diff options
| author | Thorsten Lockert <tholo@cvs.openbsd.org> | 2001-02-26 06:19:35 +0000 |
|---|---|---|
| committer | Thorsten Lockert <tholo@cvs.openbsd.org> | 2001-02-26 06:19:35 +0000 |
| commit | b7119c867c07c585323356012502c089c49e9836 (patch) | |
| tree | 43f2e9091386f3fdc38ce919f9d80ab37f114c31 | |
| parent | c3cb36189425d0c52e9bdd76aa13922f96349b20 (diff) | |
Allow configuration of WEP. From FreeBSD; ok aaron@
| -rw-r--r-- | sbin/ancontrol/ancontrol.8 | 54 | ||||
| -rw-r--r-- | sbin/ancontrol/ancontrol.c | 233 | ||||
| -rw-r--r-- | sys/dev/ic/an.c | 28 | ||||
| -rw-r--r-- | sys/dev/ic/anreg.h | 37 | ||||
| -rw-r--r-- | sys/dev/ic/anvar.h | 16 |
5 files changed, 339 insertions, 29 deletions
diff --git a/sbin/ancontrol/ancontrol.8 b/sbin/ancontrol/ancontrol.8 index 0087337d82a..b616706d8fa 100644 --- a/sbin/ancontrol/ancontrol.8 +++ b/sbin/ancontrol/ancontrol.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ancontrol.8,v 1.6 2000/11/09 17:52:52 aaron Exp $ +.\" $OpenBSD: ancontrol.8,v 1.7 2001/02/26 06:19:34 tholo Exp $ .\" .\" Copyright (c) 1997, 1998, 1999 .\" Bill Paul <wpaul@ee.columbia.edu> All rights reserved. @@ -47,23 +47,28 @@ .Op Fl I .Op Fl T .Op Fl C -.Op Fl t Ar 0|1|2|3|4 -.Op Fl s Ar 0|1|2|3 .Op Fl a Ar AP -.Op Fl v Ar 1|2|3|4 .Op Fl b Ar beacon period -.Op Fl d Ar 0|1|2|3 +.Op Fl c Ar channel number .Op Fl v Ar 0|1 +.Op Fl d Ar 0|1|2|3 +.Op Fl e Ar 0|1|2|3 +.Op Fl f Ar fragmentation threshold .Op Fl j Ar netjoin timeout +.Op Fl v Ar 0|1|2|3|4|5|6|7 +.Op Fl k Ar key +.Op Fl K Ar 0|1|2 .Op Fl l Ar station name .Op Fl m Ar macaddress -.Op Fl n Ar SSID .Op Fl v Ar 1|2|3 +.Op Fl n Ar SSID .Op Fl o Ar 0|1 .Op Fl p Ar tx power -.Op Fl c Ar channel number -.Op Fl f Ar fragmentation threshold .Op Fl r Ar RTS threshold +.Op Fl s Ar 0|1|2|3 +.Op Fl t Ar 0|1|2|3|4 +.Op Fl v Ar 1|2|3|4 +.Op Fl W Ar 0|1|2 .Sh DESCRIPTION The .Nm @@ -168,7 +173,7 @@ Valid selections are as follows: .Pp Note that for IBSS (ad-hoc) mode, only PSP mode is supported, and only if the ATIM window is non-zero. -.It Fl a Ar AP Fl v Ar "1|2|3|4 +.It Fl v Ar "1|2|3|4" Fl a Ar AP Set preferred access point. The .Ar AP @@ -189,7 +194,7 @@ Set the ad-hoc mode beacon period. The becon period is specified in milliseconds. The default is 100ms. -.It Fl d Ar 0|1|2|3 Fl v Ar "0|1" +.It Fl v Ar "0|1" Fl d Ar "0|1|2|3" Select the antenna diversity. Aironet devices can be configured with up to two antennas, and transmit and receive diversity can be configured @@ -214,6 +219,33 @@ option: selection sets the receive diversity and .Ar 1 sets the transmit diversity. +.It Fl d Ar "0|1|2|3" +Set the transmit WEP key to use. +Note that until this command is issued, the device will use the +last key programmed. The transmit key is stored in NVRAM. +Currently set transmit key can be checked via +.Fl C +option. +.It Fl v Ar "0|1|2|3|4|5|6|7" Fl k Ar key +Set a WEP key. +For 40 bits, prefix 10 hex digits with 0x. +For 128 bits, prefix 26 hex digits with 0x. +Use "" as the key to erase it. +Supports 4 keys; even numbers are for permanent keys +and odd numbers are for temporary keys. +For example, "-v 1" sets the first temporary key. +(A "permanent" key is stored in NVRAM; a "temporary" key is not.) +Note that the device will use the most recently-programmed key +by default. +Currently set keys can be checked via +.Fl C +option, only the sizes of the keys are returned. +.It Fl K Ar "0|1|2" +Set authorization type. +Use 0 for none, 1 for "Open", 2 for "Shared Key". +.It Fl W Ar "0|1|2" +Enable WEP. +Use 0 for no WEP, 1 to enable full WEP, 2 for mixed cell. .It Fl j Ar netjoin timeout Set the ad-hoc network join timeout. When a station is first activated @@ -242,7 +274,7 @@ is specified as a series of six hexadecimal values separated by colons, e.g.: 00:60:1d:12:34:56. This programs the new address into the card and updates the interface as well. -.It Fl n Ar SSID "[-v 1|2|3]" +.It Fl v Ar "1|2|3" Fl n Ar SSID Set the desired SSID (network name). There are three SSIDs which allows the NIC to work with access points at several locations without needing diff --git a/sbin/ancontrol/ancontrol.c b/sbin/ancontrol/ancontrol.c index 564d6f9c2a9..dfcadf78966 100644 --- a/sbin/ancontrol/ancontrol.c +++ b/sbin/ancontrol/ancontrol.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ancontrol.c,v 1.8 2000/10/13 18:58:09 chris Exp $ */ +/* $OpenBSD: ancontrol.c,v 1.9 2001/02/26 06:19:34 tholo Exp $ */ /* * Copyright 1997, 1998, 1999 * Bill Paul <wpaul@ee.columbia.edu>. All rights reserved. @@ -77,6 +77,7 @@ void an_setconfig __P((char *, int, void *)); void an_setssid __P((char *, int, void *)); void an_setap __P((char *, int, void *)); void an_setspeed __P((char *, int, void *)); +void an_readkeyinfo __P((char *)); #ifdef ANCACHE void an_zerocache __P((char *)); void an_readcache __P((char *)); @@ -119,6 +120,11 @@ int main __P((int, char **)); #define ACT_DUMPCACHE 31 #define ACT_ZEROCACHE 32 +#define ACT_ENABLE_WEP 33 +#define ACT_SET_KEY_TYPE 34 +#define ACT_SET_KEYS 35 +#define ACT_ENABLE_TX_KEY 36 + void an_getval(iface, areq) char *iface; @@ -683,14 +689,25 @@ an_dumpconfig(iface) an_printwords(&cfg->an_ibss_join_net_timeout, 1); printf("\nAuthentication timeout:\t\t\t"); an_printwords(&cfg->an_auth_timeout, 1); + printf("\nWEP enabled:\t\t\t\t[ "); + if (cfg->an_authtype & AN_AUTHTYPE_PRIVACY_IN_USE) + { + if (cfg->an_authtype & AN_AUTHTYPE_ALLOW_UNENCRYPTED) + printf("mixed cell"); + else + printf("full"); + } + else + printf("no"); + printf(" ]"); printf("\nAuthentication type:\t\t\t[ "); - if (cfg->an_authtype == AN_AUTHTYPE_NONE) - printf("no auth"); - if (cfg->an_authtype == AN_AUTHTYPE_OPEN) + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_NONE) + printf("none"); + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_OPEN) printf("open"); - if (cfg->an_authtype == AN_AUTHTYPE_SHAREDKEY) + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_SHAREDKEY) printf("shared key"); - if (cfg->an_authtype == AN_AUTHTYPE_EXCLUDE_UNENCRYPTED) + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_EXCLUDE_UNENCRYPTED) printf("exclude unencrypted"); printf(" ]"); printf("\nAssociation timeout:\t\t\t"); @@ -777,6 +794,7 @@ an_dumpconfig(iface) an_printwords(&cfg->an_arl_delay, 1); printf("\n"); + an_readkeyinfo(iface); return; } @@ -788,10 +806,11 @@ usage(p) { fprintf(stderr, "usage: ancontrol interface [-A] [-N] [-S] [-I] [-T] [-C] [-t 0|1|2|3|4]\n" - " [-s 0|1|2|3] [-a AP] [-v 1|2|3|4] [-b beacon period] [-d 0|1|2|3]\n" - " [-v 0|1] [-j netjoin timeout] [-l station name] [-m macaddress]\n" - " [-n SSID] [-v 1|2|3] [-o 0|1] [-p tx power] [-c channel number]\n" - " [-f fragmentation threshold] [-r RTS threshold]\n"); + " [-s 0|1|2|3] [-v 1|2|3|4] [-a AP] [-b beacon period] [-v 0|1]\n" + " [-d 1|2|3|4] [-e 0|1|2|3] [-j netjoin timeout] [-v 0|1|2|3|4|5|6|7[\n" + " [-k key] [-K 0|1|2] [-l station name] [-m macaddress] [-v 1|2|3]\n" + " [-n SSID] [-o 0|1] [-p tx power] [-c channel number]\n" + " [-f fragmentation threshold] [-r RTS threshold] [-W 0|1|2]\n"); #ifdef ANCACHE fprintf(stderr, " [-Q] [-Z]\n"); @@ -904,6 +923,26 @@ an_setconfig(iface, act, arg) bzero(cfg->an_macaddr, ETHER_ADDR_LEN); bcopy((char *)addr, (char *)&cfg->an_macaddr, ETHER_ADDR_LEN); break; + case ACT_ENABLE_WEP: + switch(atoi(arg)) { + case 0: /* WEP disabled */ + cfg->an_authtype &= ~(AN_AUTHTYPE_PRIVACY_IN_USE + | AN_AUTHTYPE_ALLOW_UNENCRYPTED); + break; + case 1: /* WEP enabled */ + cfg->an_authtype |= AN_AUTHTYPE_PRIVACY_IN_USE; + cfg->an_authtype &= ~AN_AUTHTYPE_ALLOW_UNENCRYPTED; + break; + case 2: /* WEP optional */ + cfg->an_authtype = AN_AUTHTYPE_PRIVACY_IN_USE + | AN_AUTHTYPE_ALLOW_UNENCRYPTED; + break; + } + break; + case ACT_SET_KEY_TYPE: + cfg->an_authtype = (cfg->an_authtype & ~AN_AUTHTYPE_MASK) + | atoi(arg); + break; default: errx(1, "unknown action"); break; @@ -1113,6 +1152,160 @@ an_readcache(iface) } #endif +int +an_hex2int(c) + char c; +{ + if (c >= '0' && c <= '9') + return (c - '0'); + if (c >= 'A' && c <= 'F') + return (c - 'A' + 10); + if (c >= 'a' && c <= 'f') + return (c - 'a' + 10); + + return (0); +} + +void +an_str2key(s, k) + char *s; + struct an_ltv_key *k; +{ + int n, i; + char *p; + + /* Is this a hex string? */ + if (s[0] = '0' && (s[1] == 'x' || s[1] == 'X')) { + /* Yes, convert to int */ + n = 0; + p = (char *)&k->key[0]; + for (i = 2; i < strlen(s); i += 2) { + *p++ = (an_hex2int(s[i]) << 4) + an_hex2int(s[i + 1]); + n++; + } + k->klen = n; + } else { + /* No, just copy it in */ + bcopy(s, k->key, strlen(s)); + k->klen = strlen(s); + } + + return; +} + +void +an_setkeys(iface, key, keytype) + char *iface; + char *key; + int keytype; +{ + struct an_req areq; + struct an_ltv_key *k; + + bzero((char *)&areq, sizeof(areq)); + k = (struct an_ltv_key *)&areq; + + if (strlen(key) > 28) { + err(1, "encryption key must be no " + "more than 18 characters long"); + } + + an_str2key(key, k); + + k->kindex = keytype / 2; + + if (!(k->klen == 0 || k->klen == 5 || k->klen == 13)) { + err(1, "encryption key must be 0, 5 or 13 bytes long"); + } + + /* default mac and only valid one (from manual) 1:0:0:0:0:0 */ + k->mac[0] = 1; + k->mac[1] = 0; + k->mac[2] = 0; + k->mac[3] = 0; + k->mac[4] = 0; + k->mac[5] = 0; + + areq.an_len = sizeof(struct an_ltv_key); + areq.an_type = (keytype & 1) + ? AN_RID_WEP_VOLATILE : AN_RID_WEP_PERMANENT; + an_setval(iface, &areq); + + return; +} + +void +an_readkeyinfo(iface) + char *iface; +{ + struct an_req areq; + struct an_ltv_key *k; + int i; + + bzero((char *)&areq, sizeof(areq)); + k = (struct an_ltv_key *)&areq; + + printf ("\nWEP Key status:\n"); + areq.an_type = AN_RID_WEP_VOLATILE; /* read first key */ + for (i = 0; i < 4; i++) { + areq.an_len = sizeof(struct an_ltv_key); + an_getval(iface, &areq); + switch (k->klen) { + case 0: + printf("\tKey %d is unset\n", i); + break; + case 5: + printf("\tKey %d is set 40 bits\n", i); + break; + case 13: + printf("\tKey %d is set 128 bits\n", i); + break; + default: + printf("\tKey %d has an unknown size %d\n", i, k->klen); + break; + } + + areq.an_type = AN_RID_WEP_PERMANENT; /* read next key */ + } + k->kindex = 0xffff; + areq.an_len = sizeof(struct an_ltv_key); + an_getval(iface, &areq); + printf("\tThe active transmit key is %d\n", k->mac[0]); + + return; +} + +void +an_enable_tx_key(iface, arg) + char *iface; + char *arg; +{ + struct an_req areq; + struct an_ltv_key *k; + + bzero((char *)&areq, sizeof(areq)); + k = (struct an_ltv_key *)&areq; + + /* + * From a Cisco engineer: Write the transmit key + * to use in the first MAC, index is FFFF + */ + k->kindex = 0xFFFF; + k->klen = 0; + + k->mac[0] = atoi(arg); + k->mac[1] = 0; + k->mac[2] = 0; + k->mac[3] = 0; + k->mac[4] = 0; + k->mac[5] = 0; + + areq.an_len = sizeof(struct an_ltv_key); + areq.an_type = AN_RID_WEP_PERMANENT; + an_setval(iface, &areq); + + return; +} int main(argc, argv) @@ -1134,7 +1327,7 @@ main(argc, argv) } while ((ch = getopt(argc, argv, - "i:ANISCTt:a:o:s:n:v:d:f:j:b:c:r:p:w:m:l:QZ")) != -1) { + "i:ANISCTt:a:e:o:s:n:v:d:f:j:b:c:r:p:w:m:l:k:K:W:QZ")) != -1) { switch(ch) { case 'Z': #ifdef ANCACHE @@ -1285,6 +1478,18 @@ main(argc, argv) act = ACT_SET_WAKE_DURATION; arg = optarg; break; + case 'W': + act = ACT_ENABLE_WEP; + arg = optarg; + break; + case 'K': + act = ACT_SET_KEY_TYPE; + arg = optarg; + break; + case 'k': + act = ACT_SET_KEYS; + arg = optarg; + break; default: usage(p); } @@ -1334,6 +1539,12 @@ main(argc, argv) an_readcache(iface); break; #endif + case ACT_SET_KEYS: + an_setkeys(iface, arg, modifier); + break; + case ACT_ENABLE_TX_KEY: + an_enable_tx_key(iface, arg); + break; default: an_setconfig(iface, act, arg); break; diff --git a/sys/dev/ic/an.c b/sys/dev/ic/an.c index 22bf5997d1c..d7f0dfe6ed4 100644 --- a/sys/dev/ic/an.c +++ b/sys/dev/ic/an.c @@ -1,4 +1,4 @@ -/* $OpenBSD: an.c,v 1.11 2001/02/20 19:39:38 mickey Exp $ */ +/* $OpenBSD: an.c,v 1.12 2001/02/26 06:19:33 tholo Exp $ */ /* * Copyright (c) 1997, 1998, 1999 @@ -826,6 +826,28 @@ an_setdef(sc, areq) sp = (struct an_ltv_gen *)areq; sc->an_tx_rate = sp->an_val; break; + case AN_RID_WEP_VOLATILE: + /* Disable the MAC */ + an_cmd(sc, AN_CMD_DISABLE, 0); + + /* Just write the key, we dont' want to save it */ + an_write_record(sc, (struct an_ltv_gen *)areq); + + /* Turn the MAC back on */ + an_cmd(sc, AN_CMD_ENABLE, 0); + + break; + case AN_RID_WEP_PERMANENT: + /* Disable the MAC */ + an_cmd(sc, AN_CMD_DISABLE, 0); + + /* Just write the key, the card will save it in this mode */ + an_write_record(sc, (struct an_ltv_gen *)areq); + + /* Turn the MAC back on */ + an_cmd(sc, AN_CMD_ENABLE, 0); + + break; default: printf("%s: unknown RID: %x\n", sc->sc_dev.dv_xname, areq->an_type); @@ -931,7 +953,9 @@ an_ioctl(ifp, command, data) sc->an_if_flags & IFF_PROMISC) { an_promisc(sc, 0); } - an_init(sc); + else { + an_init(sc); + } } else { if (ifp->if_flags & IFF_RUNNING) an_stop(sc); diff --git a/sys/dev/ic/anreg.h b/sys/dev/ic/anreg.h index 1432b978dc1..a6f8e4428b3 100644 --- a/sys/dev/ic/anreg.h +++ b/sys/dev/ic/anreg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: anreg.h,v 1.3 2001/02/26 06:18:06 tholo Exp $ */ +/* $OpenBSD: anreg.h,v 1.4 2001/02/26 06:19:33 tholo Exp $ */ /* * Copyright (c) 1997, 1998, 1999 @@ -275,7 +275,10 @@ struct an_ltv_genconfig { u_int16_t an_diversity; /* 0x72 */ u_int16_t an_tx_power; /* 0x74 */ u_int16_t an_rss_thresh; /* 0x76 */ - u_int16_t an_rsvd6[4]; /* 0x78 */ + u_int16_t an_modulation_type; /* 0x77 */ + u_int16_t an_short_preamble; /* 0x7A */ + u_int16_t an_home_product; /* 0x7C */ + u_int16_t an_rsvd6; /* 0x7E */ /* Aironet extensions. */ u_int8_t an_nodename[16]; /* 0x80 */ u_int16_t an_arl_thresh; /* 0x90 */ @@ -320,6 +323,8 @@ struct an_ltv_genconfig { #define AN_AUTHTYPE_OPEN 0x0001 #define AN_AUTHTYPE_SHAREDKEY 0x0002 #define AN_AUTHTYPE_EXCLUDE_UNENCRYPTED 0x0004 +#define AN_AUTHTYPE_PRIVACY_IN_USE 0x0100 +#define AN_AUTHTYPE_ALLOW_UNENCRYPTED 0x0200 #define AN_PSAVE_NONE 0x0000 #define AN_PSAVE_CAM 0x0001 @@ -453,6 +458,7 @@ struct an_ltv_caps { u_int16_t an_ifacerev; /* 0x7A */ u_int16_t an_softcaps; /* 0x7C */ u_int16_t an_bootblockrev; /* 0x7E */ + u_int16_t an_req_hw_support; /* 0x80 */ }; /* @@ -494,7 +500,7 @@ struct an_ltv_status { u_int8_t an_macaddr[6]; /* 0x02 */ u_int16_t an_opmode; /* 0x08 */ u_int16_t an_errcode; /* 0x0A */ - u_int16_t an_cur_signal_quality; /* 0x0C */ + u_int16_t an_cur_signal_strength; /* 0x0C */ u_int16_t an_ssidlen; /* 0x0E */ u_int8_t an_ssid[32]; /* 0x10 */ u_int8_t an_ap_name[16]; /* 0x30 */ @@ -512,7 +518,16 @@ struct an_ltv_status { u_int16_t an_ap_total_load; /* 0x66 */ u_int16_t an_our_generated_load; /* 0x68 */ u_int16_t an_accumulated_arl; /* 0x6A */ - u_int16_t an_rsvd0[10]; /* 0x6C */ + u_int16_t an_cur_signal_quality; /* 0x6C */ + u_int16_t an_current_tx_rate; /* 0x6E */ + u_int16_t an_ap_device; /* 0x70 */ + u_int16_t an_normalized_rssi; /* 0x72 */ + u_int16_t an_short_pre_in_use; /* 0x74 */ + u_int8_t an_ap_ip_addr[4]; /* 0x76 */ + u_int16_t an_max_noise_prev_sec; /* 0x7A */ + u_int16_t an_avg_noise_prev_min; /* 0x7C */ + u_int16_t an_max_noise_prev_min; /* 0x7E */ + u_int16_t an_rsvd0[2]; /* 0x80 */ }; #define AN_STATUS_OPMODE_CONFIGURED 0x0001 @@ -643,6 +658,20 @@ struct an_ltv_stats { }; /* + * WEP config + */ +#define AN_RID_WEP_VOLATILE 0xFF15 +#define AN_RID_WEP_PERMANENT 0xFF16 +struct an_wepkey { + u_int16_t an_len; /* 0x00 */ + u_int16_t an_type; /* 0xXX */ + u_int16_t an_key_index; /* 0x02 */ + u_int8_t an_mac_addr[6]; /* 0x04 */ + u_int16_t an_key_len; /* 0x0A */ + u_int8_t an_key[13]; /* 0x0C */ +}; + +/* * Receive frame structure. */ struct an_rxframe { diff --git a/sys/dev/ic/anvar.h b/sys/dev/ic/anvar.h index b1eb2c33424..48f5b68241e 100644 --- a/sys/dev/ic/anvar.h +++ b/sys/dev/ic/anvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: anvar.h,v 1.1 2000/04/03 01:01:59 mickey Exp $ */ +/* $OpenBSD: anvar.h,v 1.2 2001/02/26 06:19:34 tholo Exp $ */ /* * Copyright (c) 1997, 1998, 1999 @@ -162,6 +162,15 @@ struct an_sigcache { #endif #ifndef _KERNEL +struct an_ltv_key { + u_int16_t an_len; + u_int16_t an_type; + u_int16_t kindex; + u_int8_t mac[6]; + u_int16_t klen; + u_int8_t key[16]; +}; + struct an_ltv_stats { u_int16_t an_fudge; u_int16_t an_len; /* 0x00 */ @@ -367,6 +376,9 @@ struct an_ltv_genconfig { #define AN_AUTHTYPE_OPEN 0x0001 #define AN_AUTHTYPE_SHAREDKEY 0x0002 #define AN_AUTHTYPE_EXCLUDE_UNENCRYPTED 0x0004 +#define AN_AUTHTYPE_MASK 0x00FF +#define AN_AUTHTYPE_PRIVACY_IN_USE 0x0100 +#define AN_AUTHTYPE_ALLOW_UNENCRYPTED 0x0200 #define AN_PSAVE_NONE 0x0000 #define AN_PSAVE_CAM 0x0001 @@ -533,6 +545,8 @@ struct an_ltv_status { #define AN_RID_APLIST 0xFF12 /* Valid AP list */ #define AN_RID_DRVNAME 0xFF13 /* ID name of this node for diag */ #define AN_RID_ENCAPPROTO 0xFF14 /* Payload encapsulation type */ +#define AN_RID_WEP_VOLATILE 0xFF15 /* Temporary WEP key configuration */ +#define AN_RID_WEP_PERMANENT 0xFF16 /* Permanent WEP key configuration */ #define AN_RID_ACTUALCFG 0xFF20 /* Current configuration settings */ /* |