[Midnightbsd-cvs] src: usr.sbin/wpa: wireless can be fun
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Nov 24 22:13:49 EST 2008
Log Message:
-----------
wireless can be fun
Modified Files:
--------------
src/usr.sbin/wpa:
Makefile (r1.1.1.1 -> r1.2)
l2_packet.c (r1.2 -> r1.3)
src/usr.sbin/wpa/hostapd:
Makefile (r1.1.1.1 -> r1.2)
driver_freebsd.c (r1.2 -> r1.3)
hostapd.8 (r1.1.1.1 -> r1.2)
hostapd.conf.5 (r1.1.1.1 -> r1.2)
src/usr.sbin/wpa/hostapd_cli:
Makefile (r1.2 -> r1.3)
src/usr.sbin/wpa/ndis_events:
Makefile (r1.1.1.1 -> r1.2)
ndis_events.8 (r1.2 -> r1.3)
ndis_events.c (r1.1.1.1 -> r1.2)
src/usr.sbin/wpa/wpa_cli:
Makefile (r1.1.1.1 -> r1.2)
wpa_cli.8 (r1.1.1.1 -> r1.2)
src/usr.sbin/wpa/wpa_supplicant:
Makefile (r1.2 -> r1.3)
Packet32.c (r1.2 -> r1.3)
Packet32.h (r1.1.1.1 -> r1.2)
driver_freebsd.c (r1.2 -> r1.3)
ntddndis.h (r1.1.1.1 -> r1.2)
wpa_supplicant.8 (r1.1.1.1 -> r1.2)
wpa_supplicant.conf.5 (r1.1.1.2 -> r1.2)
Added Files:
-----------
src/usr.sbin/wpa/wpa_passphrase:
Makefile (r1.1)
wpa_passphrase.8 (r1.1)
-------------- next part --------------
Index: l2_packet.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/l2_packet.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L usr.sbin/wpa/l2_packet.c -L usr.sbin/wpa/l2_packet.c -u -r1.2 -r1.3
--- usr.sbin/wpa/l2_packet.c
+++ usr.sbin/wpa/l2_packet.c
@@ -12,32 +12,37 @@
*
* See README and COPYING for more details.
*
- * $FreeBSD: src/usr.sbin/wpa/l2_packet.c,v 1.1.2.2 2006/03/24 01:43:17 sam Exp $
+ * $FreeBSD: src/usr.sbin/wpa/l2_packet.c,v 1.4.2.1 2007/10/19 03:04:02 mlaier Exp $
*/
/*
* FreeBSD-specific implementation.
*/
-#include <stdlib.h>
-#include <stdio.h>
-#include <errno.h>
-#include <pcap.h>
-
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/sysctl.h>
+#include <net/bpf.h>
#include <net/if.h>
#include <net/if_dl.h>
#include <net/route.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <pcap.h>
+
#include "common.h"
#include "eloop.h"
#include "l2_packet.h"
+static const u8 pae_group_addr[ETH_ALEN] =
+ { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x03 };
+
struct l2_packet_data {
pcap_t *pcap;
char ifname[100];
@@ -149,7 +154,7 @@
l2_packet_init_libpcap(struct l2_packet_data *l2, unsigned short protocol)
{
bpf_u_int32 pcap_maskp, pcap_netp;
- char pcap_filter[100], pcap_err[PCAP_ERRBUF_SIZE];
+ char pcap_filter[200], pcap_err[PCAP_ERRBUF_SIZE];
struct bpf_program pcap_fp;
pcap_lookupnet(l2->ifname, &pcap_netp, &pcap_maskp, pcap_err);
@@ -161,13 +166,17 @@
}
if (pcap_datalink(l2->pcap) != DLT_EN10MB &&
pcap_set_datalink(l2->pcap, DLT_EN10MB) < 0) {
- fprintf(stderr, "pcap_set_datalinke(DLT_EN10MB): %s\n",
+ fprintf(stderr, "pcap_set_datalink(DLT_EN10MB): %s\n",
pcap_geterr(l2->pcap));
return -1;
}
snprintf(pcap_filter, sizeof(pcap_filter),
- "ether dst " MACSTR " and ether proto 0x%x",
- MAC2STR(l2->own_addr), protocol);
+ "not ether src " MACSTR " and "
+ "( ether dst " MACSTR " or ether dst " MACSTR " ) and "
+ "ether proto 0x%x",
+ MAC2STR(l2->own_addr), /* do not receive own packets */
+ MAC2STR(l2->own_addr), MAC2STR(pae_group_addr),
+ protocol);
if (pcap_compile(l2->pcap, &pcap_fp, pcap_filter, 1, pcap_netp) < 0) {
fprintf(stderr, "pcap_compile: %s\n", pcap_geterr(l2->pcap));
return -1;
Index: Makefile
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/Makefile,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/Makefile -L usr.sbin/wpa/Makefile -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/Makefile
+++ usr.sbin/wpa/Makefile
@@ -1,5 +1,7 @@
-# $FreeBSD: src/usr.sbin/wpa/Makefile,v 1.2.2.1 2005/10/27 17:06:46 wpaul Exp $
+# $FreeBSD: src/usr.sbin/wpa/Makefile,v 1.4 2006/11/17 19:38:51 sam Exp $
-SUBDIR= wpa_supplicant wpa_cli hostapd hostapd_cli ndis_events
+SUBDIR= wpa_supplicant wpa_cli wpa_passphrase
+SUBDIR+= hostapd hostapd_cli
+SUBDIR+= ndis_events
.include <bsd.subdir.mk>
Index: Makefile
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/hostapd/Makefile,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/hostapd/Makefile -L usr.sbin/wpa/hostapd/Makefile -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/hostapd/Makefile
+++ usr.sbin/wpa/hostapd/Makefile
@@ -1,4 +1,6 @@
-# $FreeBSD: src/usr.sbin/wpa/hostapd/Makefile,v 1.2 2005/06/17 05:37:08 sam Exp $
+# $FreeBSD: src/usr.sbin/wpa/hostapd/Makefile,v 1.4.2.1 2007/11/21 06:07:12 sam Exp $
+
+.include <bsd.own.mk>
HOSTAPD_DISTDIR?= ${.CURDIR}/../../../contrib/hostapd
.PATH: ${.CURDIR}/.. ${HOSTAPD_DISTDIR}
@@ -6,17 +8,105 @@
PROG= hostapd
SRCS= hostapd.c eloop.c ieee802_1x.c eapol_sm.c radius.c md5.c rc4.c \
common.c ieee802_11.c config.c ieee802_11_auth.c accounting.c \
- sta_info.c radius_client.c sha1.c wpa.c aes_wrap.c tls_none.c \
- ctrl_iface.c driver_conf.c l2_packet.c driver_freebsd.c
+ sta_info.c radius_client.c sha1.c wpa.c aes_wrap.c ctrl_iface.c \
+ driver_conf.c os_unix.c preauth.c pmksa_cache.c beacon.c \
+ hw_features.c wme.c ap_list.c reconfig.c mlme.c \
+ vlan_init.c ieee802_11h.c l2_packet.c driver_freebsd.c
CLEANFILES=driver_conf.c
MAN= hostapd.8 hostapd.conf.5
+.if ${MK_EXAMPLES} != "no"
+FILESDIR= ${SHAREDIR}/examples/hostapd
+FILES= hostapd.conf hostapd.eap_user hostapd.wpa_psk
+.endif
+
CFLAGS+= -I${.CURDIR} -I${HOSTAPD_DISTDIR}
CFLAGS+= -DCONFIG_DRIVER_BSD
+CFLAGS+= -DCONFIG_CTRL_IFACE
+CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
+.if ${MK_INET6} != "no"
+CFLAGS+= -DCONFIG_IPV6
+.endif
+CFLAGS+= -g
DPADD+= ${LIBPCAP}
LDADD+= -lpcap
+# User customizations for wpa_supplicant/hostapd build environment
+CFLAGS+=${WPA_SUPPLICANT_CFLAGS}
+#DPADD+=${WPA_SUPPLICANT_DPADD}
+LDADD+=${WPA_SUPPLICANT_LDADD}
+#LDFLAGS+=${WPA_SUPPLICANT_LDFLAGS}
+
+.if !empty(CFLAGS:M*-DEAP_SERVER)
+SRCS+= eap.c eap_methods.c eap_identity.c
+
+.if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
+
+CFLAGS+=-DEAP_TLS -DEAP_PEAP -DEAP_MSCHAPv2 -DEAP_PSK \
+ -DEAP_TLV -DEAP_TLS_FUNCS -DEAP_TLS_OPENSSL
+SRCS+= eap_tls.c eap_peap.c eap_mschapv2.c \
+ eap_psk.c eap_psk_common.c \
+ eap_tlv.c eap_tls_common.c tls_openssl.c ms_funcs.c crypto.c
+
+CFLAGS+=-DEAP_TTLS -DEAP_MD5
+SRCS+= eap_ttls.c eap_md5.c
+
+.if !empty(CFLAGS:M*-DEAP_GTC)
+SRCS+= eap_gtc.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_AKA)
+NEED_SIM_COMMON= true
+SRCS+= eap_aka.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_SIM)
+NEED_SIM_COMMON= true
+SRCS+= eap_sim.c
+.endif
+
+.if defined(NEED_SIM_COMMON)
+SRCS+= eap_sim_common.c eap_sim_db.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_GPSK)
+CFLAGS+=-DEAP_GPSK_SHA256
+SRCS+= eap_gpsk.c eap_gpsk_common.c
+NEED_SHA256= true
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_PAX)
+SRCS+= eap_pax.c eap_pax_common.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_SAKE)
+SRCS+= eap_sake.c eap_sake_common.c
+.endif
+
+DPADD+= ${LIBSSL} ${LIBCRYPTO}
+LDADD+= -lssl -lcrypto
+.else
+NEED_TLS_NONE= true
+.endif
+
+.else
+NEED_TLS_NONE= true
+.endif
+
+.if defined(NEED_SHA256)
+CFLAGS+=-DINTERNAL_SHA256
+SRCS+= sha256.c
+.endif
+
+.if defined(NEED_TLS_NONE)
+CFLAGS+= -DEAP_TLS_NONE
+CFLAGS+= -DINTERNAL_AES
+CFLAGS+= -DINTERNAL_SHA1
+CFLAGS+= -DINTERNAL_MD5
+SRCS+= tls_none.c
+.endif
+
driver_conf.c: Makefile
rm -f driver_conf.c
echo '/* THIS FILE AUTOMATICALLY GENERATED, DO NOT EDIT! */' \
Index: hostapd.conf.5
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/hostapd/hostapd.conf.5,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/hostapd/hostapd.conf.5 -L usr.sbin/wpa/hostapd/hostapd.conf.5 -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/hostapd/hostapd.conf.5
+++ usr.sbin/wpa/hostapd/hostapd.conf.5
@@ -1,4 +1,5 @@
.\" Copyright (c) 2005 Sam Leffler <sam at errno.com>
+.\" Copyright (c) 2006 Rui Paulo
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
@@ -22,9 +23,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/usr.sbin/wpa/hostapd/hostapd.conf.5,v 1.2 2005/06/27 06:40:43 ru Exp $
+.\" $FreeBSD: src/usr.sbin/wpa/hostapd/hostapd.conf.5,v 1.4 2006/09/29 17:57:04 ru Exp $
.\"
-.Dd June 16, 2005
+.Dd September 2, 2006
.Dt HOSTAPD.CONF 5
.Os
.Sh NAME
@@ -33,7 +34,161 @@
.Xr hostapd 8
utility
.Sh DESCRIPTION
-This is a placeholder for a real manual page.
+The
+.Xr hostapd 8
+utility
+is an authenticator for IEEE 802.11 networks.
+It provides full support for WPA/IEEE 802.11i and
+can also act as an IEEE 802.1X Authenticator with a suitable
+backend Authentication Server (typically
+.Tn FreeRADIUS ) .
+.Pp
+The configuration file consists of global parameters and domain
+specific configuration:
+.Bl -bullet -offset indent -compact
+.It
+IEEE 802.1X-2004
+.\" XXX not yet
+.\" .It
+.\" Integrated EAP server
+.\" .It
+.\" IEEE 802.11f - Inter-Access Point Protocol (IAPP)
+.It
+RADIUS client
+.It
+RADIUS authentication server
+.It
+WPA/IEEE 802.11i
+.El
+.Sh GLOBAL PARAMETERS
+The following parameters are recognized:
+.Bl -tag -width indent
+.It Va interface
+Interface name.
+Should be set in
+.Dq hostap
+mode.
+.It Va debug
+Debugging mode: 0 = no, 1 = minimal, 2 = verbose, 3 = msg dumps, 4 =
+excessive.
+.It Va dump_file
+Dump file for state information (on
+.Dv SIGUSR1 ) .
+.It Va ctrl_interface
+The pathname of the directory in which
+.Xr hostapd 8
+creates
+.Ux
+domain socket files for communication
+with frontend programs such as
+.Xr hostapd_cli 8 .
+.It Va ctrl_interface_group
+A group name or group ID to use in setting protection on the
+control interface file.
+This can be set to allow non-root users to access the
+control interface files.
+If no group is specified, the group ID of the control interface
+is not modified and will, typically, be the
+group ID of the directory in which the socket is created.
+.El
+.Sh IEEE 802.1X-2004 PARAMETERS
+The following parameters are recognized:
+.Bl -tag -width indent
+.It Va ieee8021x
+Require IEEE 802.1X authorization.
+.It Va eap_message
+Optional displayable message sent with EAP Request-Identity.
+.It Va wep_key_len_broadcast
+Key lengths for broadcast keys.
+.It Va wep_key_len_unicast
+Key lengths for unicast keys.
+.It Va wep_rekey_period
+Rekeying period in seconds.
+.It Va eapol_key_index_workaround
+EAPOL-Key index workaround (set bit7) for WinXP Supplicant.
+.It Va eap_reauth_period
+EAP reauthentication period in seconds.
+To disable reauthentication,
+use
+.Dq 0 .
+.\" XXX not yet
+.\" .It Va use_pae_group_addr
+.El
+.\" XXX not yet
+.\" .Sh IEEE 802.11f - IAPP PARAMETERS
+.\" The following parameters are recognized:
+.\" .Bl -tag -width indent
+.\" .It Va iapp_interface
+.\" Interface to be used for IAPP broadcast packets
+.\" .El
+.Sh RADIUS CLIENT PARAMETERS
+The following parameters are recognized:
+.Bl -tag -width indent
+.It Va own_ip_addr
+The own IP address of the access point (used as NAS-IP-Address).
+.It Va nas_identifier
+Optional NAS-Identifier string for RADIUS messages.
+.It Va auth_server_addr , auth_server_port , auth_server_shared_secret
+RADIUS authentication server parameters.
+Can be defined twice for secondary servers to be used if primary one
+does not reply to RADIUS packets.
+.It Va acct_server_addr , acct_server_port , acct_server_shared_secret
+RADIUS accounting server parameters.
+Can be defined twice for secondary servers to be used if primary one
+does not reply to RADIUS packets.
+.It Va radius_retry_primary_interval
+Retry interval for trying to return to the primary RADIUS server (in
+seconds).
+.It Va radius_acct_interim_interval
+Interim accounting update interval.
+If this is set (larger than 0) and acct_server is configured,
+.Xr hostapd 8
+will send interim accounting updates every N seconds.
+.El
+.Sh RADIUS AUTHENTICATION SERVER PARAMETERS
+The following parameters are recognized:
+.Bl -tag -width indent
+.It Va radius_server_clients
+File name of the RADIUS clients configuration for the RADIUS server.
+If this is commented out, RADIUS server is disabled.
+.It Va radius_server_auth_port
+The UDP port number for the RADIUS authentication server.
+.It Va radius_server_ipv6
+Use IPv6 with RADIUS server.
+.El
+.Sh WPA/IEEE 802.11i PARAMETERS
+The following parameters are recognized:
+.Bl -tag -width indent
+.It Va wpa
+Enable WPA.
+Setting this variable configures the AP to require WPA (either
+WPA-PSK or WPA-RADIUS/EAP based on other configuration).
+.It Va wpa_psk , wpa_passphrase
+WPA pre-shared keys for WPA-PSK.
+This can be either entered as a 256-bit secret in hex format (64 hex
+digits), wpa_psk, or as an ASCII passphrase (8..63 characters) that
+will be converted to PSK.
+This conversion uses SSID so the PSK changes when ASCII passphrase is
+used and the SSID is changed.
+.It Va wpa_psk_file
+Optionally, WPA PSKs can be read from a separate text file (containing a
+list of (PSK,MAC address) pairs.
+.It Va wpa_key_mgmt
+Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both).
+.It Va wpa_pairwise
+Set of accepted cipher suites (encryption algorithms) for pairwise keys
+(unicast packets).
+See the example file for more information.
+.It Va wpa_group_rekey
+Time interval for rekeying GTK (broadcast/multicast encryption keys) in
+seconds.
+.It Va wpa_strict_rekey
+Rekey GTK when any STA that possesses the current GTK is leaving the
+BSS.
+.It Va wpa_gmk_rekey
+Time interval for rekeying GMK (master key used internally to generate GTKs),
+in seconds.
+.El
.Sh SEE ALSO
.Xr hostapd 8 ,
.Xr hostapd_cli 8
Index: hostapd.8
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/hostapd/hostapd.8,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/hostapd/hostapd.8 -L usr.sbin/wpa/hostapd/hostapd.8 -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/hostapd/hostapd.8
+++ usr.sbin/wpa/hostapd/hostapd.8
@@ -22,9 +22,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/usr.sbin/wpa/hostapd/hostapd.8,v 1.2 2005/06/27 06:40:43 ru Exp $
+.\" $FreeBSD: src/usr.sbin/wpa/hostapd/hostapd.8,v 1.2.10.1 2007/11/06 18:13:25 simon Exp $
.\"
-.Dd June 16, 2005
+.Dd October 26, 2007
.Dt HOSTAPD 8
.Os
.Sh NAME
@@ -33,6 +33,7 @@
.Sh SYNOPSIS
.Nm
.Op Fl BdhKtv
+.Op Fl P Ar pidfile
.Ar config-file ...
.Sh DESCRIPTION
The
@@ -102,6 +103,9 @@
in the background.
.It Fl K
Include key information in debugging output.
+.It Fl P Ar pidfile
+Store PID in
+.Ar pidfile .
.El
.Sh SEE ALSO
.Xr ath 4 ,
Index: driver_freebsd.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/hostapd/driver_freebsd.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L usr.sbin/wpa/hostapd/driver_freebsd.c -L usr.sbin/wpa/hostapd/driver_freebsd.c -u -r1.2 -r1.3
--- usr.sbin/wpa/hostapd/driver_freebsd.c
+++ usr.sbin/wpa/hostapd/driver_freebsd.c
@@ -12,7 +12,7 @@
*
* See README and COPYING for more details.
*
- * $FreeBSD: src/usr.sbin/wpa/hostapd/driver_freebsd.c,v 1.2.2.1 2006/03/24 01:43:18 sam Exp $
+ * $FreeBSD: src/usr.sbin/wpa/hostapd/driver_freebsd.c,v 1.6 2007/07/09 16:26:48 sam Exp $
*/
#include <stdlib.h>
#include <stdio.h>
@@ -55,7 +55,7 @@
static const struct driver_ops bsd_driver_ops;
-static int bsd_sta_deauth(void *priv, u8 *addr, int reason_code);
+static int bsd_sta_deauth(void *priv, const u8 *addr, int reason_code);
static int
set80211var(struct bsd_driver_data *drv, int op, const void *arg, int arg_len)
@@ -129,9 +129,9 @@
bsd_configure_wpa(struct bsd_driver_data *drv)
{
static const char *ciphernames[] =
- { "WEP", "TKIP", "AES-OCB", "AES-CCM", "CKIP", "NONE" };
- hostapd *hapd = drv->hapd;
- struct hostapd_config *conf = hapd->conf;
+ { "WEP", "TKIP", "AES-OCB", "AES-CCM", "*BAD*", "CKIP", "NONE" };
+ struct hostapd_data *hapd = drv->hapd;
+ struct hostapd_bss_config *conf = hapd->conf;
int v;
switch (conf->wpa_group) {
@@ -218,7 +218,7 @@
bsd_set_iface_flags(void *priv, int dev_up)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ifreq ifr;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_VERBOSE,
@@ -260,11 +260,11 @@
}
static int
-bsd_set_ieee8021x(void *priv, int enabled)
+bsd_set_ieee8021x(const char *ifname, void *priv, int enabled)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
- struct hostapd_config *conf = hapd->conf;
+ struct hostapd_data *hapd = drv->hapd;
+ struct hostapd_bss_config *conf = hapd->conf;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_VERBOSE,
"%s: enabled=%d\n", __func__, enabled);
@@ -294,10 +294,10 @@
}
static int
-bsd_set_privacy(void *priv, int enabled)
+bsd_set_privacy(const char *ifname, void *priv, int enabled)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
"%s: enabled=%d\n", __func__, enabled);
@@ -306,10 +306,10 @@
}
static int
-bsd_set_sta_authorized(void *priv, u8 *addr, int authorized)
+bsd_set_sta_authorized(void *priv, const u8 *addr, int authorized)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ieee80211req_mlme mlme;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_VERBOSE,
@@ -326,10 +326,21 @@
}
static int
-bsd_del_key(void *priv, unsigned char *addr, int key_idx)
+bsd_sta_set_flags(void *priv, const u8 *addr, int flags_or, int flags_and)
+{
+ /* For now, only support setting Authorized flag */
+ if (flags_or & WLAN_STA_AUTHORIZED)
+ return bsd_set_sta_authorized(priv, addr, 1);
+ if (!(flags_and & WLAN_STA_AUTHORIZED))
+ return bsd_set_sta_authorized(priv, addr, 0);
+ return 0;
+}
+
+static int
+bsd_del_key(void *priv, const unsigned char *addr, int key_idx)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ieee80211req_del_key wk;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
@@ -348,12 +359,12 @@
}
static int
-bsd_set_key(void *priv, const char *alg,
- unsigned char *addr, int key_idx,
- u8 *key, size_t key_len)
+bsd_set_key(const char *ifname, void *priv, const char *alg,
+ const u8 *addr, int key_idx,
+ const u8 *key, size_t key_len, int txkey)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ieee80211req_key wk;
u_int8_t cipher;
@@ -400,10 +411,11 @@
static int
-bsd_get_seqnum(void *priv, u8 *addr, int idx, u8 *seq)
+bsd_get_seqnum(const char *ifname, void *priv, const u8 *addr, int idx,
+ u8 *seq)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ieee80211req_key wk;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
@@ -440,7 +452,7 @@
static int
bsd_read_sta_driver_data(void *priv, struct hostap_sta_driver_data *data,
- u8 *addr)
+ const u8 *addr)
{
struct bsd_driver_data *drv = priv;
struct ieee80211req_sta_stats stats;
@@ -457,10 +469,10 @@
}
static int
-bsd_sta_clear_stats(void *priv, u8 *addr)
+bsd_sta_clear_stats(void *priv, const u8 *addr)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ieee80211req_sta_stats stats;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "%s: addr=%s\n",
@@ -473,7 +485,7 @@
}
static int
-bsd_set_opt_ie(void *priv, const u8 *ie, size_t ie_len)
+bsd_set_opt_ie(const char *ifname, void *priv, const u8 *ie, size_t ie_len)
{
/*
* Do nothing; we setup parameters at startup that define the
@@ -483,10 +495,10 @@
}
static int
-bsd_sta_deauth(void *priv, u8 *addr, int reason_code)
+bsd_sta_deauth(void *priv, const u8 *addr, int reason_code)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ieee80211req_mlme mlme;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
@@ -500,10 +512,10 @@
}
static int
-bsd_sta_disassoc(void *priv, u8 *addr, int reason_code)
+bsd_sta_disassoc(void *priv, const u8 *addr, int reason_code)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct ieee80211req_mlme mlme;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
@@ -519,7 +531,7 @@
bsd_del_sta(struct bsd_driver_data *drv, u8 addr[IEEE80211_ADDR_LEN])
{
struct hostapd_data *hapd = drv->hapd;
- struct hostapd_config *conf = hapd->conf;
+ struct hostapd_bss_config *conf = hapd->conf;
struct sta_info *sta;
hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
@@ -527,11 +539,11 @@
sta = ap_get_sta(hapd, addr);
if (sta != NULL) {
- sta->flags &= ~WLAN_STA_ASSOC;
+ sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
if (conf->wpa)
- wpa_sm_event(hapd, sta, WPA_DISASSOC);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
- ieee802_1x_set_port_enabled(hapd, sta, 0);
+ ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
ap_free_sta(hapd, sta);
}
return 0;
@@ -541,7 +553,7 @@
bsd_new_sta(struct bsd_driver_data *drv, u8 addr[IEEE80211_ADDR_LEN])
{
struct hostapd_data *hapd = drv->hapd;
- struct hostapd_config *conf = hapd->conf;
+ struct hostapd_bss_config *conf = hapd->conf;
struct sta_info *sta;
struct ieee80211req_wpaie ie;
int new_assoc, ielen, res;
@@ -562,35 +574,25 @@
printf("Failed to get WPA/RSN information element.\n");
return -1; /* XXX not right */
}
- ielen = ie.wpa_ie[1];
- if (ielen == 0) {
+ if (ie.wpa_ie[1] == 0) {
printf("No WPA/RSN information element for station!\n");
return -1; /* XXX not right */
}
- ielen += 2;
- res = wpa_validate_wpa_ie(hapd, sta, ie.wpa_ie, ielen,
- ie.wpa_ie[0] == WLAN_EID_RSN ?
- HOSTAPD_WPA_VERSION_WPA2 :
- HOSTAPD_WPA_VERSION_WPA);
+ if (sta->wpa_sm == NULL)
+ sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
+ sta->addr);
+ if (sta->wpa_sm == NULL) {
+ printf("Failed to initialize WPA state machine\n");
+ return -1;
+ }
+ ielen = 2 + ie.wpa_ie[1];
+ res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
+ ie.wpa_ie, ielen);
if (res != WPA_IE_OK) {
printf("WPA/RSN information element rejected? "
"(res %u)\n", res);
return -1;
}
- if (sta->wpa_ie != NULL)
- free(sta->wpa_ie);
- sta->wpa_ie = malloc(ielen);
- if (sta->wpa_ie == NULL) {
- printf("No memory for WPA/RSN information element!\n");
- return -1;
- }
- memcpy(sta->wpa_ie, ie.wpa_ie, ielen);
- sta->wpa_ie_len = ielen;
- } else {
- if (sta->wpa_ie != NULL)
- free(sta->wpa_ie);
- sta->wpa_ie = NULL;
- sta->wpa_ie_len = 0;
}
/*
@@ -598,16 +600,11 @@
* kick the authenticator into action.
*/
new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0;
- sta->flags |= WLAN_STA_ASSOC;
- if (new_assoc) {
- if (conf->wpa)
- wpa_sm_event(hapd, sta, WPA_ASSOC);
- hostapd_new_assoc_sta(hapd, sta, !new_assoc);
- } else {
- if (conf->wpa)
- wpa_sm_event(hapd, sta, WPA_REAUTH);
- }
+ sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
+ wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);
+ hostapd_new_assoc_sta(hapd, sta, !new_assoc);
ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
+
return 0;
}
@@ -710,10 +707,11 @@
static int
-bsd_send_eapol(void *priv, u8 *addr, u8 *data, size_t data_len, int encrypt)
+bsd_send_eapol(void *priv, const u8 *addr, const u8 *data, size_t data_len,
+ int encrypt, const u8 *own_addr)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
unsigned char buf[3000];
unsigned char *bp = buf;
struct l2_ethhdr *eth;
@@ -737,12 +735,11 @@
}
eth = (struct l2_ethhdr *) bp;
memcpy(eth->h_dest, addr, ETH_ALEN);
- memcpy(eth->h_source, drv->hapd->own_addr, ETH_ALEN);
+ memcpy(eth->h_source, own_addr, ETH_ALEN);
eth->h_proto = htons(ETH_P_EAPOL);
memcpy(eth+1, data, data_len);
- if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MSGDUMPS))
- hostapd_hexdump("TX EAPOL", bp, len);
+ wpa_hexdump(MSG_MSGDUMP, "TX EAPOL", bp, len);
status = l2_packet_send(drv->sock_xmit, addr, ETH_P_EAPOL, bp, len);
@@ -755,7 +752,7 @@
handle_read(void *ctx, const u8 *src_addr, const u8 *buf, size_t len)
{
struct bsd_driver_data *drv = ctx;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
struct sta_info *sta;
sta = ap_get_sta(hapd, src_addr);
@@ -770,10 +767,10 @@
}
static int
-bsd_get_ssid(void *priv, u8 *buf, int len)
+bsd_get_ssid(const char *ifname, void *priv, u8 *buf, int len)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
int ssid_len = get80211var(priv, IEEE80211_IOC_SSID, buf, len);
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "%s: ssid=\"%.*s\"\n",
@@ -783,10 +780,10 @@
}
static int
-bsd_set_ssid(void *priv, u8 *buf, int len)
+bsd_set_ssid(const char *ifname, void *priv, const u8 *buf, int len)
{
struct bsd_driver_data *drv = priv;
- hostapd *hapd = drv->hapd;
+ struct hostapd_data *hapd = drv->hapd;
HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "%s: ssid=\"%.*s\"\n",
__func__, len, buf);
@@ -836,12 +833,13 @@
hapd->driver = &drv->ops;
return 0;
bad:
- if (drv->sock_xmit != NULL)
- l2_packet_deinit(drv->sock_xmit);
- if (drv->ioctl_sock >= 0)
- close(drv->ioctl_sock);
- if (drv != NULL)
+ if (drv != NULL) {
+ if (drv->sock_xmit != NULL)
+ l2_packet_deinit(drv->sock_xmit);
+ if (drv->ioctl_sock >= 0)
+ close(drv->ioctl_sock);
free(drv);
+ }
return -1;
}
@@ -873,7 +871,7 @@
.set_generic_elem = bsd_set_opt_ie,
.wireless_event_init = bsd_wireless_event_init,
.wireless_event_deinit = bsd_wireless_event_deinit,
- .set_sta_authorized = bsd_set_sta_authorized,
+ .sta_set_flags = bsd_sta_set_flags,
.read_sta_data = bsd_read_sta_driver_data,
.send_eapol = bsd_send_eapol,
.sta_disassoc = bsd_sta_disassoc,
Index: Makefile
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/hostapd_cli/Makefile,v
retrieving revision 1.2
retrieving revision 1.3
diff -L usr.sbin/wpa/hostapd_cli/Makefile -L usr.sbin/wpa/hostapd_cli/Makefile -u -r1.2 -r1.3
--- usr.sbin/wpa/hostapd_cli/Makefile
+++ usr.sbin/wpa/hostapd_cli/Makefile
@@ -1,4 +1,4 @@
-# $FreeBSD: src/usr.sbin/wpa/hostapd_cli/Makefile,v 1.2.2.1 2006/03/24 01:43:18 sam Exp $
+# $FreeBSD: src/usr.sbin/wpa/hostapd_cli/Makefile,v 1.4 2007/07/09 16:26:48 sam Exp $
CONTRIB= ${.CURDIR}/../../../contrib
HOSTAPD_DISTDIR?= ${CONTRIB}/hostapd
@@ -9,6 +9,9 @@
PROG= hostapd_cli
SRCS= hostapd_cli.c wpa_ctrl.c
+CFLAGS+= -DCONFIG_CTRL_IFACE
+CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
+
MAN= hostapd_cli.8
.include <bsd.prog.mk>
Index: ndis_events.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/ndis_events/ndis_events.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/ndis_events/ndis_events.c -L usr.sbin/wpa/ndis_events/ndis_events.c -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/ndis_events/ndis_events.c
+++ usr.sbin/wpa/ndis_events/ndis_events.c
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/usr.sbin/wpa/ndis_events/ndis_events.c,v 1.4.2.1 2005/10/27 17:06:47 wpaul Exp $");
+__FBSDID("$FreeBSD: src/usr.sbin/wpa/ndis_events/ndis_events.c,v 1.4 2005/10/21 16:57:57 wpaul Exp $");
/*
* This program simulates the behavior of the ndis_events utility
Index: ndis_events.8
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/ndis_events/ndis_events.8,v
retrieving revision 1.2
retrieving revision 1.3
diff -L usr.sbin/wpa/ndis_events/ndis_events.8 -L usr.sbin/wpa/ndis_events/ndis_events.8 -u -r1.2 -r1.3
--- usr.sbin/wpa/ndis_events/ndis_events.8
+++ usr.sbin/wpa/ndis_events/ndis_events.8
@@ -28,9 +28,9 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
.\" THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/usr.sbin/wpa/ndis_events/ndis_events.8,v 1.3.2.2 2006/03/23 07:41:33 hrs Exp $
+.\" $FreeBSD: src/usr.sbin/wpa/ndis_events/ndis_events.8,v 1.7 2007/09/07 22:19:29 brueffer Exp $
.\"
-.Dd October 10, 2005
+.Dd August 30, 2007
.Dt NDIS_EVENTS 8
.Os
.Sh NAME
@@ -51,7 +51,8 @@
.Xr ndis 4
wireless network driver and relays them to
.Xr wpa_supplicant 8
-for possible processing. The three event types that can occur
+for possible processing.
+The three event types that can occur
are media connect and disconnect events, such as when a wireless
interface joins or leaves a network, and media-specific events.
In particular,
@@ -64,12 +65,14 @@
The
.Nm
daemon works by listening for interface information events via
-a routing socket. When it detects an event that was generated by an
+a routing socket.
+When it detects an event that was generated by an
.Xr ndis 4
interface, it transmits it via UDP packet on the loopback interface,
where
.Xr wpa_supplicant 8
-is presumeably listening. The standard
+is presumeably listening.
+The standard
.Xr wpa_supplicant 8
distribution includes its own version of this utility for use with
.Tn Windows\[rg] .
@@ -92,30 +95,33 @@
daemon supports the following options:
.Bl -tag -width indent
.It Fl a
-Process all events. By default,
+Process all events.
+By default,
.Nm
will only process and forward media-specific events, which contain
PMKID candidate information, and not bother forwarding connect and
disconnect events, since
.Xr wpa_supplicant 8
-normally can determine the current link state on its own. In some
+normally can determine the current link state on its own.
+In some
cases, the additional connect and disconnect events only confuse it
and make the association and authentication process take longer.
.It Fl d
-Run in debug mode. This causes
+Run in debug mode.
+This causes
.Nm
to run in the foreground and generate any output to the standard
error instead of using the
.Xr syslog 3
facility.
.It Fl v
-Run in verbose mode. This causes
+Run in verbose mode.
+This causes
.Nm
to emit notifications when it receives events.
.El
.Sh SEE ALSO
.Xr ndis 4 ,
-.Xr ndisapi 9 ,
.Xr wpa_supplicant 8
.Sh HISTORY
The
Index: Makefile
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/ndis_events/Makefile,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/ndis_events/Makefile -L usr.sbin/wpa/ndis_events/Makefile -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/ndis_events/Makefile
+++ usr.sbin/wpa/ndis_events/Makefile
@@ -1,4 +1,4 @@
-# $FreeBSD: src/usr.sbin/wpa/ndis_events/Makefile,v 1.1.2.1 2005/10/27 17:06:47 wpaul Exp $
+# $FreeBSD: src/usr.sbin/wpa/ndis_events/Makefile,v 1.1 2005/10/10 17:51:12 wpaul Exp $
PROG= ndis_events
SRCS+= ndis_events.c
Index: wpa_cli.8
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_cli/wpa_cli.8,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/wpa_cli/wpa_cli.8 -L usr.sbin/wpa/wpa_cli/wpa_cli.8 -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/wpa_cli/wpa_cli.8
+++ usr.sbin/wpa/wpa_cli/wpa_cli.8
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/usr.sbin/wpa/wpa_cli/wpa_cli.8,v 1.2.2.1 2005/07/16 19:02:21 brueffer Exp $
+.\" $FreeBSD: src/usr.sbin/wpa/wpa_cli/wpa_cli.8,v 1.3 2005/07/13 05:39:47 brueffer Exp $
.\"
.Dd June 16, 2005
.Dt WPA_CLI 8
Index: Makefile
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_cli/Makefile,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/wpa_cli/Makefile -L usr.sbin/wpa/wpa_cli/Makefile -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/wpa_cli/Makefile
+++ usr.sbin/wpa/wpa_cli/Makefile
@@ -1,11 +1,14 @@
-# $FreeBSD: src/usr.sbin/wpa/wpa_cli/Makefile,v 1.2 2005/06/17 03:08:59 sam Exp $
+# $FreeBSD: src/usr.sbin/wpa/wpa_cli/Makefile,v 1.3 2007/07/11 16:04:07 sam Exp $
WPA_SUPPLICANT_DISTDIR?= ${.CURDIR}/../../../contrib/wpa_supplicant
.PATH: ${WPA_SUPPLICANT_DISTDIR}
PROG= wpa_cli
-SRCS= wpa_cli.c wpa_ctrl.c
+SRCS= wpa_cli.c wpa_ctrl.c os_unix.c
MAN= wpa_cli.8
+CFLAGS+= -DCONFIG_CTRL_IFACE
+CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
+
.include <bsd.prog.mk>
--- /dev/null
+++ usr.sbin/wpa/wpa_passphrase/wpa_passphrase.8
@@ -0,0 +1,66 @@
+.\" Copyright (c) 2006 Henrik Brix Andersen <henrik at brixandersen.dk>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: src/usr.sbin/wpa/wpa_passphrase/wpa_passphrase.8,v 1.2 2007/07/17 22:28:51 simon Exp $
+.\"
+.Dd July 17, 2007
+.Dt WPA_PASSPHRASE 8
+.Os
+.Sh NAME
+.Nm wpa_passphrase
+.Nd "utility for generating a 256-bit pre-shared WPA key from an ASCII passphrase"
+.Sh SYNOPSIS
+.Nm
+.Aq Ar ssid
+.Op Ar passphrase
+.Sh DESCRIPTION
+The
+.Nm
+utility is a small program for generating a 256-bit pre-shared WPA key
+from an ASCII passphrase and a given SSID. The output is formatted for
+inclusion in
+.Xr wpa_supplicant.conf 5 .
+.Pp
+If
+.Nm
+is called with only an SSID as argument it will prompt for a
+passphrase on standard input.
+.Sh SEE ALSO
+.Xr wpa_supplicant.conf 5 ,
+.Xr wpa_supplicant 8
+.Sh HISTORY
+The
+.Nm
+utility first appeared in
+.Fx 6.3 .
+.Sh AUTHORS
+The
+.Nm
+utility was written by
+.An Jouni Malinen
+.Aq jkmaline at cc.hut.fi .
+.Pp
+This manual page was written by
+.An Henrik Brix Andersen
+.Aq henrik at brixandersen.dk .
--- /dev/null
+++ usr.sbin/wpa/wpa_passphrase/Makefile
@@ -0,0 +1,14 @@
+# $FreeBSD: src/usr.sbin/wpa/wpa_passphrase/Makefile,v 1.2 2007/07/11 16:04:08 sam Exp $
+
+WPA_SUPPLICANT_DISTDIR?= ${.CURDIR}/../../../contrib/wpa_supplicant
+.PATH: ${WPA_SUPPLICANT_DISTDIR}
+
+PROG= wpa_passphrase
+SRCS= wpa_passphrase.c sha1.c md5.c
+
+CFLAGS+= -DINTERNAL_SHA1
+CFLAGS+= -DINTERNAL_MD5
+
+MAN= wpa_passphrase.8
+
+.include <bsd.prog.mk>
Index: Packet32.h
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_supplicant/Packet32.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/wpa_supplicant/Packet32.h -L usr.sbin/wpa/wpa_supplicant/Packet32.h -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/wpa_supplicant/Packet32.h
+++ usr.sbin/wpa/wpa_supplicant/Packet32.h
@@ -29,7 +29,7 @@
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGE.
*
- * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/Packet32.h,v 1.2.2.1 2005/10/27 17:06:47 wpaul Exp $
+ * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/Packet32.h,v 1.2 2005/10/20 16:49:31 wpaul Exp $
*/
#ifndef _PACKET32_H_
Index: Packet32.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_supplicant/Packet32.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L usr.sbin/wpa/wpa_supplicant/Packet32.c -L usr.sbin/wpa/wpa_supplicant/Packet32.c -u -r1.2 -r1.3
--- usr.sbin/wpa/wpa_supplicant/Packet32.c
+++ usr.sbin/wpa/wpa_supplicant/Packet32.c
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/usr.sbin/wpa/wpa_supplicant/Packet32.c,v 1.2.2.1.2.1 2006/04/13 04:06:18 kensmith Exp $");
+__FBSDID("$FreeBSD: src/usr.sbin/wpa/wpa_supplicant/Packet32.c,v 1.4 2007/07/11 16:04:08 sam Exp $");
/*
* This file implements a small portion of the Winpcap API for the
@@ -57,6 +57,8 @@
#include <netdb.h>
#include <net/route.h>
+#include <net80211/ieee80211_ioctl.h>
+
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -97,6 +99,7 @@
struct adapter {
int socket;
char name[IFNAMSIZ];
+ int prev_roaming;
};
PCHAR
@@ -113,6 +116,7 @@
int s;
int ifflags;
struct ifreq ifr;
+ struct ieee80211req ireq;
s = socket(PF_INET, SOCK_DGRAM, 0);
@@ -124,8 +128,24 @@
return(NULL);
a->socket = s;
+ if (strncmp(iface, "\\Device\\NPF_", 12) == 0)
+ iface += 12;
+ else if (strncmp(iface, "\\DEVICE\\", 8) == 0)
+ iface += 8;
snprintf(a->name, IFNAMSIZ, "%s", iface);
+ /* Turn off net80211 roaming */
+ bzero((char *)&ireq, sizeof(ireq));
+ strncpy(ireq.i_name, iface, sizeof (ifr.ifr_name));
+ ireq.i_type = IEEE80211_IOC_ROAMING;
+ if (ioctl(a->socket, SIOCG80211, &ireq) == 0) {
+ a->prev_roaming = ireq.i_val;
+ ireq.i_val = IEEE80211_ROAMING_MANUAL;
+ if (ioctl(a->socket, SIOCS80211, &ireq) < 0)
+ fprintf(stderr,
+ "Could not set IEEE80211_ROAMING_MANUAL\n");
+ }
+
bzero((char *)&ifr, sizeof(ifr));
strncpy(ifr.ifr_name, iface, sizeof (ifr.ifr_name));
if (ioctl(a->socket, SIOCGIFFLAGS, (caddr_t)&ifr) < 0) {
@@ -326,12 +346,20 @@
{
struct adapter *a;
struct ifreq ifr;
+ struct ieee80211req ireq;
if (iface == NULL)
return;
a = iface;
+ /* Reset net80211 roaming */
+ bzero((char *)&ireq, sizeof(ireq));
+ strncpy(ireq.i_name, a->name, sizeof (ifr.ifr_name));
+ ireq.i_type = IEEE80211_IOC_ROAMING;
+ ireq.i_val = a->prev_roaming;
+ ioctl(a->socket, SIOCS80211, &ireq);
+
bzero((char *)&ifr, sizeof(ifr));
strncpy(ifr.ifr_name, a->name, sizeof (ifr.ifr_name));
ioctl(a->socket, SIOCGIFFLAGS, (caddr_t)&ifr);
Index: ntddndis.h
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_supplicant/ntddndis.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/wpa_supplicant/ntddndis.h -L usr.sbin/wpa/wpa_supplicant/ntddndis.h -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/wpa_supplicant/ntddndis.h
+++ usr.sbin/wpa/wpa_supplicant/ntddndis.h
@@ -2,7 +2,7 @@
#define _NTDDNDIS_H_
/*
- * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/ntddndis.h,v 1.2.2.1 2005/10/27 17:06:47 wpaul Exp $
+ * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/ntddndis.h,v 1.2 2005/10/20 16:49:31 wpaul Exp $
*/
/*
Index: wpa_supplicant.8
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -L usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8 -L usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8 -u -r1.1.1.1 -r1.2
--- usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8
+++ usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8
@@ -22,9 +22,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8,v 1.2 2005/06/27 06:40:43 ru Exp $
+.\" $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.8,v 1.3.4.1 2008/02/21 23:29:26 brueffer Exp $
.\"
-.Dd June 16, 2005
+.Dd February 21, 2008
.Dt WPA_SUPPLICANT 8
.Os
.Sh NAME
@@ -35,7 +35,6 @@
.Op Fl BdehLqvw
.Fl i Ar ifname
.Fl c Ar config-file
-.Op Fl N i Ar ifname Fl c Ar config-file ...
.Sh DESCRIPTION
The
.Nm
@@ -118,20 +117,19 @@
Include key information in debugging output.
.It Fl L
Display the license for this program on the terminal and exit.
-.It Fl N i Ar ifname Fl c Ar config-file ...
-Specify an additional interface and configuration file.
-If multiple interfaces are specified then
-.Nm
-will manage them all with a single process.
.El
.Sh SEE ALSO
+.Xr an 4 ,
.Xr ath 4 ,
.Xr ipw 4 ,
.Xr iwi 4 ,
.Xr ral 4 ,
+.Xr rum 4 ,
.Xr ural 4 ,
.Xr wi 4 ,
.Xr wlan 4 ,
+.Xr wpi 4 ,
+.Xr zyd 4 ,
.Xr wpa_supplicant.conf 5 ,
.Xr devd 8 ,
.Xr ifconfig 8 ,
Index: Makefile
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_supplicant/Makefile,v
retrieving revision 1.2
retrieving revision 1.3
diff -L usr.sbin/wpa/wpa_supplicant/Makefile -L usr.sbin/wpa/wpa_supplicant/Makefile -u -r1.2 -r1.3
--- usr.sbin/wpa/wpa_supplicant/Makefile
+++ usr.sbin/wpa/wpa_supplicant/Makefile
@@ -1,20 +1,30 @@
-# $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/Makefile,v 1.3.2.3 2006/03/24 01:43:18 sam Exp $
+# $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/Makefile,v 1.11.2.2 2007/11/21 06:07:12 sam Exp $
+
+.include <bsd.own.mk>
WPA_SUPPLICANT_DISTDIR?= ${.CURDIR}/../../../contrib/wpa_supplicant
.PATH: ${.CURDIR}/.. ${WPA_SUPPLICANT_DISTDIR}
PROG= wpa_supplicant
SRCS= config.c eloop.c common.c md5.c rc4.c sha1.c aes_wrap.c \
- wpa_supplicant.c events.c wpa.c preauth.c \
- ctrl_iface.c l2_packet.c main.c drivers.c driver_freebsd.c \
- driver_ndis.c driver_ndis_.c Packet32.c
+ wpa_supplicant.c events.c wpa.c preauth.c pmksa_cache.c \
+ ctrl_iface.c ctrl_iface_unix.c l2_packet.c main.c drivers.c \
+ driver_ndis.c Packet32.c \
+ driver_freebsd.c os_unix.c
MAN= wpa_supplicant.8 wpa_supplicant.conf.5
+.if ${MK_EXAMPLES} != "no"
+FILESDIR= ${SHAREDIR}/examples/wpa_supplicant
+FILES= wpa_supplicant.conf
+.endif
+
CFLAGS+= -I${.CURDIR} -I${WPA_SUPPLICANT_DISTDIR}
CFLAGS+= -DCONFIG_DRIVER_BSD
CFLAGS+= -DCONFIG_DRIVER_NDIS
CFLAGS+= -DCONFIG_CTRL_IFACE
+CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
+CFLAGS+= -DCONFIG_TERMINATE_ONLASTIF
CFLAGS+= -g
DPADD+= ${LIBPCAP}
LDADD+= -lpcap
@@ -23,13 +33,19 @@
SRCS+= config_file.c base64.c
CFLAGS+=-DCONFIG_BACKEND_FILE
-.if !defined(NO_WPA_SUPPLICANT_EAPOL)
-SRCS+= eapol_sm.c eap.c
+# User customizations to the wpa_supplicant build environment
+CFLAGS+=${WPA_SUPPLICANT_CFLAGS}
+#DPADD+=${WPA_SUPPLICANT_DPADD}
+LDADD+=${WPA_SUPPLICANT_LDADD}
+#LDFLAGS+=${WPA_SUPPLICANT_LDFLAGS}
+
+.if ${MK_WPA_SUPPLICANT_EAPOL} != "no"
+SRCS+= eapol_sm.c eap.c eap_methods.c
CFLAGS+= -DIEEE8021X_EAPOL
-.if !defined(NO_CRYPT) && !defined(NO_OPENSSL) && !defined(RELEASE_CRUNCH)
+.if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
CFLAGS+=-DEAP_TLS -DEAP_PEAP -DEAP_MSCHAPv2 -DEAP_LEAP -DEAP_PSK \
- -DEAP_TLV -DEAP_TLS_FUNCS
+ -DEAP_TLV -DEAP_TLS_FUNCS -DEAP_TLS_OPENSSL
SRCS+= eap_tls.c eap_peap.c eap_mschapv2.c eap_leap.c \
eap_psk.c eap_psk_common.c \
eap_tlv.c eap_tls_common.c tls_openssl.c ms_funcs.c crypto.c
@@ -37,16 +53,85 @@
CFLAGS+=-DEAP_TTLS -DEAP_MD5
SRCS+= eap_ttls.c eap_md5.c
+.if !empty(CFLAGS:M*-DEAP_GTC)
+SRCS+= eap_gtc.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_OTP)
+SRCS+= eap_otp.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_AKA)
+NEED_SIM_COMMON= true
+SRCS+= eap_aka.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_SIM)
+NEED_SIM_COMMON= true
+SRCS+= eap_sim.c
+.endif
+
+.if defined(NEED_SIM_COMMON)
+SRCS+= eap_sim_common.c
+
+# PC/SC interface for smartcards (USIM, GSM SIM)
+# GSM/UMTS authentication algorithm (for EAP-SIM/EAP-AKA)
+# NB: requires devel/pcsc-lite
+#
+# WPA_SUPPLICANT_CFLAGS=-DEAP_AKA -DPCSC_FUNCS -I/usr/local/include/PCSC
+# WPA_SUPPLICANT_LDADD=-L/usr/local/lib
+#
+.if !empty(CFLAGS:M*-DPCSC_FUNCS)
+SRCS+= pcsc_funcs.c
+DPADD+=${LIBPTHREAD}
+LDADD+=-lpcsclite -lpthread
+.endif
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_GPSK)
+CFLAGS+=-DEAP_GPSK_SHA256
+SRCS+= eap_gpsk.c eap_gpsk_common.c
+NEED_SHA256= true
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_PAX)
+SRCS+= eap_pax.c eap_pax_common.c
+.endif
+
+.if !empty(CFLAGS:M*-DEAP_SAKE)
+SRCS+= eap_sake.c eap_sake_common.c
+.endif
+
# NB: requires patch to openssl
#CFLAGS+= -DEAP_FAST
#SRCS+= eap_fast.c
-DPADD+= ${LIBCRYPTO}
-LDADD+= -lssl -lcrypto
+NEED_LIBSSL= true
.else
+CFLAGS+= -DEAP_TLS_NONE
SRCS+= tls_none.c
.endif
.endif
+#
+# Configure crypto/cipher support.
+#
+# EAPOL support requires openssl in which case we use their
+# cipher code. Otherwise we use our internal versions.
+#
+.if !defined(NEED_LIBSSL)
+CFLAGS+= -DINTERNAL_AES
+CFLAGS+= -DINTERNAL_SHA1
+CFLAGS+= -DINTERNAL_MD5
+.else
+DPADD+= ${LIBSSL} ${LIBCRYPTO}
+LDADD+= -lssl -lcrypto
+.endif
+
+.if defined(NEED_SHA256)
+CFLAGS+=-DINTERNAL_SHA256
+SRCS+= sha256.c
+.endif
+
.include <bsd.prog.mk>
Index: wpa_supplicant.conf.5
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5,v
retrieving revision 1.1.1.2
retrieving revision 1.2
diff -L usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 -L usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 -u -r1.1.1.2 -r1.2
--- usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5
+++ usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5
@@ -22,9 +22,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5,v 1.3.2.4 2006/02/21 17:19:54 sam Exp $
+.\" $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5,v 1.9 2007/07/11 16:04:08 sam Exp $
.\"
-.Dd February 14, 2006
+.Dd July 8, 2007
.Dt WPA_SUPPLICANT.CONF 5
.Os
.Sh NAME
@@ -218,7 +218,12 @@
.Tn ASCII
passphrase.
.Tn ASCII
-passphrases are converted to a 256-bit key using the network SSID.
+passphrases are dynamically converted to a 256-bit key at runtime
+using the network SSID, or they can be statically converted at
+configuration time using
+the
+.Xr wpa_passphrase 8
+utility.
.It Va eapol_flags
Dynamic WEP key usage for non-WPA mode, specified as a bit field.
Bit 0 (1) forces dynamically generated unicast WEP keys to be used.
@@ -258,6 +263,10 @@
.It Va anonymous_identity
Anonymous identity string for EAP (to be used as the unencrypted identity
with EAP types that support different tunneled identities; e.g.\& EAP-TTLS).
+.It Va mixed_cell
+Configure whether networks that allow both plaintext and encryption
+are allowed when selecting a BSS from the scan results.
+By default this is set to 0 (disabled).
.It Va password
Password string for EAP.
.It Va ca_cert
@@ -511,6 +520,7 @@
.Ed
.Sh SEE ALSO
.Xr wpa_cli 8 ,
+.Xr wpa_passphrase 8 ,
.Xr wpa_supplicant 8
.Sh HISTORY
The
Index: driver_freebsd.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L usr.sbin/wpa/wpa_supplicant/driver_freebsd.c -L usr.sbin/wpa/wpa_supplicant/driver_freebsd.c -u -r1.2 -r1.3
--- usr.sbin/wpa/wpa_supplicant/driver_freebsd.c
+++ usr.sbin/wpa/wpa_supplicant/driver_freebsd.c
@@ -11,7 +11,7 @@
*
* See README and COPYING for more details.
*
- * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v 1.5.2.4 2006/03/24 01:43:18 sam Exp $
+ * $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v 1.14.2.1 2007/11/08 05:52:24 thompsa Exp $
*/
#include <stdlib.h>
@@ -96,7 +96,6 @@
ireq.i_val = arg;
if (ioctl(drv->sock, SIOCS80211, &ireq) < 0) {
- perror("ioctl[SIOCS80211]");
fprintf(stderr, "ioctl[SIOCS80211, op %u, arg 0x%x]: %s\n",
op, arg, strerror(errno));
return -1;
@@ -114,7 +113,6 @@
ireq.i_type = op;
if (ioctl(drv->sock, SIOCG80211, &ireq) < 0) {
- perror("ioctl[SIOCG80211]");
fprintf(stderr, "ioctl[SIOCG80211, op %u]: %s\n",
op, strerror(errno));
return -1;
@@ -319,6 +317,7 @@
wk.ik_flags |= IEEE80211_KEY_DEFAULT;
wk.ik_keylen = key_len;
memcpy(&wk.ik_keyrsc, seq, seq_len);
+ wk.ik_keyrsc = le64toh(wk.ik_keyrsc);
memcpy(wk.ik_keydata, key, key_len);
return set80211var(drv, IEEE80211_IOC_WPAKEY, &wk, sizeof(wk));
@@ -432,6 +431,9 @@
else
authmode = IEEE80211_AUTH_OPEN;
+ wpa_printf(MSG_DEBUG, "%s alg 0x%x authmode %u",
+ __func__, auth_alg, authmode);
+
return set80211param(drv, IEEE80211_IOC_AUTHMODE, authmode);
}
@@ -585,7 +587,7 @@
}
static int
-getmaxrate(uint8_t rates[15], uint8_t nrates)
+getmaxrate(const uint8_t rates[15], uint8_t nrates)
{
int i, maxrate = -1;
@@ -619,8 +621,8 @@
#define min(a,b) ((a)>(b)?(b):(a))
struct wpa_driver_bsd_data *drv = priv;
uint8_t buf[24*1024];
- uint8_t *cp, *vp;
- struct ieee80211req_scan_result *sr;
+ const uint8_t *cp, *vp;
+ const struct ieee80211req_scan_result *sr;
struct wpa_scan_result *wsr;
int len, ielen;
@@ -632,7 +634,7 @@
cp = buf;
wsr = results;
while (len >= sizeof(struct ieee80211req_scan_result)) {
- sr = (struct ieee80211req_scan_result *) cp;
+ sr = (const struct ieee80211req_scan_result *) cp;
memcpy(wsr->bssid, sr->isr_bssid, IEEE80211_ADDR_LEN);
wsr->ssid_len = sr->isr_ssid_len;
wsr->freq = sr->isr_freq;
@@ -641,7 +643,7 @@
wsr->level = 0; /* XXX? */
wsr->caps = sr->isr_capinfo;
wsr->maxrate = getmaxrate(sr->isr_rates, sr->isr_nrates);
- vp = (u_int8_t *)(sr+1);
+ vp = ((u_int8_t *)sr) + sr->isr_ie_off;
memcpy(wsr->ssid, vp, sr->isr_ssid_len);
if (sr->isr_ie_len > 0) {
vp += sr->isr_ssid_len;
@@ -685,6 +687,7 @@
#define GETPARAM(drv, param, v) \
(((v) = get80211param(drv, param)) != -1)
struct wpa_driver_bsd_data *drv;
+ int flags;
drv = malloc(sizeof(*drv));
if (drv == NULL)
@@ -705,15 +708,23 @@
drv->sock = socket(PF_INET, SOCK_DGRAM, 0);
if (drv->sock < 0)
goto fail1;
+ drv->ctx = ctx;
+ strncpy(drv->ifname, ifname, sizeof(drv->ifname));
+
+ /*
+ * Mark the interface as down to ensure wpa_supplicant has exclusive
+ * access to the net80211 state machine, do this before opening the
+ * route socket to avoid a false event that the interface disappeared.
+ */
+ if (getifflags(drv, &flags) == 0)
+ (void) setifflags(drv, flags &~ IFF_UP);
+
drv->route = socket(PF_ROUTE, SOCK_RAW, 0);
if (drv->route < 0)
goto fail;
eloop_register_read_sock(drv->route,
wpa_driver_bsd_event_receive, ctx, drv);
- drv->ctx = ctx;
- strncpy(drv->ifname, ifname, sizeof(drv->ifname));
-
if (!GETPARAM(drv, IEEE80211_IOC_ROAMING, drv->prev_roaming)) {
wpa_printf(MSG_DEBUG, "%s: failed to get roaming state: %s",
__func__, strerror(errno));
More information about the Midnightbsd-cvs
mailing list