2
* WPA Supplicant - Layer2 packet handling with privilege separation
3
* Copyright (c) 2007, Jouni Malinen <j@w1.fi>
5
* This program is free software; you can redistribute it and/or modify
6
* it under the terms of the GNU General Public License version 2 as
7
* published by the Free Software Foundation.
9
* Alternatively, this software may be distributed under the terms of BSD
12
* See README and COPYING for more details.
20
#include "l2_packet.h"
21
#include "privsep_commands.h"
24
struct l2_packet_data {
25
int fd; /* UNIX domain socket for privsep access */
26
void (*rx_callback)(void *ctx, const u8 *src_addr,
27
const u8 *buf, size_t len);
28
void *rx_callback_ctx;
29
u8 own_addr[ETH_ALEN];
30
char *own_socket_path;
31
struct sockaddr_un priv_addr;
35
static int wpa_priv_cmd(struct l2_packet_data *l2, int cmd,
36
const void *data, size_t data_len)
41
io[0].iov_base = &cmd;
42
io[0].iov_len = sizeof(cmd);
43
io[1].iov_base = (u8 *) data;
44
io[1].iov_len = data_len;
46
os_memset(&msg, 0, sizeof(msg));
48
msg.msg_iovlen = data ? 2 : 1;
49
msg.msg_name = &l2->priv_addr;
50
msg.msg_namelen = sizeof(l2->priv_addr);
52
if (sendmsg(l2->fd, &msg, 0) < 0) {
53
perror("L2: sendmsg(cmd)");
61
int l2_packet_get_own_addr(struct l2_packet_data *l2, u8 *addr)
63
os_memcpy(addr, l2->own_addr, ETH_ALEN);
68
int l2_packet_send(struct l2_packet_data *l2, const u8 *dst_addr, u16 proto,
69
const u8 *buf, size_t len)
73
int cmd = PRIVSEP_CMD_L2_SEND;
75
io[0].iov_base = &cmd;
76
io[0].iov_len = sizeof(cmd);
77
io[1].iov_base = &dst_addr;
78
io[1].iov_len = ETH_ALEN;
79
io[2].iov_base = &proto;
81
io[3].iov_base = (u8 *) buf;
84
os_memset(&msg, 0, sizeof(msg));
87
msg.msg_name = &l2->priv_addr;
88
msg.msg_namelen = sizeof(l2->priv_addr);
90
if (sendmsg(l2->fd, &msg, 0) < 0) {
91
perror("L2: sendmsg(packet_send)");
99
static void l2_packet_receive(int sock, void *eloop_ctx, void *sock_ctx)
101
struct l2_packet_data *l2 = eloop_ctx;
104
struct sockaddr_un from;
105
socklen_t fromlen = sizeof(from);
107
os_memset(&from, 0, sizeof(from));
108
res = recvfrom(sock, buf, sizeof(buf), 0, (struct sockaddr *) &from,
111
perror("l2_packet_receive - recvfrom");
114
if (res < ETH_ALEN) {
115
wpa_printf(MSG_DEBUG, "L2: Too show packet received");
119
if (from.sun_family != AF_UNIX ||
120
os_strncmp(from.sun_path, l2->priv_addr.sun_path,
121
sizeof(from.sun_path)) != 0) {
122
wpa_printf(MSG_DEBUG, "L2: Received message from unexpected "
127
l2->rx_callback(l2->rx_callback_ctx, buf, buf + ETH_ALEN,
132
struct l2_packet_data * l2_packet_init(
133
const char *ifname, const u8 *own_addr, unsigned short protocol,
134
void (*rx_callback)(void *ctx, const u8 *src_addr,
135
const u8 *buf, size_t len),
136
void *rx_callback_ctx, int l2_hdr)
138
struct l2_packet_data *l2;
139
char *own_dir = "/tmp";
140
char *priv_dir = "/var/run/wpa_priv";
142
static unsigned int counter = 0;
143
struct sockaddr_un addr;
147
u8 reply[ETH_ALEN + 1];
150
l2 = os_zalloc(sizeof(struct l2_packet_data));
153
l2->rx_callback = rx_callback;
154
l2->rx_callback_ctx = rx_callback_ctx;
156
len = os_strlen(own_dir) + 50;
157
l2->own_socket_path = os_malloc(len);
158
if (l2->own_socket_path == NULL) {
162
os_snprintf(l2->own_socket_path, len, "%s/wpa_privsep-l2-%d-%d",
163
own_dir, getpid(), counter++);
165
l2->priv_addr.sun_family = AF_UNIX;
166
os_snprintf(l2->priv_addr.sun_path, sizeof(l2->priv_addr.sun_path),
167
"%s/%s", priv_dir, ifname);
169
l2->fd = socket(PF_UNIX, SOCK_DGRAM, 0);
171
perror("socket(PF_UNIX)");
172
os_free(l2->own_socket_path);
173
l2->own_socket_path = NULL;
178
os_memset(&addr, 0, sizeof(addr));
179
addr.sun_family = AF_UNIX;
180
os_strlcpy(addr.sun_path, l2->own_socket_path, sizeof(addr.sun_path));
181
if (bind(l2->fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
182
perror("bind(PF_UNIX)");
186
reg_cmd[0] = protocol;
188
if (wpa_priv_cmd(l2, PRIVSEP_CMD_L2_REGISTER, reg_cmd, sizeof(reg_cmd))
190
wpa_printf(MSG_ERROR, "L2: Failed to register with wpa_priv");
195
FD_SET(l2->fd, &rfds);
198
res = select(l2->fd + 1, &rfds, NULL, NULL, &tv);
199
if (res < 0 && errno != EINTR) {
204
if (FD_ISSET(l2->fd, &rfds)) {
205
res = recv(l2->fd, reply, sizeof(reply), 0);
211
wpa_printf(MSG_DEBUG, "L2: Timeout while waiting for "
212
"registration reply");
216
if (res != ETH_ALEN) {
217
wpa_printf(MSG_DEBUG, "L2: Unexpected registration reply "
220
os_memcpy(l2->own_addr, reply, ETH_ALEN);
222
eloop_register_read_sock(l2->fd, l2_packet_receive, l2, NULL);
229
unlink(l2->own_socket_path);
230
os_free(l2->own_socket_path);
231
l2->own_socket_path = NULL;
237
void l2_packet_deinit(struct l2_packet_data *l2)
243
wpa_priv_cmd(l2, PRIVSEP_CMD_L2_UNREGISTER, NULL, 0);
244
eloop_unregister_read_sock(l2->fd);
248
if (l2->own_socket_path) {
249
unlink(l2->own_socket_path);
250
os_free(l2->own_socket_path);
257
int l2_packet_get_ip_addr(struct l2_packet_data *l2, char *buf, size_t len)
264
void l2_packet_notify_auth_start(struct l2_packet_data *l2)
266
wpa_priv_cmd(l2, PRIVSEP_CMD_L2_NOTIFY_AUTH_START, NULL, 0);