2 This file is part of GNUnet.
3 Copyright (C) 2010, 2011, 2012 GNUnet e.V.
4 Copyright (c) 2007, 2008, Andy Green <andy@warmcat.com>
5 Copyright Copyright (C) 2009 Thomas d'Otreppe
7 GNUnet is free software: you can redistribute it and/or modify it
8 under the terms of the GNU Affero General Public License as published
9 by the Free Software Foundation, either version 3 of the License,
10 or (at your option) any later version.
12 GNUnet is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Affero General Public License for more details.
17 You should have received a copy of the GNU Affero General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 SPDX-License-Identifier: AGPL3.0-or-later
23 * @file src/transport/gnunet-helper-transport-wlan.c
24 * @brief mediator between the wlan interface and gnunet; must run as root (SUID will do)
25 * This code will work under GNU/Linux only.
26 * @author David Brodski
27 * @author Christian Grothoff
29 * This program will allow receiving and sending traffic from the WLAN
30 * interface. It will force traffic to be in 'ad-hoc' mode, use the
31 * proper MAC address of the WLAN interface and use a GNUnet-specific
32 * SSID (and a GNUnet-specific SNAP header). It only takes a single
33 * argument, which is the name of the WLAN interface to use. The
34 * program detects if the interface is not a WLAN interface and exits
35 * with an error in that case.
37 * Once initialized, the program will first send a 'struct
38 * GNUNET_TRANSPORT_WLAN_HelperControlMessage' to 'stdout'. That
39 * message contains the MAC address of the WLAN interface. It will
40 * then read messages from the WLAN interface and send them together
41 * with performance information as 'struct
42 * GNUNET_TRANSPORT_WLAN_RadiotapReceiveMessage' messages to 'stdout'.
43 * Furthermore, it will read a stream of messages from 'stdin' that
44 * have the format from 'struct
45 * GNUNET_TRANSPORT_WLAN_RadiotapSendMessage'. Those messages will
46 * then be sent via the WLAN interface; however, the sender MAC
47 * address will be forced to be the correct address from our WLAN
48 * card. If 'stdin' closes, receiving from the WLAN interface will
49 * continue. If 'stdout' causes a SIGPIPE, the process dies from the
50 * signal. Errors cause an error message to be reported to 'stderr',
51 * in most cases the process also exits (with status code '1'). The
52 * program never terminates normally; it is safe to kill the
53 * process with SIGTERM or SIGKILL at any time.
55 * Since it uses RAW sockets, the binary must be installed SUID or run
56 * as 'root'. In order to keep the security risk of the resulting
57 * SUID binary minimal, the program ONLY opens the RAW socket with
58 * root privileges, then drops them and only then starts to process
59 * command line arguments. The code also does not link against any
60 * shared libraries (except libc) and is strictly minimal (except for
61 * checking for errors). The following list of people have reviewed
62 * this code and considered it safe since the last modification (if
63 * you reviewed it, please have your name added to the list):
65 * - Christian Grothoff (Apr 3rd 2012)
69 * we use our local copy of ieee80211_radiotap.h
71 * - since we can't support extensions we don't understand
72 * - since linux does not include it in userspace headers
74 * Portions of this code were taken from the ieee80211_radiotap.h header,
77 * Copyright (c) 2003, 2004 David Young. All rights reserved.
79 * Redistribution and use in source and binary forms, with or without
80 * modification, are permitted provided that the following conditions
82 * 1. Redistributions of source code must retain the above copyright
83 * notice, this list of conditions and the following disclaimer.
84 * 2. Redistributions in binary form must reproduce the above copyright
85 * notice, this list of conditions and the following disclaimer in the
86 * documentation and/or other materials provided with the distribution.
87 * 3. The name of David Young may not be used to endorse or promote
88 * products derived from this software without specific prior
91 * THIS SOFTWARE IS PROVIDED BY DAVID YOUNG ``AS IS'' AND ANY
92 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
93 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
94 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DAVID
95 * YOUNG BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
96 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
97 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
98 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
99 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
100 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
101 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
106 * Modifications to fit into the linux IEEE 802.11 stack,
107 * Mike Kershaw (dragorn@kismetwireless.net)
110 * parts taken from aircrack-ng, parts changend.
112 #include "gnunet_config.h"
115 #include <sys/socket.h>
116 #include <sys/ioctl.h>
117 #include <sys/types.h>
119 #include <sys/wait.h>
120 #include <sys/time.h>
121 #include <sys/stat.h>
122 #include <netpacket/packet.h>
123 #include <linux/if_ether.h>
124 #include <linux/if.h>
125 #include <linux/wireless.h>
126 #include <netinet/in.h>
127 #include <linux/if_tun.h>
135 #include <sys/param.h>
139 #include "gnunet_protocols.h"
140 #include "plugin_transport_wlan.h"
143 * Packet format type for the messages we receive from
144 * the kernel. This is for Ethernet 10Mbps format (no
145 * performance information included).
147 #define ARPHRD_ETHER 1
151 * Packet format type for the messages we receive from
152 * the kernel. This is for plain messages (with no
153 * performance information included).
155 #define ARPHRD_IEEE80211 801
159 * Packet format type for the messages we receive from
160 * the kernel. This is for the PRISM format.
162 #define ARPHRD_IEEE80211_PRISM 802
165 * Packet format type for the messages we receive from
166 * the kernel. This is for messages with a
167 * 'struct Ieee80211RadiotapHeader' (see below).
169 #define ARPHRD_IEEE80211_FULL 803
173 * Maximum size of a message allowed in either direction
174 * (used for our receive and sent buffers).
180 /* ********* structure of messages of type ARPHRD_IEEE80211_PRISM *********** */
183 * Device name length in PRISM frames.
184 * (In the kernel, this is "WLAN_DEVNAMELEN_MAX")
186 #define PRISM_DEVICE_NAME_LENGTH 16
189 * Monitor Frame (indicator that we have a 'struct PrismHeader').
191 #define PRISM_MSGCODE_MONITOR 0x0041
194 * Mac time element. In micro-seconds.
195 * Drivers appear to use a 64bit counter to hold mactime internal
196 * the then fill the prism header with the lower 32 bits
198 #define PRISM_DID_MACTIME 0x2041
203 #define PRISM_DID_CHANNEL 0x3041
206 * Signal element. Should be the signal strength in dbm, some people
207 * suggest that instead "100 - (strength in dbm)" is used (to make this
208 * a positive integer).
210 #define PRISM_DID_SIGNAL 0x6041
215 #define PRISM_DID_NOISE 0x7041
218 * Rate element, in units/multiples of 500Khz
220 #define PRISM_DID_RATE 0x8041
224 * Value is set (supplied)
226 #define PRISM_STATUS_OK 0
229 * Value not supplied.
231 #define PRISM_STATUS_NO_VALUE 1
235 * Values in the 'struct PrismHeader'. All in host byte order (!).
239 * This has a different ID for each parameter, see
240 * PRISM_DID_* constants.
245 * See PRISM_STATUS_*-constants. Note that they are unusual: 0 = set; 1 = not set
250 * length of data (which is always a uint32_t, but presumably this can be used
251 * to specify that fewer bytes are used (with values in 'len' from 0-4). We
260 } __attribute__ ((packed));
264 * Prism header format ('struct p80211msg' in Linux). All in host byte order (!).
268 * We expect this to be a PRISM_MSGCODE_*.
273 * The length of the entire header.
278 * Name of the device that captured the packet.
280 char devname[PRISM_DEVICE_NAME_LENGTH];
282 /* followed by 'struct PrismValue's. Documentation suggests that these
283 are typically the hosttime, mactime, channel, rssi, sq, signal, noise,
284 rate, istx and frmlen values, but documentation is sparse. So we
285 will use the 'did' fields to find out what we actually got. */
286 } __attribute__ ((packed));
289 /* ****** end of structure of messages of type ARPHRD_IEEE80211_PRISM ******* */
291 /* ********** structure of messages of type ARPHRD_IEEE80211_FULL *********** */
294 * Bits in the 'it_present' bitmask from the 'struct
295 * Ieee80211RadiotapHeader'. For each value, we give the name, data
296 * type, unit and then a description below. Note that the actual size
297 * of the extension can be bigger as arguments must be padded so that
298 * args of a given length must begin at a boundary of that length.
299 * However, note that compound args are allowed (eg, 2 x uint16_t for
300 * IEEE80211_RADIOTAP_CHANNEL) so total argument length is not a
301 * reliable indicator of alignment requirement. See also
302 * 'man 9 ieee80211_radiotap'.
306 * IEEE80211_RADIOTAP_TSFT __le64 microseconds
308 * Value in microseconds of the MAC's 64-bit 802.11 Time
309 * Synchronization Function timer when the first bit of the
310 * MPDU arrived at the MAC. For received frames, only.
312 IEEE80211_RADIOTAP_TSFT = 0,
315 * IEEE80211_RADIOTAP_FLAGS uint8_t bitmap
317 * Properties of transmitted and received frames. See flags
320 IEEE80211_RADIOTAP_FLAGS = 1,
323 * IEEE80211_RADIOTAP_RATE uint8_t 500kb/s
327 IEEE80211_RADIOTAP_RATE = 2,
330 * IEEE80211_RADIOTAP_CHANNEL 2 x __le16 MHz, bitmap
332 * Tx/Rx frequency in MHz, followed by flags (see below).
334 IEEE80211_RADIOTAP_CHANNEL = 3,
336 * IEEE80211_RADIOTAP_FHSS __le16 see below
338 * For frequency-hopping radios, the hop set (first byte)
339 * and pattern (second byte).
341 IEEE80211_RADIOTAP_FHSS = 4,
344 * IEEE80211_RADIOTAP_DBM_ANTSIGNAL s8 decibels from
345 * one milliwatt (dBm)
347 * RF signal power at the antenna, decibel difference from
350 IEEE80211_RADIOTAP_DBM_ANTSIGNAL = 5,
353 * IEEE80211_RADIOTAP_DBM_ANTNOISE s8 decibels from
354 * one milliwatt (dBm)
356 * RF noise power at the antenna, decibel difference from one
359 IEEE80211_RADIOTAP_DBM_ANTNOISE = 6,
362 * IEEE80211_RADIOTAP_LOCK_QUALITY __le16 unitless
364 * Quality of Barker code lock. Unitless. Monotonically
365 * nondecreasing with "better" lock strength. Called "Signal
366 * Quality" in datasheets. (Is there a standard way to measure
369 IEEE80211_RADIOTAP_LOCK_QUALITY = 7,
372 * IEEE80211_RADIOTAP_TX_ATTENUATION __le16 unitless
374 * Transmit power expressed as unitless distance from max
375 * power set at factory calibration. 0 is max power.
376 * Monotonically nondecreasing with lower power levels.
378 IEEE80211_RADIOTAP_TX_ATTENUATION = 8,
381 * IEEE80211_RADIOTAP_DB_TX_ATTENUATION __le16 decibels (dB)
383 * Transmit power expressed as decibel distance from max power
384 * set at factory calibration. 0 is max power. Monotonically
385 * nondecreasing with lower power levels.
387 IEEE80211_RADIOTAP_DB_TX_ATTENUATION = 9,
390 * IEEE80211_RADIOTAP_DBM_TX_POWER s8 decibels from
391 * one milliwatt (dBm)
393 * Transmit power expressed as dBm (decibels from a 1 milliwatt
394 * reference). This is the absolute power level measured at
397 IEEE80211_RADIOTAP_DBM_TX_POWER = 10,
400 * IEEE80211_RADIOTAP_ANTENNA uint8_t antenna index
402 * Unitless indication of the Rx/Tx antenna for this packet.
403 * The first antenna is antenna 0.
405 IEEE80211_RADIOTAP_ANTENNA = 11,
408 * IEEE80211_RADIOTAP_DB_ANTSIGNAL uint8_t decibel (dB)
410 * RF signal power at the antenna, decibel difference from an
411 * arbitrary, fixed reference.
413 IEEE80211_RADIOTAP_DB_ANTSIGNAL = 12,
416 * IEEE80211_RADIOTAP_DB_ANTNOISE uint8_t decibel (dB)
418 * RF noise power at the antenna, decibel difference from an
419 * arbitrary, fixed reference point.
421 IEEE80211_RADIOTAP_DB_ANTNOISE = 13,
424 * IEEE80211_RADIOTAP_RX_FLAGS __le16 bitmap
426 * Properties of received frames. See flags defined below.
428 IEEE80211_RADIOTAP_RX_FLAGS = 14,
431 * IEEE80211_RADIOTAP_TX_FLAGS __le16 bitmap
433 * Properties of transmitted frames. See flags defined below.
435 IEEE80211_RADIOTAP_TX_FLAGS = 15,
438 * IEEE80211_RADIOTAP_RTS_RETRIES uint8_t data
440 * Number of rts retries a transmitted frame used.
442 IEEE80211_RADIOTAP_RTS_RETRIES = 16,
445 * IEEE80211_RADIOTAP_DATA_RETRIES uint8_t data
447 * Number of unicast retries a transmitted frame used.
449 IEEE80211_RADIOTAP_DATA_RETRIES = 17,
452 * Extension bit, used to indicate that more bits are needed for
455 IEEE80211_RADIOTAP_EXT = 31
459 * Bitmask indicating an extension of the bitmask is used.
460 * (Mask corresponding to IEEE80211_RADIOTAP_EXT).
462 #define IEEE80211_RADIOTAP_PRESENT_EXTEND_MASK (1 << IEEE80211_RADIOTAP_EXT)
467 * Bit in IEEE80211_RADIOTAP_FLAGS (which we might get
468 * as part of a 'struct Ieee80211RadiotapHeader' extension
469 * if the IEEE80211_RADIOTAP_FLAGS bit is set in
470 * 'it_present'). The radiotap flags are an 8-bit field.
472 * Frame was sent/received during CFP (Contention Free Period)
474 #define IEEE80211_RADIOTAP_F_CFP 0x01
477 * Bit in IEEE80211_RADIOTAP_FLAGS (which we might get
478 * as part of a 'struct Ieee80211RadiotapHeader' extension
479 * if the IEEE80211_RADIOTAP_FLAGS bit is set in
480 * 'it_present'). The radiotap flags are an 8-bit field.
482 * Frame was sent/received with short preamble
484 #define IEEE80211_RADIOTAP_F_SHORTPRE 0x02
487 * Bit in IEEE80211_RADIOTAP_FLAGS (which we might get
488 * as part of a 'struct Ieee80211RadiotapHeader' extension
489 * if the IEEE80211_RADIOTAP_FLAGS bit is set in
490 * 'it_present'). The radiotap flags are an 8-bit field.
492 * Frame was sent/received with WEP encryption
494 #define IEEE80211_RADIOTAP_F_WEP 0x04
497 * Bit in IEEE80211_RADIOTAP_FLAGS (which we might get
498 * as part of a 'struct Ieee80211RadiotapHeader' extension
499 * if the IEEE80211_RADIOTAP_FLAGS bit is set in
500 * 'it_present'). The radiotap flags are an 8-bit field.
502 * Frame was sent/received with fragmentation
504 #define IEEE80211_RADIOTAP_F_FRAG 0x08
507 * Bit in IEEE80211_RADIOTAP_FLAGS (which we might get
508 * as part of a 'struct Ieee80211RadiotapHeader' extension
509 * if the IEEE80211_RADIOTAP_FLAGS bit is set in
510 * 'it_present'). The radiotap flags are an 8-bit field.
512 * Frame includes FCS (CRC at the end that needs to be removeD).
514 #define IEEE80211_RADIOTAP_F_FCS 0x10
517 * Bit in IEEE80211_RADIOTAP_FLAGS (which we might get
518 * as part of a 'struct Ieee80211RadiotapHeader' extension
519 * if the IEEE80211_RADIOTAP_FLAGS bit is set in
520 * 'it_present'). The radiotap flags are an 8-bit field.
522 * Frame has padding between 802.11 header and payload
523 * (to 32-bit boundary)
525 #define IEEE80211_RADIOTAP_F_DATAPAD 0x20
529 * For IEEE80211_RADIOTAP_RX_FLAGS:
530 * frame failed crc check
532 #define IEEE80211_RADIOTAP_F_RX_BADFCS 0x0001
535 * For IEEE80211_RADIOTAP_TX_FLAGS ('txflags' in 'struct RadiotapTransmissionHeader'):
536 * failed due to excessive retries
538 #define IEEE80211_RADIOTAP_F_TX_FAIL 0x0001
541 * For IEEE80211_RADIOTAP_TX_FLAGS ('txflags' in 'struct RadiotapTransmissionHeader'):
542 * used cts 'protection'
544 #define IEEE80211_RADIOTAP_F_TX_CTS 0x0002
547 * For IEEE80211_RADIOTAP_TX_FLAGS ('txflags' in 'struct RadiotapTransmissionHeader'):
548 * used rts/cts handshake
550 #define IEEE80211_RADIOTAP_F_TX_RTS 0x0004
553 * For IEEE80211_RADIOTAP_TX_FLAGS ('txflags' in 'struct RadiotapTransmissionHeader'):
554 * frame should not be ACKed
556 #define IEEE80211_RADIOTAP_F_TX_NOACK 0x0008
559 * For IEEE80211_RADIOTAP_TX_FLAGS ('txflags' in 'struct RadiotapTransmissionHeader'):
560 * sequence number handled by userspace
562 #define IEEE80211_RADIOTAP_F_TX_NOSEQ 0x0010
566 * Generic header for radiotap messages (receiving and sending). A
567 * bit mask (it_present) determines which specific records follow.
569 * I am trying to describe precisely what the application programmer
570 * should expect in the following, and for that reason I tell the
571 * units and origin of each measurement (where it applies), or else I
572 * use sufficiently weaselly language ("is a monotonically nondecreasing
573 * function of...") that I cannot set false expectations for lawyerly
576 * The radio capture header precedes the 802.11 header.
577 * All data in the header is little endian on all platforms.
579 struct Ieee80211RadiotapHeader {
581 * Version 0. Only increases for drastic changes, introduction of
582 * compatible new fields does not count.
592 * length of the whole header in bytes, including it_version,
593 * it_pad, it_len, and data fields.
598 * A bitmap telling which fields are present. Set bit 31
599 * (0x80000000) to extend the bitmap by another 32 bits. Additional
600 * extensions are made by setting bit 31.
607 * Format of the header we need to prepend to messages to be sent to the
610 struct RadiotapTransmissionHeader {
612 * First we begin with the 'generic' header we also get when receiving
615 struct Ieee80211RadiotapHeader header;
618 * Transmission rate (we use 0, kernel makes up its mind anyway).
623 * Padding (we use 0). There is a requirement to pad args, so that
624 * args of a given length must begin at a boundary of that length.
625 * As our next argument is the 'it_len' with 2 bytes, we need 1 byte
631 * Transmission flags from on the IEEE80211_RADIOTAP_F_TX_* constant family.
637 * The above 'struct RadiotapTransmissionHeader' should have the
638 * following value for 'header.it_present' based on the presence of
639 * the 'rate' and 'txflags' in the overall struct.
641 #define IEEE80211_RADIOTAP_OUR_TRANSMISSION_HEADER_MASK ((1 << IEEE80211_RADIOTAP_RATE) | (1 << IEEE80211_RADIOTAP_TX_FLAGS))
646 * struct Ieee80211RadiotapHeaderIterator - tracks walk through present radiotap arguments
647 * in the radiotap header. Used when we parse radiotap packets received from the kernel.
649 struct Ieee80211RadiotapHeaderIterator {
651 * pointer to the radiotap header we are walking through
653 const struct Ieee80211RadiotapHeader *rtheader;
656 * pointer to current radiotap arg
658 const uint8_t *this_arg;
661 * internal next argument pointer
666 * internal pointer to next present uint32_t (if IEEE80211_RADIOTAP_EXT is used).
668 const uint32_t *next_bitmap;
671 * length of radiotap header in host byte ordering
676 * internal shifter for current uint32_t bitmap, (it_present in host byte order),
677 * If bit 0 is set, the 'arg_index' argument is present.
679 uint32_t bitmap_shifter;
682 * IEEE80211_RADIOTAP_... index of current arg
684 unsigned int this_arg_index;
687 * internal next argument index
689 unsigned int arg_index;
693 /* ************** end of structure of ARPHRD_IEEE80211_FULL ************** */
695 /* ************************** our globals ******************************* */
698 * struct for storing the information of the hardware. There is only
701 struct HardwareInfos {
703 * file descriptor for the raw socket
708 * Which format has the header that we're getting when receiving packets?
709 * Some ARPHRD_IEEE80211_XXX-value.
714 * Name of the interface, not necessarily 0-terminated (!).
716 char iface[IFNAMSIZ];
719 * MAC address of our own WLAN interface.
721 struct GNUNET_TRANSPORT_WLAN_MacAddress pl_mac;
726 * IO buffer used for buffering data in transit (to wireless or to stdout).
730 * How many bytes of data are stored in 'buf' for transmission right now?
731 * Data always starts at offset 0 and extends to 'size'.
736 * How many bytes that were stored in 'buf' did we already write to the
737 * destination? Always smaller than 'size'.
742 * Buffered data; twice the maximum allowed message size as we add some
745 char buf[MAXLINE * 2];
750 * Buffer for data read from stdin to be transmitted to the wirless card.
752 static struct SendBuffer write_pout;
755 * Buffer for data read from the wireless card to be transmitted to stdout.
757 static struct SendBuffer write_std;
761 /* *********** specialized version of server_mst.c begins here ********** */
764 * To what multiple do we align messages? 8 byte should suffice for everyone
767 #define ALIGN_FACTOR 8
770 * Smallest supported message.
772 #define MIN_BUFFER_SIZE sizeof(struct GNUNET_MessageHeader)
776 * Functions with this signature are called whenever a
777 * complete message is received by the tokenizer.
780 * @param message the actual message
782 typedef void (*MessageTokenizerCallback) (void *cls,
784 GNUNET_MessageHeader *
788 * Handle to a message stream tokenizer.
790 struct MessageStreamTokenizer {
792 * Function to call on completed messages.
794 MessageTokenizerCallback cb;
802 * Size of the buffer (starting at 'hdr').
807 * How many bytes in buffer have we already processed?
812 * How many bytes in buffer are valid right now?
817 * Beginning of the buffer. Typed like this to force alignment.
819 struct GNUNET_MessageHeader *hdr;
824 * Create a message stream tokenizer.
826 * @param cb function to call on completed messages
827 * @param cb_cls closure for cb
828 * @return handle to tokenizer
830 static struct MessageStreamTokenizer *
831 mst_create(MessageTokenizerCallback cb,
834 struct MessageStreamTokenizer *ret;
836 ret = malloc(sizeof(struct MessageStreamTokenizer));
839 fprintf(stderr, "Failed to allocate buffer for tokenizer\n");
842 ret->hdr = malloc(MIN_BUFFER_SIZE);
843 if (NULL == ret->hdr)
845 fprintf(stderr, "Failed to allocate buffer for alignment\n");
848 ret->curr_buf = MIN_BUFFER_SIZE;
850 ret->cb_cls = cb_cls;
856 * Add incoming data to the receive buffer and call the
857 * callback for all complete messages.
859 * @param mst tokenizer to use
860 * @param buf input data to add
861 * @param size number of bytes in buf
862 * @return GNUNET_OK if we are done processing (need more data)
863 * GNUNET_SYSERR if the data stream is corrupt
866 mst_receive(struct MessageStreamTokenizer *mst,
867 const char *buf, size_t size)
869 const struct GNUNET_MessageHeader *hdr;
874 unsigned long offset;
878 ibuf = (char *)mst->hdr;
882 if ((mst->curr_buf - mst->off < sizeof(struct GNUNET_MessageHeader)) ||
883 (0 != (mst->off % ALIGN_FACTOR)))
885 /* need to align or need more space */
886 mst->pos -= mst->off;
887 memmove(ibuf, &ibuf[mst->off], mst->pos);
890 if (mst->pos - mst->off < sizeof(struct GNUNET_MessageHeader))
893 GNUNET_MIN(sizeof(struct GNUNET_MessageHeader) -
894 (mst->pos - mst->off), size);
895 GNUNET_memcpy(&ibuf[mst->pos], buf, delta);
900 if (mst->pos - mst->off < sizeof(struct GNUNET_MessageHeader))
904 hdr = (const struct GNUNET_MessageHeader *)&ibuf[mst->off];
905 want = ntohs(hdr->size);
906 if (want < sizeof(struct GNUNET_MessageHeader))
909 "Received invalid message from stdin\n");
912 if (mst->curr_buf - mst->off < want)
914 /* need more space */
915 mst->pos -= mst->off;
916 memmove(ibuf, &ibuf[mst->off], mst->pos);
919 if (want > mst->curr_buf)
921 mst->hdr = realloc(mst->hdr, want);
922 if (NULL == mst->hdr)
924 fprintf(stderr, "Failed to allocate buffer for alignment\n");
927 ibuf = (char *)mst->hdr;
928 mst->curr_buf = want;
930 hdr = (const struct GNUNET_MessageHeader *)&ibuf[mst->off];
931 if (mst->pos - mst->off < want)
933 delta = GNUNET_MIN(want - (mst->pos - mst->off), size);
934 GNUNET_memcpy(&ibuf[mst->pos], buf, delta);
939 if (mst->pos - mst->off < want)
943 mst->cb(mst->cb_cls, hdr);
945 if (mst->off == mst->pos)
947 /* reset to beginning of buffer, it's free right now! */
954 if (size < sizeof(struct GNUNET_MessageHeader))
956 offset = (unsigned long)buf;
957 need_align = (0 != offset % ALIGN_FACTOR) ? GNUNET_YES : GNUNET_NO;
958 if (GNUNET_NO == need_align)
960 /* can try to do zero-copy and process directly from original buffer */
961 hdr = (const struct GNUNET_MessageHeader *)buf;
962 want = ntohs(hdr->size);
963 if (want < sizeof(struct GNUNET_MessageHeader))
966 "Received invalid message from stdin\n");
970 break; /* or not, buffer incomplete, so copy to private buffer... */
971 mst->cb(mst->cb_cls, hdr);
977 /* need to copy to private buffer to align;
978 * yes, we go a bit more spagetti than usual here */
984 if (size + mst->pos > mst->curr_buf)
986 mst->hdr = realloc(mst->hdr, size + mst->pos);
987 if (NULL == mst->hdr)
989 fprintf(stderr, "Failed to allocate buffer for alignment\n");
992 ibuf = (char *)mst->hdr;
993 mst->curr_buf = size + mst->pos;
995 if (mst->pos + size > mst->curr_buf)
998 "Assertion failed\n");
1001 GNUNET_memcpy(&ibuf[mst->pos], buf, size);
1009 * Destroys a tokenizer.
1011 * @param mst tokenizer to destroy
1014 mst_destroy(struct MessageStreamTokenizer *mst)
1020 /* ***************** end of server_mst.c clone ***************** **/
1023 /* ************** code for handling of ARPHRD_IEEE80211_FULL ************** */
1026 * Radiotap header iteration
1028 * call __ieee80211_radiotap_iterator_init() to init a semi-opaque iterator
1029 * struct Ieee80211RadiotapHeaderIterator (no need to init the struct beforehand)
1030 * then loop calling __ieee80211_radiotap_iterator_next()... it returns -1
1031 * if there are no more args in the header, or the next argument type index
1032 * that is present. The iterator's this_arg member points to the start of the
1033 * argument associated with the current argument index that is present,
1034 * which can be found in the iterator's this_arg_index member. This arg
1035 * index corresponds to the IEEE80211_RADIOTAP_... defines.
1037 * @param iterator iterator to initialize
1038 * @param radiotap_header message to parse
1039 * @param max_length number of valid bytes in radiotap_header
1040 * @return 0 on success, -1 on error
1043 ieee80211_radiotap_iterator_init(struct Ieee80211RadiotapHeaderIterator *iterator,
1044 const struct Ieee80211RadiotapHeader *radiotap_header,
1047 if ((iterator == NULL) ||
1048 (radiotap_header == NULL))
1051 /* Linux only supports version 0 radiotap format */
1052 if (0 != radiotap_header->it_version)
1055 /* sanity check for allowed length and radiotap length field */
1056 if ((max_length < sizeof(struct Ieee80211RadiotapHeader)) ||
1057 (max_length < (GNUNET_le16toh(radiotap_header->it_len))))
1060 memset(iterator, 0, sizeof(struct Ieee80211RadiotapHeaderIterator));
1061 iterator->rtheader = radiotap_header;
1062 iterator->max_length = GNUNET_le16toh(radiotap_header->it_len);
1063 iterator->bitmap_shifter = GNUNET_le32toh(radiotap_header->it_present);
1064 iterator->arg = ((uint8_t *)radiotap_header) + sizeof(struct Ieee80211RadiotapHeader);
1066 /* find payload start allowing for extended bitmap(s) */
1067 if (0 != (iterator->bitmap_shifter & IEEE80211_RADIOTAP_PRESENT_EXTEND_MASK))
1069 while (GNUNET_le32toh(*((uint32_t *)iterator->arg)) & IEEE80211_RADIOTAP_PRESENT_EXTEND_MASK)
1071 iterator->arg += sizeof(uint32_t);
1073 * check for insanity where the present bitmaps
1074 * keep claiming to extend up to or even beyond the
1075 * stated radiotap header length
1077 if (iterator->arg - ((uint8_t*)iterator->rtheader) > iterator->max_length)
1080 iterator->arg += sizeof(uint32_t);
1082 * no need to check again for blowing past stated radiotap
1083 * header length, becuase ieee80211_radiotap_iterator_next
1084 * checks it before it is dereferenced
1087 /* we are all initialized happily */
1093 * Returns the next radiotap parser iterator arg.
1095 * This function returns the next radiotap arg index (IEEE80211_RADIOTAP_...)
1096 * and sets iterator->this_arg to point to the payload for the arg. It takes
1097 * care of alignment handling and extended present fields. interator->this_arg
1098 * can be changed by the caller. The args pointed to are in little-endian
1101 * @param iterator: radiotap_iterator to move to next arg (if any)
1102 * @return next present arg index on success or -1 if no more or error
1105 ieee80211_radiotap_iterator_next(struct Ieee80211RadiotapHeaderIterator *iterator)
1108 * small length lookup table for all radiotap types we heard of
1109 * starting from b0 in the bitmap, so we can walk the payload
1110 * area of the radiotap header
1112 * There is a requirement to pad args, so that args
1113 * of a given length must begin at a boundary of that length
1114 * -- but note that compound args are allowed (eg, 2 x uint16_t
1115 * for IEEE80211_RADIOTAP_CHANNEL) so total arg length is not
1116 * a reliable indicator of alignment requirement.
1118 * upper nybble: content alignment for arg
1119 * lower nybble: content length for arg
1122 static const uint8_t rt_sizes[] = {
1123 [IEEE80211_RADIOTAP_TSFT] = 0x88,
1124 [IEEE80211_RADIOTAP_FLAGS] = 0x11,
1125 [IEEE80211_RADIOTAP_RATE] = 0x11,
1126 [IEEE80211_RADIOTAP_CHANNEL] = 0x24,
1127 [IEEE80211_RADIOTAP_FHSS] = 0x22,
1128 [IEEE80211_RADIOTAP_DBM_ANTSIGNAL] = 0x11,
1129 [IEEE80211_RADIOTAP_DBM_ANTNOISE] = 0x11,
1130 [IEEE80211_RADIOTAP_LOCK_QUALITY] = 0x22,
1131 [IEEE80211_RADIOTAP_TX_ATTENUATION] = 0x22,
1132 [IEEE80211_RADIOTAP_DB_TX_ATTENUATION] = 0x22,
1133 [IEEE80211_RADIOTAP_DBM_TX_POWER] = 0x11,
1134 [IEEE80211_RADIOTAP_ANTENNA] = 0x11,
1135 [IEEE80211_RADIOTAP_DB_ANTSIGNAL] = 0x11,
1136 [IEEE80211_RADIOTAP_DB_ANTNOISE] = 0x11,
1137 [IEEE80211_RADIOTAP_TX_FLAGS] = 0x22,
1138 [IEEE80211_RADIOTAP_RX_FLAGS] = 0x22,
1139 [IEEE80211_RADIOTAP_RTS_RETRIES] = 0x11,
1140 [IEEE80211_RADIOTAP_DATA_RETRIES] = 0x11
1142 * add more here as they are defined in
1143 * include/net/ieee80211_radiotap.h
1148 * for every radiotap entry we can at
1149 * least skip (by knowing the length)...
1151 while (iterator->arg_index < sizeof(rt_sizes))
1153 int hit = (0 != (iterator->bitmap_shifter & 1));
1157 unsigned int wanted_alignment;
1158 unsigned int unalignment;
1160 * arg is present, account for alignment padding
1161 * 8-bit args can be at any alignment
1162 * 16-bit args must start on 16-bit boundary
1163 * 32-bit args must start on 32-bit boundary
1164 * 64-bit args must start on 64-bit boundary
1166 * note that total arg size can differ from alignment of
1167 * elements inside arg, so we use upper nybble of length table
1168 * to base alignment on. First, 'wanted_alignment' is set to be
1169 * 1 for 8-bit, 2 for 16-bit, 4 for 32-bit and 8 for 64-bit
1170 * arguments. Then, we calculate the 'unalignment' (how many
1171 * bytes we are over by taking the difference of 'arg' and the
1172 * overall starting point modulo the desired alignment. As
1173 * desired alignments are powers of two, we can do modulo with
1174 * binary "&" (and also avoid the possibility of a division by
1175 * zero if the 'rt_sizes' table contains bogus entries).
1177 * also note: these alignments are relative to the start of the
1178 * radiotap header. There is no guarantee that the radiotap
1179 * header itself is aligned on any kind of boundary, thus we
1180 * need to really look at the delta here.
1182 wanted_alignment = rt_sizes[iterator->arg_index] >> 4;
1183 unalignment = (((void *)iterator->arg) - ((void *)iterator->rtheader)) & (wanted_alignment - 1);
1184 if (0 != unalignment)
1186 /* need padding (by 'wanted_alignment - unalignment') */
1187 iterator->arg_index += wanted_alignment - unalignment;
1191 * this is what we will return to user, but we need to
1192 * move on first so next call has something fresh to test
1194 iterator->this_arg_index = iterator->arg_index;
1195 iterator->this_arg = iterator->arg;
1197 /* internally move on the size of this arg (using lower nybble from
1199 iterator->arg += rt_sizes[iterator->arg_index] & 0x0f;
1202 * check for insanity where we are given a bitmap that
1203 * claims to have more arg content than the length of the
1204 * radiotap section. We will normally end up equalling this
1205 * max_length on the last arg, never exceeding it.
1207 if ((((void *)iterator->arg) - ((void *)iterator->rtheader)) > iterator->max_length)
1211 /* Now, move on to next bit / next entry */
1212 iterator->arg_index++;
1214 if (0 == (iterator->arg_index % 32))
1216 /* completed current uint32_t bitmap */
1217 if (0 != (iterator->bitmap_shifter & 1))
1219 /* bit 31 was set, there is more; move to next uint32_t bitmap */
1220 iterator->bitmap_shifter = GNUNET_le32toh(*iterator->next_bitmap);
1221 iterator->next_bitmap++;
1225 /* no more bitmaps: end (by setting arg_index to high, unsupported value) */
1226 iterator->arg_index = sizeof(rt_sizes);
1231 /* just try the next bit (while loop will move on) */
1232 iterator->bitmap_shifter >>= 1;
1235 /* if we found a valid arg earlier, return it now */
1237 return iterator->this_arg_index;
1240 /* we don't know how to handle any more args (or there are no more),
1241 so we're done (this is not an error) */
1247 * Calculate crc32, the start of the calculation
1249 * @param buf buffer to calc the crc
1250 * @param len len of the buffer
1253 static unsigned long
1254 calc_crc_osdep(const unsigned char *buf, size_t len)
1256 static const unsigned long int crc_tbl_osdep[256] = {
1257 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F,
1258 0xE963A535, 0x9E6495A3,
1259 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988, 0x09B64C2B, 0x7EB17CBD,
1260 0xE7B82D07, 0x90BF1D91,
1261 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, 0x1ADAD47D, 0x6DDDE4EB,
1262 0xF4D4B551, 0x83D385C7,
1263 0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9,
1264 0xFA0F3D63, 0x8D080DF5,
1265 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172, 0x3C03E4D1, 0x4B04D447,
1266 0xD20D85FD, 0xA50AB56B,
1267 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75,
1268 0xDCD60DCF, 0xABD13D59,
1269 0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423,
1270 0xCFBA9599, 0xB8BDA50F,
1271 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, 0x2F6F7C87, 0x58684C11,
1272 0xC1611DAB, 0xB6662D3D,
1273 0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F,
1274 0x9FBFE4A5, 0xE8B8D433,
1275 0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D,
1276 0x91646C97, 0xE6635C01,
1277 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E, 0x6C0695ED, 0x1B01A57B,
1278 0x8208F4C1, 0xF50FC457,
1279 0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49,
1280 0x8CD37CF3, 0xFBD44C65,
1281 0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7,
1282 0xA4D1C46D, 0xD3D6F4FB,
1283 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0, 0x44042D73, 0x33031DE5,
1284 0xAA0A4C5F, 0xDD0D7CC9,
1285 0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3,
1286 0xB966D409, 0xCE61E49F,
1287 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81,
1288 0xB7BD5C3B, 0xC0BA6CAD,
1289 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A, 0xEAD54739, 0x9DD277AF,
1290 0x04DB2615, 0x73DC1683,
1291 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8, 0xE40ECF0B, 0x9309FF9D,
1292 0x0A00AE27, 0x7D079EB1,
1293 0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB,
1294 0x196C3671, 0x6E6B06E7,
1295 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC, 0xF9B9DF6F, 0x8EBEEFF9,
1296 0x17B7BE43, 0x60B08ED5,
1297 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, 0xA6BC5767,
1298 0x3FB506DD, 0x48B2364B,
1299 0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55,
1300 0x316E8EEF, 0x4669BE79,
1301 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, 0xCC0C7795, 0xBB0B4703,
1302 0x220216B9, 0x5505262F,
1303 0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31,
1304 0x2CD99E8B, 0x5BDEAE1D,
1305 0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, 0x9C0906A9, 0xEB0E363F,
1306 0x72076785, 0x05005713,
1307 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38, 0x92D28E9B, 0xE5D5BE0D,
1308 0x7CDCEFB7, 0x0BDBDF21,
1309 0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B,
1310 0x6FB077E1, 0x18B74777,
1311 0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69,
1312 0x616BFFD3, 0x166CCF45,
1313 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2, 0xA7672661, 0xD06016F7,
1314 0x4969474D, 0x3E6E77DB,
1315 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5,
1316 0x47B2CF7F, 0x30B5FFE9,
1317 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, 0xCDD70693,
1318 0x54DE5729, 0x23D967BF,
1319 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94, 0xB40BBE37, 0xC30C8EA1,
1320 0x5A05DF1B, 0x2D02EF8D
1323 unsigned long crc = 0xFFFFFFFF;
1325 for (; len > 0; len--, buf++)
1326 crc = crc_tbl_osdep[(crc ^ *buf) & 0xFF] ^ (crc >> 8);
1332 * Calculate and check crc of the wlan packet
1334 * @param buf buffer of the packet, with len + 4 bytes of data,
1335 * the last 4 bytes being the checksum
1336 * @param len length of the payload in data
1337 * @return 0 on success (checksum matches), 1 on error
1340 check_crc_buf_osdep(const unsigned char *buf, size_t len)
1344 crc = calc_crc_osdep(buf, len);
1346 if (((crc) & 0xFF) == buf[0] && ((crc >> 8) & 0xFF) == buf[1] &&
1347 ((crc >> 16) & 0xFF) == buf[2] && ((crc >> 24) & 0xFF) == buf[3])
1353 /* ************end of code for handling of ARPHRD_IEEE80211_FULL ************** */
1356 /* ************beginning of code for reading packets from kernel ************** */
1359 * Return the channel from the frequency (in Mhz)
1361 * @param frequency of the channel
1362 * @return number of the channel
1365 get_channel_from_frequency(int32_t frequency)
1367 if (frequency >= 2412 && frequency <= 2472)
1368 return (frequency - 2407) / 5;
1369 if (frequency == 2484)
1371 if (frequency >= 5000 && frequency <= 6100)
1372 return (frequency - 5000) / 5;
1378 * Get the channel used by our WLAN interface.
1380 * @param dev pointer to the dev struct of the card
1381 * @return channel number, -1 on error
1384 linux_get_channel(const struct HardwareInfos *dev)
1389 memset(&wrq, 0, sizeof(struct iwreq));
1390 strncpy(wrq.ifr_name, dev->iface, IFNAMSIZ);
1391 if (0 > ioctl(dev->fd_raw, SIOCGIWFREQ, &wrq))
1393 frequency = wrq.u.freq.m; /* 'iw_freq' defines 'm' as '__s32', so we keep it signed */
1394 if (100000000 < frequency)
1395 frequency /= 100000;
1396 else if (1000000 < frequency)
1398 if (1000 < frequency)
1399 return get_channel_from_frequency(frequency);
1405 * Read from the raw socket (the wlan card), parse the packet and
1406 * put the result into the buffer for transmission to 'stdout'.
1408 * @param dev pointer to the struct of the wlan card
1409 * @param buf buffer to read to; first bytes will be the 'struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame',
1410 * followed by the actual payload
1411 * @param buf_size size of the buffer
1412 * @param ri where to write radiotap_rx info
1413 * @return number of bytes written to 'buf'
1416 linux_read(struct HardwareInfos *dev,
1417 unsigned char *buf, size_t buf_size,
1418 struct GNUNET_TRANSPORT_WLAN_RadiotapReceiveMessage *ri)
1420 unsigned char tmpbuf[buf_size];
1425 int got_channel = 0;
1426 int fcs_removed = 0;
1428 caplen = read(dev->fd_raw, tmpbuf, buf_size);
1431 if (EAGAIN == errno)
1433 fprintf(stderr, "Failed to read from RAW socket: %s\n", strerror(errno));
1437 memset(ri, 0, sizeof(*ri));
1438 switch (dev->arptype_in)
1440 case ARPHRD_IEEE80211_PRISM:
1442 const struct PrismHeader *ph;
1444 ph = (const struct PrismHeader*)tmpbuf;
1446 if ((n < 8) || (n >= caplen))
1447 return 0; /* invalid format */
1448 if ((PRISM_MSGCODE_MONITOR == ph->msgcode) &&
1449 (n >= sizeof(struct PrismHeader)))
1453 struct PrismValue pv;
1455 left = n - sizeof(struct PrismHeader);
1456 pos = (const char *)&ph[1];
1457 while (left > sizeof(struct PrismValue))
1459 left -= sizeof(struct PrismValue);
1460 GNUNET_memcpy(&pv, pos, sizeof(struct PrismValue));
1461 pos += sizeof(struct PrismValue);
1465 case PRISM_DID_NOISE:
1466 if (PRISM_STATUS_OK == pv.status)
1468 ri->ri_noise = pv.data;
1469 /* got_noise = 1; */
1473 case PRISM_DID_RATE:
1474 if (PRISM_STATUS_OK == pv.status)
1475 ri->ri_rate = pv.data * 500000;
1478 case PRISM_DID_CHANNEL:
1479 if (PRISM_STATUS_OK == pv.status)
1481 ri->ri_channel = pv.data;
1486 case PRISM_DID_MACTIME:
1487 if (PRISM_STATUS_OK == pv.status)
1488 ri->ri_mactime = pv.data;
1491 case PRISM_DID_SIGNAL:
1492 if (PRISM_STATUS_OK == pv.status)
1494 ri->ri_power = pv.data;
1495 /* got_signal = 1; */
1501 if ((n < 8) || (n >= caplen))
1502 return 0; /* invalid format */
1506 case ARPHRD_IEEE80211_FULL:
1508 struct Ieee80211RadiotapHeaderIterator iterator;
1509 struct Ieee80211RadiotapHeader *rthdr;
1511 memset(&iterator, 0, sizeof(iterator));
1512 rthdr = (struct Ieee80211RadiotapHeader *)tmpbuf;
1513 n = GNUNET_le16toh(rthdr->it_len);
1514 if ((n < sizeof(struct Ieee80211RadiotapHeader)) || (n >= caplen))
1515 return 0; /* invalid 'it_len' */
1516 if (0 != ieee80211_radiotap_iterator_init(&iterator, rthdr, caplen))
1518 /* go through the radiotap arguments we have been given by the driver */
1519 while (0 <= ieee80211_radiotap_iterator_next(&iterator))
1521 switch (iterator.this_arg_index)
1523 case IEEE80211_RADIOTAP_TSFT:
1524 ri->ri_mactime = GNUNET_le64toh(*((uint64_t *)iterator.this_arg));
1527 case IEEE80211_RADIOTAP_DBM_ANTSIGNAL:
1530 ri->ri_power = *((int8_t*)iterator.this_arg);
1535 case IEEE80211_RADIOTAP_DB_ANTSIGNAL:
1538 ri->ri_power = *((int8_t*)iterator.this_arg);
1543 case IEEE80211_RADIOTAP_DBM_ANTNOISE:
1546 ri->ri_noise = *((int8_t*)iterator.this_arg);
1551 case IEEE80211_RADIOTAP_DB_ANTNOISE:
1554 ri->ri_noise = *((int8_t*)iterator.this_arg);
1559 case IEEE80211_RADIOTAP_ANTENNA:
1560 ri->ri_antenna = *iterator.this_arg;
1563 case IEEE80211_RADIOTAP_CHANNEL:
1564 ri->ri_channel = *iterator.this_arg;
1568 case IEEE80211_RADIOTAP_RATE:
1569 ri->ri_rate = (*iterator.this_arg) * 500000;
1572 case IEEE80211_RADIOTAP_FLAGS:
1574 uint8_t flags = *iterator.this_arg;
1575 /* is the CRC visible at the end? if so, remove */
1576 if (0 != (flags & IEEE80211_RADIOTAP_F_FCS))
1579 caplen -= sizeof(uint32_t);
1584 case IEEE80211_RADIOTAP_RX_FLAGS:
1586 uint16_t flags = ntohs(*((uint16_t *)iterator.this_arg));
1587 if (0 != (flags & IEEE80211_RADIOTAP_F_RX_BADFCS))
1591 } /* end of 'switch' */
1592 } /* end of the 'while' loop */
1596 case ARPHRD_IEEE80211:
1597 n = 0; /* no header */
1602 if (sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee8023Frame) > caplen)
1603 return 0; /* invalid */
1604 GNUNET_memcpy(&buf[sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame)],
1605 tmpbuf + sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee8023Frame),
1606 caplen - sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee8023Frame) - 4 /* 4 byte FCS */);
1607 return caplen - sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee8023Frame) - 4;
1611 errno = ENOTSUP; /* unsupported format */
1616 ri->ri_channel = linux_get_channel(dev);
1618 /* detect CRC32 at the end, even if the flag wasn't set and remove it */
1619 if ((0 == fcs_removed) &&
1620 (0 == check_crc_buf_osdep(tmpbuf + n, caplen - sizeof(uint32_t))))
1622 /* NOTE: this heuristic can of course fail if there happens to
1623 be a matching checksum at the end. Would be good to have
1624 some data to see how often this heuristic actually works. */
1625 caplen -= sizeof(uint32_t);
1627 /* copy payload to target buffer */
1628 GNUNET_memcpy(buf, tmpbuf + n, caplen);
1633 /* ************end of code for reading packets from kernel ************** */
1635 /* ************other helper functions for main start here ************** */
1639 * Open the wireless network interface for reading/writing.
1641 * @param dev pointer to the device struct
1642 * @return 0 on success
1645 open_device_raw(struct HardwareInfos *dev)
1649 struct packet_mreq mr;
1650 struct sockaddr_ll sll;
1652 /* find the interface index */
1653 memset(&ifr, 0, sizeof(ifr));
1654 strncpy(ifr.ifr_name, dev->iface, IFNAMSIZ);
1655 if (-1 == ioctl(dev->fd_raw, SIOCGIFINDEX, &ifr))
1657 fprintf(stderr, "ioctl(SIOCGIFINDEX) on interface `%.*s' failed: %s\n",
1658 IFNAMSIZ, dev->iface, strerror(errno));
1662 /* lookup the hardware type */
1663 memset(&sll, 0, sizeof(sll));
1664 sll.sll_family = AF_PACKET;
1665 sll.sll_ifindex = ifr.ifr_ifindex;
1666 sll.sll_protocol = htons(ETH_P_ALL);
1667 if (-1 == ioctl(dev->fd_raw, SIOCGIFHWADDR, &ifr))
1669 fprintf(stderr, "ioctl(SIOCGIFHWADDR) on interface `%.*s' failed: %s\n",
1670 IFNAMSIZ, dev->iface, strerror(errno));
1673 if (((ifr.ifr_hwaddr.sa_family != ARPHRD_IEEE80211) &&
1674 (ifr.ifr_hwaddr.sa_family != ARPHRD_ETHER) &&
1675 (ifr.ifr_hwaddr.sa_family != ARPHRD_IEEE80211_PRISM) &&
1676 (ifr.ifr_hwaddr.sa_family != ARPHRD_IEEE80211_FULL)))
1678 fprintf(stderr, "Error: interface `%.*s' is not using a supported hardware address family (got %d)\n",
1679 IFNAMSIZ, dev->iface,
1680 ifr.ifr_hwaddr.sa_family);
1684 /* lookup iw mode */
1685 memset(&wrq, 0, sizeof(struct iwreq));
1686 strncpy(wrq.ifr_name, dev->iface, IFNAMSIZ);
1687 if (-1 == ioctl(dev->fd_raw, SIOCGIWMODE, &wrq))
1689 /* most probably not supported (ie for rtap ipw interface) *
1690 * so just assume its correctly set... */
1691 wrq.u.mode = IW_MODE_MONITOR;
1694 if ((wrq.u.mode != IW_MODE_MONITOR) &&
1695 (wrq.u.mode != IW_MODE_ADHOC))
1697 fprintf(stderr, "Error: interface `%.*s' is not in monitor or ad-hoc mode (got %d)\n",
1698 IFNAMSIZ, dev->iface,
1703 /* Is interface st to up, broadcast & running ? */
1704 if ((ifr.ifr_flags | IFF_UP | IFF_BROADCAST | IFF_RUNNING) != ifr.ifr_flags)
1706 /* Bring interface up */
1707 ifr.ifr_flags |= IFF_UP | IFF_BROADCAST | IFF_RUNNING;
1709 if (-1 == ioctl(dev->fd_raw, SIOCSIFFLAGS, &ifr))
1711 fprintf(stderr, "ioctl(SIOCSIFFLAGS) on interface `%.*s' failed: %s\n",
1712 IFNAMSIZ, dev->iface, strerror(errno));
1717 /* bind the raw socket to the interface */
1718 if (-1 == bind(dev->fd_raw, (struct sockaddr *)&sll, sizeof(sll)))
1720 fprintf(stderr, "Failed to bind interface `%.*s': %s\n", IFNAMSIZ,
1721 dev->iface, strerror(errno));
1725 /* lookup the hardware type */
1726 if (-1 == ioctl(dev->fd_raw, SIOCGIFHWADDR, &ifr))
1728 fprintf(stderr, "ioctl(SIOCGIFHWADDR) on interface `%.*s' failed: %s\n",
1729 IFNAMSIZ, dev->iface, strerror(errno));
1733 GNUNET_memcpy(&dev->pl_mac, ifr.ifr_hwaddr.sa_data, MAC_ADDR_SIZE);
1734 dev->arptype_in = ifr.ifr_hwaddr.sa_family;
1735 if ((ifr.ifr_hwaddr.sa_family != ARPHRD_ETHER) &&
1736 (ifr.ifr_hwaddr.sa_family != ARPHRD_IEEE80211) &&
1737 (ifr.ifr_hwaddr.sa_family != ARPHRD_IEEE80211_PRISM) &&
1738 (ifr.ifr_hwaddr.sa_family != ARPHRD_IEEE80211_FULL))
1740 fprintf(stderr, "Unsupported hardware link type %d on interface `%.*s'\n",
1741 ifr.ifr_hwaddr.sa_family, IFNAMSIZ, dev->iface);
1745 /* enable promiscuous mode */
1746 memset(&mr, 0, sizeof(mr));
1747 mr.mr_ifindex = sll.sll_ifindex;
1748 mr.mr_type = PACKET_MR_PROMISC;
1750 setsockopt(dev->fd_raw, SOL_PACKET, PACKET_ADD_MEMBERSHIP, &mr,
1754 "Failed to enable promiscuous mode on interface `%.*s'\n",
1764 * Test if the given interface name really corresponds to a wireless
1767 * @param iface name of the interface
1768 * @return 0 on success, 1 on error
1771 test_wlan_interface(const char *iface)
1777 ret = snprintf(strbuf, sizeof(strbuf),
1778 "/sys/class/net/%s/phy80211/subsystem",
1780 if ((ret < 0) || (ret >= sizeof(strbuf)) || (0 != stat(strbuf, &sbuf)))
1783 "Did not find 802.11 interface `%s'. Exiting.\n",
1792 * Test incoming packets mac for being our own.
1794 * @param taIeeeHeader buffer of the packet
1795 * @param dev the Hardware_Infos struct
1796 * @return 0 if mac belongs to us, 1 if mac is for another target
1799 mac_test(const struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame *taIeeeHeader,
1800 const struct HardwareInfos *dev)
1802 static struct GNUNET_TRANSPORT_WLAN_MacAddress all_zeros;
1804 if ((0 == memcmp(&taIeeeHeader->addr3, &all_zeros, MAC_ADDR_SIZE)) ||
1805 (0 == memcmp(&taIeeeHeader->addr1, &all_zeros, MAC_ADDR_SIZE)))
1806 return 0; /* some drivers set no Macs, then assume it is all for us! */
1808 if (0 != memcmp(&taIeeeHeader->addr3, &mac_bssid_gnunet, MAC_ADDR_SIZE))
1809 return 1; /* not a GNUnet ad-hoc package */
1810 if ((0 == memcmp(&taIeeeHeader->addr1, &dev->pl_mac, MAC_ADDR_SIZE)) ||
1811 (0 == memcmp(&taIeeeHeader->addr1, &bc_all_mac, MAC_ADDR_SIZE)))
1812 return 0; /* for us, or broadcast */
1813 return 1; /* not for us */
1818 * Set the wlan header to sane values to make attacks more difficult
1820 * @param taIeeeHeader pointer to the header of the packet
1821 * @param dev pointer to the Hardware_Infos struct
1824 mac_set(struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame *taIeeeHeader,
1825 const struct HardwareInfos *dev)
1827 taIeeeHeader->frame_control = htons(IEEE80211_FC0_TYPE_DATA);
1828 taIeeeHeader->addr2 = dev->pl_mac;
1829 taIeeeHeader->addr3 = mac_bssid_gnunet;
1834 * Process data from the stdin. Takes the message, prepends the
1835 * radiotap transmission header, forces the sender MAC to be correct
1836 * and puts it into our buffer for transmission to the kernel.
1838 * @param cls pointer to the device struct ('struct HardwareInfos*')
1839 * @param hdr pointer to the start of the packet
1842 stdin_send_hw(void *cls, const struct GNUNET_MessageHeader *hdr)
1844 struct HardwareInfos *dev = cls;
1845 const struct GNUNET_TRANSPORT_WLAN_RadiotapSendMessage *header;
1846 struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame *wlanheader;
1848 struct RadiotapTransmissionHeader rtheader;
1849 struct GNUNET_TRANSPORT_WLAN_Ieee8023Frame etheader;
1851 sendsize = ntohs(hdr->size);
1853 sizeof(struct GNUNET_TRANSPORT_WLAN_RadiotapSendMessage)) ||
1854 (GNUNET_MESSAGE_TYPE_WLAN_DATA_TO_HELPER != ntohs(hdr->type)))
1856 fprintf(stderr, "Received malformed message\n");
1859 sendsize -= (sizeof(struct GNUNET_TRANSPORT_WLAN_RadiotapSendMessage) - sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame));
1860 if (MAXLINE < sendsize)
1862 fprintf(stderr, "Packet too big for buffer\n");
1865 header = (const struct GNUNET_TRANSPORT_WLAN_RadiotapSendMessage *)hdr;
1866 switch (dev->arptype_in)
1868 case ARPHRD_IEEE80211_PRISM:
1869 case ARPHRD_IEEE80211_FULL:
1870 case ARPHRD_IEEE80211:
1871 rtheader.header.it_version = 0;
1872 rtheader.header.it_pad = 0;
1873 rtheader.header.it_len = GNUNET_htole16(sizeof(rtheader));
1874 rtheader.header.it_present = GNUNET_htole16(IEEE80211_RADIOTAP_OUR_TRANSMISSION_HEADER_MASK);
1875 rtheader.rate = header->rate;
1877 rtheader.txflags = GNUNET_htole16(IEEE80211_RADIOTAP_F_TX_NOACK | IEEE80211_RADIOTAP_F_TX_NOSEQ);
1878 GNUNET_memcpy(write_pout.buf, &rtheader, sizeof(rtheader));
1879 GNUNET_memcpy(&write_pout.buf[sizeof(rtheader)], &header->frame, sendsize);
1880 wlanheader = (struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame *)&write_pout.buf[sizeof(rtheader)];
1882 /* payload contains MAC address, but we don't trust it, so we'll
1883 * overwrite it with OUR MAC address to prevent mischief */
1884 mac_set(wlanheader, dev);
1885 write_pout.size = sendsize + sizeof(rtheader);
1889 etheader.dst = header->frame.addr1;
1890 /* etheader.src = header->frame.addr2; --- untrusted input */
1891 etheader.src = dev->pl_mac;
1892 etheader.type = htons(ETH_P_IP);
1893 GNUNET_memcpy(write_pout.buf, ðeader, sizeof(etheader));
1894 GNUNET_memcpy(&write_pout.buf[sizeof(etheader)], &header[1], sendsize - sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame));
1895 write_pout.size = sendsize - sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame) + sizeof(etheader);
1900 "Unsupported ARPTYPE!\n");
1907 * Main function of the helper. This code accesses a WLAN interface
1908 * in monitoring mode (layer 2) and then forwards traffic in both
1909 * directions between the WLAN interface and stdin/stdout of this
1910 * process. Error messages are written to stdout.
1912 * @param argc number of arguments, must be 2
1913 * @param argv arguments only argument is the name of the interface (i.e. 'mon0')
1914 * @return 0 on success (never happens, as we don't return unless aborted), 1 on error
1917 main(int argc, char *argv[])
1919 struct HardwareInfos dev;
1920 char readbuf[MAXLINE];
1925 struct MessageStreamTokenizer *stdin_mst;
1928 /* assert privs so we can modify the firewall rules! */
1930 #ifdef HAVE_SETRESUID
1931 uid_t uid = getuid();
1933 if (0 != setresuid(uid, 0, 0))
1936 "Failed to setresuid to root: %s\n",
1941 if (0 != seteuid(0))
1944 "Failed to seteuid back to root: %s\n", strerror(errno));
1950 /* make use of SGID capabilities on POSIX */
1951 memset(&dev, 0, sizeof(dev));
1952 dev.fd_raw = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
1953 raw_eno = errno; /* remember for later */
1955 /* now that we've dropped root rights, we can do error checking */
1959 "You must specify the name of the interface as the first and only argument to this program.\n");
1960 if (-1 != dev.fd_raw)
1961 (void)close(dev.fd_raw);
1965 if (-1 == dev.fd_raw)
1967 fprintf(stderr, "Failed to create raw socket: %s\n", strerror(raw_eno));
1970 if (dev.fd_raw >= FD_SETSIZE)
1972 fprintf(stderr, "File descriptor too large for select (%d > %d)\n",
1973 dev.fd_raw, FD_SETSIZE);
1974 (void)close(dev.fd_raw);
1977 if (0 != test_wlan_interface(argv[1]))
1979 (void)close(dev.fd_raw);
1982 strncpy(dev.iface, argv[1], IFNAMSIZ);
1983 if (0 != open_device_raw(&dev))
1985 (void)close(dev.fd_raw);
1991 uid_t uid = getuid();
1992 #ifdef HAVE_SETRESUID
1993 if (0 != setresuid(uid, uid, uid))
1995 fprintf(stderr, "Failed to setresuid: %s\n", strerror(errno));
1996 if (-1 != dev.fd_raw)
1997 (void)close(dev.fd_raw);
2001 if (0 != (setuid(uid) | seteuid(uid)))
2003 fprintf(stderr, "Failed to setuid: %s\n", strerror(errno));
2004 if (-1 != dev.fd_raw)
2005 (void)close(dev.fd_raw);
2012 /* send MAC address of the WLAN interface to STDOUT first */
2014 struct GNUNET_TRANSPORT_WLAN_HelperControlMessage macmsg;
2016 macmsg.hdr.size = htons(sizeof(macmsg));
2017 macmsg.hdr.type = htons(GNUNET_MESSAGE_TYPE_WLAN_HELPER_CONTROL);
2018 GNUNET_memcpy(&macmsg.mac, &dev.pl_mac, sizeof(struct GNUNET_TRANSPORT_WLAN_MacAddress));
2019 GNUNET_memcpy(write_std.buf, &macmsg, sizeof(macmsg));
2020 write_std.size = sizeof(macmsg);
2023 stdin_mst = mst_create(&stdin_send_hw, &dev);
2029 if ((0 == write_pout.size) && (1 == stdin_open))
2031 FD_SET(STDIN_FILENO, &rfds);
2032 maxfd = MAX(maxfd, STDIN_FILENO);
2034 if (0 == write_std.size)
2036 FD_SET(dev.fd_raw, &rfds);
2037 maxfd = MAX(maxfd, dev.fd_raw);
2040 if (0 < write_std.size)
2042 FD_SET(STDOUT_FILENO, &wfds);
2043 maxfd = MAX(maxfd, STDOUT_FILENO);
2045 if (0 < write_pout.size)
2047 FD_SET(dev.fd_raw, &wfds);
2048 maxfd = MAX(maxfd, dev.fd_raw);
2051 int retval = select(maxfd + 1, &rfds, &wfds, NULL, NULL);
2052 if ((-1 == retval) && (EINTR == errno))
2056 fprintf(stderr, "select failed: %s\n", strerror(errno));
2060 if (FD_ISSET(STDOUT_FILENO, &wfds))
2063 write(STDOUT_FILENO, write_std.buf + write_std.pos,
2064 write_std.size - write_std.pos);
2067 fprintf(stderr, "Failed to write to STDOUT: %s\n", strerror(errno));
2070 write_std.pos += ret;
2071 if (write_std.pos == write_std.size)
2077 if (FD_ISSET(dev.fd_raw, &wfds))
2080 write(dev.fd_raw, write_pout.buf + write_pout.pos,
2081 write_pout.size - write_pout.pos);
2084 fprintf(stderr, "Failed to write to WLAN device: %s\n",
2088 write_pout.pos += ret;
2089 if ((write_pout.pos != write_pout.size) && (0 != ret))
2091 /* we should not get partial sends with packet-oriented devices... */
2092 fprintf(stderr, "Write error, partial send: %u/%u\n",
2093 (unsigned int)write_pout.pos,
2094 (unsigned int)write_pout.size);
2097 if (write_pout.pos == write_pout.size)
2100 write_pout.size = 0;
2104 if (FD_ISSET(STDIN_FILENO, &rfds))
2107 read(STDIN_FILENO, readbuf, sizeof(readbuf));
2110 fprintf(stderr, "Read error from STDIN: %s\n", strerror(errno));
2115 /* stop reading... */
2118 mst_receive(stdin_mst, readbuf, ret);
2121 if (FD_ISSET(dev.fd_raw, &rfds))
2123 struct GNUNET_TRANSPORT_WLAN_RadiotapReceiveMessage *rrm;
2126 rrm = (struct GNUNET_TRANSPORT_WLAN_RadiotapReceiveMessage *)write_std.buf;
2128 linux_read(&dev, (unsigned char *)&rrm->frame,
2129 sizeof(write_std.buf)
2130 - sizeof(struct GNUNET_TRANSPORT_WLAN_RadiotapReceiveMessage)
2131 + sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame),
2135 fprintf(stderr, "Read error from raw socket: %s\n", strerror(errno));
2138 if ((0 < ret) && (0 == mac_test(&rrm->frame, &dev)))
2140 write_std.size = ret
2141 + sizeof(struct GNUNET_TRANSPORT_WLAN_RadiotapReceiveMessage)
2142 - sizeof(struct GNUNET_TRANSPORT_WLAN_Ieee80211Frame);
2143 rrm->header.size = htons(write_std.size);
2144 rrm->header.type = htons(GNUNET_MESSAGE_TYPE_WLAN_DATA_FROM_HELPER);
2148 /* Error handling, try to clean up a bit at least */
2149 mst_destroy(stdin_mst);
2150 (void)close(dev.fd_raw);
2151 return 1; /* we never exit 'normally' */
2154 /* end of gnunet-helper-transport-wlan.c */