# # Copyright (C) 2008-2011 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. # include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/image.mk define imgname $(BIN_DIR)/$(IMG_PREFIX)-$(2)-$(1) endef define sysupname $(call imgname,$(1),$(2))-sysupgrade.bin endef VMLINUX:=$(IMG_PREFIX)-vmlinux UIMAGE:=$(IMG_PREFIX)-uImage define Image/Build/Initramfs $(call Image/Build/Profile/$(PROFILE),initramfs) endef DEVICE_VARS += DTS loadaddr-y := 0x80000000 loadaddr-$(CONFIG_TARGET_ramips_rt288x) := 0x88000000 loadaddr-$(CONFIG_TARGET_ramips_mt7621) := 0x80001000 KERNEL_LOADADDR := $(loadaddr-y) KERNEL_DTB = kernel-bin | patch-dtb | lzma define Device/Default KERNEL := $(KERNEL_DTB) | uImage lzma IMAGES := sysupgrade.bin IMAGE_SIZE := $(ralink_default_fw_size_8M) IMAGE/sysupgrade.bin := append-kernel | append-rootfs | pad-rootfs | check-size $$$$(IMAGE_SIZE) endef define Build/patch-dtb $(LINUX_DIR)/scripts/dtc/dtc -O dtb -o $@.dtb ../dts/$(DTS).dts $(STAGING_DIR_HOST)/bin/patch-dtb $@ $@.dtb endef define Build/trx $(STAGING_DIR_HOST)/bin/trx \ -o $@ \ -m $(IMAGE_SIZE) \ -f $(word 1,$^) \ -a 4 -f $(word 2,$^) endef define Build/seama $(STAGING_DIR_HOST)/bin/seama -i $@ $(1) mv $@.seama $@ endef define Build/seama-seal $(call Build/seama,-s $@.seama $(1)) endef define Build/relocate-kernel ( \ dd if=$(KDIR)/loader.bin bs=32 conv=sync && \ perl -e '@s = stat("$@"); print pack("V", @s[7])' && \ cat $@ \ ) > $@.new mv $@.new $@ endef define MkCombineduImage $(call PatchKernelLzma,$(2),$(3)) if [ `stat -c%s "$(KDIR)/vmlinux-$(2).bin.lzma"` -gt `expr $(4) - 64` ]; then \ echo "Warning: $(KDIR)/vmlinux-$(2).bin.lzma is too big" >&2; \ else if [ `stat -c%s "$(KDIR)/root.$(1)"` -gt $(5) ]; then \ echo "Warning: $(KDIR)/root.$(1) is too big" >&2; \ else \ ( dd if=$(KDIR)/vmlinux-$(2).bin.lzma bs=`expr $(4) - 64` conv=sync ; dd if=$(KDIR)/root.$(1) ) > $(KDIR)/vmlinux-$(2).bin.lzma.combined ; \ fi ; fi $(call MkImage,lzma,$(KDIR)/vmlinux-$(2).bin.lzma.combined,$(call sysupname,$(1),$(2)),$(6)) endef # # The real magic happens inside these templates # # $(1), compression method # $(2), filename of image data # $(3), output filename define MkImage $(eval imagename=$(if $(4),$(4),MIPS OpenWrt Linux-$(LINUX_VERSION))) -mkimage -A mips -O linux -T kernel -C $(1) -a $(loadaddr-y) -e $(loadaddr-y) \ -n "$(imagename)" \ -d $(2) $(3) endef define CompressLzma $(STAGING_DIR_HOST)/bin/lzma e $(1) -lc1 -lp2 -pb2 $(2) endef define MkImageSysupgrade/squashfs $(eval output_name=$(IMG_PREFIX)-$(2)-$(1)-$(if $(4),$(4),sysupgrade).bin) cat $(KDIR)/vmlinux-$(2).uImage $(KDIR)/root.$(1) > $(KDIR)/$(output_name) $(call prepare_generic_squashfs,$(KDIR)/$(output_name)) if [ `stat -c%s "$(KDIR)/$(output_name)"` -gt $(3) ]; then \ echo "Warning: $(KDIR)/$(output_name) is too big" >&2; \ else \ $(CP) $(KDIR)/$(output_name) $(BIN_DIR)/$(output_name); \ fi endef define MkImageTpl/squashfs $(eval output_name=$(IMG_PREFIX)-$(2)-$(1)-$(if $(4),$(4),sysupgrade).bin) $(STAGING_DIR_HOST)/bin/mktplinkfw2 -V "ver. 2.0" -B "$(2)" -j \ -o $(KDIR)/$(output_name) \ -k $(KDIR)/vmlinux-$(1)$(4).bin.lzma \ -r $(KDIR)/root.$(1) $(CP) $(KDIR)/$(output_name) $(BIN_DIR)/$(output_name) endef define MkImageTpl/initramfs $(eval output_name=$(IMG_PREFIX)-$(2)-$(1).bin) $(STAGING_DIR_HOST)/bin/mktplinkfw2 -V "ver. 2.0" -B "$(2)" -c \ -o $(KDIR)/$(output_name) \ -k $(KDIR)/vmlinux-$(1).bin.lzma $(CP) $(KDIR)/$(output_name) $(BIN_DIR)/$(output_name) endef # $(1), lowercase board name like "mt7620a_v22sg" # $(2), DTS filename without .dts extension # $(3), optional filename suffix, e.g. "-initramfs" define PatchKernelLzmaDtb cp $(KDIR)/vmlinux$(3) $(KDIR)/vmlinux-$(1)$(3) $(LINUX_DIR)/scripts/dtc/dtc -O dtb -o $(KDIR)/$(2).dtb ../dts/$(2).dts $(STAGING_DIR_HOST)/bin/patch-dtb $(KDIR)/vmlinux-$(1)$(3) $(KDIR)/$(2).dtb $(call CompressLzma,$(KDIR)/vmlinux-$(1)$(3),$(KDIR)/vmlinux-$(1)$(3).bin.lzma) endef # $(1), lowercase board name # $(2), DTS filename without .dts extension # $(3), ih_name field of uImage header # $(4), optional filename suffix, e.g. "-initramfs" define MkImageLzmaDtb $(call PatchKernelLzmaDtb,$(1),$(2),$(4)) $(call MkImage,lzma,$(KDIR)/vmlinux-$(1)$(4).bin.lzma,$(KDIR)/vmlinux-$(1)$(4).uImage,$(3)) endef # $(1), Rootfs type, e.g. squashfs # $(2), lowercase board name # $(3), DTS filename without .dts extension # $(4), maximum size of sysupgrade image # $(5), uImage header's ih_name field define BuildFirmware/OF $(call MkImageLzmaDtb,$(2),$(3),$(5)) $(call MkImageSysupgrade/$(1),$(1),$(2),$(4),$(6)) endef define BuildFirmware/OF/tplink $(call PatchKernelLzmaDtb,$(1),$(2),$(4)) $(call MkImageTpl/$(1),$(1),$(2),$(4),$(5)) endef define BuildFirmware/OF/tplink/initramfs $(call PatchKernelLzmaDtb,$(2),$(3),-initramfs) $(call MkImageTpl/$(1),$(1),$(2),$(4),$(5)) endef # $(1), squashfs/initramfs # $(2), lowercase board name # $(3), DTS filename without .dts extension # $(4), ih_name field of uImage header define BuildFirmware/OF/initramfs $(call MkImageLzmaDtb,$(2),$(3),$(4),-initramfs) $(CP) $(KDIR)/vmlinux-$(2)-initramfs.uImage $(call imgname,$(1),$(2))-uImage.bin endef # Build images for default ralink layout for 4MB flash # kernel + roots = 0x3b0000 # $(1) = squashfs/initramfs # $(2) = lowercase board name # $(3) = dts file ralink_default_fw_size_4M=3866624 BuildFirmware/Default4M/squashfs=$(call BuildFirmware/OF,$(1),$(2),$(3),$(ralink_default_fw_size_4M),$(4)) BuildFirmware/Default4M/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3),$(4)) # Build images for default ralink layout for 8MB flash # kernel + roots = 0x7b0000 # $(1) = squashfs/initramfs # $(2) = lowercase board name # $(3) = dts file # $(4) = uImage header name field ralink_default_fw_size_8M=8060928 BuildFirmware/Default8M/squashfs=$(call BuildFirmware/OF,$(1),$(2),$(3),$(ralink_default_fw_size_8M),$(4)) BuildFirmware/Default8M/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3),$(4)) BuildFirmware/Tplink/squashfs=$(call BuildFirmware/OF/tplink,$(1),$(2),$(3),$(4)) BuildFirmware/Tplink/initramfs=$(call BuildFirmware/OF/tplink/initramfs,$(1),$(2),$(3),$(4)) ralink_default_fw_size_16M=16121856 BuildFirmware/Default16M/squashfs=$(call BuildFirmware/OF,$(1),$(2),$(3),$(ralink_default_fw_size_16M),$(4)) BuildFirmware/Default16M/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3),$(4)) # Build images for a custom sized flash layout # $(1) = squashfs/initramfs # $(2) = lowercase board name # $(3) = dts file # $(4) = kernel + rootfs size BuildFirmware/CustomFlash/squashfs=$(call BuildFirmware/OF,$(1),$(2),$(3),$(4),$(5),$(6)) BuildFirmware/CustomFlash/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3)) # wrappers for boards that have 4MB and 8MB versions define BuildFirmware/DefaultDualSize/squashfs $(call BuildFirmware/Default4M/$(1),$(1),$(2)-4M,$(3)-4M) $(call BuildFirmware/Default8M/$(1),$(1),$(2)-8M,$(3)-8M) endef define BuildFirmware/DefaultDualSize/initramfs $(call BuildFirmware/OF/initramfs,$(1),$(2)-4M,$(3)-4M) $(call BuildFirmware/OF/initramfs,$(1),$(2)-8M,$(3)-8M) endef # Some boards need a special header inside the uImage to make them bootable define BuildFirmware/CustomFlashFactory/squashfs $(call BuildFirmware/CustomFlash/$(1),$(1),$(2),$(3),$(4)) $(call BuildFirmware/CustomFlash/$(1),$(1),$(2),$(3),$(4),$(5),$(6)) endef BuildFirmware/CustomFlashFactory/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3)) # sign an image to make it work with edimax tftp recovery define BuildFirmware/Edimax/squashfs $(call BuildFirmware/OF,$(1),$(2),$(3),$(4)) if [ -e "$(call sysupname,$(1),$(2))" ]; then \ mkedimaximg -i $(call sysupname,$(1),$(2)) \ -o $(call imgname,$(1),$(2))-factory.bin \ -s $(5) -m $(6) -f $(7) -S $(8); \ fi endef BuildFirmware/Edimax/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3)) # build Seama header images define BuildFirmware/Seama/squashfs $(call MkImageLzmaDtb,$(2),$(3),$(5)) $(eval output_name=$(IMG_PREFIX)-$(2)-$(1)-sysupgrade.bin) cat $(KDIR)/vmlinux-$(2).bin.lzma $(KDIR)/root.$(1) > $(KDIR)/img_$(2).$(1).tmp if [ `stat -c%s "$(KDIR)/img_$(2).$(1).tmp"` -gt $$$$(($(5) - 64)) ]; then \ echo "Warning: $(KDIR)/img_$(2).$(1).tmp is too big" >&2; \ else \ dd if=$(KDIR)/vmlinux-$(2).bin.lzma of=$(KDIR)/vmlinux-$(2).bin.lzma.padded bs=64k conv=sync; \ ( \ dd if=$(KDIR)/vmlinux-$(2).bin.lzma.padded bs=1 count=`expr \`stat -c%s $(KDIR)/vmlinux-$(2).bin.lzma.padded\` - 64`; \ dd if=$(KDIR)/root.$(1) bs=64k conv=sync; \ ) > $(KDIR)/vmlinux-$(2).tmp; \ $(STAGING_DIR_HOST)/bin/seama \ -i $(KDIR)/vmlinux-$(2).tmp \ -m "dev=/dev/mtdblock/2" -m "type=firmware"; \ $(STAGING_DIR_HOST)/bin/seama \ -s $(call imgname,$(1),$(2))-factory.bin \ -m "signature=$(4)" \ -i $(KDIR)/vmlinux-$(2).tmp.seama; \ dd if=$(KDIR)/vmlinux-$(2).bin.lzma.padded bs=1 count=`expr \`stat -c%s $(KDIR)/vmlinux-$(2).bin.lzma.padded\` - 64` of=$(KDIR)/vmlinux-$(2)-sysupgrade.tmp; \ $(STAGING_DIR_HOST)/bin/seama \ -i $(KDIR)/vmlinux-$(2)-sysupgrade.tmp \ -m "dev=/dev/mtdblock/2" -m "type=firmware"; \ ( \ dd if=$(KDIR)/vmlinux-$(2)-sysupgrade.tmp.seama; \ dd if=$(KDIR)/root.$(1) bs=64k conv=sync; \ ) > $(BIN_DIR)/$(output_name); \ fi endef BuildFirmware/Seama/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3)) # sign Buffalo images define BuildFirmware/Buffalo if [ -e "$(call sysupname,$(1),$(2))" ]; then \ buffalo-enc -p $(3) -v 1.76 \ -i $(KDIR)/vmlinux-$(2).uImage \ -o $(KDIR)/vmlinux-$(2).uImage.enc; \ buffalo-enc -p $(3) -v 1.76 \ -i $(KDIR)/root.$(1) \ -o $(KDIR)/root.$(2).enc; \ buffalo-tag -b $(3) -p $(3) -a ram -v 1.76 -m 1.01 \ -l mlang8 -f 1 -r EU \ -i $(KDIR)/vmlinux-$(2).uImage.enc \ -i $(KDIR)/root.$(2).enc \ -o $(call imgname,$(1),$(2))-factory-EU.bin; \ fi endef # sign trednet / UMedia images define BuildFirmware/UMedia/squashfs $(call BuildFirmware/Default8M/$(1),$(1),$(2),$(3)) if [ -e "$(call sysupname,$(1),$(2))" ]; then \ fix-u-media-header -T 0x46 -B $(4) \ -i $(call sysupname,$(1),$(2)) \ -o $(call imgname,$(1),$(2))-factory.bin; \ fi endef BuildFirmware/UMedia/initramfs=$(call BuildFirmware/OF/initramfs,$(1),$(2),$(3)) # sign dap 1350 based images dap1350_mtd_size=7667712 define BuildFirmware/dap1350/squashfs $(call BuildFirmware/CustomFlash/$(1),$(1),$(2),$(3),$(dap1350_mtd_size)) -mkdapimg -s $(4) \ -i $(call sysupname,$(1),$(2)) \ -o $(call imgname,$(1),$(2))-factory.bin endef BuildFirmware/dap1350/initramfs=$(call Bu
from __future__ import (absolute_import, print_function, division)
import struct
import array
import ipaddress

from netlib import tcp, utils


class SocksError(Exception):
    def __init__(self, code, message):
        super(SocksError, self).__init__(message)
        self.code = code

VERSION = utils.BiDi(
    SOCKS4=0x04,
    SOCKS5=0x05
)

CMD = utils.BiDi(
    CONNECT=0x01,
    BIND=0x02,
    UDP_ASSOCIATE=0x03
)

ATYP = utils.BiDi(
    IPV4_ADDRESS=0x01,
    DOMAINNAME=0x03,
    IPV6_ADDRESS=0x04
)

REP = utils.BiDi(
    SUCCEEDED=0x00,
    GENERAL_SOCKS_SERVER_FAILURE=0x01,
    CONNECTION_NOT_ALLOWED_BY_RULESET=0x02,
    NETWORK_UNREACHABLE=0x03,
    HOST_UNREACHABLE=0x04,
    CONNECTION_REFUSED=0x05,
    TTL_EXPIRED=0x06,
    COMMAND_NOT_SUPPORTED=0x07,
    ADDRESS_TYPE_NOT_SUPPORTED=0x08,
)

METHOD = utils.BiDi(
    NO_AUTHENTICATION_REQUIRED=0x00,
    GSSAPI=0x01,
    USERNAME_PASSWORD=0x02,
    NO_ACCEPTABLE_METHODS=0xFF
)

USERNAME_PASSWORD_VERSION = utils.BiDi(
    DEFAULT=0x01
)


class ClientGreeting(object):
    __slots__ = ("ver", "methods")

    def __init__(self, ver, methods):
        self.ver = ver
        self.methods = array.array("B")
        self.methods.extend(methods)

    def assert_socks5(self):
        if self.ver != VERSION.SOCKS5:
            if self.ver == ord("G") and len(self.methods) == ord("E"):
                guess = "Probably not a SOCKS request but a regular HTTP request. "
            else:
                guess = ""

            raise SocksError(
                REP.GENERAL_SOCKS_SERVER_FAILURE,
                guess + "Invalid SOCKS version. Expected 0x05, got 0x%x" % self.ver
            )

    @classmethod
    def from_file(cls, f, fail_early=False):
        """
        :param fail_early: If true, a SocksError will be raised if the first byte does not indicate socks5.
        """
        ver, nmethods = struct.unpack("!BB", f.safe_read(2))
        client_greeting = cls(ver, [])
        if fail_early:
            client_greeting.assert_socks5()
        client_greeting.methods.fromstring(f.safe_read(nmethods))
        return client_greeting

    def to_file(self, f):
        f.write(struct.pack("!BB", self.ver, len(self.methods)))
        f.write(self.methods.tostring())


class ServerGreeting(object):
    __slots__ = ("ver", "method")

    def __init__(self, ver, method):
        self.ver = ver
        self.method = method

    def assert_socks5(self):
        if self.ver != VERSION.SOCKS5:
            if self.ver == ord("H") and self.method == ord("T"):
                guess = "Probably not a SOCKS request but a regular HTTP response. "
            else:
                guess = ""

            raise SocksError(
                REP.GENERAL_SOCKS_SERVER_FAILURE,
                guess + "Invalid SOCKS version. Expected 0x05, got 0x%x" % self.ver
            )

    @classmethod
    def from_file(cls, f):
        ver, method = struct.unpack("!BB", f.safe_read(2))
        return cls(ver, method)

    def to_file(self, f):
        f.write(struct.pack("!BB", self.ver, self.method))


class UsernamePasswordAuth(object):
    __slots__ = ("ver", "username", "password")

    def __init__(self, ver, username, password):
        self.ver = ver
        self.username = username
        self.password = password

    def assert_authver1(self):
        if self.ver != USERNAME_PASSWORD_VERSION.DEFAULT:
            raise SocksError(
                0,
                "Invalid auth version. Expected 0x01, got 0x%x" % self.ver
            )

    @classmethod
    def from_file(cls, f):
        ver, ulen = struct.unpack("!BB", f.safe_read(2))
        username = f.safe_read(ulen)
        plen, = struct.unpack("!B", f.safe_read(1))
        password = f.safe_read(plen)
        return cls(ver, username.decode(), password.decode())

    def to_file(self, f):
        f.write(struct.pack("!BB", self.ver, len(self.username)))
        f.write(self.username.encode())
        f.write(struct.pack("!B", len(self.password)))
        f.write(self.password.encode())


class UsernamePasswordAuthResponse(object):
    __slots__ = ("ver", "status")

    def __init__(self, ver, status):
        self.ver = ver
        self.status = status

    def assert_authver1(self):
        if self.ver != USERNAME_PASSWORD_VERSION.DEFAULT:
            raise SocksError(
                0,
                "Invalid auth version. Expected 0x01, got 0x%x" % self.ver
            )

    @classmethod
    def from_file(cls, f):
        ver, status = struct.unpack("!BB", f.safe_read(2))
        return cls(ver, status)

    def to_file(self, f):
        f.write(struct.pack("!BB", self.ver, self.status))


class Message(object):
    __slots__ = ("ver", "msg", "atyp", "addr")

    def __init__(self, ver, msg, atyp, addr):
        self.ver = ver
        self.msg = msg
        self.atyp = atyp
        self.addr = tcp.Address.wrap(addr)

    def assert_socks5(self):
        if self.ver != VERSION.SOCKS5:
            raise SocksError(
                REP.GENERAL_SOCKS_SERVER_FAILURE,
                "Invalid SOCKS version. Expected 0x05, got 0x%x" % self.ver
            )

    @classmethod
    def from_file(cls, f):
        ver, msg, rsv, atyp = struct.unpack("!BBBB", f.safe_read(4))
        if rsv != 0x00:
            raise SocksError(
                REP.GENERAL_SOCKS_SERVER_FAILURE,
                "Socks Request: Invalid reserved byte: %s" % rsv
            )
        if atyp == ATYP.IPV4_ADDRESS:
            # We use tnoa here as ntop is not commonly available on Windows.
            host = ipaddress.IPv4Address(f.safe_read(4)).compressed
            use_ipv6 = False
        elif atyp == ATYP.IPV6_ADDRESS:
            host = ipaddress.IPv6Address(f.safe_read(16)).compressed
            use_ipv6 = True
        elif atyp == ATYP.DOMAINNAME:
            length, = struct.unpack("!B", f.safe_read(1))
            host = f.safe_read(length)
            if not utils.is_valid_host(host):
                raise SocksError(REP.GENERAL_SOCKS_SERVER_FAILURE, "Invalid hostname: %s" % host)
            host = host.decode("idna")
            use_ipv6 = False
        else:
            raise SocksError(REP.ADDRESS_TYPE_NOT_SUPPORTED,
                             "Socks Request: Unknown ATYP: %s" % atyp)

        port, = struct.unpack("!H", f.safe_read(2))
        addr = tcp.Address((host, port), use_ipv6=use_ipv6)
        return cls(ver, msg, atyp, addr)

    def to_file(self, f):
        f.write(struct.pack("!BBBB", self.ver, self.msg, 0x00, self.atyp))
        if self.atyp == ATYP.IPV4_ADDRESS:
            f.write(ipaddress.IPv4Address(self.addr.host).packed)
        elif self.atyp == ATYP.IPV6_ADDRESS:
            f.write(ipaddress.IPv6Address(self.addr.host).packed)
        elif self.atyp == ATYP.DOMAINNAME:
            f.write(struct.pack("!B", len(self.addr.host)))
            f.write(self.addr.host.encode("idna"))
        else:
            raise SocksError(
                REP.ADDRESS_TYPE_NOT_SUPPORTED,
                "Unknown ATYP: %s" % self.atyp
            )
        f.write(struct.pack("!H", self.addr.port))
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-01 21:55:12 +0000