]> git.ipfire.org Git - thirdparty/hostap.git/blob - wlantest/rx_data.c
projects / thirdparty / hostap.git / blob
? search:


28202d822f5e84951430d06ca127c660660033ce
[thirdparty/hostap.git] / wlantest / rx_data.c
1 /*
2 * Received Data frame processing
3 * Copyright (c) 2010-2015, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "common/defs.h"
13 #include "common/ieee802_11_defs.h"
14 #include "wlantest.h"
15
16
17 static const char * data_stype(u16 stype)
18 {
19 switch (stype) {
20 case WLAN_FC_STYPE_DATA:
21 return "DATA";
22 case WLAN_FC_STYPE_DATA_CFACK:
23 return "DATA-CFACK";
24 case WLAN_FC_STYPE_DATA_CFPOLL:
25 return "DATA-CFPOLL";
26 case WLAN_FC_STYPE_DATA_CFACKPOLL:
27 return "DATA-CFACKPOLL";
28 case WLAN_FC_STYPE_NULLFUNC:
29 return "NULLFUNC";
30 case WLAN_FC_STYPE_CFACK:
31 return "CFACK";
32 case WLAN_FC_STYPE_CFPOLL:
33 return "CFPOLL";
34 case WLAN_FC_STYPE_CFACKPOLL:
35 return "CFACKPOLL";
36 case WLAN_FC_STYPE_QOS_DATA:
37 return "QOSDATA";
38 case WLAN_FC_STYPE_QOS_DATA_CFACK:
39 return "QOSDATA-CFACK";
40 case WLAN_FC_STYPE_QOS_DATA_CFPOLL:
41 return "QOSDATA-CFPOLL";
42 case WLAN_FC_STYPE_QOS_DATA_CFACKPOLL:
43 return "QOSDATA-CFACKPOLL";
44 case WLAN_FC_STYPE_QOS_NULL:
45 return "QOS-NULL";
46 case WLAN_FC_STYPE_QOS_CFPOLL:
47 return "QOS-CFPOLL";
48 case WLAN_FC_STYPE_QOS_CFACKPOLL:
49 return "QOS-CFACKPOLL";
50 }
51 return "??";
52 }
53
54
55 static void rx_data_eth(struct wlantest *wt, const u8 *bssid,
56 const u8 *sta_addr, const u8 *dst, const u8 *src,
57 u16 ethertype, const u8 *data, size_t len, int prot,
58 const u8 *peer_addr)
59 {
60 switch (ethertype) {
61 case ETH_P_PAE:
62 rx_data_eapol(wt, bssid, sta_addr, dst, src, data, len, prot);
63 break;
64 case ETH_P_IP:
65 rx_data_ip(wt, bssid, sta_addr, dst, src, data, len,
66 peer_addr);
67 break;
68 case 0x890d:
69 rx_data_80211_encap(wt, bssid, sta_addr, dst, src, data, len);
70 break;
71 }
72 }
73
74
75 static void rx_data_process(struct wlantest *wt, const u8 *bssid,
76 const u8 *sta_addr,
77 const u8 *dst, const u8 *src,
78 const u8 *data, size_t len, int prot,
79 const u8 *peer_addr)
80 {
81 if (len == 0)
82 return;
83
84 if (len >= 8 && os_memcmp(data, "\xaa\xaa\x03\x00\x00\x00", 6) == 0) {
85 rx_data_eth(wt, bssid, sta_addr, dst, src,
86 WPA_GET_BE16(data + 6), data + 8, len - 8, prot,
87 peer_addr);
88 return;
89 }
90
91 wpa_hexdump(MSG_DEBUG, "Unrecognized LLC", data, len > 8 ? 8 : len);
92 }
93
94
95 static u8 * try_all_ptk(struct wlantest *wt, int pairwise_cipher,
96 const struct ieee80211_hdr *hdr,
97 const u8 *data, size_t data_len, size_t *decrypted_len)
98 {
99 struct wlantest_ptk *ptk;
100 u8 *decrypted;
101 int prev_level = wpa_debug_level;
102
103 wpa_debug_level = MSG_WARNING;
104 dl_list_for_each(ptk, &wt->ptk, struct wlantest_ptk, list) {
105 unsigned int tk_len = ptk->ptk_len - 32;
106 decrypted = NULL;
107 if ((pairwise_cipher == WPA_CIPHER_CCMP ||
108 pairwise_cipher == 0) && tk_len == 16) {
109 decrypted = ccmp_decrypt(ptk->ptk.tk, hdr, data,
110 data_len, decrypted_len);
111 } else if ((pairwise_cipher == WPA_CIPHER_CCMP_256 ||
112 pairwise_cipher == 0) && tk_len == 32) {
113 decrypted = ccmp_256_decrypt(ptk->ptk.tk, hdr, data,
114 data_len, decrypted_len);
115 } else if ((pairwise_cipher == WPA_CIPHER_GCMP ||
116 pairwise_cipher == WPA_CIPHER_GCMP_256 ||
117 pairwise_cipher == 0) &&
118 (tk_len == 16 || tk_len == 32)) {
119 decrypted = gcmp_decrypt(ptk->ptk.tk, tk_len, hdr,
120 data, data_len, decrypted_len);
121 } else if ((pairwise_cipher == WPA_CIPHER_TKIP ||
122 pairwise_cipher == 0) && tk_len == 32) {
123 decrypted = tkip_decrypt(ptk->ptk.tk, hdr, data,
124 data_len, decrypted_len);
125 }
126 if (decrypted) {
127 wpa_debug_level = prev_level;
128 add_note(wt, MSG_DEBUG, "Found PTK match from list of all known PTKs");
129 return decrypted;
130 }
131 }
132 wpa_debug_level = prev_level;
133
134 return NULL;
135 }
136
137
138 static void rx_data_bss_prot_group(struct wlantest *wt,
139 const struct ieee80211_hdr *hdr,
140 size_t hdrlen,
141 const u8 *qos, const u8 *dst, const u8 *src,
142 const u8 *data, size_t len)
143 {
144 struct wlantest_bss *bss;
145 int keyid;
146 u8 *decrypted = NULL;
147 size_t dlen;
148 u8 pn[6];
149 int replay = 0;
150
151 bss = bss_get(wt, hdr->addr2);
152 if (bss == NULL)
153 return;
154 if (len < 4) {
155 add_note(wt, MSG_INFO, "Too short group addressed data frame");
156 return;
157 }
158
159 if (bss->group_cipher & (WPA_CIPHER_TKIP | WPA_CIPHER_CCMP) &&
160 !(data[3] & 0x20)) {
161 add_note(wt, MSG_INFO, "Expected TKIP/CCMP frame from "
162 MACSTR " did not have ExtIV bit set to 1",
163 MAC2STR(bss->bssid));
164 return;
165 }
166
167 if (bss->group_cipher == WPA_CIPHER_TKIP) {
168 if (data[3] & 0x1f) {
169 add_note(wt, MSG_INFO, "TKIP frame from " MACSTR
170 " used non-zero reserved bit",
171 MAC2STR(bss->bssid));
172 }
173 if (data[1] != ((data[0] | 0x20) & 0x7f)) {
174 add_note(wt, MSG_INFO, "TKIP frame from " MACSTR
175 " used incorrect WEPSeed[1] (was 0x%x, "
176 "expected 0x%x)",
177 MAC2STR(bss->bssid), data[1],
178 (data[0] | 0x20) & 0x7f);
179 }
180 } else if (bss->group_cipher == WPA_CIPHER_CCMP) {
181 if (data[2] != 0 || (data[3] & 0x1f) != 0) {
182 add_note(wt, MSG_INFO, "CCMP frame from " MACSTR
183 " used non-zero reserved bit",
184 MAC2STR(bss->bssid));
185 }
186 }
187
188 keyid = data[3] >> 6;
189 if (bss->gtk_len[keyid] == 0 && bss->group_cipher != WPA_CIPHER_WEP40)
190 {
191 add_note(wt, MSG_MSGDUMP, "No GTK known to decrypt the frame "
192 "(A2=" MACSTR " KeyID=%d)",
193 MAC2STR(hdr->addr2), keyid);
194 return;
195 }
196
197 if (bss->group_cipher == WPA_CIPHER_TKIP)
198 tkip_get_pn(pn, data);
199 else if (bss->group_cipher == WPA_CIPHER_WEP40)
200 goto skip_replay_det;
201 else
202 ccmp_get_pn(pn, data);
203 if (os_memcmp(pn, bss->rsc[keyid], 6) <= 0) {
204 u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
205 add_note(wt, MSG_INFO, "CCMP/TKIP replay detected: A1=" MACSTR
206 " A2=" MACSTR " A3=" MACSTR " seq=%u frag=%u%s",
207 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
208 MAC2STR(hdr->addr3),
209 WLAN_GET_SEQ_SEQ(seq_ctrl),
210 WLAN_GET_SEQ_FRAG(seq_ctrl),
211 (le_to_host16(hdr->frame_control) & WLAN_FC_RETRY) ?
212 " Retry" : "");
213 wpa_hexdump(MSG_INFO, "RX PN", pn, 6);
214 wpa_hexdump(MSG_INFO, "RSC", bss->rsc[keyid], 6);
215 replay = 1;
216 }
217
218 skip_replay_det:
219 if (bss->group_cipher == WPA_CIPHER_TKIP)
220 decrypted = tkip_decrypt(bss->gtk[keyid], hdr, data, len,
221 &dlen);
222 else if (bss->group_cipher == WPA_CIPHER_WEP40)
223 decrypted = wep_decrypt(wt, hdr, data, len, &dlen);
224 else if (bss->group_cipher == WPA_CIPHER_CCMP)
225 decrypted = ccmp_decrypt(bss->gtk[keyid], hdr, data, len,
226 &dlen);
227 else if (bss->group_cipher == WPA_CIPHER_CCMP_256)
228 decrypted = ccmp_256_decrypt(bss->gtk[keyid], hdr, data, len,
229 &dlen);
230 else if (bss->group_cipher == WPA_CIPHER_GCMP ||
231 bss->group_cipher == WPA_CIPHER_GCMP_256)
232 decrypted = gcmp_decrypt(bss->gtk[keyid], bss->gtk_len[keyid],
233 hdr, data, len, &dlen);
234
235 if (decrypted) {
236 rx_data_process(wt, bss->bssid, NULL, dst, src, decrypted,
237 dlen, 1, NULL);
238 if (!replay)
239 os_memcpy(bss->rsc[keyid], pn, 6);
240 write_pcap_decrypted(wt, (const u8 *) hdr, hdrlen,
241 decrypted, dlen);
242 } else
243 add_note(wt, MSG_DEBUG, "Failed to decrypt frame");
244 os_free(decrypted);
245 }
246
247
248 static void rx_data_bss_prot(struct wlantest *wt,
249 const struct ieee80211_hdr *hdr, size_t hdrlen,
250 const u8 *qos, const u8 *dst, const u8 *src,
251 const u8 *data, size_t len)
252 {
253 struct wlantest_bss *bss, *bss2;
254 struct wlantest_sta *sta, *sta2;
255 int keyid;
256 u16 fc = le_to_host16(hdr->frame_control);
257 u8 *decrypted;
258 size_t dlen;
259 int tid;
260 u8 pn[6], *rsc;
261 struct wlantest_tdls *tdls = NULL, *found;
262 const u8 *tk = NULL;
263 int ptk_iter_done = 0;
264 int try_ptk_iter = 0;
265 int replay = 0;
266
267 if (hdr->addr1[0] & 0x01) {
268 rx_data_bss_prot_group(wt, hdr, hdrlen, qos, dst, src,
269 data, len);
270 return;
271 }
272
273 if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
274 (WLAN_FC_TODS | WLAN_FC_FROMDS)) {
275 bss = bss_find(wt, hdr->addr1);
276 if (bss) {
277 sta = sta_find(bss, hdr->addr2);
278 if (sta) {
279 sta->counters[
280 WLANTEST_STA_COUNTER_PROT_DATA_TX]++;
281 }
282 if (!sta || !sta->ptk_set) {
283 bss2 = bss_find(wt, hdr->addr2);
284 if (bss2) {
285 sta2 = sta_find(bss2, hdr->addr1);
286 if (sta2 && (!sta || sta2->ptk_set)) {
287 bss = bss2;
288 sta = sta2;
289 }
290 }
291 }
292 } else {
293 bss = bss_find(wt, hdr->addr2);
294 if (!bss)
295 return;
296 sta = sta_find(bss, hdr->addr1);
297 }
298 } else if (fc & WLAN_FC_TODS) {
299 bss = bss_get(wt, hdr->addr1);
300 if (bss == NULL)
301 return;
302 sta = sta_get(bss, hdr->addr2);
303 if (sta)
304 sta->counters[WLANTEST_STA_COUNTER_PROT_DATA_TX]++;
305 } else if (fc & WLAN_FC_FROMDS) {
306 bss = bss_get(wt, hdr->addr2);
307 if (bss == NULL)
308 return;
309 sta = sta_get(bss, hdr->addr1);
310 } else {
311 bss = bss_get(wt, hdr->addr3);
312 if (bss == NULL)
313 return;
314 sta = sta_find(bss, hdr->addr2);
315 sta2 = sta_find(bss, hdr->addr1);
316 if (sta == NULL || sta2 == NULL)
317 return;
318 found = NULL;
319 dl_list_for_each(tdls, &bss->tdls, struct wlantest_tdls, list)
320 {
321 if ((tdls->init == sta && tdls->resp == sta2) ||
322 (tdls->init == sta2 && tdls->resp == sta)) {
323 found = tdls;
324 if (tdls->link_up)
325 break;
326 }
327 }
328 if (found) {
329 if (!found->link_up)
330 add_note(wt, MSG_DEBUG,
331 "TDLS: Link not up, but Data "
332 "frame seen");
333 tk = found->tpk.tk;
334 tdls = found;
335 }
336 }
337 if ((sta == NULL ||
338 (!sta->ptk_set && sta->pairwise_cipher != WPA_CIPHER_WEP40)) &&
339 tk == NULL) {
340 add_note(wt, MSG_MSGDUMP, "No PTK known to decrypt the frame");
341 if (dl_list_empty(&wt->ptk))
342 return;
343 try_ptk_iter = 1;
344 }
345
346 if (len < 4) {
347 add_note(wt, MSG_INFO, "Too short encrypted data frame");
348 return;
349 }
350
351 if (sta == NULL)
352 return;
353 if (sta->pairwise_cipher & (WPA_CIPHER_TKIP | WPA_CIPHER_CCMP) &&
354 !(data[3] & 0x20)) {
355 add_note(wt, MSG_INFO, "Expected TKIP/CCMP frame from "
356 MACSTR " did not have ExtIV bit set to 1",
357 MAC2STR(src));
358 return;
359 }
360
361 if (tk == NULL && sta->pairwise_cipher == WPA_CIPHER_TKIP) {
362 if (data[3] & 0x1f) {
363 add_note(wt, MSG_INFO, "TKIP frame from " MACSTR
364 " used non-zero reserved bit",
365 MAC2STR(hdr->addr2));
366 }
367 if (data[1] != ((data[0] | 0x20) & 0x7f)) {
368 add_note(wt, MSG_INFO, "TKIP frame from " MACSTR
369 " used incorrect WEPSeed[1] (was 0x%x, "
370 "expected 0x%x)",
371 MAC2STR(hdr->addr2), data[1],
372 (data[0] | 0x20) & 0x7f);
373 }
374 } else if (tk || sta->pairwise_cipher == WPA_CIPHER_CCMP) {
375 if (data[2] != 0 || (data[3] & 0x1f) != 0) {
376 add_note(wt, MSG_INFO, "CCMP frame from " MACSTR
377 " used non-zero reserved bit",
378 MAC2STR(hdr->addr2));
379 }
380 }
381
382 keyid = data[3] >> 6;
383 if (keyid != 0) {
384 add_note(wt, MSG_INFO, "Unexpected non-zero KeyID %d in "
385 "individually addressed Data frame from " MACSTR,
386 keyid, MAC2STR(hdr->addr2));
387 }
388
389 if (qos) {
390 tid = qos[0] & 0x0f;
391 if (fc & WLAN_FC_TODS)
392 sta->tx_tid[tid]++;
393 else
394 sta->rx_tid[tid]++;
395 } else {
396 tid = 0;
397 if (fc & WLAN_FC_TODS)
398 sta->tx_tid[16]++;
399 else
400 sta->rx_tid[16]++;
401 }
402 if (tk) {
403 if (os_memcmp(hdr->addr2, tdls->init->addr, ETH_ALEN) == 0)
404 rsc = tdls->rsc_init[tid];
405 else
406 rsc = tdls->rsc_resp[tid];
407 } else if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
408 (WLAN_FC_TODS | WLAN_FC_FROMDS)) {
409 if (os_memcmp(sta->addr, hdr->addr2, ETH_ALEN) == 0)
410 rsc = sta->rsc_tods[tid];
411 else
412 rsc = sta->rsc_fromds[tid];
413 } else if (fc & WLAN_FC_TODS)
414 rsc = sta->rsc_tods[tid];
415 else
416 rsc = sta->rsc_fromds[tid];
417
418
419 if (tk == NULL && sta->pairwise_cipher == WPA_CIPHER_TKIP)
420 tkip_get_pn(pn, data);
421 else if (sta->pairwise_cipher == WPA_CIPHER_WEP40)
422 goto skip_replay_det;
423 else
424 ccmp_get_pn(pn, data);
425 if (os_memcmp(pn, rsc, 6) <= 0) {
426 u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
427 add_note(wt, MSG_INFO, "CCMP/TKIP replay detected: A1=" MACSTR
428 " A2=" MACSTR " A3=" MACSTR " seq=%u frag=%u%s",
429 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
430 MAC2STR(hdr->addr3),
431 WLAN_GET_SEQ_SEQ(seq_ctrl),
432 WLAN_GET_SEQ_FRAG(seq_ctrl),
433 (le_to_host16(hdr->frame_control) & WLAN_FC_RETRY) ?
434 " Retry" : "");
435 wpa_hexdump(MSG_INFO, "RX PN", pn, 6);
436 wpa_hexdump(MSG_INFO, "RSC", rsc, 6);
437 replay = 1;
438 }
439
440 skip_replay_det:
441 if (tk) {
442 if (sta->pairwise_cipher == WPA_CIPHER_CCMP_256)
443 decrypted = ccmp_256_decrypt(tk, hdr, data, len, &dlen);
444 else if (sta->pairwise_cipher == WPA_CIPHER_GCMP ||
445 sta->pairwise_cipher == WPA_CIPHER_GCMP_256)
446 decrypted = gcmp_decrypt(tk, sta->ptk.tk_len, hdr, data,
447 len, &dlen);
448 else
449 decrypted = ccmp_decrypt(tk, hdr, data, len, &dlen);
450 } else if (sta->pairwise_cipher == WPA_CIPHER_TKIP) {
451 decrypted = tkip_decrypt(sta->ptk.tk, hdr, data, len, &dlen);
452 } else if (sta->pairwise_cipher == WPA_CIPHER_WEP40) {
453 decrypted = wep_decrypt(wt, hdr, data, len, &dlen);
454 } else if (sta->ptk_set) {
455 if (sta->pairwise_cipher == WPA_CIPHER_CCMP_256)
456 decrypted = ccmp_256_decrypt(sta->ptk.tk, hdr, data,
457 len, &dlen);
458 else if (sta->pairwise_cipher == WPA_CIPHER_GCMP ||
459 sta->pairwise_cipher == WPA_CIPHER_GCMP_256)
460 decrypted = gcmp_decrypt(sta->ptk.tk, sta->ptk.tk_len,
461 hdr, data, len, &dlen);
462 else
463 decrypted = ccmp_decrypt(sta->ptk.tk, hdr, data, len,
464 &dlen);
465 } else {
466 decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, data,
467 len, &dlen);
468 ptk_iter_done = 1;
469 }
470 if (!decrypted && !ptk_iter_done) {
471 decrypted = try_all_ptk(wt, sta->pairwise_cipher, hdr, data,
472 len, &dlen);
473 if (decrypted) {
474 add_note(wt, MSG_DEBUG, "Current PTK did not work, but found a match from all known PTKs");
475 }
476 }
477 if (decrypted) {
478 u16 fc = le_to_host16(hdr->frame_control);
479 const u8 *peer_addr = NULL;
480 if (!(fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)))
481 peer_addr = hdr->addr1;
482 if (!replay)
483 os_memcpy(rsc, pn, 6);
484 rx_data_process(wt, bss->bssid, sta->addr, dst, src, decrypted,
485 dlen, 1, peer_addr);
486 write_pcap_decrypted(wt, (const u8 *) hdr, hdrlen,
487 decrypted, dlen);
488 } else {
489 if (!try_ptk_iter)
490 add_note(wt, MSG_DEBUG, "Failed to decrypt frame");
491
492 /* Assume the frame was corrupted and there was no FCS to check.
493 * Allow retry of this particular frame to be processed so that
494 * it could end up getting decrypted if it was received without
495 * corruption. */
496 sta->allow_duplicate = 1;
497 }
498 os_free(decrypted);
499 }
500
501
502 static void rx_data_bss(struct wlantest *wt, const struct ieee80211_hdr *hdr,
503 size_t hdrlen, const u8 *qos, const u8 *dst,
504 const u8 *src, const u8 *data, size_t len)
505 {
506 u16 fc = le_to_host16(hdr->frame_control);
507 int prot = !!(fc & WLAN_FC_ISWEP);
508
509 if (qos) {
510 u8 ack = (qos[0] & 0x60) >> 5;
511 wpa_printf(MSG_MSGDUMP, "BSS DATA: " MACSTR " -> " MACSTR
512 " len=%u%s tid=%u%s%s",
513 MAC2STR(src), MAC2STR(dst), (unsigned int) len,
514 prot ? " Prot" : "", qos[0] & 0x0f,
515 (qos[0] & 0x10) ? " EOSP" : "",
516 ack == 0 ? "" :
517 (ack == 1 ? " NoAck" :
518 (ack == 2 ? " NoExpAck" : " BA")));
519 } else {
520 wpa_printf(MSG_MSGDUMP, "BSS DATA: " MACSTR " -> " MACSTR
521 " len=%u%s",
522 MAC2STR(src), MAC2STR(dst), (unsigned int) len,
523 prot ? " Prot" : "");
524 }
525
526 if (prot)
527 rx_data_bss_prot(wt, hdr, hdrlen, qos, dst, src, data, len);
528 else {
529 const u8 *bssid, *sta_addr, *peer_addr;
530 struct wlantest_bss *bss;
531
532 if (fc & WLAN_FC_TODS) {
533 bssid = hdr->addr1;
534 sta_addr = hdr->addr2;
535 peer_addr = NULL;
536 } else if (fc & WLAN_FC_FROMDS) {
537 bssid = hdr->addr2;
538 sta_addr = hdr->addr1;
539 peer_addr = NULL;
540 } else {
541 bssid = hdr->addr3;
542 sta_addr = hdr->addr2;
543 peer_addr = hdr->addr1;
544 }
545
546 bss = bss_get(wt, bssid);
547 if (bss) {
548 struct wlantest_sta *sta = sta_get(bss, sta_addr);
549
550 if (sta) {
551 if (qos) {
552 int tid = qos[0] & 0x0f;
553 if (fc & WLAN_FC_TODS)
554 sta->tx_tid[tid]++;
555 else
556 sta->rx_tid[tid]++;
557 } else {
558 if (fc & WLAN_FC_TODS)
559 sta->tx_tid[16]++;
560 else
561 sta->rx_tid[16]++;
562 }
563 }
564 }
565
566 rx_data_process(wt, bssid, sta_addr, dst, src, data, len, 0,
567 peer_addr);
568 }
569 }
570
571
572 static struct wlantest_tdls * get_tdls(struct wlantest *wt, const u8 *bssid,
573 const u8 *sta1_addr,
574 const u8 *sta2_addr)
575 {
576 struct wlantest_bss *bss;
577 struct wlantest_sta *sta1, *sta2;
578 struct wlantest_tdls *tdls, *found = NULL;
579
580 bss = bss_find(wt, bssid);
581 if (bss == NULL)
582 return NULL;
583 sta1 = sta_find(bss, sta1_addr);
584 if (sta1 == NULL)
585 return NULL;
586 sta2 = sta_find(bss, sta2_addr);
587 if (sta2 == NULL)
588 return NULL;
589
590 dl_list_for_each(tdls, &bss->tdls, struct wlantest_tdls, list) {
591 if ((tdls->init == sta1 && tdls->resp == sta2) ||
592 (tdls->init == sta2 && tdls->resp == sta1)) {
593 found = tdls;
594 if (tdls->link_up)
595 break;
596 }
597 }
598
599 return found;
600 }
601
602
603 static void add_direct_link(struct wlantest *wt, const u8 *bssid,
604 const u8 *sta1_addr, const u8 *sta2_addr)
605 {
606 struct wlantest_tdls *tdls;
607
608 tdls = get_tdls(wt, bssid, sta1_addr, sta2_addr);
609 if (tdls == NULL)
610 return;
611
612 if (tdls->link_up)
613 tdls->counters[WLANTEST_TDLS_COUNTER_VALID_DIRECT_LINK]++;
614 else
615 tdls->counters[WLANTEST_TDLS_COUNTER_INVALID_DIRECT_LINK]++;
616 }
617
618
619 static void add_ap_path(struct wlantest *wt, const u8 *bssid,
620 const u8 *sta1_addr, const u8 *sta2_addr)
621 {
622 struct wlantest_tdls *tdls;
623
624 tdls = get_tdls(wt, bssid, sta1_addr, sta2_addr);
625 if (tdls == NULL)
626 return;
627
628 if (tdls->link_up)
629 tdls->counters[WLANTEST_TDLS_COUNTER_INVALID_AP_PATH]++;
630 else
631 tdls->counters[WLANTEST_TDLS_COUNTER_VALID_AP_PATH]++;
632 }
633
634
635 void rx_data(struct wlantest *wt, const u8 *data, size_t len)
636 {
637 const struct ieee80211_hdr *hdr;
638 u16 fc, stype;
639 size_t hdrlen;
640 const u8 *qos = NULL;
641
642 if (len < 24)
643 return;
644
645 hdr = (const struct ieee80211_hdr *) data;
646 fc = le_to_host16(hdr->frame_control);
647 stype = WLAN_FC_GET_STYPE(fc);
648 hdrlen = 24;
649 if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
650 (WLAN_FC_TODS | WLAN_FC_FROMDS))
651 hdrlen += ETH_ALEN;
652 if (stype & 0x08) {
653 qos = data + hdrlen;
654 hdrlen += 2;
655 }
656 if (len < hdrlen)
657 return;
658 wt->rx_data++;
659
660 switch (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) {
661 case 0:
662 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s IBSS DA=" MACSTR " SA="
663 MACSTR " BSSID=" MACSTR,
664 data_stype(WLAN_FC_GET_STYPE(fc)),
665 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
666 fc & WLAN_FC_ISWEP ? " Prot" : "",
667 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
668 MAC2STR(hdr->addr3));
669 add_direct_link(wt, hdr->addr3, hdr->addr1, hdr->addr2);
670 rx_data_bss(wt, hdr, hdrlen, qos, hdr->addr1, hdr->addr2,
671 data + hdrlen, len - hdrlen);
672 break;
673 case WLAN_FC_FROMDS:
674 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s FromDS DA=" MACSTR
675 " BSSID=" MACSTR " SA=" MACSTR,
676 data_stype(WLAN_FC_GET_STYPE(fc)),
677 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
678 fc & WLAN_FC_ISWEP ? " Prot" : "",
679 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
680 MAC2STR(hdr->addr3));
681 add_ap_path(wt, hdr->addr2, hdr->addr1, hdr->addr3);
682 rx_data_bss(wt, hdr, hdrlen, qos, hdr->addr1, hdr->addr3,
683 data + hdrlen, len - hdrlen);
684 break;
685 case WLAN_FC_TODS:
686 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s ToDS BSSID=" MACSTR
687 " SA=" MACSTR " DA=" MACSTR,
688 data_stype(WLAN_FC_GET_STYPE(fc)),
689 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
690 fc & WLAN_FC_ISWEP ? " Prot" : "",
691 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
692 MAC2STR(hdr->addr3));
693 add_ap_path(wt, hdr->addr1, hdr->addr3, hdr->addr2);
694 rx_data_bss(wt, hdr, hdrlen, qos, hdr->addr3, hdr->addr2,
695 data + hdrlen, len - hdrlen);
696 break;
697 case WLAN_FC_TODS | WLAN_FC_FROMDS:
698 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s WDS RA=" MACSTR " TA="
699 MACSTR " DA=" MACSTR " SA=" MACSTR,
700 data_stype(WLAN_FC_GET_STYPE(fc)),
701 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
702 fc & WLAN_FC_ISWEP ? " Prot" : "",
703 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
704 MAC2STR(hdr->addr3),
705 MAC2STR((const u8 *) (hdr + 1)));
706 rx_data_bss(wt, hdr, hdrlen, qos, hdr->addr1, hdr->addr2,
707 data + hdrlen, len - hdrlen);
708 break;
709 }
710 }
Unnamed repository; edit this file 'description' to name the repository.