]> git.ipfire.org Git - thirdparty/hostap.git/blob - wlantest/ctrl.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Suite B: Add AKM 00-0F-AC:11
[thirdparty/hostap.git] / wlantest / ctrl.c
1 /*
2 * wlantest control interface
3 * Copyright (c) 2010-2013, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10 #include <sys/un.h>
11
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "common/defs.h"
15 #include "common/version.h"
16 #include "common/ieee802_11_defs.h"
17 #include "wlantest.h"
18 #include "wlantest_ctrl.h"
19
20
21 static u8 * attr_get(u8 *buf, size_t buflen, enum wlantest_ctrl_attr attr,
22 size_t *len)
23 {
24 u8 *pos = buf;
25
26 while (pos + 8 <= buf + buflen) {
27 enum wlantest_ctrl_attr a;
28 size_t alen;
29 a = WPA_GET_BE32(pos);
30 pos += 4;
31 alen = WPA_GET_BE32(pos);
32 pos += 4;
33 if (pos + alen > buf + buflen) {
34 wpa_printf(MSG_DEBUG, "Invalid control message "
35 "attribute");
36 return NULL;
37 }
38 if (a == attr) {
39 *len = alen;
40 return pos;
41 }
42 pos += alen;
43 }
44
45 return NULL;
46 }
47
48
49 static u8 * attr_get_macaddr(u8 *buf, size_t buflen,
50 enum wlantest_ctrl_attr attr)
51 {
52 u8 *addr;
53 size_t addr_len;
54 addr = attr_get(buf, buflen, attr, &addr_len);
55 if (addr && addr_len != ETH_ALEN)
56 addr = NULL;
57 return addr;
58 }
59
60
61 static int attr_get_int(u8 *buf, size_t buflen, enum wlantest_ctrl_attr attr)
62 {
63 u8 *pos;
64 size_t len;
65 pos = attr_get(buf, buflen, attr, &len);
66 if (pos == NULL || len != 4)
67 return -1;
68 return WPA_GET_BE32(pos);
69 }
70
71
72 static u8 * attr_add_str(u8 *pos, u8 *end, enum wlantest_ctrl_attr attr,
73 const char *str)
74 {
75 size_t len = os_strlen(str);
76
77 if (pos == NULL || end - pos < 8 + len)
78 return NULL;
79 WPA_PUT_BE32(pos, attr);
80 pos += 4;
81 WPA_PUT_BE32(pos, len);
82 pos += 4;
83 os_memcpy(pos, str, len);
84 pos += len;
85 return pos;
86 }
87
88
89 static u8 * attr_add_be32(u8 *pos, u8 *end, enum wlantest_ctrl_attr attr,
90 u32 val)
91 {
92 if (pos == NULL || end - pos < 12)
93 return NULL;
94 WPA_PUT_BE32(pos, attr);
95 pos += 4;
96 WPA_PUT_BE32(pos, 4);
97 pos += 4;
98 WPA_PUT_BE32(pos, val);
99 pos += 4;
100 return pos;
101 }
102
103
104 static void ctrl_disconnect(struct wlantest *wt, int sock)
105 {
106 int i;
107 wpa_printf(MSG_DEBUG, "Disconnect control interface connection %d",
108 sock);
109 for (i = 0; i < MAX_CTRL_CONNECTIONS; i++) {
110 if (wt->ctrl_socks[i] == sock) {
111 close(wt->ctrl_socks[i]);
112 eloop_unregister_read_sock(wt->ctrl_socks[i]);
113 wt->ctrl_socks[i] = -1;
114 break;
115 }
116 }
117 }
118
119
120 static void ctrl_send(struct wlantest *wt, int sock, const u8 *buf,
121 size_t len)
122 {
123 if (send(sock, buf, len, 0) < 0) {
124 wpa_printf(MSG_INFO, "send(ctrl): %s", strerror(errno));
125 ctrl_disconnect(wt, sock);
126 }
127 }
128
129
130 static void ctrl_send_simple(struct wlantest *wt, int sock,
131 enum wlantest_ctrl_cmd cmd)
132 {
133 u8 buf[4];
134 WPA_PUT_BE32(buf, cmd);
135 ctrl_send(wt, sock, buf, sizeof(buf));
136 }
137
138
139 static struct wlantest_bss * ctrl_get_bss(struct wlantest *wt, int sock,
140 u8 *cmd, size_t clen)
141 {
142 struct wlantest_bss *bss;
143 u8 *pos;
144 size_t len;
145
146 pos = attr_get(cmd, clen, WLANTEST_ATTR_BSSID, &len);
147 if (pos == NULL || len != ETH_ALEN) {
148 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
149 return NULL;
150 }
151
152 bss = bss_find(wt, pos);
153 if (bss == NULL) {
154 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
155 return NULL;
156 }
157
158 return bss;
159 }
160
161
162 static struct wlantest_sta * ctrl_get_sta(struct wlantest *wt, int sock,
163 u8 *cmd, size_t clen,
164 struct wlantest_bss *bss)
165 {
166 struct wlantest_sta *sta;
167 u8 *pos;
168 size_t len;
169
170 if (bss == NULL)
171 return NULL;
172
173 pos = attr_get(cmd, clen, WLANTEST_ATTR_STA_ADDR, &len);
174 if (pos == NULL || len != ETH_ALEN) {
175 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
176 return NULL;
177 }
178
179 sta = sta_find(bss, pos);
180 if (sta == NULL) {
181 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
182 return NULL;
183 }
184
185 return sta;
186 }
187
188
189 static struct wlantest_sta * ctrl_get_sta2(struct wlantest *wt, int sock,
190 u8 *cmd, size_t clen,
191 struct wlantest_bss *bss)
192 {
193 struct wlantest_sta *sta;
194 u8 *pos;
195 size_t len;
196
197 if (bss == NULL)
198 return NULL;
199
200 pos = attr_get(cmd, clen, WLANTEST_ATTR_STA2_ADDR, &len);
201 if (pos == NULL || len != ETH_ALEN) {
202 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
203 return NULL;
204 }
205
206 sta = sta_find(bss, pos);
207 if (sta == NULL) {
208 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
209 return NULL;
210 }
211
212 return sta;
213 }
214
215
216 static void ctrl_list_bss(struct wlantest *wt, int sock)
217 {
218 u8 buf[WLANTEST_CTRL_MAX_RESP_LEN], *pos, *len;
219 struct wlantest_bss *bss;
220
221 pos = buf;
222 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
223 pos += 4;
224 WPA_PUT_BE32(pos, WLANTEST_ATTR_BSSID);
225 pos += 4;
226 len = pos; /* to be filled */
227 pos += 4;
228
229 dl_list_for_each(bss, &wt->bss, struct wlantest_bss, list) {
230 if (pos + ETH_ALEN > buf + WLANTEST_CTRL_MAX_RESP_LEN)
231 break;
232 os_memcpy(pos, bss->bssid, ETH_ALEN);
233 pos += ETH_ALEN;
234 }
235
236 WPA_PUT_BE32(len, pos - len - 4);
237 ctrl_send(wt, sock, buf, pos - buf);
238 }
239
240
241 static void ctrl_list_sta(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
242 {
243 u8 buf[WLANTEST_CTRL_MAX_RESP_LEN], *pos, *len;
244 struct wlantest_bss *bss;
245 struct wlantest_sta *sta;
246
247 bss = ctrl_get_bss(wt, sock, cmd, clen);
248 if (bss == NULL)
249 return;
250
251 pos = buf;
252 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
253 pos += 4;
254 WPA_PUT_BE32(pos, WLANTEST_ATTR_STA_ADDR);
255 pos += 4;
256 len = pos; /* to be filled */
257 pos += 4;
258
259 dl_list_for_each(sta, &bss->sta, struct wlantest_sta, list) {
260 if (pos + ETH_ALEN > buf + WLANTEST_CTRL_MAX_RESP_LEN)
261 break;
262 os_memcpy(pos, sta->addr, ETH_ALEN);
263 pos += ETH_ALEN;
264 }
265
266 WPA_PUT_BE32(len, pos - len - 4);
267 ctrl_send(wt, sock, buf, pos - buf);
268 }
269
270
271 static void ctrl_flush(struct wlantest *wt, int sock)
272 {
273 wpa_printf(MSG_DEBUG, "Drop all collected BSS data");
274 bss_flush(wt);
275 ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
276 }
277
278
279 static void ctrl_clear_sta_counters(struct wlantest *wt, int sock, u8 *cmd,
280 size_t clen)
281 {
282 struct wlantest_bss *bss;
283 struct wlantest_sta *sta;
284
285 bss = ctrl_get_bss(wt, sock, cmd, clen);
286 sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
287 if (sta == NULL) {
288 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
289 return;
290 }
291
292 os_memset(sta->counters, 0, sizeof(sta->counters));
293 os_memset(sta->tx_tid, 0, sizeof(sta->tx_tid));
294 os_memset(sta->rx_tid, 0, sizeof(sta->rx_tid));
295 ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
296 }
297
298
299 static void ctrl_clear_bss_counters(struct wlantest *wt, int sock, u8 *cmd,
300 size_t clen)
301 {
302 struct wlantest_bss *bss;
303
304 bss = ctrl_get_bss(wt, sock, cmd, clen);
305 if (bss == NULL) {
306 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
307 return;
308 }
309
310 os_memset(bss->counters, 0, sizeof(bss->counters));
311 ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
312 }
313
314
315 static void ctrl_clear_tdls_counters(struct wlantest *wt, int sock, u8 *cmd,
316 size_t clen)
317 {
318 struct wlantest_bss *bss;
319 struct wlantest_sta *sta;
320 struct wlantest_sta *sta2;
321 struct wlantest_tdls *tdls;
322
323 bss = ctrl_get_bss(wt, sock, cmd, clen);
324 sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
325 sta2 = ctrl_get_sta2(wt, sock, cmd, clen, bss);
326 if (sta == NULL || sta2 == NULL) {
327 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
328 return;
329 }
330
331 dl_list_for_each(tdls, &bss->tdls, struct wlantest_tdls, list) {
332 if ((tdls->init == sta && tdls->resp == sta2) ||
333 (tdls->init == sta2 && tdls->resp == sta))
334 os_memset(tdls->counters, 0, sizeof(tdls->counters));
335 }
336 ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
337 }
338
339
340 static void ctrl_get_sta_counter(struct wlantest *wt, int sock, u8 *cmd,
341 size_t clen)
342 {
343 u8 *addr;
344 size_t addr_len;
345 struct wlantest_bss *bss;
346 struct wlantest_sta *sta;
347 u32 counter;
348 u8 buf[4 + 12], *end, *pos;
349
350 bss = ctrl_get_bss(wt, sock, cmd, clen);
351 sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
352 if (sta == NULL)
353 return;
354
355 addr = attr_get(cmd, clen, WLANTEST_ATTR_STA_COUNTER, &addr_len);
356 if (addr == NULL || addr_len != 4) {
357 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
358 return;
359 }
360 counter = WPA_GET_BE32(addr);
361 if (counter >= NUM_WLANTEST_STA_COUNTER) {
362 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
363 return;
364 }
365
366 pos = buf;
367 end = buf + sizeof(buf);
368 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
369 pos += 4;
370 pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
371 sta->counters[counter]);
372 ctrl_send(wt, sock, buf, pos - buf);
373 }
374
375
376 static void ctrl_get_bss_counter(struct wlantest *wt, int sock, u8 *cmd,
377 size_t clen)
378 {
379 u8 *addr;
380 size_t addr_len;
381 struct wlantest_bss *bss;
382 u32 counter;
383 u8 buf[4 + 12], *end, *pos;
384
385 bss = ctrl_get_bss(wt, sock, cmd, clen);
386 if (bss == NULL)
387 return;
388
389 addr = attr_get(cmd, clen, WLANTEST_ATTR_BSS_COUNTER, &addr_len);
390 if (addr == NULL || addr_len != 4) {
391 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
392 return;
393 }
394 counter = WPA_GET_BE32(addr);
395 if (counter >= NUM_WLANTEST_BSS_COUNTER) {
396 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
397 return;
398 }
399
400 pos = buf;
401 end = buf + sizeof(buf);
402 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
403 pos += 4;
404 pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
405 bss->counters[counter]);
406 ctrl_send(wt, sock, buf, pos - buf);
407 }
408
409
410 static void ctrl_get_tdls_counter(struct wlantest *wt, int sock, u8 *cmd,
411 size_t clen)
412 {
413 u8 *addr;
414 size_t addr_len;
415 struct wlantest_bss *bss;
416 struct wlantest_sta *sta;
417 struct wlantest_sta *sta2;
418 struct wlantest_tdls *tdls;
419 u32 counter;
420 u8 buf[4 + 12], *end, *pos;
421 int found = 0;
422
423 bss = ctrl_get_bss(wt, sock, cmd, clen);
424 sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
425 sta2 = ctrl_get_sta2(wt, sock, cmd, clen, bss);
426 if (sta == NULL || sta2 == NULL) {
427 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
428 return;
429 }
430
431 addr = attr_get(cmd, clen, WLANTEST_ATTR_TDLS_COUNTER, &addr_len);
432 if (addr == NULL || addr_len != 4) {
433 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
434 return;
435 }
436 counter = WPA_GET_BE32(addr);
437 if (counter >= NUM_WLANTEST_TDLS_COUNTER) {
438 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
439 return;
440 }
441
442 dl_list_for_each(tdls, &bss->tdls, struct wlantest_tdls, list) {
443 if (tdls->init == sta && tdls->resp == sta2) {
444 found = 1;
445 break;
446 }
447 }
448
449 if (!found) {
450 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
451 return;
452 }
453
454 pos = buf;
455 end = buf + sizeof(buf);
456 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
457 pos += 4;
458 pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
459 tdls->counters[counter]);
460 ctrl_send(wt, sock, buf, pos - buf);
461 }
462
463
464 static void build_mgmt_hdr(struct ieee80211_mgmt *mgmt,
465 struct wlantest_bss *bss, struct wlantest_sta *sta,
466 int sender_ap, int stype)
467 {
468 os_memset(mgmt, 0, 24);
469 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, stype);
470 if (sender_ap) {
471 if (sta)
472 os_memcpy(mgmt->da, sta->addr, ETH_ALEN);
473 else
474 os_memset(mgmt->da, 0xff, ETH_ALEN);
475 os_memcpy(mgmt->sa, bss->bssid, ETH_ALEN);
476 } else {
477 os_memcpy(mgmt->da, bss->bssid, ETH_ALEN);
478 os_memcpy(mgmt->sa, sta->addr, ETH_ALEN);
479 }
480 os_memcpy(mgmt->bssid, bss->bssid, ETH_ALEN);
481 }
482
483
484 static int ctrl_inject_auth(struct wlantest *wt, struct wlantest_bss *bss,
485 struct wlantest_sta *sta, int sender_ap,
486 enum wlantest_inject_protection prot)
487 {
488 struct ieee80211_mgmt mgmt;
489
490 if (prot != WLANTEST_INJECT_NORMAL &&
491 prot != WLANTEST_INJECT_UNPROTECTED)
492 return -1; /* Authentication frame is never protected */
493 if (sta == NULL)
494 return -1; /* No broadcast Authentication frames */
495
496 if (sender_ap)
497 wpa_printf(MSG_INFO, "INJECT: Auth " MACSTR " -> " MACSTR,
498 MAC2STR(bss->bssid), MAC2STR(sta->addr));
499 else
500 wpa_printf(MSG_INFO, "INJECT: Auth " MACSTR " -> " MACSTR,
501 MAC2STR(sta->addr), MAC2STR(bss->bssid));
502 build_mgmt_hdr(&mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_AUTH);
503
504 mgmt.u.auth.auth_alg = host_to_le16(WLAN_AUTH_OPEN);
505 mgmt.u.auth.auth_transaction = host_to_le16(1);
506 mgmt.u.auth.status_code = host_to_le16(WLAN_STATUS_SUCCESS);
507
508 return wlantest_inject(wt, bss, sta, (u8 *) &mgmt, 24 + 6,
509 WLANTEST_INJECT_UNPROTECTED);
510 }
511
512
513 static int ctrl_inject_assocreq(struct wlantest *wt, struct wlantest_bss *bss,
514 struct wlantest_sta *sta, int sender_ap,
515 enum wlantest_inject_protection prot)
516 {
517 u8 *buf;
518 struct ieee80211_mgmt *mgmt;
519 int ret;
520
521 if (prot != WLANTEST_INJECT_NORMAL &&
522 prot != WLANTEST_INJECT_UNPROTECTED)
523 return -1; /* Association Request frame is never protected */
524 if (sta == NULL)
525 return -1; /* No broadcast Association Request frames */
526 if (sender_ap)
527 return -1; /* No Association Request frame sent by AP */
528 if (sta->assocreq_ies == NULL) {
529 wpa_printf(MSG_INFO, "INJECT: No previous (Re)Association "
530 "Request available for " MACSTR,
531 MAC2STR(sta->addr));
532 return -1;
533 }
534
535 wpa_printf(MSG_INFO, "INJECT: AssocReq " MACSTR " -> " MACSTR,
536 MAC2STR(sta->addr), MAC2STR(bss->bssid));
537 buf = os_malloc(sizeof(*mgmt) + sta->assocreq_ies_len);
538 if (buf == NULL)
539 return -1;
540 mgmt = (struct ieee80211_mgmt *) buf;
541
542 build_mgmt_hdr(mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_ASSOC_REQ);
543
544 mgmt->u.assoc_req.capab_info = host_to_le16(sta->assocreq_capab_info);
545 mgmt->u.assoc_req.listen_interval =
546 host_to_le16(sta->assocreq_listen_int);
547 os_memcpy(mgmt->u.assoc_req.variable, sta->assocreq_ies,
548 sta->assocreq_ies_len);
549
550 ret = wlantest_inject(wt, bss, sta, buf,
551 24 + 4 + sta->assocreq_ies_len,
552 WLANTEST_INJECT_UNPROTECTED);
553 os_free(buf);
554 return ret;
555 }
556
557
558 static int ctrl_inject_reassocreq(struct wlantest *wt,
559 struct wlantest_bss *bss,
560 struct wlantest_sta *sta, int sender_ap,
561 enum wlantest_inject_protection prot)
562 {
563 u8 *buf;
564 struct ieee80211_mgmt *mgmt;
565 int ret;
566
567 if (prot != WLANTEST_INJECT_NORMAL &&
568 prot != WLANTEST_INJECT_UNPROTECTED)
569 return -1; /* Reassociation Request frame is never protected */
570 if (sta == NULL)
571 return -1; /* No broadcast Reassociation Request frames */
572 if (sender_ap)
573 return -1; /* No Reassociation Request frame sent by AP */
574 if (sta->assocreq_ies == NULL) {
575 wpa_printf(MSG_INFO, "INJECT: No previous (Re)Association "
576 "Request available for " MACSTR,
577 MAC2STR(sta->addr));
578 return -1;
579 }
580
581 wpa_printf(MSG_INFO, "INJECT: ReassocReq " MACSTR " -> " MACSTR,
582 MAC2STR(sta->addr), MAC2STR(bss->bssid));
583 buf = os_malloc(sizeof(*mgmt) + sta->assocreq_ies_len);
584 if (buf == NULL)
585 return -1;
586 mgmt = (struct ieee80211_mgmt *) buf;
587
588 build_mgmt_hdr(mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_REASSOC_REQ);
589
590 mgmt->u.reassoc_req.capab_info =
591 host_to_le16(sta->assocreq_capab_info);
592 mgmt->u.reassoc_req.listen_interval =
593 host_to_le16(sta->assocreq_listen_int);
594 os_memcpy(mgmt->u.reassoc_req.current_ap, bss->bssid, ETH_ALEN);
595 os_memcpy(mgmt->u.reassoc_req.variable, sta->assocreq_ies,
596 sta->assocreq_ies_len);
597
598 ret = wlantest_inject(wt, bss, sta, buf,
599 24 + 10 + sta->assocreq_ies_len,
600 WLANTEST_INJECT_UNPROTECTED);
601 os_free(buf);
602 return ret;
603 }
604
605
606 static int ctrl_inject_deauth(struct wlantest *wt, struct wlantest_bss *bss,
607 struct wlantest_sta *sta, int sender_ap,
608 enum wlantest_inject_protection prot)
609 {
610 struct ieee80211_mgmt mgmt;
611
612 if (sender_ap) {
613 if (sta)
614 wpa_printf(MSG_INFO, "INJECT: Deauth " MACSTR " -> "
615 MACSTR,
616 MAC2STR(bss->bssid), MAC2STR(sta->addr));
617 else
618 wpa_printf(MSG_INFO, "INJECT: Deauth " MACSTR
619 " -> broadcast", MAC2STR(bss->bssid));
620 } else
621 wpa_printf(MSG_INFO, "INJECT: Deauth " MACSTR " -> " MACSTR,
622 MAC2STR(sta->addr), MAC2STR(bss->bssid));
623 build_mgmt_hdr(&mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_DEAUTH);
624
625 mgmt.u.deauth.reason_code = host_to_le16(WLAN_REASON_UNSPECIFIED);
626
627 return wlantest_inject(wt, bss, sta, (u8 *) &mgmt, 24 + 2, prot);
628 }
629
630
631 static int ctrl_inject_disassoc(struct wlantest *wt, struct wlantest_bss *bss,
632 struct wlantest_sta *sta, int sender_ap,
633 enum wlantest_inject_protection prot)
634 {
635 struct ieee80211_mgmt mgmt;
636
637 if (sender_ap) {
638 if (sta)
639 wpa_printf(MSG_INFO, "INJECT: Disassoc " MACSTR " -> "
640 MACSTR,
641 MAC2STR(bss->bssid), MAC2STR(sta->addr));
642 else
643 wpa_printf(MSG_INFO, "INJECT: Disassoc " MACSTR
644 " -> broadcast", MAC2STR(bss->bssid));
645 } else
646 wpa_printf(MSG_INFO, "INJECT: Disassoc " MACSTR " -> " MACSTR,
647 MAC2STR(sta->addr), MAC2STR(bss->bssid));
648 build_mgmt_hdr(&mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_DISASSOC);
649
650 mgmt.u.disassoc.reason_code = host_to_le16(WLAN_REASON_UNSPECIFIED);
651
652 return wlantest_inject(wt, bss, sta, (u8 *) &mgmt, 24 + 2, prot);
653 }
654
655
656 static int ctrl_inject_saqueryreq(struct wlantest *wt,
657 struct wlantest_bss *bss,
658 struct wlantest_sta *sta, int sender_ap,
659 enum wlantest_inject_protection prot)
660 {
661 struct ieee80211_mgmt mgmt;
662
663 if (sta == NULL)
664 return -1; /* No broadcast SA Query frames */
665
666 if (sender_ap)
667 wpa_printf(MSG_INFO, "INJECT: SA Query Request " MACSTR " -> "
668 MACSTR, MAC2STR(bss->bssid), MAC2STR(sta->addr));
669 else
670 wpa_printf(MSG_INFO, "INJECT: SA Query Request " MACSTR " -> "
671 MACSTR, MAC2STR(sta->addr), MAC2STR(bss->bssid));
672 build_mgmt_hdr(&mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_ACTION);
673
674 mgmt.u.action.category = WLAN_ACTION_SA_QUERY;
675 mgmt.u.action.u.sa_query_req.action = WLAN_SA_QUERY_REQUEST;
676 mgmt.u.action.u.sa_query_req.trans_id[0] = 0x12;
677 mgmt.u.action.u.sa_query_req.trans_id[1] = 0x34;
678 os_memcpy(sender_ap ? sta->ap_sa_query_tr : sta->sta_sa_query_tr,
679 mgmt.u.action.u.sa_query_req.trans_id,
680 WLAN_SA_QUERY_TR_ID_LEN);
681 return wlantest_inject(wt, bss, sta, (u8 *) &mgmt, 24 + 4, prot);
682 }
683
684
685 static void ctrl_inject(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
686 {
687 u8 *bssid, *sta_addr;
688 struct wlantest_bss *bss;
689 struct wlantest_sta *sta;
690 int frame, sender_ap, prot;
691 int ret = 0;
692
693 bssid = attr_get_macaddr(cmd, clen, WLANTEST_ATTR_BSSID);
694 sta_addr = attr_get_macaddr(cmd, clen, WLANTEST_ATTR_STA_ADDR);
695 frame = attr_get_int(cmd, clen, WLANTEST_ATTR_INJECT_FRAME);
696 sender_ap = attr_get_int(cmd, clen, WLANTEST_ATTR_INJECT_SENDER_AP);
697 if (sender_ap < 0)
698 sender_ap = 0;
699 prot = attr_get_int(cmd, clen, WLANTEST_ATTR_INJECT_PROTECTION);
700 if (bssid == NULL || sta_addr == NULL || frame < 0 || prot < 0) {
701 wpa_printf(MSG_INFO, "Invalid inject command parameters");
702 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
703 return;
704 }
705
706 bss = bss_find(wt, bssid);
707 if (bss == NULL) {
708 wpa_printf(MSG_INFO, "BSS not found for inject command");
709 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
710 return;
711 }
712
713 if (is_broadcast_ether_addr(sta_addr)) {
714 if (!sender_ap) {
715 wpa_printf(MSG_INFO, "Invalid broadcast inject "
716 "command without sender_ap set");
717 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
718 return;
719 } sta = NULL;
720 } else {
721 sta = sta_find(bss, sta_addr);
722 if (sta == NULL) {
723 wpa_printf(MSG_INFO, "Station not found for inject "
724 "command");
725 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
726 return;
727 }
728 }
729
730 switch (frame) {
731 case WLANTEST_FRAME_AUTH:
732 ret = ctrl_inject_auth(wt, bss, sta, sender_ap, prot);
733 break;
734 case WLANTEST_FRAME_ASSOCREQ:
735 ret = ctrl_inject_assocreq(wt, bss, sta, sender_ap, prot);
736 break;
737 case WLANTEST_FRAME_REASSOCREQ:
738 ret = ctrl_inject_reassocreq(wt, bss, sta, sender_ap, prot);
739 break;
740 case WLANTEST_FRAME_DEAUTH:
741 ret = ctrl_inject_deauth(wt, bss, sta, sender_ap, prot);
742 break;
743 case WLANTEST_FRAME_DISASSOC:
744 ret = ctrl_inject_disassoc(wt, bss, sta, sender_ap, prot);
745 break;
746 case WLANTEST_FRAME_SAQUERYREQ:
747 ret = ctrl_inject_saqueryreq(wt, bss, sta, sender_ap, prot);
748 break;
749 default:
750 wpa_printf(MSG_INFO, "Unsupported inject command frame %d",
751 frame);
752 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
753 return;
754 }
755
756 if (ret)
757 wpa_printf(MSG_INFO, "Failed to inject frame");
758 else
759 wpa_printf(MSG_INFO, "Frame injected successfully");
760 ctrl_send_simple(wt, sock, ret == 0 ? WLANTEST_CTRL_SUCCESS :
761 WLANTEST_CTRL_FAILURE);
762 }
763
764
765 static void ctrl_version(struct wlantest *wt, int sock)
766 {
767 u8 buf[WLANTEST_CTRL_MAX_RESP_LEN], *pos;
768
769 pos = buf;
770 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
771 pos += 4;
772 pos = attr_add_str(pos, buf + sizeof(buf), WLANTEST_ATTR_VERSION,
773 VERSION_STR);
774 ctrl_send(wt, sock, buf, pos - buf);
775 }
776
777
778 static void ctrl_add_passphrase(struct wlantest *wt, int sock, u8 *cmd,
779 size_t clen)
780 {
781 u8 *passphrase;
782 size_t len;
783 struct wlantest_passphrase *p, *pa;
784 u8 *bssid;
785
786 passphrase = attr_get(cmd, clen, WLANTEST_ATTR_PASSPHRASE, &len);
787 if (passphrase == NULL) {
788 u8 *wepkey;
789 char *key;
790 enum wlantest_ctrl_cmd res;
791
792 wepkey = attr_get(cmd, clen, WLANTEST_ATTR_WEPKEY, &len);
793 if (wepkey == NULL) {
794 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
795 return;
796 }
797 key = os_zalloc(len + 1);
798 if (key == NULL) {
799 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
800 return;
801 }
802 os_memcpy(key, wepkey, len);
803 if (add_wep(wt, key) < 0)
804 res = WLANTEST_CTRL_FAILURE;
805 else
806 res = WLANTEST_CTRL_SUCCESS;
807 os_free(key);
808 ctrl_send_simple(wt, sock, res);
809 return;
810 }
811
812 if (len < 8 || len > 63) {
813 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
814 return;
815 }
816
817 p = os_zalloc(sizeof(*p));
818 if (p == NULL) {
819 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
820 return;
821 }
822 os_memcpy(p->passphrase, passphrase, len);
823 wpa_printf(MSG_INFO, "Add passphrase '%s'", p->passphrase);
824
825 bssid = attr_get_macaddr(cmd, clen, WLANTEST_ATTR_BSSID);
826 if (bssid) {
827 os_memcpy(p->bssid, bssid, ETH_ALEN);
828 wpa_printf(MSG_INFO, "Limit passphrase for BSSID " MACSTR,
829 MAC2STR(p->bssid));
830 }
831
832 dl_list_for_each(pa, &wt->passphrase, struct wlantest_passphrase, list)
833 {
834 if (os_strcmp(p->passphrase, pa->passphrase) == 0 &&
835 os_memcmp(p->bssid, pa->bssid, ETH_ALEN) == 0) {
836 wpa_printf(MSG_INFO, "Passphrase was already known");
837 os_free(p);
838 p = NULL;
839 break;
840 }
841 }
842
843 if (p) {
844 struct wlantest_bss *bss;
845 dl_list_add(&wt->passphrase, &p->list);
846 dl_list_for_each(bss, &wt->bss, struct wlantest_bss, list) {
847 if (bssid &&
848 os_memcmp(p->bssid, bss->bssid, ETH_ALEN) != 0)
849 continue;
850 bss_add_pmk_from_passphrase(bss, p->passphrase);
851 }
852 }
853
854 ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
855 }
856
857
858 static void info_print_proto(char *buf, size_t len, int proto)
859 {
860 char *pos, *end;
861
862 if (proto == 0) {
863 os_snprintf(buf, len, "OPEN");
864 return;
865 }
866
867 pos = buf;
868 end = buf + len;
869
870 if (proto & WPA_PROTO_WPA)
871 pos += os_snprintf(pos, end - pos, "%sWPA",
872 pos == buf ? "" : " ");
873 if (proto & WPA_PROTO_RSN)
874 pos += os_snprintf(pos, end - pos, "%sWPA2",
875 pos == buf ? "" : " ");
876 }
877
878
879 static void info_print_cipher(char *buf, size_t len, int cipher)
880 {
881 char *pos, *end;
882
883 if (cipher == 0) {
884 os_snprintf(buf, len, "N/A");
885 return;
886 }
887
888 pos = buf;
889 end = buf + len;
890
891 if (cipher & WPA_CIPHER_NONE)
892 pos += os_snprintf(pos, end - pos, "%sNONE",
893 pos == buf ? "" : " ");
894 if (cipher & WPA_CIPHER_WEP40)
895 pos += os_snprintf(pos, end - pos, "%sWEP40",
896 pos == buf ? "" : " ");
897 if (cipher & WPA_CIPHER_WEP104)
898 pos += os_snprintf(pos, end - pos, "%sWEP104",
899 pos == buf ? "" : " ");
900 if (cipher & WPA_CIPHER_TKIP)
901 pos += os_snprintf(pos, end - pos, "%sTKIP",
902 pos == buf ? "" : " ");
903 if (cipher & WPA_CIPHER_CCMP)
904 pos += os_snprintf(pos, end - pos, "%sCCMP",
905 pos == buf ? "" : " ");
906 if (cipher & WPA_CIPHER_AES_128_CMAC)
907 pos += os_snprintf(pos, end - pos, "%sBIP",
908 pos == buf ? "" : " ");
909 }
910
911
912 static void info_print_key_mgmt(char *buf, size_t len, int key_mgmt)
913 {
914 char *pos, *end;
915
916 if (key_mgmt == 0) {
917 os_snprintf(buf, len, "N/A");
918 return;
919 }
920
921 pos = buf;
922 end = buf + len;
923
924 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X)
925 pos += os_snprintf(pos, end - pos, "%sEAP",
926 pos == buf ? "" : " ");
927 if (key_mgmt & WPA_KEY_MGMT_PSK)
928 pos += os_snprintf(pos, end - pos, "%sPSK",
929 pos == buf ? "" : " ");
930 if (key_mgmt & WPA_KEY_MGMT_WPA_NONE)
931 pos += os_snprintf(pos, end - pos, "%sWPA-NONE",
932 pos == buf ? "" : " ");
933 if (key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
934 pos += os_snprintf(pos, end - pos, "%sFT-EAP",
935 pos == buf ? "" : " ");
936 if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
937 pos += os_snprintf(pos, end - pos, "%sFT-PSK",
938 pos == buf ? "" : " ");
939 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
940 pos += os_snprintf(pos, end - pos, "%sEAP-SHA256",
941 pos == buf ? "" : " ");
942 if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
943 pos += os_snprintf(pos, end - pos, "%sPSK-SHA256",
944 pos == buf ? "" : " ");
945 if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B)
946 pos += os_snprintf(pos, end - pos, "%sEAP-SUITE-B",
947 pos == buf ? "" : " ");
948 }
949
950
951 static void info_print_rsn_capab(char *buf, size_t len, int capab)
952 {
953 char *pos, *end;
954
955 pos = buf;
956 end = buf + len;
957
958 if (capab & WPA_CAPABILITY_PREAUTH)
959 pos += os_snprintf(pos, end - pos, "%sPREAUTH",
960 pos == buf ? "" : " ");
961 if (capab & WPA_CAPABILITY_NO_PAIRWISE)
962 pos += os_snprintf(pos, end - pos, "%sNO_PAIRWISE",
963 pos == buf ? "" : " ");
964 if (capab & WPA_CAPABILITY_MFPR)
965 pos += os_snprintf(pos, end - pos, "%sMFPR",
966 pos == buf ? "" : " ");
967 if (capab & WPA_CAPABILITY_MFPC)
968 pos += os_snprintf(pos, end - pos, "%sMFPC",
969 pos == buf ? "" : " ");
970 if (capab & WPA_CAPABILITY_PEERKEY_ENABLED)
971 pos += os_snprintf(pos, end - pos, "%sPEERKEY",
972 pos == buf ? "" : " ");
973 }
974
975
976 static void info_print_state(char *buf, size_t len, int state)
977 {
978 switch (state) {
979 case STATE1:
980 os_strlcpy(buf, "NOT-AUTH", len);
981 break;
982 case STATE2:
983 os_strlcpy(buf, "AUTH", len);
984 break;
985 case STATE3:
986 os_strlcpy(buf, "AUTH+ASSOC", len);
987 break;
988 }
989 }
990
991
992 static void info_print_gtk(char *buf, size_t len, struct wlantest_sta *sta)
993 {
994 size_t pos;
995
996 pos = os_snprintf(buf, len, "IDX=%d,GTK=", sta->gtk_idx);
997 wpa_snprintf_hex(buf + pos, len - pos, sta->gtk, sta->gtk_len);
998 }
999
1000
1001 static void ctrl_info_sta(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
1002 {
1003 u8 *addr;
1004 size_t addr_len;
1005 struct wlantest_bss *bss;
1006 struct wlantest_sta *sta;
1007 enum wlantest_sta_info info;
1008 u8 buf[4 + 108], *end, *pos;
1009 char resp[100];
1010
1011 bss = ctrl_get_bss(wt, sock, cmd, clen);
1012 sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
1013 if (sta == NULL)
1014 return;
1015
1016 addr = attr_get(cmd, clen, WLANTEST_ATTR_STA_INFO, &addr_len);
1017 if (addr == NULL || addr_len != 4) {
1018 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1019 return;
1020 }
1021 info = WPA_GET_BE32(addr);
1022
1023 resp[0] = '\0';
1024 switch (info) {
1025 case WLANTEST_STA_INFO_PROTO:
1026 info_print_proto(resp, sizeof(resp), sta->proto);
1027 break;
1028 case WLANTEST_STA_INFO_PAIRWISE:
1029 info_print_cipher(resp, sizeof(resp), sta->pairwise_cipher);
1030 break;
1031 case WLANTEST_STA_INFO_KEY_MGMT:
1032 info_print_key_mgmt(resp, sizeof(resp), sta->key_mgmt);
1033 break;
1034 case WLANTEST_STA_INFO_RSN_CAPAB:
1035 info_print_rsn_capab(resp, sizeof(resp), sta->rsn_capab);
1036 break;
1037 case WLANTEST_STA_INFO_STATE:
1038 info_print_state(resp, sizeof(resp), sta->state);
1039 break;
1040 case WLANTEST_STA_INFO_GTK:
1041 info_print_gtk(resp, sizeof(resp), sta);
1042 break;
1043 default:
1044 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1045 return;
1046 }
1047
1048 pos = buf;
1049 end = buf + sizeof(buf);
1050 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
1051 pos += 4;
1052 pos = attr_add_str(pos, end, WLANTEST_ATTR_INFO, resp);
1053 ctrl_send(wt, sock, buf, pos - buf);
1054 }
1055
1056
1057 static void ctrl_info_bss(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
1058 {
1059 u8 *addr;
1060 size_t addr_len;
1061 struct wlantest_bss *bss;
1062 enum wlantest_bss_info info;
1063 u8 buf[4 + 108], *end, *pos;
1064 char resp[100];
1065
1066 bss = ctrl_get_bss(wt, sock, cmd, clen);
1067 if (bss == NULL)
1068 return;
1069
1070 addr = attr_get(cmd, clen, WLANTEST_ATTR_BSS_INFO, &addr_len);
1071 if (addr == NULL || addr_len != 4) {
1072 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1073 return;
1074 }
1075 info = WPA_GET_BE32(addr);
1076
1077 resp[0] = '\0';
1078 switch (info) {
1079 case WLANTEST_BSS_INFO_PROTO:
1080 info_print_proto(resp, sizeof(resp), bss->proto);
1081 break;
1082 case WLANTEST_BSS_INFO_PAIRWISE:
1083 info_print_cipher(resp, sizeof(resp), bss->pairwise_cipher);
1084 break;
1085 case WLANTEST_BSS_INFO_GROUP:
1086 info_print_cipher(resp, sizeof(resp), bss->group_cipher);
1087 break;
1088 case WLANTEST_BSS_INFO_GROUP_MGMT:
1089 info_print_cipher(resp, sizeof(resp), bss->mgmt_group_cipher);
1090 break;
1091 case WLANTEST_BSS_INFO_KEY_MGMT:
1092 info_print_key_mgmt(resp, sizeof(resp), bss->key_mgmt);
1093 break;
1094 case WLANTEST_BSS_INFO_RSN_CAPAB:
1095 info_print_rsn_capab(resp, sizeof(resp), bss->rsn_capab);
1096 break;
1097 default:
1098 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1099 return;
1100 }
1101
1102 pos = buf;
1103 end = buf + sizeof(buf);
1104 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
1105 pos += 4;
1106 pos = attr_add_str(pos, end, WLANTEST_ATTR_INFO, resp);
1107 ctrl_send(wt, sock, buf, pos - buf);
1108 }
1109
1110
1111 static void ctrl_send_(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
1112 {
1113 struct wlantest_bss *bss;
1114 struct wlantest_sta *sta;
1115 u8 *bssid, *sta_addr;
1116 int prot;
1117 u8 *frame;
1118 size_t frame_len;
1119 int ret = 0;
1120 struct ieee80211_hdr *hdr;
1121 u16 fc;
1122
1123 frame = attr_get(cmd, clen, WLANTEST_ATTR_FRAME, &frame_len);
1124 prot = attr_get_int(cmd, clen, WLANTEST_ATTR_INJECT_PROTECTION);
1125 if (frame == NULL || frame_len < 24 || prot < 0) {
1126 wpa_printf(MSG_INFO, "Invalid send command parameters");
1127 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1128 return;
1129 }
1130
1131 hdr = (struct ieee80211_hdr *) frame;
1132 fc = le_to_host16(hdr->frame_control);
1133 switch (WLAN_FC_GET_TYPE(fc)) {
1134 case WLAN_FC_TYPE_MGMT:
1135 bssid = hdr->addr3;
1136 if (os_memcmp(hdr->addr2, hdr->addr3, ETH_ALEN) == 0)
1137 sta_addr = hdr->addr1;
1138 else
1139 sta_addr = hdr->addr2;
1140 break;
1141 case WLAN_FC_TYPE_DATA:
1142 switch (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) {
1143 case 0:
1144 bssid = hdr->addr3;
1145 sta_addr = hdr->addr2;
1146 break;
1147 case WLAN_FC_TODS:
1148 bssid = hdr->addr1;
1149 sta_addr = hdr->addr2;
1150 break;
1151 case WLAN_FC_FROMDS:
1152 bssid = hdr->addr2;
1153 sta_addr = hdr->addr1;
1154 break;
1155 default:
1156 wpa_printf(MSG_INFO, "Unsupported inject frame");
1157 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
1158 return;
1159 }
1160 break;
1161 default:
1162 wpa_printf(MSG_INFO, "Unsupported inject frame");
1163 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
1164 return;
1165 }
1166
1167 bss = bss_find(wt, bssid);
1168 if (bss == NULL && prot != WLANTEST_INJECT_UNPROTECTED) {
1169 wpa_printf(MSG_INFO, "Unknown BSSID");
1170 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
1171 return;
1172 }
1173
1174 if (bss)
1175 sta = sta_find(bss, sta_addr);
1176 else
1177 sta = NULL;
1178 if (sta == NULL && prot != WLANTEST_INJECT_UNPROTECTED) {
1179 wpa_printf(MSG_INFO, "Unknown STA address");
1180 ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
1181 return;
1182 }
1183
1184 ret = wlantest_inject(wt, bss, sta, frame, frame_len, prot);
1185
1186 if (ret)
1187 wpa_printf(MSG_INFO, "Failed to inject frame");
1188 else
1189 wpa_printf(MSG_INFO, "Frame injected successfully");
1190 ctrl_send_simple(wt, sock, ret == 0 ? WLANTEST_CTRL_SUCCESS :
1191 WLANTEST_CTRL_FAILURE);
1192 }
1193
1194
1195 static void ctrl_relog(struct wlantest *wt, int sock)
1196 {
1197 int res = wlantest_relog(wt);
1198 ctrl_send_simple(wt, sock, res ? WLANTEST_CTRL_FAILURE :
1199 WLANTEST_CTRL_SUCCESS);
1200 }
1201
1202
1203 static void ctrl_get_tx_tid(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
1204 {
1205 u8 *addr;
1206 size_t addr_len;
1207 struct wlantest_bss *bss;
1208 struct wlantest_sta *sta;
1209 u32 counter;
1210 u8 buf[4 + 12], *end, *pos;
1211
1212 bss = ctrl_get_bss(wt, sock, cmd, clen);
1213 sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
1214 if (sta == NULL)
1215 return;
1216
1217 addr = attr_get(cmd, clen, WLANTEST_ATTR_TID, &addr_len);
1218 if (addr == NULL || addr_len != 4) {
1219 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1220 return;
1221 }
1222 counter = WPA_GET_BE32(addr);
1223 if (counter >= 16 + 1) {
1224 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1225 return;
1226 }
1227
1228 pos = buf;
1229 end = buf + sizeof(buf);
1230 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
1231 pos += 4;
1232 pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
1233 sta->tx_tid[counter]);
1234 ctrl_send(wt, sock, buf, pos - buf);
1235 }
1236
1237
1238 static void ctrl_get_rx_tid(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
1239 {
1240 u8 *addr;
1241 size_t addr_len;
1242 struct wlantest_bss *bss;
1243 struct wlantest_sta *sta;
1244 u32 counter;
1245 u8 buf[4 + 12], *end, *pos;
1246
1247 bss = ctrl_get_bss(wt, sock, cmd, clen);
1248 sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
1249 if (sta == NULL)
1250 return;
1251
1252 addr = attr_get(cmd, clen, WLANTEST_ATTR_TID, &addr_len);
1253 if (addr == NULL || addr_len != 4) {
1254 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1255 return;
1256 }
1257 counter = WPA_GET_BE32(addr);
1258 if (counter >= 16 + 1) {
1259 ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
1260 return;
1261 }
1262
1263 pos = buf;
1264 end = buf + sizeof(buf);
1265 WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
1266 pos += 4;
1267 pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
1268 sta->rx_tid[counter]);
1269 ctrl_send(wt, sock, buf, pos - buf);
1270 }
1271
1272
1273 static void ctrl_read(int sock, void *eloop_ctx, void *sock_ctx)
1274 {
1275 struct wlantest *wt = eloop_ctx;
1276 u8 buf[WLANTEST_CTRL_MAX_CMD_LEN];
1277 int len;
1278 enum wlantest_ctrl_cmd cmd;
1279
1280 wpa_printf(MSG_EXCESSIVE, "New control interface message from %d",
1281 sock);
1282 len = recv(sock, buf, sizeof(buf), 0);
1283 if (len < 0) {
1284 wpa_printf(MSG_INFO, "recv(ctrl): %s", strerror(errno));
1285 ctrl_disconnect(wt, sock);
1286 return;
1287 }
1288 if (len == 0) {
1289 ctrl_disconnect(wt, sock);
1290 return;
1291 }
1292
1293 if (len < 4) {
1294 wpa_printf(MSG_INFO, "Too short control interface command "
1295 "from %d", sock);
1296 ctrl_disconnect(wt, sock);
1297 return;
1298 }
1299 cmd = WPA_GET_BE32(buf);
1300 wpa_printf(MSG_EXCESSIVE, "Control interface command %d from %d",
1301 cmd, sock);
1302
1303 switch (cmd) {
1304 case WLANTEST_CTRL_PING:
1305 ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
1306 break;
1307 case WLANTEST_CTRL_TERMINATE:
1308 ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
1309 eloop_terminate();
1310 break;
1311 case WLANTEST_CTRL_LIST_BSS:
1312 ctrl_list_bss(wt, sock);
1313 break;
1314 case WLANTEST_CTRL_LIST_STA:
1315 ctrl_list_sta(wt, sock, buf + 4, len - 4);
1316 break;
1317 case WLANTEST_CTRL_FLUSH:
1318 ctrl_flush(wt, sock);
1319 break;
1320 case WLANTEST_CTRL_CLEAR_STA_COUNTERS:
1321 ctrl_clear_sta_counters(wt, sock, buf + 4, len - 4);
1322 break;
1323 case WLANTEST_CTRL_CLEAR_BSS_COUNTERS:
1324 ctrl_clear_bss_counters(wt, sock, buf + 4, len - 4);
1325 break;
1326 case WLANTEST_CTRL_CLEAR_TDLS_COUNTERS:
1327 ctrl_clear_tdls_counters(wt, sock, buf + 4, len - 4);
1328 break;
1329 case WLANTEST_CTRL_GET_STA_COUNTER:
1330 ctrl_get_sta_counter(wt, sock, buf + 4, len - 4);
1331 break;
1332 case WLANTEST_CTRL_GET_BSS_COUNTER:
1333 ctrl_get_bss_counter(wt, sock, buf + 4, len - 4);
1334 break;
1335 case WLANTEST_CTRL_GET_TDLS_COUNTER:
1336 ctrl_get_tdls_counter(wt, sock, buf + 4, len - 4);
1337 break;
1338 case WLANTEST_CTRL_INJECT:
1339 ctrl_inject(wt, sock, buf + 4, len - 4);
1340 break;
1341 case WLANTEST_CTRL_VERSION:
1342 ctrl_version(wt, sock);
1343 break;
1344 case WLANTEST_CTRL_ADD_PASSPHRASE:
1345 ctrl_add_passphrase(wt, sock, buf + 4, len - 4);
1346 break;
1347 case WLANTEST_CTRL_INFO_STA:
1348 ctrl_info_sta(wt, sock, buf + 4, len - 4);
1349 break;
1350 case WLANTEST_CTRL_INFO_BSS:
1351 ctrl_info_bss(wt, sock, buf + 4, len - 4);
1352 break;
1353 case WLANTEST_CTRL_SEND:
1354 ctrl_send_(wt, sock, buf + 4, len - 4);
1355 break;
1356 case WLANTEST_CTRL_RELOG:
1357 ctrl_relog(wt, sock);
1358 break;
1359 case WLANTEST_CTRL_GET_TX_TID:
1360 ctrl_get_tx_tid(wt, sock, buf + 4, len - 4);
1361 break;
1362 case WLANTEST_CTRL_GET_RX_TID:
1363 ctrl_get_rx_tid(wt, sock, buf + 4, len - 4);
1364 break;
1365 default:
1366 ctrl_send_simple(wt, sock, WLANTEST_CTRL_UNKNOWN_CMD);
1367 break;
1368 }
1369 }
1370
1371
1372 static void ctrl_connect(int sock, void *eloop_ctx, void *sock_ctx)
1373 {
1374 struct wlantest *wt = eloop_ctx;
1375 int conn, i;
1376
1377 conn = accept(sock, NULL, NULL);
1378 if (conn < 0) {
1379 wpa_printf(MSG_INFO, "accept(ctrl): %s", strerror(errno));
1380 return;
1381 }
1382 wpa_printf(MSG_MSGDUMP, "New control interface connection %d", conn);
1383
1384 for (i = 0; i < MAX_CTRL_CONNECTIONS; i++) {
1385 if (wt->ctrl_socks[i] < 0)
1386 break;
1387 }
1388
1389 if (i == MAX_CTRL_CONNECTIONS) {
1390 wpa_printf(MSG_INFO, "No room for new control connection");
1391 close(conn);
1392 return;
1393 }
1394
1395 wt->ctrl_socks[i] = conn;
1396 eloop_register_read_sock(conn, ctrl_read, wt, NULL);
1397 }
1398
1399
1400 int ctrl_init(struct wlantest *wt)
1401 {
1402 struct sockaddr_un addr;
1403
1404 wt->ctrl_sock = socket(AF_UNIX, SOCK_SEQPACKET, 0);
1405 if (wt->ctrl_sock < 0) {
1406 wpa_printf(MSG_ERROR, "socket: %s", strerror(errno));
1407 return -1;
1408 }
1409
1410 os_memset(&addr, 0, sizeof(addr));
1411 addr.sun_family = AF_UNIX;
1412 os_strlcpy(addr.sun_path + 1, WLANTEST_SOCK_NAME,
1413 sizeof(addr.sun_path) - 1);
1414 if (bind(wt->ctrl_sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
1415 wpa_printf(MSG_ERROR, "bind: %s", strerror(errno));
1416 close(wt->ctrl_sock);
1417 wt->ctrl_sock = -1;
1418 return -1;
1419 }
1420
1421 if (listen(wt->ctrl_sock, 5) < 0) {
1422 wpa_printf(MSG_ERROR, "listen: %s", strerror(errno));
1423 close(wt->ctrl_sock);
1424 wt->ctrl_sock = -1;
1425 return -1;
1426 }
1427
1428 if (eloop_register_read_sock(wt->ctrl_sock, ctrl_connect, wt, NULL)) {
1429 close(wt->ctrl_sock);
1430 wt->ctrl_sock = -1;
1431 return -1;
1432 }
1433
1434 return 0;
1435 }
1436
1437
1438 void ctrl_deinit(struct wlantest *wt)
1439 {
1440 int i;
1441
1442 if (wt->ctrl_sock < 0)
1443 return;
1444
1445 for (i = 0; i < MAX_CTRL_CONNECTIONS; i++) {
1446 if (wt->ctrl_socks[i] >= 0) {
1447 close(wt->ctrl_socks[i]);
1448 eloop_unregister_read_sock(wt->ctrl_socks[i]);
1449 wt->ctrl_socks[i] = -1;
1450 }
1451 }
1452
1453 eloop_unregister_read_sock(wt->ctrl_sock);
1454 close(wt->ctrl_sock);
1455 wt->ctrl_sock = -1;
1456 }
Unnamed repository; edit this file 'description' to name the repository.