Date: Sun, 12 Oct 2014 21:20:25 +0000 (UTC) From: John Marino <marino@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r370742 - in head: . security security/wpa_supplicant security/wpa_supplicant/files Message-ID: <201410122120.s9CLKP4l080080@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: marino Date: Sun Oct 12 21:20:25 2014 New Revision: 370742 URL: https://svnweb.freebsd.org/changeset/ports/370742 QAT: https://qat.redports.org/buildarchive/r370742/ Log: Revive security/wpa_supplicant after 6.5 years => version 2.3 This port was retired at version 0.3.8 because wpa_supplicant is part of FreeBSD base. However, the last few releases have had a period of only a few months, so the base is always going to be behind. DragonFly is also affected, so I'm bringing the port back at the latest version. It features the same patches as FreeBSD including the conversion to use libutil's pidfile routines. There are some additional patches for DragonFly support and to fix some bugs from the 9 Oct 2014 release. The WPA Supplicant build system has been converted to ports options, and there are dozens of them. I've set the defaults to match the configuration in base and verified that it builds with all options selected at once. Added: head/security/wpa_supplicant/ - copied from r204782, head/security/wpa_supplicant/ head/security/wpa_supplicant/files/Packet32.c (contents, props changed) head/security/wpa_supplicant/files/Packet32.h (contents, props changed) head/security/wpa_supplicant/files/ntddndis.h (contents, props changed) head/security/wpa_supplicant/files/patch-src-l2_packet-l2_packet_freebsd.c (contents, props changed) head/security/wpa_supplicant/files/patch-src_drivers_driver__privsep.c (contents, props changed) head/security/wpa_supplicant/files/patch-src_utils_os__unix.c (contents, props changed) head/security/wpa_supplicant/files/patch-src_wps_wps__upnp.c (contents, props changed) head/security/wpa_supplicant/files/patch-wpa__supplicant_Makefile (contents, props changed) head/security/wpa_supplicant/files/patch-wpa__supplicant_scan.c (contents, props changed) head/security/wpa_supplicant/files/patch-wpa__supplicant_wpa__priv.c (contents, props changed) head/security/wpa_supplicant/files/pkg-message.in (contents, props changed) Deleted: head/security/wpa_supplicant/files/config.bsd head/security/wpa_supplicant/files/patch-Makefile head/security/wpa_supplicant/files/patch-crypto.c head/security/wpa_supplicant/files/patch-pidfile head/security/wpa_supplicant/files/patch-wpa__ctrl.c Modified: head/MOVED head/security/Makefile head/security/wpa_supplicant/Makefile (contents, props changed) head/security/wpa_supplicant/distinfo (contents, props changed) head/security/wpa_supplicant/pkg-descr (contents, props changed) Modified: head/MOVED ============================================================================== --- head/MOVED Sun Oct 12 21:00:23 2014 (r370741) +++ head/MOVED Sun Oct 12 21:20:25 2014 (r370742) @@ -130,7 +130,6 @@ misc/kde3-i18n-id||2008-04-25|Has expire net/dhcp-agent||2008-04-25|Has expired: Dhcp-agent has not been updated since 2003, it does not build with guile-1.8, and it is unmaintained net/ocaml-netclient||2008-04-25|Has expired: is part of ocaml-net graphics/entice||2008-04-25|Has expired: Broken and unmaintained -security/wpa_supplicant||2008-04-26|Obsolete, newer version in base games/glpuzzle|games/jigzo|2008-04-28|Project renamed ftp/greed||2008-04-29|Has expired: No longer maintained x11-themes/gnome-industrial-theme||2008-04-29|Has expired: gnome-themes-extras no longer has industrial engine Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Sun Oct 12 21:00:23 2014 (r370741) +++ head/security/Makefile Sun Oct 12 21:20:25 2014 (r370742) @@ -1011,6 +1011,7 @@ SUBDIR += webshag SUBDIR += whatweb SUBDIR += wipe + SUBDIR += wpa_supplicant SUBDIR += xca SUBDIR += xinetd SUBDIR += xml-security Modified: head/security/wpa_supplicant/Makefile ============================================================================== --- head/security/wpa_supplicant/Makefile Mon Dec 31 22:24:02 2007 (r204782) +++ head/security/wpa_supplicant/Makefile Sun Oct 12 21:20:25 2014 (r370742) @@ -1,63 +1,159 @@ -# New ports collection makefile for: wpa_supplicant -# Date created: 7 December 2004 -# Whom: sam -# # $FreeBSD$ -# - -# WITH_STATIC_SUPPLICANT - If you use wpa_supplicant with devd(8) to -# start your wireless NIC at boot, it will not be able to resolve -# the libdnet library dependency because devd is run before -# ldconfig. Defining this variable will get around the problem by -# static-linking the wpa_supplicant executable. A static-linked -# version of the executable is about 1.25MB larger and you will be -# required to rebuild this port whenever the net/libdnet port is -# updated. PORTNAME= wpa_supplicant -PORTVERSION= 0.3.8 -PORTREVISION= 2 +PORTVERSION= 2.3 CATEGORIES= security net -MASTER_SITES= http://hostap.epitest.fi/releases/ +MASTER_SITES= http://w1.fi/releases/ -MAINTAINER= ports@FreeBSD.org +MAINTAINER= marino@FreeBSD.org COMMENT= Supplicant (client) for WPA/802.1x protocols -LIB_DEPENDS= dnet.1:${PORTSDIR}/net/libdnet +USES= gmake readline +USE_OPENSSL= yes +BUILD_WRKSRC= ${WRKSRC}/wpa_supplicant +INSTALL_WRKSRC= ${WRKSRC}/src +LDFLAGS= -lutil +SUB_FILES= pkg-message PLIST_FILES= sbin/wpa_supplicant \ sbin/wpa_passphrase \ - sbin/wpa_cli - -PLIST_FILES+= etc/${PORTNAME}.conf.sample - + sbin/wpa_cli \ + sbin/wpa_priv \ + "@sample etc/wpa_supplicant.conf.sample" PORTDOCS= README ChangeLog -WRKSRC= ${WRKDIR}/${DISTNAME} -USE_GMAKE= yes +CFG= ${BUILD_WRKSRC}/.config -.if defined(WITH_STATIC_SUPPLICANT) -SUPPLICANT_STATIC= -static -.else -SUPPLICANT_STATIC= +OPTIONS_MULTI= DRV EAP +OPTIONS_MULTI_DRV= BSD WIRED NDIS TEST NONE #ROBOSWITCH +OPTIONS_MULTI_EAP= TLS PEAP TTLS MD5 MSCHAPv2 GTC LEAP OTP PSK FAST \ + SIM PWD PAX AKA AKA_PRIME SAKE GPSK TNC IKEv2 EKE +OPTIONS_DEFINE= WPS WPS_ER WPS_NOREG WPS_NFC PKCS12 SMARTCARD \ + HT_OVERRIDES VHT_OVERRIDES TLSV12 IEEE80211W \ + IEEE80211R DEBUG_FILE DEBUG_SYSLOG PRIVSEP \ + DELAYED_MIC IEEE80211N IEEE80211AC INTERWORKING \ + HS20 NO_ROAMING P2P TDLS +OPTIONS_DEFAULT= BSD WIRED NDIS \ + TLS PEAP TTLS MD5 MSCHAPv2 GTC LEAP OTP PSK \ + WPS PKCS12 SMARTCARD IEEE80211R DEBUG_SYSLOG PRIVSEP \ + INTERWORKING HS20 + +WPS_DESC= Wi-Fi Protected Setup +WPS_ER_DESC= Enable WPS External Registrar +WPS_NOREG_DESC= Disable open network credentials when registrar +WPS_NFC_DESC= Near Field Communication (NFC) configuration +PKCS12_DESC= PKCS\#12 (PFS) support +SMARTCARD_DESC= Private key on smartcard support +HT_OVERRIDES_DESC= Disable HT/HT40, mask MCS rates, etc +VHT_OVERRIDES_DESC= Disable VHT, mask MCS rates, etc +TLSV12_DESC= Build with TLS v1.2 instead of TLS v1.0 +IEEE80211AC_DESC= Very High Throughput, AP mode (IEEE 802.11ac) +IEEE80211N_DESC= High Throughput, AP mode (IEEE 802.11n) +IEEE80211R_DESC= Fast BSS Transition (IEEE 802.11r-2008) +IEEE80211W_DESC= Management Frame Protection (IEEE 802.11w) +DEBUG_FILE_DESC= Support for writing debug log to a file +DEBUG_SYSLOG_DESC= Send debug messages to syslog instead of stdout +PRIVSEP_DESC= Privilege separation +DELAYED_MIC_DESC= Mitigate TKIP attack, random delay on MIC errors +INTERWORKING_DESC= Improve ext. network interworking (IEEE 802.11u) +HS20_DESC= Hotspot 2.0 +NO_ROAMING_DESC= Disable roaming +P2P_DESC= Peer-to-Peer support +TDLS_DESC= Tunneled Direct Link Setup + +DRV_DESC= Driver options +BSD_DESC= BSD net80211 interface +NDIS_DESC= Windows NDIS interface +WIRED_DESC= Wired ethernet interface +ROBOSWITCH_DESC= Broadcom Roboswitch interface +TEST_DESC= Development testing interface +NONE_DESC= The 'no driver' interface, e.g. WPS ER only + +EAP_DESC= Extensible Authentication Protocols +TLS_DESC= Transport Layer Security +PEAP_DESC= Protected Extensible Authentication Protocol +TTLS_DESC= Tunneled Transport Layer Security +MD5_DESC= MD5 hash (deprecated, no key generation) +MSCHAPv2_DESC= Microsoft CHAP version 2 (RFC 2759) +GTC_DESC= Generic Token Card +LEAP_DESC= Lightweight Extensible Authentication Protocol +OTP_DESC= One-Time Password +PSK_DESC= Pre-Shared key +FAST_DESC= Flexible Authentication via Secure Tunneling +AKA_DESC= Autentication and Key Agreement (UMTS) +AKA_PRIME_DESC= AKA Prime variant (RFC 5448) +EKE_DESC= Encrypted Key Exchange +SIM_DESC= Subscriber Identity Module +IKEv2_DESC= Internet Key Exchange version 2 +PWD_DESC= Shared password (RFC 5931) +PAX_DESC= Password Authenticated Exchange +SAKE_DESC= Shared-Secret Authentication & Key Establishment +GPSK_DESC= Generalized Pre-Shared Key +TNC_DESC= Trusted Network Connect + +.include <bsd.port.options.mk> + +.if ${PORT_OPTIONS:MSIM} || ${PORT_OPTIONS:MAKA} || ${PORT_OPTIONS:MAKA_PRIME} +LIB_DEPENDS+= libpcsclite.so:${PORTSDIR}/devel/pcsc-lite +CFLAGS+= -I${LOCALBASE}/include/PCSC +LDFLAGS+= -L${LOCALBASE}/lib .endif -MAKE_ENV+= SUPPLICANT_STATIC=${SUPPLICANT_STATIC} post-patch: - @${CP} ${FILESDIR}/config.bsd ${WRKSRC}/.config - @${REINPLACE_CMD} 's|%%LOCALBASE%%|${LOCALBASE}|' ${WRKSRC}/.config - -post-install: -.if !defined(NOPORTDOCS) - @${MKDIR} ${DOCSDIR} - @${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${DOCSDIR} + ${CP} ${FILESDIR}/Packet32.[ch] ${FILESDIR}/ntddndis.h \ + ${WRKSRC}/src/utils + # Set driver(s) +.for item in BSD NDIS WIRED ROBOSWITCH TEST NONE +. if ${PORT_OPTIONS:M${item}} + @${ECHO} CONFIG_DRIVER_${item}=y >> ${CFG} +. endif +.endfor + # Set EAP protocol(s) +.for item in MD5 MSCHAPv2 TLS PEAP TTLS FAST GTC OTP PSK PWD PAX LEAP SIM \ + AKA AKA_PRIME SAKE GPSK TNC IKEv2 EKE +. if ${PORT_OPTIONS:M${item}} + @${ECHO} CONFIG_EAP_${item:tu}=y >> ${CFG} +. endif +.endfor +.if ${PORT_OPTIONS:MSIM} || ${PORT_OPTIONS:MAKA} || ${PORT_OPTIONS:MAKA_PRIME} + @${ECHO} CONFIG_PCSC=y >> ${CFG} .endif - @${INSTALL_DATA} ${WRKSRC}/wpa_supplicant.conf ${PREFIX}/etc/wpa_supplicant.conf.sample - -.include <bsd.port.pre.mk> - -.if ${OSVERSION} < 600007 -IGNORE=is not supported on FreeBSD < 6.0 +.for simple in WPS WPS_ER WPS_NFC PKCS12 SMARTCARD HT_OVERRIDES \ + VHT_OVERRIDES TLSV12 IEEE80211AC IEEE80211N IEEE80211R IEEE80211W \ + INTERWORKING DEBUG_FILE DEBUG_SYSLOG HS20 NO_ROAMING PRIVSEP P2P TDLS +. if ${PORT_OPTIONS:M${simple}} + @${ECHO} CONFIG_${simple}=y >> ${CFG} +. endif +.endfor +.for item in READLINE PEERKEY + @${ECHO} CONFIG_${item}=y >> ${CFG} +.endfor +.if ${PORT_OPTIONS:MIEEE80211AC} || ${PORT_OPTIONS:MIEEE80211N} + @${ECHO} CONFIG_AP=y >> ${CFG} +.endif +.if ${PORT_OPTIONS:MGPSK} + # GPSK desired, assume highest SHA desired too + @${ECHO} CONFIG_EAP_GPSK_SHA256=y >> ${CFG} +.endif +.if ${PORT_OPTIONS:MWPS_NOREG} + @${ECHO} CONFIG_WPS_REG_DISABLE_OPEN=y >> ${CFG} +.endif +.if ${PORT_OPTIONS:MDELAYED_MIC} + @${ECHO} CONFIG_DELAYED_MIC_ERROR_REPORT=y >> ${CFG} .endif + @${ECHO} CONFIG_OS=unix >> ${CFG} + @${ECHO} CONFIG_CTRL_IFACE=unix >> ${CFG} + @${ECHO} CONFIG_BACKEND=file >> ${CFG} + @${ECHO} CONFIG_L2_PACKET=freebsd >> ${CFG} + @${ECHO} CONFIG_TLS=openssl >> ${CFG} + +do-install: + @${MKDIR} ${STAGEDIR}${DOCSDIR} + (cd ${BUILD_WRKSRC} && ${INSTALL_PROGRAM} wpa_supplicant wpa_cli \ + wpa_passphrase wpa_priv ${STAGEDIR}${PREFIX}/sbin) + ${INSTALL_DATA} ${BUILD_WRKSRC}/wpa_supplicant.conf \ + ${STAGEDIR}${PREFIX}/etc/wpa_supplicant.conf.sample + (cd ${BUILD_WRKSRC} && \ + ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}) -.include <bsd.port.post.mk> +.include <bsd.port.mk> Modified: head/security/wpa_supplicant/distinfo ============================================================================== --- head/security/wpa_supplicant/distinfo Mon Dec 31 22:24:02 2007 (r204782) +++ head/security/wpa_supplicant/distinfo Sun Oct 12 21:20:25 2014 (r370742) @@ -1,3 +1,2 @@ -MD5 (wpa_supplicant-0.3.8.tar.gz) = c9ced104f0322f834a84336c293b4b57 -SHA256 (wpa_supplicant-0.3.8.tar.gz) = f24a344e19a513d5725b1cdce9b0393676a80a7dc083e053a04fb3b703cf7115 -SIZE (wpa_supplicant-0.3.8.tar.gz) = 301163 +SHA256 (wpa_supplicant-2.3.tar.gz) = eaaa5bf3055270e521b2dff64f2d203ec8040f71958b8588269a82c00c9d7b6a +SIZE (wpa_supplicant-2.3.tar.gz) = 2398722 Added: head/security/wpa_supplicant/files/Packet32.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/Packet32.c Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,366 @@ +/*- + * Copyright (c) 2005 + * Bill Paul <wpaul@windriver.com>. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Bill Paul. + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * This file implements a small portion of the Winpcap API for the + * Windows NDIS interface in wpa_supplicant. It provides just enough + * routines to fool wpa_supplicant into thinking it's really running + * in a Windows environment. + */ + +#include <sys/types.h> +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/ioctl.h> +#include <sys/errno.h> +#include <sys/sysctl.h> +#include <sys/fcntl.h> +#include <net/if.h> +#include <net/if_dl.h> +#include <net/if_var.h> + +#include <netinet/in.h> +#include <arpa/inet.h> +#include <netdb.h> +#include <net/route.h> + +#ifdef __FreeBSD__ +#include <net80211/ieee80211_ioctl.h> +#endif +#ifdef __DragonFly__ +#include <netproto/802_11/ieee80211_ioctl.h> +#endif + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <unistd.h> +#include <pcap.h> + +#include "Packet32.h" + +#define OID_802_11_ADD_KEY 0x0d01011D + +typedef ULONGLONG NDIS_802_11_KEY_RSC; +typedef UCHAR NDIS_802_11_MAC_ADDRESS[6]; + +typedef struct NDIS_802_11_KEY { + ULONG Length; + ULONG KeyIndex; + ULONG KeyLength; + NDIS_802_11_MAC_ADDRESS BSSID; + NDIS_802_11_KEY_RSC KeyRSC; + UCHAR KeyMaterial[1]; +} NDIS_802_11_KEY; + +typedef struct NDIS_802_11_KEY_COMPAT { + ULONG Length; + ULONG KeyIndex; + ULONG KeyLength; + NDIS_802_11_MAC_ADDRESS BSSID; + UCHAR Pad[6]; /* Make struct layout match Windows. */ + NDIS_802_11_KEY_RSC KeyRSC; +#ifdef notdef + UCHAR KeyMaterial[1]; +#endif +} NDIS_802_11_KEY_COMPAT; + +#define TRUE 1 +#define FALSE 0 + +struct adapter { + int socket; + char name[IFNAMSIZ]; + int prev_roaming; +}; + +PCHAR +PacketGetVersion(void) +{ + return("FreeBSD WinPcap compatibility shim v1.0"); +} + +void * +PacketOpenAdapter(CHAR *iface) +{ + struct adapter *a; + int s; + int ifflags; + struct ifreq ifr; + struct ieee80211req ireq; + + s = socket(PF_INET, SOCK_DGRAM, 0); + + if (s == -1) + return(NULL); + + a = malloc(sizeof(struct adapter)); + if (a == NULL) + return(NULL); + + a->socket = s; + if (strncmp(iface, "\\Device\\NPF_", 12) == 0) + iface += 12; + else if (strncmp(iface, "\\DEVICE\\", 8) == 0) + iface += 8; + snprintf(a->name, IFNAMSIZ, "%s", iface); + + /* Turn off net80211 roaming */ + bzero((char *)&ireq, sizeof(ireq)); + strncpy(ireq.i_name, iface, sizeof (ifr.ifr_name)); + ireq.i_type = IEEE80211_IOC_ROAMING; + if (ioctl(a->socket, SIOCG80211, &ireq) == 0) { + a->prev_roaming = ireq.i_val; + ireq.i_val = IEEE80211_ROAMING_MANUAL; + if (ioctl(a->socket, SIOCS80211, &ireq) < 0) + fprintf(stderr, + "Could not set IEEE80211_ROAMING_MANUAL\n"); + } + + bzero((char *)&ifr, sizeof(ifr)); + strncpy(ifr.ifr_name, iface, sizeof (ifr.ifr_name)); + if (ioctl(a->socket, SIOCGIFFLAGS, (caddr_t)&ifr) < 0) { + free(a); + close(s); + return(NULL); + } + ifr.ifr_flags |= IFF_UP; + if (ioctl(a->socket, SIOCSIFFLAGS, (caddr_t)&ifr) < 0) { + free(a); + close(s); + return(NULL); + } + + return(a); +} + +int +PacketRequest(void *iface, BOOLEAN set, PACKET_OID_DATA *oid) +{ + struct adapter *a; + uint32_t retval; + struct ifreq ifr; + NDIS_802_11_KEY *old; + NDIS_802_11_KEY_COMPAT *new; + PACKET_OID_DATA *o = NULL; + + if (iface == NULL) + return(-1); + + a = iface; + bzero((char *)&ifr, sizeof(ifr)); + + /* + * This hack is necessary to work around a difference + * betwee the GNU C and Microsoft C compilers. The NDIS_802_11_KEY + * structure has a uint64_t in it, right after an array of + * chars. The Microsoft compiler inserts padding right before + * the 64-bit value to align it on a 64-bit boundary, but + * GCC only aligns it on a 32-bit boundary. Trying to pass + * the GCC-formatted structure to an NDIS binary driver + * fails because some of the fields appear to be at the + * wrong offsets. + * + * To get around this, if we detect someone is trying to do + * a set operation on OID_802_11_ADD_KEY, we shuffle the data + * into a properly padded structure and pass that into the + * driver instead. This allows the driver_ndis.c code supplied + * with wpa_supplicant to work unmodified. + */ + + if (set == TRUE && oid->Oid == OID_802_11_ADD_KEY) { + old = (NDIS_802_11_KEY *)&oid->Data; + o = malloc(sizeof(PACKET_OID_DATA) + + sizeof(NDIS_802_11_KEY_COMPAT) + old->KeyLength); + if (o == NULL) + return(0); + bzero((char *)o, sizeof(PACKET_OID_DATA) + + sizeof(NDIS_802_11_KEY_COMPAT) + old->KeyLength); + o->Oid = oid->Oid; + o->Length = sizeof(NDIS_802_11_KEY_COMPAT) + old->KeyLength; + new = (NDIS_802_11_KEY_COMPAT *)&o->Data; + new->KeyRSC = old->KeyRSC; + new->Length = o->Length; + new->KeyIndex = old->KeyIndex; + new->KeyLength = old->KeyLength; + bcopy(old->BSSID, new->BSSID, sizeof(NDIS_802_11_MAC_ADDRESS)); + bcopy(old->KeyMaterial, (char *)new + + sizeof(NDIS_802_11_KEY_COMPAT), new->KeyLength); + ifr.ifr_data = (caddr_t)o; + } else + ifr.ifr_data = (caddr_t)oid; + + strlcpy(ifr.ifr_name, a->name, sizeof(ifr.ifr_name)); + + if (set == TRUE) + retval = ioctl(a->socket, SIOCSDRVSPEC, &ifr); + else + retval = ioctl(a->socket, SIOCGDRVSPEC, &ifr); + + if (o != NULL) + free(o); + + if (retval) + return(0); + + return(1); +} + +int +PacketGetAdapterNames(CHAR *namelist, ULONG *len) +{ + int mib[6]; + size_t needed; + struct if_msghdr *ifm; + struct sockaddr_dl *sdl; + char *buf, *lim, *next; + char *plist; + int spc; + int i, ifcnt = 0; + + plist = namelist; + spc = 0; + + bzero(plist, *len); + + needed = 0; + mib[0] = CTL_NET; + mib[1] = PF_ROUTE; + mib[2] = 0; /* protocol */ + mib[3] = 0; /* wildcard address family */ + mib[4] = NET_RT_IFLIST; + mib[5] = 0; /* no flags */ + + if (sysctl (mib, 6, NULL, &needed, NULL, 0) < 0) + return(FALSE); + + buf = malloc (needed); + if (buf == NULL) + return(FALSE); + + if (sysctl (mib, 6, buf, &needed, NULL, 0) < 0) { + free(buf); + return(FALSE); + } + + lim = buf + needed; + + /* Generate interface name list. */ + + next = buf; + while (next < lim) { + ifm = (struct if_msghdr *)next; + if (ifm->ifm_type == RTM_IFINFO) { + sdl = (struct sockaddr_dl *)(ifm + 1); + if (strnstr(sdl->sdl_data, "wlan", sdl->sdl_nlen)) { + if ((spc + sdl->sdl_nlen) > *len) { + free(buf); + return(FALSE); + } + strncpy(plist, sdl->sdl_data, sdl->sdl_nlen); + plist += (sdl->sdl_nlen + 1); + spc += (sdl->sdl_nlen + 1); + ifcnt++; + } + } + next += ifm->ifm_msglen; + } + + + /* Insert an extra "" as a spacer */ + + plist++; + spc++; + + /* + * Now generate the interface description list. There + * must be a unique description for each interface, and + * they have to match what the ndis_events program will + * feed in later. To keep this simple, we just repeat + * the interface list over again. + */ + + next = buf; + while (next < lim) { + ifm = (struct if_msghdr *)next; + if (ifm->ifm_type == RTM_IFINFO) { + sdl = (struct sockaddr_dl *)(ifm + 1); + if (strnstr(sdl->sdl_data, "wlan", sdl->sdl_nlen)) { + if ((spc + sdl->sdl_nlen) > *len) { + free(buf); + return(FALSE); + } + strncpy(plist, sdl->sdl_data, sdl->sdl_nlen); + plist += (sdl->sdl_nlen + 1); + spc += (sdl->sdl_nlen + 1); + ifcnt++; + } + } + next += ifm->ifm_msglen; + } + + free (buf); + + *len = spc + 1; + + return(TRUE); +} + +void +PacketCloseAdapter(void *iface) +{ + struct adapter *a; + struct ifreq ifr; + struct ieee80211req ireq; + + if (iface == NULL) + return; + + a = iface; + + /* Reset net80211 roaming */ + bzero((char *)&ireq, sizeof(ireq)); + strncpy(ireq.i_name, a->name, sizeof (ifr.ifr_name)); + ireq.i_type = IEEE80211_IOC_ROAMING; + ireq.i_val = a->prev_roaming; + ioctl(a->socket, SIOCS80211, &ireq); + + bzero((char *)&ifr, sizeof(ifr)); + strncpy(ifr.ifr_name, a->name, sizeof (ifr.ifr_name)); + ioctl(a->socket, SIOCGIFFLAGS, (caddr_t)&ifr); + ifr.ifr_flags &= ~IFF_UP; + ioctl(a->socket, SIOCSIFFLAGS, (caddr_t)&ifr); + close(a->socket); + free(a); + + return; +} Added: head/security/wpa_supplicant/files/Packet32.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/Packet32.h Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,65 @@ +/*- + * Copyright (c) 2005 + * Bill Paul <wpaul@windriver.com>. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Bill Paul. + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF + * THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _PACKET32_H_ +#define _PACKET32_H_ + +#include <sys/types.h> +#include <ntddndis.h> + +struct PACKET_OID_DATA { + uint32_t Oid; + uint32_t Length; + uint8_t Data[1]; +}; + + +typedef struct PACKET_OID_DATA PACKET_OID_DATA; + +extern PCHAR PacketGetVersion(void); +extern void *PacketOpenAdapter(CHAR *); +extern int PacketRequest(void *, BOOLEAN, PACKET_OID_DATA *); +extern int PacketGetAdapterNames(CHAR *, ULONG *); +extern void PacketCloseAdapter(void *); + +/* + * This is for backwards compatibility on FreeBSD 5. + */ + +#ifndef SIOCGDRVSPEC +#define SIOCSDRVSPEC _IOW('i', 123, struct ifreq) /* set driver-specific + parameters */ +#define SIOCGDRVSPEC _IOWR('i', 123, struct ifreq) /* get driver-specific + parameters */ +#endif + +#endif /* _PACKET32_H_ */ Added: head/security/wpa_supplicant/files/ntddndis.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/ntddndis.h Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,28 @@ +#ifndef _NTDDNDIS_H_ +#define _NTDDNDIS_H_ + +/* + * Fake up some of the Windows type definitions so that the NDIS + * interface module in wpa_supplicant will build. + */ + +#define ULONG uint32_t +#define USHORT uint16_t +#define UCHAR uint8_t +#define LONG int32_t +#define SHORT int16_t +#define CHAR int8_t +#define ULONGLONG uint64_t +#define LONGLONG int64_t +#define BOOLEAN uint8_t +typedef void * LPADAPTER; +typedef char * PTSTR; +typedef char * PCHAR; + +#define TRUE 1 +#define FALSE 0 + +#define OID_802_3_CURRENT_ADDRESS 0x01010102 +#define OID_802_3_MULTICAST_LIST 0x01010103 + +#endif /* _NTDDNDIS_H_ */ Added: head/security/wpa_supplicant/files/patch-src-l2_packet-l2_packet_freebsd.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-src-l2_packet-l2_packet_freebsd.c Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,14 @@ +--- src/l2_packet/l2_packet_freebsd.c.orig 2014-06-04 13:26:14 UTC ++++ src/l2_packet/l2_packet_freebsd.c +@@ -8,7 +8,10 @@ + */ + + #include "includes.h" +-#if defined(__APPLE__) || defined(__GLIBC__) ++#if defined(__FreeBSD__) \ ++ || defined(__DragonFly__) \ ++ || defined(__APPLE__) \ ++ || defined(__GLIBC__) + #include <net/bpf.h> + #endif /* __APPLE__ */ + #include <pcap.h> Added: head/security/wpa_supplicant/files/patch-src_drivers_driver__privsep.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-src_drivers_driver__privsep.c Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,20 @@ +--- src/drivers/driver_privsep.c.orig 2014-10-09 14:41:31 UTC ++++ src/drivers/driver_privsep.c +@@ -228,7 +228,7 @@ static int wpa_driver_privsep_associate( + + wpa_printf(MSG_DEBUG, "%s: priv=%p freq=%d pairwise_suite=%d " + "group_suite=%d key_mgmt_suite=%d auth_alg=%d mode=%d", +- __func__, priv, params->freq, params->pairwise_suite, ++ __func__, priv, params->freq.freq, params->pairwise_suite, + params->group_suite, params->key_mgmt_suite, + params->auth_alg, params->mode); + +@@ -241,7 +241,7 @@ static int wpa_driver_privsep_associate( + os_memcpy(data->bssid, params->bssid, ETH_ALEN); + os_memcpy(data->ssid, params->ssid, params->ssid_len); + data->ssid_len = params->ssid_len; +- data->freq = params->freq; ++ data->freq = params->freq.freq; + data->pairwise_suite = params->pairwise_suite; + data->group_suite = params->group_suite; + data->key_mgmt_suite = params->key_mgmt_suite; Added: head/security/wpa_supplicant/files/patch-src_utils_os__unix.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-src_utils_os__unix.c Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,62 @@ +--- src/utils/os_unix.c.orig 2014-10-09 14:41:31 UTC ++++ src/utils/os_unix.c +@@ -190,17 +190,42 @@ static int os_daemon(int nochdir, int no + #define os_daemon daemon + #endif /* __APPLE__ */ + ++#if defined(__FreeBSD__) || defined(__DragonFly__) ++#define FREE_DRAGON ++#include <err.h> ++#include <libutil.h> ++#include <stdint.h> ++#endif /* __FreeBSD__ || __DragonFly__ */ + + int os_daemonize(const char *pid_file) + { + #if defined(__uClinux__) || defined(__sun__) + return -1; + #else /* defined(__uClinux__) || defined(__sun__) */ ++#ifdef FREE_DRAGON ++ pid_t otherpid; ++ struct pidfh *pfh; ++ ++ pfh = pidfile_open(pid_file, 0600, &otherpid); ++ if (pfh == NULL) { ++ if (errno == EEXIST) { ++ errx(1, "Daemon already running, pid: %jd.", ++ (intmax_t)otherpid); ++ } ++ warn("Cannot open or create pidfile."); ++ } ++#endif /* FREE_DRAGON */ + if (os_daemon(0, 0)) { + perror("daemon"); ++#ifdef FREE_DRAGON ++ pidfile_remove(pfh); ++#endif /* FREE_DRAGON */ + return -1; + } + ++#ifdef FREE_DRAGON ++ pidfile_write(pfh); ++#else + if (pid_file) { + FILE *f = fopen(pid_file, "w"); + if (f) { +@@ -208,6 +233,7 @@ int os_daemonize(const char *pid_file) + fclose(f); + } + } ++#endif /* FREE_DRAGON */ + + return -0; + #endif /* defined(__uClinux__) || defined(__sun__) */ +@@ -360,7 +386,7 @@ int os_setenv(const char *name, const ch + + int os_unsetenv(const char *name) + { +-#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__APPLE__) || \ ++#if defined(FREE_DRAGON) || defined(__NetBSD__) || defined(__APPLE__) || \ + defined(__OpenBSD__) + unsetenv(name); + return 0; Added: head/security/wpa_supplicant/files/patch-src_wps_wps__upnp.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-src_wps_wps__upnp.c Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,22 @@ +--- src/wps/wps_upnp.c.orig 2014-10-09 14:41:31 UTC ++++ src/wps/wps_upnp.c +@@ -829,7 +829,8 @@ fail: + } + + +-#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) ++#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) \ ++ || defined(__DragonFly__) + #include <sys/sysctl.h> + #include <net/route.h> + #include <net/if_dl.h> +@@ -916,7 +917,8 @@ int get_netif_info(const char *net_if, u + goto fail; + } + os_memcpy(mac, req.ifr_addr.sa_data, 6); +-#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__) ++#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__) \ ++ || defined(__DragonFly__) + if (eth_get(net_if, mac) < 0) { + wpa_printf(MSG_ERROR, "WPS UPnP: Failed to get MAC address"); + goto fail; Added: head/security/wpa_supplicant/files/patch-wpa__supplicant_Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-wpa__supplicant_Makefile Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,14 @@ +--- wpa_supplicant/Makefile.orig 2014-10-09 14:41:31 UTC ++++ wpa_supplicant/Makefile +@@ -97,6 +97,11 @@ OBJS += ../src/utils/os_$(CONFIG_OS).o + OBJS_p += ../src/utils/os_$(CONFIG_OS).o + OBJS_c += ../src/utils/os_$(CONFIG_OS).o + ++ifdef CONFIG_DRIVER_NDIS ++OBJS += ../src/utils/Packet32.o ../src/drivers/driver_ndis.o ++OBJS_priv += ../src/utils/Packet32.o ++endif ++ + ifdef CONFIG_WPA_TRACE + CFLAGS += -DWPA_TRACE + OBJS += ../src/utils/trace.o Added: head/security/wpa_supplicant/files/patch-wpa__supplicant_scan.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-wpa__supplicant_scan.c Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,31 @@ +--- wpa_supplicant/scan.c.orig 2014-10-09 14:41:31 UTC ++++ wpa_supplicant/scan.c +@@ -1548,7 +1548,7 @@ struct wpabuf * wpa_scan_get_vendor_ie_m + static int wpa_scan_result_compar(const void *a, const void *b) + { + #define IS_5GHZ(n) (n > 4000) +-#define MIN(a,b) a < b ? a : b ++#define MINAB(a,b) a < b ? a : b + struct wpa_scan_res **_wa = (void *) a; + struct wpa_scan_res **_wb = (void *) b; + struct wpa_scan_res *wa = *_wa; +@@ -1577,8 +1577,8 @@ static int wpa_scan_result_compar(const + + if ((wa->flags & wb->flags & WPA_SCAN_LEVEL_DBM) && + !((wa->flags | wb->flags) & WPA_SCAN_NOISE_INVALID)) { +- snr_a = MIN(wa->level - wa->noise, GREAT_SNR); +- snr_b = MIN(wb->level - wb->noise, GREAT_SNR); ++ snr_a = MINAB(wa->level - wa->noise, GREAT_SNR); ++ snr_b = MINAB(wb->level - wb->noise, GREAT_SNR); + } else { + /* Not suitable information to calculate SNR, so use level */ + snr_a = wa->level; +@@ -1604,7 +1604,7 @@ static int wpa_scan_result_compar(const + if (snr_b == snr_a) + return wb->qual - wa->qual; + return snr_b - snr_a; +-#undef MIN ++#undef MINAB + #undef IS_5GHZ + } + Added: head/security/wpa_supplicant/files/patch-wpa__supplicant_wpa__priv.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-wpa__supplicant_wpa__priv.c Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,37 @@ +--- wpa_supplicant/wpa_priv.c.orig 2014-10-09 14:41:31 UTC ++++ wpa_supplicant/wpa_priv.c +@@ -202,7 +202,7 @@ static void wpa_priv_cmd_associate(struc + if (assoc->ssid_len > 32) + return; + params.ssid_len = assoc->ssid_len; +- params.freq = assoc->freq; ++ params.freq.freq = assoc->freq; + if (assoc->wpa_ie_len) { + params.wpa_ie = (u8 *) (assoc + 1); + params.wpa_ie_len = assoc->wpa_ie_len; +@@ -947,6 +947,7 @@ static void usage(void) + int main(int argc, char *argv[]) + { + int c, i; ++ int eloop_initialized = 0; + int ret = -1; + char *pid_file = NULL; + int daemonize = 0; +@@ -992,6 +993,7 @@ int main(int argc, char *argv[]) + wpa_printf(MSG_ERROR, "Failed to initialize event loop"); + goto out; + } ++ else eloop_initialized = 1; + + for (i = optind; i < argc; i++) { + wpa_printf(MSG_DEBUG, "Adding driver:interface %s", argv[i]); +@@ -1018,7 +1020,8 @@ out: + wpa_priv_interface_deinit(prev); + } + +- eloop_destroy(); ++ if (eloop_initialized) ++ eloop_destroy(); + + os_daemonize_terminate(pid_file); + os_free(pid_file); Added: head/security/wpa_supplicant/files/pkg-message.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/pkg-message.in Sun Oct 12 21:20:25 2014 (r370742) @@ -0,0 +1,6 @@ +To use the ports version of WPA Supplicant instead of the base, add: + + hostapd_program="%%PREFIX%%/sbin/wpa_supplicant" + +to /etc/rc.conf + Modified: head/security/wpa_supplicant/pkg-descr ============================================================================== --- head/security/wpa_supplicant/pkg-descr Mon Dec 31 22:24:02 2007 (r204782) +++ head/security/wpa_supplicant/pkg-descr Sun Oct 12 21:20:25 2014 (r370742) @@ -1,9 +1,14 @@ -wpa_supplicant is a client (supplicant) for the WPA, 802.11i, and -802.1x security protocols typically used over wireless networks. -You must have a WPA, 802.11i, or 802.1x authenticator (server) to -make use of this program. +wpa_supplicant is a client (supplicant) with support for WPA and WPA2 +(IEEE 802.11i / RSN). It is suitable for both desktop/laptop computers and +embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used +in the client stations. It implements key negotiation with a WPA +Authenticator and it controls the roaming and IEEE 802.11 authentication/ +association of the wlan driver. -WWW: http://hostap.epitest.fi/wpa_supplicant/ +wpa_supplicant is designed to be a "daemon" program that runs in the +background and acts as the backend component controlling the wireless +connection. wpa_supplicant supports separate frontend programs and a +text-based frontend (wpa_cli) and a GUI (wpa_gui) are included with +wpa_supplicant. -- Sam Leffler -sam@FreeBSD.org +WWW: http://w1.fi/wpa_supplicant/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410122120.s9CLKP4l080080>