Date: Thu, 24 May 2001 23:19:35 -0400 From: Peter Radcliffe <pir@pir.net> To: freebsd-mobile@FreeBSD.ORG Subject: Re: if_wi.c with encryption for 3.4-RELEASE/PAO? Message-ID: <20010524231934.I24699@pir.net> In-Reply-To: <20010524205128.A25731@chaos.obstruction.com>; from guy@obstruction.com on Thu, May 24, 2001 at 08:51:28PM -0400 References: <20010524205128.A25731@chaos.obstruction.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--AhhlLboLdkugWU4S Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Guy Middleton <guy@obstruction.com> probably said: > I have a Lucent Orinico/Wavelan card working fine with 3.4-RELEASE+PAO, > but I would like to be able to turn on encryption, which the driver I am > using does not support. Greg backported those changes a while back. Patch attatched. -- pir pir@pir.net pir@net.tufts.edu --AhhlLboLdkugWU4S Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="wep.diffs.patch" --- if_wavelan_ieee.h Mon Apr 10 11:13:49 2000 +++ /usr/src/sys/i386/include/if_wavelan_ieee.h Mon Apr 10 10:45:53 2000 @@ -185,6 +185,8 @@ #define WI_RID_WDS_ADDR5 0xFC15 /* port 1 MAC of WDS link node */ #define WI_RID_WDS_ADDR6 0xFC16 /* port 1 MAC of WDS link node */ #define WI_RID_MCAST_PM_BUF 0xFC17 /* PM buffering of mcast */ +#define WI_RID_ENCRYPTION 0xFC20 /* enable/disable WEP */ +#define WI_RID_AUTHTYPE 0xFC21 /* specify authentication type */ /* * Network parameters, dynamic configuration entities @@ -216,7 +218,20 @@ #define WI_RID_TX_RATE4 0xFCA2 #define WI_RID_TX_RATE5 0xFCA3 #define WI_RID_TX_RATE6 0xFCA4 +#define WI_RID_DEFLT_CRYPT_KEYS 0xFCB0 +#define WI_RID_TX_CRYPT_KEY 0xFCB1 #define WI_RID_TICK_TIME 0xFCE0 + +struct wi_key { + u_int16_t wi_keylen; + u_int8_t wi_keydat[14]; +}; + +struct wi_ltv_keys { + u_int16_t wi_len; + u_int16_t wi_type; + struct wi_key wi_keys[4]; +}; /* * NIC information --- if_wi.c Mon Apr 10 11:13:55 2000 +++ /usr/src/sys/i386/isa/if_wi.c Mon Apr 10 10:48:36 2000 @@ -344,6 +344,14 @@ wi_read_record(sc, &gen); sc->wi_channel = gen.wi_val; + /* + * Find out if we support WEP on this card. + */ + gen.wi_type = WI_RID_WEP_AVAIL; + gen.wi_len = 2; + wi_read_record(sc, &gen); + sc->wi_has_wep = gen.wi_val; + bzero((char *)&sc->wi_stats, sizeof(sc->wi_stats)); wi_init(sc); @@ -975,6 +983,16 @@ case WI_RID_MAX_SLEEP: sc->wi_max_sleep = wreq->wi_val[0]; break; + case WI_RID_ENCRYPTION: + sc->wi_use_wep = wreq->wi_val[0]; + break; + case WI_RID_TX_CRYPT_KEY: + sc->wi_tx_key = wreq->wi_val[0]; + break; + case WI_RID_DEFLT_CRYPT_KEYS: + bcopy((char *)wreq, (char *)&sc->wi_keys, + sizeof(struct wi_ltv_keys)); + break; default: break; } @@ -1042,6 +1060,9 @@ bcopy((char *)&sc->wi_stats, (char *)&wreq.wi_val, sizeof(sc->wi_stats)); wreq.wi_len = (sizeof(sc->wi_stats) / 2) + 1; + } else if (wreq.wi_type == WI_RID_DEFLT_CRYPT_KEYS) { + bcopy((char *)&sc->wi_keys, (char *)&wreq, + sizeof(struct wi_ltv_keys)); } else { if (wi_read_record(sc, (struct wi_ltv_gen *)&wreq)) { error = EINVAL; @@ -1137,6 +1158,15 @@ bcopy((char *)&sc->arpcom.ac_enaddr, (char *)&mac.wi_mac_addr, ETHER_ADDR_LEN); wi_write_record(sc, (struct wi_ltv_gen *)&mac); + + /* Configure WEP. */ + if (sc->wi_has_wep) { + WI_SETVAL(WI_RID_ENCRYPTION, sc->wi_use_wep); + WI_SETVAL(WI_RID_TX_CRYPT_KEY, sc->wi_tx_key); + sc->wi_keys.wi_len = (sizeof(struct wi_ltv_keys) / 2) + 1; + sc->wi_keys.wi_type = WI_RID_DEFLT_CRYPT_KEYS; + wi_write_record(sc, (struct wi_ltv_gen *)&sc->wi_keys); + } /* Initialize promisc mode. */ if (ifp->if_flags & IFF_PROMISC) { --- if_wireg.h Mon Apr 10 11:14:01 2000 +++ /usr/src/sys/i386/isa/if_wireg.h Mon Apr 10 10:49:27 2000 @@ -56,6 +56,27 @@ u_int32_t wi_rx_msg_in_bad_msg_frags; }; +/* + * Encryption controls. We can enable or disable encryption as + * well as specify up to 4 encryption keys. We can also specify + * which of the four keys will be used for transmit encryption. + */ +#define WI_RID_ENCRYPTION 0xFC20 +#define WI_RID_AUTHTYPE 0xFC21 +#define WI_RID_DEFLT_CRYPT_KEYS 0xFCB0 +#define WI_RID_TX_CRYPT_KEY 0xFCB1 +#define WI_RID_WEP_AVAIL 0xFD4F +struct wi_key { + u_int16_t wi_keylen; + u_int8_t wi_keydat[14]; +}; + +struct wi_ltv_keys { + u_int16_t wi_len; + u_int16_t wi_type; + struct wi_key wi_keys[4]; +}; + struct wi_softc { struct arpcom arpcom; struct ifmedia ifmedia; @@ -79,7 +100,11 @@ char wi_node_name[32]; char wi_net_name[32]; char wi_ibss_name[32]; - u_int8_t wi_txbuf[1536]; + u_int8_t wi_txbuf[1596]; + int wi_has_wep; + int wi_use_wep; + int wi_tx_key; + struct wi_ltv_keys wi_keys; struct wi_counters wi_stats; struct callout_handle wi_stat_ch; }; --- wicontrol.8 Mon Apr 10 11:14:09 2000 +++ /usr/src/usr.sbin/wicontrol/wicontrol.8 Mon Apr 10 10:50:28 2000 @@ -58,6 +58,13 @@ .Nm wicontrol .Fl i Ar iface Fl d Ar max data length .Nm wicontrol +.Fl i Ar iface Fl e Ar 0|1 +.Nm wicontrol +.Fl i Ar iface Fl k Ar key +.Op Fl v Ar 1|2|3|4 +.Nm wicontrol +.Fl i Ar iface Fl T Ar 1|2|3|4 +.Nm wicontrol .Fl i Ar iface Fl r Ar RTS threshold .Nm wicontrol .Fl i Ar iface Fl f Ar frequency @@ -202,6 +209,34 @@ .Ar max data length can be any number from 350 to 2304. The default is 2304. +.It Fl i Ar iface Fl e Ar 0|1 +Enable or disable WEP encryption. Permitted values are +.Ar 0 +(encryption disabled) or +.Ar 1 +(encryption enabled). Encryption is off by default. +.It Fl i Ar iface Fl k Ar key "[-v 1|2|3|4]" +Set WEP encryption keys. There are four default encryption keys +that can be programmed. A specific key can be set using +the +.Fl v +flag. If the +.Fl v +flag is not specified, the first key will be set. Encryption keys +can either be normal text (i.e. "hello") or a series of hexadecimal +digits (i.e. "0x1234512345"). For +WaveLAN Turbo Silver cards, the key is restricted to 40 bits, hence +the key can be either a 5 character text string or 10 hex digits. +For WaveLAN Turbo Gold cards, the key can be up to 128 bits, +which means the key can be specified as either a 16 character text +string or 32 hex digits. +.Pp +Note: currently, the field in the structure used to program the key +into the NIC is only 14 bytes long, not 16. I'm not sure how this is +supposed to allow 128 bits of key info for the gold cards. +.It Fl i Ar iface Fl T Ar 1|2|3|4 +Specify which of the four WEP encryption keys will be used to +encrypt transmitted packets. .It Fl i Ar iface Fl r Ar RTS threshold Set the RTS/CTS threshold for a given interface. This controls the --- wicontrol.c Mon Apr 10 11:14:13 2000 +++ /usr/src/usr.sbin/wicontrol/wicontrol.c Mon Apr 10 10:52:51 2000 @@ -70,6 +70,8 @@ static void wi_printbool __P((struct wi_req *)); static void wi_printhex __P((struct wi_req *)); static void wi_dumpinfo __P((char *)); +static void wi_setkeys __P((char *, char *, int)); +static void wi_printkeys __P((struct wi_req *)); static void usage __P((char *)); static void wi_getval(iface, wreq) @@ -236,6 +238,111 @@ return; } +static int wi_hex2int(c) + char c; +{ + if (c >= '0' && c <= '9') + return (c - '0'); + if (c >= 'A' && c <= 'F') + return (c - 'A' + 10); + if (c >= 'a' && c <= 'f') + return (c - 'a' + 10); + + return (0); +} + +static void wi_str2key(s, k) + char *s; + struct wi_key *k; +{ + int n, i; + char *p; + + /* Is this a hex string? */ + if (s[0] == '0' && (s[1] == 'x' || s[1] == 'X')) { + /* Yes, convert to int. */ + n = 0; + p = (char *)&k->wi_keydat[0]; + for (i = 2; i < strlen(s); i+= 2) { + *p++ = (wi_hex2int(s[i]) << 4) + wi_hex2int(s[i + 1]); + n++; + } + k->wi_keylen = n; + } else { + /* No, just copy it in. */ + bcopy(s, k->wi_keydat, strlen(s)); + k->wi_keylen = strlen(s); + } + + return; +} + +static void wi_setkeys(iface, key, idx) + char *iface; + char *key; + int idx; +{ + struct wi_req wreq; + struct wi_ltv_keys *keys; + struct wi_key *k; + + bzero((char *)&wreq, sizeof(wreq)); + wreq.wi_len = WI_MAX_DATALEN; + wreq.wi_type = WI_RID_WEP_AVAIL; + + wi_getval(iface, &wreq); + if (wreq.wi_val[0] == 0) + err(1, "no WEP option available on this card"); + + bzero((char *)&wreq, sizeof(wreq)); + wreq.wi_len = WI_MAX_DATALEN; + wreq.wi_type = WI_RID_DEFLT_CRYPT_KEYS; + + wi_getval(iface, &wreq); + keys = (struct wi_ltv_keys *)&wreq; + + if (strlen(key) > 14) { + err(1, "encryption key must be no " + "more than 14 characters long"); + } + + if (idx > 3) + err(1, "only 4 encryption keys available"); + + k = &keys->wi_keys[idx]; + wi_str2key(key, k); + + wreq.wi_len = (sizeof(struct wi_ltv_keys) / 2) + 1; + wreq.wi_type = WI_RID_DEFLT_CRYPT_KEYS; + wi_setval(iface, &wreq); + + return; +} + +static void wi_printkeys(wreq) + struct wi_req *wreq; +{ + int i, j; + struct wi_key *k; + struct wi_ltv_keys *keys; + char *ptr; + + keys = (struct wi_ltv_keys *)wreq; + + for (i = 0; i < 4; i++) { + k = &keys->wi_keys[i]; + ptr = (char *)k->wi_keydat; + for (j = 0; j < k->wi_keylen; j++) { + if (ptr[i] == '\0') + ptr[i] = ' '; + } + ptr[j] = '\0'; + printf("[ %s ]", ptr); + } + + return; +}; + void wi_printwords(wreq) struct wi_req *wreq; { @@ -283,6 +390,7 @@ #define WI_BOOL 0x02 #define WI_WORDS 0x03 #define WI_HEXBYTES 0x04 +#define WI_KEYSTRUCT 0x05 struct wi_table { int wi_code; @@ -304,7 +412,8 @@ { WI_RID_PROMISC, WI_BOOL, "Promiscuous mode:\t\t\t" }, { WI_RID_PORTTYPE, WI_WORDS, "Port type (1=BSS, 3=ad-hoc):\t\t"}, { WI_RID_MAC_NODE, WI_HEXBYTES, "MAC address:\t\t\t\t"}, - { WI_RID_TX_RATE, WI_WORDS, "TX rate:\t\t\t\t"}, + { WI_RID_TX_RATE, WI_WORDS, "TX rate (selection):\t\t\t"}, + { WI_RID_CUR_TX_RATE, WI_WORDS, "TX rate (actual speed):\t\t\t"}, { WI_RID_RTS_THRESH, WI_WORDS, "RTS/CTS handshake threshold:\t\t"}, { WI_RID_CREATE_IBSS, WI_BOOL, "Create IBSS:\t\t\t\t" }, { WI_RID_SYSTEM_SCALE, WI_WORDS, "Access point density:\t\t\t" }, @@ -313,13 +422,28 @@ { 0, NULL } }; +static struct wi_table wi_crypt_table[] = { + { WI_RID_ENCRYPTION, WI_BOOL, "WEP encryption:\t\t\t\t" }, + { WI_RID_TX_CRYPT_KEY, WI_WORDS, "TX encryption key:\t\t\t" }, + { WI_RID_DEFLT_CRYPT_KEYS, WI_KEYSTRUCT, "Encryption keys:\t\t\t" }, + { 0, NULL } +}; + static void wi_dumpinfo(iface) char *iface; { struct wi_req wreq; - int i; + int i, has_wep; struct wi_table *w; + bzero((char *)&wreq, sizeof(wreq)); + + wreq.wi_len = WI_MAX_DATALEN; + wreq.wi_type = WI_RID_WEP_AVAIL; + + wi_getval(iface, &wreq); + has_wep = wreq.wi_val[0]; + w = wi_table; for (i = 0; w[i].wi_type; i++) { @@ -345,10 +469,45 @@ break; default: break; } printf("\n"); } + if (has_wep) { + w = wi_crypt_table; + for (i = 0; w[i].wi_type; i++) { + bzero((char *)&wreq, sizeof(wreq)); + + wreq.wi_len = WI_MAX_DATALEN; + wreq.wi_type = w[i].wi_code; + + wi_getval(iface, &wreq); + printf("%s", w[i].wi_str); + switch(w[i].wi_type) { + case WI_STRING: + wi_printstr(&wreq); + break; + case WI_WORDS: + if (wreq.wi_type == WI_RID_TX_CRYPT_KEY) + wreq.wi_val[0]++; + wi_printwords(&wreq); + break; + case WI_BOOL: + wi_printbool(&wreq); + break; + case WI_HEXBYTES: + wi_printhex(&wreq); + break; + case WI_KEYSTRUCT: + wi_printkeys(&wreq); + break; + default: + break; + } + printf("\n"); + } + } + return; } @@ -426,11 +585,14 @@ fprintf(stderr, "\t%s -i iface -p port type\n", p); fprintf(stderr, "\t%s -i iface -a access point density\n", p); fprintf(stderr, "\t%s -i iface -m mac address\n", p); + fprintf(stderr, "\t%s -i iface -e 0|1\n", p); + fprintf(stderr, "\t%s -i iface -k encryption key [-v 1|2|3|4]\n", p); fprintf(stderr, "\t%s -i iface -d max data length\n", p); fprintf(stderr, "\t%s -i iface -r RTS threshold\n", p); fprintf(stderr, "\t%s -i iface -f frequency\n", p); fprintf(stderr, "\t%s -i iface -P 0|1t\n", p); fprintf(stderr, "\t%s -i iface -S max sleep duration\n", p); + fprintf(stderr, "\t%s -i iface -T 1|2|3|4\n", p); exit(1); } @@ -442,9 +604,11 @@ int ch; char *iface = NULL; char *p = argv[0]; + char *key = NULL; + int modifier = 0; while((ch = getopt(argc, argv, - "hoc:d:f:i:p:r:q:t:n:s:m:P:S:")) != -1) { + "hoc:d:e:f:i:k:p:r:q:t:n:s:m:v:P:S:T:")) != -1) { switch(ch) { case 'o': wi_dumpstats(iface); @@ -461,10 +625,17 @@ wi_setword(iface, WI_RID_MAX_DATALEN, atoi(optarg)); exit(0); break; + case 'e': + wi_setword(iface, WI_RID_ENCRYPTION, atoi(optarg)); + exit(0); + break; case 'f': wi_setword(iface, WI_RID_OWN_CHNL, atoi(optarg)); exit(0); break; + case 'k': + key = optarg; + break; case 'p': wi_setword(iface, WI_RID_PORTTYPE, atoi(optarg)); exit(0); @@ -497,10 +668,19 @@ wi_setword(iface, WI_RID_MAX_SLEEP, atoi(optarg)); exit(0); break; + case 'T': + wi_setword(iface, + WI_RID_TX_CRYPT_KEY, atoi(optarg) - 1); + exit(0); + break; case 'P': wi_setword(iface, WI_RID_PM_ENABLED, atoi(optarg)); exit(0); break; + case 'v': + modifier = atoi(optarg); + modifier--; + break; case 'h': default: usage(p); @@ -510,6 +690,11 @@ if (iface == NULL) usage(p); + + if (key != NULL) { + wi_setkeys(iface, key, modifier); + exit(0); + } wi_dumpinfo(iface); --AhhlLboLdkugWU4S-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-mobile" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010524231934.I24699>