]> git.ipfire.org Git - thirdparty/iw.git/blob - scan.c
projects / thirdparty / iw.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
parse some WPS data
[thirdparty/iw.git] / scan.c
1 #include <net/if.h>
2 #include <errno.h>
3 #include <string.h>
4 #include <ctype.h>
5 #include <stdbool.h>
6
7 #include <netlink/genl/genl.h>
8 #include <netlink/genl/family.h>
9 #include <netlink/genl/ctrl.h>
10 #include <netlink/msg.h>
11 #include <netlink/attr.h>
12
13 #include "nl80211.h"
14 #include "iw.h"
15
16 struct scan_params {
17 bool unknown;
18 };
19
20 static int handle_scan(struct nl80211_state *state,
21 struct nl_cb *cb,
22 struct nl_msg *msg,
23 int argc, char **argv)
24 {
25 struct nl_msg *ssids = NULL;
26 int err = -ENOBUFS;
27
28 ssids = nlmsg_alloc();
29 if (!ssids)
30 return -ENOMEM;
31 NLA_PUT(ssids, 1, 0, "");
32 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
33
34 err = 0;
35 nla_put_failure:
36 nlmsg_free(ssids);
37 return err;
38 }
39 COMMAND(scan, trigger, NULL,
40 NL80211_CMD_TRIGGER_SCAN, 0, CIB_NETDEV, handle_scan);
41
42 typedef void (*printfn)(unsigned char type, unsigned char len, unsigned char *data);
43
44 static void print_ssid(unsigned char type, unsigned char len, unsigned char *data)
45 {
46 int i;
47 printf("\tSSID: ");
48 for (i=0; i<len; i++) {
49 if (isprint(data[i]))
50 printf("%c", data[i]);
51 else
52 printf("\\x%.2x", data[i]);
53 }
54 printf("\n");
55 }
56
57 static void print_supprates(unsigned char type, unsigned char len, unsigned char *data)
58 {
59 int i;
60
61 if (type == 1)
62 printf("\tSupported rates: ");
63 else
64 printf("\tExtended supported rates: ");
65
66 for (i=0; i<len; i++) {
67 int r = data[i] & 0x7f;
68 printf("%d.%d%s ", r/2, 5*(r&1), data[i] & 0x80 ? "*":"");
69 }
70 printf("\n");
71 }
72
73 static void print_ds(unsigned char type, unsigned char len, unsigned char *data)
74 {
75 printf("\tDS Parameter set: channel %d\n", data[0]);
76 }
77
78 static void print_ign(unsigned char type, unsigned char len, unsigned char *data)
79 {
80 /* ignore for now, not too useful */
81 }
82
83 static const printfn ieprinters[] = {
84 [0] = print_ssid,
85 [1] = print_supprates,
86 [3] = print_ds,
87 [5] = print_ign,
88 [50] = print_supprates,
89 };
90
91 static void tab_on_first(bool *first)
92 {
93 if (!*first)
94 printf("\t");
95 else
96 *first = false;
97 }
98
99 static void print_wifi_wps(unsigned char type, unsigned char len, unsigned char *data)
100 {
101 bool first = true;
102 __u16 subtype, sublen;
103
104 printf("\tWPS:");
105
106 while (len >= 4) {
107 subtype = (data[0] << 8) + data[1];
108 sublen = (data[2] << 8) + data[3];
109 if (sublen > len)
110 break;
111
112 switch (subtype) {
113 case 0x104a:
114 tab_on_first(&first);
115 printf("\t * Version: %#.2x\n", data[4]);
116 break;
117 case 0x1011:
118 tab_on_first(&first);
119 printf("\t * Device name: %.*s\n", sublen, data + 4);
120 break;
121 case 0x1021:
122 tab_on_first(&first);
123 printf("\t * Manufacturer: %.*s\n", sublen, data + 4);
124 break;
125 case 0x1023:
126 tab_on_first(&first);
127 printf("\t * Model: %.*s\n", sublen, data + 4);
128 break;
129 case 0x1008: {
130 __u16 meth = (data[4] << 8) + data[5];
131 bool comma = false;
132 tab_on_first(&first);
133 printf("\t * Config methods:");
134 #define T(bit, name) do { \
135 if (meth & (1<<bit)) { \
136 if (comma) \
137 printf(","); \
138 comma = true; \
139 printf(" " name); \
140 } } while (0)
141 T(0, "USB");
142 T(1, "Ethernet");
143 T(2, "Label");
144 T(3, "Display");
145 T(4, "Ext. NFC");
146 T(5, "Int. NFC");
147 T(6, "NFC Intf.");
148 T(7, "PBC");
149 T(8, "Keypad");
150 printf("\n");
151 break;
152 #undef T
153 }
154 default:
155 break;
156 }
157
158 data += sublen + 4;
159 len -= sublen + 4;
160 }
161
162 if (len != 0) {
163 printf("\t\t * bogus tail data (%d):", len);
164 while (len) {
165 printf(" %.2x", *data);
166 data++;
167 len--;
168 }
169 printf("\n");
170 }
171 }
172
173 static const printfn wifiprinters[] = {
174 [4] = print_wifi_wps,
175 };
176
177 static void print_vendor(unsigned char len, unsigned char *data,
178 struct scan_params *params)
179 {
180 int i;
181
182 if (len < 3) {
183 printf("\tVendor specific: <too short> data:");
184 for(i = 0; i < len; i++)
185 printf(" %.02x", data[i]);
186 printf("\n");
187 return;
188 }
189
190 if (len >= 4 && data[0] == 0x00 && data[1] == 0x50 && data[2] == 0xF2) {
191 if (data[3] < ARRAY_SIZE(wifiprinters) && wifiprinters[data[3]])
192 return wifiprinters[data[3]](data[3], len - 4, data + 4);
193 if (!params->unknown)
194 return;
195 printf("\tWiFi OUI %#.2x data:", data[3]);
196 for(i = 0; i < len - 4; i++)
197 printf(" %.02x", data[i + 4]);
198 printf("\n");
199 return;
200 }
201
202 if (!params->unknown)
203 return;
204
205 printf("\tVendor specific: OUI %.2x:%.2x:%.2x, data:",
206 data[0], data[1], data[2]);
207 for (i = 3; i < len; i++)
208 printf(" %.2x", data[i]);
209 printf("\n");
210 }
211
212 static void print_ies(unsigned char *ie, int ielen, struct scan_params *params)
213 {
214 while (ielen >= 2 && ielen >= ie[1]) {
215 if (ie[0] < ARRAY_SIZE(ieprinters) && ieprinters[ie[0]]) {
216 ieprinters[ie[0]](ie[0], ie[1], ie + 2);
217 } else if (ie[0] == 221 /* vendor */) {
218 print_vendor(ie[1], ie + 2, params);
219 } else if (params->unknown) {
220 int i;
221
222 printf("\tUnknown IE (%d):", ie[0]);
223 for (i=0; i<ie[1]; i++)
224 printf(" %.2x", ie[2+i]);
225 printf("\n");
226 }
227 ielen -= ie[1] + 2;
228 ie += ie[1] + 2;
229 }
230 }
231
232 static int print_bss_handler(struct nl_msg *msg, void *arg)
233 {
234 struct nlattr *tb[NL80211_ATTR_MAX + 1];
235 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
236 struct nlattr *bss[NL80211_BSS_MAX + 1];
237 char mac_addr[20], dev[20];
238 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
239 [NL80211_BSS_TSF] = { .type = NLA_U64 },
240 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
241 [NL80211_BSS_BSSID] = { },
242 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
243 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
244 [NL80211_BSS_INFORMATION_ELEMENTS] = { },
245 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
246 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
247 };
248
249 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
250 genlmsg_attrlen(gnlh, 0), NULL);
251
252 if (!tb[NL80211_ATTR_BSS]) {
253 fprintf(stderr, "bss info missing!");
254 return NL_SKIP;
255 }
256 if (nla_parse_nested(bss, NL80211_BSS_MAX,
257 tb[NL80211_ATTR_BSS],
258 bss_policy)) {
259 fprintf(stderr, "failed to parse nested attributes!");
260 return NL_SKIP;
261 }
262
263 if (!bss[NL80211_BSS_BSSID])
264 return NL_SKIP;
265
266 mac_addr_n2a(mac_addr, nla_data(bss[NL80211_BSS_BSSID]));
267 if_indextoname(nla_get_u32(tb[NL80211_ATTR_IFINDEX]), dev);
268 printf("BSS %s (on %s)\n", mac_addr, dev);
269
270 if (bss[NL80211_BSS_TSF]) {
271 unsigned long long tsf;
272 tsf = (unsigned long long)nla_get_u64(bss[NL80211_BSS_TSF]);
273 printf("\tTSF: %llu usec (%llud, %.2lld:%.2llu:%.2llu)\n",
274 tsf, tsf/1000/1000/60/60/24, (tsf/1000/1000/60/60) % 24,
275 (tsf/1000/1000/60) % 60, (tsf/1000/1000) % 60);
276 }
277 if (bss[NL80211_BSS_FREQUENCY])
278 printf("\tfreq: %d\n",
279 nla_get_u32(bss[NL80211_BSS_FREQUENCY]));
280 if (bss[NL80211_BSS_BEACON_INTERVAL])
281 printf("\tbeacon interval: %d\n",
282 nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]));
283 if (bss[NL80211_BSS_CAPABILITY])
284 printf("\tcapability: 0x%.4x\n",
285 nla_get_u16(bss[NL80211_BSS_CAPABILITY]));
286 if (bss[NL80211_BSS_SIGNAL_MBM]) {
287 int s = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
288 printf("\tsignal: %d.%.2d dBm\n", s/100, s%100);
289 }
290 if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
291 unsigned char s = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
292 printf("\tsignal: %d/100\n", s);
293 }
294 if (bss[NL80211_BSS_INFORMATION_ELEMENTS])
295 print_ies(nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]),
296 nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]),
297 arg);
298
299 return NL_SKIP;
300 }
301
302 static struct scan_params scan_params;
303
304 static int handle_scan_dump(struct nl80211_state *state,
305 struct nl_cb *cb,
306 struct nl_msg *msg,
307 int argc, char **argv)
308 {
309 if (argc > 1)
310 return 1;
311
312 scan_params.unknown = false;
313 if (argc == 1 && !strcmp(argv[0], "-u"))
314 scan_params.unknown = true;
315
316 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, print_bss_handler,
317 &scan_params);
318 return 0;
319 }
320 COMMAND(scan, dump, "[-u]",
321 NL80211_CMD_GET_SCAN, NLM_F_DUMP, CIB_NETDEV, handle_scan_dump);
322
323 static int handle_scan_combined(struct nl80211_state *state,
324 struct nl_cb *cb,
325 struct nl_msg *msg,
326 int argc, char **argv)
327 {
328 static char *trig_argv[] = {
329 NULL,
330 "scan",
331 "trigger",
332 };
333 static char *dump_argv[] = {
334 NULL,
335 "scan",
336 "dump",
337 };
338 static const __u32 cmds[] = {
339 NL80211_CMD_NEW_SCAN_RESULTS,
340 NL80211_CMD_SCAN_ABORTED,
341 };
342 int err;
343
344 trig_argv[0] = argv[0];
345 err = handle_cmd(state, II_NETDEV, ARRAY_SIZE(trig_argv), trig_argv);
346 if (err)
347 return err;
348
349 /*
350 * WARNING: DO NOT COPY THIS CODE INTO YOUR APPLICATION
351 *
352 * This code has a bug, which requires creating a separate
353 * nl80211 socket to fix:
354 * It is possible for a NL80211_CMD_NEW_SCAN_RESULTS or
355 * NL80211_CMD_SCAN_ABORTED message to be sent by the kernel
356 * before (!) we listen to it, because we only start listening
357 * after we send our scan request.
358 *
359 * Doing it the other way around has a race condition as well,
360 * if you first open the events socket you may get a notification
361 * for a previous scan.
362 *
363 * The only proper way to fix this would be to listen to events
364 * before sending the command, and for the kernel to send the
365 * scan request along with the event, so that you can match up
366 * whether the scan you requested was finished or aborted (this
367 * may result in processing a scan that another application
368 * requested, but that doesn't seem to be a problem).
369 *
370 * Alas, the kernel doesn't do that (yet).
371 */
372
373 if (listen_events(state, ARRAY_SIZE(cmds), cmds) ==
374 NL80211_CMD_SCAN_ABORTED) {
375 printf("scan aborted!\n");
376 return 0;
377 }
378
379 dump_argv[0] = argv[0];
380 return handle_cmd(state, II_NETDEV, ARRAY_SIZE(dump_argv), dump_argv);
381 }
382 TOPLEVEL(scan, NULL, 0, 0, CIB_NETDEV, handle_scan_combined);
Mirror git://git.kernel.org/pub/scm/linux/kernel/git/jberg/iw.git