URI: 
       tnet-wireless/reaver-wps-fork-t6x: Add 1.5.2 - parlay - yet another gentoo overlay
  HTML git clone https://git.parazyd.org/parlay
   DIR Log
   DIR Files
   DIR Refs
   DIR README
       ---
   DIR commit dd3b04669d147d130d51dcc79bc874dcdce9d0e0
   DIR parent b2e02304f7834d6b41736e2bb3ebfa5965945e12
  HTML Author: parazyd <parazyd@dyne.org>
       Date:   Mon,  9 May 2016 12:34:20 +0200
       
       net-wireless/reaver-wps-fork-t6x: Add 1.5.2
       
       Diffstat:
         A net-wireless/reaver-wps-fork-t6x/f… |     565 +++++++++++++++++++++++++++++++
         A net-wireless/reaver-wps-fork-t6x/f… |      53 ++++++++++++++++++++++++++++++
         A net-wireless/reaver-wps-fork-t6x/f… |      38 +++++++++++++++++++++++++++++++
         A net-wireless/reaver-wps-fork-t6x/f… |      31 +++++++++++++++++++++++++++++++
         A net-wireless/reaver-wps-fork-t6x/f… |      97 ++++++++++++++++++++++++++++++
         A net-wireless/reaver-wps-fork-t6x/f… |      98 +++++++++++++++++++++++++++++++
         A net-wireless/reaver-wps-fork-t6x/r… |      47 +++++++++++++++++++++++++++++++
       
       7 files changed, 929 insertions(+), 0 deletions(-)
       ---
   DIR diff --git a/net-wireless/reaver-wps-fork-t6x/files/0001-wpscrack-big-endian-fixes.patch b/net-wireless/reaver-wps-fork-t6x/files/0001-wpscrack-big-endian-fixes.patch
       t@@ -0,0 +1,565 @@
       +From 4e7af9f022996cb0a03b30f6af265b757807dfa2 Mon Sep 17 00:00:00 2001
       +From: Paul Fertser <fercerpav@gmail.com>
       +Date: Wed, 27 Jun 2012 17:44:55 +0400
       +Subject: [PATCH 1/3] wpscrack: big-endian fixes
       +
       +This should fix access to the radiotap, 802.11, LLC/SNAP and WFA
       +headers' fields. Run-time tested on an ar71xx BE system.
       +
       +Signed-off-by: Paul Fertser <fercerpav@gmail.com>
       +---
       + src/80211.c    |   65 +++++++++++++++++++------------
       + src/builder.c  |   23 +++++------
       + src/defs.h     |  116 +++++++++++++++++++++++++++++++++++++++-----------------
       + src/exchange.c |   23 ++++++-----
       + src/wpsmon.c   |   13 ++++--
       + 5 files changed, 151 insertions(+), 89 deletions(-)
       +
       +diff --git a/src/80211.c b/src/80211.c
       +index c2aff59..19f1e92 100644
       +--- a/src/80211.c
       ++++ b/src/80211.c
       +@@ -90,17 +90,19 @@ void read_ap_beacon()
       +                 if(header.len >= MIN_BEACON_SIZE)
       +                 {
       +                         rt_header = (struct radio_tap_header *) radio_header(packet, header.len);
       +-                        frame_header = (struct dot11_frame_header *) (packet + rt_header->len);
       +-
       ++                        size_t rt_header_len = __le16_to_cpu(rt_header->len);
       ++                        frame_header = (struct dot11_frame_header *) (packet + rt_header_len);
       ++                        
       +                         if(is_target(frame_header))
       +                         {
       +-                                if(frame_header->fc.type == MANAGEMENT_FRAME && frame_header->fc.sub_type == SUBTYPE_BEACON)
       ++                                if((frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) ==
       ++                                   __cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_BEACON))
       +                                 {
       +-                                               beacon = (struct beacon_management_frame *) (packet + rt_header->len + sizeof(struct dot11_frame_header));
       ++                                               beacon = (struct beacon_management_frame *) (packet + rt_header_len + sizeof(struct dot11_frame_header));
       +                                                set_ap_capability(beacon->capability);
       + 
       +                                         /* Obtain the SSID and channel number from the beacon packet */
       +-                                        tag_offset = rt_header->len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame);
       ++                                        tag_offset = rt_header_len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame);
       +                                         channel = parse_beacon_tags(packet, header.len);
       +                                         
       +                                         /* If no channel was manually specified, switch to the AP's current channel */
       +@@ -135,29 +137,31 @@ int8_t signal_strength(const u_char *packet, size_t len)
       +         {
       +                 header = (struct radio_tap_header *) packet;
       + 
       +-                if((header->flags & SSI_FLAG) == SSI_FLAG)
       ++                uint32_t flags = __le32_to_cpu(header->flags);
       ++                
       ++                if((flags & SSI_FLAG) == SSI_FLAG)
       +                 {
       +-                        if((header->flags & TSFT_FLAG) == TSFT_FLAG)
       ++                        if((flags & TSFT_FLAG) == TSFT_FLAG)
       +                         {
       +                                 offset += TSFT_SIZE;
       +                         }
       + 
       +-                        if((header->flags & FLAGS_FLAG) == FLAGS_FLAG)
       ++                        if((flags & FLAGS_FLAG) == FLAGS_FLAG)
       +                         {
       +                                 offset += FLAGS_SIZE;
       +                         }
       +         
       +-                        if((header->flags & RATE_FLAG) == RATE_FLAG)
       ++                        if((flags & RATE_FLAG) == RATE_FLAG)
       +                         {
       +                                 offset += RATE_SIZE;
       +                         }
       + 
       +-                        if((header->flags & CHANNEL_FLAG) == CHANNEL_FLAG)
       ++                        if((flags & CHANNEL_FLAG) == CHANNEL_FLAG)
       +                         {
       +                                 offset += CHANNEL_SIZE;
       +                         }
       + 
       +-                        if((header->flags & FHSS_FLAG) == FHSS_FLAG)
       ++                        if((flags & FHSS_FLAG) == FHSS_FLAG)
       +                         {
       +                                 offset += FHSS_FLAG;
       +                         }
       +@@ -196,11 +200,13 @@ int is_wps_locked()
       +                 if(header.len >= MIN_BEACON_SIZE)
       +                 {
       +                         rt_header = (struct radio_tap_header *) radio_header(packet, header.len);
       +-                        frame_header = (struct dot11_frame_header *) (packet + rt_header->len);
       ++                        size_t rt_header_len = __le16_to_cpu(rt_header->len);
       ++                        frame_header = (struct dot11_frame_header *) (packet + rt_header_len);
       + 
       +                         if(memcmp(frame_header->addr3, get_bssid(), MAC_ADDR_LEN) == 0)
       +                         {
       +-                                if(frame_header->fc.type == MANAGEMENT_FRAME && frame_header->fc.sub_type == SUBTYPE_BEACON)
       ++                                if((frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) ==
       ++                                   __cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_BEACON))
       +                                 {
       +                                         if(parse_wps_parameters(packet, header.len, &wps))
       +                                         {
       +@@ -411,24 +417,30 @@ int associate_recv_loop()
       +                 if(header.len >= MIN_AUTH_SIZE)
       +                 {
       +                         rt_header = (struct radio_tap_header *) radio_header(packet, header.len);
       +-                        dot11_frame = (struct dot11_frame_header *) (packet + rt_header->len);
       ++                        size_t rt_header_len = __le16_to_cpu(rt_header->len);
       ++                        dot11_frame = (struct dot11_frame_header *) (packet + rt_header_len);
       + 
       +                         if((memcmp(dot11_frame->addr3, get_bssid(), MAC_ADDR_LEN) == 0) &&
       +                            (memcmp(dot11_frame->addr1, get_mac(), MAC_ADDR_LEN) == 0))
       +                         {
       +-                                if(dot11_frame->fc.type == MANAGEMENT_FRAME)
       ++                                if((dot11_frame->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE)) ==
       ++                                   __cpu_to_le16(IEEE80211_FTYPE_MGMT))
       +                                 {
       +-                                        auth_frame = (struct authentication_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header->len);
       +-                                        assoc_frame = (struct association_response_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header->len);
       ++                                        auth_frame = (struct authentication_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header_len);
       ++                                        assoc_frame = (struct association_response_management_frame *) (packet + sizeof(struct dot11_frame_header) + rt_header_len);
       + 
       +                                         /* Did we get an authentication packet with a successful status? */
       +-                                        if((dot11_frame->fc.sub_type == SUBTYPE_AUTHENTICATION) && (auth_frame->status == AUTHENTICATION_SUCCESS))
       ++                                        if((dot11_frame->fc & __cpu_to_le16(IEEE80211_FCTL_STYPE)) ==
       ++                                           __cpu_to_le16(IEEE80211_STYPE_AUTH)
       ++                                           && (auth_frame->status == __cpu_to_le16(AUTHENTICATION_SUCCESS)))
       +                                                {
       +                                                        ret_val = AUTH_OK;
       +                                                        break;
       +                                                }
       +                                         /* Did we get an association packet with a successful status? */
       +-                                               else if((dot11_frame->fc.sub_type == SUBTYPE_ASSOCIATION) && (assoc_frame->status == ASSOCIATION_SUCCESS))
       ++                                               else if((dot11_frame->fc & __cpu_to_le16(IEEE80211_FCTL_STYPE)) ==
       ++                                                __cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP)
       ++                                                && (assoc_frame->status == __cpu_to_le16(ASSOCIATION_SUCCESS)))
       +                                         {
       +                                                 ret_val = ASSOCIATE_OK;
       +                                                 break;
       +@@ -455,13 +467,14 @@ enum encryption_type supported_encryption(const u_char *packet, size_t len)
       +         if(len > MIN_BEACON_SIZE)
       +         {
       +                 rt_header = (struct radio_tap_header *) radio_header(packet, len);
       +-                beacon = (struct beacon_management_frame *) (packet + rt_header->len + sizeof(struct dot11_frame_header));
       +-                offset = tag_offset = rt_header->len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame);
       ++                size_t rt_header_len = __le16_to_cpu(rt_header->len);
       ++                beacon = (struct beacon_management_frame *) (packet + rt_header_len + sizeof(struct dot11_frame_header));
       ++                offset = tag_offset = rt_header_len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame);
       +                 
       +                 tag_len = len - tag_offset;
       +                 tag_data = (const u_char *) (packet + tag_offset);
       + 
       +-                if((beacon->capability & CAPABILITY_WEP) == CAPABILITY_WEP)
       ++                if((__le16_to_cpu(beacon->capability) & CAPABILITY_WEP) == CAPABILITY_WEP)
       +                 {
       +                         enc = WEP;
       + 
       +@@ -509,7 +522,7 @@ int parse_beacon_tags(const u_char *packet, size_t len)
       +         struct radio_tap_header *rt_header = NULL;
       + 
       +         rt_header = (struct radio_tap_header *) radio_header(packet, len);
       +-        tag_offset = rt_header->len + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame);
       ++        tag_offset = __le16_to_cpu(rt_header->len) + sizeof(struct dot11_frame_header) + sizeof(struct beacon_management_frame);
       + 
       +         if(tag_offset < len)
       +         {
       +@@ -548,7 +561,7 @@ int parse_beacon_tags(const u_char *packet, size_t len)
       +                 {
       +                         if(ie_len  == 1)
       +                         {
       +-                                memcpy((int *) &channel, channel_data, ie_len);
       ++                                channel = *(uint8_t*)channel_data;
       +                         }
       +                         free(channel_data);
       +                 }
       +@@ -603,13 +616,13 @@ int check_fcs(const u_char *packet, size_t len)
       +         if(len > 4)
       +         {
       +                 /* Get the packet's reported FCS (last 4 bytes of the packet) */
       +-                memcpy((uint32_t *) &fcs, (packet + (len-4)), 4);
       ++                fcs = __le32_to_cpu(*(uint32_t*)(packet + (len-4)));
       + 
       +                 /* FCS is not calculated over the radio tap header */
       +                 if(has_rt_header())
       +                 {
       +                         rt_header = (struct radio_tap_header *) packet;
       +-                        offset += rt_header->len;
       ++                        offset += __le16_to_cpu(rt_header->len);
       +                 }
       + 
       +                 if(len > offset)
       +diff --git a/src/builder.c b/src/builder.c
       +index 37f2de7..6bf89e7 100644
       +--- a/src/builder.c
       ++++ b/src/builder.c
       +@@ -44,9 +44,8 @@ const void *build_radio_tap_header(size_t *len)
       +                 memset((void *) buf, 0, sizeof(struct radio_tap_header));
       +                 rt_header = (struct radio_tap_header *) buf;
       + 
       +-                rt_header->len = sizeof(struct radio_tap_header);
       +-        
       +-                *len = rt_header->len;
       ++                *len = sizeof(struct radio_tap_header);
       ++                rt_header->len = __cpu_to_le16(*len);
       +         }
       +         
       +         return buf;
       +@@ -67,9 +66,9 @@ const void *build_dot11_frame_header(uint16_t fc, size_t *len)
       +         
       +                 frag_seq += SEQ_MASK;
       + 
       +-                header->duration = DEFAULT_DURATION;
       +-                memcpy((void *) &header->fc, (void *) &fc, sizeof(struct frame_control));
       +-                header->frag_seq = frag_seq;
       ++                header->duration = __cpu_to_le16(DEFAULT_DURATION);
       ++                header->fc = __cpu_to_le16(fc);
       ++                header->frag_seq = __cpu_to_le16(frag_seq);
       + 
       +                 memcpy((void *) header->addr1, get_bssid(), MAC_ADDR_LEN);
       +                 memcpy((void *) header->addr2, get_mac(), MAC_ADDR_LEN);
       +@@ -91,8 +90,8 @@ const void *build_authentication_management_frame(size_t *len)
       +                 memset((void *) buf, 0, *len);
       +                 frame = (struct authentication_management_frame *) buf;
       + 
       +-                frame->algorithm = OPEN_SYSTEM;
       +-                frame->sequence = 1;
       ++                frame->algorithm = __cpu_to_le16(OPEN_SYSTEM);
       ++                frame->sequence = __cpu_to_le16(1);
       +                 frame->status = 0;
       +         }
       +         
       +@@ -111,8 +110,8 @@ const void *build_association_management_frame(size_t *len)
       +                 memset((void *) buf, 0, *len);
       +                 frame = (struct association_request_management_frame *) buf;
       + 
       +-                frame->capability = get_ap_capability();
       +-                frame->listen_interval = LISTEN_INTERVAL;
       ++                frame->capability = __cpu_to_le16(get_ap_capability());
       ++                frame->listen_interval = __cpu_to_le16(LISTEN_INTERVAL);
       +         }
       + 
       +         return buf;
       +@@ -133,7 +132,7 @@ const void *build_llc_header(size_t *len)
       +                 header->dsap = LLC_SNAP;
       +                 header->ssap = LLC_SNAP;
       +                 header->control_field = UNNUMBERED_FRAME;
       +-                header->type = DOT1X_AUTHENTICATION;
       ++                header->type = __cpu_to_be16(DOT1X_AUTHENTICATION);
       + 
       +         }
       + 
       +@@ -279,7 +278,7 @@ const void *build_wfa_header(uint8_t op_code, size_t *len)
       +                 header = (struct wfa_expanded_header *) buf;
       +         
       +                 memcpy(header->id, WFA_VENDOR_ID, sizeof(header->id));
       +-                header->type = SIMPLE_CONFIG;
       ++                header->type = __cpu_to_be32(SIMPLE_CONFIG);
       +                 header->opcode = op_code;
       +         }
       +         
       +diff --git a/src/defs.h b/src/defs.h
       +index b2f45ea..0c628e7 100644
       +--- a/src/defs.h
       ++++ b/src/defs.h
       +@@ -41,6 +41,7 @@
       + #include <string.h>
       + #include <time.h>
       + #include <pcap.h>
       ++#include <asm/byteorder.h>
       + 
       + #include "wps.h"
       + 
       +@@ -65,10 +66,10 @@
       + #define MANAGEMENT_FRAME        0x00
       + #define SUBTYPE_BEACON                0x08
       + 
       +-#define DOT1X_AUTHENTICATION        0x8E88
       ++#define DOT1X_AUTHENTICATION        0x888E
       + #define DOT1X_EAP_PACKET        0x00
       + 
       +-#define SIMPLE_CONFIG                0x01000000
       ++#define SIMPLE_CONFIG                0x00000001
       + 
       + #define P1_SIZE                        10000
       + #define P2_SIZE                        1000
       +@@ -282,66 +283,111 @@ enum wfa_elements
       +         WEP_TRANSMIT_KEY = 0x10064
       + };
       + 
       ++#define IEEE80211_FCTL_VERS                0x0003
       ++#define IEEE80211_FCTL_FTYPE                0x000c
       ++#define IEEE80211_FCTL_STYPE                0x00f0
       ++#define IEEE80211_FCTL_TODS                0x0100
       ++#define IEEE80211_FCTL_FROMDS                0x0200
       ++#define IEEE80211_FCTL_MOREFRAGS        0x0400
       ++#define IEEE80211_FCTL_RETRY                0x0800
       ++#define IEEE80211_FCTL_PM                0x1000
       ++#define IEEE80211_FCTL_MOREDATA                0x2000
       ++#define IEEE80211_FCTL_PROTECTED        0x4000
       ++#define IEEE80211_FCTL_ORDER                0x8000
       ++
       ++#define IEEE80211_SCTL_FRAG                0x000F
       ++#define IEEE80211_SCTL_SEQ                0xFFF0
       ++
       ++#define IEEE80211_FTYPE_MGMT                0x0000
       ++#define IEEE80211_FTYPE_CTL                0x0004
       ++#define IEEE80211_FTYPE_DATA                0x0008
       ++
       ++/* management */
       ++#define IEEE80211_STYPE_ASSOC_REQ        0x0000
       ++#define IEEE80211_STYPE_ASSOC_RESP        0x0010
       ++#define IEEE80211_STYPE_REASSOC_REQ        0x0020
       ++#define IEEE80211_STYPE_REASSOC_RESP        0x0030
       ++#define IEEE80211_STYPE_PROBE_REQ        0x0040
       ++#define IEEE80211_STYPE_PROBE_RESP        0x0050
       ++#define IEEE80211_STYPE_BEACON                0x0080
       ++#define IEEE80211_STYPE_ATIM                0x0090
       ++#define IEEE80211_STYPE_DISASSOC        0x00A0
       ++#define IEEE80211_STYPE_AUTH                0x00B0
       ++#define IEEE80211_STYPE_DEAUTH                0x00C0
       ++#define IEEE80211_STYPE_ACTION                0x00D0
       ++
       ++/* control */
       ++#define IEEE80211_STYPE_BACK_REQ        0x0080
       ++#define IEEE80211_STYPE_BACK                0x0090
       ++#define IEEE80211_STYPE_PSPOLL                0x00A0
       ++#define IEEE80211_STYPE_RTS                0x00B0
       ++#define IEEE80211_STYPE_CTS                0x00C0
       ++#define IEEE80211_STYPE_ACK                0x00D0
       ++#define IEEE80211_STYPE_CFEND                0x00E0
       ++#define IEEE80211_STYPE_CFENDACK        0x00F0
       ++
       ++/* data */
       ++#define IEEE80211_STYPE_DATA                        0x0000
       ++#define IEEE80211_STYPE_DATA_CFACK                0x0010
       ++#define IEEE80211_STYPE_DATA_CFPOLL                0x0020
       ++#define IEEE80211_STYPE_DATA_CFACKPOLL                0x0030
       ++#define IEEE80211_STYPE_NULLFUNC                0x0040
       ++#define IEEE80211_STYPE_CFACK                        0x0050
       ++#define IEEE80211_STYPE_CFPOLL                        0x0060
       ++#define IEEE80211_STYPE_CFACKPOLL                0x0070
       ++#define IEEE80211_STYPE_QOS_DATA                0x0080
       ++#define IEEE80211_STYPE_QOS_DATA_CFACK                0x0090
       ++#define IEEE80211_STYPE_QOS_DATA_CFPOLL                0x00A0
       ++#define IEEE80211_STYPE_QOS_DATA_CFACKPOLL        0x00B0
       ++#define IEEE80211_STYPE_QOS_NULLFUNC                0x00C0
       ++#define IEEE80211_STYPE_QOS_CFACK                0x00D0
       ++#define IEEE80211_STYPE_QOS_CFPOLL                0x00E0
       ++#define IEEE80211_STYPE_QOS_CFACKPOLL                0x00F0
       ++
       + #pragma pack(1)
       + struct radio_tap_header
       + {
       +         uint8_t revision;        
       +         uint8_t pad;
       +-        uint16_t len;
       +-        uint32_t flags;
       +-};
       +-
       +-struct frame_control
       +-{
       +-        unsigned version : 2;
       +-        unsigned type : 2;
       +-        unsigned sub_type : 4;
       +-
       +-        unsigned to_ds : 1;
       +-        unsigned from_ds : 1;
       +-        unsigned more_frag : 1;
       +-        unsigned retry : 1;
       +-        unsigned pwr_mgt : 1;
       +-        unsigned more_data : 1;
       +-        unsigned protected_frame : 1;
       +-        unsigned order : 1;
       ++        __le16 len;
       ++        __le32 flags;
       + };
       + 
       + struct dot11_frame_header
       + {
       +-        struct frame_control fc;
       +-        uint16_t duration;
       ++        __le16 fc;
       ++        __le16 duration;
       +         unsigned char addr1[MAC_ADDR_LEN];
       +         unsigned char addr2[MAC_ADDR_LEN];
       +         unsigned char addr3[MAC_ADDR_LEN];
       +-        uint16_t frag_seq;
       ++        __le16 frag_seq;
       + };
       + 
       + struct authentication_management_frame
       + {
       +-        uint16_t algorithm;
       +-        uint16_t sequence;
       +-        uint16_t status;
       ++        __le16 algorithm;
       ++        __le16 sequence;
       ++        __le16 status;
       + };
       + 
       + struct association_request_management_frame
       + {
       +-        uint16_t capability;
       +-        uint16_t listen_interval;
       ++        __le16 capability;
       ++        __le16 listen_interval;
       + };
       + 
       + struct association_response_management_frame
       + {
       +-        uint16_t capability;
       +-        uint16_t status;
       +-        uint16_t id;
       ++        __le16 capability;
       ++        __le16 status;
       ++        __le16 id;
       + };
       + 
       + struct beacon_management_frame
       + {
       +         unsigned char timestamp[TIMESTAMP_LEN];
       +-        uint16_t beacon_interval;
       +-        uint16_t capability;
       ++        __le16 beacon_interval;
       ++        __le16 capability;
       + };
       + 
       + struct llc_header
       +@@ -350,7 +396,7 @@ struct llc_header
       +         uint8_t ssap;
       +         uint8_t control_field;
       +         unsigned char org_code[3];
       +-        uint16_t type;
       ++        __be16 type;
       + };
       + 
       + struct dot1X_header
       +@@ -371,7 +417,7 @@ struct eap_header
       + struct wfa_expanded_header
       + {
       +         unsigned char id[3];
       +-        uint32_t type;
       ++        __be32 type;
       +         uint8_t opcode;
       +         uint8_t flags;
       + };
       +diff --git a/src/exchange.c b/src/exchange.c
       +index 23c87e9..4f9a82b 100644
       +--- a/src/exchange.c
       ++++ b/src/exchange.c
       +@@ -306,26 +306,27 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header)
       + 
       +         /* Cast the radio tap and 802.11 frame headers and parse out the Frame Control field */
       +         rt_header = (struct radio_tap_header *) packet;
       +-        frame_header = (struct dot11_frame_header *) (packet+rt_header->len);
       ++        size_t rt_header_len = __le16_to_cpu(rt_header->len);
       ++        frame_header = (struct dot11_frame_header *) (packet+rt_header_len);
       + 
       +         /* Does the BSSID/source address match our target BSSID? */
       +         if(memcmp(frame_header->addr3, get_bssid(), MAC_ADDR_LEN) == 0)
       +         {
       +                 /* Is this a data packet sent to our MAC address? */
       +-                if(frame_header->fc.type == DATA_FRAME && 
       +-                        frame_header->fc.sub_type == SUBTYPE_DATA && 
       +-                        (memcmp(frame_header->addr1, get_mac(), MAC_ADDR_LEN) == 0)) 
       ++                if (((frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) ==
       ++                     __cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA)) &&
       ++                    (memcmp(frame_header->addr1, get_mac(), MAC_ADDR_LEN) == 0)) 
       +                 {
       +                         llc = (struct llc_header *) (packet +
       +-                                                        rt_header->len +
       ++                                                        rt_header_len +
       +                                                         sizeof(struct dot11_frame_header)
       +                         );
       + 
       +                         /* All packets in our exchanges will be 802.1x */
       +-                        if(llc->type == DOT1X_AUTHENTICATION)
       ++                        if(llc->type == __cpu_to_be16(DOT1X_AUTHENTICATION))
       +                         {
       +                                 dot1x = (struct dot1X_header *) (packet +
       +-                                                                rt_header->len +
       ++                                                                rt_header_len +
       +                                                                 sizeof(struct dot11_frame_header) +
       +                                                                 sizeof(struct llc_header)
       +                                 );
       +@@ -334,7 +335,7 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header)
       +                                 if(dot1x->type == DOT1X_EAP_PACKET && (header->len >= EAP_PACKET_SIZE))
       +                                 {
       +                                         eap = (struct eap_header *) (packet +
       +-                                                                        rt_header->len +
       ++                                                                        rt_header_len +
       +                                                                         sizeof(struct dot11_frame_header) +
       +                                                                         sizeof(struct llc_header) +
       +                                                                         sizeof(struct dot1X_header)
       +@@ -366,7 +367,7 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header)
       +                                                 else if((eap->type == EAP_EXPANDED) && (header->len > WFA_PACKET_SIZE))
       +                                                 {
       +                                                         wfa = (struct wfa_expanded_header *) (packet +
       +-                                                                                        rt_header->len +
       ++                                                                                        rt_header_len +
       +                                                                                         sizeof(struct dot11_frame_header) +
       +                                                                                         sizeof(struct llc_header) +
       +                                                                                         sizeof(struct dot1X_header) +
       +@@ -374,14 +375,14 @@ enum wps_type process_packet(const u_char *packet, struct pcap_pkthdr *header)
       +                                                         );
       +                                                 
       +                                                         /* Verify that this is a WPS message */
       +-                                                        if(wfa->type == SIMPLE_CONFIG)
       ++                                                        if(wfa->type == __cpu_to_be32(SIMPLE_CONFIG))
       +                                                         {
       +                                                                 wps_msg_len =         (size_t) ntohs(eap->len) - 
       +                                                                                 sizeof(struct eap_header) - 
       +                                                                                 sizeof(struct wfa_expanded_header);
       + 
       +                                                                 wps_msg = (const void *) (packet +
       +-                                                                                        rt_header->len +
       ++                                                                                        rt_header_len +
       +                                                                                                sizeof(struct dot11_frame_header) +
       +                                                                                                sizeof(struct llc_header) +
       +                                                                                                sizeof(struct dot1X_header) +
       +diff --git a/src/wpsmon.c b/src/wpsmon.c
       +index d976924..22a394f 100644
       +--- a/src/wpsmon.c
       ++++ b/src/wpsmon.c
       +@@ -295,7 +295,8 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *
       +         }
       + 
       +         rt_header = (struct radio_tap_header *) radio_header(packet, header->len);
       +-        frame_header = (struct dot11_frame_header *) (packet + rt_header->len);
       ++        size_t rt_header_len = __le16_to_cpu(rt_header->len);
       ++        frame_header = (struct dot11_frame_header *) (packet + rt_header_len);
       + 
       +         /* If a specific BSSID was specified, only parse packets from that BSSID */
       +         if(!is_target(frame_header))
       +@@ -323,15 +324,17 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *
       +                                 channel_changed = 1;
       +                         }
       + 
       +-                        if(frame_header->fc.sub_type == PROBE_RESPONSE ||
       +-                                   frame_header->fc.sub_type == SUBTYPE_BEACON)
       ++                        unsigned fsub_type = frame_header->fc & __cpu_to_le16(IEEE80211_FCTL_STYPE);
       ++
       ++                        if(fsub_type == __cpu_to_le16(IEEE80211_STYPE_PROBE_RESP) ||
       ++                           fsub_type == __cpu_to_le16(IEEE80211_STYPE_BEACON))
       +                         {
       +                                 wps_parsed = parse_wps_parameters(packet, header->len, wps);
       +                         }
       +         
       +                         if(!is_done(bssid) && (get_channel() == channel || source == PCAP_FILE))
       +                         {
       +-                                if(frame_header->fc.sub_type == SUBTYPE_BEACON && 
       ++                                if(fsub_type == __cpu_to_le16(IEEE80211_STYPE_BEACON) && 
       +                                    mode == SCAN && 
       +                                    !passive && 
       +                                    should_probe(bssid))
       +@@ -369,7 +372,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *
       +                                  * If there was no WPS information, then the AP does not support WPS and we should ignore it from here on.
       +                                  * If this was a probe response, then we've gotten all WPS info we can get from this AP and should ignore it from here on.
       +                                  */
       +-                                if(!wps_parsed || frame_header->fc.sub_type == PROBE_RESPONSE)
       ++                                if(!wps_parsed || fsub_type == __cpu_to_le16(IEEE80211_STYPE_PROBE_RESP))
       +                                 {
       +                                         mark_ap_complete(bssid);
       +                                 }
       +-- 
       +1.7.7
       +
   DIR diff --git a/net-wireless/reaver-wps-fork-t6x/files/0002-Use-the-current-directory-for-storing-and-loading-se.patch b/net-wireless/reaver-wps-fork-t6x/files/0002-Use-the-current-directory-for-storing-and-loading-se.patch
       t@@ -0,0 +1,53 @@
       +From cd444949f3176790101b8bdc9656831a03d8c01d Mon Sep 17 00:00:00 2001
       +From: Paul Fertser <fercerpav@gmail.com>
       +Date: Tue, 10 Jul 2012 11:13:29 +0400
       +Subject: [PATCH 2/3] Use the current directory for storing and loading
       + sessions
       +
       +This allows the user to always explicitely choose (by changing the
       +current directory before launching the program) where the session
       +files should go. Useful e.g. to avoid hogging the precious space on
       +embedded devices, just cd /tmp before starting the app.
       +
       +Signed-off-by: Paul Fertser <fercerpav@gmail.com>
       +---
       + src/session.c |   16 +++-------------
       + 1 files changed, 3 insertions(+), 13 deletions(-)
       +
       +diff --git a/src/session.c b/src/session.c
       +index d3af0c3..308f213 100644
       +--- a/src/session.c
       ++++ b/src/session.c
       +@@ -62,7 +62,7 @@ int restore_session()
       +                 memset(file, 0, FILENAME_MAX);
       + 
       +                 bssid = mac2str(get_bssid(), '\0');
       +-                snprintf(file, FILENAME_MAX, "%s/%s.%s", CONF_DIR, bssid, CONF_EXT);
       ++                snprintf(file, FILENAME_MAX, "%s.%s", bssid, CONF_EXT);
       +                 free(bssid);
       +         }
       + 
       +@@ -199,18 +199,8 @@ int save_session()
       +                 }
       +                 else
       +                 {        
       +-                        /* 
       +-                         * If the configuration directory exists, save the session file there; else, save it to the 
       +-                         * current working directory.
       +-                         */
       +-                        if(configuration_directory_exists())
       +-                        {
       +-                                snprintf((char *) &file_name, FILENAME_MAX, "%s/%s.%s", CONF_DIR, bssid, CONF_EXT);
       +-                        }
       +-                        else
       +-                        {
       +-                                snprintf((char *) &file_name, FILENAME_MAX, "%s.%s", bssid, CONF_EXT);
       +-                        }
       ++                        /* save session to the current directory */
       ++                        snprintf((char *) &file_name, FILENAME_MAX, "%s.%s", bssid, CONF_EXT);
       +                 }
       + 
       +                 /* Don't bother saving anything if nothing has been done */
       +-- 
       +1.7.7
       +
   DIR diff --git a/net-wireless/reaver-wps-fork-t6x/files/0003-wash-wpsmon-use-less-useless-spaces-in-output-to-fit.patch b/net-wireless/reaver-wps-fork-t6x/files/0003-wash-wpsmon-use-less-useless-spaces-in-output-to-fit.patch
       t@@ -0,0 +1,38 @@
       +From 638bb8d70d6c7e5dc99975e0bf57d8ce0455e2cc Mon Sep 17 00:00:00 2001
       +From: Paul Fertser <fercerpav@gmail.com>
       +Date: Tue, 10 Jul 2012 11:25:00 +0400
       +Subject: [PATCH 3/3] wash/wpsmon: use less useless spaces in output to fit
       + narrow terminals
       +
       +Signed-off-by: Paul Fertser <fercerpav@gmail.com>
       +---
       + src/wpsmon.c |    6 +++---
       + 1 files changed, 3 insertions(+), 3 deletions(-)
       +
       +diff --git a/src/wpsmon.c b/src/wpsmon.c
       +index 22a394f..e0948b3 100644
       +--- a/src/wpsmon.c
       ++++ b/src/wpsmon.c
       +@@ -262,8 +262,8 @@ void monitor(char *bssid, int passive, int source, int channel, int mode)
       + 
       +         if(!header_printed)
       +         {
       +-                cprintf(INFO, "BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID\n");
       +-                cprintf(INFO, "---------------------------------------------------------------------------------------------------------------\n");
       ++                cprintf(INFO, "BSSID              Channel  RSSI  WPS Version  WPS Locked  ESSID\n");
       ++                cprintf(INFO, "--------------------------------------------------------------------------------------\n");
       +                 header_printed = 1;
       +         }
       + 
       +@@ -360,7 +360,7 @@ void parse_wps_settings(const u_char *packet, struct pcap_pkthdr *header, char *
       +                                                         break;
       +                                         }
       + 
       +-                                        cprintf(INFO, "%17s      %2d            %.2d        %d.%d               %s               %s\n", bssid, channel, rssi, (wps->version >> 4), (wps->version & 0x0F), lock_display, ssid);
       ++                                        cprintf(INFO, "%17s    %2d       %.2d   %d.%d          %s         %s\n", bssid, channel, rssi, (wps->version >> 4), (wps->version & 0x0F), lock_display, ssid);
       +                                 }
       + 
       +                                 if(probe_sent)
       +-- 
       +1.7.7
       +
   DIR diff --git a/net-wireless/reaver-wps-fork-t6x/files/0004-wash-probe-request.patch b/net-wireless/reaver-wps-fork-t6x/files/0004-wash-probe-request.patch
       t@@ -0,0 +1,31 @@
       +diff -urN reaver-1.4/src/wpsmon.c reaver-wps-read-only/src/wpsmon.c
       +--- reaver-1.4/src/wpsmon.c        2012-01-18 17:02:39.000000000 +0800
       ++++ reaver-wps-read-only/src/wpsmon.c        2012-10-10 06:45:52.271329168 +0800
       +@@ -132,6 +132,11 @@
       +                 usage(argv[0]);
       +                 goto end;
       +         }
       ++        else if(get_iface())
       ++        {
       ++                /* Get the MAC address of the specified interface */
       ++                read_iface_mac();
       ++        }
       + 
       +         if(get_iface() && source == PCAP_FILE)
       +         {
       +@@ -300,6 +305,7 @@
       + 
       +         set_ssid(NULL);
       +         bssid = (char *) mac2str(frame_header->addr3, ':');
       ++        set_bssid((unsigned char *) frame_header->addr3);
       + 
       +         if(bssid)
       +         {
       +@@ -383,6 +389,7 @@
       + 
       + end:
       +         if(wps) free(wps);
       ++        set_bssid((unsigned char *) NULL_MAC);
       + 
       +         return;
       + }
   DIR diff --git a/net-wireless/reaver-wps-fork-t6x/files/0005-soreau-show-status-r2.patch b/net-wireless/reaver-wps-fork-t6x/files/0005-soreau-show-status-r2.patch
       t@@ -0,0 +1,97 @@
       +Index: cracker.c
       +===================================================================
       +--- cracker.c        (revision 113)
       ++++ cracker.c        (working copy)
       +@@ -285,18 +285,65 @@
       +         }
       + }
       + 
       ++char *get_max_time_remaining(int average, int attempts_remaining)
       ++{
       ++        char *max_time, hours[8], minutes[3], seconds[3];
       ++        int max_hours = 0, max_minutes = 0, max_seconds = 0;
       ++
       ++        max_time = malloc(16);
       ++
       ++        if(!max_time)
       ++                exit(-1);
       ++
       ++        if(average)
       ++        {
       ++                max_seconds = attempts_remaining * average;
       ++                if(max_seconds > 60)
       ++                {
       ++                        max_minutes = max_seconds / 60;
       ++                        max_seconds -= max_minutes * 60;
       ++                }
       ++                if(max_minutes > 60)
       ++                {
       ++                        max_hours = max_minutes / 60;
       ++                        max_minutes -= max_hours * 60;
       ++                }
       ++
       ++                if(max_seconds < 0 || max_minutes < 0 || max_hours < 0)
       ++                {
       ++                        free(max_time);
       ++                        return NULL;
       ++                }
       ++
       ++                sprintf(hours, "%d", max_hours);
       ++                sprintf(minutes, "%s%d", max_minutes > 9 ? "" : "0", max_minutes);
       ++                sprintf(seconds, "%s%d", max_seconds > 9 ? "" : "0", max_seconds);
       ++
       ++                sprintf(max_time, "%s:%s:%s", hours, minutes, seconds);
       ++        }
       ++        else
       ++        {
       ++                free(max_time);
       ++                return NULL;
       ++        }
       ++
       ++        return max_time;
       ++}
       ++
       + /* Displays the status and rate of cracking */
       + void display_status(float pin_count, time_t start_time)
       + {
       +         float percentage = 0;
       +         int attempts = 0, average = 0;
       ++        int attempts_remaining = 0;
       +         time_t now = 0, diff = 0;
       +         struct tm *tm_p = NULL;
       +-        char time_s[256] = { 0 };
       ++        char time_s[256] = { 0 }, *max_time;
       + 
       +         if(get_key_status() == KEY1_WIP)
       +         {
       +                 attempts = get_p1_index() + get_p2_index();
       ++                attempts_remaining = 11000 - attempts;
       +         }
       +         /* 
       +          * If we've found the first half of the key, then the entire key1 keyspace
       +@@ -305,10 +352,12 @@
       +         else if(get_key_status() == KEY2_WIP)
       +         {
       +                 attempts = P1_SIZE + get_p2_index();
       ++                attempts_remaining = 11000 - attempts;
       +         }
       +         else if(get_key_status() == KEY_DONE)
       +         {
       +                 attempts = P1_SIZE + P2_SIZE;
       ++                attempts_remaining = 0;
       +         }
       + 
       +         percentage = (float) (((float) attempts / (P1_SIZE + P2_SIZE)) * 100);
       +@@ -335,7 +384,12 @@
       +                 average = 0;
       +         }
       + 
       ++        max_time = get_max_time_remaining(average, attempts_remaining);
       ++
       +         cprintf(INFO, "[+] %.2f%% complete @ %s (%d seconds/pin)\n", percentage, time_s, average);
       ++        cprintf(INFO, "[+] Max time remaining at this rate: %s (%d pins left to try)\n", max_time ? max_time : "(undetermined)", attempts_remaining);
       + 
       ++        free(max_time);
       ++
       +         return;
       + }
   DIR diff --git a/net-wireless/reaver-wps-fork-t6x/files/0005-soreau-show-status.patch b/net-wireless/reaver-wps-fork-t6x/files/0005-soreau-show-status.patch
       t@@ -0,0 +1,97 @@
       +Index: cracker.c
       +===================================================================
       +--- cracker.c        (revision 113)
       ++++ cracker.c        (working copy)
       +@@ -285,18 +285,65 @@
       +         }
       + }
       + 
       ++char *get_max_time_remaining(int average, int attempts_remaining)
       ++{
       ++        char *max_time, hours[12], minutes[2], seconds[2];
       ++        int max_hours = 0, max_minutes = 0, max_seconds = 0;
       ++
       ++        max_time = malloc(16);
       ++
       ++        if(!max_time)
       ++                exit(-1);
       ++
       ++        if(average)
       ++        {
       ++                max_seconds = attempts_remaining * average;
       ++                if(max_seconds > 60)
       ++                {
       ++                        max_minutes = max_seconds / 60;
       ++                        max_seconds -= max_minutes * 60;
       ++                }
       ++                if(max_minutes > 60)
       ++                {
       ++                        max_hours = max_minutes / 60;
       ++                        max_minutes -= max_hours * 60;
       ++                }
       ++
       ++                if(max_seconds < 0 || max_minutes < 0 || max_hours < 0)
       ++                {
       ++                        free(max_time);
       ++                        return NULL;
       ++                }
       ++
       ++                sprintf(hours, "%d", max_hours);
       ++                sprintf(minutes, "%s%d", max_minutes > 9 ? "" : "0", max_minutes);
       ++                sprintf(seconds, "%s%d", max_seconds > 9 ? "" : "0", max_seconds);
       ++
       ++                sprintf(max_time, "%s:%s:%s", hours, minutes, seconds);
       ++        }
       ++        else
       ++        {
       ++                free(max_time);
       ++                return NULL;
       ++        }
       ++
       ++        return max_time;
       ++}
       ++
       + /* Displays the status and rate of cracking */
       + void display_status(float pin_count, time_t start_time)
       + {
       +         float percentage = 0;
       +         int attempts = 0, average = 0;
       ++        int attempts_remaining = 0;
       +         time_t now = 0, diff = 0;
       +         struct tm *tm_p = NULL;
       +-        char time_s[256] = { 0 };
       ++        char time_s[256] = { 0 }, *max_time;
       + 
       +         if(get_key_status() == KEY1_WIP)
       +         {
       +                 attempts = get_p1_index() + get_p2_index();
       ++                attempts_remaining = 11000 - attempts;
       +         }
       +         /* 
       +          * If we've found the first half of the key, then the entire key1 keyspace
       +@@ -305,10 +352,12 @@
       +         else if(get_key_status() == KEY2_WIP)
       +         {
       +                 attempts = P1_SIZE + get_p2_index();
       ++                attempts_remaining = 11000 - attempts;
       +         }
       +         else if(get_key_status() == KEY_DONE)
       +         {
       +                 attempts = P1_SIZE + P2_SIZE;
       ++                attempts_remaining = 0;
       +         }
       + 
       +         percentage = (float) (((float) attempts / (P1_SIZE + P2_SIZE)) * 100);
       +@@ -335,7 +384,12 @@
       +                 average = 0;
       +         }
       + 
       ++        max_time = get_max_time_remaining(average, attempts_remaining);
       ++
       +         cprintf(INFO, "[+] %.2f%% complete @ %s (%d seconds/pin)\n", percentage, time_s, average);
       ++        cprintf(INFO, "[+] Max time remaining at this rate: %s (%d pins left to try)\n", max_time ? max_time : "(undetermined)", attempts_remaining);
       + 
       ++        free(max_time);
       ++
       +         return;
       + }
       +\ No newline at end of file
   DIR diff --git a/net-wireless/reaver-wps-fork-t6x/reaver-wps-fork-t6x-1.5.2_p20160220.ebuild b/net-wireless/reaver-wps-fork-t6x/reaver-wps-fork-t6x-1.5.2_p20160220.ebuild
       t@@ -0,0 +1,47 @@
       +# Copyright 1999-2016 Gentoo Foundation
       +# Distributed under the terms of the GNU General Public License v2
       +# $Id$
       +
       +EAPI=5
       +
       +AUTOTOOLS_IN_SOURCE_BUILD="1"
       +inherit autotools-utils eutils git-r3
       +
       +DESCRIPTION="Utilise Pixie Dust Attack to find the correct WPS PIN."
       +HOMEPAGE="https://github.com/t6x/reaver-wps-fork-t6x"
       +EGIT_REPO_URI="https://github.com/t6x/reaver-wps-fork-t6x.git"
       +EGIT_COMMIT="6e60ee25e86ec798de2e23971b029d555e9dc398"
       +
       +ECONF_SOURCE="${S}/src"
       +
       +LICENSE="GPL-2"
       +SLOT="0"
       +KEYWORDS="~amd64 ~x86"
       +IUSE=""
       +
       +DEPEND="!net-wireless/reaver
       +        net-libs/libpcap
       +                dev-db/sqlite:3"
       +RDEPEND="${DEPEND}"
       +
       +#S="${WORKDIR}/${P}/src"
       +
       +ECONF_SOURCE="${S}/src"
       +
       +#these patches need to be verified and pushed upstream
       +#src_prepare() {
       +#        epatch "${FILESDIR}" /000[1-4]*.patch
       +        #http://code.google.com/p/reaver-wps/issues/detail?id=420
       +#        epatch "${FILESDIR}" /0005-soreau-show-status-r2.patch
       +#}
       +
       +src_install() {
       +        cd src
       +        dobin wash reaver
       +
       +        insinto "/etc/reaver"
       +        doins reaver.db
       +
       +        doman ../docs/reaver.1.gz
       +        dodoc ../docs/README ../docs/README.REAVER ../docs/README.WASH
       +}