--- mdap-server.pl	2007/04/22 12:52:15	2
+++ mdap-server.pl	2007/04/24 10:11:24	29
@@ -3,16 +3,76 @@
 use strict;
 use IO::Socket::Multicast;
 use Data::Dump qw/dump/;
+use Getopt::Long;
 
-use constant GROUP => '224.0.0.103';
-use constant PORT  => '3235';
+my $GROUP = '224.0.0.103';
+my $PORT  = '3235';
 
-my $local_port = 1000;
+my $debug = 0;
+my $quiet = 1;
+my $verbose = 0;
 
 my $resend_search_delay = 3;
+my $tftp_path = '/srv/tftp/';
 
-my $sock = IO::Socket::Multicast->new(LocalPort=>PORT,ReuseAddr=>1);
-$sock->mcast_add(GROUP) || die "Couldn't set group: $!\n";
+GetOptions(
+	"port=i"	=> \$PORT,
+	"group=s"	=> \$GROUP,
+	"debug!"	=> \$debug,
+	"quiet!"	=> \$quiet,
+	"verbose!"	=> \$verbose,
+	"search=i"	=> \$resend_search_delay,
+	"tftp=s"	=> \$tftp_path,
+);
+
+$quiet = 0 if $verbose;
+
+# tab-delimited list of user id/passwd to try on ants
+my @try_accounts = ( "Administrator\t" );
+
+my $passwd_path = $0;
+$passwd_path =~ s/[^\/]+$/passwd/;
+
+if (-e $passwd_path) {
+	open(my $fh, $passwd_path) || die "can't open $passwd_path: $!";
+	while(<$fh>) {
+		chomp;
+		next if /^#/ || /^$/ || /^\s+$/;
+		if (/^\S+\t\S+$/) {
+			push @try_accounts, $_;
+		} else {
+			warn "invalid $passwd_path entry: $_\n";
+		}
+	}
+	print "found ", $#try_accounts + 1, " accounts to try on password protected ants\n";
+}
+
+warn "search for ants every ${resend_search_delay}s\ntftp server path: $tftp_path\n";
+
+sub fw {
+	my ($board, $offset,$len) = @_;
+	open(my $fh, "$tftp_path/$board") || die "Can't open image $tftp_path/$board: $!";
+	my $b;
+	seek($fh, $offset, 0) || die "can't seek to $offset: $!";
+	read($fh, $b, $len) || die "can't read $len bytes from $offset: $!";
+	close($fh);
+	return $b;
+}
+
+sub fw_build {
+	my $board_name = shift || return 0;
+	my $v = join('.', unpack('CCCC',fw($board_name,0x20,4)) );
+	print "# fw_build $board_name $v\n" unless $quiet;
+	return $v;
+}
+
+sub fw_exists {
+	my $board = shift;
+	return -e "$tftp_path/$board";
+}
+
+my $sock = IO::Socket::Multicast->new(LocalPort=>$PORT,ReuseAddr=>1);
+$sock->mcast_add($GROUP) || die "Couldn't set group: $!\n";
 $sock->mcast_ttl(1);
 
 sub ant2hash {
@@ -29,59 +89,164 @@
 
 sub mdap_send {
 	my $data = shift;
-	warn ">> $data\n>>----------\n";
-	my $null = chr(0);
-	$sock->mcast_send( "${data}", GROUP . ':' . PORT );
+
+	my $xor = 0;
+	map { $xor ^= ord($_) } split(//,$data);
+	$data .= sprintf('%02X', $xor);
+
+	$sock->mcast_send( $data, "${GROUP}:${PORT}" );
+	if ($debug) {
+		warn ">> ", dump( $data ), $/;
+	} elsif( ! $quiet ) {
+		$data =~ s/\s+/ /gi;
+		warn ">> ", substr($data,0,70), $/;
+	}
+}
+
+my $ant_passwd;
+my $ant_unknown_password;
+my $ant_ok_password;
+my $ant_flashing;
+
+sub ant_credentials {
+	my $ant = shift || die "no ant?";
+	my $i = $ant_passwd->{$ant} || 0;
+	my ($user_id,$user_pwd) = split(/\t/, $try_accounts[$i]);
+	#warn "ant $ant as [$i] $user_id / $user_pwd\n";
+	return ($user_id,$user_pwd);
+}
+
+sub ant_unknown_password {
+	my $ant = shift || die "no ant?";
+	if ( $ant_unknown_password->{$ant} ) {
+		$ant_unknown_password->{$ant}--;
+	}
+	return $ant_unknown_password->{$ant};
+}
+
+sub ant_another_passwd {
+	my $ant = shift || die "no ant?";
+
+	return 0 if ant_unknown_password( $ant );
+	return 0 if $ant_ok_password->{$ant};
+
+	$ant_passwd->{$ant}++;
+
+	if ( $ant_passwd->{$ant} > $#try_accounts ) {
+		print "$ant ant with unknown password\n";
+		$ant_unknown_password->{$ant} = 10;
+		$ant_passwd->{$ant} = 0;
+		return 0;
+	}
+	return 1;
+}
+
+sub forget_ant {
+	my $ant = shift || die "no ant?";
+	delete $ant_unknown_password->{$ant};
+	delete $ant_passwd->{$ant};
+	delete $ant_ok_password->{$ant};
+}
+
+my $once;
+
+sub once {
+	my $m = join('', @_);
+	$once->{$m}++;
+	print $m if ($once->{$m} == 1);
 }
 
 local $SIG{ALRM} = sub {
-	mdap_send("ANT-SEARCH MDAP/1.1\r\n46");
+	mdap_send("ANT-SEARCH MDAP/1.1\r\n");
 	alarm( $resend_search_delay );
 };
 
 alarm( $resend_search_delay );
 
+mdap_send("ANT-SEARCH MDAP/1.1\r\n");
+
 while (1) {
 	my $data;
 	next unless $sock->recv($data,1024);
 
-	if ( $data =~ m#^(REPLY-\S+)\s(MDAP/\d+\.\d+)# ) {
+	if ( $data =~ m#^(INFO|ANT-SEARCH|EXEC-CLI|REPLY-\S+)\s(MDAP)/(\d+\.\d+)# ) {
 
-		my ($type,$proto) = ($1,$2);
+		my ($type,$proto,$mdap_ver) = ($1,$2,$3);
 
 		my $h = ant2hash($data);
 
-		print "# $type $proto ", dump( $h ), $/;
+		my $client_version = $h->{'MDAP-VERSION'};
+		$mdap_ver = $client_version if ($client_version);
+
+		print "<< $type $proto/$mdap_ver << ", length($data), " bytes\n" unless $quiet;
+
+		warn dump($h),$/ if ($debug);
+
+		# we are getting our own messages (since our source port
+		# is same as destination)
+		next if ( $type =~ m#^(INFO|ANT-SEARCH|EXEC-CLI)# );
+
+		my $ant = $h->{'ANT-ID'} || die "no ANT-ID in ", dump( $h );
+		my $seq_nr = $h->{'SEQ-NR'};
+		#warn "SEQ-NR: $seq_nr ok: ",$ant_ok_password->{$ant},"\n" if ($seq_nr);
+
+		my ($user_id,$user_pwd) = ant_credentials( $ant );
 
 		if ($type eq 'REPLY-ANT-SEARCH') {
-			mdap_send("INFO MDAP/1.2
-SEQ-NR:1
-TO-ANT:0644JTHJ4
-USER-ID:Administrator
-USER-PWD:\r\n22");
+			mdap_send("INFO MDAP/$mdap_ver\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n") unless ant_unknown_password( $ant );
 		} elsif ($type eq 'REPLY-INFO') {
-			if (
-				$h->{'_BUILD'} eq '6.1.7.2' &&
-				$h->{'_BUILDNAME'} eq 'ZZO9AA6.172' &&
-				$h->{'_BUILDVARIANT'} eq 'AA' &&
-				1
-			) {
-				mdap_send("EXEC-CLI MDAP/1.2
-CLI-CMD:software upgrade
-SEQ-NR:1
-TO-ANT:0644JTHJ4
-USER-ID:Administrator
-USER-PWD:\r\n1F");
-			} else {
 
+			if ( $seq_nr < 0 ) {
+#				if ( $ant_ok_password ) {
+#					$ant_ok_password->{$ant} = 0;
+#				} elsif ( ant_another_passwd( $ant ) ) {
+				if ( ant_another_passwd( $ant ) ) {
+					($user_id,$user_pwd) = ant_credentials( $ant );
+					mdap_send("INFO MDAP/$mdap_ver\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
+				}
+				next;
+			} else {
+				$ant_ok_password->{$ant}++;
 			}
 
-			
+			my $board = $h->{'_BOARD_NAME'} || die "no _BOARD_NAME?";
+			if ( fw_exists( $board ) ) {
+				my $build = $h->{'_BUILD'} || die "no _BUILD?";
+				my $new_build = fw_build( $board );
+				if ( $build ne $new_build ) {
+					print "+ $ant version $build -> $new_build\n";
+					mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nCLI-CMD:software upgrade\r\nSEQ-NR:1\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
+				} else {
+					once "$ant OK version $build",
+						$ant_unknown_password->{$ant} ? ' with unknown password' :
+						$ant_ok_password->{$ant} ? ' password protected' :
+						'',
+						"\n";
+					$ant_flashing->{$ant} = 0;
+					my $waiting = 0;
+					my $count = 0;
+					map {
+						$waiting++ if ($ant_flashing->{$_});
+						$count++;
+					} keys %$ant_flashing;
+					if ($ant_flashing && $waiting == 0) {
+						print "**** ALL $count ANTS FLASHED ****\n";
+						$ant_flashing = {};
+					}
+				}
+			} else {
+				once "!! NO FIRMWARE for $board in $tftp_path for ant $ant, skipping update\n";
+			}
+		} elsif ( $type eq 'REPLY-EXEC-CLI' && $h->{'SEQ-NR'} == 1 ) {
+				print "+ $ant bootp mode re-flash started\n" if ($verbose);
+				mdap_send("EXEC-CLI MDAP/$mdap_ver\r\nSEQ-NR:2\r\nTO-ANT:$ant\r\nUSER-ID:$user_id\r\nUSER-PWD:$user_pwd\r\n");
+				forget_ant( $ant );
+				$ant_flashing->{$ant}++;
 		} else {
-			print "!! reply ignored\n";
+			print "!! reply ignored ", dump( $h ), $/;
 		}
 
 	} else {
-		print $data, "\n", "-" x 30, "\n";
+		warn "<=" x 15, "\n", $data, "\n", "<=" x 15, "\n";
 	}
 }