} __attribute__ ((packed)) ext;
} __attribute__ ((packed));
+static int parse_random_mac_addr(struct nl_msg *msg, char *arg)
+{
+ char *a_addr, *a_mask, *sep;
+ unsigned char addr[ETH_ALEN], mask[ETH_ALEN];
+ char *addrs = arg + 9;
+
+ if (*addrs != '=')
+ return 0;
+
+ addrs++;
+ sep = strchr(addrs, '/');
+ a_addr = addrs;
+
+ if (!sep)
+ return 1;
+
+ *sep = 0;
+ a_mask = sep + 1;
+ if (mac_addr_a2n(addr, a_addr) || mac_addr_a2n(mask, a_mask))
+ return 1;
+
+ NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
+ NLA_PUT(msg, NL80211_ATTR_MAC_MASK, ETH_ALEN, mask);
+
+ return 0;
+ nla_put_failure:
+ return -ENOBUFS;
+}
+
static int handle_scan(struct nl80211_state *state,
struct nl_cb *cb,
struct nl_msg *msg,
bool passive = false, have_ssids = false, have_freqs = false;
size_t ies_len = 0, meshid_len = 0;
unsigned char *ies = NULL, *meshid = NULL, *tmpies;
- int flags = 0;
+ unsigned int flags = 0;
ssids = nlmsg_alloc();
if (!ssids)
parse = IES;
break;
} else if (strcmp(argv[i], "lowpri") == 0) {
- parse = NONE;
flags |= NL80211_SCAN_FLAG_LOW_PRIORITY;
break;
} else if (strcmp(argv[i], "flush") == 0) {
- parse = NONE;
flags |= NL80211_SCAN_FLAG_FLUSH;
break;
} else if (strcmp(argv[i], "ap-force") == 0) {
- parse = NONE;
flags |= NL80211_SCAN_FLAG_AP;
break;
+ } else if (strncmp(argv[i], "randomise", 9) == 0 ||
+ strncmp(argv[i], "randomize", 9) == 0) {
+ flags |= NL80211_SCAN_FLAG_RANDOM_ADDR;
+ err = parse_random_mac_addr(msg, argv[i]);
+ if (err)
+ goto nla_put_failure;
+ break;
} else if (strcmp(argv[i], "ssid") == 0) {
parse = SSID;
have_ssids = true;
case 6:
printf("PSK/SHA-256");
break;
+ case 7:
+ printf("TDLS/TPK");
+ break;
default:
printf("%.02x-%.02x-%.02x:%d",
data[0], data[1] ,data[2], data[3]);
printf(" NoPairwise");
switch ((capa & 0x000c) >> 2) {
case 0:
+ printf(" 1-PTKSA-RC");
break;
case 1:
printf(" 2-PTKSA-RC");
}
switch ((capa & 0x0030) >> 4) {
case 0:
+ printf(" 1-GTKSA-RC");
break;
case 1:
printf(" 2-GTKSA-RC");
print_ht_mcs(data + 3);
}
+static const char* ntype_11u(uint8_t t)
+{
+ switch (t) {
+ case 0: return "Private";
+ case 1: return "Private with Guest";
+ case 2: return "Chargeable Public";
+ case 3: return "Free Public";
+ case 4: return "Personal Device";
+ case 5: return "Emergency Services Only";
+ case 14: return "Test or Experimental";
+ case 15: return "Wildcard";
+ default: return "Reserved";
+ }
+}
+
+static const char* vgroup_11u(uint8_t t)
+{
+ switch (t) {
+ case 0: return "Unspecified";
+ case 1: return "Assembly";
+ case 2: return "Business";
+ case 3: return "Educational";
+ case 4: return "Factory and Industrial";
+ case 5: return "Institutional";
+ case 6: return "Mercantile";
+ case 7: return "Residential";
+ case 8: return "Storage";
+ case 9: return "Utility and Miscellaneous";
+ case 10: return "Vehicular";
+ case 11: return "Outdoor";
+ default: return "Reserved";
+ }
+}
+
+static void print_interworking(const uint8_t type, uint8_t len, const uint8_t *data)
+{
+ /* See Section 7.3.2.92 in the 802.11u spec. */
+ printf("\n");
+ if (len >= 1) {
+ uint8_t ano = data[0];
+ printf("\t\tNetwork Options: 0x%hx\n", (unsigned short)(ano));
+ printf("\t\t\tNetwork Type: %i (%s)\n",
+ (int)(ano & 0xf), ntype_11u(ano & 0xf));
+ if (ano & (1<<4))
+ printf("\t\t\tInternet\n");
+ if (ano & (1<<5))
+ printf("\t\t\tASRA\n");
+ if (ano & (1<<6))
+ printf("\t\t\tESR\n");
+ if (ano & (1<<7))
+ printf("\t\t\tUESA\n");
+ }
+ if ((len == 3) || (len == 9)) {
+ printf("\t\tVenue Group: %i (%s)\n",
+ (int)(data[1]), vgroup_11u(data[1]));
+ printf("\t\tVenue Type: %i\n", (int)(data[2]));
+ }
+ if (len == 9)
+ printf("\t\tHESSID: %02hx:%02hx:%02hx:%02hx:%02hx:%02hx\n",
+ data[3], data[4], data[5], data[6], data[7], data[8]);
+ else if (len == 7)
+ printf("\t\tHESSID: %02hx:%02hx:%02hx:%02hx:%02hx:%02hx\n",
+ data[1], data[2], data[3], data[4], data[5], data[6]);
+}
+
+static void print_11u_advert(const uint8_t type, uint8_t len, const uint8_t *data)
+{
+ /* See Section 7.3.2.93 in the 802.11u spec. */
+ /* TODO: This code below does not decode private protocol IDs */
+ int idx = 0;
+ printf("\n");
+ while (idx < (len - 1)) {
+ uint8_t qri = data[idx];
+ uint8_t proto_id = data[idx + 1];
+ printf("\t\tQuery Response Info: 0x%hx\n", (unsigned short)(qri));
+ printf("\t\t\tQuery Response Length Limit: %i\n",
+ (qri & 0x7f));
+ if (qri & (1<<7))
+ printf("\t\t\tPAME-BI\n");
+ switch(proto_id) {
+ case 0:
+ printf("\t\t\tANQP\n"); break;
+ case 1:
+ printf("\t\t\tMIH Information Service\n"); break;
+ case 2:
+ printf("\t\t\tMIH Command and Event Services Capability Discovery\n"); break;
+ case 3:
+ printf("\t\t\tEmergency Alert System (EAS)\n"); break;
+ case 221:
+ printf("\t\t\tVendor Specific\n"); break;
+ default:
+ printf("\t\t\tReserved: %i\n", proto_id); break;
+ }
+ idx += 2;
+ }
+}
+
+static void print_11u_rcon(const uint8_t type, uint8_t len, const uint8_t *data)
+{
+ /* See Section 7.3.2.96 in the 802.11u spec. */
+ int idx = 0;
+ int ln0 = data[1] & 0xf;
+ int ln1 = ((data[1] & 0xf0) >> 4);
+ int ln2 = 0;
+ printf("\n");
+
+ if (ln1)
+ ln2 = len - 2 - ln0 - ln1;
+
+ printf("\t\tANQP OIs: %i\n", data[0]);
+
+ if (ln0 > 0) {
+ printf("\t\tOI 1: ");
+ if (2 + ln0 > len) {
+ printf("Invalid IE length.\n");
+ } else {
+ for (idx = 0; idx < ln0; idx++) {
+ printf("%02hx", data[2 + idx]);
+ }
+ printf("\n");
+ }
+ }
+
+ if (ln1 > 0) {
+ printf("\t\tOI 2: ");
+ if (2 + ln0 + ln1 > len) {
+ printf("Invalid IE length.\n");
+ } else {
+ for (idx = 0; idx < ln1; idx++) {
+ printf("%02hx", data[2 + ln0 + idx]);
+ }
+ printf("\n");
+ }
+ }
+
+ if (ln2 > 0) {
+ printf("\t\tOI 3: ");
+ if (2 + ln0 + ln1 + ln2 > len) {
+ printf("Invalid IE length.\n");
+ } else {
+ for (idx = 0; idx < ln2; idx++) {
+ printf("%02hx", data[2 + ln0 + ln1 + idx]);
+ }
+ printf("\n");
+ }
+ }
+}
+
static const char *ht_secondary_offset[4] = {
"no secondary",
"above",
[113] = { "MESH Configuration", print_mesh_conf, 7, 7, BIT(PRINT_SCAN), },
[114] = { "MESH ID", print_ssid, 0, 32, BIT(PRINT_SCAN) | BIT(PRINT_LINK), },
[127] = { "Extended capabilities", print_capabilities, 0, 255, BIT(PRINT_SCAN), },
+ [107] = { "802.11u Interworking", print_interworking, 0, 255, BIT(PRINT_SCAN), },
+ [108] = { "802.11u Advertisement", print_11u_advert, 0, 255, BIT(PRINT_SCAN), },
+ [111] = { "802.11u Roaming Consortium", print_11u_rcon, 0, 255, BIT(PRINT_SCAN), },
};
static void print_wifi_wpa(const uint8_t type, uint8_t len, const uint8_t *data)
}
}
+static inline void print_hs20_ind(const uint8_t type, uint8_t len, const uint8_t *data)
+{
+ /* I can't find the spec for this...just going off what wireshark uses. */
+ printf("\n");
+ if (len > 0)
+ printf("\t\tDGAF: %i\n", (int)(data[0] & 0x1));
+ else
+ printf("\t\tUnexpected length: %i\n", len);
+}
+
static const struct ie_print wfa_printers[] = {
[9] = { "P2P", print_p2p, 2, 255, BIT(PRINT_SCAN), },
+ [16] = { "HotSpot 2.0 Indication", print_hs20_ind, 1, 255, BIT(PRINT_SCAN), },
};
static void print_vendor(unsigned char len, unsigned char *data,
dump_argv[0] = argv[0];
return handle_cmd(state, id, dump_argc, dump_argv);
}
-TOPLEVEL(scan, "[-u] [freq <freq>*] [ies <hex as 00:11:..>] [meshid <meshid>] [lowpri,flush,ap-force] [ssid <ssid>*|passive]", 0, 0,
+TOPLEVEL(scan, "[-u] [freq <freq>*] [ies <hex as 00:11:..>] [meshid <meshid>] [lowpri,flush,ap-force] [randomise[=<addr>/<mask>]] [ssid <ssid>*|passive]", 0, 0,
CIB_NETDEV, handle_scan_combined,
"Scan on the given frequencies and probe for the given SSIDs\n"
"(or wildcard if not given) unless passive scanning is requested.\n"
NL80211_CMD_GET_SCAN, NLM_F_DUMP, CIB_NETDEV, handle_scan_dump,
"Dump the current scan results. If -u is specified, print unknown\n"
"data in scan results.");
-COMMAND(scan, trigger, "[freq <freq>*] [ies <hex as 00:11:..>] [meshid <meshid>] [lowpri,flush,ap-force] [ssid <ssid>*|passive]",
+COMMAND(scan, trigger, "[freq <freq>*] [ies <hex as 00:11:..>] [meshid <meshid>] [lowpri,flush,ap-force] [randomise[=<addr>/<mask>]] [ssid <ssid>*|passive]",
NL80211_CMD_TRIGGER_SCAN, 0, CIB_NETDEV, handle_scan,
"Trigger a scan on the given frequencies with probing for the given\n"
"SSIDs (or wildcard if not given) unless passive scanning is requested.");