You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
README
NAS is a minimal VxWorks and Linux compatible Network Authentication Server that implements 802.1X port authentication (RADIUS only) and Wi-Fi Protected Access (WPA) for 802.11 networks (Broadcom drivers only). The code base is split between common code (nas.c and wpa.c), driver specific code (nas_wl.c), application specific code (nas_wksp.c), and OS specific code (nas_vx.c and nas_linux.c). Major features yet to be implemented include: * RADIUS Accounting. See 802.1X Internet Draft 20. * Mutual authentication (802.11 IBSS mode). * Limited network access (e.g., via 802.1Q VLAN) ===== NAS/Driver interface: NAS and the Broadcom driver communicate using two mechanisms: ioctls and 802.3/SNAP frames. Ioctls are used by NAS to query or setup driver states. 802.3/SNAP frames are generated by the driver when it needs to asynchronously indicate information to NAS. 802.3/SNAP frames are also used to encapsulate 802.1x frames starting from release 3.41.xx. NAS listens on a socket for these indications and encapsulated 802.1x frames. ----- The following ioctls are used by NAS: interface discovery: WLC_GET_MAGIC WLC_GET_VERSION WLC_GET_INSTANCE per interface initialization: (clear stuff) WLC_SET_EAP_RESTRICT (true) WLC_SET_WEP_RESTRICT* (true) WLC_SET_KEY (clear all default keys) WLC_SCB_DEAUTHORIZE (broadcast addr) (set up) WLC_SET_WSEC* WLC_GET_WSEC (verify that SET took) WLC_SET_WPA_AUTH* during authentication: WLC_SCB_AUTHORIZE WLC_SCB_DEAUTHORIZE WLC_SET_KEY WLC_GET_KEY_TXIV WLC_SCB_DEAUTHENTICATE_FOR_REASON WLC_TKIP_COUNTERMEASURES (toggle on or off) on exit: WLC_SET_EAP_RESTRICT (false) WLC_SET_WEP_RESTRICT* (false) WLC_SET_KEY (clear all default keys) WLC_SCB_DEAUTHORIZE (broadcast addr) wireless bridging: WLC_WDS_GET_REMOTE_HWADDR WLC_WDS_GET_WPA_ROLE get "wds_wpa_role" set "wds_wpa_role" *These are followed by gratuitous WLC_GET_SSID/WLC_SET_SSID pair. ----- Details of the ioctls: Most ioctl calls use wl_ioctl(), defined e.g. in src/router/shared/wl_vx.c as: int wl_ioctl(char *pDevName, int cmd, void *buf, int len) "buf" is a structure which is specific to each call. Any portion of buf not explicitly set on input should be zero. Structures and values not explicitly defined below are defined in src/include/wlioctl.h. WLC_GET_MAGIC buf: input: output: return: WLC_GET_VERSION buf: input: output: return: WLC_GET_INSTANCE buf: int input: none output: unit number/network interface instance return: 0 WLC_SET_EAP_RESTRICT buf: int input: buf = TRUE require 802.1X authentication before STA can pass data frames buf = FALSE allow STA to pass data frames without 802.1X authentication output: none return: 0 WLC_SET_WEP_RESTRICT buf: int input: buf = TRUE require all data frames to be encrypted buf = FALSE allow unencrypted data frames output: none return: 0 WLC_SET_KEY: buffer: wsec_key_t buf input: buf.index = key index (0-3) buf.ea = address of STA (if pairwise key) buf.flags = WSEC_PRIMARY_KEY key is for transmit and receive buf.flags = 0 key is for receive only buf.len = key length in bytes when adding a key buf.len = 0 to delete a key buf.data = key data output: none return: 0 success -1 invalid key index or interface currently disabled WLC_SCB_DEAUTHORIZE: buf: struct ether_addr input: buf = address of STA to be deauthorized output: none return: 0 WLC_SET_WSEC buf: int input: buf = any combination of TKIP_ENABLED, AES_ENABLED, WEP_ENABLED output: none return: 0 success -1 unsupported algorithm WLC_GET_WSEC buf: int input: none output: buf = any combination of TKIP_ENABLED, AES_ENABLED, WEP_ENABLED return: 0 success WLC_SET_WPA_AUTH buf: int input: buf = one of WPA_AUTH_DISABLED, WPA_AUTH_PSK, or WPA_AUTH_UNSPECIFIED output: none return: 0 WLC_SCB_AUTHORIZE buf: struct ether_addr input: buf = address of STA to authorize output: none return: 0 WLC_GET_KEY_TXIV: buf: union { int index; wsec_iv_t iv; } buf; input: buf.index = index of key to query (0-MAXKEYS) output: buf.iv = current value of the transmit sequence counter for key specified by buf.index return: 0 success -1 invalid key index WLC_SCB_DEAUTHENTICATE_FOR_REASON buf: scb_val_t input: buf.val = reason code buf.ea = address of STA to be deauthenticated output: none return: 0 WLC_TKIP_COUNTERMEASURES buf: int input: buf = TRUE start countermeasures buf = TRUE stop countermeasures output: none return: 0 success -1 TKIP not currently enabled WLC_WDS_GET_REMOTE_HWADDR buf: struct ether_addr input: none output: buf = wireless bridge's remote endpoint's mac address return: 0 success -1 the interface is not WDS WLC_WDS_GET_WPA_ROLE buf: int[2] input: buf = wireless bridge's remote endpoint's mac address output: buf[0] = <role> role: 0 - local endpoint is WPA supplicant 1 - local endpoint is WPA authenticator return: 0 success -1 the interface is not a wireless bridge get "wds_wpa_role" (using WLC_GET_VAR ioctl) buf: char[N] input: buf = "wds_wpa_role<null><6 bytes remote endpoint's mac address>" output: buf[0] = <role> role: 0 - local endpoint is WPA supplicant 1 - local endpoint is WPA authenticator return: 0 success set "wds_wpa_role" (using WLC_SET_VAR ioctl) buf: char[N] input: buf = "wds_wpa_role<null><6 bytes remote endpoint's mac address><1 byte role>" role: 0 - local endpoint is WPA supplicant 1 - local endpoint is WPA authenticator 255 - endpoint with lower mac address is WPA supplicant output: none return: 0 success ----- Driver communicates the indication messages to the NAS, message format is Actual message data follows the header: Data = (char *(wlc_secpvt_data + 1)); Ethernet protocol type used is ETHER_TYPE_BRCM (0x886c). Frames exchanged are ETHERNET II frames. (this data structure is defined in include/wlioctl.h) typedef struct wl_secpvt_data { struct ether_header eth; /*Regular ethernet header with proto type 0x886c */ bcmeth_bcm_hdr_t bcm_hdr; /* user specific Data*/ uint8 version; uint8 msg_type; char ifname[WL_WPA_MSG_IFNAME_MAX]; /* name of the packet incoming interface*/ }wl_secpvt_data_t; (this common data structure is defined in proto/bcmeth.h) typedef struct bcmeth_bcm_hdr { uint16 subtype; /* Vendor specific..32769*/ uint16 length; uint8 version; /* Version is 0*/ uint8 oui[3]; /* Broadcom OUI*/ /* user specific Data */ uint16 usr_subtype; } PACKED bcmeth_bcm_hdr_t; vendor_long is defined as 32769 . to specify this as a vendor specific subtype. length field indicates the length of the actual frame from this field. version field is set to 0 BCMILCP_BCM_SUBTYPEHDR_VERSION oui is broadcom OUI. 0x00/0x10/0x18 sub_type defined in bcmeth_bcm_hdr data structure identifies different messages. #define BCMILCP_BCM_SUBTYPE_RESERVED 0 #define BCMILCP_BCM_SUBTYPE_WPA 1 #define BCMILCP_BCM_SUBTYPE_EAPOL 2 #define BCMILCP_BCM_SUBTYPE_SES 3 once the sub_type is identified, version: indicates the version of this user specific data. msg_type: this has meaning only when sub_type is BCMILCP_BCM_SUBTYPE_WPA /* Type field values for the WL WPA subtype driver messages */ #define WLC_ASSOC_MSG 1 #define WLC_DISASSOC_MSG 2 #define WLC_PTK_MIC_MSG 3 #define WLC_GTK_MIC_MSG 4