wpa_supplicant/hostapd: Update to 0.6.10
authorJan Lentfer <Jan.Lentfer@web.de>
Thu, 4 Feb 2010 15:57:55 +0000 (16:57 +0100)
committerJan Lentfer <Jan.Lentfer@web.de>
Sun, 14 Feb 2010 10:11:06 +0000 (11:11 +0100)
usr.sbin/802_11/Makefile.inc
usr.sbin/802_11/hostapd/Makefile
usr.sbin/802_11/hostapd/driver_dragonfly.c
usr.sbin/802_11/hostapd_cli/Makefile
usr.sbin/802_11/os_unix.c.patch [deleted file]
usr.sbin/802_11/wpa_cli/Makefile
usr.sbin/802_11/wpa_supplicant/Makefile
usr.sbin/802_11/wpa_supplicant/driver_dragonfly.c
usr.sbin/802_11/wpa_supplicant/ntddndis.h

index 5b4af7a..b5b07da 100644 (file)
@@ -1,5 +1,27 @@
 # $DragonFly: src/usr.sbin/802_11/Makefile.inc,v 1.1 2006/06/24 07:29:44 sephe Exp $
 
+CONTRIBDIR= ${.CURDIR}/../../../contrib
+WPA_DISTDIR=${CONTRIBDIR}/wpa_supplicant
+HOSTAPD_DISTDIR=${CONTRIBDIR}/hostapd
+
+.PATH.c:       ${.CURDIR}/.. \
+               ${WPA_DISTDIR}/src/common \
+               ${WPA_DISTDIR}/src/crypto \
+               ${WPA_DISTDIR}/src/eap_common \
+               ${WPA_DISTDIR}/src/eapol_supp \
+               ${WPA_DISTDIR}/src/l2_packet \
+               ${WPA_DISTDIR}/src/utils
+
+CFLAGS+=-I${.CURDIR}
+CFLAGS+=-I${WPA_DISTDIR}/src
+CFLAGS+=-I${WPA_DISTDIR}/src/common
+CFLAGS+=-I${WPA_DISTDIR}/src/crypto
+CFLAGS+=-I${WPA_DISTDIR}/src/l2_packet
+CFLAGS+=-I${WPA_DISTDIR}/src/utils
+
+CFLAGS+= -DCONFIG_CTRL_IFACE
+CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
+
 WARNS?=        0
 
 .include "../Makefile.inc"
index 03581c3..990a8ed 100644 (file)
@@ -1,25 +1,33 @@
 # $FreeBSD: src/usr.sbin/wpa/hostapd/Makefile,v 1.3 2007/07/09 16:26:48 sam Exp $
 # $DragonFly: src/usr.sbin/802_11/hostapd/Makefile,v 1.2 2007/08/07 11:25:36 sephe Exp $
 
-CONTRIBDIR= ${.CURDIR}/../../../contrib/hostapd
-.PATH: ${.CURDIR}/.. ${CONTRIBDIR}
+.include "${.CURDIR}/../Makefile.inc"
+.PATH.c:       ${.CURDIR}/.. ${HOSTAPD_DISTDIR}/hostapd \
+               ${HOSTAPD_DISTDIR}/src/eap_server \
+               ${HOSTAPD_DISTDIR}/src/radius
+
 
 PROG=  hostapd
-SRCS=  hostapd.c eloop.c ieee802_1x.c eapol_sm.c radius.c md5.c rc4.c \
-       common.c ieee802_11.c config.c ieee802_11_auth.c accounting.c \
-       sta_info.c radius_client.c sha1.c wpa.c aes_wrap.c tls_none.c \
-       ctrl_iface.c driver_conf.c os_unix.c preauth.c pmksa_cache.c \
-       beacon.c hw_features.c wme.c ap_list.c reconfig.c mlme.c \
-       vlan_init.c ieee802_11h.c l2_packet.c driver_dragonfly.c
-SRCS+= os_unix.c.patch
+SRCS=  accounting.c aes.c aes_wrap.c ap_list.c beacon.c common.c \
+       config.c ctrl_iface.c drivers.c eapol_sm.c eap.c eap_common.c \
+       eap_identity.c eap_methods.c eloop.c hostapd.c \
+       hw_features.c ieee802_11.c ieee802_11_common.c ieee802_11_auth.c \
+       ieee802_1x.c ip_addr.c md5.c mlme.c pmksa_cache.c radius.c \
+       radius_client.c rc4.c sha1.c sta_info.c vlan_init.c wme.c \
+       wpa.c wpa_auth_ie.c wpa_common.c wpa_debug.c wpabuf.c
+SRCS+= l2_packet.c driver_dragonfly.c os_unix.c
+SRCS+= tls_none.c
+
 CLEANFILES=driver_conf.c
 
 MAN=   hostapd.8 hostapd.conf.5
 
-CFLAGS+= -I${CONTRIBDIR}
+CFLAGS+= -I${HOSTAPD_DISTDIR}/hostapd
+CFLAGS+= -I${HOSTAPD_DISTDIR}/src/radius
 CFLAGS+= -DCONFIG_DRIVER_BSD
 CFLAGS+= -DCONFIG_CTRL_IFACE
 CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
+CFLAGS+= -DEAP_TLS_NONE
 CFLAGS+= -DINTERNAL_AES
 CFLAGS+= -DINTERNAL_SHA1
 CFLAGS+= -DINTERNAL_MD5
index dc401bc..552fbb5 100644 (file)
  *
  * See README and COPYING for more details.
  *
- * $FreeBSD: src/usr.sbin/wpa/hostapd/driver_freebsd.c,v 1.6 2007/07/09 16:26:48 sam Exp $
- * $DragonFly: src/usr.sbin/802_11/hostapd/driver_dragonfly.c,v 1.3 2007/08/07 11:25:36 sephe Exp $
+ * $FreeBSD: src/usr.sbin/wpa/hostapd/driver_freebsd.c,v 1.8 2009/03/02 02:28:22 sam Exp $
  */
-#include <sys/endian.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <unistd.h>
 #include <net/if.h>
 #include <netinet/in.h>
 
-#include <netproto/802_11/ieee80211.h>
-#include <netproto/802_11/ieee80211_crypto.h>
 #include <netproto/802_11/ieee80211_ioctl.h>
 
+#undef RSN_VERSION
+#undef WPA_VERSION
+#undef WPA_OUI_TYPE
+#undef WME_OUI_TYPE
+
 #include "hostapd.h"
 #include "driver.h"
 #include "ieee802_1x.h"
+#include "ieee802_11_auth.h"
 #include "eloop.h"
 #include "sta_info.h"
-#include "l2_packet.h"
+#include "l2_packet/l2_packet.h"
 
 #include "eapol_sm.h"
 #include "wpa.h"
-#include "radius.h"
+#include "radius/radius.h"
 #include "ieee802_11.h"
 #include "common.h"
 #include "hostap_common.h"
 
 struct bsd_driver_data {
-       struct driver_ops ops;                  /* base class */
        struct hostapd_data *hapd;              /* back pointer */
 
        char    iface[IFNAMSIZ + 1];
+       unsigned int ifindex;                   /* interface index */
        struct l2_packet_data *sock_xmit;       /* raw packet xmit socket */
        int     ioctl_sock;                     /* socket for ioctl() use */
        int     wext_sock;                      /* socket for wireless events */
 };
 
-static const struct driver_ops bsd_driver_ops;
+static const struct wpa_driver_ops bsd_driver_ops;
 
 static int bsd_sta_deauth(void *priv, const u8 *addr, int reason_code);
 
@@ -124,107 +126,14 @@ ether_sprintf(const u8 *addr)
        return buf;
 }
 
-/*
- * Configure WPA parameters.
- */
 static int
-bsd_configure_wpa(struct bsd_driver_data *drv)
-{
-       static const char *ciphernames[] =
-           { "WEP", "TKIP", "AES-OCB", "AES-CCM", "*BAD*", "CKIP", "NONE" };
-       struct hostapd_data *hapd = drv->hapd;
-       struct hostapd_bss_config *conf = hapd->conf;
-       int v;
-
-       switch (conf->wpa_group) {
-       case WPA_CIPHER_CCMP:
-               v = IEEE80211_CIPHER_AES_CCM;
-               break;
-       case WPA_CIPHER_TKIP:
-               v = IEEE80211_CIPHER_TKIP;
-               break;
-       case WPA_CIPHER_WEP104:
-               v = IEEE80211_CIPHER_WEP;
-               break;
-       case WPA_CIPHER_WEP40:
-               v = IEEE80211_CIPHER_WEP;
-               break;
-       case WPA_CIPHER_NONE:
-               v = IEEE80211_CIPHER_NONE;
-               break;
-       default:
-               printf("Unknown group key cipher %u\n",
-                       conf->wpa_group);
-               return -1;
-       }
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: group key cipher=%s (%u)\n", __func__, ciphernames[v], v);
-       if (set80211param(drv, IEEE80211_IOC_MCASTCIPHER, v)) {
-               printf("Unable to set group key cipher to %u (%s)\n",
-                       v, ciphernames[v]);
-               return -1;
-       }
-       if (v == IEEE80211_CIPHER_WEP) {
-               /* key length is done only for specific ciphers */
-               v = (conf->wpa_group == WPA_CIPHER_WEP104 ? 13 : 5);
-               if (set80211param(drv, IEEE80211_IOC_MCASTKEYLEN, v)) {
-                       printf("Unable to set group key length to %u\n", v);
-                       return -1;
-               }
-       }
-
-       v = 0;
-       if (conf->wpa_pairwise & WPA_CIPHER_CCMP)
-               v |= 1<<IEEE80211_CIPHER_AES_CCM;
-       if (conf->wpa_pairwise & WPA_CIPHER_TKIP)
-               v |= 1<<IEEE80211_CIPHER_TKIP;
-       if (conf->wpa_pairwise & WPA_CIPHER_NONE)
-               v |= 1<<IEEE80211_CIPHER_NONE;
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: pairwise key ciphers=0x%x\n", __func__, v);
-       if (set80211param(drv, IEEE80211_IOC_UCASTCIPHERS, v)) {
-               printf("Unable to set pairwise key ciphers to 0x%x\n", v);
-               return -1;
-       }
-
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: key management algorithms=0x%x\n",
-               __func__, conf->wpa_key_mgmt);
-       if (set80211param(drv, IEEE80211_IOC_KEYMGTALGS, conf->wpa_key_mgmt)) {
-               printf("Unable to set key management algorithms to 0x%x\n",
-                       conf->wpa_key_mgmt);
-               return -1;
-       }
-
-       v = 0;
-       if (conf->rsn_preauth)
-               v |= BIT(0);
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: rsn capabilities=0x%x\n", __func__, conf->rsn_preauth);
-       if (set80211param(drv, IEEE80211_IOC_RSNCAPS, v)) {
-               printf("Unable to set RSN capabilities to 0x%x\n", v);
-               return -1;
-       }
-
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: enable WPA= 0x%x\n", __func__, conf->wpa);
-       if (set80211param(drv, IEEE80211_IOC_WPA, conf->wpa)) {
-               printf("Unable to set WPA to %u\n", conf->wpa);
-               return -1;
-       }
-       return 0;
-}
-
-
-static int
-bsd_set_iface_flags(void *priv, int dev_up)
+bsd_set_iface_flags(void *priv, int flags)
 {
        struct bsd_driver_data *drv = priv;
        struct hostapd_data *hapd = drv->hapd;
        struct ifreq ifr;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_VERBOSE,
-               "%s: dev_up=%d\n", __func__, dev_up);
+       wpa_printf(MSG_DEBUG, "%s: flags=0x%x\n", __func__, flags);
 
        if (drv->ioctl_sock < 0)
                return -1;
@@ -237,17 +146,23 @@ bsd_set_iface_flags(void *priv, int dev_up)
                return -1;
        }
 
-       if (dev_up)
-               ifr.ifr_flags |= IFF_UP;
-       else
-               ifr.ifr_flags &= ~IFF_UP;
+       if (flags < 0) {
+               flags = -flags;
+               if ((ifr.ifr_flags & flags) == 0)
+                       return 0;
+               ifr.ifr_flags &= ~flags;
+       } else {
+               if ((ifr.ifr_flags & flags) == flags)
+                       return 0;
+               ifr.ifr_flags |= flags;
+       }
 
        if (ioctl(drv->ioctl_sock, SIOCSIFFLAGS, &ifr) != 0) {
                perror("ioctl[SIOCSIFFLAGS]");
                return -1;
        }
 
-       if (dev_up) {
+       if (flags > 0) {
                memset(&ifr, 0, sizeof(ifr));
                snprintf(ifr.ifr_name, IFNAMSIZ, "%s", drv->iface);
                ifr.ifr_mtu = HOSTAPD_MTU;
@@ -262,14 +177,19 @@ bsd_set_iface_flags(void *priv, int dev_up)
 }
 
 static int
+bsd_commit(void *priv)
+{
+       return bsd_set_iface_flags(priv, IFF_UP);
+}
+
+static int
 bsd_set_ieee8021x(const char *ifname, void *priv, int enabled)
 {
        struct bsd_driver_data *drv = priv;
        struct hostapd_data *hapd = drv->hapd;
        struct hostapd_bss_config *conf = hapd->conf;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_VERBOSE,
-               "%s: enabled=%d\n", __func__, enabled);
+       wpa_printf(MSG_DEBUG, "%s: enabled=%d\n", __func__, enabled);
 
        if (!enabled) {
                /* XXX restore state */
@@ -281,7 +201,7 @@ bsd_set_ieee8021x(const char *ifname, void *priv, int enabled)
                        HOSTAPD_LEVEL_WARNING, "No 802.1X or WPA enabled!");
                return -1;
        }
-       if (conf->wpa && bsd_configure_wpa(drv) != 0) {
+       if (conf->wpa && set80211param(drv, IEEE80211_IOC_WPA, conf->wpa)) {
                hostapd_logger(hapd, NULL, HOSTAPD_MODULE_DRIVER,
                        HOSTAPD_LEVEL_WARNING, "Error configuring WPA state!");
                return -1;
@@ -292,7 +212,7 @@ bsd_set_ieee8021x(const char *ifname, void *priv, int enabled)
                        HOSTAPD_LEVEL_WARNING, "Error enabling WPA/802.1X!");
                return -1;
        }
-       return bsd_set_iface_flags(priv, 1);
+       return 0;
 }
 
 static int
@@ -301,8 +221,7 @@ bsd_set_privacy(const char *ifname, void *priv, int enabled)
        struct bsd_driver_data *drv = priv;
        struct hostapd_data *hapd = drv->hapd;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: enabled=%d\n", __func__, enabled);
+       wpa_printf(MSG_DEBUG, "%s: enabled=%d\n", __func__, enabled);
 
        return set80211param(priv, IEEE80211_IOC_PRIVACY, enabled);
 }
@@ -314,8 +233,7 @@ bsd_set_sta_authorized(void *priv, const u8 *addr, int authorized)
        struct hostapd_data *hapd = drv->hapd;
        struct ieee80211req_mlme mlme;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_VERBOSE,
-               "%s: addr=%s authorized=%d\n",
+       wpa_printf(MSG_DEBUG, "%s: addr=%s authorized=%d\n",
                __func__, ether_sprintf(addr), authorized);
 
        if (authorized)
@@ -328,7 +246,8 @@ bsd_set_sta_authorized(void *priv, const u8 *addr, int authorized)
 }
 
 static int
-bsd_sta_set_flags(void *priv, const u8 *addr, int flags_or, int flags_and)
+bsd_sta_set_flags(void *priv, const u8 *addr, int total_flags,
+       int flags_or, int flags_and)
 {
        /* For now, only support setting Authorized flag */
        if (flags_or & WLAN_STA_AUTHORIZED)
@@ -345,8 +264,7 @@ bsd_del_key(void *priv, const unsigned char *addr, int key_idx)
        struct hostapd_data *hapd = drv->hapd;
        struct ieee80211req_del_key wk;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: addr=%s key_idx=%d\n",
+       wpa_printf(MSG_DEBUG, "%s: addr=%s key_idx=%d\n",
                __func__, ether_sprintf(addr), key_idx);
 
        memset(&wk, 0, sizeof(wk));
@@ -373,8 +291,7 @@ bsd_set_key(const char *ifname, void *priv, const char *alg,
        if (strcmp(alg, "none") == 0)
                return bsd_del_key(priv, addr, key_idx);
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: alg=%s addr=%s key_idx=%d\n",
+       wpa_printf(MSG_DEBUG, "%s: alg=%s addr=%s key_idx=%d\n",
                __func__, alg, ether_sprintf(addr), key_idx);
 
        if (strcmp(alg, "WEP") == 0)
@@ -396,14 +313,16 @@ bsd_set_key(const char *ifname, void *priv, const char *alg,
 
        memset(&wk, 0, sizeof(wk));
        wk.ik_type = cipher;
-       wk.ik_flags = IEEE80211_KEY_RECV | IEEE80211_KEY_XMIT;
        if (addr == NULL) {
                memset(wk.ik_macaddr, 0xff, IEEE80211_ADDR_LEN);
                wk.ik_keyix = key_idx;
-               wk.ik_flags |= IEEE80211_KEY_DEFAULT | IEEE80211_KEY_GROUP;
+               wk.ik_flags = IEEE80211_KEY_XMIT
+                           | IEEE80211_KEY_GROUP
+                           | IEEE80211_KEY_DEFAULT;
        } else {
                memcpy(wk.ik_macaddr, addr, IEEE80211_ADDR_LEN);
                wk.ik_keyix = IEEE80211_KEYIX_NONE;
+               wk.ik_flags = IEEE80211_KEY_RECV | IEEE80211_KEY_XMIT;
        }
        wk.ik_keylen = key_len;
        memcpy(wk.ik_keydata, key, key_len);
@@ -420,8 +339,8 @@ bsd_get_seqnum(const char *ifname, void *priv, const u8 *addr, int idx,
        struct hostapd_data *hapd = drv->hapd;
        struct ieee80211req_key wk;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: addr=%s idx=%d\n", __func__, ether_sprintf(addr), idx);
+       wpa_printf(MSG_DEBUG, "%s: addr=%s idx=%d\n",
+           __func__, ether_sprintf(addr), idx);
 
        memset(&wk, 0, sizeof(wk));
        if (addr == NULL)
@@ -477,8 +396,7 @@ bsd_sta_clear_stats(void *priv, const u8 *addr)
        struct hostapd_data *hapd = drv->hapd;
        struct ieee80211req_sta_stats stats;
        
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "%s: addr=%s\n",
-                     __func__, ether_sprintf(addr));
+       wpa_printf(MSG_DEBUG, "%s: addr=%s\n", __func__, ether_sprintf(addr));
 
        /* zero station statistics */
        memset(&stats, 0, sizeof(stats));
@@ -489,11 +407,11 @@ bsd_sta_clear_stats(void *priv, const u8 *addr)
 static int
 bsd_set_opt_ie(const char *ifname, void *priv, const u8 *ie, size_t ie_len)
 {
-       /*
-        * Do nothing; we setup parameters at startup that define the
-        * contents of the beacon information element.
-        */
-       return 0;
+        /*
+         * Do nothing; we setup parameters at startup that define the
+         * contents of the beacon information element.
+         */
+        return 0;
 }
 
 static int
@@ -503,8 +421,7 @@ bsd_sta_deauth(void *priv, const u8 *addr, int reason_code)
        struct hostapd_data *hapd = drv->hapd;
        struct ieee80211req_mlme mlme;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: addr=%s reason_code=%d\n",
+       wpa_printf(MSG_DEBUG, "%s: addr=%s reason_code=%d\n",
                __func__, ether_sprintf(addr), reason_code);
 
        mlme.im_op = IEEE80211_MLME_DEAUTH;
@@ -520,8 +437,7 @@ bsd_sta_disassoc(void *priv, const u8 *addr, int reason_code)
        struct hostapd_data *hapd = drv->hapd;
        struct ieee80211req_mlme mlme;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
-               "%s: addr=%s reason_code=%d\n",
+       wpa_printf(MSG_DEBUG, "%s: addr=%s reason_code=%d\n",
                __func__, ether_sprintf(addr), reason_code);
 
        mlme.im_reason = reason_code;
@@ -589,7 +505,7 @@ bsd_new_sta(struct bsd_driver_data *drv, u8 addr[IEEE80211_ADDR_LEN])
                }
                ielen = 2 + ie.wpa_ie[1];
                res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
-                                         ie.wpa_ie, ielen);
+                                         ie.wpa_ie, ielen, NULL, 0);
                if (res != WPA_IE_OK) {
                        printf("WPA/RSN information element rejected? "
                                "(res %u)\n", res);
@@ -624,6 +540,9 @@ bsd_wireless_event_receive(int sock, void *ctx, void *sock_ctx)
        struct ieee80211_michael_event *mic;
        struct ieee80211_join_event *join;
        struct ieee80211_leave_event *leave;
+#ifdef CONFIG_DRIVER_RADIUS_ACL
+       struct ieee80211_auth_event *auth;
+#endif
        int n;
 
        n = read(sock, buf, sizeof(buf));
@@ -640,6 +559,12 @@ bsd_wireless_event_receive(int sock, void *ctx, void *sock_ctx)
                return;
        }
        ifan = (struct if_announcemsghdr *) rtm;
+       if (ifan->ifan_index != drv->ifindex) {
+               wpa_printf(MSG_DEBUG, "Discard routing message to if#%d "
+                       "(not for us %d)\n",
+                       ifan->ifan_index, drv->ifindex);
+               return;
+       }
        switch (rtm->rtm_type) {
        case RTM_IEEE80211:
                switch (ifan->ifan_what) {
@@ -670,6 +595,32 @@ bsd_wireless_event_receive(int sock, void *ctx, void *sock_ctx)
                                MAC2STR(mic->iev_src));
                        ieee80211_michael_mic_failure(hapd, mic->iev_src, 1);
                        break;
+#ifdef CONFIG_DRIVER_RADIUS_ACL
+               case RTM_IEEE80211_AUTH:
+                       auth = (struct ieee80211_auth_event *) &ifan[1];
+                       wpa_printf(MSG_DEBUG, "802.11 AUTH, STA = " MACSTR,
+                           MAC2STR(auth->iev_addr));
+                       n = hostapd_allowed_address(hapd, auth->iev_addr,
+                               NULL, 0, NULL, NULL, NULL);
+                       switch (n) {
+                       case HOSTAPD_ACL_ACCEPT:
+                       case HOSTAPD_ACL_REJECT:
+                               hostapd_set_radius_acl_auth(hapd,
+                                   auth->iev_addr, n, 0);
+                               wpa_printf(MSG_DEBUG,
+                                   "802.11 AUTH, STA = " MACSTR " hostapd says: %s",
+                                   MAC2STR(auth->iev_addr),
+                                   (n == HOSTAPD_ACL_ACCEPT ?
+                                       "ACCEPT" : "REJECT" ));
+                               break;
+                       case HOSTAPD_ACL_PENDING:
+                               wpa_printf(MSG_DEBUG,
+                                   "802.11 AUTH, STA = " MACSTR " pending",
+                                   MAC2STR(auth->iev_addr));
+                               break;
+                       }
+                       break;
+#endif /* CONFIG_DRIVER_RADIUS_ACL */
                }
                break;
        }
@@ -775,8 +726,7 @@ bsd_get_ssid(const char *ifname, void *priv, u8 *buf, int len)
        struct hostapd_data *hapd = drv->hapd;
        int ssid_len = get80211var(priv, IEEE80211_IOC_SSID, buf, len);
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "%s: ssid=\"%.*s\"\n",
-               __func__, ssid_len, buf);
+       wpa_printf(MSG_DEBUG, "%s: ssid=\"%.*s\"\n", __func__, ssid_len, buf);
 
        return ssid_len;
 }
@@ -787,8 +737,7 @@ bsd_set_ssid(const char *ifname, void *priv, const u8 *buf, int len)
        struct bsd_driver_data *drv = priv;
        struct hostapd_data *hapd = drv->hapd;
 
-       HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "%s: ssid=\"%.*s\"\n",
-               __func__, len, buf);
+       wpa_printf(MSG_DEBUG, "%s: ssid=\"%.*s\"\n", __func__, len, buf);
 
        return set80211var(priv, IEEE80211_IOC_SSID, buf, len);
 }
@@ -802,7 +751,68 @@ bsd_set_countermeasures(void *priv, int enabled)
        return set80211param(drv, IEEE80211_IOC_COUNTERMEASURES, enabled);
 }
 
+#ifdef CONFIG_DRIVER_RADIUS_ACL
+static int 
+bsd_set_radius_acl_auth(void *priv, const u8 *mac, int accepted, 
+       u32 session_timeout)
+{
+       struct bsd_driver_data *drv = priv;
+       struct hostapd_data *hapd = drv->hapd;
+       struct ieee80211req_mlme mlme;
+
+       switch (accepted) {
+       case HOSTAPD_ACL_ACCEPT_TIMEOUT:
+               wpa_printf(MSG_DEBUG, "[%s] STA " MACSTR 
+                       " has been accepted by RADIUS ACL with timeout "
+                       "of %d.\n", hapd->conf->iface, MAC2STR(mac), 
+                       session_timeout);
+               mlme.im_reason = IEEE80211_STATUS_SUCCESS;
+               break;
+       case HOSTAPD_ACL_ACCEPT:
+               wpa_printf(MSG_DEBUG, "[%s] STA " MACSTR 
+                       " has been accepted by RADIUS ACL.\n", 
+                       hapd->conf->iface, MAC2STR(mac));
+               mlme.im_reason = IEEE80211_STATUS_SUCCESS;
+               break;
+       case HOSTAPD_ACL_REJECT:
+               wpa_printf(MSG_DEBUG, "[%s] STA " MACSTR 
+                       " has been rejected by RADIUS ACL.\n", 
+                       hapd->conf->iface, MAC2STR(mac));
+               mlme.im_reason = IEEE80211_STATUS_UNSPECIFIED;
+               break;
+       default:
+               wpa_printf(MSG_ERROR, "[%s] STA " MACSTR 
+                       " has unknown status (%d) by RADIUS ACL.  "
+                       "Nothing to do...\n", hapd->conf->iface, 
+                       MAC2STR(mac), accepted);
+               return 0;
+       }
+       memset(&mlme, 0, sizeof(mlme));
+       mlme.im_op = IEEE80211_MLME_AUTH;
+       memcpy(mlme.im_macaddr, mac, IEEE80211_ADDR_LEN);
+       return set80211var(drv, IEEE80211_IOC_MLME, &mlme, sizeof(mlme));
+}
+
 static int
+bsd_set_radius_acl_expire(void *priv, const u8 *mac)
+{
+       struct bsd_driver_data *drv = priv;
+       struct hostapd_data *hapd = drv->hapd;
+
+       /*
+        * The expiry of the MAC address from RADIUS ACL cache doesn't mean 
+        * that we should kick off the client.  Our current approach doesn't 
+        * require adding/removing entries from an allow/deny list; so this
+        * function is likely unecessary
+        */
+       wpa_printf(MSG_DEBUG, "[%s] STA " MACSTR " radius acl cache "
+               "expired; nothing to do...", hapd->conf->iface, 
+               MAC2STR(mac));
+       return 0;
+}
+#endif /* CONFIG_DRIVER_RADIUS_ACL */
+
+static void *
 bsd_init(struct hostapd_data *hapd)
 {
        struct bsd_driver_data *drv;
@@ -814,7 +824,6 @@ bsd_init(struct hostapd_data *hapd)
        }
 
        memset(drv, 0, sizeof(*drv));
-       drv->ops = bsd_driver_ops;
        drv->hapd = hapd;
        drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
        if (drv->ioctl_sock < 0) {
@@ -822,6 +831,18 @@ bsd_init(struct hostapd_data *hapd)
                goto bad;
        }
        memcpy(drv->iface, hapd->conf->iface, sizeof(drv->iface));
+       /*
+        * NB: We require the interface name be mappable to an index.
+        *     This implies we do not support having wpa_supplicant
+        *     wait for an interface to appear.  This seems ok; that
+        *     doesn't belong here; it's really the job of devd.
+        *     XXXSCW: devd is FreeBSD-specific.
+        */
+       drv->ifindex = if_nametoindex(drv->iface);
+       if (drv->ifindex == 0) {
+               printf("%s: interface %s does not exist", __func__, drv->iface);
+               goto bad;
+       }
 
        drv->sock_xmit = l2_packet_init(drv->iface, NULL, ETH_P_EAPOL,
                                        handle_read, drv, 1);
@@ -830,10 +851,9 @@ bsd_init(struct hostapd_data *hapd)
        if (l2_packet_get_own_addr(drv->sock_xmit, hapd->own_addr))
                goto bad;
 
-       bsd_set_iface_flags(drv, 0);    /* mark down during setup */
+       bsd_set_iface_flags(drv, -IFF_UP);      /* mark down during setup */
 
-       hapd->driver = &drv->ops;
-       return 0;
+       return drv;
 bad:
        if (drv != NULL) {
                if (drv->sock_xmit != NULL)
@@ -842,7 +862,7 @@ bad:
                        close(drv->ioctl_sock);
                free(drv);
        }
-       return -1;
+       return NULL;
 }
 
 
@@ -851,9 +871,7 @@ bsd_deinit(void *priv)
 {
        struct bsd_driver_data *drv = priv;
 
-       drv->hapd->driver = NULL;
-
-       (void) bsd_set_iface_flags(drv, 0);
+       (void) bsd_set_iface_flags(drv, -IFF_UP);
        if (drv->ioctl_sock >= 0)
                close(drv->ioctl_sock);
        if (drv->sock_xmit != NULL)
@@ -861,7 +879,7 @@ bsd_deinit(void *priv)
        free(drv);
 }
 
-static const struct driver_ops bsd_driver_ops = {
+const struct wpa_driver_ops wpa_driver_bsd_ops = {
        .name                   = "bsd",
        .init                   = bsd_init,
        .deinit                 = bsd_deinit,
@@ -882,9 +900,9 @@ static const struct driver_ops bsd_driver_ops = {
        .get_ssid               = bsd_get_ssid,
        .set_countermeasures    = bsd_set_countermeasures,
        .sta_clear_stats        = bsd_sta_clear_stats,
+       .commit                 = bsd_commit,
+#ifdef CONFIG_DRIVER_RADIUS_ACL
+       .set_radius_acl_auth    = bsd_set_radius_acl_auth,
+       .set_radius_acl_expire  = bsd_set_radius_acl_expire,
+#endif
 };
-
-void bsd_driver_register(void)
-{
-       driver_register(bsd_driver_ops.name, &bsd_driver_ops);
-}
index 3631183..a5b92cc 100644 (file)
@@ -1,10 +1,11 @@
 # $FreeBSD: src/usr.sbin/wpa/hostapd_cli/Makefile,v 1.4 2007/07/09 16:26:48 sam Exp $
 # $DragonFly: src/usr.sbin/802_11/hostapd_cli/Makefile,v 1.2 2007/08/07 11:25:36 sephe Exp $
 
-.PATH: ${.CURDIR}/../../../contrib/hostapd
+.include "${.CURDIR}/../Makefile.inc"
+.PATH.c:        ${.CURDIR}/.. ${HOSTAPD_DISTDIR}/hostapd
 
 PROG=  hostapd_cli
-SRCS=  hostapd_cli.c wpa_ctrl.c
+SRCS=  hostapd_cli.c wpa_ctrl.c os_unix.c
 
 CFLAGS+= -DCONFIG_CTRL_IFACE
 CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
diff --git a/usr.sbin/802_11/os_unix.c.patch b/usr.sbin/802_11/os_unix.c.patch
deleted file mode 100644 (file)
index 137117c..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-$DragonFly: src/usr.sbin/802_11/os_unix.c.patch,v 1.1 2007/08/07 11:25:36 sephe Exp $
-diff -urp hostapd-0.5.8/os_unix.c /usr/src/contrib/hostapd-0.5.8/os_unix.c
---- os_unix.c  2007-03-25 10:09:43.000000000 +0800
-+++ os_unix.c  2007-07-22 12:17:04.000000000 +0800
-@@ -171,7 +171,7 @@ int os_setenv(const char *name, const ch
- int os_unsetenv(const char *name)
- {
--#if defined(__FreeBSD__) || defined(__NetBSD__)
-+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__DragonFly__)
-       unsetenv(name);
-       return 0;
- #else
index a8f1fbc..d44ac25 100644 (file)
@@ -1,14 +1,14 @@
 # $FreeBSD: src/usr.sbin/wpa/wpa_cli/Makefile,v 1.3 2007/07/11 16:04:07 sam Exp $
 # $DragonFly: src/usr.sbin/802_11/wpa_cli/Makefile,v 1.2 2007/08/07 11:25:36 sephe Exp $
 
-CONTRIBDIR= ${.CURDIR}/../../../contrib/wpa_supplicant
-.PATH: ${.CURDIR}/.. ${CONTRIBDIR}
+.include "${.CURDIR}/../Makefile.inc"
 
+.PATH.c:       ${.CURDIR}/..  \
+               ${WPA_DISTDIR}/wpa_supplicant
 PROG=  wpa_cli
 SRCS=  wpa_cli.c wpa_ctrl.c os_unix.c
-SRCS+= os_unix.c.patch
 
-CFLAGS+= -I${CONTRIBDIR}
+CFLAGS+= -I${WPA_DISTDIR}
 CFLAGS+= -DCONFIG_CTRL_IFACE
 CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
 
index 08e18d7..e32d5a7 100644 (file)
@@ -1,26 +1,34 @@
 # $FreeBSD: src/usr.sbin/wpa/wpa_supplicant/Makefile,v 1.9 2007/07/11 16:04:08 sam Exp $
 # $DragonFly: src/usr.sbin/802_11/wpa_supplicant/Makefile,v 1.2 2007/08/07 11:25:36 sephe Exp $
 
-CONTRIBDIR= ${.CURDIR}/../../../contrib/wpa_supplicant
-.PATH: ${.CURDIR}/.. ${CONTRIBDIR}
+.include "${.CURDIR}/../Makefile.inc"
+
+.PATH.c:       ${WPA_DISTDIR}/wpa_supplicant \
+               ${WPA_DISTDIR}/src/drivers \
+               ${WPA_DISTDIR}/src/eap_peer \
+               ${WPA_DISTDIR}/src/rsn_supp
 
 PROG=  wpa_supplicant
-SRCS=  config.c eloop.c common.c md5.c rc4.c sha1.c aes_wrap.c \
-       wpa_supplicant.c events.c wpa.c preauth.c pmksa_cache.c \
-       ctrl_iface.c ctrl_iface_unix.c l2_packet.c main.c drivers.c \
-       Packet32.c os_unix.c
-SRCS+= driver_dragonfly.c driver_wired.c driver_ndis.c
-SRCS+= os_unix.c.patch driver_wired.c.patch events.c.patch
+SRCS=  aes.c aes_wrap.c blacklist.c common.c config.c ctrl_iface.c \
+       ctrl_iface_unix.c drivers.c eloop.c events.c l2_packet.c main.c \
+       md5.c preauth.c pmksa_cache.c rc4.c scan.c scan_helpers.c sha1.c \
+       wpa.c wpa_common.c wpa_debug.c wpa_ie.c wpa_supplicant.c \
+       wpabuf.c wpas_glue.c \
+       driver_ndis.c Packet32.c \
+       driver_wired.c \
+       driver_dragonfly.c os_unix.c
+#SRCS+=        driver_wired.c.patch events.c.patch
 
 MAN=   wpa_supplicant.8 wpa_supplicant.conf.5
 
-CFLAGS+= -I${.CURDIR} -I${CONTRIBDIR}
+CFLAGS+= -I${.CURDIR} -I${WPA_DISTDIR}
+CFLAGS+= -I${WPA_DISTDIR}/src/drivers
+CFLAGS+= -I${WPA_DISTDIR}/src/rsn_supp
 CFLAGS+= -DCONFIG_DRIVER_BSD
 CFLAGS+= -DCONFIG_DRIVER_NDIS
 CFLAGS+= -DCONFIG_DRIVER_WIRED
-CFLAGS+= -DCONFIG_CTRL_IFACE
-CFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
 CFLAGS+= -DCONFIG_TERMINATE_ONLASTIF
+CFLAGS+= -g
 DPADD+=        ${LIBPCAP}
 LDADD+=        -lpcap
 
@@ -29,19 +37,31 @@ SRCS+=      config_file.c base64.c
 CFLAGS+=-DCONFIG_BACKEND_FILE
 
 .if !defined(NO_WPA_SUPPLICANT_EAPOL)
-SRCS+= eapol_sm.c eap.c eap_methods.c
+.PATH: ${.CURDIR}/.. ${WPA_DISTDIR}/src/eapol_supp
+.PATH: ${.CURDIR}/.. ${WPA_DISTDIR}/src/eap_peer
+SRCS+= eapol_supp_sm.c eap.c eap_common.c eap_methods.c
 CFLAGS+= -DIEEE8021X_EAPOL
 
 .if !defined(NO_CRYPT) && !defined(NO_OPENSSL)
+.PATH:  ${.CURDIR}/.. ${WPA_DISTDIR}/src/eap_common
+.PATH:  ${.CURDIR}/.. ${WPA_DISTDIR}/eap_peer/
 CFLAGS+=-DEAP_TLS -DEAP_PEAP -DEAP_MSCHAPv2 -DEAP_LEAP -DEAP_PSK \
        -DEAP_TLV -DEAP_TLS_FUNCS
-SRCS+= eap_tls.c eap_peap.c eap_mschapv2.c eap_leap.c \
+SRCS+= chap.c crypto_openssl.c \
+       eap_leap.c \
+       eap_mschapv2.c \
+       eap_peap.c eap_peap_common.c \
        eap_psk.c eap_psk_common.c \
-       eap_tlv.c eap_tls_common.c tls_openssl.c ms_funcs.c crypto.c
+       eap_tls.c eap_tls_common.c \
+       mschapv2.c ms_funcs.c tls_openssl.c
 
 CFLAGS+=-DEAP_TTLS -DEAP_MD5
 SRCS+= eap_ttls.c eap_md5.c
 
+.if !empty(CFLAGS:M*-DEAP_GTC)
+SRCS+= eap_gtc.c
+.endif
+
 # NB: requires patch to openssl
 #CFLAGS+= -DEAP_FAST
 #SRCS+=        eap_fast.c
index e43d45e..736fc4a 100644 (file)
@@ -25,9 +25,8 @@
 #include "common.h"
 #include "driver.h"
 #include "eloop.h"
-#include "wpa_supplicant.h"
 #include "l2_packet.h"
-#include "wpa.h"                       /* XXX for RSN_INFO_ELEM */
+#include "ieee802_11_defs.h"
 
 #include <sys/socket.h>
 #include <net/if.h>
@@ -403,7 +402,7 @@ wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params)
 
        if (params->wpa_ie_len &&
            set80211param(drv, IEEE80211_IOC_WPA,
-                         params->wpa_ie[0] == RSN_INFO_ELEM ? 2 : 1) < 0)
+                         params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0)
                return -1;
 
        memset(&mlme, 0, sizeof(mlme));
index 1cfb201..e6336b1 100644 (file)
@@ -28,5 +28,7 @@ typedef char * PCHAR;
 #define FALSE 0
 
 #define OID_802_3_CURRENT_ADDRESS               0x01010102
+#define        OID_802_3_MULTICAST_LIST                0x01010103
+
 
 #endif /* _NTDDNDIS_H_ */