"Fossies" - the Fresh Open Source Software Archive

Member "argus-3.0.8.2/argus/Argus802.11.c" (14 Apr 2015, 9801 Bytes) of package /linux/misc/argus-3.0.8.2.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "Argus802.11.c": 3.0.8_vs_3.0.8.1.

    1 /*
    2  * Argus Software.  Argus files - Arp Procession
    3  * Copyright (c) 2000-2015 QoSient, LLC
    4  * All rights reserved.
    5  *
    6  * This program is free software; you can redistribute it and/or modify
    7  * it under the terms of the GNU General Public License as published by
    8  * the Free Software Foundation; either version 2, or (at your option)
    9  * any later version.
   10  
   11  * This program is distributed in the hope that it will be useful,
   12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   14  * GNU General Public License for more details.
   15 
   16  * You should have received a copy of the GNU General Public License
   17  * along with this program; if not, write to the Free Software
   18  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
   19  *
   20  */
   21 
   22 /* 
   23  * $Id: //depot/argus/argus/argus/Argus802.11.c#10 $
   24  * $DateTime: 2015/04/06 10:38:44 $
   25  * $Change: 2973 $
   26  */
   27 
   28 #ifdef HAVE_CONFIG_H
   29 #include "argus_config.h"
   30 #endif
   31 
   32 #if !defined(Argus80211)
   33 #define Argus80211
   34 #endif
   35 
   36 #include <stdio.h>
   37 #include <argus_compat.h>
   38 #include <ArgusModeler.h>
   39 #include <argus/ieee802_11.h>
   40 
   41 #include <string.h>
   42 #include <errno.h>
   43 
   44 static void ArgusParse80211MgmtBody(struct mgmt_body_t *, const u_char *, int);
   45 int ArgusExtract802_11HeaderLength(u_int16_t);
   46 
   47 
   48 #if !defined(ETH_ALEN)
   49 #define ETH_ALEN   6
   50 #endif
   51 
   52 struct ArgusSystemFlow *
   53 ArgusCreate80211Flow (struct ArgusModelerStruct *model, void *ptr) 
   54 {
   55    struct ArgusSystemFlow *retn = NULL;
   56    struct mgmt_body_t pbody;
   57    const struct mgmt_header_t *hp = (const struct mgmt_header_t *) ptr;
   58 
   59    u_int16_t fc = EXTRACT_LE_16BITS(ptr);
   60    int hdrlen = ArgusExtract802_11HeaderLength(fc);
   61 
   62    u_char *p = (u_char *) ptr + hdrlen;
   63 
   64    bzero(&pbody, sizeof(pbody));
   65 
   66    switch (FC_TYPE(fc)) {
   67       case T_MGMT: {
   68          int offset = 0;
   69 
   70          switch (FC_SUBTYPE(fc)) {
   71             case ST_ASSOC_REQUEST:
   72             case ST_REASSOC_REQUEST:
   73                pbody.capability_info = EXTRACT_LE_16BITS(p);
   74                offset += IEEE802_11_CAPINFO_LEN;
   75                pbody.listen_interval = EXTRACT_LE_16BITS(p+offset);
   76                offset += IEEE802_11_LISTENINT_LEN;
   77                ArgusParse80211MgmtBody(&pbody, p, offset);
   78                break;
   79 
   80             case ST_ASSOC_RESPONSE:
   81             case ST_REASSOC_RESPONSE:
   82                pbody.capability_info = EXTRACT_LE_16BITS(p);
   83                offset += IEEE802_11_CAPINFO_LEN;
   84                pbody.status_code = EXTRACT_LE_16BITS(p+offset);
   85                offset += IEEE802_11_STATUS_LEN;
   86                pbody.aid = EXTRACT_LE_16BITS(p+offset);
   87                offset += IEEE802_11_AID_LEN;
   88                ArgusParse80211MgmtBody(&pbody, p, offset);
   89                break;
   90 
   91             case ST_PROBE_REQUEST:
   92                ArgusParse80211MgmtBody(&pbody, p, offset);
   93                break;
   94 
   95             case ST_PROBE_RESPONSE:
   96             case ST_BEACON: {
   97                memcpy(&pbody.timestamp, p, IEEE802_11_TSTAMP_LEN);
   98                offset += IEEE802_11_TSTAMP_LEN;
   99                pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset);
  100                offset += IEEE802_11_BCNINT_LEN;
  101                pbody.capability_info = EXTRACT_LE_16BITS(p+offset);
  102                offset += IEEE802_11_CAPINFO_LEN;
  103                ArgusParse80211MgmtBody(&pbody, p, offset);
  104                break;
  105             }
  106 
  107             case ST_ATIM:
  108                break;
  109             case ST_DISASSOC:
  110                break;
  111 
  112             case ST_AUTH:
  113             case ST_DEAUTH:
  114                break;
  115          }
  116          break;
  117       }
  118 
  119       case T_CTRL: {
  120          switch (FC_SUBTYPE(fc)) {
  121             case CTRL_PS_POLL:
  122                break;
  123             case CTRL_RTS:
  124                break;
  125             case CTRL_CTS:
  126                break;
  127             case CTRL_ACK:
  128                break;
  129             case CTRL_CF_END:
  130                break;
  131             case CTRL_END_ACK:
  132                break;
  133             default:
  134                break;
  135          }
  136          break;
  137       }
  138 
  139       case T_DATA: {
  140          if (FC_WEP(fc)) {
  141          } else {
  142          }
  143          break;
  144       }
  145    }
  146 
  147    if (STRUCTCAPTURED(model, *(char *)ptr)) {
  148       retn = model->ArgusThisFlow;
  149       retn->hdr.type              = ARGUS_FLOW_DSR;
  150       retn->hdr.subtype           = ARGUS_FLOW_CLASSIC5TUPLE;
  151       retn->hdr.argus_dsrvl8.qual = ARGUS_TYPE_WLAN;
  152       retn->hdr.argus_dsrvl8.len  = (sizeof(struct ArgusWlanFlow) + 3)/4 + 1;
  153 
  154       bcopy ((char *)&hp->da,    (char *)&model->ArgusThisFlow->wlan_flow.dhost, ETH_ALEN);
  155       bcopy ((char *)&hp->sa,    (char *)&model->ArgusThisFlow->wlan_flow.shost, ETH_ALEN);
  156       bcopy ((char *)&hp->bssid, (char *)&model->ArgusThisFlow->wlan_flow.bssid, ETH_ALEN);
  157 
  158       switch (FC_TYPE(fc)) {
  159          case T_MGMT: {
  160             switch (FC_SUBTYPE(fc)) {
  161                case ST_ASSOC_REQUEST:
  162                case ST_ASSOC_RESPONSE:
  163                case ST_REASSOC_REQUEST:
  164                case ST_REASSOC_RESPONSE:
  165                case ST_PROBE_REQUEST:
  166                case ST_PROBE_RESPONSE:
  167                case ST_BEACON: {
  168                   if (pbody.ssid_status == PRESENT) {
  169                      bcopy((char *)pbody.ssid.ssid, model->ArgusThisFlow->wlan_flow.ssid, pbody.ssid.length);
  170                   }
  171                   break;
  172                }
  173             }
  174             break;
  175          }
  176       }
  177    }
  178 
  179 #ifdef ARGUSDEBUG
  180    ArgusDebug (8, "ArgusCreate80211Flow (0x%x, 0x%x) returning %d\n", model, ptr, retn);
  181 #endif
  182    return (retn);
  183 }
  184 
  185 
  186 int
  187 ArgusExtract802_11HeaderLength(u_int16_t fc)
  188 {
  189    switch (FC_TYPE(fc)) {
  190       case T_MGMT:
  191          return MGMT_HDRLEN;
  192       case T_CTRL:
  193          switch (FC_SUBTYPE(fc)) {
  194             case CTRL_PS_POLL:
  195                return CTRL_PS_POLL_HDRLEN;
  196             case CTRL_RTS:
  197                return CTRL_RTS_HDRLEN;
  198             case CTRL_CTS:
  199                return CTRL_CTS_HDRLEN;
  200             case CTRL_ACK:
  201                return CTRL_ACK_HDRLEN;
  202             case CTRL_CF_END:
  203                return CTRL_END_HDRLEN;
  204             case CTRL_END_ACK:
  205                return CTRL_END_ACK_HDRLEN;
  206             default:
  207                return 0;
  208          }
  209       case T_DATA: {
  210          int len = (FC_TO_DS(fc) && FC_FROM_DS(fc)) ? 30 : 24;
  211          if (DATA_FRAME_IS_QOS(FC_SUBTYPE(fc)))
  212             len += 2;
  213          return len;
  214       }
  215       default:
  216          return 0;
  217    }
  218 }
  219 
  220 static void
  221 ArgusParse80211MgmtBody(struct mgmt_body_t *pbody, const u_char *p, int offset)
  222 {
  223    /*
  224     * We haven't seen any elements yet.
  225     */
  226    pbody->challenge_status = NOT_PRESENT;
  227    pbody->ssid_status = NOT_PRESENT;
  228    pbody->rates_status = NOT_PRESENT;
  229    pbody->ds_status = NOT_PRESENT;
  230    pbody->cf_status = NOT_PRESENT;
  231    pbody->tim_status = NOT_PRESENT;
  232 
  233    for (;;) {
  234       switch (*(p + offset)) {
  235       case E_SSID:
  236          /* Present, possibly truncated */
  237          pbody->ssid_status = TRUNCATED;
  238          memcpy(&pbody->ssid, p + offset, 2);
  239          offset += 2;
  240          if (pbody->ssid.length != 0) {
  241             if (pbody->ssid.length >
  242                 sizeof(pbody->ssid.ssid) - 1)
  243                return;
  244             memcpy(&pbody->ssid.ssid, p + offset,
  245                 pbody->ssid.length);
  246             offset += pbody->ssid.length;
  247          }
  248          pbody->ssid.ssid[pbody->ssid.length] = '\0';
  249          /* Present and not truncated */
  250          pbody->ssid_status = PRESENT;
  251          break;
  252       case E_CHALLENGE:
  253          /* Present, possibly truncated */
  254          pbody->challenge_status = TRUNCATED;
  255          memcpy(&pbody->challenge, p + offset, 2);
  256          offset += 2;
  257          if (pbody->challenge.length != 0) {
  258             if (pbody->challenge.length >
  259                 sizeof(pbody->challenge.text) - 1)
  260                return;
  261             memcpy(&pbody->challenge.text, p + offset,
  262                 pbody->challenge.length);
  263             offset += pbody->challenge.length;
  264          }
  265          pbody->challenge.text[pbody->challenge.length] = '\0';
  266          /* Present and not truncated */
  267          pbody->challenge_status = PRESENT;
  268          break;
  269       case E_RATES:
  270          /* Present, possibly truncated */
  271          pbody->rates_status = TRUNCATED;
  272          memcpy(&(pbody->rates), p + offset, 2);
  273          offset += 2;
  274          if (pbody->rates.length != 0) {
  275             if (pbody->rates.length > sizeof pbody->rates.rate)
  276                return;
  277             memcpy(&pbody->rates.rate, p + offset,
  278                 pbody->rates.length);
  279             offset += pbody->rates.length;
  280          }
  281          /* Present and not truncated */
  282          pbody->rates_status = PRESENT;
  283          break;
  284       case E_DS:
  285          /* Present, possibly truncated */
  286          pbody->ds_status = TRUNCATED;
  287          memcpy(&pbody->ds, p + offset, 3);
  288          offset += 3;
  289          /* Present and not truncated */
  290          pbody->ds_status = PRESENT;
  291          break;
  292       case E_CF:
  293          /* Present, possibly truncated */
  294          pbody->cf_status = TRUNCATED;
  295          memcpy(&pbody->cf, p + offset, 8);
  296          offset += 8;
  297          /* Present and not truncated */
  298          pbody->cf_status = PRESENT;
  299          break;
  300       case E_TIM:
  301          /* Present, possibly truncated */
  302          pbody->tim_status = TRUNCATED;
  303          memcpy(&pbody->tim, p + offset, 2);
  304          offset += 2;
  305          memcpy(&pbody->tim.count, p + offset, 3);
  306          offset += 3;
  307 
  308          if (pbody->tim.length <= 3)
  309             break;
  310          if (pbody->tim.length - 3 > (int)sizeof pbody->tim.bitmap)
  311             return;
  312          memcpy(pbody->tim.bitmap, p + (pbody->tim.length - 3),
  313              (pbody->tim.length - 3));
  314          offset += pbody->tim.length - 3;
  315          /* Present and not truncated */
  316          pbody->tim_status = PRESENT;
  317          break;
  318       default:
  319          return;
  320       }
  321    }
  322 }