svn commit: r281806 - in head: contrib/wpa contrib/wpa/hostapd contrib/wpa/hs20 contrib/wpa/patches contrib/wpa/src/ap contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/drivers contrib/...
Rui Paulo
rpaulo at FreeBSD.org
Tue Apr 21 01:45:14 UTC 2015
Author: rpaulo
Date: Tue Apr 21 01:45:11 2015
New Revision: 281806
URL: https://svnweb.freebsd.org/changeset/base/281806
Log:
Merge wpa_supplicant/hostapd 2.4.
Major changes are: SAE, Suite B, RFC 7268, EAP-PKE, ACS, and tons of
bug fixes.
Relnotes: yes
Added:
head/contrib/wpa/CONTRIBUTIONS
- copied unchanged from r281682, vendor/wpa/dist/CONTRIBUTIONS
head/contrib/wpa/hostapd/hapd_module_tests.c
- copied unchanged from r281682, vendor/wpa/dist/hostapd/hapd_module_tests.c
head/contrib/wpa/hostapd/wps-ap-nfc.py
- copied unchanged from r281682, vendor/wpa/dist/hostapd/wps-ap-nfc.py
head/contrib/wpa/hs20/
- copied from r281682, vendor/wpa/dist/hs20/
head/contrib/wpa/patches/openssl-0.9.8za-tls-extensions.patch
- copied unchanged from r281682, vendor/wpa/dist/patches/openssl-0.9.8za-tls-extensions.patch
head/contrib/wpa/src/ap/acs.c
- copied unchanged from r281682, vendor/wpa/dist/src/ap/acs.c
head/contrib/wpa/src/ap/acs.h
- copied unchanged from r281682, vendor/wpa/dist/src/ap/acs.h
head/contrib/wpa/src/ap/bss_load.c
- copied unchanged from r281682, vendor/wpa/dist/src/ap/bss_load.c
head/contrib/wpa/src/ap/bss_load.h
- copied unchanged from r281682, vendor/wpa/dist/src/ap/bss_load.h
head/contrib/wpa/src/ap/dfs.c
- copied unchanged from r281682, vendor/wpa/dist/src/ap/dfs.c
head/contrib/wpa/src/ap/dfs.h
- copied unchanged from r281682, vendor/wpa/dist/src/ap/dfs.h
head/contrib/wpa/src/ap/dhcp_snoop.c
- copied unchanged from r281682, vendor/wpa/dist/src/ap/dhcp_snoop.c
head/contrib/wpa/src/ap/dhcp_snoop.h
- copied unchanged from r281682, vendor/wpa/dist/src/ap/dhcp_snoop.h
head/contrib/wpa/src/ap/ndisc_snoop.c
- copied unchanged from r281682, vendor/wpa/dist/src/ap/ndisc_snoop.c
head/contrib/wpa/src/ap/ndisc_snoop.h
- copied unchanged from r281682, vendor/wpa/dist/src/ap/ndisc_snoop.h
head/contrib/wpa/src/ap/x_snoop.c
- copied unchanged from r281682, vendor/wpa/dist/src/ap/x_snoop.c
head/contrib/wpa/src/ap/x_snoop.h
- copied unchanged from r281682, vendor/wpa/dist/src/ap/x_snoop.h
head/contrib/wpa/src/common/common_module_tests.c
- copied unchanged from r281682, vendor/wpa/dist/src/common/common_module_tests.c
head/contrib/wpa/src/common/hw_features_common.c
- copied unchanged from r281682, vendor/wpa/dist/src/common/hw_features_common.c
head/contrib/wpa/src/common/hw_features_common.h
- copied unchanged from r281682, vendor/wpa/dist/src/common/hw_features_common.h
head/contrib/wpa/src/common/ieee802_1x_defs.h
- copied unchanged from r281682, vendor/wpa/dist/src/common/ieee802_1x_defs.h
head/contrib/wpa/src/common/qca-vendor-attr.h
- copied unchanged from r281682, vendor/wpa/dist/src/common/qca-vendor-attr.h
head/contrib/wpa/src/common/qca-vendor.h
- copied unchanged from r281682, vendor/wpa/dist/src/common/qca-vendor.h
head/contrib/wpa/src/common/sae.c
- copied unchanged from r281682, vendor/wpa/dist/src/common/sae.c
head/contrib/wpa/src/common/sae.h
- copied unchanged from r281682, vendor/wpa/dist/src/common/sae.h
head/contrib/wpa/src/common/tnc.h
- copied unchanged from r281682, vendor/wpa/dist/src/common/tnc.h
head/contrib/wpa/src/common/wpa_helpers.c
- copied unchanged from r281682, vendor/wpa/dist/src/common/wpa_helpers.c
head/contrib/wpa/src/common/wpa_helpers.h
- copied unchanged from r281682, vendor/wpa/dist/src/common/wpa_helpers.h
head/contrib/wpa/src/crypto/aes-siv.c
- copied unchanged from r281682, vendor/wpa/dist/src/crypto/aes-siv.c
head/contrib/wpa/src/crypto/aes_siv.h
- copied unchanged from r281682, vendor/wpa/dist/src/crypto/aes_siv.h
head/contrib/wpa/src/crypto/crypto_module_tests.c
- copied unchanged from r281682, vendor/wpa/dist/src/crypto/crypto_module_tests.c
head/contrib/wpa/src/crypto/sha256-kdf.c
- copied unchanged from r281682, vendor/wpa/dist/src/crypto/sha256-kdf.c
head/contrib/wpa/src/crypto/sha384.h
- copied unchanged from r281682, vendor/wpa/dist/src/crypto/sha384.h
head/contrib/wpa/src/drivers/driver_macsec_qca.c
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_macsec_qca.c
head/contrib/wpa/src/drivers/driver_nl80211.h
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_nl80211.h
head/contrib/wpa/src/drivers/driver_nl80211_android.c
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_nl80211_android.c
head/contrib/wpa/src/drivers/driver_nl80211_capa.c
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_nl80211_capa.c
head/contrib/wpa/src/drivers/driver_nl80211_event.c
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_nl80211_event.c
head/contrib/wpa/src/drivers/driver_nl80211_monitor.c
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_nl80211_monitor.c
head/contrib/wpa/src/drivers/driver_nl80211_scan.c
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_nl80211_scan.c
head/contrib/wpa/src/drivers/driver_openbsd.c
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/driver_openbsd.c
head/contrib/wpa/src/drivers/linux_defines.h
- copied unchanged from r281682, vendor/wpa/dist/src/drivers/linux_defines.h
head/contrib/wpa/src/eap_common/eap_eke_common.c
- copied unchanged from r281682, vendor/wpa/dist/src/eap_common/eap_eke_common.c
head/contrib/wpa/src/eap_common/eap_eke_common.h
- copied unchanged from r281682, vendor/wpa/dist/src/eap_common/eap_eke_common.h
head/contrib/wpa/src/eap_peer/eap_eke.c
- copied unchanged from r281682, vendor/wpa/dist/src/eap_peer/eap_eke.c
head/contrib/wpa/src/eap_peer/eap_proxy.h
- copied unchanged from r281682, vendor/wpa/dist/src/eap_peer/eap_proxy.h
head/contrib/wpa/src/eap_peer/eap_proxy_dummy.c
- copied unchanged from r281682, vendor/wpa/dist/src/eap_peer/eap_proxy_dummy.c
head/contrib/wpa/src/eap_server/eap_server_eke.c
- copied unchanged from r281682, vendor/wpa/dist/src/eap_server/eap_server_eke.c
head/contrib/wpa/src/pae/
- copied from r281682, vendor/wpa/dist/src/pae/
head/contrib/wpa/src/utils/bitfield.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/bitfield.c
head/contrib/wpa/src/utils/bitfield.h
- copied unchanged from r281682, vendor/wpa/dist/src/utils/bitfield.h
head/contrib/wpa/src/utils/browser-android.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/browser-android.c
head/contrib/wpa/src/utils/browser-system.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/browser-system.c
head/contrib/wpa/src/utils/browser-wpadebug.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/browser-wpadebug.c
head/contrib/wpa/src/utils/browser.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/browser.c
head/contrib/wpa/src/utils/browser.h
- copied unchanged from r281682, vendor/wpa/dist/src/utils/browser.h
head/contrib/wpa/src/utils/http-utils.h
- copied unchanged from r281682, vendor/wpa/dist/src/utils/http-utils.h
head/contrib/wpa/src/utils/http_curl.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/http_curl.c
head/contrib/wpa/src/utils/platform.h
- copied unchanged from r281682, vendor/wpa/dist/src/utils/platform.h
head/contrib/wpa/src/utils/utils_module_tests.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/utils_module_tests.c
head/contrib/wpa/src/utils/xml-utils.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/xml-utils.c
head/contrib/wpa/src/utils/xml-utils.h
- copied unchanged from r281682, vendor/wpa/dist/src/utils/xml-utils.h
head/contrib/wpa/src/utils/xml_libxml2.c
- copied unchanged from r281682, vendor/wpa/dist/src/utils/xml_libxml2.c
head/contrib/wpa/src/wps/wps_module_tests.c
- copied unchanged from r281682, vendor/wpa/dist/src/wps/wps_module_tests.c
head/contrib/wpa/wpa_supplicant/eap_proxy_dummy.mak
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/eap_proxy_dummy.mak
head/contrib/wpa/wpa_supplicant/eap_proxy_dummy.mk
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/eap_proxy_dummy.mk
head/contrib/wpa/wpa_supplicant/examples/p2p-nfc.py
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/examples/p2p-nfc.py
head/contrib/wpa/wpa_supplicant/mesh.c
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/mesh.c
head/contrib/wpa/wpa_supplicant/mesh.h
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/mesh.h
head/contrib/wpa/wpa_supplicant/mesh_mpm.c
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/mesh_mpm.c
head/contrib/wpa/wpa_supplicant/mesh_mpm.h
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/mesh_mpm.h
head/contrib/wpa/wpa_supplicant/mesh_rsn.c
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/mesh_rsn.c
head/contrib/wpa/wpa_supplicant/mesh_rsn.h
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/mesh_rsn.h
head/contrib/wpa/wpa_supplicant/wmm_ac.c
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/wmm_ac.c
head/contrib/wpa/wpa_supplicant/wmm_ac.h
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/wmm_ac.h
head/contrib/wpa/wpa_supplicant/wpas_kay.c
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/wpas_kay.c
head/contrib/wpa/wpa_supplicant/wpas_kay.h
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/wpas_kay.h
head/contrib/wpa/wpa_supplicant/wpas_module_tests.c
- copied unchanged from r281682, vendor/wpa/dist/wpa_supplicant/wpas_module_tests.c
Deleted:
head/contrib/wpa/hostapd/dump_state.c
head/contrib/wpa/hostapd/dump_state.h
head/contrib/wpa/patches/openssl-0.9.8-tls-extensions.patch
head/contrib/wpa/patches/openssl-0.9.8d-tls-extensions.patch
head/contrib/wpa/patches/openssl-0.9.8e-tls-extensions.patch
head/contrib/wpa/patches/openssl-0.9.8g-tls-extensions.patch
head/contrib/wpa/patches/openssl-0.9.8h-tls-extensions.patch
head/contrib/wpa/patches/openssl-0.9.8i-tls-extensions.patch
head/contrib/wpa/patches/openssl-0.9.8x-tls-extensions.patch
head/contrib/wpa/patches/openssl-0.9.9-session-ticket.patch
head/contrib/wpa/src/crypto/crypto_nss.c
head/contrib/wpa/src/crypto/fips_prf_cryptoapi.c
head/contrib/wpa/src/crypto/fips_prf_gnutls.c
head/contrib/wpa/src/crypto/fips_prf_nss.c
head/contrib/wpa/src/crypto/tls_nss.c
head/contrib/wpa/src/utils/eloop_none.c
Modified:
head/contrib/wpa/COPYING
head/contrib/wpa/README
head/contrib/wpa/hostapd/ChangeLog
head/contrib/wpa/hostapd/README
head/contrib/wpa/hostapd/README-WPS
head/contrib/wpa/hostapd/config_file.c
head/contrib/wpa/hostapd/ctrl_iface.c
head/contrib/wpa/hostapd/defconfig
head/contrib/wpa/hostapd/eap_register.c
head/contrib/wpa/hostapd/hlr_auc_gw.c
head/contrib/wpa/hostapd/hostapd.8
head/contrib/wpa/hostapd/hostapd.conf
head/contrib/wpa/hostapd/hostapd.eap_user
head/contrib/wpa/hostapd/hostapd.eap_user_sqlite
head/contrib/wpa/hostapd/hostapd_cli.c
head/contrib/wpa/hostapd/main.c
head/contrib/wpa/src/ap/accounting.c
head/contrib/wpa/src/ap/ap_config.c
head/contrib/wpa/src/ap/ap_config.h
head/contrib/wpa/src/ap/ap_drv_ops.c
head/contrib/wpa/src/ap/ap_drv_ops.h
head/contrib/wpa/src/ap/ap_list.c
head/contrib/wpa/src/ap/ap_list.h
head/contrib/wpa/src/ap/ap_mlme.c
head/contrib/wpa/src/ap/authsrv.c
head/contrib/wpa/src/ap/beacon.c
head/contrib/wpa/src/ap/beacon.h
head/contrib/wpa/src/ap/ctrl_iface_ap.c
head/contrib/wpa/src/ap/ctrl_iface_ap.h
head/contrib/wpa/src/ap/drv_callbacks.c
head/contrib/wpa/src/ap/eap_user_db.c
head/contrib/wpa/src/ap/gas_serv.c
head/contrib/wpa/src/ap/gas_serv.h
head/contrib/wpa/src/ap/hostapd.c
head/contrib/wpa/src/ap/hostapd.h
head/contrib/wpa/src/ap/hs20.c
head/contrib/wpa/src/ap/hs20.h
head/contrib/wpa/src/ap/hw_features.c
head/contrib/wpa/src/ap/hw_features.h
head/contrib/wpa/src/ap/iapp.c
head/contrib/wpa/src/ap/ieee802_11.c
head/contrib/wpa/src/ap/ieee802_11.h
head/contrib/wpa/src/ap/ieee802_11_auth.c
head/contrib/wpa/src/ap/ieee802_11_ht.c
head/contrib/wpa/src/ap/ieee802_11_shared.c
head/contrib/wpa/src/ap/ieee802_11_vht.c
head/contrib/wpa/src/ap/ieee802_1x.c
head/contrib/wpa/src/ap/ieee802_1x.h
head/contrib/wpa/src/ap/p2p_hostapd.c
head/contrib/wpa/src/ap/peerkey_auth.c
head/contrib/wpa/src/ap/pmksa_cache_auth.c
head/contrib/wpa/src/ap/pmksa_cache_auth.h
head/contrib/wpa/src/ap/sta_info.c
head/contrib/wpa/src/ap/sta_info.h
head/contrib/wpa/src/ap/tkip_countermeasures.c
head/contrib/wpa/src/ap/vlan_init.c
head/contrib/wpa/src/ap/vlan_init.h
head/contrib/wpa/src/ap/wmm.c
head/contrib/wpa/src/ap/wmm.h
head/contrib/wpa/src/ap/wnm_ap.c
head/contrib/wpa/src/ap/wnm_ap.h
head/contrib/wpa/src/ap/wpa_auth.c
head/contrib/wpa/src/ap/wpa_auth.h
head/contrib/wpa/src/ap/wpa_auth_ft.c
head/contrib/wpa/src/ap/wpa_auth_glue.c
head/contrib/wpa/src/ap/wpa_auth_i.h
head/contrib/wpa/src/ap/wpa_auth_ie.c
head/contrib/wpa/src/ap/wpa_auth_ie.h
head/contrib/wpa/src/ap/wps_hostapd.c
head/contrib/wpa/src/ap/wps_hostapd.h
head/contrib/wpa/src/common/defs.h
head/contrib/wpa/src/common/eapol_common.h
head/contrib/wpa/src/common/ieee802_11_common.c
head/contrib/wpa/src/common/ieee802_11_common.h
head/contrib/wpa/src/common/ieee802_11_defs.h
head/contrib/wpa/src/common/privsep_commands.h
head/contrib/wpa/src/common/version.h
head/contrib/wpa/src/common/wpa_common.c
head/contrib/wpa/src/common/wpa_common.h
head/contrib/wpa/src/common/wpa_ctrl.c
head/contrib/wpa/src/common/wpa_ctrl.h
head/contrib/wpa/src/crypto/aes-ccm.c
head/contrib/wpa/src/crypto/aes-eax.c
head/contrib/wpa/src/crypto/aes-gcm.c
head/contrib/wpa/src/crypto/aes-omac1.c
head/contrib/wpa/src/crypto/aes-unwrap.c
head/contrib/wpa/src/crypto/aes-wrap.c
head/contrib/wpa/src/crypto/aes_wrap.h
head/contrib/wpa/src/crypto/crypto.h
head/contrib/wpa/src/crypto/crypto_internal-rsa.c
head/contrib/wpa/src/crypto/crypto_openssl.c
head/contrib/wpa/src/crypto/dh_groups.c
head/contrib/wpa/src/crypto/dh_groups.h
head/contrib/wpa/src/crypto/md5.c
head/contrib/wpa/src/crypto/milenage.c
head/contrib/wpa/src/crypto/ms_funcs.c
head/contrib/wpa/src/crypto/random.c
head/contrib/wpa/src/crypto/sha1-internal.c
head/contrib/wpa/src/crypto/sha1-prf.c
head/contrib/wpa/src/crypto/sha1.c
head/contrib/wpa/src/crypto/sha256-prf.c
head/contrib/wpa/src/crypto/sha256.h
head/contrib/wpa/src/crypto/tls.h
head/contrib/wpa/src/crypto/tls_gnutls.c
head/contrib/wpa/src/crypto/tls_internal.c
head/contrib/wpa/src/crypto/tls_none.c
head/contrib/wpa/src/crypto/tls_openssl.c
head/contrib/wpa/src/crypto/tls_schannel.c
head/contrib/wpa/src/drivers/driver.h
head/contrib/wpa/src/drivers/driver_bsd.c
head/contrib/wpa/src/drivers/driver_common.c
head/contrib/wpa/src/drivers/driver_ndis.c
head/contrib/wpa/src/drivers/driver_privsep.c
head/contrib/wpa/src/drivers/driver_wired.c
head/contrib/wpa/src/drivers/drivers.c
head/contrib/wpa/src/eap_common/eap_common.c
head/contrib/wpa/src/eap_common/eap_common.h
head/contrib/wpa/src/eap_common/eap_defs.h
head/contrib/wpa/src/eap_common/eap_fast_common.c
head/contrib/wpa/src/eap_common/eap_fast_common.h
head/contrib/wpa/src/eap_common/eap_gpsk_common.c
head/contrib/wpa/src/eap_common/eap_gpsk_common.h
head/contrib/wpa/src/eap_common/eap_ikev2_common.c
head/contrib/wpa/src/eap_common/eap_ikev2_common.h
head/contrib/wpa/src/eap_common/eap_pax_common.c
head/contrib/wpa/src/eap_common/eap_pax_common.h
head/contrib/wpa/src/eap_common/eap_pwd_common.c
head/contrib/wpa/src/eap_common/eap_pwd_common.h
head/contrib/wpa/src/eap_common/eap_sim_common.c
head/contrib/wpa/src/eap_common/eap_sim_common.h
head/contrib/wpa/src/eap_common/ikev2_common.c
head/contrib/wpa/src/eap_common/ikev2_common.h
head/contrib/wpa/src/eap_peer/eap.c
head/contrib/wpa/src/eap_peer/eap.h
head/contrib/wpa/src/eap_peer/eap_aka.c
head/contrib/wpa/src/eap_peer/eap_config.h
head/contrib/wpa/src/eap_peer/eap_fast.c
head/contrib/wpa/src/eap_peer/eap_fast_pac.c
head/contrib/wpa/src/eap_peer/eap_gpsk.c
head/contrib/wpa/src/eap_peer/eap_i.h
head/contrib/wpa/src/eap_peer/eap_ikev2.c
head/contrib/wpa/src/eap_peer/eap_leap.c
head/contrib/wpa/src/eap_peer/eap_methods.c
head/contrib/wpa/src/eap_peer/eap_methods.h
head/contrib/wpa/src/eap_peer/eap_mschapv2.c
head/contrib/wpa/src/eap_peer/eap_pax.c
head/contrib/wpa/src/eap_peer/eap_peap.c
head/contrib/wpa/src/eap_peer/eap_psk.c
head/contrib/wpa/src/eap_peer/eap_pwd.c
head/contrib/wpa/src/eap_peer/eap_sake.c
head/contrib/wpa/src/eap_peer/eap_sim.c
head/contrib/wpa/src/eap_peer/eap_tls.c
head/contrib/wpa/src/eap_peer/eap_tls_common.c
head/contrib/wpa/src/eap_peer/eap_tls_common.h
head/contrib/wpa/src/eap_peer/eap_tnc.c
head/contrib/wpa/src/eap_peer/eap_ttls.c
head/contrib/wpa/src/eap_peer/eap_vendor_test.c
head/contrib/wpa/src/eap_peer/eap_wsc.c
head/contrib/wpa/src/eap_peer/ikev2.c
head/contrib/wpa/src/eap_peer/mschapv2.c
head/contrib/wpa/src/eap_peer/tncc.c
head/contrib/wpa/src/eap_server/eap.h
head/contrib/wpa/src/eap_server/eap_i.h
head/contrib/wpa/src/eap_server/eap_methods.h
head/contrib/wpa/src/eap_server/eap_server.c
head/contrib/wpa/src/eap_server/eap_server_aka.c
head/contrib/wpa/src/eap_server/eap_server_fast.c
head/contrib/wpa/src/eap_server/eap_server_gpsk.c
head/contrib/wpa/src/eap_server/eap_server_gtc.c
head/contrib/wpa/src/eap_server/eap_server_identity.c
head/contrib/wpa/src/eap_server/eap_server_ikev2.c
head/contrib/wpa/src/eap_server/eap_server_md5.c
head/contrib/wpa/src/eap_server/eap_server_methods.c
head/contrib/wpa/src/eap_server/eap_server_mschapv2.c
head/contrib/wpa/src/eap_server/eap_server_pax.c
head/contrib/wpa/src/eap_server/eap_server_peap.c
head/contrib/wpa/src/eap_server/eap_server_psk.c
head/contrib/wpa/src/eap_server/eap_server_pwd.c
head/contrib/wpa/src/eap_server/eap_server_sake.c
head/contrib/wpa/src/eap_server/eap_server_sim.c
head/contrib/wpa/src/eap_server/eap_server_tls.c
head/contrib/wpa/src/eap_server/eap_server_tls_common.c
head/contrib/wpa/src/eap_server/eap_server_tnc.c
head/contrib/wpa/src/eap_server/eap_server_ttls.c
head/contrib/wpa/src/eap_server/eap_server_wsc.c
head/contrib/wpa/src/eap_server/eap_sim_db.c
head/contrib/wpa/src/eap_server/eap_tls_common.h
head/contrib/wpa/src/eap_server/ikev2.c
head/contrib/wpa/src/eap_server/tncs.c
head/contrib/wpa/src/eapol_auth/eapol_auth_dump.c
head/contrib/wpa/src/eapol_auth/eapol_auth_sm.c
head/contrib/wpa/src/eapol_auth/eapol_auth_sm.h
head/contrib/wpa/src/eapol_auth/eapol_auth_sm_i.h
head/contrib/wpa/src/eapol_supp/eapol_supp_sm.c
head/contrib/wpa/src/eapol_supp/eapol_supp_sm.h
head/contrib/wpa/src/l2_packet/l2_packet.h
head/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
head/contrib/wpa/src/l2_packet/l2_packet_ndis.c
head/contrib/wpa/src/l2_packet/l2_packet_none.c
head/contrib/wpa/src/l2_packet/l2_packet_privsep.c
head/contrib/wpa/src/p2p/p2p.c
head/contrib/wpa/src/p2p/p2p.h
head/contrib/wpa/src/p2p/p2p_build.c
head/contrib/wpa/src/p2p/p2p_dev_disc.c
head/contrib/wpa/src/p2p/p2p_go_neg.c
head/contrib/wpa/src/p2p/p2p_group.c
head/contrib/wpa/src/p2p/p2p_i.h
head/contrib/wpa/src/p2p/p2p_invitation.c
head/contrib/wpa/src/p2p/p2p_parse.c
head/contrib/wpa/src/p2p/p2p_pd.c
head/contrib/wpa/src/p2p/p2p_sd.c
head/contrib/wpa/src/p2p/p2p_utils.c
head/contrib/wpa/src/radius/radius.c
head/contrib/wpa/src/radius/radius.h
head/contrib/wpa/src/radius/radius_client.c
head/contrib/wpa/src/radius/radius_das.c
head/contrib/wpa/src/radius/radius_das.h
head/contrib/wpa/src/radius/radius_server.c
head/contrib/wpa/src/radius/radius_server.h
head/contrib/wpa/src/rsn_supp/peerkey.c
head/contrib/wpa/src/rsn_supp/peerkey.h
head/contrib/wpa/src/rsn_supp/pmksa_cache.c
head/contrib/wpa/src/rsn_supp/pmksa_cache.h
head/contrib/wpa/src/rsn_supp/preauth.c
head/contrib/wpa/src/rsn_supp/preauth.h
head/contrib/wpa/src/rsn_supp/tdls.c
head/contrib/wpa/src/rsn_supp/wpa.c
head/contrib/wpa/src/rsn_supp/wpa.h
head/contrib/wpa/src/rsn_supp/wpa_ft.c
head/contrib/wpa/src/rsn_supp/wpa_i.h
head/contrib/wpa/src/rsn_supp/wpa_ie.c
head/contrib/wpa/src/rsn_supp/wpa_ie.h
head/contrib/wpa/src/tls/asn1.c
head/contrib/wpa/src/tls/asn1.h
head/contrib/wpa/src/tls/libtommath.c
head/contrib/wpa/src/tls/pkcs1.c
head/contrib/wpa/src/tls/pkcs1.h
head/contrib/wpa/src/tls/rsa.c
head/contrib/wpa/src/tls/rsa.h
head/contrib/wpa/src/tls/tlsv1_client.c
head/contrib/wpa/src/tls/tlsv1_client_read.c
head/contrib/wpa/src/tls/tlsv1_client_write.c
head/contrib/wpa/src/tls/tlsv1_common.c
head/contrib/wpa/src/tls/tlsv1_common.h
head/contrib/wpa/src/tls/tlsv1_record.c
head/contrib/wpa/src/tls/tlsv1_server.c
head/contrib/wpa/src/tls/tlsv1_server.h
head/contrib/wpa/src/tls/tlsv1_server_i.h
head/contrib/wpa/src/tls/tlsv1_server_read.c
head/contrib/wpa/src/tls/tlsv1_server_write.c
head/contrib/wpa/src/tls/x509v3.c
head/contrib/wpa/src/utils/base64.c
head/contrib/wpa/src/utils/build_config.h
head/contrib/wpa/src/utils/common.c
head/contrib/wpa/src/utils/common.h
head/contrib/wpa/src/utils/edit.c
head/contrib/wpa/src/utils/edit_readline.c
head/contrib/wpa/src/utils/edit_simple.c
head/contrib/wpa/src/utils/eloop.c
head/contrib/wpa/src/utils/eloop.h
head/contrib/wpa/src/utils/eloop_win.c
head/contrib/wpa/src/utils/ext_password_test.c
head/contrib/wpa/src/utils/ip_addr.c
head/contrib/wpa/src/utils/ip_addr.h
head/contrib/wpa/src/utils/list.h
head/contrib/wpa/src/utils/os.h
head/contrib/wpa/src/utils/os_internal.c
head/contrib/wpa/src/utils/os_none.c
head/contrib/wpa/src/utils/os_unix.c
head/contrib/wpa/src/utils/os_win32.c
head/contrib/wpa/src/utils/pcsc_funcs.c
head/contrib/wpa/src/utils/pcsc_funcs.h
head/contrib/wpa/src/utils/radiotap.c
head/contrib/wpa/src/utils/radiotap.h
head/contrib/wpa/src/utils/radiotap_iter.h
head/contrib/wpa/src/utils/trace.c
head/contrib/wpa/src/utils/trace.h
head/contrib/wpa/src/utils/uuid.c
head/contrib/wpa/src/utils/wpa_debug.c
head/contrib/wpa/src/utils/wpa_debug.h
head/contrib/wpa/src/utils/wpabuf.c
head/contrib/wpa/src/utils/wpabuf.h
head/contrib/wpa/src/wps/http_client.c
head/contrib/wpa/src/wps/http_server.c
head/contrib/wpa/src/wps/httpread.c
head/contrib/wpa/src/wps/ndef.c
head/contrib/wpa/src/wps/wps.c
head/contrib/wpa/src/wps/wps.h
head/contrib/wpa/src/wps/wps_attr_build.c
head/contrib/wpa/src/wps/wps_attr_parse.c
head/contrib/wpa/src/wps/wps_attr_parse.h
head/contrib/wpa/src/wps/wps_attr_process.c
head/contrib/wpa/src/wps/wps_common.c
head/contrib/wpa/src/wps/wps_defs.h
head/contrib/wpa/src/wps/wps_dev_attr.c
head/contrib/wpa/src/wps/wps_dev_attr.h
head/contrib/wpa/src/wps/wps_enrollee.c
head/contrib/wpa/src/wps/wps_er.c
head/contrib/wpa/src/wps/wps_er.h
head/contrib/wpa/src/wps/wps_er_ssdp.c
head/contrib/wpa/src/wps/wps_i.h
head/contrib/wpa/src/wps/wps_registrar.c
head/contrib/wpa/src/wps/wps_upnp.c
head/contrib/wpa/src/wps/wps_upnp_ap.c
head/contrib/wpa/src/wps/wps_upnp_i.h
head/contrib/wpa/src/wps/wps_upnp_ssdp.c
head/contrib/wpa/src/wps/wps_upnp_web.c
head/contrib/wpa/src/wps/wps_validate.c
head/contrib/wpa/wpa_supplicant/ChangeLog
head/contrib/wpa/wpa_supplicant/README
head/contrib/wpa/wpa_supplicant/README-HS20
head/contrib/wpa/wpa_supplicant/README-P2P
head/contrib/wpa/wpa_supplicant/README-WPS
head/contrib/wpa/wpa_supplicant/ap.c
head/contrib/wpa/wpa_supplicant/ap.h
head/contrib/wpa/wpa_supplicant/bgscan.c
head/contrib/wpa/wpa_supplicant/bgscan.h
head/contrib/wpa/wpa_supplicant/bgscan_learn.c
head/contrib/wpa/wpa_supplicant/bgscan_simple.c
head/contrib/wpa/wpa_supplicant/bss.c
head/contrib/wpa/wpa_supplicant/bss.h
head/contrib/wpa/wpa_supplicant/config.c
head/contrib/wpa/wpa_supplicant/config.h
head/contrib/wpa/wpa_supplicant/config_file.c
head/contrib/wpa/wpa_supplicant/config_none.c
head/contrib/wpa/wpa_supplicant/config_ssid.h
head/contrib/wpa/wpa_supplicant/ctrl_iface.c
head/contrib/wpa/wpa_supplicant/ctrl_iface.h
head/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c
head/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c
head/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c
head/contrib/wpa/wpa_supplicant/dbus/Makefile
head/contrib/wpa/wpa_supplicant/dbus/dbus_common.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_dict_helpers.h
head/contrib/wpa/wpa_supplicant/dbus/dbus_new.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_new.h
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.h
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.h
head/contrib/wpa/wpa_supplicant/dbus/dbus_new_introspect.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_old.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_old.h
head/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.c
head/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.h
head/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers_wps.c
head/contrib/wpa/wpa_supplicant/defconfig
head/contrib/wpa/wpa_supplicant/driver_i.h
head/contrib/wpa/wpa_supplicant/eap_register.c
head/contrib/wpa/wpa_supplicant/eapol_test.c
head/contrib/wpa/wpa_supplicant/events.c
head/contrib/wpa/wpa_supplicant/examples/p2p-action.sh
head/contrib/wpa/wpa_supplicant/examples/wps-ap-cli
head/contrib/wpa/wpa_supplicant/examples/wps-nfc.py
head/contrib/wpa/wpa_supplicant/gas_query.c
head/contrib/wpa/wpa_supplicant/gas_query.h
head/contrib/wpa/wpa_supplicant/hs20_supplicant.c
head/contrib/wpa/wpa_supplicant/hs20_supplicant.h
head/contrib/wpa/wpa_supplicant/ibss_rsn.c
head/contrib/wpa/wpa_supplicant/ibss_rsn.h
head/contrib/wpa/wpa_supplicant/interworking.c
head/contrib/wpa/wpa_supplicant/interworking.h
head/contrib/wpa/wpa_supplicant/main.c
head/contrib/wpa/wpa_supplicant/main_none.c
head/contrib/wpa/wpa_supplicant/notify.c
head/contrib/wpa/wpa_supplicant/notify.h
head/contrib/wpa/wpa_supplicant/offchannel.c
head/contrib/wpa/wpa_supplicant/p2p_supplicant.c
head/contrib/wpa/wpa_supplicant/p2p_supplicant.h
head/contrib/wpa/wpa_supplicant/preauth_test.c
head/contrib/wpa/wpa_supplicant/scan.c
head/contrib/wpa/wpa_supplicant/scan.h
head/contrib/wpa/wpa_supplicant/sme.c
head/contrib/wpa/wpa_supplicant/sme.h
head/contrib/wpa/wpa_supplicant/tests/test_wpa.c
head/contrib/wpa/wpa_supplicant/todo.txt
head/contrib/wpa/wpa_supplicant/wifi_display.c
head/contrib/wpa/wpa_supplicant/wifi_display.h
head/contrib/wpa/wpa_supplicant/wnm_sta.c
head/contrib/wpa/wpa_supplicant/wnm_sta.h
head/contrib/wpa/wpa_supplicant/wpa_cli.c
head/contrib/wpa/wpa_supplicant/wpa_priv.c
head/contrib/wpa/wpa_supplicant/wpa_supplicant.c
head/contrib/wpa/wpa_supplicant/wpa_supplicant.conf
head/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h
head/contrib/wpa/wpa_supplicant/wpa_supplicant_template.conf
head/contrib/wpa/wpa_supplicant/wpas_glue.c
head/contrib/wpa/wpa_supplicant/wps_supplicant.c
head/contrib/wpa/wpa_supplicant/wps_supplicant.h
head/usr.sbin/wpa/hostapd/Makefile
head/usr.sbin/wpa/wpa_passphrase/Makefile
head/usr.sbin/wpa/wpa_supplicant/Makefile
Directory Properties:
head/contrib/wpa/ (props changed)
Copied: head/contrib/wpa/CONTRIBUTIONS (from r281682, vendor/wpa/dist/CONTRIBUTIONS)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/contrib/wpa/CONTRIBUTIONS Tue Apr 21 01:45:11 2015 (r281806, copy of r281682, vendor/wpa/dist/CONTRIBUTIONS)
@@ -0,0 +1,143 @@
+Contributions to hostap.git
+---------------------------
+
+This software is distributed under a permissive open source license to
+allow it to be used in any projects, whether open source or proprietary.
+Contributions to the project are welcome and it is important to maintain
+clear record of contributions and terms under which they are licensed.
+To help with this, following procedure is used to allow acceptance and
+recording of the terms.
+
+All contributions are expected to be licensed under the modified BSD
+license (see below). Acknowledgment of the terms is tracked through
+inclusion of Signed-off-by tag in the contributions at the end of the
+commit log message. This tag indicates that the contributor agrees with
+the Developer Certificate of Origin (DCO) version 1.1 terms (see below;
+also available from http://developercertificate.org/).
+
+
+The current requirements for contributions to hostap.git
+--------------------------------------------------------
+
+To indicate your acceptance of Developer's Certificate of Origin 1.1
+terms, please add the following line to the end of the commit message
+for each contribution you make to the project:
+
+Signed-off-by: Your Name <your at email.example.org>
+
+using your real name. Pseudonyms or anonymous contributions cannot
+unfortunately be accepted.
+
+
+History of license and contributions terms
+------------------------------------------
+
+Until February 11, 2012, in case of most files in hostap.git, "under the
+open source license indicated in the file" means that the contribution
+is licensed both under GPL v2 and modified BSD license (see below) and
+the choice between these licenses is given to anyone who redistributes
+or uses the software. As such, the contribution has to be licensed under
+both options to allow this choice.
+
+As of February 11, 2012, the project has chosen to use only the BSD
+license option for future distribution. As such, the GPL v2 license
+option is no longer used and the contributions are not required to be
+licensed until GPL v2. In case of most files in hostap.git, "under the
+open source license indicated in the file" means that the contribution
+is licensed under the modified BSD license (see below).
+
+Until February 13, 2014, the project used an extended version of the DCO
+that included the identical items (a) through (d) from DCO 1.1 and an
+additional item (e):
+
+(e) The contribution can be licensed under the modified BSD license
+ as shown below even in case of files that are currently licensed
+ under other terms.
+
+This was used during the period when some of the files included the old
+license terms. Acceptance of this extended DCO version was indicated
+with a Signed-hostap tag in the commit message. This additional item (e)
+was used to collect explicit approval to license the contribution with
+only the modified BSD license (see below), i.e., without the GPL v2
+option. This was done to allow simpler licensing terms to be used in the
+future. It should be noted that the modified BSD license is compatible
+with GNU GPL and as such, this possible move to simpler licensing option
+does not prevent use of this software in GPL projects.
+
+
+===[ start quote from http://developercertificate.org/ ]=======================
+
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+ have the right to submit it under the open source license
+ indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+ of my knowledge, is covered under an appropriate open source
+ license and I have the right under that license to submit that
+ work with modifications, whether created in whole or in part
+ by me, under the same open source license (unless I am
+ permitted to submit under a different license), as indicated
+ in the file; or
+
+(c) The contribution was provided directly to me by some other
+ person who certified (a), (b) or (c) and I have not modified
+ it.
+
+(d) I understand and agree that this project and the contribution
+ are public and that a record of the contribution (including all
+ personal information I submit with it, including my sign-off) is
+ maintained indefinitely and may be redistributed consistent with
+ this project or the open source license(s) involved.
+
+===[ end quote from http://developercertificate.org/ ]=========================
+
+
+The license terms used for hostap.git files
+-------------------------------------------
+
+Modified BSD license (no advertisement clause):
+
+Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
+All Rights Reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+3. Neither the name(s) of the above-listed copyright holder(s) nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Modified: head/contrib/wpa/COPYING
==============================================================================
--- head/contrib/wpa/COPYING Tue Apr 21 01:37:14 2015 (r281805)
+++ head/contrib/wpa/COPYING Tue Apr 21 01:45:11 2015 (r281806)
@@ -1,7 +1,7 @@
wpa_supplicant and hostapd
--------------------------
-Copyright (c) 2002-2012, Jouni Malinen <j at w1.fi> and contributors
+Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
All Rights Reserved.
Modified: head/contrib/wpa/README
==============================================================================
--- head/contrib/wpa/README Tue Apr 21 01:37:14 2015 (r281805)
+++ head/contrib/wpa/README Tue Apr 21 01:45:11 2015 (r281806)
@@ -1,7 +1,7 @@
wpa_supplicant and hostapd
--------------------------
-Copyright (c) 2002-2012, Jouni Malinen <j at w1.fi> and contributors
+Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
All Rights Reserved.
These programs are licensed under the BSD license (the one with
Modified: head/contrib/wpa/hostapd/ChangeLog
==============================================================================
--- head/contrib/wpa/hostapd/ChangeLog Tue Apr 21 01:37:14 2015 (r281805)
+++ head/contrib/wpa/hostapd/ChangeLog Tue Apr 21 01:45:11 2015 (r281806)
@@ -1,5 +1,191 @@
ChangeLog for hostapd
+2015-03-15 - v2.4
+ * allow OpenSSL cipher configuration to be set for internal EAP server
+ (openssl_ciphers parameter)
+ * fixed number of small issues based on hwsim test case failures and
+ static analyzer reports
+ * fixed Accounting-Request to not include duplicated Acct-Session-Id
+ * add support for Acct-Multi-Session-Id in RADIUS Accounting messages
+ * add support for PMKSA caching with SAE
+ * add support for generating BSS Load element (bss_load_update_period)
+ * fixed channel switch from VHT to HT
+ * add INTERFACE-ENABLED and INTERFACE-DISABLED ctrl_iface events
+ * add support for learning STA IPv4/IPv6 addresses and configuring
+ ProxyARP support
+ * dropped support for the madwifi driver interface
+ * add support for Suite B (128-bit and 192-bit level) key management and
+ cipher suites
+ * fixed a regression with driver=wired
+ * extend EAPOL-Key msg 1/4 retry workaround for changing SNonce
+ * add BSS_TM_REQ ctrl_iface command to send BSS Transition Management
+ Request frames and BSS-TM-RESP event to indicate response to such
+ frame
+ * add support for EAP Re-Authentication Protocol (ERP)
+ * fixed AP IE in EAPOL-Key 3/4 when both WPA and FT was enabled
+ * fixed a regression in HT 20/40 coex Action frame parsing
+ * set stdout to be line-buffered
+ * add support for vendor specific VHT extension to enable 256 QAM rates
+ (VHT-MCS 8 and 9) on 2.4 GHz band
+ * RADIUS DAS:
+ - extend Disconnect-Request processing to allow matching of multiple
+ sessions
+ - support Acct-Multi-Session-Id as an identifier
+ - allow PMKSA cache entry to be removed without association
+ * expire hostapd STA entry if kernel does not have a matching entry
+ * allow chanlist to be used to specify a subset of channels for ACS
+ * improve ACS behavior on 2.4 GHz band and allow channel bias to be
+ configured with acs_chan_bias parameter
+ * do not reply to a Probe Request frame that includes DSS Parameter Set
+ element in which the channel does not match the current operating
+ channel
+ * add UPDATE_BEACON ctrl_iface command; this can be used to force Beacon
+ frame contents to be updated and to start beaconing on an interface
+ that used start_disabled=1
+ * fixed some RADIUS server failover cases
+
+2014-10-09 - v2.3
+ * fixed number of minor issues identified in static analyzer warnings
+ * fixed DFS and channel switch operation for multi-BSS cases
+ * started to use constant time comparison for various password and hash
+ values to reduce possibility of any externally measurable timing
+ differences
+ * extended explicit clearing of freed memory and expired keys to avoid
+ keeping private data in memory longer than necessary
+ * added support for number of new RADIUS attributes from RFC 7268
+ (Mobility-Domain-Id, WLAN-HESSID, WLAN-Pairwise-Cipher,
+ WLAN-Group-Cipher, WLAN-AKM-Suite, WLAN-Group-Mgmt-Pairwise-Cipher)
+ * fixed GET_CONFIG wpa_pairwise_cipher value
+ * added code to clear bridge FDB entry on station disconnection
+ * fixed PMKSA cache timeout from Session-Timeout for WPA/WPA2 cases
+ * fixed OKC PMKSA cache entry fetch to avoid a possible infinite loop
+ in case the first entry does not match
+ * fixed hostapd_cli action script execution to use more robust mechanism
+ (CVE-2014-3686)
+
+2014-06-04 - v2.2
+ * fixed SAE confirm-before-commit validation to avoid a potential
+ segmentation fault in an unexpected message sequence that could be
+ triggered remotely
+ * extended VHT support
+ - Operating Mode Notification
+ - Power Constraint element (local_pwr_constraint)
+ - Spectrum management capability (spectrum_mgmt_required=1)
+ - fix VHT80 segment picking in ACS
+ - fix vht_capab 'Maximum A-MPDU Length Exponent' handling
+ - fix VHT20
+ * fixed HT40 co-ex scan for some pri/sec channel switches
+ * extended HT40 co-ex support to allow dynamic channel width changes
+ during the lifetime of the BSS
+ * fixed HT40 co-ex support to check for overlapping 20 MHz BSS
+ * fixed MSCHAP UTF-8 to UCS-2 conversion for three-byte encoding;
+ this fixes password with include UTF-8 characters that use
+ three-byte encoding EAP methods that use NtPasswordHash
+ * reverted TLS certificate validation step change in v2.1 that rejected
+ any AAA server certificate with id-kp-clientAuth even if
+ id-kp-serverAuth EKU was included
+ * fixed STA validation step for WPS ER commands to prevent a potential
+ crash if an ER sends an unexpected PutWLANResponse to a station that
+ is disassociated, but not fully removed
+ * enforce full EAP authentication after RADIUS Disconnect-Request by
+ removing the PMKSA cache entry
+ * added support for NAS-IP-Address, NAS-identifier, and NAS-IPv6-Address
+ in RADIUS Disconnect-Request
+ * added mechanism for removing addresses for MAC ACLs by prefixing an
+ entry with "-"
+ * Interworking/Hotspot 2.0 enhancements
+ - support Hotspot 2.0 Release 2
+ * OSEN network for online signup connection
+ * subscription remediation (based on RADIUS server request or
+ control interface HS20_WNM_NOTIF for testing purposes)
+ * Hotspot 2.0 release number indication in WFA RADIUS VSA
+ * deauthentication request (based on RADIUS server request or
+ control interface WNM_DEAUTH_REQ for testing purposes)
+ * Session Info URL RADIUS AVP to trigger ESS Disassociation Imminent
+ * hs20_icon config parameter to configure icon files for OSU
+ * osu_* config parameters for OSU Providers list
+ - do not use Interworking filtering rules on Probe Request if
+ Interworking is disabled to avoid interop issues
+ * added/fixed nl80211 functionality
+ - AP interface teardown optimization
+ - support vendor specific driver command
+ (VENDOR <vendor id> <sub command id> [<hex formatted data>])
+ * fixed PMF protection of Deauthentication frame when this is triggered
+ by session timeout
+ * internal TLS implementation enhancements/fixes
+ - add SHA256-based cipher suites
+ - add DHE-RSA cipher suites
+ - fix X.509 validation of PKCS#1 signature to check for extra data
+ * RADIUS server functionality
+ - add minimal RADIUS accounting server support (hostapd-as-server);
+ this is mainly to enable testing coverage with hwsim scripts
+ - allow authentication log to be written into SQLite databse
+ - added option for TLS protocol testing of an EAP peer by simulating
+ various misbehaviors/known attacks
+ - MAC ACL support for testing purposes
+ * fixed PTK derivation for CCMP-256 and GCMP-256
+ * extended WPS per-station PSK to support ER case
+ * added option to configure the management group cipher
+ (group_mgmt_cipher=AES-128-CMAC (default), BIP-GMAC-128, BIP-GMAC-256,
+ BIP-CMAC-256)
+ * fixed AP mode default TXOP Limit values for AC_VI and AC_VO (these
+ were rounded incorrectly)
+ * added support for postponing FT response in case PMK-R1 needs to be
+ pulled from R0KH
+ * added option to advertise 40 MHz intolerant HT capability with
+ ht_capab=[40-INTOLERANT]
+ * remove WPS 1.0 only support, i.e., WSC 2.0 support is now enabled
+ whenever CONFIG_WPS=y is set
+ * EAP-pwd fixes
+ - fix possible segmentation fault on EAP method deinit if an invalid
+ group is negotiated
+ * fixed RADIUS client retransmit/failover behavior
+ - there was a potential ctash due to freed memory being accessed
+ - failover to a backup server mechanism did not work properly
+ * fixed a possible crash on double DISABLE command when multiple BSSes
+ are enabled
+ * fixed a memory leak in SAE random number generation
+ * fixed GTK rekeying when the station uses FT protocol
+ * fixed off-by-one bounds checking in printf_encode()
+ - this could result in deinial of service in some EAP server cases
+ * various bug fixes
+
+2014-02-04 - v2.1
+ * added support for simultaneous authentication of equals (SAE) for
+ stronger password-based authentication with WPA2-Personal
+ * added nl80211 functionality
+ - VHT configuration for nl80211
+ - support split wiphy dump
+ - driver-based MAC ACL
+ - QoS Mapping configuration
+ * added fully automated regression testing with mac80211_hwsim
+ * allow ctrl_iface group to be specified on command line (-G<group>)
+ * allow single hostapd process to control independent WPS interfaces
+ (wps_independent=1) instead of synchronized operations through all
+ configured interfaces within a process
+ * avoid processing received management frames multiple times when using
+ nl80211 with multiple BSSes
+ * added support for DFS (processing radar detection events, CAC, channel
+ re-selection)
+ * added EAP-EKE server
+ * added automatic channel selection (ACS)
+ * added option for using per-BSS (vif) configuration files with
+ -b<phyname>:<config file name>
+ * extended global control interface ADD/REMOVE commands to allow BSSes
+ of a radio to be removed individually without having to add/remove all
+ other BSSes of the radio at the same time
+ * added support for sending debug info to Linux tracing (-T on command
+ line)
+ * replace dump_file functionality with same information being available
+ through the hostapd control interface
+ * added support for using Protected Dual of Public Action frames for
+ GAS/ANQP exchanges when PMF is enabled
+ * added support for WPS+NFC updates
+ - improved protocol
+ - option to fetch and report alternative carrier records for external
+ NFC operations
+ * various bug fixes
+
2013-01-12 - v2.0
* added AP-STA-DISCONNECTED ctrl_iface event
* improved debug logging (human readable event names, interface name
Modified: head/contrib/wpa/hostapd/README
==============================================================================
--- head/contrib/wpa/hostapd/README Tue Apr 21 01:37:14 2015 (r281805)
+++ head/contrib/wpa/hostapd/README Tue Apr 21 01:45:11 2015 (r281806)
@@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and
Authenticator and RADIUS authentication server
================================================================
-Copyright (c) 2002-2012, Jouni Malinen <j at w1.fi> and contributors
+Copyright (c) 2002-2015, Jouni Malinen <j at w1.fi> and contributors
All Rights Reserved.
This program is licensed under the BSD license (the one with
@@ -74,12 +74,6 @@ Current hardware/software requirements:
Please note that station firmware version needs to be 1.7.0 or newer
to work in WPA mode.
- madwifi driver for cards based on Atheros chip set (ar521x)
- (http://sourceforge.net/projects/madwifi/)
- Please note that you will need to add the correct path for
- madwifi driver root directory in .config (see defconfig file for
- an example: CFLAGS += -I<path>)
-
mac80211-based drivers that support AP mode (with driver=nl80211).
This includes drivers for Atheros (ath9k) and Broadcom (b43)
chipsets.
Modified: head/contrib/wpa/hostapd/README-WPS
==============================================================================
--- head/contrib/wpa/hostapd/README-WPS Tue Apr 21 01:37:14 2015 (r281805)
+++ head/contrib/wpa/hostapd/README-WPS Tue Apr 21 01:45:11 2015 (r281806)
@@ -58,12 +58,10 @@ hostapd configuration
WPS is an optional component that needs to be enabled in hostapd build
configuration (.config). Here is an example configuration that
-includes WPS support and uses madwifi driver interface:
+includes WPS support and uses nl80211 driver interface:
-CONFIG_DRIVER_MADWIFI=y
-CFLAGS += -I/usr/src/madwifi-0.9.3
+CONFIG_DRIVER_NL80211=y
CONFIG_WPS=y
-CONFIG_WPS2=y
CONFIG_WPS_UPNP=y
Following parameter can be used to enable support for NFC config method:
@@ -75,8 +73,8 @@ Following section shows an example runti
(hostapd.conf) that enables WPS:
# Configure the driver and network interface
-driver=madwifi
-interface=ath0
+driver=nl80211
+interface=wlan0
# WPA2-Personal configuration for the AP
ssid=wps-test
@@ -338,3 +336,17 @@ If the NFC tag contains a password token
internal Registrar. This allows station Enrollee from which the password
token was received to run through WPS protocol to provision the
credential.
+
+"nfc_get_handover_sel <NDEF> <WPS>" command can be used to build the
+contents of a Handover Select Message for connection handover when this
+does not depend on the contents of the Handover Request Message. The
+first argument selects the format of the output data and the second
+argument selects which type of connection handover is requested (WPS =
+Wi-Fi handover as specified in WSC 2.0).
+
+"nfc_report_handover <INIT/RESP> WPS <carrier from handover request>
+<carrier from handover select>" is used to report completed NFC
+connection handover. The first parameter indicates whether the local
+device initiated or responded to the connection handover and the carrier
+records are the selected carrier from the handover request and select
+messages as a hexdump.
Modified: head/contrib/wpa/hostapd/config_file.c
==============================================================================
--- head/contrib/wpa/hostapd/config_file.c Tue Apr 21 01:37:14 2015 (r281805)
+++ head/contrib/wpa/hostapd/config_file.c Tue Apr 21 01:45:11 2015 (r281806)
@@ -1,6 +1,6 @@
/*
* hostapd / Configuration file parser
- * Copyright (c) 2003-2012, Jouni Malinen <j at w1.fi>
+ * Copyright (c) 2003-2015, Jouni Malinen <j at w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -22,7 +22,12 @@
#include "config_file.h"
-extern struct wpa_driver_ops *wpa_drivers[];
+#ifndef CONFIG_NO_RADIUS
+#ifdef EAP_SERVER
+static struct hostapd_radius_attr *
+hostapd_parse_radius_attr(const char *value);
+#endif /* EAP_SERVER */
+#endif /* CONFIG_NO_RADIUS */
#ifndef CONFIG_NO_VLAN
@@ -83,7 +88,7 @@ static int hostapd_config_read_vlan_file
return -1;
}
- vlan = os_malloc(sizeof(*vlan));
+ vlan = os_zalloc(sizeof(*vlan));
if (vlan == NULL) {
wpa_printf(MSG_ERROR, "Out of memory while reading "
"VLAN interfaces from '%s'", fname);
@@ -91,14 +96,10 @@ static int hostapd_config_read_vlan_file
return -1;
}
- os_memset(vlan, 0, sizeof(*vlan));
vlan->vlan_id = vlan_id;
os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
- if (bss->vlan_tail)
- bss->vlan_tail->next = vlan;
- else
- bss->vlan = vlan;
- bss->vlan_tail = vlan;
+ vlan->next = bss->vlan;
+ bss->vlan = vlan;
}
fclose(f);
@@ -136,6 +137,8 @@ static int hostapd_config_read_maclist(c
}
while (fgets(buf, sizeof(buf), f)) {
+ int i, rem = 0;
+
line++;
if (buf[0] == '#')
@@ -150,14 +153,32 @@ static int hostapd_config_read_maclist(c
}
if (buf[0] == '\0')
continue;
+ pos = buf;
+ if (buf[0] == '-') {
+ rem = 1;
+ pos++;
+ }
- if (hwaddr_aton(buf, addr)) {
+ if (hwaddr_aton(pos, addr)) {
wpa_printf(MSG_ERROR, "Invalid MAC address '%s' at "
- "line %d in '%s'", buf, line, fname);
+ "line %d in '%s'", pos, line, fname);
fclose(f);
return -1;
}
+ if (rem) {
+ i = 0;
+ while (i < *num) {
+ if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) ==
+ 0) {
+ os_remove_in_array(*acl, *num,
+ sizeof(**acl), i);
+ (*num)--;
+ } else
+ i++;
+ }
+ continue;
+ }
vlan_id = 0;
pos = buf;
while (*pos != '\0' && *pos != ' ' && *pos != '\t')
@@ -195,7 +216,7 @@ static int hostapd_config_read_eap_user(
FILE *f;
char buf[512], *pos, *start, *pos2;
int line = 0, ret = 0, num_methods;
- struct hostapd_eap_user *user, *tail = NULL;
+ struct hostapd_eap_user *user = NULL, *tail = NULL, *new_user = NULL;
if (!fname)
return 0;
@@ -229,6 +250,28 @@ static int hostapd_config_read_eap_user(
if (buf[0] == '\0')
continue;
+#ifndef CONFIG_NO_RADIUS
+ if (user && os_strncmp(buf, "radius_accept_attr=", 19) == 0) {
+ struct hostapd_radius_attr *attr, *a;
+ attr = hostapd_parse_radius_attr(buf + 19);
+ if (attr == NULL) {
+ wpa_printf(MSG_ERROR, "Invalid radius_auth_req_attr: %s",
+ buf + 19);
+ user = NULL; /* already in the BSS list */
+ goto failed;
+ }
+ if (user->accept_attr == NULL) {
+ user->accept_attr = attr;
+ } else {
+ a = user->accept_attr;
+ while (a->next)
+ a = a->next;
+ a->next = attr;
+ }
+ continue;
+ }
+#endif /* CONFIG_NO_RADIUS */
+
user = NULL;
if (buf[0] != '"' && buf[0] != '*') {
@@ -323,6 +366,10 @@ static int hostapd_config_read_eap_user(
EAP_TTLS_AUTH_MSCHAPV2;
goto skip_eap;
}
+ if (os_strcmp(start, "MACACL") == 0) {
+ user->macacl = 1;
+ goto skip_eap;
+ }
wpa_printf(MSG_ERROR, "Unsupported EAP type "
"'%s' on line %d in '%s'",
start, line, fname);
@@ -337,7 +384,7 @@ static int hostapd_config_read_eap_user(
break;
start = pos3;
}
- if (num_methods == 0 && user->ttls_auth == 0) {
+ if (num_methods == 0 && user->ttls_auth == 0 && !user->macacl) {
wpa_printf(MSG_ERROR, "No EAP types configured on "
"line %d in '%s'", line, fname);
goto failed;
@@ -447,7 +494,7 @@ static int hostapd_config_read_eap_user(
done:
if (tail == NULL) {
- tail = conf->eap_user = user;
+ tail = new_user = user;
} else {
tail->next = user;
tail = user;
@@ -455,17 +502,26 @@ static int hostapd_config_read_eap_user(
continue;
failed:
- if (user) {
- os_free(user->password);
- os_free(user->identity);
- os_free(user);
- }
+ if (user)
+ hostapd_config_free_eap_user(user);
ret = -1;
break;
}
fclose(f);
+ if (ret == 0) {
+ user = conf->eap_user;
+ while (user) {
+ struct hostapd_eap_user *prev;
+
+ prev = user;
+ user = user->next;
+ hostapd_config_free_eap_user(prev);
+ }
+ conf->eap_user = new_user;
+ }
+
return ret;
}
#endif /* EAP_SERVER */
@@ -636,6 +692,14 @@ static int hostapd_config_parse_key_mgmt
else if (os_strcmp(start, "FT-SAE") == 0)
val |= WPA_KEY_MGMT_FT_SAE;
#endif /* CONFIG_SAE */
+#ifdef CONFIG_SUITEB
+ else if (os_strcmp(start, "WPA-EAP-SUITE-B") == 0)
+ val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B;
+#endif /* CONFIG_SUITEB */
+#ifdef CONFIG_SUITEB192
+ else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0)
+ val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
+#endif /* CONFIG_SUITEB192 */
else {
wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
line, start);
@@ -661,49 +725,12 @@ static int hostapd_config_parse_key_mgmt
static int hostapd_config_parse_cipher(int line, const char *value)
{
- int val = 0, last;
- char *start, *end, *buf;
-
- buf = os_strdup(value);
- if (buf == NULL)
+ int val = wpa_parse_cipher(value);
+ if (val < 0) {
+ wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
+ line, value);
return -1;
- start = buf;
-
- while (*start != '\0') {
- while (*start == ' ' || *start == '\t')
- start++;
- if (*start == '\0')
- break;
- end = start;
- while (*end != ' ' && *end != '\t' && *end != '\0')
- end++;
- last = *end == '\0';
- *end = '\0';
- if (os_strcmp(start, "CCMP") == 0)
- val |= WPA_CIPHER_CCMP;
- else if (os_strcmp(start, "GCMP") == 0)
- val |= WPA_CIPHER_GCMP;
- else if (os_strcmp(start, "TKIP") == 0)
- val |= WPA_CIPHER_TKIP;
- else if (os_strcmp(start, "WEP104") == 0)
- val |= WPA_CIPHER_WEP104;
- else if (os_strcmp(start, "WEP40") == 0)
- val |= WPA_CIPHER_WEP40;
- else if (os_strcmp(start, "NONE") == 0)
- val |= WPA_CIPHER_NONE;
- else {
- wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
- line, start);
- os_free(buf);
- return -1;
- }
-
- if (last)
- break;
- start = end + 1;
}
- os_free(buf);
-
if (val == 0) {
wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
line);
@@ -748,14 +775,14 @@ static int hostapd_config_read_wep(struc
}
-static int hostapd_parse_rates(int **rate_list, char *val)
+static int hostapd_parse_intlist(int **int_list, char *val)
{
int *list;
int count;
char *pos, *end;
- os_free(*rate_list);
- *rate_list = NULL;
+ os_free(*int_list);
+ *int_list = NULL;
pos = val;
count = 0;
@@ -782,37 +809,39 @@ static int hostapd_parse_rates(int **rat
}
list[count] = -1;
- *rate_list = list;
+ *int_list = list;
return 0;
}
static int hostapd_config_bss(struct hostapd_config *conf, const char *ifname)
{
- struct hostapd_bss_config *bss;
+ struct hostapd_bss_config **all, *bss;
if (*ifname == '\0')
return -1;
- bss = os_realloc_array(conf->bss, conf->num_bss + 1,
- sizeof(struct hostapd_bss_config));
- if (bss == NULL) {
+ all = os_realloc_array(conf->bss, conf->num_bss + 1,
+ sizeof(struct hostapd_bss_config *));
+ if (all == NULL) {
wpa_printf(MSG_ERROR, "Failed to allocate memory for "
"multi-BSS entry");
return -1;
}
- conf->bss = bss;
+ conf->bss = all;
- bss = &(conf->bss[conf->num_bss]);
- os_memset(bss, 0, sizeof(*bss));
+ bss = os_zalloc(sizeof(*bss));
+ if (bss == NULL)
+ return -1;
bss->radius = os_zalloc(sizeof(*bss->radius));
if (bss->radius == NULL) {
wpa_printf(MSG_ERROR, "Failed to allocate memory for "
"multi-BSS RADIUS data");
+ os_free(bss);
return -1;
}
- conf->num_bss++;
+ conf->bss[conf->num_bss++] = bss;
conf->last_bss = bss;
hostapd_config_defaults_bss(bss);
@@ -1060,8 +1089,8 @@ static int hostapd_config_ht_capab(struc
conf->ht_capab |= HT_CAP_INFO_MAX_AMSDU_SIZE;
if (os_strstr(capab, "[DSSS_CCK-40]"))
conf->ht_capab |= HT_CAP_INFO_DSSS_CCK40MHZ;
- if (os_strstr(capab, "[PSMP]"))
- conf->ht_capab |= HT_CAP_INFO_PSMP_SUPP;
+ if (os_strstr(capab, "[40-INTOLERANT]"))
+ conf->ht_capab |= HT_CAP_INFO_40MHZ_INTOLERANT;
if (os_strstr(capab, "[LSIG-TXOP-PROT]"))
conf->ht_capab |= HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT;
@@ -1082,8 +1111,6 @@ static int hostapd_config_vht_capab(stru
conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
if (os_strstr(capab, "[VHT160-80PLUS80]"))
conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
- if (os_strstr(capab, "[VHT160-80PLUS80]"))
- conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
if (os_strstr(capab, "[RXLDPC]"))
conf->vht_capab |= VHT_CAP_RXLDPC;
if (os_strstr(capab, "[SHORT-GI-80]"))
@@ -1101,15 +1128,15 @@ static int hostapd_config_vht_capab(stru
if (os_strstr(capab, "[RX-STBC-1234]"))
conf->vht_capab |= VHT_CAP_RXSTBC_4;
if (os_strstr(capab, "[SU-BEAMFORMER]"))
- conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
+ conf->vht_capab |= VHT_CAP_SU_BEAMFORMER_CAPABLE;
if (os_strstr(capab, "[SU-BEAMFORMEE]"))
- conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE;
+ conf->vht_capab |= VHT_CAP_SU_BEAMFORMEE_CAPABLE;
if (os_strstr(capab, "[BF-ANTENNA-2]") &&
- (conf->vht_capab & VHT_CAP_MU_BEAMFORMER_CAPABLE))
- conf->vht_capab |= VHT_CAP_BEAMFORMER_ANTENNAS_MAX;
+ (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE))
+ conf->vht_capab |= (1 << VHT_CAP_BEAMFORMEE_STS_OFFSET);
if (os_strstr(capab, "[SOUNDING-DIMENSION-2]") &&
- (conf->vht_capab & VHT_CAP_MU_BEAMFORMER_CAPABLE))
- conf->vht_capab |= VHT_CAP_SOUNDING_DIMENTION_MAX;
+ (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE))
+ conf->vht_capab |= (1 << VHT_CAP_SOUNDING_DIMENSION_OFFSET);
if (os_strstr(capab, "[MU-BEAMFORMER]"))
conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
if (os_strstr(capab, "[MU-BEAMFORMEE]"))
@@ -1118,8 +1145,20 @@ static int hostapd_config_vht_capab(stru
conf->vht_capab |= VHT_CAP_VHT_TXOP_PS;
if (os_strstr(capab, "[HTC-VHT]"))
conf->vht_capab |= VHT_CAP_HTC_VHT;
- if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP0]"))
- conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT;
+ if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP7]"))
+ conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
+ else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP6]"))
+ conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_6;
+ else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP5]"))
+ conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_5;
+ else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP4]"))
+ conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_4;
+ else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP3]"))
+ conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_3;
+ else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP2]"))
+ conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_2;
+ else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP1]"))
+ conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_1;
if (os_strstr(capab, "[VHT-LINK-ADAPT2]") &&
(conf->vht_capab & VHT_CAP_HTC_VHT))
conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB;
@@ -1135,141 +1174,6 @@ static int hostapd_config_vht_capab(stru
#endif /* CONFIG_IEEE80211AC */
-static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
- struct hostapd_config *conf)
-{
- if (bss->ieee802_1x && !bss->eap_server &&
- !bss->radius->auth_servers) {
- wpa_printf(MSG_ERROR, "Invalid IEEE 802.1X configuration (no "
- "EAP authenticator configured).");
- return -1;
- }
-
- if (bss->wpa && bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
- bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) {
- wpa_printf(MSG_ERROR, "WPA-PSK using RADIUS enabled, but no "
- "RADIUS checking (macaddr_acl=2) enabled.");
- return -1;
- }
-
- if (bss->wpa && (bss->wpa_key_mgmt & WPA_KEY_MGMT_PSK) &&
- bss->ssid.wpa_psk == NULL && bss->ssid.wpa_passphrase == NULL &&
- bss->ssid.wpa_psk_file == NULL &&
- (bss->wpa_psk_radius != PSK_RADIUS_REQUIRED ||
- bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH)) {
- wpa_printf(MSG_ERROR, "WPA-PSK enabled, but PSK or passphrase "
- "is not configured.");
- return -1;
- }
-
- if (hostapd_mac_comp_empty(bss->bssid) != 0) {
- size_t i;
-
- for (i = 0; i < conf->num_bss; i++) {
- if ((&conf->bss[i] != bss) &&
- (hostapd_mac_comp(conf->bss[i].bssid,
- bss->bssid) == 0)) {
- wpa_printf(MSG_ERROR, "Duplicate BSSID " MACSTR
- " on interface '%s' and '%s'.",
- MAC2STR(bss->bssid),
- conf->bss[i].iface, bss->iface);
- return -1;
- }
- }
- }
-
-#ifdef CONFIG_IEEE80211R
- if (wpa_key_mgmt_ft(bss->wpa_key_mgmt) &&
- (bss->nas_identifier == NULL ||
- os_strlen(bss->nas_identifier) < 1 ||
- os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {
- wpa_printf(MSG_ERROR, "FT (IEEE 802.11r) requires "
- "nas_identifier to be configured as a 1..48 octet "
- "string");
- return -1;
- }
-#endif /* CONFIG_IEEE80211R */
-
-#ifdef CONFIG_IEEE80211N
- if (conf->ieee80211n && conf->hw_mode == HOSTAPD_MODE_IEEE80211B) {
- bss->disable_11n = 1;
- wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) in 11b mode is not "
- "allowed, disabling HT capabilites");
- }
-
- if (conf->ieee80211n &&
- bss->ssid.security_policy == SECURITY_STATIC_WEP) {
- bss->disable_11n = 1;
- wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
- "allowed, disabling HT capabilities");
- }
-
- if (conf->ieee80211n && bss->wpa &&
- !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
- !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP))) {
- bss->disable_11n = 1;
- wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 "
- "requires CCMP/GCMP to be enabled, disabling HT "
- "capabilities");
- }
-#endif /* CONFIG_IEEE80211N */
-
-#ifdef CONFIG_WPS2
- if (bss->wps_state && bss->ignore_broadcast_ssid) {
- wpa_printf(MSG_INFO, "WPS: ignore_broadcast_ssid "
- "configuration forced WPS to be disabled");
- bss->wps_state = 0;
- }
-
- if (bss->wps_state && bss->ssid.wep.keys_set && bss->wpa == 0) {
- wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
- "disabled");
- bss->wps_state = 0;
- }
-
- if (bss->wps_state && bss->wpa &&
- (!(bss->wpa & 2) ||
- !(bss->rsn_pairwise & WPA_CIPHER_CCMP))) {
- wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
- "WPA2/CCMP forced WPS to be disabled");
- bss->wps_state = 0;
- }
-#endif /* CONFIG_WPS2 */
-
-#ifdef CONFIG_HS20
- if (bss->hs20 &&
- (!(bss->wpa & 2) ||
- !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)))) {
- wpa_printf(MSG_ERROR, "HS 2.0: WPA2-Enterprise/CCMP "
- "configuration is required for Hotspot 2.0 "
- "functionality");
- return -1;
- }
-#endif /* CONFIG_HS20 */
-
- return 0;
-}
-
-
-static int hostapd_config_check(struct hostapd_config *conf)
-{
- size_t i;
-
- if (conf->ieee80211d && (!conf->country[0] || !conf->country[1])) {
- wpa_printf(MSG_ERROR, "Cannot enable IEEE 802.11d without "
- "setting the country_code");
- return -1;
- }
-
- for (i = 0; i < conf->num_bss; i++) {
- if (hostapd_config_check_bss(&conf->bss[i], conf))
- return -1;
- }
-
- return 0;
-}
-
-
#ifdef CONFIG_INTERWORKING
static int parse_roaming_consortium(struct hostapd_bss_config *bss, char *pos,
int line)
@@ -1306,26 +1210,34 @@ static int parse_roaming_consortium(stru
static int parse_lang_string(struct hostapd_lang_string **array,
unsigned int *count, char *pos)
{
- char *sep;
- size_t clen, nlen;
+ char *sep, *str = NULL;
+ size_t clen, nlen, slen;
struct hostapd_lang_string *ls;
+ int ret = -1;
+
+ if (*pos == '"' || (*pos == 'P' && pos[1] == '"')) {
+ str = wpa_config_parse_string(pos, &slen);
+ if (!str)
+ return -1;
+ pos = str;
+ }
sep = os_strchr(pos, ':');
if (sep == NULL)
- return -1;
+ goto fail;
*sep++ = '\0';
clen = os_strlen(pos);
- if (clen < 2)
- return -1;
+ if (clen < 2 || clen > sizeof(ls->lang))
+ goto fail;
nlen = os_strlen(sep);
if (nlen > 252)
- return -1;
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-head
mailing list