sonic-net · vijaya-ops · Apr 10, 2024 · May 14, 2024
@@ -0,0 +1,28 @@
+sonic_wpa_supp_path = $(top_srcdir)/../wpasupplicant/sonic-wpa-supplicant
+radius_lib_path = $(top_srcdir)/../wpasupplicant/sonic-wpa-supplicant/build/radius_lib
+radius_lib = $(radius_lib_path)/src/radius/libradius.a
+utils_lib  = $(radius_lib_path)/src/utils/libutils.a
+crypto_lib = $(radius_lib_path)/src/crypto/libcrypto.a
+
+INCLUDES =  -I $(top_srcdir)/fpinfra/inc -I $(top_srcdir)/mab/common -I $(top_srcdir)/mab/mapping/mab_sid -I $(top_srcdir)/mab/mapping/include -I $(top_srcdir)/mab/protocol/include -I $(top_srcdir)/authmgr/common -I $(sonic_wpa_supp_path)/src/utils -I $(sonic_wpa_supp_path)/src/radius 
+
+
+#bin_PROGRAMS = mabd 
+lib_LTLIBRARIES = libmab.la 
+
+if DEBUG
+DBGFLAGS = -ggdb -DDEBUG
+else
+DBGFLAGS = -g -DNDEBUG
+endif
+
+AM_CPPFLAGS = -save-temps -Wall -Wno-pointer-sign -Wno-unused-but-set-variable -Wno-address -Wno-array-bounds -Wno-sequence-point -Wno-switch -Wno-uninitialized -Wno-unused-result -Wno-aggressive-loop-optimizations -Wno-sizeof-pointer-memaccess -Wno-unused-local-typedefs -Wno-unused-value -Wno-format-truncation -g  -Werror $(SONIC_COMMON_CFLAGS) -DCONFIG_SONIC_RADIUS
+
+libmab_la_SOURCES = mapping/mab_socket.c mapping/mab_init.c mapping/mab_cfg.c mapping/mab_api.c mapping/mab_client.c mapping/mab_ih.c mapping/mab_debug.c mapping/mab_sid/mab_sid.c mapping/mab_auth_mgr.c protocol/mab_db.c mapping/mab_control.c protocol/mab_mac_db.c protocol/mab_vlan.c  protocol/mab_utils.c protocol/mab_auth.c protocol/mab_local.c protocol/mab_timer.c protocol/mab_radius.c $(sonic_wpa_supp_path)/src/radius/radius_mab.c 
+
+
+libmab_la_LIBADD = -lpthread -lswsscommon -L$(top_srcdir)/fpinfra/ -lfpinfra $(radius_lib) $(utils_lib) $(crypto_lib) -lrt $(SONIC_COMMON_LDFLAGS)
+
+$(radius_lib) $(utils_lib) $(crypto_lib):
+	cd $(sonic_wpa_supp_path)/radius_lib && make
+
@@ -0,0 +1,215 @@
+/*
+ * Copyright 2024 Broadcom Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+#ifndef INCLUDE_MAB_API_H
+#define INCLUDE_MAB_API_H
+
+/* USE C Declarations */
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "pacinfra_common.h"
+#include "auth_mgr_exports.h"
+#include "mab_exports.h"
+
+/*********************************************************************
+* @purpose  Set the MAB value on the port.
+*
+* @param    intIfNum      @b{(input)} internal interface number
+* @param    mabEnable   @b{(output)} boolean value determining if MAB 
+*                                    has been configured on the port 
+*
+* @returns   SUCCESS
+* @returns   FAILURE
+* @results   REQUEST_DENIED     if port control mode of the port is 
+*                                 not mac-based  
+*
+* @comments
+*       
+* @end
+*********************************************************************/
+RC_t mabPortMABEnableSet(uint32 intIfNum, uint32 mabEnable);
+
+/*********************************************************************
+* @purpose  Get the operational MAB value on the port.
+*
+* @param    intIfNum      @b{(input)} internal interface number
+* @param    mabEnabled    @b{(output)} value determining if MAB 
+*                                     has been operationally 
+*                                     enabled on the port 
+*
+* @returns   SUCCESS
+* @returns   FAILURE
+*
+* @comments
+*       
+* @end
+*********************************************************************/
+RC_t mabPortOperMABEnabledGet(uint32 intIfNum, uint32 *mabEnabled);
+
+/*********************************************************************
+* @purpose  Set the authentication type on the port to be used by MAB.
+*
+* @param    intIfNum      @b{(input)} internal interface number
+* @param    auth_type     @b{(input)} Authentication type {EAP-MD5 or PAP} 
+*
+* @returns   SUCCESS            if able to set the auth_type successfully
+* @results   REQUEST_DENIED     if MAB is not enabled on that port
+* @returns   FAILURE            otherwise
+*
+* @comments
+*       
+* @end 
+*********************************************************************/
+RC_t mabPortMABAuthTypeSet(uint32 intIfNum,
+                               AUTHMGR_PORT_MAB_AUTH_TYPE_t auth_type);
+
+/*********************************************************************
+* @purpose  Determine if the interface is valid to participate in mab
+*
+* @param    intIfNum              @b{(input)} internal interface number
+*
+* @returns   TRUE
+* @returns   FALSE
+*
+* @comments
+*       
+* @end
+*********************************************************************/
+ BOOL mabIsValidIntf(uint32 intIfNum);
+
+/*********************************************************************
+* @purpose  Determine if the interface type is valid to participate in mab
+*
+* @param    sysIntfType              @b{(input)} interface type
+*
+* @returns   TRUE
+* @returns   FALSE
+*
+* @comments
+*
+* @end
+*********************************************************************/
+ BOOL mabIsValidIntfType(uint32 sysIntfType);
+
+/*********************************************************************
+* @purpose  Set port control mode
+*
+* @param    intIfNum    @b{(input)} internal interface number
+* @param    portControl @b{(input)} port control mode
+*
+* @returns   SUCCESS
+* @returns   FAILURE
+*
+* @comments
+*       
+* @end
+*********************************************************************/
+RC_t mabPortControlModeSet(uint32 intIfNum,  AUTHMGR_PORT_CONTROL_t portControl);
+
+/*********************************************************************
+* @purpose  Set host control mode
+*
+* @param    intIfNum    @b{(input)} internal interface number
+* @param    hostControl @b{(input)} host control mode
+*
+* @returns   SUCCESS
+* @returns   FAILURE
+*
+* @comments
+*       
+* @end
+*********************************************************************/
+RC_t mabPortControlHostModeSet(uint32 intIfNum,  AUTHMGR_HOST_CONTROL_t hostMode);
+
+/*********************************************************************
+  * @purpose  Handle Auth Manager event
+  *
+  * @param    intIfNum    @b{(input)} internal interface number
+  * @param    event       @b{(input)} event
+  * @param    macAddr     @b{(input)} client mac address
+  *
+  * @returns   SUCCESS
+  * @returns   FAILURE
+  *
+  * @comments
+  *
+  * @end
+  *********************************************************************/
+RC_t mabClientEventUpdate(uint32 intIfNum, uint32 event,  enetMacAddr_t *macAddr);
+
+/*********************************************************************
+* @purpose  Return Internal Interface Number of the first valid interface for
+*           mab.
+*
+* @param    pFirstIntIfNum @b{(output)}  pointer to first internal interface number
+*
+* @returns   SUCCESS  if success
+* @returns   ERROR    if interface does not exist
+* @returns   FAILURE  if other failure
+*
+* @comments none
+*
+* @end
+*********************************************************************/
+RC_t mabFirstValidIntfNumber(uint32 *pFirstIntIfNum);
+
+/*********************************************************************
+* @purpose  Return Internal Interface Number of next valid interface for
+*           mab.
+*
+* @param    intIfNum  @b{(input)}   Internal Interface Number
+* @param    pNextintIfNum @b{(output)}  pointer to Next Internal Interface Number,
+*
+* @returns   SUCCESS  if success
+* @returns   ERROR    if interface does not exist
+* @returns   FAILURE  if other failure
+*
+* @comments none
+*
+* @end
+*********************************************************************/
+RC_t mabNextValidIntf(uint32 intIfNum, uint32 *pNextIntIfNum);
+
+/*********************************************************************
+* @purpose  Update the RADIUS server configuration
+*
+* @param    add           @b{(input)} whether server should be added or deleted
+* @param    radius_type   @b{(input)} radius server type
+* @param    serv_addr     @b{(input)} radius server address
+* @param    serv_priority @b{(input)} radius server priority
+* @param    radius_key    @b{(input)} radius server key
+* @param    serv_port     @b{(input)} radius server port
+*
+* @returns   SUCCESS    values are valid and are updated successfully
+* @returns   FAILURE    otherwise
+*
+* @comments
+*
+* @end
+*********************************************************************/
+RC_t mabRadiusServerUpdate(uint32 cmd, const char *radius_type,
+                              const char *serv_addr, const char *serv_priority,
+                              const char *radius_key, const char *serv_port);
+
+/* USE C Declarations */
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* INCLUDE_MAB_API_H */
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2024 Broadcom Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+#ifndef INCLUDE_MAB_COMMON_H
+#define INCLUDE_MAB_COMMON_H
+
+/* USE C Declarations */
+#ifdef __cplusplus
+  extern "C" {
+#endif
+
+#include "resources.h"
+
+#define  MAB_INTF_MAX_COUNT ( MAX_PORT_COUNT + 1)
+
+/* USE C Declarations */
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* INCLUDE_MAB_COMMON_H */
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2024 Broadcom Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __MAB_EXPORTS_H_
+#define __MAB_EXPORTS_H_
+
+/* USE C Declarations */
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define  MAB_MAX_USERS_PER_PORT        FD_AUTHMGR_PORT_MAX_USERS
+
+#define  MAB_USER_NAME_LEN             65
+#define  MAB_CHALLENGE_LEN             32
+
+#define  MAB_CHAP_CHALLENGE_LEN        16
+#define  MAB_FILTER_NAME_LEN           256
+
+/* Port protocol version */
+typedef enum
+{
+   MAB_PAE_PORT_PROTOCOL_VERSION_1 = 1
+}  MAB_PAE_PORT_PROTOCOL_VERSION_t;
+
+/******************** conditional Override *****************************/
+
+#ifdef INCLUDE_MAB_EXPORTS_OVERRIDES
+#include "mab_exports_overrides.h"
+#endif
+
+/* USE C Declarations */
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __MAB_EXPORTS_H_*/