HEADSUP: wpa support in the tree

Sam Leffler sam at errno.com
Tue Jun 7 04:36:32 GMT 2005

I brought wpa_supplicant and hostapd from the ports area into CVS and 
Brooks and I are working to complete the integration with the rc 
scripts.  When the dust settles you'll be able to configure 
wpa_supplicant use similarly to dhcp (modulo the need for a 
wpa_supplicant.conf file).

I'm still working on the manual pages and resolving some issues with 
hostapd but things should work as well or better than the equivalent ports.

The main open issue is what to support in the base configuration.  For 
now wpa_supplicant only supports WPA-PSK.  To enable 802.1x support you 
must set a new make.conf variable ENABLE_WPA_SUPPLICANT_EAPOL and have 
openssl support not disabled.  When this is done you get EAP-PEAP, 
EAP-LEAP, and EAP-TLS support.  I'd like to include EAP-FAST support but 
that requires mods to openssl that we do not have.

I'm looking for feedback on the above.  Do many folks need/use more than 
WPA-PSK?  Are the above set of EAP methods sufficient?  All the EAP 
methods supported by wpa_supplicant are available; they just won't be 
enabled by default (i.e. you'll need to tweak the configuration and/or 

Remember that WPA support requires a WPA-capable driver.  I know ath has 
full support and ndis has some WPA-PSK support.  I'm not sure how well 
the other drivers work (except that wi does not currently have any support).


More information about the freebsd-current mailing list