diff --git a/src/eap_common/Makefile b/src/eap_common/Makefile index adfd3dfd5..f00b438c6 100644 --- a/src/eap_common/Makefile +++ b/src/eap_common/Makefile @@ -1,8 +1,31 @@ -all: - @echo Nothing to be made. +all: libeap_common.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeap_common.a install: @echo Nothing to be made. + +include ../lib.rules + +LIB_OBJS= \ + chap.o \ + eap_common.o \ + eap_eke_common.o \ + eap_eke_common.o \ + eap_fast_common.o \ + eap_gpsk_common.o \ + eap_ikev2_common.o \ + eap_pax_common.o \ + eap_peap_common.o \ + eap_psk_common.o \ + eap_pwd_common.o \ + eap_sake_common.o \ + eap_sim_common.o \ + eap_wsc_common.o \ + ikev2_common.o + +libeap_common.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/eap_peer/Makefile b/src/eap_peer/Makefile index f79519b71..6531ccd5d 100644 --- a/src/eap_peer/Makefile +++ b/src/eap_peer/Makefile @@ -1,11 +1,23 @@ -all: - @echo Nothing to be made. +all: libeap_peer.a clean: - rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov libeap_peer.a install: if ls *.so >/dev/null 2>&1; then \ install -d $(DESTDIR)$(LIBDIR)/wpa_supplicant && \ cp *.so $(DESTDIR)$(LIBDIR)/wpa_supplicant \ ; fi + +include ../lib.rules + +CFLAGS += -DIEEE8021X_EAPOL + +LIB_OBJS= \ + eap.o \ + eap_methods.o + +libeap_peer.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/eapol_supp/Makefile b/src/eapol_supp/Makefile index adfd3dfd5..80db9d486 100644 --- a/src/eapol_supp/Makefile +++ b/src/eapol_supp/Makefile @@ -1,8 +1,18 @@ -all: - @echo Nothing to be made. +all: libeapol_supp.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeapol_supp.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DIEEE8021X_EAPOL + +LIB_OBJS = eapol_supp_sm.o + +libeapol_supp.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/l2_packet/Makefile b/src/l2_packet/Makefile index adfd3dfd5..47925b790 100644 --- a/src/l2_packet/Makefile +++ b/src/l2_packet/Makefile @@ -1,8 +1,16 @@ -all: - @echo Nothing to be made. +all: libl2_packet.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libl2_packet.a install: @echo Nothing to be made. + +include ../lib.rules + +LIB_OBJS = l2_packet_linux.o + +libl2_packet.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/rsn_supp/Makefile b/src/rsn_supp/Makefile index adfd3dfd5..d5e61fe72 100644 --- a/src/rsn_supp/Makefile +++ b/src/rsn_supp/Makefile @@ -1,8 +1,30 @@ -all: - @echo Nothing to be made. +all: librsn_supp.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov librsn_supp.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DCONFIG_IEEE80211W +CFLAGS += -DCONFIG_IEEE80211R +CFLAGS += -DCONFIG_PEERKEY +CFLAGS += -DCONFIG_TDLS +CFLAGS += -DCONFIG_WNM +CFLAGS += -DIEEE8021X_EAPOL + +LIB_OBJS= \ + pmksa_cache.o \ + wpa_ft.o \ + peerkey.o \ + tdls.o \ + preauth.o \ + wpa.o \ + wpa_ie.o + +librsn_supp.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/tests/eapol-fuzzer/Makefile b/tests/eapol-fuzzer/Makefile new file mode 100644 index 000000000..f5a9a5709 --- /dev/null +++ b/tests/eapol-fuzzer/Makefile @@ -0,0 +1,67 @@ +all: eapol-fuzzer + +ifndef CC +CC=gcc +endif + +ifndef LDO +LDO=$(CC) +endif + +ifndef CFLAGS +CFLAGS = -MMD -O2 -Wall -g +endif + +SRC=../../src + +CFLAGS += -I$(SRC) +CFLAGS += -DIEEE8021X_EAPOL + +$(SRC)/utils/libutils.a: + $(MAKE) -C $(SRC)/utils + +$(SRC)/common/libcommon.a: + $(MAKE) -C $(SRC)/common + +$(SRC)/crypto/libcrypto.a: + $(MAKE) -C $(SRC)/crypto + +$(SRC)/tls/libtls.a: + $(MAKE) -C $(SRC)/tls + +$(SRC)/rsn_supp/librsn_supp.a: + $(MAKE) -C $(SRC)/rsn_supp + +$(SRC)/eapol_supp/libeapol_supp.a: + $(MAKE) -C $(SRC)/eapol_supp + +$(SRC)/eap_peer/libeap_peer.a: + $(MAKE) -C $(SRC)/eap_peer + +$(SRC)/eap_common/libeap_common.a: + $(MAKE) -C $(SRC)/eap_common + +$(SRC)/l2_packet/libl2_packet.a: + $(MAKE) -C $(SRC)/l2_packet + +LIBS += $(SRC)/common/libcommon.a +LIBS += $(SRC)/crypto/libcrypto.a +LIBS += $(SRC)/tls/libtls.a +LIBS += $(SRC)/rsn_supp/librsn_supp.a +LIBS += $(SRC)/eapol_supp/libeapol_supp.a +LIBS += $(SRC)/eap_peer/libeap_peer.a +LIBS += $(SRC)/eap_common/libeap_common.a +LIBS += $(SRC)/l2_packet/libl2_packet.a +LIBS += $(SRC)/utils/libutils.a + +ELIBS += $(SRC)/crypto/libcrypto.a +ELIBS += $(SRC)/tls/libtls.a + +eapol-fuzzer: eapol-fuzzer.o $(LIBS) + $(LDO) $(LDFLAGS) -o $@ $^ $(LIBS) $(ELIBS) + +clean: + $(MAKE) -C $(SRC) clean + rm -f eapol-fuzzer *~ *.o *.d + +-include $(OBJS:%.o=%.d) diff --git a/tests/eapol-fuzzer/eap-req-identity.dat b/tests/eapol-fuzzer/eap-req-identity.dat new file mode 100644 index 000000000..768b27754 Binary files /dev/null and b/tests/eapol-fuzzer/eap-req-identity.dat differ diff --git a/tests/eapol-fuzzer/eap-req-sim.dat b/tests/eapol-fuzzer/eap-req-sim.dat new file mode 100644 index 000000000..eb854aae0 Binary files /dev/null and b/tests/eapol-fuzzer/eap-req-sim.dat differ diff --git a/tests/eapol-fuzzer/eapol-fuzzer.c b/tests/eapol-fuzzer/eapol-fuzzer.c new file mode 100644 index 000000000..7429ee344 --- /dev/null +++ b/tests/eapol-fuzzer/eapol-fuzzer.c @@ -0,0 +1,211 @@ +/* + * wpa_supplicant - EAPOL fuzzer + * Copyright (c) 2015, Jouni Malinen + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "utils/eloop.h" +#include "eapol_supp/eapol_supp_sm.h" +#include "rsn_supp/wpa.h" + + +struct arg_ctx { + const char *fname; + struct wpa_sm *wpa; + struct eapol_sm *eapol; +}; + + +static void test_send_eapol(void *eloop_data, void *user_ctx) +{ + struct arg_ctx *ctx = eloop_data; + char *data; + size_t len; + u8 src[ETH_ALEN] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x01 }; + u8 wpa_ie[200]; + size_t wpa_ie_len; + + wpa_printf(MSG_INFO, "eapol-fuzzer: Send '%s'", ctx->fname); + + data = os_readfile(ctx->fname, &len); + if (!data) { + wpa_printf(MSG_ERROR, "Could not read '%s'", ctx->fname); + goto out; + } + + wpa_hexdump(MSG_MSGDUMP, "fuzzer - EAPOL", data, len); + + eapol_sm_notify_portEnabled(ctx->eapol, TRUE); + + wpa_sm_set_param(ctx->wpa, WPA_PARAM_PROTO, WPA_PROTO_RSN); + wpa_sm_set_param(ctx->wpa, WPA_PARAM_RSN_ENABLED, 1); + wpa_sm_set_param(ctx->wpa, WPA_PARAM_KEY_MGMT, WPA_KEY_MGMT_PSK); + wpa_sm_set_param(ctx->wpa, WPA_PARAM_PAIRWISE, WPA_CIPHER_CCMP); + wpa_sm_set_param(ctx->wpa, WPA_PARAM_GROUP, WPA_CIPHER_CCMP); + + wpa_ie_len = sizeof(wpa_ie); + wpa_sm_set_assoc_wpa_ie_default(ctx->wpa, wpa_ie, &wpa_ie_len); + + if (eapol_sm_rx_eapol(ctx->eapol, src, (u8 *) data, len) <= 0) + wpa_sm_rx_eapol(ctx->wpa, src, (u8 *) data, len); + +out: + os_free(data); + eloop_terminate(); +} + + +static void * get_network_ctx(void *arg) +{ + return (void *) 1; +} + + +static void set_state(void *arg, enum wpa_states state) +{ +} + + +static void deauthenticate(void *arg, int reason_code) +{ +} + + +static u8 * alloc_eapol(void *arg, u8 type, + const void *data, u16 data_len, + size_t *msg_len, void **data_pos) +{ + struct ieee802_1x_hdr *hdr; + + *msg_len = sizeof(*hdr) + data_len; + hdr = os_malloc(*msg_len); + if (hdr == NULL) + return NULL; + + hdr->version = 2; + hdr->type = type; + hdr->length = host_to_be16(data_len); + + if (data) + os_memcpy(hdr + 1, data, data_len); + else + os_memset(hdr + 1, 0, data_len); + + if (data_pos) + *data_pos = hdr + 1; + + return (u8 *) hdr; +} + + +static int ether_send(void *arg, const u8 *dest, u16 proto, + const u8 *buf, size_t len) +{ + return 0; +} + + +static int get_bssid(void *ctx, u8 *bssid) +{ + return -1; +} + + +static int eapol_send(void *ctx, int type, const u8 *buf, size_t len) +{ + return 0; +} + + +static int init_wpa(struct arg_ctx *arg) +{ + struct wpa_sm_ctx *ctx; + + ctx = os_zalloc(sizeof(*ctx)); + if (ctx == NULL) { + wpa_printf(MSG_ERROR, "Failed to allocate WPA context."); + return -1; + } + + ctx->ctx = arg; + ctx->msg_ctx = arg; + ctx->get_network_ctx = get_network_ctx; + ctx->set_state = set_state; + ctx->deauthenticate = deauthenticate; + ctx->alloc_eapol = alloc_eapol; + ctx->ether_send = ether_send; + ctx->get_bssid = get_bssid; + + arg->wpa = wpa_sm_init(ctx); + return arg->wpa ? 0 : -1; +} + + +static int init_eapol(struct arg_ctx *arg) +{ + struct eapol_ctx *ctx; + + ctx = os_zalloc(sizeof(*ctx)); + if (ctx == NULL) { + wpa_printf(MSG_ERROR, "Failed to allocate EAPOL context."); + return -1; + } + + ctx->ctx = arg; + ctx->msg_ctx = arg; + ctx->eapol_send = eapol_send; + + arg->eapol = eapol_sm_init(ctx); + return arg->eapol ? 0 : -1; +} + + +int main(int argc, char *argv[]) +{ + struct arg_ctx ctx; + int ret = -1; + + if (argc < 2) { + printf("usage: %s \n", argv[0]); + return -1; + } + + if (os_program_init()) + return -1; + + wpa_debug_level = 0; + wpa_debug_show_keys = 1; + + if (eloop_init()) { + wpa_printf(MSG_ERROR, "Failed to initialize event loop"); + return -1; + } + + os_memset(&ctx, 0, sizeof(ctx)); + ctx.fname = argv[1]; + if (init_wpa(&ctx) || init_eapol(&ctx)) + goto fail; + + eloop_register_timeout(0, 0, test_send_eapol, &ctx, NULL); + + wpa_printf(MSG_DEBUG, "Starting eloop"); + eloop_run(); + wpa_printf(MSG_DEBUG, "eloop done"); + + ret = 0; +fail: + if (ctx.wpa) + wpa_sm_deinit(ctx.wpa); + if (ctx.eapol) + eapol_sm_deinit(ctx.eapol); + + eloop_destroy(); + os_program_deinit(); + + return ret; +} diff --git a/tests/eapol-fuzzer/eapol-key-m1.dat b/tests/eapol-fuzzer/eapol-key-m1.dat new file mode 100644 index 000000000..937721c50 Binary files /dev/null and b/tests/eapol-fuzzer/eapol-key-m1.dat differ