2 * hostapd - Management frame fuzzer
3 * Copyright (c) 2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #include "utils/includes.h"
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "ap/hostapd.h"
14 #include "ap/ieee802_11.h"
15 #include "ap/sta_info.h"
18 const struct wpa_driver_ops *const wpa_drivers[] =
26 struct hostapd_iface iface;
27 struct hostapd_data hapd;
28 struct wpa_driver_ops driver;
29 struct hostapd_config iconf;
30 struct hostapd_bss_config conf;
34 static void test_send_mgmt(void *eloop_data, void *user_ctx)
36 struct arg_ctx *ctx = eloop_data;
39 struct hostapd_frame_info fi;
41 wpa_printf(MSG_INFO, "ap-mgmt-fuzzer: Send '%s'", ctx->fname);
43 data = os_readfile(ctx->fname, &len);
45 wpa_printf(MSG_ERROR, "Could not read '%s'", ctx->fname);
49 wpa_hexdump(MSG_MSGDUMP, "fuzzer - WNM", data, len);
51 os_memset(&fi, 0, sizeof(fi));
52 ieee802_11_mgmt(&ctx->hapd, (u8 *) data, len, &fi);
60 static int init_hapd(struct arg_ctx *ctx)
62 struct hostapd_data *hapd = &ctx->hapd;
65 hapd->driver = &ctx->driver;
66 os_memcpy(hapd->own_addr, "\x02\x00\x00\x00\x03\x00", ETH_ALEN);
67 hapd->iface = &ctx->iface;
68 hapd->iface->conf = hostapd_config_defaults();;
69 if (!hapd->iface->conf)
71 hapd->iconf = hapd->iface->conf;
72 hapd->conf = hapd->iconf->bss[0];
73 hostapd_config_defaults_bss(hapd->conf);
75 sta = ap_sta_add(hapd, (u8 *) "\x02\x00\x00\x00\x00\x00");
77 sta->flags |= WLAN_STA_ASSOC | WLAN_STA_WMM;
83 int main(int argc, char *argv[])
89 printf("usage: %s <file>\n", argv[0]);
93 if (os_program_init())
97 wpa_debug_show_keys = 1;
100 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
104 os_memset(&ctx, 0, sizeof(ctx));
109 eloop_register_timeout(0, 0, test_send_mgmt, &ctx, NULL);
111 wpa_printf(MSG_DEBUG, "Starting eloop");
113 wpa_printf(MSG_DEBUG, "eloop done");
114 hostapd_free_stas(&ctx.hapd);
118 hostapd_config_free(ctx.hapd.iconf);