| blob | c25cd89e30423a6933018e2bb346319ec0c3338b |
1 /*
2 * NAS definitions
3 *
4 * Copyright (C) 2010, Broadcom Corporation
5 * All Rights Reserved.
6 *
7 * This is UNPUBLISHED PROPRIETARY SOURCE CODE of Broadcom Corporation;
8 * the contents of this file may not be disclosed to third parties, copied
9 * or duplicated in any form, in whole or in part, without the prior
10 * written permission of Broadcom Corporation.
11 *
12 * $Id: nas.h 248179 2011-03-23 06:13:44Z simonk $
13 */
15 #ifndef _nas_h_
16 #define _nas_h_
18 #include <stdio.h>
19 #include <string.h>
21 #include <sys/types.h>
22 #include <sys/socket.h>
23 #include <netinet/in.h>
24 #include <net/if.h>
26 #include <typedefs.h>
27 #include <proto/ethernet.h>
28 #include <proto/802.11.h>
29 #include <proto/eapol.h>
30 #include <proto/wpa.h>
31 #include <bcmtimer.h>
32 #include <wlioctl.h>
33 #include <bcmwpa.h>
34 #include <shutils.h>
35 #include <wlif_utils.h>
37 #include <radius.h>
41 /* Debug macros */
42 #ifdef BCMDBG
43 #define dbg(nas, fmt, args...) (\
44 { \
45 if (nas) { \
46 nas_t *tmp = nas; \
47 if (tmp->debug) {\
48 printf("%s: %s: " fmt "\n", __FUNCTION__, tmp->interface , ## args); \
49 } \
50 } \
51 else {\
52 printf("%s: " fmt "\n", __FUNCTION__ , ## args); \
53 }\
54 } \
55 )
56 #define dump(nas, mem, size) (\
57 { \
58 if (nas) { \
59 nas_t *tmp = nas; \
60 if (tmp->debug) \
61 prhex("", mem, size); \
62 } \
63 } \
64 )
65 #else
66 #define dbg(nas, fmt, args...)
67 #define dump(nas, mem, size)
68 #endif /* BCMDBG */
69 #define err(nas, fmt, args...) (\
70 { \
71 if (nas) { \
72 nas_t *tmp = nas; \
73 printf("%s: %s: " fmt "\n", __FUNCTION__, tmp->interface , ## args); \
74 } \
75 else { \
76 printf("%s: " fmt "\n", __FUNCTION__ , ## args); \
77 } \
78 } \
79 )
81 /* Maximum number of supplicants */
82 #define MAX_SUPPLICANTS 64
85 typedef struct binstring {
86 unsigned int length;
87 unsigned char *data;
88 } binstring_t;
90 /* PAE states */
91 typedef enum {
92 INITIALIZE,
93 DISCONNECTED,
94 CONNECTING,
95 AUTHENTICATING,
96 ABORTING,
97 HELD,
98 AUTHENTICATED
99 } pae_state_t;
101 /* 802.1x Port Access Entity */
102 typedef struct pae {
103 pae_state_t state; /* PAE state */
104 int id; /* EAP current request ID */
105 struct {
106 binstring_t username; /* RADIUS User Name */
107 binstring_t state; /* RADIUS State */
108 radius_header_t *request; /* Last request */
109 } radius;
110 struct pae *next; /* Linked list */
111 uint32 flags;
112 uint32 ssnto; /* session timeout */
113 } pae_t;
115 #define PAE_FLAG_EAP_SUCCESS 0x00000001
116 #define PAE_FLAG_RADIUS_ACCESS_REJECT 0x00000002
118 #define MAX_NAS_ID_LEN 32
120 #include "wpa.h"
122 /* Modes */
123 typedef enum
124 {
125 WPA = WPA_AUTH_UNSPECIFIED,
126 WPA_PSK = WPA_AUTH_PSK,
127 #ifdef BCMWPA2
128 WPA2 = WPA2_AUTH_UNSPECIFIED,
129 WPA2_PSK = WPA2_AUTH_PSK,
130 #endif
131 RADIUS = 0x20
132 } nas_mode_t;
134 /* RADIUS Network Access Server (NAS) */
135 typedef struct nas {
136 char interface[IFNAMSIZ+1]; /* LAN interface name */
137 char ssid[DOT11_MAX_SSID_LEN+1]; /* SSID */
138 nas_mode_t mode; /* 0:Radius, 1:WPA, 2:WPA-PSK */
139 uint32 wsec; /* crypto algorithm config, same as wl driver */
140 struct ether_addr ea; /* LAN Ethernet address */
141 wpa_t *wpa; /* WPA struct (NULL if wpa not in use) */
142 int wan; /* RADIUS interface handle */
143 struct sockaddr_in client; /* RADIUS interface IP address */
144 struct sockaddr_in server; /* RADIUS server IP address */
145 binstring_t key; /* PSK shared secret */
146 unsigned int type; /* RADIUS NAS Port Type */
147 nas_sta_t sta[MAX_SUPPLICANTS]; /* STAs */
148 nas_sta_t *sta_hashed[MAX_SUPPLICANTS]; /* STA cache */
149 bcm_timer_module_id timer; /* timer module ID */
150 /* MIC error stuff needs to be per-interface */
151 uint32 MIC_failures; /* how many detected */
152 bool MIC_countermeasures; /* flags lock-out period */
153 time_t prev_MIC_error; /* seconds since last one */
154 /* various flags see below */
155 uint32 flags;
156 /* wds remote address */
157 uint8 remote[ETHER_ADDR_LEN];
158 /* application data */
159 void *appl;
160 #ifdef BCMDBG
161 /* debug flag */
162 bool debug;
163 #endif
165 /* session timeout - global */
166 uint32 ssn_to;
167 bcm_timer_id watchdog_td;
168 /* RADIUS shared secret */
169 binstring_t secret;
170 #ifdef BCMWPA2
171 uint32 disable_preauth; /* Internal Flags to disable the WPA2 preauth */
172 #endif
173 uint32 auth_blockout_time; /* seconds to block out client after auth. fail */
174 char nas_id[MAX_NAS_ID_LEN+1]; /* nas mac address */
175 } nas_t;
177 #define NAS_FLAG_SUPPLICANT WLIFU_WSEC_SUPPL /* nas is supplicant, exclusive */
178 #define NAS_FLAG_AUTHENTICATOR WLIFU_WSEC_AUTH /* nas is authenticator, exclusive */
179 #define NAS_FLAG_WDS WLIFU_WSEC_WDS /* nas in WDS mode */
180 #define NAS_FLAG_GTK_PLUMBED 0x40000000 /* GTK has been plumbed */
181 #define NAS_FLAG_IGTK_PLUMBED 0x80000000 /* GTK has been plumbed */
184 /* Supplicant cache */
185 #define pae_hash(ea) \
186 ((((unsigned char *) ea)[3] ^ ((unsigned char *) ea)[4] ^ ((unsigned char *) ea)[5]) & \
187 (MAX_SUPPLICANTS - 1))
190 /* Always clear the descriptor when deleting a timer! */
191 #define TIMER_DELETE(td) {(void) bcm_timer_delete(td); td = 0;}
193 /* Driver specific */
194 extern int nas_authorize(nas_t *nas, struct ether_addr *ea);
195 extern int nas_deauthorize(nas_t *nas, struct ether_addr *ea);
196 extern int nas_deauthenticate(nas_t *nas, struct ether_addr *ea, int reason);
197 extern int nas_disassoc(nas_t *nas);
198 extern int nas_set_key(nas_t *nas, struct ether_addr *ea, unsigned char *key, int len, int index,
199 int tx_flag, uint32 hi, uint16 lo);
200 extern int nas_set_mode(nas_t *nas, int mode);
201 extern int nas_get_group_rsc(nas_t *nas, uint8 *buf, int index);
202 extern void nas_wl_init(nas_t *nas);
203 extern int nas_wl_tkip_countermeasures(nas_t *nas, int enable);
204 extern void nas_wl_cleanup(nas_t *nas);
205 extern int nas_set_ssid(nas_t *nas, char *ssid);
206 extern int nas_join_bss(nas_t *nas, char *ssid);
207 extern int nas_get_wpacap(nas_t *nas, uint8 *cap);
208 extern int nas_get_wpa_ie(nas_t *nas, char *ret_buf, int ret_buf_len, uint32 sta_mode);
210 extern int nas_set_eventmsgs(nas_t *nas, uchar *msgs, int size);
211 extern int nas_get_eventmsgs(nas_t *nas, uchar *msgs, int size);
212 /* OS specific */
213 extern void nas_rand128(uint8 *rand128);
214 extern int nas_eapol_send_packet(nas_t *nas, struct iovec *frags, int nfrags);
216 /* Main dispatch functions */
217 extern void eapol_dispatch(nas_t *nas, eapol_header_t *eapol);
218 #ifdef BCMSUPPL
219 extern void eapol_sup_dispatch(nas_t *nas, eapol_header_t *eapol);
220 #endif
222 #ifdef BCMWPA2
223 extern int nas_preauth_send_packet(nas_t *nas, struct iovec *frags, int nfrags);
224 extern void preauth_dispatch(nas_t *nas, eapol_header_t *eapol);
225 #endif /* BCMWPA2 */
227 extern void driver_message_dispatch(nas_t *nas, bcm_event_t *dpkt);
228 extern void driver_message_sup_dispatch(nas_t *nas, bcm_event_t *dpkt);
229 extern void cleanup_sta(nas_t *nas, nas_sta_t *sta, int reason, int driver_signal);
231 typedef enum { SEARCH_ONLY, SEARCH_ENTER } sta_lookup_mode_t;
233 extern nas_sta_t *lookup_sta(nas_t *nas, struct ether_addr *sta,
234 sta_lookup_mode_t mode);
236 extern void nas_start(nas_t *nas);
237 extern void nas_sleep_ms(uint ms);
239 extern void send_identity_req(nas_t *nas, nas_sta_t *sta);
241 extern void nas_reset_board(void);
242 extern int nas_handle_error(nas_t *nas, int error);
244 extern void pae_state(nas_t *nas, nas_sta_t *sta, int state);
245 extern void eapol_key(nas_t *nas, nas_sta_t *sta,
246 unsigned char *send_key, int send_key_len,
247 unsigned char *recv_key, int recv_key_len,
248 unsigned char *key, int key_len, int index, int unicast);
249 extern void fix_wpa(nas_t *nas, nas_sta_t *sta, char *key, int len);
251 /* bcmcrypto/hmac.c */
252 extern void hmac_md5(unsigned char* text, int text_len, unsigned char *key,
253 int key_len, unsigned char*digest);
254 extern void hmac_sha1(unsigned char *text, int text_len, unsigned char *key,
255 int key_len, unsigned char *digest);
257 #define MIC_RATE_LIMIT 60 /* seconds */
259 #define STA_DEAUTH_DELAY 1 /* delay in second before call wl ioctl deauth */
260 #define STA_REAUTH_MAX 2 /* reAuthMax */
261 #define STA_TXPERIOD_MAX 30 /* max txPeriod in second */
262 #define STA_AUTHWHILE_MAX 60 /* max authWhile in second */
263 #define STA_QUIETWHILE_MAX 60 /* max quietWhile in second */
266 #ifdef BCMWPA2
267 #define CHECK_NAS(mode) ((mode) & (WPA | WPA_PSK | WPA2 | WPA2_PSK))
268 #define CHECK_PSK(mode) ((mode) & (WPA_PSK | WPA2_PSK))
269 #define CHECK_WPA(mode) ((mode) & (WPA | WPA2))
270 #define CHECK_RADIUS(mode) ((mode) & (WPA | RADIUS | WPA2))
271 #define CHECK_AUTH(mode) ((mode) & (RADIUS | WPA | WPA_PSK | WPA2 | WPA2_PSK))
272 #else
273 #define CHECK_NAS(mode) ((mode) & (WPA | WPA_PSK))
274 #define CHECK_PSK(mode) ((mode) & WPA_PSK)
275 #define CHECK_RADIUS(mode) ((mode) & (WPA | RADIUS))
276 #define CHECK_WPA(mode) ((mode) & WPA)
277 #define CHECK_AUTH(mode) ((mode) & (RADIUS | WPA | WPA_PSK))
278 #endif /* BCMWPA2 */
280 #endif /* _nas_h_ */