_client_mac + 5); + if (ret != 6) { + usage("Invalid MAC address\n"); + break; + } + for (i = 0; i < 6; ++i) + client_hardware_address[i] = my_client_mac[i]; + } + mymac = 1; + break; + case 'b': /* Banned IP */ + if (inet_aton(optarg, &ipaddress)) { + banned_ip = ipaddress; + banned = 1; + } else + fprintf(stderr, "Banned IP not specified, ignoring -b"); + break; + + case 's': /* DHCP server address */ + if (inet_aton(optarg, &ipaddress)) + add_requested_server(ipaddress); + /* + else + usage("Invalid server IP address\n"); + */ + break; + + case 'r': /* address we are requested from DHCP servers */ + if (inet_aton(optarg, &ipaddress)) { + requested_address = ipaddress; + request_specific_address = TRUE; + } + /* + else + usage("Invalid requested IP address\n"); + */ + break; + + case 't': /* timeout */ + /* + if(is_intnonneg(optarg)) + */ + if (atoi(optarg) > 0) + dhcpoffer_timeout = atoi(optarg); + /* + else + usage("Time interval must be a nonnegative integer\n"); + */ + break; + + case 'i': /* interface name */ + strncpy(network_interface_name, optarg, + sizeof(network_interface_name) - 1); + network_interface_name[sizeof(network_interface_name) - 1] = '\x0'; + break; + + case 'V': /* version */ + print_revision(progname, revision); + exit(STATE_OK); + + case 'h': /* help */ + print_help(); + exit(STATE_OK); + + case 'v': /* verbose */ + verbose = 1; + break; + + case 'p': /* prometheus */ + prometheus = 1; + break; + + default: /* help */ + fprintf(stderr, "Unknown argument: %s", optarg); + break; + } + } + + return i; +} + +int validate_arguments(void) { return OK; } + +#if defined(__sun__) || defined(__solaris__) || defined(__hpux__) + +/* Kompf 2000-2003 see ACKNOWLEDGEMENTS */ + +/* get a message from a stream; return type of message */ +static int get_msg(int fd) +{ + int flags = 0; + int res, ret; + ctl_area[0] = 0; + dat_area[0] = 0; + ret = 0; + res = getmsg(fd, &ctl, &dat, &flags); + + if (res < 0) { + if (errno == EINTR) { + return (GOT_INTR); + } else { + fprintf(stderr, "%s\n", "get_msg FAILED."); + return (GOT_ERR); + } + } + if (ctl.len > 0) { + ret |= GOT_CTRL; + } + if (dat.len > 0) { + ret |= GOT_DATA; + } + return (ret); +} + +/* verify that dl_primitive in ctl_area = prim */ +static int check_ctrl(int prim) +{ + dl_error_ack_t* err_ack = (dl_error_ack_t*)ctl_area; + if (err_ack->dl_primitive != prim) { + fprintf(stderr, "DLPI stream API failed to get MAC in check_ctrl: %s.\n", strerror(errno); + exit(STATE_UNKNOWN); + } + return 0; +} + +/* put a control message on a stream */ +static int put_ctrl(int fd, int len, int pri) +{ + ctl.len = len; + if (putmsg(fd, &ctl, 0, pri) < 0) { + fprintf(stderr, "DLPI stream API failed to get MAC in put_ctrl/putmsg(): %s.\n", strerror(errno); + exit(STATE_UNKNOWN); + } + return 0; +} + +/* put a control + data message on a stream */ +static int put_both(int fd, int clen, int dlen, int pri) +{ + ctl.len = clen; + dat.len = dlen; + if (putmsg(fd, &ctl, &dat, pri) < 0) { + fprintf(stderr, "DLPI stream API failed to get MAC in put_both/putmsg().\n", strerror(errno); + exit(STATE_UNKNOWN); + } + return 0; +} + +/* open file descriptor and attach */ +static int dl_open(const char* dev, int unit, int* fd) +{ + dl_attach_req_t* attach_req = (dl_attach_req_t*)ctl_area; + if ((*fd = open(dev, O_RDWR)) == -1) { + fprintf(stderr, "DLPI stream API failed to get MAC in dl_attach_req/open(%s..): %s.\n", dev, strerror(errno); + exit(STATE_UNKNOWN); + } + attach_req->dl_primitive = DL_ATTACH_REQ; + attach_req->dl_ppa = unit; + put_ctrl(*fd, sizeof(dl_attach_req_t), 0); + get_msg(*fd); + return check_ctrl(DL_OK_ACK); +} + +/* send DL_BIND_REQ */ +static int dl_bind(int fd, int sap, u_char* addr) +{ + dl_bind_req_t* bind_req = (dl_bind_req_t*)ctl_area; + dl_bind_ack_t* bind_ack = (dl_bind_ack_t*)ctl_area; + bind_req->dl_primitive = DL_BIND_REQ; + bind_req->dl_sap = sap; + bind_req->dl_max_conind = 1; + bind_req->dl_service_mode = DL_CLDLS; + bind_req->dl_conn_mgmt = 0; + bind_req->dl_xidtest_flg = 0; + put_ctrl(fd, sizeof(dl_bind_req_t), 0); + get_msg(fd); + if (GOT_ERR == check_ctrl(DL_BIND_ACK)) { + fprintf(stderr, "DLPI stream API failed to get MAC in dl_bind/check_ctrl(): %s.\n", strerror(errno); + exit(STATE_UNKNOWN); + } + bcopy((u_char*)bind_ack + bind_ack->dl_addr_offset, addr, bind_ack->dl_addr_length); + return 0; +} + +/*********************************************************************** + * interface: + * function mac_addr_dlpi - get the mac address of the interface with + * type dev (eg lnc, hme) and unit (0, 1 ..) + * + * parameter: addr: an array of six bytes, has to be allocated by the caller + * + * return: 0 if OK, -1 if the address could not be determined + * + * + ***********************************************************************/ + +long mac_addr_dlpi(const char* dev, int unit, u_char* addr) +{ + int fd; + u_char mac_addr[25]; + + if (GOT_ERR != dl_open(dev, unit, &fd)) { + if (GOT_ERR != dl_bind(fd, INSAP, mac_addr)) { + bcopy(mac_addr, addr, 6); + return 0; + } + } + close(fd); + return -1; +} + +/* Kompf 2000-2003 */ + +#endif + +/* print usage help */ +void print_help(void) +{ + + print_revision(progname, revision); + + fprintf(stderr, COPYRIGHT, copyright, email); + + fprintf(stderr, "\n\nThis program checks the existence and more details of a DHCP " + "server\n\n"); + + print_usage(); + + fprintf(stderr, "\ + -s, --serverip=IPADDRESS\n\ + IP address of DHCP server that we must hear from\n\ + -r, --requestedip=IPADDRESS\n\ + IP address that should be offered by at least one DHCP server\n\ + -m, --mac=MACADDRESS\n\ + Client MAC address to use for sending packets\n\ + -b, --bannedip=IPADDRESS\n\ + Server IP address to ignore\n\ + -t, --timeout=INTEGER\n\ + Seconds to wait for DHCPOFFER before timeout occurs\n\ + -i, --interface=STRING\n\ + Interface to to use for listening (i.e. eth0)\n\ + -v, --verbose\n\ + Print extra information (command-line use only)\n\ + -p, --prometheus\n\ + Print extra information in prometheus format\n\ + -h, --help\n\ + Print detailed help screen\n\ + -V, --version\n\ + Print version information\n\n\ +Example: sudo ./dhcpdiscover -i eth0 -b 192.168.1.1\n\ +"); +} + +void print_usage(void) +{ + fprintf(stderr, "\ +Usage: %s [-s serverip] [-r requestedip] [-m clientmac ] [-b bannedip] [-t timeout] [-i interface]\n\ + [-v] [-p]", progname); +} diff --git a/feeds/ucentral/ucentral-tools/src/dnsprobe.c b/feeds/ucentral/ucentral-tools/src/dnsprobe.c new file mode 100644 index 000000000..3b06ecb2a --- /dev/null +++ b/feeds/ucentral/ucentral-tools/src/dnsprobe.c @@ -0,0 +1,690 @@ +/* + * nslookup_lede - musl compatible replacement for busybox nslookup + * + * Copyright (C) 2017 Jo-Philipp Wich + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +//config:config NSLOOKUP_OPENWRT +//config: bool "nslookup_openwrt" +//config: depends on !NSLOOKUP +//config: default y +//config: help +//config: nslookup is a tool to query Internet name servers (LEDE flavor). +//config: +//config:config FEATURE_NSLOOKUP_OPENWRT_LONG_OPTIONS +//config: bool "Enable long options" +//config: default y +//config: depends on NSLOOKUP_OPENWRT && LONG_OPTS +//config: help +//config: Support long options for the nslookup applet. + +//applet:IF_NSLOOKUP_OPENWRT(APPLET(nslookup, BB_DIR_USR_BIN, BB_SUID_DROP)) + +//kbuild:lib-$(CONFIG_NSLOOKUP_OPENWRT) += nslookup_lede.o + +//usage:#define nslookup_lede_trivial_usage +//usage: "[HOST] [SERVER]" +//usage:#define nslookup_lede_full_usage "\n\n" +//usage: "Query the nameserver for the IP address of the given HOST\n" +//usage: "optionally using a specified DNS server" +//usage: +//usage:#define nslookup_lede_example_usage +//usage: "$ nslookup localhost\n" +//usage: "Server: default\n" +//usage: "Address: default\n" +//usage: "\n" +//usage: "Name: debian\n" +//usage: "Address: 127.0.0.1\n" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#define ENABLE_FEATURE_IPV6 1 + +typedef struct len_and_sockaddr { + socklen_t len; + union { + struct sockaddr sa; + struct sockaddr_in sin; +#if ENABLE_FEATURE_IPV6 + struct sockaddr_in6 sin6; +#endif + } u; +} len_and_sockaddr; + +struct ns { + const char *name; + len_and_sockaddr addr; + int failures; + int replies; +}; + +struct query { + const char *name; + size_t qlen, rlen; + unsigned char query[512], reply[512]; + unsigned long latency; + int rcode, n_ns; +}; + +static const char *rcodes[] = { + "NOERROR", + "FORMERR", + "SERVFAIL", + "NXDOMAIN", + "NOTIMP", + "REFUSED", + "YXDOMAIN", + "YXRRSET", + "NXRRSET", + "NOTAUTH", + "NOTZONE", + "RESERVED11", + "RESERVED12", + "RESERVED13", + "RESERVED14", + "RESERVED15", + "BADVERS" +}; + +static unsigned int default_port = 53; +static unsigned int default_retry = 1; +static unsigned int default_timeout = 2; + + +static int parse_reply(const unsigned char *msg, size_t len, int *bb_style_counter) +{ + ns_msg handle; + ns_rr rr; + int i, n, rdlen; + const char *format = NULL; + char astr[INET6_ADDRSTRLEN], dname[MAXDNAME]; + const unsigned char *cp; + + if (ns_initparse(msg, len, &handle) != 0) { + //fprintf(stderr, "Unable to parse reply: %s\n", strerror(errno)); + return -1; + } + + for (i = 0; i < ns_msg_count(handle, ns_s_an); i++) { + if (ns_parserr(&handle, ns_s_an, i, &rr) != 0) { + //fprintf(stderr, "Unable to parse resource record: %s\n", strerror(errno)); + return -1; + } + + rdlen = ns_rr_rdlen(rr); + + switch (ns_rr_type(rr)) + { + case ns_t_a: + if (rdlen != 4) { + //fprintf(stderr, "Unexpected A record length\n"); + return -1; + } + inet_ntop(AF_INET, ns_rr_rdata(rr), astr, sizeof(astr)); + printf("Name:\t%s\nAddress: %s\n", ns_rr_name(rr), astr); + break; + +#if ENABLE_FEATURE_IPV6 + case ns_t_aaaa: + if (rdlen != 16) { + //fprintf(stderr, "Unexpected AAAA record length\n"); + return -1; + } + inet_ntop(AF_INET6, ns_rr_rdata(rr), astr, sizeof(astr)); + printf("%s\thas AAAA address %s\n", ns_rr_name(rr), astr); + break; +#endif + + case ns_t_ns: + if (!format) + format = "%s\tnameserver = %s\n"; + /* fall through */ + + case ns_t_cname: + if (!format) + format = "%s\tcanonical name = %s\n"; + /* fall through */ + + case ns_t_ptr: + if (!format) + format = "%s\tname = %s\n"; + if (ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle), + ns_rr_rdata(rr), dname, sizeof(dname)) < 0) { + //fprintf(stderr, "Unable to uncompress domain: %s\n", strerror(errno)); + return -1; + } + printf(format, ns_rr_name(rr), dname); + break; + + case ns_t_mx: + if (rdlen < 2) { + fprintf(stderr, "MX record too short\n"); + return -1; + } + n = ns_get16(ns_rr_rdata(rr)); + if (ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle), + ns_rr_rdata(rr) + 2, dname, sizeof(dname)) < 0) { + //fprintf(stderr, "Cannot uncompress MX domain: %s\n", strerror(errno)); + return -1; + } + printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname); + break; + + case ns_t_txt: + if (rdlen < 1) { + //fprintf(stderr, "TXT record too short\n"); + return -1; + } + n = *(unsigned char *)ns_rr_rdata(rr); + if (n > 0) { + memset(dname, 0, sizeof(dname)); + memcpy(dname, ns_rr_rdata(rr) + 1, n); + printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname); + } + break; + + case ns_t_soa: + if (rdlen < 20) { + //fprintf(stderr, "SOA record too short\n"); + return -1; + } + + printf("%s\n", ns_rr_name(rr)); + + cp = ns_rr_rdata(rr); + n = ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle), + cp, dname, sizeof(dname)); + + if (n < 0) { + //fprintf(stderr, "Unable to uncompress domain: %s\n", strerror(errno)); + return -1; + } + + printf("\torigin = %s\n", dname); + cp += n; + + n = ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle), + cp, dname, sizeof(dname)); + + if (n < 0) { + //fprintf(stderr, "Unable to uncompress domain: %s\n", strerror(errno)); + return -1; + } + + printf("\tmail addr = %s\n", dname); + cp += n; + + printf("\tserial = %lu\n", ns_get32(cp)); + cp += 4; + + printf("\trefresh = %lu\n", ns_get32(cp)); + cp += 4; + + printf("\tretry = %lu\n", ns_get32(cp)); + cp += 4; + + printf("\texpire = %lu\n", ns_get32(cp)); + cp += 4; + + printf("\tminimum = %lu\n", ns_get32(cp)); + break; + + default: + break; + } + } + + return i; +} + +static int parse_nsaddr(const char *addrstr, len_and_sockaddr *lsa) +{ + char *eptr, *hash, ifname[IFNAMSIZ]; + unsigned int port = default_port; + unsigned int scope = 0; + + hash = strchr(addrstr, '#'); + + if (hash) { + *hash++ = '\0'; + port = strtoul(hash, &eptr, 10); + + if (eptr == hash || *eptr != '\0' || port > 65535) { + errno = EINVAL; + return -1; + } + } + + hash = strchr(addrstr, '%'); + + if (hash) { + for (eptr = ++hash; *eptr != '\0' && *eptr != '#'; eptr++) { + if ((eptr - hash) >= IFNAMSIZ) { + errno = ENODEV; + return -1; + } + + ifname[eptr - hash] = *eptr; + } + + ifname[eptr - hash] = '\0'; + scope = if_nametoindex(ifname); + + if (scope == 0) { + errno = ENODEV; + return -1; + } + } + +#if ENABLE_FEATURE_IPV6 + if (inet_pton(AF_INET6, addrstr, &lsa->u.sin6.sin6_addr)) { + lsa->u.sin6.sin6_family = AF_INET6; + lsa->u.sin6.sin6_port = htons(port); + lsa->u.sin6.sin6_scope_id = scope; + lsa->len = sizeof(lsa->u.sin6); + return 0; + } +#endif + + if (!scope && inet_pton(AF_INET, addrstr, &lsa->u.sin.sin_addr)) { + lsa->u.sin.sin_family = AF_INET; + lsa->u.sin.sin_port = htons(port); + lsa->len = sizeof(lsa->u.sin); + return 0; + } + + errno = EINVAL; + return -1; +} + +static unsigned long mtime(void) +{ + struct timespec ts; + clock_gettime(CLOCK_REALTIME, &ts); + return (unsigned long)ts.tv_sec * 1000 + ts.tv_nsec / 1000000; +} + +#if ENABLE_FEATURE_IPV6 +static void to_v4_mapped(len_and_sockaddr *a) +{ + if (a->u.sa.sa_family != AF_INET) + return; + + memcpy(a->u.sin6.sin6_addr.s6_addr + 12, + &a->u.sin.sin_addr, 4); + + memcpy(a->u.sin6.sin6_addr.s6_addr, + "\0\0\0\0\0\0\0\0\0\0\xff\xff", 12); + + a->u.sin6.sin6_family = AF_INET6; + a->u.sin6.sin6_flowinfo = 0; + a->u.sin6.sin6_scope_id = 0; + a->len = sizeof(a->u.sin6); +} +#endif + + +/* + * Function logic borrowed & modified from musl libc, res_msend.c + */ + +static int send_queries(struct ns *ns, int n_ns, struct query *queries, int n_queries) +{ + int fd; + int timeout = default_timeout * 1000, retry_interval, servfail_retry = 0; + len_and_sockaddr from = { }; +#if ENABLE_FEATURE_IPV6 + int one = 1; +#endif + int recvlen = 0; + int n_replies = 0; + struct pollfd pfd; + unsigned long t0, t1, t2; + int nn, qn, next_query = 0; + + from.u.sa.sa_family = AF_INET; + from.len = sizeof(from.u.sin); + +#if ENABLE_FEATURE_IPV6 + for (nn = 0; nn < n_ns; nn++) { + if (ns[nn].addr.u.sa.sa_family == AF_INET6) { + from.u.sa.sa_family = AF_INET6; + from.len = sizeof(from.u.sin6); + break; + } + } +#endif + + /* Get local address and open/bind a socket */ + fd = socket(from.u.sa.sa_family, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); + +#if ENABLE_FEATURE_IPV6 + /* Handle case where system lacks IPv6 support */ + if (fd < 0 && from.u.sa.sa_family == AF_INET6 && errno == EAFNOSUPPORT) { + fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); + from.u.sa.sa_family = AF_INET; + } +#endif + + if (fd < 0) + return -1; + + if (bind(fd, &from.u.sa, from.len) < 0) { + close(fd); + return -1; + } + +#if ENABLE_FEATURE_IPV6 + /* Convert any IPv4 addresses in a mixed environment to v4-mapped */ + if (from.u.sa.sa_family == AF_INET6) { + setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one)); + + for (nn = 0; nn < n_ns; nn++) + to_v4_mapped(&ns[nn].addr); + } +#endif + + pfd.fd = fd; + pfd.events = POLLIN; + retry_interval = timeout / default_retry; + t0 = t2 = mtime(); + t1 = t2 - retry_interval; + + for (; t2 - t0 < timeout; t2 = mtime()) { + if (t2 - t1 >= retry_interval) { + for (qn = 0; qn < n_queries; qn++) { + if (queries[qn].rlen) + continue; + + for (nn = 0; nn < n_ns; nn++) { + sendto(fd, queries[qn].query, queries[qn].qlen, + MSG_NOSIGNAL, &ns[nn].addr.u.sa, ns[nn].addr.len); + } + } + + t1 = t2; + servfail_retry = 2 * n_queries; + } + + /* Wait for a response, or until time to retry */ + if (poll(&pfd, 1, t1+retry_interval-t2) <= 0) + continue; + + while (1) { + recvlen = recvfrom(fd, queries[next_query].reply, + sizeof(queries[next_query].reply), 0, + &from.u.sa, &from.len); + + /* read error */ + if (recvlen < 0) + break; + + /* Ignore non-identifiable packets */ + if (recvlen < 4) + continue; + + /* Ignore replies from addresses we didn't send to */ + for (nn = 0; nn < n_ns; nn++) + if (memcmp(&from.u.sa, &ns[nn].addr.u.sa, from.len) == 0) + break; + + if (nn >= n_ns) + continue; + + /* Find which query this answer goes with, if any */ + for (qn = next_query; qn < n_queries; qn++) + if (!memcmp(queries[next_query].reply, queries[qn].query, 2)) + break; + + if (qn >= n_queries || queries[qn].rlen) + continue; + + queries[qn].rcode = queries[next_query].reply[3] & 15; + queries[qn].latency = mtime() - t0; + queries[qn].n_ns = nn; + + ns[nn].replies++; + + /* Only accept positive or negative responses; + * retry immediately on server failure, and ignore + * all other codes such as refusal. */ + switch (queries[qn].rcode) { + case 0: + case 3: + break; + + case 2: + if (servfail_retry && servfail_retry--) { + ns[nn].failures++; + sendto(fd, queries[qn].query, queries[qn].qlen, + MSG_NOSIGNAL, &ns[nn].addr.u.sa, ns[nn].addr.len); + } + /* fall through */ + + default: + continue; + } + + /* Store answer */ + n_replies++; + + queries[qn].rlen = recvlen; + + if (qn == next_query) { + while (next_query < n_queries) { + if (!queries[next_query].rlen) + break; + + next_query++; + } + } + else { + memcpy(queries[qn].reply, queries[next_query].reply, recvlen); + } + + if (next_query >= n_queries) + return n_replies; + } + } + + return n_replies; +} + +static struct ns *add_ns(struct ns **ns, int *n_ns, const char *addr) +{ + char portstr[sizeof("65535")], *p; + len_and_sockaddr a = { }; + struct ns *tmp; + struct addrinfo *ai, *aip, hints = { + .ai_flags = AI_NUMERICSERV, + .ai_socktype = SOCK_DGRAM + }; + + if (parse_nsaddr(addr, &a)) { + /* Maybe we got a domain name, attempt to resolve it using the standard + * resolver routines */ + + p = strchr(addr, '#'); + snprintf(portstr, sizeof(portstr), "%hu", + (unsigned short)(p ? strtoul(p, NULL, 10) : default_port)); + + if (!getaddrinfo(addr, portstr, &hints, &ai)) { + for (aip = ai; aip; aip = aip->ai_next) { + if (aip->ai_addr->sa_family != AF_INET && + aip->ai_addr->sa_family != AF_INET6) + continue; + +#if ! ENABLE_FEATURE_IPV6 + if (aip->ai_addr->sa_family != AF_INET) + continue; +#endif + + tmp = realloc(*ns, sizeof(**ns) * (*n_ns + 1)); + + if (!tmp) + return NULL; + + *ns = tmp; + + (*ns)[*n_ns].name = addr; + (*ns)[*n_ns].replies = 0; + (*ns)[*n_ns].failures = 0; + (*ns)[*n_ns].addr.len = aip->ai_addrlen; + + memcpy(&(*ns)[*n_ns].addr.u.sa, aip->ai_addr, aip->ai_addrlen); + + (*n_ns)++; + } + + freeaddrinfo(ai); + + return &(*ns)[*n_ns]; + } + + return NULL; + } + + tmp = realloc(*ns, sizeof(**ns) * (*n_ns + 1)); + + if (!tmp) + return NULL; + + *ns = tmp; + + (*ns)[*n_ns].addr = a; + (*ns)[*n_ns].name = addr; + (*ns)[*n_ns].replies = 0; + (*ns)[*n_ns].failures = 0; + + return &(*ns)[(*n_ns)++]; +} + +static struct query *add_query(struct query **queries, int *n_queries, + int type, const char *dname) +{ + struct query *tmp; + ssize_t qlen; + + tmp = realloc(*queries, sizeof(**queries) * (*n_queries + 1)); + + if (!tmp) + return NULL; + + memset(&tmp[*n_queries], 0, sizeof(*tmp)); + + qlen = res_mkquery(QUERY, dname, C_IN, type, NULL, 0, NULL, + tmp[*n_queries].query, sizeof(tmp[*n_queries].query)); + + tmp[*n_queries].qlen = qlen; + tmp[*n_queries].name = dname; + *queries = tmp; + + return &tmp[(*n_queries)++]; +} + +int main(int argc, char **argv) +{ + int rc = 1; + struct ns *ns = NULL; + struct query *queries = NULL; + int n_ns = 0, n_queries = 0; + int c = 0; + + char *url = "telecominfraproject.com"; + char *server = "127.0.0.1"; + int v6 = 0; + + while (1) { + int option = getopt(argc, argv, "u:s:i:6"); + + if (option == -1) + break; + + switch (option) { + case '6': + v6 = 1; + break; + case 'u': + url = optarg; + break; + case 's': + server = optarg; + break; + default: + case 'h': + printf("Usage: dnsprobe OPTIONS\n" + " -6 - use ipv6\n" + " -u \n" + " -s \n"); + return -1; + } + } + + ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "dnsprobe"); + + ULOG_INFO("attempting to probe dns - %s %s %s\n", + url, server, v6 ? "ipv6" : ""); + + + add_query(&queries, &n_queries, v6 ? T_AAAA : T_A, url); + + add_ns(&ns, &n_ns, server); + + rc = send_queries(&ns[0], 1, queries, n_queries); + if (rc <= 0) { + fprintf(stderr, "Failed to send queries: %s\n", strerror(errno)); + rc = -1; + goto out; + } + + if (queries[0].rcode != 0) { + printf("** server can't find %s: %s\n", queries[0].name, + rcodes[queries[0].rcode]); + goto out; + } + + if (queries[0].rlen) { + c = parse_reply(queries[0].reply, queries[0].rlen, NULL); + } + + if (c == 0) + printf("*** Can't find %s: No answer\n", queries[0].name); + else if (c < 0) + printf("*** Can't find %s: Parse error\n", queries[0].name); + else + rc = 0; + +out: + if (n_ns) + free(ns); + + if (n_queries) + free(queries); + + return rc; +} diff --git a/feeds/ucentral/ucentral-tools/src/firstcontact.c b/feeds/ucentral/ucentral-tools/src/firstcontact.c new file mode 100644 index 000000000..da06988e5 --- /dev/null +++ b/feeds/ucentral/ucentral-tools/src/firstcontact.c @@ -0,0 +1,100 @@ +#define _GNU_SOURCE +#include +#include + +#include + +#include + +static const char *file_cert = "/etc/open-wifi/client.pem"; +static const char *file_key = "/etc/open-wifi/client_dec.key"; +static const char *file_json = "/etc/open-wifi/redirector.json"; +static const char *file_dbg = "/tmp/firstcontact.hdr"; + +int main(int argc, char **argv) +{ + FILE *fp_json; + FILE *fp_dbg; + CURLcode res; + CURL *curl; + char *devid = NULL; + char *url; + + while (1) { + int option = getopt(argc, argv, "k:c:o:hi:"); + + if (option == -1) + break; + + switch (option) { + case 'k': + file_key = optarg; + break; + case 'c': + file_cert = optarg; + break; + case 'o': + file_json = optarg; + break; + case 'i': + devid = optarg; + break; + default: + case 'h': + printf("Usage: firstcontact OPTIONS\n" + " -k \n" + " -c \n" + " -o \n" + " -i \n"); + return -1; + } + } + + if (!devid) { + fprintf(stderr, "missing devid\n"); + return -1; + } + + ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "firstcontact"); + ULOG_INFO("attempting first contact\n"); + + fp_dbg = fopen(file_dbg, "wb"); + fp_json = fopen(file_json, "wb"); + if (!fp_json) { + ULOG_ERR("failed to create %s\n", file_json); + return -1; + } + + curl_global_init(CURL_GLOBAL_DEFAULT); + curl = curl_easy_init(); + if (!curl) { + ULOG_ERR("curl_easy_init failed\n"); + return -1; + } + + if (asprintf(&url, "https://clientauth.demo.one.digicert.com/iot/api/v2/device/%s", devid) < 0) { + ULOG_ERR("failed to assemble url\n"); + return -1; + } + + curl_easy_setopt(curl, CURLOPT_URL, url); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, fp_json); + curl_easy_setopt(curl, CURLOPT_HEADERDATA, fp_dbg); + curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); + curl_easy_setopt(curl, CURLOPT_SSLCERT, file_cert); + curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM"); + curl_easy_setopt(curl, CURLOPT_SSLKEY, file_key); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); + + res = curl_easy_perform(curl); + if (res != CURLE_OK) + ULOG_ERR("curl_easy_perform() failed: %s\n", curl_easy_strerror(res)); + else + ULOG_INFO("downloaded first contact data\n"); + curl_easy_cleanup(curl); + curl_global_cleanup(); + + ulog_close(); + + return (res != CURLE_OK); +} diff --git a/feeds/ucentral/ucentral-tools/src/ip-collide.c b/feeds/ucentral/ucentral-tools/src/ip-collide.c new file mode 100644 index 000000000..cf81fc8c1 --- /dev/null +++ b/feeds/ucentral/ucentral-tools/src/ip-collide.c @@ -0,0 +1,86 @@ +#include +#include + +#include +#include + +#include +#include +#include + +struct route { + struct list_head list; + char devname[64]; + uint32_t domain; + uint32_t mask; +}; + +static struct list_head routes = LIST_HEAD_INIT(routes); + +static int parse_routes(void) +{ + FILE *fp = fopen("/proc/net/route", "r"); + int flgs, ref, use, metric, mtu, win, ir; + struct route *route; + unsigned long g; + int r; + + r = fscanf(fp, "%*[^\n]\n"); + if (r < 0) { + fprintf(stderr, "failed to parse routes\n"); + return -1; + } + while (1) { + route = malloc(sizeof(*route)); + if (!route) + break; + memset(route, 0, sizeof(*route)); + r = fscanf(fp, "%63s%x%lx%X%d%d%d%x%d%d%d\n", + route->devname, &route->domain, &g, &flgs, &ref, &use, &metric, &route->mask, + &mtu, &win, &ir); + if (r != 11 && (r < 0) && feof(fp)) + break; + list_add(&route->list, &routes); + printf("1 %s %x %x\n", route->devname, ntohl(route->domain), ntohl(route->mask)); + } + + fclose(fp); + + return 0; +} + +static int find_collisions(void) +{ + struct route *route; + + list_for_each_entry(route, &routes, list) { + struct route *compare; + + if (!route->domain || !route->mask) + continue; + list_for_each_entry(compare, &routes, list) { + if (!compare->domain || !compare->mask) + continue; + if (compare == route) + continue; + if (((route->domain & route->mask) == (compare->domain & route->mask)) || + ((route->domain & compare->mask) == (compare->domain & compare->mask))) { + ULOG_ERR("collision detected\n"); + return 1; + } + } + } + ULOG_INFO("no collision detected\n"); + return 0; +} + +int main(int argc, char **argv) +{ + ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "ip-collide"); + + parse_routes(); + if (!list_empty(&routes)) + return find_collisions(); + + return 0; +} diff --git a/feeds/ucentral/ucentral-tools/src/radiusprobe.c b/feeds/ucentral/ucentral-tools/src/radiusprobe.c new file mode 100644 index 000000000..a86fc7435 --- /dev/null +++ b/feeds/ucentral/ucentral-tools/src/radiusprobe.c @@ -0,0 +1,47 @@ +#include +#include +#include + +int +main(int argc, char **argv) +{ + int result; + char username[128]; + char passwd[AUTH_PASS_LEN + 1]; + VALUE_PAIR *send, *received; + uint32_t service; + rc_handle *rh; + + /* Not needed if you already used openlog() */ + rc_openlog("radiusprobe"); + + if ((rh = rc_read_config("/tmp/radius.conf")) == NULL) + return ERROR_RC; + + strcpy(username, "healthcheck"); + strcpy(passwd, "uCentral"); + + send = NULL; + + if (rc_avpair_add(rh, &send, PW_USER_NAME, username, -1, 0) == NULL) + return ERROR_RC; + + if (rc_avpair_add(rh, &send, PW_USER_PASSWORD, passwd, -1, 0) == NULL) + return ERROR_RC; + + service = PW_AUTHENTICATE_ONLY; + if (rc_avpair_add(rh, &send, PW_SERVICE_TYPE, &service, -1, 0) == NULL) + return ERROR_RC; + + result = rc_auth(rh, 0, send, &received, NULL); + + if (result == OK_RC || result == REJECT_RC) { + fprintf(stderr, "RADIUS server OK\n"); + result = 0; + } else { + fprintf(stderr, "RADIUS server failure\n"); + result = -1; + } + + return result; +}