From 7175eb2a1d83ae10a7bc0c1961a6d13fb40a1456 Mon Sep 17 00:00:00 2001 From: Håkon Nessjøen Date: Sun, 20 May 2012 16:53:56 +0200 Subject: Added -l option to mactelnet, so you don't have to know about the mndp tool to find it. --- mactelnet.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'mactelnet.c') diff --git a/mactelnet.c b/mactelnet.c index c78b262..6f2ec80 100644 --- a/mactelnet.c +++ b/mactelnet.c @@ -43,6 +43,7 @@ #include "interfaces.h" #include "config.h" #include "mactelnet.h" +#include "mndp.h" #define PROGRAM_NAME "MAC-Telnet" @@ -408,7 +409,7 @@ int main (int argc, char **argv) { textdomain("mactelnet"); while (1) { - c = getopt(argc, argv, "nqt:u:p:vh?"); + c = getopt(argc, argv, "lnqt:u:p:vh?"); if (c == -1) { break; @@ -447,6 +448,10 @@ int main (int argc, char **argv) { quiet_mode = 1; break; + case 'l': + return mndp(); + break; + case 'h': case '?': print_help = 1; @@ -456,12 +461,13 @@ int main (int argc, char **argv) { } if (argc - optind < 1 || print_help) { print_version(); - fprintf(stderr, _("Usage: %s [-h] [-n] [-t ] [-u ] [-p ]\n"), argv[0]); + fprintf(stderr, _("Usage: %s [-h] [-n] [-t ] [-u ] [-p ] | <-l>\n"), argv[0]); if (print_help) { fprintf(stderr, _("\nParameters:\n" " MAC MAC-Address of the RouterOS/mactelnetd device. Use mndp to discover it.\n" " identity The identity/name of your destination device. Uses MNDP protocol to find it.\n" + " -l List/Search for routers nearby. (using MNDP)\n" " -n Do not use broadcast packets. Less insecure but requires root privileges.\n" " -t Amount of seconds to wait for a response on each interface.\n" " -u Specify username on command line.\n" -- cgit v1.2.3 From 8d0a3a56e5ce113a962ff04255dc38abac08640f Mon Sep 17 00:00:00 2001 From: Håkon Nessjøen Date: Sun, 20 May 2012 17:20:00 +0200 Subject: Fixed missing translation in i18n template. Bugfixed Makefile a bit. --- Makefile | 9 ++++++--- mactelnet.c | 2 +- mndp.c | 4 ++-- po/mactelnet.pot | 51 ++++++++++++++++++++++++++++++--------------------- 4 files changed, 39 insertions(+), 27 deletions(-) (limited to 'mactelnet.c') diff --git a/Makefile b/Makefile index 5b9ae91..1cecd59 100644 --- a/Makefile +++ b/Makefile @@ -5,13 +5,14 @@ CC?=gcc all: macping mndp mactelnet mactelnetd -clean: dist-clean +clean: distclean -dist-clean: +distclean: rm -f mactelnet macping mactelnetd mndp + rm po/*.pot rm -f *.o -dist: dist-clean po/mactelnet.pot +dist: distclean po install: all install-docs install -d $(DESTDIR)/usr/bin @@ -27,6 +28,8 @@ install-docs: install -d $(DESTDIR)/usr/share/man/man1/ install docs/*.1 $(DESTDIR)/usr/share/man/man1/ +po: po/mactelnet.pot + po/mactelnet.pot: *.c xgettext --package-name=mactelnet --msgid-bugs-address=haakon.nessjoen@gmail.com -d mactelnet -C -c_ -k_ -kgettext_noop *.c -o po/mactelnet.pot diff --git a/mactelnet.c b/mactelnet.c index 6f2ec80..f83518f 100644 --- a/mactelnet.c +++ b/mactelnet.c @@ -461,7 +461,7 @@ int main (int argc, char **argv) { } if (argc - optind < 1 || print_help) { print_version(); - fprintf(stderr, _("Usage: %s [-h] [-n] [-t ] [-u ] [-p ] | <-l>\n"), argv[0]); + fprintf(stderr, _("Usage: %s [-h] [-n] [-t ] [-u ] [-p ] | -l\n"), argv[0]); if (print_help) { fprintf(stderr, _("\nParameters:\n" diff --git a/mndp.c b/mndp.c index bec7c64..b229d3b 100644 --- a/mndp.c +++ b/mndp.c @@ -88,7 +88,7 @@ int mndp(void) { } } - printf("\n\E[1m%-17s Identity (platform version hardware) uptime\E[m\n", "MAC-Address"); + printf("\n\E[1m%-17s %s\E[m\n", _("MAC-Address"), _("Identity (platform version hardware) uptime")); while(1) { struct mt_mndp_info *packet; @@ -104,7 +104,7 @@ int mndp(void) { if (packet != NULL) { /* Print it */ - printf(" %-17s %s", ether_ntoa((struct ether_addr *)packet->address), packet->identity); + printf("%-17s %s", ether_ntoa((struct ether_addr *)packet->address), packet->identity); if (packet->platform != NULL) { printf(" (%s %s %s)", packet->platform, packet->version, packet->hardware); } diff --git a/po/mactelnet.pot b/po/mactelnet.pot index 415844c..841d607 100644 --- a/po/mactelnet.pot +++ b/po/mactelnet.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: mactelnet\n" "Report-Msgid-Bugs-To: haakon.nessjoen@gmail.com\n" -"POT-Creation-Date: 2012-02-28 15:15+0100\n" +"POT-Creation-Date: 2012-05-20 17:16+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -67,7 +67,7 @@ msgstr "" msgid "You need to have root privileges to use %s.\n" msgstr "" -#: macping.c:207 mndp.c:57 protocol.c:429 +#: macping.c:207 mndp.c:68 protocol.c:429 #, c-format msgid "Error binding to %s:%d\n" msgstr "" @@ -92,36 +92,36 @@ msgstr "" msgid "%s Reply of %d bytes of unequal data\n" msgstr "" -#: mactelnet.c:154 +#: mactelnet.c:155 #, c-format msgid "" "\n" "Connection timed out\n" msgstr "" -#: mactelnet.c:303 +#: mactelnet.c:304 #, c-format msgid "Connection closed.\n" msgstr "" -#: mactelnet.c:309 +#: mactelnet.c:310 #, c-format msgid "Unhandeled packet type: %d received from server %s\n" msgstr "" -#: mactelnet.c:331 +#: mactelnet.c:332 #, c-format msgid "Error: No suitable devices found\n" msgstr "" -#: mactelnet.c:459 +#: mactelnet.c:464 #, c-format msgid "" "Usage: %s [-h] [-n] [-t ] [-u ] [-p " -"]\n" +"] | -l\n" msgstr "" -#: mactelnet.c:462 +#: mactelnet.c:467 #, c-format msgid "" "\n" @@ -130,6 +130,7 @@ msgid "" "discover it.\n" " identity The identity/name of your destination device. Uses MNDP protocol " "to find it.\n" +" -l List/Search for routers nearby. (using MNDP)\n" " -n Do not use broadcast packets. Less insecure but requires root " "privileges.\n" " -t Amount of seconds to wait for a response on each interface.\n" @@ -140,36 +141,36 @@ msgid "" "\n" msgstr "" -#: mactelnet.c:486 +#: mactelnet.c:492 #, c-format msgid "You need to have root privileges to use the -n parameter.\n" msgstr "" -#: mactelnet.c:518 +#: mactelnet.c:524 #, c-format msgid "Login: " msgstr "" -#: mactelnet.c:525 +#: mactelnet.c:531 msgid "Password: " msgstr "" -#: mactelnet.c:550 +#: mactelnet.c:556 #, c-format msgid "Connecting to %s..." msgstr "" -#: mactelnet.c:560 mactelnetd.c:244 mactelnetd.c:981 +#: mactelnet.c:566 mactelnetd.c:244 mactelnetd.c:981 #, c-format msgid "Error binding to %s:%d, %s\n" msgstr "" -#: mactelnet.c:565 +#: mactelnet.c:571 #, c-format msgid "Connection failed.\n" msgstr "" -#: mactelnet.c:569 +#: mactelnet.c:575 #, c-format msgid "done\n" msgstr "" @@ -329,27 +330,35 @@ msgstr "" msgid "Timeout\r\n" msgstr "" -#: mndp.c:62 +#: mndp.c:73 #, c-format msgid "Searching for MikroTik routers... Abort with CTRL+C.\n" msgstr "" -#: mndp.c:66 +#: mndp.c:77 #, c-format msgid "Unable to send broadcast packets: Operating in receive only mode.\n" msgstr "" -#: mndp.c:76 +#: mndp.c:87 #, c-format msgid "Unable to send broadcast packet: Operating in receive only mode.\n" msgstr "" -#: mndp.c:85 +#: mndp.c:91 +msgid "MAC-Address" +msgstr "" + +#: mndp.c:91 +msgid "Identity (platform version hardware) uptime" +msgstr "" + +#: mndp.c:98 #, c-format msgid "An error occured. aborting\n" msgstr "" -#: mndp.c:99 +#: mndp.c:112 #, c-format msgid " up %d days %d hours" msgstr "" -- cgit v1.2.3 From 092e396b00ee4805c2a924f1b1c00cbc6e07a33c Mon Sep 17 00:00:00 2001 From: Håkon Nessjøen Date: Tue, 17 Jul 2012 22:19:19 +0200 Subject: Added -U flag for dropping privileges in raw mode in mactelnet. Manually merged from Ali Onur Uyar's commit 8720817a0b in his MAC-Telnet repo at github (aouyar) --- mactelnet.c | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 57 insertions(+), 11 deletions(-) (limited to 'mactelnet.c') diff --git a/mactelnet.c b/mactelnet.c index f83518f..0620b8d 100644 --- a/mactelnet.c +++ b/mactelnet.c @@ -22,6 +22,7 @@ #include #include #include +#include #include #include #include @@ -77,6 +78,7 @@ static int keepalive_counter = 0; static unsigned char encryptionkey[128]; static char username[255]; static char password[255]; +static char nonpriv_username[255]; struct net_interface interfaces[MAX_INTERFACES]; struct net_interface *active_interface; @@ -92,6 +94,30 @@ static void print_version() { fprintf(stderr, PROGRAM_NAME " " PROGRAM_VERSION "\n"); } +void drop_privileges(char *username) { + struct passwd *user = (struct passwd *) getpwnam(username); + if (user == NULL) { + fprintf(stderr, _("Failed dropping privileges. The user %s is not a valid username on local system.\n"), username); + exit(1); + } + if (getuid() == 0) { + /* process is running as root, drop privileges */ + if (setgid(user->pw_gid) != 0) { + fprintf(stderr, _("setgid: Error dropping group privileges\n")); + exit(1); + } + if (setuid(user->pw_uid) != 0) { + fprintf(stderr, _("setuid: Error dropping user privileges\n")); + exit(1); + } + /* Verify if the privileges were developed. */ + if (setuid(0) != -1) { + fprintf(stderr, _("Failed to drop privileges\n")); + exit(1); + } + } +} + static int send_udp(struct mt_packet *packet, int retransmit) { int sent_bytes; @@ -401,6 +427,7 @@ int main (int argc, char **argv) { struct sockaddr_in si_me; unsigned char buff[1500]; unsigned char print_help = 0, have_username = 0, have_password = 0; + unsigned char drop_priv = 0; int c; int optval = 1; @@ -409,7 +436,7 @@ int main (int argc, char **argv) { textdomain("mactelnet"); while (1) { - c = getopt(argc, argv, "lnqt:u:p:vh?"); + c = getopt(argc, argv, "lnqt:u:p:U:vh?"); if (c == -1) { break; @@ -435,6 +462,13 @@ int main (int argc, char **argv) { have_password = 1; break; + case 'U': + /* Save nonpriv_username */ + strncpy(nonpriv_username, optarg, sizeof(nonpriv_username) - 1); + nonpriv_username[sizeof(nonpriv_username) - 1] = '\0'; + drop_priv = 1; + break; + case 't': connect_timeout = atoi(optarg); break; @@ -461,19 +495,24 @@ int main (int argc, char **argv) { } if (argc - optind < 1 || print_help) { print_version(); - fprintf(stderr, _("Usage: %s [-h] [-n] [-t ] [-u ] [-p ] | -l\n"), argv[0]); + fprintf(stderr, _("Usage: %s [-h] [-n] [-t ] [-u ] [-p ] [-U ] | -l\n"), argv[0]); if (print_help) { fprintf(stderr, _("\nParameters:\n" - " MAC MAC-Address of the RouterOS/mactelnetd device. Use mndp to discover it.\n" - " identity The identity/name of your destination device. Uses MNDP protocol to find it.\n" - " -l List/Search for routers nearby. (using MNDP)\n" - " -n Do not use broadcast packets. Less insecure but requires root privileges.\n" - " -t Amount of seconds to wait for a response on each interface.\n" - " -u Specify username on command line.\n" - " -p Specify password on command line.\n" - " -q Quiet mode.\n" - " -h This help.\n" + " MAC MAC-Address of the RouterOS/mactelnetd device. Use mndp to\n" + " discover it.\n" + " identity The identity/name of your destination device. Uses\n" + " MNDP protocol to find it.\n" + " -l List/Search for routers nearby. (using MNDP)\n" + " -n Do not use broadcast packets. Less insecure but requires\n" + " root privileges.\n" + " -t Amount of seconds to wait for a response on each interface.\n" + " -u Specify username on command line.\n" + " -p Specify password on command line.\n" + " -U Drop privileges to this user. Used in conjunction with -n\n" + " for security.\n" + " -q Quiet mode.\n" + " -h This help.\n" "\n")); } return 1; @@ -494,6 +533,13 @@ int main (int argc, char **argv) { } sockfd = net_init_raw_socket(); + + if (drop_priv) { + drop_privileges(nonpriv_username); + } + } else if (drop_priv) { + fprintf(stderr, _("The -U option must be used in conjunction with the -n parameter.\n")); + return 1; } /* Receive regular udp packets with this socket */ -- cgit v1.2.3 From 8bb7351cc1598da5ef6b799c019c75509a9a642f Mon Sep 17 00:00:00 2001 From: Håkon Nessjøen Date: Tue, 17 Jul 2012 22:20:59 +0200 Subject: Updated internationalization, sped up code by using fputs instead of fprintf. Updated readme. Bumped version. --- Makefile | 2 +- README.markdown | 27 ++++++++++-------- config.h | 2 +- mactelnet.c | 2 +- po/mactelnet.pot | 86 ++++++++++++++++++++++++++++++++++++++------------------ 5 files changed, 77 insertions(+), 42 deletions(-) (limited to 'mactelnet.c') diff --git a/Makefile b/Makefile index 1cecd59..a7f2abd 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ clean: distclean distclean: rm -f mactelnet macping mactelnetd mndp - rm po/*.pot + rm -f po/*.pot rm -f *.o dist: distclean po diff --git a/README.markdown b/README.markdown index e1bd784..45d4cd8 100644 --- a/README.markdown +++ b/README.markdown @@ -1,8 +1,7 @@ MAC-Telnet for Linux ==================== -A linux console tool for connecting to MikroTik RouterOS devices via their -ethernet address. +Console tools for connecting to, and serving, devices using MikroTik RouterOS MAC-Telnet protocol. Installation ------------ @@ -22,17 +21,23 @@ Usage ----- # mactelnet -h - Usage: mactelnet [-h] [-n] [-t ] [-u ] [-p ] + Usage: mactelnet [-h] [-n] [-t ] [-u ] [-p ] [-U ] | -l Parameters: - MAC MAC-Address of the RouterOS device. Use mndp to discover them. - identity The identity/name of your RouterOS device. Uses MNDP protocol to find it.. - -n Do not use broadcast packets. Less insecure but requires root privileges. - -t Amount of seconds to wait for a response on each interface. - -u Specify username on command line. - -p Specify password on command line. - -h This help. - + MAC MAC-Address of the RouterOS/mactelnetd device. Use mndp to + discover it. + identity The identity/name of your destination device. Uses + MNDP protocol to find it. + -l List/Search for routers nearby. (using MNDP) + -n Do not use broadcast packets. Less insecure but requires + root privileges. + -t Amount of seconds to wait for a response on each interface. + -u Specify username on command line. + -p Specify password on command line. + -U Drop privileges to this user. Used in conjunction with -n + for security. + -q Quiet mode. + -h This help. Example: diff --git a/config.h b/config.h index c2c1fd4..1e7734f 100644 --- a/config.h +++ b/config.h @@ -21,7 +21,7 @@ #define DEBUG 0 -#define PROGRAM_VERSION "0.3.3" +#define PROGRAM_VERSION "0.3.4" #if defined(__APPLE__) && defined(__MACH__) #define PLATFORM_NAME "Mac OS X" diff --git a/mactelnet.c b/mactelnet.c index 0620b8d..19624ea 100644 --- a/mactelnet.c +++ b/mactelnet.c @@ -289,7 +289,7 @@ static int handle_packet(unsigned char *data, int data_len) { the data is raw terminal data to be outputted to the terminal. */ else if (cpkt.cptype == MT_CPTYPE_PLAINDATA) { cpkt.data[cpkt.length] = 0; - printf("%s", cpkt.data); + fputs((const char *)cpkt.data, stdout); } /* END_AUTH means that the user/password negotiation is done, and after this point diff --git a/po/mactelnet.pot b/po/mactelnet.pot index 841d607..22a579c 100644 --- a/po/mactelnet.pot +++ b/po/mactelnet.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: mactelnet\n" "Report-Msgid-Bugs-To: haakon.nessjoen@gmail.com\n" -"POT-Creation-Date: 2012-05-20 17:16+0200\n" +"POT-Creation-Date: 2012-07-17 21:29+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -92,85 +92,115 @@ msgstr "" msgid "%s Reply of %d bytes of unequal data\n" msgstr "" -#: mactelnet.c:155 +#: mactelnet.c:100 +#, c-format +msgid "" +"Failed dropping privileges. The user %s is not a valid username on local " +"system.\n" +msgstr "" + +#: mactelnet.c:106 +#, c-format +msgid "setgid: Error dropping group privileges\n" +msgstr "" + +#: mactelnet.c:110 +#, c-format +msgid "setuid: Error dropping user privileges\n" +msgstr "" + +#: mactelnet.c:115 +#, c-format +msgid "Failed to drop privileges\n" +msgstr "" + +#: mactelnet.c:181 #, c-format msgid "" "\n" "Connection timed out\n" msgstr "" -#: mactelnet.c:304 +#: mactelnet.c:330 #, c-format msgid "Connection closed.\n" msgstr "" -#: mactelnet.c:310 +#: mactelnet.c:336 #, c-format msgid "Unhandeled packet type: %d received from server %s\n" msgstr "" -#: mactelnet.c:332 +#: mactelnet.c:358 #, c-format msgid "Error: No suitable devices found\n" msgstr "" -#: mactelnet.c:464 +#: mactelnet.c:498 #, c-format msgid "" -"Usage: %s [-h] [-n] [-t ] [-u ] [-p " -"] | -l\n" +"Usage: %s [-h] [-n] [-t ] [-u ] [-p " +"] [-U ] | -l\n" msgstr "" -#: mactelnet.c:467 +#: mactelnet.c:501 #, c-format msgid "" "\n" "Parameters:\n" -" MAC MAC-Address of the RouterOS/mactelnetd device. Use mndp to " -"discover it.\n" -" identity The identity/name of your destination device. Uses MNDP protocol " -"to find it.\n" -" -l List/Search for routers nearby. (using MNDP)\n" -" -n Do not use broadcast packets. Less insecure but requires root " -"privileges.\n" -" -t Amount of seconds to wait for a response on each interface.\n" -" -u Specify username on command line.\n" -" -p Specify password on command line.\n" -" -q Quiet mode.\n" -" -h This help.\n" +" MAC MAC-Address of the RouterOS/mactelnetd device. Use mndp to\n" +" discover it.\n" +" identity The identity/name of your destination device. Uses\n" +" MNDP protocol to find it.\n" +" -l List/Search for routers nearby. (using MNDP)\n" +" -n Do not use broadcast packets. Less insecure but requires\n" +" root privileges.\n" +" -t Amount of seconds to wait for a response on each " +"interface.\n" +" -u Specify username on command line.\n" +" -p Specify password on command line.\n" +" -U Drop privileges to this user. Used in conjunction with -n\n" +" for security.\n" +" -q Quiet mode.\n" +" -h This help.\n" "\n" msgstr "" -#: mactelnet.c:492 +#: mactelnet.c:531 #, c-format msgid "You need to have root privileges to use the -n parameter.\n" msgstr "" -#: mactelnet.c:524 +#: mactelnet.c:541 +#, c-format +msgid "The -U option must be used in conjunction with the -n parameter.\n" +msgstr "" + +#: mactelnet.c:570 #, c-format msgid "Login: " msgstr "" -#: mactelnet.c:531 +#: mactelnet.c:577 msgid "Password: " msgstr "" -#: mactelnet.c:556 +#: mactelnet.c:602 #, c-format msgid "Connecting to %s..." msgstr "" -#: mactelnet.c:566 mactelnetd.c:244 mactelnetd.c:981 +#: mactelnet.c:612 mactelnetd.c:244 mactelnetd.c:981 #, c-format msgid "Error binding to %s:%d, %s\n" msgstr "" -#: mactelnet.c:571 +#: mactelnet.c:617 #, c-format msgid "Connection failed.\n" msgstr "" -#: mactelnet.c:575 +#: mactelnet.c:621 #, c-format msgid "done\n" msgstr "" -- cgit v1.2.3