2 * PCAP capture file writer
3 * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #include "utils/includes.h"
13 #include "utils/common.h"
15 #include "common/qca-vendor.h"
18 int write_pcap_init(struct wlantest *wt, const char *fname)
20 wt->write_pcap = pcap_open_dead(DLT_IEEE802_11_RADIO, 4000);
21 if (wt->write_pcap == NULL)
23 wt->write_pcap_dumper = pcap_dump_open(wt->write_pcap, fname);
24 if (wt->write_pcap_dumper == NULL) {
25 pcap_close(wt->write_pcap);
26 wt->write_pcap = NULL;
30 wpa_printf(MSG_DEBUG, "Writing PCAP dump to '%s'", fname);
36 void write_pcap_deinit(struct wlantest *wt)
38 if (wt->write_pcap_dumper) {
39 pcap_dump_close(wt->write_pcap_dumper);
40 wt->write_pcap_dumper = NULL;
43 pcap_close(wt->write_pcap);
44 wt->write_pcap = NULL;
49 void write_pcap_captured(struct wlantest *wt, const u8 *buf, size_t len)
53 if (!wt->write_pcap_dumper)
56 os_memset(&h, 0, sizeof(h));
57 gettimeofday(&wt->write_pcap_time, NULL);
58 h.ts = wt->write_pcap_time;
61 pcap_dump(wt->write_pcap_dumper, &h, buf);
65 void write_pcap_decrypted(struct wlantest *wt, const u8 *buf1, size_t len1,
66 const u8 *buf2, size_t len2)
72 0x0e, 0x00, /* header len */
73 0x00, 0x00, 0x00, 0x40, /* present flags */
74 0x00, 0x13, 0x74, QCA_RADIOTAP_VID_WLANTEST,
80 if (!wt->write_pcap_dumper && !wt->pcapng)
83 os_free(wt->decrypted);
84 len = sizeof(rtap) + len1 + len2;
85 wt->decrypted = buf = os_malloc(len);
88 wt->decrypted_len = len;
89 os_memcpy(buf, rtap, sizeof(rtap));
91 os_memcpy(buf + sizeof(rtap), buf1, len1);
92 buf[sizeof(rtap) + 1] &= ~0x40; /* Clear Protected flag */
95 os_memcpy(buf + sizeof(rtap) + len1, buf2, len2);
97 if (!wt->write_pcap_dumper)
100 os_memset(&h, 0, sizeof(h));
101 h.ts = wt->write_pcap_time;
104 pcap_dump(wt->write_pcap_dumper, &h, buf);
108 struct pcapng_section_header {
109 u32 block_type; /* 0x0a0d0d0a */
111 u32 byte_order_magic;
115 u32 block_total_len2;
118 struct pcapng_interface_description {
119 u32 block_type; /* 0x00000001 */
124 u32 block_total_len2;
127 struct pcapng_enhanced_packet {
128 u32 block_type; /* 0x00000006 */
135 /* Packet data - aligned to 32 bits */
136 /* Options (variable) */
137 /* Block Total Length copy */
140 #define PCAPNG_BYTE_ORDER_MAGIC 0x1a2b3c4d
141 #define PCAPNG_BLOCK_IFACE_DESC 0x00000001
142 #define PCAPNG_BLOCK_PACKET 0x00000002
143 #define PCAPNG_BLOCK_SIMPLE_PACKET 0x00000003
144 #define PCAPNG_BLOCK_NAME_RESOLUTION 0x00000004
145 #define PCAPNG_BLOCK_INTERFACE_STATISTICS 0x00000005
146 #define PCAPNG_BLOCK_ENHANCED_PACKET 0x00000006
147 #define PCAPNG_BLOCK_SECTION_HEADER 0x0a0d0d0a
149 #define LINKTYPE_IEEE802_11 105
150 #define LINKTYPE_IEEE802_11_RADIO 127
152 #define PAD32(a) ((4 - ((a) & 3)) & 3)
153 #define ALIGN32(a) ((a) + PAD32((a)))
156 int write_pcapng_init(struct wlantest *wt, const char *fname)
158 struct pcapng_section_header hdr;
159 struct pcapng_interface_description desc;
161 wt->pcapng = fopen(fname, "wb");
162 if (wt->pcapng == NULL)
165 wpa_printf(MSG_DEBUG, "Writing PCAPNG dump to '%s'", fname);
167 os_memset(&hdr, 0, sizeof(hdr));
168 hdr.block_type = PCAPNG_BLOCK_SECTION_HEADER;
169 hdr.block_total_len = sizeof(hdr);
170 hdr.byte_order_magic = PCAPNG_BYTE_ORDER_MAGIC;
171 hdr.major_version = 1;
172 hdr.minor_version = 0;
173 hdr.section_len = -1;
174 hdr.block_total_len2 = hdr.block_total_len;
175 fwrite(&hdr, sizeof(hdr), 1, wt->pcapng);
177 os_memset(&desc, 0, sizeof(desc));
178 desc.block_type = PCAPNG_BLOCK_IFACE_DESC;
179 desc.block_total_len = sizeof(desc);
180 desc.block_total_len2 = desc.block_total_len;
181 desc.link_type = LINKTYPE_IEEE802_11_RADIO;
182 desc.snap_len = 65535;
183 fwrite(&desc, sizeof(desc), 1, wt->pcapng);
189 void write_pcapng_deinit(struct wlantest *wt)
198 static u8 * pcapng_add_comments(struct wlantest *wt, u8 *pos)
206 *((u16 *) pos) = 1 /* opt_comment */;
208 len = (u16 *) pos /* length to be filled in */;
211 for (i = 0; i < wt->num_notes; i++) {
212 size_t nlen = os_strlen(wt->notes[i]);
215 os_memcpy(pos, wt->notes[i], nlen);
218 *len = pos - (u8 *) len - 2;
221 *((u16 *) pos) = 0 /* opt_endofopt */;
230 static void write_pcapng_decrypted(struct wlantest *wt)
233 struct pcapng_enhanced_packet *pkt;
237 if (!wt->pcapng || wt->decrypted == NULL)
240 add_note(wt, MSG_EXCESSIVE, "decrypted version of the previous frame");
242 len = sizeof(*pkt) + wt->decrypted_len + 100 + notes_len(wt, 32);
243 pkt = os_zalloc(len);
247 pkt->block_type = PCAPNG_BLOCK_ENHANCED_PACKET;
248 pkt->interface_id = 0;
249 pkt->timestamp_high = wt->write_pcapng_time_high;
250 pkt->timestamp_low = wt->write_pcapng_time_low;
251 pkt->captured_len = wt->decrypted_len;
252 pkt->packet_len = wt->decrypted_len;
254 pos = (u8 *) (pkt + 1);
256 os_memcpy(pos, wt->decrypted, wt->decrypted_len);
257 pos += ALIGN32(wt->decrypted_len);
259 pos = pcapng_add_comments(wt, pos);
261 block_len = (u32 *) pos;
263 *block_len = pkt->block_total_len = pos - (u8 *) pkt;
265 fwrite(pkt, pos - (u8 *) pkt, 1, wt->pcapng);
271 void write_pcapng_write_read(struct wlantest *wt, int dlt,
272 struct pcap_pkthdr *hdr, const u8 *data)
274 struct pcapng_enhanced_packet *pkt;
278 size_t len, datalen = hdr->caplen;
282 0x0a, 0x00, /* header len */
283 0x02, 0x00, 0x00, 0x00, /* present flags */
294 len = sizeof(*pkt) + hdr->len + 100 + notes_len(wt, 32) + sizeof(rtap);
295 pkt = os_zalloc(len);
299 pkt->block_type = PCAPNG_BLOCK_ENHANCED_PACKET;
300 pkt->interface_id = 0;
301 timestamp = 1000000 * hdr->ts.tv_sec + hdr->ts.tv_usec;
302 pkt->timestamp_high = timestamp >> 32;
303 pkt->timestamp_low = timestamp & 0xffffffff;
304 wt->write_pcapng_time_high = pkt->timestamp_high;
305 wt->write_pcapng_time_low = pkt->timestamp_low;
306 pkt->captured_len = hdr->caplen;
307 pkt->packet_len = hdr->len;
309 pos = (u8 *) (pkt + 1);
312 case DLT_IEEE802_11_RADIO:
314 case DLT_PRISM_HEADER:
315 /* remove prism header (could be kept ... lazy) */
316 pkt->captured_len -= WPA_GET_LE32(data + 4);
317 pkt->packet_len -= WPA_GET_LE32(data + 4);
318 datalen -= WPA_GET_LE32(data + 4);
319 data += WPA_GET_LE32(data + 4);
322 pkt->captured_len += sizeof(rtap);
323 pkt->packet_len += sizeof(rtap);
324 os_memcpy(pos, &rtap, sizeof(rtap));
331 os_memcpy(pos, data, datalen);
332 pos += datalen + PAD32(pkt->captured_len);
333 pos = pcapng_add_comments(wt, pos);
335 block_len = (u32 *) pos;
337 *block_len = pkt->block_total_len = pos - (u8 *) pkt;
339 fwrite(pkt, pos - (u8 *) pkt, 1, wt->pcapng);
343 write_pcapng_decrypted(wt);
347 void write_pcapng_captured(struct wlantest *wt, const u8 *buf, size_t len)
349 struct pcap_pkthdr h;
354 os_memset(&h, 0, sizeof(h));
355 gettimeofday(&h.ts, NULL);
358 write_pcapng_write_read(wt, DLT_IEEE802_11_RADIO, &h, buf);