diff --git a/net/reaver/Makefile b/net/reaver/Makefile index a0b2b0c74..137aaeae3 100644 --- a/net/reaver/Makefile +++ b/net/reaver/Makefile @@ -1,5 +1,6 @@ # # Copyright (C) 2012-2015 OpenWrt.org +# Copyright (C) 2017 Yousong Zhou # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -8,47 +9,48 @@ include $(TOPDIR)/rules.mk PKG_NAME:=reaver -PKG_VERSION:=1.4 -PKG_RELEASE:=3 +PKG_VERSION:=1.6.3 +PKG_RELEASE:=1 PKG_MAINTAINER:=Yousong Zhou -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/reaver-wps -PKG_HASH:=add3050a4a05fe0ab6bfb291ee2de8e9b8a85f1e64ced93ee27a75744954b22d +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=https://github.com/t6x/reaver-wps-fork-t6x/releases/download/v$(PKG_VERSION) +PKG_HASH:=191f785f53030e4803260ada1a29ca4b42c848d56f6f3982e320d03b6117aaf2 + PKG_LICENSE:=GPL-2.0 +PKG_LICENSE_FILES:=docs/LICENSE PKG_USE_MIPS16:=0 PKG_AUTOMAKE_PATHS:=src PKG_FIXUP:=autoreconf include $(INCLUDE_DIR)/package.mk - CONFIGURE_PATH:=src MAKE_PATH:=src -EXTRA_CFLAGS=$(TARGET_CPPFLAGS) define Package/reaver SECTION:=net CATEGORY:=Network SUBMENU:=wireless TITLE:=Efficient brute force attack against Wifi Protected Setup - URL:=https://code.google.com/p/reaver-wps/ - DEPENDS:=+libpcap +libsqlite3 + URL:=https://github.com/t6x/reaver-wps-fork-t6x + DEPENDS:=+libpcap endef define Package/reaver/description - Reaver targets the external registrar functionality mandated by the WiFi - Protected Setup specification. - Access points will provide authenticated registrars with their current - wireless configuration (including the WPA PSK), and also accept a new - configuration from the registrar. + Reaver has been designed to be a robust and practical attack against Wi-Fi + Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 + passphrases. It has been tested against a wide variety of access points and + WPS implementations. + + This is reaver-wps-fork-t6x, a community forked version, which has included + various bug fixes and additional attack method (the offline Pixie Dust + attack). endef define Package/reaver/install $(INSTALL_DIR) $(1)/usr/bin $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/{reaver,wash} $(1)/usr/bin/ - $(INSTALL_DIR) $(1)/etc/reaver - $(INSTALL_DATA) $(PKG_BUILD_DIR)/src/reaver.db $(1)/etc/reaver/ endef $(eval $(call BuildPackage,reaver)) diff --git a/net/reaver/patches/0001-wpscrack-big-endian-fixes.patch b/net/reaver/patches/0001-wpscrack-big-endian-fixes.patch deleted file mode 100644 index da76c2e3d..000000000 --- a/net/reaver/patches/0001-wpscrack-big-endian-fixes.patch +++ /dev/null @@ -1,565 +0,0 @@ -From 4e7af9f022996cb0a03b30f6af265b757807dfa2 Mon Sep 17 00:00:00 2001 -From: Paul Fertser -Date: Wed, 27 Jun 2012 17:44:55 +0400 -Subject: [PATCH 1/3] wpscrack: big-endian fixes - -This should fix access to the radiotap, 802.11, LLC/SNAP and WFA -headers' fields. Run-time tested on an ar71xx BE system. - -Signed-off-by: Paul Fertser ---- - src/80211.c | 65 +++++++++++++++++++------------ - src/builder.c | 23 +++++------ - src/defs.h | 116 +++++++++++++++++++++++++++++++++++++++----------------- - src/exchange.c | 23 ++++++----- - src/wpsmon.c | 13 ++++-- - 5 files changed, 151 insertions(+), 89 deletions(-) - -diff --git a/src/80211.c b/src/80211.c -index c2aff59..19f1e92 100644 ---- a/src/80211.c -+++ b/src/80211.c -@@ -90,17 +90,19 @@ void read_ap_beacon() - if(header.len >= MIN_BEACON_SIZE) - { - rt_header = (struct radio_tap_header *) radio_header(packet, header.len); -- frame_header = (struct dot11_frame_header *) (packet + rt_header->len); -- -+ size_t rt_header_len = __le16_to_cpu(rt_header->len); -+ frame_header = (struct dot11_frame_header *) (packet + rt_header_len); -+ - if(is_target(frame_header)) - { -- if(frame_header->fc.type == MANAGEMENT_FRAME && frame_header->fc.sub_type == SUBTYPE_BEACON) -+ if((frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) == -+ __cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_BEACON)) - { -- beacon = (struct beacon_management_frame *) (packet + rt_header->len + sizeof(struct dot11_frame_header)); -+ beacon = (struct beacon_management_frame *) (packet + rt_header_len + sizeof(struct dot11_frame_header)); - set_ap_capability(beacon->capability); - - /* Obtain the SSID and channel number from the beacon packet */ -- tag_offset = rt_header->len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame); -+ tag_offset = rt_header_len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame); - channel = parse_beacon_tags(packet, header.len); - - /* If no channel was manually specified, switch to the AP's current channel */ -@@ -135,29 +137,31 @@ int8_t signal_strength(const u_char *packet, size_t len) - { - header = (struct radio_tap_header *) packet; - -- if((header->flags & SSI_FLAG) == SSI_FLAG) -+ uint32_t flags = __le32_to_cpu(header->flags); -+ -+ if((flags & SSI_FLAG) == SSI_FLAG) - { -- if((header->flags & TSFT_FLAG) == TSFT_FLAG) -+ if((flags & TSFT_FLAG) == TSFT_FLAG) - { - offset += TSFT_SIZE; - } - -- if((header->flags & FLAGS_FLAG) == FLAGS_FLAG) -+ if((flags & FLAGS_FLAG) == FLAGS_FLAG) - { - offset += FLAGS_SIZE; - } - -- if((header->flags & RATE_FLAG) == RATE_FLAG) -+ if((flags & RATE_FLAG) == RATE_FLAG) - { - offset += RATE_SIZE; - } - -- if((header->flags & CHANNEL_FLAG) == CHANNEL_FLAG) -+ if((flags & CHANNEL_FLAG) == CHANNEL_FLAG) - { - offset += CHANNEL_SIZE; - } - -- if((header->flags & FHSS_FLAG) == FHSS_FLAG) -+ if((flags & FHSS_FLAG) == FHSS_FLAG) - { - offset += FHSS_FLAG; - } -@@ -196,11 +200,13 @@ int is_wps_locked() - if(header.len >= MIN_BEACON_SIZE) - { - rt_header = (struct radio_tap_header *) radio_header(packet, header.len); -- frame_header = (struct dot11_frame_header *) (packet + rt_header->len); -+ size_t rt_header_len = __le16_to_cpu(rt_header->len); -+ frame_header = (struct dot11_frame_header *) (packet + rt_header_len); - - if(memcmp(frame_header->addr3, get_bssid(), MAC_ADDR_LEN) == 0) - { -- if(frame_header->fc.type == MANAGEMENT_FRAME && frame_header->fc.sub_type == SUBTYPE_BEACON) -+ if((frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) == -+ __cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_BEACON)) - { - if(parse_wps_parameters(packet, header.len, &wps)) - { -@@ -411,24 +417,30 @@ int associate_recv_loop() - if(header.len >= MIN_AUTH_SIZE) - { - rt_header = (struct radio_tap_header *) radio_header(packet, header.len); -- dot11_frame = (struct dot11_frame_header *) (packet + rt_header->len); -+ size_t rt_header_len = __le16_to_cpu(rt_header->len); -+ dot11_frame = (struct dot11_frame_header *) (packet + rt_header_len); - - if((memcmp(dot11_frame->addr3, get_bssid(), MAC_ADDR_LEN) == 0) && - (memcmp(dot11_frame->addr1, get_mac(), MAC_ADDR_LEN) == 0)) - { -- if(dot11_frame->fc.type == MANAGEMENT_FRAME) -+ if((dot11_frame->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE)) == -+ __cpu_to_le16(IEEE80211_FTYPE_MGMT)) - { -- auth_frame = (struct authentication_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header->len); -- assoc_frame = (struct association_response_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header->len); -+ auth_frame = (struct authentication_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header_len); -+ assoc_frame = (struct association_response_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header_len); - - /* Did we get an authentication packet with a successful status? */ -- if((dot11_frame->fc.sub_type == SUBTYPE_AUTHENTICATION) && (auth_frame->status == AUTHENTICATION_SUCCESS)) -+ if((dot11_frame->fc & __cpu_to_le16(IEEE80211_FCTL_STYPE)) == -+ __cpu_to_le16(IEEE80211_STYPE_AUTH) -+ && (auth_frame->status == __cpu_to_le16(AUTHENTICATION_SUCCESS))) - { - ret_val = AUTH_OK; - break; - } - /* Did we get an association packet with a successful status? */ -- else if((dot11_frame->fc.sub_type == SUBTYPE_ASSOCIATION) && (assoc_frame->status == ASSOCIATION_SUCCESS)) -+ else if((dot11_frame->fc & __cpu_to_le16(IEEE80211_FCTL_STYPE)) == -+ __cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP) -+ && (assoc_frame->status == __cpu_to_le16(ASSOCIATION_SUCCESS))) - { - ret_val = ASSOCIATE_OK; - break; -@@ -455,13 +467,14 @@ enum encryption_type supported_encryption(const u_char *packet, size_t len) - if(len > MIN_BEACON_SIZE) - { - rt_header = (struct radio_tap_header *) radio_header(packet, len); -- beacon = (struct beacon_management_frame *) (packet + rt_header->len + sizeof(struct dot11_frame_header)); -- offset = tag_offset = rt_header->len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame); -+ size_t rt_header_len = __le16_to_cpu(rt_header->len); -+ beacon = (struct beacon_management_frame *) (packet + rt_header_len + sizeof(struct dot11_frame_header)); -+ offset = tag_offset = rt_header_len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame); - - tag_len = len - tag_offset; - tag_data = (const u_char *) (packet + tag_offset); - -- if((beacon->capability & CAPABILITY_WEP) == CAPABILITY_WEP) -+ if((__le16_to_cpu(beacon->capability) & CAPABILITY_WEP) == CAPABILITY_WEP) - { - enc = WEP; - -@@ -509,7 +522,7 @@ int parse_beacon_tags(const u_char *packet, size_t len) - struct radio_tap_header *rt_header = NULL; - - rt_header = (struct radio_tap_header *) radio_header(packet, len); -- tag_offset = rt_header->len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame); -+ tag_offset = __le16_to_cpu(rt_header->len) + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame); - - if(tag_offset < len) - { -@@ -548,7 +561,7 @@ int parse_beacon_tags(const u_char *packet, size_t len) - { - if(ie_len == 1) - { -- memcpy((int *) &channel, channel_data, ie_len); -+ channel = *(uint8_t*)channel_data; - } - free(channel_data); - } -@@ -603,13 +616,13 @@ int check_fcs(const u_char *packet, size_t len) - if(len > 4) - { - /* Get the packet's reported FCS (last 4 bytes of the packet) */ -- memcpy((uint32_t *) &fcs, (packet + (len-4)), 4); -+ fcs = __le32_to_cpu(*(uint32_t*)(packet + (len-4))); - - /* FCS is not calculated over the radio tap header */ - if(has_rt_header()) - { - rt_header = (struct radio_tap_header *) packet; -- offset += rt_header->len; -+ offset += __le16_to_cpu(rt_header->len); - } - - if(len > offset) -diff --git a/src/builder.c b/src/builder.c -index 37f2de7..6bf89e7 100644 ---- a/src/builder.c -+++ b/src/builder.c -@@ -44,9 +44,8 @@ const void *build_radio_tap_header(size_t *len) - memset((void *) buf, 0, sizeof(struct radio_tap_header)); - rt_header = (struct radio_tap_header *) buf; - -- rt_header->len = sizeof(struct radio_tap_header); -- -- *len = rt_header->len; -+ *len = sizeof(struct radio_tap_header); -+ rt_header->len = __cpu_to_le16(*len); - } - - return buf; -@@ -67,9 +66,9 @@ const void *build_dot11_frame_header(uint16_t fc, size_t *len) - - frag_seq += SEQ_MASK; - -- header->duration = DEFAULT_DURATION; -- memcpy((void *) &header->fc, (void *) &fc, sizeof(struct frame_control)); -- header->frag_seq = frag_seq; -+ header->duration = __cpu_to_le16(DEFAULT_DURATION); -+ header->fc = __cpu_to_le16(fc); -+ header->frag_seq = __cpu_to_le16(frag_seq); - - memcpy((void *) header->addr1, get_bssid(), MAC_ADDR_LEN); - memcpy((void *) header->addr2, get_mac(), MAC_ADDR_LEN); -@@ -91,8 +90,8 @@ const void *build_authentication_management_frame(size_t *len) - memset((void *) buf, 0, *len); - frame = (struct authentication_management_frame *) buf; - -- frame->algorithm = OPEN_SYSTEM; -- frame->sequence = 1; -+ frame->algorithm = __cpu_to_le16(OPEN_SYSTEM); -+ frame->sequence = __cpu_to_le16(1); - frame->status = 0; - } - -@@ -111,8 +110,8 @@ const void *build_association_management_frame(size_t *len) - memset((void *) buf, 0, *len); - frame = (struct association_request_management_frame *) buf; - -- frame->capability = get_ap_capability(); -- frame->listen_interval = LISTEN_INTERVAL; -+ frame->capability = __cpu_to_le16(get_ap_capability()); -+ frame->listen_interval = __cpu_to_le16(LISTEN_INTERVAL); - } - - return buf; -@@ -133,7 +132,7 @@ const void *build_llc_header(size_t *len) - header->dsap = LLC_SNAP; - header->ssap = LLC_SNAP; - header->control_field = UNNUMBERED_FRAME; -- header->type = DOT1X_AUTHENTICATION; -+ header->type = __cpu_to_be16(DOT1X_AUTHENTICATION); - - } - -@@ -279,7 +278,7 @@ const void *build_wfa_header(uint8_t op_code, size_t *len) - header = (struct wfa_expanded_header *) buf; - - memcpy(header->id, WFA_VENDOR_ID, sizeof(header->id)); -- header->type = SIMPLE_CONFIG; -+ header->type = __cpu_to_be32(SIMPLE_CONFIG); - header->opcode = op_code; - } - -diff --git a/src/defs.h b/src/defs.h -index b2f45ea..0c628e7 100644 ---- a/src/defs.h -+++ b/src/defs.h -@@ -41,6 +41,7 @@ - #include - #include - #include -+#include - - #include "wps.h" - -@@ -65,10 +66,10 @@ - #define MANAGEMENT_FRAME 0x00 - #define SUBTYPE_BEACON 0x08 - --#define DOT1X_AUTHENTICATION 0x8E88 -+#define DOT1X_AUTHENTICATION 0x888E - #define DOT1X_EAP_PACKET 0x00 - --#define SIMPLE_CONFIG 0x01000000 -+#define SIMPLE_CONFIG 0x00000001 - - #define P1_SIZE 10000 - #define P2_SIZE 1000 -@@ -282,66 +283,111 @@ enum wfa_elements - WEP_TRANSMIT_KEY = 0x10064 - }; - -+#define IEEE80211_FCTL_VERS 0x0003 -+#define IEEE80211_FCTL_FTYPE 0x000c -+#define IEEE80211_FCTL_STYPE 0x00f0 -+#define IEEE80211_FCTL_TODS 0x0100 -+#define IEEE80211_FCTL_FROMDS 0x0200 -+#define IEEE80211_FCTL_MOREFRAGS 0x0400 -+#define IEEE80211_FCTL_RETRY 0x0800 -+#define IEEE80211_FCTL_PM 0x1000 -+#define IEEE80211_FCTL_MOREDATA 0x2000 -+#define IEEE80211_FCTL_PROTECTED 0x4000 -+#define IEEE80211_FCTL_ORDER 0x8000 -+ -+#define IEEE80211_SCTL_FRAG 0x000F -+#define IEEE80211_SCTL_SEQ 0xFFF0 -+ -+#define IEEE80211_FTYPE_MGMT 0x0000 -+#define IEEE80211_FTYPE_CTL 0x0004 -+#define IEEE80211_FTYPE_DATA 0x0008 -+ -+/* management */ -+#define IEEE80211_STYPE_ASSOC_REQ 0x0000 -+#define IEEE80211_STYPE_ASSOC_RESP 0x0010 -+#define IEEE80211_STYPE_REASSOC_REQ 0x0020 -+#define IEEE80211_STYPE_REASSOC_RESP 0x0030 -+#define IEEE80211_STYPE_PROBE_REQ 0x0040 -+#define IEEE80211_STYPE_PROBE_RESP 0x0050 -+#define IEEE80211_STYPE_BEACON 0x0080 -+#define IEEE80211_STYPE_ATIM 0x0090 -+#define IEEE80211_STYPE_DISASSOC 0x00A0 -+#define IEEE80211_STYPE_AUTH 0x00B0 -+#define IEEE80211_STYPE_DEAUTH 0x00C0 -+#define IEEE80211_STYPE_ACTION 0x00D0 -+ -+/* control */ -+#define IEEE80211_STYPE_BACK_REQ 0x0080 -+#define IEEE80211_STYPE_BACK 0x0090 -+#define IEEE80211_STYPE_PSPOLL 0x00A0 -+#define IEEE80211_STYPE_RTS 0x00B0 -+#define IEEE80211_STYPE_CTS 0x00C0 -+#define IEEE80211_STYPE_ACK 0x00D0 -+#define IEEE80211_STYPE_CFEND 0x00E0 -+#define IEEE80211_STYPE_CFENDACK 0x00F0 -+ -+/* data */ -+#define IEEE80211_STYPE_DATA 0x0000 -+#define IEEE80211_STYPE_DATA_CFACK 0x0010 -+#define IEEE80211_STYPE_DATA_CFPOLL 0x0020 -+#define IEEE80211_STYPE_DATA_CFACKPOLL 0x0030 -+#define IEEE80211_STYPE_NULLFUNC 0x0040 -+#define IEEE80211_STYPE_CFACK 0x0050 -+#define IEEE80211_STYPE_CFPOLL 0x0060 -+#define IEEE80211_STYPE_CFACKPOLL 0x0070 -+#define IEEE80211_STYPE_QOS_DATA 0x0080 -+#define IEEE80211_STYPE_QOS_DATA_CFACK 0x0090 -+#define IEEE80211_STYPE_QOS_DATA_CFPOLL 0x00A0 -+#define IEEE80211_STYPE_QOS_DATA_CFACKPOLL 0x00B0 -+#define IEEE80211_STYPE_QOS_NULLFUNC 0x00C0 -+#define IEEE80211_STYPE_QOS_CFACK 0x00D0 -+#define IEEE80211_STYPE_QOS_CFPOLL 0x00E0 -+#define IEEE80211_STYPE_QOS_CFACKPOLL 0x00F0 -+ - #pragma pack(1) - struct radio_tap_header - { - uint8_t revision; - uint8_t pad; -- uint16_t len; -- uint32_t flags; --}; -- --struct frame_control --{ -- unsigned version : 2; -- unsigned type : 2; -- unsigned sub_type : 4; -- -- unsigned to_ds : 1; -- unsigned from_ds : 1; -- unsigned more_frag : 1; -- unsigned retry : 1; -- unsigned pwr_mgt : 1; -- unsigned more_data : 1; -- unsigned protected_frame : 1; -- unsigned order : 1; -+ __le16 len; -+ __le32 flags; - }; - - struct dot11_frame_header - { -- struct frame_control fc; -- uint16_t duration; -+ __le16 fc; -+ __le16 duration; - unsigned char addr1[MAC_ADDR_LEN]; - unsigned char addr2[MAC_ADDR_LEN]; - unsigned char addr3[MAC_ADDR_LEN]; -- uint16_t frag_seq; -+ __le16 frag_seq; - }; - - struct authentication_management_frame - { -- uint16_t algorithm; -- uint16_t sequence; -- uint16_t status; -+ __le16 algorithm; -+ __le16 sequence; -+ __le16 status; - }; - - struct association_request_management_frame - { -- uint16_t capability; -- uint16_t listen_interval; -+ __le16 capability; -+ __le16 listen_interval; - }; - - struct association_response_management_frame - { -- uint16_t capability; -- uint16_t status; -- uint16_t id; -+ __le16 capability; -+ __le16 status; -+ __le16 id; - }; - - struct beacon_management_frame - { - unsigned char timestamp[TIMESTAMP_LEN]; -- uint16_t beacon_interval; -- uint16_t capability; -+ __le16 beacon_interval; -+ __le16 capability; - }; - - struct llc_header -@@ -350,7 +396,7 @@ struct llc_header - uint8_t ssap; - uint8_t control_field; - unsigned char org_code[3]; -- uint16_t type; -+ __be16 type; - }; - - struct dot1X_header -@@ -371,7 +417,7 @@ struct eap_header - struct wfa_expanded_header - { - unsigned char id[3]; -- uint32_t type; -+ __be32 type; - uint8_t opcode; - uint8_t flags; - }; -diff --git a/src/exchange.c b/src/exchange.c -index 23c87e9..4f9a82b 100644 ---- a/src/exchange.c -+++ b/src/exchange.c -@@ -306,26 +306,27 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header) - - /* Cast the radio tap and 802.11 frame headers and parse out the Frame Control field */ - rt_header = (struct radio_tap_header *) packet; -- frame_header = (struct dot11_frame_header *) (packet+rt_header->len); -+ size_t rt_header_len = __le16_to_cpu(rt_header->len); -+ frame_header = (struct dot11_frame_header *) (packet+rt_header_len); - - /* Does the BSSID/source address match our target BSSID? */ - if(memcmp(frame_header->addr3, get_bssid(), MAC_ADDR_LEN) == 0) - { - /* Is this a data packet sent to our MAC address? */ -- if(frame_header->fc.type == DATA_FRAME && -- frame_header->fc.sub_type == SUBTYPE_DATA && -- (memcmp(frame_header->addr1, get_mac(), MAC_ADDR_LEN) == 0)) -+ if (((frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) == -+ __cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA)) && -+ (memcmp(frame_header->addr1, get_mac(), MAC_ADDR_LEN) == 0)) - { - llc = (struct llc_header *) (packet + -- rt_header->len + -+ rt_header_len + - sizeof(struct dot11_frame_header) - ); - - /* All packets in our exchanges will be 802.1x */ -- if(llc->type == DOT1X_AUTHENTICATION) -+ if(llc->type == __cpu_to_be16(DOT1X_AUTHENTICATION)) - { - dot1x = (struct dot1X_header *) (packet + -- rt_header->len + -+ rt_header_len + - sizeof(struct dot11_frame_header) + - sizeof(struct llc_header) - ); -@@ -334,7 +335,7 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header) - if(dot1x->type == DOT1X_EAP_PACKET && (header->len >= EAP_PACKET_SIZE)) - { - eap = (struct eap_header *) (packet + -- rt_header->len + -+ rt_header_len + - sizeof(struct dot11_frame_header) + - sizeof(struct llc_header) + - sizeof(struct dot1X_header) -@@ -366,7 +367,7 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header) - else if((eap->type == EAP_EXPANDED) && (header->len > WFA_PACKET_SIZE)) - { - wfa = (struct wfa_expanded_header *) (packet + -- rt_header->len + -+ rt_header_len + - sizeof(struct dot11_frame_header) + - sizeof(struct llc_header) + - sizeof(struct dot1X_header) + -@@ -374,14 +375,14 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header) - ); - - /* Verify that this is a WPS message */ -- if(wfa->type == SIMPLE_CONFIG) -+ if(wfa->type == __cpu_to_be32(SIMPLE_CONFIG)) - { - wps_msg_len = (size_t) ntohs(eap->len) - - sizeof(struct eap_header) - - sizeof(struct wfa_expanded_header); - - wps_msg = (const void *) (packet + -- rt_header->len + -+ rt_header_len + - sizeof(struct dot11_frame_header) + - sizeof(struct llc_header) + - sizeof(struct dot1X_header) + -diff --git a/src/wpsmon.c b/src/wpsmon.c -index d976924..22a394f 100644 ---- a/src/wpsmon.c -+++ b/src/wpsmon.c -@@ -295,7 +295,8 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char * - } - - rt_header = (struct radio_tap_header *) radio_header(packet, header->len); -- frame_header = (struct dot11_frame_header *) (packet + rt_header->len); -+ size_t rt_header_len = __le16_to_cpu(rt_header->len); -+ frame_header = (struct dot11_frame_header *) (packet + rt_header_len); - - /* If a specific BSSID was specified, only parse packets from that BSSID */ - if(!is_target(frame_header)) -@@ -323,15 +324,17 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char * - channel_changed = 1; - } - -- if(frame_header->fc.sub_type == PROBE_RESPONSE || -- frame_header->fc.sub_type == SUBTYPE_BEACON) -+ unsigned fsub_type = frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_STYPE); -+ -+ if(fsub_type == __cpu_to_le16(IEEE80211_STYPE_PROBE_RESP) || -+ fsub_type == __cpu_to_le16(IEEE80211_STYPE_BEACON)) - { - wps_parsed = parse_wps_parameters(packet, header->len, wps); - } - - if(!is_done(bssid) && (get_channel() == channel || source == PCAP_FILE)) - { -- if(frame_header->fc.sub_type == SUBTYPE_BEACON && -+ if(fsub_type == __cpu_to_le16(IEEE80211_STYPE_BEACON) && - mode == SCAN && - !passive && - should_probe(bssid)) -@@ -369,7 +372,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char * - * If there was no WPS information, then the AP does not support WPS and we should ignore it from here on. - * If this was a probe response, then we've gotten all WPS info we can get from this AP and should ignore it from here on. - */ -- if(!wps_parsed || frame_header->fc.sub_type == PROBE_RESPONSE) -+ if(!wps_parsed || fsub_type == __cpu_to_le16(IEEE80211_STYPE_PROBE_RESP)) - { - mark_ap_complete(bssid); - } --- -1.7.7 - diff --git a/net/reaver/patches/0002-Use-the-current-directory-for-storing-and-loading-se.patch b/net/reaver/patches/0002-Use-the-current-directory-for-storing-and-loading-se.patch deleted file mode 100644 index dd1bb4271..000000000 --- a/net/reaver/patches/0002-Use-the-current-directory-for-storing-and-loading-se.patch +++ /dev/null @@ -1,53 +0,0 @@ -From cd444949f3176790101b8bdc9656831a03d8c01d Mon Sep 17 00:00:00 2001 -From: Paul Fertser -Date: Tue, 10 Jul 2012 11:13:29 +0400 -Subject: [PATCH 2/3] Use the current directory for storing and loading - sessions - -This allows the user to always explicitely choose (by changing the -current directory before launching the program) where the session -files should go. Useful e.g. to avoid hogging the precious space on -embedded devices, just cd /tmp before starting the app. - -Signed-off-by: Paul Fertser ---- - src/session.c | 16 +++------------- - 1 files changed, 3 insertions(+), 13 deletions(-) - -diff --git a/src/session.c b/src/session.c -index d3af0c3..308f213 100644 ---- a/src/session.c -+++ b/src/session.c -@@ -62,7 +62,7 @@ int restore_session() - memset(file, 0, FILENAME_MAX); - - bssid = mac2str(get_bssid(), '\0'); -- snprintf(file, FILENAME_MAX, "%s/%s.%s", CONF_DIR, bssid, CONF_EXT); -+ snprintf(file, FILENAME_MAX, "%s.%s", bssid, CONF_EXT); - free(bssid); - } - -@@ -199,18 +199,8 @@ int save_session() - } - else - { -- /* -- * If the configuration directory exists, save the session file there; else, save it to the -- * current working directory. -- */ -- if(configuration_directory_exists()) -- { -- snprintf((char *) &file_name, FILENAME_MAX, "%s/%s.%s", CONF_DIR, bssid, CONF_EXT); -- } -- else -- { -- snprintf((char *) &file_name, FILENAME_MAX, "%s.%s", bssid, CONF_EXT); -- } -+ /* save session to the current directory */ -+ snprintf((char *) &file_name, FILENAME_MAX, "%s.%s", bssid, CONF_EXT); - } - - /* Don't bother saving anything if nothing has been done */ --- -1.7.7 - diff --git a/net/reaver/patches/0003-wash-wpsmon-use-less-useless-spaces-in-output-to-fit.patch b/net/reaver/patches/0003-wash-wpsmon-use-less-useless-spaces-in-output-to-fit.patch deleted file mode 100644 index 64b290b5e..000000000 --- a/net/reaver/patches/0003-wash-wpsmon-use-less-useless-spaces-in-output-to-fit.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 638bb8d70d6c7e5dc99975e0bf57d8ce0455e2cc Mon Sep 17 00:00:00 2001 -From: Paul Fertser -Date: Tue, 10 Jul 2012 11:25:00 +0400 -Subject: [PATCH 3/3] wash/wpsmon: use less useless spaces in output to fit - narrow terminals - -Signed-off-by: Paul Fertser ---- - src/wpsmon.c | 6 +++--- - 1 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/wpsmon.c b/src/wpsmon.c -index 22a394f..e0948b3 100644 ---- a/src/wpsmon.c -+++ b/src/wpsmon.c -@@ -262,8 +262,8 @@ void monitor(char *bssid, int passive, int source, int channel, int mode) - - if(!header_printed) - { -- cprintf(INFO, "BSSID Channel RSSI WPS Version WPS Locked ESSID\n"); -- cprintf(INFO, "---------------------------------------------------------------------------------------------------------------\n"); -+ cprintf(INFO, "BSSID Channel RSSI WPS Version WPS Locked ESSID\n"); -+ cprintf(INFO, "--------------------------------------------------------------------------------------\n"); - header_printed = 1; - } - -@@ -360,7 +360,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char * - break; - } - -- cprintf(INFO, "%17s %2d %.2d %d.%d %s %s\n", bssid, channel, rssi, (wps->version >> 4), (wps->version & 0x0F), lock_display, ssid); -+ cprintf(INFO, "%17s %2d %.2d %d.%d %s %s\n", bssid, channel, rssi, (wps->version >> 4), (wps->version & 0x0F), lock_display, ssid); - } - - if(probe_sent) --- -1.7.7 - diff --git a/net/reaver/patches/0004-Fixed-probe-request-bug-in-wash.patch b/net/reaver/patches/0004-Fixed-probe-request-bug-in-wash.patch deleted file mode 100644 index 9b51d06a1..000000000 --- a/net/reaver/patches/0004-Fixed-probe-request-bug-in-wash.patch +++ /dev/null @@ -1,46 +0,0 @@ -From a8edcc1ce2a55e0e02ee13c46c6a5f22dd7920e9 Mon Sep 17 00:00:00 2001 -From: "cheffner@tacnetsol.com" - -Date: Tue, 27 Mar 2012 16:25:10 +0000 -Subject: [PATCH] Fixed probe request bug in wash. - -git-svn-id: http://reaver-wps.googlecode.com/svn/trunk@113 027a3e96-2d37-f1c0-85d6-5ce5a08386c2 ---- - src/wpsmon.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/src/wpsmon.c b/src/wpsmon.c -index da688b9..d976924 100644 ---- a/src/wpsmon.c -+++ b/src/wpsmon.c -@@ -132,6 +132,11 @@ int main(int argc, char *argv[]) - usage(argv[0]); - goto end; - } -+ else if(get_iface()) -+ { -+ /* Get the MAC address of the specified interface */ -+ read_iface_mac(); -+ } - - if(get_iface() && source == PCAP_FILE) - { -@@ -300,6 +305,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char * - - set_ssid(NULL); - bssid = (char *) mac2str(frame_header->addr3, ':'); -+ set_bssid((unsigned char *) frame_header->addr3); - - if(bssid) - { -@@ -383,6 +389,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char * - - end: - if(wps) free(wps); -+ set_bssid((unsigned char *) NULL_MAC); - - return; - } --- -2.6.4 - diff --git a/net/reaver/patches/0100-Include-sys-types.h-for-definition-of-u_char.patch b/net/reaver/patches/0100-Include-sys-types.h-for-definition-of-u_char.patch deleted file mode 100644 index 541968aec..000000000 --- a/net/reaver/patches/0100-Include-sys-types.h-for-definition-of-u_char.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 811f5c0b0a226edfbf5aa2f316e083f30ec3cd8d Mon Sep 17 00:00:00 2001 -From: Yousong Zhou -Date: Tue, 18 Aug 2015 14:34:26 +0800 -Subject: [PATCH] Include for definition of u_char. - -Fixes build with musl-libc. - -Signed-off-by: Yousong Zhou ---- - src/libwps/libwps.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libwps/libwps.h b/src/libwps/libwps.h -index b04dd8b..bdd7b9a 100755 ---- a/src/libwps/libwps.h -+++ b/src/libwps/libwps.h -@@ -17,6 +17,7 @@ - #include - #include - #include -+#include - - #define LIBWPS_MAX_STR_LEN 256 - --- -1.7.10.4 - diff --git a/net/reaver/patches/0101-pcap-use-65536-as-snaplen.patch b/net/reaver/patches/0101-pcap-use-65536-as-snaplen.patch deleted file mode 100644 index 03f43182f..000000000 --- a/net/reaver/patches/0101-pcap-use-65536-as-snaplen.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/init.c.orig 2016-12-08 13:23:17.386891467 +0800 -+++ b/src/init.c 2016-12-08 13:23:20.850892551 +0800 -@@ -121,7 +121,7 @@ pcap_t *capture_init(char *capture_sourc - pcap_t *handle = NULL; - char errbuf[PCAP_ERRBUF_SIZE] = { 0 }; - -- handle = pcap_open_live(capture_source, BUFSIZ, 1, 0, errbuf); -+ handle = pcap_open_live(capture_source, 65536, 1, 0, errbuf); - if(!handle) - { - handle = pcap_open_offline(capture_source, errbuf); diff --git a/net/reaver/patches/0102-wps-cflags.patch b/net/reaver/patches/0102-wps-cflags.patch deleted file mode 100644 index 9a980255e..000000000 --- a/net/reaver/patches/0102-wps-cflags.patch +++ /dev/null @@ -1,45 +0,0 @@ -Index: reaver-1.4/src/wps/Makefile -=================================================================== ---- reaver-1.4.orig/src/wps/Makefile -+++ reaver-1.4/src/wps/Makefile -@@ -4,31 +4,31 @@ INC=-I../utils -I ../ - all: wps_attr_build.o wps_attr_parse.o wps_attr_process.o wps.o wps_common.o wps_dev_attr.o wps_enrollee.o wps_registrar.o wps_ufd.o - - wps_attr_build.o: -- $(CC) $(INC) wps_attr_build.c -c -+ $(CC) $(CFLAGS) $(INC) wps_attr_build.c -c - - wps_attr_parse.o: -- $(CC) $(INC) wps_attr_parse.c -c -+ $(CC) $(CFLAGS) $(INC) wps_attr_parse.c -c - - wps_attr_process.o: -- $(CC) $(INC) wps_attr_process.c -c -+ $(CC) $(CFLAGS) $(INC) wps_attr_process.c -c - - wps.o: -- $(CC) $(INC) wps.c -c -+ $(CC) $(CFLAGS) $(INC) wps.c -c - - wps_common.o: -- $(CC) $(INC) wps_common.c -c -+ $(CC) $(CFLAGS) $(INC) wps_common.c -c - - wps_dev_attr.o: -- $(CC) $(INC) wps_dev_attr.c -c -+ $(CC) $(CFLAGS) $(INC) wps_dev_attr.c -c - - wps_enrollee.o: -- $(CC) $(INC) wps_enrollee.c -c -+ $(CC) $(CFLAGS) $(INC) wps_enrollee.c -c - - wps_registrar.o: -- $(CC) $(INC) wps_registrar.c -c -+ $(CC) $(CFLAGS) $(INC) wps_registrar.c -c - - wps_ufd.o: -- $(CC) $(INC) wps_ufd.c -c -+ $(CC) $(CFLAGS) $(INC) wps_ufd.c -c - - clean: - rm -f *.o