4 * Copyright (C) 2008 Dave Hansen <dave@sr71.net>
6 * This software may be redistributed and/or modified under the terms of
7 * the GNU General Public License ("GPL") version 2 as published by the
8 * Free Software Foundation.
17 #include <sys/types.h>
22 #include "eyefi-config.h"
25 #define debug_printf(level, args...) do { \
26 if ((level) <= debug_level) \
27 fprintf(stderr, ## args); \
30 #define O_DIRECT 00040000 /* direct disk access hint */
39 #define PATHNAME_MAX 4096
40 char eyefi_mount[PATHNAME_MAX]; // PATH_MAX anyone?
41 static char *eyefi_file_name(enum eyefi_file file)
44 case REQC: return "reqc";
45 case REQM: return "reqm";
46 case RSPC: return "rspc";
47 case RSPM: return "rspm";
53 static char *eyefi_file_on(enum eyefi_file file, char *mnt)
55 char *filename = eyefi_file_name(file);
56 char *full = malloc(PATHNAME_MAX);
58 sprintf(&full[0], "%s/EyeFi/%s", mnt, filename);
59 debug_printf(4, "eyefile nr: %d on '%s' is: '%s'\n", file, mnt, &full[0]);
65 #define EYEFI_BUF_SIZE 16384
66 char unaligned_buf[BUFSZ*2];
70 * Just a few functions so that I can't easily forget about
75 } __attribute__((packed));
76 typedef struct __be32 be32;
79 * These two obviously need to get fixed for
80 * big endian machines.
82 u32 be32_to_u32(be32 src)
84 return swap_bytes(src.val);
86 be32 u32_to_be32(u32 src)
89 ret.val = swap_bytes(src);
93 void dumpbuf(const char *buffer, int bytesToWrite)
96 static char linebuf[500];
98 for (i=0; i < bytesToWrite; i += 16) {
99 char *tmpbuf = &linebuf[0];
100 unsigned long sum = 0;
102 #define lprintf(args...) do { \
103 tmpbuf += sprintf(tmpbuf, ## args);\
106 lprintf("[%03d]: ", i);
107 for (j=0; j < 16; j++) {
108 u8 c = ((unsigned char *)buffer)[i+j];
109 lprintf("%02x ", (unsigned int)c);
113 for (j=0; j < 16; j++) {
114 u8 c = ((unsigned char *)buffer)[i+j];
115 if (c >= 'a' && c <= 'z')
117 else if (c >= 'A' && c <= 'Z')
119 else if (c >= '0' && c <= '9')
121 else if (c >= 0x20 && c <= 127)
129 printf("%s", linebuf);
135 struct card_seq_num {
137 } __attribute__((packed));
139 void read_from(enum eyefi_file);
140 void write_to(enum eyefi_file, void *, int);
141 struct card_seq_num read_seq_from(enum eyefi_file file)
143 struct card_seq_num *ret;
150 * For O_DIRECT writes to files, we need
151 * to be 512 byte aligned on Linux, I think.
152 * So, just align this to something big
153 * and be done with it. FIXME :)
157 unsigned long addr = (unsigned long)&unaligned_buf[BUFSZ];
160 debug_printf(4, "buf: %p\n", buf);
161 debug_printf(4, "unaligned: %p\n", &unaligned_buf[0]);
164 struct card_seq_num seq;
167 * The real manager does this so we might
170 void zero_card_files(void)
172 write_to(REQM, buf, BUFSZ);
173 write_to(REQC, buf, BUFSZ);
174 write_to(RSPM, buf, BUFSZ);
175 write_to(RSPC, buf, BUFSZ);
185 if ((c >= 'A') && (c <= 'Z'))
193 if ((c >= '0') && (c <= '9'))
195 else if ((c >= 'a') && (c <= 'z'))
196 return (c - 'a') + 10;
197 debug_printf(5, "non-hex character: '%c'/'%c'\n", c, lc);
203 if ((o >= '0') && (o <= '7'))
208 int octal_esc_to_chr(char *input) {
211 int len = strlen(input);
213 //intf("%s('%s')\n", __func__, input);
214 if (input[0] != '\\')
219 for (i=1; i < len ; i++) {
222 int tmp = atoo(input[i]);
223 //intf("tmp: %d\n", tmp);
232 char *replace_escapes(char *str)
236 debug_printf(4, "%s(%s)\n", __func__, str);
237 for (i=0; i < strlen(str); i++) {
238 int esc = octal_esc_to_chr(&str[i]);
244 str[output++] = str[i];
247 debug_printf(4, "replaced escapes in: '%s' bytes of output: %d\n", str, output);
251 #define LINEBUFSZ 1024
252 char *locate_eyefi_mount(void)
254 char line[LINEBUFSZ];
255 FILE *mounts = fopen("/proc/mounts", "r");
264 if (strlen(eyefi_mount))
265 return &eyefi_mount[0];
267 while (fgets(&line[0], 1023, mounts)) {
269 read = sscanf(&line[0], "%s %s %s %s %d %d",
270 &dev[0], &mnt[0], &fs[0], &opt[0],
272 // only look at fat filesystems:
273 if (strcmp(fs, "msdos") && strcmp(fs, "vfat")) {
274 debug_printf(2, "fs at '%s' is not fat, skipping...\n", mnt);
277 // Linux's /proc/mounts has spaces like this \040
278 replace_escapes(&mnt[0]);
279 char *file = eyefi_file_on(REQM, &mnt[0]);
280 debug_printf(2, "looking for EyeFi file here: '%s'\n", file);
284 statret = stat(file, &statbuf);
287 debug_printf(2, "fs at: %s is not an Eye-Fi card, skipping...\n",
291 strcpy(&eyefi_mount[0], &mnt[0]);
292 debug_printf(1, "located EyeFi card at: '%s'\n", eyefi_mount);
296 if (strlen(eyefi_mount))
297 return &eyefi_mount[0];
307 debug_printf(2, "Initializing card...\n");
308 mnt = locate_eyefi_mount();
310 debug_printf(1, "unable to locate Eye-Fi card\n");
312 debug_printf(0, "please run with '-d5' option and report the output\n");
314 debug_printf(0, "----------------------------------------------\n");
315 debug_printf(0, "Debug information:\n");
316 system("cat /proc/mounts >&2");
323 seq = read_seq_from(RSPC);
326 debug_printf(2, "Done initializing card...\n");
329 static char *eyefi_file(enum eyefi_file file)
332 return eyefi_file_on(file, &eyefi_mount[0]);
335 void open_error(char *file)
337 fprintf(stderr, "unable to open '%s'\n", file);
338 fprintf(stderr, "Is the Eye-Fi card inserted and mounted at: %s ?\n", eyefi_mount);
339 fprintf(stderr, "Do you have write permissions to it?\n");
340 fprintf(stderr, "debug information:\n");
342 system("cat /proc/mounts >&2");
348 void read_from(enum eyefi_file __file)
355 char *file = eyefi_file(__file);
359 fd = open(file, O_RDONLY);
362 retcntl = fcntl(fd, F_SETFL, O_DIRECT);
367 ret = read(fd, buf, BUFSZ);
374 debug_printf(3, "read '%s': bytes: %d fcntl: %d\n", file, ret, retcntl);
375 for (i=0; i < BUFSZ; i++) {
376 c = ((char *)buf)[i];
383 // printf(" zeros: %d", zeros);
389 void write_to(enum eyefi_file __file, void *stuff, int len)
396 file = eyefi_file(__file);
400 if (debug_level > 3) {
401 debug_printf(3, "%s('%s', ..., %d)\n", __func__, file, len);
404 memset(buf, 0, BUFSZ);
405 memcpy(buf, stuff, len);
406 fd = open(file, O_RDWR|O_DIRECT|O_CREAT, 0600);
407 //ret = lseek(fd, 0, SEEK_SET);
412 ret = write(fd, buf, BUFSZ);
415 debug_printf(3, "wrote %d bytes to '%s' (string was %d bytes)\n", ret, file, len);
422 * Most of the eyefi strings are pascal-style with
423 * a length byte preceeding content. (Did pascal
424 * have just a byte for length or more??)
426 struct pascal_string {
429 } __attribute__((packed));
431 void print_pascal_string(struct pascal_string *str)
434 for (i = 0; i < str->length; i++)
435 printf("%c", str->value[i]);
439 * The 'o' command has several sub-commands:
441 enum card_info_subcommand {
446 UNKNOWN1 = 5, // Chris says these are
447 UNKNOWN2 = 6, // checksums
451 struct card_info_req {
454 } __attribute__((packed));
456 struct card_info_rsp_key {
457 struct pascal_string key;
464 } __attribute__((packed));
466 struct card_info_api_url {
467 struct pascal_string key;
470 struct card_info_log_len {
473 } __attribute__((packed));
475 #define write_struct(file, s) write_to((file), s, sizeof(*(s)))
477 void print_mac(struct mac_address *mac)
480 for (i=0; i < MAC_BYTES-1; i++) {
481 printf("%02x:", mac->mac[i]);
483 printf("%02x\n", mac->mac[i]);
488 //u32 tmpseq = be32_to_u32(seq.seq);
489 //seq.seq = u32_to_be32(tmpseq+1);
491 write_struct(REQC, &seq);
494 u32 current_seq(void)
499 void wait_for_response(void)
502 debug_printf(3, "waiting for response...\n");
504 for (i = 0; i < 50; i++) {
505 struct card_seq_num cardseq = read_seq_from(RSPC);
506 u32 rsp = cardseq.seq;
507 debug_printf(3, "read rsp code: %lx, looking for: %lx raw: %lx\n", rsp, current_seq(),
509 if (rsp == current_seq())
513 debug_printf(3, "got good seq, reading RSPM...\n");
515 debug_printf(3, "done reading RSPM\n");
517 struct byte_response {
530 char essid[ESSID_LEN];
531 signed char strength;
533 } __attribute__((packed));
535 struct scanned_net_list {
537 struct scanned_net nets[100];
538 } __attribute__((packed));
540 struct configured_net {
541 char essid[ESSID_LEN];
542 } __attribute__((packed));
544 struct configured_net_list {
546 struct configured_net nets[100];
547 } __attribute__((packed));
549 char *net_test_states[] = {
552 "verifying network key",
554 "testing connection to Eye-Fi server",
558 #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
560 char *net_test_state_name(u8 state)
562 int size = ARRAY_SIZE(net_test_states);
565 return net_test_states[state];
568 char *net_types[] = {
576 char *net_type_name(u8 type)
578 int size = ARRAY_SIZE(net_types);
581 return net_types[type];
584 #define WPA_KEY_BYTES 32
586 u8 key[WPA_KEY_BYTES];
587 } __attribute((packed));
589 #define WEP_KEY_BYTES 32
591 u8 key[WEP_KEY_BYTES];
592 } __attribute((packed));
600 } __attribute((packed));
606 char essid[ESSID_LEN];
607 struct network_key key;
608 } __attribute((packed));
611 * Take a string like "0ab1" and make it
612 * a series of bytes: { 0x0a, 0xb1 }
614 * @len is the strlen() of the ascii
616 * Destroys the original string.
618 char *convert_ascii_to_hex(char *ascii, int len)
622 fprintf(stderr, "%s() must be even number of bytes: %d\n",
626 for (i=0; i < len; i+=2) {
627 int high = atoh(ascii[i]);
628 int low = atoh(ascii[i+1]);
629 u8 byte = (high<<4 | low);
630 if (high < 0 || low < 0)
632 debug_printf(6, "high: %02x low: %02x, both: %02x\n", high, low, byte);
635 for (i=len/2; i < len; i++)
640 #define PASSPHRASE_PROG "wpa_passphrase"
642 struct wpa_key *make_wpa_key(char *essid, char *pass)
644 struct wpa_key *key = malloc(sizeof(*key));
646 if (strlen(pass) == WPA_KEY_BYTES*2) {
648 debug_printf(2, "Interpreting password as hex WPA key\n");
649 hex_pass = convert_ascii_to_hex(pass, WPA_KEY_BYTES*2);
652 memcpy(&key->key[0], pass, WPA_KEY_BYTES);
654 debug_printf(2, "Interpreting password as ASCII WPA key\n");
655 pbkdf2_sha1(pass, essid, strlen(essid), 4096,
656 &key->key[0], WPA_KEY_BYTES);
661 void card_info_cmd(enum card_info_subcommand cmd)
663 struct card_info_req cir;
665 cir.subcommand = cmd;
667 write_struct(REQM, &cir);
671 u32 fetch_log_length(void)
673 card_info_cmd(LOG_LEN);
674 struct card_info_log_len *loglen = buf;
675 return be32_to_u32(loglen->val);
678 void print_log_len(void)
680 u32 len = fetch_log_length();
681 printf("log len: %08lx\n", len);
684 void print_card_mac(void)
686 debug_printf(2, "%s()\n", __func__);
687 card_info_cmd(MAC_ADDRESS);
688 struct mac_address *mac = buf;
689 assert(mac->length == MAC_BYTES);
690 printf("card mac address: ");
694 void print_card_key(void)
696 debug_printf(2, "%s()\n", __func__);
697 card_info_cmd(CARD_KEY);
698 struct card_info_rsp_key *foo = buf;
699 printf("card key (len: %d): '", foo->key.length);
700 print_pascal_string(&foo->key);
704 struct noarg_request {
708 void issue_noarg_command(u8 cmd)
710 struct noarg_request req;
712 write_struct(REQM, &req);
716 void scan_print_nets(void)
720 debug_printf(2, "%s()\n", __func__);
721 issue_noarg_command('g');
722 struct scanned_net_list *scanned = buf;
723 if (scanned->nr == 0) {
724 printf("unable to detect any wireless networks\n");
727 printf("Scanned wireless networks:\n");
728 for (i=0; i < scanned->nr; i++) {
729 struct scanned_net *net = &scanned->nets[i];
730 printf("'%s' type(%d): %s, strength: %d\n", net->essid,
732 net_type_name(net->type),
737 void print_configured_nets(void)
740 struct configured_net_list *configured;
742 debug_printf(2, "%s()\n", __func__);
743 issue_noarg_command('l');
745 if (configured->nr == 0) {
746 printf("No wireless networks configured on card\n");
749 printf("configured wireless networks:\n");
750 for (i=0; i < configured->nr; i++) {
751 struct configured_net *net = &configured->nets[i];
752 printf("'%s'\n", net->essid);
756 void reboot_card(void)
758 debug_printf(2, "%s()\n", __func__);
759 issue_noarg_command('b');
762 void copy_wep_key(struct wep_key *dst, struct wep_key *src)
764 memcpy(&dst->key, &src->key, sizeof(*dst));
767 void copy_wpa_key(struct wpa_key *dst, struct wpa_key *src)
769 memcpy(&dst->key, &src->key, sizeof(*dst));
772 void network_action(char cmd, char *essid, char *wpa_ascii)
774 struct net_request nr;
775 memset(&nr, 0, sizeof(nr));
778 strcpy(&nr.essid[0], essid);
779 nr.essid_len = strlen(essid);
780 struct wpa_key *wpakey;
782 wpakey = make_wpa_key(essid, wpa_ascii);
783 nr.key.len = sizeof(*wpakey);
784 copy_wpa_key(&nr.key.wpa, wpakey);
786 write_struct(REQM, &nr);
790 void add_network(char *essid, char *wpa_ascii)
792 debug_printf(2, "%s()\n", __func__);
793 network_action('a', essid, wpa_ascii);
796 void remove_network(char *essid)
798 debug_printf(2, "%s()\n", __func__);
799 network_action('d', essid, NULL);
802 int try_connection_to(char *essid, char *wpa_ascii)
807 char *type = net_type_name(WPA);
809 type = net_type_name(UNSECURED);
810 printf("trying to connect to %s network: '%s'", type, essid);
812 printf(" with passphrase: '%s'", wpa_ascii);
816 network_action('t', essid, wpa_ascii);
820 for (i=0; i < 200; i++) {
821 struct byte_response *r;
822 issue_noarg_command('s');
825 char *state = net_test_state_name(rsp);
826 if (rsp == last_rsp) {
831 printf("\nTesting connecion to '%s' (%d): %s", essid, rsp, state);
835 if (!strcmp("success", state)) {
839 if (!strcmp("not scanning", state))
841 if (!strcmp("unknown", state))
846 printf("Succeeded connecting to: '%s'\n", essid);
848 printf("Unable to connect to: '%s' (final state: %d/'%s')\n", essid,
849 rsp, net_test_state_name(rsp));
854 struct fetch_log_cmd {
857 } __attribute__((packed));
860 * When you ask for the log at offset 0x0, you
861 * get back 8 bytes of offsets into the rest of
864 struct first_log_response {
867 u8 data[EYEFI_BUF_SIZE-8];
868 } __attribute__((packed));
870 struct rest_log_response {
871 u8 data[EYEFI_BUF_SIZE];
872 } __attribute__((packed));
874 unsigned char *get_log_at_offset(u32 offset)
876 struct fetch_log_cmd cmd;
878 cmd.offset = u32_to_be32(offset);
880 debug_printf(2, "getting log at offset: %08lx\n", offset);
881 write_struct(REQM, &cmd);
892 u32 log_size = fetch_log_length();
893 char *resbuf = malloc(log_size);
895 int nr_bufs_per_log = log_size/EYEFI_BUF_SIZE;
896 for (i = 0; i < log_size/EYEFI_BUF_SIZE; i++) {
897 debug_printf(1, "fetching EyeFi card log part %d/%d...",
898 i+1, nr_bufs_per_log);
900 get_log_at_offset(EYEFI_BUF_SIZE*i);
901 debug_printf(1, "done\n");
905 struct first_log_response *log = buf;
906 log_end = be32_to_u32(log->log_end);
907 log_start = be32_to_u32(log->log_start);
908 debug_printf(2, "log end: 0x%04lx\n", log_end);
909 debug_printf(2, "log start: 0x%04lx\n", log_start);
910 log_data = &log->data[0];
911 log_size = ARRAY_SIZE(log->data);
913 struct rest_log_response *log = buf;
914 log_data = &log->data[0];
915 log_size = ARRAY_SIZE(log->data);
917 debug_printf(3, "writing %ld bytes to resbuf[%d]\n",
918 log_size, total_bytes);
919 memcpy(&resbuf[total_bytes], log_data, log_size);
920 total_bytes += log_size;
922 // The last byte *should* be a null, and the
923 // official software does not print it.
924 for (i = 0; i < total_bytes-1; i++) {
925 int offset = (log_start+i)%total_bytes;
926 char c = resbuf[offset];
927 // the official software converts UNIX to DOS-style
928 // line breaks, so we'll do the same
934 // just some simple sanity checking to make sure what
935 // we are fetching looks valid
936 int null_bytes_left = 20;
937 if (resbuf[log_end] != 0) {
938 debug_printf(2, "error: unexpected last byte (%ld/0x%lx) of log: %02x\n",
939 log_end, log_end, resbuf[log_end]);
940 for (i=0; i<log_size; i++) {
943 if (null_bytes_left <= 0)
946 debug_printf(2, "null byte %d\n", i);
956 printf(" eyefitest [OPTIONS]\n");
957 printf(" -a ESSID add network (implies test unless --force)\n");
958 printf(" -t ESSID test network\n");
959 printf(" -p KEY set WPA key for add/test\n");
960 printf(" -r ESSID remove network\n");
961 printf(" -s scan for networks\n");
962 printf(" -c list configured networks\n");
963 printf(" -b reboot card\n");
964 printf(" -d level set debugging level (default: 1)\n");
965 printf(" -k print card unique key\n");
966 printf(" -l dump card log\n");
967 printf(" -m print card mac\n");
971 int main(int argc, char **argv)
976 debug_printf(3, "%s starting...\n", argv[0]);
978 //static int passed_wep = 0;
979 //static int passed_wpa = 0;
980 static int force = 0;
981 static struct option long_options[] = {
982 //{"wep", 'x', &passed_wep, 1},
983 //{"wpa", 'y', &passed_wpa, 1},
984 {"force", 0, &force, 1},
985 {"help", 'h', NULL, 1},
992 char network_action = 0;
993 debug_printf(3, "about to parse arguments\n");
994 while ((c = getopt_long_only(argc, argv, "a:bcd:klmp:r:st:",
995 &long_options[0], &option_index)) != -1) {
996 debug_printf(3, "argument: '%c' %d optarg: '%s'\n", c, c, optarg);
999 // was a long argument
1011 print_configured_nets();
1014 debug_level = atoi(optarg);
1015 fprintf(stderr, "set debug level to: %d\n", debug_level);
1038 debug_printf(3, "after arguments essid: '%s' passwd: '%s'\n", essid, passwd);
1039 if (network_action && essid) {
1042 switch (network_action) {
1044 ret = try_connection_to(essid, passwd);
1048 ret = try_connection_to(essid, passwd);
1050 debug_printf(1, "forced: skipping network test\n");
1053 printf("Error connecting to network '%s', not adding.\n", essid);
1054 printf("use --force to override\n");
1057 add_network(essid, passwd);
1060 remove_network(essid);