2 * Received frame processing for wired interface
3 * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
15 #include "utils/includes.h"
16 #include <net/ethernet.h>
17 #include <netinet/ip.h>
18 #include <netinet/udp.h>
20 #include "utils/common.h"
21 #include "radius/radius.h"
25 static struct wlantest_radius * radius_get(struct wlantest *wt, u32 srv,
28 struct wlantest_radius *r;
30 dl_list_for_each(r, &wt->radius, struct wlantest_radius, list) {
31 if (r->srv == srv && r->cli == cli)
35 r = os_zalloc(sizeof(*r));
41 dl_list_add(&wt->radius, &r->list);
47 static const char * radius_code_string(u8 code)
50 case RADIUS_CODE_ACCESS_REQUEST:
51 return "Access-Request";
52 case RADIUS_CODE_ACCESS_ACCEPT:
53 return "Access-Accept";
54 case RADIUS_CODE_ACCESS_REJECT:
55 return "Access-Reject";
56 case RADIUS_CODE_ACCOUNTING_REQUEST:
57 return "Accounting-Request";
58 case RADIUS_CODE_ACCOUNTING_RESPONSE:
59 return "Accounting-Response";
60 case RADIUS_CODE_ACCESS_CHALLENGE:
61 return "Access-Challenge";
62 case RADIUS_CODE_STATUS_SERVER:
63 return "Status-Server";
64 case RADIUS_CODE_STATUS_CLIENT:
65 return "Status-Client";
66 case RADIUS_CODE_RESERVED:
74 static void process_radius_access_request(struct wlantest *wt, u32 dst,
75 u32 src, const u8 *data, size_t len)
77 struct radius_msg *msg;
78 struct wlantest_radius *r;
80 msg = radius_msg_parse(data, len);
82 wpa_printf(MSG_DEBUG, "Failed to parse RADIUS Access-Request");
86 r = radius_get(wt, dst, src);
88 radius_msg_free(r->last_req);
96 static void wlantest_add_pmk(struct wlantest *wt, const u8 *pmk)
98 struct wlantest_pmk *p;
100 p = os_zalloc(sizeof(*p));
103 os_memcpy(p->pmk, pmk, 32);
104 dl_list_add(&wt->pmk, &p->list);
105 wpa_hexdump(MSG_INFO, "Add PMK", pmk, 32);
109 static void process_radius_access_accept(struct wlantest *wt, u32 dst, u32 src,
110 const u8 *data, size_t len)
112 struct radius_msg *msg;
113 struct wlantest_radius *r;
114 struct radius_ms_mppe_keys *keys;
115 struct wlantest_radius_secret *s;
117 r = radius_get(wt, src, dst);
118 if (r == NULL || r->last_req == NULL) {
119 wpa_printf(MSG_DEBUG, "No RADIUS Access-Challenge found for "
120 "decrypting Access-Accept keys");
124 msg = radius_msg_parse(data, len);
126 wpa_printf(MSG_DEBUG, "Failed to parse RADIUS Access-Accept");
130 dl_list_for_each(s, &wt->secret, struct wlantest_radius_secret, list) {
132 keys = radius_msg_get_ms_keys(msg, r->last_req,
134 os_strlen(s->secret));
135 if (keys && keys->send && keys->recv) {
137 wpa_hexdump_key(MSG_DEBUG, "MS-MPPE-Send-Key",
138 keys->send, keys->send_len);
139 wpa_hexdump_key(MSG_DEBUG, "MS-MPPE-Recv-Key",
140 keys->recv, keys->recv_len);
141 os_memcpy(pmk, keys->recv,
142 keys->recv_len > 32 ? 32 : keys->recv_len);
143 if (keys->recv_len < 32) {
144 os_memcpy(pmk + keys->recv_len,
146 keys->recv_len + keys->send_len > 32
147 ? 32 : 32 - keys->recv_len);
149 wlantest_add_pmk(wt, pmk);
163 radius_msg_free(msg);
167 static void process_radius(struct wlantest *wt, u32 dst, u16 dport, u32 src,
168 u16 sport, const u8 *data, size_t len)
172 const struct radius_hdr *hdr;
175 if (len < sizeof(*hdr))
177 hdr = (const struct radius_hdr *) data;
178 rlen = be_to_host16(hdr->length);
185 snprintf(buf, sizeof(buf), "%s", inet_ntoa(addr));
188 wpa_printf(MSG_DEBUG, "RADIUS %s:%u -> %s:%u id=%u %s",
189 inet_ntoa(addr), sport, buf, dport, hdr->identifier,
190 radius_code_string(hdr->code));
193 case RADIUS_CODE_ACCESS_REQUEST:
194 process_radius_access_request(wt, dst, src, data, len);
196 case RADIUS_CODE_ACCESS_ACCEPT:
197 process_radius_access_accept(wt, dst, src, data, len);
203 static void process_udp(struct wlantest *wt, u32 dst, u32 src,
204 const u8 *data, size_t len)
206 const struct udphdr *udp;
207 u16 sport, dport, ulen;
211 if (len < sizeof(*udp))
213 udp = (const struct udphdr *) data;
214 /* TODO: check UDP checksum */
215 sport = be_to_host16(udp->source);
216 dport = be_to_host16(udp->dest);
217 ulen = be_to_host16(udp->len);
224 payload = (const u8 *) (udp + 1);
225 plen = len - sizeof(*udp);
227 if (sport == 1812 || dport == 1812)
228 process_radius(wt, dst, dport, src, sport, payload, plen);
232 static void process_ipv4(struct wlantest *wt, const u8 *data, size_t len)
234 const struct iphdr *ip;
237 u16 frag_off, tot_len;
239 if (len < sizeof(*ip))
242 ip = (const struct iphdr *) data;
243 if (ip->version != 4)
248 /* TODO: check header checksum in ip->check */
250 frag_off = be_to_host16(ip->frag_off);
251 if (frag_off & 0x1fff) {
252 wpa_printf(MSG_EXCESSIVE, "IP fragment reassembly not yet "
257 tot_len = be_to_host16(ip->tot_len);
263 payload = data + 4 * ip->ihl;
264 plen = len - 4 * ip->ihl;
265 if (payload + plen > data + len)
268 switch (ip->protocol) {
270 process_udp(wt, ip->daddr, ip->saddr, payload, plen);
276 void wlantest_process_wired(struct wlantest *wt, const u8 *data, size_t len)
278 const struct ether_header *eth;
281 wpa_hexdump(MSG_EXCESSIVE, "Process wired frame", data, len);
283 if (len < sizeof(*eth))
286 eth = (const struct ether_header *) data;
287 ethertype = be_to_host16(eth->ether_type);
291 process_ipv4(wt, data + sizeof(*eth), len - sizeof(*eth));