4 * Copyright (C) 2010, Broadcom Corporation
7 * This is UNPUBLISHED PROPRIETARY SOURCE CODE of Broadcom Corporation;
8 * the contents of this file may not be disclosed to third parties, copied
9 * or duplicated in any form, in whole or in part, without the prior
10 * written permission of Broadcom Corporation.
12 * $Id: nas.h 248179 2011-03-23 06:13:44Z simonk $
21 #include <sys/types.h>
22 #include <sys/socket.h>
23 #include <netinet/in.h>
27 #include <proto/ethernet.h>
28 #include <proto/802.11.h>
29 #include <proto/eapol.h>
30 #include <proto/wpa.h>
35 #include <wlif_utils.h>
43 #define dbg(nas, fmt, args...) (\
48 printf("%s: %s: " fmt "\n", __FUNCTION__, tmp->interface , ## args); \
52 printf("%s: " fmt "\n", __FUNCTION__ , ## args); \
56 #define dump(nas, mem, size) (\
61 prhex("", mem, size); \
66 #define dbg(nas, fmt, args...)
67 #define dump(nas, mem, size)
69 #define err(nas, fmt, args...) (\
73 printf("%s: %s: " fmt "\n", __FUNCTION__, tmp->interface , ## args); \
76 printf("%s: " fmt "\n", __FUNCTION__ , ## args); \
81 /* Maximum number of supplicants */
82 #define MAX_SUPPLICANTS 64
85 typedef struct binstring {
101 /* 802.1x Port Access Entity */
103 pae_state_t state; /* PAE state */
104 int id; /* EAP current request ID */
106 binstring_t username; /* RADIUS User Name */
107 binstring_t state; /* RADIUS State */
108 radius_header_t *request; /* Last request */
110 struct pae *next; /* Linked list */
112 uint32 ssnto; /* session timeout */
115 #define PAE_FLAG_EAP_SUCCESS 0x00000001
116 #define PAE_FLAG_RADIUS_ACCESS_REJECT 0x00000002
118 #define MAX_NAS_ID_LEN 32
125 WPA = WPA_AUTH_UNSPECIFIED,
126 WPA_PSK = WPA_AUTH_PSK,
128 WPA2 = WPA2_AUTH_UNSPECIFIED,
129 WPA2_PSK = WPA2_AUTH_PSK,
134 /* RADIUS Network Access Server (NAS) */
136 char interface[IFNAMSIZ+1]; /* LAN interface name */
137 char ssid[DOT11_MAX_SSID_LEN+1]; /* SSID */
138 nas_mode_t mode; /* 0:Radius, 1:WPA, 2:WPA-PSK */
139 uint32 wsec; /* crypto algorithm config, same as wl driver */
140 struct ether_addr ea; /* LAN Ethernet address */
141 wpa_t *wpa; /* WPA struct (NULL if wpa not in use) */
142 int wan; /* RADIUS interface handle */
143 struct sockaddr_in client; /* RADIUS interface IP address */
144 struct sockaddr_in server; /* RADIUS server IP address */
145 binstring_t key; /* PSK shared secret */
146 unsigned int type; /* RADIUS NAS Port Type */
147 nas_sta_t sta[MAX_SUPPLICANTS]; /* STAs */
148 nas_sta_t *sta_hashed[MAX_SUPPLICANTS]; /* STA cache */
149 bcm_timer_module_id timer; /* timer module ID */
150 /* MIC error stuff needs to be per-interface */
151 uint32 MIC_failures; /* how many detected */
152 bool MIC_countermeasures; /* flags lock-out period */
153 time_t prev_MIC_error; /* seconds since last one */
154 /* various flags see below */
156 /* wds remote address */
157 uint8 remote[ETHER_ADDR_LEN];
158 /* application data */
165 /* session timeout - global */
167 bcm_timer_id watchdog_td;
168 /* RADIUS shared secret */
171 uint32 disable_preauth; /* Internal Flags to disable the WPA2 preauth */
173 uint32 auth_blockout_time; /* seconds to block out client after auth. fail */
174 char nas_id[MAX_NAS_ID_LEN+1]; /* nas mac address */
177 #define NAS_FLAG_SUPPLICANT WLIFU_WSEC_SUPPL /* nas is supplicant, exclusive */
178 #define NAS_FLAG_AUTHENTICATOR WLIFU_WSEC_AUTH /* nas is authenticator, exclusive */
179 #define NAS_FLAG_WDS WLIFU_WSEC_WDS /* nas in WDS mode */
180 #define NAS_FLAG_GTK_PLUMBED 0x40000000 /* GTK has been plumbed */
181 #define NAS_FLAG_IGTK_PLUMBED 0x80000000 /* GTK has been plumbed */
184 /* Supplicant cache */
185 #define pae_hash(ea) \
186 ((((unsigned char *) ea)[3] ^ ((unsigned char *) ea)[4] ^ ((unsigned char *) ea)[5]) & \
187 (MAX_SUPPLICANTS - 1))
190 /* Always clear the descriptor when deleting a timer! */
191 #define TIMER_DELETE(td) {(void) bcm_timer_delete(td); td = 0;}
193 /* Driver specific */
194 extern int nas_authorize(nas_t *nas, struct ether_addr *ea);
195 extern int nas_deauthorize(nas_t *nas, struct ether_addr *ea);
196 extern int nas_deauthenticate(nas_t *nas, struct ether_addr *ea, int reason);
197 extern int nas_disassoc(nas_t *nas);
198 extern int nas_set_key(nas_t *nas, struct ether_addr *ea, unsigned char *key, int len, int index,
199 int tx_flag, uint32 hi, uint16 lo);
200 extern int nas_set_mode(nas_t *nas, int mode);
201 extern int nas_get_group_rsc(nas_t *nas, uint8 *buf, int index);
202 extern void nas_wl_init(nas_t *nas);
203 extern int nas_wl_tkip_countermeasures(nas_t *nas, int enable);
204 extern void nas_wl_cleanup(nas_t *nas);
205 extern int nas_set_ssid(nas_t *nas, char *ssid);
206 extern int nas_join_bss(nas_t *nas, char *ssid);
207 extern int nas_get_wpacap(nas_t *nas, uint8 *cap);
208 extern int nas_get_wpa_ie(nas_t *nas, char *ret_buf, int ret_buf_len, uint32 sta_mode);
210 extern int nas_set_eventmsgs(nas_t *nas, uchar *msgs, int size);
211 extern int nas_get_eventmsgs(nas_t *nas, uchar *msgs, int size);
213 extern void nas_rand128(uint8 *rand128);
214 extern int nas_eapol_send_packet(nas_t *nas, struct iovec *frags, int nfrags);
216 /* Main dispatch functions */
217 extern void eapol_dispatch(nas_t *nas, eapol_header_t *eapol);
219 extern void eapol_sup_dispatch(nas_t *nas, eapol_header_t *eapol);
223 extern int nas_preauth_send_packet(nas_t *nas, struct iovec *frags, int nfrags);
224 extern void preauth_dispatch(nas_t *nas, eapol_header_t *eapol);
227 extern void driver_message_dispatch(nas_t *nas, bcm_event_t *dpkt);
228 extern void driver_message_sup_dispatch(nas_t *nas, bcm_event_t *dpkt);
229 extern void cleanup_sta(nas_t *nas, nas_sta_t *sta, int reason, int driver_signal);
231 typedef enum { SEARCH_ONLY, SEARCH_ENTER } sta_lookup_mode_t;
233 extern nas_sta_t *lookup_sta(nas_t *nas, struct ether_addr *sta,
234 sta_lookup_mode_t mode);
236 extern void nas_start(nas_t *nas);
237 extern void nas_sleep_ms(uint ms);
239 extern void send_identity_req(nas_t *nas, nas_sta_t *sta);
241 extern void nas_reset_board(void);
242 extern int nas_handle_error(nas_t *nas, int error);
244 extern void pae_state(nas_t *nas, nas_sta_t *sta, int state);
245 extern void eapol_key(nas_t *nas, nas_sta_t *sta,
246 unsigned char *send_key, int send_key_len,
247 unsigned char *recv_key, int recv_key_len,
248 unsigned char *key, int key_len, int index, int unicast);
249 extern void fix_wpa(nas_t *nas, nas_sta_t *sta, char *key, int len);
251 /* bcmcrypto/hmac.c */
252 extern void hmac_md5(unsigned char* text, int text_len, unsigned char *key,
253 int key_len, unsigned char*digest);
254 extern void hmac_sha1(unsigned char *text, int text_len, unsigned char *key,
255 int key_len, unsigned char *digest);
257 #define MIC_RATE_LIMIT 60 /* seconds */
259 #define STA_DEAUTH_DELAY 1 /* delay in second before call wl ioctl deauth */
260 #define STA_REAUTH_MAX 2 /* reAuthMax */
261 #define STA_TXPERIOD_MAX 30 /* max txPeriod in second */
262 #define STA_AUTHWHILE_MAX 60 /* max authWhile in second */
263 #define STA_QUIETWHILE_MAX 60 /* max quietWhile in second */
267 #define CHECK_NAS(mode) ((mode) & (WPA | WPA_PSK | WPA2 | WPA2_PSK))
268 #define CHECK_PSK(mode) ((mode) & (WPA_PSK | WPA2_PSK))
269 #define CHECK_WPA(mode) ((mode) & (WPA | WPA2))
270 #define CHECK_RADIUS(mode) ((mode) & (WPA | RADIUS | WPA2))
271 #define CHECK_AUTH(mode) ((mode) & (RADIUS | WPA | WPA_PSK | WPA2 | WPA2_PSK))
273 #define CHECK_NAS(mode) ((mode) & (WPA | WPA_PSK))
274 #define CHECK_PSK(mode) ((mode) & WPA_PSK)
275 #define CHECK_RADIUS(mode) ((mode) & (WPA | RADIUS))
276 #define CHECK_WPA(mode) ((mode) & WPA)
277 #define CHECK_AUTH(mode) ((mode) & (RADIUS | WPA | WPA_PSK))