static void nas_watchdog(bcm_timer_id td, nas_t *nas) { nas_sta_t *sta; int i; #ifdef BCMDBG char eabuf[ETHER_ADDR_STR_LEN]; #endif for (i = 0; i < MAX_SUPPLICANTS; i ++) { for (sta = nas->sta_hashed[i]; sta; sta = sta->next) { #ifdef BCMDBG if (nas->auth_blockout_time) { if (sta->pae.flags & PAE_FLAG_RADIUS_ACCESS_REJECT) dbg(nas, "blocking %s, time remaining = %d", ether_etoa((uchar *)&sta->ea, eabuf), sta->quiet_while); } #endif /* check for time out */ switch (sta->pae.state) { case AUTHENTICATED: if (!sta->pae.ssnto) break; sta->pae.ssnto--; /* timed out */ if (sta->pae.ssnto) continue; /* send Identity Request */ dbg(nas, "ID req to %s\n", ether_etoa((uchar *)&sta->ea, eabuf)); send_identity_req(nas, sta); break; case HELD: if (sta->quiet_while && --sta->quiet_while == 0) pae_state(nas, sta, CONNECTING); break; case CONNECTING: if (sta->tx_when && --sta->tx_when == 0) { if (sta->rxauths > STA_REAUTH_MAX) pae_state(nas, sta, DISCONNECTED); else pae_state(nas, sta, CONNECTING); } break; case AUTHENTICATING: if (sta->auth_while && --sta->auth_while == 0) { pae_state(nas, sta, ABORTING); pae_state(nas, sta, CONNECTING); } break; default: break; } } } }
/* Proxy EAP packet from RADIUS server to PAE */ void radius_dispatch(nas_t *nas, radius_header_t *response) { nas_sta_t *sta = &nas->sta[response->id % MAX_SUPPLICANTS]; radius_header_t *request; int left, type, length = 0, index, authenticated = 0; unsigned char buf[16], *cur; eapol_header_t eapol; eap_header_t *eap = NULL; unsigned int vendor, ssnto; unsigned char *mppe_send = NULL, *mppe_recv = NULL, *mppe_key; struct iovec frags[RADIUS_MAX_ATTRIBUTES]; int nfrags = 0; #ifdef BCMDBG char eabuf[ETHER_ADDR_STR_LEN]; #endif /* The STA could have been toss during the wait. */ if (!sta->used) return; request = sta->pae.radius.request; if (!request || request->id != response->id) { dbg(nas, "bogus RADIUS packet response->id=%d request->id=%d", response->id, request->id); return; } /* Parse attributes */ left = ntohs(response->length) - RADIUS_HEADER_LEN; cur = response->attributes; while (left >= 2) { int attribute_error = 0; type = *cur++; length = *cur++ - 2; left -= 2; /* Bad attribute length */ if (length > left) { dbg(nas, "bad attribute length %d", length); break; } switch (type) { case RD_TP_MESSAGE_AUTHENTICATOR: if (length < 16) { dbg(nas, "bad signature length %d", length); attribute_error = 1; break; } /* Validate HMAC-MD5 checksum */ memcpy(buf, cur, 16); memset(cur, 0, 16); memcpy(response->vector, request->vector, 16); /* Calculate HMAC-MD5 checksum with request vector and null signature */ hmac_md5((unsigned char *) response, ntohs(response->length), nas->secret.data, nas->secret.length, cur); if ((authenticated = !memcmp(buf, cur, 16)) == 0) { dbg(nas, "Invalid signature"); attribute_error = 1; } break; case RD_TP_STATE: /* Preserve server state unmodified */ sta->pae.radius.state.length = length; if (sta->pae.radius.state.data) free(sta->pae.radius.state.data); sta->pae.radius.state.length = length; if (!(sta->pae.radius.state.data = malloc(sta->pae.radius.state.length))) { perror("malloc"); attribute_error = 1; } else memcpy(sta->pae.radius.state.data, cur, sta->pae.radius.state.length); break; case RD_TP_EAP_MESSAGE: /* Initialize EAPOL header */ if (!nfrags) { memcpy(&eapol.eth.ether_dhost, &sta->ea, ETHER_ADDR_LEN); memcpy(&eapol.eth.ether_shost, &nas->ea, ETHER_ADDR_LEN); #ifdef BCMWPA2 if (sta->flags & STA_FLAG_PRE_AUTH) eapol.eth.ether_type = htons(ETHER_TYPE_802_1X_PREAUTH); else #endif eapol.eth.ether_type = htons(ETHER_TYPE_802_1X); eapol.version = sta->eapol_version; eapol.type = EAP_PACKET; eapol.length = htons(0); eap = (eap_header_t *) cur; frags[nfrags].iov_base = (caddr_t) &eapol; frags[nfrags].iov_len = EAPOL_HEADER_LEN; nfrags++; /* Set up internal flags */ if (eap->code == EAP_SUCCESS) sta->pae.flags |= PAE_FLAG_EAP_SUCCESS; } /* Gather fragmented EAP messages */ if (nfrags < ARRAYSIZE(frags)) { eapol.length = htons(ntohs(eapol.length) + length); frags[nfrags].iov_base = (caddr_t) cur; frags[nfrags].iov_len = length; nfrags++; } break; case RD_TP_VENDOR_SPECIFIC: if (length < 6) { dbg(nas, "bad vendor attribute length %d", length); attribute_error = 1; break; } memcpy(&vendor, cur, 4); vendor = ntohl(vendor); cur += 4; type = *cur++; length = *cur++ - 2; left -= 6; /* Bad attribute length */ if (length > left) { dbg(nas, "bad vendor attribute length %d", length); attribute_error = 1; break; } /* Parse vendor-specific attributes */ switch (vendor) { case RD_VENDOR_MICROSOFT: switch (type) { case RD_MS_MPPE_SEND: case RD_MS_MPPE_RECV: if (response->code != RADIUS_ACCESS_ACCEPT) { dbg(nas, "ignore MS-MPPE-Key in non" " RADIUS_ACCESS_ACCEPT packet"); break; } /* Key length (minus salt) must be a multiple of 16 and * greater than 32 */ if ((length - 2) % 16 || (length - 2) <= 32) { dbg(nas, "bad MS-MPPE-Key length %d", length); attribute_error = 1; break; } /* Allocate key */ if (!(mppe_key = malloc(length - 2))) { perror("malloc"); attribute_error = 1; break; } /* Decrypt key */ memcpy(mppe_key, &cur[2], length - 2); mppe_crypt(cur, mppe_key, length - 2, nas->secret.data, nas->secret.length, request->vector, 0); /* Set key pointers */ if (type == RD_MS_MPPE_SEND) mppe_send = mppe_key; else mppe_recv = mppe_key; break; } break; default: dbg(nas, "unknown vendor attribute = %d", vendor); dbg(nas, " vendor type = %d", type); dbg(nas, " attribute string = %s", cur); break; } break; case RD_TP_SESSION_TIMEOUT: if (response->code != RADIUS_ACCESS_ACCEPT) break; if (length < 4) { dbg(nas, "bad session timeout attribute length %d", length); attribute_error = 1; break; } memcpy(&ssnto, cur, 4); sta->pae.ssnto = ntohl(ssnto); dbg(nas, "session timeout in %d seconds", sta->pae.ssnto); break; default: /* Ignore all other attributes */ break; } /* Don't go on looking if something already went wrong. */ if (attribute_error) goto done; left -= length; cur += length; } if (!authenticated && response->code != RADIUS_ACCESS_REJECT) { dbg(nas, "missing signature"); goto done; } if (eap) sta->pae.id = eap->id; if (eap && (eap->code != EAP_SUCCESS || response->code != RADIUS_ACCESS_ACCEPT) && (eap->code != EAP_FAILURE || response->code != RADIUS_ACCESS_REJECT) && nfrags) { #ifdef BCMWPA2 if (sta->flags & STA_FLAG_PRE_AUTH) nas_preauth_send_packet(nas, frags, nfrags); else #endif nas_eapol_send_packet(nas, frags, nfrags); } /* RADIUS event */ switch (response->code) { case RADIUS_ACCESS_ACCEPT: /* Check for EAP-Success before allowing complete access */ if (!(sta->pae.flags & PAE_FLAG_EAP_SUCCESS)) { dbg(nas, "Radius success without EAP success?!"); pae_state(nas, sta, HELD); dbg(nas, "deauthenticating %s", ether_etoa((uint8 *)&sta->ea, eabuf)); nas_deauthorize(nas, &sta->ea); goto done; } dbg(nas, "Access Accept"); pae_state(nas, sta, AUTHENTICATED); /* overwrite session timeout with global setting */ if (!sta->pae.ssnto || sta->pae.ssnto > nas->ssn_to) sta->pae.ssnto = nas->ssn_to; /* WPA-mode needs to do the 4-way handshake here instead. */ if (CHECK_WPA(sta->mode) && mppe_recv) { fix_wpa(nas, sta, (char *)&mppe_recv[1], (int)mppe_recv[0]); break; } /* Plump the keys to driver and send them to peer as well */ if (mppe_recv) { /* Cobble a multicast key if there isn't one yet. */ if (!(nas->flags & NAS_FLAG_GTK_PLUMBED)) { nas->wpa->gtk_index = GTK_INDEX_1; if (nas->wpa->gtk_len == 0) nas->wpa->gtk_len = WEP128_KEY_SIZE; nas_rand128(nas->wpa->gtk); if (nas_set_key(nas, NULL, nas->wpa->gtk, nas->wpa->gtk_len, nas->wpa->gtk_index, 1, 0, 0) < 0) { err(nas, "invalid multicast key"); nas_handle_error(nas, 1); } nas->flags |= NAS_FLAG_GTK_PLUMBED; } sta->rc4keysec = -1; sta->rc4keyusec = -1; /* Send multicast key */ index = nas->wpa->gtk_index; length = nas->wpa->gtk_len; if (mppe_send) eapol_key(nas, sta, &mppe_send[1], mppe_send[0], &mppe_recv[1], mppe_recv[0], nas->wpa->gtk, length, index, 0); else eapol_key(nas, sta, NULL, 0, &mppe_recv[1], mppe_recv[0], nas->wpa->gtk, length, index, 0); /* MS-MPPE-Recv-Key is MS-MPPE-Send-Key on the Suppl */ index = DOT11_MAX_DEFAULT_KEYS - 1; length = WEP128_KEY_SIZE; if (nas_set_key(nas, &sta->ea, &mppe_recv[1], length, index, 1, 0, 0) < 0) { dbg(nas, "unicast key rejected by driver, assuming too many" " associated STAs"); cleanup_sta(nas, sta, DOT11_RC_BUSY, 0); } /* Set unicast key index */ if (mppe_send) eapol_key(nas, sta, &mppe_send[1], mppe_send[0], NULL, 0, NULL, length, index, 1); else eapol_key(nas, sta, NULL, 0, NULL, 0, NULL, length, index, 1); dbg(nas, "authorize %s (802.1x)", ether_etoa((uint8 *)&sta->ea, eabuf)); nas_authorize(nas, &sta->ea); } break; case RADIUS_ACCESS_REJECT: dbg(nas, "Access Reject"); pae_state(nas, sta, HELD); dbg(nas, "deauthenticating %s", ether_etoa((uint8 *)&sta->ea, eabuf)); nas_deauthorize(nas, &sta->ea); sta->pae.ssnto = 0; break; case RADIUS_ACCESS_CHALLENGE: dbg(nas, "Access Challenge"); break; default: dbg(nas, "unknown RADIUS code %d", response->code); break; } done: if (mppe_send) free(mppe_send); if (mppe_recv) free(mppe_recv); free(request); sta->pae.radius.request = NULL; }
static void eapol_dispatch_ex(nas_t *nas, eapol_header_t *eapol, int preauth, int bytes) { nas_sta_t *sta; eap_header_t *eap; #ifdef BCMDBG char eabuf[ETHER_ADDR_STR_LEN]; #endif /* Validate EAPOL version */ if (!eapol) { dbg(nas, "Missing EAPOL header"); return; } #ifdef NAS_GTK_PER_STA if (ETHER_ISNULLADDR(eapol->eth.ether_shost) && (eapol->type == 0xFF)) { wpa_set_gtk_per_sta(nas->wpa, eapol->body[0]); return; } #endif sta = lookup_sta(nas, (struct ether_addr *) eapol->eth.ether_shost, SEARCH_ENTER); if (!sta) { dbg(nas, "no STA struct available"); return; } if (sta->pae.state == HELD) { dbg(nas, "nothing done since in HELD state"); return; } dbg(nas, "%s message from %s", eapol_msg_type_name(eapol->type), ether_etoa((uchar *)&sta->ea, eabuf)); if (eapol->version < sta->eapol_version) { dbg(nas, "EAPOL version %d packet received, current version is %d", eapol->version, sta->eapol_version); } if (!preauth) { /* If this is a WPA key pkt then process it accordingly */ if ((eapol->type == EAPOL_KEY) && (CHECK_EAPOL_KEY(eapol->body[0]))) { /* * Expect to do this only for WPA_PSK or for WPA either very * early or after RADIUS acceptance. */ if ((CHECK_NAS(sta->mode)) && ((sta->pae.state == AUTHENTICATED) || (sta->pae.state == INITIALIZE))) { /* process WPA key pkt */ if (process_wpa(nas->wpa, eapol, sta)) { /* Something wrong in WPA. Lose this sta. */ cleanup_sta(nas, sta, DOT11_RC_8021X_AUTH_FAIL, 0); } return; } /* return; */ } /* break out if STA is only PSK */ if (CHECK_PSK(sta->mode)) return; sta->flags &= ~STA_FLAG_PRE_AUTH; } /* * instead of passing the state variable saying whether this data is from a pre auth * sta or from a normal store the variable in the sta struct and * would be reset once the message is handled ... state variable makes sense * only for this one message. */ else { sta->flags |= STA_FLAG_PRE_AUTH; sta->mode = WPA2; sta->eapol_version = WPA2_EAPOL_VERSION; } /* EAPOL event : Radius support */ switch (eapol->type) { case EAP_PACKET: dbg(nas, "EAP Packet.Preauth=%d", preauth); if (ntohs(eapol->length) >= (EAP_HEADER_LEN + 1)) { eap = (eap_header_t *) eapol->body; dbg(nas, "STA State=%d EAP Packet Type=%d Id=%d code=%d", sta->pae.state, eap->type, eap->id, eap->code); switch (eap->type) { case EAP_IDENTITY: /* Bogus packet */ if (eap->id != sta->pae.id || eap->code != EAP_RESPONSE) { dbg(nas, "bogus EAP packet id %d code %d, expected %d", eap->id, eap->code, sta->pae.id); break; } if (sta->pae.state == AUTHENTICATING) { dbg(nas, "NAS currently authenticating STA. " "Tossing packet id=%d code=%d.", eap->id, eap->code); break; } /* * Do eap length checking to prevent attacker responds to * an EAP Identity Request with an EAP Identity Response, * whose Message Length value is larger than the actual * EAP packet, nas sends out a Radius message with more * data than contained in the EAP Identity Response. That * cause nas over-reads the heap memory when forming * the Radius message. An attack may result in exposure * of sensitive data from the heap or may allow to cause * a denial-of-service. */ if (ntohs(eap->length) > bytes - EAPOL_HEADER_LEN) { dbg(nas, "Invalid EAP length %d, received %d.", ntohs(eap->length), bytes - EAPOL_HEADER_LEN); break; } /* Record identity */ if (ntohs(eap->length) > (EAP_HEADER_LEN + 1)) { if (sta->pae.radius.username.data) free(sta->pae.radius.username.data); sta->pae.radius.username.length = ntohs(eap->length) - EAP_HEADER_LEN - 1; if (!(sta->pae.radius.username.data = malloc(sta->pae.radius.username.length))) { perror("malloc"); return; } else memcpy(sta->pae.radius.username.data, eap->data, sta->pae.radius.username.length); } pae_state(nas, sta, AUTHENTICATING); /* Fall through */ default: /* Bogus packet */ /* Forward to authentication server */ RADIUS_FORWARD(nas, sta, eap); break; } } break; case EAPOL_START: dbg(nas, "Start"); sta->pae.id = 0; /* reset counter */ switch (sta->pae.state) { case AUTHENTICATING: pae_state(nas, sta, ABORTING); /* Fall through */ default: pae_state(nas, sta, CONNECTING); break; } sta->suppl.state = sta->suppl.retry_state = WPA_PTKSTART; break; case EAPOL_LOGOFF: dbg(nas, "Logoff"); switch (sta->pae.state) { default: dbg(nas, "Unexpected pae state %d", sta->pae.state); /* Fall through */ case AUTHENTICATING: pae_state(nas, sta, ABORTING); /* Fall through */ case CONNECTING: case AUTHENTICATED: pae_state(nas, sta, DISCONNECTED); dbg(nas, "deauthenticating %s", ether_etoa((uchar *)&sta->ea, eabuf)); nas_deauthorize(nas, &sta->ea); break; } break; case EAPOL_KEY: dbg(nas, "Key"); break; case EAPOL_ASF: dbg(nas, "Encapsulated ASF Alert"); break; default: dbg(nas, "unknown EAPOL type %d", eapol->type); break; } }