From owner-p4-projects@FreeBSD.ORG Thu Mar 6 23:46:46 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 12EBE1065675; Thu, 6 Mar 2008 23:46:46 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C5EDB1065670 for ; Thu, 6 Mar 2008 23:46:45 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id B362A8FC1C for ; Thu, 6 Mar 2008 23:46:45 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m26Nkjol059220 for ; Thu, 6 Mar 2008 23:46:45 GMT (envelope-from sam@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.1/8.14.1/Submit) id m26Nkj3u059218 for perforce@freebsd.org; Thu, 6 Mar 2008 23:46:45 GMT (envelope-from sam@freebsd.org) Date: Thu, 6 Mar 2008 23:46:45 GMT Message-Id: <200803062346.m26Nkj3u059218@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to sam@freebsd.org using -f From: Sam Leffler To: Perforce Change Reviews Cc: Subject: PERFORCE change 137035 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Mar 2008 23:46:46 -0000 http://perforce.freebsd.org/chv.cgi?CH=137035 Change 137035 by sam@sam_ebb on 2008/03/06 23:46:20 import wpa_supplicant 0.5.10 Affected files ... .. //depot/projects/vap/contrib/wpa_supplicant/ChangeLog#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/Makefile#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/README#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/aes_wrap.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/aes_wrap.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/asn1.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/common.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/common.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/config.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/config_ssid.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_dbus.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_dbus_handlers.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_dbus_handlers.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_unix.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/dbus-wpa_supplicant.conf#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/defconfig#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/ctrl_iface.doxygen#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_background.8#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_cli.8#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_cli.sgml#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_passphrase.8#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.8#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.conf.sgml#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.sgml#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/driver_ndis.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_gpsk.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_gpsk_common.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_gpsk_common.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_peap.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_sim.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_sim_common.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_tlv.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eap_tlv.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eapol_sm.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/eapol_test.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/events.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/main.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/os.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/os_unix.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/pcsc_funcs.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/radius.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/radius.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/radius_client.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/tls_openssl.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/version.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_cli.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_ctrl.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_gui-qt4/wpagui.cpp#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_gui/networkconfig.ui.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_gui/setup-mingw-cross-compiling#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_gui/wpagui.ui.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_supplicant.c#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_supplicant.conf#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/wpa_supplicant_i.h#3 edit .. //depot/projects/vap/contrib/wpa_supplicant/x509v3.c#3 edit Differences ... ==== //depot/projects/vap/contrib/wpa_supplicant/ChangeLog#3 (text+ko) ==== @@ -1,5 +1,46 @@ ChangeLog for wpa_supplicant +2008-02-19 - v0.5.10 + * added support for Makefile builds to include debug-log-to-a-file + functionality (CONFIG_DEBUG_FILE=y and -f on command line) + * added network configuration parameter 'frequency' for setting + initial channel for IBSS (adhoc) networks + * fixed EAP-SIM and EAP-AKA message parser to validate attribute + lengths properly to avoid potential crash caused by invalid messages + * added driver_wext workaround for race condition between scanning and + association with drivers that take very long time to scan all + channels (e.g., madwifi with dual-band cards); wpa_supplicant is now + using a longer hardcoded timeout for the scan if the driver supports + notifications for scan completion (SIOCGIWSCAN event); this helps, + e.g., in cases where wpa_supplicant and madwifi driver ended up in + loop where the driver did not even try to associate + * fixed EAP-SIM not to include AT_NONCE_MT and AT_SELECTED_VERSION + attributes in EAP-SIM Start/Response when using fast reauthentication + * fixed problems in getting NDIS events from WMI on Windows 2000 + +2007-12-02 - v0.5.9 + * fixed an integer overflow issue in the ASN.1 parser used by the + (experimental) internal TLS implementation to avoid a potential + buffer read overflow + * fixed a race condition with -W option (wait for a control interface + monitor before starting) that could have caused the first messages to + be lost + * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest + draft (draft-ietf-emu-eap-gpsk-07.txt) + * added ctrl_iface RECONNECT (wpa_cli reconnect) command + (like reassociate, but only takes effect if already associated) + * fixed a possible race condition between wpa_cli reassociate and + wpa_cli disconnect + * return a non-zero exit code from non-interactive wpa_cli if the + command is not recognized or fails + * fixed 0.5.8 regressions in BSS selection that prevented wildcard SSID + from being used with non-WPA networks and disabled workaround for + ignoring bogus WPA/RSN IE in non-WPA configuration + * fixed OpenSSL TLS wrapper to clear trusted CA list to allow + network blocks to use different trusted CA configurations + * fixed a potential EAP state machine loop when mloving from PSK to EAP + configuration without restarting wpa_supplicant + 2007-05-28 - v0.5.8 * updated driver_wext.c to build with the current wireless-dev.git tree and net/d80211 changes ==== //depot/projects/vap/contrib/wpa_supplicant/Makefile#3 (text+ko) ==== @@ -654,8 +654,25 @@ ifdef CONFIG_CTRL_IFACE_DBUS CFLAGS += -DCONFIG_CTRL_IFACE_DBUS -DDBUS_API_SUBJECT_TO_CHANGE OBJS += ctrl_iface_dbus.o ctrl_iface_dbus_handlers.o dbus_dict_helpers.o -LIBS += `pkg-config --libs dbus-1` -CFLAGS += `pkg-config --cflags dbus-1` +ifndef DBUS_LIBS +DBUS_LIBS := $(shell pkg-config --libs dbus-1) +endif +LIBS += $(DBUS_LIBS) +ifndef DBUS_INCLUDE +DBUS_INCLUDE := $(shell pkg-config --cflags dbus-1) +endif +dbus_version=$(subst ., ,$(shell pkg-config --modversion dbus-1)) +DBUS_VERSION_MAJOR=$(word 1,$(dbus_version)) +DBUS_VERSION_MINOR=$(word 2,$(dbus_version)) +ifeq ($(DBUS_VERSION_MAJOR),) +DBUS_VERSION_MAJOR=0 +endif +ifeq ($(DBUS_VERSION_MINOR),) +DBUS_VERSION_MINOR=0 +endif +DBUS_INCLUDE += -DDBUS_VERSION_MAJOR=$(DBUS_VERSION_MAJOR) +DBUS_INCLUDE += -DDBUS_VERSION_MINOR=$(DBUS_VERSION_MINOR) +CFLAGS += $(DBUS_INCLUDE) endif ifdef CONFIG_READLINE @@ -724,6 +741,10 @@ CONFIG_MAIN=main endif +ifdef CONFIG_DEBUG_FILE +CFLAGS += -DCONFIG_DEBUG_FILE +endif + OBJS += wpa_supplicant.o events.o OBJS_t := $(OBJS) eapol_test.o radius.o radius_client.o OBJS_t2 := $(OBJS) preauth_test.o ==== //depot/projects/vap/contrib/wpa_supplicant/README#3 (text+ko) ==== @@ -1,7 +1,7 @@ WPA Supplicant ============== -Copyright (c) 2003-2007, Jouni Malinen and contributors +Copyright (c) 2003-2008, Jouni Malinen and contributors All Rights Reserved. This program is dual-licensed under both the GPL version 2 and BSD @@ -481,7 +481,7 @@ -------------------- usage: - wpa_supplicant [-BddehLqqvwW] [-P] [-g] \ + wpa_supplicant [-BddfhKLqqtuvwW] [-P] [-g] \ -i -c [-C] [-D] [-p] \ [-b [-N -i -c [-C] [-D] \ [-p] [-b] ...] @@ -494,6 +494,7 @@ -i = interface name -d = increase debugging verbosity (-dd even more) -D = driver name + -f = Log output to default log location (normally /tmp) -g = global ctrl_interface -K = include keys (passwords, etc.) in debug output -t = include timestamp in debug messages ==== //depot/projects/vap/contrib/wpa_supplicant/aes_wrap.c#3 (text+ko) ==== @@ -7,7 +7,7 @@ * - AES-128 EAX mode encryption/decryption * - AES-128 CBC * - * Copyright (c) 2003-2005, Jouni Malinen + * Copyright (c) 2003-2007, Jouni Malinen * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as @@ -34,10 +34,11 @@ /** * aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) - * @kek: Key encryption key (KEK) - * @n: Length of the wrapped key in 64-bit units; e.g., 2 = 128-bit = 16 bytes - * @plain: Plaintext key to be wrapped, n * 64 bit - * @cipher: Wrapped key, (n + 1) * 64 bit + * @kek: 16-octet Key encryption key (KEK) + * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 + * bytes + * @plain: Plaintext key to be wrapped, n * 64 bits + * @cipher: Wrapped key, (n + 1) * 64 bits * Returns: 0 on success, -1 on failure */ int aes_wrap(const u8 *kek, int n, const u8 *plain, u8 *cipher) @@ -93,9 +94,10 @@ /** * aes_unwrap - Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) * @kek: Key encryption key (KEK) - * @n: Length of the wrapped key in 64-bit units; e.g., 2 = 128-bit = 16 bytes - * @cipher: Wrapped key to be unwrapped, (n + 1) * 64 bit - * @plain: Plaintext key, n * 64 bit + * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 + * bytes + * @cipher: Wrapped key to be unwrapped, (n + 1) * 64 bits + * @plain: Plaintext key, n * 64 bits * Returns: 0 on success, -1 on failure (e.g., integrity verification failed) */ int aes_unwrap(const u8 *kek, int n, const u8 *cipher, u8 *plain) @@ -167,28 +169,45 @@ /** - * omac1_aes_128 - One-Key CBC MAC (OMAC1) hash with AES-128 (aka AES-CMAC) + * omac1_aes_128_vector - One-Key CBC MAC (OMAC1) hash with AES-128 * @key: 128-bit key for the hash operation - * @data: Data buffer for which a MAC is determined - * @data: Length of data buffer in bytes + * @num_elem: Number of elements in the data vector + * @addr: Pointers to the data areas + * @len: Lengths of the data blocks * @mac: Buffer for MAC (128 bits, i.e., 16 bytes) * Returns: 0 on success, -1 on failure */ -int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac) +int omac1_aes_128_vector(const u8 *key, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac) { void *ctx; u8 cbc[BLOCK_SIZE], pad[BLOCK_SIZE]; - const u8 *pos = data; - size_t i, left = data_len; + const u8 *pos, *end; + size_t i, e, left, total_len; ctx = aes_encrypt_init(key, 16); if (ctx == NULL) return -1; os_memset(cbc, 0, BLOCK_SIZE); + total_len = 0; + for (e = 0; e < num_elem; e++) + total_len += len[e]; + left = total_len; + + e = 0; + pos = addr[0]; + end = pos + len[0]; + while (left >= BLOCK_SIZE) { - for (i = 0; i < BLOCK_SIZE; i++) + for (i = 0; i < BLOCK_SIZE; i++) { cbc[i] ^= *pos++; + if (pos >= end) { + e++; + pos = addr[e]; + end = pos + len[e]; + } + } if (left > BLOCK_SIZE) aes_encrypt(ctx, cbc, cbc); left -= BLOCK_SIZE; @@ -198,9 +217,15 @@ aes_encrypt(ctx, pad, pad); gf_mulx(pad); - if (left || data_len == 0) { - for (i = 0; i < left; i++) + if (left || total_len == 0) { + for (i = 0; i < left; i++) { cbc[i] ^= *pos++; + if (pos >= end) { + e++; + pos = addr[e]; + end = pos + len[e]; + } + } cbc[left] ^= 0x80; gf_mulx(pad); } @@ -212,6 +237,24 @@ return 0; } + +/** + * omac1_aes_128 - One-Key CBC MAC (OMAC1) hash with AES-128 (aka AES-CMAC) + * @key: 128-bit key for the hash operation + * @data: Data buffer for which a MAC is determined + * @data_len: Length of data buffer in bytes + * @mac: Buffer for MAC (128 bits, i.e., 16 bytes) + * Returns: 0 on success, -1 on failure + * + * This is a mode for using block cipher (AES in this case) for authentication. + * OMAC1 was standardized with the name CMAC by NIST in a Special Publication + * (SP) 800-38B. + */ +int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac) +{ + return omac1_aes_128_vector(key, 1, &data, &data_len, mac); +} + #endif /* CONFIG_NO_AES_OMAC1 */ ==== //depot/projects/vap/contrib/wpa_supplicant/aes_wrap.h#3 (text+ko) ==== @@ -7,7 +7,7 @@ * - AES-128 EAX mode encryption/decryption * - AES-128 CBC * - * Copyright (c) 2003-2005, Jouni Malinen + * Copyright (c) 2003-2007, Jouni Malinen * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as @@ -24,6 +24,8 @@ int aes_wrap(const u8 *kek, int n, const u8 *plain, u8 *cipher); int aes_unwrap(const u8 *kek, int n, const u8 *cipher, u8 *plain); +int omac1_aes_128_vector(const u8 *key, size_t num_elem, + const u8 *addr[], const size_t *len, u8 *mac); int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac); int aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out); int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, ==== //depot/projects/vap/contrib/wpa_supplicant/asn1.c#3 (text+ko) ==== @@ -58,6 +58,10 @@ } tmp &= 0x7f; /* number of subsequent octets */ hdr->length = 0; + if (tmp > 4) { + wpa_printf(MSG_DEBUG, "ASN.1: Too long length field"); + return -1; + } while (tmp--) { if (pos >= end) { wpa_printf(MSG_DEBUG, "ASN.1: Length " @@ -71,7 +75,7 @@ hdr->length = tmp; } - if (pos + hdr->length > end) { + if (end < pos || hdr->length > (unsigned int) (end - pos)) { wpa_printf(MSG_DEBUG, "ASN.1: Contents underflow"); return -1; } ==== //depot/projects/vap/contrib/wpa_supplicant/common.c#3 (text+ko) ==== @@ -20,7 +20,6 @@ #ifdef CONFIG_DEBUG_FILE static FILE *out_file = NULL; #endif /* CONFIG_DEBUG_FILE */ -int wpa_debug_use_file = 0; int wpa_debug_level = MSG_INFO; int wpa_debug_show_keys = 0; int wpa_debug_timestamp = 0; @@ -344,32 +343,29 @@ } -int wpa_debug_open_file(void) +int wpa_debug_open_file(const char *path) { #ifdef CONFIG_DEBUG_FILE - static int count = 0; - char fname[64]; - if (!wpa_debug_use_file) + if (!path) return 0; -#ifdef _WIN32 - os_snprintf(fname, sizeof(fname), "\\Temp\\wpa_supplicant-log-%d.txt", - count++); -#else /* _WIN32 */ - os_snprintf(fname, sizeof(fname), "/tmp/wpa_supplicant-log-%d.txt", - count++); + out_file = fopen(path, "a"); + if (out_file == NULL) { + wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " + "output file, using standard output"); + return -1; + } +#ifndef _WIN32 + setvbuf(out_file, NULL, _IOLBF, 0); #endif /* _WIN32 */ - out_file = fopen(fname, "w"); - return out_file == NULL ? -1 : 0; -#else /* CONFIG_DEBUG_FILE */ +#endif /* CONFIG_DEBUG_FILE */ return 0; -#endif /* CONFIG_DEBUG_FILE */ } void wpa_debug_close_file(void) { #ifdef CONFIG_DEBUG_FILE - if (!wpa_debug_use_file) + if (!out_file) return; fclose(out_file); out_file = NULL; ==== //depot/projects/vap/contrib/wpa_supplicant/common.h#3 (text+ko) ==== @@ -10,8 +10,6 @@ * license. * * See README and COPYING for more details. - * - * $FreeBSD: src/contrib/wpa_supplicant/common.h,v 1.4 2007/07/11 15:58:51 sam Exp $ */ #ifndef COMMON_H @@ -266,12 +264,12 @@ #define wpa_hexdump_key(l,t,b,le) do { } while (0) #define wpa_hexdump_ascii(l,t,b,le) do { } while (0) #define wpa_hexdump_ascii_key(l,t,b,le) do { } while (0) -#define wpa_debug_open_file() do { } while (0) +#define wpa_debug_open_file(p) do { } while (0) #define wpa_debug_close_file() do { } while (0) #else /* CONFIG_NO_STDOUT_DEBUG */ -int wpa_debug_open_file(void); +int wpa_debug_open_file(const char *path); void wpa_debug_close_file(void); /** ==== //depot/projects/vap/contrib/wpa_supplicant/config.c#3 (text+ko) ==== @@ -66,17 +66,19 @@ return os_strdup(value); } else { u8 *str; - size_t hlen = os_strlen(value); + size_t tlen, hlen = os_strlen(value); if (hlen & 1) return NULL; - *len = hlen / 2; - str = os_malloc(*len); + tlen = hlen / 2; + str = os_malloc(tlen + 1); if (str == NULL) return NULL; - if (hexstr2bin(value, str, *len)) { + if (hexstr2bin(value, str, tlen)) { os_free(str); return NULL; } + str[tlen] = '\0'; + *len = tlen; return (char *) str; } } @@ -1157,7 +1159,8 @@ { INT_RANGE(ieee80211w, 0, 2) }, #endif /* CONFIG_IEEE80211W */ { INT_RANGE(peerkey, 0, 1) }, - { INT_RANGE(mixed_cell, 0, 1) } + { INT_RANGE(mixed_cell, 0, 1) }, + { INT_RANGE(frequency, 0, 10000) } }; #undef OFFSET ==== //depot/projects/vap/contrib/wpa_supplicant/config_ssid.h#3 (text+ko) ==== @@ -851,6 +851,18 @@ IEEE80211W_REQUIRED = 2 } ieee80211w; #endif /* CONFIG_IEEE80211W */ + + /** + * frequency - Channel frequency in megahertz (MHz) for IBSS + * + * This value is used to configure the initial channel for IBSS (adhoc) + * networks, e.g., 2412 = IEEE 802.11b/g channel 1. It is ignored in + * the infrastructure mode. In addition, this value is only used by the + * station that creates the IBSS. If an IBSS network with the + * configured SSID is already present, the frequency of the network + * will be used instead of this configured value. + */ + int frequency; }; int wpa_config_allowed_eap_method(struct wpa_ssid *ssid, int vendor, ==== //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface.c#3 (text+ko) ==== @@ -1120,6 +1120,12 @@ wpa_s->disconnected = 0; wpa_s->reassociate = 1; wpa_supplicant_req_scan(wpa_s, 0, 0); + } else if (os_strcmp(buf, "RECONNECT") == 0) { + if (wpa_s->disconnected) { + wpa_s->disconnected = 0; + wpa_s->reassociate = 1; + wpa_supplicant_req_scan(wpa_s, 0, 0); + } } else if (os_strncmp(buf, "PREAUTH ", 8) == 0) { if (wpa_supplicant_ctrl_iface_preauth(wpa_s, buf + 8)) reply_len = -1; @@ -1147,6 +1153,7 @@ reply_len = wpa_supplicant_ctrl_iface_list_networks( wpa_s, reply, reply_size); } else if (os_strcmp(buf, "DISCONNECT") == 0) { + wpa_s->reassociate = 0; wpa_s->disconnected = 1; wpa_supplicant_disassociate(wpa_s, REASON_DEAUTH_LEAVING); } else if (os_strcmp(buf, "SCAN") == 0) { ==== //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_dbus.c#3 (text+ko) ==== @@ -30,6 +30,14 @@ #include "wpa_ctrl.h" #include "eap.h" +#define DBUS_VERSION (DBUS_VERSION_MAJOR << 8 | DBUS_VERSION_MINOR) +#define DBUS_VER(major, minor) ((major) << 8 | (minor)) + +#if DBUS_VERSION < DBUS_VER(1,1) +#define dbus_watch_get_unix_fd dbus_watch_get_fd +#endif + + struct ctrl_iface_dbus_priv { DBusConnection *con; int should_dispatch; @@ -92,7 +100,7 @@ return; flags = dbus_watch_get_flags(watch); - fd = dbus_watch_get_fd(watch); + fd = dbus_watch_get_unix_fd(watch); eloop_register_sock(fd, EVENT_TYPE_EXCEPTION, process_watch_exception, iface, watch); @@ -117,7 +125,7 @@ int fd; flags = dbus_watch_get_flags(watch); - fd = dbus_watch_get_fd(watch); + fd = dbus_watch_get_unix_fd(watch); eloop_unregister_sock(fd, EVENT_TYPE_EXCEPTION); @@ -536,6 +544,10 @@ reply = wpas_dbus_iface_set_ap_scan(message, wpa_s); else if (!strcmp(method, "state")) reply = wpas_dbus_iface_get_state(message, wpa_s); + else if (!strcmp(method, "setBlobs")) + reply = wpas_dbus_iface_set_blobs(message, wpa_s); + else if (!strcmp(method, "removeBlobs")) + reply = wpas_dbus_iface_remove_blobs(message, wpa_s); } /* If the message was handled, send back the reply */ @@ -645,6 +657,7 @@ return; } dbus_connection_send(iface->con, signal, NULL); + dbus_message_unref(signal); } @@ -662,7 +675,7 @@ wpa_states old_state) { struct ctrl_iface_dbus_priv *iface; - DBusMessage *signal; + DBusMessage *signal = NULL; const char *path; const char *new_state_str, *old_state_str; @@ -707,7 +720,7 @@ wpa_printf(MSG_ERROR, "wpa_supplicant_dbus_notify_state_change[dbus]: " "couldn't convert state strings."); - return; + goto out; } if (!dbus_message_append_args(signal, @@ -720,8 +733,12 @@ "wpa_supplicant_dbus_notify_state_change[dbus]: " "not enough memory to construct state change " "signal."); + goto out; } dbus_connection_send(iface->con, signal, NULL); + +out: + dbus_message_unref(signal); } ==== //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_dbus_handlers.c#3 (text+ko) ==== @@ -1203,3 +1203,129 @@ return reply; } + + +/** + * wpas_dbus_iface_set_blobs - Store named binary blobs (ie, for certificates) + * @message: Pointer to incoming dbus message + * @global: %wpa_supplicant global data structure + * Returns: A dbus message containing a UINT32 indicating success (1) or + * failure (0) + * + * Asks wpa_supplicant to internally store a one or more binary blobs. + */ +DBusMessage * wpas_dbus_iface_set_blobs(DBusMessage *message, + struct wpa_supplicant *wpa_s) +{ + DBusMessage *reply = NULL; + struct wpa_dbus_dict_entry entry = { .type = DBUS_TYPE_STRING }; + DBusMessageIter iter, iter_dict; + + dbus_message_iter_init(message, &iter); + + if (!wpa_dbus_dict_open_read(&iter, &iter_dict)) + return wpas_dbus_new_invalid_opts_error(message, NULL); + + while (wpa_dbus_dict_has_dict_entry(&iter_dict)) { + struct wpa_config_blob *blob; + + if (!wpa_dbus_dict_get_entry(&iter_dict, &entry)) { + reply = wpas_dbus_new_invalid_opts_error(message, + NULL); + break; + } + + if (entry.type != DBUS_TYPE_ARRAY || + entry.array_type != DBUS_TYPE_BYTE) { + reply = wpas_dbus_new_invalid_opts_error( + message, "Byte array expected."); + break; + } + + if ((entry.array_len <= 0) || (entry.array_len > 65536) || + !strlen(entry.key)) { + reply = wpas_dbus_new_invalid_opts_error( + message, "Invalid array size."); + break; + } + + blob = os_zalloc(sizeof(*blob)); + if (blob == NULL) { + reply = dbus_message_new_error( + message, WPAS_ERROR_ADD_ERROR, + "Not enough memory to add blob."); + break; + } + blob->data = os_zalloc(entry.array_len); + if (blob->data == NULL) { + reply = dbus_message_new_error( + message, WPAS_ERROR_ADD_ERROR, + "Not enough memory to add blob data."); + os_free(blob); + break; + } + + blob->name = os_strdup(entry.key); + blob->len = entry.array_len; + os_memcpy(blob->data, (u8 *) entry.bytearray_value, + entry.array_len); + if (blob->name == NULL || blob->data == NULL) { + wpa_config_free_blob(blob); + reply = dbus_message_new_error( + message, WPAS_ERROR_ADD_ERROR, + "Error adding blob."); + break; + } + + /* Success */ + wpa_config_remove_blob(wpa_s->conf, blob->name); + wpa_config_set_blob(wpa_s->conf, blob); + wpa_dbus_dict_entry_clear(&entry); + } + wpa_dbus_dict_entry_clear(&entry); + + return reply ? reply : wpas_dbus_new_success_reply(message); +} + + +/** + * wpas_dbus_iface_remove_blob - Remove named binary blobs + * @message: Pointer to incoming dbus message + * @global: %wpa_supplicant global data structure + * Returns: A dbus message containing a UINT32 indicating success (1) or + * failure (0) + * + * Asks wpa_supplicant to remove one or more previously stored binary blobs. + */ +DBusMessage * wpas_dbus_iface_remove_blobs(DBusMessage *message, + struct wpa_supplicant *wpa_s) +{ + DBusMessageIter iter, array; + char *err_msg = NULL; + + dbus_message_iter_init(message, &iter); + + if ((dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_ARRAY) || + (dbus_message_iter_get_element_type (&iter) != DBUS_TYPE_STRING)) + return wpas_dbus_new_invalid_opts_error(message, NULL); + + dbus_message_iter_recurse(&iter, &array); + while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_STRING) { + const char *name; + + dbus_message_iter_get_basic(&array, &name); + if (!strlen(name)) + err_msg = "Invalid blob name."; + + if (wpa_config_remove_blob(wpa_s->conf, name) != 0) + err_msg = "Error removing blob."; + dbus_message_iter_next(&array); + } + + if (err_msg) { + return dbus_message_new_error(message, WPAS_ERROR_REMOVE_ERROR, + err_msg); + } + + return wpas_dbus_new_success_reply(message); +} ==== //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_dbus_handlers.h#3 (text+ko) ==== @@ -71,6 +71,12 @@ DBusMessage * wpas_dbus_iface_get_state(DBusMessage *message, struct wpa_supplicant *wpa_s); +DBusMessage * wpas_dbus_iface_set_blobs(DBusMessage *message, + struct wpa_supplicant *wpa_s); + +DBusMessage * wpas_dbus_iface_remove_blobs(DBusMessage *message, + struct wpa_supplicant *wpa_s); + #endif /* CONFIG_CTRL_IFACE_DBUS */ #endif /* CTRL_IFACE_DBUS_HANDLERS_H */ ==== //depot/projects/vap/contrib/wpa_supplicant/ctrl_iface_unix.c#3 (text+ko) ==== @@ -522,9 +522,42 @@ void wpa_supplicant_ctrl_iface_wait(struct ctrl_iface_priv *priv) { - wpa_printf(MSG_DEBUG, "CTRL_IFACE - %s - wait for monitor", - priv->wpa_s->ifname); - eloop_wait_for_read_sock(priv->sock); + char buf[256]; + int res; + struct sockaddr_un from; + socklen_t fromlen = sizeof(from); + + for (;;) { + wpa_printf(MSG_DEBUG, "CTRL_IFACE - %s - wait for monitor to " + "attach", priv->wpa_s->ifname); + eloop_wait_for_read_sock(priv->sock); + + res = recvfrom(priv->sock, buf, sizeof(buf) - 1, 0, + (struct sockaddr *) &from, &fromlen); + if (res < 0) { + perror("recvfrom(ctrl_iface)"); + continue; + } + buf[res] = '\0'; + + if (os_strcmp(buf, "ATTACH") == 0) { + /* handle ATTACH signal of first monitor interface */ + if (!wpa_supplicant_ctrl_iface_attach(priv, &from, + fromlen)) { + sendto(priv->sock, "OK\n", 3, 0, + (struct sockaddr *) &from, fromlen); + /* OK to continue */ + return; + } else { + sendto(priv->sock, "FAIL\n", 5, 0, + (struct sockaddr *) &from, fromlen); + } + } else { + /* return FAIL for all other signals */ + sendto(priv->sock, "FAIL\n", 5, 0, + (struct sockaddr *) &from, fromlen); + } + } } ==== //depot/projects/vap/contrib/wpa_supplicant/dbus-wpa_supplicant.conf#3 (text+ko) ==== @@ -8,10 +8,6 @@ - - - - ==== //depot/projects/vap/contrib/wpa_supplicant/defconfig#3 (text+ko) ==== @@ -209,7 +209,9 @@ #CONFIG_NO_AES_EXTRAS=y # Select configuration backend: -# file = text file (e.g., wpa_supplicant.conf) +# file = text file (e.g., wpa_supplicant.conf; note: the configuration file +# path is given on command line, not here; this option is just used to +# select the backend that allows configuration files to be used) # winreg = Windows registry (see win_example.reg for an example) CONFIG_BACKEND=file @@ -316,3 +318,6 @@ # wireless-dev.git tree). #WIRELESS_DEV=/usr/src/wireless-dev #CFLAGS += -I$(WIRELESS_DEV)/net/mac80211 + +# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) +#CONFIG_DEBUG_FILE=y ==== //depot/projects/vap/contrib/wpa_supplicant/doc/ctrl_iface.doxygen#3 (text) ==== @@ -203,6 +203,12 @@ Force reassociation. +\subsection ctrl_iface_RECONNECT RECONNECT + +Connect if disconnected (i.e., like \c REASSOCIATE, but only connect +if in disconnected state). + + \subsection ctrl_iface_PREAUTH PREAUTH Start pre-authentication with the given BSSID. @@ -255,7 +261,8 @@ \subsection ctrl_iface_DISCONNECT DISCONNECT -Disconnect and wait for \c REASSOCIATE command before connecting. +Disconnect and wait for \c REASSOCIATE or \c RECONNECT command before +connecting. \subsection ctrl_iface_SCAN SCAN ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_background.8#3 (text) ==== @@ -3,7 +3,7 @@ .\" .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng . -.TH "WPA_BACKGROUND" "8" "28 May 2007" "" "" +.TH "WPA_BACKGROUND" "8" "19 February 2008" "" "" .SH NAME wpa_background \- Background information on Wi-Fi Protected Access and IEEE 802.11i ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_cli.8#3 (text) ==== @@ -3,7 +3,7 @@ .\" .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng . -.TH "WPA_CLI" "8" "28 May 2007" "" "" +.TH "WPA_CLI" "8" "19 February 2008" "" "" .SH NAME wpa_cli \- WPA command line client @@ -112,7 +112,7 @@ Run in daemon mode executing the action file based on events from wpa_supplicant. The specified file will be executed with the first argument set to interface name and -second to "CONNECT" or "DISCONNECT" depending on the event. +second to "CONNECTED" or "DISCONNECTED" depending on the event. This can be used to execute networking tools required to configure the interface. ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_cli.sgml#3 (text) ==== @@ -140,7 +140,7 @@ Run in daemon mode executing the action file based on events from wpa_supplicant. The specified file will be executed with the first argument set to interface name and - second to "CONNECT" or "DISCONNECT" depending on the event. + second to "CONNECTED" or "DISCONNECTED" depending on the event. This can be used to execute networking tools required to configure the interface. ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_passphrase.8#3 (text) ==== @@ -3,7 +3,7 @@ .\" .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng . -.TH "WPA_PASSPHRASE" "8" "28 May 2007" "" "" +.TH "WPA_PASSPHRASE" "8" "19 February 2008" "" "" .SH NAME wpa_passphrase \- Generate a WPA PSK from an ASCII passphrase for a SSID ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.8#3 (text) ==== @@ -3,13 +3,13 @@ .\" .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng . -.TH "WPA_SUPPLICANT" "8" "28 May 2007" "" "" +.TH "WPA_SUPPLICANT" "8" "19 February 2008" "" "" .SH NAME wpa_supplicant \- Wi-Fi Protected Access client and IEEE 802.1X supplicant .SH SYNOPSIS -\fBwpa_supplicant\fR [ \fB-BddehLqqvw\fR ] [ \fB-i\fIifname\fB\fR ] [ \fB-c\fIconfig file\fB\fR ] [ \fB-D\fIdriver\fB\fR ] [ \fB-P\fIPID_file\fB\fR ] +\fBwpa_supplicant\fR [ \fB-BddfhKLqqtuvwW\fR ] [ \fB-i\fIifname\fB\fR ] [ \fB-c\fIconfig file\fB\fR ] [ \fB-D\fIdriver\fB\fR ] [ \fB-P\fIPID_file\fB\fR ] [ \fB-f\fIoutput file\fB\fR ] .SH "OVERVIEW" .PP @@ -272,6 +272,9 @@ \fB-D driver\fR Driver to use. See the available options below. .TP +\fB-f output file\fR +Log output to specified file instead of stdout. +.TP \fB-d\fR Increase debugging verbosity (-dd even more). .TP ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5#3 (text) ==== @@ -3,7 +3,7 @@ .\" .\" Please send any bug reports, improvements, comments, patches, .\" etc. to Steve Cheng . -.TH "WPA_SUPPLICANT.CONF" "5" "28 May 2007" "" "" +.TH "WPA_SUPPLICANT.CONF" "5" "19 February 2008" "" "" .SH NAME wpa_supplicant.conf \- configuration file for wpa_supplicant ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.conf.sgml#3 (text) ==== ==== //depot/projects/vap/contrib/wpa_supplicant/doc/docbook/wpa_supplicant.sgml#3 (text) ==== @@ -12,11 +12,12 @@ wpa_supplicant - -BddehLqqvw + -BddfhKLqqtuvwW -iifname -cconfig file -Ddriver -PPID_file + -foutput file @@ -376,6 +377,13 @@ >>> TRUNCATED FOR MAIL (1000 lines) <<<