/*
 * Open AnyConnect (SSL + DTLS) client
 *
 * © 2008 David Woodhouse <dwmw2@infradead.org>
 *
 * Permission to use, copy, modify, and/or distribute this software
 * for any purpose with or without fee is hereby granted, provided
 * that the above copyright notice and this permission notice appear
 * in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
 * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
 * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <errno.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <unistd.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <fcntl.h>

#include <time.h>

/* We want it to be reproducible */
time_t time(time_t *t)
{
	time_t x = 0x3ab2d948;
	
	if (t) *t = x;
	
	return x;
}

int RAND_pseudo_bytes(char *buf, int len)
{
	memset(buf, 0x5a, len);
	return 1;
	
}
int RAND_bytes(char *buf, int len)
{
	memset(buf, 0x5b, len);
	return 1;
}

char master_secret[48];

#if 0 /* Test case recorded when _working_ */
char session_id[] = {
	0x60, 0x1E, 0xF8, 0x4A, 0xB7, 0x93, 0x48, 0xBB,
	0x4A, 0xF9, 0x98, 0x40, 0x5E, 0x89, 0xA5, 0x8A,
	0xD7, 0xC6, 0x14, 0x7A, 0xCE, 0x62, 0x4D, 0xEB,
	0xB3, 0x8D, 0x15, 0x42, 0x87, 0x62, 0xD9, 0x07
};

unsigned char verify_request[] = {
	0x16, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
	0x00, 0x00, 0x00, 0x00, 0x0f, 0x03, 0x00, 0x00,
	0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
	0x03, 0x01, 0x00, 0x00
};

unsigned char server_hello[] = {
	0x16, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
	0x00, 0x00, 0x01, 0x00, 0x52, 0x02, 0x00, 0x00,
	0x46, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x46, 0x01, 0x00, 0x48, 0xd9, 0xb2, 0xf2, 0x0f,
	0x9a, 0x91, 0x28, 0x56, 0x77, 0x36, 0xce, 0x1b,
	0x26, 0x6b, 0x9b, 0xcf, 0x77, 0x95, 0x20, 0xa6,
	0x67, 0x4d, 0x29, 0x62, 0x19, 0x69, 0xec, 0x0a,
	0xf3, 0x36, 0x34, 0x20, 0x60, 0x1e, 0xf8, 0x4a,
	0xb7, 0x93, 0x48, 0xbb, 0x4a, 0xf9, 0x98, 0x40,
	0x5e, 0x89, 0xa5, 0x8a, 0xd7, 0xc6, 0x14, 0x7a,
	0xce, 0x62, 0x4d, 0xeb, 0xb3, 0x8d, 0x15, 0x42,
	0x87, 0x62, 0xd9, 0x07, 0x00, 0x2f, 0x00, 0x14,
	0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x02, 0x00, 0x03, 0x01, 0x00, 0x02, 0x16,
	0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x00, 0x40, 0x0d, 0x9d, 0x2e, 0x90,
	0x9f, 0x80, 0xb6, 0x2c, 0x55, 0x24, 0x46, 0xa8,
	0xf4, 0xf7, 0xd3, 0x8e, 0x86, 0xac, 0x15, 0xf2,
	0xfe, 0x91, 0xc4, 0x2e, 0xce, 0x47, 0xbc, 0x23,
	0x0b, 0xa9, 0xc7, 0x36, 0x03, 0x07, 0xd8, 0xfc,
	0xcb, 0x10, 0x2f, 0xe5, 0xa0, 0xb8, 0x67, 0x6a,
	0xc1, 0xc2, 0xe9, 0xcd, 0xdd, 0xcb, 0x12, 0xdd,
	0x57, 0x95, 0xe1, 0xbb, 0x74, 0xac, 0x05, 0x00,
	0xea, 0xf8, 0x71, 0x59
};
#else 
/* This one was captured with OpenSSL 0.9.8e on the client side,
   which rejected the ServerHello. Yet it works fine with Cisco's
   build of the library */
   
char session_id[] = {
	0x60, 0x1E, 0xF8, 0x4A, 0xB7, 0x93, 0x48, 0xBB,
	0x4A, 0xF9, 0x98, 0x40, 0x5E, 0x89, 0xA5, 0x8A,
	0xD7, 0xC6, 0x14, 0x7A, 0xCE, 0x62, 0x4D, 0xEB,
	0xB3, 0x8D, 0x15, 0x42, 0x87, 0x62, 0xD9, 0x07 
};

unsigned char verify_request[] = {
	0x16, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x00, 0x00, 0x0f, 0x03, 0x00, 0x00,
	0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x03, 0x01, 0x00, 0x00
};

unsigned char server_hello[] = {
	0x16, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x01, 0x00, 0x52, 0x02, 0x00, 0x00,
	0x46, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x46, 0x01, 0x00, 0x48, 0xd9, 0xc9, 0xae, 0x12,
	0x1d, 0x7a, 0x84, 0x85, 0x4b, 0x0f, 0x2f, 0x75,
	0x09, 0xf3, 0x20, 0xd2, 0x0a, 0xf5, 0x4e, 0x82,
	0x9f, 0xb2, 0x60, 0x50, 0xda, 0x91, 0x34, 0x21,
	0xd9, 0x32, 0xc0, 0x20, 0x60, 0x1e, 0xf8, 0x4a,
	0xb7, 0x93, 0x48, 0xbb, 0x4a, 0xf9, 0x98, 0x40,
	0x5e, 0x89, 0xa5, 0x8a, 0xd7, 0xc6, 0x14, 0x7a,
	0xce, 0x62, 0x4d, 0xeb, 0xb3, 0x8d, 0x15, 0x42,
	0x87, 0x62, 0xd9, 0x07, 0x00, 0x2f, 0x00, 0x14,
	0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x02, 0x00, 0x03, 0x01, 0x00, 0x02, 0x16,
	0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
	0x00, 0x00, 0x00, 0x40, 0xf8, 0x31, 0xa0, 0x7c,
	0x83, 0xb3, 0x9e, 0x7d, 0xbb, 0x23, 0xee, 0x6c,
	0x41, 0xdb, 0x70, 0xc2, 0x60, 0x19, 0xc1, 0xc4,
	0x82, 0x57, 0x81, 0x52, 0x43, 0x78, 0xb4, 0x7b,
	0x7d, 0x5c, 0xd0, 0x57, 0xee, 0xa3, 0x5b, 0x6c,
	0xba, 0xa7, 0x8c, 0x2d, 0x76, 0x43, 0x3e, 0xa7,
	0x93, 0x2e, 0xbe, 0xba, 0xbe, 0x1f, 0x42, 0x1f,
	0x39, 0xb9, 0x40, 0x4e, 0x8a, 0xa1, 0xa0, 0x0b, 
	0x50, 0x3e, 0x99, 0x85
};
#endif
int dump_traffic = 0;
void hexdump(unsigned char *buf, int len)
{
        int i;

        for (i=0; i<len; i++) {
                if (!(i&15))
                        printf("\n%04x: ", i);
                printf("%02x ", buf[i]);
        }
        printf("\n");
}

void feed_responses(int fd)
{
	char buf[2000];
	int len;

	len = read(fd, buf, 2000);
	if (len < 0) {
		perror("read 1");
		exit(1);
	}
	if (dump_traffic) {
		printf("Received packet 1:");
		hexdump(buf, len);
	}
	
	len = write(fd, verify_request, sizeof(verify_request));
	if (dump_traffic)
		printf("Wrote %d bytes of Hello Verify\n", len);

	
	len = read(fd, buf, 2000);
	if (len < 0) {
		perror("read 2");
		exit(1);
	}
	if (dump_traffic) {
		printf("Received packet 2:");
		hexdump(buf, len);
	}
	
	len = write(fd, server_hello, sizeof(server_hello));
	if (dump_traffic)
		printf("Wrote %d bytes of Server Hello\n", len);


	len = read(fd, buf, 2000);
	if (len < 0) {
		perror("read 3");
		exit(1);
	}
	if (dump_traffic) {
		printf("Received packet 3:");
		hexdump(buf, len);
	}
}
extern SSL_CIPHER ssl3_ciphers[];

int main(void)
{
	int sockets[2];
	pid_t child_pid;
	int cipher;
        SSL_METHOD *dtls_method;
        SSL_CTX *dtls_ctx;
        SSL_SESSION *dtls_session;
        SSL_CIPHER *https_cipher;
        SSL *dtls_ssl;
        BIO *dtls_bio;
        int ret;
	int aes128_cipher;

	if (socketpair(AF_UNIX, SOCK_DGRAM, 0, sockets)) {
		perror("socketpair");
		return 1;
	}

	child_pid = fork();
	if (child_pid < 0) {
		perror("fork");
		return 1;
	}
	if (!child_pid) {
		close(sockets[1]);
		feed_responses(sockets[0]);
		printf("Child done.\n");
		exit(1);
	}
	close(sockets[0]);

	/* Not really very random. */
	RAND_bytes(master_secret, 48);

	/* Normally we go do an HTTPS exchange here with the server; we
	   tell it our master secret, and it gives us the session-id.
	   Then we "resume" a DTLS session... */
        SSL_library_init ();
        ERR_clear_error ();
        SSL_load_error_strings ();
        OpenSSL_add_all_algorithms ();

	dtls_method = DTLSv1_client_method();
	dtls_ctx = SSL_CTX_new(dtls_method);
	SSL_CTX_set_read_ahead(dtls_ctx, 1);

	dtls_ssl = SSL_new(dtls_ctx);
	SSL_set_connect_state(dtls_ssl);

	/* Normally we use the same cipher as the HTTPS session. */
//	https_cipher = SSL_get_current_cipher(vpninfo->https_ssl);

	while (ssl3_ciphers[aes128_cipher].id != 0x0300002f)
		aes128_cipher++;

	printf("Found %s cipher at %d\n", ssl3_ciphers[aes128_cipher].name,
	       aes128_cipher);

	SSL_set_cipher_list(dtls_ssl, "AES128-SHA");

	printf("SSL_SESSION is %d bytes\n", sizeof(*dtls_session));
	if (sizeof(*dtls_session) != 200) {
		printf("WARNING: The version of OpenSSL you're building against is\n");
		printf("not ABI-compatible with Cisco's build of libssl.0.9.8.\n");
	}

	dtls_session = SSL_SESSION_new();

	dtls_session->ssl_version = 0x100; //DTLS1_BAD_VER;
	
	dtls_session->master_key_length = sizeof(master_secret);
	memcpy(dtls_session->master_key, master_secret, sizeof(master_secret));

	dtls_session->session_id_length = sizeof(session_id);
	memcpy(dtls_session->session_id, session_id, sizeof(session_id));

	dtls_session->cipher = &ssl3_ciphers[aes128_cipher];
	dtls_session->cipher_id = 0x0300002f;

	if (!SSL_set_session(dtls_ssl, dtls_session)) {
		printf("SSL_set_session() failed.\n");
		return -EINVAL;
	}
	if (!SSL_CTX_add_session(dtls_ctx, dtls_session))
		printf("SSL_CTX_add_session() failed\n");


	dtls_bio = BIO_new_socket(sockets[1], BIO_NOCLOSE);
	SSL_set_bio(dtls_ssl, dtls_bio, dtls_bio);

	ret = SSL_do_handshake(dtls_ssl);
	
	if (ret != 1) {
		fprintf(stderr, "DTLS connection returned %d\n", ret);
		if (ret < 0)
			fprintf(stderr, "DTLS handshake error: %d\n", SSL_get_error(dtls_ssl, ret));
		ERR_print_errors_fp(stderr);
		SSL_free(dtls_ssl);
		SSL_CTX_free(dtls_ctx);
		close(sockets[1]);
		exit(1);
		
		return -EINVAL;
	}


	printf("Success\n");
	return 0;
}