dot1x.cpp

用于ubuntu登陆客户端为华为802.1X的校园网

#include "dot1x.h"

#include "pcap.h"
#include "md5.h"

#include <ctime>
#include <netinet/in.h>

#include <sys/types.h>
#include <sys/param.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/times.h>
#include <net/if.h>
#include <netinet/in.h>
#include <net/if_arp.h>
#include <arpa/inet.h>
#include <string.h>
#include <iostream>
#include <cstdlib> 

#define LOWORD(i)((WORD)(i))  
#define HIWORD(i)((WORD)(((DWORD)(i)>>16)&0xffff)) 

#define LOBYTE(i)((BYTE)(i))  
#define HIBYTE(i)((BYTE)(((WORD)(i)>>8)&0xff)) 

long GetTickCount()
{
    tms tm;
    return times(&tm);
}


namespace NetworkOperation {
using namespace std;

int GetSystemInterfaceInfo(InterfaceInfo * infoarray) 
{
	int fd, intrface, retn = 0;
	struct ifreq buf[MAXINTERFACES];
	struct arpreq arp;
	struct ifconf ifc;

	int interfacenum;
	if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) >= 0) {
	    ifc.ifc_len = sizeof buf;
	    ifc.ifc_buf = (caddr_t) buf;
	    if (!ioctl(fd, SIOCGIFCONF, (char *) &ifc)) {
			interfacenum = ifc.ifc_len / sizeof(struct ifreq);
	
			for (int i = 0; i < interfacenum; i++) {
				infoarray[i].name = buf[i].ifr_name;
	
				/*Get IP of the net card */
	
				if (!(ioctl(fd, SIOCGIFADDR, (char *) &buf[i]))) {
					infoarray[i].ipaddr = inet_ntoa(
						((struct sockaddr_in *) (&buf[i].ifr_addr))->sin_addr);
				} else {
					infoarray[i].ipaddr = "";
				}
	
				/*Get HW ADDRESS of the net card */
	
				if (!(ioctl(fd, SIOCGIFHWADDR, (char *) &buf[i]))) {
					for (int j = 0; j < 6; j++) {
						infoarray[i].macaddr[j] =
						(unsigned char) buf[i].ifr_hwaddr.sa_data[j];
					}
	
				} else {
					infoarray[i].macaddr[0] = -1;
				}
			}

	    } else {
			interfacenum = -1;
	    }
	} else {
	    interfacenum = -2;
	}

	close(fd);

	return interfacenum;
}

HuaweiNetwork::HuaweiNetwork(const string &username, const string &passwd,
				 const string &interfacename, int *ip, int *mac, int bRenew)
{
	USERDATA *m_pData = &m_Data;
	strcpy(m_pData->username, username.c_str());
	strcpy(m_pData->password, passwd.c_str());
	strcpy(m_pData->nic, interfacename.c_str());

	m_pData->ip[0] = ip[0];
	m_pData->ip[1] = ip[1];
	m_pData->ip[2] = ip[2];
	m_pData->ip[3] = ip[3];

	m_pData->mac[0] = mac[0];
	m_pData->mac[1] = mac[1];
	m_pData->mac[2] = mac[2];
	m_pData->mac[3] = mac[3];
	m_pData->mac[4] = mac[4];
	m_pData->mac[5] = mac[5];

	m_pData->morb = 0;
	m_pData->dhcp = bRenew;
	m_pData->multisend = 0;
	m_pData->updateip = 1;
	m_pData->relogin = 0;

	m_fp = NULL;		/* network interface device */

	//u_char mcast[6] = { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 };	/* multicast address */
	u_char mcast[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };     /* here mcast stands for broadcast address  */

        memcpy(m_DestMac, mcast, 6);	/* here destination address is  broadcast address */ 
	char cver[14] =
	    { 'C', 'H', ' ', 'V', '2', '.', '4', '0', '-', '0', '3', '2', '6', 0 };
	memcpy(m_ClientVersion, cver, 14);
	srand(time(0));
}

void HuaweiNetwork::run()
{
	struct pcap_pkthdr *header;
	const u_char *pkt_data;

	int res;
	time_t dwTick, dwOldTick;
	dwTick = dwOldTick = clock();
	int flag = 0;
	
	/*  read frames sequentially */
	while ((res = pcap_next_ex(m_fp, &header, &pkt_data)) >= 0) {

	    if (res == 0) {	// Timeout elapsed
			/* use ::GetTickCount() to get the elapsed time */
			dwTick = clock();
			if (dwTick - dwOldTick >= 90000	//ms
				&& m_Data.relogin == 1) {
				message("Reconnecting...");
				dwOldTick = clock();
			}
			continue;
		}

	    PPKTHDR pbuf = (PPKTHDR) pkt_data;
		/* get the source mac address of the frame received */
	    memcpy(m_DestMac, pbuf->SourMAC, 6);	

	    if (pbuf->Code == EAP_REQUEST) {
			switch (pbuf->EapType) {
				case EAP_KEEPONLINE:
//					message("EAP_KEEPONLINE received.");
					SendKeeponline(pbuf->Id);
					dwOldTick = clock();
					//arak 1+d
		
					break;
				case EAP_NOTIFICATION:
					message("EAP_NOTIFICATION received.");
					SendVersion(pbuf->Id);
					break;
				case EAP_IDENTIFY:
					message("EAP_IDENTIFY received.");
					SendUsername(pbuf->Id);
					//arak 1+d
					break;
				case EAP_MD5:
					message("EAP_MD5 received.");
					SendPassword(pbuf->Id,
						 ((PPASSWORDFRM) pkt_data)->Md5Pwd);
					break;
				default:;
			}
	
			continue;
	    }

	    if (pbuf->Code == EAP_SUCCESS) {

			message("Successfully Login.");
			//                          isonline = true;
			if(m_Data.dhcp)
				Connected();
			continue;
	    }

	    if (pbuf->Code == EAP_FAILURE) {

			if (pbuf->EapType == EAP_LOGOUT) {
				message("Logout!");
				//ConnectionInterrupted();
			} else {
				// Network Failure;
				message((const char *) (pkt_data + 0x18));
				// arak 1+d
				//ConnectionInterrupted();
			}
			break;		//jump out of the loop
	    }

	    if (pbuf->Code == EAP_OTHER) {	//there are three frames to handle

			//获取Token
			if(GetToken((PTOKENFRM)pkt_data))
				continue;

	    	//the former is about the client download address, ignore it
			if (flag == 0) {
				flag = 1;
				continue;
			}
			//append information
			u_char a[0xff] = { 0 };
			memcpy(a, pkt_data + 0x1a, *(pkt_data + 0x11) - 4);
			//a[*(pkt_data +0x11)-3] = '\0';
			for (int i = 0; i < 0xff; i++) {
				if (a[0xff - i] == 0x34) {
				a[0xff - i] = '\t';
				a[0xff - i + 1] = '\n';
				break;
				}
			}
			message((const char *)a);

			continue;
	    }
	}
	CloseAdapter();
}

bool HuaweiNetwork::Connect() {
	message("Initializing Network Adapter...");
	if (!OpenAdapter()) {	/* open adapter, set filter and start the thread */
	    message("Network Adapter Initializing Failed.");
	    return false;
	}

	//start(QThread::HighPriority);

	SendLogin();

	//          Connected();

}

void HuaweiNetwork::DisConnect() {
	//          ConnectionInterrupted();
	if (m_fp) {
	    SendLogout();
	    message("Disconnected.");
	}
}

bool HuaweiNetwork::OpenAdapter() {
	bpf_u_int32 netmask = 0;
	char pcap_filter[100];	//filter space
	struct bpf_program pcap_fp;	//hold the compiled filter.
	char errbuf[PCAP_ERRBUF_SIZE] = "";
	//open adapter
	if (!(m_fp = pcap_open_live(m_Data.nic,	// name of the device
				    256,	// portion of the packet to capture, max 65536
				    0,	// promiscuous mode closed
				    10,	// read timeout
				    errbuf)))	// error buffer
	{
	    //              AfxmessageBox(errbuf);
	    message((const char *) errbuf);
	    return false;
	}
	//set filter to receive frame of 802.1X only
	sprintf(pcap_filter,
		"ether dst %x:%x:%x:%x:%x:%x and ether proto 0x888e",
		m_Data.mac[0], m_Data.mac[1], m_Data.mac[2], m_Data.mac[3],
		m_Data.mac[4], m_Data.mac[5]);
	//  sprintf(pcap_filter, " or ether dst 01:80:c2:00:00:03 and ether proto 0x888e",
	//                                    m_pData->Mac[0],m_pData->Mac[1],m_pData->Mac[2],
	//                                    m_pData->Mac[3],m_pData->Mac[4],m_pData->Mac[5]);

	if (pcap_compile(m_fp, &pcap_fp, pcap_filter, 0, netmask) == -1)
	    return false;

	if (pcap_setfilter(m_fp, &pcap_fp) == -1)
	    return false;

	return true;
}

void HuaweiNetwork::CloseAdapter() {
	if (m_fp != 0) {
	    pcap_close(m_fp);	//shutdown the apdater
	    m_fp = 0;
	}
}

void HuaweiNetwork::SetMd5Buf(PPASSWORDFRM pBuf, const u_char ID, const u_char * chap) {	//digest MD5
	u_char TmpBuf[1 + 64 + 16];
	MD5_CTX md5T;
	u_char digest[16];
	int PasswdLen = strlen(m_Data.password);
	TmpBuf[0] = ID;		//   memcpy(TmpBuf + 0x00, ID, 1);
	memcpy(TmpBuf + 0x01, m_Data.password, PasswdLen);
	memcpy(TmpBuf + 0x01 + PasswdLen, chap, 16);
	md5T.MD5Update(TmpBuf, 17 + PasswdLen);
	md5T.MD5Final(digest);
	memcpy(pBuf->Md5Pwd, digest, 16);
    }

void HuaweiNetwork::InitBuf(u_char * buf) {	//initial every frame
	u_char prototype[3] = { 0x88, 0x8e, 0x01 };

	if (m_Data.multisend == 0x00)	//set destination MAC
	    memcpy(buf, m_DestMac, 6);
	memcpy(buf + 6, m_Data.mac, 6);	//set source MAC
	memcpy(buf + 12, prototype, 3);	//set protocol type and its version
}

bool HuaweiNetwork::SendLogin() {	//send the EAPOL-START frame
	u_char buf[100] = { 0 };