diff options
author | Marcin Juszkiewicz <hrw@openedhand.com> | 2007-04-25 10:56:54 +0000 |
---|---|---|
committer | Marcin Juszkiewicz <hrw@openedhand.com> | 2007-04-25 10:56:54 +0000 |
commit | 39ca55c42b0896751d21ca65a90eb54e364df90e (patch) | |
tree | d8fdd5f8a49f0fe45a6c7cae8dfb9a166d922902 | |
parent | e0ce469778aacfc69611b8101c0fafee53b453a9 (diff) | |
download | openembedded-core-39ca55c42b0896751d21ca65a90eb54e364df90e.tar.gz openembedded-core-39ca55c42b0896751d21ca65a90eb54e364df90e.tar.bz2 openembedded-core-39ca55c42b0896751d21ca65a90eb54e364df90e.zip |
wpa-supplicant: drop old versions, use 0.5.7 (latest stable) as default
git-svn-id: https://svn.o-hand.com/repos/poky/trunk@1551 311d38ba-8fff-0310-9ca6-ca027cbcb966
20 files changed, 420 insertions, 2446 deletions
diff --git a/meta/packages/wpa-supplicant/files/wpa-supplicant.sh b/meta/packages/wpa-supplicant/files/wpa-supplicant.sh new file mode 100644 index 0000000000..5c9e5d33a7 --- /dev/null +++ b/meta/packages/wpa-supplicant/files/wpa-supplicant.sh @@ -0,0 +1,85 @@ +#!/bin/sh + + +WPA_SUP_BIN="/usr/sbin/wpa_supplicant" +WPA_SUP_PNAME="wpa_supplicant" +WPA_SUP_PIDFILE="/var/run/wpa_supplicant.$IFACE.pid" +WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $IFACE" + +VERBOSITY=0 + + +if [ -s "$IF_WPA_CONF" ]; then + WPA_SUP_CONF="-c $IF_WPA_CONF" +else + exit 0 +fi + +if [ ! -x "$WPA_SUP_BIN" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: binaries not executable or missing from $WPA_SUP_BIN" + fi + + exit 1 +fi + +if [ "$MODE" = "start" ] ; then + # driver type of interface, defaults to wext when undefined + if [ -s "/etc/wpa_supplicant/driver.$IFACE" ]; then + IF_WPA_DRIVER=$(cat "/etc/wpa_supplicant/driver.$IFACE") + elif [ -z "$IF_WPA_DRIVER" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: wpa-driver not provided, using \"wext\"" + fi + + IF_WPA_DRIVER="wext" + fi + + # if we have passed the criteria, start wpa_supplicant + if [ -n "$WPA_SUP_CONF" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: $WPA_SUP_BIN $WPA_SUP_OPTIONS $WPA_SUP_CONF -D $IF_WPA_DRIVER" + fi + + start-stop-daemon --start --quiet \ + --name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE \ + -- $WPA_SUP_OPTIONS $WPA_SUP_CONF -D $IF_WPA_DRIVER + fi + + # if the interface socket exists, then wpa_supplicant was invoked successfully + if [ -S "$WPA_COMMON_CTRL_IFACE/$IFACE" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: ctrl_interface socket located at $WPA_COMMON_CTRL_IFACE/$IFACE" + fi + + exit 0 + + fi + +elif [ "$MODE" = "stop" ]; then + + if [ -f "$WPA_SUP_PIDFILE" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: terminating $WPA_SUP_PNAME daemon" + fi + + start-stop-daemon --stop --quiet \ + --name $WPA_SUP_PNAME --pidfile $WPA_SUP_PIDFILE + + if [ -S "$WPA_COMMON_CTRL_IFACE/$IFACE" ]; then + rm -f $WPA_COMMON_CTRL_IFACE/$IFACE + fi + + if [ -f "$WPA_SUP_PIDFILE" ]; then + rm -f $WPA_SUP_PIDFILE + fi + fi + +fi + +exit 0 diff --git a/meta/packages/wpa-supplicant/files/wpa_supplicant.conf b/meta/packages/wpa-supplicant/files/wpa_supplicant.conf index da407b5ef3..f0c993d195 100644 --- a/meta/packages/wpa-supplicant/files/wpa_supplicant.conf +++ b/meta/packages/wpa-supplicant/files/wpa_supplicant.conf @@ -1,21 +1,46 @@ ##### Example wpa_supplicant configuration file ############################### +# +# This file describes configuration file format and lists all available option. +# Please also take a look at simpler configuration examples in 'examples' +# subdirectory. +# # Empty lines and lines starting with # are ignored # NOTE! This file may contain password information and should probably be made # readable only by root user on multiuser systems. +# Note: All file paths in this configuration file should use full (absolute, +# not relative to working directory) path in order to allow working directory +# to be changed. This can happen if wpa_supplicant is run in the background. + +# Whether to allow wpa_supplicant to update (overwrite) configuration +# +# This option can be used to allow wpa_supplicant to overwrite configuration +# file whenever configuration is changed (e.g., new network block is added with +# wpa_cli or wpa_gui, or a password is changed). This is required for +# wpa_cli/wpa_gui to be able to store the configuration changes permanently. +# Please note that overwriting configuration file will remove the comments from +# it. +#update_config=1 + # global configuration (shared by all network blocks) # -# Interface for separate control program. If this is specified, wpa_supplicant -# will create this directory and a UNIX domain socket for listening to requests -# from external programs (CLI/GUI, etc.) for status information and -# configuration. The socket file will be named based on the interface name, so -# multiple wpa_supplicant processes can be run at the same time if more than -# one interface is used. +# Parameters for the control interface. If this is specified, wpa_supplicant +# will open a control interface that is available for external programs to +# manage wpa_supplicant. The meaning of this string depends on which control +# interface mechanism is used. For all cases, the existance of this parameter +# in configuration is used to determine whether the control interface is +# enabled. +# +# For UNIX domain sockets (default on Linux and BSD): This is a directory that +# will be created for UNIX domain sockets for listening to requests from +# external programs (CLI/GUI, etc.) for status information and configuration. +# The socket file will be named based on the interface name, so multiple +# wpa_supplicant processes can be run at the same time if more than one +# interface is used. # /var/run/wpa_supplicant is the recommended directory for sockets and by # default, wpa_cli will use it when trying to connect with wpa_supplicant. -ctrl_interface=/var/run/wpa_supplicant - +# # Access control for the control interface can be configured by setting the # directory to allow only members of a group to use sockets. This way, it is # possible to run wpa_supplicant as root (since it needs to change network @@ -29,12 +54,28 @@ ctrl_interface=/var/run/wpa_supplicant # not included in the configuration file, group will not be changed from the # value it got by default when the directory or socket was created. # -# This variable can be a group name or gid. -#ctrl_interface_group=wheel -ctrl_interface_group=0 +# When configuring both the directory and group, use following format: +# DIR=/var/run/wpa_supplicant GROUP=wheel +# DIR=/var/run/wpa_supplicant GROUP=0 +# (group can be either group name or gid) +# +# For UDP connections (default on Windows): The value will be ignored. This +# variable is just used to select that the control interface is to be created. +# The value can be set to, e.g., udp (ctrl_interface=udp) +# +# For Windows Named Pipe: This value can be used to set the security descriptor +# for controlling access to the control interface. Security descriptor can be +# set using Security Descriptor String Format (see http://msdn.microsoft.com/ +# library/default.asp?url=/library/en-us/secauthz/security/ +# security_descriptor_string_format.asp). The descriptor string needs to be +# prefixed with SDDL=. For example, ctrl_interface=SDDL=D: would set an empty +# DACL (which will reject all connections). See README-Windows.txt for more +# information about SDDL string format. +# +ctrl_interface=/var/run/wpa_supplicant # IEEE 802.1X/EAPOL version -# wpa_supplicant was implemented based on IEEE 802-1X-REV-d8 which defines +# wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which defines # EAPOL version 2. However, there are many APs that do not handle the new # version number correctly (they seem to drop the frames completely). In order # to make wpa_supplicant interoperate with these APs, the version number is set @@ -52,13 +93,15 @@ eapol_version=1 # 0: driver takes care of scanning, AP selection, and IEEE 802.11 association # parameters (e.g., WPA IE generation); this mode can also be used with # non-WPA drivers when using IEEE 802.1X mode; do not try to associate with -# APs (i.e., external program needs to control association) +# APs (i.e., external program needs to control association). This mode must +# also be used when using wired Ethernet drivers. # 2: like 0, but associate with APs using security policy and SSID (but not -# BSSID); this can be used, e.g., with ndiswrapper and NDIS driver to +# BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to # enable operation with hidden SSIDs and optimized roaming; in this mode, -# only the first network block in the configuration file is used and this -# configuration should have explicit security policy (i.e., only one option -# in the lists) for key_mgmt, pairwise, group, proto variables +# the network blocks in the configuration file are tried one by one until +# the driver reports successful association; each network block should have +# explicit security policy (i.e., only one option in the lists) for +# key_mgmt, pairwise, group, proto variables ap_scan=1 # EAP fast re-authentication @@ -67,6 +110,38 @@ ap_scan=1 # Normally, there is no need to disable this. fast_reauth=1 +# OpenSSL Engine support +# These options can be used to load OpenSSL engines. +# The two engines that are supported currently are shown below: +# They are both from the opensc project (http://www.opensc.org/) +# By default no engines are loaded. +# make the opensc engine available +#opensc_engine_path=/usr/lib/opensc/engine_opensc.so +# make the pkcs11 engine available +#pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so +# configure the path to the pkcs11 module required by the pkcs11 engine +#pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so + +# Dynamic EAP methods +# If EAP methods were built dynamically as shared object files, they need to be +# loaded here before being used in the network blocks. By default, EAP methods +# are included statically in the build, so these lines are not needed +#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_tls.so +#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_md5.so + +# Driver interface parameters +# This field can be used to configure arbitrary driver interace parameters. The +# format is specific to the selected driver interface. This field is not used +# in most cases. +#driver_param="field=value" + +# Maximum lifetime for PMKSA in seconds; default 43200 +#dot11RSNAConfigPMKLifetime=43200 +# Threshold for reauthentication (percentage of PMK lifetime); default 70 +#dot11RSNAConfigPMKReauthThreshold=70 +# Timeout for security association negotiation in seconds; default 60 +#dot11RSNAConfigSATimeout=60 + # network block # # Each network (usually AP's sharing the same SSID) is configured as a separate @@ -75,6 +150,15 @@ fast_reauth=1 # # network block fields: # +# disabled: +# 0 = this network can be used (default) +# 1 = this network block is disabled (can be enabled through ctrl_iface, +# e.g., with wpa_cli or wpa_gui) +# +# id_str: Network identifier string for external scripts. This value is passed +# to external action script through wpa_cli as WPA_ID_STR environment +# variable to make it easier to do network specific configuration. +# # ssid: SSID (mandatory); either as an ASCII string with double quotation or # as hex string; network name # @@ -95,9 +179,9 @@ fast_reauth=1 # priority value, the sooner the network is matched against the scan results). # Within each priority group, networks will be selected based on security # policy, signal strength, etc. -# Please note that AP scanning with scan_ssid=1 is not using this priority to -# select the order for scanning. Instead, it uses the order the networks are in -# the configuration file. +# Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode are not +# using this priority to select the order for scanning. Instead, they try the +# networks in the order that used in the configuration file. # # mode: IEEE 802.11 operation mode # 0 = infrastructure (Managed) mode, i.e., associate with an AP (default) @@ -155,10 +239,27 @@ fast_reauth=1 # only when the passphrase or SSID has actually changed. # # eapol_flags: IEEE 802.1X/EAPOL options (bit field) -# Dynamic WEP key require for non-WPA mode +# Dynamic WEP key required for non-WPA mode # bit0 (1): require dynamically generated unicast WEP key # bit1 (2): require dynamically generated broadcast WEP key # (3 = require both keys; default) +# Note: When using wired authentication, eapol_flags must be set to 0 for the +# authentication to be completed successfully. +# +# proactive_key_caching: +# Enable/disable opportunistic PMKSA caching for WPA2. +# 0 = disabled (default) +# 1 = enabled +# +# wep_key0..3: Static WEP key (ASCII in double quotation, e.g. "abcde" or +# hex without quotation, e.g., 0102030405) +# wep_tx_keyidx: Default WEP key index (TX) (0..3) +# +# peerkey: Whether PeerKey negotiation for direct links (IEEE 802.11e DLS) is +# allowed. This is only used with RSN/WPA2. +# 0 = disabled (default) +# 1 = enabled +#peerkey=1 # # Following fields are only used with internal EAP implementation. # eap: space-separated list of accepted EAP methods @@ -182,16 +283,46 @@ fast_reauth=1 # unencrypted identity with EAP types that support different tunnelled # identity, e.g., EAP-TTLS) # password: Password string for EAP -# ca_cert: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert is not included, server certificate -# will not be verified. This is insecure and the CA file should always be -# configured. +# ca_cert: File path to CA certificate file (PEM/DER). This file can have one +# or more trusted CA certificates. If ca_cert and ca_path are not +# included, server certificate will not be verified. This is insecure and +# a trusted CA certificate should always be configured when using +# EAP-TLS/TTLS/PEAP. Full path should be used since working directory may +# change when wpa_supplicant is run in the background. +# On Windows, trusted CA certificates can be loaded from the system +# certificate store by setting this to cert_store://<name>, e.g., +# ca_cert="cert_store://CA" or ca_cert="cert_store://ROOT". +# Note that when running wpa_supplicant as an application, the user +# certificate store (My user account) is used, whereas computer store +# (Computer account) is used when running wpasvc as a service. +# ca_path: Directory path for CA certificate files (PEM). This path may +# contain multiple CA certificates in OpenSSL format. Common use for this +# is to point to system trusted CA list which is often installed into +# directory like /etc/ssl/certs. If configured, these certificates are +# added to the list of trusted CAs. ca_cert may also be included in that +# case, but it is not required. # client_cert: File path to client certificate file (PEM/DER) +# Full path should be used since working directory may change when +# wpa_supplicant is run in the background. +# Alternatively, a named configuration blob can be used by setting this +# to blob://<blob name>. # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read from -# the PKCS#12 file in this case. -# private_key_passwd: Password for private key file +# the PKCS#12 file in this case. Full path should be used since working +# directory may change when wpa_supplicant is run in the background. +# Windows certificate store can be used by leaving client_cert out and +# configuring private_key in one of the following formats: +# cert://substring_to_match +# hash://certificate_thumbprint_in_hex +# for example: private_key="hash://63093aa9c47f56ae88334c7b65a4" +# Note that when running wpa_supplicant as an application, the user +# certificate store (My user account) is used, whereas computer store +# (Computer account) is used when running wpasvc as a service. +# Alternatively, a named configuration blob can be used by setting this +# to blob://<blob name>. +# private_key_passwd: Password for private key file (if left out, this will be +# asked through control interface) # dh_file: File path to DH/DSA parameters file (in PEM format) # This is an optional configuration file for setting parameters for an # ephemeral DH key exchange. In most cases, the default RSA @@ -205,6 +336,14 @@ fast_reauth=1 # sertificate is only accepted if it contains this string in the subject. # The subject string is in following format: # /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as@example.com +# altsubject_match: Semicolon separated string of entries to be matched against +# the alternative subject name of the authentication server certificate. +# If this string is set, the server sertificate is only accepted if it +# contains one of the entries in an alternative subject name extension. +# altSubjectName string is in following format: TYPE:VALUE +# Example: EMAIL:server@example.com +# Example: DNS:server.example.com;DNS:server2.example.com +# Following types are supported: EMAIL, DNS, URI # phase1: Phase1 (outer authentication, i.e., TLS tunnel) parameters # (string with field-value pairs, e.g., "peapver=0" or # "peapver=1 peaplabel=1") @@ -219,6 +358,9 @@ fast_reauth=1 # tunneled EAP-Success. This is required with some RADIUS servers that # implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g., # Lucent NavisRadius v4.4.0 with PEAP in "IETF Draft 5" mode) +# include_tls_length=1 can be used to force wpa_supplicant to include +# TLS Message Length field in all TLS messages even if they are not +# fragmented. # sim_min_num_chal=3 can be used to configure EAP-SIM to require three # challenges (by default, it accepts 2 or 3) # phase2: Phase2 (inner authentication with TLS tunnel) parameters @@ -227,25 +369,49 @@ fast_reauth=1 # Following certificate/private key fields are used in inner Phase2 # authentication when using EAP-TTLS or EAP-PEAP. # ca_cert2: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert2 is not included, server -# certificate will not be verified. This is insecure and the CA file -# should always be configured. +# trusted CA certificates. If ca_cert2 and ca_path2 are not included, +# server certificate will not be verified. This is insecure and a trusted +# CA certificate should always be configured. +# ca_path2: Directory path for CA certificate files (PEM) # client_cert2: File path to client certificate file # private_key2: File path to client private key file # private_key2_passwd: Password for private key file # dh_file2: File path to DH/DSA parameters file (in PEM format) # subject_match2: Substring to be matched against the subject of the # authentication server certificate. +# altsubject_match2: Substring to be matched against the alternative subject +# name of the authentication server certificate. +# +# fragment_size: Maximum EAP fragment size in bytes (default 1398). +# This value limits the fragment size for EAP methods that support +# fragmentation (e.g., EAP-TLS and EAP-PEAP). This value should be set +# small enough to make the EAP messages fit in MTU of the network +# interface used for EAPOL. The default value is suitable for most +# cases. # # EAP-PSK variables: # eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format # nai: user NAI -# server_nai: authentication server NAI +# +# EAP-PAX variables: +# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format +# +# EAP-SAKE variables: +# eappsk: 32-byte (256-bit, 64 hex digits) pre-shared key in hex format +# (this is concatenation of Root-Secret-A and Root-Secret-B) +# nai: user NAI (PEERID) +# +# EAP-GPSK variables: +# eappsk: Pre-shared key in hex format (at least 128 bits, i.e., 32 hex digits) +# nai: user NAI (ID_Client) # # EAP-FAST variables: # pac_file: File path for the PAC entries. wpa_supplicant will need to be able # to create this file and write updates to it when PAC is being -# provisioned or refreshed. +# provisioned or refreshed. Full path to the file should be used since +# working directory may change when wpa_supplicant is run in the +# background. Alternatively, a named configuration blob can be used by +# setting this to blob://<blob name> # phase1: fast_provisioning=1 option enables in-line provisioning of EAP-FAST # credentials (PAC) # @@ -379,28 +545,6 @@ network={ } -# EAP-SIM with a GSM SIM or USIM -network={ - ssid="eap-sim-test" - key_mgmt=WPA-EAP - eap=SIM - pin="1234" - pcsc="" -} - - -# EAP-PSK -network={ - ssid="eap-psk-test" - key_mgmt=WPA-EAP - eap=PSK - identity="eap_psk_user" - eappsk=06b4be19da289f475aa46a33cb793029 - nai="eap_psk_user@example.com" - server_nai="as@example.com" -} - - # IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using # EAP-TLS for authentication and key generation; require both unicast and # broadcast WEP keys. @@ -426,18 +570,6 @@ network={ password="foobar" } -# EAP-FAST with WPA (WPA or WPA2) -network={ - ssid="eap-fast-test" - key_mgmt=WPA-EAP - eap=FAST - anonymous_identity="FAST-000102030405" - identity="username" - password="password" - phase1="fast_provisioning=1" - pac_file="/etc/wpa_supplicant.eap-fast-pac" -} - # Plaintext connection (no WPA, no IEEE 802.1X) network={ ssid="plaintext-test" @@ -500,3 +632,59 @@ network={ private_key_passwd="password" phase1="peaplabel=0" } + +# Example of EAP-TLS with smartcard (openssl engine) +network={ + ssid="example" + key_mgmt=WPA-EAP + eap=TLS + proto=RSN + pairwise=CCMP TKIP + group=CCMP TKIP + identity="user@example.com" + ca_cert="/etc/cert/ca.pem" + client_cert="/etc/cert/user.pem" + + engine=1 + + # The engine configured here must be available. Look at + # OpenSSL engine support in the global section. + # The key available through the engine must be the private key + # matching the client certificate configured above. + + # use the opensc engine + #engine_id="opensc" + #key_id="45" + + # use the pkcs11 engine + engine_id="pkcs11" + key_id="id_45" + + # Optional PIN configuration; this can be left out and PIN will be + # asked through the control interface + pin="1234" +} + +# Example configuration showing how to use an inlined blob as a CA certificate +# data instead of using external file +network={ + ssid="example" + key_mgmt=WPA-EAP + eap=TTLS + identity="user@example.com" + anonymous_identity="anonymous@example.com" + password="foobar" + ca_cert="blob://exampleblob" + priority=20 +} + +blob-base64-exampleblob={ +SGVsbG8gV29ybGQhCg== +} + + +# Wildcard match for SSID (plaintext APs only). This example select any +# open AP regardless of its SSID. +network={ + key_mgmt=NONE +} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig deleted file mode 100644 index 0e45d01b88..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig +++ /dev/null @@ -1,160 +0,0 @@ -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -CFLAGS = $(TARGET_CFLAGS) -I../hostapd -I../utils -I../driver/modules -Wall -MMD - -# for wpa_supplicant, wpa_cli -LIBS = $(TARGET_LDFLAGS) - -# for wpa_passphrase: -LIBS_p = $(TARGET_LDFLAGS) - - -# Uncomment following two lines and fix the paths if you have installed openssl -# in non-default location -#CFLAGS += -I/usr/local/openssl/include -#LIBS += -L/usr/local/openssl/lib - -# Example configuration for various cross-compilation platforms - -#### sveasoft (e.g., for Linksys WRT54G) ###################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS += -I../src/include -I../../src/router/openssl/include -#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl -############################################################################### - -#### openwrt (e.g., for Linksys WRT54G) ####################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ -# -I../WRT54GS/release/src/include -#LIBS = -lssl -############################################################################### - - -# Driver interface for Host AP driver -#CONFIG_DRIVER_HOSTAP=y - -# Driver interface for Agere driver -#CONFIG_DRIVER_HERMES=y - -# Driver interface for madwifi driver -#CONFIG_DRIVER_MADWIFI=y -# Change include directories to match with the local setup -#CFLAGS += -I../madwifi/wpa - -# Driver interface for Prism54 driver -#CONFIG_DRIVER_PRISM54=y - -# Driver interface for ndiswrapper -#CONFIG_DRIVER_NDISWRAPPER=y - -# Driver interface for Atmel driver -#CONFIG_DRIVER_ATMEL=y - -# Driver interface for Broadcom driver -#CONFIG_DRIVER_BROADCOM=y -# Example path for wlioctl.h; change to match your configuration -#CFLAGS += -I/opt/WRT54GS/release/src/include - -# Driver interface for Intel ipw2100 driver -#CONFIG_DRIVER_IPW2100=y - -# Driver interface for the Zydas zd1211 driver -CONFIG_DRIVER_ZD1211=y - -# Driver interface for generic Linux wireless extensions -CONFIG_DRIVER_WEXT=y - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib - -# Driver interface for Windows NDIS -#CONFIG_DRIVER_NDIS=y -#CFLAGS += -I/usr/include/w32api/ddk -#LIBS += -L/usr/local/lib -# For native build using mingw -#CONFIG_NATIVE_WINDOWS=y -# Additional directories for cross-compilation on Linux host for mingw target -#CFLAGS += -I/opt/mingw/mingw32/include/ddk -#LIBS += -L/opt/mingw/mingw32/lib -#CC=mingw32-gcc - -# Driver interface for development testing -#CONFIG_DRIVER_TEST=y - -# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is -# included) -CONFIG_IEEE8021X_EAPOL=y - -# EAP-MD5 (automatically included if EAP-TTLS is enabled) -CONFIG_EAP_MD5=y - -# EAP-MSCHAPv2 (automatically included if EAP-PEAP is enabled) -CONFIG_EAP_MSCHAPV2=y - -# EAP-TLS -CONFIG_EAP_TLS=y - -# EAL-PEAP -CONFIG_EAP_PEAP=y - -# EAP-TTLS -CONFIG_EAP_TTLS=y - -# EAP-GTC -CONFIG_EAP_GTC=y - -# EAP-OTP -CONFIG_EAP_OTP=y - -# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) -#CONFIG_EAP_SIM=y - -# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# LEAP -CONFIG_EAP_LEAP=y - -# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) -#CONFIG_EAP_AKA=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=y - -# PC/SC interface for smartcards (USIM, GSM SIM) -# Enable this if EAP-SIM or EAP-AKA is included -#CONFIG_PCSC=y - -# Development testing -#CONFIG_EAPOL_TEST=y - -# Replace native Linux implementation of packet sockets with libdnet/libpcap. -# This will be automatically set for non-Linux OS. -#CONFIG_DNET_PCAP=y - -# Include control interface for external programs, e.g, wpa_cli -CONFIG_CTRL_IFACE=y - -# Include interface for using external supplicant (Xsupplicant) for EAP -# authentication -#CONFIG_XSUPPLICANT_IFACE=y - -# Include support for GNU Readline and History Libraries in wpa_cli. -# When building a wpa_cli binary for distribution, please note that these -# libraries are licensed under GPL and as such, BSD license may not apply for -# the resulting binary. -#CONFIG_READLINE=y diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch deleted file mode 100644 index 4044835e1c..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch +++ /dev/null @@ -1,884 +0,0 @@ ---- /dev/null -+++ wpa_supplicant-0.4.7/driver_hermes.c -@@ -0,0 +1,705 @@ -+/* -+ * WPA Supplicant - testing driver interface -+ * Copyright (c) 2004-2005, Jouni Malinen <jkmaline@cc.hut.fi> -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License version 2 as -+ * published by the Free Software Foundation. -+ * -+ * Alternatively, this software may be distributed under the terms of BSD -+ * license. -+ * -+ * See README and COPYING for more details. -+ */ -+ -+#include <stdlib.h> -+#include <stdio.h> -+#include <unistd.h> -+#include <string.h> -+#include <sys/ioctl.h> -+#include <errno.h> -+#include <net/if_arp.h> -+ -+#include "wireless_copy.h" -+#include "common.h" -+#include "driver.h" -+ -+#include "eloop.h" -+#include "wpa_supplicant.h" -+#include "priv_netlink.h" -+ -+#include "hostap_common.h" -+#include "driver_wext.h" -+#include "driver_hermes.h" -+ -+ -+ -+/* Enumeration for supported Hermes Types */ -+enum -+{ -+ WL_HERMES_UNKNOWN = 0, -+ WL_HERMES_1 = 1, -+ WL_HERMES_2 = 2, -+ WL_HERMES_25 = 3 -+}; -+ -+ -+ -+ -+struct wpa_driver_hermes_data { -+ void *wext; /* private data for driver_wext */ -+ void *ctx; -+ char ifname[IFNAMSIZ + 1]; -+ int sock; -+ int type; -+}; -+ -+ -+ -+/****************************************************************************/ -+/* */ -+/* Routines for basic device access to Agere Hermes-I/Hermes-II via the UIL */ -+/* */ -+/****************************************************************************/ -+ -+IFBP _connect(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s %d", __FUNCTION__, drv->ifname, drv->sock); -+ -+ memset(&urq, 0, sizeof(urq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.command = UIL_FUN_CONNECT; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ if (result == 0 && urq.result == UIL_SUCCESS) { -+ ifbp = urq.hcfCtx; -+ } else { -+ wpa_printf(MSG_DEBUG, "%s: could not set IFBP, result %d", __FUNCTION__, result); -+ } -+ -+ return ifbp; -+} -+ -+ -+void _disconnect(void *priv, IFBP ifbp) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ if (ifbp != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.command = UIL_FUN_DISCONNECT; -+ urq.hcfCtx = ifbp; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf( MSG_WARNING, "wl_disconnect(): ioctl() failed, errno: %d", errno ); -+ wpa_printf( MSG_WARNING, "wl_disconnect(): urq.result: %d", urq.result ); -+ } -+ } else { -+ wpa_printf(MSG_WARNING, "wl_disconnect(): called with NULL ifbp"); -+ } -+ -+ return; -+} -+ -+int _get_info(void *priv, ltv_t *ltv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ /* First, connect to the device */ -+ ifbp = _connect(priv); -+ if (ifbp != NULL && ltv != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.hcfCtx = ifbp; -+ urq.command = UIL_FUN_GET_INFO; -+ urq.len = sizeof(ltv_t); -+ urq.data = ltv; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf(MSG_WARNING, "wl_disconnect(): ioctl() failed, errno: %d", errno); -+ wpa_printf(MSG_WARNING, "wl_disconnect(): urq.result: %d", urq.result); -+ } -+ _disconnect(priv, ifbp); -+ } else { -+ wpa_printf( MSG_WARNING, "Could not connect to the device, or LTV NULL"); -+ result = -1; -+ } -+ -+ return result; -+} -+ -+int _put_info(void *priv, ltv_t *ltv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ /* First, connect to the device */ -+ ifbp = _connect(priv); -+ if (ifbp != NULL && ltv != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.hcfCtx = ifbp; -+ urq.command = UIL_FUN_PUT_INFO; -+ urq.len = sizeof( ltv_t ); -+ urq.data = ltv; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf(MSG_WARNING, "_put_info(): ioctl() failed, errno: %d", errno); -+ wpa_printf(MSG_WARNING, "_put_info(): urq.result: %d", urq.result); -+ } -+ -+ _disconnect(priv, ifbp); -+ } else { -+ wpa_printf(MSG_WARNING, "%s: could not connect to the device, or LTV NULL", __FUNCTION__ ); -+ result = -1; -+ } -+ -+ return result; -+} -+ -+ -+static void _detect_hermes_type(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ CFG_FW_IDENTITY_STRCT *fw_id; -+ ltv_t ltv; -+ int result; -+ -+ //wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ drv->type = WL_HERMES_UNKNOWN; -+ -+ if (drv->sock >= 0) { -+ fw_id = (CFG_FW_IDENTITY_STRCT *)<v; -+ fw_id->len = ( sizeof(CFG_FW_IDENTITY_STRCT) / sizeof( hcf_16 )) - 1; -+ fw_id->typ = CFG_FW_IDENTITY; -+ -+ result = _get_info(priv, (ltv_t *)fw_id); -+ if (result == HCF_SUCCESS) { -+ //wpa_printf(MSG_DEBUG, "PRI CompID : %d", fw_id->comp_id); -+ //wpa_printf(MSG_DEBUG, "PRI Variant : %d", fw_id->variant); -+ //wpa_printf(MSG_DEBUG, "PRI Version : %d.%02d", fw_id->version_major, fw_id->version_minor); -+ -+ switch(fw_id->comp_id) { -+ case COMP_ID_FW_STA: -+ switch (fw_id->variant) { -+ case 1: -+ case 2: -+ wpa_printf(MSG_DEBUG, "found Hermes 1 STA"); -+ drv->type = WL_HERMES_1; -+ break; -+ -+ case 3: -+ wpa_printf(MSG_DEBUG, "found Hermes 2 STA"); -+ drv->type = WL_HERMES_2; -+ break; -+ case 4: -+ wpa_printf(MSG_DEBUG, "found Hermes 2.5 STA"); -+ drv->type = WL_HERMES_25; -+ break; -+ } -+ break; -+ -+ case COMP_ID_FW_AP: -+ switch (fw_id->variant) { -+ case 1: -+ wpa_printf(MSG_DEBUG, "found Hermes 1 AP"); -+ drv->type = WL_HERMES_1; -+ break; -+ -+ case 2: -+ wpa_printf(MSG_DEBUG, "found Hermes 2 AP" ); -+ drv->type = WL_HERMES_2; -+ break; -+ } -+ break; -+ -+ default: -+ wpa_printf(MSG_WARNING, "could not detect Hermes type!"); -+ break; -+ } -+ } -+ } -+} -+ -+ -+ -+/****************************************************************************/ -+ -+ -+static int wpa_driver_hermes_set_wpa_ie(void *priv, const char *wpa_ie, -+ size_t wpa_ie_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_SET_WPA_AUTH_KEY_MGMT_SUITE; -+ -+ switch(drv->type) { -+ case WL_HERMES_1: -+ ltv.u.u16[0] = 2; -+ break; -+ -+ case WL_HERMES_2: -+ case WL_HERMES_25: -+ ltv.u.u16[0] = 4; -+ break; -+ -+ default: -+ ltv.u.u16[0] = 0; -+ break; -+ } -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_wpa(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_CNF_ENCRYPTION; -+ ltv.u.u16[0] = enabled ? 2 : 0; /* Setting CFG_CNF_ENCRYPTION to 2 sets WPA: TKIP or better */ -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_key(void *priv, wpa_alg alg, -+ const u8 *addr, int key_idx, -+ int set_tx, const u8 *seq, size_t seq_len, -+ const u8 *key, size_t key_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int ret = 0; -+ char *alg_name; -+ ltv_t ltv; -+ int count = 0; -+ int buf_idx = 0; -+ hcf_8 tsc[] = { 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00 }; -+ hcf_8 rsc[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; -+ -+ -+ switch (alg) { -+ case WPA_ALG_NONE: -+ alg_name = "none"; -+ break; -+ case WPA_ALG_WEP: -+ alg_name = "WEP"; -+ break; -+ case WPA_ALG_TKIP: -+ alg_name = "TKIP"; -+ break; -+ case WPA_ALG_CCMP: -+ alg_name = "CCMP"; -+ break; -+ default: -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%d " -+ "key_len=%d", __FUNCTION__, alg_name, key_idx, set_tx, -+ seq_len, key_len); -+ -+ if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) { -+ wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu", __FUNCTION__, (unsigned long) seq_len); -+ return -2; -+ } -+ -+ /* Check the key index here; if 0, load as Pairwise Key, otherwise, load as -+ a group key. Note that for the Hermes, the RIDs for group/pairwise keys -+ are different from each other and different than the default WEP keys as -+ well. */ -+ switch (alg) { -+ case WPA_ALG_TKIP: -+ /* Make sure that there is no data queued up in the firmware before -+ setting the TKIP keys. If this check is not performed, some data -+ may be sent out with incorrect MIC and cause synchronizarion -+ errors with the AP */ -+ /* Check every 1ms for 100ms */ -+ for (count = 0; count < 100; count++) { -+ usleep(1000); -+ -+ ltv.len = 2; -+ ltv.typ = 0xFD91; // This RID not defined in HCF yet!!! -+ ltv.u.u16[0] = 0; -+ -+ _get_info( priv, <v); -+ -+ if (ltv.u.u16[0] == 0) -+ break; -+ } -+ -+ if (count == 100) -+ wpa_printf(MSG_DEBUG, "%s: Timed out waiting for TxQ!", __FUNCTION__); -+ -+ -+ switch (key_idx) { -+ case 0: -+ /* Only load key as pairwise key for Hermes-II and II.5. For Hermes-I, -+ fall through to the next case and load the pairwise key as -+ a Group Key at index 0. */ -+ if (drv->type == WL_HERMES_2 || drv->type == WL_HERMES_25) { -+ ltv.len = 28; -+ ltv.typ = CFG_ADD_TKIP_MAPPED_KEY; -+ -+ /* Load the BSSID */ -+ memcpy(<v.u.u8[buf_idx], addr, ETH_ALEN); -+ buf_idx += ETH_ALEN; -+ -+ /* Load the TKIP key */ -+ memcpy(<v.u.u8[buf_idx], &key[0], 16); -+ buf_idx += 16; -+ -+ /* Load the TSC */ -+ memcpy(<v.u.u8[buf_idx], tsc, 8); -+ buf_idx += 8; -+ -+ /* Load the RSC */ -+ /* Copy the RSC from the supplicant to a local buffer, because -+ the RSC doesn't always contain the padding needed */ -+ memcpy(rsc, seq, seq_len); -+ memcpy(<v.u.u8[buf_idx], rsc, 8); -+ buf_idx += 8; -+ -+ /* Load the TxMIC key */ -+ memcpy(<v.u.u8[buf_idx], &key[16], 8); -+ buf_idx += 8; -+ -+ /* Load the RxMIC key */ -+ memcpy(<v.u.u8[buf_idx], &key[24], 8); -+ -+ /* Send the request to the Hermes */ -+ _put_info(priv, <v); -+ break; -+ } -+ -+ case 1: -+ case 2: -+ case 3: -+ ltv.len = 26; -+ ltv.typ = CFG_ADD_TKIP_DEFAULT_KEY; -+ -+ /* Load the key Index */ -+ ltv.u.u16[buf_idx] = key_idx; -+ -+ /* If this is a Tx Key, set bit 8000 */ -+ if (set_tx) -+ ltv.u.u16[buf_idx] |= 0x8000; -+ -+ buf_idx += 2; -+ -+ /* Load the RSC */ -+ /* Copy the RSC from the supplicant to a local buffer, because -+ the RSC doesn't always contain the padding needed */ -+ memcpy(rsc, seq, seq_len); -+ memcpy(<v.u.u8[buf_idx], rsc, 8); -+ buf_idx += 8; -+ -+ /* Load the TKIP, TxMIC, and RxMIC keys in one shot, because in -+ CFG_ADD_TKIP_DEFAULT_KEY they are back-to-back */ -+ memcpy(<v.u.u8[buf_idx], key, key_len); -+ buf_idx += key_len; -+ -+ /* Load the TSC */ -+ memcpy(<v.u.u8[buf_idx], tsc, 8); -+ -+ /* Send the request to the Hermes */ -+ _put_info(priv, <v); -+ break; -+ -+ default: -+ break; -+ } -+ -+ break; -+ -+ case WPA_ALG_WEP: -+ case WPA_ALG_CCMP: -+ break; -+ -+ case WPA_ALG_NONE: -+ switch (key_idx) { -+ case 0: -+ if (drv->type == WL_HERMES_2 || drv->type == WL_HERMES_25) { -+ /* Only clear a pairwise key for Hermes-II. For Hermes-I, -+ fall through to the next case and clear the key as a -+ Group Key at index 0. */ -+ if (addr) { -+ ltv.len = 7; -+ ltv.typ = CFG_REMOVE_TKIP_MAPPED_KEY; -+ -+ memcpy(<v.u.u8[0], addr, ETH_ALEN); -+ -+ _put_info(priv, <v); -+ } -+ break; -+ } -+ -+ case 1: -+ case 2: -+ case 3: -+ /* Clear the Group TKIP keys by index */ -+ ltv.len = 2; -+ ltv.typ = CFG_REMOVE_TKIP_DEFAULT_KEY; -+ -+ ltv.u.u16[0] = key_idx; -+ -+ _put_info(priv, <v); -+ break; -+ -+ default: -+ break; -+ } -+ break; -+ -+ default: -+ break; -+ } -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_hermes_set_countermeasures(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ /* The supplicant handles all the timers related to MIC failure and -+ countermeasures. When countermeasures are enabled, shut down the card; -+ when disable, re-enable the card. Make sure that the EAPOL message -+ is getting out before card disable */ -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_DRIVER_ENABLE; -+ ltv.u.u16[0] = enabled ? 0 : 1; -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_drop_unencrypted(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_CNF_EXCL_UNENCRYPTED; -+ ltv.u.u16[0] = enabled; -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_deauthenticate(void *priv, const u8 *addr, -+ int reason_code) -+{ -+ wpa_printf(MSG_DEBUG, "%s: *DUMMY* %d", __FUNCTION__, reason_code); -+ -+ return 0; -+} -+ -+ -+static int wpa_driver_hermes_disassociate(void *priv, const u8 *addr, int reason_code) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: reason=%d", __FUNCTION__, reason_code); -+ -+ ltv.len = 2; -+ ltv.typ = 0xFCC8; // This RID not defined in HCF yet!!! -+ memcpy( <v.u.u8[0], addr, ETH_ALEN ); -+ ltv.u.u16[ETH_ALEN / 2] = reason_code; -+ -+ return _put_info( priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_associate( -+ void *priv, struct wpa_driver_associate_params *params) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ -+#if 0 -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+#else -+ wpa_printf(MSG_DEBUG, "%s: priv=%p freq=%d pairwise_suite=%d " -+ "group_suite=%d key_mgmt_suite=%d auth_alg=%d mode=%d", -+ __func__, priv, params->freq, params->pairwise_suite, -+ params->group_suite, params->key_mgmt_suite, -+ params->auth_alg, params->mode); -+ if (params->bssid) { -+ wpa_printf(MSG_DEBUG, " bssid=" MACSTR, -+ MAC2STR(params->bssid)); -+ } -+ if (params->ssid) { -+ wpa_hexdump_ascii(MSG_DEBUG, " ssid", -+ params->ssid, params->ssid_len); -+ } -+ if (params->wpa_ie) { -+ wpa_hexdump(MSG_DEBUG, " wpa_ie", -+ params->wpa_ie, params->wpa_ie_len); -+ } -+#endif -+ -+ if (wpa_driver_hermes_set_wpa_ie(priv, params->wpa_ie, params->wpa_ie_len) < 0) -+ return -1; -+ if (wpa_driver_wext_set_freq(drv->wext, params->freq) < 0) -+ return -1; -+ if (wpa_driver_wext_set_ssid(drv->wext, params->ssid, params->ssid_len) < 0) -+ return -1; -+#ifdef UNSUPPORTED_IN_HERMES_DRIVER -+ if (wpa_driver_wext_hermes_bssid(drv->wext, params->bssid) < 0) -+ return -1; -+#endif -+ -+ return 0; -+} -+ -+ -+static int wpa_driver_hermes_get_bssid(void *priv, u8 *bssid) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_bssid(drv->wext, bssid); -+} -+ -+ -+static int wpa_driver_hermes_get_ssid(void *priv, u8 *ssid) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_ssid(drv->wext, ssid); -+} -+ -+ -+static int wpa_driver_hermes_scan(void *priv, const u8 *ssid, size_t ssid_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_scan(drv->wext, ssid, ssid_len); -+} -+ -+ -+static int wpa_driver_hermes_get_scan_results(void *priv, -+ struct wpa_scan_result *results, -+ size_t max_size) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_scan_results(drv->wext, results, max_size); -+} -+ -+ -+static void * wpa_driver_hermes_init(void *ctx, const char *ifname) -+{ -+ struct wpa_driver_hermes_data *drv; -+ -+ wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, ifname); -+ -+ drv = malloc(sizeof(*drv)); -+ if (drv == NULL) -+ return NULL; -+ memset(drv, 0, sizeof(*drv)); -+ -+ /* Initialize wireless context */ -+ drv->wext = wpa_driver_wext_init(ctx, ifname); -+ if (drv->wext == NULL) { -+ perror("no wext context"); -+ goto no_wext; -+ } -+ -+ drv->ctx = ctx; -+ strncpy(drv->ifname, ifname, sizeof(drv->ifname)); -+ -+ drv->sock = socket(PF_INET, SOCK_DGRAM, 0); -+ if (drv->sock < 0) { -+ perror("socket(PF_INET,SOCK_DGRAM)"); -+ goto no_sock; -+ } -+ -+ _detect_hermes_type(drv); -+ -+ return drv; -+ -+no_sock: -+ wpa_driver_wext_deinit(drv->wext); -+no_wext: -+ free(drv); -+ return NULL; -+} -+ -+ -+static void wpa_driver_hermes_deinit(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ wpa_driver_wext_deinit(drv->wext); -+ close(drv->sock); -+ free(drv); -+} -+ -+ -+ -+ -+struct wpa_driver_ops wpa_driver_hermes_ops = { -+ .name = "hermes", -+ .desc = "wpa_supplicant hermes driver", -+ -+ .init = wpa_driver_hermes_init, -+ .deinit = wpa_driver_hermes_deinit, -+ -+ // from old driver_hermes.c: -+ .get_bssid = wpa_driver_hermes_get_bssid, -+ .get_ssid = wpa_driver_hermes_get_ssid, -+ .set_wpa = wpa_driver_hermes_set_wpa, -+ .set_key = wpa_driver_hermes_set_key, -+ //.events_init = wpa_driver_wext_events_init, -+ //.events_deinit = wpa_driver_wext_events_deinit, -+ .set_countermeasures = wpa_driver_hermes_set_countermeasures, -+ .set_drop_unencrypted = wpa_driver_hermes_set_drop_unencrypted, -+ .scan = wpa_driver_hermes_scan, -+ .get_scan_results = wpa_driver_hermes_get_scan_results, -+ .deauthenticate = wpa_driver_hermes_deauthenticate, -+ .disassociate = wpa_driver_hermes_disassociate, -+ .associate = wpa_driver_hermes_associate, -+ -+ -+#if 0 -+ /* Not possible with current Hermes driver: -+ .set_auth_alg = wpa_driver_hermes_set_auth_alg, */ -+#endif -+}; ---- /dev/null -+++ wpa_supplicant-0.4.7/driver_hermes.h -@@ -0,0 +1,173 @@ -+#ifndef HERMES_DRIVER_H -+#define HERMES_DRIVER_H -+ -+typedef unsigned char hcf_8; -+typedef unsigned short hcf_16; -+typedef unsigned long hcf_32; -+typedef hcf_16 hcf_io; -+typedef hcf_8 *wci_bufp; -+ -+typedef struct { -+ hcf_16 len; -+ hcf_16 typ; -+ unsigned short * bufp; -+} RID_LOG_STRCT; -+typedef RID_LOG_STRCT *RID_LOGP; -+ -+typedef struct { -+ hcf_16 len; -+ hcf_16 typ; -+ hcf_16 comp_id; -+ hcf_16 variant; -+ hcf_16 version_major; -+ hcf_16 version_minor; -+} CFG_FW_IDENTITY_STRCT; -+ -+typedef struct { -+ hcf_32 TxUnicastFrames; -+ hcf_32 TxMulticastFrames; -+ hcf_32 TxFragments; -+ hcf_32 TxUnicastOctets; -+ hcf_32 TxMulticastOctets; -+ hcf_32 TxDeferredTransmissions; -+ hcf_32 TxSingleRetryFrames; -+ hcf_32 TxMultipleRetryFrames; -+ hcf_32 TxRetryLimitExceeded; -+ hcf_32 TxDiscards; -+ hcf_32 RxUnicastFrames; -+ hcf_32 RxMulticastFrames; -+ hcf_32 RxFragments; -+ hcf_32 RxUnicastOctets; -+ hcf_32 RxMulticastOctets; -+ hcf_32 RxFCSErrors; -+ hcf_32 RxDiscardsNoBuffer; -+ hcf_32 TxDiscardsWrongSA; -+ hcf_32 RxWEPUndecryptable; -+ hcf_32 RxMsgInMsgFragments; -+ hcf_32 RxMsgInBadMsgFragments; -+ hcf_32 RxDiscardsWEPICVError; -+ hcf_32 RxDiscardsWEPExcluded; -+} CFG_HERMES_TALLIES_STRCT; -+ -+typedef struct { -+ hcf_32 not_used_NoBufInq; -+ hcf_32 NoBufInfo; -+ hcf_32 NoBufMB; -+ hcf_32 MiscErr; -+ hcf_32 EngCnt; -+} CFG_HCF_TALLIES_STRCT; -+ -+typedef struct { -+ hcf_io IFB_IOBase; -+ hcf_16 IFB_IORange; -+ -+ hcf_32 IFB_TickIni; -+ -+ hcf_16 IFB_Version; -+ hcf_16 IFB_CardStat; -+ hcf_16 IFB_TraceLvl; -+ hcf_16 *IFB_MBp; -+ hcf_16 IFB_MBSize; -+ hcf_16 IFB_MBWp; -+ hcf_16 IFB_MBRp; -+ hcf_16 IFB_MBInfoLen; -+ -+ hcf_16 IFB_DLMode; -+ hcf_16 IFB_Magic; -+ hcf_16 IFB_Cmd; -+ hcf_16 IFB_RxFID; -+ RID_LOGP IFB_RIDLogp; -+ hcf_16 IFB_Monitor; -+ hcf_16 IFB_TxFid; -+ hcf_16 IFB_RxLen; -+ hcf_16 IFB_DefunctStat; -+ -+ hcf_16 IFB_ErrCmd; -+ hcf_16 IFB_ErrQualifier; -+ hcf_16 IFB_lal; -+ wci_bufp IFB_lap; -+ hcf_16 IFB_LinkStat; -+ -+ void (*IFB_MICRxRtn)( hcf_32*, hcf_32 ); -+ void (*IFB_MICTxRtn)( hcf_32*, hcf_32 ); -+ hcf_16 IFB_rx_tlen; -+ hcf_16 IFB_tx_tlen; -+ hcf_8 IFB_rx_32[4]; -+ hcf_8 IFB_tx_32[4]; -+ hcf_16 IFB_RscInd; -+ hcf_16 IFB_MB_FID; -+ hcf_16 IFB_DLTarget[2]; -+ -+ hcf_16 IFB_DLPage; -+ hcf_16 IFB_DLOffset; -+ hcf_16 IFB_DLLen; -+ -+ hcf_16 volatile IFB_IntOffCnt; -+ hcf_16 IFB_IntEnMask; -+ -+ CFG_FW_IDENTITY_STRCT IFB_FWIdentity; -+ hcf_16 IFB_Tally; -+ hcf_16 IFB_TallyTyp; -+ -+ CFG_HERMES_TALLIES_STRCT IFB_NIC_Tallies; -+ CFG_HCF_TALLIES_STRCT IFB_HCF_Tallies; -+ -+ void *IFB_MSFSup; -+} IFB_STRCT; -+ -+typedef IFB_STRCT* IFBP; -+ -+struct uilreq -+{ -+ union -+ { -+ char ifrn_name[16]; -+ } ifr_ifrn; -+ -+ IFBP hcfCtx; -+ __u8 command; -+ __u8 result; -+ __u16 len; -+ void *data; -+}; -+ -+typedef struct -+{ -+ hcf_16 len; -+ hcf_16 typ; -+ union -+ { -+ hcf_8 u8[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_8)]; -+ hcf_16 u16[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_16)]; -+ hcf_32 u32[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_32)]; -+ } u; -+} ltv_t; -+ -+ -+#define UIL_FUN_CONNECT 0x00 -+#define UIL_FUN_DISCONNECT 0x01 -+#define UIL_FUN_GET_INFO 0x04 -+#define UIL_FUN_PUT_INFO 0x05 -+ -+#define GENERIC_INFO_ELEM 0xdd -+#define RSN_INFO_ELEM 0x30 -+ -+#define CFG_DRIVER_ENABLE 0x0902 -+#define CFG_CNF_ENCRYPTION 0xFC20 -+#define CFG_ADD_TKIP_DEFAULT_KEY 0xFCB4 -+#define CFG_SET_WPA_AUTH_KEY_MGMT_SUITE 0xFCB5 -+#define CFG_REMOVE_TKIP_DEFAULT_KEY 0xFCB6 -+#define CFG_ADD_TKIP_MAPPED_KEY 0xFCB7 -+#define CFG_REMOVE_TKIP_MAPPED_KEY 0xFCB8 -+#define CFG_FW_IDENTITY 0xFD20 -+#define CFG_CNF_EXCL_UNENCRYPTED 0xFC22 -+ -+#define HCF_SUCCESS 0x00 -+#define UIL_SUCCESS 0x00 -+ -+#define COMP_ID_FW_STA 31 -+#define COMP_ID_FW_AP 32 -+ -+#define WVLAN2_IOCTL_UIL SIOCDEVPRIVATE -+ -+#endif diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch deleted file mode 100644 index 3c731c1256..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch +++ /dev/null @@ -1,535 +0,0 @@ -diff -Nur wpa_supplicant-0.4.7/defconfig wpa_supplicant-0.4.7.new/defconfig ---- wpa_supplicant-0.4.7/defconfig 2005-09-24 20:30:43.000000000 +0200 -+++ wpa_supplicant-0.4.7.new/defconfig 2005-12-26 19:18:14.000000000 +0100 -@@ -68,6 +68,9 @@ - # Driver interface for Intel ipw2100/2200 driver - #CONFIG_DRIVER_IPW=y - -+# Driver interface for Zydas zd1211 driver -+#CONFIG_DRIVER_ZD1211=y -+ - # Driver interface for generic Linux wireless extensions - CONFIG_DRIVER_WEXT=y - -diff -Nur wpa_supplicant-0.4.7/drivers.c wpa_supplicant-0.4.7.new/drivers.c ---- wpa_supplicant-0.4.7/drivers.c 2005-02-20 01:15:54.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/drivers.c 2005-12-26 19:19:16.000000000 +0100 -@@ -55,6 +55,9 @@ - #ifdef CONFIG_DRIVER_TEST - extern struct wpa_driver_ops wpa_driver_test_ops; /* driver_test.c */ - #endif /* CONFIG_DRIVER_TEST */ -+#ifdef CONFIG_DRIVER_ZD1211 -+extern struct wpa_driver_ops wpa_driver_zd1211_ops; /* driver_zd1211.c */ -+#endif /* CONFIG_DRIVER_ZD1211 */ - - - struct wpa_driver_ops *wpa_supplicant_drivers[] = -@@ -98,5 +101,8 @@ - #ifdef CONFIG_DRIVER_TEST - &wpa_driver_test_ops, - #endif /* CONFIG_DRIVER_TEST */ -+#ifdef CONFIG_DRIVER_ZD1211 -+ &wpa_driver_zd1211_ops, -+#endif /* CONFIG_DRIVER_ZD1211 */ - NULL - }; -diff -Nur wpa_supplicant-0.4.7/driver_zd1211.c wpa_supplicant-0.4.7.new/driver_zd1211.c ---- wpa_supplicant-0.4.7/driver_zd1211.c 1970-01-01 01:00:00.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/driver_zd1211.c 2005-12-27 16:28:46.000000000 +0100 -@@ -0,0 +1,408 @@ -+#include <stdlib.h> -+#include <stdio.h> -+#include <unistd.h> -+#include <string.h> -+#include <sys/ioctl.h> -+#include <errno.h> -+ -+#include "common.h" -+#include "driver.h" -+#include "driver_wext.h" -+#include "eloop.h" -+#include "wireless_copy.h" -+#include "wpa_supplicant.h" -+ -+#include "zd1211_common.h" -+ -+ -+struct wpa_driver_zd1211_data { -+ void *ctx; -+ void *wext; /* private data for driver_wext */ -+ char ifname[IFNAMSIZ + 1]; -+ int sock; -+}; -+ -+ -+static int zd1211_ioctl(struct wpa_driver_zd1211_data *zd1211_drv, struct zd1211_wlan_param *param, int len, int show_err) { -+ struct iwreq iwr; -+ -+ memset(&iwr, 0, sizeof(iwr)); -+ strncpy(iwr.ifr_name, zd1211_drv->ifname, IFNAMSIZ); -+ iwr.u.data.pointer = (caddr_t) param; -+ iwr.u.data.length = len; -+ -+ if (ioctl(zd1211_drv->sock, ZD_IOCTL_WPA, &iwr) < 0) { -+ int ret; -+ -+ ret = errno; -+ if (show_err) -+ perror("ioctl[ZD_IOCTL_WPA]"); -+ return ret; -+ } -+ -+ return 0; -+} -+ -+ -+static int zd1211_set_param(struct wpa_driver_zd1211_data *zd1211_drv, int op, int arg, int show_err) { -+ struct iwreq iwr; -+ int *i, ret = 0; -+ -+ memset(&iwr, 0, sizeof(iwr)); -+ strncpy(iwr.ifr_name, zd1211_drv->ifname, IFNAMSIZ); -+ i = (int *) iwr.u.name; -+ *i++ = op; -+ *i++ = arg; -+ -+ if (ioctl(zd1211_drv->sock, ZD_IOCTL_PARAM, &iwr) < 0) { -+ perror("ioctl[ZD_IOCTL_PARAM]"); -+ ret = -1; -+ } -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_get_scan_results(void *priv, struct wpa_scan_result *results, size_t max_size) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_scan_results(zd1211_drv->wext, results, max_size); -+} -+ -+ -+static int wpa_driver_zd1211_get_bssid(void *priv, u8 *bssid) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_bssid(zd1211_drv->wext, bssid); -+} -+ -+ -+static int wpa_driver_zd1211_get_ssid(void *priv, u8 *ssid) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_ssid(zd1211_drv->wext, ssid); -+} -+ -+ -+static int wpa_driver_zd1211_set_auth_alg(void *priv, int auth_alg) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int algs = 0; -+ -+ if (auth_alg & AUTH_ALG_OPEN_SYSTEM) -+ algs = 0; -+ if (auth_alg & AUTH_ALG_SHARED_KEY) -+ algs = 1; -+ -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_AUTH_ALGS, algs, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_countermeasures(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ -+ /* Enable the countermeasure */ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_COUNTERMEASURES, enabled, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_drop_unencrypted(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ -+ /* Enable the countermeasure */ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_DROPUNENCRYPTED, enabled, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_key(void *priv, wpa_alg alg, -+ const u8 *addr, int key_idx, -+ int set_tx, const u8 *seq, size_t seq_len, -+ const u8 *key, size_t key_len) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ struct zd1211_wlan_param *param; -+ u8 *buf; -+ size_t blen; -+ int ret = 0; -+ char *alg_name; -+ -+ switch (alg) { -+ case WPA_ALG_NONE: -+ alg_name = "NONE"; -+ break; -+ case WPA_ALG_WEP: -+ alg_name = "WEP"; -+ break; -+ case WPA_ALG_TKIP: -+ alg_name = "TKIP"; -+ break; -+ case WPA_ALG_CCMP: -+ alg_name = "CCMP"; -+ break; -+ default: -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%d " -+ "key_len=%d", __FUNCTION__, alg_name, key_idx, set_tx, -+ seq_len, key_len); -+ -+ if (seq_len > 8) -+ return -2; -+ -+ blen = sizeof(*param) + key_len; -+ buf = malloc(blen); -+ if (buf == NULL) -+ return -1; -+ memset(buf, 0, blen); -+ -+ param = (struct zd1211_wlan_param *) buf; -+ param->cmd = ZD_CMD_SET_ENCRYPT_KEY; -+ /* TODO: In theory, STA in client mode can use five keys; four default -+ * keys for receiving (with keyidx 0..3) and one individual key for -+ * both transmitting and receiving (keyidx 0) _unicast_ packets. Now, -+ * keyidx 0 is reserved for this unicast use and default keys can only -+ * use keyidx 1..3 (i.e., default key with keyidx 0 is not supported). -+ * This should be fine for more or less all cases, but for completeness -+ * sake, the driver could be enhanced to support the missing key. */ -+#if 0 -+ if (addr == NULL) -+ memset(param->sta_addr, 0xff, ETH_ALEN); -+ else -+ memcpy(param->sta_addr, addr, ETH_ALEN); -+#else -+ memset(param->sta_addr, 0xff, ETH_ALEN); -+#endif -+ strncpy(param->u.crypt.alg, alg_name, ZD_CRYPT_ALG_NAME_LEN); -+ param->u.crypt.flags = set_tx ? ZD_FLAG_SET_TX_KEY : 0; -+ param->u.crypt.idx = key_idx; -+ memcpy(param->u.crypt.seq, seq, seq_len); -+ param->u.crypt.key_len = key_len; -+ memcpy((u8 *) param->u.crypt.key, key, key_len); -+ -+ /* Dump key context */ -+ if(alg == WPA_ALG_TKIP) { -+ int ii; -+ -+ wpa_printf(MSG_DEBUG, "Key Context:"); -+ for(ii = 0; ii < key_len; ) { -+ printf("0x%02x ", key[ii]); -+ -+ if((++ii % 16) == 0) -+ printf("\n"); -+ } -+ -+ printf("\n"); -+ } -+ -+ if (zd1211_ioctl(zd1211_drv, param, blen, 1)) { -+ wpa_printf(MSG_WARNING, "Failed to set encryption."); -+ //show_set_key_error(param); -+ ret = -1; -+ } -+ free(buf); -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_set_wpa_ie(struct wpa_driver_zd1211_data *zd1211_drv, const u8 *wpa_ie, size_t wpa_ie_len) { -+ int res; -+ struct zd1211_wlan_param *param; -+ size_t blen = ZD_GENERIC_ELEMENT_HDR_LEN + wpa_ie_len; -+ -+ if (blen < sizeof(*param)) -+ blen = sizeof(*param); -+ -+ param = (struct zd1211_wlan_param *) malloc(blen); -+ if (param == NULL) -+ return -1; -+ -+ memset(param, 0, blen); -+ param->cmd = ZD_CMD_SET_GENERIC_ELEMENT; -+ param->u.generic_elem.len = wpa_ie_len; -+ memcpy(param->u.generic_elem.data, wpa_ie, wpa_ie_len); -+ res = zd1211_ioctl(zd1211_drv, param, blen, 1); -+ -+ free(param); -+ -+ return res; -+} -+ -+ -+static int wpa_driver_zd1211_set_wpa(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int ret = 0; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ if (!enabled && wpa_driver_zd1211_set_wpa_ie(zd1211_drv, NULL, 0) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_ROAMING, enabled, 1) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_PRIVACY, enabled, 1) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_WPA, enabled, 1) < 0) -+ ret = -1; -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_associate(void *priv, struct wpa_driver_associate_params *params) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int ret = 0; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ /* Because there might be the case, two or more APs with the same -+ * SSID, in order to identify them, we need to set the BSSID. */ -+ if (wpa_driver_zd1211_set_wpa_ie(zd1211_drv, params->wpa_ie, params->wpa_ie_len) < 0) -+ ret = -1; -+ if (wpa_driver_wext_set_ssid(zd1211_drv->wext, params->ssid, params->ssid_len) < 0) -+ ret = -1; -+ -+ // Mark for test -+ //if (wpa_driver_wext_set_bssid(ifname, bssid) < 0) -+ // ret = -1; -+ -+#if 0 -+ /* Allow unencrypted EAPOL messages even if pairwise keys are set when -+ * not using WPA. IEEE 802.1X specifies that these frames are not -+ * encrypted, but WPA encrypts them when pairwise keys are in use. */ -+ if (key_mgmt_suite == KEY_MGMT_802_1X || -+ key_mgmt_suite == KEY_MGMT_PSK) -+ allow_unencrypted_eapol = 0; -+ else -+ allow_unencrypted_eapol = 1; -+ -+ if (prism2param(ifname, PRISM2_PARAM_IEEE_802_1X, -+ allow_unencrypted_eapol) < 0) { -+ wpa_printf(MSG_DEBUG, "hostap: Failed to configure " -+ "ieee_802_1x param"); -+ /* Ignore this error.. driver_hostap.c can also be used with -+ * other drivers that do not support this prism2_param. */ -+ } -+#endif -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_deauthenticate(void *priv, const u8 *addr, int reason_code) { -+ struct zd1211_wlan_param *param; -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int blen; -+ int ret; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ blen = sizeof(*param); -+ param = (struct zd1211_wlan_param *) malloc(blen); -+ if (param == NULL) -+ return -1; -+ -+ memset(param, 0, blen); -+ param->cmd = ZD_CMD_SET_MLME; -+ param->u.mlme.cmd = MLME_STA_DEAUTH; -+ param->u.mlme.reason_code = reason_code; -+ memcpy(param->sta_addr, addr, ETH_ALEN); -+ ret = zd1211_ioctl(zd1211_drv, param, blen, 1); -+ usleep(100000); -+ free(param); -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_disassociate(void *priv, const u8 *addr, int reason_code) { -+ struct zd1211_wlan_param *param; -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int blen; -+ int ret; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ blen = sizeof(*param); -+ param = (struct zd1211_wlan_param *) malloc(blen); -+ if (param == NULL) -+ return -1; -+ -+ memset(param, 0, blen); -+ param->cmd = ZD_CMD_SET_MLME; -+ param->u.mlme.cmd = MLME_STA_DISASSOC; -+ param->u.mlme.reason_code = reason_code; -+ memcpy(param->sta_addr, addr, ETH_ALEN); -+ ret = zd1211_ioctl(zd1211_drv, param, blen, 1); -+ free(param); -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_scan(void *priv, const u8 *ssid, size_t ssid_len) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_scan(zd1211_drv->wext, ssid, ssid_len); -+} -+ -+ -+static void * wpa_driver_zd1211_init(void *ctx, const char *ifname) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = malloc(sizeof(*zd1211_drv)); -+ if (zd1211_drv == NULL) -+ return NULL; -+ memset(zd1211_drv, 0, sizeof(*zd1211_drv)); -+ -+ zd1211_drv->wext = wpa_driver_wext_init(ctx, ifname); -+ if (zd1211_drv->wext == NULL) -+ goto exit_no_wext; -+ -+ zd1211_drv->ctx = ctx; -+ strncpy(zd1211_drv->ifname, ifname, sizeof(zd1211_drv->ifname)); -+ -+ zd1211_drv->sock = socket(PF_INET, SOCK_DGRAM, 0); -+ if (zd1211_drv->sock < 0) -+ goto exit_no_socket; -+ -+ return zd1211_drv; -+ -+exit_no_socket: -+ wpa_driver_wext_deinit(zd1211_drv->wext); -+exit_no_wext: -+ free(zd1211_drv); -+ return NULL; -+} -+ -+ -+static void wpa_driver_zd1211_deinit(void *ctx) { -+ struct wpa_driver_zd1211_data *zd1211_drv = ctx; -+ -+ wpa_driver_wext_deinit(zd1211_drv->wext); -+ close(zd1211_drv->sock); -+ free(zd1211_drv); -+} -+ -+ -+struct wpa_driver_ops wpa_driver_zd1211_ops = { -+ .name = "zd1211", -+ .desc = "Zydas zd1211 drivers", -+ .init = wpa_driver_zd1211_init, -+ .deinit = wpa_driver_zd1211_deinit, -+ .associate = wpa_driver_zd1211_associate, -+ .deauthenticate = wpa_driver_zd1211_deauthenticate, -+ .disassociate = wpa_driver_zd1211_disassociate, -+ .get_bssid = wpa_driver_zd1211_get_bssid, -+ .get_scan_results = wpa_driver_zd1211_get_scan_results, -+ .get_ssid = wpa_driver_zd1211_get_ssid, -+// .get_capa = wpa_driver_zd1211_get_capa, -+ .scan = wpa_driver_zd1211_scan, -+ .set_auth_alg = wpa_driver_zd1211_set_auth_alg, -+ .set_countermeasures = wpa_driver_zd1211_set_countermeasures, -+ .set_drop_unencrypted = wpa_driver_zd1211_set_drop_unencrypted, -+ .set_key = wpa_driver_zd1211_set_key, -+ .set_wpa = wpa_driver_zd1211_set_wpa, -+}; -diff -Nur wpa_supplicant-0.4.7/Makefile wpa_supplicant-0.4.7.new/Makefile ---- wpa_supplicant-0.4.7/Makefile 2005-11-21 02:42:12.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/Makefile 2005-12-26 19:17:14.000000000 +0100 -@@ -107,6 +107,12 @@ - CONFIG_WIRELESS_EXTENSION=y - endif - -+ifdef CONFIG_DRIVER_ZD1211 -+CFLAGS += -DCONFIG_DRIVER_ZD1211 -+OBJS_d += driver_zd1211.o -+CONFIG_WIRELESS_EXTENSION=y -+endif -+ - ifdef CONFIG_DRIVER_BSD - CFLAGS += -DCONFIG_DRIVER_BSD - OBJS_d += driver_bsd.o -diff -Nur wpa_supplicant-0.4.7/zd1211_common.h wpa_supplicant-0.4.7.new/zd1211_common.h ---- wpa_supplicant-0.4.7/zd1211_common.h 1970-01-01 01:00:00.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/zd1211_common.h 2005-12-27 16:00:36.000000000 +0100 -@@ -0,0 +1,68 @@ -+#ifndef ZD1211_COMMON_H -+#define ZD1211_COMMON_H -+ -+ -+#define ZD_IOCTL_WPA (SIOCDEVPRIVATE + 1) -+#define ZD_IOCTL_PARAM (SIOCDEVPRIVATE + 2) -+ -+#define ZD_PARAM_ROAMING 0x0001 -+#define ZD_PARAM_PRIVACY 0x0002 -+#define ZD_PARAM_WPA 0x0003 -+#define ZD_PARAM_COUNTERMEASURES 0x0004 -+#define ZD_PARAM_DROPUNENCRYPTED 0x0005 -+#define ZD_PARAM_AUTH_ALGS 0x0006 -+ -+#define ZD_CMD_SET_ENCRYPT_KEY 0x0001 -+#define ZD_CMD_SET_MLME 0x0002 -+//#define ZD_CMD_SCAN_REQ 0x0003 -+#define ZD_CMD_SET_GENERIC_ELEMENT 0x0004 -+ -+#define ZD_FLAG_SET_TX_KEY 0x0001 -+ -+#define ZD_GENERIC_ELEMENT_HDR_LEN \ -+((int) (&((struct zd1211_wlan_param *) 0)->u.generic_elem.data)) -+ -+#define ZD_CRYPT_ALG_NAME_LEN 16 -+#define ZD_MAX_KEY_SIZE 32 -+#define ZD_MAX_GENERIC_SIZE 64 -+ -+/* structure definition */ -+ -+struct zd1211_wlan_param { -+ u32 cmd; -+ u8 sta_addr[ETH_ALEN]; -+ union { -+ struct { -+ u8 alg[ZD_CRYPT_ALG_NAME_LEN]; -+ u32 flags; -+ u32 err; -+ u8 idx; -+ u8 seq[8]; /* sequence counter (set: RX, get: TX) */ -+ u16 key_len; -+ u8 key[ZD_MAX_KEY_SIZE]; -+ } crypt; -+/* -+ struct { -+ u32 flags_and; -+ u32 flags_or; -+ } set_flags_sta; -+*/ -+ struct { -+ u8 len; -+ u8 data[ZD_MAX_GENERIC_SIZE]; -+ } generic_elem; -+ struct { -+#define MLME_STA_DEAUTH 0 -+#define MLME_STA_DISASSOC 1 -+ u16 cmd; -+ u16 reason_code; -+ } mlme; -+ struct { -+ u8 ssid_len; -+ u8 ssid[32]; -+ } scan_req; -+ } u; -+}; -+ -+ -+#endif diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff deleted file mode 100644 index 974eb39627..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff +++ /dev/null @@ -1,12 +0,0 @@ ---- driver_madwifi.c.orig 2005-03-18 15:12:53.392793216 +0100 -+++ driver_madwifi.c 2005-03-18 15:13:09.246383104 +0100 -@@ -25,7 +25,8 @@ - #include "eloop.h" - #include "wpa_supplicant.h" - --#include <include/compat.h> -+#include <net80211/compat.h> -+#include <net80211/_ieee80211.h> - #include <net80211/ieee80211.h> - #include <net80211/ieee80211_crypto.h> - #include <net80211/ieee80211_ioctl.h> diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf deleted file mode 100644 index da407b5ef3..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf +++ /dev/null @@ -1,502 +0,0 @@ -##### Example wpa_supplicant configuration file ############################### -# Empty lines and lines starting with # are ignored - -# NOTE! This file may contain password information and should probably be made -# readable only by root user on multiuser systems. - -# global configuration (shared by all network blocks) -# -# Interface for separate control program. If this is specified, wpa_supplicant -# will create this directory and a UNIX domain socket for listening to requests -# from external programs (CLI/GUI, etc.) for status information and -# configuration. The socket file will be named based on the interface name, so -# multiple wpa_supplicant processes can be run at the same time if more than -# one interface is used. -# /var/run/wpa_supplicant is the recommended directory for sockets and by -# default, wpa_cli will use it when trying to connect with wpa_supplicant. -ctrl_interface=/var/run/wpa_supplicant - -# Access control for the control interface can be configured by setting the -# directory to allow only members of a group to use sockets. This way, it is -# possible to run wpa_supplicant as root (since it needs to change network -# configuration and open raw sockets) and still allow GUI/CLI components to be -# run as non-root users. However, since the control interface can be used to -# change the network configuration, this access needs to be protected in many -# cases. By default, wpa_supplicant is configured to use gid 0 (root). If you -# want to allow non-root users to use the control interface, add a new group -# and change this value to match with that group. Add users that should have -# control interface access to this group. If this variable is commented out or -# not included in the configuration file, group will not be changed from the -# value it got by default when the directory or socket was created. -# -# This variable can be a group name or gid. -#ctrl_interface_group=wheel -ctrl_interface_group=0 - -# IEEE 802.1X/EAPOL version -# wpa_supplicant was implemented based on IEEE 802-1X-REV-d8 which defines -# EAPOL version 2. However, there are many APs that do not handle the new -# version number correctly (they seem to drop the frames completely). In order -# to make wpa_supplicant interoperate with these APs, the version number is set -# to 1 by default. This configuration value can be used to set it to the new -# version (2). -eapol_version=1 - -# AP scanning/selection -# By default, wpa_supplicant requests driver to perform AP scanning and then -# uses the scan results to select a suitable AP. Another alternative is to -# allow the driver to take care of AP scanning and selection and use -# wpa_supplicant just to process EAPOL frames based on IEEE 802.11 association -# information from the driver. -# 1: wpa_supplicant initiates scanning and AP selection -# 0: driver takes care of scanning, AP selection, and IEEE 802.11 association -# parameters (e.g., WPA IE generation); this mode can also be used with -# non-WPA drivers when using IEEE 802.1X mode; do not try to associate with -# APs (i.e., external program needs to control association) -# 2: like 0, but associate with APs using security policy and SSID (but not -# BSSID); this can be used, e.g., with ndiswrapper and NDIS driver to -# enable operation with hidden SSIDs and optimized roaming; in this mode, -# only the first network block in the configuration file is used and this -# configuration should have explicit security policy (i.e., only one option -# in the lists) for key_mgmt, pairwise, group, proto variables -ap_scan=1 - -# EAP fast re-authentication -# By default, fast re-authentication is enabled for all EAP methods that -# support it. This variable can be used to disable fast re-authentication. -# Normally, there is no need to disable this. -fast_reauth=1 - -# network block -# -# Each network (usually AP's sharing the same SSID) is configured as a separate -# block in this configuration file. The network blocks are in preference order -# (the first match is used). -# -# network block fields: -# -# ssid: SSID (mandatory); either as an ASCII string with double quotation or -# as hex string; network name -# -# scan_ssid: -# 0 = do not scan this SSID with specific Probe Request frames (default) -# 1 = scan with SSID-specific Probe Request frames (this can be used to -# find APs that do not accept broadcast SSID or use multiple SSIDs; -# this will add latency to scanning, so enable this only when needed) -# -# bssid: BSSID (optional); if set, this network block is used only when -# associating with the AP using the configured BSSID -# -# priority: priority group (integer) -# By default, all networks will get same priority group (0). If some of the -# networks are more desirable, this field can be used to change the order in -# which wpa_supplicant goes through the networks when selecting a BSS. The -# priority groups will be iterated in decreasing priority (i.e., the larger the -# priority value, the sooner the network is matched against the scan results). -# Within each priority group, networks will be selected based on security -# policy, signal strength, etc. -# Please note that AP scanning with scan_ssid=1 is not using this priority to -# select the order for scanning. Instead, it uses the order the networks are in -# the configuration file. -# -# mode: IEEE 802.11 operation mode -# 0 = infrastructure (Managed) mode, i.e., associate with an AP (default) -# 1 = IBSS (ad-hoc, peer-to-peer) -# Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP) -# and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). In addition, ap_scan has -# to be set to 2 for IBSS. WPA-None requires following network block options: -# proto=WPA, key_mgmt=WPA-NONE, pairwise=NONE, group=TKIP (or CCMP, but not -# both), and psk must also be set. -# -# proto: list of accepted protocols -# WPA = WPA/IEEE 802.11i/D3.0 -# RSN = WPA2/IEEE 802.11i (also WPA2 can be used as an alias for RSN) -# If not set, this defaults to: WPA RSN -# -# key_mgmt: list of accepted authenticated key management protocols -# WPA-PSK = WPA pre-shared key (this requires 'psk' field) -# WPA-EAP = WPA using EAP authentication (this can use an external -# program, e.g., Xsupplicant, for IEEE 802.1X EAP Authentication -# IEEE8021X = IEEE 802.1X using EAP authentication and (optionally) dynamically -# generated WEP keys -# NONE = WPA is not used; plaintext or static WEP could be used -# If not set, this defaults to: WPA-PSK WPA-EAP -# -# auth_alg: list of allowed IEEE 802.11 authentication algorithms -# OPEN = Open System authentication (required for WPA/WPA2) -# SHARED = Shared Key authentication (requires static WEP keys) -# LEAP = LEAP/Network EAP (only used with LEAP) -# If not set, automatic selection is used (Open System with LEAP enabled if -# LEAP is allowed as one of the EAP methods). -# -# pairwise: list of accepted pairwise (unicast) ciphers for WPA -# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] -# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] -# NONE = Use only Group Keys (deprecated, should not be included if APs support -# pairwise keys) -# If not set, this defaults to: CCMP TKIP -# -# group: list of accepted group (broadcast/multicast) ciphers for WPA -# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] -# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] -# WEP104 = WEP (Wired Equivalent Privacy) with 104-bit key -# WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key [IEEE 802.11] -# If not set, this defaults to: CCMP TKIP WEP104 WEP40 -# -# psk: WPA preshared key; 256-bit pre-shared key -# The key used in WPA-PSK mode can be entered either as 64 hex-digits, i.e., -# 32 bytes or as an ASCII passphrase (in which case, the real PSK will be -# generated using the passphrase and SSID). ASCII passphrase must be between -# 8 and 63 characters (inclusive). -# This field is not needed, if WPA-EAP is used. -# Note: Separate tool, wpa_passphrase, can be used to generate 256-bit keys -# from ASCII passphrase. This process uses lot of CPU and wpa_supplicant -# startup and reconfiguration time can be optimized by generating the PSK only -# only when the passphrase or SSID has actually changed. -# -# eapol_flags: IEEE 802.1X/EAPOL options (bit field) -# Dynamic WEP key require for non-WPA mode -# bit0 (1): require dynamically generated unicast WEP key -# bit1 (2): require dynamically generated broadcast WEP key -# (3 = require both keys; default) -# -# Following fields are only used with internal EAP implementation. -# eap: space-separated list of accepted EAP methods -# MD5 = EAP-MD5 (unsecure and does not generate keying material -> -# cannot be used with WPA; to be used as a Phase 2 method -# with EAP-PEAP or EAP-TTLS) -# MSCHAPV2 = EAP-MSCHAPv2 (cannot be used separately with WPA; to be used -# as a Phase 2 method with EAP-PEAP or EAP-TTLS) -# OTP = EAP-OTP (cannot be used separately with WPA; to be used -# as a Phase 2 method with EAP-PEAP or EAP-TTLS) -# GTC = EAP-GTC (cannot be used separately with WPA; to be used -# as a Phase 2 method with EAP-PEAP or EAP-TTLS) -# TLS = EAP-TLS (client and server certificate) -# PEAP = EAP-PEAP (with tunnelled EAP authentication) -# TTLS = EAP-TTLS (with tunnelled EAP or PAP/CHAP/MSCHAP/MSCHAPV2 -# authentication) -# If not set, all compiled in methods are allowed. -# -# identity: Identity string for EAP -# anonymous_identity: Anonymous identity string for EAP (to be used as the -# unencrypted identity with EAP types that support different tunnelled -# identity, e.g., EAP-TTLS) -# password: Password string for EAP -# ca_cert: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert is not included, server certificate -# will not be verified. This is insecure and the CA file should always be -# configured. -# client_cert: File path to client certificate file (PEM/DER) -# private_key: File path to client private key file (PEM/DER/PFX) -# When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be -# commented out. Both the private key and certificate will be read from -# the PKCS#12 file in this case. -# private_key_passwd: Password for private key file -# dh_file: File path to DH/DSA parameters file (in PEM format) -# This is an optional configuration file for setting parameters for an -# ephemeral DH key exchange. In most cases, the default RSA -# authentication does not use this configuration. However, it is possible -# setup RSA to use ephemeral DH key exchange. In addition, ciphers with -# DSA keys always use ephemeral DH keys. This can be used to achieve -# forward secrecy. If the file is in DSA parameters format, it will be -# automatically converted into DH params. -# subject_match: Substring to be matched against the subject of the -# authentication server certificate. If this string is set, the server -# sertificate is only accepted if it contains this string in the subject. -# The subject string is in following format: -# /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as@example.com -# phase1: Phase1 (outer authentication, i.e., TLS tunnel) parameters -# (string with field-value pairs, e.g., "peapver=0" or -# "peapver=1 peaplabel=1") -# 'peapver' can be used to force which PEAP version (0 or 1) is used. -# 'peaplabel=1' can be used to force new label, "client PEAP encryption", -# to be used during key derivation when PEAPv1 or newer. Most existing -# PEAPv1 implementation seem to be using the old label, "client EAP -# encryption", and wpa_supplicant is now using that as the default value. -# Some servers, e.g., Radiator, may require peaplabel=1 configuration to -# interoperate with PEAPv1; see eap_testing.txt for more details. -# 'peap_outer_success=0' can be used to terminate PEAP authentication on -# tunneled EAP-Success. This is required with some RADIUS servers that -# implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g., -# Lucent NavisRadius v4.4.0 with PEAP in "IETF Draft 5" mode) -# sim_min_num_chal=3 can be used to configure EAP-SIM to require three -# challenges (by default, it accepts 2 or 3) -# phase2: Phase2 (inner authentication with TLS tunnel) parameters -# (string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or -# "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS) -# Following certificate/private key fields are used in inner Phase2 -# authentication when using EAP-TTLS or EAP-PEAP. -# ca_cert2: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert2 is not included, server -# certificate will not be verified. This is insecure and the CA file -# should always be configured. -# client_cert2: File path to client certificate file -# private_key2: File path to client private key file -# private_key2_passwd: Password for private key file -# dh_file2: File path to DH/DSA parameters file (in PEM format) -# subject_match2: Substring to be matched against the subject of the -# authentication server certificate. -# -# EAP-PSK variables: -# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format -# nai: user NAI -# server_nai: authentication server NAI -# -# EAP-FAST variables: -# pac_file: File path for the PAC entries. wpa_supplicant will need to be able -# to create this file and write updates to it when PAC is being -# provisioned or refreshed. -# phase1: fast_provisioning=1 option enables in-line provisioning of EAP-FAST -# credentials (PAC) -# -# wpa_supplicant supports number of "EAP workarounds" to work around -# interoperability issues with incorrectly behaving authentication servers. -# These are enabled by default because some of the issues are present in large -# number of authentication servers. Strict EAP conformance mode can be -# configured by disabling workarounds with eap_workaround=0. - -# Example blocks: - -# Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers -network={ - ssid="simple" - psk="very secret passphrase" - priority=5 -} - -# Same as previous, but request SSID-specific scanning (for APs that reject -# broadcast SSID) -network={ - ssid="second ssid" - scan_ssid=1 - psk="very secret passphrase" - priority=2 -} - -# Only WPA-PSK is used. Any valid cipher combination is accepted. -network={ - ssid="example" - proto=WPA - key_mgmt=WPA-PSK - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb - priority=2 -} - -# Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used WEP104 -# or WEP40 as the group cipher will not be accepted. -network={ - ssid="example" - proto=RSN - key_mgmt=WPA-EAP - pairwise=CCMP TKIP - group=CCMP TKIP - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - priority=1 -} - -# EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new peaplabel -# (e.g., Radiator) -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=PEAP - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase1="peaplabel=1" - phase2="auth=MSCHAPV2" - priority=10 -} - -# EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for the -# unencrypted use. Real identity is sent only within an encrypted TLS tunnel. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - priority=2 -} - -# EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the unencrypted -# use. Real identity is sent only within an encrypted TLS tunnel. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - identity="user@example.com" - anonymous_identity="anonymous@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - phase2="auth=MSCHAPV2" -} - -# WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner -# authentication. -network={ - ssid="example" - key_mgmt=WPA-EAP - eap=TTLS - # Phase1 / outer authentication - anonymous_identity="anonymous@example.com" - ca_cert="/etc/cert/ca.pem" - # Phase 2 / inner authentication - phase2="autheap=TLS" - ca_cert2="/etc/cert/ca2.pem" - client_cert2="/etc/cer/user.pem" - private_key2="/etc/cer/user.prv" - private_key2_passwd="password" - priority=2 -} - -# Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as pairwise and -# group cipher. -network={ - ssid="example" - bssid=00:11:22:33:44:55 - proto=WPA RSN - key_mgmt=WPA-PSK WPA-EAP - pairwise=CCMP - group=CCMP - psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb -} - -# Special characters in SSID, so use hex string. Default to WPA-PSK, WPA-EAP -# and all valid ciphers. -network={ - ssid=00010203 - psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f -} - - -# EAP-SIM with a GSM SIM or USIM -network={ - ssid="eap-sim-test" - key_mgmt=WPA-EAP - eap=SIM - pin="1234" - pcsc="" -} - - -# EAP-PSK -network={ - ssid="eap-psk-test" - key_mgmt=WPA-EAP - eap=PSK - identity="eap_psk_user" - eappsk=06b4be19da289f475aa46a33cb793029 - nai="eap_psk_user@example.com" - server_nai="as@example.com" -} - - -# IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using -# EAP-TLS for authentication and key generation; require both unicast and -# broadcast WEP keys. -network={ - ssid="1x-test" - key_mgmt=IEEE8021X - eap=TLS - identity="user@example.com" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - eapol_flags=3 -} - - -# LEAP with dynamic WEP keys -network={ - ssid="leap-example" - key_mgmt=IEEE8021X - eap=LEAP - identity="user" - password="foobar" -} - -# EAP-FAST with WPA (WPA or WPA2) -network={ - ssid="eap-fast-test" - key_mgmt=WPA-EAP - eap=FAST - anonymous_identity="FAST-000102030405" - identity="username" - password="password" - phase1="fast_provisioning=1" - pac_file="/etc/wpa_supplicant.eap-fast-pac" -} - -# Plaintext connection (no WPA, no IEEE 802.1X) -network={ - ssid="plaintext-test" - key_mgmt=NONE -} - - -# Shared WEP key connection (no WPA, no IEEE 802.1X) -network={ - ssid="static-wep-test" - key_mgmt=NONE - wep_key0="abcde" - wep_key1=0102030405 - wep_key2="1234567890123" - wep_tx_keyidx=0 - priority=5 -} - - -# Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared Key -# IEEE 802.11 authentication -network={ - ssid="static-wep-test2" - key_mgmt=NONE - wep_key0="abcde" - wep_key1=0102030405 - wep_key2="1234567890123" - wep_tx_keyidx=0 - priority=5 - auth_alg=SHARED -} - - -# IBSS/ad-hoc network with WPA-None/TKIP. -network={ - ssid="test adhoc" - mode=1 - proto=WPA - key_mgmt=WPA-NONE - pairwise=NONE - group=TKIP - psk="secret passphrase" -} - - -# Catch all example that allows more or less all configuration modes -network={ - ssid="example" - scan_ssid=1 - key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE - pairwise=CCMP TKIP - group=CCMP TKIP WEP104 WEP40 - psk="very secret passphrase" - eap=TTLS PEAP TLS - identity="user@example.com" - password="foobar" - ca_cert="/etc/cert/ca.pem" - client_cert="/etc/cert/user.pem" - private_key="/etc/cert/user.prv" - private_key_passwd="password" - phase1="peaplabel=0" -} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.5.inc b/meta/packages/wpa-supplicant/wpa-supplicant-0.5.inc new file mode 100644 index 0000000000..6d5869ba46 --- /dev/null +++ b/meta/packages/wpa-supplicant/wpa-supplicant-0.5.inc @@ -0,0 +1,61 @@ +DESCRIPTION = "A Client for Wi-Fi Protected Access (WPA)." +SECTION = "network" +LICENSE = "GPL" +HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" +DEPENDS = "gnutls" + +SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ + file://defconfig-gnutls \ + file://init.sh \ + file://gnutlsfix.patch;patch=1 \ + file://defaults-sane \ + file://wpa-supplicant.sh \ + file://wpa_supplicant.conf \ + file://wpa_supplicant.conf-sane" + +S = "${WORKDIR}/wpa_supplicant-${PV}" + +PACKAGES_prepend = "wpa-supplicant-passphrase wpa-supplicant-cli " +FILES_wpa-supplicant-passphrase = "/usr/sbin/wpa_passphrase" +FILES_wpa-supplicant-cli = "/usr/sbin/wpa_cli" + +RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli" + +INITSCRIPT_NAME = "wpa" +INITSCRIPT_PARAMS = "defaults 10" +inherit update-rc.d + +do_configure () { + install -m 0755 ${WORKDIR}/defconfig-gnutls .config +} + +do_compile () { + make +} + +do_install () { + install -d ${D}${sbindir} + install -m 755 wpa_supplicant ${D}${sbindir} + install -m 755 wpa_passphrase ${D}${sbindir} + install -m 755 wpa_cli ${D}${sbindir} + + install -d ${D}${localstatedir}/run/wpa_supplicant + + install -d ${D}${docdir}/wpa_supplicant + install -m 644 README ${WORKDIR}/wpa_supplicant.conf ${D}${docdir}/wpa_supplicant + + install -d ${D}${sysconfdir}/init.d + install -m 700 ${WORKDIR}/init.sh ${D}${sysconfdir}/init.d/wpa + + install -d ${D}${sysconfdir}/default + install -m 600 ${WORKDIR}/defaults-sane ${D}${sysconfdir}/default/wpa + install -m 600 ${WORKDIR}/wpa_supplicant.conf-sane ${D}${sysconfdir}/wpa_supplicant.conf + + install -d ${D}${sysconfdir}/network/if-pre-up.d/ + install -d ${D}${sysconfdir}/network/if-post-down.d/ + install -d ${D}${sysconfdir}/network/if-down.d/ + install -m 644 ${WORKDIR}/wpa_supplicant.conf ${D}${sysconfdir} + install -m 755 ${WORKDIR}/wpa-supplicant.sh ${D}${sysconfdir}/network/if-pre-up.d/wpa-supplicant + cd ${D}${sysconfdir}/network/ && \ + ln -sf ../if-pre-up.d/wpa-supplicant if-post-down.d/wpa-supplicant +} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-nossl/wpa-defconfig b/meta/packages/wpa-supplicant/wpa-supplicant-nossl/wpa-defconfig deleted file mode 100644 index bf5d5e28e7..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-nossl/wpa-defconfig +++ /dev/null @@ -1,4 +0,0 @@ -CONFIG_DRIVER_WEXT=y -CONFIG_WIRELESS_EXTENSION=y -CONFIG_DRIVER_HOSTAP=y - diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-nossl_0.2.6.bb b/meta/packages/wpa-supplicant/wpa-supplicant-nossl_0.2.6.bb deleted file mode 100644 index fe1a30b58b..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-nossl_0.2.6.bb +++ /dev/null @@ -1,7 +0,0 @@ -DESCRIPTION = "User space helper for WPA and WPA2 client operations. \ -The Supplicant is used in WPA/WPA2 key handshakes to authenticate \ -with the AP and to generate dynamic encryption keys (TKIP or CCMP)." - -PR = "r3" - -require wpa-supplicant_${PV}.inc diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-ssl/wpa-defconfig b/meta/packages/wpa-supplicant/wpa-supplicant-ssl/wpa-defconfig deleted file mode 100644 index 2dac008aa5..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-ssl/wpa-defconfig +++ /dev/null @@ -1,15 +0,0 @@ -# CONFIG_DRIVER_HOSTAP is not set -CONFIG_DRIVER_WEXT=y -CONFIG_WIRELESS_EXTENSION=y -CONFIG_DRIVER_HOSTAP=y -CONFIG_IEEE8021X_EAPOL=y -CONFIG_EAP_MD5=y -CONFIG_MSCHAPV2=y -CONFIG_EAP_TLS=y -CONFIG_EAP_PEAP=y -CONFIG_EAP_TTLS=y -CONFIG_EAP_GTC=y -CONFIG_EAP_OTP=y -CONFIG_EAP_SIM=y -CONFIG_EAP_LEAP=y -#CONFIG_PCSC=y diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-ssl_0.2.6.bb b/meta/packages/wpa-supplicant/wpa-supplicant-ssl_0.2.6.bb deleted file mode 100644 index 34f370a10e..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-ssl_0.2.6.bb +++ /dev/null @@ -1,9 +0,0 @@ -DESCRIPTION = "User space helper for WPA and WPA2 client operations with SSL. \ -The Supplicant is used in WPA/WPA2 key handshakes to authenticate \ -with the AP and to generate dynamic encryption keys (TKIP or CCMP)." -DEPENDSS = "openssl" -PR = "r3" - -EXTRA_OEMAKE="LIBS='-L${STAGING_LIBDIR} -lssl -lcrypto' LIBS_p='-L${STAGING_LIBDIR} -lssl -lcrypto'" - -require wpa-supplicant_${PV}.inc diff --git a/meta/packages/wpa-supplicant/wpa-supplicant/gnutlsfix.patch b/meta/packages/wpa-supplicant/wpa-supplicant/gnutlsfix.patch new file mode 100644 index 0000000000..795306bb35 --- /dev/null +++ b/meta/packages/wpa-supplicant/wpa-supplicant/gnutlsfix.patch @@ -0,0 +1,19 @@ +Index: wpa_supplicant-0.5.5/tls_gnutls.c +=================================================================== +--- wpa_supplicant-0.5.5.orig/tls_gnutls.c 2006-06-25 03:05:07.000000000 +0200 ++++ wpa_supplicant-0.5.5/tls_gnutls.c 2006-10-29 15:12:21.000000000 +0100 +@@ -1029,8 +1029,13 @@ + const u8 *in_data, size_t in_len, + size_t *out_len) + { ++ u8 *appl_data; ++ size_t appl_data_len; ++ ++ appl_data = NULL; ++ + return tls_connection_handshake(ssl_ctx, conn, in_data, in_len, +- out_len); ++ out_len, appl_data, appl_data_len); + } + + diff --git a/meta/packages/wpa-supplicant/wpa-supplicant_0.2.6.inc b/meta/packages/wpa-supplicant/wpa-supplicant_0.2.6.inc deleted file mode 100644 index e75ce2e570..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant_0.2.6.inc +++ /dev/null @@ -1,33 +0,0 @@ -SECTION = "kernel/userland" -HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" -PRIORITY = "optional" -LICENSE = "GPL" - -SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ - file://wpa-defconfig \ - file://wpa_supplicant_default.conf" - -RREPLACES_${PN} = "hostap-${PN}" -RPROVIDES_${PN} = "hostap-${PN}" -RCONFLICTS_${PN} = "hostap-${PN}" - -S = "${WORKDIR}/wpa_supplicant-${PV}" - -do_compile() { - unset CFLAGS - base_do_compile -} - -do_configure() { - install -m 0644 ${WORKDIR}/wpa-defconfig .config -} - -do_install() { - install -d ${D}${sysconfdir} ${D}${bindir} - install -m 0644 wpa_supplicant.conf ${D}${sysconfdir}/wpa_supplicant.conf.sample - install -m 0644 ../wpa_supplicant_default.conf ${D}${sysconfdir}/wpa_supplicant.conf - install -m 0755 wpa_passphrase ${D}${bindir} - install -m 0755 wpa_cli ${D}${bindir} - install -m 0755 wpa_supplicant ${D}${bindir} -} - diff --git a/meta/packages/wpa-supplicant/wpa-supplicant_0.3.6.bb b/meta/packages/wpa-supplicant/wpa-supplicant_0.3.6.bb deleted file mode 100644 index 365bcb78cc..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant_0.3.6.bb +++ /dev/null @@ -1,33 +0,0 @@ -DESCRIPTION = "A Client for Wi-Fi Protected Access (WPA)." -SECTION = "network" -LICENSE = "GPL" -HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" -DEPENDS = "openssl" -PR = "r3" - -SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-0.3.6.tar.gz \ - file://defconfig \ - file://driver-hermes.patch;patch=1 \ - file://wpa_supplicant.conf" -S = "${WORKDIR}/wpa_supplicant-${PV}" - -do_configure () { - install -m 0755 ${WORKDIR}/defconfig .config -} - -do_compile () { - make -} - -do_install () { - install -d ${D}${sbindir} - install -m755 wpa_supplicant ${D}${sbindir} - install -m755 wpa_passphrase ${D}${sbindir} - install -m755 wpa_cli ${D}${sbindir} - - install -d ${D}${sysconfdir} - install -m644 ${WORKDIR}/wpa_supplicant.conf ${D}${sysconfdir} - - install -d ${D}${docdir}/wpa_supplicant - install -m644 README ${D}${docdir}/wpa_supplicant -} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant_0.3.8.bb b/meta/packages/wpa-supplicant/wpa-supplicant_0.3.8.bb deleted file mode 100644 index 04561b7276..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant_0.3.8.bb +++ /dev/null @@ -1,35 +0,0 @@ -DESCRIPTION = "A Client for Wi-Fi Protected Access (WPA)." -SECTION = "network" -LICENSE = "GPL" -HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" -DEPENDS = "openssl" -DEPENDS_mtx-1_append = "madwifi-modules" -PR = "r1" - -SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ - file://madwifi-bsd-fix.diff;patch=1;pnum=0 \ - file://defconfig \ - file://driver-hermes.patch;patch=1 \ - file://wpa_supplicant.conf" -S = "${WORKDIR}/wpa_supplicant-${PV}" - -do_configure () { - install -m 0755 ${WORKDIR}/defconfig .config -} - -do_compile () { - make -} - -do_install () { - install -d ${D}${sbindir} - install -m755 wpa_supplicant ${D}${sbindir} - install -m755 wpa_passphrase ${D}${sbindir} - install -m755 wpa_cli ${D}${sbindir} - - install -d ${D}${sysconfdir} - install -m644 ${WORKDIR}/wpa_supplicant.conf ${D}${sysconfdir} - - install -d ${D}${docdir}/wpa_supplicant - install -m644 README ${D}${docdir}/wpa_supplicant -} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant_0.4.7.bb b/meta/packages/wpa-supplicant/wpa-supplicant_0.4.7.bb deleted file mode 100644 index 6d8efbe14c..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant_0.4.7.bb +++ /dev/null @@ -1,37 +0,0 @@ -DESCRIPTION = "A Client for Wi-Fi Protected Access (WPA)." -SECTION = "network" -LICENSE = "GPL" -HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" -DEPENDS = "openssl" -DEPENDS_mtx-1_append = "madwifi-modules" -PR = "r1" - -SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ - file://madwifi-bsd-fix.diff;patch=1;pnum=0 \ - file://defconfig \ - file://driver-hermes.patch;patch=1 \ - file://driver-zd1211.patch;patch=1 \ - file://wpa_supplicant.conf" - -S = "${WORKDIR}/wpa_supplicant-${PV}" - -do_configure () { - install -m 0755 ${WORKDIR}/defconfig .config -} - -do_compile () { - make -} - -do_install () { - install -d ${D}${sbindir} - install -m755 wpa_supplicant ${D}${sbindir} - install -m755 wpa_passphrase ${D}${sbindir} - install -m755 wpa_cli ${D}${sbindir} - - install -d ${D}${sysconfdir} - install -m644 ${WORKDIR}/wpa_supplicant.conf ${D}${sysconfdir} - - install -d ${D}${docdir}/wpa_supplicant - install -m644 README ${D}${docdir}/wpa_supplicant -} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant_0.5.1.bb b/meta/packages/wpa-supplicant/wpa-supplicant_0.5.1.bb deleted file mode 100644 index 704efcac20..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant_0.5.1.bb +++ /dev/null @@ -1,56 +0,0 @@ -DESCRIPTION = "A Client for Wi-Fi Protected Access (WPA)." -SECTION = "network" -LICENSE = "GPL" -HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" -DEPENDS = "gnutls madwifi-ng" - -PR = "r4" -DEFAULT_PREFERENCE = "-1" - -SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ - file://defconfig-gnutls \ - file://init.sh \ - file://defaults-sane \ - file://wpa_supplicant.conf \ - file://wpa_supplicant.conf-sane" - -S = "${WORKDIR}/wpa_supplicant-${PV}" - -PACKAGES_prepend = "wpa-supplicant-passphrase wpa-supplicant-cli " -FILES_wpa-supplicant-passphrase = "/usr/sbin/wpa_passphrase" -FILES_wpa-supplicant-cli = "/usr/sbin/wpa_cli" - -RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli" - -INITSCRIPT_NAME = "wpa" -INITSCRIPT_PARAMS = "defaults 10" -inherit update-rc.d - -do_configure () { - install -m 0755 ${WORKDIR}/defconfig-gnutls .config - echo "CONFIG_DRIVER_MADWIFI=y" >> .config - echo "CFLAGS += -I${STAGING_INCDIR}/madwifi-ng" >> .config -} - -do_compile () { - make -} - -do_install () { - install -d ${D}${sbindir} - install -m755 wpa_supplicant ${D}${sbindir} - install -m755 wpa_passphrase ${D}${sbindir} - install -m755 wpa_cli ${D}${sbindir} - - install -d ${D}${localstatedir}/run/wpa_supplicant - - install -d ${D}${docdir}/wpa_supplicant - install -m644 README ${WORKDIR}/wpa_supplicant.conf ${D}${docdir}/wpa_supplicant - - install -d ${D}${sysconfdir}/init.d - install -m700 ${WORKDIR}/init.sh ${D}${sysconfdir}/init.d/wpa - - install -d ${D}${sysconfdir}/default - install -m600 ${WORKDIR}/defaults-sane ${D}${sysconfdir}/default/wpa - install -m600 ${WORKDIR}/wpa_supplicant.conf-sane ${D}${sysconfdir}/wpa_supplicant.conf -} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb b/meta/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb new file mode 100644 index 0000000000..6594bbfdbe --- /dev/null +++ b/meta/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb @@ -0,0 +1 @@ +require wpa-supplicant-0.5.inc diff --git a/meta/packages/wpa-supplicant/wpa-supplicant_cvs.bb b/meta/packages/wpa-supplicant/wpa-supplicant_cvs.bb deleted file mode 100644 index db1395d76b..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant_cvs.bb +++ /dev/null @@ -1,58 +0,0 @@ -DESCRIPTION = "Client for Wi-Fi Protected Access (WPA)." -SECTION = "network" -LICENSE = "GPL" -HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" -DEPENDS = "openssl" -PV = "0.0+cvs${SRCDATE}" -PR = "r2" - -SRC_URI = "cvs://anonymous@hostap.epitest.fi/cvs;module=hostap \ - file://use-channel.patch;patch=1 \ - file://driver-hermes.patch;patch=1 \ - file://defconfig \ - file://defaults \ - file://init.sh \ - file://wpa_supplicant.conf" -S = "${WORKDIR}/hostap/wpa_supplicant" - - -PACKAGES_prepend = "wpa-supplicant-passphrase wpa-supplicant-cli " -FILES_wpa-supplicant-passphrase = "/usr/sbin/wpa_passphrase" -FILES_wpa-supplicant-cli = "/usr/sbin/wpa_cli" - -RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli" - - -INITSCRIPT_NAME = "wpa" -INITSCRIPT_PARAMS = "defaults 10" -inherit update-rc.d - - -do_configure () { - install -m 0755 ${WORKDIR}/defconfig .config -} - - -do_compile () { - make -} - - -do_install () { - set -x - install -d ${D}${sbindir} - install -m755 wpa_supplicant ${D}${sbindir} - install -m755 wpa_passphrase ${D}${sbindir} - install -m755 wpa_cli ${D}${sbindir} - - install -d ${D}${localstatedir}/run/wpa_supplicant - - install -d ${D}${docdir}/wpa_supplicant - install -m644 README ${WORKDIR}/wpa_supplicant.conf ${D}${docdir}/wpa_supplicant - - install -d ${D}${sysconfdir}/init.d - install -m700 ${WORKDIR}/init.sh ${D}${sysconfdir}/init.d/wpa - - install -d ${D}${sysconfdir}/default - install -m600 ${WORKDIR}/defaults ${D}${sysconfdir}/default/wpa -} |