Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/bsd/wpa/dist Import wpa_supplicant and hostapd
details: https://anonhg.NetBSD.org/src/rev/4267efa1dc5b
branches: trunk
changeset: 769456:4267efa1dc5b
user: christos <christos%NetBSD.org@localhost>
date: Sat Sep 10 20:53:49 2011 +0000
description:
Import wpa_supplicant and hostapd
diffstat:
external/bsd/wpa/dist/hostapd/ChangeLog | 16 +
external/bsd/wpa/dist/hostapd/Makefile | 4 +-
external/bsd/wpa/dist/hostapd/README-WPS | 27 +
external/bsd/wpa/dist/hostapd/ctrl_iface.c | 58 +++-
external/bsd/wpa/dist/hostapd/hostapd.conf | 8 +-
external/bsd/wpa/dist/src/ap/ap_config.c | 7 +-
external/bsd/wpa/dist/src/ap/beacon.c | 17 +-
external/bsd/wpa/dist/src/ap/hostapd.c | 11 +-
external/bsd/wpa/dist/src/ap/hostapd.h | 1 +
external/bsd/wpa/dist/src/ap/ieee802_11.c | 58 +-
external/bsd/wpa/dist/src/ap/ieee802_11.h | 2 -
external/bsd/wpa/dist/src/ap/ieee802_11_ht.c | 14 +-
external/bsd/wpa/dist/src/ap/ieee802_1x.c | 47 ++-
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c | 5 +-
external/bsd/wpa/dist/src/ap/wpa_auth_glue.c | 61 +++
external/bsd/wpa/dist/src/ap/wps_hostapd.c | 156 +++++++-
external/bsd/wpa/dist/src/ap/wps_hostapd.h | 12 +-
external/bsd/wpa/dist/src/common/version.h | 2 +-
external/bsd/wpa/dist/src/common/wpa_ctrl.h | 3 +
external/bsd/wpa/dist/src/crypto/crypto_openssl.c | 2 +-
external/bsd/wpa/dist/src/drivers/driver_atheros.c | 12 +-
external/bsd/wpa/dist/src/drivers/driver_nl80211.c | 28 +-
external/bsd/wpa/dist/src/eap_peer/eap_wsc.c | 13 +-
external/bsd/wpa/dist/src/eap_server/eap_server_fast.c | 5 +
external/bsd/wpa/dist/src/eap_server/eap_server_wsc.c | 18 +-
external/bsd/wpa/dist/src/l2_packet/l2_packet_ndis.c | 16 +-
external/bsd/wpa/dist/src/rsn_supp/preauth.c | 5 +-
external/bsd/wpa/dist/src/rsn_supp/wpa.c | 10 +-
external/bsd/wpa/dist/src/tls/x509v3.c | 184 +++++----
external/bsd/wpa/dist/src/tls/x509v3.h | 24 +-
external/bsd/wpa/dist/src/utils/eloop.c | 2 +
external/bsd/wpa/dist/src/utils/os_unix.c | 4 +-
external/bsd/wpa/dist/src/wps/wps.c | 33 +
external/bsd/wpa/dist/src/wps/wps.h | 1 +
external/bsd/wpa/dist/src/wps/wps_attr_build.c | 10 +
external/bsd/wpa/dist/src/wps/wps_attr_parse.c | 23 +-
external/bsd/wpa/dist/src/wps/wps_attr_process.c | 7 +
external/bsd/wpa/dist/src/wps/wps_defs.h | 2 +-
external/bsd/wpa/dist/src/wps/wps_enrollee.c | 15 +-
external/bsd/wpa/dist/src/wps/wps_er.c | 14 +
external/bsd/wpa/dist/src/wps/wps_er.h | 1 +
external/bsd/wpa/dist/src/wps/wps_i.h | 1 +
external/bsd/wpa/dist/src/wps/wps_registrar.c | 31 +-
external/bsd/wpa/dist/src/wps/wps_upnp.c | 17 +
external/bsd/wpa/dist/src/wps/wps_upnp.h | 1 +
external/bsd/wpa/dist/src/wps/wps_upnp_web.c | 3 +
external/bsd/wpa/dist/wpa_supplicant/ChangeLog | 19 +
external/bsd/wpa/dist/wpa_supplicant/Makefile | 10 +-
external/bsd/wpa/dist/wpa_supplicant/bgscan_simple.c | 39 +-
external/bsd/wpa/dist/wpa_supplicant/config_winreg.c | 2 +-
external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.c | 3 +
external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.c | 20 +-
external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.c | 3 +
external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.c | 5 +-
external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.8 | 2 +-
external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.8 | 2 +-
external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.8 | 2 +-
external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.8 | 2 +-
external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.8 | 2 +-
external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.8 | 2 +-
external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5 | 2 +-
external/bsd/wpa/dist/wpa_supplicant/events.c | 46 +-
external/bsd/wpa/dist/wpa_supplicant/scan.c | 17 +-
external/bsd/wpa/dist/wpa_supplicant/sme.c | 33 +-
external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.cpp | 70 +--
external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.c | 18 +-
external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.nsi | 8 +-
external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_i.h | 4 -
external/bsd/wpa/dist/wpa_supplicant/wpas_glue.c | 8 +
69 files changed, 954 insertions(+), 356 deletions(-)
diffs (truncated from 2703 to 300 lines):
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/hostapd/ChangeLog
--- a/external/bsd/wpa/dist/hostapd/ChangeLog Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/hostapd/ChangeLog Sat Sep 10 20:53:49 2011 +0000
@@ -1,5 +1,21 @@
ChangeLog for hostapd
+2010-09-07 - v0.7.3
+ * fixed re-association after WPS not initializing WPA state machine in
+ some cases
+ * fixed WPS IE update on reconfiguration
+ * fixed WPS code not to proxy Probe Request frames for foreign SSIDs
+ * added WPS workaround for open networks and some known interop issues
+ * fixed WPS Diffie-Hellman derivation to use correct public key length
+ * fixed FT RRB messages on big endian CPUs
+ * changed WPS protection for brute force AP PIN attacks to disable AP
+ PIN only temporarily (but with increasing time) to avoid usability
+ issues on Label-only devices
+ * added wps_ap_pin command for more secure handling of AP PIN
+ operations (e.g., to generate a random AP PIN and only use it for
+ short amount of time)
+ * fixed HT STBC negotiation
+
2010-04-18 - v0.7.2
* fix WPS internal Registrar use when an external Registrar is also
active
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/hostapd/Makefile
--- a/external/bsd/wpa/dist/hostapd/Makefile Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/hostapd/Makefile Sat Sep 10 20:53:49 2011 +0000
@@ -694,11 +694,11 @@
OBJS += ../src/ap/ap_list.o
OBJS += ../src/ap/ieee802_11.o
OBJS += ../src/ap/hw_features.o
+CFLAGS += -DNEED_AP_MLME
+endif
ifdef CONFIG_IEEE80211N
OBJS += ../src/ap/ieee802_11_ht.o
endif
-CFLAGS += -DNEED_AP_MLME
-endif
ifdef CONFIG_NO_STDOUT_DEBUG
CFLAGS += -DCONFIG_NO_STDOUT_DEBUG
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/hostapd/README-WPS
--- a/external/bsd/wpa/dist/hostapd/README-WPS Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/hostapd/README-WPS Sat Sep 10 20:53:49 2011 +0000
@@ -195,6 +195,33 @@
described above.
+When an external Registrar is used, the AP can act as an Enrollee and
+use its AP PIN. A static AP PIN (e.g., one one a label in the AP
+device) can be configured in hostapd.conf (ap_pin parameter). A more
+secure option is to use hostapd_cli wps_ap_pin command to enable the
+AP PIN only based on user action (and even better security by using a
+random AP PIN for each session, i.e., by using "wps_ap_pin random"
+command with a timeout value). Following commands are available for
+managing the dynamic AP PIN operations:
+
+hostapd_cli wps_ap_pin disable
+- disable AP PIN (i.e., do not allow external Registrars to use it to
+ learn the current AP settings or to reconfigure the AP)
+
+hostapd_cli wps_ap_pin random [timeout]
+- generate a random AP PIN and enable it
+- if the optional timeout parameter is given, the AP PIN will be enabled
+ for the specified number of seconds
+
+hostapd_cli wps_ap_pin get
+- fetch the current AP PIN
+
+hostapd_cli wps_ap_pin set <PIN> [timeout]
+- set the AP PIN and enable it
+- if the optional timeout parameter is given, the AP PIN will be enabled
+ for the specified number of seconds
+
+
Credential generation and configuration changes
-----------------------------------------------
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/hostapd/ctrl_iface.c
--- a/external/bsd/wpa/dist/hostapd/ctrl_iface.c Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/hostapd/ctrl_iface.c Sat Sep 10 20:53:49 2011 +0000
@@ -227,7 +227,7 @@
os_memcpy(mgmt.da, addr, ETH_ALEN);
os_memcpy(mgmt.sa, hapd->own_addr, ETH_ALEN);
os_memcpy(mgmt.bssid, hapd->own_addr, ETH_ALEN);
- mgmt.u.deauth.reason_code =
+ mgmt.u.disassoc.reason_code =
host_to_le16(WLAN_REASON_PREV_AUTH_NOT_VALID);
if (hapd->driver->send_frame(hapd->drv_priv, (u8 *) &mgmt,
IEEE80211_HDRLEN +
@@ -313,6 +313,59 @@
return hostapd_wps_start_oob(hapd, txt, path, method, name);
}
#endif /* CONFIG_WPS_OOB */
+
+
+static int hostapd_ctrl_iface_wps_ap_pin(struct hostapd_data *hapd, char *txt,
+ char *buf, size_t buflen)
+{
+ int timeout = 300;
+ char *pos;
+ const char *pin_txt;
+
+ pos = os_strchr(txt, ' ');
+ if (pos)
+ *pos++ = '\0';
+
+ if (os_strcmp(txt, "disable") == 0) {
+ hostapd_wps_ap_pin_disable(hapd);
+ return os_snprintf(buf, buflen, "OK\n");
+ }
+
+ if (os_strcmp(txt, "random") == 0) {
+ if (pos)
+ timeout = atoi(pos);
+ pin_txt = hostapd_wps_ap_pin_random(hapd, timeout);
+ if (pin_txt == NULL)
+ return -1;
+ return os_snprintf(buf, buflen, "%s", pin_txt);
+ }
+
+ if (os_strcmp(txt, "get") == 0) {
+ pin_txt = hostapd_wps_ap_pin_get(hapd);
+ if (pin_txt == NULL)
+ return -1;
+ return os_snprintf(buf, buflen, "%s", pin_txt);
+ }
+
+ if (os_strcmp(txt, "set") == 0) {
+ char *pin;
+ if (pos == NULL)
+ return -1;
+ pin = pos;
+ pos = os_strchr(pos, ' ');
+ if (pos) {
+ *pos++ = '\0';
+ timeout = atoi(pos);
+ }
+ if (os_strlen(pin) > buflen)
+ return -1;
+ if (hostapd_wps_ap_pin_set(hapd, pin, timeout) < 0)
+ return -1;
+ return os_snprintf(buf, buflen, "%s", pin);
+ }
+
+ return -1;
+}
#endif /* CONFIG_WPS */
@@ -426,6 +479,9 @@
if (hostapd_ctrl_iface_wps_oob(hapd, buf + 8))
reply_len = -1;
#endif /* CONFIG_WPS_OOB */
+ } else if (os_strncmp(buf, "WPS_AP_PIN ", 11) == 0) {
+ reply_len = hostapd_ctrl_iface_wps_ap_pin(hapd, buf + 11,
+ reply, reply_size);
#endif /* CONFIG_WPS */
} else {
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/hostapd/hostapd.conf
--- a/external/bsd/wpa/dist/hostapd/hostapd.conf Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/hostapd/hostapd.conf Sat Sep 10 20:53:49 2011 +0000
@@ -913,9 +913,13 @@
# nfc_interface push_button keypad
#config_methods=label display push_button keypad
-# Access point PIN for initial configuration and adding Registrars
+# Static access point PIN for initial configuration and adding Registrars
# If not set, hostapd will not allow external WPS Registrars to control the
-# access point.
+# access point. The AP PIN can also be set at runtime with hostapd_cli
+# wps_ap_pin command. Use of temporary (enabled by user action) and random
+# AP PIN is much more secure than configuring a static AP PIN here. As such,
+# use of the ap_pin parameter is not recommended if the AP device has means for
+# displaying a random PIN.
#ap_pin=12345670
# Skip building of automatic WPS credential
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/src/ap/ap_config.c
--- a/external/bsd/wpa/dist/src/ap/ap_config.c Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/src/ap/ap_config.c Sat Sep 10 20:53:49 2011 +0000
@@ -354,6 +354,7 @@
os_free(conf->ssid.wpa_passphrase);
os_free(conf->ssid.wpa_psk_file);
+ hostapd_config_free_wep(&conf->ssid.wep);
#ifdef CONFIG_FULL_DYNAMIC_VLAN
os_free(conf->ssid.vlan_tagged_interface);
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
@@ -566,15 +567,15 @@
return &wsc_enrollee;
}
- if (conf->wps_state && conf->ap_pin &&
- identity_len == WSC_ID_REGISTRAR_LEN &&
+ if (conf->wps_state && identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0) {
static struct hostapd_eap_user wsc_registrar;
os_memset(&wsc_registrar, 0, sizeof(wsc_registrar));
wsc_registrar.methods[0].method = eap_server_get_type(
"WSC", &wsc_registrar.methods[0].vendor);
wsc_registrar.password = (u8 *) conf->ap_pin;
- wsc_registrar.password_len = os_strlen(conf->ap_pin);
+ wsc_registrar.password_len = conf->ap_pin ?
+ os_strlen(conf->ap_pin) : 0;
return &wsc_registrar;
}
#endif /* CONFIG_WPS */
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/src/ap/beacon.c
--- a/external/bsd/wpa/dist/src/ap/beacon.c Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/src/ap/beacon.c Sat Sep 10 20:53:49 2011 +0000
@@ -57,7 +57,8 @@
}
break;
}
- if (hapd->iface->num_sta_no_short_preamble > 0)
+ if (hapd->iface->num_sta_no_short_preamble > 0 ||
+ hapd->iconf->preamble == LONG_PREAMBLE)
erp |= ERP_INFO_BARKER_PREAMBLE_MODE;
return erp;
@@ -308,16 +309,17 @@
/* Extended supported rates */
pos = hostapd_eid_ext_supp_rates(hapd, pos);
+ /* RSN, MDIE, WPA */
pos = hostapd_eid_wpa(hapd, pos, epos - pos, sta);
- /* Wi-Fi Alliance WMM */
- pos = hostapd_eid_wmm(hapd, pos);
-
#ifdef CONFIG_IEEE80211N
pos = hostapd_eid_ht_capabilities(hapd, pos);
pos = hostapd_eid_ht_operation(hapd, pos);
#endif /* CONFIG_IEEE80211N */
+ /* Wi-Fi Alliance WMM */
+ pos = hostapd_eid_wmm(hapd, pos);
+
#ifdef CONFIG_WPS
if (hapd->conf->wps_state && hapd->wps_probe_resp_ie) {
os_memcpy(pos, wpabuf_head(hapd->wps_probe_resp_ie),
@@ -408,17 +410,18 @@
/* Extended supported rates */
tailpos = hostapd_eid_ext_supp_rates(hapd, tailpos);
+ /* RSN, MDIE, WPA */
tailpos = hostapd_eid_wpa(hapd, tailpos, tail + BEACON_TAIL_BUF_SIZE -
tailpos, NULL);
- /* Wi-Fi Alliance WMM */
- tailpos = hostapd_eid_wmm(hapd, tailpos);
-
#ifdef CONFIG_IEEE80211N
tailpos = hostapd_eid_ht_capabilities(hapd, tailpos);
tailpos = hostapd_eid_ht_operation(hapd, tailpos);
#endif /* CONFIG_IEEE80211N */
+ /* Wi-Fi Alliance WMM */
+ tailpos = hostapd_eid_wmm(hapd, tailpos);
+
#ifdef CONFIG_WPS
if (hapd->conf->wps_state && hapd->wps_beacon_ie) {
os_memcpy(tailpos, wpabuf_head(hapd->wps_beacon_ie),
diff -r ddd58b6190e9 -r 4267efa1dc5b external/bsd/wpa/dist/src/ap/hostapd.c
--- a/external/bsd/wpa/dist/src/ap/hostapd.c Sat Sep 10 20:47:33 2011 +0000
+++ b/external/bsd/wpa/dist/src/ap/hostapd.c Sat Sep 10 20:53:49 2011 +0000
@@ -78,6 +78,11 @@
"after reloading configuration");
}
+ if (hapd->conf->ieee802_1x || hapd->conf->wpa)
+ hapd->drv.set_drv_ieee8021x(hapd, hapd->conf->iface, 1);
+ else
+ hapd->drv.set_drv_ieee8021x(hapd, hapd->conf->iface, 0);
+
if (hapd->conf->wpa && hapd->wpa_auth == NULL)
hostapd_setup_wpa(hapd);
else if (hapd->conf->wpa) {
@@ -97,6 +102,7 @@
}
ieee802_11_set_beacon(hapd);
+ hostapd_update_wps(hapd);
if (hapd->conf->ssid.ssid_set &&
hostapd_set_ssid(hapd, (u8 *) hapd->conf->ssid.ssid,
@@ -105,11 +111,6 @@
/* try to continue */
}
- if (hapd->conf->ieee802_1x || hapd->conf->wpa)
- hapd->drv.set_drv_ieee8021x(hapd, hapd->conf->iface, 1);
- else
- hapd->drv.set_drv_ieee8021x(hapd, hapd->conf->iface, 0);
-
hostapd_config_free(oldconf);
Home |
Main Index |
Thread Index |
Old Index