From 39ca55c42b0896751d21ca65a90eb54e364df90e Mon Sep 17 00:00:00 2001 From: Marcin Juszkiewicz Date: Wed, 25 Apr 2007 10:56:54 +0000 Subject: wpa-supplicant: drop old versions, use 0.5.7 (latest stable) as default git-svn-id: https://svn.o-hand.com/repos/poky/trunk@1551 311d38ba-8fff-0310-9ca6-ca027cbcb966 --- .../wpa-supplicant/wpa-supplicant-0.4.7/defconfig | 160 ---- .../wpa-supplicant-0.4.7/driver-hermes.patch | 884 --------------------- .../wpa-supplicant-0.4.7/driver-zd1211.patch | 535 ------------- .../wpa-supplicant-0.4.7/madwifi-bsd-fix.diff | 12 - .../wpa-supplicant-0.4.7/wpa_supplicant.conf | 502 ------------ 5 files changed, 2093 deletions(-) delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf (limited to 'meta/packages/wpa-supplicant/wpa-supplicant-0.4.7') diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig deleted file mode 100644 index 0e45d01b8..000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig +++ /dev/null @@ -1,160 +0,0 @@ -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -CFLAGS = $(TARGET_CFLAGS) -I../hostapd -I../utils -I../driver/modules -Wall -MMD - -# for wpa_supplicant, wpa_cli -LIBS = $(TARGET_LDFLAGS) - -# for wpa_passphrase: -LIBS_p = $(TARGET_LDFLAGS) - - -# Uncomment following two lines and fix the paths if you have installed openssl -# in non-default location -#CFLAGS += -I/usr/local/openssl/include -#LIBS += -L/usr/local/openssl/lib - -# Example configuration for various cross-compilation platforms - -#### sveasoft (e.g., for Linksys WRT54G) ###################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS += -I../src/include -I../../src/router/openssl/include -#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl -############################################################################### - -#### openwrt (e.g., for Linksys WRT54G) ####################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ -# -I../WRT54GS/release/src/include -#LIBS = -lssl -############################################################################### - - -# Driver interface for Host AP driver -#CONFIG_DRIVER_HOSTAP=y - -# Driver interface for Agere driver -#CONFIG_DRIVER_HERMES=y - -# Driver interface for madwifi driver -#CONFIG_DRIVER_MADWIFI=y -# Change include directories to match with the local setup -#CFLAGS += -I../madwifi/wpa - -# Driver interface for Prism54 driver -#CONFIG_DRIVER_PRISM54=y - -# Driver interface for ndiswrapper -#CONFIG_DRIVER_NDISWRAPPER=y - -# Driver interface for Atmel driver -#CONFIG_DRIVER_ATMEL=y - -# Driver interface for Broadcom driver -#CONFIG_DRIVER_BROADCOM=y -# Example path for wlioctl.h; change to match your configuration -#CFLAGS += -I/opt/WRT54GS/release/src/include - -# Driver interface for Intel ipw2100 driver -#CONFIG_DRIVER_IPW2100=y - -# Driver interface for the Zydas zd1211 driver -CONFIG_DRIVER_ZD1211=y - -# Driver interface for generic Linux wireless extensions -CONFIG_DRIVER_WEXT=y - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib - -# Driver interface for Windows NDIS -#CONFIG_DRIVER_NDIS=y -#CFLAGS += -I/usr/include/w32api/ddk -#LIBS += -L/usr/local/lib -# For native build using mingw -#CONFIG_NATIVE_WINDOWS=y -# Additional directories for cross-compilation on Linux host for mingw target -#CFLAGS += -I/opt/mingw/mingw32/include/ddk -#LIBS += -L/opt/mingw/mingw32/lib -#CC=mingw32-gcc - -# Driver interface for development testing -#CONFIG_DRIVER_TEST=y - -# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is -# included) -CONFIG_IEEE8021X_EAPOL=y - -# EAP-MD5 (automatically included if EAP-TTLS is enabled) -CONFIG_EAP_MD5=y - -# EAP-MSCHAPv2 (automatically included if EAP-PEAP is enabled) -CONFIG_EAP_MSCHAPV2=y - -# EAP-TLS -CONFIG_EAP_TLS=y - -# EAL-PEAP -CONFIG_EAP_PEAP=y - -# EAP-TTLS -CONFIG_EAP_TTLS=y - -# EAP-GTC -CONFIG_EAP_GTC=y - -# EAP-OTP -CONFIG_EAP_OTP=y - -# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) -#CONFIG_EAP_SIM=y - -# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# LEAP -CONFIG_EAP_LEAP=y - -# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) -#CONFIG_EAP_AKA=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=y - -# PC/SC interface for smartcards (USIM, GSM SIM) -# Enable this if EAP-SIM or EAP-AKA is included -#CONFIG_PCSC=y - -# Development testing -#CONFIG_EAPOL_TEST=y - -# Replace native Linux implementation of packet sockets with libdnet/libpcap. -# This will be automatically set for non-Linux OS. -#CONFIG_DNET_PCAP=y - -# Include control interface for external programs, e.g, wpa_cli -CONFIG_CTRL_IFACE=y - -# Include interface for using external supplicant (Xsupplicant) for EAP -# authentication -#CONFIG_XSUPPLICANT_IFACE=y - -# Include support for GNU Readline and History Libraries in wpa_cli. -# When building a wpa_cli binary for distribution, please note that these -# libraries are licensed under GPL and as such, BSD license may not apply for -# the resulting binary. -#CONFIG_READLINE=y diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch deleted file mode 100644 index 4044835e1..000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch +++ /dev/null @@ -1,884 +0,0 @@ ---- /dev/null -+++ wpa_supplicant-0.4.7/driver_hermes.c -@@ -0,0 +1,705 @@ -+/* -+ * WPA Supplicant - testing driver interface -+ * Copyright (c) 2004-2005, Jouni Malinen -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License version 2 as -+ * published by the Free Software Foundation. -+ * -+ * Alternatively, this software may be distributed under the terms of BSD -+ * license. -+ * -+ * See README and COPYING for more details. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "wireless_copy.h" -+#include "common.h" -+#include "driver.h" -+ -+#include "eloop.h" -+#include "wpa_supplicant.h" -+#include "priv_netlink.h" -+ -+#include "hostap_common.h" -+#include "driver_wext.h" -+#include "driver_hermes.h" -+ -+ -+ -+/* Enumeration for supported Hermes Types */ -+enum -+{ -+ WL_HERMES_UNKNOWN = 0, -+ WL_HERMES_1 = 1, -+ WL_HERMES_2 = 2, -+ WL_HERMES_25 = 3 -+}; -+ -+ -+ -+ -+struct wpa_driver_hermes_data { -+ void *wext; /* private data for driver_wext */ -+ void *ctx; -+ char ifname[IFNAMSIZ + 1]; -+ int sock; -+ int type; -+}; -+ -+ -+ -+/****************************************************************************/ -+/* */ -+/* Routines for basic device access to Agere Hermes-I/Hermes-II via the UIL */ -+/* */ -+/****************************************************************************/ -+ -+IFBP _connect(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s %d", __FUNCTION__, drv->ifname, drv->sock); -+ -+ memset(&urq, 0, sizeof(urq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.command = UIL_FUN_CONNECT; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ if (result == 0 && urq.result == UIL_SUCCESS) { -+ ifbp = urq.hcfCtx; -+ } else { -+ wpa_printf(MSG_DEBUG, "%s: could not set IFBP, result %d", __FUNCTION__, result); -+ } -+ -+ return ifbp; -+} -+ -+ -+void _disconnect(void *priv, IFBP ifbp) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ if (ifbp != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.command = UIL_FUN_DISCONNECT; -+ urq.hcfCtx = ifbp; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf( MSG_WARNING, "wl_disconnect(): ioctl() failed, errno: %d", errno ); -+ wpa_printf( MSG_WARNING, "wl_disconnect(): urq.result: %d", urq.result ); -+ } -+ } else { -+ wpa_printf(MSG_WARNING, "wl_disconnect(): called with NULL ifbp"); -+ } -+ -+ return; -+} -+ -+int _get_info(void *priv, ltv_t *ltv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ /* First, connect to the device */ -+ ifbp = _connect(priv); -+ if (ifbp != NULL && ltv != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.hcfCtx = ifbp; -+ urq.command = UIL_FUN_GET_INFO; -+ urq.len = sizeof(ltv_t); -+ urq.data = ltv; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf(MSG_WARNING, "wl_disconnect(): ioctl() failed, errno: %d", errno); -+ wpa_printf(MSG_WARNING, "wl_disconnect(): urq.result: %d", urq.result); -+ } -+ _disconnect(priv, ifbp); -+ } else { -+ wpa_printf( MSG_WARNING, "Could not connect to the device, or LTV NULL"); -+ result = -1; -+ } -+ -+ return result; -+} -+ -+int _put_info(void *priv, ltv_t *ltv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ /* First, connect to the device */ -+ ifbp = _connect(priv); -+ if (ifbp != NULL && ltv != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.hcfCtx = ifbp; -+ urq.command = UIL_FUN_PUT_INFO; -+ urq.len = sizeof( ltv_t ); -+ urq.data = ltv; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf(MSG_WARNING, "_put_info(): ioctl() failed, errno: %d", errno); -+ wpa_printf(MSG_WARNING, "_put_info(): urq.result: %d", urq.result); -+ } -+ -+ _disconnect(priv, ifbp); -+ } else { -+ wpa_printf(MSG_WARNING, "%s: could not connect to the device, or LTV NULL", __FUNCTION__ ); -+ result = -1; -+ } -+ -+ return result; -+} -+ -+ -+static void _detect_hermes_type(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ CFG_FW_IDENTITY_STRCT *fw_id; -+ ltv_t ltv; -+ int result; -+ -+ //wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ drv->type = WL_HERMES_UNKNOWN; -+ -+ if (drv->sock >= 0) { -+ fw_id = (CFG_FW_IDENTITY_STRCT *)<v; -+ fw_id->len = ( sizeof(CFG_FW_IDENTITY_STRCT) / sizeof( hcf_16 )) - 1; -+ fw_id->typ = CFG_FW_IDENTITY; -+ -+ result = _get_info(priv, (ltv_t *)fw_id); -+ if (result == HCF_SUCCESS) { -+ //wpa_printf(MSG_DEBUG, "PRI CompID : %d", fw_id->comp_id); -+ //wpa_printf(MSG_DEBUG, "PRI Variant : %d", fw_id->variant); -+ //wpa_printf(MSG_DEBUG, "PRI Version : %d.%02d", fw_id->version_major, fw_id->version_minor); -+ -+ switch(fw_id->comp_id) { -+ case COMP_ID_FW_STA: -+ switch (fw_id->variant) { -+ case 1: -+ case 2: -+ wpa_printf(MSG_DEBUG, "found Hermes 1 STA"); -+ drv->type = WL_HERMES_1; -+ break; -+ -+ case 3: -+ wpa_printf(MSG_DEBUG, "found Hermes 2 STA"); -+ drv->type = WL_HERMES_2; -+ break; -+ case 4: -+ wpa_printf(MSG_DEBUG, "found Hermes 2.5 STA"); -+ drv->type = WL_HERMES_25; -+ break; -+ } -+ break; -+ -+ case COMP_ID_FW_AP: -+ switch (fw_id->variant) { -+ case 1: -+ wpa_printf(MSG_DEBUG, "found Hermes 1 AP"); -+ drv->type = WL_HERMES_1; -+ break; -+ -+ case 2: -+ wpa_printf(MSG_DEBUG, "found Hermes 2 AP" ); -+ drv->type = WL_HERMES_2; -+ break; -+ } -+ break; -+ -+ default: -+ wpa_printf(MSG_WARNING, "could not detect Hermes type!"); -+ break; -+ } -+ } -+ } -+} -+ -+ -+ -+/****************************************************************************/ -+ -+ -+static int wpa_driver_hermes_set_wpa_ie(void *priv, const char *wpa_ie, -+ size_t wpa_ie_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_SET_WPA_AUTH_KEY_MGMT_SUITE; -+ -+ switch(drv->type) { -+ case WL_HERMES_1: -+ ltv.u.u16[0] = 2; -+ break; -+ -+ case WL_HERMES_2: -+ case WL_HERMES_25: -+ ltv.u.u16[0] = 4; -+ break; -+ -+ default: -+ ltv.u.u16[0] = 0; -+ break; -+ } -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_wpa(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_CNF_ENCRYPTION; -+ ltv.u.u16[0] = enabled ? 2 : 0; /* Setting CFG_CNF_ENCRYPTION to 2 sets WPA: TKIP or better */ -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_key(void *priv, wpa_alg alg, -+ const u8 *addr, int key_idx, -+ int set_tx, const u8 *seq, size_t seq_len, -+ const u8 *key, size_t key_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int ret = 0; -+ char *alg_name; -+ ltv_t ltv; -+ int count = 0; -+ int buf_idx = 0; -+ hcf_8 tsc[] = { 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00 }; -+ hcf_8 rsc[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; -+ -+ -+ switch (alg) { -+ case WPA_ALG_NONE: -+ alg_name = "none"; -+ break; -+ case WPA_ALG_WEP: -+ alg_name = "WEP"; -+ break; -+ case WPA_ALG_TKIP: -+ alg_name = "TKIP"; -+ break; -+ case WPA_ALG_CCMP: -+ alg_name = "CCMP"; -+ break; -+ default: -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%d " -+ "key_len=%d", __FUNCTION__, alg_name, key_idx, set_tx, -+ seq_len, key_len); -+ -+ if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) { -+ wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu", __FUNCTION__, (unsigned long) seq_len); -+ return -2; -+ } -+ -+ /* Check the key index here; if 0, load as Pairwise Key, otherwise, load as -+ a group key. Note that for the Hermes, the RIDs for group/pairwise keys -+ are different from each other and different than the default WEP keys as -+ well. */ -+ switch (alg) { -+ case WPA_ALG_TKIP: -+ /* Make sure that there is no data queued up in the firmware before -+ setting the TKIP keys. If this check is not performed, some data -+ may be sent out with incorrect MIC and cause synchronizarion -+ errors with the AP */ -+ /* Check every 1ms for 100ms */ -+ for (count = 0; count < 100; count++) { -+ usleep(1000); -+ -+ ltv.len = 2; -+ ltv.typ = 0xFD91; // This RID not defined in HCF yet!!! -+ ltv.u.u16[0] = 0; -+ -+ _get_info( priv, <v); -+ -+ if (ltv.u.u16[0] == 0) -+ break; -+ } -+ -+ if (count == 100) -+ wpa_printf(MSG_DEBUG, "%s: Timed out waiting for TxQ!", __FUNCTION__); -+ -+ -+ switch (key_idx) { -+ case 0: -+ /* Only load key as pairwise key for Hermes-II and II.5. For Hermes-I, -+ fall through to the next case and load the pairwise key as -+ a Group Key at index 0. */ -+ if (drv->type == WL_HERMES_2 || drv->type == WL_HERMES_25) { -+ ltv.len = 28; -+ ltv.typ = CFG_ADD_TKIP_MAPPED_KEY; -+ -+ /* Load the BSSID */ -+ memcpy(<v.u.u8[buf_idx], addr, ETH_ALEN); -+ buf_idx += ETH_ALEN; -+ -+ /* Load the TKIP key */ -+ memcpy(<v.u.u8[buf_idx], &key[0], 16); -+ buf_idx += 16; -+ -+ /* Load the TSC */ -+ memcpy(<v.u.u8[buf_idx], tsc, 8); -+ buf_idx += 8; -+ -+ /* Load the RSC */ -+ /* Copy the RSC from the supplicant to a local buffer, because -+ the RSC doesn't always contain the padding needed */ -+ memcpy(rsc, seq, seq_len); -+ memcpy(<v.u.u8[buf_idx], rsc, 8); -+ buf_idx += 8; -+ -+ /* Load the TxMIC key */ -+ memcpy(<v.u.u8[buf_idx], &key[16], 8); -+ buf_idx += 8; -+ -+ /* Load the RxMIC key */ -+ memcpy(<v.u.u8[buf_idx], &key[24], 8); -+ -+ /* Send the request to the Hermes */ -+ _put_info(priv, <v); -+ break; -+ } -+ -+ case 1: -+ case 2: -+ case 3: -+ ltv.len = 26; -+ ltv.typ = CFG_ADD_TKIP_DEFAULT_KEY; -+ -+ /* Load the key Index */ -+ ltv.u.u16[buf_idx] = key_idx; -+ -+ /* If this is a Tx Key, set bit 8000 */ -+ if (set_tx) -+ ltv.u.u16[buf_idx] |= 0x8000; -+ -+ buf_idx += 2; -+ -+ /* Load the RSC */ -+ /* Copy the RSC from the supplicant to a local buffer, because -+ the RSC doesn't always contain the padding needed */ -+ memcpy(rsc, seq, seq_len); -+ memcpy(<v.u.u8[buf_idx], rsc, 8); -+ buf_idx += 8; -+ -+ /* Load the TKIP, TxMIC, and RxMIC keys in one shot, because in -+ CFG_ADD_TKIP_DEFAULT_KEY they are back-to-back */ -+ memcpy(<v.u.u8[buf_idx], key, key_len); -+ buf_idx += key_len; -+ -+ /* Load the TSC */ -+ memcpy(<v.u.u8[buf_idx], tsc, 8); -+ -+ /* Send the request to the Hermes */ -+ _put_info(priv, <v); -+ break; -+ -+ default: -+ break; -+ } -+ -+ break; -+ -+ case WPA_ALG_WEP: -+ case WPA_ALG_CCMP: -+ break; -+ -+ case WPA_ALG_NONE: -+ switch (key_idx) { -+ case 0: -+ if (drv->type == WL_HERMES_2 || drv->type == WL_HERMES_25) { -+ /* Only clear a pairwise key for Hermes-II. For Hermes-I, -+ fall through to the next case and clear the key as a -+ Group Key at index 0. */ -+ if (addr) { -+ ltv.len = 7; -+ ltv.typ = CFG_REMOVE_TKIP_MAPPED_KEY; -+ -+ memcpy(<v.u.u8[0], addr, ETH_ALEN); -+ -+ _put_info(priv, <v); -+ } -+ break; -+ } -+ -+ case 1: -+ case 2: -+ case 3: -+ /* Clear the Group TKIP keys by index */ -+ ltv.len = 2; -+ ltv.typ = CFG_REMOVE_TKIP_DEFAULT_KEY; -+ -+ ltv.u.u16[0] = key_idx; -+ -+ _put_info(priv, <v); -+ break; -+ -+ default: -+ break; -+ } -+ break; -+ -+ default: -+ break; -+ } -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_hermes_set_countermeasures(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ /* The supplicant handles all the timers related to MIC failure and -+ countermeasures. When countermeasures are enabled, shut down the card; -+ when disable, re-enable the card. Make sure that the EAPOL message -+ is getting out before card disable */ -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_DRIVER_ENABLE; -+ ltv.u.u16[0] = enabled ? 0 : 1; -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_drop_unencrypted(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_CNF_EXCL_UNENCRYPTED; -+ ltv.u.u16[0] = enabled; -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_deauthenticate(void *priv, const u8 *addr, -+ int reason_code) -+{ -+ wpa_printf(MSG_DEBUG, "%s: *DUMMY* %d", __FUNCTION__, reason_code); -+ -+ return 0; -+} -+ -+ -+static int wpa_driver_hermes_disassociate(void *priv, const u8 *addr, int reason_code) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: reason=%d", __FUNCTION__, reason_code); -+ -+ ltv.len = 2; -+ ltv.typ = 0xFCC8; // This RID not defined in HCF yet!!! -+ memcpy( <v.u.u8[0], addr, ETH_ALEN ); -+ ltv.u.u16[ETH_ALEN / 2] = reason_code; -+ -+ return _put_info( priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_associate( -+ void *priv, struct wpa_driver_associate_params *params) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ -+#if 0 -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+#else -+ wpa_printf(MSG_DEBUG, "%s: priv=%p freq=%d pairwise_suite=%d " -+ "group_suite=%d key_mgmt_suite=%d auth_alg=%d mode=%d", -+ __func__, priv, params->freq, params->pairwise_suite, -+ params->group_suite, params->key_mgmt_suite, -+ params->auth_alg, params->mode); -+ if (params->bssid) { -+ wpa_printf(MSG_DEBUG, " bssid=" MACSTR, -+ MAC2STR(params->bssid)); -+ } -+ if (params->ssid) { -+ wpa_hexdump_ascii(MSG_DEBUG, " ssid", -+ params->ssid, params->ssid_len); -+ } -+ if (params->wpa_ie) { -+ wpa_hexdump(MSG_DEBUG, " wpa_ie", -+ params->wpa_ie, params->wpa_ie_len); -+ } -+#endif -+ -+ if (wpa_driver_hermes_set_wpa_ie(priv, params->wpa_ie, params->wpa_ie_len) < 0) -+ return -1; -+ if (wpa_driver_wext_set_freq(drv->wext, params->freq) < 0) -+ return -1; -+ if (wpa_driver_wext_set_ssid(drv->wext, params->ssid, params->ssid_len) < 0) -+ return -1; -+#ifdef UNSUPPORTED_IN_HERMES_DRIVER -+ if (wpa_driver_wext_hermes_bssid(drv->wext, params->bssid) < 0) -+ return -1; -+#endif -+ -+ return 0; -+} -+ -+ -+static int wpa_driver_hermes_get_bssid(void *priv, u8 *bssid) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_bssid(drv->wext, bssid); -+} -+ -+ -+static int wpa_driver_hermes_get_ssid(void *priv, u8 *ssid) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_ssid(drv->wext, ssid); -+} -+ -+ -+static int wpa_driver_hermes_scan(void *priv, const u8 *ssid, size_t ssid_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_scan(drv->wext, ssid, ssid_len); -+} -+ -+ -+static int wpa_driver_hermes_get_scan_results(void *priv, -+ struct wpa_scan_result *results, -+ size_t max_size) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_scan_results(drv->wext, results, max_size); -+} -+ -+ -+static void * wpa_driver_hermes_init(void *ctx, const char *ifname) -+{ -+ struct wpa_driver_hermes_data *drv; -+ -+ wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, ifname); -+ -+ drv = malloc(sizeof(*drv)); -+ if (drv == NULL) -+ return NULL; -+ memset(drv, 0, sizeof(*drv)); -+ -+ /* Initialize wireless context */ -+ drv->wext = wpa_driver_wext_init(ctx, ifname); -+ if (drv->wext == NULL) { -+ perror("no wext context"); -+ goto no_wext; -+ } -+ -+ drv->ctx = ctx; -+ strncpy(drv->ifname, ifname, sizeof(drv->ifname)); -+ -+ drv->sock = socket(PF_INET, SOCK_DGRAM, 0); -+ if (drv->sock < 0) { -+ perror("socket(PF_INET,SOCK_DGRAM)"); -+ goto no_sock; -+ } -+ -+ _detect_hermes_type(drv); -+ -+ return drv; -+ -+no_sock: -+ wpa_driver_wext_deinit(drv->wext); -+no_wext: -+ free(drv); -+ return NULL; -+} -+ -+ -+static void wpa_driver_hermes_deinit(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ wpa_driver_wext_deinit(drv->wext); -+ close(drv->sock); -+ free(drv); -+} -+ -+ -+ -+ -+struct wpa_driver_ops wpa_driver_hermes_ops = { -+ .name = "hermes", -+ .desc = "wpa_supplicant hermes driver", -+ -+ .init = wpa_driver_hermes_init, -+ .deinit = wpa_driver_hermes_deinit, -+ -+ // from old driver_hermes.c: -+ .get_bssid = wpa_driver_hermes_get_bssid, -+ .get_ssid = wpa_driver_hermes_get_ssid, -+ .set_wpa = wpa_driver_hermes_set_wpa, -+ .set_key = wpa_driver_hermes_set_key, -+ //.events_init = wpa_driver_wext_events_init, -+ //.events_deinit = wpa_driver_wext_events_deinit, -+ .set_countermeasures = wpa_driver_hermes_set_countermeasures, -+ .set_drop_unencrypted = wpa_driver_hermes_set_drop_unencrypted, -+ .scan = wpa_driver_hermes_scan, -+ .get_scan_results = wpa_driver_hermes_get_scan_results, -+ .deauthenticate = wpa_driver_hermes_deauthenticate, -+ .disassociate = wpa_driver_hermes_disassociate, -+ .associate = wpa_driver_hermes_associate, -+ -+ -+#if 0 -+ /* Not possible with current Hermes driver: -+ .set_auth_alg = wpa_driver_hermes_set_auth_alg, */ -+#endif -+}; ---- /dev/null -+++ wpa_supplicant-0.4.7/driver_hermes.h -@@ -0,0 +1,173 @@ -+#ifndef HERMES_DRIVER_H -+#define HERMES_DRIVER_H -+ -+typedef unsigned char hcf_8; -+typedef unsigned short hcf_16; -+typedef unsigned long hcf_32; -+typedef hcf_16 hcf_io; -+typedef hcf_8 *wci_bufp; -+ -+typedef struct { -+ hcf_16 len; -+ hcf_16 typ; -+ unsigned short * bufp; -+} RID_LOG_STRCT; -+typedef RID_LOG_STRCT *RID_LOGP; -+ -+typedef struct { -+ hcf_16 len; -+ hcf_16 typ; -+ hcf_16 comp_id; -+ hcf_16 variant; -+ hcf_16 version_major; -+ hcf_16 version_minor; -+} CFG_FW_IDENTITY_STRCT; -+ -+typedef struct { -+ hcf_32 TxUnicastFrames; -+ hcf_32 TxMulticastFrames; -+ hcf_32 TxFragments; -+ hcf_32 TxUnicastOctets; -+ hcf_32 TxMulticastOctets; -+ hcf_32 TxDeferredTransmissions; -+ hcf_32 TxSingleRetryFrames; -+ hcf_32 TxMultipleRetryFrames; -+ hcf_32 TxRetryLimitExceeded; -+ hcf_32 TxDiscards; -+ hcf_32 RxUnicastFrames; -+ hcf_32 RxMulticastFrames; -+ hcf_32 RxFragments; -+ hcf_32 RxUnicastOctets; -+ hcf_32 RxMulticastOctets; -+ hcf_32 RxFCSErrors; -+ hcf_32 RxDiscardsNoBuffer; -+ hcf_32 TxDiscardsWrongSA; -+ hcf_32 RxWEPUndecryptable; -+ hcf_32 RxMsgInMsgFragments; -+ hcf_32 RxMsgInBadMsgFragments; -+ hcf_32 RxDiscardsWEPICVError; -+ hcf_32 RxDiscardsWEPExcluded; -+} CFG_HERMES_TALLIES_STRCT; -+ -+typedef struct { -+ hcf_32 not_used_NoBufInq; -+ hcf_32 NoBufInfo; -+ hcf_32 NoBufMB; -+ hcf_32 MiscErr; -+ hcf_32 EngCnt; -+} CFG_HCF_TALLIES_STRCT; -+ -+typedef struct { -+ hcf_io IFB_IOBase; -+ hcf_16 IFB_IORange; -+ -+ hcf_32 IFB_TickIni; -+ -+ hcf_16 IFB_Version; -+ hcf_16 IFB_CardStat; -+ hcf_16 IFB_TraceLvl; -+ hcf_16 *IFB_MBp; -+ hcf_16 IFB_MBSize; -+ hcf_16 IFB_MBWp; -+ hcf_16 IFB_MBRp; -+ hcf_16 IFB_MBInfoLen; -+ -+ hcf_16 IFB_DLMode; -+ hcf_16 IFB_Magic; -+ hcf_16 IFB_Cmd; -+ hcf_16 IFB_RxFID; -+ RID_LOGP IFB_RIDLogp; -+ hcf_16 IFB_Monitor; -+ hcf_16 IFB_TxFid; -+ hcf_16 IFB_RxLen; -+ hcf_16 IFB_DefunctStat; -+ -+ hcf_16 IFB_ErrCmd; -+ hcf_16 IFB_ErrQualifier; -+ hcf_16 IFB_lal; -+ wci_bufp IFB_lap; -+ hcf_16 IFB_LinkStat; -+ -+ void (*IFB_MICRxRtn)( hcf_32*, hcf_32 ); -+ void (*IFB_MICTxRtn)( hcf_32*, hcf_32 ); -+ hcf_16 IFB_rx_tlen; -+ hcf_16 IFB_tx_tlen; -+ hcf_8 IFB_rx_32[4]; -+ hcf_8 IFB_tx_32[4]; -+ hcf_16 IFB_RscInd; -+ hcf_16 IFB_MB_FID; -+ hcf_16 IFB_DLTarget[2]; -+ -+ hcf_16 IFB_DLPage; -+ hcf_16 IFB_DLOffset; -+ hcf_16 IFB_DLLen; -+ -+ hcf_16 volatile IFB_IntOffCnt; -+ hcf_16 IFB_IntEnMask; -+ -+ CFG_FW_IDENTITY_STRCT IFB_FWIdentity; -+ hcf_16 IFB_Tally; -+ hcf_16 IFB_TallyTyp; -+ -+ CFG_HERMES_TALLIES_STRCT IFB_NIC_Tallies; -+ CFG_HCF_TALLIES_STRCT IFB_HCF_Tallies; -+ -+ void *IFB_MSFSup; -+} IFB_STRCT; -+ -+typedef IFB_STRCT* IFBP; -+ -+struct uilreq -+{ -+ union -+ { -+ char ifrn_name[16]; -+ } ifr_ifrn; -+ -+ IFBP hcfCtx; -+ __u8 command; -+ __u8 result; -+ __u16 len; -+ void *data; -+}; -+ -+typedef struct -+{ -+ hcf_16 len; -+ hcf_16 typ; -+ union -+ { -+ hcf_8 u8[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_8)]; -+ hcf_16 u16[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_16)]; -+ hcf_32 u32[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_32)]; -+ } u; -+} ltv_t; -+ -+ -+#define UIL_FUN_CONNECT 0x00 -+#define UIL_FUN_DISCONNECT 0x01 -+#define UIL_FUN_GET_INFO 0x04 -+#define UIL_FUN_PUT_INFO 0x05 -+ -+#define GENERIC_INFO_ELEM 0xdd -+#define RSN_INFO_ELEM 0x30 -+ -+#define CFG_DRIVER_ENABLE 0x0902 -+#define CFG_CNF_ENCRYPTION 0xFC20 -+#define CFG_ADD_TKIP_DEFAULT_KEY 0xFCB4 -+#define CFG_SET_WPA_AUTH_KEY_MGMT_SUITE 0xFCB5 -+#define CFG_REMOVE_TKIP_DEFAULT_KEY 0xFCB6 -+#define CFG_ADD_TKIP_MAPPED_KEY 0xFCB7 -+#define CFG_REMOVE_TKIP_MAPPED_KEY 0xFCB8 -+#define CFG_FW_IDENTITY 0xFD20 -+#define CFG_CNF_EXCL_UNENCRYPTED 0xFC22 -+ -+#define HCF_SUCCESS 0x00 -+#define UIL_SUCCESS 0x00 -+ -+#define COMP_ID_FW_STA 31 -+#define COMP_ID_FW_AP 32 -+ -+#define WVLAN2_IOCTL_UIL SIOCDEVPRIVATE -+ -+#endif diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch deleted file mode 100644 index 3c731c125..000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch +++ /dev/null @@ -1,535 +0,0 @@ -diff -Nur wpa_supplicant-0.4.7/defconfig wpa_supplicant-0.4.7.new/defconfig ---- wpa_supplicant-0.4.7/defconfig 2005-09-24 20:30:43.000000000 +0200 -+++ wpa_supplicant-0.4.7.new/defconfig 2005-12-26 19:18:14.000000000 +0100 -@@ -68,6 +68,9 @@ - # Driver interface for Intel ipw2100/2200 driver - #CONFIG_DRIVER_IPW=y - -+# Driver interface for Zydas zd1211 driver -+#CONFIG_DRIVER_ZD1211=y -+ - # Driver interface for generic Linux wireless extensions - CONFIG_DRIVER_WEXT=y - -diff -Nur wpa_supplicant-0.4.7/drivers.c wpa_supplicant-0.4.7.new/drivers.c ---- wpa_supplicant-0.4.7/drivers.c 2005-02-20 01:15:54.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/drivers.c 2005-12-26 19:19:16.000000000 +0100 -@@ -55,6 +55,9 @@ - #ifdef CONFIG_DRIVER_TEST - extern struct wpa_driver_ops wpa_driver_test_ops; /* driver_test.c */ - #endif /* CONFIG_DRIVER_TEST */ -+#ifdef CONFIG_DRIVER_ZD1211 -+extern struct wpa_driver_ops wpa_driver_zd1211_ops; /* driver_zd1211.c */ -+#endif /* CONFIG_DRIVER_ZD1211 */ - - - struct wpa_driver_ops *wpa_supplicant_drivers[] = -@@ -98,5 +101,8 @@ - #ifdef CONFIG_DRIVER_TEST - &wpa_driver_test_ops, - #endif /* CONFIG_DRIVER_TEST */ -+#ifdef CONFIG_DRIVER_ZD1211 -+ &wpa_driver_zd1211_ops, -+#endif /* CONFIG_DRIVER_ZD1211 */ - NULL - }; -diff -Nur wpa_supplicant-0.4.7/driver_zd1211.c wpa_supplicant-0.4.7.new/driver_zd1211.c ---- wpa_supplicant-0.4.7/driver_zd1211.c 1970-01-01 01:00:00.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/driver_zd1211.c 2005-12-27 16:28:46.000000000 +0100 -@@ -0,0 +1,408 @@ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "common.h" -+#include "driver.h" -+#include "driver_wext.h" -+#include "eloop.h" -+#include "wireless_copy.h" -+#include "wpa_supplicant.h" -+ -+#include "zd1211_common.h" -+ -+ -+struct wpa_driver_zd1211_data { -+ void *ctx; -+ void *wext; /* private data for driver_wext */ -+ char ifname[IFNAMSIZ + 1]; -+ int sock; -+}; -+ -+ -+static int zd1211_ioctl(struct wpa_driver_zd1211_data *zd1211_drv, struct zd1211_wlan_param *param, int len, int show_err) { -+ struct iwreq iwr; -+ -+ memset(&iwr, 0, sizeof(iwr)); -+ strncpy(iwr.ifr_name, zd1211_drv->ifname, IFNAMSIZ); -+ iwr.u.data.pointer = (caddr_t) param; -+ iwr.u.data.length = len; -+ -+ if (ioctl(zd1211_drv->sock, ZD_IOCTL_WPA, &iwr) < 0) { -+ int ret; -+ -+ ret = errno; -+ if (show_err) -+ perror("ioctl[ZD_IOCTL_WPA]"); -+ return ret; -+ } -+ -+ return 0; -+} -+ -+ -+static int zd1211_set_param(struct wpa_driver_zd1211_data *zd1211_drv, int op, int arg, int show_err) { -+ struct iwreq iwr; -+ int *i, ret = 0; -+ -+ memset(&iwr, 0, sizeof(iwr)); -+ strncpy(iwr.ifr_name, zd1211_drv->ifname, IFNAMSIZ); -+ i = (int *) iwr.u.name; -+ *i++ = op; -+ *i++ = arg; -+ -+ if (ioctl(zd1211_drv->sock, ZD_IOCTL_PARAM, &iwr) < 0) { -+ perror("ioctl[ZD_IOCTL_PARAM]"); -+ ret = -1; -+ } -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_get_scan_results(void *priv, struct wpa_scan_result *results, size_t max_size) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_scan_results(zd1211_drv->wext, results, max_size); -+} -+ -+ -+static int wpa_driver_zd1211_get_bssid(void *priv, u8 *bssid) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_bssid(zd1211_drv->wext, bssid); -+} -+ -+ -+static int wpa_driver_zd1211_get_ssid(void *priv, u8 *ssid) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_ssid(zd1211_drv->wext, ssid); -+} -+ -+ -+static int wpa_driver_zd1211_set_auth_alg(void *priv, int auth_alg) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int algs = 0; -+ -+ if (auth_alg & AUTH_ALG_OPEN_SYSTEM) -+ algs = 0; -+ if (auth_alg & AUTH_ALG_SHARED_KEY) -+ algs = 1; -+ -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_AUTH_ALGS, algs, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_countermeasures(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ -+ /* Enable the countermeasure */ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_COUNTERMEASURES, enabled, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_drop_unencrypted(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ -+ /* Enable the countermeasure */ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_DROPUNENCRYPTED, enabled, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_key(void *priv, wpa_alg alg, -+ const u8 *addr, int key_idx, -+ int set_tx, const u8 *seq, size_t seq_len, -+ const u8 *key, size_t key_len) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ struct zd1211_wlan_param *param; -+ u8 *buf; -+ size_t blen; -+ int ret = 0; -+ char *alg_name; -+ -+ switch (alg) { -+ case WPA_ALG_NONE: -+ alg_name = "NONE"; -+ break; -+ case WPA_ALG_WEP: -+ alg_name = "WEP"; -+ break; -+ case WPA_ALG_TKIP: -+ alg_name = "TKIP"; -+ break; -+ case WPA_ALG_CCMP: -+ alg_name = "CCMP"; -+ break; -+ default: -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%d " -+ "key_len=%d", __FUNCTION__, alg_name, key_idx, set_tx, -+ seq_len, key_len); -+ -+ if (seq_len > 8) -+ return -2; -+ -+ blen = sizeof(*param) + key_len; -+ buf = malloc(blen); -+ if (buf == NULL) -+ return -1; -+ memset(buf, 0, blen); -+ -+ param = (struct zd1211_wlan_param *) buf; -+ param->cmd = ZD_CMD_SET_ENCRYPT_KEY; -+ /* TODO: In theory, STA in client mode can use five keys; four default -+ * keys for receiving (with keyidx 0..3) and one individual key for -+ * both transmitting and receiving (keyidx 0) _unicast_ packets. Now, -+ * keyidx 0 is reserved for this unicast use and default keys can only -+ * use keyidx 1..3 (i.e., default key with keyidx 0 is not supported). -+ * This should be fine for more or less all cases, but for completeness -+ * sake, the driver could be enhanced to support the missing key. */ -+#if 0 -+ if (addr == NULL) -+ memset(param->sta_addr, 0xff, ETH_ALEN); -+ else -+ memcpy(param->sta_addr, addr, ETH_ALEN); -+#else -+ memset(param->sta_addr, 0xff, ETH_ALEN); -+#endif -+ strncpy(param->u.crypt.alg, alg_name, ZD_CRYPT_ALG_NAME_LEN); -+ param->u.crypt.flags = set_tx ? ZD_FLAG_SET_TX_KEY : 0; -+ param->u.crypt.idx = key_idx; -+ memcpy(param->u.crypt.seq, seq, seq_len); -+ param->u.crypt.key_len = key_len; -+ memcpy((u8 *) param->u.crypt.key, key, key_len); -+ -+ /* Dump key context */ -+ if(alg == WPA_ALG_TKIP) { -+ int ii; -+ -+ wpa_printf(MSG_DEBUG, "Key Context:"); -+ for(ii = 0; ii < key_len; ) { -+ printf("0x%02x ", key[ii]); -+ -+ if((++ii % 16) == 0) -+ printf("\n"); -+ } -+ -+ printf("\n"); -+ } -+ -+ if (zd1211_ioctl(zd1211_drv, param, blen, 1)) { -+ wpa_printf(MSG_WARNING, "Failed to set encryption."); -+ //show_set_key_error(param); -+ ret = -1; -+ } -+ free(buf); -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_set_wpa_ie(struct wpa_driver_zd1211_data *zd1211_drv, const u8 *wpa_ie, size_t wpa_ie_len) { -+ int res; -+ struct zd1211_wlan_param *param; -+ size_t blen = ZD_GENERIC_ELEMENT_HDR_LEN + wpa_ie_len; -+ -+ if (blen < sizeof(*param)) -+ blen = sizeof(*param); -+ -+ param = (struct zd1211_wlan_param *) malloc(blen); -+ if (param == NULL) -+ return -1; -+ -+ memset(param, 0, blen); -+ param->cmd = ZD_CMD_SET_GENERIC_ELEMENT; -+ param->u.generic_elem.len = wpa_ie_len; -+ memcpy(param->u.generic_elem.data, wpa_ie, wpa_ie_len); -+ res = zd1211_ioctl(zd1211_drv, param, blen, 1); -+ -+ free(param); -+ -+ return res; -+} -+ -+ -+static int wpa_driver_zd1211_set_wpa(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int ret = 0; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ if (!enabled && wpa_driver_zd1211_set_wpa_ie(zd1211_drv, NULL, 0) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_ROAMING, enabled, 1) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_PRIVACY, enabled, 1) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_WPA, enabled, 1) < 0) -+ ret = -1; -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_associate(void *priv, struct wpa_driver_associate_params *params) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int ret = 0; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ /* Because there might be the case, two or more APs with the same -+ * SSID, in order to identify them, we need to set the BSSID. */ -+ if (wpa_driver_zd1211_set_wpa_ie(zd1211_drv, params->wpa_ie, params->wpa_ie_len) < 0) -+ ret = -1; -+ if (wpa_driver_wext_set_ssid(zd1211_drv->wext, params->ssid, params->ssid_len) < 0) -+ ret = -1; -+ -+ // Mark for test -+ //if (wpa_driver_wext_set_bssid(ifname, bssid) < 0) -+ // ret = -1; -+ -+#if 0 -+ /* Allow unencrypted EAPOL messages even if pairwise keys are set when -+ * not using WPA. IEEE 802.1X specifies that these frames are not -+ * encrypted, but WPA encrypts them when pairwise keys are in use. */ -+ if (key_mgmt_suite == KEY_MGMT_802_1X || -+ key_mgmt_suite == KEY_MGMT_PSK) -+ allow_unencrypted_eapol = 0; -+ else -+ allow_unencrypted_eapol = 1; -+ -+ if (prism2param(ifname, PRISM2_PARAM_IEEE_802_1X, -+ allow_unencrypted_eapol) < 0) { -+ wpa_printf(MSG_DEBUG, "hostap: Failed to configure " -+ "ieee_802_1x param"); -+ /* Ignore this error.. driver_hostap.c can also be used with -+ * other drivers that do not support this prism2_param. */ -+ } -+#endif -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_deauthenticate(void *priv, const u8 *addr, int reason_code) { -+ struct zd1211_wlan_param *param; -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int blen; -+ int ret; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ blen = sizeof(*param); -+ param = (struct zd1211_wlan_param *) malloc(blen); -+ if (param == NULL) -+ return -1; -+ -+ memset(param, 0, blen); -+ param->cmd = ZD_CMD_SET_MLME; -+ param->u.mlme.cmd = MLME_STA_DEAUTH; -+ param->u.mlme.reason_code = reason_code; -+ memcpy(param->sta_addr, addr, ETH_ALEN); -+ ret = zd1211_ioctl(zd1211_drv, param, blen, 1); -+ usleep(100000); -+ free(param); -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_disassociate(void *priv, const u8 *addr, int reason_code) { -+ struct zd1211_wlan_param *param; -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int blen; -+ int ret; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ blen = sizeof(*param); -+ param = (struct zd1211_wlan_param *) malloc(blen); -+ if (param == NULL) -+ return -1; -+ -+ memset(param, 0, blen); -+ param->cmd = ZD_CMD_SET_MLME; -+ param->u.mlme.cmd = MLME_STA_DISASSOC; -+ param->u.mlme.reason_code = reason_code; -+ memcpy(param->sta_addr, addr, ETH_ALEN); -+ ret = zd1211_ioctl(zd1211_drv, param, blen, 1); -+ free(param); -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_scan(void *priv, const u8 *ssid, size_t ssid_len) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_scan(zd1211_drv->wext, ssid, ssid_len); -+} -+ -+ -+static void * wpa_driver_zd1211_init(void *ctx, const char *ifname) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = malloc(sizeof(*zd1211_drv)); -+ if (zd1211_drv == NULL) -+ return NULL; -+ memset(zd1211_drv, 0, sizeof(*zd1211_drv)); -+ -+ zd1211_drv->wext = wpa_driver_wext_init(ctx, ifname); -+ if (zd1211_drv->wext == NULL) -+ goto exit_no_wext; -+ -+ zd1211_drv->ctx = ctx; -+ strncpy(zd1211_drv->ifname, ifname, sizeof(zd1211_drv->ifname)); -+ -+ zd1211_drv->sock = socket(PF_INET, SOCK_DGRAM, 0); -+ if (zd1211_drv->sock < 0) -+ goto exit_no_socket; -+ -+ return zd1211_drv; -+ -+exit_no_socket: -+ wpa_driver_wext_deinit(zd1211_drv->wext); -+exit_no_wext: -+ free(zd1211_drv); -+ return NULL; -+} -+ -+ -+static void wpa_driver_zd1211_deinit(void *ctx) { -+ struct wpa_driver_zd1211_data *zd1211_drv = ctx; -+ -+ wpa_driver_wext_deinit(zd1211_drv->wext); -+ close(zd1211_drv->sock); -+ free(zd1211_drv); -+} -+ -+ -+struct wpa_driver_ops wpa_driver_zd1211_ops = { -+ .name = "zd1211", -+ .desc = "Zydas zd1211 drivers", -+ .init = wpa_driver_zd1211_init, -+ .deinit = wpa_driver_zd1211_deinit, -+ .associate = wpa_driver_zd1211_associate, -+ .deauthenticate = wpa_driver_zd1211_deauthenticate, -+ .disassociate = wpa_driver_zd1211_disassociate, -+ .get_bssid = wpa_driver_zd1211_get_bssid, -+ .get_scan_results = wpa_driver_zd1211_get_scan_results, -+ .get_ssid = wpa_driver_zd1211_get_ssid, -+// .get_capa = wpa_driver_zd1211_get_capa, -+ .scan = wpa_driver_zd1211_scan, -+ .set_auth_alg = wpa_driver_zd1211_set_auth_alg, -+ .set_countermeasures = wpa_driver_zd1211_set_countermeasures, -+ .set_drop_unencrypted = wpa_driver_zd1211_set_drop_unencrypted, -+ .set_key = wpa_driver_zd1211_set_key, -+ .set_wpa = wpa_driver_zd1211_set_wpa, -+}; -diff -Nur wpa_supplicant-0.4.7/Makefile wpa_supplicant-0.4.7.new/Makefile ---- wpa_supplicant-0.4.7/Makefile 2005-11-21 02:42:12.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/Makefile 2005-12-26 19:17:14.000000000 +0100 -@@ -107,6 +107,12 @@ - CONFIG_WIRELESS_EXTENSION=y - endif - -+ifdef CONFIG_DRIVER_ZD1211 -+CFLAGS += -DCONFIG_DRIVER_ZD1211 -+OBJS_d += driver_zd1211.o -+CONFIG_WIRELESS_EXTENSION=y -+endif -+ - ifdef CONFIG_DRIVER_BSD - CFLAGS += -DCONFIG_DRIVER_BSD - OBJS_d += driver_bsd.o -diff -Nur wpa_supplicant-0.4.7/zd1211_common.h wpa_supplicant-0.4.7.new/zd1211_common.h ---- wpa_supplicant-0.4.7/zd1211_common.h 1970-01-01 01:00:00.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/zd1211_common.h 2005-12-27 16:00:36.000000000 +0100 -@@ -0,0 +1,68 @@ -+#ifndef ZD1211_COMMON_H -+#define ZD1211_COMMON_H -+ -+ -+#define ZD_IOCTL_WPA (SIOCDEVPRIVATE + 1) -+#define ZD_IOCTL_PARAM (SIOCDEVPRIVATE + 2) -+ -+#define ZD_PARAM_ROAMING 0x0001 -+#define ZD_PARAM_PRIVACY 0x0002 -+#define ZD_PARAM_WPA 0x0003 -+#define ZD_PARAM_COUNTERMEASURES 0x0004 -+#define ZD_PARAM_DROPUNENCRYPTED 0x0005 -+#define ZD_PARAM_AUTH_ALGS 0x0006 -+ -+#define ZD_CMD_SET_ENCRYPT_KEY 0x0001 -+#define ZD_CMD_SET_MLME 0x0002 -+//#define ZD_CMD_SCAN_REQ 0x0003 -+#define ZD_CMD_SET_GENERIC_ELEMENT 0x0004 -+ -+#define ZD_FLAG_SET_TX_KEY 0x0001 -+ -+#define ZD_GENERIC_ELEMENT_HDR_LEN \ -+((int) (&((struct zd1211_wlan_param *) 0)->u.generic_elem.data)) -+ -+#define ZD_CRYPT_ALG_NAME_LEN 16 -+#define ZD_MAX_KEY_SIZE 32 -+#define ZD_MAX_GENERIC_SIZE 64 -+ -+/* structure definition */ -+ -+struct zd1211_wlan_param { -+ u32 cmd; -+ u8 sta_addr[ETH_ALEN]; -+ union { -+ struct { -+ u8 alg[ZD_CRYPT_ALG_NAME_LEN]; -+ u32 flags; -+ u32 err; -+ u8 idx; -+ u8 seq[8]; /* sequence counter (set: RX, get: TX) */ -+ u16 key_len; -+ u8 key[ZD_MAX_KEY_SIZE]; -+ } crypt; -+/* -+ struct { -+ u32 flags_and; -+ u32 flags_or; -+ } set_flags_sta; -+*/ -+ struct { -+ u8 len; -+ u8 data[ZD_MAX_GENERIC_SIZE]; -+ } generic_elem; -+ struct { -+#define MLME_STA_DEAUTH 0 -+#define MLME_STA_DISASSOC 1 -+ u16 cmd; -+ u16 reason_code; -+ } mlme; -+ struct { -+ u8 ssid_len; -+ u8 ssid[32]; -+ } scan_req; -+ } u; -+}; -+ -+ -+#endif diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff deleted file mode 100644 index 974eb3962..000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff +++ /dev/null @@ -1,12 +0,0 @@ ---- driver_madwifi.c.orig 2005-03-18 15:12:53.392793216 +0100 -+++ driver_madwifi.c 2005-03-18 15:13:09.246383104 +0100 -@@ -25,7 +25,8 @@ - #include "eloop.h" - #include "wpa_supplicant.h" - --#include -+#include -+#include - #include - #include - #include diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf deleted file mode 100644 index da407b5ef..000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf +++ /dev/null @@ -1,502 +0,0 @@ -##### Example wpa_supplicant configuration file ############################### -# Empty lines and lines starting with # are ignored - -# NOTE! This file may contain password information and should probably be made -# readable only by root user on multiuser systems. - -# global configuration (shared by all network blocks) -# -# Interface for separate control program. If this is specified, wpa_supplicant -# will create this directory and a UNIX domain socket for listening to requests -# from external programs (CLI/GUI, etc.) for status information and -# configuration. The socket file will be named based on the interface name, so -# multiple wpa_supplicant processes can be run at the same time if more than -# one interface is used. -# /var/run/wpa_supplicant is the recommended directory for sockets and by -# default, wpa_cli will use it when trying to connect with wpa_supplicant. -ctrl_interface=/var/run/wpa_supplicant - -# Access control for the control interface can be configured by setting the -# directory to allow only members of a group to use sockets. This way, it is -# possible to run wpa_supplicant as root (since it needs to change network -# configuration and open raw sockets) and still allow GUI/CLI components to be -# run as non-root users. However, since the control interface can be used to -# change the network configuration, this access needs to be protected in many -# cases. By default, wpa_supplicant is configured to use gid 0 (root). If you -# want to allow non-root users to use the control interface, add a new group -# and change this value to match with that group. Add users that should have -# control interface access to this group. If this variable is commented out or -# not included in the configuration file, group will not be changed from the -# value it got by default when the directory or socket was created. -# -# This variable can be a group name or gid. -#ctrl_interface_group=wheel -ctrl_interface_group=0 - -# IEEE 802.1X/EAPOL version -# wpa_supplicant was implemented based on IEEE 802-1X-REV-d8 which defines -# EAPOL version 2. However, there are many APs that do not handle the new -# version number correctly (they seem to drop the frames completely). In order -# to make wpa_supplicant interoperate with these APs, the version number is set -# to 1 by default. This configuration value can be used to set it to the new -# version (2). -eapol_version=1 - -# AP scanning/selection -# By default, wpa_supplicant requests driver to perform AP scanning and then -# uses the scan results to select a suitable AP. Another alternative is to -# allow the driver to take care of AP scanning and selection and use -# wpa_supplicant just to process EAPOL frames based on IEEE 802.11 association -# information from the driver. -# 1: wpa_supplicant initiates scanning and AP selection -# 0: driver takes care of scanning, AP selection, and IEEE 802.11 association -# parameters (e.g., WPA IE generation); this mode can also be used with -# non-WPA drivers when using IEEE 802.1X mode; do not try to associate with -# APs (i.e., external program needs to control association) -# 2: like 0, but associate with APs using security policy and SSID (but not -# BSSID); this can be used, e.g., with ndiswrapper and NDIS driver to -# enable operation with hidden SSIDs and optimized roaming; in this mode, -# only the first network block in the configuration file is used and this -# configuration should have explicit security policy (i.e., only one option -# in the lists) for key_mgmt, pairwise, group, proto variables -ap_scan=1 - -# EAP fast re-authentication -# By default, fast re-authentication is enabled for all EAP methods that -# support it. This variable can be used to disable fast re-authentication. -# Normally, there is no need to disable this. -fast_reauth=1 - -# network block -# -# Each network (usually AP's sharing the same SSID) is configured as a separate -# block in this configuration file. The network blocks are in preference order -# (the first match is used). -# -# network block fields: -# -# ssid: SSID (mandatory); either as an ASCII string with double quotation or -# as hex string; network name -# -# scan_ssid: -# 0 = do not scan this SSID with specific Probe Request frames (default) -# 1 = scan with SSID-specific Probe Request frames (this can be used to -# find APs that do not accept broadcast SSID or use multiple SSIDs; -# this will add latency to scanning, so enable this only when needed) -# -# bssid: BSSID (optional); if set, this network block is used only when -# associating with the AP using the configured BSSID -# -# priority: priority group (integer) -# By default, all networks will get same priority group (0). If some of the -# networks are more desirable, this field can be used to change the order in -# which wpa_supplicant goes through the networks when selecting a BSS. The -# priority groups will be iterated in decreasing priority (i.e., the larger the -# priority value, the sooner the network is matched against the scan results). -# Within each priority group, networks will be selected based on security -# policy, signal strength, etc. -# Please note that AP scanning with scan_ssid=1 is not using this priority to -# select the order for scanning. Instead, it uses the order the networks are in -# the configuration file. -# -# mode: IEEE 802.11 operation mode -# 0 = infrastructure (Managed) mode, i.e., associate with an AP (default) -# 1 = IBSS (ad-hoc, peer-to-peer) -# Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP) -# and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). In addition, ap_scan has -# to be set to 2 for IBSS. WPA-None requires following network block options: -# proto=WPA, key_mgmt=WPA-NONE, pairwise=NONE, group=TKIP (or CCMP, but not -# both), and psk must also be set. -# -# proto: list of accepted protocols -# WPA = WPA/IEEE 802.11i/D3.0 -# RSN = WPA2/IEEE 802.11i (also WPA2 can be used as an alias for RSN) -# If not set, this defaults to: WPA RSN -# -# key_mgmt: list of accepted authenticated key management protocols -# WPA-PSK = WPA pre-shared key (this requires 'psk' field) -# WPA-EAP = WPA using EAP authentication (this can use an external -# program, e.g., Xsupplicant, for IEEE 802.1X EAP Authentication -# IEEE8021X = IEEE 802.1X using EAP authentication and (optionally) dynamically -# generated WEP keys -# NONE = WPA is not used; plaintext or static WEP could be used -# If not set, this defaults to: WPA-PSK WPA-EAP -# -# auth_alg: list of allowed IEEE 802.11 authentication algorithms -# OPEN = Open System authentication (required for WPA/WPA2) -# SHARED = Shared Key authentication (requires static WEP keys) -# LEAP = LEAP/Network EAP (only used with LEAP) -# If not set, automatic selection is used (Open System with LEAP enabled if -# LEAP is allowed as one of the EAP methods). -# -# pairwise: list of accepted pairwise (unicast) ciphers for WPA -# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] -# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] -# NONE = Use only Group Keys (deprecated, should not be included if APs support -# pairwise keys) -# If not set, this defaults to: CCMP TKIP -# -# group: list of accepted group (broadcast/multicast) ciphers for WPA -# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] -# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] -# WEP104 = WEP (Wired Equivalent Privacy) with 104-bit key -# WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key [IEEE 802.11] -# If not set, this defaults to: CCMP TKIP WEP104 WEP40 -# -# psk: WPA preshared key; 256-bit pre-shared key -# The key used in WPA-PSK mode can be entered either as 64 hex-digits, i.e., -# 32 bytes or as an ASCII passphrase (in which case, the real PSK will be -# generated using the passphrase and SSID). ASCII passphrase must be between -# 8 and 63 characters (inclusive). -# This field is not needed, if WPA-EAP is used. -# Note: Separate tool, wpa_passphrase, can be used to generate 256-bit keys -# from ASCII passphrase. This process uses lot of CPU and wpa_supplicant -# startup and reconfiguration time can be optimized by generating the PSK only -# only when the passphrase or SSID has actually changed. -# -# eapol_flags: IEEE 802.1X/EAPOL options (bit field) -# Dynamic WEP key require for non-WPA mode -# bit0 (1): require dynamically generated unicast WEP key -# bit1 (2): require dynamically generated broadcast WEP key -# (3 = require both keys; default) -# -# Following fields are only used with internal EAP implementation. -# eap: space-separated list of accepted EAP methods -# MD5 = EAP-MD5 (unsecure and does not generate keying material -> -# cannot be used with WPA; to be used as a Phase 2 method -# with EAP-PEAP or EAP-TTLS) -# MSCHAPV2 = EAP-MSCHAPv2 (cannot be used separately with WPA; to be used -# as a Phase 2 method with EAP-PEAP or EAP-TTLS) -# OTP = EAP-OTP (cannot be used separately with WPA; to be used -# as a Phase 2 method with EAP-PEAP or EAP-TTLS) -# GTC = EAP-GTC (cannot be used separately with WPA; to be used -# as a Phase 2 method with EAP-PEAP or EAP-TTLS) -# TLS = EAP-TLS (client and server certificate) -# PEAP = EAP-PEAP (with tunnelled EAP authentication) -# TTLS = EAP-TTLS (with tunnelled EAP or PAP/CHAP/MSCHAP/MSCHAPV2 -# authentication) -# If not set, all compiled in methods are allowed. -# -# identity: Identity string for EAP -# anonymous_identity: Anonymous identity string for EAP (to be used as the -# unencrypted identity with EAP types that support different tunnelled -# identity, e.g., EAP-TTLS) -# password: Password string for EAP -# ca_cert: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert is not included, server certificate -# will not be verified. This is insecure and the CA file should always be -# configured. -# client_cert: File path to client certificate file (PEM/DER) -# private_key: File path to client private key file (PEM/DER/PFX) -# When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be -# commented out. Both the private key and certificate will be read from -# the PKCS#12 file in this case. -# private_key_passwd: Password for private key file -# dh_file: File path to DH/DSA parameters file (in PEM format) -# This is an optional configuration file for setting parameters for an -# ephemeral DH key exchange. In most cases, the default RSA -# authentication does not use this configuration. However, it is possible -# setup RSA to use ephemeral DH key exchange. In addition, ciphers with -# DSA keys always use ephemeral DH keys. This can be used to achieve -# forward secrecy. If the file is in DSA parameters format, it will be -# automatically converted into DH params. -# subject_match: Substring to be matched against the subject of the -# authentication server certificate. If this string is set, the server -# sertificate is only accepted if it contains this string in the subject. -# The subject string is in following format: -# /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as@example.com -# phase1: Phase1 (outer authentication, i.e., TLS tunnel) parameters -# (string with field-value pairs, e.g., "peapver=0" or -# "peapver=1 peaplabel=1") -# 'peapver' can be used to force which PEAP version (0 or 1) is used. -# 'peaplabel=1' can be used to force new label, "client PEAP encryption", -# to be used during key derivation when PEAPv1 or newer. Most existing -# PEAPv1 implementation seem to be using the old label, "client EAP -# encryption", and wpa_supplicant is now using that as the default value. -# Some servers, e.g., Radiator, may require peaplabel=1 configuration to -# interoperate with PEAPv1; see eap_testing.txt for more details. -# 'peap_outer_success=0' can be used to terminate PEAP authentication on -# tunneled EAP-Success. This is required with some RADIUS servers that -# implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g., -# Lucent NavisRadius v4.4.0 with PEAP in "IETF Draft 5" mode) -# sim_min_num_chal=3 can be used to configure EAP-SIM to require three -# challenges (by default, it accepts 2 or 3) -# phase2: Phase2 (inner authentication with TLS tunnel) parameters -# (string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or -# "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS) -# Following certificate/private key fields are used in inner Phase2 -# authentication when using EAP-TTLS or EAP-PEAP. -# ca_cert2: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert2 is not included, server -# certificate will not be verified. This is insecure and the CA file -# should always be configured. -# client_cert2: File path to client certificate file -# private_key2: File path to client private key file -# private_key2_passwd: Password for private key file -# dh_file2: File path to DH/DSA parameters file (in PEM format) -# subject_match2: Substring to be matched against the subject of the -# authentication server certificate. -# -# EAP-PSK variables: -# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format -# nai: user NAI -# server_nai: authentication server NAI -# -# EAP-FAST variables: -# pac_file: File path for the PAC entries. wpa_supplicant will need to be able -# to create this file and write updates to it when PAC is being -# provisioned or refreshed. -# phase1: fast_provisioning=1 option enables in-line provisioning of EAP-FAST -# credentials (PAC) -# -# wpa_supplicant supports number of "EAP workarounds" to work around -# interoperability issues with incorrectly behaving authentication servers. -# These are enabled by default because some of the issues are present in large -# number of authentication servers. Strict EAP conformance mode can be -# configured by disabling workarounds with eap_workaround=0. - -# Example blocks: - -# Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers -network={ - ssid="simple" - psk="very secret passphrase" - priority=5 -} - -# Same as previous, but request SSID-specific scanning (for APs that reject -# broadcast SSID) -network={ - ssid="second ssid" - scan_ssid=1 - psk="very secret passphrase" - priority=2 -} - -# Only WPA-PSK is used. Any valid cipher combination is accepted. -network={ - ssid="example" - proto=WPA - key_mgmt=WPA-PSK - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb - priority=2 -} - -# Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used WEP104 -# or WEP40 as the group cipher will not be accepted. -network={ - ssid="example" - proto=RSN - key_mgmt=WPA-EAP - pairwise=CCMP TKIP - group=CCMP TKIP - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - priority=1 -} - -# EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new peaplabel -# (e.g., Radiator) -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=PEAP - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase1="peaplabel=1" - phase2="auth=MSCHAPV2" - priority=10 -} - -# EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for the -# unencrypted use. Real identity is sent only within an encrypted TLS tunnel. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - priority=2 -} - -# EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the unencrypted -# use. Real identity is sent only within an encrypted TLS tunnel. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase2="auth=MSCHAPV2" -} - -# WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner -# authentication. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - # Phase1 / outer authentication - anonymous_identity="anonymous@example.com" - ca_cert="/etc/cert/ca.pem" - # Phase 2 / inner authentication - phase2="autheap=TLS" - ca_cert2="/etc/cert/ca2.pem" - client_cert2="/etc/cer/user.pem" - private_key2="/etc/cer/user.prv" - private_key2_passwd="password" - priority=2 -} - -# Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as pairwise and -# group cipher. -network={ - ssid="example" - bssid=00:11:22:33:44:55 - proto=WPA RSN - key_mgmt=WPA-PSK WPA-EAP - pairwise=CCMP - group=CCMP - psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb -} - -# Special characters in SSID, so use hex string. Default to WPA-PSK, WPA-EAP -# and all valid ciphers. -network={ - ssid=00010203 - psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f -} - - -# EAP-SIM with a GSM SIM or USIM -network={ - ssid="eap-sim-test" - key_mgmt=WPA-EAP - eap=SIM - pin="1234" - pcsc="" -} - - -# EAP-PSK -network={ - ssid="eap-psk-test" - key_mgmt=WPA-EAP - eap=PSK - identity="eap_psk_user" - eappsk=06b4be19da289f475aa46a33cb793029 - nai="eap_psk_user@example.com" - server_nai="as@example.com" -} - - -# IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using -# EAP-TLS for authentication and key generation; require both unicast and -# broadcast WEP keys. -network={ - ssid="1x-test" - key_mgmt=IEEE8021X - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - eapol_flags=3 -} - - -# LEAP with dynamic WEP keys -network={ - ssid="leap-example" - key_mgmt=IEEE8021X - eap=LEAP - identity="user" - password="foobar" -} - -# EAP-FAST with WPA (WPA or WPA2) -network={ - ssid="eap-fast-test" - key_mgmt=WPA-EAP - eap=FAST - anonymous_identity="FAST-000102030405" - identity="username" - password="password" - phase1="fast_provisioning=1" - pac_file="/etc/wpa_supplicant.eap-fast-pac" -} - -# Plaintext connection (no WPA, no IEEE 802.1X) -network={ - ssid="plaintext-test" - key_mgmt=NONE -} - - -# Shared WEP key connection (no WPA, no IEEE 802.1X) -network={ - ssid="static-wep-test" - key_mgmt=NONE - wep_key0="abcde" - wep_key1=0102030405 - wep_key2="1234567890123" - wep_tx_keyidx=0 - priority=5 -} - - -# Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared Key -# IEEE 802.11 authentication -network={ - ssid="static-wep-test2" - key_mgmt=NONE - wep_key0="abcde" - wep_key1=0102030405 - wep_key2="1234567890123" - wep_tx_keyidx=0 - priority=5 - auth_alg=SHARED -} - - -# IBSS/ad-hoc network with WPA-None/TKIP. -network={ - ssid="test adhoc" - mode=1 - proto=WPA - key_mgmt=WPA-NONE - pairwise=NONE - group=TKIP - psk="secret passphrase" -} - - -# Catch all example that allows more or less all configuration modes -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk="very secret passphrase" - eap=TTLS PEAP TLS - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - phase1="peaplabel=0" -} -- cgit v1.2.3