projects / project / iwinfo.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
utils: fix segfault in iwinfo_hardware_id_from_mtd()
[project/iwinfo.git] / iwinfo_utils.c
1 /*
2 * iwinfo - Wireless Information Library - Shared utility routines
3 *
4 * Copyright (C) 2010 Jo-Philipp Wich <xm@subsignal.org>
5 *
6 * The iwinfo library is free software: you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License version 2
8 * as published by the Free Software Foundation.
9 *
10 * The iwinfo library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13 * See the GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with the iwinfo library. If not, see http://www.gnu.org/licenses/.
17 *
18 * The signal handling code is derived from the official madwifi tools,
19 * wlanconfig.c in particular. The encryption property handling was
20 * inspired by the hostapd madwifi driver.
21 */
22
23 #include "iwinfo/utils.h"
24
25
26 static int ioctl_socket = -1;
27 struct uci_context *uci_ctx = NULL;
28
29 static int iwinfo_ioctl_socket(void)
30 {
31 /* Prepare socket */
32 if (ioctl_socket == -1)
33 {
34 ioctl_socket = socket(AF_INET, SOCK_DGRAM, 0);
35 fcntl(ioctl_socket, F_SETFD, fcntl(ioctl_socket, F_GETFD) | FD_CLOEXEC);
36 }
37
38 return ioctl_socket;
39 }
40
41 int iwinfo_ioctl(int cmd, void *ifr)
42 {
43 int s = iwinfo_ioctl_socket();
44 return ioctl(s, cmd, ifr);
45 }
46
47 int iwinfo_dbm2mw(int in)
48 {
49 double res = 1.0;
50 int ip = in / 10;
51 int fp = in % 10;
52 int k;
53
54 for(k = 0; k < ip; k++) res *= 10;
55 for(k = 0; k < fp; k++) res *= LOG10_MAGIC;
56
57 return (int)res;
58 }
59
60 int iwinfo_mw2dbm(int in)
61 {
62 double fin = (double) in;
63 int res = 0;
64
65 while(fin > 10.0)
66 {
67 res += 10;
68 fin /= 10.0;
69 }
70
71 while(fin > 1.000001)
72 {
73 res += 1;
74 fin /= LOG10_MAGIC;
75 }
76
77 return (int)res;
78 }
79
80 int iwinfo_ifup(const char *ifname)
81 {
82 struct ifreq ifr;
83
84 strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
85
86 if (iwinfo_ioctl(SIOCGIFFLAGS, &ifr))
87 return 0;
88
89 ifr.ifr_flags |= (IFF_UP | IFF_RUNNING);
90
91 return !iwinfo_ioctl(SIOCSIFFLAGS, &ifr);
92 }
93
94 int iwinfo_ifdown(const char *ifname)
95 {
96 struct ifreq ifr;
97
98 strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
99
100 if (iwinfo_ioctl(SIOCGIFFLAGS, &ifr))
101 return 0;
102
103 ifr.ifr_flags &= ~(IFF_UP | IFF_RUNNING);
104
105 return !iwinfo_ioctl(SIOCSIFFLAGS, &ifr);
106 }
107
108 int iwinfo_ifmac(const char *ifname)
109 {
110 struct ifreq ifr;
111
112 strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
113
114 if (iwinfo_ioctl(SIOCGIFHWADDR, &ifr))
115 return 0;
116
117 ifr.ifr_hwaddr.sa_data[0] |= 0x02;
118 ifr.ifr_hwaddr.sa_data[1]++;
119 ifr.ifr_hwaddr.sa_data[2]++;
120
121 return !iwinfo_ioctl(SIOCSIFHWADDR, &ifr);
122 }
123
124 void iwinfo_close(void)
125 {
126 if (ioctl_socket > -1)
127 close(ioctl_socket);
128
129 ioctl_socket = -1;
130 }
131
132 struct iwinfo_hardware_entry * iwinfo_hardware(struct iwinfo_hardware_id *id)
133 {
134 FILE *db;
135 char buf[256] = { 0 };
136 static struct iwinfo_hardware_entry e;
137 struct iwinfo_hardware_entry *rv = NULL;
138
139 if (!(db = fopen(IWINFO_HARDWARE_FILE, "r")))
140 return NULL;
141
142 while (fgets(buf, sizeof(buf) - 1, db) != NULL)
143 {
144 memset(&e, 0, sizeof(e));
145
146 if (sscanf(buf, "%hx %hx %hx %hx %hd %hd \"%63[^\"]\" \"%63[^\"]\"",
147 &e.vendor_id, &e.device_id,
148 &e.subsystem_vendor_id, &e.subsystem_device_id,
149 &e.txpower_offset, &e.frequency_offset,
150 e.vendor_name, e.device_name) < 8)
151 continue;
152
153 if ((e.vendor_id != 0xffff) && (e.vendor_id != id->vendor_id))
154 continue;
155
156 if ((e.device_id != 0xffff) && (e.device_id != id->device_id))
157 continue;
158
159 if ((e.subsystem_vendor_id != 0xffff) &&
160 (e.subsystem_vendor_id != id->subsystem_vendor_id))
161 continue;
162
163 if ((e.subsystem_device_id != 0xffff) &&
164 (e.subsystem_device_id != id->subsystem_device_id))
165 continue;
166
167 rv = &e;
168 break;
169 }
170
171 fclose(db);
172 return rv;
173 }
174
175 int iwinfo_hardware_id_from_mtd(struct iwinfo_hardware_id *id)
176 {
177 FILE *mtd;
178 uint16_t *bc;
179
180 int fd, off;
181 unsigned int len;
182 char buf[128];
183
184 if (!(mtd = fopen("/proc/mtd", "r")))
185 return -1;
186
187 while (fgets(buf, sizeof(buf), mtd) != NULL)
188 {
189 if (fscanf(mtd, "mtd%d: %x %*x %127s", &off, &len, buf) < 3 ||
190 (strcmp(buf, "\"boardconfig\"") && strcmp(buf, "\"EEPROM\"") &&
191 strcmp(buf, "\"factory\"")))
192 {
193 off = -1;
194 continue;
195 }
196
197 break;
198 }
199
200 fclose(mtd);
201
202 if (off < 0)
203 return -1;
204
205 snprintf(buf, sizeof(buf), "/dev/mtdblock%d", off);
206
207 if ((fd = open(buf, O_RDONLY)) < 0)
208 return -1;
209
210 bc = mmap(NULL, len, PROT_READ, MAP_PRIVATE|MAP_LOCKED, fd, 0);
211
212 if ((void *)bc != MAP_FAILED)
213 {
214 id->vendor_id = 0;
215 id->device_id = 0;
216
217 for (off = len / 2 - 0x800; off >= 0; off -= 0x800)
218 {
219 /* AR531X board data magic */
220 if ((bc[off] == 0x3533) && (bc[off + 1] == 0x3131))
221 {
222 id->vendor_id = bc[off + 0x7d];
223 id->device_id = bc[off + 0x7c];
224 id->subsystem_vendor_id = bc[off + 0x84];
225 id->subsystem_device_id = bc[off + 0x83];
226 break;
227 }
228
229 /* AR5416 EEPROM magic */
230 else if ((bc[off] == 0xA55A) || (bc[off] == 0x5AA5))
231 {
232 id->vendor_id = bc[off + 0x0D];
233 id->device_id = bc[off + 0x0E];
234 id->subsystem_vendor_id = bc[off + 0x13];
235 id->subsystem_device_id = bc[off + 0x14];
236 break;
237 }
238
239 /* Rt3xxx SoC */
240 else if ((bc[off] == 0x3352) || (bc[off] == 0x5233) ||
241 (bc[off] == 0x3350) || (bc[off] == 0x5033) ||
242 (bc[off] == 0x3050) || (bc[off] == 0x5030) ||
243 (bc[off] == 0x3052) || (bc[off] == 0x5230))
244 {
245 /* vendor: RaLink */
246 id->vendor_id = 0x1814;
247 id->subsystem_vendor_id = 0x1814;
248
249 /* device */
250 if ((bc[off] & 0xf0) == 0x30)
251 id->device_id = (bc[off] >> 8) | (bc[off] & 0x00ff) << 8;
252 else
253 id->device_id = bc[off];
254
255 /* subsystem from EEPROM_NIC_CONF0_RF_TYPE */
256 id->subsystem_device_id = (bc[off + 0x1a] & 0x0f00) >> 8;
257 }
258 }
259
260 munmap(bc, len);
261 }
262
263 close(fd);
264
265 return (id->vendor_id && id->device_id) ? 0 : -1;
266 }
267
268 void iwinfo_parse_rsn(struct iwinfo_crypto_entry *c, uint8_t *data, uint8_t len,
269 uint8_t defcipher, uint8_t defauth)
270 {
271 uint16_t i, count;
272
273 static unsigned char ms_oui[3] = { 0x00, 0x50, 0xf2 };
274 static unsigned char ieee80211_oui[3] = { 0x00, 0x0f, 0xac };
275
276 data += 2;
277 len -= 2;
278
279 if (!memcmp(data, ms_oui, 3))
280 c->wpa_version += 1;
281 else if (!memcmp(data, ieee80211_oui, 3))
282 c->wpa_version += 2;
283
284 if (len < 4)
285 {
286 c->group_ciphers |= defcipher;
287 c->pair_ciphers |= defcipher;
288 c->auth_suites |= defauth;
289 return;
290 }
291
292 if (!memcmp(data, ms_oui, 3) || !memcmp(data, ieee80211_oui, 3))
293 {
294 switch (data[3])
295 {
296 case 1: c->group_ciphers |= IWINFO_CIPHER_WEP40; break;
297 case 2: c->group_ciphers |= IWINFO_CIPHER_TKIP; break;
298 case 4: c->group_ciphers |= IWINFO_CIPHER_CCMP; break;
299 case 5: c->group_ciphers |= IWINFO_CIPHER_WEP104; break;
300 case 6: /* AES-128-CMAC */ break;
301 default: /* proprietary */ break;
302 }
303 }
304
305 data += 4;
306 len -= 4;
307
308 if (len < 2)
309 {
310 c->pair_ciphers |= defcipher;
311 c->auth_suites |= defauth;
312 return;
313 }
314
315 count = data[0] | (data[1] << 8);
316 if (2 + (count * 4) > len)
317 return;
318
319 for (i = 0; i < count; i++)
320 {
321 if (!memcmp(data + 2 + (i * 4), ms_oui, 3) ||
322 !memcmp(data + 2 + (i * 4), ieee80211_oui, 3))
323 {
324 switch (data[2 + (i * 4) + 3])
325 {
326 case 1: c->pair_ciphers |= IWINFO_CIPHER_WEP40; break;
327 case 2: c->pair_ciphers |= IWINFO_CIPHER_TKIP; break;
328 case 4: c->pair_ciphers |= IWINFO_CIPHER_CCMP; break;
329 case 5: c->pair_ciphers |= IWINFO_CIPHER_WEP104; break;
330 case 6: /* AES-128-CMAC */ break;
331 default: /* proprietary */ break;
332 }
333 }
334 }
335
336 data += 2 + (count * 4);
337 len -= 2 + (count * 4);
338
339 if (len < 2)
340 {
341 c->auth_suites |= defauth;
342 return;
343 }
344
345 count = data[0] | (data[1] << 8);
346 if (2 + (count * 4) > len)
347 return;
348
349 for (i = 0; i < count; i++)
350 {
351 if (!memcmp(data + 2 + (i * 4), ms_oui, 3) ||
352 !memcmp(data + 2 + (i * 4), ieee80211_oui, 3))
353 {
354 switch (data[2 + (i * 4) + 3])
355 {
356 case 1: c->auth_suites |= IWINFO_KMGMT_8021x; break;
357 case 2: c->auth_suites |= IWINFO_KMGMT_PSK; break;
358 case 3: /* FT/IEEE 802.1X */ break;
359 case 4: /* FT/PSK */ break;
360 case 5: /* IEEE 802.1X/SHA-256 */ break;
361 case 6: /* PSK/SHA-256 */ break;
362 default: /* proprietary */ break;
363 }
364 }
365 }
366
367 data += 2 + (count * 4);
368 len -= 2 + (count * 4);
369 }
370
371 struct uci_section *iwinfo_uci_get_radio(const char *name, const char *type)
372 {
373 struct uci_ptr ptr = {
374 .package = "wireless",
375 .section = name,
376 .flags = (name && *name == '@') ? UCI_LOOKUP_EXTENDED : 0,
377 };
378 const char *opt;
379
380 if (!uci_ctx) {
381 uci_ctx = uci_alloc_context();
382 if (!uci_ctx)
383 return NULL;
384 }
385
386 if (uci_lookup_ptr(uci_ctx, &ptr, NULL, true))
387 return NULL;
388
389 if (!ptr.s || strcmp(ptr.s->type, "wifi-device") != 0)
390 return NULL;
391
392 opt = uci_lookup_option_string(uci_ctx, ptr.s, "type");
393 if (!opt || strcmp(opt, type) != 0)
394 return NULL;
395
396 return ptr.s;
397 }
398
399 void iwinfo_uci_free(void)
400 {
401 if (!uci_ctx)
402 return;
403
404 uci_free_context(uci_ctx);
405 uci_ctx = NULL;
406 }
Library for accessing wireless device drivers