From 0f6446ce4c3c2b18edbeaf671cc08027c9f70cff Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Sat, 23 Jan 2010 08:28:26 +0000 Subject: hostapd: add a build variant for wpa_supplicant and one for a multicall hostapd+supplicant program (wpad) and remove the old wpa_supplicant package git-svn-id: svn://svn.openwrt.org/openwrt/trunk@19286 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/hostapd/Config.in | 22 + package/hostapd/Makefile | 192 +++++- package/hostapd/files/full.config | 158 ----- package/hostapd/files/hostapd-full.config | 158 +++++ package/hostapd/files/hostapd-mini.config | 155 +++++ package/hostapd/files/mini.config | 155 ----- package/hostapd/files/multicall.c | 28 + package/hostapd/files/wpa_supplicant-full.config | 404 +++++++++++ package/hostapd/files/wpa_supplicant-mini.config | 404 +++++++++++ package/hostapd/files/wpa_supplicant.sh | 117 ++++ package/hostapd/patches/200-multicall.patch | 236 +++++++ package/hostapd/patches/300-timestamp_check.patch | 15 + package/hostapd/patches/310-scan_ssid.patch | 37 + .../hostapd/patches/320-rescan_immediately.patch | 11 + package/hostapd/patches/330-madwifi_merge.patch | 767 +++++++++++++++++++++ 15 files changed, 2538 insertions(+), 321 deletions(-) create mode 100644 package/hostapd/Config.in delete mode 100644 package/hostapd/files/full.config create mode 100644 package/hostapd/files/hostapd-full.config create mode 100644 package/hostapd/files/hostapd-mini.config delete mode 100644 package/hostapd/files/mini.config create mode 100644 package/hostapd/files/multicall.c create mode 100644 package/hostapd/files/wpa_supplicant-full.config create mode 100644 package/hostapd/files/wpa_supplicant-mini.config create mode 100644 package/hostapd/files/wpa_supplicant.sh create mode 100644 package/hostapd/patches/200-multicall.patch create mode 100644 package/hostapd/patches/300-timestamp_check.patch create mode 100644 package/hostapd/patches/310-scan_ssid.patch create mode 100644 package/hostapd/patches/320-rescan_immediately.patch create mode 100644 package/hostapd/patches/330-madwifi_merge.patch (limited to 'package/hostapd') diff --git a/package/hostapd/Config.in b/package/hostapd/Config.in new file mode 100644 index 0000000000..e185820e5b --- /dev/null +++ b/package/hostapd/Config.in @@ -0,0 +1,22 @@ +# wpa_supplicant config +config WPA_SUPPLICANT_NO_TIMESTAMP_CHECK + bool "Disable timestamp check" + depends PACKAGE_wpa-supplicant || PACKAGE_wpa-supplicant-mini || PACKAGE_wpad || PACKAGE_wpad-mini + default n + help + This disables the timestamp check for certificates in wpa_supplicant + Useful for devices without RTC that cannot reliably get the real date/time + +choice + prompt "Choose TLS provider" + default WPA_SUPPLICANT_INTERNAL + depends PACKAGE_wpa-supplicant + +config WPA_SUPPLICANT_INTERNAL + bool "internal" + +config WPA_SUPPLICANT_OPENSSL + bool "openssl" + select PACKAGE_libopenssl + +endchoice diff --git a/package/hostapd/Makefile b/package/hostapd/Makefile index 682d6ab852..cb31b58644 100644 --- a/package/hostapd/Makefile +++ b/package/hostapd/Makefile @@ -23,6 +23,7 @@ PKG_BUILD_DEPENDS:= \ PACKAGE_kmod-mac80211:mac80211 \ PKG_CONFIG_DEPENDS:= \ + CONFIG_WPA_SUPPLICANT_NO_TIMESTAMP_CHECK \ CONFIG_PACKAGE_kmod-ath9k \ CONFIG_PACKAGE_kmod-mac80211 \ CONFIG_PACKAGE_kmod-madwifi \ @@ -30,6 +31,21 @@ PKG_CONFIG_DEPENDS:= \ CONFIG_PACKAGE_hostapd-mini \ CONFIG_PACKAGE_kmod-hostap +LOCAL_TYPE=$(strip \ + $(if $(findstring wpad,$(BUILD_VARIANT)),wpad, \ + $(if $(findstring supplicant,$(BUILD_VARIANT)),supplicant, \ + hostapd \ + ))) +LOCAL_VARIANT=$(patsubst wpad-%,%,$(patsubst supplicant-%,%,$(BUILD_VARIANT))) + +ifeq ($(LOCAL_TYPE),supplicant) + ifeq ($(LOCAL_VARIANT),full) + PKG_CONFIG_DEPENDS += \ + CONFIG_WPA_SUPPLICANT_INTERNAL \ + CONFIG_WPA_SUPPLICANT_OPENSSL + endif +endif + PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) include $(INCLUDE_DIR)/package.mk @@ -38,8 +54,21 @@ DRIVER_MAKEOPTS= \ CONFIG_DRIVER_NL80211=$(CONFIG_PACKAGE_kmod-mac80211) \ CONFIG_DRIVER_MADWIFI=$(CONFIG_PACKAGE_kmod-madwifi) \ CONFIG_DRIVER_HOSTAP=$(CONFIG_PACKAGE_kmod-hostap) \ + CONFIG_DRIVER_ROBOSWITCH=$(CONFIG_PACKAGE_kmod-switch) \ CONFIG_IEEE80211N=$(CONFIG_PACKAGE_kmod-ath9k) +ifeq ($(LOCAL_TYPE),supplicant) + ifeq ($(LOCAL_VARIANT),full) + DRIVER_MAKEOPTS += $(if $(CONFIG_WPA_SUPPLICANT_OPENSSL),CONFIG_TLS=openssl) + endif +endif + +ifneq ($(LOCAL_TYPE),hostapd) + ifdef CONFIG_WPA_SUPPLICANT_NO_TIMESTAMP_CHECK + TARGET_CFLAGS += -DNO_TIMESTAMP_CHECK + endif +endif + define Package/hostapd/Default SECTION:=net CATEGORY:=Network @@ -80,11 +109,79 @@ define Package/hostapd-utils/description IEEE 802.1x/WPA/EAP/RADIUS Authenticator. endef +define Package/wpad/Default + SECTION:=net + CATEGORY:=Network + TITLE:=IEEE 802.1x Authenticator/Supplicant + URL:=http://hostap.epitest.fi/ + DEPENDS:=@!TARGET_avr32 @!TARGET_etrax +PACKAGE_kmod-mac80211:libnl-tiny +endef + +define Package/wpad +$(call Package/wpad/Default) + TITLE+= (full) + VARIANT:=wpad-full +endef + +define Package/wpad/description + This package contains a full featured IEEE 802.1x/WPA/EAP/RADIUS + Authenticator and Supplicant +endef + +define Package/wpad-mini +$(call Package/wpad/Default) + TITLE+= (WPA-PSK only) + VARIANT:=wpad-mini +endef + +define Package/wpad-mini/description + This package contains a minimal IEEE 802.1x/WPA Authenticator and Supplicant (WPA-PSK only). +endef + +define Package/wpa-supplicant + SECTION:=net + CATEGORY:=Network + TITLE:=WPA Supplicant + URL:=http://hostap.epitest.fi/wpa_supplicant/ + VARIANT:=supplicant-full +endef + +define Package/wpa-supplicant/Description + WPA Supplicant +endef + +define Package/wpa-supplicant/config + source "$(SOURCE)/Config.in" +endef + +define Package/wpa-supplicant-mini + $(Package/wpa-supplicant) + TITLE:=WPA Supplicant (minimal version) + DEPENDS:=$(if $(CONFIG_WPA_SUPPLICANT_OPENSSL),+libopenssl) + VARIANT:=supplicant-mini +endef + +define Package/wpa-supplicant-mini/Description + WPA Supplicant (minimal version) +endef + +define Package/wpa-cli + SECTION:=net + CATEGORY:=Network + DEPENDS:=wpa-supplicant + TITLE:=WPA Supplicant command line interface +endef + +define Package/wpa-cli/Description + WPA Supplicant control utility +endef + + ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED))) - $(warning $(wildcard $(PKG_BUILD_DIR)/.config_*) != $(subst .configured_,.config_,$(STAMP_CONFIGURED))) define Build/Configure/rebuild - $(FIND) $(PKG_BUILD_DIR) -name \*.o | $(XARGS) rm -f + $(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.a | $(XARGS) rm -f rm -f $(PKG_BUILD_DIR)/hostapd/hostapd + rm -f $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant rm -f $(PKG_BUILD_DIR)/.config_* touch $(subst .configured_,.config_,$(STAMP_CONFIGURED)) endef @@ -92,7 +189,8 @@ endif define Build/Configure $(Build/Configure/rebuild) - $(CP) ./files/$(BUILD_VARIANT).config $(PKG_BUILD_DIR)/hostapd/.config + $(CP) ./files/hostapd-$(LOCAL_VARIANT).config $(PKG_BUILD_DIR)/hostapd/.config + $(CP) ./files/wpa_supplicant-$(LOCAL_VARIANT).config $(PKG_BUILD_DIR)/wpa_supplicant/.config endef TARGET_CPPFLAGS := \ @@ -108,30 +206,108 @@ ifdef CONFIG_PACKAGE_kmod-mac80211 TARGET_LDFLAGS += -lm -lnl-tiny endif -define Build/Compile +define Build/RunMake CFLAGS="$(TARGET_CPPFLAGS) $(TARGET_CFLAGS)" \ - $(MAKE) -C $(PKG_BUILD_DIR)/hostapd \ + $(MAKE) -C $(PKG_BUILD_DIR)/$(1) \ $(TARGET_CONFIGURE_OPTS) \ $(DRIVER_MAKEOPTS) \ LIBS="$(TARGET_LDFLAGS)" \ - hostapd hostapd_cli + $(2) endef -define Package/hostapd/install +define Build/Compile/wpad + echo ` \ + $(call Build/RunMake,hostapd,MULTICALL=1 dump_cflags); \ + $(call Build/RunMake,wpa_supplicant,dump_cflags) | sed -e 's,$(TARGET_CFLAGS),,' \ + ` > $(PKG_BUILD_DIR)/.cflags + $(call Build/RunMake,hostapd, \ + CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \ + MULTICALL=1 \ + hostapd_cli hostapd_multi.a \ + ) + $(call Build/RunMake,wpa_supplicant, \ + CFLAGS="$$$$(cat $(PKG_BUILD_DIR)/.cflags)" \ + MULTICALL=1 \ + wpa_cli wpa_supplicant_multi.a \ + ) + $(TARGET_CC) -o $(PKG_BUILD_DIR)/wpad \ + $(TARGET_CFLAGS) \ + ./files/multicall.c \ + $(PKG_BUILD_DIR)/hostapd/hostapd_multi.a \ + $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant_multi.a \ + $(TARGET_LDFLAGS) +endef + +define Build/Compile/hostapd + $(call Build/RunMake,hostapd, \ + hostapd hostapd_cli \ + ) +endef + +define Build/Compile/supplicant + $(call Build/RunMake,wpa_supplicant, \ + wpa_cli wpa_supplicant \ + ) +endef + +define Build/Compile + $(Build/Compile/$(LOCAL_TYPE)) +endef + +define Install/hostapd $(INSTALL_DIR) $(1)/etc/hotplug.d/net $(INSTALL_DATA) ./files/hostapd.hotplug $(1)/etc/hotplug.d/net/ $(INSTALL_DIR) $(1)/lib/wifi $(INSTALL_DATA) ./files/hostapd.sh $(1)/lib/wifi/hostapd.sh $(INSTALL_DIR) $(1)/usr/sbin +endef + +define Install/supplicant + $(INSTALL_DIR) $(1)/lib/wifi + $(INSTALL_DATA) ./files/wpa_supplicant.sh $(1)/lib/wifi/wpa_supplicant.sh + $(INSTALL_DIR) $(1)/usr/sbin +endef + +define Package/hostapd/install + $(call Install/hostapd,$(1)) $(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd $(1)/usr/sbin/ endef Package/hostapd-mini/install = $(Package/hostapd/install) -define Package/hostapd-utils/install +ifneq ($(LOCAL_TYPE),supplicant) + define Package/hostapd-utils/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_BUILD_DIR)/hostapd/hostapd_cli $(1)/usr/sbin/ + endef +endif + +define Package/wpad/install + $(call Install/hostapd,$(1)) + $(call Install/supplicant,$(1)) + $(INSTALL_BIN) $(PKG_BUILD_DIR)/wpad $(1)/usr/sbin/ + ln -sf wpad $(1)/usr/sbin/hostapd + ln -sf wpad $(1)/usr/sbin/wpa_supplicant +endef +Package/wpad-mini/install = $(Package/wpad/install) + +define Package/wpa-supplicant/install + $(call Install/supplicant,$(1)) + $(INSTALL_BIN) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant $(1)/usr/sbin/ endef +Package/wpa-supplicant-mini/install = $(Package/wpa-supplicant/install) + +ifneq ($(LOCAL_VARIANT),hostapd) + define Package/wpa-cli/install + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_BUILD_DIR)/wpa_supplicant/wpa_cli $(1)/usr/sbin/ + endef +endif $(eval $(call BuildPackage,hostapd)) $(eval $(call BuildPackage,hostapd-mini)) +$(eval $(call BuildPackage,wpad)) +$(eval $(call BuildPackage,wpad-mini)) +$(eval $(call BuildPackage,wpa-supplicant)) +$(eval $(call BuildPackage,wpa-supplicant-mini)) +$(eval $(call BuildPackage,wpa-cli)) $(eval $(call BuildPackage,hostapd-utils)) diff --git a/package/hostapd/files/full.config b/package/hostapd/files/full.config deleted file mode 100644 index 07c924fe90..0000000000 --- a/package/hostapd/files/full.config +++ /dev/null @@ -1,158 +0,0 @@ -# Example hostapd build time configuration -# -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -# Driver interface for Host AP driver -CONFIG_DRIVER_HOSTAP=y - -# Driver interface for wired authenticator -CONFIG_DRIVER_WIRED=y - -# Driver interface for madwifi driver -CONFIG_DRIVER_MADWIFI=y -#CFLAGS += -I../../madwifi # change to the madwifi source directory - -# Driver interface for Prism54 driver -#CONFIG_DRIVER_PRISM54=y - -# Driver interface for drivers using the nl80211 kernel interface -CONFIG_DRIVER_NL80211=y -# driver_nl80211.c requires a rather new libnl (version 1.1) which may not be -# shipped with your distribution yet. If that is the case, you need to build -# newer libnl version and point the hostapd build to use it. -#LIBNL=/usr/src/libnl -#CFLAGS += -I$(LIBNL)/include -#LIBS += -L$(LIBNL)/lib - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib - -# Driver interface for no driver (e.g., RADIUS server only) -#CONFIG_DRIVER_NONE=y - -# IEEE 802.11F/IAPP -CONFIG_IAPP=y - -# WPA2/IEEE 802.11i RSN pre-authentication -CONFIG_RSN_PREAUTH=y - -# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) -CONFIG_PEERKEY=y - -# IEEE 802.11w (management frame protection) -# This version is an experimental implementation based on IEEE 802.11w/D1.0 -# draft and is subject to change since the standard has not yet been finalized. -# Driver support is also needed for IEEE 802.11w. -#CONFIG_IEEE80211W=y - -# Integrated EAP server -CONFIG_EAP=y - -# EAP-MD5 for the integrated EAP server -CONFIG_EAP_MD5=y - -# EAP-TLS for the integrated EAP server -CONFIG_EAP_TLS=y - -# EAP-MSCHAPv2 for the integrated EAP server -CONFIG_EAP_MSCHAPV2=y - -# EAP-PEAP for the integrated EAP server -CONFIG_EAP_PEAP=y - -# EAP-GTC for the integrated EAP server -CONFIG_EAP_GTC=y - -# EAP-TTLS for the integrated EAP server -CONFIG_EAP_TTLS=y - -# EAP-SIM for the integrated EAP server -#CONFIG_EAP_SIM=y - -# EAP-AKA for the integrated EAP server -#CONFIG_EAP_AKA=y - -# EAP-AKA' for the integrated EAP server -# This requires CONFIG_EAP_AKA to be enabled, too. -#CONFIG_EAP_AKA_PRIME=y - -# EAP-PAX for the integrated EAP server -#CONFIG_EAP_PAX=y - -# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# EAP-SAKE for the integrated EAP server -#CONFIG_EAP_SAKE=y - -# EAP-GPSK for the integrated EAP server -#CONFIG_EAP_GPSK=y -# Include support for optional SHA256 cipher suite in EAP-GPSK -#CONFIG_EAP_GPSK_SHA256=y - -# EAP-FAST for the integrated EAP server -# Note: Default OpenSSL package does not include support for all the -# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, -# the OpenSSL library must be patched (openssl-0.9.9-session-ticket.patch) -# to add the needed functions. -#CONFIG_EAP_FAST=y - -# Wi-Fi Protected Setup (WPS) -#CONFIG_WPS=y -# Enable UPnP support for external WPS Registrars -#CONFIG_WPS_UPNP=y - -# EAP-IKEv2 -#CONFIG_EAP_IKEV2=y - -# Trusted Network Connect (EAP-TNC) -#CONFIG_EAP_TNC=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=y - -# RADIUS authentication server. This provides access to the integrated EAP -# server from external hosts using RADIUS. -#CONFIG_RADIUS_SERVER=y - -# Build IPv6 support for RADIUS operations -CONFIG_IPV6=y - -# IEEE Std 802.11r-2008 (Fast BSS Transition) -#CONFIG_IEEE80211R=y - -# Use the hostapd's IEEE 802.11 authentication (ACL), but without -# the IEEE 802.11 Management capability (e.g., madwifi or FreeBSD/net80211) -#CONFIG_DRIVER_RADIUS_ACL=y - -# IEEE 802.11n (High Throughput) support -CONFIG_IEEE80211N=y - -# Remove debugging code that is printing out debug messages to stdout. -# This can be used to reduce the size of the hostapd considerably if debugging -# code is not needed. -#CONFIG_NO_STDOUT_DEBUG=y - -# Remove support for RADIUS accounting -#CONFIG_NO_ACCOUNTING=y - -# Remove support for RADIUS -#CONFIG_NO_RADIUS=y - -# Remove support for VLANs -#CONFIG_NO_VLAN=y - -CONFIG_TLS=internal -CONFIG_INTERNAL_LIBTOMMATH=y -CONFIG_INTERNAL_AES=y -NEED_AES_DEC=y diff --git a/package/hostapd/files/hostapd-full.config b/package/hostapd/files/hostapd-full.config new file mode 100644 index 0000000000..07c924fe90 --- /dev/null +++ b/package/hostapd/files/hostapd-full.config @@ -0,0 +1,158 @@ +# Example hostapd build time configuration +# +# This file lists the configuration options that are used when building the +# hostapd binary. All lines starting with # are ignored. Configuration option +# lines must be commented out complete, if they are not to be included, i.e., +# just setting VARIABLE=n is not disabling that variable. +# +# This file is included in Makefile, so variables like CFLAGS and LIBS can also +# be modified from here. In most cass, these lines should use += in order not +# to override previous values of the variables. + +# Driver interface for Host AP driver +CONFIG_DRIVER_HOSTAP=y + +# Driver interface for wired authenticator +CONFIG_DRIVER_WIRED=y + +# Driver interface for madwifi driver +CONFIG_DRIVER_MADWIFI=y +#CFLAGS += -I../../madwifi # change to the madwifi source directory + +# Driver interface for Prism54 driver +#CONFIG_DRIVER_PRISM54=y + +# Driver interface for drivers using the nl80211 kernel interface +CONFIG_DRIVER_NL80211=y +# driver_nl80211.c requires a rather new libnl (version 1.1) which may not be +# shipped with your distribution yet. If that is the case, you need to build +# newer libnl version and point the hostapd build to use it. +#LIBNL=/usr/src/libnl +#CFLAGS += -I$(LIBNL)/include +#LIBS += -L$(LIBNL)/lib + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +#CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +#LIBS += -L/usr/local/lib + +# Driver interface for no driver (e.g., RADIUS server only) +#CONFIG_DRIVER_NONE=y + +# IEEE 802.11F/IAPP +CONFIG_IAPP=y + +# WPA2/IEEE 802.11i RSN pre-authentication +CONFIG_RSN_PREAUTH=y + +# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) +CONFIG_PEERKEY=y + +# IEEE 802.11w (management frame protection) +# This version is an experimental implementation based on IEEE 802.11w/D1.0 +# draft and is subject to change since the standard has not yet been finalized. +# Driver support is also needed for IEEE 802.11w. +#CONFIG_IEEE80211W=y + +# Integrated EAP server +CONFIG_EAP=y + +# EAP-MD5 for the integrated EAP server +CONFIG_EAP_MD5=y + +# EAP-TLS for the integrated EAP server +CONFIG_EAP_TLS=y + +# EAP-MSCHAPv2 for the integrated EAP server +CONFIG_EAP_MSCHAPV2=y + +# EAP-PEAP for the integrated EAP server +CONFIG_EAP_PEAP=y + +# EAP-GTC for the integrated EAP server +CONFIG_EAP_GTC=y + +# EAP-TTLS for the integrated EAP server +CONFIG_EAP_TTLS=y + +# EAP-SIM for the integrated EAP server +#CONFIG_EAP_SIM=y + +# EAP-AKA for the integrated EAP server +#CONFIG_EAP_AKA=y + +# EAP-AKA' for the integrated EAP server +# This requires CONFIG_EAP_AKA to be enabled, too. +#CONFIG_EAP_AKA_PRIME=y + +# EAP-PAX for the integrated EAP server +#CONFIG_EAP_PAX=y + +# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) +#CONFIG_EAP_PSK=y + +# EAP-SAKE for the integrated EAP server +#CONFIG_EAP_SAKE=y + +# EAP-GPSK for the integrated EAP server +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-FAST for the integrated EAP server +# Note: Default OpenSSL package does not include support for all the +# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, +# the OpenSSL library must be patched (openssl-0.9.9-session-ticket.patch) +# to add the needed functions. +#CONFIG_EAP_FAST=y + +# Wi-Fi Protected Setup (WPS) +#CONFIG_WPS=y +# Enable UPnP support for external WPS Registrars +#CONFIG_WPS_UPNP=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# Trusted Network Connect (EAP-TNC) +#CONFIG_EAP_TNC=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +CONFIG_PKCS12=y + +# RADIUS authentication server. This provides access to the integrated EAP +# server from external hosts using RADIUS. +#CONFIG_RADIUS_SERVER=y + +# Build IPv6 support for RADIUS operations +CONFIG_IPV6=y + +# IEEE Std 802.11r-2008 (Fast BSS Transition) +#CONFIG_IEEE80211R=y + +# Use the hostapd's IEEE 802.11 authentication (ACL), but without +# the IEEE 802.11 Management capability (e.g., madwifi or FreeBSD/net80211) +#CONFIG_DRIVER_RADIUS_ACL=y + +# IEEE 802.11n (High Throughput) support +CONFIG_IEEE80211N=y + +# Remove debugging code that is printing out debug messages to stdout. +# This can be used to reduce the size of the hostapd considerably if debugging +# code is not needed. +#CONFIG_NO_STDOUT_DEBUG=y + +# Remove support for RADIUS accounting +#CONFIG_NO_ACCOUNTING=y + +# Remove support for RADIUS +#CONFIG_NO_RADIUS=y + +# Remove support for VLANs +#CONFIG_NO_VLAN=y + +CONFIG_TLS=internal +CONFIG_INTERNAL_LIBTOMMATH=y +CONFIG_INTERNAL_AES=y +NEED_AES_DEC=y diff --git a/package/hostapd/files/hostapd-mini.config b/package/hostapd/files/hostapd-mini.config new file mode 100644 index 0000000000..1720dddbf8 --- /dev/null +++ b/package/hostapd/files/hostapd-mini.config @@ -0,0 +1,155 @@ +# Example hostapd build time configuration +# +# This file lists the configuration options that are used when building the +# hostapd binary. All lines starting with # are ignored. Configuration option +# lines must be commented out complete, if they are not to be included, i.e., +# just setting VARIABLE=n is not disabling that variable. +# +# This file is included in Makefile, so variables like CFLAGS and LIBS can also +# be modified from here. In most cass, these lines should use += in order not +# to override previous values of the variables. + +# Driver interface for Host AP driver +CONFIG_DRIVER_HOSTAP=y + +# Driver interface for wired authenticator +CONFIG_DRIVER_WIRED=y + +# Driver interface for madwifi driver +CONFIG_DRIVER_MADWIFI=y +#CFLAGS += -I../../madwifi # change to the madwifi source directory + +# Driver interface for Prism54 driver +#CONFIG_DRIVER_PRISM54=y + +# Driver interface for drivers using the nl80211 kernel interface +CONFIG_DRIVER_NL80211=y +# driver_nl80211.c requires a rather new libnl (version 1.1) which may not be +# shipped with your distribution yet. If that is the case, you need to build +# newer libnl version and point the hostapd build to use it. +#LIBNL=/usr/src/libnl +#CFLAGS += -I$(LIBNL)/include +#LIBS += -L$(LIBNL)/lib + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +#CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +#LIBS += -L/usr/local/lib + +# Driver interface for no driver (e.g., RADIUS server only) +#CONFIG_DRIVER_NONE=y + +# IEEE 802.11F/IAPP +# CONFIG_IAPP=y + +# WPA2/IEEE 802.11i RSN pre-authentication +CONFIG_RSN_PREAUTH=y + +# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) +CONFIG_PEERKEY=y + +# IEEE 802.11w (management frame protection) +# This version is an experimental implementation based on IEEE 802.11w/D1.0 +# draft and is subject to change since the standard has not yet been finalized. +# Driver support is also needed for IEEE 802.11w. +#CONFIG_IEEE80211W=y + +# Integrated EAP server +#CONFIG_EAP=y + +# EAP-MD5 for the integrated EAP server +#CONFIG_EAP_MD5=y + +# EAP-TLS for the integrated EAP server +#CONFIG_EAP_TLS=y + +# EAP-MSCHAPv2 for the integrated EAP server +#CONFIG_EAP_MSCHAPV2=y + +# EAP-PEAP for the integrated EAP server +#CONFIG_EAP_PEAP=y + +# EAP-GTC for the integrated EAP server +#CONFIG_EAP_GTC=y + +# EAP-TTLS for the integrated EAP server +#CONFIG_EAP_TTLS=y + +# EAP-SIM for the integrated EAP server +#CONFIG_EAP_SIM=y + +# EAP-AKA for the integrated EAP server +#CONFIG_EAP_AKA=y + +# EAP-AKA' for the integrated EAP server +# This requires CONFIG_EAP_AKA to be enabled, too. +#CONFIG_EAP_AKA_PRIME=y + +# EAP-PAX for the integrated EAP server +#CONFIG_EAP_PAX=y + +# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) +#CONFIG_EAP_PSK=y + +# EAP-SAKE for the integrated EAP server +#CONFIG_EAP_SAKE=y + +# EAP-GPSK for the integrated EAP server +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-FAST for the integrated EAP server +# Note: Default OpenSSL package does not include support for all the +# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, +# the OpenSSL library must be patched (openssl-0.9.9-session-ticket.patch) +# to add the needed functions. +#CONFIG_EAP_FAST=y + +# Wi-Fi Protected Setup (WPS) +#CONFIG_WPS=y +# Enable UPnP support for external WPS Registrars +#CONFIG_WPS_UPNP=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# Trusted Network Connect (EAP-TNC) +#CONFIG_EAP_TNC=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +#CONFIG_PKCS12=y + +# RADIUS authentication server. This provides access to the integrated EAP +# server from external hosts using RADIUS. +#CONFIG_RADIUS_SERVER=y + +# Build IPv6 support for RADIUS operations +#CONFIG_IPV6=y + +# IEEE Std 802.11r-2008 (Fast BSS Transition) +#CONFIG_IEEE80211R=y + +# Use the hostapd's IEEE 802.11 authentication (ACL), but without +# the IEEE 802.11 Management capability (e.g., madwifi or FreeBSD/net80211) +#CONFIG_DRIVER_RADIUS_ACL=y + +# IEEE 802.11n (High Throughput) support +CONFIG_IEEE80211N=y + +# Remove debugging code that is printing out debug messages to stdout. +# This can be used to reduce the size of the hostapd considerably if debugging +# code is not needed. +#CONFIG_NO_STDOUT_DEBUG=y + +# Remove support for RADIUS accounting +CONFIG_NO_ACCOUNTING=y + +# Remove support for RADIUS +CONFIG_NO_RADIUS=y + +# Remove support for VLANs +#CONFIG_NO_VLAN=y + +CONFIG_TLS=internal diff --git a/package/hostapd/files/mini.config b/package/hostapd/files/mini.config deleted file mode 100644 index 1720dddbf8..0000000000 --- a/package/hostapd/files/mini.config +++ /dev/null @@ -1,155 +0,0 @@ -# Example hostapd build time configuration -# -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -# Driver interface for Host AP driver -CONFIG_DRIVER_HOSTAP=y - -# Driver interface for wired authenticator -CONFIG_DRIVER_WIRED=y - -# Driver interface for madwifi driver -CONFIG_DRIVER_MADWIFI=y -#CFLAGS += -I../../madwifi # change to the madwifi source directory - -# Driver interface for Prism54 driver -#CONFIG_DRIVER_PRISM54=y - -# Driver interface for drivers using the nl80211 kernel interface -CONFIG_DRIVER_NL80211=y -# driver_nl80211.c requires a rather new libnl (version 1.1) which may not be -# shipped with your distribution yet. If that is the case, you need to build -# newer libnl version and point the hostapd build to use it. -#LIBNL=/usr/src/libnl -#CFLAGS += -I$(LIBNL)/include -#LIBS += -L$(LIBNL)/lib - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib - -# Driver interface for no driver (e.g., RADIUS server only) -#CONFIG_DRIVER_NONE=y - -# IEEE 802.11F/IAPP -# CONFIG_IAPP=y - -# WPA2/IEEE 802.11i RSN pre-authentication -CONFIG_RSN_PREAUTH=y - -# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) -CONFIG_PEERKEY=y - -# IEEE 802.11w (management frame protection) -# This version is an experimental implementation based on IEEE 802.11w/D1.0 -# draft and is subject to change since the standard has not yet been finalized. -# Driver support is also needed for IEEE 802.11w. -#CONFIG_IEEE80211W=y - -# Integrated EAP server -#CONFIG_EAP=y - -# EAP-MD5 for the integrated EAP server -#CONFIG_EAP_MD5=y - -# EAP-TLS for the integrated EAP server -#CONFIG_EAP_TLS=y - -# EAP-MSCHAPv2 for the integrated EAP server -#CONFIG_EAP_MSCHAPV2=y - -# EAP-PEAP for the integrated EAP server -#CONFIG_EAP_PEAP=y - -# EAP-GTC for the integrated EAP server -#CONFIG_EAP_GTC=y - -# EAP-TTLS for the integrated EAP server -#CONFIG_EAP_TTLS=y - -# EAP-SIM for the integrated EAP server -#CONFIG_EAP_SIM=y - -# EAP-AKA for the integrated EAP server -#CONFIG_EAP_AKA=y - -# EAP-AKA' for the integrated EAP server -# This requires CONFIG_EAP_AKA to be enabled, too. -#CONFIG_EAP_AKA_PRIME=y - -# EAP-PAX for the integrated EAP server -#CONFIG_EAP_PAX=y - -# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# EAP-SAKE for the integrated EAP server -#CONFIG_EAP_SAKE=y - -# EAP-GPSK for the integrated EAP server -#CONFIG_EAP_GPSK=y -# Include support for optional SHA256 cipher suite in EAP-GPSK -#CONFIG_EAP_GPSK_SHA256=y - -# EAP-FAST for the integrated EAP server -# Note: Default OpenSSL package does not include support for all the -# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, -# the OpenSSL library must be patched (openssl-0.9.9-session-ticket.patch) -# to add the needed functions. -#CONFIG_EAP_FAST=y - -# Wi-Fi Protected Setup (WPS) -#CONFIG_WPS=y -# Enable UPnP support for external WPS Registrars -#CONFIG_WPS_UPNP=y - -# EAP-IKEv2 -#CONFIG_EAP_IKEV2=y - -# Trusted Network Connect (EAP-TNC) -#CONFIG_EAP_TNC=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -#CONFIG_PKCS12=y - -# RADIUS authentication server. This provides access to the integrated EAP -# server from external hosts using RADIUS. -#CONFIG_RADIUS_SERVER=y - -# Build IPv6 support for RADIUS operations -#CONFIG_IPV6=y - -# IEEE Std 802.11r-2008 (Fast BSS Transition) -#CONFIG_IEEE80211R=y - -# Use the hostapd's IEEE 802.11 authentication (ACL), but without -# the IEEE 802.11 Management capability (e.g., madwifi or FreeBSD/net80211) -#CONFIG_DRIVER_RADIUS_ACL=y - -# IEEE 802.11n (High Throughput) support -CONFIG_IEEE80211N=y - -# Remove debugging code that is printing out debug messages to stdout. -# This can be used to reduce the size of the hostapd considerably if debugging -# code is not needed. -#CONFIG_NO_STDOUT_DEBUG=y - -# Remove support for RADIUS accounting -CONFIG_NO_ACCOUNTING=y - -# Remove support for RADIUS -CONFIG_NO_RADIUS=y - -# Remove support for VLANs -#CONFIG_NO_VLAN=y - -CONFIG_TLS=internal diff --git a/package/hostapd/files/multicall.c b/package/hostapd/files/multicall.c new file mode 100644 index 0000000000..c8e814bb5c --- /dev/null +++ b/package/hostapd/files/multicall.c @@ -0,0 +1,28 @@ +#include +#include +#include + +extern int hostapd_main(int argc, char **argv); +extern int wpa_supplicant_main(int argc, char **argv); + +int main(int argc, char **argv) +{ + bool restart = false; + const char *prog = argv[0]; + +restart: + if (strstr(argv[0], "hostapd")) + return hostapd_main(argc, argv); + else if (strstr(argv[0], "wpa_supplicant")) + return wpa_supplicant_main(argc, argv); + + if (!restart && argc > 1) { + argv++; + argc--; + restart = true; + goto restart; + } + + fprintf(stderr, "Invalid command.\nUsage: %s wpa_supplicant|hostapd []\n", prog); + return 255; +} diff --git a/package/hostapd/files/wpa_supplicant-full.config b/package/hostapd/files/wpa_supplicant-full.config new file mode 100644 index 0000000000..5e7fd27d1b --- /dev/null +++ b/package/hostapd/files/wpa_supplicant-full.config @@ -0,0 +1,404 @@ +# Example wpa_supplicant build time configuration +# +# This file lists the configuration options that are used when building the +# hostapd binary. All lines starting with # are ignored. Configuration option +# lines must be commented out complete, if they are not to be included, i.e., +# just setting VARIABLE=n is not disabling that variable. +# +# This file is included in Makefile, so variables like CFLAGS and LIBS can also +# be modified from here. In most cases, these lines should use += in order not +# to override previous values of the variables. + + +# Uncomment following two lines and fix the paths if you have installed OpenSSL +# or GnuTLS in non-default location +#CFLAGS += -I/usr/local/openssl/include +#LIBS += -L/usr/local/openssl/lib + +# Some Red Hat versions seem to include kerberos header files from OpenSSL, but +# the kerberos files are not in the default include path. Following line can be +# used to fix build issues on such systems (krb5.h not found). +#CFLAGS += -I/usr/include/kerberos + +# Example configuration for various cross-compilation platforms + +#### sveasoft (e.g., for Linksys WRT54G) ###################################### +#CC=mipsel-uclibc-gcc +#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc +#CFLAGS += -Os +#CPPFLAGS += -I../src/include -I../../src/router/openssl/include +#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl +############################################################################### + +#### openwrt (e.g., for Linksys WRT54G) ####################################### +#CC=mipsel-uclibc-gcc +#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc +#CFLAGS += -Os +#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ +# -I../WRT54GS/release/src/include +#LIBS = -lssl +############################################################################### + + +# Driver interface for Host AP driver +CONFIG_DRIVER_HOSTAP=y + +# Driver interface for Agere driver +#CONFIG_DRIVER_HERMES=y +# Change include directories to match with the local setup +#CFLAGS += -I../../hcf -I../../include -I../../include/hcf +#CFLAGS += -I../../include/wireless + +# Driver interface for madwifi driver +# Deprecated; use CONFIG_DRIVER_WEXT=y instead. +#CONFIG_DRIVER_MADWIFI=y +# Set include directory to the madwifi source tree +#CFLAGS += -I../../madwifi + +# Driver interface for ndiswrapper +# Deprecated; use CONFIG_DRIVER_WEXT=y instead. +#CONFIG_DRIVER_NDISWRAPPER=y + +# Driver interface for Atmel driver +# CONFIG_DRIVER_ATMEL=y + +# Driver interface for old Broadcom driver +# Please note that the newer Broadcom driver ("hybrid Linux driver") supports +# Linux wireless extensions and does not need (or even work) with the old +# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver. +#CONFIG_DRIVER_BROADCOM=y +# Example path for wlioctl.h; change to match your configuration +#CFLAGS += -I/opt/WRT54GS/release/src/include + +# Driver interface for Intel ipw2100/2200 driver +# Deprecated; use CONFIG_DRIVER_WEXT=y instead. +#CONFIG_DRIVER_IPW=y + +# Driver interface for Ralink driver +#CONFIG_DRIVER_RALINK=y + +# Driver interface for generic Linux wireless extensions +CONFIG_DRIVER_WEXT=y + +# Driver interface for Linux drivers using the nl80211 kernel interface +CONFIG_DRIVER_NL80211=y + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +#CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +#LIBS += -L/usr/local/lib +#LIBS_p += -L/usr/local/lib +#LIBS_c += -L/usr/local/lib + +# Driver interface for Windows NDIS +#CONFIG_DRIVER_NDIS=y +#CFLAGS += -I/usr/include/w32api/ddk +#LIBS += -L/usr/local/lib +# For native build using mingw +#CONFIG_NATIVE_WINDOWS=y +# Additional directories for cross-compilation on Linux host for mingw target +#CFLAGS += -I/opt/mingw/mingw32/include/ddk +#LIBS += -L/opt/mingw/mingw32/lib +#CC=mingw32-gcc +# By default, driver_ndis uses WinPcap for low-level operations. This can be +# replaced with the following option which replaces WinPcap calls with NDISUIO. +# However, this requires that WZC is disabled (net stop wzcsvc) before starting +# wpa_supplicant. +# CONFIG_USE_NDISUIO=y + +# Driver interface for development testing +#CONFIG_DRIVER_TEST=y + +# Include client MLME (management frame processing) for test driver +# This can be used to test MLME operations in hostapd with the test interface. +# space. +#CONFIG_CLIENT_MLME=y + +# Driver interface for wired Ethernet drivers +CONFIG_DRIVER_WIRED=y + +# Driver interface for the Broadcom RoboSwitch family +#CONFIG_DRIVER_ROBOSWITCH=y + +# Driver interface for no driver (e.g., WPS ER only) +#CONFIG_DRIVER_NONE=y + +# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is +# included) +CONFIG_IEEE8021X_EAPOL=y + +# EAP-MD5 +CONFIG_EAP_MD5=y + +# EAP-MSCHAPv2 +CONFIG_EAP_MSCHAPV2=y + +# EAP-TLS +CONFIG_EAP_TLS=y + +# EAL-PEAP +CONFIG_EAP_PEAP=y + +# EAP-TTLS +CONFIG_EAP_TTLS=y + +# EAP-FAST +# Note: Default OpenSSL package does not include support for all the +# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, +# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch) +# to add the needed functions. +#CONFIG_EAP_FAST=y + +# EAP-GTC +CONFIG_EAP_GTC=y + +# EAP-OTP +CONFIG_EAP_OTP=y + +# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) +#CONFIG_EAP_SIM=y + +# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) +#CONFIG_EAP_PSK=y + +# EAP-PAX +#CONFIG_EAP_PAX=y + +# LEAP +CONFIG_EAP_LEAP=y + +# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) +#CONFIG_EAP_AKA=y + +# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used). +# This requires CONFIG_EAP_AKA to be enabled, too. +#CONFIG_EAP_AKA_PRIME=y + +# Enable USIM simulator (Milenage) for EAP-AKA +#CONFIG_USIM_SIMULATOR=y + +# EAP-SAKE +#CONFIG_EAP_SAKE=y + +# EAP-GPSK +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-TNC and related Trusted Network Connect support (experimental) +#CONFIG_EAP_TNC=y + +# Wi-Fi Protected Setup (WPS) +#CONFIG_WPS=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +CONFIG_PKCS12=y + +# Smartcard support (i.e., private key on a smartcard), e.g., with openssl +# engine. +CONFIG_SMARTCARD=y + +# PC/SC interface for smartcards (USIM, GSM SIM) +# Enable this if EAP-SIM or EAP-AKA is included +#CONFIG_PCSC=y + +# Development testing +#CONFIG_EAPOL_TEST=y + +# Select control interface backend for external programs, e.g, wpa_cli: +# unix = UNIX domain sockets (default for Linux/*BSD) +# udp = UDP sockets using localhost (127.0.0.1) +# named_pipe = Windows Named Pipe (default for Windows) +# y = use default (backwards compatibility) +# If this option is commented out, control interface is not included in the +# build. +CONFIG_CTRL_IFACE=y + +# Include support for GNU Readline and History Libraries in wpa_cli. +# When building a wpa_cli binary for distribution, please note that these +# libraries are licensed under GPL and as such, BSD license may not apply for +# the resulting binary. +#CONFIG_READLINE=y + +# Remove debugging code that is printing out debug message to stdout. +# This can be used to reduce the size of the wpa_supplicant considerably +# if debugging code is not needed. The size reduction can be around 35% +# (e.g., 90 kB). +#CONFIG_NO_STDOUT_DEBUG=y + +# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save +# 35-50 kB in code size. +#CONFIG_NO_WPA=y + +# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to +# save about 1 kB in code size when building only WPA-Personal (no EAP support) +# or 6 kB if building for WPA-Enterprise. +#CONFIG_NO_WPA2=y + +# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support +# This option can be used to reduce code size by removing support for +# converting ASCII passphrases into PSK. If this functionality is removed, the +# PSK can only be configured as the 64-octet hexstring (e.g., from +# wpa_passphrase). This saves about 0.5 kB in code size. +#CONFIG_NO_WPA_PASSPHRASE=y + +# Disable scan result processing (ap_mode=1) to save code size by about 1 kB. +# This can be used if ap_scan=1 mode is never enabled. +#CONFIG_NO_SCAN_PROCESSING=y + +# Select configuration backend: +# file = text file (e.g., wpa_supplicant.conf; note: the configuration file +# path is given on command line, not here; this option is just used to +# select the backend that allows configuration files to be used) +# winreg = Windows registry (see win_example.reg for an example) +CONFIG_BACKEND=file + +# Remove configuration write functionality (i.e., to allow the configuration +# file to be updated based on runtime configuration changes). The runtime +# configuration can still be changed, the changes are just not going to be +# persistent over restarts. This option can be used to reduce code size by +# about 3.5 kB. +#CONFIG_NO_CONFIG_WRITE=y + +# Remove support for configuration blobs to reduce code size by about 1.5 kB. +#CONFIG_NO_CONFIG_BLOBS=y + +# Select program entry point implementation: +# main = UNIX/POSIX like main() function (default) +# main_winsvc = Windows service (read parameters from registry) +# main_none = Very basic example (development use only) +#CONFIG_MAIN=main + +# Select wrapper for operatins system and C library specific functions +# unix = UNIX/POSIX like systems (default) +# win32 = Windows systems +# none = Empty template +#CONFIG_OS=unix + +# Select event loop implementation +# eloop = select() loop (default) +# eloop_win = Windows events and WaitForMultipleObject() loop +# eloop_none = Empty template +#CONFIG_ELOOP=eloop + +# Select layer 2 packet implementation +# linux = Linux packet socket (default) +# pcap = libpcap/libdnet/WinPcap +# freebsd = FreeBSD libpcap +# winpcap = WinPcap with receive thread +# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) +# none = Empty template +#CONFIG_L2_PACKET=linux + +# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) +CONFIG_PEERKEY=y + +# IEEE 802.11w (management frame protection) +# This version is an experimental implementation based on IEEE 802.11w/D1.0 +# draft and is subject to change since the standard has not yet been finalized. +# Driver support is also needed for IEEE 802.11w. +#CONFIG_IEEE80211W=y + +# Select TLS implementation +# openssl = OpenSSL (default) +# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA) +# internal = Internal TLSv1 implementation (experimental) +# none = Empty template +CONFIG_TLS=internal + +# Whether to enable TLS/IA support, which is required for EAP-TTLSv1. +# You need CONFIG_TLS=gnutls for this to have any effect. Please note that +# even though the core GnuTLS library is released under LGPL, this extra +# library uses GPL and as such, the terms of GPL apply to the combination +# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not +# apply for distribution of the resulting binary. +#CONFIG_GNUTLS_EXTRA=y + +# If CONFIG_TLS=internal is used, additional library and include paths are +# needed for LibTomMath. Alternatively, an integrated, minimal version of +# LibTomMath can be used. See beginning of libtommath.c for details on benefits +# and drawbacks of this option. +CONFIG_INTERNAL_LIBTOMMATH=y +#ifndef CONFIG_INTERNAL_LIBTOMMATH +#LTM_PATH=/usr/src/libtommath-0.39 +#CFLAGS += -I$(LTM_PATH) +#LIBS += -L$(LTM_PATH) +#LIBS_p += -L$(LTM_PATH) +#endif +# At the cost of about 4 kB of additional binary size, the internal LibTomMath +# can be configured to include faster routines for exptmod, sqr, and div to +# speed up DH and RSA calculation considerably +CONFIG_INTERNAL_LIBTOMMATH_FAST=y + +# Include NDIS event processing through WMI into wpa_supplicant/wpasvc. +# This is only for Windows builds and requires WMI-related header files and +# WbemUuid.Lib from Platform SDK even when building with MinGW. +#CONFIG_NDIS_EVENTS_INTEGRATED=y +#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" + +# Add support for old DBus control interface +# (fi.epitest.hostap.WPASupplicant) +#CONFIG_CTRL_IFACE_DBUS=y + +# Add support for new DBus control interface +# (fi.w1.hostap.wpa_supplicant1) +#CONFIG_CTRL_IFACE_DBUS_NEW=y + +# Add introspection support for new DBus control interface +#CONFIG_CTRL_IFACE_DBUS_INTRO=y + +# Add support for loading EAP methods dynamically as shared libraries. +# When this option is enabled, each EAP method can be either included +# statically (CONFIG_EAP_=y) or dynamically (CONFIG_EAP_=dyn). +# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to +# be loaded in the beginning of the wpa_supplicant configuration file +# (see load_dynamic_eap parameter in the example file) before being used in +# the network blocks. +# +# Note that some shared parts of EAP methods are included in the main program +# and in order to be able to use dynamic EAP methods using these parts, the +# main program must have been build with the EAP method enabled (=y or =dyn). +# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries +# unless at least one of them was included in the main build to force inclusion +# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included +# in the main build to be able to load these methods dynamically. +# +# Please also note that using dynamic libraries will increase the total binary +# size. Thus, it may not be the best option for targets that have limited +# amount of memory/flash. +#CONFIG_DYNAMIC_EAP_METHODS=y + +# IEEE Std 802.11r-2008 (Fast BSS Transition) +#CONFIG_IEEE80211R=y + +# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) +#CONFIG_DEBUG_FILE=y + +# Enable privilege separation (see README 'Privilege separation' for details) +#CONFIG_PRIVSEP=y + +# Enable mitigation against certain attacks against TKIP by delaying Michael +# MIC error reports by a random amount of time between 0 and 60 seconds +#CONFIG_DELAYED_MIC_ERROR_REPORT=y + +# Enable tracing code for developer debugging +# This tracks use of memory allocations and other registrations and reports +# incorrect use with a backtrace of call (or allocation) location. +#CONFIG_WPA_TRACE=y +# For BSD, comment out these. +#LIBS += -lexecinfo +#LIBS_p += -lexecinfo +#LIBS_c += -lexecinfo + +# Use libbfd to get more details for developer debugging +# This enables use of libbfd to get more detailed symbols for the backtraces +# generated by CONFIG_WPA_TRACE=y. +#CONFIG_WPA_TRACE_BFD=y +# For BSD, comment out these. +#LIBS += -lbfd -liberty -lz +#LIBS_p += -lbfd -liberty -lz +#LIBS_c += -lbfd -liberty -lz diff --git a/package/hostapd/files/wpa_supplicant-mini.config b/package/hostapd/files/wpa_supplicant-mini.config new file mode 100644 index 0000000000..843b64a7d1 --- /dev/null +++ b/package/hostapd/files/wpa_supplicant-mini.config @@ -0,0 +1,404 @@ +# Example wpa_supplicant build time configuration +# +# This file lists the configuration options that are used when building the +# hostapd binary. All lines starting with # are ignored. Configuration option +# lines must be commented out complete, if they are not to be included, i.e., +# just setting VARIABLE=n is not disabling that variable. +# +# This file is included in Makefile, so variables like CFLAGS and LIBS can also +# be modified from here. In most cases, these lines should use += in order not +# to override previous values of the variables. + + +# Uncomment following two lines and fix the paths if you have installed OpenSSL +# or GnuTLS in non-default location +#CFLAGS += -I/usr/local/openssl/include +#LIBS += -L/usr/local/openssl/lib + +# Some Red Hat versions seem to include kerberos header files from OpenSSL, but +# the kerberos files are not in the default include path. Following line can be +# used to fix build issues on such systems (krb5.h not found). +#CFLAGS += -I/usr/include/kerberos + +# Example configuration for various cross-compilation platforms + +#### sveasoft (e.g., for Linksys WRT54G) ###################################### +#CC=mipsel-uclibc-gcc +#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc +#CFLAGS += -Os +#CPPFLAGS += -I../src/include -I../../src/router/openssl/include +#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl +############################################################################### + +#### openwrt (e.g., for Linksys WRT54G) ####################################### +#CC=mipsel-uclibc-gcc +#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc +#CFLAGS += -Os +#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ +# -I../WRT54GS/release/src/include +#LIBS = -lssl +############################################################################### + + +# Driver interface for Host AP driver +CONFIG_DRIVER_HOSTAP=y + +# Driver interface for Agere driver +#CONFIG_DRIVER_HERMES=y +# Change include directories to match with the local setup +#CFLAGS += -I../../hcf -I../../include -I../../include/hcf +#CFLAGS += -I../../include/wireless + +# Driver interface for madwifi driver +# Deprecated; use CONFIG_DRIVER_WEXT=y instead. +#CONFIG_DRIVER_MADWIFI=y +# Set include directory to the madwifi source tree +#CFLAGS += -I../../madwifi + +# Driver interface for ndiswrapper +# Deprecated; use CONFIG_DRIVER_WEXT=y instead. +#CONFIG_DRIVER_NDISWRAPPER=y + +# Driver interface for Atmel driver +# CONFIG_DRIVER_ATMEL=y + +# Driver interface for old Broadcom driver +# Please note that the newer Broadcom driver ("hybrid Linux driver") supports +# Linux wireless extensions and does not need (or even work) with the old +# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver. +#CONFIG_DRIVER_BROADCOM=y +# Example path for wlioctl.h; change to match your configuration +#CFLAGS += -I/opt/WRT54GS/release/src/include + +# Driver interface for Intel ipw2100/2200 driver +# Deprecated; use CONFIG_DRIVER_WEXT=y instead. +#CONFIG_DRIVER_IPW=y + +# Driver interface for Ralink driver +#CONFIG_DRIVER_RALINK=y + +# Driver interface for generic Linux wireless extensions +CONFIG_DRIVER_WEXT=y + +# Driver interface for Linux drivers using the nl80211 kernel interface +CONFIG_DRIVER_NL80211=y + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +#CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +#LIBS += -L/usr/local/lib +#LIBS_p += -L/usr/local/lib +#LIBS_c += -L/usr/local/lib + +# Driver interface for Windows NDIS +#CONFIG_DRIVER_NDIS=y +#CFLAGS += -I/usr/include/w32api/ddk +#LIBS += -L/usr/local/lib +# For native build using mingw +#CONFIG_NATIVE_WINDOWS=y +# Additional directories for cross-compilation on Linux host for mingw target +#CFLAGS += -I/opt/mingw/mingw32/include/ddk +#LIBS += -L/opt/mingw/mingw32/lib +#CC=mingw32-gcc +# By default, driver_ndis uses WinPcap for low-level operations. This can be +# replaced with the following option which replaces WinPcap calls with NDISUIO. +# However, this requires that WZC is disabled (net stop wzcsvc) before starting +# wpa_supplicant. +# CONFIG_USE_NDISUIO=y + +# Driver interface for development testing +#CONFIG_DRIVER_TEST=y + +# Include client MLME (management frame processing) for test driver +# This can be used to test MLME operations in hostapd with the test interface. +# space. +#CONFIG_CLIENT_MLME=y + +# Driver interface for wired Ethernet drivers +CONFIG_DRIVER_WIRED=y + +# Driver interface for the Broadcom RoboSwitch family +#CONFIG_DRIVER_ROBOSWITCH=y + +# Driver interface for no driver (e.g., WPS ER only) +#CONFIG_DRIVER_NONE=y + +# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is +# included) +# CONFIG_IEEE8021X_EAPOL=y + +# EAP-MD5 +# CONFIG_EAP_MD5=y + +# EAP-MSCHAPv2 +# CONFIG_EAP_MSCHAPV2=y + +# EAP-TLS +# CONFIG_EAP_TLS=y + +# EAL-PEAP +# CONFIG_EAP_PEAP=y + +# EAP-TTLS +# CONFIG_EAP_TTLS=y + +# EAP-FAST +# Note: Default OpenSSL package does not include support for all the +# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, +# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch) +# to add the needed functions. +#CONFIG_EAP_FAST=y + +# EAP-GTC +# CONFIG_EAP_GTC=y + +# EAP-OTP +# CONFIG_EAP_OTP=y + +# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) +#CONFIG_EAP_SIM=y + +# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) +#CONFIG_EAP_PSK=y + +# EAP-PAX +#CONFIG_EAP_PAX=y + +# LEAP +# CONFIG_EAP_LEAP=y + +# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) +#CONFIG_EAP_AKA=y + +# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used). +# This requires CONFIG_EAP_AKA to be enabled, too. +#CONFIG_EAP_AKA_PRIME=y + +# Enable USIM simulator (Milenage) for EAP-AKA +#CONFIG_USIM_SIMULATOR=y + +# EAP-SAKE +#CONFIG_EAP_SAKE=y + +# EAP-GPSK +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-TNC and related Trusted Network Connect support (experimental) +#CONFIG_EAP_TNC=y + +# Wi-Fi Protected Setup (WPS) +#CONFIG_WPS=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +# CONFIG_PKCS12=y + +# Smartcard support (i.e., private key on a smartcard), e.g., with openssl +# engine. +# CONFIG_SMARTCARD=y + +# PC/SC interface for smartcards (USIM, GSM SIM) +# Enable this if EAP-SIM or EAP-AKA is included +#CONFIG_PCSC=y + +# Development testing +#CONFIG_EAPOL_TEST=y + +# Select control interface backend for external programs, e.g, wpa_cli: +# unix = UNIX domain sockets (default for Linux/*BSD) +# udp = UDP sockets using localhost (127.0.0.1) +# named_pipe = Windows Named Pipe (default for Windows) +# y = use default (backwards compatibility) +# If this option is commented out, control interface is not included in the +# build. +CONFIG_CTRL_IFACE=y + +# Include support for GNU Readline and History Libraries in wpa_cli. +# When building a wpa_cli binary for distribution, please note that these +# libraries are licensed under GPL and as such, BSD license may not apply for +# the resulting binary. +#CONFIG_READLINE=y + +# Remove debugging code that is printing out debug message to stdout. +# This can be used to reduce the size of the wpa_supplicant considerably +# if debugging code is not needed. The size reduction can be around 35% +# (e.g., 90 kB). +#CONFIG_NO_STDOUT_DEBUG=y + +# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save +# 35-50 kB in code size. +#CONFIG_NO_WPA=y + +# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to +# save about 1 kB in code size when building only WPA-Personal (no EAP support) +# or 6 kB if building for WPA-Enterprise. +#CONFIG_NO_WPA2=y + +# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support +# This option can be used to reduce code size by removing support for +# converting ASCII passphrases into PSK. If this functionality is removed, the +# PSK can only be configured as the 64-octet hexstring (e.g., from +# wpa_passphrase). This saves about 0.5 kB in code size. +#CONFIG_NO_WPA_PASSPHRASE=y + +# Disable scan result processing (ap_mode=1) to save code size by about 1 kB. +# This can be used if ap_scan=1 mode is never enabled. +#CONFIG_NO_SCAN_PROCESSING=y + +# Select configuration backend: +# file = text file (e.g., wpa_supplicant.conf; note: the configuration file +# path is given on command line, not here; this option is just used to +# select the backend that allows configuration files to be used) +# winreg = Windows registry (see win_example.reg for an example) +CONFIG_BACKEND=file + +# Remove configuration write functionality (i.e., to allow the configuration +# file to be updated based on runtime configuration changes). The runtime +# configuration can still be changed, the changes are just not going to be +# persistent over restarts. This option can be used to reduce code size by +# about 3.5 kB. +#CONFIG_NO_CONFIG_WRITE=y + +# Remove support for configuration blobs to reduce code size by about 1.5 kB. +#CONFIG_NO_CONFIG_BLOBS=y + +# Select program entry point implementation: +# main = UNIX/POSIX like main() function (default) +# main_winsvc = Windows service (read parameters from registry) +# main_none = Very basic example (development use only) +#CONFIG_MAIN=main + +# Select wrapper for operatins system and C library specific functions +# unix = UNIX/POSIX like systems (default) +# win32 = Windows systems +# none = Empty template +#CONFIG_OS=unix + +# Select event loop implementation +# eloop = select() loop (default) +# eloop_win = Windows events and WaitForMultipleObject() loop +# eloop_none = Empty template +#CONFIG_ELOOP=eloop + +# Select layer 2 packet implementation +# linux = Linux packet socket (default) +# pcap = libpcap/libdnet/WinPcap +# freebsd = FreeBSD libpcap +# winpcap = WinPcap with receive thread +# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) +# none = Empty template +#CONFIG_L2_PACKET=linux + +# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) +# CONFIG_PEERKEY=y + +# IEEE 802.11w (management frame protection) +# This version is an experimental implementation based on IEEE 802.11w/D1.0 +# draft and is subject to change since the standard has not yet been finalized. +# Driver support is also needed for IEEE 802.11w. +#CONFIG_IEEE80211W=y + +# Select TLS implementation +# openssl = OpenSSL (default) +# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA) +# internal = Internal TLSv1 implementation (experimental) +# none = Empty template +CONFIG_TLS=internal + +# Whether to enable TLS/IA support, which is required for EAP-TTLSv1. +# You need CONFIG_TLS=gnutls for this to have any effect. Please note that +# even though the core GnuTLS library is released under LGPL, this extra +# library uses GPL and as such, the terms of GPL apply to the combination +# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not +# apply for distribution of the resulting binary. +#CONFIG_GNUTLS_EXTRA=y + +# If CONFIG_TLS=internal is used, additional library and include paths are +# needed for LibTomMath. Alternatively, an integrated, minimal version of +# LibTomMath can be used. See beginning of libtommath.c for details on benefits +# and drawbacks of this option. +#CONFIG_INTERNAL_LIBTOMMATH=y +#ifndef CONFIG_INTERNAL_LIBTOMMATH +#LTM_PATH=/usr/src/libtommath-0.39 +#CFLAGS += -I$(LTM_PATH) +#LIBS += -L$(LTM_PATH) +#LIBS_p += -L$(LTM_PATH) +#endif +# At the cost of about 4 kB of additional binary size, the internal LibTomMath +# can be configured to include faster routines for exptmod, sqr, and div to +# speed up DH and RSA calculation considerably +#CONFIG_INTERNAL_LIBTOMMATH_FAST=y + +# Include NDIS event processing through WMI into wpa_supplicant/wpasvc. +# This is only for Windows builds and requires WMI-related header files and +# WbemUuid.Lib from Platform SDK even when building with MinGW. +#CONFIG_NDIS_EVENTS_INTEGRATED=y +#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" + +# Add support for old DBus control interface +# (fi.epitest.hostap.WPASupplicant) +#CONFIG_CTRL_IFACE_DBUS=y + +# Add support for new DBus control interface +# (fi.w1.hostap.wpa_supplicant1) +#CONFIG_CTRL_IFACE_DBUS_NEW=y + +# Add introspection support for new DBus control interface +#CONFIG_CTRL_IFACE_DBUS_INTRO=y + +# Add support for loading EAP methods dynamically as shared libraries. +# When this option is enabled, each EAP method can be either included +# statically (CONFIG_EAP_=y) or dynamically (CONFIG_EAP_=dyn). +# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to +# be loaded in the beginning of the wpa_supplicant configuration file +# (see load_dynamic_eap parameter in the example file) before being used in +# the network blocks. +# +# Note that some shared parts of EAP methods are included in the main program +# and in order to be able to use dynamic EAP methods using these parts, the +# main program must have been build with the EAP method enabled (=y or =dyn). +# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries +# unless at least one of them was included in the main build to force inclusion +# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included +# in the main build to be able to load these methods dynamically. +# +# Please also note that using dynamic libraries will increase the total binary +# size. Thus, it may not be the best option for targets that have limited +# amount of memory/flash. +#CONFIG_DYNAMIC_EAP_METHODS=y + +# IEEE Std 802.11r-2008 (Fast BSS Transition) +#CONFIG_IEEE80211R=y + +# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) +#CONFIG_DEBUG_FILE=y + +# Enable privilege separation (see README 'Privilege separation' for details) +#CONFIG_PRIVSEP=y + +# Enable mitigation against certain attacks against TKIP by delaying Michael +# MIC error reports by a random amount of time between 0 and 60 seconds +#CONFIG_DELAYED_MIC_ERROR_REPORT=y + +# Enable tracing code for developer debugging +# This tracks use of memory allocations and other registrations and reports +# incorrect use with a backtrace of call (or allocation) location. +#CONFIG_WPA_TRACE=y +# For BSD, comment out these. +#LIBS += -lexecinfo +#LIBS_p += -lexecinfo +#LIBS_c += -lexecinfo + +# Use libbfd to get more details for developer debugging +# This enables use of libbfd to get more detailed symbols for the backtraces +# generated by CONFIG_WPA_TRACE=y. +#CONFIG_WPA_TRACE_BFD=y +# For BSD, comment out these. +#LIBS += -lbfd -liberty -lz +#LIBS_p += -lbfd -liberty -lz +#LIBS_c += -lbfd -liberty -lz diff --git a/package/hostapd/files/wpa_supplicant.sh b/package/hostapd/files/wpa_supplicant.sh new file mode 100644 index 0000000000..8f7f503c1f --- /dev/null +++ b/package/hostapd/files/wpa_supplicant.sh @@ -0,0 +1,117 @@ +wpa_supplicant_setup_vif() { + local vif="$1" + local driver="$2" + local key="$key" + + # wpa_supplicant should use wext for mac80211 cards + [ "$driver" = "mac80211" ] && driver='wext' + + # make sure we have the psk + [ -n "$key" ] || { + config_get key "$vif" key + } + + case "$enc" in + *wep*) + key_mgmt='NONE' + config_get key "$vif" key + key="${key:-1}" + case "$key" in + [1234]) + for idx in 1 2 3 4; do + local zidx + zidx=$(($idx - 1)) + config_get ckey "$vif" "key${idx}" + [ -n "$ckey" ] && \ + append "wep_key${zidx}" "wep_key${zidx}=$(prepare_key_wep "$ckey")" + done + wep_tx_keyidx="wep_tx_keyidx=$((key - 1))" + ;; + *) + wep_key0="wep_key0=$(prepare_key_wep "$key")" + wep_tx_keyidx="wep_tx_keyidx=0" + ;; + esac + ;; + *psk*) + key_mgmt='WPA-PSK' + config_get_bool usepassphrase "$vif" passphrase 1 + case "$enc" in + *psk2*) + proto='proto=RSN' + if [ "$usepassphrase" = "1" ]; then + passphrase="psk=\"${key}\"" + else + passphrase="psk=${key}" + fi + ;; + *psk*) + proto='proto=WPA' + if [ "$usepassphrase" = "1" ]; then + passphrase="psk=\"${key}\"" + else + passphrase="psk=${key}" + fi + ;; + esac + ;; + *wpa*|*8021x*) + proto='proto=WPA2' + key_mgmt='WPA-EAP' + config_get ca_cert "$vif" ca_cert + ca_cert=${ca_cert:+"ca_cert=\"$ca_cert\""} + case "$eap_type" in + tls) + pairwise='pairwise=CCMP' + group='group=CCMP' + config_get priv_key "$vif" priv_key + config_get priv_key_pwd "$vif" priv_key_pwd + priv_key="private_key=\"$priv_key\"" + priv_key_pwd="private_key_passwd=\"$priv_key_pwd\"" + ;; + peap|ttls) + config_get auth "$vif" auth + config_get identity "$vif" identity + config_get password "$vif" password + phase2="phase2=\"auth=${auth:-MSCHAPV2}\"" + identity="identity=\"$identity\"" + password="password=\"$password\"" + ;; + esac + eap_type="eap=$(echo $eap_type | tr 'a-z' 'A-Z')" + ;; + esac + config_get ifname "$vif" ifname + config_get bridge "$vif" bridge + config_get ssid "$vif" ssid + config_get bssid "$vif" bssid + bssid=${bssid:+"bssid=$bssid"} + rm -rf /var/run/wpa_supplicant-$ifname + cat > /var/run/wpa_supplicant-$ifname.conf <wpa_debug_file_path); + if (params->wpa_debug_syslog) + wpa_debug_open_syslog(); +--- a/hostapd/main.c ++++ b/hostapd/main.c +@@ -478,6 +478,9 @@ static void usage(void) + exit(1); + } + ++void hostapd_wpa_event(void *ctx, enum wpa_event_type event, ++ union wpa_event_data *data); ++ + + int main(int argc, char *argv[]) + { +@@ -489,6 +492,7 @@ int main(int argc, char *argv[]) + if (os_program_init()) + return -1; + ++ wpa_supplicant_event = hostapd_wpa_event; + for (;;) { + c = getopt(argc, argv, "BdhKP:tv"); + if (c < 0) +--- a/src/drivers/drivers.c ++++ b/src/drivers/drivers.c +@@ -13,7 +13,11 @@ + */ + + #include "includes.h" ++#include "common.h" ++#include "driver.h" + ++void (*wpa_supplicant_event)(void *ctx, enum wpa_event_type event, ++ union wpa_event_data *data); + + #ifdef CONFIG_DRIVER_WEXT + extern struct wpa_driver_ops wpa_driver_wext_ops; /* driver_wext.c */ diff --git a/package/hostapd/patches/300-timestamp_check.patch b/package/hostapd/patches/300-timestamp_check.patch new file mode 100644 index 0000000000..fef63e30a4 --- /dev/null +++ b/package/hostapd/patches/300-timestamp_check.patch @@ -0,0 +1,15 @@ +--- a/src/tls/x509v3.c ++++ b/src/tls/x509v3.c +@@ -1832,8 +1832,11 @@ int x509_certificate_chain_validate(stru + if (chain_trusted) + continue; + +- if ((unsigned long) now.sec < ++ if ( ++#ifndef NO_TIMESTAMP_CHECK ++ (unsigned long) now.sec < + (unsigned long) cert->not_before || ++#endif + (unsigned long) now.sec > + (unsigned long) cert->not_after) { + wpa_printf(MSG_INFO, "X509: Certificate not valid " diff --git a/package/hostapd/patches/310-scan_ssid.patch b/package/hostapd/patches/310-scan_ssid.patch new file mode 100644 index 0000000000..5a7e10f6b7 --- /dev/null +++ b/package/hostapd/patches/310-scan_ssid.patch @@ -0,0 +1,37 @@ +--- a/wpa_supplicant/scan.c ++++ b/wpa_supplicant/scan.c +@@ -215,6 +215,7 @@ static void wpa_supplicant_scan(void *el + enum wps_request_type req_type = WPS_REQ_ENROLLEE_INFO; + #endif /* CONFIG_WPS */ + struct wpa_driver_scan_params params; ++ int scan_ssid_all = 1; + size_t max_ssids; + + if (wpa_s->disconnected && !wpa_s->scan_req) { +@@ -275,6 +276,16 @@ static void wpa_supplicant_scan(void *el + wpa_s->wpa_state == WPA_INACTIVE) + wpa_supplicant_set_state(wpa_s, WPA_SCANNING); + ++ /* check if all configured ssids should be scanned directly */ ++ ssid = wpa_s->conf->ssid; ++ while (ssid) { ++ if (!ssid->scan_ssid) { ++ scan_ssid_all = 0; ++ break; ++ } ++ ssid = ssid->next; ++ } ++ + /* Find the starting point from which to continue scanning */ + ssid = wpa_s->conf->ssid; + if (wpa_s->prev_scan_ssid != WILDCARD_SSID_SCAN) { +@@ -336,6 +347,9 @@ static void wpa_supplicant_scan(void *el + int_array_sort_unique(params.freqs); + } + ++ if (scan_ssid_all && !ssid) ++ ssid = wpa_s->conf->ssid; ++ + if (ssid) { + wpa_s->prev_scan_ssid = ssid; + if (max_ssids > 1) { diff --git a/package/hostapd/patches/320-rescan_immediately.patch b/package/hostapd/patches/320-rescan_immediately.patch new file mode 100644 index 0000000000..a4020bc1dd --- /dev/null +++ b/package/hostapd/patches/320-rescan_immediately.patch @@ -0,0 +1,11 @@ +--- a/wpa_supplicant/events.c ++++ b/wpa_supplicant/events.c +@@ -843,7 +843,7 @@ static void wpa_supplicant_event_scan_re + wpa_printf(MSG_DEBUG, "Setup a new network"); + wpa_supplicant_associate(wpa_s, NULL, ssid); + } else +- wpa_supplicant_req_new_scan(wpa_s, 5); ++ wpa_supplicant_req_new_scan(wpa_s, 0); + } + } + #endif /* CONFIG_NO_SCAN_PROCESSING */ diff --git a/package/hostapd/patches/330-madwifi_merge.patch b/package/hostapd/patches/330-madwifi_merge.patch new file mode 100644 index 0000000000..e3a89d1be6 --- /dev/null +++ b/package/hostapd/patches/330-madwifi_merge.patch @@ -0,0 +1,767 @@ +--- a/src/drivers/driver_madwifi.c ++++ b/src/drivers/driver_madwifi.c +@@ -71,7 +71,6 @@ + + #define WPA_KEY_RSC_LEN 8 + +-#ifdef HOSTAPD + + #include "priv_netlink.h" + #include "netlink.h" +@@ -82,17 +81,22 @@ + struct madwifi_driver_data { + struct hostapd_data *hapd; /* back pointer */ + +- char iface[IFNAMSIZ + 1]; ++ void *wext; /* private data for driver_wext */ ++ void *ctx; ++ char ifname[IFNAMSIZ + 1]; ++ int ioctl_sock; /* socket for ioctl() use */ ++ ++#ifdef HOSTAPD + int ifindex; + struct l2_packet_data *sock_xmit; /* raw packet xmit socket */ + struct l2_packet_data *sock_recv; /* raw packet recv socket */ +- int ioctl_sock; /* socket for ioctl() use */ + struct netlink_data *netlink; + int we_version; + u8 acct_mac[ETH_ALEN]; + struct hostap_sta_driver_data acct_data; + + struct l2_packet_data *sock_raw; /* raw 802.11 management frames */ ++#endif + }; + + static int madwifi_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, +@@ -105,7 +109,7 @@ set80211priv(struct madwifi_driver_data + int do_inline = len < IFNAMSIZ; + + memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ); ++ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); + #ifdef IEEE80211_IOCTL_FILTERFRAME + /* FILTERFRAME must be NOT inline, regardless of size. */ + if (op == IEEE80211_IOCTL_FILTERFRAME) +@@ -206,7 +210,7 @@ set80211param(struct madwifi_driver_data + struct iwreq iwr; + + memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ); ++ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); + iwr.u.mode = op; + memcpy(iwr.u.name+sizeof(__u32), &arg, sizeof(arg)); + +@@ -233,6 +237,7 @@ ether_sprintf(const u8 *addr) + } + #endif /* CONFIG_NO_STDOUT_DEBUG */ + ++#ifdef HOSTAPD + /* + * Configure WPA parameters. + */ +@@ -395,7 +400,7 @@ madwifi_sta_set_flags(void *priv, const + return madwifi_set_sta_authorized(priv, addr, 0); + return 0; + } +- ++#endif /* HOSTAPD */ + static int + madwifi_del_key(void *priv, const u8 *addr, int key_idx) + { +@@ -407,28 +412,20 @@ madwifi_del_key(void *priv, const u8 *ad + __func__, ether_sprintf(addr), key_idx); + + memset(&wk, 0, sizeof(wk)); ++ wk.idk_keyix = key_idx; + if (addr != NULL) { + memcpy(wk.idk_macaddr, addr, IEEE80211_ADDR_LEN); +- wk.idk_keyix = (u8) IEEE80211_KEYIX_NONE; +- } else { +- wk.idk_keyix = key_idx; +- } +- +- ret = set80211priv(drv, IEEE80211_IOCTL_DELKEY, &wk, sizeof(wk)); +- if (ret < 0) { +- wpa_printf(MSG_DEBUG, "%s: Failed to delete key (addr %s" +- " key_idx %d)", __func__, ether_sprintf(addr), +- key_idx); + } + +- return ret; ++ set80211priv(drv, IEEE80211_IOCTL_DELKEY, &wk, sizeof(wk)); ++ return 0; + } + + static int +-wpa_driver_madwifi_set_key(const char *ifname, void *priv, enum wpa_alg alg, +- const u8 *addr, int key_idx, int set_tx, +- const u8 *seq, size_t seq_len, +- const u8 *key, size_t key_len) ++madwifi_set_key(const char *ifname, void *priv, enum wpa_alg alg, ++ const u8 *addr, int key_idx, int set_tx, ++ const u8 *seq, size_t seq_len, ++ const u8 *key, size_t key_len) + { + struct madwifi_driver_data *drv = priv; + struct ieee80211req_key wk; +@@ -462,10 +459,14 @@ wpa_driver_madwifi_set_key(const char *i + memset(&wk, 0, sizeof(wk)); + wk.ik_type = cipher; + wk.ik_flags = IEEE80211_KEY_RECV | IEEE80211_KEY_XMIT; ++ + if (addr == NULL) { + memset(wk.ik_macaddr, 0xff, IEEE80211_ADDR_LEN); + wk.ik_keyix = key_idx; + wk.ik_flags |= IEEE80211_KEY_DEFAULT; ++ } else if (!memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN)) { ++ wk.ik_flags |= IEEE80211_KEY_GROUP; ++ memcpy(wk.ik_macaddr, addr, IEEE80211_ADDR_LEN); + } else { + memcpy(wk.ik_macaddr, addr, IEEE80211_ADDR_LEN); + wk.ik_keyix = IEEE80211_KEYIX_NONE; +@@ -485,6 +486,7 @@ wpa_driver_madwifi_set_key(const char *i + } + + ++#ifdef HOSTAPD + static int + madwifi_get_seqnum(const char *ifname, void *priv, const u8 *addr, int idx, + u8 *seq) +@@ -591,7 +593,7 @@ madwifi_read_sta_driver_data(void *priv, + + memset(data, 0, sizeof(*data)); + snprintf(buf, sizeof(buf), "/proc/net/madwifi/%s/" MACSTR, +- drv->iface, MAC2STR(addr)); ++ drv->ifname, MAC2STR(addr)); + + f = fopen(buf, "r"); + if (!f) { +@@ -757,7 +759,7 @@ static int madwifi_receive_probe_req(str + if (ret) + return ret; + +- drv->sock_raw = l2_packet_init(drv->iface, NULL, ETH_P_80211_RAW, ++ drv->sock_raw = l2_packet_init(drv->ifname, NULL, ETH_P_80211_RAW, + madwifi_raw_receive, drv, 1); + if (drv->sock_raw == NULL) + return -1; +@@ -1017,7 +1019,7 @@ madwifi_get_we_version(struct madwifi_dr + return -1; + + memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ); ++ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); + iwr.u.data.pointer = (caddr_t) range; + iwr.u.data.length = buflen; + +@@ -1134,17 +1136,17 @@ madwifi_init(struct hostapd_data *hapd, + perror("socket[PF_INET,SOCK_DGRAM]"); + goto bad; + } +- memcpy(drv->iface, params->ifname, sizeof(drv->iface)); ++ memcpy(drv->ifname, params->ifname, sizeof(drv->ifname)); + + memset(&ifr, 0, sizeof(ifr)); +- os_strlcpy(ifr.ifr_name, drv->iface, sizeof(ifr.ifr_name)); ++ os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); + if (ioctl(drv->ioctl_sock, SIOCGIFINDEX, &ifr) != 0) { + perror("ioctl(SIOCGIFINDEX)"); + goto bad; + } + drv->ifindex = ifr.ifr_ifindex; + +- drv->sock_xmit = l2_packet_init(drv->iface, NULL, ETH_P_EAPOL, ++ drv->sock_xmit = l2_packet_init(drv->ifname, NULL, ETH_P_EAPOL, + handle_read, drv, 1); + if (drv->sock_xmit == NULL) + goto bad; +@@ -1158,7 +1160,7 @@ madwifi_init(struct hostapd_data *hapd, + 1); + if (drv->sock_recv == NULL) + goto bad; +- } else if (linux_br_get(brname, drv->iface) == 0) { ++ } else if (linux_br_get(brname, drv->ifname) == 0) { + wpa_printf(MSG_DEBUG, "Interface in bridge %s; configure for " + "EAPOL receive", brname); + drv->sock_recv = l2_packet_init(brname, NULL, ETH_P_EAPOL, +@@ -1169,7 +1171,7 @@ madwifi_init(struct hostapd_data *hapd, + drv->sock_recv = drv->sock_xmit; + + memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ); ++ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); + + iwr.u.mode = IW_MODE_MASTER; + +@@ -1179,7 +1181,7 @@ madwifi_init(struct hostapd_data *hapd, + goto bad; + } + +- madwifi_set_privacy(drv->iface, drv, 0); /* default to no privacy */ ++ madwifi_set_privacy(drv->ifname, drv, 0); /* default to no privacy */ + + madwifi_receive_probe_req(drv); + +@@ -1204,7 +1206,7 @@ madwifi_deinit(void *priv) + struct madwifi_driver_data *drv = priv; + + netlink_deinit(drv->netlink); +- (void) linux_set_iface_flags(drv->ioctl_sock, drv->iface, 0); ++ (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0); + if (drv->ioctl_sock >= 0) + close(drv->ioctl_sock); + if (drv->sock_recv != NULL && drv->sock_recv != drv->sock_xmit) +@@ -1223,7 +1225,7 @@ madwifi_set_ssid(const char *ifname, voi + struct iwreq iwr; + + memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ); ++ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); + iwr.u.essid.flags = 1; /* SSID active */ + iwr.u.essid.pointer = (caddr_t) buf; + iwr.u.essid.length = len + 1; +@@ -1244,7 +1246,7 @@ madwifi_get_ssid(const char *ifname, voi + int ret = 0; + + memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ); ++ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); + iwr.u.essid.pointer = (caddr_t) buf; + iwr.u.essid.length = len; + +@@ -1271,137 +1273,16 @@ madwifi_commit(void *priv) + return 0; + } + +-#else /* HOSTAPD */ ++#endif /* HOSTAPD */ + +-struct wpa_driver_madwifi_data { +- void *wext; /* private data for driver_wext */ +- void *ctx; +- char ifname[IFNAMSIZ + 1]; +- int sock; +-}; ++#if !defined(NO_SUPPLICANT) + + static int wpa_driver_madwifi_set_auth_alg(void *priv, int auth_alg); + static int wpa_driver_madwifi_set_probe_req_ie(void *priv, const u8 *ies, + size_t ies_len); + +- +-static int +-set80211priv(struct wpa_driver_madwifi_data *drv, int op, void *data, int len, +- int show_err) +-{ +- struct iwreq iwr; +- +- os_memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); +- if (len < IFNAMSIZ && +- op != IEEE80211_IOCTL_SET_APPIEBUF) { +- /* +- * Argument data fits inline; put it there. +- */ +- os_memcpy(iwr.u.name, data, len); +- } else { +- /* +- * Argument data too big for inline transfer; setup a +- * parameter block instead; the kernel will transfer +- * the data for the driver. +- */ +- iwr.u.data.pointer = data; +- iwr.u.data.length = len; +- } +- +- if (ioctl(drv->sock, op, &iwr) < 0) { +- if (show_err) { +-#ifdef MADWIFI_NG +- int first = IEEE80211_IOCTL_SETPARAM; +- int last = IEEE80211_IOCTL_KICKMAC; +- static const char *opnames[] = { +- "ioctl[IEEE80211_IOCTL_SETPARAM]", +- "ioctl[IEEE80211_IOCTL_GETPARAM]", +- "ioctl[IEEE80211_IOCTL_SETMODE]", +- "ioctl[IEEE80211_IOCTL_GETMODE]", +- "ioctl[IEEE80211_IOCTL_SETWMMPARAMS]", +- "ioctl[IEEE80211_IOCTL_GETWMMPARAMS]", +- "ioctl[IEEE80211_IOCTL_SETCHANLIST]", +- "ioctl[IEEE80211_IOCTL_GETCHANLIST]", +- "ioctl[IEEE80211_IOCTL_CHANSWITCH]", +- NULL, +- "ioctl[IEEE80211_IOCTL_SET_APPIEBUF]", +- "ioctl[IEEE80211_IOCTL_GETSCANRESULTS]", +- NULL, +- "ioctl[IEEE80211_IOCTL_GETCHANINFO]", +- "ioctl[IEEE80211_IOCTL_SETOPTIE]", +- "ioctl[IEEE80211_IOCTL_GETOPTIE]", +- "ioctl[IEEE80211_IOCTL_SETMLME]", +- NULL, +- "ioctl[IEEE80211_IOCTL_SETKEY]", +- NULL, +- "ioctl[IEEE80211_IOCTL_DELKEY]", +- NULL, +- "ioctl[IEEE80211_IOCTL_ADDMAC]", +- NULL, +- "ioctl[IEEE80211_IOCTL_DELMAC]", +- NULL, +- "ioctl[IEEE80211_IOCTL_WDSMAC]", +- NULL, +- "ioctl[IEEE80211_IOCTL_WDSDELMAC]", +- NULL, +- "ioctl[IEEE80211_IOCTL_KICKMAC]", +- }; +-#else /* MADWIFI_NG */ +- int first = IEEE80211_IOCTL_SETPARAM; +- int last = IEEE80211_IOCTL_CHANLIST; +- static const char *opnames[] = { +- "ioctl[IEEE80211_IOCTL_SETPARAM]", +- "ioctl[IEEE80211_IOCTL_GETPARAM]", +- "ioctl[IEEE80211_IOCTL_SETKEY]", +- "ioctl[IEEE80211_IOCTL_GETKEY]", +- "ioctl[IEEE80211_IOCTL_DELKEY]", +- NULL, +- "ioctl[IEEE80211_IOCTL_SETMLME]", +- NULL, +- "ioctl[IEEE80211_IOCTL_SETOPTIE]", +- "ioctl[IEEE80211_IOCTL_GETOPTIE]", +- "ioctl[IEEE80211_IOCTL_ADDMAC]", +- NULL, +- "ioctl[IEEE80211_IOCTL_DELMAC]", +- NULL, +- "ioctl[IEEE80211_IOCTL_CHANLIST]", +- }; +-#endif /* MADWIFI_NG */ +- int idx = op - first; +- if (first <= op && op <= last && +- idx < (int) (sizeof(opnames) / sizeof(opnames[0])) +- && opnames[idx]) +- perror(opnames[idx]); +- else +- perror("ioctl[unknown???]"); +- } +- return -1; +- } +- return 0; +-} +- + static int +-set80211param(struct wpa_driver_madwifi_data *drv, int op, int arg, +- int show_err) +-{ +- struct iwreq iwr; +- +- os_memset(&iwr, 0, sizeof(iwr)); +- os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); +- iwr.u.mode = op; +- os_memcpy(iwr.u.name+sizeof(u32), &arg, sizeof(arg)); +- +- if (ioctl(drv->sock, IEEE80211_IOCTL_SETPARAM, &iwr) < 0) { +- if (show_err) +- perror("ioctl[IEEE80211_IOCTL_SETPARAM]"); +- return -1; +- } +- return 0; +-} +- +-static int +-wpa_driver_madwifi_set_wpa_ie(struct wpa_driver_madwifi_data *drv, ++wpa_driver_madwifi_set_wpa_ie(struct madwifi_driver_data *drv, + const u8 *wpa_ie, size_t wpa_ie_len) + { + struct iwreq iwr; +@@ -1412,7 +1293,7 @@ wpa_driver_madwifi_set_wpa_ie(struct wpa + iwr.u.data.pointer = (void *) wpa_ie; + iwr.u.data.length = wpa_ie_len; + +- if (ioctl(drv->sock, IEEE80211_IOCTL_SETOPTIE, &iwr) < 0) { ++ if (ioctl(drv->ioctl_sock, IEEE80211_IOCTL_SETOPTIE, &iwr) < 0) { + perror("ioctl[IEEE80211_IOCTL_SETOPTIE]"); + return -1; + } +@@ -1420,156 +1301,51 @@ wpa_driver_madwifi_set_wpa_ie(struct wpa + } + + static int +-wpa_driver_madwifi_del_key(struct wpa_driver_madwifi_data *drv, int key_idx, +- const u8 *addr) +-{ +- struct ieee80211req_del_key wk; +- +- wpa_printf(MSG_DEBUG, "%s: keyidx=%d", __FUNCTION__, key_idx); +- os_memset(&wk, 0, sizeof(wk)); +- wk.idk_keyix = key_idx; +- if (addr != NULL) +- os_memcpy(wk.idk_macaddr, addr, IEEE80211_ADDR_LEN); +- +- return set80211priv(drv, IEEE80211_IOCTL_DELKEY, &wk, sizeof(wk), 1); +-} +- +-static int +-wpa_driver_madwifi_set_key(const char *ifname, void *priv, enum wpa_alg alg, +- const u8 *addr, int key_idx, int set_tx, +- const u8 *seq, size_t seq_len, +- const u8 *key, size_t key_len) +-{ +- struct wpa_driver_madwifi_data *drv = priv; +- struct ieee80211req_key wk; +- char *alg_name; +- u_int8_t cipher; +- +- if (alg == WPA_ALG_NONE) +- return wpa_driver_madwifi_del_key(drv, key_idx, addr); +- +- switch (alg) { +- case WPA_ALG_WEP: +- if (addr == NULL || os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", +- ETH_ALEN) == 0) { +- /* +- * madwifi did not seem to like static WEP key +- * configuration with IEEE80211_IOCTL_SETKEY, so use +- * Linux wireless extensions ioctl for this. +- */ +- return wpa_driver_wext_set_key(ifname, drv->wext, alg, +- addr, key_idx, set_tx, +- seq, seq_len, +- key, key_len); +- } +- alg_name = "WEP"; +- cipher = IEEE80211_CIPHER_WEP; +- break; +- case WPA_ALG_TKIP: +- alg_name = "TKIP"; +- cipher = IEEE80211_CIPHER_TKIP; +- break; +- case WPA_ALG_CCMP: +- alg_name = "CCMP"; +- cipher = IEEE80211_CIPHER_AES_CCM; +- break; +- default: +- wpa_printf(MSG_DEBUG, "%s: unknown/unsupported algorithm %d", +- __FUNCTION__, alg); +- return -1; +- } +- +- wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%lu " +- "key_len=%lu", __FUNCTION__, alg_name, key_idx, set_tx, +- (unsigned long) seq_len, (unsigned long) key_len); +- +- if (seq_len > sizeof(u_int64_t)) { +- wpa_printf(MSG_DEBUG, "%s: seq_len %lu too big", +- __FUNCTION__, (unsigned long) seq_len); +- return -2; +- } +- if (key_len > sizeof(wk.ik_keydata)) { +- wpa_printf(MSG_DEBUG, "%s: key length %lu too big", +- __FUNCTION__, (unsigned long) key_len); +- return -3; +- } +- +- os_memset(&wk, 0, sizeof(wk)); +- wk.ik_type = cipher; +- wk.ik_flags = IEEE80211_KEY_RECV; +- if (addr == NULL || +- os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) == 0) +- wk.ik_flags |= IEEE80211_KEY_GROUP; +- if (set_tx) { +- wk.ik_flags |= IEEE80211_KEY_XMIT | IEEE80211_KEY_DEFAULT; +- os_memcpy(wk.ik_macaddr, addr, IEEE80211_ADDR_LEN); +- } else +- os_memset(wk.ik_macaddr, 0, IEEE80211_ADDR_LEN); +- wk.ik_keyix = key_idx; +- wk.ik_keylen = key_len; +-#ifdef WORDS_BIGENDIAN +- { +- size_t i; +- u8 tmp[WPA_KEY_RSC_LEN]; +- os_memset(tmp, 0, sizeof(tmp)); +- for (i = 0; i < seq_len; i++) +- tmp[WPA_KEY_RSC_LEN - i - 1] = seq[i]; +- os_memcpy(&wk.ik_keyrsc, tmp, WPA_KEY_RSC_LEN); +- } +-#else /* WORDS_BIGENDIAN */ +- os_memcpy(&wk.ik_keyrsc, seq, seq_len); +-#endif /* WORDS_BIGENDIAN */ +- os_memcpy(wk.ik_keydata, key, key_len); +- +- return set80211priv(drv, IEEE80211_IOCTL_SETKEY, &wk, sizeof(wk), 1); +-} +- +-static int + wpa_driver_madwifi_set_countermeasures(void *priv, int enabled) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); +- return set80211param(drv, IEEE80211_PARAM_COUNTERMEASURES, enabled, 1); ++ return set80211param(drv, IEEE80211_PARAM_COUNTERMEASURES, enabled); + } + + static int + wpa_driver_madwifi_deauthenticate(void *priv, const u8 *addr, int reason_code) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + struct ieee80211req_mlme mlme; + + wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); + mlme.im_op = IEEE80211_MLME_DEAUTH; + mlme.im_reason = reason_code; + os_memcpy(mlme.im_macaddr, addr, IEEE80211_ADDR_LEN); +- return set80211priv(drv, IEEE80211_IOCTL_SETMLME, &mlme, sizeof(mlme), 1); ++ return set80211priv(drv, IEEE80211_IOCTL_SETMLME, &mlme, sizeof(mlme)); + } + + static int + wpa_driver_madwifi_disassociate(void *priv, const u8 *addr, int reason_code) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + struct ieee80211req_mlme mlme; + + wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); + mlme.im_op = IEEE80211_MLME_DISASSOC; + mlme.im_reason = reason_code; + os_memcpy(mlme.im_macaddr, addr, IEEE80211_ADDR_LEN); +- return set80211priv(drv, IEEE80211_IOCTL_SETMLME, &mlme, sizeof(mlme), 1); ++ return set80211priv(drv, IEEE80211_IOCTL_SETMLME, &mlme, sizeof(mlme)); + } + + static int + wpa_driver_madwifi_associate(void *priv, + struct wpa_driver_associate_params *params) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + struct ieee80211req_mlme mlme; + int ret = 0, privacy = 1; + + wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); + + if (set80211param(drv, IEEE80211_PARAM_DROPUNENCRYPTED, +- params->drop_unencrypted, 1) < 0) ++ params->drop_unencrypted) < 0) + ret = -1; + if (wpa_driver_madwifi_set_auth_alg(drv, params->auth_alg) < 0) + ret = -1; +@@ -1592,12 +1368,12 @@ wpa_driver_madwifi_associate(void *priv, + params->wpa_ie_len == 0) + privacy = 0; + +- if (set80211param(drv, IEEE80211_PARAM_PRIVACY, privacy, 1) < 0) ++ if (set80211param(drv, IEEE80211_PARAM_PRIVACY, privacy) < 0) + ret = -1; + + if (params->wpa_ie_len && + set80211param(drv, IEEE80211_PARAM_WPA, +- params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1, 1) < 0) ++ params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) + ret = -1; + + if (params->bssid == NULL) { +@@ -1605,14 +1381,14 @@ wpa_driver_madwifi_associate(void *priv, + * roaming */ + /* FIX: this does not seem to work; would probably need to + * change something in the driver */ +- if (set80211param(drv, IEEE80211_PARAM_ROAMING, 0, 1) < 0) ++ if (set80211param(drv, IEEE80211_PARAM_ROAMING, 0) < 0) + ret = -1; + + if (wpa_driver_wext_set_ssid(drv->wext, params->ssid, + params->ssid_len) < 0) + ret = -1; + } else { +- if (set80211param(drv, IEEE80211_PARAM_ROAMING, 2, 1) < 0) ++ if (set80211param(drv, IEEE80211_PARAM_ROAMING, 2) < 0) + ret = -1; + if (wpa_driver_wext_set_ssid(drv->wext, params->ssid, + params->ssid_len) < 0) +@@ -1621,7 +1397,7 @@ wpa_driver_madwifi_associate(void *priv, + mlme.im_op = IEEE80211_MLME_ASSOC; + os_memcpy(mlme.im_macaddr, params->bssid, IEEE80211_ADDR_LEN); + if (set80211priv(drv, IEEE80211_IOCTL_SETMLME, &mlme, +- sizeof(mlme), 1) < 0) { ++ sizeof(mlme)) < 0) { + wpa_printf(MSG_DEBUG, "%s: SETMLME[ASSOC] failed", + __func__); + ret = -1; +@@ -1634,7 +1410,7 @@ wpa_driver_madwifi_associate(void *priv, + static int + wpa_driver_madwifi_set_auth_alg(void *priv, int auth_alg) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + int authmode; + + if ((auth_alg & WPA_AUTH_ALG_OPEN) && +@@ -1645,13 +1421,13 @@ wpa_driver_madwifi_set_auth_alg(void *pr + else + authmode = IEEE80211_AUTH_OPEN; + +- return set80211param(drv, IEEE80211_PARAM_AUTHMODE, authmode, 1); ++ return set80211param(drv, IEEE80211_PARAM_AUTHMODE, authmode); + } + + static int + wpa_driver_madwifi_scan(void *priv, struct wpa_driver_scan_params *params) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + struct iwreq iwr; + int ret = 0; + const u8 *ssid = params->ssids[0].ssid; +@@ -1669,7 +1445,7 @@ wpa_driver_madwifi_scan(void *priv, stru + if (wpa_driver_wext_set_ssid(drv->wext, ssid, ssid_len) < 0) + ret = -1; + +- if (ioctl(drv->sock, SIOCSIWSCAN, &iwr) < 0) { ++ if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) { + perror("ioctl[SIOCSIWSCAN]"); + ret = -1; + } +@@ -1691,14 +1467,14 @@ wpa_driver_madwifi_scan(void *priv, stru + + static int wpa_driver_madwifi_get_bssid(void *priv, u8 *bssid) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + return wpa_driver_wext_get_bssid(drv->wext, bssid); + } + + + static int wpa_driver_madwifi_get_ssid(void *priv, u8 *ssid) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + return wpa_driver_wext_get_ssid(drv->wext, ssid); + } + +@@ -1706,14 +1482,14 @@ static int wpa_driver_madwifi_get_ssid(v + static struct wpa_scan_results * + wpa_driver_madwifi_get_scan_results(void *priv) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + return wpa_driver_wext_get_scan_results(drv->wext); + } + + + static int wpa_driver_madwifi_set_operstate(void *priv, int state) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + return wpa_driver_wext_set_operstate(drv->wext, state); + } + +@@ -1734,7 +1510,7 @@ static int wpa_driver_madwifi_set_probe_ + + ret = set80211priv(priv, IEEE80211_IOCTL_SET_APPIEBUF, probe_req_ie, + sizeof(struct ieee80211req_getset_appiebuf) + +- ies_len, 1); ++ ies_len); + + os_free(probe_req_ie); + +@@ -1744,7 +1520,7 @@ static int wpa_driver_madwifi_set_probe_ + + static void * wpa_driver_madwifi_init(void *ctx, const char *ifname) + { +- struct wpa_driver_madwifi_data *drv; ++ struct madwifi_driver_data *drv; + + drv = os_zalloc(sizeof(*drv)); + if (drv == NULL) +@@ -1755,17 +1531,17 @@ static void * wpa_driver_madwifi_init(vo + + drv->ctx = ctx; + os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); +- drv->sock = socket(PF_INET, SOCK_DGRAM, 0); +- if (drv->sock < 0) ++ drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0); ++ if (drv->ioctl_sock < 0) + goto fail2; + +- if (set80211param(drv, IEEE80211_PARAM_ROAMING, 2, 1) < 0) { ++ if (set80211param(drv, IEEE80211_PARAM_ROAMING, 2) < 0) { + wpa_printf(MSG_DEBUG, "%s: failed to set wpa_supplicant-based " + "roaming", __FUNCTION__); + goto fail3; + } + +- if (set80211param(drv, IEEE80211_PARAM_WPA, 3, 1) < 0) { ++ if (set80211param(drv, IEEE80211_PARAM_WPA, 3) < 0) { + wpa_printf(MSG_DEBUG, "%s: failed to enable WPA support", + __FUNCTION__); + goto fail3; +@@ -1774,7 +1550,7 @@ static void * wpa_driver_madwifi_init(vo + return drv; + + fail3: +- close(drv->sock); ++ close(drv->ioctl_sock); + fail2: + wpa_driver_wext_deinit(drv->wext); + fail: +@@ -1785,38 +1561,37 @@ fail: + + static void wpa_driver_madwifi_deinit(void *priv) + { +- struct wpa_driver_madwifi_data *drv = priv; ++ struct madwifi_driver_data *drv = priv; + + if (wpa_driver_madwifi_set_wpa_ie(drv, NULL, 0) < 0) { + wpa_printf(MSG_DEBUG, "%s: failed to clear WPA IE", + __FUNCTION__); + } +- if (set80211param(drv, IEEE80211_PARAM_ROAMING, 0, 1) < 0) { ++ if (set80211param(drv, IEEE80211_PARAM_ROAMING, 0) < 0) { + wpa_printf(MSG_DEBUG, "%s: failed to enable driver-based " + "roaming", __FUNCTION__); + } +- if (set80211param(drv, IEEE80211_PARAM_PRIVACY, 0, 1) < 0) { ++ if (set80211param(drv, IEEE80211_PARAM_PRIVACY, 0) < 0) { + wpa_printf(MSG_DEBUG, "%s: failed to disable forced Privacy " + "flag", __FUNCTION__); + } +- if (set80211param(drv, IEEE80211_PARAM_WPA, 0, 1) < 0) { ++ if (set80211param(drv, IEEE80211_PARAM_WPA, 0) < 0) { + wpa_printf(MSG_DEBUG, "%s: failed to disable WPA", + __FUNCTION__); + } + + wpa_driver_wext_deinit(drv->wext); + +- close(drv->sock); ++ close(drv->ioctl_sock); + os_free(drv); + } + +-#endif /* HOSTAPD */ +- ++#endif + + const struct wpa_driver_ops wpa_driver_madwifi_ops = { + .name = "madwifi", + .desc = "MADWIFI 802.11 support (Atheros, etc.)", +- .set_key = wpa_driver_madwifi_set_key, ++ .set_key = madwifi_set_key, + #ifdef HOSTAPD + .hapd_init = madwifi_init, + .hapd_deinit = madwifi_deinit, +@@ -1836,7 +1611,8 @@ const struct wpa_driver_ops wpa_driver_m + .sta_clear_stats = madwifi_sta_clear_stats, + .commit = madwifi_commit, + .set_ap_wps_ie = madwifi_set_ap_wps_ie, +-#else /* HOSTAPD */ ++#endif /* HOSTAPD */ ++#if !defined(NO_SUPPLICANT) + .get_bssid = wpa_driver_madwifi_get_bssid, + .get_ssid = wpa_driver_madwifi_get_ssid, + .init = wpa_driver_madwifi_init, +@@ -1848,5 +1624,5 @@ const struct wpa_driver_ops wpa_driver_m + .disassociate = wpa_driver_madwifi_disassociate, + .associate = wpa_driver_madwifi_associate, + .set_operstate = wpa_driver_madwifi_set_operstate, +-#endif /* HOSTAPD */ ++#endif + }; -- cgit v1.2.3