Modified PAE entities to be bound to interface

- All PAE entities (eapol PDU, relays, PAE supplicant etc.) are
now bound to interfaces and can have multiple instances.
- Modified relays
Now there is eapol-relay which is present for both nodes and border
router and connects to MPX.
Authenticator relay is now for converting from Wi-Sun EAPOL UDP
pdu format to internal format

Author: Mika Leppänen

source/6LoWPAN/ws/ws_bootstrap.c

@@ -65,7 +65,7 @@
 #include "6LoWPAN/ws/ws_pae_controller.h"
 #include "6LoWPAN/ws/ws_eapol_pdu.h"
 #include "6LoWPAN/ws/ws_eapol_auth_relay.h"
-#include "6LoWPAN/ws/ws_eapol_supp_relay.h"
+#include "ws_eapol_relay.h"
 
 #define TRACE_GROUP "wsbs"
 
@@ -680,6 +680,9 @@ static int8_t ws_bootstrap_down(protocol_interface_info_entry_t *cur)
     nd_proxy_downstream_interface_unregister(cur->id);
     ws_nud_table_reset(cur);
     dhcp_client_delete(cur->id);
+    ws_eapol_relay_delete(cur);
+    ws_eapol_auth_relay_delete(cur);
+    ws_pae_controller_stop(cur);
 
     return nwk_6lowpan_down(cur);
 }
@@ -1374,12 +1377,21 @@ int ws_bootstrap_init(int8_t interface_id, net_6lowpan_mode_e bootstrap_mode)
     }
 
     //Init PAE controller and set callback
-    ws_pae_controller_init(cur);
-    ws_pae_controller_cb_register(&ws_bootstrap_authentication_completed, &ws_bootstrap_key_insert);
+    if (ws_pae_controller_init(cur) < 0) {
+        ret_val =  -4;
+        goto init_fail;
+    }
+    if (ws_pae_controller_cb_register(cur, &ws_bootstrap_authentication_completed, &ws_bootstrap_key_insert) < 0) {
+        ret_val =  -4;
+        goto init_fail;
+    }
 
     //Init EAPOL PDU handler and register it to MPX
-    ws_eapol_pdu_init(cur);
-    if (ws_eapol_pdu_mpx_register(mpx_api, MPX_KEY_MANAGEMENT_ENC_USER_ID != 0)) {
+    if (ws_eapol_pdu_init(cur) < 0) {
+        ret_val =  -4;
+        goto init_fail;
+    }
+    if (ws_eapol_pdu_mpx_register(cur, mpx_api, MPX_KEY_MANAGEMENT_ENC_USER_ID != 0)) {
         ret_val =  -4;
         // add deallocs
         goto init_fail;
@@ -1425,10 +1437,13 @@ int ws_bootstrap_init(int8_t interface_id, net_6lowpan_mode_e bootstrap_mode)
     //Error handling and free memory
 init_fail:
     lowpan_adaptation_interface_mpx_register(interface_id, NULL, 0);
+    ws_eapol_pdu_mpx_register(cur, NULL, 0);
     mac_neighbor_table_delete(mac_neighbor_info(cur));
     etx_storage_list_allocate(cur->id, 0);
     ws_neighbor_class_dealloc(&neigh_info);
     ws_llc_delete(cur);
+    ws_eapol_pdu_delete(cur);
+    ws_pae_controller_delete(cur);
     return ret_val;
 }
 
@@ -1572,9 +1587,8 @@ static void ws_bootstrap_rpl_callback(rpl_event_t event, void *handle)
             tr_debug("Enable DHCPv6 relay");
             dhcp_relay_agent_enable(cur->id, dodag_info.dodag_id);
 
-            tr_debug("Enable EAPOL relay");
-            ws_eapol_supp_relay_init(cur);
-            ws_eapol_supp_relay_start(dodag_info.dodag_id);
+            tr_debug("Start EAPOL relay");
+            ws_eapol_relay_start(cur, dodag_info.dodag_id, 10253);
         }
 
         ws_set_fhss_hop(cur);
@@ -1736,9 +1750,9 @@ static void ws_bootstrap_start_discovery(protocol_interface_info_entry_t *cur)
 }
 
 // Start authentication
-static void ws_bootstrap_start_authentication(void)
+static void ws_bootstrap_start_authentication(protocol_interface_info_entry_t *cur)
 {
-    ws_pae_controller_authenticate();
+    ws_pae_controller_authenticate(cur);
 }
 
 
@@ -2046,9 +2060,10 @@ static void ws_bootstrap_event_handler(arm_event_s *event)
                 ws_bootstrap_set_test_key(cur);
                 ws_bootstrap_event_operation_start(cur);
 
-                ws_eapol_auth_relay_init(cur);
-                ws_eapol_auth_relay_start();
-                ws_pae_controller_authenticator_start();
+                ws_eapol_relay_start(cur, 0, 10255);
+                ws_eapol_auth_relay_start(cur);
+
+                ws_pae_controller_authenticator_start(cur);
                 break;
             }
             // Configure LLC for network discovery
@@ -2070,7 +2085,7 @@ static void ws_bootstrap_event_handler(arm_event_s *event)
             cur->ws_info->trickle_pas_running = false;
             cur->ws_info->trickle_pcs_running = false;
 
-            ws_bootstrap_start_authentication();
+            ws_bootstrap_start_authentication(cur);
             break;
 
         case WS_CONFIGURATION_START:
@@ -2155,7 +2170,7 @@ void ws_bootstrap_network_scan_process(protocol_interface_info_entry_t *cur)
     ws_bootstrap_network_information_learn(cur);
     ws_bootstrap_fhss_activate(cur);
 
-    ws_pae_controller_set_target(cur->ws_info->parent_info.addr); // temporary!!! store since auth
+    ws_pae_controller_set_target(cur, cur->ws_info->parent_info.addr); // temporary!!! store since auth
     ws_bootstrap_event_authentication_start(cur);
     return;
 }

source/6LoWPAN/ws/ws_eapol_auth_relay.c

@@ -15,7 +15,6 @@
  * limitations under the License.
  */
 
-
 #include "nsconfig.h"
 #include <string.h>
 #include "ns_types.h"
@@ -32,70 +31,120 @@
 #include "6LoWPAN/MAC/mpx_api.h"
 #include "6LoWPAN/ws/ws_config.h"
 #include "6LoWPAN/ws/ws_eapol_pdu.h"
-#include "6LoWPAN/ws/ws_eapol_relay.h"
+#include "6LoWPAN/ws/ws_eapol_relay_lib.h"
 #include "6LoWPAN/ws/ws_eapol_auth_relay.h"
 #include "common_functions.h"
 
 #ifdef HAVE_WS
 #ifdef HAVE_PAE_AUTH
 
-#define TRACE_GROUP "wspsu"
+#define TRACE_GROUP "earl"
+
+typedef struct {
+    protocol_interface_info_entry_t *interface_ptr;         /**< Interface pointer */
+    int8_t socket_id;                                       /**< Socket ID for relay */
+    ns_list_link_t link;                                    /**< Link */
+} eapol_auth_relay_t;
 
-static int8_t ws_eapol_auth_relay_eapol_pdu_address_check(const uint8_t *eui_64);
-static int8_t ws_eapol_auth_relay_eapol_pdu_receive(const uint8_t *eui_64, const void *pdu, uint16_t size);
-static int8_t ws_eapol_auth_relay_socket_pdu_receive(const ns_address_t *src_addr, void *data, uint16_t len);
-static int8_t ws_eapol_auth_relay_send_to_kmp(const uint8_t *eui_64, const uint8_t *ip_addr, uint16_t port, const void *data, uint16_t data_len);
+static eapol_auth_relay_t *ws_eapol_auth_relay_get(protocol_interface_info_entry_t *interface_ptr);
+static void ws_eapol_auth_relay_socket_cb(void *cb);
+static int8_t ws_eapol_auth_relay_send_to_kmp(const eapol_auth_relay_t *eapol_auth_relay, const uint8_t *eui_64, const uint8_t *ip_addr, uint16_t port, const void *data, uint16_t data_len);
 
-static bool relay_initiated = false;
+static NS_LIST_DEFINE(eapol_auth_relay_list, eapol_auth_relay_t, link);
 
-int8_t ws_eapol_auth_relay_init(protocol_interface_info_entry_t *interface_ptr)
+int8_t ws_eapol_auth_relay_start(protocol_interface_info_entry_t *interface_ptr)
 {
-    if (relay_initiated) {
-        return 0;
+    if (!interface_ptr) {
+        return -1;
     }
-    relay_initiated = true;
 
-    ws_eapol_relay_init(interface_ptr);
-    ws_eapol_relay_cb_register(ws_eapol_auth_relay_socket_pdu_receive);
+    if (ws_eapol_auth_relay_get(interface_ptr)) {
+        return -1;
+    }
 
-    eapol_pdu_recv_cb_data_t cb_data;
-    cb_data.priority = EAPOL_PDU_RECV_LOW_PRIORITY;
-    cb_data.addr_check =  ws_eapol_auth_relay_eapol_pdu_address_check;
-    cb_data.receive = ws_eapol_auth_relay_eapol_pdu_receive;
+    eapol_auth_relay_t *eapol_auth_relay = ns_dyn_mem_alloc(sizeof(eapol_auth_relay_t));
+    if (!eapol_auth_relay) {
+        return -1;
+    }
 
-    if (ws_eapol_pdu_cb_register(&cb_data) < 0) {
+    eapol_auth_relay->interface_ptr = interface_ptr;
+    eapol_auth_relay->socket_id = socket_open(IPV6_NH_UDP, 10253, &ws_eapol_auth_relay_socket_cb);
+    if (eapol_auth_relay->socket_id < 0) {
+        ns_dyn_mem_free(eapol_auth_relay);
         return -1;
     }
 
-    return 0;
-}
+    ns_list_add_to_end(&eapol_auth_relay_list, eapol_auth_relay);
 
-int8_t ws_eapol_auth_relay_start(void)
-{
     return 0;
 }
 
-static int8_t ws_eapol_auth_relay_eapol_pdu_address_check(const uint8_t *eui_64)
+int8_t ws_eapol_auth_relay_delete(protocol_interface_info_entry_t *interface_ptr)
 {
-    (void) eui_64;
+    if (!interface_ptr) {
+        return -1;
+    }
+
+    eapol_auth_relay_t *eapol_auth_relay = ws_eapol_auth_relay_get(interface_ptr);
+    if (!eapol_auth_relay) {
+        return -1;
+    }
+
+    socket_close(eapol_auth_relay->socket_id);
+
+    ns_list_remove(&eapol_auth_relay_list, eapol_auth_relay);
+    ns_dyn_mem_free(eapol_auth_relay);
 
-    // Low priority, always route all here if asked
     return 0;
 }
 
-static int8_t ws_eapol_auth_relay_eapol_pdu_receive(const uint8_t *eui_64, const void *pdu, uint16_t size)
+static eapol_auth_relay_t *ws_eapol_auth_relay_get(protocol_interface_info_entry_t *interface_ptr)
 {
-    ws_eapol_auth_relay_send_to_kmp(eui_64, ADDR_UNSPECIFIED, 0, pdu, size);
-    return 0;
+    ns_list_foreach(eapol_auth_relay_t, entry, &eapol_auth_relay_list) {
+        if (entry->interface_ptr == interface_ptr) {
+            return entry;
+        }
+    }
+
+    return NULL;
 }
 
-static int8_t ws_eapol_auth_relay_socket_pdu_receive(const ns_address_t *src_addr, void *data, uint16_t len)
+static void ws_eapol_auth_relay_socket_cb(void *cb)
 {
-    int8_t res = 0;
+    socket_callback_t *cb_data = cb;
+
+    if (cb_data->event_type != SOCKET_DATA) {
+        return;
+    }
+
+    eapol_auth_relay_t *eapol_auth_relay = NULL;
+
+    ns_list_foreach(eapol_auth_relay_t, entry, &eapol_auth_relay_list) {
+        if (entry->socket_id == cb_data->socket_id) {
+            eapol_auth_relay = entry;
+            break;
+        }
+    }
+
+    if (!eapol_auth_relay) {
+        return;
+    }
+
+    uint8_t *socket_pdu = ns_dyn_mem_temporary_alloc(cb_data->d_len);
+    if (!socket_pdu) {
+        return;
+    }
+
+    ns_address_t src_addr;
+
+    if (socket_recvfrom(cb_data->socket_id, socket_pdu, cb_data->d_len, 0, &src_addr) != cb_data->d_len) {
+       ns_dyn_mem_free(socket_pdu);
+       return;
+    }
 
-    // KMP message from source port 10254
-    if (src_addr->identifier == 10254) {
-        uint8_t *ptr = data;
+    // Message from source port 10254 (KMP service) -> to IP relay on node or on authenticator
+    if (src_addr.identifier == 10254) {
+        uint8_t *ptr = socket_pdu;
         uint8_t *relay_ip_addr, *eui_64;
         uint16_t relay_port;
         relay_ip_addr = ptr;
@@ -104,65 +153,48 @@ static int8_t ws_eapol_auth_relay_socket_pdu_receive(const ns_address_t *src_add
         ptr += 2;
         eui_64 = ptr;
         ptr += 8;
-        uint16_t data_len = len - 26;
-        // KMP protocol to relay -> packet with IP relay address -> to IP relay of node
-        if (memcmp(relay_ip_addr, ADDR_UNSPECIFIED, 16) != 0) {
-            res = ws_eapol_relay_send_to_relay(eui_64, relay_ip_addr, relay_port,
-                ptr, data_len);
-            ns_dyn_mem_free(data);
-
-        // KMP protocol to relay -> no IP relay address -> to MPX
-        } else {
-            res = ws_eapol_pdu_send_to_mpx(eui_64, ptr, data_len, data);
-        }
-
-
-    // Other source port (either 10253 or node relay source port)
+        uint16_t data_len = cb_data->d_len - 26;
+        ws_eapol_relay_lib_send_to_relay(eapol_auth_relay->socket_id, eui_64, relay_ip_addr, relay_port,
+            ptr, data_len);
+        ns_dyn_mem_free(socket_pdu);
+    // Other source port (either 10253 or node relay source port) -> to KMP service
     } else {
-        uint8_t *ptr = data;
-        res = ws_eapol_auth_relay_send_to_kmp(ptr, src_addr->address, src_addr->identifier,
-                                              ptr + 8, len -8);
-        ns_dyn_mem_free(data);
-     }
-
-    return res;
+        uint8_t *ptr = socket_pdu;
+        ws_eapol_auth_relay_send_to_kmp(eapol_auth_relay, ptr, src_addr.address, src_addr.identifier,
+                                              ptr + 8, cb_data->d_len - 8);
+        ns_dyn_mem_free(socket_pdu);
+    }
 }
 
-static int8_t ws_eapol_auth_relay_send_to_kmp(const uint8_t *eui_64, const uint8_t *ip_addr, uint16_t port, const void *data, uint16_t data_len)
+static int8_t ws_eapol_auth_relay_send_to_kmp(const eapol_auth_relay_t *eapol_auth_relay, const uint8_t *eui_64, const uint8_t *ip_addr, uint16_t port, const void *data, uint16_t data_len)
 {
     ns_address_t dest_addr;
 
-    if (ws_eapol_relay_kmp_ll_address_get(&dest_addr) < 0) {
+    if (ws_eapol_relay_lib_ll_address_get(eapol_auth_relay->interface_ptr, &dest_addr) < 0) {
         return -1;
     }
 
-    int8_t socket_id = ws_eapol_relay_socket_id_get();
-    if (socket_id >= 0) {
-        uint8_t temp_array[26];
-        ns_iovec_t msg_iov[2];
-        ns_msghdr_t msghdr;
-        //Set messages name buffer
-        msghdr.msg_name = &dest_addr;
-        msghdr.msg_namelen = sizeof(dest_addr);
-        msghdr.msg_iov = &msg_iov[0];
-        msghdr.msg_iovlen = 2;
-        msghdr.msg_control = NULL;
-        msghdr.msg_controllen = 0;
-        uint8_t *ptr = temp_array;
-        memcpy(ptr, ip_addr, 16);
-        ptr += 16;
-        ptr = common_write_16_bit(port, ptr);
-        memcpy(ptr, eui_64, 8);
-        msg_iov[0].iov_base = temp_array;
-        msg_iov[0].iov_len = 26;
-        msg_iov[1].iov_base = (void*)data;
-        msg_iov[1].iov_len = data_len;
-        socket_sendmsg(socket_id, &msghdr, NS_MSG_LEGACY0);
-        return 0;
-
-    }
-
-    return -1;
+    uint8_t temp_array[26];
+    ns_iovec_t msg_iov[2];
+    ns_msghdr_t msghdr;
+    //Set messages name buffer
+    msghdr.msg_name = &dest_addr;
+    msghdr.msg_namelen = sizeof(dest_addr);
+    msghdr.msg_iov = &msg_iov[0];
+    msghdr.msg_iovlen = 2;
+    msghdr.msg_control = NULL;
+    msghdr.msg_controllen = 0;
+    uint8_t *ptr = temp_array;
+    memcpy(ptr, ip_addr, 16);
+    ptr += 16;
+    ptr = common_write_16_bit(port, ptr);
+    memcpy(ptr, eui_64, 8);
+    msg_iov[0].iov_base = temp_array;
+    msg_iov[0].iov_len = 26;
+    msg_iov[1].iov_base = (void*)data;
+    msg_iov[1].iov_len = data_len;
+    socket_sendmsg(eapol_auth_relay->socket_id, &msghdr, NS_MSG_LEGACY0);
+    return 0;
 }
 
 #endif /* HAVE_PAE_AUTH */

source/6LoWPAN/ws/ws_eapol_auth_relay.h

@@ -20,13 +20,13 @@
 
 #ifdef HAVE_PAE_AUTH
 
-int8_t ws_eapol_auth_relay_init(protocol_interface_info_entry_t *interface_ptr);
-int8_t ws_eapol_auth_relay_start(void);
+int8_t ws_eapol_auth_relay_start(protocol_interface_info_entry_t *interface_ptr);
+int8_t ws_eapol_auth_relay_delete(protocol_interface_info_entry_t *interface_ptr);
 
 #else
 
-#define ws_eapol_auth_relay_init(interface_ptr)
-#define ws_eapol_auth_relay_start()
+#define ws_eapol_auth_relay_start(interface_ptr)
+#define ws_eapol_auth_relay_delete(interface_ptr)
 
 #endif