From 85c836b2c070d3a80771393496f94ea2f827eef3 Mon Sep 17 00:00:00 2001 From: wpaul Date: Mon, 13 Nov 2000 23:04:16 +0000 Subject: Close PR# 21843 and PR# 21864. This adds support for WEP and updates some of the data structures to include new members that weren't defined in the manual I have. I opted to use Doug Ambrisko's WEP patches since David Cornejo's patches did not include the necessary changes to ancontrol(8) to actually enable and use WEP. NOTE: I don't currently have access to an Aironet card, so I can't test any of this. Everything compiles and close scrutiny doesn't reveal any obvious problems, but Murphy's Law applies. This means I will probably leave these changes in -current for a bit longer than usual until I'm sure they work right. --- usr.sbin/ancontrol/ancontrol.8 | 37 +++++++++-- usr.sbin/ancontrol/ancontrol.c | 140 ++++++++++++++++++++++++++++++++++++++--- 2 files changed, 164 insertions(+), 13 deletions(-) (limited to 'usr.sbin') diff --git a/usr.sbin/ancontrol/ancontrol.8 b/usr.sbin/ancontrol/ancontrol.8 index 2b22981..85c6428 100644 --- a/usr.sbin/ancontrol/ancontrol.8 +++ b/usr.sbin/ancontrol/ancontrol.8 @@ -54,13 +54,27 @@ .Nm ancontrol .Fl i Ar iface Fl s Ar 0|1|2|3 .Nm ancontrol -.Fl i Ar iface Fl a Ar AP +.Fl i Ar iface .Op Fl v Ar 1|2|3|4 +.Fl a Ar AP .Nm ancontrol .Fl i Ar iface Fl b Ar beacon period .Nm ancontrol -.Fl i Ar iface Fl d Ar 0|1|2|3 +.Fl i Ar iface .Op v Ar 0|1 +.Fl d Ar 0|1|2|3 +.Nm ancontrol +.Fl i Ar iface Fl e Ar 0|1 +.Nm ancontrol +.Fl i Ar iface +.Op Fl v Ar 0|1 +.Fl k Ar key +.Nm ancontrol +.Fl i Ar iface +.Fl K Ar mode +.Nm ancontrol +.Fl i Ar iface +.Fl W Ar mode .Nm ancontrol .Fl i Ar iface Fl j Ar netjoin timeout .Nm ancontrol @@ -68,8 +82,9 @@ .Nm ancontrol .Fl i Ar iface Fl m Ar mac address .Nm ancontrol -.Fl i Ar iface Fl n Ar SSID +.Fl i Ar iface .Op Fl v Ar 1|2|3 +.Fl n Ar SSID .Nm ancontrol .Fl i Ar iface Fl o Ar 0|1 .Nm ancontrol @@ -184,7 +199,7 @@ Valid selections are as follows: .Pp Note that for IBSS (ad-hoc) mode, only PSP mode is supported, and only if the ATIM window is non-zero. -.It Fl i Ar iface Fl a Ar AP "[-v 1|2|3|4]" +.It Fl i Ar iface "[-v 1|2|3|4]" Fl a Ar AP Set prefered access point. The .Ar AP @@ -205,7 +220,7 @@ Set the ad-hoc mode beacon period. The becon period is specified in milliseconds. The default is 100ms. -.It Fl i Ar iface Fl d Ar 0|1|2|3 "-v 0|1" +.It Fl i Ar iface "-v 0|1" Fl d Ar 0|1|2|3 Select the antenna diversity. Aironet devices can be configured with up to two antennas, and transmit and receive diversity can be configured @@ -230,6 +245,16 @@ option: selection sets the receive diversity and .Ar 1 sets the transmit diversity. +.It Fl i Ar iface "[ -v 0|1 ]" Fl k Ar key +Set the WEP key. For 40 bit prefix 10 hex character with 0x. +For 128 bit prefix 26 hex character with 0x. +Supports 4 keys, use even numbers are permanet and odd number +are temporary keys for example "-v 1" sets the first temporary key. +.It Fl i Ar iface Fl K Ar 0|1|2|4 +Set authorization type. Use 0 for none, 1 for "Open", +2 for "Shared Key", 4 for "Exclude unencrypted". +.It Fl i Ar iface Fl W Ar 0|1 +Enable WEP. Use 1 to enable, 0 for disable. .It Fl i Ar iface Fl j Ar netjoin timeout Set the ad-hoc network join timeout. When a station is first activated @@ -257,7 +282,7 @@ is specified as a series of six hexadecimal values separated by colons, e.g.: 00:60:1d:12:34:56. This programs the new address into the card and updates the interface as well. -.It Fl i Ar iface Fl n Ar SSID "[-v 1|2|3]" +.It Fl i Ar iface "[-v 1|2|3]" Fl n Ar SSID Set the desired SSID (network name). There are three SSIDs which allows the NIC to work with access points at several locations without needing to be reconfigured. diff --git a/usr.sbin/ancontrol/ancontrol.c b/usr.sbin/ancontrol/ancontrol.c index 22a2323..22ef82e 100644 --- a/usr.sbin/ancontrol/ancontrol.c +++ b/usr.sbin/ancontrol/ancontrol.c @@ -118,6 +118,10 @@ int main __P((int, char **)); #define ACT_DUMPCACHE 31 #define ACT_ZEROCACHE 32 +#define ACT_ENABLE_WEP 33 +#define ACT_SET_KEY_TYPE 34 +#define ACT_SET_KEYS 35 + static void an_getval(iface, areq) char *iface; struct an_req *areq; @@ -240,6 +244,8 @@ static void an_printhex(ptr, len) return; } + + static void an_dumpstatus(iface) char *iface; { @@ -681,14 +687,20 @@ static void an_dumpconfig(iface) an_printwords(&cfg->an_ibss_join_net_timeout, 1); printf("\nAuthentication timeout:\t\t\t"); an_printwords(&cfg->an_auth_timeout, 1); + printf("\nWEP enabled:\t\t\t\t[ "); + if (cfg->an_authtype & AN_AUTHTYPE_ENABLE) + printf("yes"); + else + printf("no"); + printf(" ]"); printf("\nAuthentication type:\t\t\t[ "); - if (cfg->an_authtype == AN_AUTHTYPE_NONE) - printf("no auth"); - if (cfg->an_authtype == AN_AUTHTYPE_OPEN) + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_NONE) + printf("none"); + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_OPEN) printf("open"); - if (cfg->an_authtype == AN_AUTHTYPE_SHAREDKEY) + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_SHAREDKEY) printf("shared key"); - if (cfg->an_authtype == AN_AUTHTYPE_EXCLUDE_UNENCRYPTED) + if ((cfg->an_authtype & AN_AUTHTYPE_MASK) == AN_AUTHTYPE_EXCLUDE_UNENCRYPTED) printf("exclude unencrypted"); printf(" ]"); printf("\nAssociation timeout:\t\t\t"); @@ -795,6 +807,9 @@ static void usage(p) fprintf(stderr, "\t%s -i iface -b val (set beacon period)\n", p); fprintf(stderr, "\t%s -i iface [-v 0|1] -d val (set diversity)\n", p); fprintf(stderr, "\t%s -i iface -j val (set netjoin timeout)\n", p); + fprintf(stderr, "\t%s -i iface [-v 0|1|2|3|4|5|6|7] -k key (set key)\n", p); + fprintf(stderr, "\t%s -i iface -K 0|1|2|4 (set auth type 2=shared secret)\n", p); + fprintf(stderr, "\t%s -i iface -W 0|1 (enable WEP)\n", p); fprintf(stderr, "\t%s -i iface -l val (set station name)\n", p); fprintf(stderr, "\t%s -i iface -m val (set MAC address)\n", p); fprintf(stderr, "\t%s -i iface [-v 1|2|3] -n SSID " @@ -918,6 +933,14 @@ static void an_setconfig(iface, act, arg) bzero(cfg->an_macaddr, ETHER_ADDR_LEN); bcopy((char *)addr, (char *)&cfg->an_macaddr, ETHER_ADDR_LEN); break; + case ACT_ENABLE_WEP: + cfg->an_authtype = (cfg->an_authtype & AN_AUTHTYPE_MASK) + | atoi(arg) * AN_AUTHTYPE_ENABLE; + break; + case ACT_SET_KEY_TYPE: + cfg->an_authtype = (cfg->an_authtype & ~AN_AUTHTYPE_MASK) + | atoi(arg); + break; default: errx(1, "unknown action"); break; @@ -1122,6 +1145,92 @@ static void an_readcache(iface) } #endif +static int an_hex2int(c) + char c; +{ + if (c >= '0' && c <= '9') + return (c - '0'); + if (c >= 'A' && c <= 'F') + return (c - 'A' + 10); + if (c >= 'a' && c <= 'f') + return (c - 'a' + 10); + + return (0); +} + +static void an_str2key(s, k) + char *s; + struct an_ltv_key *k; +{ + int n, i; + char *p; + + /* Is this a hex string? */ + if (s[0] == '0' && (s[1] == 'x' || s[1] == 'X')) { + /* Yes, convert to int. */ + n = 0; + p = (char *)&k->key[0]; + for (i = 2; i < strlen(s); i+= 2) { + *p++ = (an_hex2int(s[i]) << 4) + an_hex2int(s[i + 1]); + n++; + } + k->klen = n; + } else { + /* No, just copy it in. */ + bcopy(s, k->key, strlen(s)); + k->klen = strlen(s); + } + + return; +} + +static void an_setkeys(iface, key, keytype) + char *iface; + char *key; + int keytype; +{ + struct an_req areq; + struct an_ltv_key *k; + + bzero((char *)&areq, sizeof(areq)); + k = (struct an_ltv_key *)&areq; + + if (strlen(key) > 28) { + err(1, "encryption key must be no " + "more than 18 characters long"); + } + + an_str2key(key, k); + + k->kindex=keytype/2; + + if (!(k->klen==0 || k->klen==5 || k->klen==13)) { + err(1, "encryption key must be 0, 5 or 13 bytes long"); + } + + /* default mac and only valid one (from manual) 1.0.0.0.0.0 */ + k->mac[0]=1; + k->mac[1]=0; + k->mac[2]=0; + k->mac[3]=0; + k->mac[4]=0; + k->mac[5]=0; + + switch(keytype & 1){ + case 0: + areq.an_len = sizeof(struct an_ltv_key); + areq.an_type = AN_RID_WEP_PERM; + an_setval(iface, &areq); + break; + case 1: + areq.an_len = sizeof(struct an_ltv_key); + areq.an_type = AN_RID_WEP_TEMP; + an_setval(iface, &areq); + break; + } + + return; +} int main(argc, argv) int argc; @@ -1131,6 +1240,7 @@ int main(argc, argv) int act = 0; char *iface = NULL; int modifier = 0; + char *key = NULL; void *arg = NULL; char *p = argv[0]; @@ -1147,7 +1257,7 @@ int main(argc, argv) opterr = 1; while ((ch = getopt(argc, argv, - "ANISCTht:a:o:s:n:v:d:j:b:c:r:p:w:m:l:QZ")) != -1) { + "ANISCTht:a:o:s:n:v:d:j:b:c:r:p:w:m:l:k:K:W:QZ")) != -1) { switch(ch) { case 'Z': #ifdef ANCACHE @@ -1282,6 +1392,18 @@ int main(argc, argv) act = ACT_SET_FRAG_THRESH; arg = optarg; break; + case 'W': + act = ACT_ENABLE_WEP; + arg = optarg; + break; + case 'K': + act = ACT_SET_KEY_TYPE; + arg = optarg; + break; + case 'k': + act = ACT_SET_KEYS; + key = optarg; + break; case 'q': act = ACT_SET_RTS_RETRYLIM; arg = optarg; @@ -1300,7 +1422,7 @@ int main(argc, argv) } } - if (iface == NULL || !act) + if (iface == NULL || (!act && !key)) usage(p); switch(act) { @@ -1343,7 +1465,11 @@ int main(argc, argv) case ACT_DUMPCACHE: an_readcache(iface); break; + #endif + case ACT_SET_KEYS: + an_setkeys(iface, key, modifier); + break; default: an_setconfig(iface, act, arg); break; -- cgit v1.1