2 * Received Data frame processing
3 * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
15 #include "utils/includes.h"
17 #include "utils/common.h"
18 #include "crypto/aes_wrap.h"
19 #include "crypto/crypto.h"
20 #include "common/ieee802_11_defs.h"
21 #include "common/eapol_common.h"
22 #include "common/wpa_common.h"
23 #include "rsn_supp/wpa_ie.h"
27 static const char * data_stype(u16 stype)
30 case WLAN_FC_STYPE_DATA:
32 case WLAN_FC_STYPE_DATA_CFACK:
34 case WLAN_FC_STYPE_DATA_CFPOLL:
36 case WLAN_FC_STYPE_DATA_CFACKPOLL:
37 return "DATA-CFACKPOLL";
38 case WLAN_FC_STYPE_NULLFUNC:
40 case WLAN_FC_STYPE_CFACK:
42 case WLAN_FC_STYPE_CFPOLL:
44 case WLAN_FC_STYPE_CFACKPOLL:
46 case WLAN_FC_STYPE_QOS_DATA:
48 case WLAN_FC_STYPE_QOS_DATA_CFACK:
49 return "QOSDATA-CFACK";
50 case WLAN_FC_STYPE_QOS_DATA_CFPOLL:
51 return "QOSDATA-CFPOLL";
52 case WLAN_FC_STYPE_QOS_DATA_CFACKPOLL:
53 return "QOSDATA-CFACKPOLL";
54 case WLAN_FC_STYPE_QOS_NULL:
56 case WLAN_FC_STYPE_QOS_CFPOLL:
58 case WLAN_FC_STYPE_QOS_CFACKPOLL:
59 return "QOS-CFACKPOLL";
65 static int check_mic(const u8 *kck, int ver, const u8 *data, size_t len)
69 struct ieee802_1x_hdr *hdr;
70 struct wpa_eapol_key *key;
76 os_memcpy(buf, data, len);
77 hdr = (struct ieee802_1x_hdr *) buf;
78 key = (struct wpa_eapol_key *) (hdr + 1);
80 os_memcpy(rx_mic, key->key_mic, 16);
81 os_memset(key->key_mic, 0, 16);
83 if (wpa_eapol_key_mic(kck, ver, buf, len, key->key_mic) == 0 &&
84 os_memcmp(rx_mic, key->key_mic, 16) == 0)
93 static void rx_data_eapol_key_1_of_4(struct wlantest *wt, const u8 *dst,
94 const u8 *src, const u8 *data, size_t len)
96 struct wlantest_bss *bss;
97 struct wlantest_sta *sta;
98 const struct ieee802_1x_hdr *eapol;
99 const struct wpa_eapol_key *hdr;
101 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/4 " MACSTR " -> " MACSTR,
102 MAC2STR(src), MAC2STR(dst));
103 bss = bss_get(wt, src);
106 sta = sta_get(bss, dst);
110 eapol = (const struct ieee802_1x_hdr *) data;
111 hdr = (const struct wpa_eapol_key *) (eapol + 1);
112 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
116 static int try_pmk(struct wlantest_bss *bss, struct wlantest_sta *sta,
117 u16 ver, const u8 *data, size_t len,
118 struct wlantest_pmk *pmk)
121 size_t ptk_len = 48; /* FIX: 64 for TKIP */
122 wpa_pmk_to_ptk(pmk->pmk, sizeof(pmk->pmk),
123 "Pairwise key expansion",
124 bss->bssid, sta->addr, sta->anonce, sta->snonce,
125 (u8 *) &ptk, ptk_len,
126 0 /* FIX: SHA256 based on AKM */);
127 if (check_mic(ptk.kck, ver,
131 wpa_printf(MSG_INFO, "Derived PTK for STA " MACSTR " BSSID " MACSTR
132 ")", MAC2STR(sta->addr), MAC2STR(bss->bssid));
133 os_memcpy(&sta->ptk, &ptk, sizeof(ptk));
139 static void derive_ptk(struct wlantest *wt, struct wlantest_bss *bss,
140 struct wlantest_sta *sta, u16 ver,
141 const u8 *data, size_t len)
143 struct wlantest_pmk *pmk;
145 dl_list_for_each(pmk, &bss->pmk, struct wlantest_pmk, list) {
146 if (try_pmk(bss, sta, ver, data, len, pmk) == 0)
150 dl_list_for_each(pmk, &wt->pmk, struct wlantest_pmk, list) {
151 if (try_pmk(bss, sta, ver, data, len, pmk) == 0)
157 static void rx_data_eapol_key_2_of_4(struct wlantest *wt, const u8 *dst,
158 const u8 *src, const u8 *data, size_t len)
160 struct wlantest_bss *bss;
161 struct wlantest_sta *sta;
162 const struct ieee802_1x_hdr *eapol;
163 const struct wpa_eapol_key *hdr;
166 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/4 " MACSTR " -> " MACSTR,
167 MAC2STR(src), MAC2STR(dst));
168 bss = bss_get(wt, dst);
171 sta = sta_get(bss, src);
175 eapol = (const struct ieee802_1x_hdr *) data;
176 hdr = (const struct wpa_eapol_key *) (eapol + 1);
177 os_memcpy(sta->snonce, hdr->key_nonce, WPA_NONCE_LEN);
178 key_info = WPA_GET_BE16(hdr->key_info);
179 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK, data, len);
183 static u8 * decrypt_eapol_key_data_rc4(const u8 *kek,
184 const struct wpa_eapol_key *hdr,
188 u16 keydatalen = WPA_GET_BE16(hdr->key_data_length);
190 buf = os_malloc(keydatalen);
194 os_memcpy(ek, hdr->key_iv, 16);
195 os_memcpy(ek + 16, kek, 16);
196 os_memcpy(buf, hdr + 1, keydatalen);
197 if (rc4_skip(ek, 32, 256, buf, keydatalen)) {
198 wpa_printf(MSG_INFO, "RC4 failed");
208 static u8 * decrypt_eapol_key_data_aes(const u8 *kek,
209 const struct wpa_eapol_key *hdr,
213 u16 keydatalen = WPA_GET_BE16(hdr->key_data_length);
215 if (keydatalen % 8) {
216 wpa_printf(MSG_INFO, "Unsupported AES-WRAP len %d",
220 keydatalen -= 8; /* AES-WRAP adds 8 bytes */
221 buf = os_malloc(keydatalen);
224 if (aes_unwrap(kek, keydatalen / 8, (u8 *) (hdr + 1), buf)) {
226 wpa_printf(MSG_INFO, "AES unwrap failed - "
227 "could not decrypt EAPOL-Key key data");
236 static u8 * decrypt_eapol_key_data(const u8 *kek, u16 ver,
237 const struct wpa_eapol_key *hdr,
241 case WPA_KEY_INFO_TYPE_HMAC_MD5_RC4:
242 return decrypt_eapol_key_data_rc4(kek, hdr, len);
243 case WPA_KEY_INFO_TYPE_HMAC_SHA1_AES:
244 case WPA_KEY_INFO_TYPE_AES_128_CMAC:
245 return decrypt_eapol_key_data_aes(kek, hdr, len);
247 wpa_printf(MSG_INFO, "Unsupported EAPOL-Key Key Descriptor "
254 static void learn_kde_keys(struct wlantest_bss *bss, u8 *buf, size_t len)
256 struct wpa_eapol_ie_parse ie;
258 if (wpa_supplicant_parse_ies(buf, len, &ie) < 0) {
259 wpa_printf(MSG_INFO, "Failed to parse EAPOL-Key Key Data");
264 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - WPA IE",
265 ie.wpa_ie, ie.wpa_ie_len);
269 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - RSN IE",
270 ie.rsn_ie, ie.rsn_ie_len);
274 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - GTK KDE",
276 if (ie.gtk_len >= 2 && ie.gtk_len <= 2 + 32) {
278 id = ie.gtk[0] & 0x03;
279 wpa_printf(MSG_INFO, "GTK KeyID=%u tx=%u",
280 id, !!(ie.gtk[0] & 0x04));
281 if ((ie.gtk[0] & 0xf8) || ie.gtk[1])
282 wpa_printf(MSG_INFO, "GTK KDE: Reserved field "
284 ie.gtk[0], ie.gtk[1]);
285 wpa_hexdump(MSG_DEBUG, "GTK", ie.gtk + 2,
287 bss->gtk_len[id] = ie.gtk_len - 2;
288 os_memcpy(bss->gtk[id], ie.gtk + 2, ie.gtk_len - 2);
290 wpa_printf(MSG_INFO, "Invalid GTK KDE length %u",
291 (unsigned) ie.gtk_len);
296 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data - IGTK KDE",
297 ie.igtk, ie.igtk_len);
298 if (ie.igtk_len == 24) {
300 id = WPA_GET_LE16(ie.igtk);
302 wpa_printf(MSG_INFO, "Unexpected IGTK KeyID "
305 wpa_printf(MSG_INFO, "IGTK KeyID %u", id);
306 wpa_hexdump(MSG_INFO, "IPN", ie.igtk + 2, 6);
307 wpa_hexdump(MSG_INFO, "IGTK", ie.igtk + 8, 16);
308 os_memcpy(bss->igtk[id], ie.igtk + 8, 16);
309 bss->igtk_set[id] = 1;
312 wpa_printf(MSG_INFO, "Invalid IGTK KDE length %u",
313 (unsigned) ie.igtk_len);
319 static void rx_data_eapol_key_3_of_4(struct wlantest *wt, const u8 *dst,
320 const u8 *src, const u8 *data, size_t len)
322 struct wlantest_bss *bss;
323 struct wlantest_sta *sta;
324 const struct ieee802_1x_hdr *eapol;
325 const struct wpa_eapol_key *hdr;
328 u16 key_info, ver, key_data_len;
330 size_t decrypted_len = 0;
332 wpa_printf(MSG_DEBUG, "EAPOL-Key 3/4 " MACSTR " -> " MACSTR,
333 MAC2STR(src), MAC2STR(dst));
334 bss = bss_get(wt, src);
337 sta = sta_get(bss, dst);
341 eapol = (const struct ieee802_1x_hdr *) data;
342 hdr = (const struct wpa_eapol_key *) (eapol + 1);
343 key_info = WPA_GET_BE16(hdr->key_info);
344 key_data_len = WPA_GET_BE16(hdr->key_data_length);
346 if (os_memcmp(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN) != 0) {
347 wpa_printf(MSG_INFO, "EAPOL-Key ANonce mismatch between 1/4 "
351 os_memcpy(sta->anonce, hdr->key_nonce, WPA_NONCE_LEN);
353 derive_ptk(wt, bss, sta, key_info & WPA_KEY_INFO_TYPE_MASK,
358 wpa_printf(MSG_DEBUG, "No PTK known to process EAPOL-Key 3/4");
362 if (check_mic(sta->ptk.kck, key_info & WPA_KEY_INFO_TYPE_MASK,
364 wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 3/4 MIC");
367 wpa_printf(MSG_DEBUG, "Valid MIC found in EAPOL-Key 3/4");
369 key_data = (const u8 *) (hdr + 1);
370 /* TODO: handle WPA without EncrKeyData bit */
371 if (!(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
372 wpa_printf(MSG_INFO, "EAPOL-Key 3/4 without EncrKeyData bit");
375 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
376 decrypted = decrypt_eapol_key_data(sta->ptk.kek, ver, hdr,
378 if (decrypted == NULL) {
379 wpa_printf(MSG_INFO, "Failed to decrypt EAPOL-Key Key Data");
382 wpa_hexdump(MSG_DEBUG, "Decrypted EAPOL-Key Key Data",
383 decrypted, decrypted_len);
384 learn_kde_keys(bss, decrypted, decrypted_len);
389 static void rx_data_eapol_key_4_of_4(struct wlantest *wt, const u8 *dst,
390 const u8 *src, const u8 *data, size_t len)
392 struct wlantest_bss *bss;
393 struct wlantest_sta *sta;
394 const struct ieee802_1x_hdr *eapol;
395 const struct wpa_eapol_key *hdr;
398 wpa_printf(MSG_DEBUG, "EAPOL-Key 4/4 " MACSTR " -> " MACSTR,
399 MAC2STR(src), MAC2STR(dst));
400 bss = bss_get(wt, dst);
403 sta = sta_get(bss, src);
407 eapol = (const struct ieee802_1x_hdr *) data;
408 hdr = (const struct wpa_eapol_key *) (eapol + 1);
409 key_info = WPA_GET_BE16(hdr->key_info);
412 wpa_printf(MSG_DEBUG, "No PTK known to process EAPOL-Key 4/4");
417 check_mic(sta->ptk.kck, key_info & WPA_KEY_INFO_TYPE_MASK,
419 wpa_printf(MSG_INFO, "Mismatch in EAPOL-Key 4/4 MIC");
422 wpa_printf(MSG_DEBUG, "Valid MIC found in EAPOL-Key 4/4");
426 static void rx_data_eapol_key_1_of_2(struct wlantest *wt, const u8 *dst,
427 const u8 *src, const u8 *data, size_t len)
429 wpa_printf(MSG_DEBUG, "EAPOL-Key 1/2 " MACSTR " -> " MACSTR,
430 MAC2STR(src), MAC2STR(dst));
434 static void rx_data_eapol_key_2_of_2(struct wlantest *wt, const u8 *dst,
435 const u8 *src, const u8 *data, size_t len)
437 wpa_printf(MSG_DEBUG, "EAPOL-Key 2/2 " MACSTR " -> " MACSTR,
438 MAC2STR(src), MAC2STR(dst));
442 static void rx_data_eapol_key(struct wlantest *wt, const u8 *dst,
443 const u8 *src, const u8 *data, size_t len,
446 const struct ieee802_1x_hdr *eapol;
447 const struct wpa_eapol_key *hdr;
449 u16 key_info, key_length, ver, key_data_length;
451 eapol = (const struct ieee802_1x_hdr *) data;
452 hdr = (const struct wpa_eapol_key *) (eapol + 1);
454 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key",
455 (const u8 *) hdr, len - sizeof(*eapol));
456 if (len < sizeof(*hdr)) {
457 wpa_printf(MSG_INFO, "Too short EAPOL-Key frame from " MACSTR,
462 if (hdr->type == EAPOL_KEY_TYPE_RC4) {
463 /* TODO: EAPOL-Key RC4 for WEP */
467 if (hdr->type != EAPOL_KEY_TYPE_RSN &&
468 hdr->type != EAPOL_KEY_TYPE_WPA) {
469 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key type %u",
474 key_info = WPA_GET_BE16(hdr->key_info);
475 key_length = WPA_GET_BE16(hdr->key_length);
476 key_data_length = WPA_GET_BE16(hdr->key_data_length);
477 key_data = (const u8 *) (hdr + 1);
478 if (key_data + key_data_length > data + len) {
479 wpa_printf(MSG_INFO, "Truncated EAPOL-Key from " MACSTR,
483 if (key_data + key_data_length < data + len) {
484 wpa_hexdump(MSG_DEBUG, "Extra data after EAPOL-Key Key Data "
485 "field", key_data + key_data_length,
486 data + len - key_data - key_data_length);
490 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
491 wpa_printf(MSG_DEBUG, "EAPOL-Key ver=%u %c idx=%u%s%s%s%s%s%s%s%s "
493 ver, key_info & WPA_KEY_INFO_KEY_TYPE ? 'P' : 'G',
494 (key_info & WPA_KEY_INFO_KEY_INDEX_MASK) >>
495 WPA_KEY_INFO_KEY_INDEX_SHIFT,
496 (key_info & WPA_KEY_INFO_INSTALL) ? " Install" : "",
497 (key_info & WPA_KEY_INFO_ACK) ? " ACK" : "",
498 (key_info & WPA_KEY_INFO_MIC) ? " MIC" : "",
499 (key_info & WPA_KEY_INFO_SECURE) ? " Secure" : "",
500 (key_info & WPA_KEY_INFO_ERROR) ? " Error" : "",
501 (key_info & WPA_KEY_INFO_REQUEST) ? " Request" : "",
502 (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) ? " Encr" : "",
503 (key_info & WPA_KEY_INFO_SMK_MESSAGE) ? " SMK" : "",
506 if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
507 ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES &&
508 ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
509 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key Key Descriptor "
514 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Replay Counter",
515 hdr->replay_counter, WPA_REPLAY_COUNTER_LEN);
516 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Nonce",
517 hdr->key_nonce, WPA_NONCE_LEN);
518 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key IV",
520 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key RSC",
521 hdr->key_nonce, WPA_KEY_RSC_LEN);
522 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key MIC",
524 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Key Key Data",
525 key_data, key_data_length);
527 if (key_info & (WPA_KEY_INFO_ERROR | WPA_KEY_INFO_REQUEST))
530 if (key_info & WPA_KEY_INFO_SMK_MESSAGE)
533 if (key_info & WPA_KEY_INFO_KEY_TYPE) {
534 /* 4-Way Handshake */
535 switch (key_info & (WPA_KEY_INFO_SECURE |
538 WPA_KEY_INFO_INSTALL)) {
539 case WPA_KEY_INFO_ACK:
540 rx_data_eapol_key_1_of_4(wt, dst, src, data, len);
542 case WPA_KEY_INFO_MIC:
543 rx_data_eapol_key_2_of_4(wt, dst, src, data, len);
545 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
546 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL:
547 rx_data_eapol_key_3_of_4(wt, dst, src, data, len);
549 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
550 rx_data_eapol_key_4_of_4(wt, dst, src, data, len);
553 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
557 /* Group Key Handshake */
558 switch (key_info & (WPA_KEY_INFO_SECURE |
561 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
563 rx_data_eapol_key_1_of_2(wt, dst, src, data, len);
565 case WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC:
566 rx_data_eapol_key_2_of_2(wt, dst, src, data, len);
569 wpa_printf(MSG_DEBUG, "Unsupported EAPOL-Key frame");
576 static void rx_data_eapol(struct wlantest *wt, const u8 *dst, const u8 *src,
577 const u8 *data, size_t len, int prot)
579 const struct ieee802_1x_hdr *hdr;
583 wpa_hexdump(MSG_EXCESSIVE, "EAPOL", data, len);
584 if (len < sizeof(*hdr)) {
585 wpa_printf(MSG_INFO, "Too short EAPOL frame from " MACSTR,
590 hdr = (const struct ieee802_1x_hdr *) data;
591 length = be_to_host16(hdr->length);
592 wpa_printf(MSG_DEBUG, "RX EAPOL: " MACSTR " -> " MACSTR "%s ver=%u "
594 MAC2STR(src), MAC2STR(dst), prot ? " Prot" : "",
595 hdr->version, hdr->type, length);
596 if (sizeof(*hdr) + length > len) {
597 wpa_printf(MSG_INFO, "Truncated EAPOL frame from " MACSTR,
602 if (sizeof(*hdr) + length < len) {
603 wpa_printf(MSG_INFO, "EAPOL frame with %d extra bytes",
604 (int) (len - sizeof(*hdr) - length));
606 p = (const u8 *) (hdr + 1);
609 case IEEE802_1X_TYPE_EAP_PACKET:
610 wpa_hexdump(MSG_MSGDUMP, "EAPOL - EAP packet", p, length);
612 case IEEE802_1X_TYPE_EAPOL_START:
613 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Start", p, length);
615 case IEEE802_1X_TYPE_EAPOL_LOGOFF:
616 wpa_hexdump(MSG_MSGDUMP, "EAPOL-Logoff", p, length);
618 case IEEE802_1X_TYPE_EAPOL_KEY:
619 rx_data_eapol_key(wt, dst, src, data, sizeof(*hdr) + length,
622 case IEEE802_1X_TYPE_EAPOL_ENCAPSULATED_ASF_ALERT:
623 wpa_hexdump(MSG_MSGDUMP, "EAPOL - Encapsulated ASF alert",
627 wpa_hexdump(MSG_MSGDUMP, "Unknown EAPOL payload", p, length);
633 static void rx_data_eth(struct wlantest *wt, const u8 *dst, const u8 *src,
634 u16 ethertype, const u8 *data, size_t len, int prot)
636 if (ethertype == ETH_P_PAE)
637 rx_data_eapol(wt, dst, src, data, len, prot);
641 static void rx_data_process(struct wlantest *wt, const u8 *dst, const u8 *src,
642 const u8 *data, size_t len, int prot)
647 if (len >= 8 && os_memcmp(data, "\xaa\xaa\x03\x00\x00\x00", 6) == 0) {
648 rx_data_eth(wt, dst, src, WPA_GET_BE16(data + 6),
649 data + 8, len - 8, prot);
653 wpa_hexdump(MSG_DEBUG, "Unrecognized LLC", data, len > 8 ? 8 : len);
657 static void rx_data_bss_prot(struct wlantest *wt,
658 const struct ieee80211_hdr *hdr, const u8 *qos,
659 const u8 *dst, const u8 *src, const u8 *data,
662 /* TODO: Try to decrypt and if success, call rx_data_process() with
667 static void rx_data_bss(struct wlantest *wt, const struct ieee80211_hdr *hdr,
668 const u8 *qos, const u8 *dst, const u8 *src,
669 const u8 *data, size_t len)
671 u16 fc = le_to_host16(hdr->frame_control);
672 int prot = !!(fc & WLAN_FC_ISWEP);
675 u8 ack = (qos[0] & 0x60) >> 5;
676 wpa_printf(MSG_MSGDUMP, "BSS DATA: " MACSTR " -> " MACSTR
677 " len=%u%s tid=%u%s%s",
678 MAC2STR(src), MAC2STR(dst), (unsigned int) len,
679 prot ? " Prot" : "", qos[0] & 0x0f,
680 (qos[0] & 0x10) ? " EOSP" : "",
682 (ack == 1 ? " NoAck" :
683 (ack == 2 ? " NoExpAck" : " BA")));
685 wpa_printf(MSG_MSGDUMP, "BSS DATA: " MACSTR " -> " MACSTR
687 MAC2STR(src), MAC2STR(dst), (unsigned int) len,
688 prot ? " Prot" : "");
692 rx_data_bss_prot(wt, hdr, qos, dst, src, data, len);
694 rx_data_process(wt, dst, src, data, len, 0);
698 void rx_data(struct wlantest *wt, const u8 *data, size_t len)
700 const struct ieee80211_hdr *hdr;
703 const u8 *qos = NULL;
708 hdr = (const struct ieee80211_hdr *) data;
709 fc = le_to_host16(hdr->frame_control);
710 stype = WLAN_FC_GET_STYPE(fc);
712 if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
713 (WLAN_FC_TODS | WLAN_FC_FROMDS))
723 switch (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) {
725 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s IBSS DA=" MACSTR " SA="
726 MACSTR " BSSID=" MACSTR,
727 data_stype(WLAN_FC_GET_STYPE(fc)),
728 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
729 fc & WLAN_FC_ISWEP ? " Prot" : "",
730 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
731 MAC2STR(hdr->addr3));
734 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s FromDS DA=" MACSTR
735 " BSSID=" MACSTR " SA=" MACSTR,
736 data_stype(WLAN_FC_GET_STYPE(fc)),
737 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
738 fc & WLAN_FC_ISWEP ? " Prot" : "",
739 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
740 MAC2STR(hdr->addr3));
741 rx_data_bss(wt, hdr, qos, hdr->addr1, hdr->addr2,
742 data + hdrlen, len - hdrlen);
745 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s ToDS BSSID=" MACSTR
746 " SA=" MACSTR " DA=" MACSTR,
747 data_stype(WLAN_FC_GET_STYPE(fc)),
748 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
749 fc & WLAN_FC_ISWEP ? " Prot" : "",
750 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
751 MAC2STR(hdr->addr3));
752 rx_data_bss(wt, hdr, qos, hdr->addr3, hdr->addr2,
753 data + hdrlen, len - hdrlen);
755 case WLAN_FC_TODS | WLAN_FC_FROMDS:
756 wpa_printf(MSG_EXCESSIVE, "DATA %s%s%s WDS RA=" MACSTR " TA="
757 MACSTR " DA=" MACSTR " SA=" MACSTR,
758 data_stype(WLAN_FC_GET_STYPE(fc)),
759 fc & WLAN_FC_PWRMGT ? " PwrMgt" : "",
760 fc & WLAN_FC_ISWEP ? " Prot" : "",
761 MAC2STR(hdr->addr1), MAC2STR(hdr->addr2),
763 MAC2STR((const u8 *) (hdr + 1)));