projects / openwrt / svn-archive / archive.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
iwinfo: fix crash on parsing mtd (#15807)
[openwrt/svn-archive/archive.git] / package / network / utils / iwinfo / src / iwinfo_utils.c
1 /*
2 * iwinfo - Wireless Information Library - Shared utility routines
3 *
4 * Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
5 *
6 * The iwinfo library is free software: you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License version 2
8 * as published by the Free Software Foundation.
9 *
10 * The iwinfo library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13 * See the GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with the iwinfo library. If not, see http://www.gnu.org/licenses/.
17 *
18 * The signal handling code is derived from the official madwifi tools,
19 * wlanconfig.c in particular. The encryption property handling was
20 * inspired by the hostapd madwifi driver.
21 */
22
23 #include "iwinfo/utils.h"
24
25
26 static int ioctl_socket = -1;
27
28 static int iwinfo_ioctl_socket(void)
29 {
30 /* Prepare socket */
31 if (ioctl_socket == -1)
32 {
33 ioctl_socket = socket(AF_INET, SOCK_DGRAM, 0);
34 fcntl(ioctl_socket, F_SETFD, fcntl(ioctl_socket, F_GETFD) | FD_CLOEXEC);
35 }
36
37 return ioctl_socket;
38 }
39
40 int iwinfo_ioctl(int cmd, void *ifr)
41 {
42 int s = iwinfo_ioctl_socket();
43 return ioctl(s, cmd, ifr);
44 }
45
46 int iwinfo_dbm2mw(int in)
47 {
48 double res = 1.0;
49 int ip = in / 10;
50 int fp = in % 10;
51 int k;
52
53 for(k = 0; k < ip; k++) res *= 10;
54 for(k = 0; k < fp; k++) res *= LOG10_MAGIC;
55
56 return (int)res;
57 }
58
59 int iwinfo_mw2dbm(int in)
60 {
61 double fin = (double) in;
62 int res = 0;
63
64 while(fin > 10.0)
65 {
66 res += 10;
67 fin /= 10.0;
68 }
69
70 while(fin > 1.000001)
71 {
72 res += 1;
73 fin /= LOG10_MAGIC;
74 }
75
76 return (int)res;
77 }
78
79 int iwinfo_ifup(const char *ifname)
80 {
81 struct ifreq ifr;
82
83 strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
84
85 if (iwinfo_ioctl(SIOCGIFFLAGS, &ifr))
86 return 0;
87
88 ifr.ifr_flags |= (IFF_UP | IFF_RUNNING);
89
90 return !iwinfo_ioctl(SIOCSIFFLAGS, &ifr);
91 }
92
93 int iwinfo_ifdown(const char *ifname)
94 {
95 struct ifreq ifr;
96
97 strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
98
99 if (iwinfo_ioctl(SIOCGIFFLAGS, &ifr))
100 return 0;
101
102 ifr.ifr_flags &= ~(IFF_UP | IFF_RUNNING);
103
104 return !iwinfo_ioctl(SIOCSIFFLAGS, &ifr);
105 }
106
107 int iwinfo_ifmac(const char *ifname)
108 {
109 struct ifreq ifr;
110
111 strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
112
113 if (iwinfo_ioctl(SIOCGIFHWADDR, &ifr))
114 return 0;
115
116 ifr.ifr_hwaddr.sa_data[1]++;
117 ifr.ifr_hwaddr.sa_data[2]++;
118
119 return !iwinfo_ioctl(SIOCSIFHWADDR, &ifr);
120 }
121
122 void iwinfo_close(void)
123 {
124 if (ioctl_socket > -1)
125 close(ioctl_socket);
126
127 ioctl_socket = -1;
128 }
129
130 struct iwinfo_hardware_entry * iwinfo_hardware(struct iwinfo_hardware_id *id)
131 {
132 FILE *db;
133 char buf[256] = { 0 };
134 static struct iwinfo_hardware_entry e, *rv = NULL;
135
136 if (!(db = fopen(IWINFO_HARDWARE_FILE, "r")))
137 return NULL;
138
139 while (fgets(buf, sizeof(buf) - 1, db) != NULL)
140 {
141 memset(&e, 0, sizeof(e));
142
143 if (sscanf(buf, "%hx %hx %hx %hx %hd %hd \"%63[^\"]\" \"%63[^\"]\"",
144 &e.vendor_id, &e.device_id,
145 &e.subsystem_vendor_id, &e.subsystem_device_id,
146 &e.txpower_offset, &e.frequency_offset,
147 e.vendor_name, e.device_name) < 8)
148 continue;
149
150 if ((e.vendor_id != 0xffff) && (e.vendor_id != id->vendor_id))
151 continue;
152
153 if ((e.device_id != 0xffff) && (e.device_id != id->device_id))
154 continue;
155
156 if ((e.subsystem_vendor_id != 0xffff) &&
157 (e.subsystem_vendor_id != id->subsystem_vendor_id))
158 continue;
159
160 if ((e.subsystem_device_id != 0xffff) &&
161 (e.subsystem_device_id != id->subsystem_device_id))
162 continue;
163
164 rv = &e;
165 break;
166 }
167
168 fclose(db);
169 return rv;
170 }
171
172 int iwinfo_hardware_id_from_mtd(struct iwinfo_hardware_id *id)
173 {
174 FILE *mtd;
175 uint16_t *bc;
176
177 int fd, len, off;
178 char buf[128];
179
180 if (!(mtd = fopen("/proc/mtd", "r")))
181 return -1;
182
183 while (fgets(buf, sizeof(buf), mtd) > 0)
184 {
185 if (fscanf(mtd, "mtd%d: %x %*x %127s", &off, &len, buf) < 3 ||
186 (strcmp(buf, "\"boardconfig\"") && strcmp(buf, "\"EEPROM\"") &&
187 strcmp(buf, "\"factory\"")))
188 {
189 off = -1;
190 continue;
191 }
192
193 break;
194 }
195
196 fclose(mtd);
197
198 if (off < 0)
199 return -1;
200
201 snprintf(buf, sizeof(buf), "/dev/mtdblock%d", off);
202
203 if ((fd = open(buf, O_RDONLY)) < 0)
204 return -1;
205
206 bc = mmap(NULL, len, PROT_READ, MAP_PRIVATE|MAP_LOCKED, fd, 0);
207
208 if ((void *)bc != MAP_FAILED)
209 {
210 id->vendor_id = 0;
211 id->device_id = 0;
212
213 for (off = len / 2 - 0x800; off >= 0; off -= 0x800)
214 {
215 /* AR531X board data magic */
216 if ((bc[off] == 0x3533) && (bc[off + 1] == 0x3131))
217 {
218 id->vendor_id = bc[off + 0x7d];
219 id->device_id = bc[off + 0x7c];
220 id->subsystem_vendor_id = bc[off + 0x84];
221 id->subsystem_device_id = bc[off + 0x83];
222 break;
223 }
224
225 /* AR5416 EEPROM magic */
226 else if ((bc[off] == 0xA55A) || (bc[off] == 0x5AA5))
227 {
228 id->vendor_id = bc[off + 0x0D];
229 id->device_id = bc[off + 0x0E];
230 id->subsystem_vendor_id = bc[off + 0x13];
231 id->subsystem_device_id = bc[off + 0x14];
232 break;
233 }
234
235 /* Rt3xxx SoC */
236 else if ((bc[off] == 0x3352) || (bc[off] == 0x5233) ||
237 (bc[off] == 0x3350) || (bc[off] == 0x5033) ||
238 (bc[off] == 0x3050) || (bc[off] == 0x5030) ||
239 (bc[off] == 0x3052) || (bc[off] == 0x5230))
240 {
241 /* vendor: RaLink */
242 id->vendor_id = 0x1814;
243 id->subsystem_vendor_id = 0x1814;
244
245 /* device */
246 if (bc[off] & 0xf0 == 0x30)
247 id->device_id = (bc[off] >> 8) | (bc[off] & 0x00ff) << 8;
248 else
249 id->device_id = bc[off];
250
251 /* subsystem from EEPROM_NIC_CONF0_RF_TYPE */
252 id->subsystem_device_id = (bc[off + 0x1a] & 0x0f00) >> 8;
253 }
254 }
255
256 munmap(bc, len);
257 }
258
259 close(fd);
260
261 return (id->vendor_id && id->device_id) ? 0 : -1;
262 }
263
264 void iwinfo_parse_rsn(struct iwinfo_crypto_entry *c, uint8_t *data, uint8_t len,
265 uint8_t defcipher, uint8_t defauth)
266 {
267 uint16_t i, count;
268
269 static unsigned char ms_oui[3] = { 0x00, 0x50, 0xf2 };
270 static unsigned char ieee80211_oui[3] = { 0x00, 0x0f, 0xac };
271
272 data += 2;
273 len -= 2;
274
275 if (!memcmp(data, ms_oui, 3))
276 c->wpa_version += 1;
277 else if (!memcmp(data, ieee80211_oui, 3))
278 c->wpa_version += 2;
279
280 if (len < 4)
281 {
282 c->group_ciphers |= defcipher;
283 c->pair_ciphers |= defcipher;
284 c->auth_suites |= defauth;
285 return;
286 }
287
288 if (!memcmp(data, ms_oui, 3) || !memcmp(data, ieee80211_oui, 3))
289 {
290 switch (data[3])
291 {
292 case 1: c->group_ciphers |= IWINFO_CIPHER_WEP40; break;
293 case 2: c->group_ciphers |= IWINFO_CIPHER_TKIP; break;
294 case 4: c->group_ciphers |= IWINFO_CIPHER_CCMP; break;
295 case 5: c->group_ciphers |= IWINFO_CIPHER_WEP104; break;
296 case 6: /* AES-128-CMAC */ break;
297 default: /* proprietary */ break;
298 }
299 }
300
301 data += 4;
302 len -= 4;
303
304 if (len < 2)
305 {
306 c->pair_ciphers |= defcipher;
307 c->auth_suites |= defauth;
308 return;
309 }
310
311 count = data[0] | (data[1] << 8);
312 if (2 + (count * 4) > len)
313 return;
314
315 for (i = 0; i < count; i++)
316 {
317 if (!memcmp(data + 2 + (i * 4), ms_oui, 3) ||
318 !memcmp(data + 2 + (i * 4), ieee80211_oui, 3))
319 {
320 switch (data[2 + (i * 4) + 3])
321 {
322 case 1: c->pair_ciphers |= IWINFO_CIPHER_WEP40; break;
323 case 2: c->pair_ciphers |= IWINFO_CIPHER_TKIP; break;
324 case 4: c->pair_ciphers |= IWINFO_CIPHER_CCMP; break;
325 case 5: c->pair_ciphers |= IWINFO_CIPHER_WEP104; break;
326 case 6: /* AES-128-CMAC */ break;
327 default: /* proprietary */ break;
328 }
329 }
330 }
331
332 data += 2 + (count * 4);
333 len -= 2 + (count * 4);
334
335 if (len < 2)
336 {
337 c->auth_suites |= defauth;
338 return;
339 }
340
341 count = data[0] | (data[1] << 8);
342 if (2 + (count * 4) > len)
343 return;
344
345 for (i = 0; i < count; i++)
346 {
347 if (!memcmp(data + 2 + (i * 4), ms_oui, 3) ||
348 !memcmp(data + 2 + (i * 4), ieee80211_oui, 3))
349 {
350 switch (data[2 + (i * 4) + 3])
351 {
352 case 1: c->auth_suites |= IWINFO_KMGMT_8021x; break;
353 case 2: c->auth_suites |= IWINFO_KMGMT_PSK; break;
354 case 3: /* FT/IEEE 802.1X */ break;
355 case 4: /* FT/PSK */ break;
356 case 5: /* IEEE 802.1X/SHA-256 */ break;
357 case 6: /* PSK/SHA-256 */ break;
358 default: /* proprietary */ break;
359 }
360 }
361 }
362
363 data += 2 + (count * 4);
364 len -= 2 + (count * 4);
365 }
OpenWrt SVN history