viewvc.cgi/mdap/mdap-server.pl

#!/usr/bin/perl

use warnings;
use strict;
use IO::Socket::Multicast;
use Data::Dump qw/dump/;
use Getopt::Long;

use lib './lib';
use MDAP::ChangeIP;

my $GROUP = '224.0.0.103';
my $PORT  = '3235';

my $debug = 0;
my $quiet = 1;
my $verbose = 0;
my $credentials = 0;

my $resend_search_delay = 3;
my $tftp_path = '/srv/tftp/';

my $flashed_cmd = 'system config led=flash';

GetOptions(
        "port=i"        => \$PORT,
        "group=s"       => \$GROUP,
        "debug!"        => \$debug,
        "quiet!"        => \$quiet,
        "verbose!"      => \$verbose,
        "search=i"      => \$resend_search_delay,
        "tftp=s"        => \$tftp_path,
        "credentials"   => \$credentials,
        "exec=s"        => \$flashed_cmd,
);

$quiet = 0 if $verbose;
$credentials = 1 if $debug;

# tab-delimited list of user id/passwd to try on ants
my @try_accounts = ( "Administrator\t" );

my $passwd_path = $0;
$passwd_path =~ s/[^\/]+$/passwd/;

if (-e $passwd_path) {
        open(my $fh, $passwd_path) || die "can't open $passwd_path: $!";
        while(<$fh>) {
                chomp;
                next if /^#/ || /^$/ || /^\s+$/;
                if (/^\S+\s+\S+$/) {
                        push @try_accounts, $_;
                } else {
                        warn "invalid $passwd_path entry: $_\n";
                }
        }
        print "found ", $#try_accounts + 1, " accounts to try on password protected ants",
                $credentials ? " and display credentials" : "", "\n";
}

warn "search for ants every ${resend_search_delay}s\ntftp server path: $tftp_path\nflashed to current version: $flashed_cmd\n";

sub fw {
        my ($board, $offset,$len) = @_;
        open(my $fh, "$tftp_path/$board") || die "Can't open image $tftp_path/$board: $!";
        my $b;
        seek($fh, $offset, 0) || die "can't seek to $offset: $!";
        read($fh, $b, $len) || die "can't read $len bytes from $offset: $!";
        close($fh);
        return $b;
}

sub fw_build {
        my $board_name = shift || return 0;
        my $v = join('.', unpack('CCCC',fw($board_name,0x20,4)) );
        print "# fw_build $board_name $v\n" unless $quiet;
        return $v;
}

sub fw_exists {
        my $board = shift;
        return -e "$tftp_path/$board";
}

my $sock = IO::Socket::Multicast->new(LocalPort=>$PORT,ReuseAddr=>1);
$sock->mcast_add($GROUP) || die "Couldn't set group: $!\n";
$sock->mcast_ttl(1);

sub ant2hash {
        my $data = shift;
        my $hash;
        map {
                if ( m/:/ ) {
                        my ($n,$v) = split(/:/,$_,2);
                        $hash->{$n} = $v;
                }
        } split(/[\n\r]/, $data);
        return $hash;
}

sub mdap_send {
        my $data = shift;

        my $xor = 0;
        map { $xor ^= ord($_) } split(//,$data);
        $data .= sprintf('%02X', $xor);

        $sock->mcast_send( $data, "${GROUP}:${PORT}" );
        if ($debug) {
                warn ">> ${GROUP}:${PORT} >> ", dump( $data ), $/;
        } elsif( ! $quiet ) {
                $data =~ s/\s+/ /gi;
                warn ">> ", substr($data,0,70), $/;
        }
}

my $ant_passwd;
my $ant_unknown_password;
my $ant_ok_password;
my $ant_flashing;

sub ant_credentials {
        my $ant = shift || die "no ant?";
        my $i = $ant_passwd->{$ant} || 0;
        my ($user_id,$user_pwd) = split(/\t/, $try_accounts[$i]);
        #warn "ant $ant as [$i] $user_id / $user_pwd\n";
        return ($user_id,$user_pwd);
}

sub ant_unknown_password {
        my $ant = shift || die "no ant?";
        if ( $ant_unknown_password->{$ant} ) {
                $ant_unknown_password->{$ant}--;
        }
        return $ant_unknown_password->{$ant};
}

sub ant_another_passwd {
        my $ant = shift || die "no ant?";

        return 0 if ant_unknown_password( $ant );
        return 0 if $ant_ok_password->{$ant};

        $ant_passwd->{$ant}++;

        if ( $ant_passwd->{$ant} > $#try_accounts ) {
                print "$ant ant with unknown password\n";
                $ant_unknown_password->{$ant} = 10;
                $ant_passwd->{$ant} = 0;
                return 0;
        }
        return 1;
}

sub forget_ant {
        my $ant = shift || die "no ant?";
        delete $ant_unknown_password->{$ant};
        delete $ant_passwd->{$ant};
        delete $ant_ok_password->{$ant};
}

my $once;

sub once {
        my $m = join('', @_);
        $once->{$m}++;
        print $m if ($once->{$m} == 1);
}

my $status = '';

sub status {
        my $m = join('', @_);
        if ($m ne $status) {
                print $m;
                $status = $m;
        }
}

local $SIG{ALRM} = sub {
        mdap_send("ANT-SEARCH MDAP/1.1\r\n");
        alarm( $resend_search_delay );
};

alarm( $resend_search_delay );

mdap_send("ANT-SEARCH MDAP/1.1\r\n");

while (1) {
        my $data;
        next unless $sock->recv($data,1024);

        if ( $data =~ m#^(INFO|ANT-SEARCH|EXEC-CLI|REPLY-\S+)\s(MDAP)/(\d+\.\d+)# ) {

                my ($type,$proto,$mdap_ver) = ($1,$2,$3);

                my $h = ant2hash($data);

                my $client_version = $h->{'MDAP-VERSION'};
                $mdap_ver = $client_version if ($client_version);

                print "<< $type $proto/$mdap_ver << ", length($data), " bytes\n" unless $quiet;

                warn dump( $data, $h ),$/ if ($debug);

                # we are getting our own messages (since our source port
                # is same as destination)
                next if ( $type =~ m#^(INFO|ANT-SEARCH|EXEC-CLI)# );

                my $ant = $h->{'ANT-ID'} || die "no ANT-ID in ", dump( $h );
                my $seq_nr = $1 if (defined $h->{'SEQ-NR'} && $h->{'SEQ-NR'} =~ m/^-*(\d)+/);
                #warn "SEQ-NR: $seq_nr ok: ",$ant_ok_password->{$ant},"\n" if ($seq_nr);

                my ($user_id,$user_pwd) = ant_credentials( $ant );

                if ($type eq 'REPLY-ANT-SEARCH') {
                        mdap_send("INFO MDAP/$mdap_ver\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n") unless ant_unknown_password( $ant );
                } elsif ($type eq 'REPLY-INFO') {

                        if ( $seq_nr < 0 ) {
#                               if ( $ant_ok_password ) {
#                                       $ant_ok_password->{$ant} = 0;
#                               } elsif ( ant_another_passwd( $ant ) ) {
                                if ( ant_another_passwd( $ant ) ) {
                                        ($user_id,$user_pwd) = ant_credentials( $ant );
                                        mdap_send("INFO MDAP/$mdap_ver\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
                                }
                                next;
                        } else {
                                $ant_ok_password->{$ant}++;
                                print "$ant credentials $user_id $user_pwd\n" if ( $credentials && $ant_ok_password->{$ant} == 1 ) || $debug;
                        }

                        my $board = $h->{'_BOARD_NAME'} || die "no _BOARD_NAME?";
                        if ( fw_exists( $board ) ) {
                                my $build = $h->{'_BUILD'} || die "no _BUILD?";
                                my $new_build = fw_build( $board );
                                if ( $build ne $new_build ) {
                                        print "+ $ant version $build -> $new_build\n";
                                        mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nCLI-CMD:software upgrade\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
                                        $ant_flashing->{$ant}++;
                                } else {
                                        once "$ant OK version $build",
                                                $ant_unknown_password->{$ant} ? ' with unknown password' :
                                                $ant_passwd->{$ant} ? ' password protected' :
                                                '',
                                                "\n";

                                        $ant_flashing->{$ant} = 0;
                                        # green|red|orange|flash|off
                                        mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nCLI-CMD:$flashed_cmd\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
                                        my $waiting = 0;
                                        my $count = 0;
                                        map {
                                                $waiting++ if ($ant_flashing->{$_});
                                                $count++;
                                        } keys %$ant_flashing;
                                        if ($waiting == 0) {
                                                status "ALL $count ANTS FLASHED to $build\n";
                                                $ant_flashing = undef;
                                        } else {
                                                status "$waiting of $count ants still flasing upto $build\n";
                                        }
                                }
                        } else {
                                once "!! NO FIRMWARE for $board in $tftp_path for ant $ant, skipping update\n";
                        }

                        if ( my $command = CWMP::ChangeIP::check( $h ) ) {
                                warn "## sending $command to $ant\n";
                                mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nCLI-CMD:$command\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
                        }

                } elsif ( $type eq 'REPLY-EXEC-CLI' ) {
                        print "+ $type\n$data\n" if ($verbose);
                        if ( $seq_nr == 1 ) {
                                mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nSEQ-NR:2\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
                                forget_ant( $ant ) if ( $ant_flashing->{$ant} );
                        } elsif ( $seq_nr < 0 ) {
                                warn "EXEC-CLI failed\n";
                        }

                } else {
                        print "!! reply $type ignored ", dump( $h ), $/;
                }

        } else {
                warn "<=" x 15, "\n", $data, "\n", "<=" x 15, "\n";
        }
}
1	dpavlin	2	#!/usr/bin/perl
2
3	dpavlin	41	use warnings;
4	dpavlin	2	use strict;
5			use IO::Socket::Multicast;
6			use Data::Dump qw/dump/;
7	dpavlin	19	use Getopt::Long;
8	dpavlin	2
9	dpavlin	47	use lib './lib';
10			use MDAP::ChangeIP;
11
12	dpavlin	19	my $GROUP = '224.0.0.103';
13			my $PORT = '3235';
14	dpavlin	2
15	dpavlin	19	my $debug = 0;
16			my $quiet = 1;
17			my $verbose = 0;
18	dpavlin	31	my $credentials = 0;
19	dpavlin	8
20	dpavlin	2	my $resend_search_delay = 3;
21	dpavlin	7	my $tftp_path = '/srv/tftp/';
22	dpavlin	2
23	dpavlin	39	my $flashed_cmd = 'system config led=flash';
24
25	dpavlin	19	GetOptions(
26			"port=i" => \$PORT,
27			"group=s" => \$GROUP,
28			"debug!" => \$debug,
29			"quiet!" => \$quiet,
30			"verbose!" => \$verbose,
31			"search=i" => \$resend_search_delay,
32			"tftp=s" => \$tftp_path,
33	dpavlin	31	"credentials" => \$credentials,
34	dpavlin	39	"exec=s" => \$flashed_cmd,
35	dpavlin	19	);
36
37			$quiet = 0 if $verbose;
38	dpavlin	32	$credentials = 1 if $debug;
39	dpavlin	19
40	dpavlin	17	# tab-delimited list of user id/passwd to try on ants
41			my @try_accounts = ( "Administrator\t" );
42	dpavlin	14
43	dpavlin	17	my $passwd_path = $0;
44			$passwd_path =~ s/[^\/]+$/passwd/;
45
46			if (-e $passwd_path) {
47			open(my $fh, $passwd_path) \|\| die "can't open $passwd_path: $!";
48			while(<$fh>) {
49			chomp;
50			next if /^#/ \|\| /^$/ \|\| /^\s+$/;
51	dpavlin	37	if (/^\S+\s+\S+$/) {
52	dpavlin	17	push @try_accounts, $_;
53			} else {
54			warn "invalid $passwd_path entry: $_\n";
55			}
56			}
57	dpavlin	39	print "found ", $#try_accounts + 1, " accounts to try on password protected ants",
58			$credentials ? " and display credentials" : "", "\n";
59	dpavlin	17	}
60
61	dpavlin	39	warn "search for ants every ${resend_search_delay}s\ntftp server path: $tftp_path\nflashed to current version: $flashed_cmd\n";
62	dpavlin	9
63	dpavlin	7	sub fw {
64			my ($board, $offset,$len) = @_;
65			open(my $fh, "$tftp_path/$board") \|\| die "Can't open image $tftp_path/$board: $!";
66			my $b;
67			seek($fh, $offset, 0) \|\| die "can't seek to $offset: $!";
68			read($fh, $b, $len) \|\| die "can't read $len bytes from $offset: $!";
69			close($fh);
70			return $b;
71			}
72
73			sub fw_build {
74			my $board_name = shift \|\| return 0;
75			my $v = join('.', unpack('CCCC',fw($board_name,0x20,4)) );
76	dpavlin	19	print "# fw_build $board_name $v\n" unless $quiet;
77	dpavlin	7	return $v;
78			}
79
80			sub fw_exists {
81			my $board = shift;
82			return -e "$tftp_path/$board";
83			}
84
85	dpavlin	19	my $sock = IO::Socket::Multicast->new(LocalPort=>$PORT,ReuseAddr=>1);
86			$sock->mcast_add($GROUP) \|\| die "Couldn't set group: $!\n";
87	dpavlin	2	$sock->mcast_ttl(1);
88
89			sub ant2hash {
90			my $data = shift;
91			my $hash;
92			map {
93			if ( m/:/ ) {
94			my ($n,$v) = split(/:/,$_,2);
95			$hash->{$n} = $v;
96			}
97			} split(/[\n\r]/, $data);
98			return $hash;
99			}
100
101			sub mdap_send {
102			my $data = shift;
103	dpavlin	14
104			my $xor = 0;
105			map { $xor ^= ord($_) } split(//,$data);
106			$data .= sprintf('%02X', $xor);
107
108	dpavlin	19	$sock->mcast_send( $data, "${GROUP}:${PORT}" );
109	dpavlin	9	if ($debug) {
110	dpavlin	32	warn ">> ${GROUP}:${PORT} >> ", dump( $data ), $/;
111	dpavlin	19	} elsif( ! $quiet ) {
112	dpavlin	9	$data =~ s/\s+/ /gi;
113			warn ">> ", substr($data,0,70), $/;
114			}
115	dpavlin	2	}
116
117	dpavlin	20	my $ant_passwd;
118	dpavlin	28	my $ant_unknown_password;
119			my $ant_ok_password;
120			my $ant_flashing;
121	dpavlin	17
122			sub ant_credentials {
123			my $ant = shift \|\| die "no ant?";
124	dpavlin	20	my $i = $ant_passwd->{$ant} \|\| 0;
125	dpavlin	17	my ($user_id,$user_pwd) = split(/\t/, $try_accounts[$i]);
126			#warn "ant $ant as [$i] $user_id / $user_pwd\n";
127			return ($user_id,$user_pwd);
128			}
129
130	dpavlin	25	sub ant_unknown_password {
131			my $ant = shift \|\| die "no ant?";
132			if ( $ant_unknown_password->{$ant} ) {
133			$ant_unknown_password->{$ant}--;
134			}
135			return $ant_unknown_password->{$ant};
136			}
137
138	dpavlin	17	sub ant_another_passwd {
139			my $ant = shift \|\| die "no ant?";
140	dpavlin	20
141	dpavlin	25	return 0 if ant_unknown_password( $ant );
142	dpavlin	28	return 0 if $ant_ok_password->{$ant};
143	dpavlin	25
144	dpavlin	20	$ant_passwd->{$ant}++;
145
146			if ( $ant_passwd->{$ant} > $#try_accounts ) {
147	dpavlin	23	print "$ant ant with unknown password\n";
148	dpavlin	26	$ant_unknown_password->{$ant} = 10;
149	dpavlin	24	$ant_passwd->{$ant} = 0;
150	dpavlin	20	return 0;
151			}
152			return 1;
153	dpavlin	17	}
154
155	dpavlin	27	sub forget_ant {
156			my $ant = shift \|\| die "no ant?";
157			delete $ant_unknown_password->{$ant};
158			delete $ant_passwd->{$ant};
159			delete $ant_ok_password->{$ant};
160			}
161
162	dpavlin	20	my $once;
163
164			sub once {
165	dpavlin	23	my $m = join('', @_);
166	dpavlin	20	$once->{$m}++;
167			print $m if ($once->{$m} == 1);
168			}
169
170	dpavlin	30	my $status = '';
171
172			sub status {
173			my $m = join('', @_);
174			if ($m ne $status) {
175			print $m;
176			$status = $m;
177			}
178			}
179
180	dpavlin	2	local $SIG{ALRM} = sub {
181	dpavlin	14	mdap_send("ANT-SEARCH MDAP/1.1\r\n");
182	dpavlin	2	alarm( $resend_search_delay );
183			};
184
185			alarm( $resend_search_delay );
186
187	dpavlin	14	mdap_send("ANT-SEARCH MDAP/1.1\r\n");
188	dpavlin	7
189	dpavlin	2	while (1) {
190			my $data;
191			next unless $sock->recv($data,1024);
192
193	dpavlin	9	if ( $data =~ m#^(INFO\|ANT-SEARCH\|EXEC-CLI\|REPLY-\S+)\s(MDAP)/(\d+\.\d+)# ) {
194	dpavlin	2
195	dpavlin	9	my ($type,$proto,$mdap_ver) = ($1,$2,$3);
196	dpavlin	2
197			my $h = ant2hash($data);
198
199	dpavlin	9	my $client_version = $h->{'MDAP-VERSION'};
200			$mdap_ver = $client_version if ($client_version);
201	dpavlin	7
202	dpavlin	19	print "<< $type $proto/$mdap_ver << ", length($data), " bytes\n" unless $quiet;
203	dpavlin	2
204	dpavlin	32	warn dump( $data, $h ),$/ if ($debug);
205	dpavlin	8
206	dpavlin	17	# we are getting our own messages (since our source port
207			# is same as destination)
208	dpavlin	9	next if ( $type =~ m#^(INFO\|ANT-SEARCH\|EXEC-CLI)# );
209
210			my $ant = $h->{'ANT-ID'} \|\| die "no ANT-ID in ", dump( $h );
211	dpavlin	47	my $seq_nr = $1 if (defined $h->{'SEQ-NR'} && $h->{'SEQ-NR'} =~ m/^-*(\d)+/);
212	dpavlin	24	#warn "SEQ-NR: $seq_nr ok: ",$ant_ok_password->{$ant},"\n" if ($seq_nr);
213	dpavlin	9
214	dpavlin	17	my ($user_id,$user_pwd) = ant_credentials( $ant );
215
216	dpavlin	2	if ($type eq 'REPLY-ANT-SEARCH') {
217	dpavlin	25	mdap_send("INFO MDAP/$mdap_ver\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n") unless ant_unknown_password( $ant );
218	dpavlin	2	} elsif ($type eq 'REPLY-INFO') {
219	dpavlin	15
220	dpavlin	24	if ( $seq_nr < 0 ) {
221	dpavlin	27	# if ( $ant_ok_password ) {
222			# $ant_ok_password->{$ant} = 0;
223			# } elsif ( ant_another_passwd( $ant ) ) {
224			if ( ant_another_passwd( $ant ) ) {
225	dpavlin	24	($user_id,$user_pwd) = ant_credentials( $ant );
226	dpavlin	20	mdap_send("INFO MDAP/$mdap_ver\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
227			}
228	dpavlin	15	next;
229	dpavlin	24	} else {
230			$ant_ok_password->{$ant}++;
231	dpavlin	32	print "$ant credentials $user_id $user_pwd\n" if ( $credentials && $ant_ok_password->{$ant} == 1 ) \|\| $debug;
232	dpavlin	15	}
233
234	dpavlin	7	my $board = $h->{'_BOARD_NAME'} \|\| die "no _BOARD_NAME?";
235			if ( fw_exists( $board ) ) {
236	dpavlin	14	my $build = $h->{'_BUILD'} \|\| die "no _BUILD?";
237			my $new_build = fw_build( $board );
238			if ( $build ne $new_build ) {
239	dpavlin	23	print "+ $ant version $build -> $new_build\n";
240	dpavlin	14	mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nCLI-CMD:software upgrade\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
241	dpavlin	33	$ant_flashing->{$ant}++;
242	dpavlin	7	} else {
243	dpavlin	23	once "$ant OK version $build",
244	dpavlin	24	$ant_unknown_password->{$ant} ? ' with unknown password' :
245	dpavlin	33	$ant_passwd->{$ant} ? ' password protected' :
246	dpavlin	24	'',
247	dpavlin	23	"\n";
248	dpavlin	32
249	dpavlin	28	$ant_flashing->{$ant} = 0;
250	dpavlin	32	# green\|red\|orange\|flash\|off
251	dpavlin	39	mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nCLI-CMD:$flashed_cmd\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
252	dpavlin	28	my $waiting = 0;
253	dpavlin	29	my $count = 0;
254	dpavlin	28	map {
255			$waiting++ if ($ant_flashing->{$_});
256	dpavlin	29	$count++;
257	dpavlin	28	} keys %$ant_flashing;
258	dpavlin	30	if ($waiting == 0) {
259			status "ALL $count ANTS FLASHED to $build\n";
260			$ant_flashing = undef;
261			} else {
262			status "$waiting of $count ants still flasing upto $build\n";
263	dpavlin	29	}
264	dpavlin	7	}
265	dpavlin	2	} else {
266	dpavlin	20	once "!! NO FIRMWARE for $board in $tftp_path for ant $ant, skipping update\n";
267	dpavlin	2	}
268	dpavlin	47
269			if ( my $command = CWMP::ChangeIP::check( $h ) ) {
270			warn "## sending $command to $ant\n";
271			mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nCLI-CMD:$command\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
272			}
273
274	dpavlin	32	} elsif ( $type eq 'REPLY-EXEC-CLI' ) {
275	dpavlin	39	print "+ $type\n$data\n" if ($verbose);
276	dpavlin	32	if ( $seq_nr == 1 ) {
277	dpavlin	14	mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nSEQ-NR:2\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
278	dpavlin	33	forget_ant( $ant ) if ( $ant_flashing->{$ant} );
279	dpavlin	47	} elsif ( $seq_nr < 0 ) {
280			warn "EXEC-CLI failed\n";
281	dpavlin	32	}
282	dpavlin	39
283	dpavlin	2	} else {
284	dpavlin	32	print "!! reply $type ignored ", dump( $h ), $/;
285	dpavlin	2	}
286
287			} else {
288	dpavlin	8	warn "<=" x 15, "\n", $data, "\n", "<=" x 15, "\n";
289	dpavlin	2	}
290			}