2 * ap_search.c from Access Point SNMP Utils for Linux
4 * Copyright (c) 2002 Roman Festchook <roma at polesye dot net>
5 * Copyright (c) 2003 Jan Rafaj <aputils at cedric dot vabo dot cz>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License Version 2 from
9 * June 1991 as published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, write to the Free Software Foundation, Inc.,
18 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 #include <sys/types.h>
27 #include <sys/ioctl.h>
30 #include <sys/sockio.h>
34 #include <sys/socket.h>
37 #include <sys/socket.h>
44 #if defined (__GLIBC__)
48 #define SEARCH_COMMUNITY _("Community name: ")
49 #define SEARCH_HEADER _(" NUM IP ADDRESS MIB TYPE NAME")
50 #define MAX_APS LAST_ROW-7
52 extern int atmel410_filter;
53 extern char *community;
62 void scan_local_segment (struct sockaddr_in *from, struct sockaddr_in *to,
65 extern WINDOW *main_sub;
66 extern char *ap_types[];
67 unsigned char message[1024], *start;
68 extern int atmel410_filter; /* to check is this function called from ap-gl utility */
71 char Wireless[3][12] = {
72 {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01, 0x01, 0x01, 0x01, 0x00},
73 {0x2B, 0x06, 0x01, 0x02, 0x01, 0x01, 0x01, 0x00},
74 {0x2B, 0x06, 0x01, 0x04, 0x01, 0xE0, 0x3E, 0x01, 0x01, 0x01, 0x01, 0x00}
78 * operAccessPointName OIDs used to detect AP MIB type [in order
79 * of appearance in the 'for' loop below: ATMEL410, NWN, ATMEL12350]
81 /* char operAccessPointName[3][12] = {
82 {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01, 0x02, 0x01, 0x0A, 0x00},
83 {0x2B, 0x06, 0x01, 0x02, 0x01, 0x01, 0x05, 0x00},
84 {0x2B, 0x06, 0x01, 0x04, 0x01, 0xE0, 0x3E, 0x01, 0x02, 0x01, 0x0A, 0x00}
87 int scd_ap_type, last_searched_type=ATMEL12350;
88 int c, s2, errno, len, client_len = SIZE;
89 struct in_addr to_addr_reserv;
93 struct ip_mreq mult = { {0}, {INADDR_ANY} };
96 struct timeval timeout, starttime, curtime;
100 print_help(_("Please wait while scanning, or press 'Q' to quit."));
102 if ((s2 = socket(PF_INET, SOCK_DGRAM, 0)) == -1) {
103 print_helperr(CREATE_SOCKET_ERROR);
108 if (bind(s2, (struct sockaddr *) from, SIZE) == -1) {
109 print_helperr(BIND_SOCKET_ERROR);
114 if (setsockopt (s2, SOL_SOCKET, SO_BROADCAST, &opts,
115 sizeof(struct sopts)) == -1) {
116 print_helperr(_("Can't set broadcast option on socket. "
122 inet_aton("224.0.1.43", &mult.imr_multiaddr);
123 if (setsockopt(s2, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mult,
124 sizeof(struct ip_mreq)) == -1) {
125 print_helperr(_("Can't set multicast membership on socket. "
131 mvwaddstr(main_sub, LAST_ROW - 5, 1,
132 _("Scanning via network interface:"));
133 sprintf(message, _(" Index: %i"), f_ifctr);
134 mvwaddstr(main_sub, LAST_ROW - 4, 1, message);
135 sprintf(message, _(" Name: %s"), ifname);
136 mvwaddstr(main_sub, LAST_ROW - 3, 1, message);
137 sprintf(message, _(" IP: %s"), inet_ntoa(from->sin_addr));
138 mvwaddstr(main_sub, LAST_ROW - 2, 1, message);
140 if(atmel410_filter) {
141 last_searched_type=ATMEL410;
144 for (scd_ap_type = ATMEL410; scd_ap_type <= last_searched_type; scd_ap_type++) {
145 clear_main_new(LAST_ROW - 1, LAST_ROW);
146 sprintf(message, _("Scanning for AP with MIB type: %s"),
147 ap_types[scd_ap_type]);
148 mvwaddstr(main_sub, LAST_ROW - 1, 1, message);
151 /* varbinds[0].oid = operAccessPointName[scd_ap_type];*/
152 varbinds[0].oid = Wireless[scd_ap_type];
153 varbinds[0].len_oid = (scd_ap_type == NWN ?
154 /* 8 : sizeof(operAccessPointName[scd_ap_type]));*/
155 8 : sizeof(Wireless[scd_ap_type]));
156 varbinds[0].len_val = 0;
157 varbinds[0].type = NULL_VALUE;
158 len = ber(message, varbinds, 1, GET);
160 if (scd_ap_type == NWN) {
161 to_addr_reserv = to->sin_addr;
162 to->sin_addr = mult.imr_multiaddr;
166 if (sendto(s2, message, len, 0, (struct sockaddr *) to, SIZE) == -1) {
167 sprintf(message, _("Failure in sendto(): %s. Press any key."),
169 print_helperr(message);
176 gettimeofday(&starttime, &tz);
185 * Compute time difference. Note that for portability reasons,
186 * we may not rely on select() below setting up timeout to
187 * remaining time upon its return, although this works on Linux.
189 gettimeofday(&curtime, &tz);
190 c = (curtime.tv_sec * 1000000 + curtime.tv_usec) -
191 (starttime.tv_sec * 1000000 + starttime.tv_usec);
192 if (c < (2 * 1000000 + 0)) {
193 c = (2 * 1000000 + 0) - c;
194 timeout.tv_sec = c / 1000000;
195 timeout.tv_usec = c - timeout.tv_sec * 1000000;
197 /* Return if nothing has been received after timeout secs. */
200 c = select(s2 + 1, &rds, NULL, NULL, &timeout);
210 /* Key pressed. If it is 'Q', return. */
211 if (FD_ISSET(0, &rds)) {
213 if (c == 'q' || c == 'Q') {
219 /* If data are available for reading on s2, try to read them now. */
220 if (FD_ISSET(s2, &rds))
221 if ((len = recvfrom(s2, message, 512, 0,
222 (struct sockaddr *) from, &client_len)) == -1)
226 if (*start != ASN_HEADER)
229 start += (start[1] & 0x80) ? (start[1] & 0x7F) + 2 : 2;
230 start += *(start + 4) + 5;
232 if (*start != RESPONSE)
235 start += (start[1] & 0x80) ? (start[1] & 0x7F) + 2 : 2;
237 if (*(start + 5) || *(start + 9) != ASN_HEADER)
240 start += (start[10] & 0x80) ? (start[10] & 0x7F) + 11 : 11;
242 if (*(start) != ASN_HEADER)
245 start += (start[1] & 0x80) ? (start[1] & 0x7F) + 2 : 2;
246 start += *(start + 1) + 2;
248 if (start[1] & 0x80) {
249 varbinds[0].len_val = start[2];
250 start += (start[1] & 0x7F) + 2;
252 varbinds[0].len_val = start[1];
257 * Dupe check. There are 2 reasons why to do this:
258 * 1. If interface-based IP aliases are used (f.e. on Linux),
259 * it may well happen that their broadcast addresses may
260 * inadvertedly overlap each other, so the same AP IPs would
261 * answer twice (for a specific interface and its alias
263 * 2. ATMEL410 devices are capable to answer both queries with
264 * 410 as well as 12350 IDs, while ATMEL12350 device only
265 * answers queries with 12350 ID. Hence, we need to check
266 * for duplicate responses from ATMEL410 devices, when
267 * ATMEL410 check has already performed and ATMEL12350 one
269 * Note, that ATMEL410 devices may, under certain circumstances,
270 * fail to pass the ATMEL410 check, and can be accidentally
271 * marked as an ATMEL12350 device. This is a known bug and
272 * should be eventually solved in any of upcomming releases (TODO).
275 int dupcnt = 0, j = i - 1;
278 if (from->sin_addr.s_addr == fapsa[j].ip.s_addr)
286 /* new AP (unique IP/APtype pair) found */
288 fapsa = realloc(fapsa, (i + 1) * sizeof(struct faps));
290 fapsa[i].ip = from->sin_addr;
291 fapsa[i].type = scd_ap_type;
293 for (len = 0; len < varbinds[0].len_val && start[len]; len++);
294 start[len + 1] = '\0';
296 /* Truncate (limited screen size) and screen-width independent! */
297 start[COLS-53-atmel410_filter] = '>';
298 start[COLS-52-atmel410_filter] = '\0';
300 sprintf(message, " %3i %-15s %-10s %s", i,
301 inet_ntoa(fapsa[i].ip), ap_types[fapsa[i].type], start);
304 mvwaddstr(main_sub, i, 0, message);
307 /* Bail out if the number of found devices exceeds sane limit. */
312 if (scd_ap_type == NWN)
313 to->sin_addr = to_addr_reserv;
324 extern WINDOW *main_sub;
326 unsigned int ilen = 256;
327 struct sockaddr_in from, to;
330 char *ifbuf_ptr = NULL, *ifrec_ptr;
334 print_help(_("Please enter SNMP community name that will be used for AP "
336 mvwaddstr(main_sub, 0, 2, SEARCH_COMMUNITY);
338 get_pass(buf, 0, 2 + strlen(SEARCH_COMMUNITY), sizeof(buf));
339 old_community = community;
340 community = malloc(strlen(buf) + 1);
341 strncpy(community, buf, strlen(buf) + 1);
345 print_top(NULL, _("Access Points Search"));
346 mvwaddstr(main_sub, 0, 0, SEARCH_HEADER);
349 if ((s1 = socket(PF_INET, SOCK_DGRAM, 0)) == -1) {
350 print_helperr(CREATE_SOCKET_ERROR);
358 * Find all IPs of locally available IPv4 interfaces and corresponding
359 * broadcast and/or point-to-point addresses.
362 if (!(ifbuf_ptr = realloc(ifbuf_ptr, ilen))) {
363 print_helperr(_("realloc() error."));
367 ifc.ifc_buf = ifbuf_ptr;
369 if (ioctl(s1, SIOCGIFCONF, &ifc) >= 0)
370 /* Stupid condition thx to BSD and 2 SIOCGIFCONF implementations */
371 if (ifc.ifc_len + sizeof(struct ifreq) + 64 < ilen)
375 print_helperr(_("Network interface discovery error."));
378 ilen += 100 + (ilen >> 2);
380 ifrec_ptr = ifbuf_ptr;
381 while (ifrec_ptr < ifbuf_ptr + ifc.ifc_len) {
382 memset(&from.sin_addr, 0, sizeof(struct in_addr));
383 memset(&to.sin_addr, 0, sizeof(struct in_addr));
384 ifr = (struct ifreq *) ifrec_ptr;
386 ilen = sizeof(ifr->ifr_name) + ifr->ifr_addr.sa_len;
387 if (ilen < sizeof(*ifr))
390 if (ifr->ifr_addr.sa_family == AF_INET)
391 if (ioctl(s1, SIOCGIFFLAGS, ifrec_ptr) == 0)
392 if (ifr->ifr_flags & IFF_UP)
393 if (!(ifr->ifr_flags & IFF_LOOPBACK)) {
395 ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr;
396 if (ifr->ifr_flags & IFF_POINTOPOINT) {
397 ioctl(s1, SIOCGIFDSTADDR, ifrec_ptr);
399 ((struct sockaddr_in *)&ifr->ifr_dstaddr)->sin_addr;
401 ioctl(s1, SIOCGIFBRDADDR, ifrec_ptr);
403 ((struct sockaddr_in *)&ifr->ifr_broadaddr)->sin_addr;
409 if (ioctl(s1, SIOCGIFFLAGS, ifrec_ptr) == 0)
410 if (ifr->ifr_flags & IFF_UP)
411 if (!(ifr->ifr_flags & IFF_LOOPBACK)) {
412 if (ifr->ifr_flags & IFF_POINTOPOINT) {
413 ioctl(s1, SIOCGIFDSTADDR, ifrec_ptr);
415 ((struct sockaddr_in *)&ifr->ifr_dstaddr)->sin_addr;
417 ioctl(s1, SIOCGIFBRDADDR, ifrec_ptr);
419 ((struct sockaddr_in *)&ifr->ifr_broadaddr)->sin_addr;
421 if (ioctl(s1, SIOCGIFADDR, ifrec_ptr) == 0)
422 if (ifr->ifr_addr.sa_family == AF_INET)
424 ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr;
427 if (from.sin_addr.s_addr && to.sin_addr.s_addr) {
429 from.sin_family = to.sin_family = AF_INET;
430 from.sin_port = INADDR_ANY;
431 to.sin_port = htons(161);
432 scan_local_segment(&from, &to, ifr->ifr_name);
433 clear_main_new(LAST_ROW - 5, LAST_ROW);
436 /* No need to process next interfaces if the table is already full, */
440 /* or if someone pressed 'Q'. */
450 print_helperr(_("No local network interfaces found. Press any key."));
452 print_help(_("No directly reachable Access Points found. "
456 mvwaddstr(main_sub, LAST_ROW - 1, 1,
457 _("Single-screen maximum number of APs found."));
460 print_help(_("# - connect to AP; Q - quit"));
462 switch (ac = getch()) {
476 if (ac - '0' > (i - 1))
479 print_top(NULL, NULL);
482 connect_options(fapsa[ac - '0'].ip.s_addr,
483 fapsa[ac - '0'].type + 1);
499 community = old_community;
502 print_top(NULL, NULL);