1 /*
2 * auth.c from Access Point SNMP Utils for Linux
3 *
4 * Copyright (c) 2002 Roman Festchook <roma at polesye dot net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License Version 2 from
8 * June 1991 as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 */
20
21 #include <stdlib.h>
22 #include <unistd.h>
23 #include <string.h>
24 #include "ap-utils.h"
25 #include "ap-curses.h"
26
27 #define MAX_LINES LINES-6
28 #define PACKET_ERROR _("AuthorizedMacTableString packet error")
29
30 #define MAC_AUTH _("[A] MAC authorization: ")
31 #define MAC_ADD _("Enter MAC: ")
32 #define MAC_DEL _("Delete Num: ")
33 #define MAC_TITLE _("Authorized MAC addresses")
34 #define MAC_HEADER _("NUM MAC address")
35 #define MAC_HELP _("A - auth; N - new; D - del; arrows - scroll; W - write conf; Q - quit")
36 #define MAC_RADIUS_HELP _("A - auth; IPSTF - set; W - write conf; Q - quit")
37 #define MAC_NONE_HELP _("A - auth; W - write conf; Q - quit")
38
39 #define RADIUS_IP _("[I] RADIUS SERVER IP: ")
40 #define RADIUS_DEST_PORT _("[P] RADIUS SERVER PORT: ")
41 #define RADIUS_SECRET _("[S] RADIUS SERVER SECRET: ")
42 #define RADIUS_TIME _("[T] REAUTHORIZATION TIME: ")
43 #define RADIUS_PORT _("[F] RADIUS SOURCE PORT: ")
44
45 extern WINDOW *main_sub;
46 extern int LINES;
47 extern short ap_type;
48
atmel_auth_mac()49 void atmel_auth_mac()
50 {
51 struct AuthorizedMacTableString {
52 unsigned int short Action;
53 unsigned int short NumOfAllTableAddresses;
54 unsigned int short NumOfCurrentAddress;
55 unsigned char MacAddress[6];
56 } *AuthMac = NULL, get;
57
58 struct MacListStat *pmac, *first = NULL, *curr = NULL;
59 uint32_t auth_mac_hw;
60
61 char EnableAuthMAC[] =
62 { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
63 0x02, 0x06, 0x01, 0x00
64 };
65 char AutorizedMac[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
66 0x02, 0x06, 0x02, 0x00
67 };
68
69 char AuthRadiusIP[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
70 0x02, 0x06, 0x03, 0x00
71 };
72 char AuthRadiusSecret[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
73 0x02, 0x06, 0x04, 0x00
74 };
75 char AuthRadiusSecretLength[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
76 0x02, 0x06, 0x05, 0x00
77 };
78 char AuthRadiusPort[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
79 0x02, 0x06, 0x06, 0x00
80 };
81 char AuthRadiusReauthorizationTime[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
82 0x02, 0x06, 0x07, 0x00
83 };
84 char AuthRadiusDestinPort[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1A, 0x01,
85 0x02, 0x06, 0x08, 0x00
86 };
87
88 char *auth_types[] = { _("Internal"), OFF, "RADIUS" };
89
90 struct in_addr radius_ip;
91 char message[1024], m_authmac = 0, radius_secret[32], m_radius_secret=0, m_radius_ip=0;
92 int radius_port, radius_time, radius_dest_port, m_radius_port=0, m_radius_time=0, m_radius_dest_port=0;
93 int i, total_mac, auth_mac = 0, mac_num = 0, begin=0, end=0, c=0;
94 varbind varbinds[7];
95
96 memcpy(radius_secret, _("<hidden>"), 32);
97
98 varbinds[0].oid = EnableAuthMAC;
99 varbinds[0].len_oid = sizeof(EnableAuthMAC);
100 varbinds[0].type = NULL_VALUE;
101 varbinds[0].len_val = 0;
102
103 varbinds[1].oid = AuthRadiusIP;
104 varbinds[1].len_oid = sizeof(AuthRadiusIP);
105 varbinds[1].type = NULL_VALUE;
106 varbinds[1].len_val = 0;
107
108 varbinds[3].oid = AuthRadiusPort;
109 varbinds[3].len_oid = sizeof(AuthRadiusPort);
110 varbinds[3].type = NULL_VALUE;
111 varbinds[3].len_val = 0;
112
113 varbinds[4].oid = AuthRadiusReauthorizationTime;
114 varbinds[4].len_oid = sizeof(AuthRadiusReauthorizationTime);
115 varbinds[4].type = NULL_VALUE;
116 varbinds[4].len_val = 0;
117
118 varbinds[2].oid = AuthRadiusDestinPort;
119 varbinds[2].len_oid = sizeof(AuthRadiusDestinPort);
120 varbinds[2].type = NULL_VALUE;
121 varbinds[2].len_val = 0;
122
123 print_help(WAIT_RET);
124 if (snmp(varbinds, 5, GET) <= 0) {
125 print_helperr(ERR_RET);
126 goto exit;
127 }
128 print_title(MAC_TITLE);
129
130 auth_mac = *(varbinds[0].value);
131 memcpy(&radius_ip.s_addr, varbinds[1].value, 4);
132 memcpy(&radius_dest_port, varbinds[2].value, 2);
133 radius_dest_port = ntohs(radius_dest_port);
134 memcpy(&radius_port, varbinds[3].value, 2);
135 radius_port = ntohs(radius_port);
136 memcpy(&radius_time, varbinds[4].value, 2);
137 radius_time = ntohs(radius_time);
138
139 sprintf(message, "%s%s", MAC_AUTH, auth_types[auth_mac-1]);
140 mvwaddstr(main_sub, 0, 0, message);
141 wrefresh(main_sub);
142
143 total_mac = 0;
144 mac_num = 0;
145
146 while (mac_num <= total_mac) {
147 get.Action = 0x02; rshort(get.Action);
148 get.NumOfAllTableAddresses = total_mac; rshort(get.NumOfAllTableAddresses);
149 get.NumOfCurrentAddress = mac_num; rshort(get.NumOfCurrentAddress);
150
151 varbinds[0].oid = AutorizedMac;
152 varbinds[0].len_oid = sizeof(AutorizedMac);
153 varbinds[0].value = (char *) &get;
154 varbinds[0].len_val = 12;
155 varbinds[0].type = STRING_VALUE;
156
157 if (snmp(varbinds, 1, SET) <= 0) {
158 print_helperr(ERR_RET);
159 goto exit;
160 }
161
162 if (varbinds[0].len_val == 12) {
163 if (AuthMac)
164 free(AuthMac);
165 AuthMac =
166 (struct AuthorizedMacTableString *) malloc(varbinds[0].
167 len_val);
168 memcpy(AuthMac, varbinds[0].value, varbinds[0].len_val);
169 /* AuthMac =
170 (struct AuthorizedMacTableString *) varbinds[0].value;*/
171 } else {
172 print_helperr(PACKET_ERROR);
173 goto exit;
174 }
175
176 rshort(AuthMac->NumOfAllTableAddresses);
177 total_mac =
178 (AuthMac->NumOfAllTableAddresses ==
179 65535) ? 0 : AuthMac->NumOfAllTableAddresses;
180
181 if (mac_num) {
182 if (first == NULL) {
183 first = (struct MacListStat *)
184 malloc(sizeof(struct MacListStat));
185 curr = first;
186 } else {
187 curr->next = (struct MacListStat *)
188 malloc(sizeof(struct MacListStat));
189 curr = curr->next;
190 }
191 memcpy(curr->addr, AuthMac->MacAddress, 6);
192 curr->next = NULL;
193 }
194 mac_num++;
195 }
196
197 choose_view:
198 clear_main(2);
199 if (auth_mac == 1) {
200 mvwaddstr(main_sub, 2, 5, MAC_HEADER);
201 begin = 1;
202 end = (MAX_LINES < mac_num) ? MAX_LINES : mac_num;
203 scroll_rows(first, begin, end, 3, 0);
204 print_help(MAC_HELP);
205 } else if(auth_mac == 3) {
206 sprintf(message, "%s%s", RADIUS_IP, inet_ntoa(radius_ip));
207 mvwaddstr(main_sub, 2, 0, message);
208 sprintf(message, "%s%d", RADIUS_DEST_PORT, radius_dest_port);
209 mvwaddstr(main_sub, 3, 0, message);
210 sprintf(message, "%s%s", RADIUS_SECRET, radius_secret);
211 mvwaddstr(main_sub, 4, 0, message);
212 sprintf(message, "%s%d", RADIUS_TIME, radius_time);
213 mvwaddstr(main_sub, 5, 0, message);
214 sprintf(message, "%s%d", RADIUS_PORT, radius_port);
215 mvwaddstr(main_sub, 6, 0, message);
216
217 wrefresh(main_sub);
218 print_help(MAC_RADIUS_HELP);
219 } else {
220 print_help(MAC_NONE_HELP);
221 }
222 noecho();
223
224 while (1) {
225 switch (getch()) {
226 case 'q':
227 case 'Q':
228 goto quit;
229 case 'a':
230 case 'A':
231 auth_mac = menu_choose(0, strlen(MAC_AUTH), auth_types, 3)+1;
232 clear_main_new(0, 1);
233 print_menusel(0, 0, MAC_AUTH, auth_types[auth_mac-1]);
234 m_authmac = 1;
235 goto choose_view;
236 case 'S':
237 case 's':
238 if (auth_mac != 3) {
239 continue;
240 }
241 get_value(radius_secret, 4, strlen(RADIUS_SECRET), 32, ANY_STRING, 0, 0, NULL);
242 m_radius_secret = 1;
243 continue;
244 case 'P':
245 case 'p':
246 if (auth_mac != 3) {
247 continue;
248 }
249 get_value(message, 3, strlen(RADIUS_DEST_PORT), 6, INT_STRING, 0, 65535, MAC_RADIUS_HELP);
250 radius_dest_port = atoi(message);
251 m_radius_dest_port = 1;
252 continue;
253 case 'T':
254 case 't':
255 if (auth_mac != 3) {
256 continue;
257 }
258 get_value(message, 5, strlen(RADIUS_TIME), 6, INT_STRING, 0, 65535, MAC_RADIUS_HELP);
259 radius_time = atoi(message);
260 m_radius_time = 1;
261 continue;
262 case 'F':
263 case 'f':
264 if (auth_mac != 3) {
265 continue;
266 }
267 get_value(message, 6, strlen(RADIUS_PORT), 6, INT_STRING, 0, 65535, MAC_RADIUS_HELP);
268 radius_port = atoi(message);
269 m_radius_port = 1;
270 continue;
271 case 'I':
272 case 'i':
273 if (auth_mac != 3) {
274 continue;
275 }
276 get_ip(&radius_ip, 2, strlen(RADIUS_IP), MAC_RADIUS_HELP);
277 m_radius_ip = 1;
278 continue;
279 case 'd':
280 case 'D':
281 if (auth_mac != 1) {
282 continue;
283 }
284 mvwaddstr(main_sub, 1, 0, MAC_DEL);
285 get_value(message, 1, strlen(MAC_DEL), 5, INT_STRING,
286 1, mac_num - 1, NULL);
287 i = atoi(message);
288 if (i == 1) {
289 pmac = first;
290 first = first->next;
291 free(pmac);
292 } else {
293 curr = first;
294 while (--i > 1)
295 curr = curr->next;
296 pmac = curr->next;
297 curr->next = pmac->next;
298 free(pmac);
299 }
300 mac_num--;
301 begin = 1;
302 end = (MAX_LINES < mac_num) ? MAX_LINES : mac_num;
303 scroll_rows(first, begin, end, 3, 0);
304 clear_main_new(1, 2);
305 continue;
306 case 'n':
307 case 'N':
308 if (auth_mac != 1) {
309 continue;
310 }
311 mvwaddstr(main_sub, 1, 0, MAC_ADD);
312 curr = first;
313 while (curr && curr->next)
314 curr = curr->next;
315 if (first == NULL) {
316 first = (struct MacListStat *)
317 malloc(sizeof(struct MacListStat));
318 curr = first;
319 } else {
320 curr->next = (struct MacListStat *)
321 malloc(sizeof(struct MacListStat));
322 curr = curr->next;
323 }
324 curr->next = NULL;
325 mac_num++;
326 get_mac(curr->addr, 1, strlen(MAC_ADD));
327 begin = 1;
328 end = (MAX_LINES < mac_num) ? MAX_LINES : mac_num;
329 scroll_rows(first, begin, end, 3, 0);
330 clear_main_new(1, 2);
331 continue;
332 case 'w':
333 case 'W':
334 i=0;
335 if (m_authmac) {
336 auth_mac_hw = swap4(auth_mac);
337 varbinds[i].oid = EnableAuthMAC;
338 varbinds[i].len_oid = sizeof(EnableAuthMAC);
339 varbinds[i].type = INT_VALUE;
340 varbinds[i].value = (char *) &auth_mac_hw;
341 varbinds[i].len_val = 1;
342 i++;
343 }
344
345 if (m_radius_ip) {
346 radius_ip.s_addr = htonl(radius_ip.s_addr);
347 radius_ip.s_addr = swap4(radius_ip.s_addr);
348 varbinds[i].oid = AuthRadiusIP;
349 varbinds[i].len_oid = sizeof(AuthRadiusIP);
350 varbinds[i].value = (char *) &radius_ip.s_addr;
351 varbinds[i].len_val = 4;
352 varbinds[i].type = INT_VALUE;
353 i++;
354 }
355
356 if (m_radius_dest_port) {
357 varbinds[i].oid = AuthRadiusDestinPort;
358 varbinds[i].len_oid = sizeof(AuthRadiusDestinPort);
359 radius_dest_port = htons(radius_dest_port);
360 varbinds[i].value = (char *) &radius_dest_port;
361 varbinds[i].len_val = 2;
362 varbinds[i].type = 0x02;
363 i++;
364 }
365
366 if (m_radius_time) {
367 varbinds[i].oid = AuthRadiusReauthorizationTime;
368 varbinds[i].len_oid = sizeof(AuthRadiusReauthorizationTime);
369 radius_time = htons(radius_time);
370 varbinds[i].value = (char *) &radius_time;
371 varbinds[i].len_val = 2;
372 varbinds[i].type = 0x02;
373 i++;
374 }
375
376 if (m_radius_port) {
377 varbinds[i].oid = AuthRadiusPort;
378 varbinds[i].len_oid = sizeof(AuthRadiusPort);
379 radius_port = htons(radius_port);
380 varbinds[i].value = (char *) &radius_port;
381 varbinds[i].len_val = 2;
382 varbinds[i].type = 0x02;
383 i++;
384 }
385 if (m_radius_secret) {
386 c = strlen(radius_secret);
387 varbinds[i].oid = AuthRadiusSecretLength;
388 varbinds[i].len_oid = sizeof(AuthRadiusSecretLength);
389 varbinds[i].value = (char *)&c;
390 varbinds[i].len_val = 1;
391 varbinds[i].type = INT_VALUE;
392 i++;
393 varbinds[i].oid = AuthRadiusSecret;
394 varbinds[i].len_oid = sizeof(AuthRadiusSecret);
395 varbinds[i].value = radius_secret;
396 varbinds[i].len_val = c;
397 varbinds[i].type = STRING_VALUE;
398 i++;
399 }
400
401 print_help(WAIT_SET);
402 if (snmp(varbinds, i, SET) <= 0) {
403 print_helperr(ERR_RET);
404 goto exit;
405 }
406
407 curr = first;
408 i = 1;
409 while (curr != NULL) {
410 get.Action = 0x01; rshort(get.Action);
411 get.NumOfAllTableAddresses = mac_num - 1; rshort(get.NumOfAllTableAddresses);
412 get.NumOfCurrentAddress = i; rshort(get.NumOfCurrentAddress);
413 memcpy(get.MacAddress, curr->addr, 6);
414 varbinds[0].oid = AutorizedMac;
415 varbinds[0].len_oid = sizeof(AutorizedMac);
416 varbinds[0].value = (char *) &get;
417 varbinds[0].len_val = 12;
418 varbinds[0].type = STRING_VALUE;
419 print_help(WAIT_SET);
420 if (snmp(varbinds, 1, SET) <= 0) {
421 print_helperr(ERR_RET);
422 goto exit;
423 }
424 if (varbinds[0].len_val != 12) {
425 print_helperr(PACKET_ERROR);
426 goto exit;
427 }
428 curr = curr->next;
429 i++;
430 }
431 print_help(DONE_SET);
432 goto exit;
433 case KEY_DOWN:
434 case KEY_RIGHT:
435 if (auth_mac != 1) {
436 continue;
437 }
438 if (end < mac_num) {
439 begin++;
440 end++;
441 scroll_rows(first, begin, end, 3, 0);
442 }
443 continue;
444 case KEY_UP:
445 case KEY_LEFT:
446 if (auth_mac != 1) {
447 continue;
448 }
449 if (begin > 1) {
450 begin--;
451 end--;
452 scroll_rows(first, begin, end, 3, 0);
453 }
454 continue;
455 }
456 continue;
457 }
458
459 print_help(ANY_KEY);
460 exit:
461 getch();
462 quit:
463 while ((curr = first)) {
464 first = curr->next;
465 free(curr);
466 }
467 if (AuthMac)
468 free(AuthMac);
469 print_title("");
470 clear_main(0);
471 }
472