Go to most recent revision | Details | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
1010 | hidnplayr | 1 | ; Zero-config |
2 | ; v 1.4 |
||
3 | ; |
||
4 | ; DHCP code is based on that by Mike Hibbet (DHCP client for menuetos) |
||
5 | ; |
||
6 | ; Written by HidnPlayr & Derpenguin |
||
7 | |||
8 | use32 |
||
9 | org 0x0 |
||
10 | |||
11 | db 'MENUET01' ; 8 byte id |
||
12 | dd 0x01 ; header version |
||
13 | dd START ; start of code |
||
14 | dd IM_END ; size of image |
||
15 | dd I_END ; memory for app |
||
16 | dd I_END ; esp |
||
17 | dd 0x0 , path ; I_Param , I_Icon |
||
18 | |||
19 | ; CONFIGURATION |
||
20 | |||
21 | |||
22 | TIMEOUT equ 60 ; in seconds |
||
23 | BUFFER equ 1024 ; in bytes |
||
24 | __DEBUG__ equ 1 ; enable/disable |
||
25 | __DEBUG_LEVEL__ equ 1 ; 1 = all, 2 = errors |
||
26 | |||
27 | ; CONFIGURATION FOR LINK-LOCAL |
||
28 | |||
29 | PROBE_WAIT equ 1 ; second (initial random delay) |
||
30 | PROBE_MIN equ 1 ; second (minimum delay till repeated probe) |
||
31 | PROBE_MAX equ 2 ; seconds (maximum delay till repeated probe) |
||
32 | PROBE_NUM equ 3 ; (number of probe packets) |
||
33 | |||
34 | ANNOUNCE_NUM equ 2 ; (number of announcement packets) |
||
35 | ANNOUNCE_INTERVAL equ 2 ; seconds (time between announcement packets) |
||
36 | ANNOUNCE_WAIT equ 2 ; seconds (delay before announcing) |
||
37 | |||
38 | MAX_CONFLICTS equ 10 ; (max conflicts before rate limiting) |
||
39 | |||
40 | RATE_LIMIT_INTERVAL equ 60 ; seconds (delay between successive attempts) |
||
41 | |||
42 | DEFEND_INTERVAL equ 10 ; seconds (min. wait between defensive ARPs) |
||
43 | |||
44 | include '../../../proc32.inc' |
||
45 | include '../../../macros.inc' |
||
46 | include 'eth.inc' |
||
47 | include 'debug-fdo.inc' |
||
48 | include 'dhcp.inc' |
||
49 | include 'dll.inc' |
||
50 | |||
51 | START: ; start of execution |
||
52 | |||
53 | mcall 40, 0 |
||
54 | |||
55 | eth.set_network_drv 0x00000383 |
||
56 | |||
57 | DEBUGF 1,"Zero-config service:\n" |
||
58 | |||
59 | eth.status eax ; Read the Stack status |
||
60 | test eax,eax ; if eax is zero, no driver was found |
||
61 | jnz @f |
||
62 | DEBUGF 1,"No Card found!\n" |
||
63 | jmp close |
||
64 | |||
65 | @@: |
||
66 | DEBUGF 1,"Detected card: %x\n",eax |
||
67 | @@: |
||
68 | eth.check_cable eax |
||
69 | test al,al |
||
70 | jnz @f |
||
71 | DEBUGF 1,"Cable disconnected!\n" |
||
72 | mcall 5, 500 ; loop until cable is connected (check every 5 sec) |
||
73 | jmp @r |
||
74 | |||
75 | @@: |
||
76 | eth.read_mac MAC |
||
77 | DEBUGF 1,"MAC: %x-%x-%x-%x-%x-%x\n",[MAC]:2,[MAC+1]:2,[MAC+2]:2,[MAC+3]:2,[MAC+4]:2,[MAC+5]:2 |
||
78 | |||
79 | cld |
||
80 | mov edi, path ; Calculate the length of zero-terminated string |
||
81 | xor al , al |
||
82 | mov ecx, 1024 |
||
83 | repnz scas byte[es:edi] |
||
84 | dec edi |
||
85 | |||
86 | mov esi, filename |
||
87 | mov ecx, 5 |
||
88 | rep movsb |
||
89 | |||
90 | mcall 64,1,I_END_2 |
||
91 | mcall 68,11 |
||
92 | |||
93 | stdcall dll.Load,@IMPORT |
||
94 | or eax,eax |
||
95 | jnz skip_ini |
||
96 | |||
97 | |||
98 | invoke ini.get_str, path, str_ipconfig, str_type, inibuf, 16, 0 |
||
99 | |||
100 | mov eax,dword[inibuf] |
||
101 | |||
102 | cmp eax,'stat' |
||
103 | jne skip_ini |
||
104 | |||
105 | invoke ini.get_str, path, str_ipconfig, str_ip, inibuf, 16, 0 |
||
106 | mov edx, inibuf |
||
107 | call Ip2dword |
||
108 | eth.set_IP edx |
||
109 | |||
110 | invoke ini.get_str, path, str_ipconfig, str_gateway, inibuf, 16, 0 |
||
111 | mov edx, inibuf |
||
112 | call Ip2dword |
||
113 | eth.set_GATEWAY edx |
||
114 | |||
115 | invoke ini.get_str, path, str_ipconfig, str_dns, inibuf, 16, 0 |
||
116 | mov edx, inibuf |
||
117 | call Ip2dword |
||
118 | eth.set_DNS edx |
||
119 | |||
120 | invoke ini.get_str, path, str_ipconfig, str_subnet, inibuf, 16, 0 |
||
121 | mov edx, inibuf |
||
122 | call Ip2dword |
||
123 | eth.set_SUBNET edx |
||
124 | |||
125 | |||
126 | mcall -1 |
||
127 | |||
128 | |||
129 | skip_ini: |
||
130 | |||
131 | eth.check_port 68,eax ; Check if port 68 is available |
||
132 | cmp eax,1 |
||
133 | je @f |
||
134 | |||
135 | DEBUGF 1,"Port 68 is already in use!\n" |
||
136 | jmp close |
||
137 | |||
138 | @@: |
||
139 | eth.open_udp 68,67,-1,[socketNum] ; open socket (local,remote,ip,socket) |
||
140 | ; Setup the first msg we will send |
||
141 | mov byte [dhcpMsgType], 0x01 ; DHCP discover |
||
142 | mov dword [dhcpLease], esi ; esi is still -1 (-1 = forever) |
||
143 | |||
144 | mcall 26, 9 |
||
145 | imul eax,100 |
||
146 | mov [currTime],eax |
||
147 | |||
148 | buildRequest: ; Creates a DHCP request packet. |
||
149 | stdcall mem.Alloc, BUFFER |
||
150 | mov [dhcpMsg], eax |
||
151 | test eax,eax |
||
152 | jz apipa |
||
153 | |||
154 | |||
155 | mov edi, eax |
||
156 | mov ecx,BUFFER |
||
157 | xor eax,eax |
||
158 | cld |
||
159 | rep stosb |
||
160 | |||
161 | mov edx,[dhcpMsg] |
||
162 | |||
163 | mov [edx], byte 0x01 ; Boot request |
||
164 | mov [edx+1], byte 0x01 ; Ethernet |
||
165 | mov [edx+2], byte 0x06 ; Ethernet h/w len |
||
166 | mov [edx+4], dword 0x11223344 ; xid |
||
167 | mov eax,[currTime] |
||
168 | mov [edx+8], eax ; secs, our uptime |
||
169 | mov [edx+10], byte 0x80 ; broadcast flag set |
||
170 | mov eax, dword [MAC] ; first 4 bytes of MAC |
||
171 | mov [edx+28],dword eax |
||
172 | mov ax, word [MAC+4] ; last 2 bytes of MAC |
||
173 | mov [edx+32],word ax |
||
174 | mov [edx+236], dword 0x63538263 ; magic number |
||
175 | mov [edx+240], word 0x0135 ; option DHCP msg type |
||
176 | mov al, [dhcpMsgType] |
||
177 | mov [edx+240+2], al |
||
178 | mov [edx+240+3], word 0x0433 ; option Lease time = infinity |
||
179 | mov eax, [dhcpLease] |
||
180 | mov [edx+240+5], eax |
||
181 | mov [edx+240+9], word 0x0432 ; option requested IP address |
||
182 | mov eax, [dhcpClientIP] |
||
183 | mov [edx+240+11], eax |
||
184 | mov [edx+240+15], word 0x0437 ; option request list |
||
185 | mov [edx+240+17], dword 0x0f060301 |
||
186 | |||
187 | cmp [dhcpMsgType], byte 0x01 ; Check which msg we are sending |
||
188 | jne request_options |
||
189 | |||
190 | mov [edx+240+21], byte 0xff ; "Discover" options |
||
191 | |||
192 | mov [dhcpMsgLen], dword 262 ; end of options marker |
||
193 | jmp send_request |
||
194 | |||
195 | request_options: |
||
196 | mov [edx+240+21], word 0x0436 ; server IP |
||
197 | mov eax, [dhcpServerIP] |
||
198 | mov [edx+240+23], eax |
||
199 | |||
200 | mov [edx+240+27], byte 0xff ; end of options marker |
||
201 | |||
202 | mov [dhcpMsgLen], dword 268 |
||
203 | |||
204 | send_request: |
||
205 | eth.write_udp [socketNum],[dhcpMsgLen],[dhcpMsg] ; write to socket ( send broadcast request ) |
||
206 | |||
207 | mov eax, [dhcpMsg] ; Setup the DHCP buffer to receive response |
||
208 | mov [dhcpMsgLen], eax ; Used as a pointer to the data |
||
209 | |||
210 | mov eax,23 ; wait here for event (data from remote) |
||
211 | mov ebx,TIMEOUT*10 |
||
212 | mcall |
||
213 | |||
214 | eth.poll [socketNum] |
||
215 | |||
216 | test eax,eax |
||
217 | jnz read_data |
||
218 | |||
219 | DEBUGF 2,"Timeout!\n" |
||
220 | eth.close_udp [socketNum] |
||
221 | jmp apipa ; no server found, lets try zeroconf |
||
222 | |||
223 | |||
224 | read_data: ; we have data - this will be the response |
||
225 | eth.read_packet [socketNum], [dhcpMsg], BUFFER |
||
226 | mov [dhcpMsgLen], eax |
||
227 | eth.close_udp [socketNum] |
||
228 | |||
229 | ; depending on which msg we sent, handle the response |
||
230 | ; accordingly. |
||
231 | ; If the response is to a dhcp discover, then: |
||
232 | ; 1) If response is DHCP OFFER then |
||
233 | ; 1.1) record server IP, lease time & IP address. |
||
234 | ; 1.2) send a request packet |
||
235 | ; If the response is to a dhcp request, then: |
||
236 | ; 1) If the response is DHCP ACK then |
||
237 | ; 1.1) extract the DNS & subnet fields. Set them in the stack |
||
238 | |||
239 | cmp [dhcpMsgType], byte 0x01 ; did we send a discover? |
||
240 | je discover |
||
241 | cmp [dhcpMsgType], byte 0x03 ; did we send a request? |
||
242 | je request |
||
243 | |||
244 | jmp close ; really unknown, what we did |
||
245 | |||
246 | discover: |
||
247 | call parseResponse |
||
248 | |||
249 | cmp [dhcpMsgType], byte 0x02 ; Was the response an offer? |
||
250 | jne apipa ; NO - so we do zeroconf |
||
251 | mov [dhcpMsgType], byte 0x03 ; DHCP request |
||
252 | jmp buildRequest |
||
253 | |||
254 | request: |
||
255 | call parseResponse |
||
256 | |||
257 | cmp [dhcpMsgType], byte 0x05 ; Was the response an ACK? It should be |
||
258 | jne apipa ; NO - so we do zeroconf |
||
259 | |||
260 | jmp close |
||
261 | |||
262 | ;*************************************************************************** |
||
263 | ; Function |
||
264 | ; parseResponse |
||
265 | ; |
||
266 | ; Description |
||
267 | ; extracts the fields ( client IP address and options ) from |
||
268 | ; a DHCP response |
||
269 | ; The values go into |
||
270 | ; dhcpMsgType,dhcpLease,dhcpClientIP,dhcpServerIP, |
||
271 | ; dhcpDNSIP, dhcpSubnet |
||
272 | ; The message is stored in dhcpMsg |
||
273 | ; |
||
274 | ;*************************************************************************** |
||
275 | parseResponse: |
||
276 | DEBUGF 1,"Data received, parsing response\n" |
||
277 | mov edx, [dhcpMsg] |
||
278 | |||
279 | pusha |
||
280 | eth.set_IP [edx+16] |
||
281 | mov eax,[edx] |
||
282 | mov [dhcpClientIP],eax |
||
283 | DEBUGF 1,"Client: %u.%u.%u.%u\n",[edx+16]:1,[edx+17]:1,[edx+18]:1,[edx+19]:1 |
||
284 | popa |
||
285 | |||
286 | add edx, 240 ; Point to first option |
||
287 | xor ecx, ecx |
||
288 | |||
289 | next_option: |
||
290 | add edx, ecx |
||
291 | pr001: |
||
292 | mov al, [edx] |
||
293 | cmp al, 0xff ; End of options? |
||
294 | je pr_exit |
||
295 | |||
296 | cmp al, dhcp_msg_type ; Msg type is a single byte option |
||
297 | jne @f |
||
298 | |||
299 | mov al, [edx+2] |
||
300 | mov [dhcpMsgType], al |
||
301 | add edx, 3 |
||
302 | jmp pr001 ; Get next option |
||
303 | |||
304 | @@: |
||
305 | inc edx |
||
306 | movzx ecx, byte [edx] |
||
307 | inc edx ; point to data |
||
308 | |||
309 | cmp al, dhcp_dhcp_server_id ; server ip |
||
310 | jne @f |
||
311 | mov eax, [edx] |
||
312 | mov [dhcpServerIP], eax |
||
313 | DEBUGF 1,"Server: %u.%u.%u.%u\n",[edx]:1,[edx+1]:1,[edx+2]:1,[edx+3]:1 |
||
314 | jmp next_option |
||
315 | |||
316 | @@: |
||
317 | cmp al, dhcp_address_time |
||
318 | jne @f |
||
319 | |||
320 | pusha |
||
321 | mov eax,[edx] |
||
322 | bswap eax |
||
323 | mov [dhcpLease],eax |
||
324 | DEBUGF 1,"lease: %d\n",eax |
||
325 | popa |
||
326 | |||
327 | jmp next_option |
||
328 | |||
329 | @@: |
||
330 | cmp al, dhcp_subnet_mask |
||
331 | jne @f |
||
332 | |||
333 | pusha |
||
334 | eth.set_SUBNET [edx] |
||
335 | DEBUGF 1,"Subnet: %u.%u.%u.%u\n",[edx]:1,[edx+1]:1,[edx+2]:1,[edx+3]:1 |
||
336 | popa |
||
337 | |||
338 | jmp next_option |
||
339 | |||
340 | @@: |
||
341 | cmp al, dhcp_router |
||
342 | jne @f |
||
343 | |||
344 | pusha |
||
345 | eth.set_GATEWAY [edx] |
||
346 | DEBUGF 1,"Gateway: %u.%u.%u.%u\n",[edx]:1,[edx+1]:1,[edx+2]:1,[edx+3]:1 |
||
347 | popa |
||
348 | |||
349 | jmp next_option |
||
350 | |||
351 | |||
352 | @@: |
||
353 | cmp al, dhcp_domain_server |
||
354 | jne next_option |
||
355 | |||
356 | pusha |
||
357 | eth.set_DNS [edx] |
||
358 | DEBUGF 1,"DNS: %u.%u.%u.%u\n",[edx]:1,[edx+1]:1,[edx+2]:1,[edx+3]:1 |
||
359 | popa |
||
360 | |||
361 | jmp next_option |
||
362 | |||
363 | pr_exit: |
||
364 | |||
365 | ; DEBUGF 1,"Sending ARP announce\n" |
||
366 | ; eth.ARP_ANNOUNCE [dhcpClientIP] ; send an ARP announce packet |
||
367 | |||
368 | jmp close |
||
369 | |||
370 | apipa: |
||
371 | stdcall mem.Free, [dhcpMsg] |
||
372 | |||
373 | link_local: |
||
374 | call random |
||
375 | mov ecx,0xfea9 ; IP 169.254.0.0 link local net, see RFC3927 |
||
376 | mov cx,ax |
||
377 | eth.set_IP ecx ; mask is 255.255.0.0 |
||
378 | DEBUGF 1,"Link Local IP assinged: 169.254.%u.%u\n",[generator+2]:1,[generator+3]:1 |
||
379 | eth.set_SUBNET 0xffff |
||
380 | eth.set_GATEWAY 0x0 |
||
381 | eth.set_DNS 0x0 |
||
382 | |||
383 | mcall 5, PROBE_WAIT*100 |
||
384 | |||
385 | xor esi,esi |
||
386 | probe_loop: |
||
387 | call random ; create a pseudo random number in eax (seeded by MAC) |
||
388 | |||
389 | cmp al,PROBE_MIN*100 ; check if al is bigger then PROBE_MIN |
||
390 | jge @f ; all ok |
||
391 | add al,(PROBE_MAX-PROBE_MIN)*100 ; al is too small |
||
392 | @@: |
||
393 | |||
394 | cmp al,PROBE_MAX*100 |
||
395 | jle @f |
||
396 | sub al,(PROBE_MAX-PROBE_MIN)*100 |
||
397 | @@: |
||
398 | |||
399 | movzx ebx,al |
||
400 | DEBUGF 1,"Waiting %u0ms\n",ebx |
||
401 | mcall 5 |
||
402 | |||
403 | DEBUGF 1,"Sending Probe\n" |
||
404 | ; eth.ARP_PROBE MAC |
||
405 | inc esi |
||
406 | |||
407 | cmp esi,PROBE_NUM |
||
408 | jl probe_loop |
||
409 | |||
410 | ; now we wait further ANNOUNCE_WAIT seconds and send ANNOUNCE_NUM ARP announces. If any other host has assingned |
||
411 | ; IP within this time, we should create another adress, that have to be done later |
||
412 | |||
413 | DEBUGF 1,"Waiting %us\n",ANNOUNCE_WAIT |
||
414 | mcall 5, ANNOUNCE_WAIT*100 |
||
415 | xor esi,esi |
||
416 | announce_loop: |
||
417 | |||
418 | DEBUGF 1,"Sending Announce\n" |
||
419 | ; eth.ARP_ANNOUNCE MAC |
||
420 | |||
421 | inc esi |
||
422 | cmp esi,ANNOUNCE_NUM |
||
423 | je @f |
||
424 | |||
425 | DEBUGF 1,"Waiting %us\n",ANNOUNCE_INTERVAL |
||
426 | mcall 5, ANNOUNCE_INTERVAL*100 |
||
427 | jmp announce_loop |
||
428 | @@: |
||
429 | ; we should, instead of closing, detect ARP conflicts and detect if cable keeps connected ;) |
||
430 | |||
431 | close: |
||
432 | mcall -1 |
||
433 | |||
434 | |||
435 | random: ; Pseudo random actually |
||
436 | |||
437 | mov eax,[generator] |
||
438 | add eax,-43ab45b5h |
||
439 | ror eax,1 |
||
440 | bswap eax |
||
441 | xor eax,dword[MAC] |
||
442 | ror eax,1 |
||
443 | xor eax,dword[MAC+2] |
||
444 | mov [generator],eax |
||
445 | |||
446 | ret |
||
447 | |||
448 | ; DATA AREA |
||
449 | |||
450 | align 16 |
||
451 | @IMPORT: |
||
452 | |||
453 | library \ |
||
454 | libini,'libini.obj' |
||
455 | |||
456 | import libini, \ |
||
457 | ini.get_str,'ini.get_str',\ |
||
458 | ini.set_str,'ini.set_str',\ |
||
459 | ini.get_int,'ini.get_int',\ |
||
460 | ini.set_int,'ini.set_int',\ |
||
461 | ini.enum_sections,'ini.enum_sections',\ |
||
462 | ini.enum_keys,'ini.enum_keys' |
||
463 | |||
464 | include_debug_strings |
||
465 | |||
466 | filename db '.ini',0 |
||
467 | str_ip db 'ip',0 |
||
468 | str_subnet db 'subnet',0 |
||
469 | str_gateway db 'gateway',0 |
||
470 | str_dns db 'dns',0 |
||
471 | str_ipconfig db 'ipconfig',0 |
||
472 | str_type db 'type',0 |
||
473 | |||
474 | |||
475 | IM_END: |
||
476 | |||
477 | inibuf rb 16 |
||
478 | |||
479 | dhcpClientIP dd ? |
||
480 | dhcpMsgType db ? |
||
481 | dhcpLease dd ? |
||
482 | dhcpServerIP dd ? |
||
483 | |||
484 | dhcpMsgLen dd ? |
||
485 | socketNum dd ? |
||
486 | |||
487 | MAC dp ? |
||
488 | currTime dd ? |
||
489 | renewTime dd ? |
||
490 | generator dd ? |
||
491 | |||
492 | dhcpMsg dd ? |
||
493 | |||
494 | I_END_2: |
||
495 | |||
496 | path rb 1024+5 |
||
497 | |||
498 | I_END: |