From owner-freebsd-current@FreeBSD.ORG Thu Apr 16 22:17:36 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6BA2D1065675 for ; Thu, 16 Apr 2009 22:17:36 +0000 (UTC) (envelope-from dandee@hellteam.net) Received: from lucifer.hellteam.net (lucifer.hellteam.net [88.86.107.21]) by mx1.freebsd.org (Postfix) with ESMTP id ECCB08FC17 for ; Thu, 16 Apr 2009 22:17:35 +0000 (UTC) (envelope-from dandee@hellteam.net) Received: from smtp.hellteam.net (rik.hellteam.net [78.108.102.225]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by lucifer.hellteam.net (Postfix) with ESMTPS id 8A7F23D1; Fri, 17 Apr 2009 00:06:50 +0200 (CEST) Received: from gandalf (devnull.hellteam.net [78.108.103.110]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by smtp.hellteam.net (Postfix) with ESMTPSA id D9093570050; Fri, 17 Apr 2009 00:02:11 +0200 (CEST) From: =?ISO-8859-1?Q?Daniel_Dvor=E1k?= To: "'Sam Leffler'" References: <49AB456E.3090105@errno.com> Date: Fri, 17 Apr 2009 00:02:11 +0200 Organization: Projekt HELL Message-ID: <5B009A189F2448B7B46CEDEFB456702D@tocnet28.jspoj.czf> MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Office Outlook 11 In-Reply-To: <49AB456E.3090105@errno.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325 Importance: High Thread-Index: Acma38rxAU3ALlc5Qau91CLf9eseZwj/C7Ug Cc: freebsd-current@freebsd.org Subject: RE: HEADS UP: new wpa_supplicant and hostapd X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dandee@hellteam.net List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Apr 2009 22:17:36 -0000 Hi Sam, I would like to inform you about just successfully tested wired driver with wpa_supplicant in startting process of OS. 802.1x configuration with PEAP. Version of wpa_supplicant is lower than last imported. server# egrep em0 /etc/rc.conf ifconfig_em0="WPA DHCP" server# uname -a FreeBSD server 7.1-RELEASE-p4 FreeBSD 7.1-RELEASE-p4 #0: Sun Mar 22 12:35:36 UTC 2009 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 server# cat /etc/wpa_supplicant.conf update_config=1 ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel eapol_version=1 ap_scan=0 fast_reauth=1 network={ eapol_flags=0 key_mgmt=IEEE8021X eap=PEAP identity="SERVER$" password="!--- Output suppressed" # ca_cert="" phase1="peaplabel=0 peapver=1 include_tls_length=1" phase2="auth=MSCHAPV2" } server# wpa_supplicant -v wpa_supplicant v0.5.10 Copyright (c) 2003-2008, Jouni Malinen and contributors server# wpa_cli status Selected interface 'em0' bssid=01:80:c2:00:00:03 ssid= id=0 pairwise_cipher=NONE group_cipher=NONE key_mgmt=IEEE 802.1X (no WPA) wpa_state=COMPLETED ip_address=W.X.Y.Z Supplicant PAE state=AUTHENTICATED suppPortStatus=Authorized EAP state=SUCCESS selectedMethod=25 (EAP-PEAP) EAP TLS cipher=AES256-SHA EAP-PEAPv1 Phase2 method=MSCHAPV2 GREATCISCOSWITCH6500#sh dot1x interface gigabitEthernet 7/3 details Dot1x Info for GigabitEthernet7/3 ----------------------------------- PAE = AUTHENTICATOR PortControl = AUTO ControlDirection = Both HostMode = SINGLE_HOST ReAuthentication = Enabled QuietPeriod = 10 ServerTimeout = 30 SuppTimeout = 30 ReAuthPeriod = 3600 (Locally configured) ReAuthMax = 1 MaxReq = 1 TxPeriod = 20 Mac-Auth-Bypass = Enabled Dot1x Authenticator Client List ------------------------------- Supplicant = 00c0.wxyz.2c1f Auth SM State = AUTHENTICATED Auth BEND SM Stat = IDLE Port Status = AUTHORIZED ReAuthPeriod = 3600 ReAuthAction = Reauthenticate TimeToNextReauth = 2367 Authentication Method = Dot1x User-Name = SERVER$ Authorized By = Authentication Server Vlan Policy = 437 Starting wpa_supplicant. em0: no link ... . . got link DHCPREQUEST on em0 to 255.255.255.255 port 67 DHCPDISCOVER on em0 to 255.255.255.255 port 67 interval 7 DHCPOFFER from W.X.Y.Z DHCPREQUEST on em0 to 255.255.255.255 port 67 DHCPACK from W.X.Y.Z bound to W.X.Y.Z -- renewal in 345600 seconds. lo0: flags=8049 metric 0 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 em0: flags=8843 metric 0 mtu 1500 options=9b ether 00:c0:wx:yz:2c:1f inet W.X.Y.Z netmask 0xffffff00 broadcast W.X.Y.Z media: Ethernet autoselect (1000baseTX ) status: active I had to add em* definition to /etc/rc.d/wpa_supplicant script to execute wpa_supplicant with -Dwired, because fbsd 7.1 does not support it by default. And I would like to ask you to change it in fbsd 7.2, becuase it works and newer version 0.6.8 is not needed. ifn="$2" if [ -z "$ifn" ]; then return 1 fi case ${ifn} in ndis*) driver="ndis" ;; em*) driver="wired" ;; *) driver="bsd" ;; esac Bye Daniel -----Original Message----- From: owner-freebsd-current@freebsd.org [mailto:owner-freebsd-current@freebsd.org] On Behalf Of Sam Leffler Sent: Monday, March 02, 2009 3:33 AM To: freebsd-current@freebsd.org Subject: HEADS UP: new wpa_supplicant and hostapd I've imported v0.6.8 which is now the tip of the stable branch in Jouni's repository. One side effect is there is now a combined tree in contrib. You should see no regressions but this has been lightly tested so beware (and -Dwired support in wpa_supplicant is not tested). Not sure what new functionality comes with this code. If something is not enabled in the build that should be please let me know. Sam _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"