]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/eapol-fuzzer/eapol-fuzzer.c
2 * wpa_supplicant - EAPOL fuzzer
3 * Copyright (c) 2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #include "utils/includes.h"
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "eapol_supp/eapol_supp_sm.h"
14 #include "rsn_supp/wpa.h"
15 #include "rsn_supp/wpa_i.h"
21 struct eapol_sm
*eapol
;
25 static void test_send_eapol(void *eloop_data
, void *user_ctx
)
27 struct arg_ctx
*ctx
= eloop_data
;
30 u8 src
[ETH_ALEN
] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x01 };
34 wpa_printf(MSG_INFO
, "eapol-fuzzer: Send '%s'", ctx
->fname
);
36 data
= os_readfile(ctx
->fname
, &len
);
38 wpa_printf(MSG_ERROR
, "Could not read '%s'", ctx
->fname
);
42 wpa_hexdump(MSG_MSGDUMP
, "fuzzer - EAPOL", data
, len
);
44 eapol_sm_notify_portEnabled(ctx
->eapol
, TRUE
);
46 wpa_sm_set_param(ctx
->wpa
, WPA_PARAM_PROTO
, WPA_PROTO_RSN
);
47 wpa_sm_set_param(ctx
->wpa
, WPA_PARAM_RSN_ENABLED
, 1);
48 wpa_sm_set_param(ctx
->wpa
, WPA_PARAM_KEY_MGMT
, WPA_KEY_MGMT_PSK
);
49 wpa_sm_set_param(ctx
->wpa
, WPA_PARAM_PAIRWISE
, WPA_CIPHER_CCMP
);
50 wpa_sm_set_param(ctx
->wpa
, WPA_PARAM_GROUP
, WPA_CIPHER_CCMP
);
52 wpa_ie_len
= sizeof(wpa_ie
);
53 wpa_sm_set_assoc_wpa_ie_default(ctx
->wpa
, wpa_ie
, &wpa_ie_len
);
55 if (eapol_sm_rx_eapol(ctx
->eapol
, src
, (u8
*) data
, len
) <= 0)
56 wpa_sm_rx_eapol(ctx
->wpa
, src
, (u8
*) data
, len
);
64 static void * get_network_ctx(void *arg
)
70 static void set_state(void *arg
, enum wpa_states state
)
75 static void deauthenticate(void *arg
, u16 reason_code
)
80 static u8
* alloc_eapol(void *arg
, u8 type
,
81 const void *data
, u16 data_len
,
82 size_t *msg_len
, void **data_pos
)
84 struct ieee802_1x_hdr
*hdr
;
86 *msg_len
= sizeof(*hdr
) + data_len
;
87 hdr
= os_malloc(*msg_len
);
93 hdr
->length
= host_to_be16(data_len
);
96 os_memcpy(hdr
+ 1, data
, data_len
);
98 os_memset(hdr
+ 1, 0, data_len
);
107 static int ether_send(void *arg
, const u8
*dest
, u16 proto
,
108 const u8
*buf
, size_t len
)
114 static int get_bssid(void *ctx
, u8
*bssid
)
120 static int eapol_send(void *ctx
, int type
, const u8
*buf
, size_t len
)
126 static int init_wpa(struct arg_ctx
*arg
)
128 struct wpa_sm_ctx
*ctx
;
130 ctx
= os_zalloc(sizeof(*ctx
));
132 wpa_printf(MSG_ERROR
, "Failed to allocate WPA context.");
138 ctx
->get_network_ctx
= get_network_ctx
;
139 ctx
->set_state
= set_state
;
140 ctx
->deauthenticate
= deauthenticate
;
141 ctx
->alloc_eapol
= alloc_eapol
;
142 ctx
->ether_send
= ether_send
;
143 ctx
->get_bssid
= get_bssid
;
145 arg
->wpa
= wpa_sm_init(ctx
);
148 arg
->wpa
->pmk_len
= PMK_LEN
;
153 static int init_eapol(struct arg_ctx
*arg
)
155 struct eapol_ctx
*ctx
;
157 ctx
= os_zalloc(sizeof(*ctx
));
159 wpa_printf(MSG_ERROR
, "Failed to allocate EAPOL context.");
165 ctx
->eapol_send
= eapol_send
;
167 arg
->eapol
= eapol_sm_init(ctx
);
168 return arg
->eapol
? 0 : -1;
172 int main(int argc
, char *argv
[])
178 printf("usage: %s <file>\n", argv
[0]);
182 if (os_program_init())
186 wpa_debug_show_keys
= 1;
189 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
193 os_memset(&ctx
, 0, sizeof(ctx
));
195 if (init_wpa(&ctx
) || init_eapol(&ctx
))
198 eloop_register_timeout(0, 0, test_send_eapol
, &ctx
, NULL
);
200 wpa_printf(MSG_DEBUG
, "Starting eloop");
202 wpa_printf(MSG_DEBUG
, "eloop done");
207 wpa_sm_deinit(ctx
.wpa
);
209 eapol_sm_deinit(ctx
.eapol
);