diff options
| author | The Android Open Source Project <initial-contribution@android.com> | 2008-10-21 07:00:00 -0700 |
|---|---|---|
| committer | The Android Open Source Project <initial-contribution@android.com> | 2008-10-21 07:00:00 -0700 |
| commit | ef98df019e941b9a51686e89495c16b4ead23140 (patch) | |
| tree | 9987bf3a2592279c7e177fbc030ce5129cc96aef | |
| parent | 10356433b643a2a5266f84a11ed4ac32d8c5c845 (diff) | |
| download | wpa_supplicant-ef98df019e941b9a51686e89495c16b4ead23140.tar.gz | |
Initial Contributionandroid-1.0release-1.0cdma-import
63 files changed, 1520 insertions, 9000 deletions
@@ -0,0 +1,37 @@ +# CONFIG_NO_WPA=y +CONFIG_OS=unix +CONFIG_IEEE8021X_EAPOL=y +CONFIG_EAP_MD5=y +CONFIG_EAP_MSCHAPV2=y +CONFIG_EAP_TLS=y +CONFIG_EAP_PEAP=y +CONFIG_EAP_TTLS=y +CONFIG_EAP_GTC=y +CONFIG_EAP_OTP=y +CONFIG_EAP_SIM=y +CONFIG_EAP_AKA=y +CONFIG_EAP_PSK=y +CONFIG_EAP_SAKE=y +CONFIG_EAP_GPSK=y +CONFIG_EAP_PAX=y +CONFIG_EAP_LEAP=y +# CONFIG_EAP_FAST=y +CONFIG_PKCS12=y +# CONFIG_PCSC=y +CONFIG_SMARTCARD=y +# CONFIG_WIRELESS_EXTENSION=y +CONFIG_CTRL_IFACE=y +# CONFIG_DRIVER_HOSTAP=y +# CONFIG_DRIVER_HERMES=y +# CONFIG_DRIVER_MADWIFI=y +# CONFIG_DRIVER_ATMEL=y +# CONFIG_DRIVER_WEXT=y +# CONFIG_DRIVER_NDISWRAPPER=y +# CONFIG_DRIVER_BROADCOM=y +# CONFIG_DRIVER_IPW=y +# CONFIG_DRIVER_BSD=y +# CONFIG_DRIVER_NDIS=y +# CONFIG_DRIVER_TEST=y +# CONFIG_DRIVER_CUSTOM=y +CONFIG_DEBUG_FILE=y +# CONFIG_INTERNAL_LIBTOMMATH=y diff --git a/.cvsignore b/.cvsignore deleted file mode 100644 index eb007ec..0000000 --- a/.cvsignore +++ /dev/null @@ -1,7 +0,0 @@ -*.d -.config -eapol_test -preauth_test -wpa_cli -wpa_passphrase -wpa_supplicant diff --git a/Android.mk b/Android.mk new file mode 100644 index 0000000..8cde04b --- /dev/null +++ b/Android.mk @@ -0,0 +1,701 @@ +LOCAL_PATH := $(call my-dir) +WPA_BUILD_SUPPLICANT := false +ifeq ($(HAVE_CUSTOM_WIFI_DRIVER_0),true) +WPA_BUILD_SUPPLICANT := true +CONFIG_DRIVER_CUSTOM=y +endif +ifeq ($(HAVE_CUSTOM_WIFI_DRIVER_1),true) +WPA_BUILD_SUPPLICANT := true +CONFIG_DRIVER_CUSTOM=y +endif +ifeq ($(HAVE_CUSTOM_WIFI_DRIVER_2),true) +WPA_BUILD_SUPPLICANT := true +CONFIG_DRIVER_CUSTOM=y +endif + +include $(LOCAL_PATH)/.config + +# To force sizeof(enum) = 4 +ifneq ($(TARGET_SIMULATOR),true) +L_CFLAGS += -mabi=aapcs-linux +endif + +# To ignore possible wrong network configurations +L_CFLAGS += -DWPA_IGNORE_CONFIG_ERRORS + +INCLUDES = external/openssl/include + +OBJS = config.c common.c md5.c md4.c rc4.c sha1.c des.c if_index.c +OBJS_p = wpa_passphrase.c sha1.c md5.c md4.c common.c des.c +OBJS_c = wpa_cli.c wpa_ctrl.c + +ifndef CONFIG_OS +ifdef CONFIG_NATIVE_WINDOWS +CONFIG_OS=win32 +else +CONFIG_OS=unix +endif +endif + +OBJS += os_$(CONFIG_OS).c +OBJS_p += os_$(CONFIG_OS).c +OBJS_c += os_$(CONFIG_OS).c + +ifndef CONFIG_ELOOP +CONFIG_ELOOP=eloop +endif +OBJS += $(CONFIG_ELOOP).c + + +ifdef CONFIG_EAPOL_TEST +L_CFLAGS += -Werror -DEAPOL_TEST +endif + +ifndef CONFIG_BACKEND +CONFIG_BACKEND=file +endif + +ifeq ($(CONFIG_BACKEND), file) +OBJS += config_file.c base64.c +L_CFLAGS += -DCONFIG_BACKEND_FILE +endif + +ifeq ($(CONFIG_BACKEND), winreg) +OBJS += config_winreg.c +endif + +ifeq ($(CONFIG_BACKEND), none) +OBJS += config_none.c +endif + +ifdef CONFIG_DRIVER_HOSTAP +L_CFLAGS += -DCONFIG_DRIVER_HOSTAP +OBJS_d += driver_hostap.c +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_WEXT +L_CFLAGS += -DCONFIG_DRIVER_WEXT +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_PRISM54 +L_CFLAGS += -DCONFIG_DRIVER_PRISM54 +OBJS_d += driver_prism54.c +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_HERMES +L_CFLAGS += -DCONFIG_DRIVER_HERMES +OBJS_d += driver_hermes.c +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_MADWIFI +L_CFLAGS += -DCONFIG_DRIVER_MADWIFI +OBJS_d += driver_madwifi.c +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_ATMEL +L_CFLAGS += -DCONFIG_DRIVER_ATMEL +OBJS_d += driver_atmel.c +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_NDISWRAPPER +L_CFLAGS += -DCONFIG_DRIVER_NDISWRAPPER +OBJS_d += driver_ndiswrapper.c +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_BROADCOM +L_CFLAGS += -DCONFIG_DRIVER_BROADCOM +OBJS_d += driver_broadcom.c +endif + +ifdef CONFIG_DRIVER_IPW +L_CFLAGS += -DCONFIG_DRIVER_IPW +OBJS_d += driver_ipw.c +CONFIG_WIRELESS_EXTENSION=y +endif + +ifdef CONFIG_DRIVER_BSD +L_CFLAGS += -DCONFIG_DRIVER_BSD +OBJS_d += driver_bsd.c +ifndef CONFIG_L2_PACKET +CONFIG_L2_PACKET=freebsd +endif +endif + +ifdef CONFIG_DRIVER_NDIS +L_CFLAGS += -DCONFIG_DRIVER_NDIS +OBJS_d += driver_ndis.c driver_ndis_.c +ifndef CONFIG_L2_PACKET +CONFIG_L2_PACKET=pcap +endif +CONFIG_WINPCAP=y +ifdef CONFIG_USE_NDISUIO +L_CFLAGS += -DCONFIG_USE_NDISUIO +endif +endif + +ifdef CONFIG_DRIVER_WIRED +L_CFLAGS += -DCONFIG_DRIVER_WIRED +OBJS_d += driver_wired.c +endif + +ifdef CONFIG_DRIVER_TEST +L_CFLAGS += -DCONFIG_DRIVER_TEST +OBJS_d += driver_test.c +endif + +ifdef CONFIG_DRIVER_CUSTOM +L_CFLAGS += -DCONFIG_DRIVER_CUSTOM +endif + +ifndef CONFIG_L2_PACKET +CONFIG_L2_PACKET=linux +endif + +OBJS += l2_packet_$(CONFIG_L2_PACKET).c + +ifeq ($(CONFIG_L2_PACKET), pcap) +ifdef CONFIG_WINPCAP +L_CFLAGS += -DCONFIG_WINPCAP +LIBS += -lwpcap -lpacket +LIBS_w += -lwpcap +else +LIBS += -ldnet -lpcap +endif +endif + +ifeq ($(CONFIG_L2_PACKET), winpcap) +LIBS += -lwpcap -lpacket +LIBS_w += -lwpcap +endif + +ifeq ($(CONFIG_L2_PACKET), freebsd) +LIBS += -lpcap +endif + +ifdef CONFIG_EAP_TLS +# EAP-TLS +L_CFLAGS += -DEAP_TLS +OBJS += eap_tls.c +TLS_FUNCS=y +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_PEAP +# EAP-PEAP +L_CFLAGS += -DEAP_PEAP +OBJS += eap_peap.c +TLS_FUNCS=y +CONFIG_IEEE8021X_EAPOL=y +CONFIG_EAP_TLV=y +endif + +ifdef CONFIG_EAP_TTLS +# EAP-TTLS +L_CFLAGS += -DEAP_TTLS +OBJS += eap_ttls.c +MS_FUNCS=y +TLS_FUNCS=y +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_MD5 +# EAP-MD5 (also used by EAP-TTLS) +L_CFLAGS += -DEAP_MD5 +OBJS += eap_md5.c +CONFIG_IEEE8021X_EAPOL=y +endif + +# backwards compatibility for old spelling +ifdef CONFIG_MSCHAPV2 +ifndef CONFIG_EAP_MSCHAPV2 +CONFIG_EAP_MSCHAPV2=y +endif +endif + +ifdef CONFIG_EAP_MSCHAPV2 +# EAP-MSCHAPv2 (also used by EAP-PEAP) +L_CFLAGS += -DEAP_MSCHAPv2 +OBJS += eap_mschapv2.c +MS_FUNCS=y +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_GTC +# EAP-GTC (also used by EAP-PEAP) +L_CFLAGS += -DEAP_GTC +OBJS += eap_gtc.c +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_OTP +# EAP-OTP +L_CFLAGS += -DEAP_OTP +OBJS += eap_otp.c +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_SIM +# EAP-SIM +L_CFLAGS += -DEAP_SIM +OBJS += eap_sim.c +CONFIG_IEEE8021X_EAPOL=y +CONFIG_EAP_SIM_COMMON=y +endif + +ifdef CONFIG_EAP_LEAP +# EAP-LEAP +L_CFLAGS += -DEAP_LEAP +OBJS += eap_leap.c +MS_FUNCS=y +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_PSK +# EAP-PSK +L_CFLAGS += -DEAP_PSK +OBJS += eap_psk.c eap_psk_common.c +CONFIG_IEEE8021X_EAPOL=y +NEED_AES=y +endif + +ifdef CONFIG_EAP_AKA +# EAP-AKA +L_CFLAGS += -DEAP_AKA +OBJS += eap_aka.c +CONFIG_IEEE8021X_EAPOL=y +CONFIG_EAP_SIM_COMMON=y +endif + +ifdef CONFIG_EAP_SIM_COMMON +OBJS += eap_sim_common.c +NEED_AES=y +endif + +ifdef CONFIG_EAP_TLV +# EAP-TLV +L_CFLAGS += -DEAP_TLV +OBJS += eap_tlv.c +endif + +ifdef CONFIG_EAP_FAST +# EAP-FAST +L_CFLAGS += -DEAP_FAST +OBJS += eap_fast.c +TLS_FUNCS=y +endif + +ifdef CONFIG_EAP_PAX +# EAP-PAX +L_CFLAGS += -DEAP_PAX +OBJS += eap_pax.c eap_pax_common.c +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_SAKE +# EAP-SAKE +L_CFLAGS += -DEAP_SAKE +OBJS += eap_sake.c eap_sake_common.c +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_EAP_GPSK +# EAP-GPSK +L_CFLAGS += -DEAP_GPSK +OBJS += eap_gpsk.c eap_gpsk_common.c +CONFIG_IEEE8021X_EAPOL=y +ifdef CONFIG_EAP_GPSK_SHA256 +L_CFLAGS += -DEAP_GPSK_SHA256 +NEED_SHA256=y +endif +endif +ifdef CONFIG_EAP_VENDOR_TEST +L_CFLAGS += -DEAP_VENDOR_TEST +OBJS += eap_vendor_test.c +CONFIG_IEEE8021X_EAPOL=y +endif + +ifdef CONFIG_IEEE8021X_EAPOL +# IEEE 802.1X/EAPOL state machines (e.g., for RADIUS authentication) +L_CFLAGS += -DIEEE8021X_EAPOL +OBJS += eapol_sm.c eap.c eap_methods.c +endif + +ifdef CONFIG_PCSC +# PC/SC interface for smartcards (USIM, GSM SIM) +L_CFLAGS += -DPCSC_FUNCS -I/usr/include/PCSC +OBJS += pcsc_funcs.c +# -lpthread may not be needed depending on how pcsc-lite was configured +ifdef CONFIG_NATIVE_WINDOWS +#Once MinGW gets support for WinScard, -lwinscard could be used instead of the +#dynamic symbol loading that is now used in pcsc_funcs.c +#LIBS += -lwinscard +else +LIBS += -lpcsclite -lpthread +endif +endif + +ifndef CONFIG_TLS +CONFIG_TLS=openssl +# CONFIG_TLS=internal +endif + +ifeq ($(CONFIG_TLS), internal) +ifndef CONFIG_CRYPTO +CONFIG_CRYPTO=internal +endif +endif +ifeq ($(CONFIG_CRYPTO), libtomcrypt) +L_CFLAGS += -DCONFIG_INTERNAL_X509 +endif +ifeq ($(CONFIG_CRYPTO), internal) +L_CFLAGS += -DCONFIG_INTERNAL_X509 +endif + + +ifdef TLS_FUNCS +# Shared TLS functions (needed for EAP_TLS, EAP_PEAP, EAP_TTLS, and EAP_FAST) +L_CFLAGS += -DEAP_TLS_FUNCS +OBJS += eap_tls_common.c +ifeq ($(CONFIG_TLS), openssl) +L_CFLAGS += -DEAP_TLS_OPENSSL +OBJS += tls_openssl.c +LIBS += -lssl -lcrypto +LIBS_p += -lcrypto +endif +ifeq ($(CONFIG_TLS), gnutls) +OBJS += tls_gnutls.c +LIBS += -lgnutls -lgcrypt -lgpg-error +LIBS_p += -lgcrypt +ifdef CONFIG_GNUTLS_EXTRA +L_CFLAGS += -DCONFIG_GNUTLS_EXTRA +LIBS += -lgnutls-extra +endif +endif +ifeq ($(CONFIG_TLS), schannel) +OBJS += tls_schannel.c +endif +ifeq ($(CONFIG_TLS), internal) +OBJS += tls_internal.c tlsv1_common.c tlsv1_client.c asn1.c x509v3.c +OBJS_p += asn1.c rc4.c aes_wrap.c +ifneq ($(CONFIG_BACKEND), file) +OBJS += base64.c +endif +L_CFLAGS += -DCONFIG_TLS_INTERNAL +ifeq ($(CONFIG_CRYPTO), internal) +ifdef CONFIG_INTERNAL_LIBTOMMATH +L_CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH +else +LIBS += -ltommath +LIBS_p += -ltommath +endif +endif +ifeq ($(CONFIG_CRYPTO), libtomcrypt) +LIBS += -ltomcrypt -ltfm +LIBS_p += -ltomcrypt -ltfm +endif +endif +ifeq ($(CONFIG_TLS), none) +OBJS += tls_none.c +L_CFLAGS += -DEAP_TLS_NONE +CONFIG_INTERNAL_AES=y +CONFIG_INTERNAL_SHA1=y +CONFIG_INTERNAL_MD5=y +CONFIG_INTERNAL_SHA256=y +endif +ifdef CONFIG_SMARTCARD +ifndef CONFIG_NATIVE_WINDOWS +ifneq ($(CONFIG_L2_PACKET), freebsd) +LIBS += -ldl +endif +endif +endif +NEED_CRYPTO=y +else +OBJS += tls_none.c +endif + +ifdef CONFIG_PKCS12 +L_CFLAGS += -DPKCS12_FUNCS +endif + +ifdef CONFIG_SMARTCARD +L_CFLAGS += -DCONFIG_SMARTCARD +endif + +ifdef MS_FUNCS +OBJS += ms_funcs.c +NEED_CRYPTO=y +endif + +ifdef NEED_CRYPTO +ifndef TLS_FUNCS +ifeq ($(CONFIG_TLS), openssl) +LIBS += -lcrypto +LIBS_p += -lcrypto +endif +ifeq ($(CONFIG_TLS), gnutls) +LIBS += -lgcrypt +LIBS_p += -lgcrypt +endif +ifeq ($(CONFIG_TLS), schannel) +endif +ifeq ($(CONFIG_TLS), internal) +ifeq ($(CONFIG_CRYPTO), libtomcrypt) +LIBS += -ltomcrypt -ltfm +LIBS_p += -ltomcrypt -ltfm +endif +endif +endif +ifeq ($(CONFIG_TLS), openssl) +OBJS += crypto.c +OBJS_p += crypto.c +CONFIG_INTERNAL_SHA256=y +endif +ifeq ($(CONFIG_TLS), gnutls) +OBJS += crypto_gnutls.c +OBJS_p += crypto_gnutls.c +CONFIG_INTERNAL_SHA256=y +endif +ifeq ($(CONFIG_TLS), schannel) +OBJS += crypto_cryptoapi.c +OBJS_p += crypto_cryptoapi.c +CONFIG_INTERNAL_SHA256=y +endif +ifeq ($(CONFIG_TLS), internal) +ifeq ($(CONFIG_CRYPTO), libtomcrypt) +OBJS += crypto_libtomcrypt.c +OBJS_p += crypto_libtomcrypt.c +CONFIG_INTERNAL_SHA256=y +endif +ifeq ($(CONFIG_CRYPTO), internal) +OBJS += crypto_internal.c rsa.c bignum.c +OBJS_p += crypto_internal.c rsa.c bignum.c +L_CFLAGS += -DCONFIG_CRYPTO_INTERNAL +CONFIG_INTERNAL_AES=y +CONFIG_INTERNAL_DES=y +CONFIG_INTERNAL_SHA1=y +CONFIG_INTERNAL_MD4=y +CONFIG_INTERNAL_MD5=y +CONFIG_INTERNAL_SHA256=y +endif +ifeq ($(CONFIG_CRYPTO), cryptoapi) +OBJS += crypto_cryptoapi.c +OBJS_p += crypto_cryptoapi.c +L_CFLAGS += -DCONFIG_CRYPTO_CRYPTOAPI +CONFIG_INTERNAL_SHA256=y +endif +endif +ifeq ($(CONFIG_TLS), none) +OBJS += crypto_none.c +OBJS_p += crypto_none.c +CONFIG_INTERNAL_SHA256=y +endif +else +CONFIG_INTERNAL_AES=y +CONFIG_INTERNAL_SHA1=y +CONFIG_INTERNAL_MD5=y +endif + +ifdef CONFIG_INTERNAL_AES +L_CFLAGS += -DINTERNAL_AES +endif +ifdef CONFIG_INTERNAL_SHA1 +L_CFLAGS += -DINTERNAL_SHA1 +endif +ifdef CONFIG_INTERNAL_SHA256 +L_CFLAGS += -DINTERNAL_SHA256 +endif +ifdef CONFIG_INTERNAL_MD5 +L_CFLAGS += -DINTERNAL_MD5 +endif +ifdef CONFIG_INTERNAL_MD4 +L_CFLAGS += -DINTERNAL_MD4 +endif +ifdef CONFIG_INTERNAL_DES +L_CFLAGS += -DINTERNAL_DES +endif + +ifdef NEED_SHA256 +OBJS += sha256.c +endif + +ifdef CONFIG_WIRELESS_EXTENSION +L_CFLAGS += -DCONFIG_WIRELESS_EXTENSION +OBJS_d += driver_wext.c +endif + +ifdef CONFIG_CTRL_IFACE +ifeq ($(CONFIG_CTRL_IFACE), y) +ifdef CONFIG_NATIVE_WINDOWS +CONFIG_CTRL_IFACE=udp +else +CONFIG_CTRL_IFACE=unix +endif +endif +L_CFLAGS += -DCONFIG_CTRL_IFACE +ifeq ($(CONFIG_CTRL_IFACE), udp) +L_CFLAGS += -DCONFIG_CTRL_IFACE_UDP +else +L_CFLAGS += -DCONFIG_CTRL_IFACE_UNIX +endif +OBJS += ctrl_iface.c ctrl_iface_$(CONFIG_CTRL_IFACE).c +endif + +ifdef CONFIG_READLINE +L_CFLAGS += -DCONFIG_READLINE +LIBS_c += -lncurses -lreadline +endif + +ifdef CONFIG_NATIVE_WINDOWS +L_CFLAGS += -DCONFIG_NATIVE_WINDOWS +LIBS += -lws2_32 -lgdi32 -lcrypt32 +LIBS_c += -lws2_32 +LIBS_p += -lws2_32 +ifeq ($(CONFIG_CRYPTO), cryptoapi) +LIBS_p += -lcrypt32 +endif +endif + +ifdef CONFIG_NO_STDOUT_DEBUG +L_CFLAGS += -DCONFIG_NO_STDOUT_DEBUG +ifndef CONFIG_CTRL_IFACE +CFLAGS += -DCONFIG_NO_WPA_MSG +endif +endif + +ifdef CONFIG_IPV6 +# for eapol_test only +L_CFLAGS += -DCONFIG_IPV6 +endif + +ifdef CONFIG_PEERKEY +L_CFLAGS += -DCONFIG_PEERKEY +endif + +ifdef CONFIG_IEEE80211W +L_CFLAGS += -DCONFIG_IEEE80211W +NEED_SHA256=y +endif + +ifndef CONFIG_NO_WPA +OBJS += wpa.c preauth.c pmksa_cache.c +NEED_AES=y +else +L_CFLAGS += -DCONFIG_NO_WPA -DCONFIG_NO_WPA2 +endif + +ifdef CONFIG_NO_WPA2 +L_CFLAGS += -DCONFIG_NO_WPA2 +endif + +ifdef CONFIG_NO_AES_EXTRAS +L_CFLAGS += -DCONFIG_NO_AES_WRAP +L_CFLAGS += -DCONFIG_NO_AES_CTR -DCONFIG_NO_AES_OMAC1 +L_CFLAGS += -DCONFIG_NO_AES_EAX -DCONFIG_NO_AES_CBC +endif + +ifdef NEED_AES +OBJS += aes_wrap.c +endif + +ifdef CONFIG_CLIENT_MLME +OBJS += mlme.c +L_CFLAGS += -DCONFIG_CLIENT_MLME +endif + +ifndef CONFIG_MAIN +CONFIG_MAIN=main +endif + +ifdef CONFIG_DEBUG_FILE +L_CFLAGS += -DCONFIG_DEBUG_FILE +endif + +OBJS += wpa_supplicant.c events.c +OBJS_t := $(OBJS) eapol_test.c radius.c radius_client.c +OBJS_t2 := $(OBJS) preauth_test.c +OBJS += $(CONFIG_MAIN).c drivers.c $(OBJS_d) + +ifdef CONFIG_NDIS_EVENTS_INTEGRATED +L_CFLAGS += -DCONFIG_NDIS_EVENTS_INTEGRATED +OBJS += ndis_events.c +EXTRALIBS += -loleaut32 -lole32 -luuid +ifdef PLATFORMSDKLIB +EXTRALIBS += $(PLATFORMSDKLIB)/WbemUuid.Lib +else +EXTRALIBS += WbemUuid.Lib +endif +endif + +ifneq ($(TARGET_SIMULATOR),true) +ifeq ($(WPA_BUILD_SUPPLICANT),true) + +######################## + +include $(CLEAR_VARS) +LOCAL_MODULE := wpa_cli +LOCAL_SHARED_LIBRARIES := libc libcutils +LOCAL_CFLAGS := $(L_CFLAGS) +LOCAL_SRC_FILES := $(OBJS_c) +LOCAL_C_INCLUDES := $(INCLUDES) +include $(BUILD_EXECUTABLE) + +######################## +include $(CLEAR_VARS) +LOCAL_MODULE := wpa_supplicant +ifdef CONFIG_DRIVER_CUSTOM +LOCAL_STATIC_LIBRARIES := libCustomWifi libWifiApi +endif +LOCAL_SHARED_LIBRARIES := libc libcrypto libssl +LOCAL_CFLAGS := $(L_CFLAGS) +LOCAL_SRC_FILES := $(OBJS) +LOCAL_C_INCLUDES := $(INCLUDES) +include $(BUILD_EXECUTABLE) + +######################## +# +#include $(CLEAR_VARS) +#LOCAL_MODULE := eapol_test +#ifdef CONFIG_DRIVER_CUSTOM +#LOCAL_STATIC_LIBRARIES := libCustomWifi +#endif +#LOCAL_SHARED_LIBRARIES := libc libcrypto libssl +#LOCAL_CFLAGS := $(L_CFLAGS) +#LOCAL_SRC_FILES := $(OBJS_t) +#LOCAL_C_INCLUDES := $(INCLUDES) +#include $(BUILD_EXECUTABLE) +# +######################## + +local_target_dir := $(TARGET_OUT)/etc/wifi + +include $(CLEAR_VARS) +LOCAL_MODULE := wpa_supplicant.conf +LOCAL_MODULE_TAGS := user development +LOCAL_MODULE_CLASS := ETC +LOCAL_MODULE_PATH := $(local_target_dir) +LOCAL_SRC_FILES := $(LOCAL_MODULE) +include $(BUILD_PREBUILT) + +######################## + +endif # ifeq ($(WPA_BUILD_SUPPLICANT),true) + +endif # ifneq ($(TARGET_SIMULATOR),true) + +include $(CLEAR_VARS) +LOCAL_MODULE = libwpa_client +LOCAL_CFLAGS = $(L_CFLAGS) +LOCAL_SRC_FILES = wpa_ctrl.c os_unix.c +LOCAL_C_INCLUDES = $(INCLUDES) +LOCAL_SHARED_LIBRARIES := libcutils +LOCAL_COPY_HEADERS_TO := libwpa_client +LOCAL_COPY_HEADERS := wpa_ctrl.h +include $(BUILD_SHARED_LIBRARY) diff --git a/MODULE_LICENSE_BSD_LIKE b/MODULE_LICENSE_BSD_LIKE new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/MODULE_LICENSE_BSD_LIKE @@ -0,0 +1,61 @@ +WPA Supplicant +============== + +Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> and contributors +All Rights Reserved. + +This program is dual-licensed under both the GPL version 2 and BSD +license. Either license may be used at your option. + + + +License +------- + +GPL v2: + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License version 2 as +published by the Free Software Foundation. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +(this copy of the license is in COPYING file) + + +Alternatively, this software may be distributed, used, and modified +under the terms of BSD license: + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name(s) of the above-listed copyright holder(s) nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/README-Windows.txt b/README-Windows.txt deleted file mode 100644 index e0436c8..0000000 --- a/README-Windows.txt +++ /dev/null @@ -1,431 +0,0 @@ -wpa_supplicant for Windows -========================== - -Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> and -contributors -All Rights Reserved. - -This program is dual-licensed under both the GPL version 2 and BSD -license. Either license may be used at your option. - -This product includes software developed by the OpenSSL Project -for use in the OpenSSL Toolkit (http://www.openssl.org/) - - -wpa_supplicant has support for being used as a WPA/WPA2/IEEE 802.1X -Supplicant on Windows. The current port requires that WinPcap -(http://winpcap.polito.it/) is installed for accessing packets and the -driver interface. Both release versions 3.0 and 3.1 are supported. - -The current port is still somewhat experimental. It has been tested -mainly on Windows XP (SP2) with limited set of NDIS drivers. In -addition, the current version has been reported to work with Windows -2000. - -All security modes have been verified to work (at least complete -authentication and successfully ping a wired host): -- plaintext -- static WEP / open system authentication -- static WEP / shared key authentication -- IEEE 802.1X with dynamic WEP keys -- WPA-PSK, TKIP, CCMP, TKIP+CCMP -- WPA-EAP, TKIP, CCMP, TKIP+CCMP -- WPA2-PSK, TKIP, CCMP, TKIP+CCMP -- WPA2-EAP, TKIP, CCMP, TKIP+CCMP - - -Binary version --------------- - -Compiled binary version of the wpa_supplicant and additional tools is -available from http://hostap.epitest.fi/wpa_supplicant/. These -binaries can be used after installing WinPcap. - - -Building wpa_supplicant with mingw ----------------------------------- - -The default build setup for wpa_supplicant is to use MinGW and -cross-compiling from Linux to MinGW/Windows. It should also be -possible to build this under Windows using the MinGW tools, but that -is not tested nor supported and is likely to require some changes to -the Makefile unless cygwin is used. - - -Building wpa_supplicant with MSVC ---------------------------------- - -wpa_supplicant can be built with Microsoft Visual C++ compiler. This -has been tested with Microsoft Visual C++ Toolkit 2003 and Visual -Studio 2005 using the included nmake.mak as a Makefile for nmake. IDE -can also be used by creating a project that includes the files and -defines mentioned in nmake.mak. Example VS2005 solution and project -files are included in vs2005 subdirectory. This can be used as a -starting point for building the programs with VS2005 IDE. - -WinPcap development package is needed for the build and this can be -downloaded from http://www.winpcap.org/install/bin/WpdPack_3_1.zip. The -default nmake.mak expects this to be unpacked into C:\dev\WpdPack so -that Include and Lib directories are in this directory. The files can be -stored elsewhere as long as the WINPCAPDIR in nmake.mak is updated to -match with the selected directory. In case a project file in the IDE is -used, these Include and Lib directories need to be added to project -properties as additional include/library directories. - -OpenSSL source package can be downloaded from -http://www.openssl.org/source/openssl-0.9.8b.tar.gz and built and -installed following instructions in INSTALL.W32. Note that if EAP-FAST -support will be included in the wpa_supplicant, OpenSSL needs to be -patched to# support it openssl-tls-extensions.patch. The example -nmake.mak file expects OpenSSL to be installed into C:\dev\openssl, but -this directory can be modified by changing OPENSSLDIR variable in -nmake.mak. - -If you do not need EAP-FAST support, you may also be able to use Win32 -binary installation package of OpenSSL from -http://www.slproweb.com/products/Win32OpenSSL.html instead of building -the library yourself. In this case, you will need to copy Include and -Lib directories in suitable directory, e.g., C:\dev\openssl for the -default nmake.mak. Copy {Win32OpenSSLRoot}\include into -C:\dev\openssl\include and make C:\dev\openssl\lib subdirectory with -files from {Win32OpenSSLRoot}\VC (i.e., libeay*.lib and ssleay*.lib). -This will end up using dynamically linked OpenSSL (i.e., .dll files are -needed) for it. Alternative, you can copy files from -{Win32OpenSSLRoot}\VC\static to create a static build (no OpenSSL .dll -files needed). - - -Building wpa_supplicant for cygwin ----------------------------------- - -wpa_supplicant can be built for cygwin by installing the needed -development packages for cygwin. This includes things like compiler, -make, openssl development package, etc. In addition, developer's pack -for WinPcap (WPdpack.zip) from -http://winpcap.polito.it/install/default.htm is needed. - -.config file should enable only one driver interface, -CONFIG_DRIVER_NDIS. In addition, include directories may need to be -added to match the system. An example configuration is available in -defconfig. The library and include files for WinPcap will either need -to be installed in compiler/linker default directories or their -location will need to be adding to .config when building -wpa_supplicant. - -Othen than this, the build should be more or less identical to Linux -version, i.e., just run make after having created .config file. An -additional tool, win_if_list.exe, can be built by running "make -win_if_list". - - -Building wpa_gui ----------------- - -wpa_gui uses Qt application framework from Trolltech. It can be built -with the open source version of Qt4 and MinGW. Following commands can -be used to build the binary in the Qt 4 Command Prompt: - -# go to the root directory of wpa_supplicant source code -cd wpa_gui-qt4 -qmake -o Makefile wpa_gui.pro -make -# the wpa_gui.exe binary is created into 'release' subdirectory - - -Using wpa_supplicant for Windows --------------------------------- - -wpa_supplicant and wpa_cli behave more or less identically to Linux -version, so instructions in README and example wpa_supplicant.conf -should be applicable for most parts. In addition, there is another -version of wpa_supplicant, wpasvc.exe, which can be used as a Windows -service and which reads its configuration from registry instead of -text file. - -When using access points in "hidden SSID" mode, ap_scan=2 mode need to -be used (see wpa_supplicant.conf for more information). - -Windows NDIS/WinPcap uses quite long interface names, so some care -will be needed when starting wpa_supplicant. Alternatively, the -adapter description can be used as the interface name which may be -easier since it is usually in more human-readable -format. win_if_list.exe can be used to find out the proper interface -name. - -Example steps in starting up wpa_supplicant: - -# win_if_list.exe -ifname: \Device\NPF_GenericNdisWanAdapter -description: Generic NdisWan adapter - -ifname: \Device\NPF_{769E012B-FD17-4935-A5E3-8090C38E25D2} -description: Atheros Wireless Network Adapter (Microsoft's Packet Scheduler) - -ifname: \Device\NPF_{732546E7-E26C-48E3-9871-7537B020A211} -description: Intel 8255x-based Integrated Fast Ethernet (Microsoft's Packet Scheduler) - - -Since the example configuration used Atheros WLAN card, the middle one -is the correct interface in this case. The interface name for -i -command line option is the full string following "ifname:" (the -"\Device\NPF_" prefix can be removed). In other words, wpa_supplicant -would be started with the following command: - -# wpa_supplicant.exe -i'{769E012B-FD17-4935-A5E3-8090C38E25D2}' -c wpa_supplicant.conf -d - --d optional enables some more debugging (use -dd for even more, if -needed). It can be left out if debugging information is not needed. - -With the alternative mechanism for selecting the interface, this -command has identical results in this case: - -# wpa_supplicant.exe -iAtheros -c wpa_supplicant.conf -d - - -Simple configuration example for WPA-PSK: - -#ap_scan=2 -ctrl_interface= -network={ - ssid="test" - key_mgmt=WPA-PSK - proto=WPA - pairwise=TKIP - psk="secret passphrase" -} - -(remove '#' from the comment out ap_scan line to enable mode in which -wpa_supplicant tries to associate with the SSID without doing -scanning; this allows APs with hidden SSIDs to be used) - - -wpa_cli.exe and wpa_gui.exe can be used to interact with the -wpa_supplicant.exe program in the same way as with Linux. Note that -ctrl_interface is using UNIX domain sockets when built for cygwin, but -the native build for Windows uses named pipes and the contents of the -ctrl_interface configuration item is used to control access to the -interface. Anyway, this variable has to be included in the configuration -to enable the control interface. - - -Example SDDL string formats: - -(local admins group has permission, but nobody else): - -ctrl_interface=SDDL=D:(A;;GA;;;BA) - -("A" == "access allowed", "GA" == GENERIC_ALL == all permissions, and -"BA" == "builtin administrators" == the local admins. The empty fields -are for flags and object GUIDs, none of which should be required in this -case.) - -(local admins and the local "power users" group have permissions, -but nobody else): - -ctrl_interface=SDDL=D:(A;;GA;;;BA)(A;;GA;;;PU) - -(One ACCESS_ALLOWED ACE for GENERIC_ALL for builtin administrators, and -one ACCESS_ALLOWED ACE for GENERIC_ALL for power users.) - -(close to wide open, but you have to be a valid user on -the machine): - -ctrl_interface=SDDL=D:(A;;GA;;;AU) - -(One ACCESS_ALLOWED ACE for GENERIC_ALL for the "authenticated users" -group.) - -This one would allow absolutely everyone (including anonymous -users) -- this is *not* recommended, since named pipes can be attached -to from anywhere on the network (i.e. there's no "this machine only" -like there is with 127.0.0.1 sockets): - -ctrl_interface=SDDL=D:(A;;GA;;;BU)(A;;GA;;;AN) - -(BU == "builtin users", "AN" == "anonymous") - -See also [1] for the format of ACEs, and [2] for the possible strings -that can be used for principal names. - -[1] -http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/ace_strings.asp -[2] -http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/sid_strings.asp - - -Starting wpa_supplicant as a Windows service (wpasvc.exe) ---------------------------------------------------------- - -wpa_supplicant can be started as a Windows service by using wpasvc.exe -program that is alternative build of wpa_supplicant.exe. Most of the -core functionality of wpasvc.exe is identical to wpa_supplicant.exe, -but it is using Windows registry for configuration information instead -of a text file and command line parameters. In addition, it can be -registered as a service that can be started automatically or manually -like any other Windows service. - -The root of wpa_supplicant configuration in registry is -HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant. This level includes global -parameters and a 'interfaces' subkey with all the interface configuration -(adapter to confname mapping). Each such mapping is a subkey that has -'adapter', 'config', and 'ctrl_interface' values. - -This program can be run either as a normal command line application, -e.g., for debugging, with 'wpasvc.exe app' or as a Windows service. -Service need to be registered with 'wpasvc.exe reg <full path to -wpasvc.exe>'. Alternatively, 'wpasvc.exe reg' can be used to register -the service with the current location of wpasvc.exe. After this, wpasvc -can be started like any other Windows service (e.g., 'net start wpasvc') -or it can be configured to start automatically through the Services tool -in administrative tasks. The service can be unregistered with -'wpasvc.exe unreg'. - -If the service is set to start during system bootup to make the -network connection available before any user has logged in, there may -be a long (half a minute or so) delay in starting up wpa_supplicant -due to WinPcap needing a driver called "Network Monitor Driver" which -is started by default on demand. - -To speed up wpa_supplicant start during system bootup, "Network -Monitor Driver" can be configured to be started sooner by setting its -startup type to System instead of the default Demand. To do this, open -up Device Manager, select Show Hidden Devices, expand the "Non -Plug-and-Play devices" branch, double click "Network Monitor Driver", -go to the Driver tab, and change the Demand setting to System instead. - -Configuration data is in HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs -key. Each configuration profile has its own key under this. In terms of text -files, each profile would map to a separate text file with possibly multiple -networks. Under each profile, there is a networks key that lists all -networks as a subkey. Each network has set of values in the same way as -network block in the configuration file. In addition, blobs subkey has -possible blobs as values. - -HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test\networks\0000 - ssid="example" - key_mgmt=WPA-PSK - -See win_example.reg for an example on how to setup wpasvc.exe -parameters in registry. It can also be imported to registry as a -starting point for the configuration. - - - -License information for third party software used in this product: - - OpenSSL License - --------------- - -/* ==================================================================== - * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - Original SSLeay License - ----------------------- - -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ @@ -486,7 +486,9 @@ TCHAR * wpa_strdup_tchar(const char *str); const char * wpa_ssid_txt(u8 *ssid, size_t ssid_len); +#ifndef ANDROID typedef u32 __be32; typedef u64 __be64; +#endif /* Dm: */ #endif /* COMMON_H */ diff --git a/config_file.c b/config_file.c index 757a1b8..e5f2e59 100644 --- a/config_file.c +++ b/config_file.c @@ -265,7 +265,9 @@ struct wpa_config * wpa_config_read(const char *name) if (ssid == NULL) { wpa_printf(MSG_ERROR, "Line %d: failed to " "parse network block.", line); +#ifndef WPA_IGNORE_CONFIG_ERRORS errors++; +#endif continue; } if (head == NULL) { @@ -403,12 +405,13 @@ struct wpa_config * wpa_config_read(const char *name) config->ssid = head; wpa_config_debug_dump_networks(config); +#ifndef WPA_IGNORE_CONFIG_ERRORS if (errors) { wpa_config_free(config); config = NULL; head = NULL; } - +#endif return config; } diff --git a/ctrl_iface.c b/ctrl_iface.c index c84a9f9..653d89b 100644 --- a/ctrl_iface.c +++ b/ctrl_iface.c @@ -312,6 +312,61 @@ static int wpa_supplicant_ctrl_iface_bssid(struct wpa_supplicant *wpa_s, return 0; } +#ifdef ANDROID +static int wpa_supplicant_ctrl_iface_blacklist( + struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen) +{ + struct wpa_ssid *ssid; + u8 bssid[ETH_ALEN]; + struct wpa_blacklist *e; + char *pos, *end; + int ret; + + /* cmd: "BLACKLIST [<BSSID>]" */ + if (*cmd == '\0') { + pos = buf; + end = buf + buflen; + + e = wpa_s->blacklist; + while (e) { + ret = os_snprintf(pos, end-pos, + "%02x:%02x:%02x:%02x:%02x:%02x\n", + e->bssid[0], + e->bssid[1], + e->bssid[2], + e->bssid[3], + e->bssid[4], + e->bssid[5]); + if (ret < 0 || ret >= end - pos) + return pos - buf; + pos += ret; + e = e->next; + } + return pos - buf; + } + wpa_printf(MSG_DEBUG, "CTRL_IFACE: bssid='%s'", cmd); + + ++cmd; + if (os_strncmp(cmd, "clear", 5) == 0) { + wpa_blacklist_clear(wpa_s); + return 0; + } + + if (hwaddr_aton(cmd, bssid)) { + wpa_printf(MSG_DEBUG ,"CTRL_IFACE: invalid BSSID '%s'", cmd); + return -1; + } + + /* + * Add the BSSID twice, so its count will be 2, causing it to be + * skipped when processing scan results. + */ + ret = wpa_blacklist_add(wpa_s, bssid); + if (ret != 0) + return ret; + return wpa_blacklist_add(wpa_s, bssid); +} +#endif static int wpa_supplicant_ctrl_iface_list_networks( struct wpa_supplicant *wpa_s, char *buf, size_t buflen) @@ -474,7 +529,7 @@ static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto, static int wpa_supplicant_ctrl_iface_scan_results( struct wpa_supplicant *wpa_s, char *buf, size_t buflen) { - char *pos, *end; + char *pos, *end, *retpos; struct wpa_scan_result *res; int i, ret; @@ -483,7 +538,7 @@ static int wpa_supplicant_ctrl_iface_scan_results( return 0; if (wpa_s->scan_results == NULL) return 0; - + pos = buf; end = buf + buflen; ret = os_snprintf(pos, end - pos, "bssid / frequency / signal level / " @@ -493,11 +548,12 @@ static int wpa_supplicant_ctrl_iface_scan_results( pos += ret; for (i = 0; i < wpa_s->num_scan_results; i++) { + retpos = pos; res = &wpa_s->scan_results[i]; ret = os_snprintf(pos, end - pos, MACSTR "\t%d\t%d\t", MAC2STR(res->bssid), res->freq, res->level); if (ret < 0 || ret >= end - pos) - return pos - buf; + return retpos - buf; pos += ret; if (res->wpa_ie_len) { pos = wpa_supplicant_ie_txt(pos, end, "WPA", @@ -513,25 +569,31 @@ static int wpa_supplicant_ctrl_iface_scan_results( res->caps & IEEE80211_CAP_PRIVACY) { ret = os_snprintf(pos, end - pos, "[WEP]"); if (ret < 0 || ret >= end - pos) - return pos - buf; + return retpos - buf; pos += ret; } if (res->caps & IEEE80211_CAP_IBSS) { ret = os_snprintf(pos, end - pos, "[IBSS]"); if (ret < 0 || ret >= end - pos) - return pos - buf; + return retpos - buf; + pos += ret; + } + if (!res->wpa_ie_len && !res->rsn_ie_len) { + ret = os_snprintf(pos, end - pos, "\t"); + if (ret < 0 || ret >= end - pos) + return retpos - buf; pos += ret; } ret = os_snprintf(pos, end - pos, "\t%s", wpa_ssid_txt(res->ssid, res->ssid_len)); if (ret < 0 || ret >= end - pos) - return pos - buf; + return retpos - buf; pos += ret; ret = os_snprintf(pos, end - pos, "\n"); if (ret < 0 || ret >= end - pos) - return pos - buf; + return retpos - buf; pos += ret; } @@ -1063,12 +1125,23 @@ static int wpa_supplicant_ctrl_iface_ap_scan( return 0; } +static int wpa_supplicant_driver_cmd(struct wpa_supplicant *wpa_s, + char *cmd, char *buf, size_t buflen) +{ + int ret; + + ret = wpa_drv_driver_cmd(wpa_s, cmd, buf, buflen); + if( ret == 0 ) { + ret = sprintf(buf, "%s\n", "OK"); + } + return( ret ); +} char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, char *buf, size_t *resp_len) { char *reply; - const int reply_size = 2048; + const int reply_size = 4096; int ctrl_rsp = 0; int reply_len; @@ -1077,8 +1150,9 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface", (const u8 *) buf, os_strlen(buf)); } else { - wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface", - (const u8 *) buf, os_strlen(buf)); + if (os_strcmp(buf, "PING") != 0) + wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface", + (const u8 *) buf, os_strlen(buf)); } reply = os_malloc(reply_size); @@ -1149,6 +1223,20 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strncmp(buf, "BSSID ", 6) == 0) { if (wpa_supplicant_ctrl_iface_bssid(wpa_s, buf + 6)) reply_len = -1; +#ifdef ANDROID + } else if (os_strncmp(buf, "BLACKLIST", 9) == 0) { + reply_len = wpa_supplicant_ctrl_iface_blacklist( + wpa_s, buf + 9, reply, reply_size); + if (os_strlen(buf) > 10 && reply_len == 0) { + struct wpa_blacklist *bl = wpa_s->blacklist; + if (os_strncmp(buf+10, "clear", 5) == 0 || + (bl != NULL && os_memcmp(bl->bssid, wpa_s->bssid, ETH_ALEN) == 0)) { + wpa_s->disconnected = 0; + wpa_s->reassociate = 1; + wpa_supplicant_req_scan(wpa_s, 0, 0); + } + } +#endif } else if (os_strcmp(buf, "LIST_NETWORKS") == 0) { reply_len = wpa_supplicant_ctrl_iface_list_networks( wpa_s, reply, reply_size); @@ -1195,6 +1283,8 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strcmp(buf, "INTERFACES") == 0) { reply_len = wpa_supplicant_global_iface_interfaces( wpa_s->global, reply, reply_size); + } else if (os_strncmp(buf, "DRIVER ", 7) == 0) { + reply_len = wpa_supplicant_driver_cmd(wpa_s, buf + 7, reply, reply_size); } else { os_memcpy(reply, "UNKNOWN COMMAND\n", 16); reply_len = 16; @@ -1332,11 +1422,12 @@ char * wpa_supplicant_global_ctrl_iface_process(struct wpa_global *global, char *buf, size_t *resp_len) { char *reply; - const int reply_size = 2048; + const int reply_size = 4096; int reply_len; - wpa_hexdump_ascii(MSG_DEBUG, "RX global ctrl_iface", - (const u8 *) buf, os_strlen(buf)); + if (os_strcmp(buf, "PING") != 0) + wpa_hexdump_ascii(MSG_DEBUG, "RX global ctrl_iface", + (const u8 *) buf, os_strlen(buf)); reply = os_malloc(reply_size); if (reply == NULL) { diff --git a/ctrl_iface_unix.c b/ctrl_iface_unix.c index 9e4f85f..2b9446e 100644 --- a/ctrl_iface_unix.c +++ b/ctrl_iface_unix.c @@ -16,6 +16,9 @@ #include <sys/un.h> #include <sys/stat.h> #include <grp.h> +#ifdef ANDROID +#include <cutils/sockets.h> +#endif #include "common.h" #include "eloop.h" @@ -271,6 +274,13 @@ wpa_supplicant_ctrl_iface_init(struct wpa_supplicant *wpa_s) buf = os_strdup(wpa_s->conf->ctrl_interface); if (buf == NULL) goto fail; +#ifdef ANDROID + os_snprintf(addr.sun_path, sizeof(addr.sun_path), "wpa_%s", + wpa_s->conf->ctrl_interface); + priv->sock = android_get_control_socket(addr.sun_path); + if (priv->sock >= 0) + goto havesock; +#endif if (os_strncmp(buf, "DIR=", 4) == 0) { dir = buf + 4; gid_str = os_strstr(dir, " GROUP="); @@ -380,6 +390,7 @@ wpa_supplicant_ctrl_iface_init(struct wpa_supplicant *wpa_s) } os_free(fname); +havesock: eloop_register_read_sock(priv->sock, wpa_supplicant_ctrl_iface_receive, wpa_s, priv); wpa_msg_register_cb(wpa_supplicant_ctrl_iface_msg_cb); @@ -617,6 +628,11 @@ wpa_supplicant_global_ctrl_iface_init(struct wpa_global *global) if (global->params.ctrl_interface == NULL) return priv; +#ifdef ANDROID + priv->sock = android_get_control_socket(global->params.ctrl_interface); + if (priv->sock >= 0) + goto havesock; +#endif wpa_printf(MSG_DEBUG, "Global control interface '%s'", global->params.ctrl_interface); @@ -661,7 +677,7 @@ wpa_supplicant_global_ctrl_iface_init(struct wpa_global *global) goto fail; } } - +havesock: eloop_register_read_sock(priv->sock, wpa_supplicant_global_ctrl_iface_receive, global, NULL); diff --git a/dbus-wpa_supplicant.service b/dbus-wpa_supplicant.service deleted file mode 100644 index a9ce1ec..0000000 --- a/dbus-wpa_supplicant.service +++ /dev/null @@ -1,4 +0,0 @@ -[D-BUS Service] -Name=fi.epitest.hostap.WPASupplicant -Exec=/sbin/wpa_supplicant -u -User=root @@ -127,6 +127,21 @@ typedef enum { * fully configured. */ WPA_COMPLETED +#ifdef ANDROID + /** + * WPA_IDLE - Eeplicit disconnect was performed + * + * This state is entered when a disconnect command is issued to the + * supplicant. In this case, the supplicant not only disassociates + * from the current network, but it also stops trying to associate + * with any AP until a subsequent reconnect or reassociate command + * is issued. This state was added to distinguish it from the + * WPA_DISCONNECTED state, which is now reserved for disconnects + * that were not explicitly requested by a client. + * This state is reported to clients, but it is not internally stored. + */ + , WPA_IDLE +#endif /* ANDROID */ } wpa_states; #define MLME_SETPROTECTION_PROTECT_TYPE_NONE 0 diff --git a/doc/.cvsignore b/doc/.cvsignore deleted file mode 100644 index 59e4eb8..0000000 --- a/doc/.cvsignore +++ /dev/null @@ -1,4 +0,0 @@ -html -latex -wpa_supplicant.eps -wpa_supplicant.png diff --git a/doc/code_structure.doxygen b/doc/code_structure.doxygen deleted file mode 100644 index 23b7f22..0000000 --- a/doc/code_structure.doxygen +++ /dev/null @@ -1,270 +0,0 @@ -/** -\page code_structure Structure of the source code - -[ \ref wpa_supplicant_core "wpa_supplicant core functionality" | -\ref generic_helper_func "Generic helper functions" | -\ref crypto_func "Cryptographic functions" | -\ref configuration "Configuration" | -\ref ctrl_iface "Control interface" | -\ref wpa_code "WPA supplicant" | -\ref eap_peer "EAP peer" | -\ref eapol_supp "EAPOL supplicant" | -\ref win_port "Windows port" | -\ref test_programs "Test programs" ] - -%wpa_supplicant implementation is divided into number of independent -modules. Core code includes functionality for controlling the network -selection, association, and configuration. Independent modules include -WPA code (key handshake, PMKSA caching, pre-authentication), EAPOL -state machine, and EAP state machine and methods. In addition, there -are number of separate files for generic helper functions. - -Both WPA and EAPOL/EAP state machines can be used separately in other -programs than %wpa_supplicant. As an example, the included test -programs eapol_test and preauth_test are using these modules. - -\ref driver_wrapper "Driver interface API" is defined in driver.h and -all hardware/driver dependent functionality is implemented in -driver_*.c. - - -\section wpa_supplicant_core wpa_supplicant core functionality - -wpa_supplicant.c - Program initialization, main control loop - -main.c - main() for UNIX-like operating systems and MinGW (Windows); this - uses command line arguments to configure wpa_supplicant - -events.c - Driver event processing; wpa_supplicant_event() and related functions - -wpa_supplicant_i.h - Internal definitions for %wpa_supplicant core; should not be - included into independent modules - -wpa_supplicant.h - Definitions for driver event data and message logging - - -\section generic_helper_func Generic helper functions - -%wpa_supplicant uses generic helper functions some of which are shared -with with hostapd. The following C files are currently used: - -eloop.c and eloop.h - Event loop (select() loop with registerable timeouts, socket read - callbacks, and signal callbacks) - -common.c and common.h - Common helper functions - -defs.h - Definitions shared by multiple files - -l2_packet.h, l2_packet_linux.c, and l2_packet_pcap.c - Layer 2 (link) access wrapper (includes native Linux implementation - and wrappers for libdnet/libpcap). A new l2_packet implementation - may need to be added when porting to new operating systems that are - not supported by libdnet/libpcap. Makefile can be used to select which - l2_packet implementation is included. l2_packet_linux.c uses Linux - packet sockets and l2_packet_pcap.c has a more portable version using - libpcap and libdnet. - -pcsc_funcs.c and pcsc_funcs.h - Wrapper for PC/SC lite SIM and smart card readers - -priv_netlink.h - Private version of netlink definitions from Linux kernel header files; - this could be replaced with C library header file once suitable - version becomes commonly available - -version.h - Version number definitions - -wireless_copy.h - Private version of Linux wireless extensions definitions from kernel - header files; this could be replaced with C library header file once - suitable version becomes commonly available - - -\section crypto_func Cryptographic functions - -md5.c and md5.h - MD5 (replaced with a crypto library if TLS support is included) - HMAC-MD5 (keyed checksum for message authenticity validation) - -rc4.c and rc4.h - RC4 (broadcast/default key encryption) - -sha1.c and sha1.h - SHA-1 (replaced with a crypto library if TLS support is included) - HMAC-SHA-1 (keyed checksum for message authenticity validation) - PRF-SHA-1 (pseudorandom (key/nonce generation) function) - PBKDF2-SHA-1 (ASCII passphrase to shared secret) - T-PRF (for EAP-FAST) - TLS-PRF (RFC 2246) - -aes_wrap.c, aes_wrap.h, aes.c - AES (replaced with a crypto library if TLS support is included), - AES Key Wrap Algorithm with 128-bit KEK, RFC3394 (broadcast/default - key encryption), - One-Key CBC MAC (OMAC1) hash with AES-128, - AES-128 CTR mode encryption, - AES-128 EAX mode encryption/decryption, - AES-128 CBC - -crypto.h - Definition of crypto library wrapper - -crypto.c - Wrapper functions for libcrypto (OpenSSL) - -crypto_gnutls.c - Wrapper functions for libgcrypt (used by GnuTLS) - -ms_funcs.c and ms_funcs.h - Helper functions for MSCHAPV2 and LEAP - -tls.h - Definition of TLS library wrapper - -tls_none.c - Dummy implementation of TLS library wrapper for cases where TLS - functionality is not included. - -tls_openssl.c - TLS library wrapper for openssl - -tls_gnutls.c - TLS library wrapper for GnuTLS - - -\section configuration Configuration - -config_ssid.h - Definition of per network configuration items - -config.h - Definition of the %wpa_supplicant configuration - -config.c - Configuration parser and common functions - -config_file.c - Configuration backend for text files (e.g., wpa_supplicant.conf) - - -\section ctrl_iface Control interface - -%wpa_supplicant has a \ref ctrl_iface_page "control interface" -that can be used to get status -information and manage operations from external programs. An example -command line interface (wpa_cli) and GUI (wpa_gui) for this interface -are included in the %wpa_supplicant distribution. - -ctrl_iface.c and ctrl_iface.h - %wpa_supplicant-side of the control interface - -wpa_ctrl.c and wpa_ctrl.h - Library functions for external programs to provide access to the - %wpa_supplicant control interface - -wpa_cli.c - Example program for using %wpa_supplicant control interface - - -\section wpa_code WPA supplicant - -wpa.c and wpa.h - WPA state machine and 4-Way/Group Key Handshake processing - -preauth.c and preauth.h - PMKSA caching and pre-authentication (RSN/WPA2) - -wpa_i.h - Internal definitions for WPA code; not to be included to other modules. - -\section eap_peer EAP peer - -\ref eap_module "EAP peer implementation" is a separate module that -can be used by other programs than just %wpa_supplicant. - -eap.c and eap.h - EAP state machine and method interface - -eap_defs.h - Common EAP definitions - -eap_i.h - Internal definitions for EAP state machine and EAP methods; not to be - included in other modules - -eap_sim_common.c and eap_sim_common.h - Common code for EAP-SIM and EAP-AKA - -eap_tls_common.c and eap_tls_common.h - Common code for EAP-PEAP, EAP-TTLS, and EAP-FAST - -eap_tlv.c and eap_tlv.h - EAP-TLV code for EAP-PEAP and EAP-FAST - -eap_ttls.c and eap_ttls.h - EAP-TTLS - -eap_pax.c, eap_pax_common.h, eap_pax_common.c - EAP-PAX - -eap_psk.c, eap_psk_common.h, eap_psk_common.c - EAP-PSK (note: this is not needed for WPA-PSK) - -eap_sake.c, eap_sake_common.h, eap_sake_common.c - EAP-SAKE - -eap_gpsk.c, eap_gpsk_common.h, eap_gpsk_common.c - EAP-GPSK - -eap_aka.c, eap_fast.c, eap_gtc.c, eap_leap.c, eap_md5.c, eap_mschapv2.c, -eap_otp.c, eap_peap.c, eap_sim.c, eap_tls.c - Other EAP method implementations - - -\section eapol_supp EAPOL supplicant - -eapol_sm.c and eapol_sm.h - EAPOL supplicant state machine and IEEE 802.1X processing - - -\section win_port Windows port - -ndis_events.cpp - External program for receiving NdisMIndicateStatus() events and - delivering them to %wpa_supplicant in more easier to use form - -win_if_list.c - External program for listing current network interface - - -\section test_programs Test programs - -radius_client.c and radius_client.h - RADIUS authentication client implementation for eapol_test - -radius.c and radius.h - RADIUS message processing for eapol_test - -config_types.h and hostapd.h - Minimal version of hostapd header files for eapol_test - -eapol_test.c - Standalone EAP testing tool with integrated RADIUS authentication - client - -preauth_test.c - Standalone RSN pre-authentication tool - -wpa_passphrase.c - WPA ASCII passphrase to PSK conversion - -*/ diff --git a/doc/ctrl_iface.doxygen b/doc/ctrl_iface.doxygen deleted file mode 100644 index d649786..0000000 --- a/doc/ctrl_iface.doxygen +++ /dev/null @@ -1,444 +0,0 @@ -/** -\page ctrl_iface_page Control interface - -%wpa_supplicant implements a control interface that can be used by -external programs to control the operations of the %wpa_supplicant -daemon and to get status information and event notifications. There is -a small C library, in a form of a single C file, wpa_ctrl.c, that -provides helper functions to facilitate the use of the control -interface. External programs can link this file into them and then use -the library functions documented in wpa_ctrl.h to interact with -%wpa_supplicant. This library can also be used with C++. wpa_cli.c and -wpa_gui are example programs using this library. - -There are multiple mechanisms for inter-process communication. For -example, Linux version of %wpa_supplicant is using UNIX domain sockets -for the control interface and Windows version UDP sockets. The use of -the functions defined in wpa_ctrl.h can be used to hide the details of -the used IPC from external programs. - - -\section using_ctrl_iface Using the control interface - -External programs, e.g., a GUI or a configuration utility, that need to -communicate with %wpa_supplicant should link in wpa_ctrl.c. This -allows them to use helper functions to open connection to the control -interface with wpa_ctrl_open() and to send commands with -wpa_ctrl_request(). - -%wpa_supplicant uses the control interface for two types of communication: -commands and unsolicited event messages. Commands are a pair of -messages, a request from the external program and a response from -%wpa_supplicant. These can be executed using wpa_ctrl_request(). -Unsolicited event messages are sent by %wpa_supplicant to the control -interface connection without specific request from the external program -for receiving each message. However, the external program needs to -attach to the control interface with wpa_ctrl_attach() to receive these -unsolicited messages. - -If the control interface connection is used both for commands and -unsolicited event messages, there is potential for receiving an -unsolicited message between the command request and response. -wpa_ctrl_request() caller will need to supply a callback, msg_cb, -for processing these messages. Often it is easier to open two -control interface connections by calling wpa_ctrl_open() twice and -then use one of the connections for commands and the other one for -unsolicited messages. This way command request/response pairs will -not be broken by unsolicited messages. wpa_cli is an example of how -to use only one connection for both purposes and wpa_gui demonstrates -how to use two separate connections. - -Once the control interface connection is not needed anymore, it should -be closed by calling wpa_ctrl_close(). If the connection was used for -unsolicited event messages, it should be first detached by calling -wpa_ctrl_detach(). - - -\section ctrl_iface_cmds Control interface commands - -Following commands can be used with wpa_ctrl_request(): - -\subsection ctrl_iface_PING PING - -This command can be used to test whether %wpa_supplicant is replying -to the control interface commands. The expected reply is \c PONG if the -connection is open and %wpa_supplicant is processing commands. - - -\subsection ctrl_iface_MIB MIB - -Request a list of MIB variables (dot1x, dot11). The output is a text -block with each line in \c variable=value format. For example: - -\verbatim -dot11RSNAOptionImplemented=TRUE -dot11RSNAPreauthenticationImplemented=TRUE -dot11RSNAEnabled=FALSE -dot11RSNAPreauthenticationEnabled=FALSE -dot11RSNAConfigVersion=1 -dot11RSNAConfigPairwiseKeysSupported=5 -dot11RSNAConfigGroupCipherSize=128 -dot11RSNAConfigPMKLifetime=43200 -dot11RSNAConfigPMKReauthThreshold=70 -dot11RSNAConfigNumberOfPTKSAReplayCounters=1 -dot11RSNAConfigSATimeout=60 -dot11RSNAAuthenticationSuiteSelected=00-50-f2-2 -dot11RSNAPairwiseCipherSelected=00-50-f2-4 -dot11RSNAGroupCipherSelected=00-50-f2-4 -dot11RSNAPMKIDUsed= -dot11RSNAAuthenticationSuiteRequested=00-50-f2-2 -dot11RSNAPairwiseCipherRequested=00-50-f2-4 -dot11RSNAGroupCipherRequested=00-50-f2-4 -dot11RSNAConfigNumberOfGTKSAReplayCounters=0 -dot11RSNA4WayHandshakeFailures=0 -dot1xSuppPaeState=5 -dot1xSuppHeldPeriod=60 -dot1xSuppAuthPeriod=30 -dot1xSuppStartPeriod=30 -dot1xSuppMaxStart=3 -dot1xSuppSuppControlledPortStatus=Authorized -dot1xSuppBackendPaeState=2 -dot1xSuppEapolFramesRx=0 -dot1xSuppEapolFramesTx=440 -dot1xSuppEapolStartFramesTx=2 -dot1xSuppEapolLogoffFramesTx=0 -dot1xSuppEapolRespFramesTx=0 -dot1xSuppEapolReqIdFramesRx=0 -dot1xSuppEapolReqFramesRx=0 -dot1xSuppInvalidEapolFramesRx=0 -dot1xSuppEapLengthErrorFramesRx=0 -dot1xSuppLastEapolFrameVersion=0 -dot1xSuppLastEapolFrameSource=00:00:00:00:00:00 -\endverbatim - - -\subsection ctrl_iface_STATUS STATUS - -Request current WPA/EAPOL/EAP status information. The output is a text -block with each line in \c variable=value format. For example: - -\verbatim -bssid=02:00:01:02:03:04 -ssid=test network -pairwise_cipher=CCMP -group_cipher=CCMP -key_mgmt=WPA-PSK -wpa_state=COMPLETED -ip_address=192.168.1.21 -Supplicant PAE state=AUTHENTICATED -suppPortStatus=Authorized -EAP state=SUCCESS -\endverbatim - - -\subsection ctrl_iface_STATUS-VERBOSE STATUS-VERBOSE - -Same as STATUS, but with more verbosity (i.e., more \c variable=value pairs). - -\verbatim -bssid=02:00:01:02:03:04 -ssid=test network -id=0 -pairwise_cipher=CCMP -group_cipher=CCMP -key_mgmt=WPA-PSK -wpa_state=COMPLETED -ip_address=192.168.1.21 -Supplicant PAE state=AUTHENTICATED -suppPortStatus=Authorized -heldPeriod=60 -authPeriod=30 -startPeriod=30 -maxStart=3 -portControl=Auto -Supplicant Backend state=IDLE -EAP state=SUCCESS -reqMethod=0 -methodState=NONE -decision=COND_SUCC -ClientTimeout=60 -\endverbatim - - -\subsection ctrl_iface_PMKSA PMKSA - -Show PMKSA cache - -\verbatim -Index / AA / PMKID / expiration (in seconds) / opportunistic -1 / 02:00:01:02:03:04 / 000102030405060708090a0b0c0d0e0f / 41362 / 0 -2 / 02:00:01:33:55:77 / 928389281928383b34afb34ba4212345 / 362 / 1 -\endverbatim - - -\subsection ctrl_iface_SET SET <variable> <value> - -Set variables: -- EAPOL::heldPeriod -- EAPOL::authPeriod -- EAPOL::startPeriod -- EAPOL::maxStart -- dot11RSNAConfigPMKLifetime -- dot11RSNAConfigPMKReauthThreshold -- dot11RSNAConfigSATimeout - -Example command: -\verbatim -SET EAPOL::heldPeriod 45 -\endverbatim - - -\subsection ctrl_iface_LOGON LOGON - -IEEE 802.1X EAPOL state machine logon. - - -\subsection ctrl_iface_LOGOFF LOGOFF - -IEEE 802.1X EAPOL state machine logoff. - - -\subsection ctrl_iface_REASSOCIATE REASSOCIATE - -Force reassociation. - - -\subsection ctrl_iface_RECONNECT RECONNECT - -Connect if disconnected (i.e., like \c REASSOCIATE, but only connect -if in disconnected state). - - -\subsection ctrl_iface_PREAUTH PREAUTH <BSSID> - -Start pre-authentication with the given BSSID. - - -\subsection ctrl_iface_ATTACH ATTACH - -Attach the connection as a monitor for unsolicited events. This can -be done with wpa_ctrl_attach(). - - -\subsection ctrl_iface_DETACH DETACH - -Detach the connection as a monitor for unsolicited events. This can -be done with wpa_ctrl_detach(). - - -\subsection ctrl_iface_LEVEL LEVEL <debug level> - -Change debug level. - - -\subsection ctrl_iface_RECONFIGURE RECONFIGURE - -Force %wpa_supplicant to re-read its configuration data. - - -\subsection ctrl_iface_TERMINATE TERMINATE - -Terminate %wpa_supplicant process. - - -\subsection ctrl_iface_BSSID BSSID <network id> <BSSID> - -Set preferred BSSID for a network. Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_LIST_NETWORKS LIST_NETWORKS - -List configured networks. - -\verbatim -network id / ssid / bssid / flags -0 example network any [CURRENT] -\endverbatim - -(note: fields are separated with tabs) - - -\subsection ctrl_iface_DISCONNECT DISCONNECT - -Disconnect and wait for \c REASSOCIATE or \c RECONNECT command before -connecting. - - -\subsection ctrl_iface_SCAN SCAN - -Request a new BSS scan. - - -\subsection ctrl_iface_SCAN_RESULTS SCAN_RESULTS - -Get the latest scan results. - -\verbatim -bssid / frequency / signal level / flags / ssid -00:09:5b:95:e0:4e 2412 208 [WPA-PSK-CCMP] jkm private -02:55:24:33:77:a3 2462 187 [WPA-PSK-TKIP] testing -00:09:5b:95:e0:4f 2412 209 jkm guest -\endverbatim - -(note: fields are separated with tabs) - - -\subsection ctrl_iface_SELECT_NETWORK SELECT_NETWORK <network id> - -Select a network (disable others). Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_ENABLE_NETWORK ENABLE_NETWORK <network id> - -Enable a network. Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_DISABLE_NETWORK DISABLE_NETWORK <network id> - -Disable a network. Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_ADD_NETWORK ADD_NETWORK - -Add a new network. This command creates a new network with empty -configuration. The new network is disabled and once it has been -configured it can be enabled with \c ENABLE_NETWORK command. \c ADD_NETWORK -returns the network id of the new network or FAIL on failure. - - -\subsection ctrl_iface_REMOVE_NETWORK REMOVE_NETWORK <network id> - -Remove a network. Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_SET_NETWORK SET_NETWORK <network id> <variable> <value> - -Set network variables. Network id can be received from the -\c LIST_NETWORKS command output. - -This command uses the same variables and data formats as the -configuration file. See example wpa_supplicant.conf for more details. - -- ssid (network name, SSID) -- psk (WPA passphrase or pre-shared key) -- key_mgmt (key management protocol) -- identity (EAP identity) -- password (EAP password) -- ... - - -\subsection ctrl_iface_GET_NETWORK GET_NETWORK <network id> <variable> - -Get network variables. Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_SAVE_CONFIG SAVE_CONFIG - -Save the current configuration. - - -\section ctrl_iface_interactive Interactive requests - -If %wpa_supplicant needs additional information during authentication -(e.g., password), it will use a specific prefix, \c CTRL-REQ- -(\a WPA_CTRL_REQ macro) in an unsolicited event message. An external -program, e.g., a GUI, can provide such information by using -\c CTRL-RSP- (\a WPA_CTRL_RSP macro) prefix in a command with matching -field name. - -The following fields can be requested in this way from the user: -- IDENTITY (EAP identity/user name) -- PASSWORD (EAP password) -- NEW_PASSWORD (New password if the server is requesting password change) -- PIN (PIN code for accessing a SIM or smartcard) -- OTP (one-time password; like password, but the value is used only once) -- PASSPHRASE (passphrase for a private key file) - -\verbatim -CTRL-REQ-<field name>-<network id>-<human readable text> -CTRL-RSP-<field name>-<network id>-<value> -\endverbatim - -For example, request from %wpa_supplicant: -\verbatim -CTRL-REQ-PASSWORD-1-Password needed for SSID test-network -\endverbatim - -And a matching reply from the GUI: -\verbatim -CTRL-RSP-PASSWORD-1-secret -\endverbatim - - -\subsection ctrl_iface_GET_CAPABILITY GET_CAPABILITY <option> [strict] - -Get list of supported functionality (eap, pairwise, group, -proto). Supported functionality is shown as space separate lists of -values used in the same format as in %wpa_supplicant configuration. -If optional argument, 'strict', is added, only the values that the -driver claims to explicitly support are included. Without this, all -available capabilities are included if the driver does not provide -a mechanism for querying capabilities. - -Example request/reply pairs: - -\verbatim -GET_CAPABILITY eap -AKA FAST GTC LEAP MD5 MSCHAPV2 OTP PAX PEAP PSK SIM TLS TTLS -\endverbatim - -\verbatim -GET_CAPABILITY pairwise -CCMP TKIP NONE -\endverbatim - -\verbatim -GET_CAPABILITY pairwise strict -\endverbatim - -\verbatim -GET_CAPABILITY group -CCMP TKIP WEP104 WEP40 -\endverbatim - -\verbatim -GET_CAPABILITY key_mgmt -WPA-PSK WPA-EAP IEEE8021X NONE -\endverbatim - -\verbatim -GET_CAPABILITY proto -RSN WPA -\endverbatim - -\verbatim -GET_CAPABILITY auth_alg -OPEN SHARED LEAP -\endverbatim - - -\subsection ctrl_iface_AP_SCAN AP_SCAN <ap_scan value> - -Change ap_scan value: -0 = no scanning, -1 = %wpa_supplicant requests scans and uses scan results to select the AP, -2 = %wpa_supplicant does not use scanning and just requests driver to -associate and take care of AP selection - - -\subsection ctrl_iface_INTERFACES INTERFACES - -List configured interfaces. - -\verbatim -wlan0 -eth0 -\endverbatim - -*/ diff --git a/doc/docbook/.cvsignore b/doc/docbook/.cvsignore deleted file mode 100644 index 8c3945c..0000000 --- a/doc/docbook/.cvsignore +++ /dev/null @@ -1,6 +0,0 @@ -manpage.links -manpage.refs -*.8 -*.5 -*.html -*.pdf diff --git a/doc/docbook/Makefile b/doc/docbook/Makefile deleted file mode 100644 index 15c019c..0000000 --- a/doc/docbook/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -all: man html pdf - -FILES += wpa_background -FILES += wpa_cli -FILES += wpa_passphrase -FILES += wpa_supplicant.conf -FILES += wpa_supplicant - -man: - for i in $(FILES); do docbook2man $$i.sgml; done - -html: - for i in $(FILES); do docbook2html $$i.sgml && \ - mv index.html $$i.html; done - -pdf: - for i in $(FILES); do docbook2pdf $$i.sgml; done - - -clean: - rm -f wpa_background.8 wpa_cli.8 wpa_passphrase.8 wpa_supplicant.8 - rm -f wpa_supplicant.conf.5 - rm -f manpage.links manpage.refs - rm -f $(FILES:%=%.pdf) - rm -f $(FILES:%=%.html) diff --git a/doc/docbook/wpa_background.8 b/doc/docbook/wpa_background.8 deleted file mode 100644 index 6244529..0000000 --- a/doc/docbook/wpa_background.8 +++ /dev/null @@ -1,84 +0,0 @@ -.\" This manpage has been automatically generated by docbook2man -.\" from a DocBook document. This tool can be found at: -.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> -.\" Please send any bug reports, improvements, comments, patches, -.\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "WPA_BACKGROUND" "8" "19 February 2008" "" "" - -.SH NAME -wpa_background \- Background information on Wi-Fi Protected Access and IEEE 802.11i -.SH "WPA" -.PP -The original security mechanism of IEEE 802.11 standard was -not designed to be strong and has proven to be insufficient for -most networks that require some kind of security. Task group I -(Security) of IEEE 802.11 working group -(http://www.ieee802.org/11/) has worked to address the flaws of -the base standard and has in practice completed its work in May -2004. The IEEE 802.11i amendment to the IEEE 802.11 standard was -approved in June 2004 and published in July 2004. -.PP -Wi-Fi Alliance (http://www.wi-fi.org/) used a draft version -of the IEEE 802.11i work (draft 3.0) to define a subset of the -security enhancements that can be implemented with existing wlan -hardware. This is called Wi-Fi Protected Access<TM> (WPA). This -has now become a mandatory component of interoperability testing -and certification done by Wi-Fi Alliance. Wi-Fi provides -information about WPA at its web site -(http://www.wi-fi.org/OpenSection/protected_access.asp). -.PP -IEEE 802.11 standard defined wired equivalent privacy (WEP) -algorithm for protecting wireless networks. WEP uses RC4 with -40-bit keys, 24-bit initialization vector (IV), and CRC32 to -protect against packet forgery. All these choices have proven to -be insufficient: key space is too small against current attacks, -RC4 key scheduling is insufficient (beginning of the pseudorandom -stream should be skipped), IV space is too small and IV reuse -makes attacks easier, there is no replay protection, and non-keyed -authentication does not protect against bit flipping packet -data. -.PP -WPA is an intermediate solution for the security issues. It -uses Temporal Key Integrity Protocol (TKIP) to replace WEP. TKIP -is a compromise on strong security and possibility to use existing -hardware. It still uses RC4 for the encryption like WEP, but with -per-packet RC4 keys. In addition, it implements replay protection, -keyed packet authentication mechanism (Michael MIC). -.PP -Keys can be managed using two different mechanisms. WPA can -either use an external authentication server (e.g., RADIUS) and -EAP just like IEEE 802.1X is using or pre-shared keys without need -for additional servers. Wi-Fi calls these "WPA-Enterprise" and -"WPA-Personal", respectively. Both mechanisms will generate a -master session key for the Authenticator (AP) and Supplicant -(client station). -.PP -WPA implements a new key handshake (4-Way Handshake and -Group Key Handshake) for generating and exchanging data encryption -keys between the Authenticator and Supplicant. This handshake is -also used to verify that both Authenticator and Supplicant know -the master session key. These handshakes are identical regardless -of the selected key management mechanism (only the method for -generating master session key changes). -.SH "IEEE 802.11I / WPA2" -.PP -The design for parts of IEEE 802.11i that were not included -in WPA has finished (May 2004) and this amendment to IEEE 802.11 -was approved in June 2004. Wi-Fi Alliance is using the final IEEE -802.11i as a new version of WPA called WPA2. This includes, e.g., -support for more robust encryption algorithm (CCMP: AES in Counter -mode with CBC-MAC) to replace TKIP and optimizations for handoff -(reduced number of messages in initial key handshake, -pre-authentication, and PMKSA caching). -.SH "SEE ALSO" -.PP -\fBwpa_supplicant\fR(8) -.SH "LEGAL" -.PP -wpa_supplicant is copyright (c) 2003-2005, -Jouni Malinen <j@w1.fi> and -contributors. -All Rights Reserved. -.PP -This program is dual-licensed under both the GPL version 2 -and BSD license. Either license may be used at your option. diff --git a/doc/docbook/wpa_background.sgml b/doc/docbook/wpa_background.sgml deleted file mode 100644 index 91b08bc..0000000 --- a/doc/docbook/wpa_background.sgml +++ /dev/null @@ -1,101 +0,0 @@ -<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> - -<refentry> - <refmeta> - <refentrytitle>wpa_background</refentrytitle> - <manvolnum>8</manvolnum> - </refmeta> - <refnamediv> - <refname>wpa_background</refname> - <refpurpose>Background information on Wi-Fi Protected Access and IEEE 802.11i</refpurpose> - </refnamediv> - <refsect1> - <title>WPA</title> - - <para>The original security mechanism of IEEE 802.11 standard was - not designed to be strong and has proven to be insufficient for - most networks that require some kind of security. Task group I - (Security) of IEEE 802.11 working group - (http://www.ieee802.org/11/) has worked to address the flaws of - the base standard and has in practice completed its work in May - 2004. The IEEE 802.11i amendment to the IEEE 802.11 standard was - approved in June 2004 and published in July 2004.</para> - - <para>Wi-Fi Alliance (http://www.wi-fi.org/) used a draft version - of the IEEE 802.11i work (draft 3.0) to define a subset of the - security enhancements that can be implemented with existing wlan - hardware. This is called Wi-Fi Protected Access<TM> (WPA). This - has now become a mandatory component of interoperability testing - and certification done by Wi-Fi Alliance. Wi-Fi provides - information about WPA at its web site - (http://www.wi-fi.org/OpenSection/protected_access.asp).</para> - - <para>IEEE 802.11 standard defined wired equivalent privacy (WEP) - algorithm for protecting wireless networks. WEP uses RC4 with - 40-bit keys, 24-bit initialization vector (IV), and CRC32 to - protect against packet forgery. All these choices have proven to - be insufficient: key space is too small against current attacks, - RC4 key scheduling is insufficient (beginning of the pseudorandom - stream should be skipped), IV space is too small and IV reuse - makes attacks easier, there is no replay protection, and non-keyed - authentication does not protect against bit flipping packet - data.</para> - - <para>WPA is an intermediate solution for the security issues. It - uses Temporal Key Integrity Protocol (TKIP) to replace WEP. TKIP - is a compromise on strong security and possibility to use existing - hardware. It still uses RC4 for the encryption like WEP, but with - per-packet RC4 keys. In addition, it implements replay protection, - keyed packet authentication mechanism (Michael MIC).</para> - - <para>Keys can be managed using two different mechanisms. WPA can - either use an external authentication server (e.g., RADIUS) and - EAP just like IEEE 802.1X is using or pre-shared keys without need - for additional servers. Wi-Fi calls these "WPA-Enterprise" and - "WPA-Personal", respectively. Both mechanisms will generate a - master session key for the Authenticator (AP) and Supplicant - (client station).</para> - - <para>WPA implements a new key handshake (4-Way Handshake and - Group Key Handshake) for generating and exchanging data encryption - keys between the Authenticator and Supplicant. This handshake is - also used to verify that both Authenticator and Supplicant know - the master session key. These handshakes are identical regardless - of the selected key management mechanism (only the method for - generating master session key changes).</para> - </refsect1> - - <refsect1> - <title>IEEE 802.11i / WPA2</title> - - <para>The design for parts of IEEE 802.11i that were not included - in WPA has finished (May 2004) and this amendment to IEEE 802.11 - was approved in June 2004. Wi-Fi Alliance is using the final IEEE - 802.11i as a new version of WPA called WPA2. This includes, e.g., - support for more robust encryption algorithm (CCMP: AES in Counter - mode with CBC-MAC) to replace TKIP and optimizations for handoff - (reduced number of messages in initial key handshake, - pre-authentication, and PMKSA caching).</para> - </refsect1> - - <refsect1> - <title>See Also</title> - <para> - <citerefentry> - <refentrytitle>wpa_supplicant</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry> - </para> - </refsect1> - - <refsect1> - <title>Legal</title> - <para>wpa_supplicant is copyright (c) 2003-2005, - Jouni Malinen <email>j@w1.fi</email> and - contributors. - All Rights Reserved.</para> - - <para>This program is dual-licensed under both the GPL version 2 - and BSD license. Either license may be used at your option.</para> - </refsect1> -</refentry> diff --git a/doc/docbook/wpa_cli.8 b/doc/docbook/wpa_cli.8 deleted file mode 100644 index 0865264..0000000 --- a/doc/docbook/wpa_cli.8 +++ /dev/null @@ -1,209 +0,0 @@ -.\" This manpage has been automatically generated by docbook2man -.\" from a DocBook document. This tool can be found at: -.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> -.\" Please send any bug reports, improvements, comments, patches, -.\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "WPA_CLI" "8" "19 February 2008" "" "" - -.SH NAME -wpa_cli \- WPA command line client -.SH SYNOPSIS - -\fBwpa_cli\fR [ \fB-p \fIpath to ctrl sockets\fB\fR ] [ \fB-i \fIifname\fB\fR ] [ \fB-hvB\fR ] [ \fB-a \fIaction file\fB\fR ] [ \fB-P \fIpid file\fB\fR ] [ \fB\fIcommand ...\fB\fR ] - -.SH "OVERVIEW" -.PP -wpa_cli is a text-based frontend program for interacting -with wpa_supplicant. It is used to query current status, change -configuration, trigger events, and request interactive user -input. -.PP -wpa_cli can show the current authentication status, selected -security mode, dot11 and dot1x MIBs, etc. In addition, it can -configure some variables like EAPOL state machine parameters and -trigger events like reassociation and IEEE 802.1X -logoff/logon. wpa_cli provides a user interface to request -authentication information, like username and password, if these -are not included in the configuration. This can be used to -implement, e.g., one-time-passwords or generic token card -authentication where the authentication is based on a -challenge-response that uses an external device for generating the -response. -.PP -The control interface of wpa_supplicant can be configured to -allow non-root user access (ctrl_interface_group in the -configuration file). This makes it possible to run wpa_cli with a -normal user account. -.PP -wpa_cli supports two modes: interactive and command -line. Both modes share the same command set and the main -difference is in interactive mode providing access to unsolicited -messages (event messages, username/password requests). -.PP -Interactive mode is started when wpa_cli is executed without -including the command as a command line parameter. Commands are -then entered on the wpa_cli prompt. In command line mode, the same -commands are entered as command line arguments for wpa_cli. -.SH "INTERACTIVE AUTHENTICATION PARAMETERS REQUEST" -.PP -When wpa_supplicant need authentication parameters, like -username and password, which are not present in the configuration -file, it sends a request message to all attached frontend programs, -e.g., wpa_cli in interactive mode. wpa_cli shows these requests -with "CTRL-REQ-<type>-<id>:<text>" -prefix. <type> is IDENTITY, PASSWORD, or OTP -(one-time-password). <id> is a unique identifier for the -current network. <text> is description of the request. In -case of OTP request, it includes the challenge from the -authentication server. -.PP -The reply to these requests can be given with 'identity', -'password', and 'otp' commands. <id> needs to be copied from the -the matching request. 'password' and 'otp' commands can be used -regardless of whether the request was for PASSWORD or OTP. The -main difference between these two commands is that values given -with 'password' are remembered as long as wpa_supplicant is -running whereas values given with 'otp' are used only once and -then forgotten, i.e., wpa_supplicant will ask frontend for a new -value for every use. This can be used to implement -one-time-password lists and generic token card -based -authentication. -.PP -Example request for password and a matching reply: -.sp -.RS - -.nf -CTRL-REQ-PASSWORD-1:Password needed for SSID foobar -> password 1 mysecretpassword -.fi -.RE -.PP -Example request for generic token card challenge-response: -.sp -.RS - -.nf -CTRL-REQ-OTP-2:Challenge 1235663 needed for SSID foobar -> otp 2 9876 -.fi -.RE -.SH "COMMAND ARGUMENTS" -.TP -\fB-p path\fR -Change the path where control sockets should -be found. -.TP -\fB-i ifname\fR -Specify the interface that is being -configured. By default, choose the first interface found with -a control socket in the socket path. -.TP -\fB-h\fR -Help. Show a usage message. -.TP -\fB-v\fR -Show version information. -.TP -\fB-B\fR -Run as a daemon in the background. -.TP -\fB-a file\fR -Run in daemon mode executing the action file -based on events from wpa_supplicant. The specified file will -be executed with the first argument set to interface name and -second to "CONNECTED" or "DISCONNECTED" depending on the event. -This can be used to execute networking tools required to configure -the interface. - -Additionally, three environmental variables are available to -the file: WPA_CTRL_DIR, WPA_ID, and WPA_ID_STR. WPA_CTRL_DIR -contains the absolute path to the ctrl_interface socket. WPA_ID -contains the unique network_id identifier assigned to the active -network, and WPA_ID_STR contains the content of the id_str option. -.TP -\fB-P file\fR -Set the location of the PID -file. -.TP -\fBcommand\fR -Run a command. The available commands are -listed in the next section. -.SH "COMMANDS" -.PP -The following commands are available: -.TP -\fBstatus\fR -get current WPA/EAPOL/EAP status -.TP -\fBmib\fR -get MIB variables (dot1x, dot11) -.TP -\fBhelp\fR -show this usage help -.TP -\fBinterface [ifname]\fR -show interfaces/select interface -.TP -\fBlevel <debug level>\fR -change debug level -.TP -\fBlicense\fR -show full wpa_cli license -.TP -\fBlogoff\fR -IEEE 802.1X EAPOL state machine logoff -.TP -\fBlogon\fR -IEEE 802.1X EAPOL state machine logon -.TP -\fBset\fR -set variables (shows list of variables when run without arguments) -.TP -\fBpmksa\fR -show PMKSA cache -.TP -\fBreassociate\fR -force reassociation -.TP -\fBreconfigure\fR -force wpa_supplicant to re-read its configuration file -.TP -\fBpreauthenticate <BSSID>\fR -force preauthentication -.TP -\fBidentity <network id> <identity>\fR -configure identity for an SSID -.TP -\fBpassword <network id> <password>\fR -configure password for an SSID -.TP -\fBpin <network id> <pin>\fR -configure pin for an SSID -.TP -\fBotp <network id> <password>\fR -configure one-time-password for an SSID -.TP -\fBbssid <network id> <BSSID>\fR -set preferred BSSID for an SSID -.TP -\fBlist_networks\fR -list configured networks -.TP -\fBterminate\fR -terminate \fBwpa_supplicant\fR -.TP -\fBquit\fR -exit wpa_cli -.SH "SEE ALSO" -.PP -\fBwpa_supplicant\fR(8) -.SH "LEGAL" -.PP -wpa_supplicant is copyright (c) 2003-2005, -Jouni Malinen <j@w1.fi> and -contributors. -All Rights Reserved. -.PP -This program is dual-licensed under both the GPL version 2 -and BSD license. Either license may be used at your option. diff --git a/doc/docbook/wpa_cli.sgml b/doc/docbook/wpa_cli.sgml deleted file mode 100644 index 8430599..0000000 --- a/doc/docbook/wpa_cli.sgml +++ /dev/null @@ -1,338 +0,0 @@ -<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> - -<refentry> - <refmeta> - <refentrytitle>wpa_cli</refentrytitle> - <manvolnum>8</manvolnum> - </refmeta> - <refnamediv> - <refname>wpa_cli</refname> - - <refpurpose>WPA command line client</refpurpose> - </refnamediv> - - <refsynopsisdiv> - <cmdsynopsis> - <command>wpa_cli</command> - <arg>-p <replaceable>path to ctrl sockets</replaceable></arg> - <arg>-i <replaceable>ifname</replaceable></arg> - <arg>-hvB</arg> - <arg>-a <replaceable>action file</replaceable></arg> - <arg>-P <replaceable>pid file</replaceable></arg> - <arg><replaceable>command ...</replaceable></arg> - </cmdsynopsis> - </refsynopsisdiv> - - <refsect1> - <title>Overview</title> - - <para>wpa_cli is a text-based frontend program for interacting - with wpa_supplicant. It is used to query current status, change - configuration, trigger events, and request interactive user - input.</para> - - <para>wpa_cli can show the current authentication status, selected - security mode, dot11 and dot1x MIBs, etc. In addition, it can - configure some variables like EAPOL state machine parameters and - trigger events like reassociation and IEEE 802.1X - logoff/logon. wpa_cli provides a user interface to request - authentication information, like username and password, if these - are not included in the configuration. This can be used to - implement, e.g., one-time-passwords or generic token card - authentication where the authentication is based on a - challenge-response that uses an external device for generating the - response.</para> - - <para>The control interface of wpa_supplicant can be configured to - allow non-root user access (ctrl_interface_group in the - configuration file). This makes it possible to run wpa_cli with a - normal user account.</para> - - <para>wpa_cli supports two modes: interactive and command - line. Both modes share the same command set and the main - difference is in interactive mode providing access to unsolicited - messages (event messages, username/password requests).</para> - - <para>Interactive mode is started when wpa_cli is executed without - including the command as a command line parameter. Commands are - then entered on the wpa_cli prompt. In command line mode, the same - commands are entered as command line arguments for wpa_cli.</para> - </refsect1> - <refsect1> - <title>Interactive authentication parameters request</title> - - <para>When wpa_supplicant need authentication parameters, like - username and password, which are not present in the configuration - file, it sends a request message to all attached frontend programs, - e.g., wpa_cli in interactive mode. wpa_cli shows these requests - with "CTRL-REQ-<type>-<id>:<text>" - prefix. <type> is IDENTITY, PASSWORD, or OTP - (one-time-password). <id> is a unique identifier for the - current network. <text> is description of the request. In - case of OTP request, it includes the challenge from the - authentication server.</para> - - <para>The reply to these requests can be given with 'identity', - 'password', and 'otp' commands. <id> needs to be copied from the - the matching request. 'password' and 'otp' commands can be used - regardless of whether the request was for PASSWORD or OTP. The - main difference between these two commands is that values given - with 'password' are remembered as long as wpa_supplicant is - running whereas values given with 'otp' are used only once and - then forgotten, i.e., wpa_supplicant will ask frontend for a new - value for every use. This can be used to implement - one-time-password lists and generic token card -based - authentication.</para> - - <para>Example request for password and a matching reply:</para> - -<blockquote><programlisting> -CTRL-REQ-PASSWORD-1:Password needed for SSID foobar -> password 1 mysecretpassword -</programlisting></blockquote> - - <para>Example request for generic token card challenge-response:</para> - -<blockquote><programlisting> -CTRL-REQ-OTP-2:Challenge 1235663 needed for SSID foobar -> otp 2 9876 -</programlisting></blockquote> - - </refsect1> - <refsect1> - <title>Command Arguments</title> - <variablelist> - <varlistentry> - <term>-p path</term> - - <listitem><para>Change the path where control sockets should - be found.</para></listitem> - </varlistentry> - - <varlistentry> - <term>-i ifname</term> - - <listitem><para>Specify the interface that is being - configured. By default, choose the first interface found with - a control socket in the socket path.</para></listitem> - </varlistentry> - - <varlistentry> - <term>-h</term> - <listitem><para>Help. Show a usage message.</para></listitem> - </varlistentry> - - - <varlistentry> - <term>-v</term> - <listitem><para>Show version information.</para></listitem> - </varlistentry> - - - <varlistentry> - <term>-B</term> - <listitem><para>Run as a daemon in the background.</para></listitem> - </varlistentry> - - <varlistentry> - <term>-a file</term> - - <listitem><para>Run in daemon mode executing the action file - based on events from wpa_supplicant. The specified file will - be executed with the first argument set to interface name and - second to "CONNECTED" or "DISCONNECTED" depending on the event. - This can be used to execute networking tools required to configure - the interface.</para> - - <para>Additionally, three environmental variables are available to - the file: WPA_CTRL_DIR, WPA_ID, and WPA_ID_STR. WPA_CTRL_DIR - contains the absolute path to the ctrl_interface socket. WPA_ID - contains the unique network_id identifier assigned to the active - network, and WPA_ID_STR contains the content of the id_str option. - </para></listitem> - </varlistentry> - - <varlistentry> - <term>-P file</term> - - <listitem><para>Set the location of the PID - file.</para></listitem> - </varlistentry> - - <varlistentry> - <term>command</term> - - <listitem><para>Run a command. The available commands are - listed in the next section.</para></listitem> - - </varlistentry> - </variablelist> - </refsect1> - <refsect1> - <title>Commands</title> - <para>The following commands are available:</para> - - <variablelist> - <varlistentry> - <term>status</term> - <listitem> - <para>get current WPA/EAPOL/EAP status</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>mib</term> - <listitem> - <para>get MIB variables (dot1x, dot11)</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>help</term> - <listitem> - <para>show this usage help</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>interface [ifname]</term> - <listitem> - <para>show interfaces/select interface</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>level <debug level></term> - <listitem> - <para>change debug level</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>license</term> - <listitem> - <para>show full wpa_cli license</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>logoff</term> - <listitem> - <para>IEEE 802.1X EAPOL state machine logoff</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>logon</term> - <listitem> - <para>IEEE 802.1X EAPOL state machine logon</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>set</term> - <listitem> - <para>set variables (shows list of variables when run without arguments)</para> - </listitem> - </varlistentry> - <varlistentry> - <term>pmksa</term> - <listitem> - <para>show PMKSA cache</para> - </listitem> - </varlistentry> - <varlistentry> - <term>reassociate</term> - <listitem> - <para>force reassociation</para> - </listitem> - </varlistentry> - <varlistentry> - <term>reconfigure</term> - <listitem> - <para>force wpa_supplicant to re-read its configuration file</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>preauthenticate <BSSID></term> - <listitem> - <para>force preauthentication</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>identity <network id> <identity></term> - <listitem> - <para>configure identity for an SSID</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>password <network id> <password></term> - <listitem> - <para>configure password for an SSID</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>pin <network id> <pin></term> - <listitem> - <para>configure pin for an SSID</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>otp <network id> <password></term> - <listitem> - <para>configure one-time-password for an SSID</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>bssid <network id> <BSSID></term> - <listitem> - <para>set preferred BSSID for an SSID</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>list_networks</term> - <listitem> - <para>list configured networks</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>terminate</term> - <listitem> - <para>terminate <command>wpa_supplicant</command></para> - </listitem> - </varlistentry> - - <varlistentry> - <term>quit</term> - <listitem><para>exit wpa_cli</para></listitem> - </varlistentry> - </variablelist> - </refsect1> - <refsect1> - <title>See Also</title> - <para> - <citerefentry> - <refentrytitle>wpa_supplicant</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry> - </para> - </refsect1> - <refsect1> - <title>Legal</title> - <para>wpa_supplicant is copyright (c) 2003-2005, - Jouni Malinen <email>j@w1.fi</email> and - contributors. - All Rights Reserved.</para> - - <para>This program is dual-licensed under both the GPL version 2 - and BSD license. Either license may be used at your option.</para> - </refsect1> -</refentry> diff --git a/doc/docbook/wpa_passphrase.8 b/doc/docbook/wpa_passphrase.8 deleted file mode 100644 index a0f5c70..0000000 --- a/doc/docbook/wpa_passphrase.8 +++ /dev/null @@ -1,40 +0,0 @@ -.\" This manpage has been automatically generated by docbook2man -.\" from a DocBook document. This tool can be found at: -.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> -.\" Please send any bug reports, improvements, comments, patches, -.\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "WPA_PASSPHRASE" "8" "19 February 2008" "" "" - -.SH NAME -wpa_passphrase \- Generate a WPA PSK from an ASCII passphrase for a SSID -.SH SYNOPSIS - -\fBwpa_passphrase\fR [ \fB\fIssid\fB\fR ] [ \fB\fIpassphrase\fB\fR ] - -.SH "OVERVIEW" -.PP -\fBwpa_passphrase\fR pre-computes PSK entries for -network configuration blocks of a -\fIwpa_supplicant.conf\fR file. An ASCII passphrase -and SSID are used to generate a 256-bit PSK. -.SH "OPTIONS" -.TP -\fBssid\fR -The SSID whose passphrase should be derived. -.TP -\fBpassphrase\fR -The passphrase to use. If not included on the command line, -passphrase will be read from standard input. -.SH "SEE ALSO" -.PP -\fBwpa_supplicant.conf\fR(5) -\fBwpa_supplicant\fR(8) -.SH "LEGAL" -.PP -wpa_supplicant is copyright (c) 2003-2005, -Jouni Malinen <j@w1.fi> and -contributors. -All Rights Reserved. -.PP -This program is dual-licensed under both the GPL version 2 -and BSD license. Either license may be used at your option. diff --git a/doc/docbook/wpa_passphrase.sgml b/doc/docbook/wpa_passphrase.sgml deleted file mode 100644 index eacb119..0000000 --- a/doc/docbook/wpa_passphrase.sgml +++ /dev/null @@ -1,73 +0,0 @@ -<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> - -<refentry> - <refmeta> - <refentrytitle>wpa_passphrase</refentrytitle> - <manvolnum>8</manvolnum> - </refmeta> - <refnamediv> - <refname>wpa_passphrase</refname> - <refpurpose>Generate a WPA PSK from an ASCII passphrase for a SSID</refpurpose> - </refnamediv> - <refsynopsisdiv> - <cmdsynopsis> - <command>wpa_passphrase</command> - <arg><replaceable>ssid</replaceable></arg> - <arg><replaceable>passphrase</replaceable></arg> - </cmdsynopsis> - </refsynopsisdiv> - - <refsect1> - <title>Overview</title> - - <para><command>wpa_passphrase</command> pre-computes PSK entries for - network configuration blocks of a - <filename>wpa_supplicant.conf</filename> file. An ASCII passphrase - and SSID are used to generate a 256-bit PSK.</para> - </refsect1> - - <refsect1> - <title>Options</title> - <variablelist> - <varlistentry> - <term>ssid</term> - <listitem> - <para>The SSID whose passphrase should be derived.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>passphrase</term> - <listitem> - <para>The passphrase to use. If not included on the command line, - passphrase will be read from standard input.</para> - </listitem> - </varlistentry> - </variablelist> - </refsect1> - - <refsect1> - <title>See Also</title> - <para> - <citerefentry> - <refentrytitle>wpa_supplicant.conf</refentrytitle> - <manvolnum>5</manvolnum> - </citerefentry> - <citerefentry> - <refentrytitle>wpa_supplicant</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry> - </para> - - </refsect1> - <refsect1> - <title>Legal</title> - <para>wpa_supplicant is copyright (c) 2003-2005, - Jouni Malinen <email>j@w1.fi</email> and - contributors. - All Rights Reserved.</para> - - <para>This program is dual-licensed under both the GPL version 2 - and BSD license. Either license may be used at your option.</para> - </refsect1> -</refentry> diff --git a/doc/docbook/wpa_supplicant.8 b/doc/docbook/wpa_supplicant.8 deleted file mode 100644 index 1a5697d..0000000 --- a/doc/docbook/wpa_supplicant.8 +++ /dev/null @@ -1,556 +0,0 @@ -.\" This manpage has been automatically generated by docbook2man -.\" from a DocBook document. This tool can be found at: -.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> -.\" Please send any bug reports, improvements, comments, patches, -.\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "WPA_SUPPLICANT" "8" "19 February 2008" "" "" - -.SH NAME -wpa_supplicant \- Wi-Fi Protected Access client and IEEE 802.1X supplicant -.SH SYNOPSIS - -\fBwpa_supplicant\fR [ \fB-BddfhKLqqtuvwW\fR ] [ \fB-i\fIifname\fB\fR ] [ \fB-c\fIconfig file\fB\fR ] [ \fB-D\fIdriver\fB\fR ] [ \fB-P\fIPID_file\fB\fR ] [ \fB-f\fIoutput file\fB\fR ] - -.SH "OVERVIEW" -.PP -Wireless networks do not require physical access to the network equipment -in the same way as wired networks. This makes it easier for unauthorized -users to passively monitor a network and capture all transmitted frames. -In addition, unauthorized use of the network is much easier. In many cases, -this can happen even without user's explicit knowledge since the wireless -LAN adapter may have been configured to automatically join any available -network. -.PP -Link-layer encryption can be used to provide a layer of security for -wireless networks. The original wireless LAN standard, IEEE 802.11, -included a simple encryption mechanism, WEP. However, that proved to -be flawed in many areas and network protected with WEP cannot be consider -secure. IEEE 802.1X authentication and frequently changed dynamic WEP keys -can be used to improve the network security, but even that has inherited -security issues due to the use of WEP for encryption. Wi-Fi Protected -Access and IEEE 802.11i amendment to the wireless LAN standard introduce -a much improvement mechanism for securing wireless networks. IEEE 802.11i -enabled networks that are using CCMP (encryption mechanism based on strong -cryptographic algorithm AES) can finally be called secure used for -applications which require efficient protection against unauthorized -access. -.PP -\fBwpa_supplicant\fR is an implementation of -the WPA Supplicant component, i.e., the part that runs in the -client stations. It implements WPA key negotiation with a WPA -Authenticator and EAP authentication with Authentication -Server. In addition, it controls the roaming and IEEE 802.11 -authentication/association of the wireless LAN driver. -.PP -\fBwpa_supplicant\fR is designed to be a -"daemon" program that runs in the background and acts as the -backend component controlling the wireless -connection. \fBwpa_supplicant\fR supports separate -frontend programs and an example text-based frontend, -\fBwpa_cli\fR, is included with -wpa_supplicant. -.PP -Before wpa_supplicant can do its work, the network interface -must be available. That means that the physical device must be -present and enabled, and the driver for the device must have be -loaded. Note, however, that the '-w' option of the wpa_supplicant -daemon instructs the daemon to continue running and to wait for -the interface to become available. Without the '-w' option, the -daemon will exit immediately if the device is not already -available. -.PP -After \fBwpa_supplicant\fR has configured the -network device, higher level configuration such as DHCP may -proceed. There are a variety of ways to integrate wpa_supplicant -into a machine's networking scripts, a few of which are described -in sections below. -.PP -The following steps are used when associating with an AP -using WPA: -.TP 0.2i -\(bu -\fBwpa_supplicant\fR requests the kernel -driver to scan neighboring BSSes -.TP 0.2i -\(bu -\fBwpa_supplicant\fR selects a BSS based on -its configuration -.TP 0.2i -\(bu -\fBwpa_supplicant\fR requests the kernel -driver to associate with the chosen BSS -.TP 0.2i -\(bu -If WPA-EAP: integrated IEEE 802.1X Supplicant or -external Xsupplicant completes EAP authentication with the -authentication server (proxied by the Authenticator in the -AP) -.TP 0.2i -\(bu -If WPA-EAP: master key is received from the IEEE 802.1X -Supplicant -.TP 0.2i -\(bu -If WPA-PSK: \fBwpa_supplicant\fR uses PSK -as the master session key -.TP 0.2i -\(bu -\fBwpa_supplicant\fR completes WPA 4-Way -Handshake and Group Key Handshake with the Authenticator -(AP) -.TP 0.2i -\(bu -\fBwpa_supplicant\fR configures encryption -keys for unicast and broadcast -.TP 0.2i -\(bu -normal data packets can be transmitted and received -.SH "SUPPORTED FEATURES" -.PP -Supported WPA/IEEE 802.11i features: -.TP 0.2i -\(bu -WPA-PSK ("WPA-Personal") -.TP 0.2i -\(bu -WPA with EAP (e.g., with RADIUS authentication server) -("WPA-Enterprise") Following authentication methods are -supported with an integrate IEEE 802.1X Supplicant: -.RS -.TP 0.2i -\(bu -EAP-TLS -.RE -.RS -.TP 0.2i -\(bu -EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1) -.TP 0.2i -\(bu -EAP-PEAP/TLS (both PEAPv0 and PEAPv1) -.TP 0.2i -\(bu -EAP-PEAP/GTC (both PEAPv0 and PEAPv1) -.TP 0.2i -\(bu -EAP-PEAP/OTP (both PEAPv0 and PEAPv1) -.TP 0.2i -\(bu -EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1) -.TP 0.2i -\(bu -EAP-TTLS/EAP-MD5-Challenge -.TP 0.2i -\(bu -EAP-TTLS/EAP-GTC -.TP 0.2i -\(bu -EAP-TTLS/EAP-OTP -.TP 0.2i -\(bu -EAP-TTLS/EAP-MSCHAPv2 -.TP 0.2i -\(bu -EAP-TTLS/EAP-TLS -.TP 0.2i -\(bu -EAP-TTLS/MSCHAPv2 -.TP 0.2i -\(bu -EAP-TTLS/MSCHAP -.TP 0.2i -\(bu -EAP-TTLS/PAP -.TP 0.2i -\(bu -EAP-TTLS/CHAP -.TP 0.2i -\(bu -EAP-SIM -.TP 0.2i -\(bu -EAP-AKA -.TP 0.2i -\(bu -EAP-PSK -.TP 0.2i -\(bu -EAP-PAX -.TP 0.2i -\(bu -LEAP (note: requires special support from -the driver for IEEE 802.11 authentication) -.TP 0.2i -\(bu -(following methods are supported, but since -they do not generate keying material, they cannot be used -with WPA or IEEE 802.1X WEP keying) -.TP 0.2i -\(bu -EAP-MD5-Challenge -.TP 0.2i -\(bu -EAP-MSCHAPv2 -.TP 0.2i -\(bu -EAP-GTC -.TP 0.2i -\(bu -EAP-OTP -.RE -.TP 0.2i -\(bu -key management for CCMP, TKIP, WEP104, WEP40 -.TP 0.2i -\(bu -RSN/WPA2 (IEEE 802.11i) -.RS -.TP 0.2i -\(bu -pre-authentication -.TP 0.2i -\(bu -PMKSA caching -.RE -.SH "AVAILABLE DRIVERS" -.PP -The available drivers to specify with the -D option are: -.TP -\fBhostap\fR -(default) Host AP driver (Intersil Prism2/2.5/3). -(this can also be used with Linuxant DriverLoader). -.TP -\fBhermes\fR -Agere Systems Inc. driver (Hermes-I/Hermes-II). -.TP -\fBmadwifi\fR -MADWIFI 802.11 support (Atheros, etc.). -.TP -\fBatmel\fR -ATMEL AT76C5XXx (USB, PCMCIA). -.TP -\fBwext\fR -Linux wireless extensions (generic). -.TP -\fBndiswrapper\fR -Linux ndiswrapper. -.TP -\fBbroadcom\fR -Broadcom wl.o driver. -.TP -\fBipw\fR -Intel ipw2100/2200 driver. -.TP -\fBwired\fR -wpa_supplicant wired Ethernet driver -.TP -\fBbsd\fR -BSD 802.11 support (Atheros, etc.). -.TP -\fBndis\fR -Windows NDIS driver. -.SH "COMMAND LINE OPTIONS" -.TP -\fB-B\fR -Run daemon in the background. -.TP -\fB-i ifname\fR -Interface to listen on. -.TP -\fB-c filename\fR -Path to configuration file. -.TP -\fB-P PID_file\fR -Path to PID file. -.TP -\fB-C ctrl_interface\fR -Path to ctrl_interface socket (only used if -c is not). -.TP -\fB-g global ctrl_interface\fR -Path to global ctrl_interface socket. -.TP -\fB-D driver\fR -Driver to use. See the available options below. -.TP -\fB-f output file\fR -Log output to specified file instead of stdout. -.TP -\fB-d\fR -Increase debugging verbosity (-dd even more). -.TP -\fB-K\fR -Include keys (passwords, etc.) in debug output. -.TP -\fB-t\fR -Include timestamp in debug messages. -.TP -\fB-e\fR -Use external IEEE 802.1X Supplicant (e.g., -\fBxsupplicant\fR) (this disables the internal -Supplicant). -.TP -\fB-h\fR -Help. Show a usage message. -.TP -\fB-L\fR -Show license (GPL and BSD). -.TP -\fB-q\fR -Decrease debugging verbosity (-qq even less). -.TP -\fB-v\fR -Show version. -.TP -\fB-w\fR -wait for interface to be added, if needed. normally, -\fBwpa_supplicant\fR will exit if the interface -is not there yet. -.TP -\fB-N\fR -Start describing new interface. -.SH "EXAMPLES" -.PP -In most common cases, \fBwpa_supplicant\fR is -started with: -.sp -.RS - -.nf -wpa_supplicant -Bw -c/etc/wpa_supplicant.conf -iwlan0 -.fi -.RE -.PP -This makes the process fork into background and wait for the wlan0 -interface if it is not available at startup time. -.PP -The easiest way to debug problems, and to get debug log for -bug reports, is to start \fBwpa_supplicant\fR on -foreground with debugging enabled: -.sp -.RS - -.nf -wpa_supplicant -c/etc/wpa_supplicant.conf -iwlan0 -d -.fi -.RE -.PP -\fBwpa_supplicant\fR can control multiple -interfaces (radios) either by running one process for each -interface separately or by running just one process and list of -options at command line. Each interface is separated with -N -argument. As an example, following command would start -wpa_supplicant for two interfaces: -.sp -.RS - -.nf -wpa_supplicant \\ - -c wpa1.conf -i wlan0 -D hostap -N \\ - -c wpa2.conf -i ath0 -D madwifi -.fi -.RE -.SH "OS REQUIREMENTS" -.PP -Current hardware/software requirements: -.TP 0.2i -\(bu -Linux kernel 2.4.x or 2.6.x with Linux Wireless -Extensions v15 or newer -.TP 0.2i -\(bu -FreeBSD 6-CURRENT -.TP 0.2i -\(bu -Microsoft Windows with WinPcap (at least WinXP, may work -with other versions) -.SH "SUPPORTED DRIVERS" -.TP -\fBHost AP driver for Prism2/2.5/3 (development snapshot/v0.2.x)\fR -(http://hostap.epitest.fi/) Driver needs to be set in -Managed mode ('iwconfig wlan0 mode managed'). Please note -that station firmware version needs to be 1.7.0 or newer to -work in WPA mode. -.TP -\fBLinuxant DriverLoader\fR -(http://www.linuxant.com/driverloader/) -with Windows NDIS driver for your wlan card supporting WPA. -.TP -\fBAgere Systems Inc. Linux Driver\fR -(http://www.agere.com/support/drivers/) Please note -that the driver interface file (driver_hermes.c) and hardware -specific include files are not included in the wpa_supplicant -distribution. You will need to copy these from the source -package of the Agere driver. -.TP -\fBmadwifi driver for cards based on Atheros chip set (ar521x)\fR -(http://sourceforge.net/projects/madwifi/) Please -note that you will need to modify the wpa_supplicant .config -file to use the correct path for the madwifi driver root -directory (CFLAGS += -I../madwifi/wpa line in example -defconfig). -.TP -\fBATMEL AT76C5XXx driver for USB and PCMCIA cards\fR -(http://atmelwlandriver.sourceforge.net/). -.TP -\fBLinux ndiswrapper\fR -(http://ndiswrapper.sourceforge.net/) with Windows -NDIS driver. -.TP -\fBBroadcom wl.o driver\fR -This is a generic Linux driver for Broadcom IEEE -802.11a/g cards. However, it is proprietary driver that is -not publicly available except for couple of exceptions, mainly -Broadcom-based APs/wireless routers that use Linux. The driver -binary can be downloaded, e.g., from Linksys support site -(http://www.linksys.com/support/gpl.asp) for Linksys -WRT54G. The GPL tarball includes cross-compiler and the needed -header file, wlioctl.h, for compiling wpa_supplicant. This -driver support in wpa_supplicant is expected to work also with -other devices based on Broadcom driver (assuming the driver -includes client mode support). -.TP -\fB Intel ipw2100 driver\fR -(http://sourceforge.net/projects/ipw2100/) -.TP -\fBIntel ipw2200 driver\fR -(http://sourceforge.net/projects/ipw2200/) -.TP -\fBLinux wireless extensions\fR -In theory, any driver that supports Linux wireless -extensions can be used with IEEE 802.1X (i.e., not WPA) when -using ap_scan=0 option in configuration file. -.TP -\fBWired Ethernet drivers\fR -Use ap_scan=0. -.TP -\fBBSD net80211 layer (e.g., Atheros driver)\fR -At the moment, this is for FreeBSD 6-CURRENT branch. -.TP -\fBWindows NDIS\fR -The current Windows port requires WinPcap -(http://winpcap.polito.it/). See README-Windows.txt for more -information. -.PP -wpa_supplicant was designed to be portable for different -drivers and operating systems. Hopefully, support for more wlan -cards and OSes will be added in the future. See developer.txt for -more information about the design of wpa_supplicant and porting to -other drivers. One main goal is to add full WPA/WPA2 support to -Linux wireless extensions to allow new drivers to be supported -without having to implement new driver-specific interface code in -wpa_supplicant. -.SH "ARCHITECTURE" -.PP -The -\fBwpa_supplicant\fR system consists of the following -components: -.TP -\fB\fIwpa_supplicant.conf\fB \fR -the configuration file describing all networks that the -user wants the computer to connect to. -.TP -\fBwpa_supplicant\fR -the program that directly interacts with the -network interface. -.TP -\fBwpa_cli\fR -the -client program that provides a high-level interface to the -functionality of the daemon. -.TP -\fBwpa_passphrase\fR -a utility needed to construct -\fIwpa_supplicant.conf\fR files that include -encrypted passwords. -.SH "QUICK START" -.PP -First, make a configuration file, e.g. -\fI/etc/wpa_supplicant.conf\fR, that describes the networks -you are interested in. See \fBwpa_supplicant.conf\fR(5) -for details. -.PP -Once the configuration is ready, you can test whether the -configuration works by running \fBwpa_supplicant\fR -with following command to start it on foreground with debugging -enabled: -.sp -.RS - -.nf -wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -d - -.fi -.RE -.PP -Assuming everything goes fine, you can start using following -command to start \fBwpa_supplicant\fR on background -without debugging: -.sp -.RS - -.nf -wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -B - -.fi -.RE -.PP -Please note that if you included more than one driver -interface in the build time configuration (.config), you may need -to specify which interface to use by including -D<driver -name> option on the command line. -.SH "INTERFACE TO PCMCIA-CS/CARDMRG" -.PP -For example, following small changes to pcmcia-cs scripts -can be used to enable WPA support: -.PP -Add MODE="Managed" and WPA="y" to the network scheme in -\fI/etc/pcmcia/wireless.opts\fR\&. -.PP -Add the following block to the end of 'start' action handler -in \fI/etc/pcmcia/wireless\fR: -.sp -.RS - -.nf -if [ "$WPA" = "y" -a -x /usr/local/bin/wpa_supplicant ]; then - /usr/local/bin/wpa_supplicant -Bw -c/etc/wpa_supplicant.conf -i$DEVICE -fi - -.fi -.RE -.PP -Add the following block to the end of 'stop' action handler -(may need to be separated from other actions) in -\fI/etc/pcmcia/wireless\fR: -.sp -.RS - -.nf -if [ "$WPA" = "y" -a -x /usr/local/bin/wpa_supplicant ]; then - killall wpa_supplicant -fi - -.fi -.RE -.PP -This will make \fBcardmgr\fR start -\fBwpa_supplicant\fR when the card is plugged -in. \fBwpa_supplicant\fR will wait until the -interface is set up--either when a static IP address is configured -or when DHCP client is started--and will then negotiate keys with -the AP. -.SH "SEE ALSO" -.PP -\fBwpa_background\fR(8) -\fBwpa_supplicant.conf\fR(5) -\fBwpa_cli\fR(8) -\fBwpa_passphrase\fR(8) -.SH "LEGAL" -.PP -wpa_supplicant is copyright (c) 2003-2005, -Jouni Malinen <j@w1.fi> and -contributors. -All Rights Reserved. -.PP -This program is dual-licensed under both the GPL version 2 -and BSD license. Either license may be used at your option. diff --git a/doc/docbook/wpa_supplicant.conf.5 b/doc/docbook/wpa_supplicant.conf.5 deleted file mode 100644 index efe17cc..0000000 --- a/doc/docbook/wpa_supplicant.conf.5 +++ /dev/null @@ -1,230 +0,0 @@ -.\" This manpage has been automatically generated by docbook2man -.\" from a DocBook document. This tool can be found at: -.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> -.\" Please send any bug reports, improvements, comments, patches, -.\" etc. to Steve Cheng <steve@ggi-project.org>. -.TH "WPA_SUPPLICANT.CONF" "5" "19 February 2008" "" "" - -.SH NAME -wpa_supplicant.conf \- configuration file for wpa_supplicant -.SH "OVERVIEW" -.PP -\fBwpa_supplicant\fR is configured using a text -file that lists all accepted networks and security policies, -including pre-shared keys. See the example configuration file, -probably in \fB/usr/share/doc/wpa_supplicant/\fR, for -detailed information about the configuration format and supported -fields. -.PP -All file paths in this configuration file should use full -(absolute, not relative to working directory) path in order to allow -working directory to be changed. This can happen if wpa_supplicant is -run in the background. -.PP -Changes to configuration file can be reloaded be sending -SIGHUP signal to \fBwpa_supplicant\fR ('killall -HUP -wpa_supplicant'). Similarly, reloading can be triggered with -the 'wpa_cli reconfigure' command. -.PP -Configuration file can include one or more network blocks, -e.g., one for each used SSID. wpa_supplicant will automatically -select the best network based on the order of network blocks in -the configuration file, network security level (WPA/WPA2 is -preferred), and signal strength. -.SH "QUICK EXAMPLES" -.TP 3 -1. -WPA-Personal (PSK) as home network and WPA-Enterprise with -EAP-TLS as work network. -.sp -.RS - -.nf -# allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -# -# home network; allow all valid ciphers -network={ - ssid="home" - scan_ssid=1 - key_mgmt=WPA-PSK - psk="very secret passphrase" -} -# -# work network; use EAP-TLS with WPA; allow only CCMP and TKIP ciphers -network={ - ssid="work" - scan_ssid=1 - key_mgmt=WPA-EAP - pairwise=CCMP TKIP - group=CCMP TKIP - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" -} -.fi -.RE -.TP 3 -2. -WPA-RADIUS/EAP-PEAP/MSCHAPv2 with RADIUS servers that -use old peaplabel (e.g., Funk Odyssey and SBR, Meetinghouse -Aegis, Interlink RAD-Series) -.sp -.RS - -.nf -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP - eap=PEAP - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase1="peaplabel=0" - phase2="auth=MSCHAPV2" -} -.fi -.RE -.TP 3 -3. -EAP-TTLS/EAP-MD5-Challenge configuration with anonymous -identity for the unencrypted use. Real identity is sent only -within an encrypted TLS tunnel. -.sp -.RS - -.nf -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase2="auth=MD5" -} -.fi -.RE -.TP 3 -4. -IEEE 802.1X (i.e., no WPA) with dynamic WEP keys -(require both unicast and broadcast); use EAP-TLS for -authentication -.sp -.RS - -.nf -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="1x-test" - scan_ssid=1 - key_mgmt=IEEE8021X - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - eapol_flags=3 -} -.fi -.RE -.TP 3 -5. -Catch all example that allows more or less all -configuration modes. The configuration options are used based -on what security policy is used in the selected SSID. This is -mostly for testing and is not recommended for normal -use. -.sp -.RS - -.nf -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk="very secret passphrase" - eap=TTLS PEAP TLS - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - phase1="peaplabel=0" - ca_cert2="/etc/cert/ca2.pem" - client_cert2="/etc/cer/user.pem" - private_key2="/etc/cer/user.prv" - private_key2_passwd="password" -} -.fi -.RE -.TP 3 -6. -Authentication for wired Ethernet. This can be used with -'wired' interface (-Dwired on command line). -.sp -.RS - -.nf -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -ap_scan=0 -network={ - key_mgmt=IEEE8021X - eap=MD5 - identity="user" - password="password" - eapol_flags=0 -} -.fi -.RE -.SH "CERTIFICATES" -.PP -Some EAP authentication methods require use of -certificates. EAP-TLS uses both server side and client -certificates whereas EAP-PEAP and EAP-TTLS only require the server -side certificate. When client certificate is used, a matching -private key file has to also be included in configuration. If the -private key uses a passphrase, this has to be configured in -wpa_supplicant.conf ("private_key_passwd"). -.PP -wpa_supplicant supports X.509 certificates in PEM and DER -formats. User certificate and private key can be included in the -same file. -.PP -If the user certificate and private key is received in -PKCS#12/PFX format, they need to be converted to suitable PEM/DER -format for wpa_supplicant. This can be done, e.g., with following -commands: -.sp -.RS - -.nf -# convert client certificate and private key to PEM format -openssl pkcs12 -in example.pfx -out user.pem -clcerts -# convert CA certificate (if included in PFX file) to PEM format -openssl pkcs12 -in example.pfx -out ca.pem -cacerts -nokeys -.fi -.RE -.SH "SEE ALSO" -.PP -\fBwpa_supplicant\fR(8) -\fBopenssl\fR(1) diff --git a/doc/docbook/wpa_supplicant.conf.sgml b/doc/docbook/wpa_supplicant.conf.sgml deleted file mode 100644 index 082509c..0000000 --- a/doc/docbook/wpa_supplicant.conf.sgml +++ /dev/null @@ -1,244 +0,0 @@ -<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> -<refentry> - <refmeta> - <refentrytitle>wpa_supplicant.conf</refentrytitle> - <manvolnum>5</manvolnum> - </refmeta> - <refnamediv> - <refname>wpa_supplicant.conf</refname> - <refpurpose>configuration file for wpa_supplicant</refpurpose> - </refnamediv> - <refsect1> - <title>Overview</title> - - <para><command>wpa_supplicant</command> is configured using a text - file that lists all accepted networks and security policies, - including pre-shared keys. See the example configuration file, - probably in <command>/usr/share/doc/wpa_supplicant/</command>, for - detailed information about the configuration format and supported - fields.</para> - - <para>All file paths in this configuration file should use full - (absolute, not relative to working directory) path in order to allow - working directory to be changed. This can happen if wpa_supplicant is - run in the background.</para> - - <para>Changes to configuration file can be reloaded be sending - SIGHUP signal to <command>wpa_supplicant</command> ('killall -HUP - wpa_supplicant'). Similarly, reloading can be triggered with - the 'wpa_cli reconfigure' command.</para> - - <para>Configuration file can include one or more network blocks, - e.g., one for each used SSID. wpa_supplicant will automatically - select the best network based on the order of network blocks in - the configuration file, network security level (WPA/WPA2 is - preferred), and signal strength.</para> - </refsect1> - - <refsect1> - <title>Quick Examples</title> - - <orderedlist> - <listitem> - - <para>WPA-Personal (PSK) as home network and WPA-Enterprise with - EAP-TLS as work network.</para> - -<blockquote><programlisting> -# allow frontend (e.g., wpa_cli) to be used by all users in 'wheel' group -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -# -# home network; allow all valid ciphers -network={ - ssid="home" - scan_ssid=1 - key_mgmt=WPA-PSK - psk="very secret passphrase" -} -# -# work network; use EAP-TLS with WPA; allow only CCMP and TKIP ciphers -network={ - ssid="work" - scan_ssid=1 - key_mgmt=WPA-EAP - pairwise=CCMP TKIP - group=CCMP TKIP - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" -} -</programlisting></blockquote> - </listitem> - - <listitem> - <para>WPA-RADIUS/EAP-PEAP/MSCHAPv2 with RADIUS servers that - use old peaplabel (e.g., Funk Odyssey and SBR, Meetinghouse - Aegis, Interlink RAD-Series)</para> - -<blockquote><programlisting> -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP - eap=PEAP - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase1="peaplabel=0" - phase2="auth=MSCHAPV2" -} -</programlisting></blockquote> - </listitem> - - <listitem> - <para>EAP-TTLS/EAP-MD5-Challenge configuration with anonymous - identity for the unencrypted use. Real identity is sent only - within an encrypted TLS tunnel.</para> - - -<blockquote><programlisting> -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase2="auth=MD5" -} -</programlisting></blockquote> - - </listitem> - - <listitem> - <para>IEEE 802.1X (i.e., no WPA) with dynamic WEP keys - (require both unicast and broadcast); use EAP-TLS for - authentication</para> - -<blockquote><programlisting> -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="1x-test" - scan_ssid=1 - key_mgmt=IEEE8021X - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - eapol_flags=3 -} -</programlisting></blockquote> - </listitem> - - - <listitem> - <para>Catch all example that allows more or less all - configuration modes. The configuration options are used based - on what security policy is used in the selected SSID. This is - mostly for testing and is not recommended for normal - use.</para> - -<blockquote><programlisting> -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk="very secret passphrase" - eap=TTLS PEAP TLS - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - phase1="peaplabel=0" - ca_cert2="/etc/cert/ca2.pem" - client_cert2="/etc/cer/user.pem" - private_key2="/etc/cer/user.prv" - private_key2_passwd="password" -} -</programlisting></blockquote> - </listitem> - - <listitem> - <para>Authentication for wired Ethernet. This can be used with - 'wired' interface (-Dwired on command line).</para> - -<blockquote><programlisting> -ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel -ap_scan=0 -network={ - key_mgmt=IEEE8021X - eap=MD5 - identity="user" - password="password" - eapol_flags=0 -} -</programlisting></blockquote> - </listitem> - </orderedlist> - - - - - - </refsect1> - <refsect1> - <title>Certificates</title> - - <para>Some EAP authentication methods require use of - certificates. EAP-TLS uses both server side and client - certificates whereas EAP-PEAP and EAP-TTLS only require the server - side certificate. When client certificate is used, a matching - private key file has to also be included in configuration. If the - private key uses a passphrase, this has to be configured in - wpa_supplicant.conf ("private_key_passwd").</para> - - <para>wpa_supplicant supports X.509 certificates in PEM and DER - formats. User certificate and private key can be included in the - same file.</para> - - <para>If the user certificate and private key is received in - PKCS#12/PFX format, they need to be converted to suitable PEM/DER - format for wpa_supplicant. This can be done, e.g., with following - commands:</para> -<blockquote><programlisting> -# convert client certificate and private key to PEM format -openssl pkcs12 -in example.pfx -out user.pem -clcerts -# convert CA certificate (if included in PFX file) to PEM format -openssl pkcs12 -in example.pfx -out ca.pem -cacerts -nokeys -</programlisting></blockquote> - </refsect1> - - <refsect1> - <title>See Also</title> - <para> - <citerefentry> - <refentrytitle>wpa_supplicant</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry> - <citerefentry> - <refentrytitle>openssl</refentrytitle> - <manvolnum>1</manvolnum> - </citerefentry> - </para> - </refsect1> -</refentry> diff --git a/doc/docbook/wpa_supplicant.sgml b/doc/docbook/wpa_supplicant.sgml deleted file mode 100644 index b46d13c..0000000 --- a/doc/docbook/wpa_supplicant.sgml +++ /dev/null @@ -1,791 +0,0 @@ -<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> - -<refentry> - <refmeta> - <refentrytitle>wpa_supplicant</refentrytitle> - <manvolnum>8</manvolnum> - </refmeta> - <refnamediv> - <refname>wpa_supplicant</refname> - <refpurpose>Wi-Fi Protected Access client and IEEE 802.1X supplicant</refpurpose> - </refnamediv> - <refsynopsisdiv> - <cmdsynopsis> - <command>wpa_supplicant</command> - <arg>-BddfhKLqqtuvwW</arg> - <arg>-i<replaceable>ifname</replaceable></arg> - <arg>-c<replaceable>config file</replaceable></arg> - <arg>-D<replaceable>driver</replaceable></arg> - <arg>-P<replaceable>PID_file</replaceable></arg> - <arg>-f<replaceable>output file</replaceable></arg> - </cmdsynopsis> - </refsynopsisdiv> - <refsect1> - <title>Overview</title> - - <para> - Wireless networks do not require physical access to the network equipment - in the same way as wired networks. This makes it easier for unauthorized - users to passively monitor a network and capture all transmitted frames. - In addition, unauthorized use of the network is much easier. In many cases, - this can happen even without user's explicit knowledge since the wireless - LAN adapter may have been configured to automatically join any available - network. - </para> - - <para> - Link-layer encryption can be used to provide a layer of security for - wireless networks. The original wireless LAN standard, IEEE 802.11, - included a simple encryption mechanism, WEP. However, that proved to - be flawed in many areas and network protected with WEP cannot be consider - secure. IEEE 802.1X authentication and frequently changed dynamic WEP keys - can be used to improve the network security, but even that has inherited - security issues due to the use of WEP for encryption. Wi-Fi Protected - Access and IEEE 802.11i amendment to the wireless LAN standard introduce - a much improvement mechanism for securing wireless networks. IEEE 802.11i - enabled networks that are using CCMP (encryption mechanism based on strong - cryptographic algorithm AES) can finally be called secure used for - applications which require efficient protection against unauthorized - access. - </para> - - <para><command>wpa_supplicant</command> is an implementation of - the WPA Supplicant component, i.e., the part that runs in the - client stations. It implements WPA key negotiation with a WPA - Authenticator and EAP authentication with Authentication - Server. In addition, it controls the roaming and IEEE 802.11 - authentication/association of the wireless LAN driver.</para> - - <para><command>wpa_supplicant</command> is designed to be a - "daemon" program that runs in the background and acts as the - backend component controlling the wireless - connection. <command>wpa_supplicant</command> supports separate - frontend programs and an example text-based frontend, - <command>wpa_cli</command>, is included with - wpa_supplicant.</para> - - <para>Before wpa_supplicant can do its work, the network interface - must be available. That means that the physical device must be - present and enabled, and the driver for the device must have be - loaded. Note, however, that the '-w' option of the wpa_supplicant - daemon instructs the daemon to continue running and to wait for - the interface to become available. Without the '-w' option, the - daemon will exit immediately if the device is not already - available.</para> - - <para>After <command>wpa_supplicant</command> has configured the - network device, higher level configuration such as DHCP may - proceed. There are a variety of ways to integrate wpa_supplicant - into a machine's networking scripts, a few of which are described - in sections below.</para> - - <para>The following steps are used when associating with an AP - using WPA:</para> - - <itemizedlist> - <listitem> - <para><command>wpa_supplicant</command> requests the kernel - driver to scan neighboring BSSes</para> - </listitem> - - <listitem> - <para><command>wpa_supplicant</command> selects a BSS based on - its configuration</para> - </listitem> - - <listitem> - <para><command>wpa_supplicant</command> requests the kernel - driver to associate with the chosen BSS</para> - </listitem> - - <listitem> - <para>If WPA-EAP: integrated IEEE 802.1X Supplicant or - external Xsupplicant completes EAP authentication with the - authentication server (proxied by the Authenticator in the - AP)</para> - </listitem> - - <listitem> - <para>If WPA-EAP: master key is received from the IEEE 802.1X - Supplicant</para> - </listitem> - - <listitem> - <para>If WPA-PSK: <command>wpa_supplicant</command> uses PSK - as the master session key</para> - </listitem> - - <listitem> - <para><command>wpa_supplicant</command> completes WPA 4-Way - Handshake and Group Key Handshake with the Authenticator - (AP)</para> - </listitem> - - <listitem> - <para><command>wpa_supplicant</command> configures encryption - keys for unicast and broadcast</para> - </listitem> - - <listitem> - <para>normal data packets can be transmitted and received</para> - </listitem> - </itemizedlist> - </refsect1> - - <refsect1> - <title>Supported Features</title> - <para>Supported WPA/IEEE 802.11i features:</para> - <itemizedlist> - <listitem> - <para>WPA-PSK ("WPA-Personal")</para> - </listitem> - - <listitem> - <para>WPA with EAP (e.g., with RADIUS authentication server) - ("WPA-Enterprise") Following authentication methods are - supported with an integrate IEEE 802.1X Supplicant:</para> - - <itemizedlist> - <listitem> - <para>EAP-TLS</para> - </listitem> - </itemizedlist> - - <itemizedlist> - <listitem> - <para>EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)</para> - </listitem> - - - <listitem> - <para>EAP-PEAP/TLS (both PEAPv0 and PEAPv1)</para> - </listitem> - - <listitem> - <para>EAP-PEAP/GTC (both PEAPv0 and PEAPv1)</para> - </listitem> - - <listitem> - <para>EAP-PEAP/OTP (both PEAPv0 and PEAPv1)</para> - </listitem> - - <listitem> - <para>EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)</para> - </listitem> - - <listitem> - <para>EAP-TTLS/EAP-MD5-Challenge</para> - </listitem> - - <listitem> - <para>EAP-TTLS/EAP-GTC</para> - </listitem> - - <listitem><para>EAP-TTLS/EAP-OTP</para></listitem> - - <listitem><para>EAP-TTLS/EAP-MSCHAPv2</para></listitem> - - <listitem><para>EAP-TTLS/EAP-TLS</para></listitem> - - <listitem><para>EAP-TTLS/MSCHAPv2</para></listitem> - - <listitem><para>EAP-TTLS/MSCHAP</para></listitem> - - <listitem><para>EAP-TTLS/PAP</para></listitem> - - <listitem><para>EAP-TTLS/CHAP</para></listitem> - - <listitem><para>EAP-SIM</para></listitem> - - <listitem><para>EAP-AKA</para></listitem> - - <listitem><para>EAP-PSK</para></listitem> - - <listitem><para>EAP-PAX</para></listitem> - - <listitem><para>LEAP (note: requires special support from - the driver for IEEE 802.11 authentication)</para></listitem> - - <listitem><para>(following methods are supported, but since - they do not generate keying material, they cannot be used - with WPA or IEEE 802.1X WEP keying)</para></listitem> - - <listitem><para>EAP-MD5-Challenge </para></listitem> - - <listitem><para>EAP-MSCHAPv2</para></listitem> - - <listitem><para>EAP-GTC</para></listitem> - - <listitem><para>EAP-OTP</para></listitem> - </itemizedlist> - </listitem> - - <listitem> - <para>key management for CCMP, TKIP, WEP104, WEP40</para> - </listitem> - - <listitem> - <para>RSN/WPA2 (IEEE 802.11i)</para> - <itemizedlist> - <listitem> - <para>pre-authentication</para> - </listitem> - - <listitem> - <para>PMKSA caching</para> - </listitem> - </itemizedlist> - </listitem> - </itemizedlist> - </refsect1> - - <refsect1> - <title>Available Drivers</title> - <para>The available drivers to specify with the -D option are:</para> - - <variablelist> - <varlistentry> - <term>hostap</term> - <listitem> - <para>(default) Host AP driver (Intersil Prism2/2.5/3). - (this can also be used with Linuxant DriverLoader).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>hermes</term> - <listitem> - <para>Agere Systems Inc. driver (Hermes-I/Hermes-II).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>madwifi</term> - <listitem> - <para>MADWIFI 802.11 support (Atheros, etc.).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>atmel</term> - <listitem> - <para>ATMEL AT76C5XXx (USB, PCMCIA).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>wext</term> - <listitem> - <para>Linux wireless extensions (generic).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>ndiswrapper</term> - <listitem> - <para>Linux ndiswrapper.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>broadcom</term> - <listitem> - <para>Broadcom wl.o driver.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>ipw</term> - <listitem> - <para>Intel ipw2100/2200 driver.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>wired</term> - <listitem> - <para>wpa_supplicant wired Ethernet driver</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>bsd</term> - <listitem> - <para>BSD 802.11 support (Atheros, etc.).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>ndis</term> - <listitem> - <para>Windows NDIS driver.</para> - </listitem> - </varlistentry> - </variablelist> - </refsect1> - - <refsect1> - <title>Command Line Options</title> - <variablelist> - <varlistentry> - <term>-B</term> - <listitem> - <para>Run daemon in the background.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-i ifname</term> - <listitem> - <para>Interface to listen on.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-c filename</term> - <listitem> - <para>Path to configuration file.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-P PID_file</term> - <listitem> - <para>Path to PID file.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-C ctrl_interface</term> - <listitem> - <para>Path to ctrl_interface socket (only used if -c is not).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-g global ctrl_interface</term> - <listitem> - <para>Path to global ctrl_interface socket.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-D driver</term> - <listitem> - <para>Driver to use. See the available options below.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-f output file</term> - <listitem> - <para>Log output to specified file instead of stdout.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-d</term> - <listitem> - <para>Increase debugging verbosity (-dd even more).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-K</term> - <listitem> - <para>Include keys (passwords, etc.) in debug output.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-t</term> - <listitem> - <para>Include timestamp in debug messages.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-e</term> - <listitem> - <para>Use external IEEE 802.1X Supplicant (e.g., - <command>xsupplicant</command>) (this disables the internal - Supplicant).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-h</term> - <listitem> - <para>Help. Show a usage message.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-L</term> - <listitem> - <para>Show license (GPL and BSD).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-q</term> - <listitem> - <para>Decrease debugging verbosity (-qq even less).</para> - </listitem> - </varlistentry> - <varlistentry> - <term>-v</term> - <listitem> - <para>Show version.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-w</term> - <listitem> - <para>wait for interface to be added, if needed. normally, - <command>wpa_supplicant</command> will exit if the interface - is not there yet.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>-N</term> - <listitem> - <para>Start describing new interface.</para> - </listitem> - </varlistentry> - </variablelist> - </refsect1> - - <refsect1> - <title>Examples</title> - - <para>In most common cases, <command>wpa_supplicant</command> is - started with:</para> - -<blockquote><programlisting> -wpa_supplicant -Bw -c/etc/wpa_supplicant.conf -iwlan0 -</programlisting></blockquote> - - <para>This makes the process fork into background and wait for the wlan0 - interface if it is not available at startup time.</para> - - <para>The easiest way to debug problems, and to get debug log for - bug reports, is to start <command>wpa_supplicant</command> on - foreground with debugging enabled:</para> - -<blockquote><programlisting> -wpa_supplicant -c/etc/wpa_supplicant.conf -iwlan0 -d -</programlisting></blockquote> - - <para><command>wpa_supplicant</command> can control multiple - interfaces (radios) either by running one process for each - interface separately or by running just one process and list of - options at command line. Each interface is separated with -N - argument. As an example, following command would start - wpa_supplicant for two interfaces:</para> - -<blockquote><programlisting> -wpa_supplicant \ - -c wpa1.conf -i wlan0 -D hostap -N \ - -c wpa2.conf -i ath0 -D madwifi -</programlisting></blockquote> - </refsect1> - - <refsect1> - <title>OS Requirements</title> - <para>Current hardware/software requirements:</para> - - <itemizedlist> - <listitem> - <para>Linux kernel 2.4.x or 2.6.x with Linux Wireless - Extensions v15 or newer</para> - </listitem> - - - <listitem> - <para>FreeBSD 6-CURRENT</para> - </listitem> - - <listitem> - <para>Microsoft Windows with WinPcap (at least WinXP, may work - with other versions)</para> - </listitem> - </itemizedlist> - </refsect1> - - <refsect1> - <title>Supported Drivers</title> - <variablelist> - <varlistentry> - <term>Host AP driver for Prism2/2.5/3 (development - snapshot/v0.2.x)</term> - <listitem> - <para> (http://hostap.epitest.fi/) Driver needs to be set in - Managed mode ('iwconfig wlan0 mode managed'). Please note - that station firmware version needs to be 1.7.0 or newer to - work in WPA mode.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Linuxant DriverLoader</term> - <listitem> - <para>(http://www.linuxant.com/driverloader/) - with Windows NDIS driver for your wlan card supporting WPA.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Agere Systems Inc. Linux Driver</term> - <listitem> - <para> (http://www.agere.com/support/drivers/) Please note - that the driver interface file (driver_hermes.c) and hardware - specific include files are not included in the wpa_supplicant - distribution. You will need to copy these from the source - package of the Agere driver.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>madwifi driver for cards based on Atheros chip set (ar521x)</term> - <listitem> - <para> (http://sourceforge.net/projects/madwifi/) Please - note that you will need to modify the wpa_supplicant .config - file to use the correct path for the madwifi driver root - directory (CFLAGS += -I../madwifi/wpa line in example - defconfig).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>ATMEL AT76C5XXx driver for USB and PCMCIA cards</term> - <listitem> - <para> (http://atmelwlandriver.sourceforge.net/).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Linux ndiswrapper</term> - <listitem> - <para> (http://ndiswrapper.sourceforge.net/) with Windows - NDIS driver.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Broadcom wl.o driver</term> - <listitem> - <para> This is a generic Linux driver for Broadcom IEEE - 802.11a/g cards. However, it is proprietary driver that is - not publicly available except for couple of exceptions, mainly - Broadcom-based APs/wireless routers that use Linux. The driver - binary can be downloaded, e.g., from Linksys support site - (http://www.linksys.com/support/gpl.asp) for Linksys - WRT54G. The GPL tarball includes cross-compiler and the needed - header file, wlioctl.h, for compiling wpa_supplicant. This - driver support in wpa_supplicant is expected to work also with - other devices based on Broadcom driver (assuming the driver - includes client mode support).</para> - </listitem> - </varlistentry> - - <varlistentry> - <term> Intel ipw2100 driver</term> - <listitem> - <para> (http://sourceforge.net/projects/ipw2100/)</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Intel ipw2200 driver</term> - <listitem> - <para> (http://sourceforge.net/projects/ipw2200/)</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Linux wireless extensions</term> - <listitem> - <para>In theory, any driver that supports Linux wireless - extensions can be used with IEEE 802.1X (i.e., not WPA) when - using ap_scan=0 option in configuration file.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Wired Ethernet drivers</term> - <listitem> - <para>Use ap_scan=0.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>BSD net80211 layer (e.g., Atheros driver)</term> - <listitem> - <para>At the moment, this is for FreeBSD 6-CURRENT branch.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>Windows NDIS</term> - <listitem> - <para>The current Windows port requires WinPcap - (http://winpcap.polito.it/). See README-Windows.txt for more - information.</para> - </listitem> - </varlistentry> - </variablelist> - - - <para>wpa_supplicant was designed to be portable for different - drivers and operating systems. Hopefully, support for more wlan - cards and OSes will be added in the future. See developer.txt for - more information about the design of wpa_supplicant and porting to - other drivers. One main goal is to add full WPA/WPA2 support to - Linux wireless extensions to allow new drivers to be supported - without having to implement new driver-specific interface code in - wpa_supplicant.</para> - </refsect1> - - <refsect1> - <title>Architecture</title> <para>The - <command>wpa_supplicant</command> system consists of the following - components:</para> - - <variablelist> - <varlistentry> - <term><filename>wpa_supplicant.conf</filename> </term> - <listitem> - <para>the configuration file describing all networks that the - user wants the computer to connect to. </para> - </listitem> - </varlistentry> - <varlistentry> - <term><command>wpa_supplicant</command></term> - <listitem><para>the program that directly interacts with the - network interface. </para></listitem> - </varlistentry> - <varlistentry> - <term><command>wpa_cli</command></term> <listitem><para> the - client program that provides a high-level interface to the - functionality of the daemon. </para></listitem> - </varlistentry> - <varlistentry> - <term><command>wpa_passphrase</command></term> - <listitem><para>a utility needed to construct - <filename>wpa_supplicant.conf</filename> files that include - encrypted passwords.</para></listitem> - </varlistentry> - </variablelist> - </refsect1> - - <refsect1> - <title>Quick Start</title> - - <para>First, make a configuration file, e.g. - <filename>/etc/wpa_supplicant.conf</filename>, that describes the networks - you are interested in. See <citerefentry> - <refentrytitle>wpa_supplicant.conf</refentrytitle> - <manvolnum>5</manvolnum> - </citerefentry> - for details.</para> - - <para>Once the configuration is ready, you can test whether the - configuration works by running <command>wpa_supplicant</command> - with following command to start it on foreground with debugging - enabled:</para> - - <blockquote><programlisting> -wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -d - </programlisting></blockquote> - - <para>Assuming everything goes fine, you can start using following - command to start <command>wpa_supplicant</command> on background - without debugging:</para> - - <blockquote><programlisting> -wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -B - </programlisting></blockquote> - - <para>Please note that if you included more than one driver - interface in the build time configuration (.config), you may need - to specify which interface to use by including -D<driver - name> option on the command line.</para> - - <!-- XXX at this point, the page could include a little script - based on wpa_cli to wait for a connection and then run - dhclient --> - - </refsect1> - - <refsect1> - <title>Interface to pcmcia-cs/cardmrg</title> - - <para>For example, following small changes to pcmcia-cs scripts - can be used to enable WPA support:</para> - - <para>Add MODE="Managed" and WPA="y" to the network scheme in - <filename>/etc/pcmcia/wireless.opts</filename>.</para> - - <para>Add the following block to the end of 'start' action handler - in <filename>/etc/pcmcia/wireless</filename>:</para> - - <blockquote><programlisting> -if [ "$WPA" = "y" -a -x /usr/local/bin/wpa_supplicant ]; then - /usr/local/bin/wpa_supplicant -Bw -c/etc/wpa_supplicant.conf -i$DEVICE -fi - </programlisting></blockquote> - - - <para>Add the following block to the end of 'stop' action handler - (may need to be separated from other actions) in - <filename>/etc/pcmcia/wireless</filename>:</para> - - <blockquote><programlisting> -if [ "$WPA" = "y" -a -x /usr/local/bin/wpa_supplicant ]; then - killall wpa_supplicant -fi - </programlisting></blockquote> - - <para>This will make <command>cardmgr</command> start - <command>wpa_supplicant</command> when the card is plugged - in. <command>wpa_supplicant</command> will wait until the - interface is set up--either when a static IP address is configured - or when DHCP client is started--and will then negotiate keys with - the AP.</para> - </refsect1> - - <refsect1> - <title>See Also</title> - <para> - <citerefentry> - <refentrytitle>wpa_background</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry> - <citerefentry> - <refentrytitle>wpa_supplicant.conf</refentrytitle> - <manvolnum>5</manvolnum> - </citerefentry> - <citerefentry> - <refentrytitle>wpa_cli</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry> - <citerefentry> - <refentrytitle>wpa_passphrase</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry> - </para> - </refsect1> - <refsect1> - <title>Legal</title> - <para>wpa_supplicant is copyright (c) 2003-2005, - Jouni Malinen <email>j@w1.fi</email> and - contributors. - All Rights Reserved.</para> - - <para>This program is dual-licensed under both the GPL version 2 - and BSD license. Either license may be used at your option.</para> - </refsect1> -</refentry> diff --git a/doc/doxygen.fast b/doc/doxygen.fast deleted file mode 100644 index 597fd37..0000000 --- a/doc/doxygen.fast +++ /dev/null @@ -1,243 +0,0 @@ -# Doxyfile 1.4.1 - -#--------------------------------------------------------------------------- -# Project related configuration options -#--------------------------------------------------------------------------- -PROJECT_NAME = wpa_supplicant -PROJECT_NUMBER = 0.5.x -OUTPUT_DIRECTORY = doc -CREATE_SUBDIRS = NO -OUTPUT_LANGUAGE = English -USE_WINDOWS_ENCODING = NO -BRIEF_MEMBER_DESC = YES -REPEAT_BRIEF = YES -ABBREVIATE_BRIEF = "The $name class" \ - "The $name widget" \ - "The $name file" \ - is \ - provides \ - specifies \ - contains \ - represents \ - a \ - an \ - the -ALWAYS_DETAILED_SEC = NO -INLINE_INHERITED_MEMB = NO -FULL_PATH_NAMES = YES -STRIP_FROM_PATH = -STRIP_FROM_INC_PATH = -SHORT_NAMES = NO -JAVADOC_AUTOBRIEF = NO -MULTILINE_CPP_IS_BRIEF = NO -DETAILS_AT_TOP = NO -INHERIT_DOCS = YES -DISTRIBUTE_GROUP_DOC = NO -TAB_SIZE = 8 -ALIASES = -OPTIMIZE_OUTPUT_FOR_C = YES -OPTIMIZE_OUTPUT_JAVA = NO -SUBGROUPING = YES -#--------------------------------------------------------------------------- -# Build related configuration options -#--------------------------------------------------------------------------- -EXTRACT_ALL = NO -EXTRACT_PRIVATE = NO -EXTRACT_STATIC = NO -EXTRACT_LOCAL_CLASSES = YES -EXTRACT_LOCAL_METHODS = NO -HIDE_UNDOC_MEMBERS = NO -HIDE_UNDOC_CLASSES = NO -HIDE_FRIEND_COMPOUNDS = NO -HIDE_IN_BODY_DOCS = NO -INTERNAL_DOCS = NO -CASE_SENSE_NAMES = YES -HIDE_SCOPE_NAMES = NO -SHOW_INCLUDE_FILES = YES -INLINE_INFO = YES -SORT_MEMBER_DOCS = YES -SORT_BRIEF_DOCS = NO -SORT_BY_SCOPE_NAME = NO -GENERATE_TODOLIST = YES -GENERATE_TESTLIST = YES -GENERATE_BUGLIST = YES -GENERATE_DEPRECATEDLIST= YES -ENABLED_SECTIONS = -MAX_INITIALIZER_LINES = 30 -SHOW_USED_FILES = YES -SHOW_DIRECTORIES = NO -FILE_VERSION_FILTER = -#--------------------------------------------------------------------------- -# configuration options related to warning and progress messages -#--------------------------------------------------------------------------- -QUIET = NO -WARNINGS = YES -WARN_IF_UNDOCUMENTED = YES -WARN_IF_DOC_ERROR = YES -WARN_NO_PARAMDOC = YES -WARN_FORMAT = "$file:$line: $text" -WARN_LOGFILE = -#--------------------------------------------------------------------------- -# configuration options related to the input files -#--------------------------------------------------------------------------- -INPUT = . \ - ../hostapd/aes.c \ - ../hostapd/rc4.c \ - ../hostapd/rc4.h \ - ../hostapd/md5.c \ - ../hostapd/md5.h \ - ../hostapd/sha1.c \ - ../hostapd/sha1.h \ - ../hostapd/common.c \ - ../hostapd/common.h \ - ../hostapd/eloop.c \ - ../hostapd/eloop.h \ - ../hostapd/aes_wrap.c \ - ../hostapd/aes_wrap.h -FILE_PATTERNS = *.c *.h *.doxygen -RECURSIVE = YES -EXCLUDE = -EXCLUDE_SYMLINKS = NO -EXCLUDE_PATTERNS = -EXAMPLE_PATH = -EXAMPLE_PATTERNS = * -EXAMPLE_RECURSIVE = NO -IMAGE_PATH = doc -INPUT_FILTER = kerneldoc2doxygen.pl -FILTER_PATTERNS = -FILTER_SOURCE_FILES = YES -#--------------------------------------------------------------------------- -# configuration options related to source browsing -#--------------------------------------------------------------------------- -SOURCE_BROWSER = YES -INLINE_SOURCES = NO -STRIP_CODE_COMMENTS = YES -REFERENCED_BY_RELATION = NO -REFERENCES_RELATION = NO -VERBATIM_HEADERS = NO -#--------------------------------------------------------------------------- -# configuration options related to the alphabetical class index -#--------------------------------------------------------------------------- -ALPHABETICAL_INDEX = YES -COLS_IN_ALPHA_INDEX = 3 -IGNORE_PREFIX = -#--------------------------------------------------------------------------- -# configuration options related to the HTML output -#--------------------------------------------------------------------------- -GENERATE_HTML = YES -HTML_OUTPUT = html -HTML_FILE_EXTENSION = .html -HTML_HEADER = -HTML_FOOTER = -HTML_STYLESHEET = -HTML_ALIGN_MEMBERS = YES -GENERATE_HTMLHELP = NO -CHM_FILE = -HHC_LOCATION = -GENERATE_CHI = NO -BINARY_TOC = NO -TOC_EXPAND = NO -DISABLE_INDEX = NO -ENUM_VALUES_PER_LINE = 4 -GENERATE_TREEVIEW = NO -TREEVIEW_WIDTH = 250 -#--------------------------------------------------------------------------- -# configuration options related to the LaTeX output -#--------------------------------------------------------------------------- -GENERATE_LATEX = NO -LATEX_OUTPUT = latex -LATEX_CMD_NAME = latex -MAKEINDEX_CMD_NAME = makeindex -COMPACT_LATEX = NO -PAPER_TYPE = a4wide -EXTRA_PACKAGES = -LATEX_HEADER = -PDF_HYPERLINKS = YES -USE_PDFLATEX = YES -LATEX_BATCHMODE = NO -LATEX_HIDE_INDICES = NO -#--------------------------------------------------------------------------- -# configuration options related to the RTF output -#--------------------------------------------------------------------------- -GENERATE_RTF = NO -RTF_OUTPUT = rtf -COMPACT_RTF = NO -RTF_HYPERLINKS = NO -RTF_STYLESHEET_FILE = -RTF_EXTENSIONS_FILE = -#--------------------------------------------------------------------------- -# configuration options related to the man page output -#--------------------------------------------------------------------------- -GENERATE_MAN = NO -MAN_OUTPUT = man -MAN_EXTENSION = .3 -MAN_LINKS = NO -#--------------------------------------------------------------------------- -# configuration options related to the XML output -#--------------------------------------------------------------------------- -GENERATE_XML = NO -XML_OUTPUT = xml -XML_SCHEMA = -XML_DTD = -XML_PROGRAMLISTING = YES -#--------------------------------------------------------------------------- -# configuration options for the AutoGen Definitions output -#--------------------------------------------------------------------------- -GENERATE_AUTOGEN_DEF = NO -#--------------------------------------------------------------------------- -# configuration options related to the Perl module output -#--------------------------------------------------------------------------- -GENERATE_PERLMOD = NO -PERLMOD_LATEX = NO -PERLMOD_PRETTY = YES -PERLMOD_MAKEVAR_PREFIX = -#--------------------------------------------------------------------------- -# Configuration options related to the preprocessor -#--------------------------------------------------------------------------- -ENABLE_PREPROCESSING = YES -MACRO_EXPANSION = NO -EXPAND_ONLY_PREDEF = NO -SEARCH_INCLUDES = YES -INCLUDE_PATH = -INCLUDE_FILE_PATTERNS = -PREDEFINED = IEEE8021X_EAPOL -EXPAND_AS_DEFINED = -SKIP_FUNCTION_MACROS = YES -#--------------------------------------------------------------------------- -# Configuration::additions related to external references -#--------------------------------------------------------------------------- -TAGFILES = -GENERATE_TAGFILE = -ALLEXTERNALS = NO -EXTERNAL_GROUPS = YES -PERL_PATH = /usr/bin/perl -#--------------------------------------------------------------------------- -# Configuration options related to the dot tool -#--------------------------------------------------------------------------- -CLASS_DIAGRAMS = NO -HIDE_UNDOC_RELATIONS = YES -HAVE_DOT = NO -CLASS_GRAPH = YES -COLLABORATION_GRAPH = YES -GROUP_GRAPHS = YES -UML_LOOK = NO -TEMPLATE_RELATIONS = NO -INCLUDE_GRAPH = YES -INCLUDED_BY_GRAPH = YES -CALL_GRAPH = YES -GRAPHICAL_HIERARCHY = YES -DIRECTORY_GRAPH = NO -DOT_IMAGE_FORMAT = png -DOT_PATH = -DOTFILE_DIRS = -MAX_DOT_GRAPH_WIDTH = 1024 -MAX_DOT_GRAPH_HEIGHT = 1024 -MAX_DOT_GRAPH_DEPTH = 1000 -DOT_TRANSPARENT = NO -DOT_MULTI_TARGETS = NO -GENERATE_LEGEND = YES -DOT_CLEANUP = YES -#--------------------------------------------------------------------------- -# Configuration::additions related to the search engine -#--------------------------------------------------------------------------- -SEARCHENGINE = NO diff --git a/doc/doxygen.full b/doc/doxygen.full deleted file mode 100644 index 9ed2ef8..0000000 --- a/doc/doxygen.full +++ /dev/null @@ -1,230 +0,0 @@ -# Doxyfile 1.4.1 - -#--------------------------------------------------------------------------- -# Project related configuration options -#--------------------------------------------------------------------------- -PROJECT_NAME = wpa_supplicant -PROJECT_NUMBER = 0.5.x -OUTPUT_DIRECTORY = doc -CREATE_SUBDIRS = NO -OUTPUT_LANGUAGE = English -USE_WINDOWS_ENCODING = NO -BRIEF_MEMBER_DESC = YES -REPEAT_BRIEF = YES -ABBREVIATE_BRIEF = "The $name class" \ - "The $name widget" \ - "The $name file" \ - is \ - provides \ - specifies \ - contains \ - represents \ - a \ - an \ - the -ALWAYS_DETAILED_SEC = NO -INLINE_INHERITED_MEMB = NO -FULL_PATH_NAMES = YES -STRIP_FROM_PATH = -STRIP_FROM_INC_PATH = -SHORT_NAMES = NO -JAVADOC_AUTOBRIEF = NO -MULTILINE_CPP_IS_BRIEF = NO -DETAILS_AT_TOP = NO -INHERIT_DOCS = YES -DISTRIBUTE_GROUP_DOC = NO -TAB_SIZE = 8 -ALIASES = -OPTIMIZE_OUTPUT_FOR_C = YES -OPTIMIZE_OUTPUT_JAVA = NO -SUBGROUPING = YES -#--------------------------------------------------------------------------- -# Build related configuration options -#--------------------------------------------------------------------------- -EXTRACT_ALL = NO -EXTRACT_PRIVATE = NO -EXTRACT_STATIC = NO -EXTRACT_LOCAL_CLASSES = YES -EXTRACT_LOCAL_METHODS = NO -HIDE_UNDOC_MEMBERS = NO -HIDE_UNDOC_CLASSES = NO -HIDE_FRIEND_COMPOUNDS = NO -HIDE_IN_BODY_DOCS = NO -INTERNAL_DOCS = NO -CASE_SENSE_NAMES = YES -HIDE_SCOPE_NAMES = NO -SHOW_INCLUDE_FILES = YES -INLINE_INFO = YES -SORT_MEMBER_DOCS = YES -SORT_BRIEF_DOCS = NO -SORT_BY_SCOPE_NAME = NO -GENERATE_TODOLIST = YES -GENERATE_TESTLIST = YES -GENERATE_BUGLIST = YES -GENERATE_DEPRECATEDLIST= YES -ENABLED_SECTIONS = -MAX_INITIALIZER_LINES = 30 -SHOW_USED_FILES = YES -SHOW_DIRECTORIES = NO -FILE_VERSION_FILTER = -#--------------------------------------------------------------------------- -# configuration options related to warning and progress messages -#--------------------------------------------------------------------------- -QUIET = NO -WARNINGS = YES -WARN_IF_UNDOCUMENTED = YES -WARN_IF_DOC_ERROR = YES -WARN_NO_PARAMDOC = YES -WARN_FORMAT = "$file:$line: $text" -WARN_LOGFILE = -#--------------------------------------------------------------------------- -# configuration options related to the input files -#--------------------------------------------------------------------------- -INPUT = . -FILE_PATTERNS = *.c *.h *.doxygen -RECURSIVE = YES -EXCLUDE = -EXCLUDE_SYMLINKS = NO -EXCLUDE_PATTERNS = -EXAMPLE_PATH = -EXAMPLE_PATTERNS = * -EXAMPLE_RECURSIVE = NO -IMAGE_PATH = doc -INPUT_FILTER = kerneldoc2doxygen.pl -FILTER_PATTERNS = -FILTER_SOURCE_FILES = YES -#--------------------------------------------------------------------------- -# configuration options related to source browsing -#--------------------------------------------------------------------------- -SOURCE_BROWSER = YES -INLINE_SOURCES = NO -STRIP_CODE_COMMENTS = YES -REFERENCED_BY_RELATION = NO -REFERENCES_RELATION = NO -VERBATIM_HEADERS = NO -#--------------------------------------------------------------------------- -# configuration options related to the alphabetical class index -#--------------------------------------------------------------------------- -ALPHABETICAL_INDEX = YES -COLS_IN_ALPHA_INDEX = 3 -IGNORE_PREFIX = -#--------------------------------------------------------------------------- -# configuration options related to the HTML output -#--------------------------------------------------------------------------- -GENERATE_HTML = YES -HTML_OUTPUT = html -HTML_FILE_EXTENSION = .html -HTML_HEADER = -HTML_FOOTER = -HTML_STYLESHEET = -HTML_ALIGN_MEMBERS = YES -GENERATE_HTMLHELP = NO -CHM_FILE = -HHC_LOCATION = -GENERATE_CHI = NO -BINARY_TOC = NO -TOC_EXPAND = NO -DISABLE_INDEX = NO -ENUM_VALUES_PER_LINE = 4 -GENERATE_TREEVIEW = NO -TREEVIEW_WIDTH = 250 -#--------------------------------------------------------------------------- -# configuration options related to the LaTeX output -#--------------------------------------------------------------------------- -GENERATE_LATEX = YES -LATEX_OUTPUT = latex -LATEX_CMD_NAME = latex -MAKEINDEX_CMD_NAME = makeindex -COMPACT_LATEX = NO -PAPER_TYPE = a4wide -EXTRA_PACKAGES = -LATEX_HEADER = -PDF_HYPERLINKS = YES -USE_PDFLATEX = YES -LATEX_BATCHMODE = NO -LATEX_HIDE_INDICES = NO -#--------------------------------------------------------------------------- -# configuration options related to the RTF output -#--------------------------------------------------------------------------- -GENERATE_RTF = NO -RTF_OUTPUT = rtf -COMPACT_RTF = NO -RTF_HYPERLINKS = NO -RTF_STYLESHEET_FILE = -RTF_EXTENSIONS_FILE = -#--------------------------------------------------------------------------- -# configuration options related to the man page output -#--------------------------------------------------------------------------- -GENERATE_MAN = NO -MAN_OUTPUT = man -MAN_EXTENSION = .3 -MAN_LINKS = NO -#--------------------------------------------------------------------------- -# configuration options related to the XML output -#--------------------------------------------------------------------------- -GENERATE_XML = NO -XML_OUTPUT = xml -XML_SCHEMA = -XML_DTD = -XML_PROGRAMLISTING = YES -#--------------------------------------------------------------------------- -# configuration options for the AutoGen Definitions output -#--------------------------------------------------------------------------- -GENERATE_AUTOGEN_DEF = NO -#--------------------------------------------------------------------------- -# configuration options related to the Perl module output -#--------------------------------------------------------------------------- -GENERATE_PERLMOD = NO -PERLMOD_LATEX = NO -PERLMOD_PRETTY = YES -PERLMOD_MAKEVAR_PREFIX = -#--------------------------------------------------------------------------- -# Configuration options related to the preprocessor -#--------------------------------------------------------------------------- -ENABLE_PREPROCESSING = YES -MACRO_EXPANSION = NO -EXPAND_ONLY_PREDEF = NO -SEARCH_INCLUDES = YES -INCLUDE_PATH = -INCLUDE_FILE_PATTERNS = -PREDEFINED = IEEE8021X_EAPOL CONFIG_CTRL_IFACE -EXPAND_AS_DEFINED = -SKIP_FUNCTION_MACROS = YES -#--------------------------------------------------------------------------- -# Configuration::additions related to external references -#--------------------------------------------------------------------------- -TAGFILES = -GENERATE_TAGFILE = -ALLEXTERNALS = NO -EXTERNAL_GROUPS = YES -PERL_PATH = /usr/bin/perl -#--------------------------------------------------------------------------- -# Configuration options related to the dot tool -#--------------------------------------------------------------------------- -CLASS_DIAGRAMS = NO -HIDE_UNDOC_RELATIONS = YES -HAVE_DOT = YES -CLASS_GRAPH = YES -COLLABORATION_GRAPH = YES -GROUP_GRAPHS = YES -UML_LOOK = NO -TEMPLATE_RELATIONS = NO -INCLUDE_GRAPH = YES -INCLUDED_BY_GRAPH = YES -CALL_GRAPH = YES -GRAPHICAL_HIERARCHY = YES -DIRECTORY_GRAPH = NO -DOT_IMAGE_FORMAT = png -DOT_PATH = -DOTFILE_DIRS = -MAX_DOT_GRAPH_WIDTH = 1024 -MAX_DOT_GRAPH_HEIGHT = 1024 -MAX_DOT_GRAPH_DEPTH = 1000 -DOT_TRANSPARENT = NO -DOT_MULTI_TARGETS = NO -GENERATE_LEGEND = YES -DOT_CLEANUP = YES -#--------------------------------------------------------------------------- -# Configuration::additions related to the search engine -#--------------------------------------------------------------------------- -SEARCHENGINE = YES diff --git a/doc/driver_wrapper.doxygen b/doc/driver_wrapper.doxygen deleted file mode 100644 index 232739a..0000000 --- a/doc/driver_wrapper.doxygen +++ /dev/null @@ -1,180 +0,0 @@ -/** -\page driver_wrapper Driver wrapper implementation (driver.h, drivers.c) - -All hardware and driver dependent functionality is in separate C files -that implement defined wrapper functions. Other parts -of the %wpa_supplicant are designed to be hardware, driver, and operating -system independent. - -Driver wrappers need to implement whatever calls are used in the -target operating system/driver for controlling wireless LAN -devices. As an example, in case of Linux, these are mostly some glue -code and ioctl() calls and netlink message parsing for Linux Wireless -Extensions (WE). Since features required for WPA were added only recently to -Linux Wireless Extensions (in version 18), some driver specific code is used -in number of driver interface implementations. These driver dependent parts -can be replaced with generic code in driver_wext.c once the target driver -includes full support for WE-18. After that, all Linux drivers, at -least in theory, could use the same driver wrapper code. - -A driver wrapper needs to implement some or all of the functions -defined in driver.h. These functions are registered by filling struct -wpa_driver_ops with function pointers. Hardware independent parts of -%wpa_supplicant will call these functions to control the driver/wlan -card. In addition, support for driver events is required. The event -callback function, wpa_supplicant_event(), and its parameters are -documented in wpa_supplicant.h. In addition, a pointer to the 'struct -wpa_driver_ops' needs to be registered in drivers.c file. - -When porting to other operating systems, the driver wrapper should be -modified to use the native interface of the target OS. It is possible -that some extra requirements for the interface between the driver -wrapper and generic %wpa_supplicant code are discovered during porting -to a new operating system. These will be addressed on case by case -basis by modifying the interface and updating the other driver -wrappers for this. The goal is to avoid changing this interface -without very good reasons in order to limit the number of changes -needed to other wrappers and hardware independent parts of -%wpa_supplicant. When changes are required, recommended way is to -make them in backwards compatible way that allows existing driver -interface implementations to be compiled without any modification. - -Generic Linux Wireless Extensions functions are implemented in -driver_wext.c. All Linux driver wrappers can use these when the kernel -driver supports the generic ioctl()s and wireless events. Driver -specific functions are implemented in separate C files, e.g., -driver_hostap.c. These files need to define struct wpa_driver_ops -entry that will be used in wpa_supplicant.c when calling driver -functions. struct wpa_driver_ops entries are registered in drivers.c. - -In general, it is likely to be useful to first take a look at couple -of driver interface examples before starting on implementing a new -one. driver_hostap.c and driver_wext.c include a complete -implementation for Linux drivers that use %wpa_supplicant-based control -of WPA IE and roaming. driver_ndis.c (with help from driver_ndis_.c) -is an example of a complete interface for Windows NDIS interface for -drivers that generate WPA IE themselves and decide when to roam. These -example implementations include full support for all security modes. - - -\section driver_req Driver requirements for WPA - -WPA introduces new requirements for the device driver. At least some -of these need to be implemented in order to provide enough support for -%wpa_supplicant. - -\subsection driver_tkip_ccmp TKIP/CCMP - -WPA requires that the pairwise cipher suite (encryption algorithm for -unicast data packets) is TKIP or CCMP. These are new encryption -protocols and thus, the driver will need to be modified to support -them. Depending on the used wlan hardware, some parts of these may be -implemented by the hardware/firmware. - -Specification for both TKIP and CCMP is available from IEEE (IEEE -802.11i amendment). Fully functional, hardware independent -implementation of both encryption protocols is also available in Host -AP driver (driver/modules/hostap_{tkip,ccmp}.c). In addition, Linux 2.6 -kernel tree has generic implementations for WEP, TKIP, and CCMP that can -be used in Linux drivers. - -The driver will also need to provide configuration mechanism to allow -user space programs to configure TKIP and CCMP. Linux Wireless Extensions -v18 added support for configuring these algorithms and -individual/non-default keys. If the target kernel does not include WE-18, -private ioctls can be used to provide similar functionality. - -\subsection driver_roaming Roaming control and scanning support - -%wpa_supplicant can optionally control AP selection based on the -information received from Beacon and/or Probe Response frames -(ap_scan=1 mode in configuration). This means that the driver should -support external control for scan process. In case of Linux, use of -new Wireless Extensions scan support (i.e., 'iwlist wlan0 scan') is -recommended. The current driver wrapper (driver_wext.c) uses this for -scan results. - -Scan results must also include the WPA information element. Support for -this was added in WE-18. With older versions, a custom event can be used -to provide the full WPA IE (including element id and length) as a hex -string that is included in the scan results. - -%wpa_supplicant needs to also be able to request the driver to -associate with a specific BSS. Current Host AP driver and matching -driver_hostap.c wrapper uses following sequence for this -request. Similar/identical mechanism should be usable also with other -drivers. - -- set WPA IE for AssocReq with private ioctl -- set SSID with SIOCSIWESSID -- set channel/frequency with SIOCSIWFREQ -- set BSSID with SIOCSIWAP - (this last ioctl will trigger the driver to request association) - -\subsection driver_wpa_ie WPA IE generation - -%wpa_supplicant selects which cipher suites and key management suites -are used. Based on this information, it generates a WPA IE. This is -provided to the driver interface in the associate call. This does not -match with Windows NDIS drivers which generate the WPA IE -themselves. - -%wpa_supplicant allows Windows NDIS-like behavior by providing the -selected cipher and key management suites in the associate call. If -the driver generates its own WPA IE and that differs from the one -generated by %wpa_supplicant, the driver has to inform %wpa_supplicant -about the used WPA IE (i.e., the one it used in (Re)Associate -Request). This notification is done using EVENT_ASSOCINFO event (see -wpa_supplicant.h). %wpa_supplicant is normally configured to use -ap_scan=2 mode with drivers that control WPA IE generation and roaming. - -\subsection driver_events Driver events - -%wpa_supplicant needs to receive event callbacks when certain events -occur (association, disassociation, Michael MIC failure, scan results -available, PMKSA caching candidate). These events and the callback -details are defined in wpa_supplicant.h (wpa_supplicant_event() function -and enum wpa_event_type). - -On Linux, association and disassociation can use existing Wireless -Extensions event that is reporting new AP with SIOCGIWAP -event. Similarly, completion of a scan can be reported with SIOCGIWSCAN -event. - -Michael MIC failure event was added in WE-18. Older versions of Wireless -Extensions will need to use a custom event. Host AP driver used a custom -event with following contents: MLME-MICHAELMICFAILURE.indication(keyid=# -broadcast/unicast addr=addr2). This is the recommended format until -the driver can be moved to use WE-18 mechanism. - -\subsection driver_wext_summary Summary of Linux Wireless Extensions use - -AP selection depends on ap_scan configuration: - -ap_scan=1: - -- %wpa_supplicant requests scan with SIOCSIWSCAN -- driver reports scan complete with wireless event SIOCGIWSCAN -- %wpa_supplicant reads scan results with SIOCGIWSCAN (multiple call if - a larget buffer is needed) -- %wpa_supplicant decides which AP to use based on scan results -- %wpa_supplicant configures driver to associate with the selected BSS - (SIOCSIWMODE, SIOCSIWGENIE, SIOCSIWAUTH, SIOCSIWFREQ, - SIOCSIWESSID, SIOCSIWAP) - -ap_scan=2: - -- %wpa_supplicant configures driver to associate with an SSID - (SIOCSIWMODE, SIOCSIWGENIE, SIOCSIWAUTH, SIOCSIWESSID) - - -After this, both modes use similar steps: - -- optionally (or required for drivers that generate WPA/RSN IE for - (Re)AssocReq), driver reports association parameters (AssocReq IEs) - with wireless event IWEVASSOCREQIE (and optionally IWEVASSOCRESPIE) -- driver reports association with wireless event SIOCGIWAP -- %wpa_supplicant takes care of EAPOL frame handling (validating - information from associnfo and if needed, from scan results if WPA/RSN - IE from the Beacon frame is not reported through associnfo) -*/ diff --git a/doc/eap.doxygen b/doc/eap.doxygen deleted file mode 100644 index 988b304..0000000 --- a/doc/eap.doxygen +++ /dev/null @@ -1,56 +0,0 @@ -/** -\page eap_module EAP peer implementation - -Extensible Authentication Protocol (EAP) is an authentication framework -defined in RFC 3748. %wpa_supplicant uses a separate code module for EAP -peer implementation. This module was designed to use only a minimal set -of direct function calls (mainly, to debug/event functions) in order for -it to be usable in other programs. The design of the EAP -implementation is based loosely on RFC 4137. The state machine is -defined in this RFC and so is the interface between the peer state -machine and methods. As such, this RFC provides useful information for -understanding the EAP peer implementation in %wpa_supplicant. - -Some of the terminology used in EAP state machine is referring to -EAPOL (IEEE 802.1X), but there is no strict requirement on the lower -layer being IEEE 802.1X if EAP module is built for other programs than -%wpa_supplicant. These terms should be understood to refer to the -lower layer as defined in RFC 4137. - - -\section adding_eap_methods Adding EAP methods - -Each EAP method is implemented as a separate module, usually as one C -file named eap_<name of the method>.c, e.g., eap_md5.c. All EAP -methods use the same interface between the peer state machine and -method specific functions. This allows new EAP methods to be added -without modifying the core EAP state machine implementation. - -New EAP methods need to be registered by adding them into the build -(Makefile) and the EAP method registration list in the -eap_peer_register_methods() function of eap_methods.c. Each EAP -method should use a build-time configuration option, e.g., EAP_TLS, in -order to make it possible to select which of the methods are included -in the build. - -EAP methods must implement the interface defined in eap_i.h. struct -eap_method defines the needed function pointers that each EAP method -must provide. In addition, the EAP type and name are registered using -this structure. This interface is based on section 4.4 of RFC 4137. - -It is recommended that the EAP methods would use generic helper -functions, eap_msg_alloc() and eap_hdr_validate() when processing -messages. This allows code sharing and can avoid missing some of the -needed validation steps for received packets. In addition, these -functions make it easier to change between expanded and legacy EAP -header, if needed. - -When adding an EAP method that uses a vendor specific EAP type -(Expanded Type as defined in RFC 3748, Chapter 5.7), the new method -must be registered by passing vendor id instead of EAP_VENDOR_IETF to -eap_peer_method_alloc(). These methods must not try to emulate -expanded types by registering a legacy EAP method for type 254. See -eap_vendor_test.c for an example of an EAP method implementation that -is implemented as an expanded type. - -*/ diff --git a/doc/kerneldoc2doxygen.pl b/doc/kerneldoc2doxygen.pl deleted file mode 100755 index 68835a1..0000000 --- a/doc/kerneldoc2doxygen.pl +++ /dev/null @@ -1,129 +0,0 @@ -#!/usr/bin/perl -w -# -########################################################################## -# Convert kernel-doc style comments to Doxygen comments. -########################################################################## -# -# This script reads a C source file from stdin, and writes -# to stdout. Normal usage: -# -# $ mv file.c file.c.gtkdoc -# $ kerneldoc2doxygen.pl <file.c.gtkdoc >file.c -# -# Or to do the same thing with multiple files: -# $ perl -i.gtkdoc kerneldoc2doxygen.pl *.c *.h -# -# This script may also be suitable for use as a Doxygen input filter, -# but that has not been tested. -# -# Back up your source files before using this script!! -# -########################################################################## -# Copyright (C) 2003 Jonathan Foster <jon@jon-foster.co.uk> -# Copyright (C) 2005 Jouni Malinen <j@w1.fi> -# (modified for kerneldoc format used in wpa_supplicant) -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -# or look at http://www.gnu.org/licenses/gpl.html -########################################################################## - - -########################################################################## -# -# This function converts a single comment from gtk-doc to Doxygen format. -# The parameter does not include the opening or closing lines -# (i.e. given a comment like this: -# "/**\n" -# " * FunctionName:\n" -# " * @foo: This describes the foo parameter\n" -# " * @bar: This describes the bar parameter\n" -# " * @Returns: This describes the return value\n" -# " *\n" -# " * This describes the function.\n" -# " */\n" -# This function gets: -# " * FunctionName:\n" -# " * @foo: This describes the foo parameter\n" -# " * @bar: This describes the bar parameter\n" -# " * @Returns: This describes the return value\n" -# " *\n" -# " * This describes the function.\n" -# And it returns: -# " * This describes the function.\n" -# " *\n" -# " * @param foo This describes the foo parameter\n" -# " * @param bar This describes the bar parameter\n" -# " * @return This describes the return value\n" -# ) -# -sub fixcomment { - $t = $_[0]; - - # " * func: foo" --> "\brief foo\n" - # " * struct bar: foo" --> "\brief foo\n" - # If this fails, not a kernel-doc comment ==> return unmodified. - ($t =~ s/^[\t ]*\*[\t ]*(struct )?([^ \t\n]*) - ([^\n]*)/\\brief $3\n/s) - or return $t; - - # " * Returns: foo" --> "\return foo" - $t =~ s/\n[\t ]*\*[\t ]*Returns:/\n\\return/sig; - - # " * @foo: bar" --> "\param foo bar" - # Handle two common typos: No ":", or "," instead of ":". - $t =~ s/\n[\t ]*\*[\t ]*\@([^ :,]*)[:,]?[\t ]*/\n\\param $1 /sg; - - return $t; -} - -########################################################################## -# Start of main code - -# Read entire stdin into memory - one multi-line string. -$_ = do { local $/; <> }; - -s{^/\*\n \*}{/\*\* \\file\n\\brief}; -s{ \* Copyright}{\\par Copyright\nCopyright}; - -# Fix any comments like "/*************" so they don't match. -# "/***" ===> "/* *" -s{/\*\*\*}{/\* \*}gs; - -# The main comment-detection code. -s{ - ( # $1 = Open comment - /\*\* # Open comment - (?!\*) # Do not match /*** (redundant due to fixup above). - [\t ]*\n? # If 1st line is whitespace, match the lot (including the newline). - ) - (.*?) # $2 = Body of comment (multi-line) - ( # $3 = Close comment - ( # If possible, match the whitespace before the close-comment - (?<=\n) # This part only matches after a newline - [\t ]* # Eat whitespace - )? - \*/ # Close comment - ) - } - { - $1 . fixcomment($2) . $3 - }gesx; -# ^^^^ Modes: g - Global, match all occurances. -# e - Evaluate the replacement as an expression. -# s - Single-line - allows the pattern to match across newlines. -# x - eXtended pattern, ignore embedded whitespace -# and allow comments. - -# Write results to stdout -print $_; - diff --git a/doc/mainpage.doxygen b/doc/mainpage.doxygen deleted file mode 100644 index 6e58af8..0000000 --- a/doc/mainpage.doxygen +++ /dev/null @@ -1,56 +0,0 @@ -/** -\mainpage Developers' documentation for %wpa_supplicant - -%wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with -support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE -802.1X/WPA component that is used in the client stations. It -implements key negotiation with a WPA Authenticator and it can optionally -control roaming and IEEE 802.11 authentication/association of the wlan -driver. - -The goal of this documentation and comments in the source code is to -give enough information for other developers to understand how -%wpa_supplicant has been implemented, how it can be modified, how new -drivers can be supported, and how %wpa_supplicant can be ported to -other operating systems. If any information is missing, feel free to -contact Jouni Malinen <j@w1.fi> for more -information. Contributions as patch files are also very welcome at the -same address. Please note that %wpa_supplicant is licensed under dual -license, GPLv2 or BSD at user's choice. All contributions to -%wpa_supplicant are expected to use compatible licensing terms. - -The source code and read-only access to %wpa_supplicant CVS repository -is available from the project home page at -http://hostap.epitest.fi/wpa_supplicant/. This developers' documentation -is also available as a PDF file from -http://hostap.epitest.fi/wpa_supplicant/wpa_supplicant-devel.pdf . - -The design goal for %wpa_supplicant was to use hardware, driver, and -OS independent, portable C code for all WPA functionality. The source -code is divided into separate C files as shown on the \ref -code_structure "code structure page". All hardware/driver specific -functionality is in separate files that implement a \ref -driver_wrapper "well-defined driver API". Information about porting -to different target boards and operating systems is available on -the \ref porting "porting page". - -EAPOL (IEEE 802.1X) state machines are implemented as a separate -module that interacts with \ref eap_module "EAP peer implementation". -In addition to programs aimed at normal production use, -%wpa_supplicant source tree includes number of \ref testing_tools -"testing and development tools" that make it easier to test the -programs without having to setup a full test setup with wireless -cards. These tools can also be used to implement automatic test -suites. - -%wpa_supplicant implements a -\ref ctrl_iface_page "control interface" that can be used by -external programs to control the operations of the %wpa_supplicant -daemon and to get status information and event notifications. There is -a small C library that provides helper functions to facilitate the use of the -control interface. This library can also be used with C++. - -\image html wpa_supplicant.png "wpa_supplicant modules" -\image latex wpa_supplicant.eps "wpa_supplicant modules" width=15cm - -*/ diff --git a/doc/porting.doxygen b/doc/porting.doxygen deleted file mode 100644 index 581da48..0000000 --- a/doc/porting.doxygen +++ /dev/null @@ -1,208 +0,0 @@ -/** -\page porting Porting to different target boards and operating systems - -%wpa_supplicant was designed to be easily portable to different -hardware (board, CPU) and software (OS, drivers) targets. It is -already used with number of operating systems and numerous wireless -card models and drivers. The main %wpa_supplicant repository includes -support for Linux, FreeBSD, and Windows. In addition, at least VxWorks, -PalmOS, Windows CE, and Windows Mobile are supported in separate -repositories. On the hardware -side, %wpa_supplicant is used on various systems: desktops, laptops, -PDAs, and embedded devices with CPUs including x86, PowerPC, -arm/xscale, and MIPS. Both big and little endian configurations are -supported. - - -\section ansi_c_extra Extra functions on top of ANSI C - -%wpa_supplicant is mostly using ANSI C functions that are available on -most targets. However, couple of additional functions that are common -on modern UNIX systems are used. Number of these are listed with -prototypes in common.h (the #ifdef CONFIG_ANSI_C_EXTRA block). These -functions may need to be implemented or at least defined as macros to -native functions in the target OS or C library. - -Many of the common ANSI C functions are used through a wrapper -definitions in os.h to allow these to be replaced easily with a -platform specific version in case standard C libraries are not -available. In addition, os.h defines couple of common platform -specific functions that are implemented in os_unix.c for UNIX like -targets and in os_win32.c for Win32 API. If the target platform does -not support either of these examples, a new os_*.c file may need to be -added. - -Unless OS_NO_C_LIB_DEFINES is defined, the standard ANSI C and POSIX -functions are used by defining the os_*() wrappers to use them -directly in order to avoid extra cost in size and speed. If the target -platform needs different versions of the functions, os.h can be -modified to define the suitable macros or alternatively, -OS_NO_C_LIB_DEFINES may be defined for the build and the wrapper -functions can then be implemented in a new os_*.c wrapper file. - -common.h defines number of helper macros for handling integers of -different size and byte order. Suitable version of these definitions -may need to be added for the target platform. - - -\section configuration_backend Configuration backend - -%wpa_supplicant implements a configuration interface that allows the -backend to be easily replaced in order to read configuration data from -a suitable source depending on the target platform. config.c -implements the generic code that can be shared with all configuration -backends. Each backend is implemented in its own config_*.c file. - -The included config_file.c backend uses a text file for configuration -and config_winreg.c uses Windows registry. These files can be used as -an example for a new configuration backend if the target platform uses -different mechanism for configuration parameters. In addition, -config_none.c can be used as an empty starting point for building a -new configuration backend. - - -\section driver_iface_porting Driver interface - -Unless the target OS and driver is already supported, most porting -projects have to implement a driver wrapper. This may be done by -adding a new driver interface module or modifying an existing module -(driver_*.c) if the new target is similar to one of them. \ref -driver_wrapper "Driver wrapper implementation" describes the details -of the driver interface and discusses the tasks involved in porting -this part of %wpa_supplicant. - - -\section l2_packet_porting l2_packet (link layer access) - -%wpa_supplicant needs to have access to sending and receiving layer 2 -(link layer) packets with two Ethertypes: EAP-over-LAN (EAPOL) 0x888e -and RSN pre-authentication 0x88c7. l2_packet.h defines the interfaces -used for this in the core %wpa_supplicant implementation. - -If the target operating system supports a generic mechanism for link -layer access, that is likely the best mechanism for providing the -needed functionality for %wpa_supplicant. Linux packet socket is an -example of such a generic mechanism. If this is not available, a -separate interface may need to be implemented to the network stack or -driver. This is usually an intermediate or protocol driver that is -operating between the device driver and the OS network stack. If such -a mechanism is not feasible, the interface can also be implemented -directly in the device driver. - -The main %wpa_supplicant repository includes l2_packet implementations -for Linux using packet sockets (l2_packet_linux.c), more portable -version using libpcap/libdnet libraries (l2_packet_pcap.c; this -supports WinPcap, too), and FreeBSD specific version of libpcap -interface (l2_packet_freebsd.c). - -If the target operating system is supported by libpcap (receiving) and -libdnet (sending), l2_packet_pcap.c can likely be used with minimal or -no changes. If this is not a case or a proprietary interface for link -layer is required, a new l2_packet module may need to be -added. Alternatively, struct wpa_driver_ops::send_eapol() handler can -be used to override the l2_packet library if the link layer access is -integrated with the driver interface implementation. - - -\section eloop_porting Event loop - -%wpa_supplicant uses a single process/thread model and an event loop -to provide callbacks on events (registered timeout, received packet, -signal). eloop.h defines the event loop interface. eloop.c is an -implementation of such an event loop using select() and sockets. This -is suitable for most UNIX/POSIX systems. When porting to other -operating systems, it may be necessary to replace that implementation -with OS specific mechanisms that provide similar functionality. - - -\section ctrl_iface_porting Control interface - -%wpa_supplicant uses a \ref ctrl_iface_page "control interface" -to allow external processed -to get status information and to control the operations. Currently, -this is implemented with socket based communication; both UNIX domain -sockets and UDP sockets are supported. If the target OS does not -support sockets, this interface will likely need to be modified to use -another mechanism like message queues. The control interface is -optional component, so it is also possible to run %wpa_supplicant -without porting this part. - -The %wpa_supplicant side of the control interface is implemented in -ctrl_iface.c. Matching client side is implemented as a control -interface library in wpa_ctrl.c. - - -\section entry_point Program entry point - -%wpa_supplicant defines a set of functions that can be used to -initialize main supplicant processing. Each operating system has a -mechanism for starting new processing or threads. This is usually a -function with a specific set of arguments and calling convention. This -function is responsible on initializing %wpa_supplicant. - -main.c includes an entry point for UNIX-like operating system, i.e., -main() function that uses command line arguments for setting -parameters for %wpa_supplicant. When porting to other operating -systems, similar OS-specific entry point implementation is needed. It -can be implemented in a new file that is then linked with -%wpa_supplicant instead of main.o. main.c is also a good example on -how the initialization process should be done. - -The supplicant initialization functions are defined in -wpa_supplicant_i.h. In most cases, the entry point function should -start by fetching configuration parameters. After this, a global -%wpa_supplicant context is initialized with a call to -wpa_supplicant_init(). After this, existing network interfaces can be -added with wpa_supplicant_add_iface(). wpa_supplicant_run() is then -used to start the main event loop. Once this returns at program -termination time, wpa_supplicant_deinit() is used to release global -context data. - -wpa_supplicant_add_iface() and wpa_supplicant_remove_iface() can be -used dynamically to add and remove interfaces based on when -%wpa_supplicant processing is needed for them. This can be done, e.g., -when hotplug network adapters are being inserted and ejected. It is -also possible to do this when a network interface is being -enabled/disabled if it is desirable that %wpa_supplicant processing -for the interface is fully enabled/disabled at the same time. - - -\section simple_build Simple build example - -One way to start a porting project is to begin with a very simple -build of %wpa_supplicant with WPA-PSK support and once that is -building correctly, start adding features. - -Following command can be used to build very simple version of -%wpa_supplicant: - -\verbatim -cc -o wpa_supplicant config.c eloop.c common.c md5.c rc4.c sha1.c \ - config_none.c l2_packet_none.c tls_none.c wpa.c preauth.c \ - aes_wrap.c wpa_supplicant.c events.c main_none.c drivers.c -\endverbatim - -The end result is not really very useful since it uses empty functions -for configuration parsing and layer 2 packet access and does not -include a driver interface. However, this is a good starting point -since the build is complete in the sense that all functions are -present and this is easy to configure to a build system by just -including the listed C files. - -Once this version can be build successfully, the end result can be -made functional by adding a proper program entry point (main*.c), -driver interface (driver_*.c and matching CONFIG_DRIVER_* define for -registration in drivers.c), configuration parser/writer (config_*.c), -and layer 2 packet access implementation (l2_packet_*.c). After these -components have been added, the end result should be a working -WPA/WPA2-PSK enabled supplicant. - -After the basic functionality has been verified to work, more features -can be added by linking in more files and defining C pre-processor -defines. Currently, the best source of information for what options -are available and which files needs to be included is in the Makefile -used for building the supplicant with make. Similar configuration will -be needed for build systems that either use different type of make -tool or a GUI-based project configuration. - -*/ diff --git a/doc/testing_tools.doxygen b/doc/testing_tools.doxygen deleted file mode 100644 index a2ae0c2..0000000 --- a/doc/testing_tools.doxygen +++ /dev/null @@ -1,295 +0,0 @@ -/** -\page testing_tools Testing and development tools - -[ \ref eapol_test "eapol_test" | -\ref preauth_test "preauth_test" | -\ref driver_test "driver_test" | -\ref unit_tests "Unit tests" ] - -%wpa_supplicant source tree includes number of testing and development -tools that make it easier to test the programs without having to setup -a full test setup with wireless cards. In addition, these tools can be -used to implement automatic tests suites. - -\section eapol_test eapol_test - EAP peer and RADIUS client testing - -eapol_test is a program that links together the same EAP peer -implementation that %wpa_supplicant is using and the RADIUS -authentication client code from hostapd. In addition, it has minimal -glue code to combine these two components in similar ways to IEEE -802.1X/EAPOL Authenticator state machines. In other words, it -integrates IEEE 802.1X Authenticator (normally, an access point) and -IEEE 802.1X Supplicant (normally, a wireless client) together to -generate a single program that can be used to test EAP methods without -having to setup an access point and a wireless client. - -The main uses for eapol_test are in interoperability testing of EAP -methods against RADIUS servers and in development testing for new EAP -methods. It can be easily used to automate EAP testing for -interoperability and regression since the program can be run from -shell scripts without require additional test components apart from a -RADIUS server. For example, the automated EAP tests described in -eap_testing.txt are implemented with eapol_test. Similarly, eapol_test -could be used to implement an automated regression test suite for a -RADIUS authentication server. - -eapol_test uses the same build time configuration file, .config, as -%wpa_supplicant. This file is used to select which EAP methods are -included in eapol_test. This program is not built with the default -Makefile target, so a separate make command needs to be used to -compile the tool: - -\verbatim -make eapol_test -\endverbatim - -The resulting eapol_test binary has following command like options: - -\verbatim -usage: -eapol_test [-nWS] -c<conf> [-a<AS IP>] [-p<AS port>] [-s<AS secret>] \ - [-r<count>] [-t<timeout>] [-C<Connect-Info>] \ - [-M<client MAC address>] -eapol_test scard -eapol_test sim <PIN> <num triplets> [debug] - -options: - -c<conf> = configuration file - -a<AS IP> = IP address of the authentication server, default 127.0.0.1 - -p<AS port> = UDP port of the authentication server, default 1812 - -s<AS secret> = shared secret with the authentication server, default 'radius' - -r<count> = number of re-authentications - -W = wait for a control interface monitor before starting - -S = save configuration after authentiation - -n = no MPPE keys expected - -t<timeout> = sets timeout in seconds (default: 30 s) - -C<Connect-Info> = RADIUS Connect-Info (default: CONNECT 11Mbps 802.11b) - -M<client MAC address> = Set own MAC address (Calling-Station-Id, - default: 02:00:00:00:00:01) -\endverbatim - - -As an example, -\verbatim -eapol_test -ctest.conf -a127.0.0.1 -p1812 -ssecret -r1 -\endverbatim -tries to complete EAP authentication based on the network -configuration from test.conf against the RADIUS server running on the -local host. A re-authentication is triggered to test fast -re-authentication. The configuration file uses the same format for -network blocks as %wpa_supplicant. - - -\section preauth_test preauth_test - WPA2 pre-authentication and EAP peer testing - -preauth_test is similar to eapol_test in the sense that in combines -EAP peer implementation with something else, in this case, with WPA2 -pre-authentication. This tool can be used to test pre-authentication -based on the code that %wpa_supplicant is using. As such, it tests -both the %wpa_supplicant implementation and the functionality of an -access point. - -preauth_test is built with: - -\verbatim -make preauth_test -\endverbatim - -and it uses following command line arguments: - -\verbatim -usage: preauth_test <conf> <target MAC address> <ifname> -\endverbatim - -For example, -\verbatim -preauth_test test.conf 02:11:22:33:44:55 eth0 -\endverbatim -would use network configuration from test.conf to try to complete -pre-authentication with AP using BSSID 02:11:22:33:44:55. The -pre-authentication packets would be sent using the eth0 interface. - - -\section driver_test driver_test - driver interface for testing wpa_supplicant - -%wpa_supplicant was designed to support number of different ways to -communicate with a network device driver. This design uses \ref -driver_wrapper "driver interface API" and number of driver interface -implementations. One of these is driver_test.c, i.e., a test driver -interface that is actually not using any drivers. Instead, it provides -a mechanism for running %wpa_supplicant without having to have a -device driver or wireless LAN hardware for that matter. - -driver_test can be used to talk directly with hostapd's driver_test -component to create a test setup where one or more clients and access -points can be tested within one test host and without having to have -multiple wireless cards. This makes it easier to test the core code in -%wpa_supplicant, and hostapd for that matter. Since driver_test uses -the same driver API than any other driver interface implementation, -the core code of %wpa_supplicant and hostapd can be tested with the -same coverage as one would get when using real wireless cards. The -only area that is not tested is the driver interface implementation -(driver_*.c). - -Having the possibility to use simulated network components makes it -much easier to do development testing while adding new features and to -reproduce reported bugs. As such, it is often easiest to just do most -of the development and bug fixing without using real hardware. Once -the driver_test setup has been used to implement a new feature or fix -a bug, the end result can be verified with wireless LAN cards. In many -cases, this may even be unnecessary, depending on what area the -feature/bug is relating to. Of course, changes to driver interfaces -will still require use of real hardware. - -Since multiple components can be run within a single host, testing of -complex network configuration, e.g., large number of clients -association with an access point, becomes quite easy. All the tests -can also be automated without having to resort to complex test setup -using remote access to multiple computers. - -driver_test can be included in the %wpa_supplicant build in the same -way as any other driver interface, i.e., by adding the following line -into .config: - -\verbatim -CONFIG_DRIVER_TEST=y -\endverbatim - -When running %wpa_supplicant, the test interface is selected by using -\a -Dtest command line argument. The interface name (\a -i argument) -can be selected arbitrarily, i.e., it does not need to match with any -existing network interface. The interface name is used to generate a -MAC address, so when using multiple clients, each should use a -different interface, e.g., \a sta1, \a sta2, and so on. - -%wpa_supplicant and hostapd are configured in the same way as they -would be for normal use. Following example shows a simple test setup -for WPA-PSK. - -hostapd is configured with following psk-test.conf configuration file: - -\verbatim -driver=test - -interface=ap1 -logger_stdout=-1 -logger_stdout_level=0 -debug=2 -dump_file=/tmp/hostapd.dump - -test_socket=/tmp/Test/ap1 - -ssid=jkm-test-psk - -wpa=1 -wpa_key_mgmt=WPA-PSK -wpa_pairwise=TKIP -wpa_passphrase=12345678 -\endverbatim - -and started with following command: - -\verbatim -hostapd psk-test.conf -\endverbatim - -%wpa_supplicant uses following configuration file: - -\verbatim -driver_param=test_socket=/tmp/Test/ap1 - -network={ - ssid="jkm-test-psk" - key_mgmt=WPA-PSK - psk="12345678" -} -\endverbatim - -%wpa_supplicant can then be started with following command: - -\verbatim -wpa_supplicant -Dtest -cpsk-test.conf -ista1 -ddK -\endverbatim - -If run without debug information, i.e., with - -\verbatim -wpa_supplicant -Dtest -cpsk-test.conf -ista1 -\endverbatim - -%wpa_supplicant completes authentication and prints following events: - -\verbatim -Trying to associate with 02:b8:a6:62:08:5a (SSID='jkm-test-psk' freq=0 MHz) -Associated with 02:b8:a6:62:08:5a -WPA: Key negotiation completed with 02:b8:a6:62:08:5a [PTK=TKIP GTK=TKIP] -CTRL-EVENT-CONNECTED - Connection to 02:b8:a6:62:08:5a completed (auth) -\endverbatim - -If test setup is using multiple clients, it is possible to run -multiple %wpa_supplicant processes. Alternatively, the support for -multiple interfaces can be used with just one process to save some -resources on single-CPU systems. For example, following command runs -two clients: - -\verbatim -./wpa_supplicant -Dtest -cpsk-test.conf -ista1 \ - -N -Dtest -cpsk-test.conf -ista2 -\endverbatim - -This shows following event log: - -\verbatim -Trying to associate with 02:b8:a6:62:08:5a (SSID='jkm-test-psk' freq=0 MHz) -Associated with 02:b8:a6:62:08:5a -WPA: Key negotiation completed with 02:b8:a6:62:08:5a [PTK=TKIP GTK=TKIP] -CTRL-EVENT-CONNECTED - Connection to 02:b8:a6:62:08:5a completed (auth) -Trying to associate with 02:b8:a6:62:08:5a (SSID='jkm-test-psk' freq=0 MHz) -Associated with 02:b8:a6:62:08:5a -WPA: Key negotiation completed with 02:b8:a6:62:08:5a [PTK=TKIP GTK=TKIP] -CTRL-EVENT-CONNECTED - Connection to 02:b8:a6:62:08:5a completed (auth) -\endverbatim - -hostapd shows this with following events: - -\verbatim -ap1: STA 02:b5:64:63:30:63 IEEE 802.11: associated -ap1: STA 02:b5:64:63:30:63 WPA: pairwise key handshake completed (WPA) -ap1: STA 02:b5:64:63:30:63 WPA: group key handshake completed (WPA) -ap1: STA 02:2a:c4:18:5b:f3 IEEE 802.11: associated -ap1: STA 02:2a:c4:18:5b:f3 WPA: pairwise key handshake completed (WPA) -ap1: STA 02:2a:c4:18:5b:f3 WPA: group key handshake completed (WPA) -\endverbatim - -By default, driver_param is simulating a driver that uses the WPA/RSN -IE generated by %wpa_supplicant. Driver-generated IE and AssocInfo -events can be tested by adding \a use_associnfo=1 to the \a driver_param -line in the configuration file. For example: - -\verbatim -driver_param=test_socket=/tmp/Test/ap1 use_associnfo=1 -\endverbatim - - -\section unit_tests Unit tests - -Number of the components (.c files) used in %wpa_supplicant define -their own unit tests for automated validation of the basic -functionality. Most of the tests for cryptographic algorithms are -using standard test vectors to validate functionality. These tests can -be useful especially when verifying port to a new CPU target. - -In most cases, these tests are implemented in the end of the same file -with functions that are normally commented out, but ca be included by -defining a pre-processor variable when building the file separately. -The details of the needed build options are included in the Makefile -(test-* targets). All automated unit tests can be run with - -\verbatim -make tests -\endverbatim - -This make target builds and runs each test and terminates with zero -exit code if all tests were completed successfully. - -*/ diff --git a/doc/wpa_supplicant.fig b/doc/wpa_supplicant.fig deleted file mode 100644 index 06abfb5..0000000 --- a/doc/wpa_supplicant.fig +++ /dev/null @@ -1,247 +0,0 @@ -#FIG 3.2 -Landscape -Center -Inches -Letter -100.00 -Single --2 -1200 2 -6 1875 4050 2925 4350 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1875 4050 2925 4050 2925 4350 1875 4350 1875 4050 -4 0 0 50 -1 0 12 0.0000 4 180 735 2025 4275 l2_packet\001 --6 -6 3450 1200 4275 1500 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 3450 1200 4275 1200 4275 1500 3450 1500 3450 1200 -4 0 0 50 -1 0 12 0.0000 4 180 585 3600 1425 wpa_cli\001 --6 -6 4725 1200 5925 1500 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4725 1200 5925 1200 5925 1500 4725 1500 4725 1200 -4 0 0 50 -1 0 12 0.0000 4 135 1005 4800 1425 GUI frontend\001 --6 -6 6000 2700 7200 3225 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 6000 2700 7200 2700 7200 3225 6000 3225 6000 2700 -4 0 0 50 -1 0 12 0.0000 4 135 975 6075 2925 WPA/WPA2\001 -4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 3150 state machine\001 --6 -6 6000 4950 7200 5475 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 6000 4950 7200 4950 7200 5475 6000 5475 6000 4950 -4 0 0 50 -1 0 12 0.0000 4 135 360 6075 5175 EAP\001 -4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 5400 state machine\001 --6 -6 8700 3000 9375 3300 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8700 3000 9375 3000 9375 3300 8700 3300 8700 3000 -4 0 0 50 -1 0 12 0.0000 4 150 480 8775 3225 crypto\001 --6 -6 4350 3900 5025 4425 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4350 3900 5025 3900 5025 4425 4350 4425 4350 3900 -4 0 0 50 -1 0 12 0.0000 4 105 420 4500 4125 event\001 -4 0 0 50 -1 0 12 0.0000 4 180 315 4500 4350 loop\001 --6 -6 4275 2550 5100 2850 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4275 2550 5100 2550 5100 2850 4275 2850 4275 2550 -4 0 0 50 -1 0 12 0.0000 4 135 450 4425 2775 ctrl i/f\001 --6 -6 6000 3900 7200 4425 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 6000 3900 7200 3900 7200 4425 6000 4425 6000 3900 -4 0 0 50 -1 0 12 0.0000 4 135 600 6075 4125 EAPOL\001 -4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 4350 state machine\001 --6 -6 1800 6000 7800 8100 -6 1800 6000 7800 7200 -6 1800 6900 2700 7200 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1800 6900 2700 6900 2700 7200 1800 7200 1800 6900 -4 0 0 50 -1 0 12 0.0000 4 105 375 1875 7125 wext\001 --6 -6 4725 6900 5625 7200 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4725 6900 5625 6900 5625 7200 4725 7200 4725 6900 -4 0 0 50 -1 0 12 0.0000 4 135 555 4800 7125 hermes\001 --6 -6 6675 6900 7800 7200 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 6675 6900 7800 6900 7800 7200 6675 7200 6675 6900 -4 0 0 50 -1 0 12 0.0000 4 180 930 6750 7125 ndiswrapper\001 --6 -6 5700 6900 6600 7200 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 5700 6900 6600 6900 6600 7200 5700 7200 5700 6900 -4 0 0 50 -1 0 12 0.0000 4 135 420 5775 7125 atmel\001 --6 -6 4275 6000 5100 6300 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 4275 6000 5100 6000 5100 6300 4275 6300 4275 6000 -4 0 0 50 -1 0 12 0.0000 4 135 630 4350 6225 driver i/f\001 --6 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 2775 6900 3675 6900 3675 7200 2775 7200 2775 6900 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 3750 6900 4650 6900 4650 7200 3750 7200 3750 6900 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 4 - 2250 6900 2250 6600 7200 6600 7200 6900 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 3225 6900 3225 6600 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4200 6900 4200 6600 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 5175 6900 5175 6600 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 6150 6900 6150 6600 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4650 6600 4650 6300 -4 0 0 50 -1 0 12 0.0000 4 180 510 2850 7125 hostap\001 -4 0 0 50 -1 0 12 0.0000 4 135 600 3825 7125 madwifi\001 --6 -6 3525 7800 5775 8100 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 3525 7800 5775 7800 5775 8100 3525 8100 3525 7800 -4 0 0 50 -1 0 12 0.0000 4 135 2145 3600 8025 kernel network device driver\001 --6 -2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2 - 2250 7200 4200 7800 -2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2 - 7200 7200 5100 7800 --6 -6 9600 3000 10275 3300 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9600 3000 10275 3000 10275 3300 9600 3300 9600 3000 -4 0 0 50 -1 0 12 0.0000 4 135 315 9750 3225 TLS\001 --6 -6 8100 4425 10425 7350 -6 8175 4725 9225 5025 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8175 4725 9225 4725 9225 5025 8175 5025 8175 4725 -4 0 0 50 -1 0 12 0.0000 4 135 735 8250 4950 EAP-TLS\001 --6 -6 9300 4725 10350 5025 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9300 4725 10350 4725 10350 5025 9300 5025 9300 4725 -4 0 0 50 -1 0 12 0.0000 4 135 810 9375 4950 EAP-MD5\001 --6 -6 8175 5100 9225 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8175 5100 9225 5100 9225 5400 8175 5400 8175 5100 -4 0 0 50 -1 0 12 0.0000 4 135 885 8250 5325 EAP-PEAP\001 --6 -6 9300 5100 10350 5400 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9300 5100 10350 5100 10350 5400 9300 5400 9300 5100 -4 0 0 50 -1 0 12 0.0000 4 135 840 9375 5325 EAP-TTLS\001 --6 -6 8175 5475 9225 5775 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8175 5475 9225 5475 9225 5775 8175 5775 8175 5475 -4 0 0 50 -1 0 12 0.0000 4 135 780 8250 5700 EAP-GTC\001 --6 -6 9300 5475 10350 5775 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9300 5475 10350 5475 10350 5775 9300 5775 9300 5475 -4 0 0 50 -1 0 12 0.0000 4 135 765 9375 5700 EAP-OTP\001 --6 -6 8175 5850 9225 6150 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8175 5850 9225 5850 9225 6150 8175 6150 8175 5850 -4 0 0 50 -1 0 12 0.0000 4 135 750 8250 6075 EAP-SIM\001 --6 -6 9300 6225 10350 6525 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9300 6225 10350 6225 10350 6525 9300 6525 9300 6225 -4 0 0 50 -1 0 12 0.0000 4 135 465 9375 6450 LEAP\001 --6 -6 8175 6225 9225 6525 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8175 6225 9225 6225 9225 6525 8175 6525 8175 6225 -4 0 0 50 -1 0 12 0.0000 4 135 765 8250 6450 EAP-PSK\001 --6 -6 9300 5850 10350 6150 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9300 5850 10350 5850 10350 6150 9300 6150 9300 5850 -4 0 0 50 -1 0 12 0.0000 4 135 825 9375 6075 EAP-AKA\001 --6 -6 8175 6975 9675 7275 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8175 6975 9675 6975 9675 7275 8175 7275 8175 6975 -4 0 0 50 -1 0 12 0.0000 4 135 1365 8250 7200 EAP-MSCHAPv2\001 --6 -6 9300 6600 10350 6900 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 9300 6600 10350 6600 10350 6900 9300 6900 9300 6600 -4 0 0 50 -1 0 12 0.0000 4 135 870 9375 6825 EAP-FAST\001 --6 -6 8175 6600 9225 6900 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8175 6600 9225 6600 9225 6900 8175 6900 8175 6600 -4 0 0 50 -1 0 12 0.0000 4 135 795 8250 6825 EAP-PAX\001 --6 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 8100 7350 10425 7350 10425 4425 8100 4425 8100 7350 -4 0 0 50 -1 0 12 0.0000 4 135 1050 8700 4650 EAP methods\001 --6 -6 2775 5025 4050 5325 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 2775 5025 4050 5025 4050 5325 2775 5325 2775 5025 -4 0 0 50 -1 0 12 0.0000 4 135 990 2925 5250 driver events\001 --6 -6 2775 3150 4050 3450 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 2775 3150 4050 3150 4050 3450 2775 3450 2775 3150 -4 0 0 50 -1 0 12 0.0000 4 180 990 2925 3375 configuration\001 --6 -2 1 1 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 - 1275 4200 1875 4200 -2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2 - 4500 2550 3900 1500 -2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2 - 4800 2550 5400 1500 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 2925 4200 4350 4200 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 5025 3900 6000 3000 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 5025 4200 6000 4200 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4650 6000 4650 4425 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 6600 4425 6600 4950 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 6600 3225 6600 3900 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 7200 5250 8100 5250 -2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 9075 4425 9075 3300 -2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 7200 3000 8700 3150 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4650 3900 4650 2850 -2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 7200 4125 8700 3300 -2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 6000 4350 5025 6000 -2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 6000 3150 4875 6000 -2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 - 1500 2100 10800 2100 10800 7500 1500 7500 1500 2100 -2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 9900 4425 9900 3300 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 1 - 4350 3900 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4350 3900 4050 3450 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 - 4350 4425 4050 5025 -4 0 0 50 -1 0 12 0.0000 4 135 915 375 3975 EAPOL and\001 -4 0 0 50 -1 0 12 0.0000 4 180 630 375 4200 pre-auth\001 -4 0 0 50 -1 0 12 0.0000 4 180 810 375 4425 ethertypes\001 -4 0 0 50 -1 0 12 0.0000 4 135 1050 375 4650 from/to kernel\001 -4 0 0 50 -1 0 12 0.0000 4 135 1920 3675 1875 frontend control interface\001 -4 0 0 50 -1 2 14 0.0000 4 210 1440 1637 2371 wpa_supplicant\001 @@ -752,6 +752,18 @@ struct wpa_driver_ops { * (management frame processing) to wpa_supplicant. */ int (*mlme_remove_sta)(void *priv, const u8 *addr); + + /** + * driver_cmd - execute driver-specific command + * @priv: private driver interface data from init() + * @cmd: command to execute + * @buf: return buffer + * @buf_len: buffer length + * + * Returns: 0 on success, -1 on failure + * + */ + int (*driver_cmd)(void *priv, char *cmd, char *buf, size_t buf_len); }; #endif /* DRIVER_H */ diff --git a/driver_test.c b/driver_test.c index 4513f23..f8e40a7 100644 --- a/driver_test.c +++ b/driver_test.c @@ -884,6 +884,35 @@ int wpa_driver_test_set_bssid(void *priv, const u8 *bssid) } #endif /* CONFIG_CLIENT_MLME */ +int wpa_driver_test_driver_cmd( void *priv, char *cmd, char *buf, size_t buf_len ) +{ + struct wpa_driver_test_data *drv = (struct wpa_driver_test_data *)priv; + int ret = -1; + + wpa_printf(MSG_DEBUG, "%s %s", __func__, cmd); + if( os_strncasecmp(cmd, "start", 5) == 0 ) { + wpa_printf(MSG_DEBUG,"Start command"); + ret = 0; + } + else if( os_strncasecmp(cmd, "stop", 4) == 0 ) { + wpa_printf(MSG_DEBUG,"Stop command"); + ret = 0; + } + else if( os_strncasecmp(cmd, "macaddr", 7) == 0 ) { + u8 *macaddr = (u8 *)wpa_driver_test_get_mac_addr(priv); + wpa_printf(MSG_DEBUG,"Macaddr command"); + wpa_printf(MSG_DEBUG, " Macaddr = " MACSTR, MAC2STR(macaddr)); + ret = os_snprintf(buf, buf_len, "Macaddr = " MACSTR "\n", MAC2STR(macaddr)); + } + else if( os_strncasecmp(cmd, "rssi", 4) == 0 ) { + wpa_printf(MSG_DEBUG,"RSSI command"); + ret = os_snprintf(buf, buf_len, MACSTR " Rssi %d\n", MAC2STR(drv->bssid), -10); + } else if (os_strncasecmp(cmd, "linkspeed", 9) == 0) { + wpa_printf(MSG_DEBUG, "LinkSpeed command"); + ret = os_snprintf(buf, buf_len, "LinkSpeed %u\n", 11); + } + return ret; +} const struct wpa_driver_ops wpa_driver_test_ops = { "test", @@ -920,7 +949,7 @@ const struct wpa_driver_ops wpa_driver_test_ops = { wpa_driver_test_set_bssid, wpa_driver_test_send_mlme, wpa_driver_test_mlme_add_sta, - wpa_driver_test_mlme_remove_sta + wpa_driver_test_mlme_remove_sta, #else /* CONFIG_CLIENT_MLME */ NULL /* get_hw_feature_data */, NULL /* set_channel */, @@ -928,6 +957,7 @@ const struct wpa_driver_ops wpa_driver_test_ops = { NULL /* set_bssid */, NULL /* send_mlme */, NULL /* mlme_add_sta */, - NULL /* mlme_remove_sta */ + NULL /* mlme_remove_sta */, #endif /* CONFIG_CLIENT_MLME */ + wpa_driver_test_driver_cmd }; @@ -55,6 +55,9 @@ extern struct wpa_driver_ops wpa_driver_wired_ops; /* driver_wired.c */ #ifdef CONFIG_DRIVER_TEST extern struct wpa_driver_ops wpa_driver_test_ops; /* driver_test.c */ #endif /* CONFIG_DRIVER_TEST */ +#ifdef CONFIG_DRIVER_CUSTOM +extern struct wpa_driver_ops wpa_driver_custom_ops; /* driver_ti.c */ +#endif /* CONFIG_DRIVER_CUSTOM */ struct wpa_driver_ops *wpa_supplicant_drivers[] = @@ -98,5 +101,8 @@ struct wpa_driver_ops *wpa_supplicant_drivers[] = #ifdef CONFIG_DRIVER_TEST &wpa_driver_test_ops, #endif /* CONFIG_DRIVER_TEST */ +#ifdef CONFIG_DRIVER_CUSTOM + &wpa_driver_custom_ops, +#endif /* CONFIG_DRIVER_CUSTOM */ NULL }; @@ -515,6 +515,7 @@ static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s) } wpa_supplicant_dbus_notify_scan_results(wpa_s); + wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS " Ready"); /* Dm: */ if (wpa_s->conf->ap_scan == 2 || wpa_s->disconnected) return; diff --git a/if_index.c b/if_index.c new file mode 100644 index 0000000..8f87d5f --- /dev/null +++ b/if_index.c @@ -0,0 +1,50 @@ +/* if_index.c +** +** Copyright 2007, The Android Open Source Project +** +** Licensed under the Apache License, Version 2.0 (the "License"); +** you may not use this file except in compliance with the License. +** You may obtain a copy of the License at +** +** http://www.apache.org/licenses/LICENSE-2.0 +** +** Unless required by applicable law or agreed to in writing, software +** distributed under the License is distributed on an "AS IS" BASIS, +** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +** See the License for the specific language governing permissions and +** limitations under the License. +*/ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <errno.h> + +#include <sys/socket.h> +#include <sys/select.h> +#include <sys/types.h> +#include <netinet/in.h> + +#include <linux/if.h> +#include <linux/sockios.h> +#include <linux/route.h> + +unsigned int if_nametoindex( const char *ifname ) +{ +#ifndef SIOCGIFINDEX + return 0; +#else + struct ifreq ifr; + int fd = socket(AF_INET, SOCK_DGRAM, 0); + + if (fd < 0) + return 0; + + strncpy(ifr.ifr_name, ifname, sizeof (ifr.ifr_name)); + ifr.ifr_ifindex = 0; + if (ioctl (fd, SIOCGIFINDEX, &ifr) < 0) { + return 0; + } + return ifr.ifr_ifindex; +#endif +} diff --git a/nmake.mak b/nmake.mak deleted file mode 100644 index 3afabad..0000000 --- a/nmake.mak +++ /dev/null @@ -1,188 +0,0 @@ -# Makefile for Microsoft nmake to build wpa_supplicant - -# This can be run in Visual Studio 2005 Command Prompt - -# Note: Make sure that cl.exe is configured to include Platform SDK -# include and lib directories (vsvars32.bat) - -all: wpa_supplicant.exe wpa_cli.exe wpa_passphrase.exe wpasvc.exe win_if_list.exe - -# Root directory for WinPcap developer's pack -# (http://www.winpcap.org/install/bin/WpdPack_3_1.zip) -WINPCAPDIR=C:\dev\WpdPack - -# Root directory for OpenSSL -# (http://www.openssl.org/source/openssl-0.9.8a.tar.gz) -# Build and installed following instructions in INSTALL.W32 -# Note: If EAP-FAST is included in the build, OpenSSL needs to be patched to -# support it (openssl-tls-extensions.patch) -# Alternatively, see README-Windows.txt for information about binary -# installation package for OpenSSL. -OPENSSLDIR=C:\dev\openssl - -CC = cl -OBJDIR = objs - -CFLAGS = /DCONFIG_NATIVE_WINDOWS -CFLAGS = $(CFLAGS) /DCONFIG_NDIS_EVENTS_INTEGRATED -CFLAGS = $(CFLAGS) /DCONFIG_ANSI_C_EXTRA -CFLAGS = $(CFLAGS) /DCONFIG_WINPCAP -CFLAGS = $(CFLAGS) /DIEEE8021X_EAPOL -CFLAGS = $(CFLAGS) /DEAP_TLS_FUNCS -CFLAGS = $(CFLAGS) /DPKCS12_FUNCS -CFLAGS = $(CFLAGS) /DEAP_MD5 -CFLAGS = $(CFLAGS) /DEAP_TLS -CFLAGS = $(CFLAGS) /DEAP_MSCHAPv2 -CFLAGS = $(CFLAGS) /DEAP_PEAP -CFLAGS = $(CFLAGS) /DEAP_TTLS -CFLAGS = $(CFLAGS) /DEAP_GTC -CFLAGS = $(CFLAGS) /DEAP_OTP -CFLAGS = $(CFLAGS) /DEAP_SIM -CFLAGS = $(CFLAGS) /DEAP_LEAP -CFLAGS = $(CFLAGS) /DEAP_PSK -CFLAGS = $(CFLAGS) /DEAP_AKA -#CFLAGS = $(CFLAGS) /DEAP_FAST -CFLAGS = $(CFLAGS) /DEAP_PAX -CFLAGS = $(CFLAGS) /DPCSC_FUNCS -CFLAGS = $(CFLAGS) /DCONFIG_CTRL_IFACE -CFLAGS = $(CFLAGS) /DCONFIG_CTRL_IFACE_NAMED_PIPE -CFLAGS = $(CFLAGS) /DCONFIG_DRIVER_NDIS -CFLAGS = $(CFLAGS) /I..\hostapd /I. -CFLAGS = $(CFLAGS) /DWIN32 -CFLAGS = $(CFLAGS) /Fo$(OBJDIR)\\ /c -CFLAGS = $(CFLAGS) /W3 - -#CFLAGS = $(CFLAGS) /WX - -# VS 2005 complains about lot of deprecated string functions; let's ignore them -# at least for now since snprintf and strncpy can be used in a safe way -CFLAGS = $(CFLAGS) /D_CRT_SECURE_NO_DEPRECATE - -OBJS = \ - $(OBJDIR)\os_win32.obj \ - $(OBJDIR)\eloop_win.obj \ - $(OBJDIR)\sha1.obj \ - $(OBJDIR)\md5.obj \ - $(OBJDIR)\rc4.obj \ - $(OBJDIR)\aes_wrap.obj \ - $(OBJDIR)\common.obj \ - $(OBJDIR)\wpa_supplicant.obj \ - $(OBJDIR)\wpa.obj \ - $(OBJDIR)\preauth.obj \ - $(OBJDIR)\pmksa_cache.obj \ - $(OBJDIR)\eapol_sm.obj \ - $(OBJDIR)\eap.obj \ - $(OBJDIR)\eap_methods.obj \ - $(OBJDIR)\eap_tlv.obj \ - $(OBJDIR)\eap_md5.obj \ - $(OBJDIR)\eap_tls.obj \ - $(OBJDIR)\eap_tls_common.obj \ - $(OBJDIR)\eap_mschapv2.obj \ - $(OBJDIR)\eap_peap.obj \ - $(OBJDIR)\eap_ttls.obj \ - $(OBJDIR)\eap_gtc.obj \ - $(OBJDIR)\eap_otp.obj \ - $(OBJDIR)\eap_leap.obj \ - $(OBJDIR)\eap_sim.obj \ - $(OBJDIR)\eap_sim_common.obj \ - $(OBJDIR)\eap_aka.obj \ - $(OBJDIR)\eap_pax.obj \ - $(OBJDIR)\eap_pax_common.obj \ - $(OBJDIR)\eap_psk.obj \ - $(OBJDIR)\eap_psk_common.obj \ - $(OBJDIR)\ctrl_iface.obj \ - $(OBJDIR)\ctrl_iface_named_pipe.obj \ - $(OBJDIR)\driver_ndis.obj \ - $(OBJDIR)\driver_ndis_.obj \ - $(OBJDIR)\events.obj \ - $(OBJDIR)\config.obj \ - $(OBJDIR)\l2_packet_winpcap.obj \ - $(OBJDIR)\tls_openssl.obj \ - $(OBJDIR)\ms_funcs.obj \ - $(OBJDIR)\crypto.obj \ - $(OBJDIR)\pcsc_funcs.obj \ - $(OBJDIR)\ndis_events.obj - -# OBJS = $(OBJS) $(OBJDIR)\eap_fast.obj - -OBJS_t = $(OBJS) \ - $(OBJDIR)\eapol_test.obj \ - $(OBJDIR)\radius.obj \ - $(OBJDIR)\radius_client.obj \ - $(OBJDIR)\config_file.obj $(OBJDIR)\base64.obj - -OBJS_t2 = $(OBJS) \ - $(OBJDIR)\preauth_test.obj \ - $(OBJDIR)\config_file.obj $(OBJDIR)\base64.obj - -OBJS2 = $(OBJDIR)\drivers.obj \ - $(OBJDIR)\config_file.obj $(OBJDIR)\base64.obj \ - $(OBJS2) $(OBJDIR)\main.obj - -OBJS3 = $(OBJDIR)\drivers.obj \ - $(OBJDIR)\config_winreg.obj \ - $(OBJS3) $(OBJDIR)\main_winsvc.obj - -OBJS_c = \ - $(OBJDIR)\os_win32.obj \ - $(OBJDIR)\wpa_cli.obj \ - $(OBJDIR)\wpa_ctrl.obj \ - $(OBJDIR)\common.obj - -OBJS_p = \ - $(OBJDIR)\os_win32.obj \ - $(OBJDIR)\common.obj \ - $(OBJDIR)\sha1.obj \ - $(OBJDIR)\md5.obj \ - $(OBJDIR)\crypto.obj \ - $(OBJDIR)\wpa_passphrase.obj - -LIBS = wbemuuid.lib libcmt.lib kernel32.lib uuid.lib ole32.lib oleaut32.lib \ - ws2_32.lib Advapi32.lib Crypt32.lib Winscard.lib \ - Packet.lib wpcap.lib \ - libeay32.lib ssleay32.lib -# If using Win32 OpenSSL binary installation from Shining Light Productions, -# replace the last line with this for dynamic libraries -# libeay32MT.lib ssleay32MT.lib -# and this for static libraries -# libeay32MT.lib ssleay32MT.lib Gdi32.lib User32.lib - -CFLAGS = $(CFLAGS) /I"$(WINPCAPDIR)/Include" /I"$(OPENSSLDIR)\include" -LFLAGS = /libpath:"$(WINPCAPDIR)\Lib" /libpath:"$(OPENSSLDIR)\lib" - -wpa_supplicant.exe: $(OBJDIR) $(OBJS) $(OBJS2) - link.exe /out:wpa_supplicant.exe $(LFLAGS) $(OBJS) $(OBJS2) $(LIBS) - -wpasvc.exe: $(OBJDIR) $(OBJS) $(OBJS3) - link.exe /out:wpasvc.exe $(LFLAGS) $(OBJS) $(OBJS3) $(LIBS) - -wpa_cli.exe: $(OBJDIR) $(OBJS_c) - link.exe /out:wpa_cli.exe $(LFLAGS) $(OBJS_c) $(LIBS) - -wpa_passphrase.exe: $(OBJDIR) $(OBJS_p) - link.exe /out:wpa_passphrase.exe $(LFLAGS) $(OBJS_p) $(LIBS) - -eapol_test.exe: $(OBJDIR) $(OBJS_t) - link.exe /out:eapol_test.exe $(LFLAGS) $(OBJS_t) $(LIBS) - -preauth_test.exe: $(OBJDIR) $(OBJS_t2) - link.exe /out:preauth_test.exe $(LFLAGS) $(OBJS_t2) $(LIBS) - -win_if_list.exe: $(OBJDIR) $(OBJDIR)\win_if_list.obj - link.exe /out:win_if_list.exe $(LFLAGS) $(OBJDIR)\win_if_list.obj $(LIBS) - - -{..\hostapd}.c{$(OBJDIR)}.obj:: - $(CC) $(CFLAGS) $< - -{.\}.c{$(OBJDIR)}.obj:: - $(CC) $(CFLAGS) $< - -{.\}.cpp{$(OBJDIR)}.obj:: - $(CC) $(CFLAGS) $< - -$(OBJDIR): - if not exist "$(OBJDIR)" mkdir "$(OBJDIR)" - -clean: - erase $(OBJDIR)\*.obj wpa_supplicant.exe diff --git a/openssl-0.9.8d-tls-extensions.patch b/openssl-0.9.8d-tls-extensions.patch deleted file mode 100644 index eec6db8..0000000 --- a/openssl-0.9.8d-tls-extensions.patch +++ /dev/null @@ -1,429 +0,0 @@ -This patch is adding support for TLS hello extensions and externally -generated pre-shared key material to OpenSSL 0.9.8d. This is -based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - - - -diff -uprN openssl-0.9.8d.orig/include/openssl/ssl.h openssl-0.9.8d/include/openssl/ssl.h ---- openssl-0.9.8d.orig/include/openssl/ssl.h 2006-06-14 06:52:49.000000000 -0700 -+++ openssl-0.9.8d/include/openssl/ssl.h 2006-12-10 08:20:02.000000000 -0800 -@@ -345,6 +345,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -366,6 +367,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -973,6 +976,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1538,6 +1550,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1719,6 +1738,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8d.orig/include/openssl/tls1.h openssl-0.9.8d/include/openssl/tls1.h ---- openssl-0.9.8d.orig/include/openssl/tls1.h 2006-06-14 10:52:01.000000000 -0700 -+++ openssl-0.9.8d/include/openssl/tls1.h 2006-12-10 08:20:02.000000000 -0800 -@@ -296,6 +296,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8d.orig/ssl/Makefile openssl-0.9.8d/ssl/Makefile ---- openssl-0.9.8d.orig/ssl/Makefile 2006-02-03 17:49:35.000000000 -0800 -+++ openssl-0.9.8d/ssl/Makefile 2006-12-10 08:20:02.000000000 -0800 -@@ -24,7 +24,7 @@ LIBSRC= \ - s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \ - s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ - s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ -- t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ -+ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ - d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ - d1_both.c d1_enc.c \ - ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ -@@ -35,7 +35,7 @@ LIBOBJ= \ - s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ - s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ - s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ -- t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \ -+ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ - d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \ - d1_both.o d1_enc.o \ - ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ -@@ -968,3 +968,4 @@ t1_srvr.o: ../include/openssl/ssl23.h .. - t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h - t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h - t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c -+t1_ext.o: t1_ext.c ssl_locl.h -diff -uprN openssl-0.9.8d.orig/ssl/s3_clnt.c openssl-0.9.8d/ssl/s3_clnt.c ---- openssl-0.9.8d.orig/ssl/s3_clnt.c 2005-12-12 23:41:46.000000000 -0800 -+++ openssl-0.9.8d/ssl/s3_clnt.c 2006-12-10 08:20:02.000000000 -0800 -@@ -601,6 +601,20 @@ int ssl3_client_hello(SSL *s) - #endif - *(p++)=0; /* Add the NULL method */ - -+ /* send client hello extensions if any */ -+ if (s->version >= TLS1_VERSION && s->tls_extension) -+ { -+ // set the total extensions length -+ s2n(s->tls_extension->length + 4, p); -+ -+ // put the extensions with type and length -+ s2n(s->tls_extension->type, p); -+ s2n(s->tls_extension->length, p); -+ -+ memcpy(p, s->tls_extension->data, s->tls_extension->length); -+ p+=s->tls_extension->length; -+ } -+ - l=(p-d); - d=buf; - *(d++)=SSL3_MT_CLIENT_HELLO; -@@ -623,7 +637,7 @@ int ssl3_get_server_hello(SSL *s) - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - unsigned char *p,*d; -- int i,al,ok; -+ int i,al,ok,pre_shared; - unsigned int j; - long n; - #ifndef OPENSSL_NO_COMP -@@ -690,7 +704,24 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -- if (j != 0 && j == s->session->session_id_length -+ /* check if we want to resume the session based on external pre-shared secret */ -+ pre_shared = 0; -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ s->session->session_id_length = j; -+ memcpy(s->session->session_id, p, j); -+ pre_shared = 1; -+ } -+ } -+ -+ if ((pre_shared || j != 0) && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { - if(s->sid_ctx_length != s->session->sid_ctx_length -diff -uprN openssl-0.9.8d.orig/ssl/s3_srvr.c openssl-0.9.8d/ssl/s3_srvr.c ---- openssl-0.9.8d.orig/ssl/s3_srvr.c 2006-09-28 04:29:03.000000000 -0700 -+++ openssl-0.9.8d/ssl/s3_srvr.c 2006-12-10 08:20:02.000000000 -0800 -@@ -943,6 +943,75 @@ int ssl3_get_client_hello(SSL *s) - } - #endif - -+ /* Check for TLS client hello extension here */ -+ if (p < (d+n) && s->version >= TLS1_VERSION) -+ { -+ if (s->tls_extension_cb) -+ { -+ TLS_EXTENSION tls_ext; -+ unsigned short ext_total_len; -+ -+ n2s(p, ext_total_len); -+ n2s(p, tls_ext.type); -+ n2s(p, tls_ext.length); -+ -+ // sanity check in TLS extension len -+ if (tls_ext.length > (d+n) - p) -+ { -+ // just cut the lenth to packet border -+ tls_ext.length = (d+n) - p; -+ } -+ -+ tls_ext.data = p; -+ -+ // returns an alert code or 0 -+ al = s->tls_extension_cb(s, &tls_ext, s->tls_extension_cb_arg); -+ if (al != 0) -+ { -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); -+ goto f_err; -+ } -+ } -+ } -+ -+ /* Check if we want to use external pre-shared secret for this handshake */ -+ /* for not reused session only */ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } -+ - /* Given s->session->ciphers and SSL_get_ciphers, we must - * pick a cipher */ - -diff -uprN openssl-0.9.8d.orig/ssl/ssl.h openssl-0.9.8d/ssl/ssl.h ---- openssl-0.9.8d.orig/ssl/ssl.h 2006-06-14 06:52:49.000000000 -0700 -+++ openssl-0.9.8d/ssl/ssl.h 2006-12-10 08:20:02.000000000 -0800 -@@ -345,6 +345,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -366,6 +367,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -973,6 +976,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1538,6 +1550,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1719,6 +1738,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8d.orig/ssl/ssl_err.c openssl-0.9.8d/ssl/ssl_err.c ---- openssl-0.9.8d.orig/ssl/ssl_err.c 2006-01-08 13:52:46.000000000 -0800 -+++ openssl-0.9.8d/ssl/ssl_err.c 2006-12-10 08:20:02.000000000 -0800 -@@ -242,6 +242,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -uprN openssl-0.9.8d.orig/ssl/ssl_sess.c openssl-0.9.8d/ssl/ssl_sess.c ---- openssl-0.9.8d.orig/ssl/ssl_sess.c 2005-12-30 15:51:57.000000000 -0800 -+++ openssl-0.9.8d/ssl/ssl_sess.c 2006-12-10 08:20:02.000000000 -0800 -@@ -656,6 +656,15 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -uprN openssl-0.9.8d.orig/ssl/t1_ext.c openssl-0.9.8d/ssl/t1_ext.c ---- openssl-0.9.8d.orig/ssl/t1_ext.c 1969-12-31 16:00:00.000000000 -0800 -+++ openssl-0.9.8d/ssl/t1_ext.c 2006-12-10 08:20:02.000000000 -0800 -@@ -0,0 +1,48 @@ -+ -+#include <stdio.h> -+#include "ssl_locl.h" -+ -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ if(ext_data) -+ { -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ s->tls_extension_cb = cb; -+ s->tls_extension_cb_arg = arg; -+ -+ return 1; -+ } -+ -+ return 0; -+} -diff -uprN openssl-0.9.8d.orig/ssl/t1_lib.c openssl-0.9.8d/ssl/t1_lib.c ---- openssl-0.9.8d.orig/ssl/t1_lib.c 2005-08-05 16:52:07.000000000 -0700 -+++ openssl-0.9.8d/ssl/t1_lib.c 2006-12-10 08:20:02.000000000 -0800 -@@ -97,6 +97,10 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } - ssl3_free(s); - } - -diff -uprN openssl-0.9.8d.orig/ssl/tls1.h openssl-0.9.8d/ssl/tls1.h ---- openssl-0.9.8d.orig/ssl/tls1.h 2006-06-14 10:52:01.000000000 -0700 -+++ openssl-0.9.8d/ssl/tls1.h 2006-12-10 08:20:02.000000000 -0800 -@@ -296,6 +296,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8d.orig/util/ssleay.num openssl-0.9.8d/util/ssleay.num ---- openssl-0.9.8d.orig/util/ssleay.num 2005-05-08 17:22:02.000000000 -0700 -+++ openssl-0.9.8d/util/ssleay.num 2006-12-10 08:20:02.000000000 -0800 -@@ -226,3 +226,6 @@ DTLSv1_server_method - SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP - SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP - SSL_SESSION_get_id 277 EXIST::FUNCTION: -+SSL_set_hello_extension 278 EXIST::FUNCTION: -+SSL_set_hello_extension_cb 279 EXIST::FUNCTION: -+SSL_set_session_secret_cb 280 EXIST::FUNCTION: diff --git a/openssl-0.9.8e-tls-extensions.patch b/openssl-0.9.8e-tls-extensions.patch deleted file mode 100644 index ede053f..0000000 --- a/openssl-0.9.8e-tls-extensions.patch +++ /dev/null @@ -1,353 +0,0 @@ -This patch is adding support for TLS hello extensions and externally -generated pre-shared key material to OpenSSL 0.9.8e. This is -based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - - - -diff -uprN openssl-0.9.8e.orig/ssl/Makefile openssl-0.9.8e/ssl/Makefile ---- openssl-0.9.8e.orig/ssl/Makefile 2006-02-03 17:49:35.000000000 -0800 -+++ openssl-0.9.8e/ssl/Makefile 2007-03-22 20:23:19.000000000 -0700 -@@ -24,7 +24,7 @@ LIBSRC= \ - s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \ - s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ - s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ -- t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ -+ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ - d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ - d1_both.c d1_enc.c \ - ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ -@@ -35,7 +35,7 @@ LIBOBJ= \ - s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ - s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ - s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ -- t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \ -+ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ - d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \ - d1_both.o d1_enc.o \ - ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ -@@ -968,3 +968,4 @@ t1_srvr.o: ../include/openssl/ssl23.h .. - t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h - t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h - t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c -+t1_ext.o: t1_ext.c ssl_locl.h -diff -uprN openssl-0.9.8e.orig/ssl/s3_clnt.c openssl-0.9.8e/ssl/s3_clnt.c ---- openssl-0.9.8e.orig/ssl/s3_clnt.c 2006-09-28 05:23:15.000000000 -0700 -+++ openssl-0.9.8e/ssl/s3_clnt.c 2007-03-22 20:23:19.000000000 -0700 -@@ -601,6 +601,20 @@ int ssl3_client_hello(SSL *s) - #endif - *(p++)=0; /* Add the NULL method */ - -+ /* send client hello extensions if any */ -+ if (s->version >= TLS1_VERSION && s->tls_extension) -+ { -+ // set the total extensions length -+ s2n(s->tls_extension->length + 4, p); -+ -+ // put the extensions with type and length -+ s2n(s->tls_extension->type, p); -+ s2n(s->tls_extension->length, p); -+ -+ memcpy(p, s->tls_extension->data, s->tls_extension->length); -+ p+=s->tls_extension->length; -+ } -+ - l=(p-d); - d=buf; - *(d++)=SSL3_MT_CLIENT_HELLO; -@@ -623,7 +637,7 @@ int ssl3_get_server_hello(SSL *s) - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - unsigned char *p,*d; -- int i,al,ok; -+ int i,al,ok,pre_shared; - unsigned int j; - long n; - #ifndef OPENSSL_NO_COMP -@@ -690,7 +704,24 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -- if (j != 0 && j == s->session->session_id_length -+ /* check if we want to resume the session based on external pre-shared secret */ -+ pre_shared = 0; -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ s->session->session_id_length = j; -+ memcpy(s->session->session_id, p, j); -+ pre_shared = 1; -+ } -+ } -+ -+ if ((pre_shared || j != 0) && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { - if(s->sid_ctx_length != s->session->sid_ctx_length -diff -uprN openssl-0.9.8e.orig/ssl/s3_srvr.c openssl-0.9.8e/ssl/s3_srvr.c ---- openssl-0.9.8e.orig/ssl/s3_srvr.c 2007-02-07 12:36:40.000000000 -0800 -+++ openssl-0.9.8e/ssl/s3_srvr.c 2007-03-22 20:23:19.000000000 -0700 -@@ -945,6 +945,75 @@ int ssl3_get_client_hello(SSL *s) - } - #endif - -+ /* Check for TLS client hello extension here */ -+ if (p < (d+n) && s->version >= TLS1_VERSION) -+ { -+ if (s->tls_extension_cb) -+ { -+ TLS_EXTENSION tls_ext; -+ unsigned short ext_total_len; -+ -+ n2s(p, ext_total_len); -+ n2s(p, tls_ext.type); -+ n2s(p, tls_ext.length); -+ -+ // sanity check in TLS extension len -+ if (tls_ext.length > (d+n) - p) -+ { -+ // just cut the lenth to packet border -+ tls_ext.length = (d+n) - p; -+ } -+ -+ tls_ext.data = p; -+ -+ // returns an alert code or 0 -+ al = s->tls_extension_cb(s, &tls_ext, s->tls_extension_cb_arg); -+ if (al != 0) -+ { -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); -+ goto f_err; -+ } -+ } -+ } -+ -+ /* Check if we want to use external pre-shared secret for this handshake */ -+ /* for not reused session only */ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } -+ - /* Given s->session->ciphers and SSL_get_ciphers, we must - * pick a cipher */ - -diff -uprN openssl-0.9.8e.orig/ssl/ssl.h openssl-0.9.8e/ssl/ssl.h ---- openssl-0.9.8e.orig/ssl/ssl.h 2007-02-19 09:55:07.000000000 -0800 -+++ openssl-0.9.8e/ssl/ssl.h 2007-03-22 20:23:19.000000000 -0700 -@@ -345,6 +345,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -366,6 +367,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -973,6 +976,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1538,6 +1550,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1719,6 +1738,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8e.orig/ssl/ssl_err.c openssl-0.9.8e/ssl/ssl_err.c ---- openssl-0.9.8e.orig/ssl/ssl_err.c 2006-11-21 12:14:46.000000000 -0800 -+++ openssl-0.9.8e/ssl/ssl_err.c 2007-03-22 20:23:19.000000000 -0700 -@@ -242,6 +242,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -uprN openssl-0.9.8e.orig/ssl/ssl_sess.c openssl-0.9.8e/ssl/ssl_sess.c ---- openssl-0.9.8e.orig/ssl/ssl_sess.c 2007-02-10 02:40:24.000000000 -0800 -+++ openssl-0.9.8e/ssl/ssl_sess.c 2007-03-22 20:23:19.000000000 -0700 -@@ -656,6 +656,15 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -uprN openssl-0.9.8e.orig/ssl/t1_ext.c openssl-0.9.8e/ssl/t1_ext.c ---- openssl-0.9.8e.orig/ssl/t1_ext.c 1969-12-31 16:00:00.000000000 -0800 -+++ openssl-0.9.8e/ssl/t1_ext.c 2007-03-22 20:23:19.000000000 -0700 -@@ -0,0 +1,48 @@ -+ -+#include <stdio.h> -+#include "ssl_locl.h" -+ -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ if(ext_data) -+ { -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ s->tls_extension_cb = cb; -+ s->tls_extension_cb_arg = arg; -+ -+ return 1; -+ } -+ -+ return 0; -+} -diff -uprN openssl-0.9.8e.orig/ssl/t1_lib.c openssl-0.9.8e/ssl/t1_lib.c ---- openssl-0.9.8e.orig/ssl/t1_lib.c 2007-01-21 08:07:25.000000000 -0800 -+++ openssl-0.9.8e/ssl/t1_lib.c 2007-03-22 20:23:19.000000000 -0700 -@@ -97,6 +97,10 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } - ssl3_free(s); - } - -diff -uprN openssl-0.9.8e.orig/ssl/tls1.h openssl-0.9.8e/ssl/tls1.h ---- openssl-0.9.8e.orig/ssl/tls1.h 2006-06-14 10:52:01.000000000 -0700 -+++ openssl-0.9.8e/ssl/tls1.h 2007-03-22 20:23:19.000000000 -0700 -@@ -296,6 +296,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8e.orig/util/ssleay.num openssl-0.9.8e/util/ssleay.num ---- openssl-0.9.8e.orig/util/ssleay.num 2006-11-30 05:04:43.000000000 -0800 -+++ openssl-0.9.8e/util/ssleay.num 2007-03-22 20:24:07.000000000 -0700 -@@ -238,3 +238,6 @@ SSL_CTX_set_info_callback - SSL_CTX_sess_get_new_cb 287 EXIST::FUNCTION: - SSL_CTX_get_client_cert_cb 288 EXIST::FUNCTION: - SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION: -+SSL_set_hello_extension 290 EXIST::FUNCTION: -+SSL_set_hello_extension_cb 291 EXIST::FUNCTION: -+SSL_set_session_secret_cb 292 EXIST::FUNCTION: diff --git a/openssl-tls-extensions.patch b/openssl-tls-extensions.patch deleted file mode 100644 index 44490cc..0000000 --- a/openssl-tls-extensions.patch +++ /dev/null @@ -1,429 +0,0 @@ -This patch is adding support for TLS hello extensions and externally -generated pre-shared key material to OpenSSL 0.9.8. This is -based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - - - -diff -uprN openssl-0.9.8.orig/include/openssl/ssl.h openssl-0.9.8/include/openssl/ssl.h ---- openssl-0.9.8.orig/include/openssl/ssl.h 2005-06-10 12:51:16.000000000 -0700 -+++ openssl-0.9.8/include/openssl/ssl.h 2005-07-19 20:02:15.000000000 -0700 -@@ -340,6 +340,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -361,6 +362,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -968,6 +971,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1533,6 +1545,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1714,6 +1733,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8.orig/include/openssl/tls1.h openssl-0.9.8/include/openssl/tls1.h ---- openssl-0.9.8.orig/include/openssl/tls1.h 2003-07-22 05:34:21.000000000 -0700 -+++ openssl-0.9.8/include/openssl/tls1.h 2005-07-19 20:02:15.000000000 -0700 -@@ -282,6 +282,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8.orig/ssl/Makefile openssl-0.9.8/ssl/Makefile ---- openssl-0.9.8.orig/ssl/Makefile 2005-05-30 16:20:30.000000000 -0700 -+++ openssl-0.9.8/ssl/Makefile 2005-07-19 20:02:15.000000000 -0700 -@@ -24,7 +24,7 @@ LIBSRC= \ - s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \ - s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ - s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ -- t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ -+ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ - d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ - d1_both.c d1_enc.c \ - ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ -@@ -35,7 +35,7 @@ LIBOBJ= \ - s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ - s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ - s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ -- t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \ -+ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ - d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \ - d1_both.o d1_enc.o \ - ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ -@@ -968,3 +968,4 @@ t1_srvr.o: ../include/openssl/ssl23.h .. - t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h - t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h - t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c -+t1_ext.o: t1_ext.c ssl_locl.h -diff -uprN openssl-0.9.8.orig/ssl/s3_clnt.c openssl-0.9.8/ssl/s3_clnt.c ---- openssl-0.9.8.orig/ssl/s3_clnt.c 2005-05-16 03:11:03.000000000 -0700 -+++ openssl-0.9.8/ssl/s3_clnt.c 2005-07-19 20:02:15.000000000 -0700 -@@ -606,6 +606,20 @@ int ssl3_client_hello(SSL *s) - } - *(p++)=0; /* Add the NULL method */ - -+ /* send client hello extensions if any */ -+ if (s->version >= TLS1_VERSION && s->tls_extension) -+ { -+ // set the total extensions length -+ s2n(s->tls_extension->length + 4, p); -+ -+ // put the extensions with type and length -+ s2n(s->tls_extension->type, p); -+ s2n(s->tls_extension->length, p); -+ -+ memcpy(p, s->tls_extension->data, s->tls_extension->length); -+ p+=s->tls_extension->length; -+ } -+ - l=(p-d); - d=buf; - *(d++)=SSL3_MT_CLIENT_HELLO; -@@ -628,7 +642,7 @@ int ssl3_get_server_hello(SSL *s) - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - unsigned char *p,*d; -- int i,al,ok; -+ int i,al,ok,pre_shared; - unsigned int j; - long n; - SSL_COMP *comp; -@@ -693,7 +707,24 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -- if (j != 0 && j == s->session->session_id_length -+ /* check if we want to resume the session based on external pre-shared secret */ -+ pre_shared = 0; -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ s->session->session_id_length = j; -+ memcpy(s->session->session_id, p, j); -+ pre_shared = 1; -+ } -+ } -+ -+ if ((pre_shared || j != 0) && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { - if(s->sid_ctx_length != s->session->sid_ctx_length -diff -uprN openssl-0.9.8.orig/ssl/s3_srvr.c openssl-0.9.8/ssl/s3_srvr.c ---- openssl-0.9.8.orig/ssl/s3_srvr.c 2005-05-22 17:32:55.000000000 -0700 -+++ openssl-0.9.8/ssl/s3_srvr.c 2005-07-19 20:02:15.000000000 -0700 -@@ -955,6 +955,75 @@ int ssl3_get_client_hello(SSL *s) - } - #endif - -+ /* Check for TLS client hello extension here */ -+ if (p < (d+n) && s->version >= TLS1_VERSION) -+ { -+ if (s->tls_extension_cb) -+ { -+ TLS_EXTENSION tls_ext; -+ unsigned short ext_total_len; -+ -+ n2s(p, ext_total_len); -+ n2s(p, tls_ext.type); -+ n2s(p, tls_ext.length); -+ -+ // sanity check in TLS extension len -+ if (tls_ext.length > (d+n) - p) -+ { -+ // just cut the lenth to packet border -+ tls_ext.length = (d+n) - p; -+ } -+ -+ tls_ext.data = p; -+ -+ // returns an alert code or 0 -+ al = s->tls_extension_cb(s, &tls_ext, s->tls_extension_cb_arg); -+ if (al != 0) -+ { -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); -+ goto f_err; -+ } -+ } -+ } -+ -+ /* Check if we want to use external pre-shared secret for this handshake */ -+ /* for not reused session only */ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } -+ - /* Given s->session->ciphers and SSL_get_ciphers, we must - * pick a cipher */ - -diff -uprN openssl-0.9.8.orig/ssl/ssl_err.c openssl-0.9.8/ssl/ssl_err.c ---- openssl-0.9.8.orig/ssl/ssl_err.c 2005-06-10 12:51:16.000000000 -0700 -+++ openssl-0.9.8/ssl/ssl_err.c 2005-07-19 20:02:15.000000000 -0700 -@@ -242,6 +242,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -uprN openssl-0.9.8.orig/ssl/ssl.h openssl-0.9.8/ssl/ssl.h ---- openssl-0.9.8.orig/ssl/ssl.h 2005-06-10 12:51:16.000000000 -0700 -+++ openssl-0.9.8/ssl/ssl.h 2005-07-19 20:02:15.000000000 -0700 -@@ -340,6 +340,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -361,6 +362,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -968,6 +971,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1533,6 +1545,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1714,6 +1733,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8.orig/ssl/ssl_sess.c openssl-0.9.8/ssl/ssl_sess.c ---- openssl-0.9.8.orig/ssl/ssl_sess.c 2005-04-29 13:10:06.000000000 -0700 -+++ openssl-0.9.8/ssl/ssl_sess.c 2005-07-19 20:02:15.000000000 -0700 -@@ -656,6 +656,15 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -uprN openssl-0.9.8.orig/ssl/t1_ext.c openssl-0.9.8/ssl/t1_ext.c ---- openssl-0.9.8.orig/ssl/t1_ext.c 1969-12-31 16:00:00.000000000 -0800 -+++ openssl-0.9.8/ssl/t1_ext.c 2005-07-19 20:03:29.000000000 -0700 -@@ -0,0 +1,48 @@ -+ -+#include <stdio.h> -+#include "ssl_locl.h" -+ -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ if(ext_data) -+ { -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ s->tls_extension_cb = cb; -+ s->tls_extension_cb_arg = arg; -+ -+ return 1; -+ } -+ -+ return 0; -+} -diff -uprN openssl-0.9.8.orig/ssl/t1_lib.c openssl-0.9.8/ssl/t1_lib.c ---- openssl-0.9.8.orig/ssl/t1_lib.c 2005-04-26 09:02:40.000000000 -0700 -+++ openssl-0.9.8/ssl/t1_lib.c 2005-07-19 20:02:15.000000000 -0700 -@@ -131,6 +131,10 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } - ssl3_free(s); - } - -diff -uprN openssl-0.9.8.orig/ssl/tls1.h openssl-0.9.8/ssl/tls1.h ---- openssl-0.9.8.orig/ssl/tls1.h 2003-07-22 05:34:21.000000000 -0700 -+++ openssl-0.9.8/ssl/tls1.h 2005-07-19 20:02:15.000000000 -0700 -@@ -282,6 +282,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8.orig/util/ssleay.num openssl-0.9.8/util/ssleay.num ---- openssl-0.9.8.orig/util/ssleay.num 2005-05-08 17:22:02.000000000 -0700 -+++ openssl-0.9.8/util/ssleay.num 2005-07-19 20:02:15.000000000 -0700 -@@ -226,3 +226,6 @@ DTLSv1_server_method - SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP - SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP - SSL_SESSION_get_id 277 EXIST::FUNCTION: -+SSL_set_hello_extension 278 EXIST::FUNCTION: -+SSL_set_hello_extension_cb 279 EXIST::FUNCTION: -+SSL_set_session_secret_cb 280 EXIST::FUNCTION: diff --git a/vs2005/eapol_test/eapol_test.vcproj b/vs2005/eapol_test/eapol_test.vcproj deleted file mode 100755 index 74c8721..0000000 --- a/vs2005/eapol_test/eapol_test.vcproj +++ /dev/null @@ -1,365 +0,0 @@ -<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="eapol_test"
- ProjectGUID="{0E3F2C6D-1372-48D6-BCAB-E584917C4DE3}"
- RootNamespace="eapol_test"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include;C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- DisableSpecificWarnings="4244;4267;4311"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="ws2_32.lib Crypt32.lib Winscard.lib Packet.lib wpcap.lib libeay32MT.lib ssleay32Mt.lib"
- LinkIncremental="2"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib;C:\dev\openssl\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="1"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include;C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- DisableSpecificWarnings="4244;4267;4311"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="ws2_32.lib Crypt32.lib Winscard.lib Packet.lib wpcap.lib libeay32MT.lib ssleay32Mt.lib"
- LinkIncremental="1"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib;C:\dev\openssl\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath="..\..\aes_wrap.c"
- >
- </File>
- <File
- RelativePath="..\..\base64.c"
- >
- </File>
- <File
- RelativePath="..\..\common.c"
- >
- </File>
- <File
- RelativePath="..\..\config.c"
- >
- </File>
- <File
- RelativePath="..\..\config_file.c"
- >
- </File>
- <File
- RelativePath="..\..\crypto.c"
- >
- </File>
- <File
- RelativePath="..\..\ctrl_iface.c"
- >
- </File>
- <File
- RelativePath="..\..\ctrl_iface_named_pipe.c"
- >
- </File>
- <File
- RelativePath="..\..\eap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_aka.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_gtc.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_leap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_md5.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_methods.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_mschapv2.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_otp.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_peap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_sim.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_sim_common.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tls.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tls_common.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tlv.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_ttls.c"
- >
- </File>
- <File
- RelativePath="..\..\eapol_sm.c"
- >
- </File>
- <File
- RelativePath="..\..\eapol_test.c"
- >
- </File>
- <File
- RelativePath="..\..\eloop_win.c"
- >
- </File>
- <File
- RelativePath="..\..\events.c"
- >
- </File>
- <File
- RelativePath="..\..\l2_packet_winpcap.c"
- >
- </File>
- <File
- RelativePath="..\..\md5.c"
- >
- </File>
- <File
- RelativePath="..\..\ms_funcs.c"
- >
- </File>
- <File
- RelativePath="..\..\os_win32.c"
- >
- </File>
- <File
- RelativePath="..\..\pcsc_funcs.c"
- >
- </File>
- <File
- RelativePath="..\..\pmksa_cache.c"
- >
- </File>
- <File
- RelativePath="..\..\preauth.c"
- >
- </File>
- <File
- RelativePath="..\..\radius.c"
- >
- </File>
- <File
- RelativePath="..\..\radius_client.c"
- >
- </File>
- <File
- RelativePath="..\..\rc4.c"
- >
- </File>
- <File
- RelativePath="..\..\sha1.c"
- >
- </File>
- <File
- RelativePath="..\..\tls_openssl.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa_supplicant.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/vs2005/win_if_list/win_if_list.vcproj b/vs2005/win_if_list/win_if_list.vcproj deleted file mode 100755 index 37f3848..0000000 --- a/vs2005/win_if_list/win_if_list.vcproj +++ /dev/null @@ -1,203 +0,0 @@ -<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="win_if_list"
- ProjectGUID="{9E87CD9C-60CE-4533-85CF-85CA3A9BF26A}"
- RootNamespace="win_if_list"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="wpcap.lib"
- LinkIncremental="2"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="wpcap.lib"
- LinkIncremental="1"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath="..\..\win_if_list.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/vs2005/wpa_cli/wpa_cli.vcproj b/vs2005/wpa_cli/wpa_cli.vcproj deleted file mode 100755 index a9e7539..0000000 --- a/vs2005/wpa_cli/wpa_cli.vcproj +++ /dev/null @@ -1,213 +0,0 @@ -<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="wpa_cli"
- ProjectGUID="{E3A7B181-22CC-4DA3-8410-6AD69879A9EC}"
- RootNamespace="wpa_cli"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- DisableSpecificWarnings="4244;4267"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="ws2_32.lib"
- LinkIncremental="2"
- GenerateDebugInformation="true"
- SubSystem="1"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- DisableSpecificWarnings="4244;4267"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="ws2_32.lib"
- LinkIncremental="1"
- GenerateDebugInformation="true"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath="..\..\common.c"
- >
- </File>
- <File
- RelativePath="..\..\os_win32.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa_cli.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa_ctrl.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/vs2005/wpa_passphrase/wpa_passphrase.vcproj b/vs2005/wpa_passphrase/wpa_passphrase.vcproj deleted file mode 100755 index 32a24c1..0000000 --- a/vs2005/wpa_passphrase/wpa_passphrase.vcproj +++ /dev/null @@ -1,220 +0,0 @@ -<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="wpa_passphrase"
- ProjectGUID="{ADBE4EA8-F0C5-40C2-AE89-C56D0F2EC1DF}"
- RootNamespace="wpa_passphrase"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- AdditionalIncludeDirectories="C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS;INTERNAL_SHA1;INTERNAL_MD5"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- DisableSpecificWarnings="4244;4267"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="ws2_32.lib"
- LinkIncremental="2"
- AdditionalLibraryDirectories=""
- GenerateDebugInformation="true"
- SubSystem="1"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS;INTERNAL_SHA1;INTERNAL_MD5"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- DisableSpecificWarnings="4244;4267"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="ws2_32.lib"
- LinkIncremental="1"
- GenerateDebugInformation="true"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath="..\..\common.c"
- >
- </File>
- <File
- RelativePath="..\..\md5.c"
- >
- </File>
- <File
- RelativePath="..\..\os_win32.c"
- >
- </File>
- <File
- RelativePath="..\..\sha1.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa_passphrase.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/vs2005/wpa_supplicant.sln b/vs2005/wpa_supplicant.sln deleted file mode 100755 index df89e31..0000000 --- a/vs2005/wpa_supplicant.sln +++ /dev/null @@ -1,52 +0,0 @@ -
-Microsoft Visual Studio Solution File, Format Version 9.00
-# Visual Studio 2005
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wpa_supplicant", "wpa_supplicant\wpa_supplicant.vcproj", "{8BCFDA77-AEDC-4168-8897-5B73105BBB87}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wpa_cli", "wpa_cli\wpa_cli.vcproj", "{E3A7B181-22CC-4DA3-8410-6AD69879A9EC}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wpasvc", "wpasvc\wpasvc.vcproj", "{E2A4A85F-CA77-406D-8ABF-63EF94545ACC}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wpa_passphrase", "wpa_passphrase\wpa_passphrase.vcproj", "{ADBE4EA8-F0C5-40C2-AE89-C56D0F2EC1DF}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "win_if_list", "win_if_list\win_if_list.vcproj", "{9E87CD9C-60CE-4533-85CF-85CA3A9BF26A}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "eapol_test", "eapol_test\eapol_test.vcproj", "{0E3F2C6D-1372-48D6-BCAB-E584917C4DE3}"
-EndProject
-Global
- GlobalSection(DPCodeReviewSolutionGUID) = preSolution
- DPCodeReviewSolutionGUID = {00000000-0000-0000-0000-000000000000}
- EndGlobalSection
- GlobalSection(SolutionConfigurationPlatforms) = preSolution
- Debug|Win32 = Debug|Win32
- Release|Win32 = Release|Win32
- EndGlobalSection
- GlobalSection(ProjectConfigurationPlatforms) = postSolution
- {8BCFDA77-AEDC-4168-8897-5B73105BBB87}.Debug|Win32.ActiveCfg = Debug|Win32
- {8BCFDA77-AEDC-4168-8897-5B73105BBB87}.Debug|Win32.Build.0 = Debug|Win32
- {8BCFDA77-AEDC-4168-8897-5B73105BBB87}.Release|Win32.ActiveCfg = Release|Win32
- {8BCFDA77-AEDC-4168-8897-5B73105BBB87}.Release|Win32.Build.0 = Release|Win32
- {E3A7B181-22CC-4DA3-8410-6AD69879A9EC}.Debug|Win32.ActiveCfg = Debug|Win32
- {E3A7B181-22CC-4DA3-8410-6AD69879A9EC}.Debug|Win32.Build.0 = Debug|Win32
- {E3A7B181-22CC-4DA3-8410-6AD69879A9EC}.Release|Win32.ActiveCfg = Release|Win32
- {E3A7B181-22CC-4DA3-8410-6AD69879A9EC}.Release|Win32.Build.0 = Release|Win32
- {E2A4A85F-CA77-406D-8ABF-63EF94545ACC}.Debug|Win32.ActiveCfg = Debug|Win32
- {E2A4A85F-CA77-406D-8ABF-63EF94545ACC}.Debug|Win32.Build.0 = Debug|Win32
- {E2A4A85F-CA77-406D-8ABF-63EF94545ACC}.Release|Win32.ActiveCfg = Release|Win32
- {E2A4A85F-CA77-406D-8ABF-63EF94545ACC}.Release|Win32.Build.0 = Release|Win32
- {ADBE4EA8-F0C5-40C2-AE89-C56D0F2EC1DF}.Debug|Win32.ActiveCfg = Debug|Win32
- {ADBE4EA8-F0C5-40C2-AE89-C56D0F2EC1DF}.Debug|Win32.Build.0 = Debug|Win32
- {ADBE4EA8-F0C5-40C2-AE89-C56D0F2EC1DF}.Release|Win32.ActiveCfg = Release|Win32
- {ADBE4EA8-F0C5-40C2-AE89-C56D0F2EC1DF}.Release|Win32.Build.0 = Release|Win32
- {9E87CD9C-60CE-4533-85CF-85CA3A9BF26A}.Debug|Win32.ActiveCfg = Debug|Win32
- {9E87CD9C-60CE-4533-85CF-85CA3A9BF26A}.Debug|Win32.Build.0 = Debug|Win32
- {9E87CD9C-60CE-4533-85CF-85CA3A9BF26A}.Release|Win32.ActiveCfg = Release|Win32
- {9E87CD9C-60CE-4533-85CF-85CA3A9BF26A}.Release|Win32.Build.0 = Release|Win32
- {0E3F2C6D-1372-48D6-BCAB-E584917C4DE3}.Debug|Win32.ActiveCfg = Debug|Win32
- {0E3F2C6D-1372-48D6-BCAB-E584917C4DE3}.Debug|Win32.Build.0 = Debug|Win32
- {0E3F2C6D-1372-48D6-BCAB-E584917C4DE3}.Release|Win32.ActiveCfg = Release|Win32
- EndGlobalSection
- GlobalSection(SolutionProperties) = preSolution
- HideSolutionNode = FALSE
- EndGlobalSection
-EndGlobal
diff --git a/vs2005/wpa_supplicant/wpa_supplicant.vcproj b/vs2005/wpa_supplicant/wpa_supplicant.vcproj deleted file mode 100755 index c646715..0000000 --- a/vs2005/wpa_supplicant/wpa_supplicant.vcproj +++ /dev/null @@ -1,365 +0,0 @@ -<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="wpa_supplicant"
- ProjectGUID="{8BCFDA77-AEDC-4168-8897-5B73105BBB87}"
- RootNamespace="wpa_supplicant"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include;C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- DisableSpecificWarnings="4244;4267;4311"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="wbemuuid.lib ws2_32.lib Crypt32.lib Winscard.lib Packet.lib wpcap.lib libeay32MT.lib ssleay32Mt.lib"
- LinkIncremental="2"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib;C:\dev\openssl\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include;C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- DisableSpecificWarnings="4244;4267;4311"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="wbemuuid.lib ws2_32.lib Crypt32.lib Winscard.lib Packet.lib wpcap.lib libeay32MT.lib ssleay32Mt.lib"
- LinkIncremental="1"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib;C:\dev\openssl\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath="..\..\aes_wrap.c"
- >
- </File>
- <File
- RelativePath="..\..\base64.c"
- >
- </File>
- <File
- RelativePath="..\..\common.c"
- >
- </File>
- <File
- RelativePath="..\..\config.c"
- >
- </File>
- <File
- RelativePath="..\..\config_file.c"
- >
- </File>
- <File
- RelativePath="..\..\crypto.c"
- >
- </File>
- <File
- RelativePath="..\..\ctrl_iface.c"
- >
- </File>
- <File
- RelativePath="..\..\ctrl_iface_named_pipe.c"
- >
- </File>
- <File
- RelativePath="..\..\driver_ndis.c"
- >
- </File>
- <File
- RelativePath="..\..\driver_ndis_.c"
- >
- </File>
- <File
- RelativePath="..\..\drivers.c"
- >
- </File>
- <File
- RelativePath="..\..\eap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_gtc.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_leap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_md5.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_methods.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_mschapv2.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_otp.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_peap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tls.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tls_common.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tlv.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_ttls.c"
- >
- </File>
- <File
- RelativePath="..\..\eapol_sm.c"
- >
- </File>
- <File
- RelativePath="..\..\eloop_win.c"
- >
- </File>
- <File
- RelativePath="..\..\events.c"
- >
- </File>
- <File
- RelativePath="..\..\l2_packet_winpcap.c"
- >
- </File>
- <File
- RelativePath="..\..\main.c"
- >
- </File>
- <File
- RelativePath="..\..\md4.c"
- >
- </File>
- <File
- RelativePath="..\..\md5.c"
- >
- </File>
- <File
- RelativePath="..\..\ms_funcs.c"
- >
- </File>
- <File
- RelativePath="..\..\ndis_events.c"
- >
- </File>
- <File
- RelativePath="..\..\os_win32.c"
- >
- </File>
- <File
- RelativePath="..\..\pcsc_funcs.c"
- >
- </File>
- <File
- RelativePath="..\..\pmksa_cache.c"
- >
- </File>
- <File
- RelativePath="..\..\preauth.c"
- >
- </File>
- <File
- RelativePath="..\..\rc4.c"
- >
- </File>
- <File
- RelativePath="..\..\sha1.c"
- >
- </File>
- <File
- RelativePath="..\..\tls_openssl.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa_supplicant.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/vs2005/wpasvc/wpasvc.vcproj b/vs2005/wpasvc/wpasvc.vcproj deleted file mode 100755 index 49001e0..0000000 --- a/vs2005/wpasvc/wpasvc.vcproj +++ /dev/null @@ -1,361 +0,0 @@ -<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="wpasvc"
- ProjectGUID="{E2A4A85F-CA77-406D-8ABF-63EF94545ACC}"
- RootNamespace="wpasvc"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include;C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- DisableSpecificWarnings="4244;4267;4311"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="wbemuuid.lib ws2_32.lib Crypt32.lib Winscard.lib Packet.lib wpcap.lib libeay32MT.lib ssleay32Mt.lib"
- LinkIncremental="2"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib;C:\dev\openssl\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionDir)$(ConfigurationName)"
- IntermediateDirectory="$(ConfigurationName)"
- ConfigurationType="1"
- CharacterSet="0"
- WholeProgramOptimization="1"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="C:\dev\WpdPack\include;C:\dev\openssl\include"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;CONFIG_WIN32_DEFAULTS"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- DisableSpecificWarnings="4244;4267;4311"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLinkerTool"
- AdditionalDependencies="wbemuuid.lib ws2_32.lib Crypt32.lib Winscard.lib Packet.lib wpcap.lib libeay32MT.lib ssleay32Mt.lib"
- LinkIncremental="1"
- AdditionalLibraryDirectories="C:\dev\WpdPack\lib;C:\dev\openssl\lib"
- GenerateDebugInformation="true"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCManifestTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCAppVerifierTool"
- />
- <Tool
- Name="VCWebDeploymentTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath="..\..\aes_wrap.c"
- >
- </File>
- <File
- RelativePath="..\..\common.c"
- >
- </File>
- <File
- RelativePath="..\..\config.c"
- >
- </File>
- <File
- RelativePath="..\..\config_winreg.c"
- >
- </File>
- <File
- RelativePath="..\..\crypto.c"
- >
- </File>
- <File
- RelativePath="..\..\ctrl_iface.c"
- >
- </File>
- <File
- RelativePath="..\..\ctrl_iface_named_pipe.c"
- >
- </File>
- <File
- RelativePath="..\..\driver_ndis.c"
- >
- </File>
- <File
- RelativePath="..\..\driver_ndis_.c"
- >
- </File>
- <File
- RelativePath="..\..\drivers.c"
- >
- </File>
- <File
- RelativePath="..\..\eap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_gtc.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_leap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_md5.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_methods.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_mschapv2.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_otp.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_peap.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tls.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tls_common.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_tlv.c"
- >
- </File>
- <File
- RelativePath="..\..\eap_ttls.c"
- >
- </File>
- <File
- RelativePath="..\..\eapol_sm.c"
- >
- </File>
- <File
- RelativePath="..\..\eloop_win.c"
- >
- </File>
- <File
- RelativePath="..\..\events.c"
- >
- </File>
- <File
- RelativePath="..\..\l2_packet_winpcap.c"
- >
- </File>
- <File
- RelativePath="..\..\main_winsvc.c"
- >
- </File>
- <File
- RelativePath="..\..\md4.c"
- >
- </File>
- <File
- RelativePath="..\..\md5.c"
- >
- </File>
- <File
- RelativePath="..\..\ms_funcs.c"
- >
- </File>
- <File
- RelativePath="..\..\ndis_events.c"
- >
- </File>
- <File
- RelativePath="..\..\os_win32.c"
- >
- </File>
- <File
- RelativePath="..\..\pcsc_funcs.c"
- >
- </File>
- <File
- RelativePath="..\..\pmksa_cache.c"
- >
- </File>
- <File
- RelativePath="..\..\preauth.c"
- >
- </File>
- <File
- RelativePath="..\..\rc4.c"
- >
- </File>
- <File
- RelativePath="..\..\sha1.c"
- >
- </File>
- <File
- RelativePath="..\..\tls_openssl.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa.c"
- >
- </File>
- <File
- RelativePath="..\..\wpa_supplicant.c"
- >
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/win_example.reg b/win_example.reg deleted file mode 100755 index 72094f8..0000000 --- a/win_example.reg +++ /dev/null @@ -1,32 +0,0 @@ -REGEDIT4
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant]
-"debug_level"=dword:00000000
-"debug_show_keys"=dword:00000001
-"debug_use_file"=dword:00000000
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test]
-"ap_scan"=dword:00000002
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test\blobs]
-"testblob"=hex:01,02,03,04,05
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test\networks]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test\networks\0000]
-"ssid"="\"example network\""
-"key_mgmt"="WPA-PSK"
-"psk"="\"secret password\""
-"pairwise"="CCMP"
-"group"="CCMP"
-"proto"="WPA"
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\interfaces]
-
-[HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\interfaces\0000]
-"adapter"="{A7627643-C310-49E5-BD89-7E77709C04AB}"
-"config"="test"
-"ctrl_interface"=""
-
@@ -24,10 +24,14 @@ #include <readline/history.h> #endif /* CONFIG_READLINE */ +#define CTRL_INTERFACE_2_SOCKETS + #include "wpa_ctrl.h" #include "common.h" #include "version.h" - +#ifdef ANDROID +#include <cutils/properties.h> +#endif static const char *wpa_cli_version = "wpa_cli v" VERSION_STR "\n" @@ -109,6 +113,9 @@ static const char *commands_help = " passphrase <network id> <passphrase> = configure private key passphrase\n" " for an SSID\n" " bssid <network id> <BSSID> = set preferred BSSID for an SSID\n" +" blacklist [<BSSID>] = add a BSSID to the blacklist\n" +" blacklist clear = clear the blacklist\n" +" blacklist = display the blacklist\n" " list_networks = list configured networks\n" " select_network <network id> = select a network (disable others)\n" " enable_network <network id> = enable a network\n" @@ -134,11 +141,16 @@ static const char *commands_help = " quit = exit wpa_cli\n"; static struct wpa_ctrl *ctrl_conn; +static struct wpa_ctrl *monitor_conn; static int wpa_cli_quit = 0; static int wpa_cli_attached = 0; static int wpa_cli_connected = 0; static int wpa_cli_last_id = 0; -static const char *ctrl_iface_dir = "/var/run/wpa_supplicant"; +#ifdef ANDROID +static const char *ctrl_iface_dir = "/data/misc/wifi/wpa_supplicant"; +#else +static const char *ctrl_iface_dir = "/tmp/run/wpa_supplicant"; +#endif static char *ctrl_ifname = NULL; static const char *pid_file = NULL; static const char *action_file = NULL; @@ -164,9 +176,10 @@ static void usage(void) static struct wpa_ctrl * wpa_cli_open_connection(const char *ifname) { + struct wpa_ctrl *cur_conn; #if defined(CONFIG_CTRL_IFACE_UDP) || defined(CONFIG_CTRL_IFACE_NAMED_PIPE) - ctrl_conn = wpa_ctrl_open(ifname); - return ctrl_conn; + cur_conn = wpa_ctrl_open(ifname); + return cur_conn; #else /* CONFIG_CTRL_IFACE_UDP || CONFIG_CTRL_IFACE_NAMED_PIPE */ char *cfile; int flen; @@ -174,15 +187,31 @@ static struct wpa_ctrl * wpa_cli_open_connection(const char *ifname) if (ifname == NULL) return NULL; +#ifdef ANDROID + if (access(ctrl_iface_dir, F_OK) < 0) + cfile = (char *)ifname; + else { +#endif flen = os_strlen(ctrl_iface_dir) + os_strlen(ifname) + 2; cfile = os_malloc(flen); if (cfile == NULL) return NULL; os_snprintf(cfile, flen, "%s/%s", ctrl_iface_dir, ifname); - - ctrl_conn = wpa_ctrl_open(cfile); - os_free(cfile); - return ctrl_conn; +#ifdef ANDROID + } +#endif + + cur_conn = wpa_ctrl_open(cfile); /* Dm: */ +#ifdef CTRL_INTERFACE_2_SOCKETS + monitor_conn = wpa_ctrl_open(cfile); +#else + monitor_conn = cur_conn; +#endif +#ifdef ANDROID + if (cfile != ifname) +#endif + os_free(cfile); + return cur_conn; #endif /* CONFIG_CTRL_IFACE_UDP || CONFIG_CTRL_IFACE_NAMED_PIPE */ } @@ -193,11 +222,14 @@ static void wpa_cli_close_connection(void) return; if (wpa_cli_attached) { - wpa_ctrl_detach(ctrl_conn); + wpa_ctrl_detach(monitor_conn); wpa_cli_attached = 0; } +#ifdef CTRL_INTERFACE_2_SOCKETS + wpa_ctrl_close(monitor_conn); +#endif wpa_ctrl_close(ctrl_conn); - ctrl_conn = NULL; + ctrl_conn = monitor_conn = NULL; } @@ -209,7 +241,7 @@ static void wpa_cli_msg_cb(char *msg, size_t len) static int _wpa_ctrl_command(struct wpa_ctrl *ctrl, char *cmd, int print) { - char buf[2048]; + char buf[4096]; size_t len; int ret; @@ -661,6 +693,32 @@ static int wpa_cli_cmd_bssid(struct wpa_ctrl *ctrl, int argc, char *argv[]) return wpa_ctrl_command(ctrl, cmd); } +#ifdef ANDROID +static int wpa_cli_cmd_blacklist(struct wpa_ctrl *ctrl, int argc, char *argv[]) +{ + char cmd[256], *pos, *end; + int i, ret; + + end = cmd + sizeof(cmd); + pos = cmd; + ret = os_snprintf(pos, end - pos, "BLACKLIST"); + if (ret < 0 || ret >= end - pos) { + printf("Too long BLACKLIST command.\n"); + return -1; + } + pos += ret; + for (i = 0; i < argc; i++) { + ret = os_snprintf(pos, end - pos, " %s", argv[i]); + if (ret < 0 || ret >= end - pos) { + printf("Too long BLACKLIST command.\n"); + return -1; + } + pos += ret; + } + + return wpa_ctrl_command(ctrl, cmd); +} +#endif static int wpa_cli_cmd_list_networks(struct wpa_ctrl *ctrl, int argc, char *argv[]) @@ -900,9 +958,9 @@ static int wpa_cli_cmd_interface(struct wpa_ctrl *ctrl, int argc, char *argv[]) os_free(ctrl_ifname); ctrl_ifname = os_strdup(argv[0]); - if (wpa_cli_open_connection(ctrl_ifname)) { + if ((ctrl_conn = wpa_cli_open_connection(ctrl_ifname)) != NULL) { printf("Connected to interface '%s.\n", ctrl_ifname); - if (wpa_ctrl_attach(ctrl_conn) == 0) { + if (wpa_ctrl_attach(monitor_conn) == 0) { wpa_cli_attached = 1; } else { printf("Warning: Failed to attach to " @@ -973,6 +1031,24 @@ static int wpa_cli_cmd_interface_remove(struct wpa_ctrl *ctrl, int argc, return wpa_ctrl_command(ctrl, cmd); } +static int wpa_cli_cmd_driver(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + char cmd[32]; + + if (argc < 1) { + printf("Invalid DRIVER command: needs one argument (cmd)\n"); + return -1; + } + + if (argc > 1) + os_snprintf(cmd, sizeof(cmd), "DRIVER %s %s", argv[0], argv[1]); + else + os_snprintf(cmd, sizeof(cmd), "DRIVER %s", argv[0]); + cmd[sizeof(cmd) - 1] = '\0'; + + return wpa_ctrl_command(ctrl, cmd); +} struct wpa_cli_cmd { const char *cmd; @@ -1001,6 +1077,9 @@ static struct wpa_cli_cmd wpa_cli_commands[] = { { "otp", wpa_cli_cmd_otp }, { "passphrase", wpa_cli_cmd_passphrase }, { "bssid", wpa_cli_cmd_bssid }, +#ifdef ANDROID + { "blacklist", wpa_cli_cmd_blacklist }, +#endif { "list_networks", wpa_cli_cmd_list_networks }, { "select_network", wpa_cli_cmd_select_network }, { "enable_network", wpa_cli_cmd_enable_network }, @@ -1021,6 +1100,7 @@ static struct wpa_cli_cmd wpa_cli_commands[] = { { "interface_remove", wpa_cli_cmd_interface_remove }, { "ap_scan", wpa_cli_cmd_ap_scan }, { "stkstart", wpa_cli_cmd_stkstart }, + { "driver", wpa_cli_cmd_driver }, { NULL, NULL } }; @@ -1063,6 +1143,9 @@ static int wpa_request(struct wpa_ctrl *ctrl, int argc, char *argv[]) printf("Unknown command '%s'\n", argv[0]); ret = 1; } else { + if( os_strncasecmp( "level", argv[0], os_strlen(argv[0]) ) == 0 ) { + ctrl = monitor_conn; + } ret = match->handler(ctrl, argc - 1, &argv[1]); } @@ -1174,7 +1257,7 @@ static void wpa_cli_reconnect(void) ctrl_conn = wpa_cli_open_connection(ctrl_ifname); if (ctrl_conn) { printf("Connection to wpa_supplicant re-established\n"); - if (wpa_ctrl_attach(ctrl_conn) == 0) { + if (wpa_ctrl_attach(monitor_conn) == 0) { wpa_cli_attached = 1; } else { printf("Warning: Failed to attach to " @@ -1188,7 +1271,7 @@ static void wpa_cli_recv_pending(struct wpa_ctrl *ctrl, int in_read, int action_monitor) { int first = 1; - if (ctrl_conn == NULL) { + if (ctrl == NULL) { wpa_cli_reconnect(); return; } @@ -1282,7 +1365,7 @@ static void wpa_cli_interactive(void) #endif /* CONFIG_READLINE */ do { - wpa_cli_recv_pending(ctrl_conn, 0, 0); + wpa_cli_recv_pending(monitor_conn, 0, 0); #ifndef CONFIG_NATIVE_WINDOWS alarm(1); #endif /* CONFIG_NATIVE_WINDOWS */ @@ -1306,7 +1389,7 @@ static void wpa_cli_interactive(void) #endif /* CONFIG_NATIVE_WINDOWS */ if (cmd == NULL) break; - wpa_cli_recv_pending(ctrl_conn, 0, 0); + wpa_cli_recv_pending(monitor_conn, 0, 0); pos = cmd; while (*pos != '\0') { if (*pos == '\n') { @@ -1442,10 +1525,10 @@ static void wpa_cli_alarm(int sig) "reconnect\n"); wpa_cli_close_connection(); } - if (!ctrl_conn) + if (!monitor_conn) wpa_cli_reconnect(); - if (ctrl_conn) - wpa_cli_recv_pending(ctrl_conn, 1, 0); + if (monitor_conn) + wpa_cli_recv_pending(monitor_conn, 1, 0); alarm(1); } #endif /* CONFIG_NATIVE_WINDOWS */ @@ -1458,8 +1541,17 @@ static char * wpa_cli_get_default_ifname(void) #ifdef CONFIG_CTRL_IFACE_UNIX struct dirent *dent; DIR *dir = opendir(ctrl_iface_dir); - if (!dir) + if (!dir) { +#ifdef ANDROID + char ifprop[PROPERTY_VALUE_MAX]; + if (property_get("wifi.interface", ifprop, NULL) != 0) { + ifname = os_strdup(ifprop); + printf("Using interface '%s'\n", ifname); + return ifname; + } +#endif return NULL; + } while ((dent = readdir(dir))) { #ifdef _DIRENT_HAVE_D_TYPE /* @@ -1481,7 +1573,7 @@ static char * wpa_cli_get_default_ifname(void) #endif /* CONFIG_CTRL_IFACE_UNIX */ #ifdef CONFIG_CTRL_IFACE_NAMED_PIPE - char buf[2048], *pos; + char buf[4096], *pos; size_t len; struct wpa_ctrl *ctrl; int ret; @@ -1606,7 +1698,7 @@ int main(int argc, char *argv[]) #endif /* CONFIG_NATIVE_WINDOWS */ if (interactive || action_file) { - if (wpa_ctrl_attach(ctrl_conn) == 0) { + if (wpa_ctrl_attach(monitor_conn) == 0) { wpa_cli_attached = 1; } else { printf("Warning: Failed to attach to " @@ -19,6 +19,13 @@ #ifdef CONFIG_CTRL_IFACE_UNIX #include <sys/un.h> #endif /* CONFIG_CTRL_IFACE_UNIX */ +#ifdef ANDROID +#include <dirent.h> +#include <linux/limits.h> +#include <cutils/sockets.h> +#include <cutils/memory.h> +#include "private/android_filesystem_config.h" +#endif #include "wpa_ctrl.h" #include "common.h" @@ -26,9 +33,12 @@ #if defined(CONFIG_CTRL_IFACE_UNIX) || defined(CONFIG_CTRL_IFACE_UDP) #define CTRL_IFACE_SOCKET +#ifdef ANDROID +static const char *local_socket_dir = "/data/misc/wifi/sockets"; +static const char *local_socket_prefix = "wpa_ctrl_"; +#endif /* ANDROID */ #endif /* CONFIG_CTRL_IFACE_UNIX || CONFIG_CTRL_IFACE_UDP */ - /** * struct wpa_ctrl - Internal structure for control interface library * @@ -76,7 +86,12 @@ struct wpa_ctrl * wpa_ctrl_open(const char *ctrl_path) ctrl->local.sun_family = AF_UNIX; os_snprintf(ctrl->local.sun_path, sizeof(ctrl->local.sun_path), +#ifdef ANDROID + "%s/%s%d-%d", local_socket_dir, local_socket_prefix, + getpid(), counter++); +#else /* ANDROID */ "/tmp/wpa_ctrl_%d-%d", getpid(), counter++); +#endif if (bind(ctrl->s, (struct sockaddr *) &ctrl->local, sizeof(ctrl->local)) < 0) { close(ctrl->s); @@ -84,6 +99,30 @@ struct wpa_ctrl * wpa_ctrl_open(const char *ctrl_path) return NULL; } +#ifdef ANDROID + chmod(ctrl->local.sun_path, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP); + chown(ctrl->local.sun_path, AID_SYSTEM, AID_WIFI); + /* + * If the ctrl_path isn't an absolute pathname, assume that + * it's the name of a socket in the Android reserved namespace. + * Otherwise, it's a normal UNIX domain socket appearing in the + * filesystem. + */ + if (ctrl_path != NULL && *ctrl_path != '/') { + os_snprintf(ctrl->dest.sun_path, sizeof(ctrl->dest.sun_path), "wpa_%s", + ctrl_path); + if (socket_local_client_connect(ctrl->s, + ctrl->dest.sun_path, + ANDROID_SOCKET_NAMESPACE_RESERVED, + SOCK_DGRAM) < 0) { + close(ctrl->s); + unlink(ctrl->local.sun_path); + os_free(ctrl); + return NULL; + } + return ctrl; + } +#endif ctrl->dest.sun_family = AF_UNIX; os_snprintf(ctrl->dest.sun_path, sizeof(ctrl->dest.sun_path), "%s", ctrl_path); @@ -106,8 +145,53 @@ void wpa_ctrl_close(struct wpa_ctrl *ctrl) os_free(ctrl); } -#endif /* CONFIG_CTRL_IFACE_UNIX */ +#ifdef ANDROID +/** + * wpa_ctrl_cleanup() - Delete any local UNIX domain socket files that + * may be left over from clients that were previously connected to + * wpa_supplicant. This keeps these files from being orphaned in the + * event of crashes that prevented them from being removed as part + * of the normal orderly shutdown. + */ +void wpa_ctrl_cleanup() +{ + DIR *dir; + struct dirent entry; + struct dirent *result; + size_t dirnamelen; + int prefixlen = strlen(local_socket_prefix); + size_t maxcopy; + char pathname[PATH_MAX]; + char *namep; + + if ((dir = opendir(local_socket_dir)) == NULL) + return; + + dirnamelen = (size_t)snprintf(pathname, sizeof(pathname), "%s/", local_socket_dir); + if (dirnamelen >= sizeof(pathname)) { + closedir(dir); + return; + } + namep = pathname + dirnamelen; + maxcopy = PATH_MAX-dirnamelen; + while (readdir_r(dir, &entry, &result) == 0 && result != NULL) { + if (strncmp(entry.d_name, local_socket_prefix, prefixlen) == 0) { + if (strlcpy(namep, entry.d_name, maxcopy) < maxcopy) { + unlink(pathname); + } + } + } + closedir(dir); +} +#endif /* ANDROID */ +#else /* CONFIG_CTRL_IFACE_UNIX */ +#ifdef ANDROID +void wpa_ctrl_cleanup() +{ +} +#endif /* ANDROID */ +#endif /* CONFIG_CTRL_IFACE_UNIX */ #ifdef CONFIG_CTRL_IFACE_UDP @@ -46,7 +46,14 @@ extern "C" { #define WPA_EVENT_EAP_SUCCESS "CTRL-EVENT-EAP-SUCCESS " /** EAP authentication failed (EAP-Failure received) */ #define WPA_EVENT_EAP_FAILURE "CTRL-EVENT-EAP-FAILURE " - +/** Scan results are ready */ +#define WPA_EVENT_SCAN_RESULTS "CTRL-EVENT-SCAN-RESULTS " +/** wpa_supplicant state change */ +#define WPA_EVENT_STATE_CHANGE "CTRL-EVENT-STATE-CHANGE " +/** AP to STA speed */ +#define WPA_EVENT_LINK_SPEED "CTRL-EVENT-LINK-SPEED " +/** Driver state change */ +#define WPA_EVENT_DRIVER_STATE "CTRL-EVENT-DRIVER-STATE " /* wpa_supplicant/hostapd control interface access */ @@ -172,6 +179,17 @@ int wpa_ctrl_pending(struct wpa_ctrl *ctrl); */ int wpa_ctrl_get_fd(struct wpa_ctrl *ctrl); +#ifdef ANDROID +/** + * wpa_ctrl_cleanup() - Delete any local UNIX domain socket files that + * may be left over from clients that were previously connected to + * wpa_supplicant. This keeps these files from being orphaned in the + * event of crashes that prevented them from being removed as part + * of the normal orderly shutdown. + */ +void wpa_ctrl_cleanup(); +#endif /* ANDROID */ + #ifdef CONFIG_CTRL_IFACE_UDP #define WPA_CTRL_IFACE_PORT 9877 #define WPA_GLOBAL_CTRL_IFACE_PORT 9878 diff --git a/wpa_gui-qt4/.cvsignore b/wpa_gui-qt4/.cvsignore deleted file mode 100644 index 11963c8..0000000 --- a/wpa_gui-qt4/.cvsignore +++ /dev/null @@ -1,5 +0,0 @@ -.moc -.obj -.ui -Makefile -wpa_gui diff --git a/wpa_gui-qt4/setup-mingw-cross-compiling b/wpa_gui-qt4/setup-mingw-cross-compiling index e173b00..e173b00 100755..100644 --- a/wpa_gui-qt4/setup-mingw-cross-compiling +++ b/wpa_gui-qt4/setup-mingw-cross-compiling diff --git a/wpa_gui/.cvsignore b/wpa_gui/.cvsignore deleted file mode 100644 index 11963c8..0000000 --- a/wpa_gui/.cvsignore +++ /dev/null @@ -1,5 +0,0 @@ -.moc -.obj -.ui -Makefile -wpa_gui diff --git a/wpa_gui/setup-mingw-cross-compiling b/wpa_gui/setup-mingw-cross-compiling index 07e4a8f..07e4a8f 100755..100644 --- a/wpa_gui/setup-mingw-cross-compiling +++ b/wpa_gui/setup-mingw-cross-compiling diff --git a/wpa_supplicant.c b/wpa_supplicant.c index 99f1185..a91463f 100644 --- a/wpa_supplicant.c +++ b/wpa_supplicant.c @@ -796,13 +796,26 @@ const char * wpa_supplicant_state_txt(int state) */ void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state) { +#ifdef ANDROID + int network_id = -1; + if (wpa_s && wpa_s->current_ssid) { + network_id = wpa_s->current_ssid->id; + } + wpa_states reported_state = state; + if (state == WPA_DISCONNECTED && wpa_s->disconnected) { + reported_state = WPA_IDLE; + } +#endif wpa_printf(MSG_DEBUG, "State: %s -> %s", wpa_supplicant_state_txt(wpa_s->wpa_state), wpa_supplicant_state_txt(state)); wpa_supplicant_dbus_notify_state_change(wpa_s, state, wpa_s->wpa_state); - +#ifdef ANDROID + wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_STATE_CHANGE "id=%d state=%d", + network_id, reported_state); /* Dm: */ +#endif if (state == WPA_COMPLETED && wpa_s->new_connection) { #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) struct wpa_ssid *ssid = wpa_s->current_ssid; @@ -2593,6 +2606,8 @@ void wpa_supplicant_deinit(struct wpa_global *global) if (global == NULL) return; + wpa_supplicant_terminate(0, global, NULL); + while (global->ifaces) wpa_supplicant_remove_iface(global, global->ifaces); diff --git a/wpa_supplicant.conf b/wpa_supplicant.conf index ec8b0ee..7476f0e 100644 --- a/wpa_supplicant.conf +++ b/wpa_supplicant.conf @@ -21,7 +21,7 @@ # wpa_cli/wpa_gui to be able to store the configuration changes permanently. # Please note that overwriting configuration file will remove the comments from # it. -#update_config=1 +update_config=1 # global configuration (shared by all network blocks) # @@ -72,7 +72,7 @@ # DACL (which will reject all connections). See README-Windows.txt for more # information about SDDL string format. # -ctrl_interface=/var/run/wpa_supplicant +ctrl_interface=tiwlan0 # IEEE 802.1X/EAPOL version # wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which defines @@ -437,274 +437,274 @@ fast_reauth=1 # Example blocks: # Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers -network={ - ssid="simple" - psk="very secret passphrase" - priority=5 -} +#network={ +# ssid="simple" +# psk="very secret passphrase" +# priority=5 +#} # Same as previous, but request SSID-specific scanning (for APs that reject # broadcast SSID) -network={ - ssid="second ssid" - scan_ssid=1 - psk="very secret passphrase" - priority=2 -} +#network={ +# ssid="second ssid" +# scan_ssid=1 +# psk="very secret passphrase" +# priority=2 +#} # Only WPA-PSK is used. Any valid cipher combination is accepted. -network={ - ssid="example" - proto=WPA - key_mgmt=WPA-PSK - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb - priority=2 -} +#network={ +# ssid="example" +# proto=WPA +# key_mgmt=WPA-PSK +# pairwise=CCMP TKIP +# group=CCMP TKIP WEP104 WEP40 +# psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb +# priority=2 +#} # Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used WEP104 # or WEP40 as the group cipher will not be accepted. -network={ - ssid="example" - proto=RSN - key_mgmt=WPA-EAP - pairwise=CCMP TKIP - group=CCMP TKIP - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - priority=1 -} +#network={ +# ssid="example" +# proto=RSN +# key_mgmt=WPA-EAP +# pairwise=CCMP TKIP +# group=CCMP TKIP +# eap=TLS +# identity="user@example.com" +# ca_cert="/etc/cert/ca.pem" +# client_cert="/etc/cert/user.pem" +# private_key="/etc/cert/user.prv" +# private_key_passwd="password" +# priority=1 +#} # EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new peaplabel # (e.g., Radiator) -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=PEAP - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase1="peaplabel=1" - phase2="auth=MSCHAPV2" - priority=10 -} +#network={ +# ssid="example" +# key_mgmt=WPA-EAP +# eap=PEAP +# identity="user@example.com" +# password="foobar" +# ca_cert="/etc/cert/ca.pem" +# phase1="peaplabel=1" +# phase2="auth=MSCHAPV2" +# priority=10 +#} # EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for the # unencrypted use. Real identity is sent only within an encrypted TLS tunnel. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - priority=2 -} +#network={ +# ssid="example" +# key_mgmt=WPA-EAP +# eap=TTLS +# identity="user@example.com" +# anonymous_identity="anonymous@example.com" +# password="foobar" +# ca_cert="/etc/cert/ca.pem" +# priority=2 +#} # EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the unencrypted # use. Real identity is sent only within an encrypted TLS tunnel. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase2="auth=MSCHAPV2" -} +#network={ +# ssid="example" +# key_mgmt=WPA-EAP +# eap=TTLS +# identity="user@example.com" +# anonymous_identity="anonymous@example.com" +# password="foobar" +# ca_cert="/etc/cert/ca.pem" +# phase2="auth=MSCHAPV2" +#} # WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner # authentication. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - # Phase1 / outer authentication - anonymous_identity="anonymous@example.com" - ca_cert="/etc/cert/ca.pem" - # Phase 2 / inner authentication - phase2="autheap=TLS" - ca_cert2="/etc/cert/ca2.pem" - client_cert2="/etc/cer/user.pem" - private_key2="/etc/cer/user.prv" - private_key2_passwd="password" - priority=2 -} +#network={ +# ssid="example" +# key_mgmt=WPA-EAP +# eap=TTLS +# # Phase1 / outer authentication +# anonymous_identity="anonymous@example.com" +# ca_cert="/etc/cert/ca.pem" +# # Phase 2 / inner authentication +# phase2="autheap=TLS" +# ca_cert2="/etc/cert/ca2.pem" +# client_cert2="/etc/cer/user.pem" +# private_key2="/etc/cer/user.prv" +# private_key2_passwd="password" +# priority=2 +#} # Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as pairwise and # group cipher. -network={ - ssid="example" - bssid=00:11:22:33:44:55 - proto=WPA RSN - key_mgmt=WPA-PSK WPA-EAP - pairwise=CCMP - group=CCMP - psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb -} +#network={ +# ssid="example" +# bssid=00:11:22:33:44:55 +# proto=WPA RSN +# key_mgmt=WPA-PSK WPA-EAP +# pairwise=CCMP +# group=CCMP +# psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb +#} # Special characters in SSID, so use hex string. Default to WPA-PSK, WPA-EAP # and all valid ciphers. -network={ - ssid=00010203 - psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f -} +#network={ +# ssid=00010203 +# psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f +#} # EAP-SIM with a GSM SIM or USIM -network={ - ssid="eap-sim-test" - key_mgmt=WPA-EAP - eap=SIM - pin="1234" - pcsc="" -} +#network={ +# ssid="eap-sim-test" +# key_mgmt=WPA-EAP +# eap=SIM +# pin="1234" +# pcsc="" +#} # EAP-PSK -network={ - ssid="eap-psk-test" - key_mgmt=WPA-EAP - eap=PSK - identity="eap_psk_user" - eappsk=06b4be19da289f475aa46a33cb793029 - nai="eap_psk_user@example.com" -} +#network={ +# ssid="eap-psk-test" +# key_mgmt=WPA-EAP +# eap=PSK +# identity="eap_psk_user" +# eappsk=06b4be19da289f475aa46a33cb793029 +# nai="eap_psk_user@example.com" +#} # IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using # EAP-TLS for authentication and key generation; require both unicast and # broadcast WEP keys. -network={ - ssid="1x-test" - key_mgmt=IEEE8021X - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - eapol_flags=3 -} +#network={ +# ssid="1x-test" +# key_mgmt=IEEE8021X +# eap=TLS +# identity="user@example.com" +# ca_cert="/etc/cert/ca.pem" +# client_cert="/etc/cert/user.pem" +# private_key="/etc/cert/user.prv" +# private_key_passwd="password" +# eapol_flags=3 +#} # LEAP with dynamic WEP keys -network={ - ssid="leap-example" - key_mgmt=IEEE8021X - eap=LEAP - identity="user" - password="foobar" -} +#network={ +# ssid="leap-example" +# key_mgmt=IEEE8021X +# eap=LEAP +# identity="user" +# password="foobar" +#} # EAP-FAST with WPA (WPA or WPA2) -network={ - ssid="eap-fast-test" - key_mgmt=WPA-EAP - eap=FAST - anonymous_identity="FAST-000102030405" - identity="username" - password="password" - phase1="fast_provisioning=1" - pac_file="/etc/wpa_supplicant.eap-fast-pac" -} - -network={ - ssid="eap-fast-test" - key_mgmt=WPA-EAP - eap=FAST - anonymous_identity="FAST-000102030405" - identity="username" - password="password" - phase1="fast_provisioning=1" - pac_file="blob://eap-fast-pac" -} +#network={ +# ssid="eap-fast-test" +# key_mgmt=WPA-EAP +# eap=FAST +# anonymous_identity="FAST-000102030405" +# identity="username" +# password="password" +# phase1="fast_provisioning=1" +# pac_file="/etc/wpa_supplicant.eap-fast-pac" +#} + +#network={ +# ssid="eap-fast-test" +# key_mgmt=WPA-EAP +# eap=FAST +# anonymous_identity="FAST-000102030405" +# identity="username" +# password="password" +# phase1="fast_provisioning=1" +# pac_file="blob://eap-fast-pac" +#} # Plaintext connection (no WPA, no IEEE 802.1X) -network={ - ssid="plaintext-test" - key_mgmt=NONE -} +#network={ +# ssid="plaintext-test" +# key_mgmt=NONE +#} # Shared WEP key connection (no WPA, no IEEE 802.1X) -network={ - ssid="static-wep-test" - key_mgmt=NONE - wep_key0="abcde" - wep_key1=0102030405 - wep_key2="1234567890123" - wep_tx_keyidx=0 - priority=5 -} +#network={ +# ssid="static-wep-test" +# key_mgmt=NONE +# wep_key0="abcde" +# wep_key1=0102030405 +# wep_key2="1234567890123" +# wep_tx_keyidx=0 +# priority=5 +#} # Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared Key # IEEE 802.11 authentication -network={ - ssid="static-wep-test2" - key_mgmt=NONE - wep_key0="abcde" - wep_key1=0102030405 - wep_key2="1234567890123" - wep_tx_keyidx=0 - priority=5 - auth_alg=SHARED -} +#network={ +# ssid="static-wep-test2" +# key_mgmt=NONE +# wep_key0="abcde" +# wep_key1=0102030405 +# wep_key2="1234567890123" +# wep_tx_keyidx=0 +# priority=5 +# auth_alg=SHARED +#} # IBSS/ad-hoc network with WPA-None/TKIP. -network={ - ssid="test adhoc" - mode=1 - frequency=2412 - proto=WPA - key_mgmt=WPA-NONE - pairwise=NONE - group=TKIP - psk="secret passphrase" -} +#network={ +# ssid="test adhoc" +# mode=1 +# frequency=2412 +# proto=WPA +# key_mgmt=WPA-NONE +# pairwise=NONE +# group=TKIP +# psk="secret passphrase" +#} # Catch all example that allows more or less all configuration modes -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk="very secret passphrase" - eap=TTLS PEAP TLS - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - phase1="peaplabel=0" -} +#network={ +# ssid="example" +# scan_ssid=1 +# key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE +# pairwise=CCMP TKIP +# group=CCMP TKIP WEP104 WEP40 +# psk="very secret passphrase" +# eap=TTLS PEAP TLS +# identity="user@example.com" +# password="foobar" +# ca_cert="/etc/cert/ca.pem" +# client_cert="/etc/cert/user.pem" +# private_key="/etc/cert/user.prv" +# private_key_passwd="password" +# phase1="peaplabel=0" +#} # Example of EAP-TLS with smartcard (openssl engine) -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TLS - proto=RSN - pairwise=CCMP TKIP - group=CCMP TKIP - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - - engine=1 - +#network={ +# ssid="example" +# key_mgmt=WPA-EAP +# eap=TLS +# proto=RSN +# pairwise=CCMP TKIP +# group=CCMP TKIP +# identity="user@example.com" +# ca_cert="/etc/cert/ca.pem" +# client_cert="/etc/cert/user.pem" +# +# engine=1 +# # The engine configured here must be available. Look at # OpenSSL engine support in the global section. # The key available through the engine must be the private key @@ -715,34 +715,33 @@ network={ #key_id="45" # use the pkcs11 engine - engine_id="pkcs11" - key_id="id_45" +# engine_id="pkcs11" +# key_id="id_45" # Optional PIN configuration; this can be left out and PIN will be # asked through the control interface - pin="1234" -} +# pin="1234" +#} # Example configuration showing how to use an inlined blob as a CA certificate # data instead of using external file -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="blob://exampleblob" - priority=20 -} - -blob-base64-exampleblob={ -SGVsbG8gV29ybGQhCg== -} - - -# Wildcard match for SSID (plaintext APs only). This example select any +#network={ +# ssid="example" +# key_mgmt=WPA-EAP +# eap=TTLS +# identity="user@example.com" +# anonymous_identity="anonymous@example.com" +# password="foobar" +# ca_cert="blob://exampleblob" +# priority=20 +#} + +#blob-base64-exampleblob={ +#SGVsbG8gV29ybGQhCg== +#} + +# Wildcard match for SSID (plaintext APs only). This example selects any # open AP regardless of its SSID. -network={ - key_mgmt=NONE -} +#network={ +# key_mgmt=NONE +#} diff --git a/wpa_supplicant_i.h b/wpa_supplicant_i.h index 0d6f24a..d90afae 100644 --- a/wpa_supplicant_i.h +++ b/wpa_supplicant_i.h @@ -693,4 +693,12 @@ static inline int wpa_drv_mlme_remove_sta(struct wpa_supplicant *wpa_s, return -1; } +static inline int wpa_drv_driver_cmd(struct wpa_supplicant *wpa_s, + char *cmd, char *buf, size_t buf_len) +{ + if (wpa_s->driver->driver_cmd) + return wpa_s->driver->driver_cmd(wpa_s->drv_priv, cmd, buf, buf_len); + return -1; +} + #endif /* WPA_SUPPLICANT_I_H */ |