wlantest.c 9.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489
  1. /*
  2. * wlantest - IEEE 802.11 protocol monitoring and testing tool
  3. * Copyright (c) 2010-2015, Jouni Malinen <j@w1.fi>
  4. *
  5. * This software may be distributed under the terms of the BSD license.
  6. * See README for more details.
  7. */
  8. #include "utils/includes.h"
  9. #include "utils/common.h"
  10. #include "utils/eloop.h"
  11. #include "wlantest.h"
  12. static void wlantest_terminate(int sig, void *signal_ctx)
  13. {
  14. eloop_terminate();
  15. }
  16. static void usage(void)
  17. {
  18. printf("wlantest [-cddhqqFNt] [-i<ifname>] [-r<pcap file>] "
  19. "[-p<passphrase>]\n"
  20. " [-I<wired ifname>] [-R<wired pcap file>] "
  21. "[-P<RADIUS shared secret>]\n"
  22. " [-n<write pcapng file>]\n"
  23. " [-w<write pcap file>] [-f<MSK/PMK file>]\n"
  24. " [-L<log file>] [-T<PTK file>]\n");
  25. }
  26. static void passphrase_deinit(struct wlantest_passphrase *p)
  27. {
  28. dl_list_del(&p->list);
  29. os_free(p);
  30. }
  31. static void secret_deinit(struct wlantest_radius_secret *r)
  32. {
  33. dl_list_del(&r->list);
  34. os_free(r);
  35. }
  36. static void wlantest_init(struct wlantest *wt)
  37. {
  38. int i;
  39. os_memset(wt, 0, sizeof(*wt));
  40. wt->monitor_sock = -1;
  41. wt->ctrl_sock = -1;
  42. for (i = 0; i < MAX_CTRL_CONNECTIONS; i++)
  43. wt->ctrl_socks[i] = -1;
  44. dl_list_init(&wt->passphrase);
  45. dl_list_init(&wt->bss);
  46. dl_list_init(&wt->secret);
  47. dl_list_init(&wt->radius);
  48. dl_list_init(&wt->pmk);
  49. dl_list_init(&wt->ptk);
  50. dl_list_init(&wt->wep);
  51. }
  52. void radius_deinit(struct wlantest_radius *r)
  53. {
  54. dl_list_del(&r->list);
  55. os_free(r);
  56. }
  57. static void ptk_deinit(struct wlantest_ptk *ptk)
  58. {
  59. dl_list_del(&ptk->list);
  60. os_free(ptk);
  61. }
  62. static void wlantest_deinit(struct wlantest *wt)
  63. {
  64. struct wlantest_passphrase *p, *pn;
  65. struct wlantest_radius_secret *s, *sn;
  66. struct wlantest_radius *r, *rn;
  67. struct wlantest_pmk *pmk, *np;
  68. struct wlantest_ptk *ptk, *npt;
  69. struct wlantest_wep *wep, *nw;
  70. if (wt->ctrl_sock >= 0)
  71. ctrl_deinit(wt);
  72. if (wt->monitor_sock >= 0)
  73. monitor_deinit(wt);
  74. bss_flush(wt);
  75. dl_list_for_each_safe(p, pn, &wt->passphrase,
  76. struct wlantest_passphrase, list)
  77. passphrase_deinit(p);
  78. dl_list_for_each_safe(s, sn, &wt->secret,
  79. struct wlantest_radius_secret, list)
  80. secret_deinit(s);
  81. dl_list_for_each_safe(r, rn, &wt->radius, struct wlantest_radius, list)
  82. radius_deinit(r);
  83. dl_list_for_each_safe(pmk, np, &wt->pmk, struct wlantest_pmk, list)
  84. pmk_deinit(pmk);
  85. dl_list_for_each_safe(ptk, npt, &wt->ptk, struct wlantest_ptk, list)
  86. ptk_deinit(ptk);
  87. dl_list_for_each_safe(wep, nw, &wt->wep, struct wlantest_wep, list)
  88. os_free(wep);
  89. write_pcap_deinit(wt);
  90. write_pcapng_deinit(wt);
  91. clear_notes(wt);
  92. os_free(wt->decrypted);
  93. wt->decrypted = NULL;
  94. }
  95. static void add_passphrase(struct wlantest *wt, const char *passphrase)
  96. {
  97. struct wlantest_passphrase *p;
  98. size_t len = os_strlen(passphrase);
  99. if (len < 8 || len > 63)
  100. return;
  101. p = os_zalloc(sizeof(*p));
  102. if (p == NULL)
  103. return;
  104. os_memcpy(p->passphrase, passphrase, len);
  105. dl_list_add(&wt->passphrase, &p->list);
  106. }
  107. static void add_secret(struct wlantest *wt, const char *secret)
  108. {
  109. struct wlantest_radius_secret *s;
  110. size_t len = os_strlen(secret);
  111. if (len >= MAX_RADIUS_SECRET_LEN)
  112. return;
  113. s = os_zalloc(sizeof(*s));
  114. if (s == NULL)
  115. return;
  116. os_memcpy(s->secret, secret, len);
  117. dl_list_add(&wt->secret, &s->list);
  118. }
  119. static int add_pmk_file(struct wlantest *wt, const char *pmk_file)
  120. {
  121. FILE *f;
  122. u8 pmk[PMK_LEN_MAX];
  123. size_t pmk_len;
  124. char buf[300], *pos;
  125. struct wlantest_pmk *p;
  126. f = fopen(pmk_file, "r");
  127. if (f == NULL) {
  128. wpa_printf(MSG_ERROR, "Could not open '%s'", pmk_file);
  129. return -1;
  130. }
  131. while (fgets(buf, sizeof(buf), f)) {
  132. pos = buf;
  133. while (*pos && *pos != '\r' && *pos != '\n')
  134. pos++;
  135. *pos = '\0';
  136. if (pos - buf < 2 * 32)
  137. continue;
  138. pmk_len = (pos - buf) / 2;
  139. if (pmk_len > PMK_LEN_MAX)
  140. pmk_len = PMK_LEN_MAX;
  141. if (hexstr2bin(buf, pmk, pmk_len) < 0)
  142. continue;
  143. p = os_zalloc(sizeof(*p));
  144. if (p == NULL)
  145. break;
  146. os_memcpy(p->pmk, pmk, pmk_len);
  147. p->pmk_len = pmk_len;
  148. dl_list_add(&wt->pmk, &p->list);
  149. wpa_hexdump(MSG_DEBUG, "Added PMK from file", pmk, pmk_len);
  150. /* For FT, the send half of MSK is used */
  151. if (hexstr2bin(&buf[2 * PMK_LEN], pmk, PMK_LEN) < 0)
  152. continue;
  153. p = os_zalloc(sizeof(*p));
  154. if (p == NULL)
  155. break;
  156. os_memcpy(p->pmk, pmk, PMK_LEN);
  157. p->pmk_len = PMK_LEN;
  158. dl_list_add(&wt->pmk, &p->list);
  159. wpa_hexdump(MSG_DEBUG, "Added PMK from file (2nd half of MSK)",
  160. pmk, PMK_LEN);
  161. }
  162. fclose(f);
  163. return 0;
  164. }
  165. static int add_ptk_file(struct wlantest *wt, const char *ptk_file)
  166. {
  167. FILE *f;
  168. u8 ptk[64];
  169. size_t ptk_len;
  170. char buf[300], *pos;
  171. struct wlantest_ptk *p;
  172. f = fopen(ptk_file, "r");
  173. if (f == NULL) {
  174. wpa_printf(MSG_ERROR, "Could not open '%s'", ptk_file);
  175. return -1;
  176. }
  177. while (fgets(buf, sizeof(buf), f)) {
  178. pos = buf;
  179. while (*pos && *pos != '\r' && *pos != '\n')
  180. pos++;
  181. *pos = '\0';
  182. ptk_len = pos - buf;
  183. if (ptk_len & 1)
  184. continue;
  185. ptk_len /= 2;
  186. if (ptk_len != 16 && ptk_len != 32 &&
  187. ptk_len != 48 && ptk_len != 64)
  188. continue;
  189. if (hexstr2bin(buf, ptk, ptk_len) < 0)
  190. continue;
  191. p = os_zalloc(sizeof(*p));
  192. if (p == NULL)
  193. break;
  194. if (ptk_len < 48) {
  195. os_memcpy(p->ptk.tk, ptk, ptk_len);
  196. p->ptk.tk_len = ptk_len;
  197. p->ptk_len = 32 + ptk_len;
  198. } else {
  199. os_memcpy(p->ptk.kck, ptk, 16);
  200. p->ptk.kck_len = 16;
  201. os_memcpy(p->ptk.kek, ptk + 16, 16);
  202. p->ptk.kek_len = 16;
  203. os_memcpy(p->ptk.tk, ptk + 32, ptk_len - 32);
  204. p->ptk.tk_len = ptk_len - 32;
  205. p->ptk_len = ptk_len;
  206. }
  207. dl_list_add(&wt->ptk, &p->list);
  208. wpa_hexdump(MSG_DEBUG, "Added PTK from file", ptk, ptk_len);
  209. }
  210. fclose(f);
  211. return 0;
  212. }
  213. int add_wep(struct wlantest *wt, const char *key)
  214. {
  215. struct wlantest_wep *w;
  216. size_t len = os_strlen(key);
  217. if (len != 2 * 5 && len != 2 * 13) {
  218. wpa_printf(MSG_INFO, "Invalid WEP key '%s'", key);
  219. return -1;
  220. }
  221. w = os_zalloc(sizeof(*w));
  222. if (w == NULL)
  223. return -1;
  224. if (hexstr2bin(key, w->key, len / 2) < 0) {
  225. os_free(w);
  226. wpa_printf(MSG_INFO, "Invalid WEP key '%s'", key);
  227. return -1;
  228. }
  229. w->key_len = len / 2;
  230. dl_list_add(&wt->wep, &w->list);
  231. return 0;
  232. }
  233. void add_note(struct wlantest *wt, int level, const char *fmt, ...)
  234. {
  235. va_list ap;
  236. size_t len = 1000;
  237. int wlen;
  238. if (wt->num_notes == MAX_NOTES)
  239. return;
  240. wt->notes[wt->num_notes] = os_malloc(len);
  241. if (wt->notes[wt->num_notes] == NULL)
  242. return;
  243. va_start(ap, fmt);
  244. wlen = vsnprintf(wt->notes[wt->num_notes], len, fmt, ap);
  245. va_end(ap);
  246. if (wlen < 0) {
  247. os_free(wt->notes[wt->num_notes]);
  248. wt->notes[wt->num_notes] = NULL;
  249. return;
  250. }
  251. if (wlen >= len)
  252. wt->notes[wt->num_notes][len - 1] = '\0';
  253. wpa_printf(level, "%s", wt->notes[wt->num_notes]);
  254. wt->num_notes++;
  255. }
  256. void clear_notes(struct wlantest *wt)
  257. {
  258. size_t i;
  259. for (i = 0; i < wt->num_notes; i++) {
  260. os_free(wt->notes[i]);
  261. wt->notes[i] = NULL;
  262. }
  263. wt->num_notes = 0;
  264. }
  265. size_t notes_len(struct wlantest *wt, size_t hdrlen)
  266. {
  267. size_t i;
  268. size_t len = wt->num_notes * hdrlen;
  269. for (i = 0; i < wt->num_notes; i++)
  270. len += os_strlen(wt->notes[i]);
  271. return len;
  272. }
  273. int wlantest_relog(struct wlantest *wt)
  274. {
  275. int ret = 0;
  276. wpa_printf(MSG_INFO, "Re-open log/capture files");
  277. if (wpa_debug_reopen_file())
  278. ret = -1;
  279. if (wt->write_file) {
  280. write_pcap_deinit(wt);
  281. if (write_pcap_init(wt, wt->write_file) < 0)
  282. ret = -1;
  283. }
  284. if (wt->pcapng_file) {
  285. write_pcapng_deinit(wt);
  286. if (write_pcapng_init(wt, wt->pcapng_file) < 0)
  287. ret = -1;
  288. }
  289. return ret;
  290. }
  291. int main(int argc, char *argv[])
  292. {
  293. int c;
  294. const char *read_file = NULL;
  295. const char *read_wired_file = NULL;
  296. const char *ifname = NULL;
  297. const char *ifname_wired = NULL;
  298. const char *logfile = NULL;
  299. struct wlantest wt;
  300. int ctrl_iface = 0;
  301. wpa_debug_level = MSG_INFO;
  302. wpa_debug_show_keys = 1;
  303. if (os_program_init())
  304. return -1;
  305. wlantest_init(&wt);
  306. for (;;) {
  307. c = getopt(argc, argv, "cdf:Fhi:I:L:n:Np:P:qr:R:tT:w:W:");
  308. if (c < 0)
  309. break;
  310. switch (c) {
  311. case 'c':
  312. ctrl_iface = 1;
  313. break;
  314. case 'd':
  315. if (wpa_debug_level > 0)
  316. wpa_debug_level--;
  317. break;
  318. case 'f':
  319. if (add_pmk_file(&wt, optarg) < 0)
  320. return -1;
  321. break;
  322. case 'F':
  323. wt.assume_fcs = 1;
  324. break;
  325. case 'h':
  326. usage();
  327. return 0;
  328. case 'i':
  329. ifname = optarg;
  330. break;
  331. case 'I':
  332. ifname_wired = optarg;
  333. break;
  334. case 'L':
  335. logfile = optarg;
  336. break;
  337. case 'n':
  338. wt.pcapng_file = optarg;
  339. break;
  340. case 'N':
  341. wt.pcap_no_buffer = 1;
  342. break;
  343. case 'p':
  344. add_passphrase(&wt, optarg);
  345. break;
  346. case 'P':
  347. add_secret(&wt, optarg);
  348. break;
  349. case 'q':
  350. wpa_debug_level++;
  351. break;
  352. case 'r':
  353. read_file = optarg;
  354. break;
  355. case 'R':
  356. read_wired_file = optarg;
  357. break;
  358. case 't':
  359. wpa_debug_timestamp = 1;
  360. break;
  361. case 'T':
  362. if (add_ptk_file(&wt, optarg) < 0)
  363. return -1;
  364. break;
  365. case 'w':
  366. wt.write_file = optarg;
  367. break;
  368. case 'W':
  369. if (add_wep(&wt, optarg) < 0)
  370. return -1;
  371. break;
  372. default:
  373. usage();
  374. return -1;
  375. }
  376. }
  377. if (ifname == NULL && ifname_wired == NULL &&
  378. read_file == NULL && read_wired_file == NULL) {
  379. usage();
  380. return 0;
  381. }
  382. if (eloop_init())
  383. return -1;
  384. if (logfile)
  385. wpa_debug_open_file(logfile);
  386. if (wt.write_file && write_pcap_init(&wt, wt.write_file) < 0)
  387. return -1;
  388. if (wt.pcapng_file && write_pcapng_init(&wt, wt.pcapng_file) < 0)
  389. return -1;
  390. if (read_wired_file && read_wired_cap_file(&wt, read_wired_file) < 0)
  391. return -1;
  392. if (read_file && read_cap_file(&wt, read_file) < 0)
  393. return -1;
  394. if (ifname && monitor_init(&wt, ifname) < 0)
  395. return -1;
  396. if (ifname_wired && monitor_init_wired(&wt, ifname_wired) < 0)
  397. return -1;
  398. if (ctrl_iface && ctrl_init(&wt) < 0)
  399. return -1;
  400. eloop_register_signal_terminate(wlantest_terminate, &wt);
  401. eloop_run();
  402. wpa_printf(MSG_INFO, "Processed: rx_mgmt=%u rx_ctrl=%u rx_data=%u "
  403. "fcs_error=%u",
  404. wt.rx_mgmt, wt.rx_ctrl, wt.rx_data, wt.fcs_error);
  405. wlantest_deinit(&wt);
  406. wpa_debug_close_file();
  407. eloop_destroy();
  408. os_program_deinit();
  409. return 0;
  410. }