# PaCkAgE DaTaStReAm botikkey 1 284 # end of header 07070119ffb0c2000081a400000000000000000000000153c778d10000016c0000012e00000002ffffffffffffffff0000001100000000botikkey/pkginfoARCH=all PKG=botikkey NAME=botikkey client daemon VERSION=0.7.20 CLASSES=none BASEDIR=/ CATEGORY=system DESC=Botikkey is a system providing authentication of LAN users. It is targetted at untrusted LAN environment and prevents network abuse based on IP/MAC address spoofing. VENDOR=Anton Kuznetsov, Botik Technologies Ltd. PSTAMP=Anton Kuznetsov EMAIL=wissATbk.ru 07070119f8b014000081a400000000000000000000000153c778d1000002c30000012e00000002ffffffffffffffff0000001000000000botikkey/pkgmap: 1 284 1 d none lib 0755 root sys 1 d none lib/svc 0755 root sys 1 d none lib/svc/method 0755 root sys 1 f none lib/svc/method/botikkey 0755 root bin 1903 1969 1250369617 1 i pkginfo 364 31983 1405581521 1 i postinstall 100 9324 1249384368 1 i preremove 101 9284 1249385691 1 d none usr 0755 root sys 1 d none usr/bin 0755 root sys 1 f none usr/bin/botikkey 0755 root bin 783 58513 1405581507 1 f none usr/bin/botikkey.pl 0755 root bin 7020 37517 1249383651 1 d none usr/lib 0755 root sys 1 d none usr/lib/perl5 0755 root sys 1 d none usr/lib/perl5/Botikkey 0755 root sys 1 d none usr/lib/perl5/Botikkey/Digest 0755 root sys 1 f none usr/lib/perl5/Botikkey/Digest/MD5.pm 0755 root bin 329 26483 1249383686 07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000b00000000TRAILER!!!07070119ffb0c2000081a400000000000000000000000153c778d10000016c0000012e00000002ffffffffffffffff0000000800000000pkginfoARCH=all PKG=botikkey NAME=botikkey client daemon VERSION=0.7.20 CLASSES=none BASEDIR=/ CATEGORY=system DESC=Botikkey is a system providing authentication of LAN users. It is targetted at untrusted LAN environment and prevents network abuse based on IP/MAC address spoofing. VENDOR=Anton Kuznetsov, Botik Technologies Ltd. PSTAMP=Anton Kuznetsov EMAIL=wissATbk.ru 07070119f8b014000081a400000000000000000000000153c778d1000002c30000012e00000002ffffffffffffffff0000000700000000pkgmap: 1 284 1 d none lib 0755 root sys 1 d none lib/svc 0755 root sys 1 d none lib/svc/method 0755 root sys 1 f none lib/svc/method/botikkey 0755 root bin 1903 1969 1250369617 1 i pkginfo 364 31983 1405581521 1 i postinstall 100 9324 1249384368 1 i preremove 101 9284 1249385691 1 d none usr 0755 root sys 1 d none usr/bin 0755 root sys 1 f none usr/bin/botikkey 0755 root bin 783 58513 1405581507 1 f none usr/bin/botikkey.pl 0755 root bin 7020 37517 1249383651 1 d none usr/lib 0755 root sys 1 d none usr/lib/perl5 0755 root sys 1 d none usr/lib/perl5/Botikkey 0755 root sys 1 d none usr/lib/perl5/Botikkey/Digest 0755 root sys 1 f none usr/lib/perl5/Botikkey/Digest/MD5.pm 0755 root bin 329 26483 1249383686 0707011a06a150000041ed00000000000000000000000253c778d1000000000000012e00000002ffffffffffffffff0000000800000000install0707011a0ae4e3000081ed0000000000000000000000014a7817b0000000640000012e00000002ffffffffffffffff0000001400000000install/postinstall#!/bin/sh svccfg import /var/svc/manifest/network/botikkey.xml svcadm enable svc:/network/botikkey 07070119e69a7e000081ed0000000000000000000000014a781cdb000000650000012e00000002ffffffffffffffff0000001200000000install/preremove#!/bin/sh botikkey stop svcadm disable svc:/network/botikkey svccfg delete -f svc:/network/botikkey 07070119fd09d6000041ed00000000000000000000000453c778d1000000000000012e00000002ffffffffffffffff0000000600000000reloc07070119010875000041ed00000000000000000000000353c778d1000000000000012e00000002ffffffffffffffff0000000a00000000reloc/lib07070119e69b26000041ed00000000000000000000000353c778d1000000000000012e00000002ffffffffffffffff0000000e00000000reloc/lib/svc07070119fd099e000041ed00000000000000000000000253c778d1000000000000012e00000002ffffffffffffffff0000001500000000reloc/lib/svc/method0707011901b920000081ed0000000000000002000000014a8720510000076f0000012e00000002ffffffffffffffff0000001e00000000reloc/lib/svc/method/botikkey#!/sbin/sh # # Copyright 2009 Botik Technologies, Ltd. All rights reserved. # Use is subject to license terms. # #. /lib/svc/share/ipf_include.sh NAME=botikkey DESC="$NAME client daemon" BK_DAEMON="/usr/bin/$NAME.pl" PID="/var/run/$NAME.pid" D_M="WORLD" INFO="/tmp/botik.info" # BOTIKKEY="enter botikkey passphrase here"; export BOTIKKEY # Alternatively: BK_CONFIG=/etc/$NAME.conf if [ -s "${BK_CONFIG}" ]; then . ${BK_CONFIG} fi if [ -n "${SERVER}" ]; then OPTIONS="${OPTIONS} -s ${SERVER}" fi if [ -n "${PSWDFILE}" ]; then OPTIONS="${OPTIONS} -f ${PSWDFILE}" fi OPTIONS="${OPTIONS} -q" DAEMON="" BKCMD="${DAEMON} ${BK_DAEMON} -m ${D_M} ${OPTIONS}" test -x ${BK_DAEMON} || exit 1 case "$1" in 'start') if [ -f ${PID} ] then echo "${DESC} already started (delete ${PID} if not, and try again)" else echo "Starting ${DESC}" sleep 1 ${BKCMD} > /dev/null 2>&1 & fi ;; 'stop') if [ -f ${PID} ] then echo "Stopping ${DESC}" sleep 1 kill -TERM `cat ${PID}` rm -f ${PID} else echo "${DESC} is not running" fi ;; 'restart') echo "Restarting ${DESC}" if [ -f ${PID} ] then kill -TERM `cat ${PID}` rm -f ${PID} fi sleep 1 ${BKCMD} > /dev/null 2>&1 & ;; 'world') echo "World access for ${DESC}" kill -USR1 `cat ${PID}` ;; 'local') echo "Local access for ${DESC}" kill -USR2 `cat ${PID}` ;; 'info') if [ -f ${INFO} ] then echo "Abonent info:" cat ${INFO}; else echo "Abonent info not yet available." fi ;; 'status') svcs -p $NAME ;; *) echo "Usage: `basename $0` { start | stop | restart | world | local | info} {-s serverIP -f /path/to/password/file}" exit 1 ;; esac exit $? 07070119fb5e31000041ed00000000000000000000000453c778d1000000000000012e00000002ffffffffffffffff0000000a00000000reloc/usr0707011913c19d000041ed00000000000000000000000253c778d1000000000000012e00000002ffffffffffffffff0000000e00000000reloc/usr/bin07070119fb5f81000081ed00000000000000020000000153c778c30000030f0000012e00000002ffffffffffffffff0000001700000000reloc/usr/bin/botikkey#!/bin/sh svcname=botikkey conffile=/etc/$svcname.conf touch $conffile > /dev/null 2>&1 command=$1 shift > /dev/null 2>&1 while [ "$1" != "" ]; do case $1 in -f) shift > /dev/null 2>&1 if [ -n "$1" ]; then option="PSWDFILE=$1" res=`grep ${option} ${conffile}` if [ -z "$res" ]; then echo "${option}" >> ${conffile} fi fi ;; -s) shift > /dev/null 2>&1 if [ -n "$1" ]; then option="SERVER=$1" res=`grep ${option} ${conffile}` if [ -z "$res" ]; then echo "${option}" >> ${conffile} fi fi ;; -q) shift > /dev/null 2>&1 ;; -v) shift > /dev/null 2>&1 ;; *) shift > /dev/null 2>&1 echo "Syntax: botikkey -f /path/to/password/file [-s server IP]" ;; esac shift > /dev/null 2>&1 done sudo /lib/svc/method/${svcname} ${command} 07070119ff6451000081ed0000000000000002000000014a7814e300001b6c0000012e00000002ffffffffffffffff0000001a00000000reloc/usr/bin/botikkey.pl#!/usr/bin/perl # This is a reference "bare bones" implementation of botikkey client. # For windowing OSes, a Tcl/Tk implementation with numerous bells and # whistles is available. $botikkey_port = "12040"; $period = 60; $INFO="/tmp/botik.info"; $pidfile="/var/run/botikkey.pid"; use IO::Socket; BEGIN {push @INC, "/usr/lib/perl5/Botikkey";} use Digest::MD5 qw(md5_hex); use vars qw ($verbose $password $sock $bkserver $mode $newmode $sock); my $ipaddr_pat = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'; sub usage () { die ("Usage: botikkey [-m WORLD] [-s server] [-v][-q] [password]\n". "or botikkey [-m WORLD] [-s server] [-v][-q] -f password-file\n". "MODE can be changed via SIG_USR1, SIG_USR2, SIGHUP\n"); } sub parse_args () { while (defined ($_ = shift @ARGV)) { if (/^-v$/) { $verbose++; } elsif (/^-q$/) { $verbose = -1; } elsif (/^-f(.*)$/) { usage () if defined $password; my $file = $1 || shift @ARGV; open (F, $file) || die "$file: $!\n"; $password = ; chomp $password; close F; } elsif (/^-s(.*)$/) { usage () if defined $bkserver; $bkserver = $1 || shift @ARGV || usage (); } elsif (/^-m(.*)$/) { usage () if defined $mode; $mode = $1 || shift @ARGV || usage (); if ($mode !~ /^WORLD|LOCAL|NONE$/) { usage (); } } elsif (/^-/) { usage (); } else { usage () if defined $password; $password = $_; } } } sub query_password () { select STDERR; $| = 1; system "stty -echo"; print STDERR "Enter the password: "; $password = <>; chomp $password; print STDERR "\nOK\n"; system "stty echo"; select STDOUT; return $password; } sub on_sig_usr1 { $newmode = WORLD; warn "Got USR1, changed MODE to $newmode.\n" if $verbose; } sub on_sig_usr2 { $newmode = LOCAL; warn "Got USR2, changed MODE to $newmode.\n" if $verbose; } sub on_sig_hup { $newmode = NONE; warn "Got HUP, changed MODE to $newmode.\n" if $verbose; } sub on_sig_int { warn "Got SIGINT.\n" if $verbose; system "rm -f $pidfile"; exit 0; } sub on_sig_term { warn "Got SIGTERM.\n" if $verbose; system "rm -f $pidfile"; exit 0; } sub get_abon_info () { warn "Requesting abonent info...\n" if $verbose; $randstr = rand().rand().rand(); $random = md5_hex($randstr); $dpassword = md5_hex($password); $digest = md5_hex($random.$dpassword); $query = "type=botikkey&random=".$random."&digest=".$digest; $url = "https://informer.botik.ru/informer.fcgi?".$query; $res = `wget '$url' -T 10 --no-check-certificate -q -O -`; $out = ""; for (split /\n/,$res) { if (/^org:(.*)$/) { $out .= "Abonent: " . $1 . "\n"; } elsif (/^ip:(.*)$/) { $out .= "IP address: ". $1 . "\n"; } elsif (/^name:(.*)$/) { $out .= "Hostname: " . $1 . "\n"; } elsif (/^time:(.*)$/) { $out .= "Time: " . scalar localtime($1) . "\n"; } elsif (/^left:(.*)$/) { $out .= "Balance: " . $1 . " rub.\n"; } elsif (/^pb:(.*)$/) { $out .= "Blocking threshold: " . $1 . " rub.\n"; } elsif (/^tariff:(.*)$/) { if ($1 eq "") { $t = "basic"; } else { $t = $1; } $out .= "Tariff: " . $t . "\n"; } elsif (/^nexttariff:(.*)$/) { if ($1 eq "") { $t = "basic"; } else { $t = $1; } $out .= "Next tariff: " . $t . "\n"; } elsif (/^tarifftime:(.*)$/) { if ($1 ne "") { $out .= "Tariff ends at: " . scalar localtime($1) . "\n"; } } elsif (/^fromcache:(.*)$/) { # do not print this field } else { $out .= $_ . "\n"; } } open F, ">", $INFO; print F $out; close F; } sub main () { parse_args (); $password = $ENV{BOTIKKEY} unless defined $password; #$password = query_password () unless defined $password; die "Please specify BKey password (or -f /pswd/file) in command line" unless defined $password; $dpassword = md5_hex ($password); $mode = WORLD unless $mode; system "echo $$ > $pidfile"; $SIG{PIPE} = 'IGNORE'; $SIG{HUP} = \&on_sig_hup; $SIG{USR1} = \&on_sig_usr1; $SIG{USR2} = \&on_sig_usr2; $SIG{INT} = \&on_sig_int; $SIG{TERM} = \&on_sig_term; $itime = time(); # don't wget right after the daemon start # Don't die if server closes the socket, reconnect instead reconnect: my $server = find_gateway (); if (! $server) { warn "No gateway found in routing table. Waiting...\n" if $verbose; sleep 30; goto reconnect; } $sock = IO::Socket::INET->new (Proto=>'tcp', PeerAddr=>$server, PeerPort=>$botikkey_port); if (!$sock) { warn "Couldn't connect to $server:$botikkey_port\n" if $verbose; } else { $sock->sockopt (SO_KEEPALIVE, 1); my $greeting = <$sock>; warn "Connected: $greeting" if $verbose; while (my $fromserver = <$sock>) { if ($newmode ne '') { $mode = $newmode; $newmode = ''; close $sock; goto reconnect; } if ($fromserver =~ /^CHALLENGE\s+(\S+)/) { my $challenge = $1; print STDERR scalar localtime, " Got challenge... " if $verbose; my $salt = rand; my $digest = md5_hex ($challenge.$salt.$mode.$dpassword); warn "md5_hex ($challenge $salt $mode $dpassword)" if $verbose > 1; my $ok = print $sock "RESPONSE $digest $salt $mode\r\n"; last if (! $ok); print STDERR "sent response... " if $verbose; my $reply = <$sock>; print STDERR "server replies: $reply" if $verbose; } elsif ($fromserver =~ /^MESSAGE\s+(.*)/) { my $message = $1; if (open F, "|wall") { print F "Botikkey message received:\n"; for (split m% // %, $message) { print F; } close F || warn "wall exited with code $?\n"; } } else { print $sock "Protocol violation\r\n"; warn "Protocol violation, closing socket\n"; last; } if (time() - $itime >= 300) { # fetching abonent info every 5 minutes get_abon_info (); $itime = time(); } } warn "Lost connection.\n" if $verbose; close $sock; } sleep 3; # be polite goto reconnect; } sub find_gateway { if (defined $bkserver) { return $bkserver; } open (F, "netstat -rn|") || die "netstat: $!"; for () { if (/^(0\.0\.0\.0|default)\s+($ipaddr_pat)/) { close F; return $2; } } die "Cannot find default route in kernel routing table\n"; } &main; exit 0; 0707011913c12d000041ed00000000000000000000000353c778d1000000000000012e00000002ffffffffffffffff0000000e00000000reloc/usr/lib07070119f71482000041ed00000000000000000000000353c778d1000000000000012e00000002ffffffffffffffff0000001400000000reloc/usr/lib/perl507070119f8b110000041ed00000000000000000000000353c778d1000000000000012e00000002ffffffffffffffff0000001d00000000reloc/usr/lib/perl5/Botikkey070701197ba1a6000041ed00000000000000000000000253c778d1000000000000012e00000002ffffffffffffffff0000002400000000reloc/usr/lib/perl5/Botikkey/Digest07070119ffb14e000081ed0000000000000002000000014a781506000001490000012e00000002ffffffffffffffff0000002b00000000reloc/usr/lib/perl5/Botikkey/Digest/MD5.pm# poor man's libdigest-md5-perl emulation using older libmd5-perl. # Useful for installing botikkey at the old (slink era) hosts. package Digest::MD5; use MD5; require Exporter; @ISA = qw(Exporter); @EXPORT_OK = qw(md5_hex); sub md5_hex { my ($arg) = shift; my $md5 = new MD5; return $md5->hexhash ($arg); } 1; 07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000b00000000TRAILER!!!