From owner-freebsd-current@FreeBSD.ORG  Tue Jun  7 04:36:32 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: freebsd-current@freebsd.org
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 53C4B16A41C
	for <freebsd-current@freebsd.org>; Tue,  7 Jun 2005 04:36:32 +0000 (GMT)
	(envelope-from sam@errno.com)
Received: from ebb.errno.com (ebb.errno.com [66.127.85.87])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F0DCA43D1D
	for <freebsd-current@freebsd.org>; Tue,  7 Jun 2005 04:36:31 +0000 (GMT)
	(envelope-from sam@errno.com)
Received: from [66.127.85.91] (sam@[66.127.85.91]) (authenticated bits=0)
	by ebb.errno.com (8.12.9/8.12.6) with ESMTP id j574aVms046058
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-current@freebsd.org>; Mon, 6 Jun 2005 21:36:31 -0700 (PDT)
	(envelope-from sam@errno.com)
Message-ID: <42A5253E.10401@errno.com>
Date: Mon, 06 Jun 2005 21:40:30 -0700
From: Sam Leffler <sam@errno.com>
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050327)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-current@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: HEADSUP: wpa support in the tree
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2005 04:36:32 -0000

I brought wpa_supplicant and hostapd from the ports area into CVS and 
Brooks and I are working to complete the integration with the rc 
scripts.  When the dust settles you'll be able to configure 
wpa_supplicant use similarly to dhcp (modulo the need for a 
wpa_supplicant.conf file).

I'm still working on the manual pages and resolving some issues with 
hostapd but things should work as well or better than the equivalent ports.

The main open issue is what to support in the base configuration.  For 
now wpa_supplicant only supports WPA-PSK.  To enable 802.1x support you 
must set a new make.conf variable ENABLE_WPA_SUPPLICANT_EAPOL and have 
openssl support not disabled.  When this is done you get EAP-PEAP, 
EAP-LEAP, and EAP-TLS support.  I'd like to include EAP-FAST support but 
that requires mods to openssl that we do not have.

I'm looking for feedback on the above.  Do many folks need/use more than 
WPA-PSK?  Are the above set of EAP methods sufficient?  All the EAP 
methods supported by wpa_supplicant are available; they just won't be 
enabled by default (i.e. you'll need to tweak the configuration and/or 
Makefile).

Remember that WPA support requires a WPA-capable driver.  I know ath has 
full support and ndis has some WPA-PSK support.  I'm not sure how well 
the other drivers work (except that wi does not currently have any support).

	Sam