PERFORCE change 117751 for review
Sam Leffler
sam at FreeBSD.org
Mon Apr 9 16:44:27 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=117751
Change 117751 by sam at sam_ebb on 2007/04/09 16:43:52
version 0.5.7
Affected files ...
.. //depot/projects/wifi/contrib/hostapd/COPYING#2 edit
.. //depot/projects/wifi/contrib/hostapd/ChangeLog#4 edit
.. //depot/projects/wifi/contrib/hostapd/FREEBSD-Xlist#3 edit
.. //depot/projects/wifi/contrib/hostapd/FREEBSD-upgrade#3 edit
.. //depot/projects/wifi/contrib/hostapd/Makefile#4 edit
.. //depot/projects/wifi/contrib/hostapd/README#3 edit
.. //depot/projects/wifi/contrib/hostapd/accounting.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/accounting.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/aes.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/aes_wrap.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/aes_wrap.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/ap.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/common.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/common.h#4 edit
.. //depot/projects/wifi/contrib/hostapd/config.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/config.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/config_types.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/crypto.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/crypto.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/ctrl_iface.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/ctrl_iface.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/defconfig#3 edit
.. //depot/projects/wifi/contrib/hostapd/defs.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/developer.txt#2 edit
.. //depot/projects/wifi/contrib/hostapd/driver.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/driver_test.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/driver_wired.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_defs.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_gtc.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_i.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_identity.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_md5.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_mschapv2.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_pax.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_pax_common.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_pax_common.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_peap.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_psk.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_psk_common.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_psk_common.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_sim.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_sim_common.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_sim_common.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_sim_db.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_sim_db.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_tls.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_tls_common.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_tls_common.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_tlv.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/eap_ttls.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eap_ttls.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/eapol_sm.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/eapol_sm.h#4 edit
.. //depot/projects/wifi/contrib/hostapd/eloop.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/eloop.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/hostap_common.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.8#2 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.accept#2 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.conf#3 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.deny#2 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.eap_user#3 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.radius_clients#2 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.sim_db#2 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd.wpa_psk#2 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd_cli.1#2 edit
.. //depot/projects/wifi/contrib/hostapd/hostapd_cli.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/iapp.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/iapp.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/ieee802_11.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/ieee802_11.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/ieee802_11_auth.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/ieee802_11_auth.h#2 edit
.. //depot/projects/wifi/contrib/hostapd/ieee802_1x.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/ieee802_1x.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/l2_packet.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/logwatch/README#2 edit
.. //depot/projects/wifi/contrib/hostapd/logwatch/hostapd#2 edit
.. //depot/projects/wifi/contrib/hostapd/logwatch/hostapd.conf#2 edit
.. //depot/projects/wifi/contrib/hostapd/md5.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/md5.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/ms_funcs.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/ms_funcs.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/radius.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/radius.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/radius_client.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/radius_client.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/radius_server.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/radius_server.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/rc4.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/rc4.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/sha1.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/sha1.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/sta_info.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/sta_info.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/tls.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/tls_none.c#3 edit
.. //depot/projects/wifi/contrib/hostapd/tls_openssl.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/version.h#4 edit
.. //depot/projects/wifi/contrib/hostapd/wired.conf#3 edit
.. //depot/projects/wifi/contrib/hostapd/wpa.c#4 edit
.. //depot/projects/wifi/contrib/hostapd/wpa.h#3 edit
.. //depot/projects/wifi/contrib/hostapd/wpa_ctrl.c#2 edit
.. //depot/projects/wifi/contrib/hostapd/wpa_ctrl.h#2 edit
Differences ...
==== //depot/projects/wifi/contrib/hostapd/COPYING#2 (text+ko) ====
@@ -2,7 +2,7 @@
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
@@ -305,7 +305,7 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Also add information on how to contact you by electronic and paper mail.
==== //depot/projects/wifi/contrib/hostapd/ChangeLog#4 (text+ko) ====
@@ -1,9 +1,124 @@
ChangeLog for hostapd
-2006-02-08 - v0.4.8
+2006-12-31 - v0.5.7
+ * updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
+ * updated EAP-PSK to use the IANA-allocated EAP type 47
+ * fixed EAP-PSK bit ordering of the Flags field
+ * fixed configuration reloading (SIGHUP) to re-initialize WPA PSKs
+ by reading wpa_psk_file [Bug 181]
+ * fixed EAP-TTLS AVP parser processing for too short AVP lengths
+ * fixed IPv6 connection to RADIUS accounting server
+
+2006-11-24 - v0.5.6
+ * added support for configuring and controlling multiple BSSes per
+ radio interface (bss=<ifname> in hostapd.conf); this is only
+ available with Devicescape and test driver interfaces
+ * fixed PMKSA cache update in the end of successful RSN
+ pre-authentication
+ * added support for dynamic VLAN configuration (i.e., selecting VLAN-ID
+ for each STA based on RADIUS Access-Accept attributes); this requires
+ VLAN support from the kernel driver/802.11 stack and this is
+ currently only available with Devicescape and test driver interfaces
+ * driver_madwifi: fixed configuration of unencrypted modes (plaintext
+ and IEEE 802.1X without WEP)
+ * removed STAKey handshake since PeerKey handshake has replaced it in
+ IEEE 802.11ma and there are no known deployments of STAKey
+ * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
+ draft (draft-ietf-emu-eap-gpsk-01.txt)
+ * added preliminary implementation of IEEE 802.11w/D1.0 (management
+ frame protection)
+ (Note: this requires driver support to work properly.)
+ (Note2: IEEE 802.11w is an unapproved draft and subject to change.)
+ * hlr_auc_gw: added support for GSM-Milenage (for EAP-SIM)
+ * hlr_auc_gw: added support for reading per-IMSI Milenage keys and
+ parameters from a text file to make it possible to implement proper
+ GSM/UMTS authentication server for multiple SIM/USIM cards using
+ EAP-SIM/EAP-AKA
+ * fixed session timeout processing with drivers that do not use
+ ieee802_11.c (e.g., madwifi)
+
+2006-08-27 - v0.5.5
+ * added 'hostapd_cli new_sta <addr>' command for adding a new STA into
+ hostapd (e.g., to initialize wired network authentication based on an
+ external signal)
+ * fixed hostapd to add PMKID KDE into 4-Way Handshake Message 1 when
+ using WPA2 even if PMKSA caching is not used
+ * added -P<pid file> argument for hostapd to write the current process
+ id into a file
+ * added support for RADIUS Authentication Server MIB (RFC 2619)
+
+2006-06-20 - v0.5.4
+ * fixed nt_password_hash build [Bug 144]
+ * added PeerKey handshake implementation for IEEE 802.11e
+ direct link setup (DLS) to replace STAKey handshake
+ * added support for EAP Generalized Pre-Shared Key (EAP-GPSK,
+ draft-clancy-emu-eap-shared-secret-00.txt)
+ * fixed a segmentation fault when RSN pre-authentication was completed
+ successfully [Bug 152]
+
+2006-04-27 - v0.5.3
+ * do not build nt_password_hash and hlr_auc_gw by default to avoid
+ requiring a TLS library for a successful build; these programs can be
+ build with 'make nt_password_hash' and 'make hlr_auc_gw'
+ * added a new configuration option, eapol_version, that can be used to
+ set EAPOL version to 1 (default is 2) to work around broken client
+ implementations that drop EAPOL frames which use version number 2
+ [Bug 89]
+ * added support for EAP-SAKE (no EAP method number allocated yet, so
+ this is using the same experimental type 255 as EAP-PSK)
+ * fixed EAP-MSCHAPv2 message length validation
+
+2006-03-19 - v0.5.2
* fixed stdarg use in hostapd_logger(): if both stdout and syslog
logging was enabled, hostapd could trigger a segmentation fault in
vsyslog on some CPU -- C library combinations
+ * moved HLR/AuC gateway implementation for EAP-SIM/AKA into an external
+ program to make it easier to use for implementing real SS7 gateway;
+ eap_sim_db is not anymore used as a file name for GSM authentication
+ triplets; instead, it is path to UNIX domain socket that will be used
+ to communicate with the external gateway program (e.g., hlr_auc_gw)
+ * added example HLR/AuC gateway implementation, hlr_auc_gw, that uses
+ local information (GSM authentication triplets from a text file and
+ hardcoded AKA authentication data); this can be used to test EAP-SIM
+ and EAP-AKA
+ * added Milenage algorithm (example 3GPP AKA algorithm) to hlr_auc_gw
+ to make it possible to test EAP-AKA with real USIM cards (this is
+ disabled by default; define AKA_USE_MILENAGE when building hlr_auc_gw
+ to enable this)
+ * driver_madwifi: added support for getting station RSN IE from
+ madwifi-ng svn r1453 and newer; this fixes RSN that was apparently
+ broken with earlier change (r1357) in the driver
+ * changed EAP method registration to use a dynamic list of methods
+ instead of a static list generated at build time
+ * fixed WPA message 3/4 not to encrypt Key Data field (WPA IE)
+ [Bug 125]
+ * added ap_max_inactivity configuration parameter
+
+2006-01-29 - v0.5.1
+ * driver_test: added better support for multiple APs and STAs by using
+ a directory with sockets that include MAC address for each device in
+ the name (test_socket=DIR:/tmp/test)
+ * added support for EAP expanded type (vendor specific EAP methods)
+
+2005-12-18 - v0.5.0 (beginning of 0.5.x development releases)
+ * added experimental STAKey handshake implementation for IEEE 802.11e
+ direct link setup (DLS); note: this is disabled by default in both
+ build and runtime configuration (can be enabled with CONFIG_STAKEY=y
+ and stakey=1)
+ * added support for EAP methods to use callbacks to external programs
+ by buffering a pending request and processing it after the EAP method
+ is ready to continue
+ * improved EAP-SIM database interface to allow external request to GSM
+ HLR/AuC without blocking hostapd process
+ * added support for using EAP-SIM pseudonyms and fast re-authentication
+ * added support for EAP-AKA in the integrated EAP authenticator
+ * added support for matching EAP identity prefixes (e.g., "1"*) in EAP
+ user database to allow EAP-SIM/AKA selection without extra roundtrip
+ for EAP-Nak negotiation
+ * added support for storing EAP user password as NtPasswordHash instead
+ of plaintext password when using MSCHAP or MSCHAPv2 for
+ authentication (hash:<16-octet hex value>); added nt_password_hash
+ tool for hashing password to generate NtPasswordHash
2005-11-20 - v0.4.7 (beginning of 0.4.x stable releases)
* driver_wired: fixed EAPOL sending to optionally use PAE group address
==== //depot/projects/wifi/contrib/hostapd/FREEBSD-Xlist#3 (text+ko) ====
@@ -4,9 +4,14 @@
driver_bsd.c
driver_madwifi.c
driver_prism54.c
+driver_devicescape.c
l2_packet_freebsd.c
l2_packet_linux.c
l2_packet_pcap.c
+madwifi.conf
+os_internal.c
+os_none.c
+os_win32.c
prism54.h
priv_netlink.h
wireless_copy.h
==== //depot/projects/wifi/contrib/hostapd/FREEBSD-upgrade#3 (text+ko) ====
==== //depot/projects/wifi/contrib/hostapd/Makefile#4 (text+ko) ====
@@ -1,6 +1,5 @@
CC=gcc
DIR_WPA_SUPPLICANT=.
-DIR_HOSTAP=.
ifndef CFLAGS
CFLAGS = -MMD -O2 -Wall -g
@@ -11,18 +10,41 @@
CFLAGS += -DHOSTAPD_DUMP_STATE
# Include directories for CVS version
-CFLAGS += -I. -I$(DIR_HOSTAP) -I../utils -I$(DIR_WPA_SUPPLICANT)
+CFLAGS += -I. -I../utils -I$(DIR_WPA_SUPPLICANT)
# Uncomment following line and set the path to your kernel tree include
# directory if your C library does not include all header files.
# CFLAGS += -DUSE_KERNEL_HEADERS -I/usr/src/linux/include
-OBJS = hostapd.o eloop.o ieee802_1x.o eapol_sm.o radius.o md5.o rc4.o \
+-include .config
+
+ifndef CONFIG_OS
+ifdef CONFIG_NATIVE_WINDOWS
+CONFIG_OS=win32
+else
+CONFIG_OS=unix
+endif
+endif
+
+ifeq ($(CONFIG_OS), internal)
+CFLAGS += -DOS_NO_C_LIB_DEFINES
+endif
+
+ifdef CONFIG_NATIVE_WINDOWS
+CFLAGS += -DCONFIG_NATIVE_WINDOWS
+LIBS += -lws2_32
+endif
+
+OBJS = hostapd.o eloop.o ieee802_1x.o eapol_sm.o radius.o md5.o rc4.o md4.o \
common.o ieee802_11.o config.o ieee802_11_auth.o accounting.o \
sta_info.o radius_client.o sha1.o wpa.o aes_wrap.o ctrl_iface.o \
- driver_conf.o
+ driver_conf.o os_$(CONFIG_OS).o preauth.o pmksa_cache.o beacon.o \
+ hw_features.o wme.o ap_list.o reconfig.o \
+ mlme.o vlan_init.o ieee802_11h.o
+
+HOBJS=hlr_auc_gw.o common.o os_$(CONFIG_OS).o milenage.o aes_wrap.o
--include .config
+CFLAGS += -DCONFIG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX
ifdef CONFIG_IAPP
CFLAGS += -DCONFIG_IAPP
@@ -34,6 +56,15 @@
CONFIG_L2_PACKET=y
endif
+ifdef CONFIG_PEERKEY
+CFLAGS += -DCONFIG_PEERKEY
+endif
+
+ifdef CONFIG_IEEE80211W
+CFLAGS += -DCONFIG_IEEE80211W
+NEED_SHA256=y
+endif
+
ifdef CONFIG_DRIVER_HOSTAP
CFLAGS += -DCONFIG_DRIVER_HOSTAP
OBJS += driver.o
@@ -55,6 +86,11 @@
OBJS += driver_prism54.o
endif
+ifdef CONFIG_DRIVER_DEVICESCAPE
+CFLAGS += -DCONFIG_DRIVER_DEVICESCAPE
+OBJS += driver_devicescape.o
+endif
+
ifdef CONFIG_DRIVER_BSD
CFLAGS += -DCONFIG_DRIVER_BSD
OBJS += driver_bsd.o
@@ -70,7 +106,6 @@
ifdef CONFIG_L2_PACKET
ifdef CONFIG_DNET_PCAP
-CFLAGS += -DUSE_DNET_PCAP
ifdef CONFIG_L2_FREEBSD
LIBS += -lpcap
OBJS += $(DIR_WPA_SUPPLICANT)/l2_packet_freebsd.o
@@ -122,9 +157,21 @@
ifdef CONFIG_EAP_SIM
CFLAGS += -DEAP_SIM
-OBJS += eap_sim.o $(DIR_WPA_SUPPLICANT)/eap_sim_common.o
-# Example EAP-SIM interface for GSM authentication. This can be replaced with
-# another file implementating the interface specified in eap_sim_db.h.
+OBJS += eap_sim.o
+CONFIG_EAP_SIM_COMMON=y
+endif
+
+ifdef CONFIG_EAP_AKA
+CFLAGS += -DEAP_AKA
+OBJS += eap_aka.o
+CONFIG_EAP_SIM_COMMON=y
+endif
+
+ifdef CONFIG_EAP_SIM_COMMON
+OBJS += $(DIR_WPA_SUPPLICANT)/eap_sim_common.o
+# Example EAP-SIM/AKA interface for GSM/UMTS authentication. This can be
+# replaced with another file implementating the interface specified in
+# eap_sim_db.h.
OBJS += eap_sim_db.o
endif
@@ -138,6 +185,25 @@
OBJS += eap_psk.o $(DIR_WPA_SUPPLICANT)/eap_psk_common.o
endif
+ifdef CONFIG_EAP_SAKE
+CFLAGS += -DEAP_SAKE
+OBJS += eap_sake.o $(DIR_WPA_SUPPLICANT)/eap_sake_common.o
+endif
+
+ifdef CONFIG_EAP_GPSK
+CFLAGS += -DEAP_GPSK
+OBJS += eap_gpsk.o $(DIR_WPA_SUPPLICANT)/eap_gpsk_common.o
+ifdef CONFIG_EAP_GPSK_SHA256
+CFLAGS += -DEAP_GPSK_SHA256
+NEED_SHA256=y
+endif
+endif
+
+ifdef CONFIG_EAP_VENDOR_TEST
+CFLAGS += -DEAP_VENDOR_TEST
+OBJS += eap_vendor_test.o
+endif
+
ifdef CONFIG_EAP_TLV
CFLAGS += -DEAP_TLV
OBJS += eap_tlv.o
@@ -145,15 +211,34 @@
ifdef CONFIG_EAP
CFLAGS += -DEAP_SERVER
-OBJS += eap.o eap_identity.o
+OBJS += eap.o eap_methods.o eap_identity.o
+endif
+
+ifndef CONFIG_TLS
+CONFIG_TLS=openssl
endif
ifdef TLS_FUNCS
# Shared TLS functions (needed for EAP_TLS, EAP_PEAP, and EAP_TTLS)
CFLAGS += -DEAP_TLS_FUNCS
-OBJS += eap_tls_common.o $(DIR_WPA_SUPPLICANT)/tls_openssl.o
+OBJS += eap_tls_common.o
+ifeq ($(CONFIG_TLS), openssl)
+OBJS += $(DIR_WPA_SUPPLICANT)/tls_openssl.o
LIBS += -lssl -lcrypto
LIBS_p += -lcrypto
+LIBS_h += -lcrypto
+endif
+ifeq ($(CONFIG_TLS), gnutls)
+OBJS += $(DIR_WPA_SUPPLICANT)/tls_gnutls.o
+LIBS += -lgnutls -lgcrypt -lgpg-error
+LIBS_p += -lgcrypt
+LIBS_h += -lgcrypt
+endif
+ifdef CONFIG_GNUTLS_EXTRA
+CFLAGS += -DCONFIG_GNUTLS_EXTRA
+LIBS += -lgnutls-extra
+endif
+NEED_CRYPTO=y
else
OBJS += $(DIR_WPA_SUPPLICANT)/tls_none.o
endif
@@ -163,10 +248,60 @@
endif
ifdef MS_FUNCS
+OBJS += $(DIR_WPA_SUPPLICANT)/ms_funcs.o
+NEED_CRYPTO=y
+endif
+
+ifdef NEED_CRYPTO
ifndef TLS_FUNCS
+ifeq ($(CONFIG_TLS), openssl)
LIBS += -lcrypto
+LIBS_p += -lcrypto
+LIBS_h += -lcrypto
+endif
+ifeq ($(CONFIG_TLS), gnutls)
+LIBS += -lgcrypt
+LIBS_p += -lgcrypt
+LIBS_h += -lgcrypt
+endif
+endif
+ifeq ($(CONFIG_TLS), openssl)
+OBJS += $(DIR_WPA_SUPPLICANT)/crypto.o
+OBJS_p += $(DIR_WPA_SUPPLICANT)/crypto.o
+HOBJS += $(DIR_WPA_SUPPLICANT)/crypto.o
+CONFIG_INTERNAL_SHA256=y
+endif
+ifeq ($(CONFIG_TLS), gnutls)
+OBJS += $(DIR_WPA_SUPPLICANT)/crypto_gnutls.o
+OBJS_p += $(DIR_WPA_SUPPLICANT)/crypto_gnutls.o
+HOBJS += $(DIR_WPA_SUPPLICANT)/crypto_gnutls.o
+CONFIG_INTERNAL_SHA256=y
endif
-OBJS += $(DIR_WPA_SUPPLICANT)/ms_funcs.o $(DIR_WPA_SUPPLICANT)/crypto.o
+else
+CONFIG_INTERNAL_AES=y
+CONFIG_INTERNAL_SHA1=y
+CONFIG_INTERNAL_MD5=y
+CONFIG_INTERNAL_SHA256=y
+endif
+
+ifdef CONFIG_INTERNAL_AES
+CFLAGS += -DINTERNAL_AES
+endif
+ifdef CONFIG_INTERNAL_SHA1
+CFLAGS += -DINTERNAL_SHA1
+endif
+ifdef CONFIG_INTERNAL_SHA256
+CFLAGS += -DINTERNAL_SHA256
+endif
+ifdef CONFIG_INTERNAL_MD5
+CFLAGS += -DINTERNAL_MD5
+endif
+ifdef CONFIG_INTERNAL_MD4
+CFLAGS += -DINTERNAL_MD4
+endif
+
+ifdef NEED_SHA256
+OBJS += sha256.o
endif
ifdef CONFIG_RADIUS_SERVER
@@ -178,6 +313,12 @@
CFLAGS += -DCONFIG_IPV6
endif
+ifdef CONFIG_FULL_DYNAMIC_VLAN
+# define CONFIG_FULL_DYNAMIC_VLAN to have hostapd manipulate bridges
+# and vlan interfaces for the vlan feature.
+CFLAGS += -DCONFIG_FULL_DYNAMIC_VLAN
+endif
+
ALL=hostapd hostapd_cli
all: verify_config $(ALL)
@@ -201,10 +342,7 @@
rm -f driver_conf.c
echo '/* THIS FILE AUTOMATICALLY GENERATED, DO NOT EDIT! */' \
> driver_conf.c
- echo '#include <stdlib.h>' >> driver_conf.c
- echo '#include <stdio.h>' >> driver_conf.c
- echo '#include <sys/types.h>' >> driver_conf.c
- echo '#include <netinet/in.h>' >> driver_conf.c
+ echo '#include "includes.h"' >> driver_conf.c
echo '#include "hostapd.h"' >> driver_conf.c
echo '#include "driver.h"' >> driver_conf.c
ifdef CONFIG_DRIVER_HOSTAP
@@ -219,6 +357,9 @@
ifdef CONFIG_DRIVER_PRISM54
echo "void prism54_driver_register(void);" >> driver_conf.c
endif
+ifdef CONFIG_DRIVER_DEVICESCAPE
+ echo "void devicescape_driver_register(void);" >> driver_conf.c
+endif
ifdef CONFIG_DRIVER_BSD
echo "void bsd_driver_register(void);" >> driver_conf.c
endif
@@ -238,6 +379,9 @@
ifdef CONFIG_DRIVER_PRISM54
echo "prism54_driver_register();" >> driver_conf.c
endif
+ifdef CONFIG_DRIVER_DEVICESCAPE
+ echo "devicescape_driver_register();" >> driver_conf.c
+endif
ifdef CONFIG_DRIVER_BSD
echo "bsd_driver_register();" >> driver_conf.c
endif
@@ -249,7 +393,48 @@
hostapd_cli: hostapd_cli.o $(DIR_WPA_SUPPLICANT)/wpa_ctrl.o
$(CC) -o hostapd_cli hostapd_cli.o $(DIR_WPA_SUPPLICANT)/wpa_ctrl.o
+NOBJS = nt_password_hash.o $(DIR_WPA_SUPPLICANT)/ms_funcs.o sha1.o rc4.o md5.o
+NOBJS += $(DIR_WPA_SUPPLICANT)/crypto.o os_$(CONFIG_OS).o
+ifdef TLS_FUNCS
+LIBS_n += -lcrypto
+endif
+
+nt_password_hash: $(NOBJS)
+ $(CC) -o nt_password_hash $(NOBJS) $(LIBS_n)
+
+hlr_auc_gw: $(HOBJS)
+ $(CC) -o hlr_auc_gw $(HOBJS) $(LIBS_h)
+
clean:
- rm -f core *~ *.o hostapd hostapd_cli *.d driver_conf.c
+ rm -f core *~ *.o hostapd hostapd_cli nt_password_hash hlr_auc_gw
+ rm -f *.d driver_conf.c
+
+%.eps: %.fig
+ fig2dev -L eps $*.fig $*.eps
+
+%.png: %.fig
+ fig2dev -L png -m 3 $*.fig | pngtopnm | pnmscale 0.4 | pnmtopng \
+ > $*.png
+
+docs-pics: doc/hostapd.png doc/hostapd.eps
+
+docs: docs-pics
+ doxygen doc/doxygen.full
+ $(MAKE) -C doc/latex
+ cp doc/latex/refman.pdf hostapd-devel.pdf
+
+docs-fast: docs-pics
+ doxygen doc/doxygen.fast
+
+clean-docs:
+ rm -rf doc/latex doc/html
+ rm -f doc/hosta.d{eps,png} hostapd-devel.pdf
+
+TEST_SRC_MILENAGE = milenage.c aes_wrap.c common.c os_$(CONFIG_OS).c
+test-milenage: $(TEST_SRC_MILENAGE)
+ $(CC) -o test-milenage -Wall -Werror $(TEST_SRC_MILENAGE) \
+ -DTEST_MAIN_MILENAGE -I. -I../wpa_supplicant -DINTERNAL_AES
+ ./test-milenage
+ rm test-milenage
-include $(OBJS:%.o=%.d)
==== //depot/projects/wifi/contrib/hostapd/README#3 (text+ko) ====
@@ -27,13 +27,13 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
(this copy of the license is in COPYING file)
-Alternatively, this software may be distributed under the terms of BSD
-license:
+Alternatively, this software may be distributed, used, and modified
+under the terms of BSD license:
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
@@ -92,9 +92,9 @@
madwifi driver for cards based on Atheros chip set (ar521x)
(http://sourceforge.net/projects/madwifi/)
- Please note that you will need to modify the hostapd Makefile
- to use correct path for madwifi driver root directory
- (CFLAGS += -I../head line in Makefile).
+ Please note that you will need to add the correct path for
+ madwifi driver root directory in .config (see defconfig file for
+ an example: CFLAGS += -I<path>)
Prism54 driver for Intersil/Conexant Prism GT/Duette/Indigo
(http://www.prism54.org/)
@@ -158,14 +158,6 @@
device that is also used with IEEE 802.11 management frames. The
frames to the Supplicant are sent using the same device.
-hostapd includes a minimal colocated Authentication Server for testing
-purposes. It only requests the identity of the Supplicant and
-authorizes any host that is able to send a valid EAP Response
-frame. This can be used for quick testing since it does not require an
-external Authentication Server, but it should not be used for any real
-authentication purposes since no keys are required and anyone can
-authenticate.
-
The normal configuration of the Authenticator would use an external
Authentication Server. hostapd supports RADIUS encapsulation of EAP
packets, so the Authentication Server should be a RADIUS server, like
==== //depot/projects/wifi/contrib/hostapd/accounting.c#3 (text+ko) ====
@@ -1,6 +1,5 @@
/*
- * Host AP (software wireless LAN access point) user space daemon for
- * Host AP kernel driver / Accounting
+ * hostapd / RADIUS Accounting
* Copyright (c) 2002-2005, Jouni Malinen <jkmaline at cc.hut.fi>
*
* This program is free software; you can redistribute it and/or modify
@@ -13,18 +12,8 @@
* See README and COPYING for more details.
*/
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <netinet/in.h>
-#include <string.h>
-#include <sys/ioctl.h>
-#include <signal.h>
+#include "includes.h"
#include <assert.h>
-#include <time.h>
-#include <sys/time.h>
-#include <sys/socket.h>
-
#include "hostapd.h"
#include "radius.h"
@@ -40,7 +29,13 @@
* input/output octets and updates Acct-{Input,Output}-Gigawords. */
#define ACCT_DEFAULT_UPDATE_INTERVAL 300
-static struct radius_msg * accounting_msg(hostapd *hapd, struct sta_info *sta,
+/* from ieee802_1x.c */
+const char *radius_mode_txt(struct hostapd_data *hapd);
+int radius_sta_rate(struct hostapd_data *hapd, struct sta_info *sta);
+
+
+static struct radius_msg * accounting_msg(struct hostapd_data *hapd,
+ struct sta_info *sta,
int status_type)
{
struct radius_msg *msg;
@@ -131,7 +126,7 @@
}
snprintf(buf, sizeof(buf), RADIUS_802_1X_ADDR_FORMAT ":%s",
- MAC2STR(hapd->own_addr), hapd->conf->ssid);
+ MAC2STR(hapd->own_addr), hapd->conf->ssid.ssid);
if (!radius_msg_add_attr(msg, RADIUS_ATTR_CALLED_STATION_ID,
(u8 *) buf, strlen(buf))) {
printf("Could not add Called-Station-Id\n");
@@ -154,7 +149,10 @@
goto fail;
}
- snprintf(buf, sizeof(buf), "CONNECT 11Mbps 802.11b");
+ snprintf(buf, sizeof(buf), "CONNECT %d%sMbps %s",
+ radius_sta_rate(hapd, sta) / 2,
+ (radius_sta_rate(hapd, sta) & 1) ? ".5" : "",
+ radius_mode_txt(hapd));
if (!radius_msg_add_attr(msg, RADIUS_ATTR_CONNECT_INFO,
(u8 *) buf, strlen(buf))) {
printf("Could not add Connect-Info\n");
@@ -211,7 +209,7 @@
static void accounting_interim_update(void *eloop_ctx, void *timeout_ctx)
{
- hostapd *hapd = eloop_ctx;
+ struct hostapd_data *hapd = eloop_ctx;
struct sta_info *sta = timeout_ctx;
int interval;
@@ -229,11 +227,11 @@
}
-void accounting_sta_start(hostapd *hapd, struct sta_info *sta)
+void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta)
{
struct radius_msg *msg;
int interval;
-
+
if (sta->acct_session_started)
return;
@@ -260,7 +258,8 @@
}
-void accounting_sta_report(hostapd *hapd, struct sta_info *sta, int stop)
+void accounting_sta_report(struct hostapd_data *hapd, struct sta_info *sta,
+ int stop)
{
struct radius_msg *msg;
int cause = sta->acct_terminate_cause;
@@ -360,14 +359,14 @@
}
-void accounting_sta_interim(hostapd *hapd, struct sta_info *sta)
+void accounting_sta_interim(struct hostapd_data *hapd, struct sta_info *sta)
{
if (sta->acct_session_started)
accounting_sta_report(hapd, sta, 0);
}
-void accounting_sta_stop(hostapd *hapd, struct sta_info *sta)
+void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta)
{
if (sta->acct_session_started) {
accounting_sta_report(hapd, sta, 1);
@@ -435,7 +434,7 @@
}
-int accounting_init(hostapd *hapd)
+int accounting_init(struct hostapd_data *hapd)
{
/* Acct-Session-Id should be unique over reboots. If reliable clock is
* not available, this could be replaced with reboot counter, etc. */
@@ -451,7 +450,18 @@
}
-void accounting_deinit(hostapd *hapd)
+void accounting_deinit(struct hostapd_data *hapd)
{
accounting_report_state(hapd, 0);
}
+
+
+int accounting_reconfig(struct hostapd_data *hapd,
+ struct hostapd_config *oldconf)
+{
+ if (!hapd->radius_client_reconfigured)
+ return 0;
+
+ accounting_deinit(hapd);
+ return accounting_init(hapd);
+}
==== //depot/projects/wifi/contrib/hostapd/accounting.h#2 (text+ko) ====
@@ -1,13 +1,27 @@
+/*
+ * hostapd / RADIUS Accounting
+ * Copyright (c) 2002-2005, Jouni Malinen <jkmaline at cc.hut.fi>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * Alternatively, this software may be distributed under the terms of BSD
+ * license.
+ *
+ * See README and COPYING for more details.
+ */
+
#ifndef ACCOUNTING_H
#define ACCOUNTING_H
-
-void accounting_sta_start(hostapd *hapd, struct sta_info *sta);
-void accounting_sta_interim(hostapd *hapd, struct sta_info *sta);
-void accounting_sta_stop(hostapd *hapd, struct sta_info *sta);
+void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta);
+void accounting_sta_interim(struct hostapd_data *hapd, struct sta_info *sta);
+void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta);
void accounting_sta_get_id(struct hostapd_data *hapd, struct sta_info *sta);
-int accounting_init(hostapd *hapd);
-void accounting_deinit(hostapd *hapd);
-
+int accounting_init(struct hostapd_data *hapd);
+void accounting_deinit(struct hostapd_data *hapd);
+int accounting_reconfig(struct hostapd_data *hapd,
+ struct hostapd_config *oldconf);
#endif /* ACCOUNTING_H */
==== //depot/projects/wifi/contrib/hostapd/aes.c#3 (text+ko) ====
@@ -21,6 +21,8 @@
* See README and COPYING for more details.
*/
+#include "includes.h"
+
/*
* rijndael-alg-fst.c
*
@@ -1060,7 +1062,7 @@
u32 *rk;
if (len != 16)
return NULL;
- rk = malloc(4 * 44);
+ rk = os_malloc(4 * 44);
if (rk == NULL)
return NULL;
rijndaelKeySetupEnc(rk, key);
@@ -1076,7 +1078,7 @@
void aes_encrypt_deinit(void *ctx)
{
- free(ctx);
+ os_free(ctx);
}
@@ -1085,7 +1087,7 @@
u32 *rk;
if (len != 16)
return NULL;
- rk = malloc(4 * 44);
+ rk = os_malloc(4 * 44);
if (rk == NULL)
return NULL;
rijndaelKeySetupDec(rk, key);
@@ -1101,5 +1103,5 @@
void aes_decrypt_deinit(void *ctx)
{
- free(ctx);
+ os_free(ctx);
}
==== //depot/projects/wifi/contrib/hostapd/aes_wrap.c#3 (text+ko) ====
@@ -19,17 +19,18 @@
* See README and COPYING for more details.
*/
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
+#include "includes.h"
+
#include "common.h"
#include "aes_wrap.h"
#include "crypto.h"
-#ifndef EAP_TLS_FUNCS
+#ifdef INTERNAL_AES
#include "aes.c"
-#endif /* EAP_TLS_FUNCS */
+#endif /* INTERNAL_AES */
+
+#ifndef CONFIG_NO_AES_WRAP
/**
* aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394)
@@ -49,8 +50,8 @@
r = cipher + 8;
/* 1) Initialize variables. */
- memset(a, 0xa6, 8);
- memcpy(r, plain, 8 * n);
+ os_memset(a, 0xa6, 8);
+ os_memcpy(r, plain, 8 * n);
ctx = aes_encrypt_init(kek, 16);
if (ctx == NULL)
@@ -66,12 +67,12 @@
for (j = 0; j <= 5; j++) {
r = cipher + 8;
for (i = 1; i <= n; i++) {
- memcpy(b, a, 8);
- memcpy(b + 8, r, 8);
+ os_memcpy(b, a, 8);
+ os_memcpy(b + 8, r, 8);
aes_encrypt(ctx, b, b);
- memcpy(a, b, 8);
+ os_memcpy(a, b, 8);
a[7] ^= n * j + i;
- memcpy(r, b + 8, 8);
+ os_memcpy(r, b + 8, 8);
r += 8;
}
}
@@ -86,7 +87,9 @@
return 0;
}
+#endif /* CONFIG_NO_AES_WRAP */
+
/**
* aes_unwrap - Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394)
* @kek: Key encryption key (KEK)
@@ -102,9 +105,9 @@
void *ctx;
/* 1) Initialize variables. */
- memcpy(a, cipher, 8);
+ os_memcpy(a, cipher, 8);
r = plain;
- memcpy(r, cipher + 8, 8 * n);
+ os_memcpy(r, cipher + 8, 8 * n);
ctx = aes_decrypt_init(kek, 16);
if (ctx == NULL)
@@ -120,13 +123,13 @@
for (j = 5; j >= 0; j--) {
r = plain + (n - 1) * 8;
for (i = n; i >= 1; i--) {
- memcpy(b, a, 8);
+ os_memcpy(b, a, 8);
b[7] ^= n * j + i;
- memcpy(b + 8, r, 8);
+ os_memcpy(b + 8, r, 8);
aes_decrypt(ctx, b, b);
- memcpy(a, b, 8);
- memcpy(r, b + 8, 8);
+ os_memcpy(a, b, 8);
+ os_memcpy(r, b + 8, 8);
r -= 8;
}
}
@@ -148,6 +151,8 @@
#define BLOCK_SIZE 16
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list