void dot1x_set_IdleTimeoutAction(
rtapd *rtapd,
struct sta_info *sta,
u32 idle_timeout)
{
DOT1X_IDLE_TIMEOUT dot1x_idle_time;
memset(&dot1x_idle_time, 0, sizeof(DOT1X_IDLE_TIMEOUT));
memcpy(dot1x_idle_time.StaAddr, sta->addr, MAC_ADDR_LEN);
dot1x_idle_time.idle_timeout =
((idle_timeout < DEFAULT_IDLE_INTERVAL) ? DEFAULT_IDLE_INTERVAL : idle_timeout);
if (RT_ioctl(rtapd->ioctl_sock,
RT_PRIV_IOCTL,
(char *)&dot1x_idle_time,
sizeof(DOT1X_IDLE_TIMEOUT),
rtapd->prefix_wlan_name, sta->ApIdx,
RT_OID_802_DOT1X_IDLE_TIMEOUT))
{
DBGPRINT(RT_DEBUG_ERROR,"Failed to RT_OID_802_DOT1X_IDLE_TIMEOUT\n");
return;
}
}
BOOLEAN Query_config_from_driver(int ioctl_sock, char *prefix_name, struct rtapd_config *conf, int *errors, int *flag)
{
char *buf;
int len;
int i, idx, m_num;
int radius_count = 0, radius_port_count = 0, radius_key_count = 0;
int num_eap_if = 0, num_preauth_if = 0;
PDOT1X_CMM_CONF pDot1xCmmConf;
*flag = 0;
*errors = 0;
len = sizeof(DOT1X_CMM_CONF);
buf = (char *) malloc(len + 1);
if (buf == NULL)
{
DBGPRINT(RT_DEBUG_ERROR, "malloc() failed for Query_config_from_driver(len=%d)\n", len);
return FALSE;
}
else
{
DBGPRINT(RT_DEBUG_TRACE, "alloc memory(%d) for Query_config_from_driver. \n", len);
memset(buf, 0, len);
}
if((RT_ioctl(ioctl_sock, RT_PRIV_IOCTL, buf, len, prefix_name, 0, OID_802_DOT1X_CONFIGURATION)) != 0)
{
DBGPRINT(RT_DEBUG_ERROR,"ioctl failed for Query_config_from_driver(len=%d, ifname=%s0)\n", len, prefix_name);
free(buf);
return FALSE;
}
pDot1xCmmConf = (PDOT1X_CMM_CONF)buf;
// BssidNum
conf->SsidNum = pDot1xCmmConf->mbss_num;
if(conf->SsidNum > MAX_MBSSID_NUM)
conf->SsidNum = 1;
DBGPRINT(RT_DEBUG_TRACE, "MBSS number: %d\n", conf->SsidNum);
#if MULTIPLE_RADIUS
m_num = conf->SsidNum;
#else
m_num = 1;
#endif
// own_ip_addr
conf->own_ip_addr.s_addr = pDot1xCmmConf->own_ip_addr;
if (conf->own_ip_addr.s_addr != 0)
{
(*flag) |= 0x01;
DBGPRINT(RT_DEBUG_TRACE, "own ip address: '%s'(%x)\n", inet_ntoa(conf->own_ip_addr), conf->own_ip_addr.s_addr);
}
else
{
(*errors)++;
DBGPRINT(RT_DEBUG_ERROR, "Invalid own ip address \n");
}
for (i = 0; i < m_num; i++)
{
for (idx = 0; idx < pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_num; idx++)
{
#if MULTIPLE_RADIUS
// RADIUS_Server ip address
if (!Config_read_radius_addr(
&conf->mbss_auth_servers[i],
&conf->mbss_num_auth_servers[i],
pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_ip,
1812,
&conf->mbss_auth_server[i]))
{
radius_count++;
DBGPRINT(RT_DEBUG_TRACE, "(no.%d) Radius ip address: '%s'(%x) for %s%d\n", conf->mbss_num_auth_servers[i],
inet_ntoa(conf->mbss_auth_server[i]->addr),
conf->mbss_auth_server[i]->addr.s_addr, prefix_name, i);
}
// RADIUS_Port and RADIUS_Key
if (conf->mbss_auth_server[i] && conf->mbss_auth_server[i]->addr.s_addr != 0)
{
if (pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_port > 0)
{
radius_port_count++;
conf->mbss_auth_server[i]->port = pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_port;
DBGPRINT(RT_DEBUG_TRACE, "(no.%d) Radius port: '%d' for %s%d\n", conf->mbss_num_auth_servers[i], conf->mbss_auth_server[i]->port, prefix_name, i);
}
else
DBGPRINT(RT_DEBUG_ERROR, "(no.%d) Radius port is invalid for %s%d\n", conf->mbss_num_auth_servers[i], prefix_name, i);
if (pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_key_len > 0)
{
radius_key_count++;
conf->mbss_auth_server[i]->shared_secret = (u8 *)strdup((const char *)pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_key);
conf->mbss_auth_server[i]->shared_secret_len = pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_key_len;
DBGPRINT(RT_DEBUG_TRACE,"(no.%d) Radius key: '%s', key_len: %d for %s%d \n",
conf->mbss_num_auth_servers[i], conf->mbss_auth_server[i]->shared_secret, conf->mbss_auth_server[i]->shared_secret_len, prefix_name, i);
}
else
DBGPRINT(RT_DEBUG_ERROR, "(no.%d) Radius key is invalid for %s%d\n", conf->mbss_num_auth_servers[i], prefix_name, i);
}
#else
// RADIUS_Server ip address
if (!Config_read_radius_addr(
&conf->auth_servers,
&conf->num_auth_servers,
pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_ip,
1812,
&conf->auth_server))
{
radius_count++;
}
DBGPRINT(RT_DEBUG_TRACE, "(no.%d) Radius ip address: '%s'(%x)\n",
conf->num_auth_servers,
inet_ntoa(conf->auth_server->addr),
conf->auth_server->addr.s_addr);
// RADIUS_Port and RADIUS_Key
if (conf->auth_server && conf->auth_server->addr.s_addr != 0)
{
if (pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_port > 0)
{
radius_port_count++;
conf->auth_server->port = pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_port;
DBGPRINT(RT_DEBUG_TRACE,"(no.%d) Radius port: '%d'\n", conf->num_auth_servers, conf->auth_server->port);
}
else
DBGPRINT(RT_DEBUG_ERROR, "(no.%d) Radius port is invalid\n", conf->num_auth_servers);
if (pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_key_len > 0)
{
radius_key_count++;
conf->auth_server->shared_secret = (u8 *)strdup((const char *)pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_key);
conf->auth_server->shared_secret_len = pDot1xCmmConf->Dot1xBssInfo[i].radius_srv_info[idx].radius_key_len;
DBGPRINT(RT_DEBUG_TRACE,"(no.%d) Radius key: '%s', key_len: %d \n", conf->num_auth_servers,
conf->auth_server->shared_secret, conf->auth_server->shared_secret_len);
}
else
DBGPRINT(RT_DEBUG_ERROR, "(no.%d) Radius key is invalid\n", conf->num_auth_servers);
}
#endif
}
}
// Sanity check for radius ip address
if (radius_count != 0)
(*flag) |= 0x02;
else
{
DBGPRINT(RT_DEBUG_ERROR, "No any valid radius ip address \n");
(*errors)++;
}
// Sanity check for radius port number
if (radius_count == radius_port_count)
(*flag) |= 0x04;
else
{
DBGPRINT(RT_DEBUG_ERROR, "No enough radius port \n");
(*errors)++;
}
// Sanity check for radius key
if (radius_count == radius_key_count)
(*flag) |= 0x08;
else
{
DBGPRINT(RT_DEBUG_ERROR, "No enough radius key \n");
(*errors)++;
}
// radius_retry_primary_interval
conf->radius_retry_primary_interval = pDot1xCmmConf->retry_interval;
if (conf->radius_retry_primary_interval > 0)
DBGPRINT(RT_DEBUG_TRACE,"Radius retry primary interval %d seconds. \n", conf->radius_retry_primary_interval);
// session_timeout_interval
conf->session_timeout_interval = pDot1xCmmConf->session_timeout_interval;
if (conf->session_timeout_interval == 0)
{
conf->session_timeout_set= 0;
}
else
{
conf->session_timeout_set= 1;
if (conf->session_timeout_interval < 60)
conf->session_timeout_interval = REAUTH_TIMER_DEFAULT_reAuthPeriod;
DBGPRINT(RT_DEBUG_TRACE,"Radius session timeout interval %d seconds. \n", conf->session_timeout_interval);
}
DBGPRINT(RT_DEBUG_TRACE,"session_timeout policy is %s \n", conf->session_timeout_set ? "enabled" : "disabled");
/* QuietPeriod */
conf->quiet_interval = pDot1xCmmConf->quiet_interval;
if (conf->quiet_interval < AUTH_PAE_DEFAULT_quietPeriod)
conf->quiet_interval = AUTH_PAE_DEFAULT_quietPeriod;
DBGPRINT(RT_DEBUG_TRACE, "Quiet period %d seconds \n", conf->quiet_interval);
for (i = 0; i < conf->SsidNum; i++)
{
int g_key_len = 0;
// DefaultKeyID
if (pDot1xCmmConf->Dot1xBssInfo[i].ieee8021xWEP)
{
// set group key index
conf->DefaultKeyID[i] = pDot1xCmmConf->Dot1xBssInfo[i].key_index;
// set unicast key index
if (conf->DefaultKeyID[i] == 3)
conf->individual_wep_key_idx[i] = 0;
else
conf->individual_wep_key_idx[i] = 3;
DBGPRINT(RT_DEBUG_TRACE,"IEEE8021X WEP: group key index(%d) and unicast key index(%d) for %s%d\n",
conf->DefaultKeyID[i], conf->individual_wep_key_idx[i], prefix_name, i);
g_key_len = pDot1xCmmConf->Dot1xBssInfo[i].key_length;
if (g_key_len == 5 || g_key_len == 13)
{
conf->individual_wep_key_len[i] = g_key_len;
memset(conf->IEEE8021X_ikey[i], 0, WEP8021X_KEY_LEN);
memcpy(conf->IEEE8021X_ikey[i], pDot1xCmmConf->Dot1xBssInfo[i].key_material, g_key_len);
DBGPRINT(RT_DEBUG_TRACE,"IEEE8021X WEP: use Key%dStr as shared Key and its key_len is %d for %s%d\n",
conf->DefaultKeyID[i]+1, g_key_len, prefix_name, i);
}
}
/* NAS Identifier */
if (pDot1xCmmConf->Dot1xBssInfo[i].nasId_len > 0)
{
memcpy(conf->nasId[i], pDot1xCmmConf->Dot1xBssInfo[i].nasId, pDot1xCmmConf->Dot1xBssInfo[i].nasId_len);
conf->nasId_len[i] = pDot1xCmmConf->Dot1xBssInfo[i].nasId_len;
}
DBGPRINT(RT_DEBUG_TRACE, "NAS-Identifier: %s and len=%d for %s%d \n",
conf->nasId[i], conf->nasId_len[i], prefix_name, i);
// EAPifname
if (pDot1xCmmConf->EAPifname_len[i] > 0)
{
memset(conf->eap_if_name[num_eap_if], 0, IFNAMSIZ);
memcpy(conf->eap_if_name[num_eap_if], pDot1xCmmConf->EAPifname[i], pDot1xCmmConf->EAPifname_len[i]);
DBGPRINT(RT_DEBUG_TRACE, "(no.%d) EAPifname: %s \n", num_eap_if + 1, conf->eap_if_name[num_eap_if]);
num_eap_if ++;
}
// PreAuthifname
if (pDot1xCmmConf->PreAuthifname_len[i] > 0)
{
memset(conf->preauth_if_name[num_preauth_if], 0, IFNAMSIZ);
memcpy(conf->preauth_if_name[num_preauth_if], pDot1xCmmConf->PreAuthifname[i], pDot1xCmmConf->PreAuthifname_len[i]);
DBGPRINT(RT_DEBUG_TRACE,"(no.%d) PreAuthifname: %s \n", num_preauth_if + 1, conf->preauth_if_name[num_preauth_if]);
num_preauth_if ++;
}
}
if (num_eap_if > 0)
conf->num_eap_if = num_eap_if;
if (num_preauth_if > 0)
conf->num_preauth_if = num_preauth_if;
free(buf);
return TRUE;
}
int main(int argc, char *argv[])
{
struct hapd_interfaces interfaces;
pid_t child_pid;
int ret = 1, i;
int c;
pid_t auth_pid;
char prefix_name[IFNAMSIZ+1];
printf("program name = '%s'\n", argv[0]);
if (strstr(argv[0], "8021xdi"))
{
printf("1program name = '%s'\n", argv[0]);
strcpy(prefix_name, "rai");
}
else
{
printf("2program name = '%s'\n", argv[0]);
strcpy(prefix_name, "ra");
}
for (;;)
{
c = getopt(argc, argv, "d:i:h");
if (c < 0)
break;
switch (c)
{
case 'd':
/* set Debug level -
RT_DEBUG_OFF 0
RT_DEBUG_ERROR 1
RT_DEBUG_WARN 2
RT_DEBUG_TRACE 3
RT_DEBUG_INFO 4
*/
printf("Set debug level as %s\n", optarg);
RTDebugLevel = (int)strtol(optarg, 0, 10);
break;
#if 1 /* FIXME: original prefix name seems wrong. */
case 'i':
// Assign the wireless interface when support multiple cards
sprintf(prefix_name, "%s", optarg);
break;
#else
case 'i':
// Assign the wireless interface when support multiple cards
sprintf(prefix_name, "%s%02d_", prefix_name, ((int)strtol(optarg, 0, 10) - 1));
break;
#endif
case 'h':
default:
usage();
break;
}
}
printf("Ralink DOT1X daemon, version = '%s' \n", dot1x_version);
DBGPRINT(RT_DEBUG_TRACE, "prefix_name = '%s'\n", prefix_name);
child_pid = fork();
if (child_pid == 0)
{
auth_pid = getpid();
DBGPRINT(RT_DEBUG_TRACE, "Porcess ID = %d\n",auth_pid);
openlog("rtdot1xd",0,LOG_DAEMON);
// set number of configuration file 1
interfaces.count = 1;
interfaces.rtapd = malloc(sizeof(rtapd *));
if (interfaces.rtapd == NULL)
{
DBGPRINT(RT_DEBUG_ERROR,"malloc failed\n");
exit(1);
}
eloop_init(&interfaces);
eloop_register_signal(SIGINT, Handle_term, NULL);
eloop_register_signal(SIGTERM, Handle_term, NULL);
eloop_register_signal(SIGUSR1, Handle_usr1, NULL);
eloop_register_signal(SIGHUP, Handle_usr1, NULL);
interfaces.rtapd[0] = Apd_init(prefix_name);
if (!interfaces.rtapd[0])
goto out;
if (Apd_setup_interface(interfaces.rtapd[0]))
goto out;
// Notify driver about PID
RT_ioctl(interfaces.rtapd[0]->ioctl_sock, RT_PRIV_IOCTL, (char *)&auth_pid, sizeof(int), prefix_name, 0, RT_SET_APD_PID | OID_GET_SET_TOGGLE);
eloop_run();
Apd_free_stas(interfaces.rtapd[0]);
ret = 0;
out:
for (i = 0; i < interfaces.count; i++)
{
if (!interfaces.rtapd[i])
continue;
Apd_cleanup(interfaces.rtapd[i]);
free(interfaces.rtapd[i]);
}
free(interfaces.rtapd);
eloop_destroy();
closelog();
return ret;
}
else
return 0;
}
int main(int argc, char *argv[])
{
struct hapd_interfaces interfaces;
pid_t child_pid;
int ret = 1, i;
int c;
pid_t auth_pid;
for (;;)
{
c = getopt(argc, argv, "h");
if (c < 0)
break;
switch (c)
{
case 'h':
usage();
break;
default:
break;
}
}
child_pid = fork();
if (child_pid == 0)
{
auth_pid = getpid();
DBGPRINT(RT_DEBUG_TRACE, "Porcess ID = %d\n",auth_pid);
openlog("rt61apd",0,LOG_DAEMON);
// set number of configuration file 1
interfaces.count = 1;
interfaces.rtapd = malloc(sizeof(rtapd *));
if (interfaces.rtapd == NULL)
{
DBGPRINT(RT_DEBUG_ERROR,"malloc failed\n");
exit(1);
}
eloop_init(&interfaces);
eloop_register_signal(SIGINT, Handle_term, NULL);
eloop_register_signal(SIGTERM, Handle_term, NULL);
eloop_register_signal(SIGUSR1, Handle_usr1, NULL);
eloop_register_signal(SIGHUP, Handle_usr1, NULL);
DBGPRINT(RT_DEBUG_ERROR,"\n Configuration file: %s\n", RT61AP_SYSTEM_PATH);
interfaces.rtapd[0] = Apd_init(strdup(RT61AP_SYSTEM_PATH),(int)getpid());
if (!interfaces.rtapd[0])
goto out;
if (Apd_setup_interface(interfaces.rtapd[0]))
goto out;
// Notify driver about PID
RT_ioctl(interfaces.rtapd[0], RT_PRIV_IOCTL, (u8*)&auth_pid, sizeof(int), 0, RT_SET_APD_PID | OID_GET_SET_TOGGLE);
eloop_run();
Apd_free_stas(interfaces.rtapd[0]);
ret = 0;
out:
for (i = 0; i < interfaces.count; i++)
{
if (!interfaces.rtapd[i])
continue;
Apd_cleanup(interfaces.rtapd[i]);
free(interfaces.rtapd[i]);
}
free(interfaces.rtapd);
eloop_destroy();
closelog();
return ret;
}
else
return 0;
}
int DOT1X_Start(void)
{
NDIS_802_11_AUTHENTICATION_MODE AuthMode = Ndis802_11AuthModeMax;
int IEEE8021X=0;
char str[20],ifName[20];
char *pEnd;
int value = 0;
int i=0;
bool need_trigger=FALSE;
bool any_if_up=FALSE;
int flag;
if(interfaces.rtapd != NULL)
{
DBGPRINT(RT_DEBUG_ERROR,"DOT1X_Start already run\n");
return;
}
CFG_get_str(CFG_WLN_BssidNum, str);
value = strtol(str, &pEnd, 10);
for(i=0 ; i <value ; i++)
{
memset(ifName,0x00,20);
sprintf(ifName, "ra%d", i);
if(netif_flag_get(ifName, &flag) && (flag&IFF_UP))
{
DBGPRINT(RT_DEBUG_ERROR,"%s is up ! \n",ifName);
any_if_up = TRUE;
}
}
if(any_if_up == FALSE)
return;
int ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
if (ioctl_sock < 0)
{
DBGPRINT(RT_DEBUG_ERROR,"Could not init ioctl socket \n");
return;
}
for(i=0 ; i <value ; i++)
{
AuthMode = Ndis802_11AuthModeOpen;
IEEE8021X = 0;
if((RT_ioctl(ioctl_sock, RT_PRIV_IOCTL, &AuthMode, sizeof(AuthMode), 0, i, OID_802_11_AUTHENTICATION_MODE)) != 0)
{
DBGPRINT(RT_DEBUG_ERROR,"ioctl failed for OID_802_11_AUTHENTICATION_MODE\n");
return ;
}
if((RT_ioctl(ioctl_sock, RT_PRIV_IOCTL, &IEEE8021X, sizeof(IEEE8021X), 0, i, OID_802_11_SET_IEEE8021X)) != 0)
{
DBGPRINT(RT_DEBUG_ERROR,"ioctl failed for OID_802_11_SET_IEEE8021X\n");
return ;
}
DBGPRINT(RT_DEBUG_ERROR,"AuthMode=%d, IEEE8021X=%d\n", AuthMode, IEEE8021X);
if(AuthMode == Ndis802_11AuthModeWPA
|| AuthMode == Ndis802_11AuthModeWPA2
|| AuthMode == Ndis802_11AuthModeWPA1WPA2
|| IEEE8021X == 1)
{
need_trigger = TRUE;
}
}
close(ioctl_sock);
register_netisr(NETISR_1X,dot1xintr);
if(need_trigger == TRUE)
{
Dot_Running=TRUE;
DBGPRINT(RT_DEBUG_ERROR,"Start DOT1X_Start.....(stack size=%d)\n",STACK_SIZE);
cyg_thread_create(5,
Cyg_DOT1X,
0,
"dot1x_daemon",
Dot1x_main_stack,
sizeof(Dot1x_main_stack),
&dot1x_thread,
&dot1x_thread_struct);
cyg_thread_resume( dot1x_thread );
cyg_thread_delay(100);
return 0;
}
else
{
DBGPRINT(RT_DEBUG_ERROR,"Don't need trigger the 1x Daemon\n");
}
}
int Apd_init_sockets(rtapd *rtapd)
{
DBGPRINT(RT_DEBUG_TRACE, "===>Apd_init_sockets\n");
struct ifreq ifr;
#ifndef __ECOS
struct sockaddr_ll baddr;
#else
struct protoent *p;
struct sockaddr_in addr;
char buf[6];
//buf = (char *) malloc(6);
#endif
int i;
// 3. Get wireless interface MAC address
for(i = 0; i < rtapd->conf->SsidNum; i++)
{
memset(&ifr, 0, sizeof(ifr));
sprintf(ifr.ifr_name, "%s%d",rtapd->prefix_wlan_name, i);
#ifdef LINUX
int s = -1;
s = socket(AF_INET, SOCK_DGRAM, 0);
if (s < 0)
{
perror("socket[AF_INET,SOCK_DGRAM]");
return -1;
}
//sprintf(ifr.ifr_name, "ra%d", i);
// Get MAC address
if (ioctl(s, SIOCGIFHWADDR, &ifr) != 0)
{
perror("ioctl(SIOCGIFHWADDR)");
close(s);
return -1;
}
DBGPRINT(RT_DEBUG_INFO," Device %s has ifr.ifr_hwaddr.sa_family %d\n",ifr.ifr_name, ifr.ifr_hwaddr.sa_family);
if (ifr.ifr_hwaddr.sa_family != ARPHRD_ETHER)
{
DBGPRINT(RT_DEBUG_ERROR,"IF-%s : Invalid HW-addr family 0x%04x\n", ifr.ifr_name, ifr.ifr_hwaddr.sa_family);
close(s);
return -1;
}
memcpy(rtapd->own_addr[i], ifr.ifr_hwaddr.sa_data, ETH_ALEN);
#endif
#ifdef __ECOS
memset(buf, 0, 6);
if((RT_ioctl(0, RT_PRIV_IOCTL, buf, 6, rtapd->prefix_wlan_name, i, RT_OID_802_11_MAC_ADDRESS)) != 0)
{
DBGPRINT(RT_DEBUG_ERROR,"ioctl failed for RT_OID_802_11_MAC_ADDRESS(len=%d, ifname=%s%d)\n", 6, rtapd->prefix_wlan_name,i);
//free(buf);
return -1;
}
memcpy(rtapd->own_addr[i], buf, ETH_ALEN);
//free(buf);
#endif
DBGPRINT(RT_DEBUG_TRACE, "IF-%s MAC Address = " MACSTR "\n", ifr.ifr_name, MAC2STR(rtapd->own_addr[i]));
#ifdef LINUX
close(s);
#endif
}
DBGPRINT(RT_DEBUG_TRACE, "<===Apd_init_sockets\n");
return 0;
}
