From 438052747029e2ae78c672ba5af932520bcc7bb9 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 16 Oct 2003 17:36:56 +0000 Subject: man pages git-svn-id: file:///home/lennart/svn/public/waproamd/trunk@19 022f378f-78c4-0310-b860-d162c87e6274 --- Makefile.am | 2 +- conf/Makefile.am | 6 - configure.ac | 30 +-- doc/Makefile.am | 17 +- man/Makefile.am | 43 ++++ man/waproamd.8.xml.in | 203 +++++++++++++++ man/waproamd.conf.5.xml.in | 78 ++++++ man/xmltoman.css | 30 +++ man/xmltoman.xsl | 120 +++++++++ src/Makefile.am | 23 +- src/aes.c | 113 --------- src/aes.h | 29 --- src/aeswepd.c | 599 --------------------------------------------- src/aeswepd.h | 41 ---- src/iwkey.c | 109 --------- src/iwkey.h | 31 --- src/waproamd.c | 6 +- 17 files changed, 498 insertions(+), 982 deletions(-) create mode 100644 man/Makefile.am create mode 100644 man/waproamd.8.xml.in create mode 100644 man/waproamd.conf.5.xml.in create mode 100644 man/xmltoman.css create mode 100644 man/xmltoman.xsl delete mode 100644 src/aes.c delete mode 100644 src/aes.h delete mode 100644 src/aeswepd.c delete mode 100644 src/aeswepd.h delete mode 100644 src/iwkey.c delete mode 100644 src/iwkey.h diff --git a/Makefile.am b/Makefile.am index 49e9e47..80101bd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -17,7 +17,7 @@ # Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. EXTRA_DIST=bootstrap.sh README LICENSE -SUBDIRS=src conf doc #man +SUBDIRS=src conf doc man MAINTAINERCLEANFILES = README noinst_DATA = README diff --git a/conf/Makefile.am b/conf/Makefile.am index 789350f..e3ee3b2 100644 --- a/conf/Makefile.am +++ b/conf/Makefile.am @@ -17,11 +17,7 @@ # Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. EXTRA_DIST = waproamd.init.in waproamd.conf default.in - -if BUILD_WAPROAMD - noinst_DATA = waproamd.init waproamd.conf default - CLEANFILES = waproamd.init default waproamd.init: waproamd.init.in Makefile @@ -42,5 +38,3 @@ uninstall-local: rmdir ${DESTDIR}/${sysconfdir}/waproamd/keys rm -f ${DESTDIR}/${sysconfdir}/init.d/waproamd ${DESTDIR}/${sysconfdir}/waproamd/waproamd.conf rm -f ${DESTDIR}/${sysconfdir}/waproamd/scripts/default - -endif diff --git a/configure.ac b/configure.ac index 99bce11..9800a29 100644 --- a/configure.ac +++ b/configure.ac @@ -20,7 +20,7 @@ # Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. AC_PREREQ(2.57) -AC_INIT([waproamd], [0.2], [mzjncebnzq (at) 0pointer (dot) de]) +AC_INIT([waproamd], [0.3], [mzjncebnzq (at) 0pointer (dot) de]) AC_CONFIG_SRCDIR([src/waproamd.c]) AC_CONFIG_HEADERS([config.h]) AM_INIT_AUTOMAKE([foreign -Wall]) @@ -37,7 +37,7 @@ if test "x$GCC" = "xyes" ; then CFLAGS="$CFLAGS -pipe -Wall" fi -if test -d /usr/local/stow ; then +if type -p stow > /dev/null && test -d /usr/local/stow ; then AC_MSG_NOTICE([*** Found /usr/local/stow: installing to /usr/local/stow/${PACKAGE_NAME}-${PACKAGE_VERSION} ***]) AC_PREFIX_DEFAULT([/usr/local/stow/${PACKAGE_NAME}-${PACKAGE_VERSION}]) fi @@ -48,7 +48,6 @@ AC_HEADER_SYS_WAIT AC_CHECK_HEADERS([fcntl.h limits.h stdint.h stdlib.h string.h sys/ioctl.h sys/socket.h unistd.h]) AC_CHECK_LIB([daemon], [daemon_fork],, [AC_MSG_ERROR([*** Sorry, you have to install libdaemon ***])]) -AC_CHECK_LIB([mcrypt], [mcrypt_module_open], [MCRYPT=1 AC_DEFINE(HAVE_MCRYPT, 1, [libmcrypt available])], [MCRYPT=0]) AC_C_CONST AC_TYPE_MODE_T @@ -101,15 +100,6 @@ fi AM_CONDITIONAL([USE_XMLTOMAN], [test "x$xmltoman" = xyes]) -# Build aeswepd? -AC_ARG_ENABLE(aeswepd, - AC_HELP_STRING([--disable-aeswepd], [Disable building of aeswepd]), -[case "${enableval}" in - yes) aeswepd=yes ;; - no) aeswepd=no ;; - *) AC_MSG_ERROR([bad value ${enableval} for --disable-aeswepd]) ;; -esac], [aeswepd=yes]) - # Build waproamd? AC_ARG_ENABLE(waproamd, AC_HELP_STRING([--disable-waproamd], [Disable building of waproamd]), @@ -119,19 +109,5 @@ AC_ARG_ENABLE(waproamd, *) AC_MSG_ERROR([bad value ${enableval} for --disable-waproamd]) ;; esac], [waproamd=yes]) -if test x$aeswepd = xno && test x$waproamd = xno ; then - AC_MSG_ERROR([*** If you build neither aeswepd nor waproamd, nothing gets built ***]) -fi - -if test x$aeswepd = xyes && test x$MCRYPT != x1 ; then - AC_MSG_ERROR([*** Sorry, you have to install libmcrypt or use --disable-aeswepd ***]) -fi - -AM_CONDITIONAL([BUILD_AESWEPD], [test "x$aeswepd" = xyes]) -AM_CONDITIONAL([BUILD_WAPROAMD], [test "x$waproamd" = xyes]) - -AC_CONFIG_FILES([src/Makefile Makefile conf/Makefile doc/Makefile]) # man/Makefile doc/Makefile doc/README.html]) +AC_CONFIG_FILES([src/Makefile Makefile conf/Makefile doc/Makefile man/Makefile]) # doc/README.html]) AC_OUTPUT - -AC_MSG_NOTICE([*** aeswepd is built: $aeswepd ***]) -AC_MSG_NOTICE([*** waproamd is built: $waproamd ***]) diff --git a/doc/Makefile.am b/doc/Makefile.am index d36fe90..c0a962e 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -16,5 +16,20 @@ # along with waproamd; if not, write to the Free Software Foundation, # Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. -EXTRA_DIST=README +noinst_DATA = README.html README +EXTRA_DIST = $(noinst_DATA) style.css README.html.in +MAINTAINERCLEANFILES = README README.html +CLEANFILES = + +if USE_LYNX +README: README.html + lynx --dump $^ | sed 's,file://localhost/.*/doc/README.html,README,' > $@ + +CLEANFILES += README +endif + +tidy: README.html + tidy -e < README.html + +.PHONY: tidy diff --git a/man/Makefile.am b/man/Makefile.am new file mode 100644 index 0000000..0ff9a4d --- /dev/null +++ b/man/Makefile.am @@ -0,0 +1,43 @@ +# $Id$ + +# This file is part of waproamd. +# +# waproamd is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# waproamd is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with waproamd; if not, write to the Free Software Foundation, +# Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. + +man_MANS = waproamd.8 waproamd.conf.5 + +noinst_DATA = waproamd.8.xml waproamd.conf.5.xml + +EXTRA_DIST = $(man_MANS) waproamd.8.xml.in waproamd.conf.5.xml.in man.css man.xsl + +CLEANFILES = waproamd.8.xml waproamd.conf.5.xml + +waproamd.8.xml: waproamd.8.xml.in Makefile + sed -e 's,@sysconfdir\@,$(sysconfdir),g' -e 's,@sbindir\@,$(sbindir),g' -e 's,@PACKAGE_BUGREPORT\@,$(PACKAGE_BUGREPORT),g' -e 's,@PACKAGE_URL\@,$(PACKAGE_URL),g' $< > $@ + +waproamd.conf.5.xml: waproamd.conf.5.xml.in Makefile + sed -e 's,@sysconfdir\@,$(sysconfdir),g' -e 's,@sbindir\@,$(sbindir),g' -e 's,@PACKAGE_BUGREPORT\@,$(PACKAGE_BUGREPORT),g' -e 's,@PACKAGE_URL\@,$(PACKAGE_URL),g' $< > $@ + +if USE_XMLTOMAN + +CLEANFILES += $(man_MANS) + +waproamd.conf.5: waproamd.conf.5.xml Makefile + xmltoman $< > $@ + +waproamd.8: waproamd.8.xml Makefile + xmltoman $< > $@ + +endif diff --git a/man/waproamd.8.xml.in b/man/waproamd.8.xml.in new file mode 100644 index 0000000..73ff3ea --- /dev/null +++ b/man/waproamd.8.xml.in @@ -0,0 +1,203 @@ + + + + + + + + + + + + waproamd [options] + + +

waproamd is a roaming daemon for wireless NICs + supporting the Linux wireless extensions. It is intended to + configure the WEP keys according to the networks found.

+ +

As long as the local NIC is not associated to any wireless + network waproamd scans iteratively for them. If one is detected, + a script in @sysconfdir@/waproamd/scripts/ named + after the MAC address of the access point is called. If this + script is not existent, + @sysconfdir@/waproamd/scripts/default is called + instead. The first argument to this script is "start". If the + association is lost, the same script is run with the argument + "stop". While the NIC is associated no scans are issued.

+ +

waproamd is intended to be used together with + ifplugd. Whenever an association succeeds, ifplugd detects it + and runs further configuration commands for it.

+ +

If multiple WLANs are detected at the same time, the network + which is detected by the hardware first is selected. However, + networks where a matching script exists take precedence.

+ +

waproamd requires a network driver supporting the Linux + wireless extensions v15 or newer. The driver needs to support + scanning for wireless networks, which may be tested by running + "iwlist scan". If the driver supports the wireless event + subsystem, waproamd may use it to improve latency + behaviour. It is not required, however.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +

@sysconfdir@/waproamd/waproamd.conf: this file is sourced + by the init script @sysconfdir@/init.d/waproamd and + contains the interface to be monitored and the options to be + used.

+ +

@sysconfdir@/waproamd/scripts/<AP MAC + address>: this is called whenever a wireless network + controlled by an AP with a matching address is detected. The MAC + address is formatted lowercase. Takes the same arguments as the + following script:

+ +

@sysconfdir@/waproamd/scripts/default: this is + the script which is called whenever no script named after the + AP MAC address is found. It takes a single argument: either + "start" or "stop". An environment variable AP is set to the + MAC address of the access point found. An environment variable + IFACE is set to the network interface name. The default + implementation of this script looks for a file + @sysconfdir@/waproamd/keys/<AP MAC + address>.wep. If it exists its contents is used to + set the WEP key of the NIC. Otherwise the script looks for a + file @sysconfdir@/waproamd/keys/<AP + MAC address>.aes. If it exists the AES WEP rekeying daemon + is called. Otherwise WEP + encryption is disabled.

+ + +

/var/run/waproamd.<iface>.pid: the pid file + for waproamd.

+ +
+
+

SIGINT, SIGTERM, SIGTQUIT waproamd will quit. This is issued by passing -k to waproamd.

+

SIGHUP waproamd will rescan for available networks immediately.

+
+ +
+

waproamd was written by Lennart Poettering + <@PACKAGE_BUGREPORT@>. waproamd is available + at +

+
+ +
+

+ , , , +

+
+ +
+

This man page was written using by Oliver Kurth.

+
+ + diff --git a/man/waproamd.conf.5.xml.in b/man/waproamd.conf.5.xml.in new file mode 100644 index 0000000..91e629b --- /dev/null +++ b/man/waproamd.conf.5.xml.in @@ -0,0 +1,78 @@ + + + + + + + + + + + + @sysconfdir@/waproamd/waproamd.conf + + + +

waproamd.conf is the configuration file for waproamd. It is a + shell script that is sourced by the init script starting + the daemon. It shall be used to set environment variables which + are interpreted by the init script:

+ + + + + + + + + + + + +
+

+ +

+
+ +
+

This man page was written using by Oliver Kurth.

+
+ + diff --git a/man/xmltoman.css b/man/xmltoman.css new file mode 100644 index 0000000..e96806b --- /dev/null +++ b/man/xmltoman.css @@ -0,0 +1,30 @@ +/* $Id$ */ + +/*** + This file is part of waproamd. + + waproamd is free software; you can redistribute it and/or modify it under + the terms of the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + waproamd is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + for more details. + + You should have received a copy of the GNU General Public License + along with waproamd; if not, write to the Free Software Foundation, + Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. +***/ + +body { color: black; background-color: white; margin: 0.5cm; } +a:link, a:visited { color: #900000; } +h1 { text-transform:uppercase; font-size: 18pt; color: #00009F; } +p { margin-left:1cm; margin-right:1cm; } +.cmd { font-family:monospace; } +.file { font-family:monospace; } +.arg { text-transform:uppercase; font-family:monospace; font-style: italic; } +.opt { font-family:monospace; font-weight: bold; } +.manref { font-family:monospace; } +.option .optdesc { margin-left:2cm; } diff --git a/man/xmltoman.xsl b/man/xmltoman.xsl new file mode 100644 index 0000000..5e556f8 --- /dev/null +++ b/man/xmltoman.xsl @@ -0,0 +1,120 @@ + + + + + + + + <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> + + + + + + <xsl:value-of select="@name"/>(<xsl:value-of select="@section"/>) + + + + +

Name

+

+ + - + +

+ + + + + + +

+ +

+ + + +

+ +

+ + + + + + + + + + + + + + + +
+ +
+ + + +

Synopsis

+ + + + +

Synopsis

+ + + + +

Description

+ + + + +

Options

+ + + + +

+ + + + +
+ + + + + + () + + + () + + + + + + + + + diff --git a/src/Makefile.am b/src/Makefile.am index 3c059ec..5d92e5e 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -18,10 +18,7 @@ AM_CFLAGS = -DSYSCONFDIR="\"$(sysconfdir)\"" -sbin_PROGRAMS = - -if BUILD_WAPROAMD -sbin_PROGRAMS += waproamd +sbin_PROGRAMS = waproamd waproamd_SOURCES = waproamd.c waproamd.h \ interface.c interface.h \ @@ -33,24 +30,6 @@ waproamd_SOURCES = waproamd.c waproamd.h \ ifmonitor.c ifmonitor.h \ wireless.h wireless.15.h \ netlink.h rtnetlink.h -endif - -if BUILD_AESWEPD -sbin_PROGRAMS += aeswepd - -aeswepd_SOURCES = aeswepd.c aeswepd.h \ - aes.c aes.h \ - interface.c interface.h \ - iwkey.c iwkey.h \ - util.c util.h \ - wireless.h wireless.15.h \ - netlink.h rtnetlink.h - -aeswepd_LDADD = -lmcrypt - -install-exec-hook: - cd $(DESTDIR)/$(sbindir) && ln -sf aeswepd aeswepls -endif svnkeywords: svn propset svn:keywords Id *.c *.h Makefile.am diff --git a/src/aes.c b/src/aes.c deleted file mode 100644 index 80d7cd5..0000000 --- a/src/aes.c +++ /dev/null @@ -1,113 +0,0 @@ -/* $Id$ */ - -/* - * This file is part of waproamd. - * - * waproamd is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * waproamd is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with waproamd; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - */ - -#include -#include -#include -#include -#include - -#include - -#include "aes.h" -#include "util.h" -#include "aeswepd.h" - -#define MAX_CACHE 10 - -static MCRYPT m = MCRYPT_FAILED; - - -struct cache_entry { - uint8_t key[AES_KEY_LEN]; - uint8_t data[AES_KEY_LEN]; - uint8_t result[AES_KEY_LEN]; - time_t timestamp; -}; - -static struct cache_entry cache[MAX_CACHE]; -static int n_cache = 0; - -int aes_crypt(uint8_t *key, uint8_t *data, uint8_t *result) { - int r, j; - struct cache_entry *e; - time_t now; - - for (j = 0; j < n_cache; j++) - if (!memcmp(cache[j].key, key, AES_KEY_LEN) && !memcmp(cache[j].data, data, AES_KEY_LEN)) { - memcpy(result, cache[j].result, AES_KEY_LEN); - return 0; - } - - if (m == MCRYPT_FAILED) { - if ((m = mcrypt_module_open("rijndael-128", NULL, "ecb", NULL)) == MCRYPT_FAILED) { - daemon_log(LOG_ERR, "Failed to open rijndael mcrypt module\n"); - return -1; - } - } - - if ((r = mcrypt_generic_init(m, key, AES_KEY_LEN, NULL)) != 0) { - daemon_log(LOG_ERR, "Failed to encrypt: %s\n", mcrypt_strerror(r)); - return -1; - } - - memcpy(result, data, AES_KEY_LEN); - if (mcrypt_generic(m, result, AES_KEY_LEN) != 0) { - daemon_log(LOG_ERR, "mdecrypt_generic() failed.\n"); - return -1; - } - - if (mcrypt_generic_deinit(m) != 0) { - daemon_log(LOG_ERR, "mdecrypt_generic() failed.\n"); - return -1; - } - - now = time(NULL); - - if (n_cache < n_max_keys) - e = &cache[n_cache++]; - else { - if (n_cache > n_max_keys) - n_cache = n_max_keys; - - e = NULL; - for (j = 0; j < n_cache; j++) - if (!e || cache[j].timestamp < e->timestamp) - e = &cache[j]; - } - - memcpy(e->key, key, AES_KEY_LEN); - memcpy(e->data, data, AES_KEY_LEN); - memcpy(e->result, result, AES_KEY_LEN); - e->timestamp = now; - - return 0; -} - -int aes_done(void) { - if (m != MCRYPT_FAILED) { - mcrypt_module_close(m); - m = MCRYPT_FAILED; - } - - n_cache = 0; - - return 0; -} diff --git a/src/aes.h b/src/aes.h deleted file mode 100644 index 8d0f25a..0000000 --- a/src/aes.h +++ /dev/null @@ -1,29 +0,0 @@ -#ifndef fooaeshfoo -#define fooaeshfoo - -/* $Id$ */ - -/* - * This file is part of waproamd. - * - * waproamd is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * waproamd is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with waproamd; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - */ - -#include - -int aes_crypt(uint8_t *key, uint8_t *data, uint8_t *result); -int aes_done(void); - -#endif diff --git a/src/aeswepd.c b/src/aeswepd.c deleted file mode 100644 index d144977..0000000 --- a/src/aeswepd.c +++ /dev/null @@ -1,599 +0,0 @@ -/* $Id$ */ - -/* - * This file is part of waproamd. - * - * waproamd is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * waproamd is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with waproamd; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - */ - -#define _GNU_SOURCE - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "aes.h" -#include "aeswepd.h" -#include "iwkey.h" -#include "interface.h" -#include "util.h" - -uint8_t aes_key[AES_KEY_LEN]; -int rekey_time = 15*60; -int n_max_keys = 3; -int key_map[MAX_WEP_KEYS]; -char *interface_name = NULL; -int daemonize = 1, use_syslog = 1, wait_on_fork = 0, use_status_file = 1; -char log_ident[32], pid_ident[32]; - -FILE *status_file = NULL; - -const char *get_status_file_name(void) { - static int init = 0; - static char path[PATH_MAX]; - - if (!init) { - snprintf(path, sizeof(path), "%s/status.%s", VARLIBAESWEPD, interface_name); - init = 1; - } - - return path; -} - - -int do_list_keys(void) { - FILE *f; - char ln[256]; - - if (!(f = fopen(get_status_file_name(), "r"))) { - daemon_log(LOG_ERR, "Failed to open '%s': %s", get_status_file_name(), strerror(errno)); - return -1; - } - - while (fgets(ln, sizeof(ln), f)) - fputs(ln, stdout); - - fclose(f); - return 0; -} - -int wep_key_calc(uint32_t t, uint8_t w[WEP_KEY_LEN]) { - uint8_t data[AES_KEY_LEN], result[AES_KEY_LEN]; - uint32_t v = t; - int i, shift; - - for (i = 0, shift = 0; i < AES_KEY_LEN; i++) { - data[i] = (uint8_t) (v >> shift); - - if ((shift += 8) >= sizeof(v)*8) - shift = 0; - } - - if (aes_crypt(aes_key, data, result) < 0) { - daemon_log(LOG_ERR, "aes_crypt() failed!"); - return -1; - } - - memset(w, 0, WEP_KEY_LEN); - memcpy(w, result, MIN(WEP_KEY_LEN, AES_KEY_LEN)); - - return 0; -} - -int print_wep_key(FILE *f, int t, uint8_t wep[WEP_KEY_LEN]) { - time_t rt = t*rekey_time; - fprintf(f, "%10i: Starting %s\t WEP: ", t, ctime(&rt)); - print_hex(f, wep, WEP_KEY_LEN); - fprintf(f, "\n"); - return 0; -} - - -int rekey(struct interface *i, time_t now, time_t *next_rekey) { - uint8_t w[WEP_KEY_LEN]; - uint32_t t; - - assert(i && n_max_keys >= 1 && next_rekey); - - t = now/rekey_time; - - daemon_log(LOG_ERR, "Rekeying for %i", t); - - if (status_file) { - rewind(status_file); - ftruncate(fileno(status_file), 0); - } - - if (wep_key_calc(t, w) < 0) - return -1; - - if (wep_key_add(i, w) < 0) - return -1; - - if (status_file) - print_wep_key(status_file, t, w); - - if (n_max_keys >= 3) { - if (wep_key_calc(t-1, w) < 0) - return -1; - - if (wep_key_add(i, w) < 0) - return -1; - - if (status_file) - print_wep_key(status_file, t-1, w); - - if (wep_key_calc(t+1, w) < 0) - return -1; - - if (wep_key_add(i, w) < 0) - return -1; - - if (status_file) - print_wep_key(status_file, t+1, w); - } - - if (status_file) - fflush(status_file); - - if (wep_key_finish(i) < 0) - return -1; - - *next_rekey = (t+1)*rekey_time; - - return 0; -} - -int go(struct interface *i) { - time_t next_rekey = 0; - int send_retval = 1; - fd_set fds; - time_t now = time(NULL); - int sigfd, r = -1; - - daemon_log(LOG_INFO, "aeswepd "VERSION" initializing. (rekey_time=%i)", rekey_time); - - if (daemon_pid_file_create() < 0) { - daemon_log(LOG_ERR, "Could not create PID file %s.", daemon_pid_file_proc()); - goto finish; - } - - if (daemon_signal_init(SIGINT, SIGTERM, SIGQUIT, SIGHUP, -1) < 0) { - daemon_log(LOG_ERR, "Could not register signal handler: %s", strerror(errno)); - goto finish; - } - - if (use_status_file) { - mode_t u; - - u = umask(077); - status_file = fopen(get_status_file_name(), "w"); - umask(u); - - if (!status_file) { - daemon_log(LOG_WARNING, "Failed to open status file '%s', doing without: %s", get_status_file_name(), strerror(errno)); - use_status_file = 0; - } - } - - if (rekey(i, now, &next_rekey) < 0) - goto finish; - - daemon_log(LOG_INFO, "aeswepd successfully initialized."); - - if (daemonize && wait_on_fork) { - daemon_retval_send(0); - send_retval = 0; - } - - FD_ZERO(&fds); - FD_SET(sigfd = daemon_signal_fd(), &fds); - - for (;;) { - fd_set qfds; - struct timeval tv; - now = time(NULL); - - if (next_rekey < now) { - if (rekey(i, now, &next_rekey) < 0) - return -1; - } - - qfds = fds; - - now = time(NULL); - tv.tv_sec = next_rekey > now ? next_rekey - now : 0; - tv.tv_usec = 0; - - if (select(sigfd+1, &qfds, NULL, NULL, &tv) < 0) { - if (errno == EINTR) - continue; - - daemon_log(LOG_ERR, "select() failed: %s\n", strerror(errno)); - return -1; - } - - - if (FD_ISSET(sigfd, &qfds)) { - int sig; - - if ((sig = daemon_signal_next()) < 0) { - daemon_log(LOG_ERR, "daemon_signal_next(): %s", strerror(errno)); - goto finish; - } - - - switch (sig) { - - case SIGINT: - case SIGTERM: - case SIGQUIT: - r = 0; - goto finish; - - case SIGHUP: - next_rekey = 0; - break; - - default: - daemon_log(LOG_INFO, "Ignoring unknown signal %s", strsignal(sig)); - break; - - } - } - } - - r = 0; - -finish: - - if (status_file) { - fclose(status_file); - unlink(get_status_file_name()); - } - - if (send_retval && daemonize && wait_on_fork) - daemon_retval_send(1); - - daemon_pid_file_remove(); - daemon_signal_done(); - - daemon_log(LOG_INFO, "Exiting."); - - return r; -} - -void usage(char *p) { - if (strrchr(p, '/')) - p = strchr(p, '/')+1; - - printf("%s -- AES Rekeying Daemon for IEEE 802.11b WEP\n\n" - "Usage: %s [options]\n\n" - "Options:\n" - " -n --no-daemon Do not daemonize (for debugging) (%s)\n" - " -s --no-syslog Do not use syslog, use stderr instead (for debugging) (%s)\n" - " -i --iface=IFACE Specify network interface (%s)\n" - " -t --rekey-time=SECS Specify rekeying interval in seconds (%i)\n" - " -K --key=KEY Specify AES key (don't use this!)\n" - " -F --key-file=KEYFILE File to read key from\n" - " -E --key-env=KEYENV Specify environment variable to read key from\n" - " -m --max-keys=NR Specify the number of keys to use concurrently (%i)\n" - " -w --wait-on-fork Wait until daemon fork finished (%s)\n" - " -l --list-keys Show keys of running daemon\n" - " -h --help Show this help\n" - " -k --kill Kill a running daemon\n" - " -c --check-running Check if a daemon is currently running\n" - " -v --version Show version\n\n" - " : A %i byte AES key as hexadecimal string\n", - p, p, - !daemonize ? "on" : "off", - !use_syslog ? "on" : "off", - interface_name, - rekey_time, - n_max_keys, - wait_on_fork ? "on" : "off", - AES_KEY_LEN); -} - -void parse_args(int argc, char *argv[]) { - static struct option long_options[] = { - {"no-daemon", no_argument, 0, 'n'}, - {"no-syslog", no_argument, 0, 's'}, - {"iface", required_argument, 0, 'i'}, - {"rekey-time", required_argument, 0, 't'}, - {"max-keys", required_argument, 0, 'm'}, - {"wait-on-fork", no_argument, 0, 'w'}, - {"help", no_argument, 0, 'h'}, - {"kill", no_argument, 0, 'k'}, - {"check-running", no_argument, 0, 'c'}, - {"version", no_argument, 0, 'v'}, - {"list-keys", no_argument, 0, 'l'}, - {"key", no_argument, 0, 'K'}, - {"key-file", no_argument, 0, 'F'}, - {"key-env", no_argument, 0, 'E'}, - {0, 0, 0, 0} - }; - int option_index = 0; - int _help = 0, _kill = 0, _check = 0, _version = 0, r, _list_keys = 0, _key_set = 0; - char ln[64]; - char *b; - - if ((b = strrchr(argv[0], '/'))) - b++; - else - b = argv[0]; - - - if (strcmp(b, "aeswepls") == 0) - _list_keys = 1; - - memset(aes_key, sizeof(aes_key), 0); - - for (;;) { - int c; - - if ((c = getopt_long(argc, argv, "nsi:t:m:whkcvlK:F:E:", long_options, &option_index)) < 0) - break; - - switch (c) { - case 'n' : - daemonize = !daemonize; - break; - case 's' : - use_syslog = !use_syslog; - break; - case 'i' : - if (interface_name) - free(interface_name); - - interface_name = strdup(optarg); - break; - case 't': - if ((rekey_time = atoi(optarg)) <= 0) { - daemon_log(LOG_ERR, "Rekey time too short.\n"); - exit(1); - } - break; - case 'm': - n_max_keys = atoi(optarg); - if (n_max_keys <= 0 || n_max_keys > 4) { - daemon_log(LOG_ERR, "--max-keys has to be between 1 and 4\n"); - exit(1); - } - break; - case 'w': - wait_on_fork = !wait_on_fork; - break; - case 'h': - _help = 1; - break; - case 'k': - _kill = 1; - break; - case 'c': - _check = 1; - break; - case 'v': - _version = 1; - break; - case 'l': - _list_keys = 1; - break; - - case 'K': - daemon_log(LOG_WARNING, "WARNING: Don't use the --key option, other local users might peek on 'ps'. Proceeding"); - strncpy(ln, optarg, sizeof(ln)-1); - ln[sizeof(ln)-1] = 0; - _key_set = 1; - memset(optarg, 'X', strlen(optarg)); - break; - - case 'E': - if (!getenv(optarg)) { - daemon_log(LOG_ERR, "Environment variable for key '%s' not existent.", optarg); - exit(1); - } - - strncpy(ln, getenv(optarg), sizeof(ln)-1); - ln[sizeof(ln)-1] = 0; - _key_set = 1; - unsetenv(optarg); - break; - - case 'F':{ - FILE *f; - struct stat st; - - if (!(f = fopen(optarg, "r"))) { - daemon_log(LOG_ERR, "Could not open key file '%s': %s", optarg, strerror(errno)); - exit(1); - } - - if (fstat(fileno(f), &st) < 0) { - daemon_log(LOG_ERR, "Failed to stat file '%s': %s", optarg, strerror(errno)); - exit(1); - } - - if (st.st_mode & 077 || st.st_uid != 0) { - daemon_log(LOG_ERR, "Key file '%s' must be owned by root and have an access mode of 0700 or less.", optarg); - exit(1); - } - - ln[0] = 0; - fgets(ln, sizeof(ln), f); - fclose(f); - ln[strcspn(ln, " \n\r\t")] = 0; - _key_set = 1; - break; - } - - default: - daemon_log(LOG_ERR, "Unknown parameter.\n"); - exit(1); - } - } - - if (!interface_name) - interface_name = strdup("wlan0"); - - snprintf(pid_ident, sizeof(pid_ident), "aeswepd.%s", interface_name); - daemon_pid_file_ident = pid_ident; - snprintf(log_ident, sizeof(log_ident), "aeswepd(%s)", interface_name); - daemon_log_ident = log_ident; - - - if (_help) { - usage(argv[0]); - exit(0); - } - - if (_kill) { - if (daemon_pid_file_kill(SIGINT) < 0) { - daemon_log(LOG_ERR, "Failed to kill daemon. (%s)", strerror(errno)); - exit(6); - } - - exit(0); - } - - if (_version) { - printf("aeswepd "VERSION"\n"); - exit(0); - } - - if (_check) { - pid_t pid = daemon_pid_file_is_running(); - - if (pid == (pid_t) -1) - printf("aeswepd not running.\n"); - else - printf("aeswepd process for device %s running as pid %u.\n", interface_name, pid); - - exit(pid == 0 ? 255 : 0); - } - - if (_list_keys) { - if (daemon_pid_file_is_running() == (pid_t) -1) { - daemon_log(LOG_ERR, "Daemon not running!"); - exit(1); - } - - do_list_keys(); - exit(0); - } - - if (!_key_set) { - daemon_log(LOG_ERR, "Not AES key specified!"); - exit(1); - } - - if ((r = parse_hex(ln, aes_key, sizeof(aes_key))) < 0) { - daemon_log(LOG_ERR, "Failed to parse AES key at position %i!", -r-1); - exit(1); - } - - if (r != 16) { - daemon_log(LOG_ERR, "AES key to short: 16 bytes required, %i bytes read", r); - exit(1); - } - - if (!use_syslog) - daemon_log_use = DAEMON_LOG_STDERR; -} - -int main(int argc, char *argv[]) { - struct interface *i = NULL; - int r = 1, j; - pid_t pid; - - daemon_pid_file_ident = daemon_log_ident = daemon_ident_from_argv0(argv[0]); - - parse_args(argc, argv); - - if (geteuid() != 0) { - daemon_log(LOG_ERR, "Sorry, you need to be root to run this binary."); - goto finish; - } - - if ((pid = daemon_pid_file_is_running()) >= 0) { - daemon_log(LOG_ERR, "Daemon already running on PID file %u", pid); - goto finish; - - } - - if (daemonize) { - pid_t pid; - - if (wait_on_fork) - if (daemon_retval_init() < 0) { - daemon_log(LOG_ERR, "Sorry, could not create pipe: %s", strerror(errno)); - goto finish; - } - - if ((pid = daemon_fork()) < 0) - goto finish; - - if (pid) { - int c = 0; - - // Parent process - - if (wait_on_fork) - if ((c = daemon_retval_wait(60)) < 0) { - daemon_log(LOG_WARNING, "Killing background process."); - kill(pid, SIGTERM); - } - - r = c; - goto finish; - } - } - - - for (j = 0; j < MAX_WEP_KEYS; j++) - key_map[j] = j; - - if (!(i = interface_open(interface_name)) < 0) - goto finish; - - if (go(i) < 0) - goto finish; - - r = 0; - -finish: - - if (i) - interface_close(i); - - if (interface_name) - free(interface_name); - - return r; -} diff --git a/src/aeswepd.h b/src/aeswepd.h deleted file mode 100644 index 0313ed6..0000000 --- a/src/aeswepd.h +++ /dev/null @@ -1,41 +0,0 @@ -#ifndef fooaeswepdhfoo -#define fooaeswepdhfoo - -/* $Id$ */ - -/* - * This file is part of waproamd. - * - * waproamd is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * waproamd is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with waproamd; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - */ - -#include - -#define WEP_KEY_LEN 13 -#define AES_KEY_LEN 16 -#define MAX_WEP_KEYS 16 - -extern int n_max_keys; -extern int key_map[MAX_WEP_KEYS]; - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifndef VARLIBAESWEPD -#define VARLIBAESWEPD "/var/lib/aeswepd" -#endif - -#endif diff --git a/src/iwkey.c b/src/iwkey.c deleted file mode 100644 index a3403a8..0000000 --- a/src/iwkey.c +++ /dev/null @@ -1,109 +0,0 @@ -/* $Id$ */ - -/* - * This file is part of waproamd. - * - * waproamd is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * waproamd is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with waproamd; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - */ - -#include -#include -#include -#include -#include - -#include - -#include "iwkey.h" -#include "wireless.h" -#include "util.h" - -static int n_used_keys = 0; - -int wep_key_add(struct interface *i, uint8_t w[WEP_KEY_LEN]) { - struct iwreq req; - assert(i); - - if (n_used_keys >= n_max_keys) { - daemon_log(LOG_ERR, "Too many keys added!\n"); - return -1; - } - - memset(&req, 0, sizeof(req)); - strncpy(req.ifr_ifrn.ifrn_name, i->name, IFNAMSIZ); - - req.u.encoding.pointer = w; - req.u.encoding.length = WEP_KEY_LEN; - req.u.encoding.flags = key_map[n_used_keys++]+1; - - if (ioctl(i->fd, SIOCSIWENCODE, &req) < 0) { - daemon_log(LOG_ERR, "ioctl(SIOCSIWENCODE): %s\n", strerror(errno)); - return -1; - } - - return 0; -} - -int wep_key_finish(struct interface *i) { - struct iwreq req; - assert(i); - - if (n_used_keys) { - uint8_t tmp[WEP_KEY_LEN]; - int j; - - memset(&req, 0, sizeof(req)); - strncpy(req.ifr_ifrn.ifrn_name, i->name, IFNAMSIZ); - - req.u.encoding.pointer = tmp; - req.u.encoding.length = WEP_KEY_LEN; - req.u.encoding.flags = (key_map[n_used_keys-1]+1); - - if (ioctl(i->fd, SIOCGIWENCODE, &req) < 0) { - daemon_log(LOG_ERR, "ioctl(SIOCGIWENCODE): %s\n", strerror(errno)); - return -1; - } - - for (j = n_used_keys; j < n_max_keys; j++) { - memset(&req, 0, sizeof(req)); - strncpy(req.ifr_ifrn.ifrn_name, i->name, IFNAMSIZ); - - req.u.encoding.pointer = tmp; - req.u.encoding.length = WEP_KEY_LEN; - req.u.encoding.flags = (key_map[j]+1); - - if (ioctl(i->fd, SIOCSIWENCODE, &req) < 0) { - daemon_log(LOG_ERR, "ioctl(SIOCSIWENCODE): %s\n", strerror(errno)); - return -1; - } - } - } - - memset(&req, 0, sizeof(req)); - strncpy(req.ifr_ifrn.ifrn_name, i->name, IFNAMSIZ); - - req.u.encoding.pointer = NULL; - req.u.encoding.length = 0; - req.u.encoding.flags = IW_ENCODE_RESTRICTED; - - if (ioctl(i->fd, SIOCSIWENCODE, &req) < 0) { - daemon_log(LOG_ERR, "ioctl(SIOCSIWENCODE): %s\n", strerror(errno)); - return -1; - } - - n_used_keys = 0; - - return 0; -} diff --git a/src/iwkey.h b/src/iwkey.h deleted file mode 100644 index 3b39f7e..0000000 --- a/src/iwkey.h +++ /dev/null @@ -1,31 +0,0 @@ -#ifndef fooiwkeyhfoo -#define fooiwkeyhfoo - -/* $Id$ */ - -/* - * This file is part of waproamd. - * - * waproamd is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * waproamd is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with waproamd; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - */ - -#include -#include "interface.h" -#include "aeswepd.h" - -int wep_key_add(struct interface *i, uint8_t w[WEP_KEY_LEN]); -int wep_key_finish(struct interface *i); - -#endif diff --git a/src/waproamd.c b/src/waproamd.c index f96288a..51532a8 100644 --- a/src/waproamd.c +++ b/src/waproamd.c @@ -451,7 +451,7 @@ void usage(char *p) { if (strrchr(p, '/')) p = strchr(p, '/')+1; - printf("%s -- Wireless Access Point Roaming Daemon for 802.11b\n\n" + printf("%s -- Wireless Access Point Roaming Daemon for WLAN IEEE 802.11\n\n" "Usage: %s [options]\n\n" "Options:\n" " -n --no-daemon Do not daemonize (for debugging) (%s)\n" @@ -460,8 +460,8 @@ void usage(char *p) { " -w --wait-on-fork Wait until daemon fork finished (%s)\n" " -M --monitor Use interface monitoring (%s)\n" " -e --no-event Don't use wireless event API (%s)\n" - " -t --scan-interval Specify scan interval (%i)\n" - " -p --poll-interval Specify association poll interval, unless using -e (%i)\n" + " -t --scan-interval=SECS Specify scan interval (%i)\n" + " -p --poll-interval=SECS Specify association poll interval, unless using -e (%i)\n" " -h --help Show this help\n" " -k --kill Kill a running daemon\n" " -c --check-running Check if a daemon is currently running\n" -- cgit