From 39ca55c42b0896751d21ca65a90eb54e364df90e Mon Sep 17 00:00:00 2001 From: Marcin Juszkiewicz Date: Wed, 25 Apr 2007 10:56:54 +0000 Subject: wpa-supplicant: drop old versions, use 0.5.7 (latest stable) as default git-svn-id: https://svn.o-hand.com/repos/poky/trunk@1551 311d38ba-8fff-0310-9ca6-ca027cbcb966 --- .../wpa-supplicant/files/wpa-supplicant.sh | 85 ++ .../wpa-supplicant/files/wpa_supplicant.conf | 320 ++++++-- .../wpa-supplicant/wpa-supplicant-0.4.7/defconfig | 160 ---- .../wpa-supplicant-0.4.7/driver-hermes.patch | 884 --------------------- .../wpa-supplicant-0.4.7/driver-zd1211.patch | 535 ------------- .../wpa-supplicant-0.4.7/madwifi-bsd-fix.diff | 12 - .../wpa-supplicant-0.4.7/wpa_supplicant.conf | 502 ------------ .../packages/wpa-supplicant/wpa-supplicant-0.5.inc | 61 ++ .../wpa-supplicant-nossl/wpa-defconfig | 4 - .../wpa-supplicant/wpa-supplicant-nossl_0.2.6.bb | 7 - .../wpa-supplicant-ssl/wpa-defconfig | 15 - .../wpa-supplicant/wpa-supplicant-ssl_0.2.6.bb | 9 - .../wpa-supplicant/wpa-supplicant/gnutlsfix.patch | 19 + .../wpa-supplicant/wpa-supplicant_0.2.6.inc | 33 - .../wpa-supplicant/wpa-supplicant_0.3.6.bb | 33 - .../wpa-supplicant/wpa-supplicant_0.3.8.bb | 35 - .../wpa-supplicant/wpa-supplicant_0.4.7.bb | 37 - .../wpa-supplicant/wpa-supplicant_0.5.1.bb | 56 -- .../wpa-supplicant/wpa-supplicant_0.5.7.bb | 1 + meta/packages/wpa-supplicant/wpa-supplicant_cvs.bb | 58 -- 20 files changed, 420 insertions(+), 2446 deletions(-) create mode 100644 meta/packages/wpa-supplicant/files/wpa-supplicant.sh delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/madwifi-bsd-fix.diff delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/wpa_supplicant.conf create mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-0.5.inc delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-nossl/wpa-defconfig delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-nossl_0.2.6.bb delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-ssl/wpa-defconfig delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant-ssl_0.2.6.bb create mode 100644 meta/packages/wpa-supplicant/wpa-supplicant/gnutlsfix.patch delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant_0.2.6.inc delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant_0.3.6.bb delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant_0.3.8.bb delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant_0.4.7.bb delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant_0.5.1.bb create mode 100644 meta/packages/wpa-supplicant/wpa-supplicant_0.5.7.bb delete mode 100644 meta/packages/wpa-supplicant/wpa-supplicant_cvs.bb diff --git a/meta/packages/wpa-supplicant/files/wpa-supplicant.sh b/meta/packages/wpa-supplicant/files/wpa-supplicant.sh new file mode 100644 index 0000000000..5c9e5d33a7 --- /dev/null +++ b/meta/packages/wpa-supplicant/files/wpa-supplicant.sh @@ -0,0 +1,85 @@ +#!/bin/sh + + +WPA_SUP_BIN="/usr/sbin/wpa_supplicant" +WPA_SUP_PNAME="wpa_supplicant" +WPA_SUP_PIDFILE="/var/run/wpa_supplicant.$IFACE.pid" +WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $IFACE" + +VERBOSITY=0 + + +if [ -s "$IF_WPA_CONF" ]; then + WPA_SUP_CONF="-c $IF_WPA_CONF" +else + exit 0 +fi + +if [ ! -x "$WPA_SUP_BIN" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: binaries not executable or missing from $WPA_SUP_BIN" + fi + + exit 1 +fi + +if [ "$MODE" = "start" ] ; then + # driver type of interface, defaults to wext when undefined + if [ -s "/etc/wpa_supplicant/driver.$IFACE" ]; then + IF_WPA_DRIVER=$(cat "/etc/wpa_supplicant/driver.$IFACE") + elif [ -z "$IF_WPA_DRIVER" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: wpa-driver not provided, using \"wext\"" + fi + + IF_WPA_DRIVER="wext" + fi + + # if we have passed the criteria, start wpa_supplicant + if [ -n "$WPA_SUP_CONF" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: $WPA_SUP_BIN $WPA_SUP_OPTIONS $WPA_SUP_CONF -D $IF_WPA_DRIVER" + fi + + start-stop-daemon --start --quiet \ + --name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE \ + -- $WPA_SUP_OPTIONS $WPA_SUP_CONF -D $IF_WPA_DRIVER + fi + + # if the interface socket exists, then wpa_supplicant was invoked successfully + if [ -S "$WPA_COMMON_CTRL_IFACE/$IFACE" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: ctrl_interface socket located at $WPA_COMMON_CTRL_IFACE/$IFACE" + fi + + exit 0 + + fi + +elif [ "$MODE" = "stop" ]; then + + if [ -f "$WPA_SUP_PIDFILE" ]; then + + if [ "$VERBOSITY" = "1" ]; then + echo "$WPA_SUP_PNAME: terminating $WPA_SUP_PNAME daemon" + fi + + start-stop-daemon --stop --quiet \ + --name $WPA_SUP_PNAME --pidfile $WPA_SUP_PIDFILE + + if [ -S "$WPA_COMMON_CTRL_IFACE/$IFACE" ]; then + rm -f $WPA_COMMON_CTRL_IFACE/$IFACE + fi + + if [ -f "$WPA_SUP_PIDFILE" ]; then + rm -f $WPA_SUP_PIDFILE + fi + fi + +fi + +exit 0 diff --git a/meta/packages/wpa-supplicant/files/wpa_supplicant.conf b/meta/packages/wpa-supplicant/files/wpa_supplicant.conf index da407b5ef3..f0c993d195 100644 --- a/meta/packages/wpa-supplicant/files/wpa_supplicant.conf +++ b/meta/packages/wpa-supplicant/files/wpa_supplicant.conf @@ -1,21 +1,46 @@ ##### Example wpa_supplicant configuration file ############################### +# +# This file describes configuration file format and lists all available option. +# Please also take a look at simpler configuration examples in 'examples' +# subdirectory. +# # Empty lines and lines starting with # are ignored # NOTE! This file may contain password information and should probably be made # readable only by root user on multiuser systems. +# Note: All file paths in this configuration file should use full (absolute, +# not relative to working directory) path in order to allow working directory +# to be changed. This can happen if wpa_supplicant is run in the background. + +# Whether to allow wpa_supplicant to update (overwrite) configuration +# +# This option can be used to allow wpa_supplicant to overwrite configuration +# file whenever configuration is changed (e.g., new network block is added with +# wpa_cli or wpa_gui, or a password is changed). This is required for +# wpa_cli/wpa_gui to be able to store the configuration changes permanently. +# Please note that overwriting configuration file will remove the comments from +# it. +#update_config=1 + # global configuration (shared by all network blocks) # -# Interface for separate control program. If this is specified, wpa_supplicant -# will create this directory and a UNIX domain socket for listening to requests -# from external programs (CLI/GUI, etc.) for status information and -# configuration. The socket file will be named based on the interface name, so -# multiple wpa_supplicant processes can be run at the same time if more than -# one interface is used. +# Parameters for the control interface. If this is specified, wpa_supplicant +# will open a control interface that is available for external programs to +# manage wpa_supplicant. The meaning of this string depends on which control +# interface mechanism is used. For all cases, the existance of this parameter +# in configuration is used to determine whether the control interface is +# enabled. +# +# For UNIX domain sockets (default on Linux and BSD): This is a directory that +# will be created for UNIX domain sockets for listening to requests from +# external programs (CLI/GUI, etc.) for status information and configuration. +# The socket file will be named based on the interface name, so multiple +# wpa_supplicant processes can be run at the same time if more than one +# interface is used. # /var/run/wpa_supplicant is the recommended directory for sockets and by # default, wpa_cli will use it when trying to connect with wpa_supplicant. -ctrl_interface=/var/run/wpa_supplicant - +# # Access control for the control interface can be configured by setting the # directory to allow only members of a group to use sockets. This way, it is # possible to run wpa_supplicant as root (since it needs to change network @@ -29,12 +54,28 @@ ctrl_interface=/var/run/wpa_supplicant # not included in the configuration file, group will not be changed from the # value it got by default when the directory or socket was created. # -# This variable can be a group name or gid. -#ctrl_interface_group=wheel -ctrl_interface_group=0 +# When configuring both the directory and group, use following format: +# DIR=/var/run/wpa_supplicant GROUP=wheel +# DIR=/var/run/wpa_supplicant GROUP=0 +# (group can be either group name or gid) +# +# For UDP connections (default on Windows): The value will be ignored. This +# variable is just used to select that the control interface is to be created. +# The value can be set to, e.g., udp (ctrl_interface=udp) +# +# For Windows Named Pipe: This value can be used to set the security descriptor +# for controlling access to the control interface. Security descriptor can be +# set using Security Descriptor String Format (see http://msdn.microsoft.com/ +# library/default.asp?url=/library/en-us/secauthz/security/ +# security_descriptor_string_format.asp). The descriptor string needs to be +# prefixed with SDDL=. For example, ctrl_interface=SDDL=D: would set an empty +# DACL (which will reject all connections). See README-Windows.txt for more +# information about SDDL string format. +# +ctrl_interface=/var/run/wpa_supplicant # IEEE 802.1X/EAPOL version -# wpa_supplicant was implemented based on IEEE 802-1X-REV-d8 which defines +# wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which defines # EAPOL version 2. However, there are many APs that do not handle the new # version number correctly (they seem to drop the frames completely). In order # to make wpa_supplicant interoperate with these APs, the version number is set @@ -52,13 +93,15 @@ eapol_version=1 # 0: driver takes care of scanning, AP selection, and IEEE 802.11 association # parameters (e.g., WPA IE generation); this mode can also be used with # non-WPA drivers when using IEEE 802.1X mode; do not try to associate with -# APs (i.e., external program needs to control association) +# APs (i.e., external program needs to control association). This mode must +# also be used when using wired Ethernet drivers. # 2: like 0, but associate with APs using security policy and SSID (but not -# BSSID); this can be used, e.g., with ndiswrapper and NDIS driver to +# BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to # enable operation with hidden SSIDs and optimized roaming; in this mode, -# only the first network block in the configuration file is used and this -# configuration should have explicit security policy (i.e., only one option -# in the lists) for key_mgmt, pairwise, group, proto variables +# the network blocks in the configuration file are tried one by one until +# the driver reports successful association; each network block should have +# explicit security policy (i.e., only one option in the lists) for +# key_mgmt, pairwise, group, proto variables ap_scan=1 # EAP fast re-authentication @@ -67,6 +110,38 @@ ap_scan=1 # Normally, there is no need to disable this. fast_reauth=1 +# OpenSSL Engine support +# These options can be used to load OpenSSL engines. +# The two engines that are supported currently are shown below: +# They are both from the opensc project (http://www.opensc.org/) +# By default no engines are loaded. +# make the opensc engine available +#opensc_engine_path=/usr/lib/opensc/engine_opensc.so +# make the pkcs11 engine available +#pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so +# configure the path to the pkcs11 module required by the pkcs11 engine +#pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so + +# Dynamic EAP methods +# If EAP methods were built dynamically as shared object files, they need to be +# loaded here before being used in the network blocks. By default, EAP methods +# are included statically in the build, so these lines are not needed +#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_tls.so +#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_md5.so + +# Driver interface parameters +# This field can be used to configure arbitrary driver interace parameters. The +# format is specific to the selected driver interface. This field is not used +# in most cases. +#driver_param="field=value" + +# Maximum lifetime for PMKSA in seconds; default 43200 +#dot11RSNAConfigPMKLifetime=43200 +# Threshold for reauthentication (percentage of PMK lifetime); default 70 +#dot11RSNAConfigPMKReauthThreshold=70 +# Timeout for security association negotiation in seconds; default 60 +#dot11RSNAConfigSATimeout=60 + # network block # # Each network (usually AP's sharing the same SSID) is configured as a separate @@ -75,6 +150,15 @@ fast_reauth=1 # # network block fields: # +# disabled: +# 0 = this network can be used (default) +# 1 = this network block is disabled (can be enabled through ctrl_iface, +# e.g., with wpa_cli or wpa_gui) +# +# id_str: Network identifier string for external scripts. This value is passed +# to external action script through wpa_cli as WPA_ID_STR environment +# variable to make it easier to do network specific configuration. +# # ssid: SSID (mandatory); either as an ASCII string with double quotation or # as hex string; network name # @@ -95,9 +179,9 @@ fast_reauth=1 # priority value, the sooner the network is matched against the scan results). # Within each priority group, networks will be selected based on security # policy, signal strength, etc. -# Please note that AP scanning with scan_ssid=1 is not using this priority to -# select the order for scanning. Instead, it uses the order the networks are in -# the configuration file. +# Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode are not +# using this priority to select the order for scanning. Instead, they try the +# networks in the order that used in the configuration file. # # mode: IEEE 802.11 operation mode # 0 = infrastructure (Managed) mode, i.e., associate with an AP (default) @@ -155,10 +239,27 @@ fast_reauth=1 # only when the passphrase or SSID has actually changed. # # eapol_flags: IEEE 802.1X/EAPOL options (bit field) -# Dynamic WEP key require for non-WPA mode +# Dynamic WEP key required for non-WPA mode # bit0 (1): require dynamically generated unicast WEP key # bit1 (2): require dynamically generated broadcast WEP key # (3 = require both keys; default) +# Note: When using wired authentication, eapol_flags must be set to 0 for the +# authentication to be completed successfully. +# +# proactive_key_caching: +# Enable/disable opportunistic PMKSA caching for WPA2. +# 0 = disabled (default) +# 1 = enabled +# +# wep_key0..3: Static WEP key (ASCII in double quotation, e.g. "abcde" or +# hex without quotation, e.g., 0102030405) +# wep_tx_keyidx: Default WEP key index (TX) (0..3) +# +# peerkey: Whether PeerKey negotiation for direct links (IEEE 802.11e DLS) is +# allowed. This is only used with RSN/WPA2. +# 0 = disabled (default) +# 1 = enabled +#peerkey=1 # # Following fields are only used with internal EAP implementation. # eap: space-separated list of accepted EAP methods @@ -182,16 +283,46 @@ fast_reauth=1 # unencrypted identity with EAP types that support different tunnelled # identity, e.g., EAP-TTLS) # password: Password string for EAP -# ca_cert: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert is not included, server certificate -# will not be verified. This is insecure and the CA file should always be -# configured. +# ca_cert: File path to CA certificate file (PEM/DER). This file can have one +# or more trusted CA certificates. If ca_cert and ca_path are not +# included, server certificate will not be verified. This is insecure and +# a trusted CA certificate should always be configured when using +# EAP-TLS/TTLS/PEAP. Full path should be used since working directory may +# change when wpa_supplicant is run in the background. +# On Windows, trusted CA certificates can be loaded from the system +# certificate store by setting this to cert_store://, e.g., +# ca_cert="cert_store://CA" or ca_cert="cert_store://ROOT". +# Note that when running wpa_supplicant as an application, the user +# certificate store (My user account) is used, whereas computer store +# (Computer account) is used when running wpasvc as a service. +# ca_path: Directory path for CA certificate files (PEM). This path may +# contain multiple CA certificates in OpenSSL format. Common use for this +# is to point to system trusted CA list which is often installed into +# directory like /etc/ssl/certs. If configured, these certificates are +# added to the list of trusted CAs. ca_cert may also be included in that +# case, but it is not required. # client_cert: File path to client certificate file (PEM/DER) +# Full path should be used since working directory may change when +# wpa_supplicant is run in the background. +# Alternatively, a named configuration blob can be used by setting this +# to blob://. # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read from -# the PKCS#12 file in this case. -# private_key_passwd: Password for private key file +# the PKCS#12 file in this case. Full path should be used since working +# directory may change when wpa_supplicant is run in the background. +# Windows certificate store can be used by leaving client_cert out and +# configuring private_key in one of the following formats: +# cert://substring_to_match +# hash://certificate_thumbprint_in_hex +# for example: private_key="hash://63093aa9c47f56ae88334c7b65a4" +# Note that when running wpa_supplicant as an application, the user +# certificate store (My user account) is used, whereas computer store +# (Computer account) is used when running wpasvc as a service. +# Alternatively, a named configuration blob can be used by setting this +# to blob://. +# private_key_passwd: Password for private key file (if left out, this will be +# asked through control interface) # dh_file: File path to DH/DSA parameters file (in PEM format) # This is an optional configuration file for setting parameters for an # ephemeral DH key exchange. In most cases, the default RSA @@ -205,6 +336,14 @@ fast_reauth=1 # sertificate is only accepted if it contains this string in the subject. # The subject string is in following format: # /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as@example.com +# altsubject_match: Semicolon separated string of entries to be matched against +# the alternative subject name of the authentication server certificate. +# If this string is set, the server sertificate is only accepted if it +# contains one of the entries in an alternative subject name extension. +# altSubjectName string is in following format: TYPE:VALUE +# Example: EMAIL:server@example.com +# Example: DNS:server.example.com;DNS:server2.example.com +# Following types are supported: EMAIL, DNS, URI # phase1: Phase1 (outer authentication, i.e., TLS tunnel) parameters # (string with field-value pairs, e.g., "peapver=0" or # "peapver=1 peaplabel=1") @@ -219,6 +358,9 @@ fast_reauth=1 # tunneled EAP-Success. This is required with some RADIUS servers that # implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g., # Lucent NavisRadius v4.4.0 with PEAP in "IETF Draft 5" mode) +# include_tls_length=1 can be used to force wpa_supplicant to include +# TLS Message Length field in all TLS messages even if they are not +# fragmented. # sim_min_num_chal=3 can be used to configure EAP-SIM to require three # challenges (by default, it accepts 2 or 3) # phase2: Phase2 (inner authentication with TLS tunnel) parameters @@ -227,25 +369,49 @@ fast_reauth=1 # Following certificate/private key fields are used in inner Phase2 # authentication when using EAP-TTLS or EAP-PEAP. # ca_cert2: File path to CA certificate file. This file can have one or more -# trusted CA certificates. If ca_cert2 is not included, server -# certificate will not be verified. This is insecure and the CA file -# should always be configured. +# trusted CA certificates. If ca_cert2 and ca_path2 are not included, +# server certificate will not be verified. This is insecure and a trusted +# CA certificate should always be configured. +# ca_path2: Directory path for CA certificate files (PEM) # client_cert2: File path to client certificate file # private_key2: File path to client private key file # private_key2_passwd: Password for private key file # dh_file2: File path to DH/DSA parameters file (in PEM format) # subject_match2: Substring to be matched against the subject of the # authentication server certificate. +# altsubject_match2: Substring to be matched against the alternative subject +# name of the authentication server certificate. +# +# fragment_size: Maximum EAP fragment size in bytes (default 1398). +# This value limits the fragment size for EAP methods that support +# fragmentation (e.g., EAP-TLS and EAP-PEAP). This value should be set +# small enough to make the EAP messages fit in MTU of the network +# interface used for EAPOL. The default value is suitable for most +# cases. # # EAP-PSK variables: # eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format # nai: user NAI -# server_nai: authentication server NAI +# +# EAP-PAX variables: +# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex format +# +# EAP-SAKE variables: +# eappsk: 32-byte (256-bit, 64 hex digits) pre-shared key in hex format +# (this is concatenation of Root-Secret-A and Root-Secret-B) +# nai: user NAI (PEERID) +# +# EAP-GPSK variables: +# eappsk: Pre-shared key in hex format (at least 128 bits, i.e., 32 hex digits) +# nai: user NAI (ID_Client) # # EAP-FAST variables: # pac_file: File path for the PAC entries. wpa_supplicant will need to be able # to create this file and write updates to it when PAC is being -# provisioned or refreshed. +# provisioned or refreshed. Full path to the file should be used since +# working directory may change when wpa_supplicant is run in the +# background. Alternatively, a named configuration blob can be used by +# setting this to blob:// # phase1: fast_provisioning=1 option enables in-line provisioning of EAP-FAST # credentials (PAC) # @@ -379,28 +545,6 @@ network={ } -# EAP-SIM with a GSM SIM or USIM -network={ - ssid="eap-sim-test" - key_mgmt=WPA-EAP - eap=SIM - pin="1234" - pcsc="" -} - - -# EAP-PSK -network={ - ssid="eap-psk-test" - key_mgmt=WPA-EAP - eap=PSK - identity="eap_psk_user" - eappsk=06b4be19da289f475aa46a33cb793029 - nai="eap_psk_user@example.com" - server_nai="as@example.com" -} - - # IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using # EAP-TLS for authentication and key generation; require both unicast and # broadcast WEP keys. @@ -426,18 +570,6 @@ network={ password="foobar" } -# EAP-FAST with WPA (WPA or WPA2) -network={ - ssid="eap-fast-test" - key_mgmt=WPA-EAP - eap=FAST - anonymous_identity="FAST-000102030405" - identity="username" - password="password" - phase1="fast_provisioning=1" - pac_file="/etc/wpa_supplicant.eap-fast-pac" -} - # Plaintext connection (no WPA, no IEEE 802.1X) network={ ssid="plaintext-test" @@ -500,3 +632,59 @@ network={ private_key_passwd="password" phase1="peaplabel=0" } + +# Example of EAP-TLS with smartcard (openssl engine) +network={ + ssid="example" + key_mgmt=WPA-EAP + eap=TLS + proto=RSN + pairwise=CCMP TKIP + group=CCMP TKIP + identity="user@example.com" + ca_cert="/etc/cert/ca.pem" + client_cert="/etc/cert/user.pem" + + engine=1 + + # The engine configured here must be available. Look at + # OpenSSL engine support in the global section. + # The key available through the engine must be the private key + # matching the client certificate configured above. + + # use the opensc engine + #engine_id="opensc" + #key_id="45" + + # use the pkcs11 engine + engine_id="pkcs11" + key_id="id_45" + + # Optional PIN configuration; this can be left out and PIN will be + # asked through the control interface + pin="1234" +} + +# Example configuration showing how to use an inlined blob as a CA certificate +# data instead of using external file +network={ + ssid="example" + key_mgmt=WPA-EAP + eap=TTLS + identity="user@example.com" + anonymous_identity="anonymous@example.com" + password="foobar" + ca_cert="blob://exampleblob" + priority=20 +} + +blob-base64-exampleblob={ +SGVsbG8gV29ybGQhCg== +} + + +# Wildcard match for SSID (plaintext APs only). This example select any +# open AP regardless of its SSID. +network={ + key_mgmt=NONE +} diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig deleted file mode 100644 index 0e45d01b88..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/defconfig +++ /dev/null @@ -1,160 +0,0 @@ -# This file lists the configuration options that are used when building the -# hostapd binary. All lines starting with # are ignored. Configuration option -# lines must be commented out complete, if they are not to be included, i.e., -# just setting VARIABLE=n is not disabling that variable. -# -# This file is included in Makefile, so variables like CFLAGS and LIBS can also -# be modified from here. In most cass, these lines should use += in order not -# to override previous values of the variables. - -CFLAGS = $(TARGET_CFLAGS) -I../hostapd -I../utils -I../driver/modules -Wall -MMD - -# for wpa_supplicant, wpa_cli -LIBS = $(TARGET_LDFLAGS) - -# for wpa_passphrase: -LIBS_p = $(TARGET_LDFLAGS) - - -# Uncomment following two lines and fix the paths if you have installed openssl -# in non-default location -#CFLAGS += -I/usr/local/openssl/include -#LIBS += -L/usr/local/openssl/lib - -# Example configuration for various cross-compilation platforms - -#### sveasoft (e.g., for Linksys WRT54G) ###################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS += -I../src/include -I../../src/router/openssl/include -#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl -############################################################################### - -#### openwrt (e.g., for Linksys WRT54G) ####################################### -#CC=mipsel-uclibc-gcc -#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc -#CFLAGS += -Os -#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ -# -I../WRT54GS/release/src/include -#LIBS = -lssl -############################################################################### - - -# Driver interface for Host AP driver -#CONFIG_DRIVER_HOSTAP=y - -# Driver interface for Agere driver -#CONFIG_DRIVER_HERMES=y - -# Driver interface for madwifi driver -#CONFIG_DRIVER_MADWIFI=y -# Change include directories to match with the local setup -#CFLAGS += -I../madwifi/wpa - -# Driver interface for Prism54 driver -#CONFIG_DRIVER_PRISM54=y - -# Driver interface for ndiswrapper -#CONFIG_DRIVER_NDISWRAPPER=y - -# Driver interface for Atmel driver -#CONFIG_DRIVER_ATMEL=y - -# Driver interface for Broadcom driver -#CONFIG_DRIVER_BROADCOM=y -# Example path for wlioctl.h; change to match your configuration -#CFLAGS += -I/opt/WRT54GS/release/src/include - -# Driver interface for Intel ipw2100 driver -#CONFIG_DRIVER_IPW2100=y - -# Driver interface for the Zydas zd1211 driver -CONFIG_DRIVER_ZD1211=y - -# Driver interface for generic Linux wireless extensions -CONFIG_DRIVER_WEXT=y - -# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) -#CONFIG_DRIVER_BSD=y -#CFLAGS += -I/usr/local/include -#LIBS += -L/usr/local/lib - -# Driver interface for Windows NDIS -#CONFIG_DRIVER_NDIS=y -#CFLAGS += -I/usr/include/w32api/ddk -#LIBS += -L/usr/local/lib -# For native build using mingw -#CONFIG_NATIVE_WINDOWS=y -# Additional directories for cross-compilation on Linux host for mingw target -#CFLAGS += -I/opt/mingw/mingw32/include/ddk -#LIBS += -L/opt/mingw/mingw32/lib -#CC=mingw32-gcc - -# Driver interface for development testing -#CONFIG_DRIVER_TEST=y - -# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is -# included) -CONFIG_IEEE8021X_EAPOL=y - -# EAP-MD5 (automatically included if EAP-TTLS is enabled) -CONFIG_EAP_MD5=y - -# EAP-MSCHAPv2 (automatically included if EAP-PEAP is enabled) -CONFIG_EAP_MSCHAPV2=y - -# EAP-TLS -CONFIG_EAP_TLS=y - -# EAL-PEAP -CONFIG_EAP_PEAP=y - -# EAP-TTLS -CONFIG_EAP_TTLS=y - -# EAP-GTC -CONFIG_EAP_GTC=y - -# EAP-OTP -CONFIG_EAP_OTP=y - -# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) -#CONFIG_EAP_SIM=y - -# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) -#CONFIG_EAP_PSK=y - -# LEAP -CONFIG_EAP_LEAP=y - -# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) -#CONFIG_EAP_AKA=y - -# PKCS#12 (PFX) support (used to read private key and certificate file from -# a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=y - -# PC/SC interface for smartcards (USIM, GSM SIM) -# Enable this if EAP-SIM or EAP-AKA is included -#CONFIG_PCSC=y - -# Development testing -#CONFIG_EAPOL_TEST=y - -# Replace native Linux implementation of packet sockets with libdnet/libpcap. -# This will be automatically set for non-Linux OS. -#CONFIG_DNET_PCAP=y - -# Include control interface for external programs, e.g, wpa_cli -CONFIG_CTRL_IFACE=y - -# Include interface for using external supplicant (Xsupplicant) for EAP -# authentication -#CONFIG_XSUPPLICANT_IFACE=y - -# Include support for GNU Readline and History Libraries in wpa_cli. -# When building a wpa_cli binary for distribution, please note that these -# libraries are licensed under GPL and as such, BSD license may not apply for -# the resulting binary. -#CONFIG_READLINE=y diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch deleted file mode 100644 index 4044835e1c..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-hermes.patch +++ /dev/null @@ -1,884 +0,0 @@ ---- /dev/null -+++ wpa_supplicant-0.4.7/driver_hermes.c -@@ -0,0 +1,705 @@ -+/* -+ * WPA Supplicant - testing driver interface -+ * Copyright (c) 2004-2005, Jouni Malinen -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License version 2 as -+ * published by the Free Software Foundation. -+ * -+ * Alternatively, this software may be distributed under the terms of BSD -+ * license. -+ * -+ * See README and COPYING for more details. -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "wireless_copy.h" -+#include "common.h" -+#include "driver.h" -+ -+#include "eloop.h" -+#include "wpa_supplicant.h" -+#include "priv_netlink.h" -+ -+#include "hostap_common.h" -+#include "driver_wext.h" -+#include "driver_hermes.h" -+ -+ -+ -+/* Enumeration for supported Hermes Types */ -+enum -+{ -+ WL_HERMES_UNKNOWN = 0, -+ WL_HERMES_1 = 1, -+ WL_HERMES_2 = 2, -+ WL_HERMES_25 = 3 -+}; -+ -+ -+ -+ -+struct wpa_driver_hermes_data { -+ void *wext; /* private data for driver_wext */ -+ void *ctx; -+ char ifname[IFNAMSIZ + 1]; -+ int sock; -+ int type; -+}; -+ -+ -+ -+/****************************************************************************/ -+/* */ -+/* Routines for basic device access to Agere Hermes-I/Hermes-II via the UIL */ -+/* */ -+/****************************************************************************/ -+ -+IFBP _connect(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s %d", __FUNCTION__, drv->ifname, drv->sock); -+ -+ memset(&urq, 0, sizeof(urq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.command = UIL_FUN_CONNECT; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ if (result == 0 && urq.result == UIL_SUCCESS) { -+ ifbp = urq.hcfCtx; -+ } else { -+ wpa_printf(MSG_DEBUG, "%s: could not set IFBP, result %d", __FUNCTION__, result); -+ } -+ -+ return ifbp; -+} -+ -+ -+void _disconnect(void *priv, IFBP ifbp) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ if (ifbp != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.command = UIL_FUN_DISCONNECT; -+ urq.hcfCtx = ifbp; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf( MSG_WARNING, "wl_disconnect(): ioctl() failed, errno: %d", errno ); -+ wpa_printf( MSG_WARNING, "wl_disconnect(): urq.result: %d", urq.result ); -+ } -+ } else { -+ wpa_printf(MSG_WARNING, "wl_disconnect(): called with NULL ifbp"); -+ } -+ -+ return; -+} -+ -+int _get_info(void *priv, ltv_t *ltv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ /* First, connect to the device */ -+ ifbp = _connect(priv); -+ if (ifbp != NULL && ltv != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.hcfCtx = ifbp; -+ urq.command = UIL_FUN_GET_INFO; -+ urq.len = sizeof(ltv_t); -+ urq.data = ltv; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf(MSG_WARNING, "wl_disconnect(): ioctl() failed, errno: %d", errno); -+ wpa_printf(MSG_WARNING, "wl_disconnect(): urq.result: %d", urq.result); -+ } -+ _disconnect(priv, ifbp); -+ } else { -+ wpa_printf( MSG_WARNING, "Could not connect to the device, or LTV NULL"); -+ result = -1; -+ } -+ -+ return result; -+} -+ -+int _put_info(void *priv, ltv_t *ltv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int result = 0; -+ IFBP ifbp = NULL; -+ struct uilreq urq; -+ -+ //wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, drv->ifname); -+ -+ /* First, connect to the device */ -+ ifbp = _connect(priv); -+ if (ifbp != NULL && ltv != NULL) { -+ memset(&urq, 0, sizeof(struct uilreq)); -+ -+ strcpy(urq.ifr_name, drv->ifname); -+ urq.hcfCtx = ifbp; -+ urq.command = UIL_FUN_PUT_INFO; -+ urq.len = sizeof( ltv_t ); -+ urq.data = ltv; -+ -+ result = ioctl(drv->sock, WVLAN2_IOCTL_UIL, &urq); -+ -+ if (result != 0 || urq.result != UIL_SUCCESS) { -+ wpa_printf(MSG_WARNING, "_put_info(): ioctl() failed, errno: %d", errno); -+ wpa_printf(MSG_WARNING, "_put_info(): urq.result: %d", urq.result); -+ } -+ -+ _disconnect(priv, ifbp); -+ } else { -+ wpa_printf(MSG_WARNING, "%s: could not connect to the device, or LTV NULL", __FUNCTION__ ); -+ result = -1; -+ } -+ -+ return result; -+} -+ -+ -+static void _detect_hermes_type(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ CFG_FW_IDENTITY_STRCT *fw_id; -+ ltv_t ltv; -+ int result; -+ -+ //wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ drv->type = WL_HERMES_UNKNOWN; -+ -+ if (drv->sock >= 0) { -+ fw_id = (CFG_FW_IDENTITY_STRCT *)<v; -+ fw_id->len = ( sizeof(CFG_FW_IDENTITY_STRCT) / sizeof( hcf_16 )) - 1; -+ fw_id->typ = CFG_FW_IDENTITY; -+ -+ result = _get_info(priv, (ltv_t *)fw_id); -+ if (result == HCF_SUCCESS) { -+ //wpa_printf(MSG_DEBUG, "PRI CompID : %d", fw_id->comp_id); -+ //wpa_printf(MSG_DEBUG, "PRI Variant : %d", fw_id->variant); -+ //wpa_printf(MSG_DEBUG, "PRI Version : %d.%02d", fw_id->version_major, fw_id->version_minor); -+ -+ switch(fw_id->comp_id) { -+ case COMP_ID_FW_STA: -+ switch (fw_id->variant) { -+ case 1: -+ case 2: -+ wpa_printf(MSG_DEBUG, "found Hermes 1 STA"); -+ drv->type = WL_HERMES_1; -+ break; -+ -+ case 3: -+ wpa_printf(MSG_DEBUG, "found Hermes 2 STA"); -+ drv->type = WL_HERMES_2; -+ break; -+ case 4: -+ wpa_printf(MSG_DEBUG, "found Hermes 2.5 STA"); -+ drv->type = WL_HERMES_25; -+ break; -+ } -+ break; -+ -+ case COMP_ID_FW_AP: -+ switch (fw_id->variant) { -+ case 1: -+ wpa_printf(MSG_DEBUG, "found Hermes 1 AP"); -+ drv->type = WL_HERMES_1; -+ break; -+ -+ case 2: -+ wpa_printf(MSG_DEBUG, "found Hermes 2 AP" ); -+ drv->type = WL_HERMES_2; -+ break; -+ } -+ break; -+ -+ default: -+ wpa_printf(MSG_WARNING, "could not detect Hermes type!"); -+ break; -+ } -+ } -+ } -+} -+ -+ -+ -+/****************************************************************************/ -+ -+ -+static int wpa_driver_hermes_set_wpa_ie(void *priv, const char *wpa_ie, -+ size_t wpa_ie_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_SET_WPA_AUTH_KEY_MGMT_SUITE; -+ -+ switch(drv->type) { -+ case WL_HERMES_1: -+ ltv.u.u16[0] = 2; -+ break; -+ -+ case WL_HERMES_2: -+ case WL_HERMES_25: -+ ltv.u.u16[0] = 4; -+ break; -+ -+ default: -+ ltv.u.u16[0] = 0; -+ break; -+ } -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_wpa(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_CNF_ENCRYPTION; -+ ltv.u.u16[0] = enabled ? 2 : 0; /* Setting CFG_CNF_ENCRYPTION to 2 sets WPA: TKIP or better */ -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_key(void *priv, wpa_alg alg, -+ const u8 *addr, int key_idx, -+ int set_tx, const u8 *seq, size_t seq_len, -+ const u8 *key, size_t key_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ int ret = 0; -+ char *alg_name; -+ ltv_t ltv; -+ int count = 0; -+ int buf_idx = 0; -+ hcf_8 tsc[] = { 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00 }; -+ hcf_8 rsc[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; -+ -+ -+ switch (alg) { -+ case WPA_ALG_NONE: -+ alg_name = "none"; -+ break; -+ case WPA_ALG_WEP: -+ alg_name = "WEP"; -+ break; -+ case WPA_ALG_TKIP: -+ alg_name = "TKIP"; -+ break; -+ case WPA_ALG_CCMP: -+ alg_name = "CCMP"; -+ break; -+ default: -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%d " -+ "key_len=%d", __FUNCTION__, alg_name, key_idx, set_tx, -+ seq_len, key_len); -+ -+ if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) { -+ wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu", __FUNCTION__, (unsigned long) seq_len); -+ return -2; -+ } -+ -+ /* Check the key index here; if 0, load as Pairwise Key, otherwise, load as -+ a group key. Note that for the Hermes, the RIDs for group/pairwise keys -+ are different from each other and different than the default WEP keys as -+ well. */ -+ switch (alg) { -+ case WPA_ALG_TKIP: -+ /* Make sure that there is no data queued up in the firmware before -+ setting the TKIP keys. If this check is not performed, some data -+ may be sent out with incorrect MIC and cause synchronizarion -+ errors with the AP */ -+ /* Check every 1ms for 100ms */ -+ for (count = 0; count < 100; count++) { -+ usleep(1000); -+ -+ ltv.len = 2; -+ ltv.typ = 0xFD91; // This RID not defined in HCF yet!!! -+ ltv.u.u16[0] = 0; -+ -+ _get_info( priv, <v); -+ -+ if (ltv.u.u16[0] == 0) -+ break; -+ } -+ -+ if (count == 100) -+ wpa_printf(MSG_DEBUG, "%s: Timed out waiting for TxQ!", __FUNCTION__); -+ -+ -+ switch (key_idx) { -+ case 0: -+ /* Only load key as pairwise key for Hermes-II and II.5. For Hermes-I, -+ fall through to the next case and load the pairwise key as -+ a Group Key at index 0. */ -+ if (drv->type == WL_HERMES_2 || drv->type == WL_HERMES_25) { -+ ltv.len = 28; -+ ltv.typ = CFG_ADD_TKIP_MAPPED_KEY; -+ -+ /* Load the BSSID */ -+ memcpy(<v.u.u8[buf_idx], addr, ETH_ALEN); -+ buf_idx += ETH_ALEN; -+ -+ /* Load the TKIP key */ -+ memcpy(<v.u.u8[buf_idx], &key[0], 16); -+ buf_idx += 16; -+ -+ /* Load the TSC */ -+ memcpy(<v.u.u8[buf_idx], tsc, 8); -+ buf_idx += 8; -+ -+ /* Load the RSC */ -+ /* Copy the RSC from the supplicant to a local buffer, because -+ the RSC doesn't always contain the padding needed */ -+ memcpy(rsc, seq, seq_len); -+ memcpy(<v.u.u8[buf_idx], rsc, 8); -+ buf_idx += 8; -+ -+ /* Load the TxMIC key */ -+ memcpy(<v.u.u8[buf_idx], &key[16], 8); -+ buf_idx += 8; -+ -+ /* Load the RxMIC key */ -+ memcpy(<v.u.u8[buf_idx], &key[24], 8); -+ -+ /* Send the request to the Hermes */ -+ _put_info(priv, <v); -+ break; -+ } -+ -+ case 1: -+ case 2: -+ case 3: -+ ltv.len = 26; -+ ltv.typ = CFG_ADD_TKIP_DEFAULT_KEY; -+ -+ /* Load the key Index */ -+ ltv.u.u16[buf_idx] = key_idx; -+ -+ /* If this is a Tx Key, set bit 8000 */ -+ if (set_tx) -+ ltv.u.u16[buf_idx] |= 0x8000; -+ -+ buf_idx += 2; -+ -+ /* Load the RSC */ -+ /* Copy the RSC from the supplicant to a local buffer, because -+ the RSC doesn't always contain the padding needed */ -+ memcpy(rsc, seq, seq_len); -+ memcpy(<v.u.u8[buf_idx], rsc, 8); -+ buf_idx += 8; -+ -+ /* Load the TKIP, TxMIC, and RxMIC keys in one shot, because in -+ CFG_ADD_TKIP_DEFAULT_KEY they are back-to-back */ -+ memcpy(<v.u.u8[buf_idx], key, key_len); -+ buf_idx += key_len; -+ -+ /* Load the TSC */ -+ memcpy(<v.u.u8[buf_idx], tsc, 8); -+ -+ /* Send the request to the Hermes */ -+ _put_info(priv, <v); -+ break; -+ -+ default: -+ break; -+ } -+ -+ break; -+ -+ case WPA_ALG_WEP: -+ case WPA_ALG_CCMP: -+ break; -+ -+ case WPA_ALG_NONE: -+ switch (key_idx) { -+ case 0: -+ if (drv->type == WL_HERMES_2 || drv->type == WL_HERMES_25) { -+ /* Only clear a pairwise key for Hermes-II. For Hermes-I, -+ fall through to the next case and clear the key as a -+ Group Key at index 0. */ -+ if (addr) { -+ ltv.len = 7; -+ ltv.typ = CFG_REMOVE_TKIP_MAPPED_KEY; -+ -+ memcpy(<v.u.u8[0], addr, ETH_ALEN); -+ -+ _put_info(priv, <v); -+ } -+ break; -+ } -+ -+ case 1: -+ case 2: -+ case 3: -+ /* Clear the Group TKIP keys by index */ -+ ltv.len = 2; -+ ltv.typ = CFG_REMOVE_TKIP_DEFAULT_KEY; -+ -+ ltv.u.u16[0] = key_idx; -+ -+ _put_info(priv, <v); -+ break; -+ -+ default: -+ break; -+ } -+ break; -+ -+ default: -+ break; -+ } -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_hermes_set_countermeasures(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ /* The supplicant handles all the timers related to MIC failure and -+ countermeasures. When countermeasures are enabled, shut down the card; -+ when disable, re-enable the card. Make sure that the EAPOL message -+ is getting out before card disable */ -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_DRIVER_ENABLE; -+ ltv.u.u16[0] = enabled ? 0 : 1; -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_set_drop_unencrypted(void *priv, int enabled) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ ltv.len = 2; -+ ltv.typ = CFG_CNF_EXCL_UNENCRYPTED; -+ ltv.u.u16[0] = enabled; -+ -+ return _put_info(priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_deauthenticate(void *priv, const u8 *addr, -+ int reason_code) -+{ -+ wpa_printf(MSG_DEBUG, "%s: *DUMMY* %d", __FUNCTION__, reason_code); -+ -+ return 0; -+} -+ -+ -+static int wpa_driver_hermes_disassociate(void *priv, const u8 *addr, int reason_code) -+{ -+ ltv_t ltv; -+ -+ wpa_printf(MSG_DEBUG, "%s: reason=%d", __FUNCTION__, reason_code); -+ -+ ltv.len = 2; -+ ltv.typ = 0xFCC8; // This RID not defined in HCF yet!!! -+ memcpy( <v.u.u8[0], addr, ETH_ALEN ); -+ ltv.u.u16[ETH_ALEN / 2] = reason_code; -+ -+ return _put_info( priv, <v); -+} -+ -+ -+static int wpa_driver_hermes_associate( -+ void *priv, struct wpa_driver_associate_params *params) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ -+#if 0 -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+#else -+ wpa_printf(MSG_DEBUG, "%s: priv=%p freq=%d pairwise_suite=%d " -+ "group_suite=%d key_mgmt_suite=%d auth_alg=%d mode=%d", -+ __func__, priv, params->freq, params->pairwise_suite, -+ params->group_suite, params->key_mgmt_suite, -+ params->auth_alg, params->mode); -+ if (params->bssid) { -+ wpa_printf(MSG_DEBUG, " bssid=" MACSTR, -+ MAC2STR(params->bssid)); -+ } -+ if (params->ssid) { -+ wpa_hexdump_ascii(MSG_DEBUG, " ssid", -+ params->ssid, params->ssid_len); -+ } -+ if (params->wpa_ie) { -+ wpa_hexdump(MSG_DEBUG, " wpa_ie", -+ params->wpa_ie, params->wpa_ie_len); -+ } -+#endif -+ -+ if (wpa_driver_hermes_set_wpa_ie(priv, params->wpa_ie, params->wpa_ie_len) < 0) -+ return -1; -+ if (wpa_driver_wext_set_freq(drv->wext, params->freq) < 0) -+ return -1; -+ if (wpa_driver_wext_set_ssid(drv->wext, params->ssid, params->ssid_len) < 0) -+ return -1; -+#ifdef UNSUPPORTED_IN_HERMES_DRIVER -+ if (wpa_driver_wext_hermes_bssid(drv->wext, params->bssid) < 0) -+ return -1; -+#endif -+ -+ return 0; -+} -+ -+ -+static int wpa_driver_hermes_get_bssid(void *priv, u8 *bssid) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_bssid(drv->wext, bssid); -+} -+ -+ -+static int wpa_driver_hermes_get_ssid(void *priv, u8 *ssid) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_ssid(drv->wext, ssid); -+} -+ -+ -+static int wpa_driver_hermes_scan(void *priv, const u8 *ssid, size_t ssid_len) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_scan(drv->wext, ssid, ssid_len); -+} -+ -+ -+static int wpa_driver_hermes_get_scan_results(void *priv, -+ struct wpa_scan_result *results, -+ size_t max_size) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ return wpa_driver_wext_get_scan_results(drv->wext, results, max_size); -+} -+ -+ -+static void * wpa_driver_hermes_init(void *ctx, const char *ifname) -+{ -+ struct wpa_driver_hermes_data *drv; -+ -+ wpa_printf(MSG_DEBUG, "%s: %s", __FUNCTION__, ifname); -+ -+ drv = malloc(sizeof(*drv)); -+ if (drv == NULL) -+ return NULL; -+ memset(drv, 0, sizeof(*drv)); -+ -+ /* Initialize wireless context */ -+ drv->wext = wpa_driver_wext_init(ctx, ifname); -+ if (drv->wext == NULL) { -+ perror("no wext context"); -+ goto no_wext; -+ } -+ -+ drv->ctx = ctx; -+ strncpy(drv->ifname, ifname, sizeof(drv->ifname)); -+ -+ drv->sock = socket(PF_INET, SOCK_DGRAM, 0); -+ if (drv->sock < 0) { -+ perror("socket(PF_INET,SOCK_DGRAM)"); -+ goto no_sock; -+ } -+ -+ _detect_hermes_type(drv); -+ -+ return drv; -+ -+no_sock: -+ wpa_driver_wext_deinit(drv->wext); -+no_wext: -+ free(drv); -+ return NULL; -+} -+ -+ -+static void wpa_driver_hermes_deinit(void *priv) -+{ -+ struct wpa_driver_hermes_data *drv = priv; -+ wpa_driver_wext_deinit(drv->wext); -+ close(drv->sock); -+ free(drv); -+} -+ -+ -+ -+ -+struct wpa_driver_ops wpa_driver_hermes_ops = { -+ .name = "hermes", -+ .desc = "wpa_supplicant hermes driver", -+ -+ .init = wpa_driver_hermes_init, -+ .deinit = wpa_driver_hermes_deinit, -+ -+ // from old driver_hermes.c: -+ .get_bssid = wpa_driver_hermes_get_bssid, -+ .get_ssid = wpa_driver_hermes_get_ssid, -+ .set_wpa = wpa_driver_hermes_set_wpa, -+ .set_key = wpa_driver_hermes_set_key, -+ //.events_init = wpa_driver_wext_events_init, -+ //.events_deinit = wpa_driver_wext_events_deinit, -+ .set_countermeasures = wpa_driver_hermes_set_countermeasures, -+ .set_drop_unencrypted = wpa_driver_hermes_set_drop_unencrypted, -+ .scan = wpa_driver_hermes_scan, -+ .get_scan_results = wpa_driver_hermes_get_scan_results, -+ .deauthenticate = wpa_driver_hermes_deauthenticate, -+ .disassociate = wpa_driver_hermes_disassociate, -+ .associate = wpa_driver_hermes_associate, -+ -+ -+#if 0 -+ /* Not possible with current Hermes driver: -+ .set_auth_alg = wpa_driver_hermes_set_auth_alg, */ -+#endif -+}; ---- /dev/null -+++ wpa_supplicant-0.4.7/driver_hermes.h -@@ -0,0 +1,173 @@ -+#ifndef HERMES_DRIVER_H -+#define HERMES_DRIVER_H -+ -+typedef unsigned char hcf_8; -+typedef unsigned short hcf_16; -+typedef unsigned long hcf_32; -+typedef hcf_16 hcf_io; -+typedef hcf_8 *wci_bufp; -+ -+typedef struct { -+ hcf_16 len; -+ hcf_16 typ; -+ unsigned short * bufp; -+} RID_LOG_STRCT; -+typedef RID_LOG_STRCT *RID_LOGP; -+ -+typedef struct { -+ hcf_16 len; -+ hcf_16 typ; -+ hcf_16 comp_id; -+ hcf_16 variant; -+ hcf_16 version_major; -+ hcf_16 version_minor; -+} CFG_FW_IDENTITY_STRCT; -+ -+typedef struct { -+ hcf_32 TxUnicastFrames; -+ hcf_32 TxMulticastFrames; -+ hcf_32 TxFragments; -+ hcf_32 TxUnicastOctets; -+ hcf_32 TxMulticastOctets; -+ hcf_32 TxDeferredTransmissions; -+ hcf_32 TxSingleRetryFrames; -+ hcf_32 TxMultipleRetryFrames; -+ hcf_32 TxRetryLimitExceeded; -+ hcf_32 TxDiscards; -+ hcf_32 RxUnicastFrames; -+ hcf_32 RxMulticastFrames; -+ hcf_32 RxFragments; -+ hcf_32 RxUnicastOctets; -+ hcf_32 RxMulticastOctets; -+ hcf_32 RxFCSErrors; -+ hcf_32 RxDiscardsNoBuffer; -+ hcf_32 TxDiscardsWrongSA; -+ hcf_32 RxWEPUndecryptable; -+ hcf_32 RxMsgInMsgFragments; -+ hcf_32 RxMsgInBadMsgFragments; -+ hcf_32 RxDiscardsWEPICVError; -+ hcf_32 RxDiscardsWEPExcluded; -+} CFG_HERMES_TALLIES_STRCT; -+ -+typedef struct { -+ hcf_32 not_used_NoBufInq; -+ hcf_32 NoBufInfo; -+ hcf_32 NoBufMB; -+ hcf_32 MiscErr; -+ hcf_32 EngCnt; -+} CFG_HCF_TALLIES_STRCT; -+ -+typedef struct { -+ hcf_io IFB_IOBase; -+ hcf_16 IFB_IORange; -+ -+ hcf_32 IFB_TickIni; -+ -+ hcf_16 IFB_Version; -+ hcf_16 IFB_CardStat; -+ hcf_16 IFB_TraceLvl; -+ hcf_16 *IFB_MBp; -+ hcf_16 IFB_MBSize; -+ hcf_16 IFB_MBWp; -+ hcf_16 IFB_MBRp; -+ hcf_16 IFB_MBInfoLen; -+ -+ hcf_16 IFB_DLMode; -+ hcf_16 IFB_Magic; -+ hcf_16 IFB_Cmd; -+ hcf_16 IFB_RxFID; -+ RID_LOGP IFB_RIDLogp; -+ hcf_16 IFB_Monitor; -+ hcf_16 IFB_TxFid; -+ hcf_16 IFB_RxLen; -+ hcf_16 IFB_DefunctStat; -+ -+ hcf_16 IFB_ErrCmd; -+ hcf_16 IFB_ErrQualifier; -+ hcf_16 IFB_lal; -+ wci_bufp IFB_lap; -+ hcf_16 IFB_LinkStat; -+ -+ void (*IFB_MICRxRtn)( hcf_32*, hcf_32 ); -+ void (*IFB_MICTxRtn)( hcf_32*, hcf_32 ); -+ hcf_16 IFB_rx_tlen; -+ hcf_16 IFB_tx_tlen; -+ hcf_8 IFB_rx_32[4]; -+ hcf_8 IFB_tx_32[4]; -+ hcf_16 IFB_RscInd; -+ hcf_16 IFB_MB_FID; -+ hcf_16 IFB_DLTarget[2]; -+ -+ hcf_16 IFB_DLPage; -+ hcf_16 IFB_DLOffset; -+ hcf_16 IFB_DLLen; -+ -+ hcf_16 volatile IFB_IntOffCnt; -+ hcf_16 IFB_IntEnMask; -+ -+ CFG_FW_IDENTITY_STRCT IFB_FWIdentity; -+ hcf_16 IFB_Tally; -+ hcf_16 IFB_TallyTyp; -+ -+ CFG_HERMES_TALLIES_STRCT IFB_NIC_Tallies; -+ CFG_HCF_TALLIES_STRCT IFB_HCF_Tallies; -+ -+ void *IFB_MSFSup; -+} IFB_STRCT; -+ -+typedef IFB_STRCT* IFBP; -+ -+struct uilreq -+{ -+ union -+ { -+ char ifrn_name[16]; -+ } ifr_ifrn; -+ -+ IFBP hcfCtx; -+ __u8 command; -+ __u8 result; -+ __u16 len; -+ void *data; -+}; -+ -+typedef struct -+{ -+ hcf_16 len; -+ hcf_16 typ; -+ union -+ { -+ hcf_8 u8[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_8)]; -+ hcf_16 u16[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_16)]; -+ hcf_32 u32[(512 - (sizeof(hcf_16) * 2)) / sizeof(hcf_32)]; -+ } u; -+} ltv_t; -+ -+ -+#define UIL_FUN_CONNECT 0x00 -+#define UIL_FUN_DISCONNECT 0x01 -+#define UIL_FUN_GET_INFO 0x04 -+#define UIL_FUN_PUT_INFO 0x05 -+ -+#define GENERIC_INFO_ELEM 0xdd -+#define RSN_INFO_ELEM 0x30 -+ -+#define CFG_DRIVER_ENABLE 0x0902 -+#define CFG_CNF_ENCRYPTION 0xFC20 -+#define CFG_ADD_TKIP_DEFAULT_KEY 0xFCB4 -+#define CFG_SET_WPA_AUTH_KEY_MGMT_SUITE 0xFCB5 -+#define CFG_REMOVE_TKIP_DEFAULT_KEY 0xFCB6 -+#define CFG_ADD_TKIP_MAPPED_KEY 0xFCB7 -+#define CFG_REMOVE_TKIP_MAPPED_KEY 0xFCB8 -+#define CFG_FW_IDENTITY 0xFD20 -+#define CFG_CNF_EXCL_UNENCRYPTED 0xFC22 -+ -+#define HCF_SUCCESS 0x00 -+#define UIL_SUCCESS 0x00 -+ -+#define COMP_ID_FW_STA 31 -+#define COMP_ID_FW_AP 32 -+ -+#define WVLAN2_IOCTL_UIL SIOCDEVPRIVATE -+ -+#endif diff --git a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch b/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch deleted file mode 100644 index 3c731c1256..0000000000 --- a/meta/packages/wpa-supplicant/wpa-supplicant-0.4.7/driver-zd1211.patch +++ /dev/null @@ -1,535 +0,0 @@ -diff -Nur wpa_supplicant-0.4.7/defconfig wpa_supplicant-0.4.7.new/defconfig ---- wpa_supplicant-0.4.7/defconfig 2005-09-24 20:30:43.000000000 +0200 -+++ wpa_supplicant-0.4.7.new/defconfig 2005-12-26 19:18:14.000000000 +0100 -@@ -68,6 +68,9 @@ - # Driver interface for Intel ipw2100/2200 driver - #CONFIG_DRIVER_IPW=y - -+# Driver interface for Zydas zd1211 driver -+#CONFIG_DRIVER_ZD1211=y -+ - # Driver interface for generic Linux wireless extensions - CONFIG_DRIVER_WEXT=y - -diff -Nur wpa_supplicant-0.4.7/drivers.c wpa_supplicant-0.4.7.new/drivers.c ---- wpa_supplicant-0.4.7/drivers.c 2005-02-20 01:15:54.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/drivers.c 2005-12-26 19:19:16.000000000 +0100 -@@ -55,6 +55,9 @@ - #ifdef CONFIG_DRIVER_TEST - extern struct wpa_driver_ops wpa_driver_test_ops; /* driver_test.c */ - #endif /* CONFIG_DRIVER_TEST */ -+#ifdef CONFIG_DRIVER_ZD1211 -+extern struct wpa_driver_ops wpa_driver_zd1211_ops; /* driver_zd1211.c */ -+#endif /* CONFIG_DRIVER_ZD1211 */ - - - struct wpa_driver_ops *wpa_supplicant_drivers[] = -@@ -98,5 +101,8 @@ - #ifdef CONFIG_DRIVER_TEST - &wpa_driver_test_ops, - #endif /* CONFIG_DRIVER_TEST */ -+#ifdef CONFIG_DRIVER_ZD1211 -+ &wpa_driver_zd1211_ops, -+#endif /* CONFIG_DRIVER_ZD1211 */ - NULL - }; -diff -Nur wpa_supplicant-0.4.7/driver_zd1211.c wpa_supplicant-0.4.7.new/driver_zd1211.c ---- wpa_supplicant-0.4.7/driver_zd1211.c 1970-01-01 01:00:00.000000000 +0100 -+++ wpa_supplicant-0.4.7.new/driver_zd1211.c 2005-12-27 16:28:46.000000000 +0100 -@@ -0,0 +1,408 @@ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "common.h" -+#include "driver.h" -+#include "driver_wext.h" -+#include "eloop.h" -+#include "wireless_copy.h" -+#include "wpa_supplicant.h" -+ -+#include "zd1211_common.h" -+ -+ -+struct wpa_driver_zd1211_data { -+ void *ctx; -+ void *wext; /* private data for driver_wext */ -+ char ifname[IFNAMSIZ + 1]; -+ int sock; -+}; -+ -+ -+static int zd1211_ioctl(struct wpa_driver_zd1211_data *zd1211_drv, struct zd1211_wlan_param *param, int len, int show_err) { -+ struct iwreq iwr; -+ -+ memset(&iwr, 0, sizeof(iwr)); -+ strncpy(iwr.ifr_name, zd1211_drv->ifname, IFNAMSIZ); -+ iwr.u.data.pointer = (caddr_t) param; -+ iwr.u.data.length = len; -+ -+ if (ioctl(zd1211_drv->sock, ZD_IOCTL_WPA, &iwr) < 0) { -+ int ret; -+ -+ ret = errno; -+ if (show_err) -+ perror("ioctl[ZD_IOCTL_WPA]"); -+ return ret; -+ } -+ -+ return 0; -+} -+ -+ -+static int zd1211_set_param(struct wpa_driver_zd1211_data *zd1211_drv, int op, int arg, int show_err) { -+ struct iwreq iwr; -+ int *i, ret = 0; -+ -+ memset(&iwr, 0, sizeof(iwr)); -+ strncpy(iwr.ifr_name, zd1211_drv->ifname, IFNAMSIZ); -+ i = (int *) iwr.u.name; -+ *i++ = op; -+ *i++ = arg; -+ -+ if (ioctl(zd1211_drv->sock, ZD_IOCTL_PARAM, &iwr) < 0) { -+ perror("ioctl[ZD_IOCTL_PARAM]"); -+ ret = -1; -+ } -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_get_scan_results(void *priv, struct wpa_scan_result *results, size_t max_size) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_scan_results(zd1211_drv->wext, results, max_size); -+} -+ -+ -+static int wpa_driver_zd1211_get_bssid(void *priv, u8 *bssid) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_bssid(zd1211_drv->wext, bssid); -+} -+ -+ -+static int wpa_driver_zd1211_get_ssid(void *priv, u8 *ssid) { -+ struct wpa_driver_zd1211_data *zd1211_drv; -+ -+ zd1211_drv = priv; -+ return wpa_driver_wext_get_ssid(zd1211_drv->wext, ssid); -+} -+ -+ -+static int wpa_driver_zd1211_set_auth_alg(void *priv, int auth_alg) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int algs = 0; -+ -+ if (auth_alg & AUTH_ALG_OPEN_SYSTEM) -+ algs = 0; -+ if (auth_alg & AUTH_ALG_SHARED_KEY) -+ algs = 1; -+ -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_AUTH_ALGS, algs, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_countermeasures(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ -+ /* Enable the countermeasure */ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_COUNTERMEASURES, enabled, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_drop_unencrypted(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ -+ /* Enable the countermeasure */ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ return zd1211_set_param(zd1211_drv, ZD_PARAM_DROPUNENCRYPTED, enabled, 1); -+} -+ -+ -+static int wpa_driver_zd1211_set_key(void *priv, wpa_alg alg, -+ const u8 *addr, int key_idx, -+ int set_tx, const u8 *seq, size_t seq_len, -+ const u8 *key, size_t key_len) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ struct zd1211_wlan_param *param; -+ u8 *buf; -+ size_t blen; -+ int ret = 0; -+ char *alg_name; -+ -+ switch (alg) { -+ case WPA_ALG_NONE: -+ alg_name = "NONE"; -+ break; -+ case WPA_ALG_WEP: -+ alg_name = "WEP"; -+ break; -+ case WPA_ALG_TKIP: -+ alg_name = "TKIP"; -+ break; -+ case WPA_ALG_CCMP: -+ alg_name = "CCMP"; -+ break; -+ default: -+ return -1; -+ } -+ -+ wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%d " -+ "key_len=%d", __FUNCTION__, alg_name, key_idx, set_tx, -+ seq_len, key_len); -+ -+ if (seq_len > 8) -+ return -2; -+ -+ blen = sizeof(*param) + key_len; -+ buf = malloc(blen); -+ if (buf == NULL) -+ return -1; -+ memset(buf, 0, blen); -+ -+ param = (struct zd1211_wlan_param *) buf; -+ param->cmd = ZD_CMD_SET_ENCRYPT_KEY; -+ /* TODO: In theory, STA in client mode can use five keys; four default -+ * keys for receiving (with keyidx 0..3) and one individual key for -+ * both transmitting and receiving (keyidx 0) _unicast_ packets. Now, -+ * keyidx 0 is reserved for this unicast use and default keys can only -+ * use keyidx 1..3 (i.e., default key with keyidx 0 is not supported). -+ * This should be fine for more or less all cases, but for completeness -+ * sake, the driver could be enhanced to support the missing key. */ -+#if 0 -+ if (addr == NULL) -+ memset(param->sta_addr, 0xff, ETH_ALEN); -+ else -+ memcpy(param->sta_addr, addr, ETH_ALEN); -+#else -+ memset(param->sta_addr, 0xff, ETH_ALEN); -+#endif -+ strncpy(param->u.crypt.alg, alg_name, ZD_CRYPT_ALG_NAME_LEN); -+ param->u.crypt.flags = set_tx ? ZD_FLAG_SET_TX_KEY : 0; -+ param->u.crypt.idx = key_idx; -+ memcpy(param->u.crypt.seq, seq, seq_len); -+ param->u.crypt.key_len = key_len; -+ memcpy((u8 *) param->u.crypt.key, key, key_len); -+ -+ /* Dump key context */ -+ if(alg == WPA_ALG_TKIP) { -+ int ii; -+ -+ wpa_printf(MSG_DEBUG, "Key Context:"); -+ for(ii = 0; ii < key_len; ) { -+ printf("0x%02x ", key[ii]); -+ -+ if((++ii % 16) == 0) -+ printf("\n"); -+ } -+ -+ printf("\n"); -+ } -+ -+ if (zd1211_ioctl(zd1211_drv, param, blen, 1)) { -+ wpa_printf(MSG_WARNING, "Failed to set encryption."); -+ //show_set_key_error(param); -+ ret = -1; -+ } -+ free(buf); -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_set_wpa_ie(struct wpa_driver_zd1211_data *zd1211_drv, const u8 *wpa_ie, size_t wpa_ie_len) { -+ int res; -+ struct zd1211_wlan_param *param; -+ size_t blen = ZD_GENERIC_ELEMENT_HDR_LEN + wpa_ie_len; -+ -+ if (blen < sizeof(*param)) -+ blen = sizeof(*param); -+ -+ param = (struct zd1211_wlan_param *) malloc(blen); -+ if (param == NULL) -+ return -1; -+ -+ memset(param, 0, blen); -+ param->cmd = ZD_CMD_SET_GENERIC_ELEMENT; -+ param->u.generic_elem.len = wpa_ie_len; -+ memcpy(param->u.generic_elem.data, wpa_ie, wpa_ie_len); -+ res = zd1211_ioctl(zd1211_drv, param, blen, 1); -+ -+ free(param); -+ -+ return res; -+} -+ -+ -+static int wpa_driver_zd1211_set_wpa(void *priv, int enabled) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int ret = 0; -+ -+ wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled); -+ -+ if (!enabled && wpa_driver_zd1211_set_wpa_ie(zd1211_drv, NULL, 0) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_ROAMING, enabled, 1) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_PRIVACY, enabled, 1) < 0) -+ ret = -1; -+ if (zd1211_set_param(zd1211_drv, ZD_PARAM_WPA, enabled, 1) < 0) -+ ret = -1; -+ -+ return ret; -+} -+ -+ -+static int wpa_driver_zd1211_associate(void *priv, struct wpa_driver_associate_params *params) { -+ struct wpa_driver_zd1211_data *zd1211_drv = priv; -+ int ret = 0; -+ -+ wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); -+ -+ /* Because there might be the case, two or more APs with the s