diff --git a/src/Config.mak b/src/Config.mak index 27b65917..e0e4bf3f 100644 --- a/src/Config.mak +++ b/src/Config.mak @@ -34,5 +34,6 @@ WITH_OPENSSL=1 # LIBDIR=lib +OPTFLAGS := -g -O0 CFLAGS := -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE=1 -pedantic -std=c90 -Wall diff --git a/src/Macros.mak b/src/Macros.mak index ad9f0a83..93068b07 100644 --- a/src/Macros.mak +++ b/src/Macros.mak @@ -20,25 +20,25 @@ endif ifeq ($(CC),clang) LDFLAGS += -g -L/usr/local/lib -CFLAGS += -fPIC -g -O0 -D_REENTRANT -I /usr/local/include -I../ +CFLAGS += -fPIC $(OPTFLAGS) -D_REENTRANT -I /usr/local/include -I../ LD = clang endif ifeq ($(CC),gcc) LDFLAGS += -g -L/usr/local/lib -CFLAGS += -fPIC -g -O0 -D_REENTRANT -I /usr/local/include -I../ +CFLAGS += -fPIC $(OPTFLAGS) -D_REENTRANT -I /usr/local/include -I../ LD = gcc endif ifeq ($(CC),tcc) LDFLAGS += -g -L/usr/local/lib -CFLAGS += -Wall -Wunusupported -Wimplicit-function-declaration -I /usr/local/include -I../ +CFLAGS += -Wall $(OPTFLAGS) -Wunusupported -Wimplicit-function-declaration -I /usr/local/include -I../ LD = tcc endif ifeq ($(CC),cc) LDFLAGS += -g -L/usr/local/lib -CFLAGS += -fPIC -g -O0 -D_REENTRANT -I /usr/local/include -I../ +CFLAGS += -fPIC $(OPTFLAGS) -D_REENTRANT -I /usr/local/include -I../ LD = cc endif diff --git a/src/ac/config.ktv b/src/ac/config.ktv index eb1713d6..971f3460 100644 --- a/src/ac/config.ktv +++ b/src/ac/config.ktv @@ -1,7 +1,8 @@ capwap/ac-descriptor/hardware/version:Bstr16: "ACTube 1.0" capwap/ac-descriptor/hardware/vendor:Bastr16: 12346 -capwap/ssl-cert:Bstr16: "/usr/local/etc/ssl/tube.ssl" -capwap/ssl-key:Bstr16: "/usr/local/etc/key" +capwap/ssl-cert:Str: "/usr/local/etc/ssl/tube.ssl" +capwap/ssl-key:Str: "/usr/local/etc/key" + ac-descriptor/stations:Word:05 ac-descriptor/station-limit:Word:6 ac-descriptor/active-wtps:Word:7 diff --git a/src/mod/capwap/mod_capwap_ac.c b/src/mod/capwap/mod_capwap_ac.c index 00e68b9b..450ed295 100644 --- a/src/mod/capwap/mod_capwap_ac.c +++ b/src/mod/capwap/mod_capwap_ac.c @@ -47,6 +47,7 @@ static int detect(struct conn *conn, const uint8_t * rawmsg, int rawlen, int ele int static setup_cfg(struct conn * conn) { int security; + security = cw_setup_dtls(conn,conn->local_cfg,"capwap",CAPWAP_CIPHER); cw_ktv_set_byte(conn->local_cfg,"ac-descriptor/security",security); diff --git a/src/mod/cisco/mod_cisco_ac.c b/src/mod/cisco/mod_cisco_ac.c index 30538201..8c5af192 100644 --- a/src/mod/cisco/mod_cisco_ac.c +++ b/src/mod/cisco/mod_cisco_ac.c @@ -191,6 +191,16 @@ static struct cw_Mod capwap_ac = { }; */ +int static setup_cfg(struct conn * conn) +{ + int security; + + security = cw_setup_dtls(conn,conn->local_cfg,"cisco",CAPWAP_CIPHER); + cw_ktv_set_byte(conn->local_cfg,"ac-descriptor/security",security); + + return 0; +} + struct cw_Mod mod_cisco = { "cisco", /* name */ @@ -198,7 +208,8 @@ struct cw_Mod mod_cisco = { detect, /* detect */ register_messages, /* register_messages */ NULL, /* dll_handle */ - NULL /* data */ + NULL, /* data */ + setup_cfg /* setup_cfg */ }; diff --git a/src/wtp/config.ktv b/src/wtp/config.ktv index 0787b601..d775a8c3 100644 --- a/src/wtp/config.ktv +++ b/src/wtp/config.ktv @@ -4,6 +4,8 @@ capwap/ssl-certfile:Str:"../../ssl/certs/wtp.crt" capwap/ssl-keyfile:Str:"../../ssl/certs/wtp.key" +cisco/ssl-certfile:Str:"../../ssl/certs/wtp.crt" +cisco/ssl-keyfile:Str:"../../ssl/certs/wtp.key" discovery-type:Byte:0 wtp-frame-tunnel-mode:Byte:1 diff --git a/src/wtp/join.c b/src/wtp/join.c index 4a09361d..f0803704 100644 --- a/src/wtp/join.c +++ b/src/wtp/join.c @@ -103,12 +103,23 @@ int run_join_d(struct conn * conn, struct sockaddr *sa) { char addrstr[SOCK_ADDR_BUFSIZE]; int sockfd; - + + int rsec,lsec; + + lsec = cw_ktv_get_byte(conn->local_cfg,"ac-descriptor/security",0); + rsec = cw_ktv_get_byte(conn->remote_cfg,"ac-descriptor/security",0); + + if ((lsec & rsec) == 0){ + cw_log(LOG_ERR, "Can't establish DTLS with AC, my sec: %d, remote sec %d",lsec,rsec); + return 0; + } + /* struct conn *conn = get_conn();*/ conn->capwap_state = CAPWAP_STATE_JOIN; + sockfd = socket(sa->sa_family, SOCK_DGRAM, 0); if (sockfd == -1) { cw_log(LOG_ERR, "Can't create socket: %s\n", strerror(errno)); @@ -218,8 +229,6 @@ int run_join(struct conn *conn) return 1; } - - int join(struct conn * conn, struct cw_DiscoveryResult * dis) { @@ -232,6 +241,7 @@ int join(struct conn * conn, struct cw_DiscoveryResult * dis) char * rk; char ipstr[100]; char ac_name[CAPWAP_MAX_AC_NAME_LEN]; + struct sockaddr_storage sockaddr; val = mavliter_get(&ii); rk = val->key; @@ -248,7 +258,16 @@ int join(struct conn * conn, struct cw_DiscoveryResult * dis) strcpy(ac_name,""); } + cw_dbg(DBG_INFO, "Going to join CAPWAP controller '%s' at %s.",ac_name,ipstr); + + conn->remote_cfg=rcfg; + + /*cw_dbg_ktv_dump(conn->local_cfg,DBG_INFO,"remopte ac","preifx**: ","bottom"); + */ + + sock_strtoaddr(ipstr,(struct sockaddr*)(&sockaddr)); + run_join_d(conn,(struct sockaddr*)(&sockaddr)); } diff --git a/src/wtp/wtp_main.c b/src/wtp/wtp_main.c index 721667e3..c0473d71 100644 --- a/src/wtp/wtp_main.c +++ b/src/wtp/wtp_main.c @@ -159,6 +159,8 @@ int main (int argc, char **argv) mod->setup_cfg(conn); } +/*cw_dbg_ktv_dump(conn->local_cfg,DBG_INFO,"head","BREP: ","bot");*/ +