Subversion Repositories ALCASAR

Compare Revisions

No changes between revisions

Ignore whitespace Rev 3084 → Rev 3085

/rpms/coova-chilli-1.6.spec
File deleted
/rpms/CoovaChilli/CoovaChilliLib.py.patch
0,0 → 1,92
--- conf/CoovaChilliLib.py.in 2022-10-07 09:40:14.000000000 +0200
+++ conf/CoovaChilliLib.py.in 2022-11-02 10:35:29.022431562 +0100
@@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/python3
"""
CoovaChilli Python Library
Copyright (C) 2009 David Bird <david@coova.com>
@@ -148,7 +148,7 @@
return
def saveConfig( self, data=None ):
- print "Storing configuration changes"
+ print ("Storing configuration changes")
for setting in self.Settings:
if self.Entries.get(setting):
@@ -181,7 +181,7 @@
selectPath = -1
for line in p.stdout.readlines():
- print line
+ print (line)
s = line.split()
self.sessionsStore.append([ s[0], s[1] ])
if self.selectedMac == s[0]:
@@ -222,20 +222,20 @@
return True
def sessionRelease( self, widget ):
- print 'Releasing '+self.selectedMac
+ print ('Releasing '+self.selectedMac)
p = subprocess.Popen([self.Query, self.Socket, "dhcp-release", self.selectedMac]).communicate()
self.chilliQuery()
return
def sessionBlock( self, widget ):
- print 'Blocking access from '+self.selectedMac
+ print ('Blocking access from '+self.selectedMac)
p = subprocess.Popen([self.Query, self.Socket, "block", self.selectedMac]).communicate()
self.chilliQuery()
return
def sessionAuthorize( self, widget ):
if self.selectedSessionId:
- print 'Authorizing '+self.selectedSessionId
+ print ('Authorizing '+self.selectedSessionId)
p = subprocess.Popen([self.Query, self.Socket, "authorize", "sessionid", self.selectedSessionId]).communicate()
self.chilliQuery()
return
@@ -305,7 +305,7 @@
return
def _changeSection(self, section):
- print 'change to '+section
+ print ('change to '+section)
self.section = section
for setting in self.Settings:
@@ -329,7 +329,7 @@
return
def row3(self, treeview, iter, path, action):
- print action
+ print (action)
def row1(self, treeview, action):
if action == 'cursor-changed':
@@ -337,12 +337,12 @@
model, iter = selection.get_selected()
if iter:
mac = self.sessionsStore.get_value(iter, 0)
- print 'Selected: '+mac
+ print ('Selected: '+mac)
self.sesAuth.set_sensitive( True )
self.sesRelease.set_sensitive( True )
self.sesBlock.set_sensitive( True )
self._chilliQuery( mac )
- print action
+ print (action)
def formatOctets(self, o):
return o
@@ -499,7 +499,7 @@
self.btnStop.connect( "clicked", self.stopCoovaChilli )
def main( self ):
- print 'hello'
+ print ('hello')
/rpms/CoovaChilli/Makefile.am.patch
0,0 → 1,22
--- src/Makefile.am 2022-11-02 11:31:50.537726993 +0100
+++ src/Makefile.am 2022-11-02 11:32:30.857524726 +0100
@@ -12,7 +12,8 @@
tun.h ippool.h md5.h redir.h dhcp.h iphash.h \
radius_wispr.h radius_coovachilli.h ssl.h dns.h net.h \
pkt.h conn.h lookup.h chilli_limits.h cmdline.h debug.h \
-radius_pkt.h ../bstring/bstrlib.h ../config.h system.h
+radius_pkt.h ../bstring/bstrlib.h ../config.h system.h \
+SHA256.h
lib_LTLIBRARIES = libchilli.la
sbin_PROGRAMS = \
@@ -23,7 +24,8 @@
libchilli_la_SOURCES = \
chilli.c tun.c ippool.c radius.c md5.c redir.c dhcp.c \
iphash.c lookup.c system.h util.c options.c statusfile.c conn.c sig.c \
-garden.c dns.c session.c pkt.c chksum.c net.c safe.c
+garden.c dns.c session.c pkt.c chksum.c net.c safe.c \
+SHA256.c
AM_CFLAGS = -D_GNU_SOURCE -Wall -fno-builtin -fno-strict-aliasing \
-fomit-frame-pointer -funroll-loops -pipe -I$(top_builddir)/bstring \
/rpms/CoovaChilli/SHA256.c
0,0 → 1,158
/*********************************************************************
* Filename: sha256.c
* Author: Brad Conte (brad AT bradconte.com)
* Copyright:
* Disclaimer: This code is presented "as is" without any guarantees.
* Details: Implementation of the SHA-256 hashing algorithm.
SHA-256 is one of the three algorithms in the SHA2
specification. The others, SHA-384 and SHA-512, are not
offered in this implementation.
Algorithm specification can be found here:
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
This implementation uses little endian byte order.
*********************************************************************/
 
/*************************** HEADER FILES ***************************/
#include <stdlib.h>
#include <memory.h>
#include "SHA256.h"
 
/****************************** MACROS ******************************/
#define ROTLEFT(a,b) (((a) << (b)) | ((a) >> (32-(b))))
#define ROTRIGHT(a,b) (((a) >> (b)) | ((a) << (32-(b))))
 
#define CH(x,y,z) (((x) & (y)) ^ (~(x) & (z)))
#define MAJ(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#define EP0(x) (ROTRIGHT(x,2) ^ ROTRIGHT(x,13) ^ ROTRIGHT(x,22))
#define EP1(x) (ROTRIGHT(x,6) ^ ROTRIGHT(x,11) ^ ROTRIGHT(x,25))
#define SIG0(x) (ROTRIGHT(x,7) ^ ROTRIGHT(x,18) ^ ((x) >> 3))
#define SIG1(x) (ROTRIGHT(x,17) ^ ROTRIGHT(x,19) ^ ((x) >> 10))
 
/**************************** VARIABLES *****************************/
static const uint32_t k[64] = {
0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5,0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5,
0xd807aa98,0x12835b01,0x243185be,0x550c7dc3,0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174,
0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc,0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da,
0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7,0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967,
0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13,0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85,
0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3,0xd192e819,0xd6990624,0xf40e3585,0x106aa070,
0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5,0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3,
0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208,0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
};
 
/*********************** FUNCTION DEFINITIONS ***********************/
void sha256_transform(SHA256_CONTEXT* ctx, const uint8_t data[])
{
uint32_t a, b, c, d, e, f, g, h, i, j, t1, t2, m[64];
 
for (i = 0, j = 0; i < 16; ++i, j += 4)
m[i] = (data[j] << 24) | (data[j + 1] << 16) | (data[j + 2] << 8) | (data[j + 3]);
for (; i < 64; ++i)
m[i] = SIG1(m[i - 2]) + m[i - 7] + SIG0(m[i - 15]) + m[i - 16];
 
a = ctx->state[0];
b = ctx->state[1];
c = ctx->state[2];
d = ctx->state[3];
e = ctx->state[4];
f = ctx->state[5];
g = ctx->state[6];
h = ctx->state[7];
 
for (i = 0; i < 64; ++i) {
t1 = h + EP1(e) + CH(e, f, g) + k[i] + m[i];
t2 = EP0(a) + MAJ(a, b, c);
h = g;
g = f;
f = e;
e = d + t1;
d = c;
c = b;
b = a;
a = t1 + t2;
}
 
ctx->state[0] += a;
ctx->state[1] += b;
ctx->state[2] += c;
ctx->state[3] += d;
ctx->state[4] += e;
ctx->state[5] += f;
ctx->state[6] += g;
ctx->state[7] += h;
}
 
void SHA256Init(SHA256_CONTEXT* ctx)
{
ctx->datalen = 0;
ctx->bitlen = 0;
ctx->state[0] = 0x6a09e667;
ctx->state[1] = 0xbb67ae85;
ctx->state[2] = 0x3c6ef372;
ctx->state[3] = 0xa54ff53a;
ctx->state[4] = 0x510e527f;
ctx->state[5] = 0x9b05688c;
ctx->state[6] = 0x1f83d9ab;
ctx->state[7] = 0x5be0cd19;
}
 
void SHA256Update(SHA256_CONTEXT* ctx, const uint8_t data[], size_t len)
{
uint32_t i;
 
for (i = 0; i < len; ++i) {
ctx->data[ctx->datalen] = data[i];
ctx->datalen++;
if (ctx->datalen == 64) {
sha256_transform(ctx, ctx->data);
ctx->bitlen += 512;
ctx->datalen = 0;
}
}
}
 
void SHA256Final(SHA256_CONTEXT* ctx, uint8_t hash[])
{
uint32_t i;
 
i = ctx->datalen;
 
// Pad whatever data is left in the buffer.
if (ctx->datalen < 56) {
ctx->data[i++] = 0x80;
while (i < 56)
ctx->data[i++] = 0x00;
}
else {
ctx->data[i++] = 0x80;
while (i < 64)
ctx->data[i++] = 0x00;
sha256_transform(ctx, ctx->data);
memset(ctx->data, 0, 56);
}
 
// Append to the padding the total message's length in bits and transform.
ctx->bitlen += ctx->datalen * 8;
ctx->data[63] = ctx->bitlen;
ctx->data[62] = ctx->bitlen >> 8;
ctx->data[61] = ctx->bitlen >> 16;
ctx->data[60] = ctx->bitlen >> 24;
ctx->data[59] = ctx->bitlen >> 32;
ctx->data[58] = ctx->bitlen >> 40;
ctx->data[57] = ctx->bitlen >> 48;
ctx->data[56] = ctx->bitlen >> 56;
sha256_transform(ctx, ctx->data);
 
// Since this implementation uses little endian byte ordering and SHA uses big endian,
// reverse all the bytes when copying the final state to the output hash.
for (i = 0; i < 4; ++i) {
hash[i] = (ctx->state[0] >> (24 - i * 8)) & 0x000000ff;
hash[i + 4] = (ctx->state[1] >> (24 - i * 8)) & 0x000000ff;
hash[i + 8] = (ctx->state[2] >> (24 - i * 8)) & 0x000000ff;
hash[i + 12] = (ctx->state[3] >> (24 - i * 8)) & 0x000000ff;
hash[i + 16] = (ctx->state[4] >> (24 - i * 8)) & 0x000000ff;
hash[i + 20] = (ctx->state[5] >> (24 - i * 8)) & 0x000000ff;
hash[i + 24] = (ctx->state[6] >> (24 - i * 8)) & 0x000000ff;
hash[i + 28] = (ctx->state[7] >> (24 - i * 8)) & 0x000000ff;
}
}
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
/rpms/CoovaChilli/SHA256.h
0,0 → 1,35
#pragma once
/*********************************************************************
* Filename: sha256.h
* Author: Brad Conte (brad AT bradconte.com)
* Copyright:
* Disclaimer: This code is presented "as is" without any guarantees.
* Details: Defines the API for the corresponding SHA1 implementation.
*********************************************************************/
 
#ifndef SHA256_H
#define SHA256_H
 
#include "stdint.h"
 
/*************************** HEADER FILES ***************************/
#include <stddef.h>
 
/****************************** MACROS ******************************/
#define SHA256_BLOCK_SIZE 32 // SHA256 outputs a 32 byte digest
 
typedef struct {
uint8_t data[64];
uint32_t datalen;
unsigned long long bitlen;
uint32_t state[8];
} SHA256_CONTEXT;
 
 
 
/*********************** FUNCTION DECLARATIONS **********************/
void SHA256Init(SHA256_CONTEXT* ctx);
void SHA256Update(SHA256_CONTEXT* ctx, const uint8_t data[], size_t len);
void SHA256Final(SHA256_CONTEXT* ctx, uint8_t hash[]);
 
#endif // SHA256_H
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property
/rpms/CoovaChilli/chilli.h.patch
0,0 → 1,10
--- /BUILD/coova-chilli-master/src/chilli.h 2022-10-12 15:37:13.041870873 +0200
+++ /BUILD/coova-chilli-master/src/chilli.h 2022-10-11 14:01:04.000000000 +0200
@@ -35,6 +35,7 @@
#include "net.h"
#include "md5.h"
#include "dns.h"
+#include "SHA256.h"
#ifndef HAVE_STRLCPY
extern size_t strlcpy(char *dst, const char *src, size_t dsize);
/rpms/CoovaChilli/chilli_limits.h.patch
0,0 → 1,10
--- src/chilli_limits.h 2022-10-12 15:36:42.152019418 +0200
+++ src/chilli_limits.h 2022-10-07 09:48:22.000000000 +0200
@@ -53,6 +53,7 @@
#define REDIR_RADIUS_SELECT_TIME 500000 /* microseconds = 0.5 seconds */
#define REDIR_CHALLEN 16
#define REDIR_MD5LEN 16
+#define REDIR_SHA256LEN 32
#define REDIR_MACSTRLEN 17
#define REDIR_MAXBUFFER 65535
/rpms/CoovaChilli/coova-chilli-1.6.spec
0,0 → 1,148
%define _disable_ld_no_undefined 1
%define _unpackaged_files_terminate_build 0
 
Summary: CoovaChilli is an open-source software access controller for captive portal hotspots
Name: coova-chilli
Version: 1.6
Release: 2%{?dist}
License: GPLv3
Packager: Richard REY (Rexy)
Group: System/Servers
URL: https://coova.github.io/CoovaChilli
Source: %{name}-master.tar.gz
Patch0: chilli.h.patch
Patch1: chilli_limits.h.patch
Patch2: redir.c.patch
Patch3: Makefile.am.patch
Patch4: CoovaChilliLib.py.patch
BuildRequires: gengetopt
BuildRequires: libtool
BuildRequires: openssl-devel
Provides: coova-chilli = %{version}-%{release}
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
 
%description
Coova-Chilli is a fork of the ChilliSpot project - an open source captive
portal or wireless LAN access point controller. It supports web based login
(Universal Access Method, or UAM), standard for public HotSpots, and it
supports Wireless Protected Access (WPA), the standard for secure roamable
networks. Authentication, Authorization and Accounting (AAA) is handled by
your favorite radius server. Read more at http://coova.github.io/.
 
%prep
%setup -q -n %{name}-master
 
%patch0 -p3
%patch1 -p0
%patch2 -p0
%patch3 -p0
%patch4 -p0
 
cp ../../SOURCES/SHA256.c ./src/SHA256.c
cp ../../SOURCES/SHA256.h ./src/SHA256.h
 
%build
sh bootstrap
%configure \
--disable-static \
--enable-shared \
--enable-largelimits \
--enable-chilliredir \
--enable-chilliscript \
--with-poll \
--enable-dhcpopt \
--enable-json \
--enable-mdns \
--with-openssl
 
automake --add-missing
%make_build
 
%post
%_post_service chilli
 
%preun
%_preun_service chilli
 
%install
%make_install
 
%clean
rm -rf %{buildroot}
 
%files
%defattr(-,root,root)
%{_sbindir}/*
%{_libdir}/*.so*
%doc AUTHORS COPYING ChangeLog INSTALL README doc/dictionary.coovachilli doc/attributes
%config %{_sysconfdir}/chilli.conf
%config %{_sysconfdir}/chilli/gui-config-default.ini
%config(noreplace) %{_sysconfdir}/chilli/defaults
%dir %{_sysconfdir}/chilli
%{_sysconfdir}/init.d/chilli
%{_sysconfdir}/chilli/wwwsh
%{_sysconfdir}/chilli/functions
%{_sysconfdir}/chilli/*.sh
%{_mandir}/man1/*.1*
%{_mandir}/man5/*.5*
%{_mandir}/man8/*.8*
%exclude %{_sysconfdir}/chilli/www/*
%exclude %{_sysconfdir}/chilli/wpad.dat
%exclude %{_includedir}/chilli*
%exclude %{_libdir}/*.la*
%exclude %{_libdir}/python/CoovaChilliLib.py*
 
%changelog
* Fri Oct 14 2022 Paul BAESKENS (aka StaringCat) - 1.6-1.mga8
- Add SHA256 in PAP protocol
* Sat Jul 23 2022 Richard REY (aka Rexy) - 1.6-1.mga8
- 1.6 release
* Wed Feb 24 2021 Richard REY (aka Rexy) - 1.6-1.mga7
- 1.6 release
* Fri May 22 2020 Richard REY (aka Rexy) - 1.5-1.mga7
- 1.5 release
* Mon May 22 2017 Tom Houdayer - 1.4-3.mga5
- Add mDNS support
* Sat May 06 2017 Tom Houdayer - 1.4-2.mga5
- Add OpenSSL support
* Mon Dec 19 2016 Rexy for ALCASAR project
- 1.4-1 release
* Sun Nov 13 2016 Rexy for ALCASAR project
- 1.3.2-2 release (including the code resolving IPSEC bug #255 & #301)
* Tue Oct 25 2016 Rexy for ALCASAR project
- 1.3.2-1 release
* Thu Jun 2 2016 Rexy for ALCASAR project
- 1.3.1.4 release
* Sun Apr 3 2016 Rexy for ALCASAR project
- 1.3.1.3 release
* Tue May 14 2013 Crox for ALCASAR project
- 1.3.0 release
* Mon Jun 18 2012 Rexy for ALCASAR project
- 1.2.9-1 release
* Wed Jan 18 2012 Rexy for ALCASAR project
- 1.2.9 release
* Sun Jul 11 2011 Rexy for ALCASAR project
- 1.2.8 release
* Sat Feb 12 2011 Rexy for Alcasar project
+ revision: 433
+ add _disable_ld_no_undefined 1
- 1.2.6 release
* Sat Nov 20 2010 Rexy for Alcasar project
+ revision: 394
- 1.2.5 release
* Sat Jan 2 2010 <david@coova.com>
- 1.2.0 release
* Thu Sep 30 2007 <david@coova.com>
- 1.0.8 release
* Thu Aug 20 2007 <david@coova.com>
- 1.0-coova.7 release
* Thu Jun 7 2007 <david@coova.com>
- 1.0-coova.6 release
* Wed May 16 2007 <david@coova.com>
- 1.0-coova.5 release
* Wed Feb 07 2007 <david@coova.com>
- 1.0-coova.4 release
* Wed Nov 15 2006 <david@coova.com>
- 1.0-coova.3 release
* Thu Mar 25 2004 <support@chillispot.org>
- Initial release.
/rpms/CoovaChilli/redir.c.patch
0,0 → 1,98
--- src/redir.c 2022-10-12 15:35:35.352336574 +0200
+++ src/redir.c 2022-10-11 14:01:22.000000000 +0200
@@ -28,6 +28,8 @@
#endif
#include "json/json.h"
+
+
static int optionsdebug = 0; /* TODO: Should be changed to instance */
static int termstate = REDIR_TERM_INIT; /* When we were terminated */
@@ -2709,6 +2711,7 @@
struct redir_conn_t *conn, char reauth) {
uint8_t user_password[RADIUS_PWSIZE + 1];
uint8_t chap_password[REDIR_MD5LEN + 2];
+ uint8_t pap_challenge[REDIR_SHA256LEN];
uint8_t chap_challenge[REDIR_MD5LEN];
struct radius_packet_t radius_pack;
struct radius_t *radius; /* Radius client instance */
@@ -2718,7 +2721,7 @@
fd_set fds; /* For select() */
int status;
- MD5_CTX context;
+ SHA256_CONTEXT context;
char url[REDIR_URL_LEN];
int n, m;
@@ -2761,10 +2764,10 @@
if (redir->secret && *redir->secret) {
//syslog(LOG_DEBUG, "SECRET: [%s]",redir->secret);
/* Get MD5 hash on challenge and uamsecret */
- MD5Init(&context);
- MD5Update(&context, conn->s_state.redir.uamchal, REDIR_MD5LEN);
- MD5Update(&context, (uint8_t *) redir->secret, strlen(redir->secret));
- MD5Final(chap_challenge, &context);
+ SHA256Init(&context);
+ SHA256Update(&context, conn->s_state.redir.uamchal, REDIR_MD5LEN);
+ SHA256Update(&context, (uint8_t *) redir->secret, strlen(redir->secret));
+ SHA256Final(&context, pap_challenge);
}
else {
memcpy(chap_challenge, conn->s_state.redir.uamchal, REDIR_MD5LEN);
@@ -2780,9 +2783,9 @@
sizeof(user_password));
} else {
for (m=0; m < RADIUS_PWSIZE;) {
- for (n=0; n < REDIR_MD5LEN; m++, n++) {
+ for (n=0; n < REDIR_SHA256LEN; m++, n++) {
user_password[m] =
- conn->authdata.v.papmsg.password[m] ^ chap_challenge[n];
+ conn->authdata.v.papmsg.password[m] ^ pap_challenge[n];
}
}
}
@@ -2963,6 +2966,7 @@
int is_local_user(struct redir_t *redir, struct redir_conn_t *conn) {
uint8_t user_password[RADIUS_PWSIZE+1];
+ uint8_t pap_challenge[REDIR_SHA256LEN];
uint8_t chap_challenge[REDIR_MD5LEN];
char u[256]; char p[256];
size_t usernamelen, sz=1024;
@@ -2970,6 +2974,7 @@
int match=0;
char *line=0;
MD5_CTX context;
+ SHA256_CONTEXT SHA256context;
FILE *f;
if (!_options.localusers) return 0;
@@ -2990,10 +2995,10 @@
}/**/
if (redir->secret && *redir->secret) {
- MD5Init(&context);
- MD5Update(&context, (uint8_t*)conn->s_state.redir.uamchal, REDIR_MD5LEN);
- MD5Update(&context, (uint8_t*)redir->secret, strlen(redir->secret));
- MD5Final(chap_challenge, &context);
+ SHA256Init(&SHA256context);
+ SHA256Update(&SHA256context, (uint8_t*)conn->s_state.redir.uamchal, REDIR_MD5LEN);
+ SHA256Update(&SHA256context, (uint8_t*)redir->secret, strlen(redir->secret));
+ SHA256Final(&SHA256context, pap_challenge);
}
else {
memcpy(chap_challenge, conn->s_state.redir.uamchal, REDIR_MD5LEN);
@@ -3015,9 +3020,9 @@
} else {
int n, m;
for (m=0; m < RADIUS_PWSIZE;)
- for (n=0; n < REDIR_MD5LEN; m++, n++)
+ for (n=0; n < REDIR_SHA256LEN; m++, n++)
user_password[m] =
- conn->authdata.v.papmsg.password[m] ^ chap_challenge[n];
+ conn->authdata.v.papmsg.password[m] ^ pap_challenge[n];
}
break;
case REDIR_AUTH_CHAP: