aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSam Leffler <sam@FreeBSD.org>2009-01-15 04:25:21 +0000
committerSam Leffler <sam@FreeBSD.org>2009-01-15 04:25:21 +0000
commit22188e6ab4f02f981de3b9f228a40b1e8f98e6a1 (patch)
treee396cb7a4849178b23486ba07b66a6dfede1d1e9
parent17914a6ec9e4814998abdaec5a947b6a78709a19 (diff)
downloadsrc-vendor/wpa_supplicant.tar.gz
src-vendor/wpa_supplicant.zip
Notes
Notes: svn path=/vendor/wpa_supplicant/dist/; revision=187274 svn path=/vendor/wpa_supplicant/0.5.11/; revision=187275; tag=vendor/wpa_supplicant/0.5.11
-rw-r--r--ChangeLog26
-rw-r--r--Makefile9
-rw-r--r--base64.c2
-rw-r--r--common.c47
-rw-r--r--ctrl_iface.c4
-rw-r--r--ctrl_iface_dbus.c4
-rw-r--r--ctrl_iface_unix.c2
-rw-r--r--dbus_dict_helpers.c102
-rw-r--r--defconfig3
-rw-r--r--doc/docbook/wpa_background.82
-rw-r--r--doc/docbook/wpa_cli.825
-rw-r--r--doc/docbook/wpa_cli.sgml23
-rw-r--r--doc/docbook/wpa_passphrase.82
-rw-r--r--doc/docbook/wpa_supplicant.855
-rw-r--r--doc/docbook/wpa_supplicant.conf.56
-rw-r--r--doc/docbook/wpa_supplicant.conf.sgml4
-rw-r--r--doc/docbook/wpa_supplicant.sgml61
-rw-r--r--driver_hostap.h4
-rw-r--r--driver_ndis.c2
-rw-r--r--eap.c16
-rw-r--r--eap_aka.c2
-rw-r--r--eap_gpsk.c14
-rw-r--r--eap_gpsk_common.c4
-rw-r--r--eap_ttls.c8
-rw-r--r--eloop.c24
-rw-r--r--eloop.h13
-rw-r--r--eloop_none.c20
-rw-r--r--eloop_win.c19
-rw-r--r--main.c12
-rw-r--r--mlme.c3
-rw-r--r--os_unix.c7
-rw-r--r--preauth_test.c7
-rw-r--r--radius.c3
-rw-r--r--sha1.c4
-rw-r--r--tls_openssl.c10
-rw-r--r--version.h2
-rw-r--r--wpa.c8
-rw-r--r--wpa.h1
-rw-r--r--wpa_cli.c6
-rw-r--r--wpa_gui-qt4/networkconfig.cpp1
-rw-r--r--wpa_gui-qt4/scanresults.cpp2
-rw-r--r--wpa_gui-qt4/wpagui.cpp1
-rw-r--r--wpa_gui/networkconfig.ui.h1
-rw-r--r--wpa_gui/userdatarequest.ui.h2
-rw-r--r--wpa_gui/wpagui.ui.h1
-rw-r--r--wpa_i.h5
-rw-r--r--wpa_supplicant.c54
-rw-r--r--wpa_supplicant_i.h5
48 files changed, 401 insertions, 237 deletions
diff --git a/ChangeLog b/ChangeLog
index 1ba2e1c8b2e2..10b1aca4a2a6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,31 @@
ChangeLog for wpa_supplicant
+2008-11-28 - v0.5.11
+ * fixed race condition between disassociation event and group key
+ handshake to avoid getting stuck in incorrect state [Bug 261]
+ * updated D-Bus usage to avoid deprecated functions
+ * silence SIOCSIWAUTH ioctl failure message (these can be ignored in
+ most cases and are now only shown in debug output)
+ * increase timeout for IBSS connection
+ * driver_wext: do not overwrite BSS frequency if channel was already
+ received
+ * driver_wext: set interface down for mode switches, if needed (e.g.,
+ for mac80211)
+ * driver_wext: fixed re-initialization of a removed and re-inserted
+ interface (e.g., USB dongle or on resume if driver was unloaded for
+ suspend)
+ * improve per-SSID scanning for drivers that report background scan
+ results frequently
+ * fixed scanning behavior after a failed initial association
+ * driver_wext: fixed processing of invalid event messages from kernel
+ not to crash wpa_supplicant (this could happen when using 64-bit
+ kernel with 32-bit userspace)
+ * fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
+ not bytes
+ * fixed canceling of PMKSA caching when using drivers that generate
+ RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
+ about
+
2008-02-19 - v0.5.10
* added support for Makefile builds to include debug-log-to-a-file
functionality (CONFIG_DEBUG_FILE=y and -f<path> on command line)
diff --git a/Makefile b/Makefile
index 9bcdd83047a4..1e7e383adfc1 100644
--- a/Makefile
+++ b/Makefile
@@ -149,7 +149,10 @@ endif
ifdef CONFIG_DRIVER_NDIS
CFLAGS += -DCONFIG_DRIVER_NDIS
-OBJS_d += driver_ndis.o driver_ndis_.o
+OBJS_d += driver_ndis.o
+ifdef CONFIG_NDIS_EVENTS_INTEGRATED
+OBJS_d += driver_ndis_.o
+endif
ifndef CONFIG_L2_PACKET
CONFIG_L2_PACKET=pcap
endif
@@ -745,10 +748,6 @@ ifdef CONFIG_DEBUG_FILE
CFLAGS += -DCONFIG_DEBUG_FILE
endif
-ifdef CONFIG_DEBUG_SYSLOG
-CFLAGS += -DCONFIG_DEBUG_SYSLOG
-endif
-
OBJS += wpa_supplicant.o events.o
OBJS_t := $(OBJS) eapol_test.o radius.o radius_client.o
OBJS_t2 := $(OBJS) preauth_test.o
diff --git a/base64.c b/base64.c
index 0c33e5881b64..8b1da25dbde6 100644
--- a/base64.c
+++ b/base64.c
@@ -115,7 +115,7 @@ unsigned char * base64_decode(const unsigned char *src, size_t len,
count++;
}
- if (count % 4)
+ if (count == 0 || count % 4)
return NULL;
olen = count / 4 * 3;
diff --git a/common.c b/common.c
index d0233d88f5d1..f226c68631b8 100644
--- a/common.c
+++ b/common.c
@@ -16,10 +16,6 @@
#include "common.h"
-#ifdef CONFIG_DEBUG_SYSLOG
-#include <syslog.h>
-#endif /* CONFIG_DEBUG_SYSLOG */
-
#ifdef CONFIG_DEBUG_FILE
static FILE *out_file = NULL;
@@ -27,7 +23,6 @@ static FILE *out_file = NULL;
int wpa_debug_level = MSG_INFO;
int wpa_debug_show_keys = 0;
int wpa_debug_timestamp = 0;
-int wpa_debug_syslog = 0;
static int hex2num(char c)
@@ -166,40 +161,6 @@ void wpa_debug_print_timestamp(void)
printf("%ld.%06u: ", (long) tv.sec, (unsigned int) tv.usec);
}
-void wpa_debug_open_syslog(void)
-{
-#ifdef CONFIG_DEBUG_SYSLOG
- openlog("wpa_supplicant", LOG_PID | LOG_NDELAY, LOG_DAEMON);
- wpa_debug_syslog++;
-#endif
-}
-
-void wpa_debug_close_syslog(void)
-{
-#ifdef CONFIG_DEBUG_SYSLOG
- if (wpa_debug_syslog)
- closelog();
-#endif
-}
-
-#ifdef CONFIG_DEBUG_SYSLOG
-static int syslog_priority(int level)
-{
- switch (level) {
- case MSG_MSGDUMP:
- case MSG_DEBUG:
- return LOG_DEBUG;
- case MSG_INFO:
- return LOG_NOTICE;
- case MSG_WARNING:
- return LOG_WARNING;
- case MSG_ERROR:
- return LOG_ERR;
- }
- return LOG_INFO;
-}
-#endif /* CONFIG_DEBUG_SYSLOG */
-
/**
* wpa_printf - conditional printf
@@ -218,11 +179,6 @@ void wpa_printf(int level, char *fmt, ...)
va_start(ap, fmt);
if (level >= wpa_debug_level) {
-#ifdef CONFIG_DEBUG_SYSLOG
- if (wpa_debug_syslog) {
- vsyslog(syslog_priority(level), fmt, ap);
- } else {
-#endif /* CONFIG_DEBUG_SYSLOG */
wpa_debug_print_timestamp();
#ifdef CONFIG_DEBUG_FILE
if (out_file) {
@@ -235,9 +191,6 @@ void wpa_printf(int level, char *fmt, ...)
#ifdef CONFIG_DEBUG_FILE
}
#endif /* CONFIG_DEBUG_FILE */
-#ifdef CONFIG_DEBUG_SYSLOG
- }
-#endif /* CONFIG_DEBUG_SYSLOG */
}
va_end(ap);
}
diff --git a/ctrl_iface.c b/ctrl_iface.c
index c84a9f9d75aa..52d5bd90732c 100644
--- a/ctrl_iface.c
+++ b/ctrl_iface.c
@@ -76,6 +76,7 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
}
+#ifdef IEEE8021X_EAPOL
static int wpa_supplicant_ctrl_iface_preauth(struct wpa_supplicant *wpa_s,
char *addr)
{
@@ -94,6 +95,7 @@ static int wpa_supplicant_ctrl_iface_preauth(struct wpa_supplicant *wpa_s,
return 0;
}
+#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_PEERKEY
@@ -1126,9 +1128,11 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
wpa_s->reassociate = 1;
wpa_supplicant_req_scan(wpa_s, 0, 0);
}
+#ifdef IEEE8021X_EAPOL
} else if (os_strncmp(buf, "PREAUTH ", 8) == 0) {
if (wpa_supplicant_ctrl_iface_preauth(wpa_s, buf + 8))
reply_len = -1;
+#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_PEERKEY
} else if (os_strncmp(buf, "STKSTART ", 9) == 0) {
if (wpa_supplicant_ctrl_iface_stkstart(wpa_s, buf + 9))
diff --git a/ctrl_iface_dbus.c b/ctrl_iface_dbus.c
index ba7851694ba4..7475aa42cda0 100644
--- a/ctrl_iface_dbus.c
+++ b/ctrl_iface_dbus.c
@@ -30,10 +30,10 @@
#include "wpa_ctrl.h"
#include "eap.h"
-#define DBUS_VERSION (DBUS_VERSION_MAJOR << 8 | DBUS_VERSION_MINOR)
+#define _DBUS_VERSION (DBUS_VERSION_MAJOR << 8 | DBUS_VERSION_MINOR)
#define DBUS_VER(major, minor) ((major) << 8 | (minor))
-#if DBUS_VERSION < DBUS_VER(1,1)
+#if _DBUS_VERSION < DBUS_VER(1,1)
#define dbus_watch_get_unix_fd dbus_watch_get_fd
#endif
diff --git a/ctrl_iface_unix.c b/ctrl_iface_unix.c
index 9e4f85fabaad..6c03d464e6b3 100644
--- a/ctrl_iface_unix.c
+++ b/ctrl_iface_unix.c
@@ -305,7 +305,7 @@ wpa_supplicant_ctrl_iface_init(struct wpa_supplicant *wpa_s)
/* Group name not found - try to parse this as gid */
gid = strtol(gid_str, &endp, 10);
if (*gid_str == '\0' || *endp != '\0') {
- wpa_printf(MSG_DEBUG, "CTRL: Invalid group "
+ wpa_printf(MSG_ERROR, "CTRL: Invalid group "
"'%s'", gid_str);
goto fail;
}
diff --git a/dbus_dict_helpers.c b/dbus_dict_helpers.c
index 2852ed522cd4..b6ea55644335 100644
--- a/dbus_dict_helpers.c
+++ b/dbus_dict_helpers.c
@@ -629,36 +629,56 @@ dbus_bool_t wpa_dbus_dict_open_read(DBusMessageIter *iter,
}
+#define BYTE_ARRAY_CHUNK_SIZE 34
+#define BYTE_ARRAY_ITEM_SIZE (sizeof (char))
+
static dbus_bool_t _wpa_dbus_dict_entry_get_byte_array(
- DBusMessageIter *iter, int array_len, int array_type,
+ DBusMessageIter *iter, int array_type,
struct wpa_dbus_dict_entry *entry)
{
- dbus_uint32_t i = 0;
+ dbus_uint32_t count = 0;
dbus_bool_t success = FALSE;
- char byte;
+ char *buffer;
- /* Zero-length arrays are valid. */
- if (array_len == 0) {
- entry->bytearray_value = NULL;
- entry->array_type = DBUS_TYPE_BYTE;
- success = TRUE;
- goto done;
- }
+ entry->bytearray_value = NULL;
+ entry->array_type = DBUS_TYPE_BYTE;
- entry->bytearray_value = wpa_zalloc(array_len * sizeof(char));
- if (!entry->bytearray_value) {
+ buffer = wpa_zalloc(BYTE_ARRAY_ITEM_SIZE * BYTE_ARRAY_CHUNK_SIZE);
+ if (!buffer) {
perror("_wpa_dbus_dict_entry_get_byte_array[dbus]: out of "
"memory");
goto done;
}
- entry->array_type = DBUS_TYPE_BYTE;
- entry->array_len = array_len;
+ entry->bytearray_value = buffer;
+ entry->array_len = 0;
while (dbus_message_iter_get_arg_type(iter) == DBUS_TYPE_BYTE) {
+ char byte;
+
+ if ((count % BYTE_ARRAY_CHUNK_SIZE) == 0 && count != 0) {
+ buffer = realloc(buffer, BYTE_ARRAY_ITEM_SIZE *
+ (count + BYTE_ARRAY_CHUNK_SIZE));
+ if (buffer == NULL) {
+ perror("_wpa_dbus_dict_entry_get_byte_array["
+ "dbus] out of memory trying to "
+ "retrieve the string array");
+ goto done;
+ }
+ }
+ entry->bytearray_value = buffer;
+
dbus_message_iter_get_basic(iter, &byte);
- entry->bytearray_value[i++] = byte;
+ entry->bytearray_value[count] = byte;
+ entry->array_len = ++count;
dbus_message_iter_next(iter);
}
+
+ /* Zero-length arrays are valid. */
+ if (entry->array_len == 0) {
+ free(entry->bytearray_value);
+ entry->bytearray_value = NULL;
+ }
+
success = TRUE;
done:
@@ -666,8 +686,11 @@ done:
}
+#define STR_ARRAY_CHUNK_SIZE 8
+#define STR_ARRAY_ITEM_SIZE (sizeof (char *))
+
static dbus_bool_t _wpa_dbus_dict_entry_get_string_array(
- DBusMessageIter *iter, int array_len, int array_type,
+ DBusMessageIter *iter, int array_type,
struct wpa_dbus_dict_entry *entry)
{
dbus_uint32_t count = 0;
@@ -677,13 +700,7 @@ static dbus_bool_t _wpa_dbus_dict_entry_get_string_array(
entry->strarray_value = NULL;
entry->array_type = DBUS_TYPE_STRING;
- /* Zero-length arrays are valid. */
- if (array_len == 0) {
- success = TRUE;
- goto done;
- }
-
- buffer = wpa_zalloc(sizeof (char *) * 8);
+ buffer = wpa_zalloc(STR_ARRAY_ITEM_SIZE * STR_ARRAY_CHUNK_SIZE);
if (buffer == NULL) {
perror("_wpa_dbus_dict_entry_get_string_array[dbus] out of "
"memory trying to retrieve a string array");
@@ -696,18 +713,15 @@ static dbus_bool_t _wpa_dbus_dict_entry_get_string_array(
const char *value;
char *str;
- if ((count % 8) == 0 && count != 0) {
- char **tmp;
- tmp = realloc(buffer, sizeof(char *) * (count + 8));
- if (tmp == NULL) {
+ if ((count % STR_ARRAY_CHUNK_SIZE) == 0 && count != 0) {
+ buffer = realloc(buffer, STR_ARRAY_ITEM_SIZE *
+ (count + STR_ARRAY_CHUNK_SIZE));
+ if (buffer == NULL) {
perror("_wpa_dbus_dict_entry_get_string_array["
"dbus] out of memory trying to "
"retrieve the string array");
- free(buffer);
- buffer = NULL;
goto done;
}
- buffer = tmp;
}
entry->strarray_value = buffer;
@@ -723,6 +737,13 @@ static dbus_bool_t _wpa_dbus_dict_entry_get_string_array(
entry->array_len = ++count;
dbus_message_iter_next(iter);
}
+
+ /* Zero-length arrays are valid. */
+ if (entry->array_len == 0) {
+ free(entry->strarray_value);
+ entry->strarray_value = NULL;
+ }
+
success = TRUE;
done:
@@ -734,7 +755,6 @@ static dbus_bool_t _wpa_dbus_dict_entry_get_array(
DBusMessageIter *iter_dict_val, struct wpa_dbus_dict_entry *entry)
{
int array_type = dbus_message_iter_get_element_type(iter_dict_val);
- int array_len;
dbus_bool_t success = FALSE;
DBusMessageIter iter_array;
@@ -743,20 +763,14 @@ static dbus_bool_t _wpa_dbus_dict_entry_get_array(
dbus_message_iter_recurse(iter_dict_val, &iter_array);
- array_len = dbus_message_iter_get_array_len(&iter_array);
- if (array_len < 0)
- return FALSE;
-
switch (array_type) {
case DBUS_TYPE_BYTE:
success = _wpa_dbus_dict_entry_get_byte_array(&iter_array,
- array_len,
array_type,
entry);
break;
case DBUS_TYPE_STRING:
success = _wpa_dbus_dict_entry_get_string_array(&iter_array,
- array_len,
array_type,
entry);
break;
@@ -946,9 +960,17 @@ void wpa_dbus_dict_entry_clear(struct wpa_dbus_dict_entry *entry)
break;
case DBUS_TYPE_ARRAY:
switch (entry->array_type) {
- case DBUS_TYPE_BYTE:
- free(entry->bytearray_value);
- break;
+ case DBUS_TYPE_BYTE: {
+ free(entry->bytearray_value);
+ break;
+ }
+ case DBUS_TYPE_STRING: {
+ unsigned int i;
+ for (i = 0; i < entry->array_len; i++)
+ free(entry->strarray_value[i]);
+ free(entry->strarray_value);
+ break;
+ }
}
break;
}
diff --git a/defconfig b/defconfig
index 73e5da555915..52165988a883 100644
--- a/defconfig
+++ b/defconfig
@@ -321,6 +321,3 @@ CONFIG_PEERKEY=y
# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
#CONFIG_DEBUG_FILE=y
-
-# Add support for logging via syslog
-#CONFIG_DEBUG_SYSLOG=y
diff --git a/doc/docbook/wpa_background.8 b/doc/docbook/wpa_background.8
index 6244529e69a9..c62f5e067ae2 100644
--- a/doc/docbook/wpa_background.8
+++ b/doc/docbook/wpa_background.8
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "WPA_BACKGROUND" "8" "19 February 2008" "" ""
+.TH "WPA_BACKGROUND" "8" "28 November 2008" "" ""
.SH NAME
wpa_background \- Background information on Wi-Fi Protected Access and IEEE 802.11i
diff --git a/doc/docbook/wpa_cli.8 b/doc/docbook/wpa_cli.8
index 0865264a69a2..43cc43d72910 100644
--- a/doc/docbook/wpa_cli.8
+++ b/doc/docbook/wpa_cli.8
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "WPA_CLI" "8" "19 February 2008" "" ""
+.TH "WPA_CLI" "8" "28 November 2008" "" ""
.SH NAME
wpa_cli \- WPA command line client
@@ -57,17 +57,18 @@ current network. <text> is description of the request. In
case of OTP request, it includes the challenge from the
authentication server.
.PP
-The reply to these requests can be given with 'identity',
-'password', and 'otp' commands. <id> needs to be copied from the
-the matching request. 'password' and 'otp' commands can be used
-regardless of whether the request was for PASSWORD or OTP. The
-main difference between these two commands is that values given
-with 'password' are remembered as long as wpa_supplicant is
-running whereas values given with 'otp' are used only once and
-then forgotten, i.e., wpa_supplicant will ask frontend for a new
-value for every use. This can be used to implement
-one-time-password lists and generic token card -based
-authentication.
+The reply to these requests can be given with
+\fBidentity\fR, \fBpassword\fR, and
+\fBotp\fR commands. <id> needs to be copied from
+the matching request. \fBpassword\fR and
+\fBotp\fR commands can be used regardless of whether
+the request was for PASSWORD or OTP. The main difference between these
+two commands is that values given with \fBpassword\fR are
+remembered as long as wpa_supplicant is running whereas values given
+with \fBotp\fR are used only once and then forgotten,
+i.e., wpa_supplicant will ask frontend for a new value for every use.
+This can be used to implement one-time-password lists and generic token
+card -based authentication.
.PP
Example request for password and a matching reply:
.sp
diff --git a/doc/docbook/wpa_cli.sgml b/doc/docbook/wpa_cli.sgml
index 8430599efb73..ade036210e4c 100644
--- a/doc/docbook/wpa_cli.sgml
+++ b/doc/docbook/wpa_cli.sgml
@@ -72,17 +72,18 @@
case of OTP request, it includes the challenge from the
authentication server.</para>
- <para>The reply to these requests can be given with 'identity',
- 'password', and 'otp' commands. &lt;id&gt; needs to be copied from the
- the matching request. 'password' and 'otp' commands can be used
- regardless of whether the request was for PASSWORD or OTP. The
- main difference between these two commands is that values given
- with 'password' are remembered as long as wpa_supplicant is
- running whereas values given with 'otp' are used only once and
- then forgotten, i.e., wpa_supplicant will ask frontend for a new
- value for every use. This can be used to implement
- one-time-password lists and generic token card -based
- authentication.</para>
+ <para>The reply to these requests can be given with
+ <emphasis>identity</emphasis>, <emphasis>password</emphasis>, and
+ <emphasis>otp</emphasis> commands. &lt;id&gt; needs to be copied from
+ the matching request. <emphasis>password</emphasis> and
+ <emphasis>otp</emphasis> commands can be used regardless of whether
+ the request was for PASSWORD or OTP. The main difference between these
+ two commands is that values given with <emphasis>password</emphasis> are
+ remembered as long as wpa_supplicant is running whereas values given
+ with <emphasis>otp</emphasis> are used only once and then forgotten,
+ i.e., wpa_supplicant will ask frontend for a new value for every use.
+ This can be used to implement one-time-password lists and generic token
+ card -based authentication.</para>
<para>Example request for password and a matching reply:</para>
diff --git a/doc/docbook/wpa_passphrase.8 b/doc/docbook/wpa_passphrase.8
index a0f5c7039863..52faebba5666 100644
--- a/doc/docbook/wpa_passphrase.8
+++ b/doc/docbook/wpa_passphrase.8
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "WPA_PASSPHRASE" "8" "19 February 2008" "" ""
+.TH "WPA_PASSPHRASE" "8" "28 November 2008" "" ""
.SH NAME
wpa_passphrase \- Generate a WPA PSK from an ASCII passphrase for a SSID
diff --git a/doc/docbook/wpa_supplicant.8 b/doc/docbook/wpa_supplicant.8
index 1a5697d84229..e7d8406413bb 100644
--- a/doc/docbook/wpa_supplicant.8
+++ b/doc/docbook/wpa_supplicant.8
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "WPA_SUPPLICANT" "8" "19 February 2008" "" ""
+.TH "WPA_SUPPLICANT" "8" "28 November 2008" "" ""
.SH NAME
wpa_supplicant \- Wi-Fi Protected Access client and IEEE 802.1X supplicant
@@ -214,7 +214,11 @@ PMKSA caching
.RE
.SH "AVAILABLE DRIVERS"
.PP
-The available drivers to specify with the -D option are:
+A summary of available driver backends is below. Support for each
+of the driver backends is chosen at wpa_supplicant compile time. For a
+list of supported driver backends that may be used with the -D option on
+your system, refer to the help output of wpa_supplicant
+(\fBwpa_supplicant -h\fR).
.TP
\fBhostap\fR
(default) Host AP driver (Intersil Prism2/2.5/3).
@@ -250,33 +254,47 @@ BSD 802.11 support (Atheros, etc.).
\fBndis\fR
Windows NDIS driver.
.SH "COMMAND LINE OPTIONS"
+.PP
+Most command line options have global scope. Some are given per
+interface, and are only valid if at least one \fB-i\fR option
+is specified, otherwise they're ignored. Option groups for different
+interfaces must be separated by \fB-N\fR option.
+.TP
+\fB-b br_ifname\fR
+Optional bridge interface name. (Per interface)
.TP
\fB-B\fR
Run daemon in the background.
.TP
\fB-i ifname\fR
-Interface to listen on.
+Interface to listen on. Multiple instances of this option can
+be present, one per interface, separated by \fB-N\fR
+option (see below).
.TP
\fB-c filename\fR
-Path to configuration file.
+Path to configuration file. (Per interface)
.TP
\fB-P PID_file\fR
Path to PID file.
.TP
\fB-C ctrl_interface\fR
-Path to ctrl_interface socket (only used if -c is not).
+Path to ctrl_interface socket (Per interface. Only used if
+\fB-c\fR is not).
.TP
\fB-g global ctrl_interface\fR
-Path to global ctrl_interface socket.
+Path to global ctrl_interface socket. If specified, interface
+definitions may be omitted.
.TP
\fB-D driver\fR
-Driver to use. See the available options below.
+Driver to use. (Per interface, see the available options
+below.)
.TP
\fB-f output file\fR
Log output to specified file instead of stdout.
.TP
\fB-d\fR
-Increase debugging verbosity (-dd even more).
+Increase debugging verbosity (\fB-dd\fR even
+more).
.TP
\fB-K\fR
Include keys (passwords, etc.) in debug output.
@@ -296,7 +314,12 @@ Help. Show a usage message.
Show license (GPL and BSD).
.TP
\fB-q\fR
-Decrease debugging verbosity (-qq even less).
+Decrease debugging verbosity (\fB-qq\fR even
+less).
+.TP
+\fB-u\fR
+Enabled DBus control interface. If enabled, interface
+definitions may be omitted.
.TP
\fB-v\fR
Show version.
@@ -367,9 +390,9 @@ with other versions)
.TP
\fBHost AP driver for Prism2/2.5/3 (development snapshot/v0.2.x)\fR
(http://hostap.epitest.fi/) Driver needs to be set in
-Managed mode ('iwconfig wlan0 mode managed'). Please note
-that station firmware version needs to be 1.7.0 or newer to
-work in WPA mode.
+Managed mode (\fBiwconfig wlan0 mode managed\fR).
+Please note that station firmware version needs to be 1.7.0 or
+newer to work in WPA mode.
.TP
\fBLinuxant DriverLoader\fR
(http://www.linuxant.com/driverloader/)
@@ -506,8 +529,8 @@ can be used to enable WPA support:
Add MODE="Managed" and WPA="y" to the network scheme in
\fI/etc/pcmcia/wireless.opts\fR\&.
.PP
-Add the following block to the end of 'start' action handler
-in \fI/etc/pcmcia/wireless\fR:
+Add the following block to the end of \fBstart\fR
+action handler in \fI/etc/pcmcia/wireless\fR:
.sp
.RS
@@ -519,8 +542,8 @@ fi
.fi
.RE
.PP
-Add the following block to the end of 'stop' action handler
-(may need to be separated from other actions) in
+Add the following block to the end of \fBstop\fR
+action handler (may need to be separated from other actions) in
\fI/etc/pcmcia/wireless\fR:
.sp
.RS
diff --git a/doc/docbook/wpa_supplicant.conf.5 b/doc/docbook/wpa_supplicant.conf.5
index efe17cc8762b..494b8a21d1e5 100644
--- a/doc/docbook/wpa_supplicant.conf.5
+++ b/doc/docbook/wpa_supplicant.conf.5
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "WPA_SUPPLICANT.CONF" "5" "19 February 2008" "" ""
+.TH "WPA_SUPPLICANT.CONF" "5" "28 November 2008" "" ""
.SH NAME
wpa_supplicant.conf \- configuration file for wpa_supplicant
@@ -24,7 +24,7 @@ run in the background.
Changes to configuration file can be reloaded be sending
SIGHUP signal to \fBwpa_supplicant\fR ('killall -HUP
wpa_supplicant'). Similarly, reloading can be triggered with
-the 'wpa_cli reconfigure' command.
+the \fBwpa_cli reconfigure\fR command.
.PP
Configuration file can include one or more network blocks,
e.g., one for each used SSID. wpa_supplicant will automatically
@@ -179,7 +179,7 @@ network={
.TP 3
6.
Authentication for wired Ethernet. This can be used with
-'wired' interface (-Dwired on command line).
+\fBwired\fR interface (-Dwired on command line).
.sp
.RS
diff --git a/doc/docbook/wpa_supplicant.conf.sgml b/doc/docbook/wpa_supplicant.conf.sgml
index 082509cc77aa..063e88298af5 100644
--- a/doc/docbook/wpa_supplicant.conf.sgml
+++ b/doc/docbook/wpa_supplicant.conf.sgml
@@ -26,7 +26,7 @@
<para>Changes to configuration file can be reloaded be sending
SIGHUP signal to <command>wpa_supplicant</command> ('killall -HUP
wpa_supplicant'). Similarly, reloading can be triggered with
- the 'wpa_cli reconfigure' command.</para>
+ the <emphasis>wpa_cli reconfigure</emphasis> command.</para>
<para>Configuration file can include one or more network blocks,
e.g., one for each used SSID. wpa_supplicant will automatically
@@ -179,7 +179,7 @@ network={
<listitem>
<para>Authentication for wired Ethernet. This can be used with
- 'wired' interface (-Dwired on command line).</para>
+ <emphasis>wired</emphasis> interface (-Dwired on command line).</para>
<blockquote><programlisting>
ctrl_interface=/var/run/wpa_supplicant
diff --git a/doc/docbook/wpa_supplicant.sgml b/doc/docbook/wpa_supplicant.sgml
index b46d13c1f9ef..ad570badd198 100644
--- a/doc/docbook/wpa_supplicant.sgml
+++ b/doc/docbook/wpa_supplicant.sgml
@@ -241,7 +241,11 @@
<refsect1>
<title>Available Drivers</title>
- <para>The available drivers to specify with the -D option are:</para>
+ <para>A summary of available driver backends is below. Support for each
+ of the driver backends is chosen at wpa_supplicant compile time. For a
+ list of supported driver backends that may be used with the -D option on
+ your system, refer to the help output of wpa_supplicant
+ (<emphasis>wpa_supplicant -h</emphasis>).</para>
<variablelist>
<varlistentry>
@@ -326,8 +330,19 @@
<refsect1>
<title>Command Line Options</title>
+ <para>Most command line options have global scope. Some are given per
+ interface, and are only valid if at least one <option>-i</option> option
+ is specified, otherwise they're ignored. Option groups for different
+ interfaces must be separated by <option>-N</option> option.</para>
<variablelist>
<varlistentry>
+ <term>-b br_ifname</term>
+ <listitem>
+ <para>Optional bridge interface name. (Per interface)</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>-B</term>
<listitem>
<para>Run daemon in the background.</para>
@@ -337,14 +352,16 @@
<varlistentry>
<term>-i ifname</term>
<listitem>
- <para>Interface to listen on.</para>
+ <para>Interface to listen on. Multiple instances of this option can
+ be present, one per interface, separated by <option>-N</option>
+ option (see below).</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-c filename</term>
<listitem>
- <para>Path to configuration file.</para>
+ <para>Path to configuration file. (Per interface)</para>
</listitem>
</varlistentry>
@@ -358,21 +375,24 @@
<varlistentry>
<term>-C ctrl_interface</term>
<listitem>
- <para>Path to ctrl_interface socket (only used if -c is not).</para>
+ <para>Path to ctrl_interface socket (Per interface. Only used if
+ <option>-c</option> is not).</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-g global ctrl_interface</term>
<listitem>
- <para>Path to global ctrl_interface socket.</para>
+ <para>Path to global ctrl_interface socket. If specified, interface
+ definitions may be omitted.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>-D driver</term>
<listitem>
- <para>Driver to use. See the available options below.</para>
+ <para>Driver to use. (Per interface, see the available options
+ below.)</para>
</listitem>
</varlistentry>
@@ -386,7 +406,8 @@
<varlistentry>
<term>-d</term>
<listitem>
- <para>Increase debugging verbosity (-dd even more).</para>
+ <para>Increase debugging verbosity (<option>-dd</option> even
+ more).</para>
</listitem>
</varlistentry>
@@ -430,9 +451,19 @@
<varlistentry>
<term>-q</term>
<listitem>
- <para>Decrease debugging verbosity (-qq even less).</para>
+ <para>Decrease debugging verbosity (<option>-qq</option> even
+ less).</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term>-u</term>
+ <listitem>
+ <para>Enabled DBus control interface. If enabled, interface
+ definitions may be omitted.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>-v</term>
<listitem>
@@ -523,9 +554,9 @@ wpa_supplicant \
snapshot/v0.2.x)</term>
<listitem>
<para> (http://hostap.epitest.fi/) Driver needs to be set in
- Managed mode ('iwconfig wlan0 mode managed'). Please note
- that station firmware version needs to be 1.7.0 or newer to
- work in WPA mode.</para>
+ Managed mode (<emphasis>iwconfig wlan0 mode managed</emphasis>).
+ Please note that station firmware version needs to be 1.7.0 or
+ newer to work in WPA mode.</para>
</listitem>
</varlistentry>
@@ -729,8 +760,8 @@ wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -B
<para>Add MODE="Managed" and WPA="y" to the network scheme in
<filename>/etc/pcmcia/wireless.opts</filename>.</para>
- <para>Add the following block to the end of 'start' action handler
- in <filename>/etc/pcmcia/wireless</filename>:</para>
+ <para>Add the following block to the end of <emphasis>start</emphasis>
+ action handler in <filename>/etc/pcmcia/wireless</filename>:</para>
<blockquote><programlisting>
if [ "$WPA" = "y" -a -x /usr/local/bin/wpa_supplicant ]; then
@@ -739,8 +770,8 @@ fi
</programlisting></blockquote>
- <para>Add the following block to the end of 'stop' action handler
- (may need to be separated from other actions) in
+ <para>Add the following block to the end of <emphasis>stop</emphasis>
+ action handler (may need to be separated from other actions) in
<filename>/etc/pcmcia/wireless</filename>:</para>
<blockquote><programlisting>
diff --git a/driver_hostap.h b/driver_hostap.h
index a83322f7e237..a2508ed924f6 100644
--- a/driver_hostap.h
+++ b/driver_hostap.h
@@ -84,9 +84,9 @@ enum {
#define PRISM2_HOSTAPD_MAX_BUF_SIZE 1024
#define PRISM2_HOSTAPD_RID_HDR_LEN \
-((int) (&((struct prism2_hostapd_param *) 0)->u.rid.data))
+((size_t) (&((struct prism2_hostapd_param *) 0)->u.rid.data))
#define PRISM2_HOSTAPD_GENERIC_ELEMENT_HDR_LEN \
-((int) (&((struct prism2_hostapd_param *) 0)->u.generic_elem.data))
+((size_t) (&((struct prism2_hostapd_param *) 0)->u.generic_elem.data))
/* Maximum length for algorithm names (-1 for nul termination) used in ioctl()
*/
diff --git a/driver_ndis.c b/driver_ndis.c
index 570b4ca1a183..de3430631177 100644
--- a/driver_ndis.c
+++ b/driver_ndis.c
@@ -42,7 +42,9 @@ int close(int fd);
#include "driver_ndis.h"
int wpa_driver_register_event_cb(struct wpa_driver_ndis_data *drv);
+#ifdef CONFIG_NDIS_EVENTS_INTEGRATED
void wpa_driver_ndis_event_pipe_cb(void *eloop_data, void *user_data);
+#endif /* CONFIG_NDIS_EVENTS_INTEGRATED */
static void wpa_driver_ndis_deinit(void *priv);
static void wpa_driver_ndis_poll(void *drv);
diff --git a/eap.c b/eap.c
index a5cd9824fc62..8021e80ff120 100644
--- a/eap.c
+++ b/eap.c
@@ -892,7 +892,7 @@ static int eap_sm_imsi_identity(struct eap_sm *sm, struct wpa_ssid *ssid)
#endif /* PCSC_FUNCS */
-static int eap_sm_get_scard_identity(struct eap_sm *sm, struct wpa_ssid *ssid)
+static int eap_sm_set_scard_pin(struct eap_sm *sm, struct wpa_ssid *ssid)
{
#ifdef PCSC_FUNCS
if (scard_set_pin(sm->scard_ctx, ssid->pin)) {
@@ -907,6 +907,17 @@ static int eap_sm_get_scard_identity(struct eap_sm *sm, struct wpa_ssid *ssid)
eap_sm_request_pin(sm);
return -1;
}
+ return 0;
+#else /* PCSC_FUNCS */
+ return -1;
+#endif /* PCSC_FUNCS */
+}
+
+static int eap_sm_get_scard_identity(struct eap_sm *sm, struct wpa_ssid *ssid)
+{
+#ifdef PCSC_FUNCS
+ if (eap_sm_set_scard_pin(sm, ssid))
+ return -1;
return eap_sm_imsi_identity(sm, ssid);
#else /* PCSC_FUNCS */
@@ -973,6 +984,9 @@ u8 * eap_sm_buildIdentity(struct eap_sm *sm, int id, size_t *len,
eap_sm_request_identity(sm);
return NULL;
}
+ } else if (config->pcsc) {
+ if (eap_sm_set_scard_pin(sm, config) < 0)
+ return NULL;
}
*len = sizeof(struct eap_hdr) + 1 + identity_len;
diff --git a/eap_aka.c b/eap_aka.c
index a8b56ca67302..daf7722f124f 100644
--- a/eap_aka.c
+++ b/eap_aka.c
@@ -292,7 +292,7 @@ static u8 * eap_aka_response_challenge(struct eap_aka_data *data,
msg = eap_sim_msg_init(EAP_CODE_RESPONSE, req->identifier,
EAP_TYPE_AKA, EAP_AKA_SUBTYPE_CHALLENGE);
wpa_printf(MSG_DEBUG, " AT_RES");
- eap_sim_msg_add(msg, EAP_SIM_AT_RES, data->res_len,
+ eap_sim_msg_add(msg, EAP_SIM_AT_RES, data->res_len * 8,
data->res, data->res_len);
wpa_printf(MSG_DEBUG, " AT_MAC");
eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
diff --git a/eap_gpsk.c b/eap_gpsk.c
index 81b03ede5991..a9af85ca8dff 100644
--- a/eap_gpsk.c
+++ b/eap_gpsk.c
@@ -240,8 +240,8 @@ const u8 * eap_gpsk_process_csuite_list(struct eap_sm *sm,
return NULL;
}
if (*list_len == 0 || (*list_len % sizeof(struct eap_gpsk_csuite))) {
- wpa_printf(MSG_DEBUG, "EAP-GPSK: Invalid CSuite_List len %d",
- *list_len);
+ wpa_printf(MSG_DEBUG, "EAP-GPSK: Invalid CSuite_List len %lu",
+ (unsigned long) *list_len);
return NULL;
}
*list = pos;
@@ -460,6 +460,7 @@ const u8 * eap_gpsk_validate_id_server(struct eap_gpsk_data *data,
data->id_server, data->id_server_len);
wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Server in GPSK-3",
pos, len);
+ return NULL;
}
pos += len;
@@ -537,7 +538,9 @@ const u8 * eap_gpsk_validate_gpsk_3_mic(struct eap_gpsk_data *data,
miclen = eap_gpsk_mic_len(data->vendor, data->specifier);
if (end - pos < (int) miclen) {
wpa_printf(MSG_DEBUG, "EAP-GPSK: Message too short for MIC "
- "(left=%d miclen=%d)", end - pos, miclen);
+ "(left=%lu miclen=%lu)",
+ (unsigned long) (end - pos),
+ (unsigned long) miclen);
return NULL;
}
if (eap_gpsk_compute_mic(data->sk, data->sk_len, data->vendor,
@@ -589,8 +592,9 @@ static u8 * eap_gpsk_process_gpsk_3(struct eap_sm *sm,
return NULL;
}
if (pos != end) {
- wpa_printf(MSG_DEBUG, "EAP-GPSK: Ignored %d bytes of extra "
- "data in the end of GPSK-2", end - pos);
+ wpa_printf(MSG_DEBUG, "EAP-GPSK: Ignored %lu bytes of extra "
+ "data in the end of GPSK-2",
+ (unsigned long) (end - pos));
}
req = (const struct eap_hdr *) reqData;
diff --git a/eap_gpsk_common.c b/eap_gpsk_common.c
index 7422fa6c48f9..ec97a56f0b44 100644
--- a/eap_gpsk_common.c
+++ b/eap_gpsk_common.c
@@ -376,8 +376,8 @@ static int eap_gpsk_compute_mic_aes(const u8 *sk, size_t sk_len,
const u8 *data, size_t len, u8 *mic)
{
if (sk_len != 16) {
- wpa_printf(MSG_DEBUG, "EAP-GPSK: Invalid SK length %d for "
- "AES-CMAC MIC", sk_len);
+ wpa_printf(MSG_DEBUG, "EAP-GPSK: Invalid SK length %lu for "
+ "AES-CMAC MIC", (unsigned long) sk_len);
return -1;
}
diff --git a/eap_ttls.c b/eap_ttls.c
index ca0069439ac4..bdffed41740b 100644
--- a/eap_ttls.c
+++ b/eap_ttls.c
@@ -673,7 +673,7 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm,
/* MS-CHAP-Challenge */
challenge = eap_ttls_implicit_challenge(
- sm, data, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN * 2 + 1);
+ sm, data, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN + 1);
if (challenge == NULL) {
os_free(buf);
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAPV2: Failed to derive "
@@ -777,7 +777,8 @@ static int eap_ttls_phase2_request_mschap(struct eap_sm *sm,
config->identity, config->identity_len);
/* MS-CHAP-Challenge */
- challenge = eap_ttls_implicit_challenge(sm, data, EAP_TLS_KEY_LEN);
+ challenge = eap_ttls_implicit_challenge(
+ sm, data, EAP_TTLS_MSCHAP_CHALLENGE_LEN + 1);
if (challenge == NULL) {
os_free(buf);
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAP: Failed to derive "
@@ -907,7 +908,8 @@ static int eap_ttls_phase2_request_chap(struct eap_sm *sm,
config->identity, config->identity_len);
/* CHAP-Challenge */
- challenge = eap_ttls_implicit_challenge(sm, data, EAP_TLS_KEY_LEN);
+ challenge = eap_ttls_implicit_challenge(
+ sm, data, EAP_TTLS_CHAP_CHALLENGE_LEN + 1);
if (challenge == NULL) {
os_free(buf);
wpa_printf(MSG_ERROR, "EAP-TTLS/CHAP: Failed to derive "
diff --git a/eloop.c b/eloop.c
index 232e7533cab2..9cac792615bb 100644
--- a/eloop.c
+++ b/eloop.c
@@ -232,7 +232,10 @@ int eloop_register_timeout(unsigned int secs, unsigned int usecs,
timeout = os_malloc(sizeof(*timeout));
if (timeout == NULL)
return -1;
- os_get_time(&timeout->time);
+ if (os_get_time(&timeout->time) < 0) {
+ os_free(timeout);
+ return -1;
+ }
timeout->time.sec += secs;
timeout->time.usec += usecs;
while (timeout->time.usec >= 1000000) {
@@ -302,6 +305,25 @@ int eloop_cancel_timeout(eloop_timeout_handler handler,
}
+int eloop_is_timeout_registered(eloop_timeout_handler handler,
+ void *eloop_data, void *user_data)
+{
+ struct eloop_timeout *tmp;
+
+ tmp = eloop.timeout;
+ while (tmp != NULL) {
+ if (tmp->handler == handler &&
+ tmp->eloop_data == eloop_data &&
+ tmp->user_data == user_data)
+ return 1;
+
+ tmp = tmp->next;
+ }
+
+ return 0;
+}
+
+
#ifndef CONFIG_NATIVE_WINDOWS
static void eloop_handle_alarm(int sig)
{
diff --git a/eloop.h b/eloop.h
index 4dd2871760df..cf83f3836555 100644
--- a/eloop.h
+++ b/eloop.h
@@ -207,6 +207,19 @@ int eloop_cancel_timeout(eloop_timeout_handler handler,
void *eloop_data, void *user_data);
/**
+ * eloop_is_timeout_registered - Check if a timeout is already registered
+ * @handler: Matching callback function
+ * @eloop_data: Matching eloop_data
+ * @user_data: Matching user_data
+ * Returns: 1 if the timeout is registered, 0 if the timeout is not registered
+ *
+ * Determine if a matching <handler,eloop_data,user_data> timeout is registered
+ * with eloop_register_timeout().
+ */
+int eloop_is_timeout_registered(eloop_timeout_handler handler,
+ void *eloop_data, void *user_data);
+
+/**
* eloop_register_signal - Register handler for signals
* @sig: Signal number (e.g., SIGHUP)
* @handler: Callback function to be called when the signal is received
diff --git a/eloop_none.c b/eloop_none.c
index 6943109d955f..215030b2135f 100644
--- a/eloop_none.c
+++ b/eloop_none.c
@@ -197,6 +197,26 @@ int eloop_cancel_timeout(void (*handler)(void *eloop_ctx, void *sock_ctx),
}
+int eloop_is_timeout_registered(void (*handler)(void *eloop_ctx,
+ void *timeout_ctx),
+ void *eloop_data, void *user_data)
+{
+ struct eloop_timeout *tmp;
+
+ tmp = eloop.timeout;
+ while (tmp != NULL) {
+ if (tmp->handler == handler &&
+ tmp->eloop_data == eloop_data &&
+ tmp->user_data == user_data)
+ return 1;
+
+ tmp = tmp->next;
+ }
+
+ return 0;
+}
+
+
/* TODO: replace with suitable signal handler */
#if 0
static void eloop_handle_signal(int sig)
diff --git a/eloop_win.c b/eloop_win.c
index 73f0eafeeb8b..a1ccd94a3d71 100644
--- a/eloop_win.c
+++ b/eloop_win.c
@@ -320,6 +320,25 @@ int eloop_cancel_timeout(eloop_timeout_handler handler,
}
+int eloop_is_timeout_registered(eloop_timeout_handler handler,
+ void *eloop_data, void *user_data)
+{
+ struct eloop_timeout *tmp;
+
+ tmp = eloop.timeout;
+ while (tmp != NULL) {
+ if (tmp->handler == handler &&
+ tmp->eloop_data == eloop_data &&
+ tmp->user_data == user_data)
+ return 1;
+
+ tmp = tmp->next;
+ }
+
+ return 0;
+}
+
+
/* TODO: replace with suitable signal handler */
#if 0
static void eloop_handle_signal(int sig)
diff --git a/main.c b/main.c
index 5fe4e7bdba18..f371561cde66 100644
--- a/main.c
+++ b/main.c
@@ -39,7 +39,7 @@ static void usage(void)
int i;
printf("%s\n\n%s\n"
"usage:\n"
- " wpa_supplicant [-BddhKLqqstuvwW] [-P<pid file>] "
+ " wpa_supplicant [-BddhKLqqtuvwW] [-P<pid file>] "
"[-g<global ctrl>] \\\n"
" -i<ifname> -c<config file> [-C<ctrl>] [-D<driver>] "
"[-p<driver_param>] \\\n"
@@ -77,9 +77,6 @@ static void usage(void)
printf(" -p = driver parameters\n"
" -P = PID file\n"
" -q = decrease debugging verbosity (-qq even less)\n"
-#ifdef CONFIG_DEBUG_SYSLOG
- " -s = log output to syslog instead of stdout\n"
-#endif /* CONFIG_DEBUG_SYSLOG */
#ifdef CONFIG_CTRL_IFACE_DBUS
" -u = enable DBus control interface\n"
#endif /* CONFIG_CTRL_IFACE_DBUS */
@@ -150,7 +147,7 @@ int main(int argc, char *argv[])
wpa_supplicant_fd_workaround();
for (;;) {
- c = getopt(argc, argv, "b:Bc:C:D:df:g:hi:KLNp:P:qstuvwW");
+ c = getopt(argc, argv, "b:Bc:C:D:df:g:hi:KLNp:P:qtuvwW");
if (c < 0)
break;
switch (c) {
@@ -211,11 +208,6 @@ int main(int argc, char *argv[])
case 'q':
params.wpa_debug_level++;
break;
-#ifdef CONFIG_DEBUG_SYSLOG
- case 's':
- params.wpa_debug_syslog++;
- break;
-#endif /* CONFIG_DEBUG_SYSLOG */
case 't':
params.wpa_debug_timestamp++;
break;
diff --git a/mlme.c b/mlme.c
index 92b59598b50e..e618e2abb7bd 100644
--- a/mlme.c
+++ b/mlme.c
@@ -985,8 +985,6 @@ static void ieee80211_send_probe_req(struct wpa_supplicant *wpa_s,
supp_rates[1] = 0;
for (i = 0; i < wpa_s->mlme.num_curr_rates; i++) {
struct wpa_rate_data *rate = &wpa_s->mlme.curr_rates[i];
- if (!(rate->flags & WPA_RATE_SUPPORTED))
- continue;
if (esupp_rates) {
pos = buf + len;
len++;
@@ -996,6 +994,7 @@ static void ieee80211_send_probe_req(struct wpa_supplicant *wpa_s,
esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
esupp_rates[1] = 1;
pos = &esupp_rates[2];
+ len += 3;
} else {
pos = buf + len;
len++;
diff --git a/os_unix.c b/os_unix.c
index 69ba25a3e856..7e3ab4adb4a5 100644
--- a/os_unix.c
+++ b/os_unix.c
@@ -216,7 +216,12 @@ char * os_readfile(const char *name, size_t *len)
return NULL;
}
- fread(buf, 1, *len, f);
+ if (fread(buf, 1, *len, f) != *len) {
+ fclose(f);
+ free(buf);
+ return NULL;
+ }
+
fclose(f);
return buf;
diff --git a/preauth_test.c b/preauth_test.c
index bd31d8b443e9..6758d9e90c2f 100644
--- a/preauth_test.c
+++ b/preauth_test.c
@@ -44,12 +44,6 @@ struct preauth_test_data {
};
-static void _wpa_supplicant_req_scan(void *wpa_s, int sec, int usec)
-{
- wpa_supplicant_req_scan(wpa_s, sec, usec);
-}
-
-
static void _wpa_supplicant_disassociate(void *wpa_s, int reason_code)
{
wpa_supplicant_disassociate(wpa_s, reason_code);
@@ -254,7 +248,6 @@ static void wpa_init_conf(struct wpa_supplicant *wpa_s, const char *ifname)
ctx->ctx = wpa_s;
ctx->set_state = _wpa_supplicant_set_state;
ctx->get_state = _wpa_supplicant_get_state;
- ctx->req_scan = _wpa_supplicant_req_scan;
ctx->deauthenticate = _wpa_supplicant_deauthenticate;
ctx->disassociate = _wpa_supplicant_disassociate;
ctx->set_key = wpa_supplicant_set_key;
diff --git a/radius.c b/radius.c
index 743f3400f1de..afa4f933ee98 100644
--- a/radius.c
+++ b/radius.c
@@ -801,6 +801,7 @@ static u8 * decrypt_ms_key(const u8 *key, size_t len,
ppos = plain = os_malloc(plen);
if (plain == NULL)
return NULL;
+ plain[0] = 0;
while (left > 0) {
/* b(1) = MD5(Secret + Request-Authenticator + Salt)
@@ -825,7 +826,7 @@ static u8 * decrypt_ms_key(const u8 *key, size_t len,
left -= MD5_MAC_LEN;
}
- if (plain[0] > plen - 1) {
+ if (plain[0] == 0 || plain[0] > plen - 1) {
printf("Failed to decrypt MPPE key\n");
os_free(plain);
return NULL;
diff --git a/sha1.c b/sha1.c
index 194db1601d1e..e53c8452ddd8 100644
--- a/sha1.c
+++ b/sha1.c
@@ -265,6 +265,10 @@ int tls_prf(const u8 *secret, size_t secret_len, const char *label,
L_S1 = L_S2 = (secret_len + 1) / 2;
S1 = secret;
S2 = secret + L_S1;
+ if (secret_len & 1) {
+ /* The last byte of S1 will be shared with S2 */
+ S2--;
+ }
hmac_md5_vector(S1, L_S1, 2, &MD5_addr[1], &MD5_len[1], A_MD5);
hmac_sha1_vector(S2, L_S2, 2, &SHA1_addr[1], &SHA1_len[1], A_SHA1);
diff --git a/tls_openssl.c b/tls_openssl.c
index d5aafaaa89d4..cb6b97434e46 100644
--- a/tls_openssl.c
+++ b/tls_openssl.c
@@ -871,6 +871,7 @@ struct tls_connection * tls_connection_init(void *ssl_ctx)
{
SSL_CTX *ssl = ssl_ctx;
struct tls_connection *conn;
+ long options;
conn = os_zalloc(sizeof(*conn));
if (conn == NULL)
@@ -884,9 +885,12 @@ struct tls_connection * tls_connection_init(void *ssl_ctx)
}
SSL_set_app_data(conn->ssl, conn);
- SSL_set_options(conn->ssl,
- SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
- SSL_OP_SINGLE_DH_USE);
+ options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
+ SSL_OP_SINGLE_DH_USE;
+#ifdef SSL_OP_NO_COMPRESSION
+ options |= SSL_OP_NO_COMPRESSION;
+#endif /* SSL_OP_NO_COMPRESSION */
+ SSL_set_options(conn->ssl, options);
conn->ssl_in = BIO_new(BIO_s_mem());
if (!conn->ssl_in) {
diff --git a/version.h b/version.h
index 364d8aea9657..fa00fcca0f7d 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
#ifndef VERSION_H
#define VERSION_H
-#define VERSION_STR "0.5.10"
+#define VERSION_STR "0.5.11"
#endif /* VERSION_H */
diff --git a/wpa.c b/wpa.c
index 5669e6a330e5..7ef746a95acc 100644
--- a/wpa.c
+++ b/wpa.c
@@ -65,8 +65,7 @@ static const u8 WPA_CIPHER_SUITE_WEP104[] = { 0x00, 0x50, 0xf2, 5 };
struct wpa_ie_hdr {
u8 elem_id;
u8 len;
- u8 oui[3];
- u8 oui_type;
+ u8 oui[4]; /* 24-bit OUI followed by 8-bit OUI type */
u8 version[2];
} STRUCT_PACKED;
@@ -1406,7 +1405,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
"caching attempt");
sm->cur_pmksa = NULL;
abort_cached = 1;
- } else {
+ } else if (!abort_cached) {
return -1;
}
}
@@ -1567,7 +1566,6 @@ static void wpa_supplicant_key_neg_complete(struct wpa_sm *sm,
MACSTR " [PTK=%s GTK=%s]", MAC2STR(addr),
wpa_cipher_txt(sm->pairwise_cipher),
wpa_cipher_txt(sm->group_cipher));
- eloop_cancel_timeout(sm->ctx->scan, sm->ctx->ctx, NULL);
wpa_sm_cancel_auth_timeout(sm);
wpa_sm_set_state(sm, WPA_COMPLETED);
@@ -1904,7 +1902,6 @@ static void wpa_report_ie_mismatch(struct wpa_sm *sm,
}
wpa_sm_disassociate(sm, REASON_IE_IN_4WAY_DIFFERS);
- wpa_sm_req_scan(sm, 0, 0);
}
@@ -3798,7 +3795,6 @@ static void wpa_sm_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry,
os_memset(sm->pmk, 0, sizeof(sm->pmk));
wpa_sm_deauthenticate(sm, REASON_UNSPECIFIED);
- wpa_sm_req_scan(sm, 0, 0);
}
}
diff --git a/wpa.h b/wpa.h
index df075c35d101..8a9ae7694ad6 100644
--- a/wpa.h
+++ b/wpa.h
@@ -59,7 +59,6 @@ struct wpa_sm_ctx {
void (*set_state)(void *ctx, wpa_states state);
wpa_states (*get_state)(void *ctx);
- void (*req_scan)(void *ctx, int sec, int usec);
void (*deauthenticate)(void * ctx, int reason_code);
void (*disassociate)(void *ctx, int reason_code);
int (*set_key)(void *ctx, wpa_alg alg,
diff --git a/wpa_cli.c b/wpa_cli.c
index 7176c956af67..6c3a8818245a 100644
--- a/wpa_cli.c
+++ b/wpa_cli.c
@@ -1081,6 +1081,7 @@ static int wpa_cli_exec(const char *program, const char *arg1,
{
char *cmd;
size_t len;
+ int ret = 0;
len = os_strlen(program) + os_strlen(arg1) + os_strlen(arg2) + 3;
cmd = os_malloc(len);
@@ -1089,11 +1090,12 @@ static int wpa_cli_exec(const char *program, const char *arg1,
os_snprintf(cmd, len, "%s %s %s", program, arg1, arg2);
cmd[len - 1] = '\0';
#ifndef _WIN32_WCE
- system(cmd);
+ if (system(cmd) < 0)
+ ret = -1;
#endif /* _WIN32_WCE */
os_free(cmd);
- return 0;
+ return ret;
}
diff --git a/wpa_gui-qt4/networkconfig.cpp b/wpa_gui-qt4/networkconfig.cpp
index 6ea35e0a259a..b8e17ac29403 100644
--- a/wpa_gui-qt4/networkconfig.cpp
+++ b/wpa_gui-qt4/networkconfig.cpp
@@ -12,6 +12,7 @@
* See README and COPYING for more details.
*/
+#include <cstdio>
#include <QMessageBox>
#include "networkconfig.h"
diff --git a/wpa_gui-qt4/scanresults.cpp b/wpa_gui-qt4/scanresults.cpp
index 57cf71637ce9..75d1c5146bfd 100644
--- a/wpa_gui-qt4/scanresults.cpp
+++ b/wpa_gui-qt4/scanresults.cpp
@@ -14,6 +14,8 @@
#include <QTimer>
+#include <cstdio>
+
#include "scanresults.h"
#include "wpagui.h"
#include "networkconfig.h"
diff --git a/wpa_gui-qt4/wpagui.cpp b/wpa_gui-qt4/wpagui.cpp
index 31cb38c4c0fd..798786b68645 100644
--- a/wpa_gui-qt4/wpagui.cpp
+++ b/wpa_gui-qt4/wpagui.cpp
@@ -17,6 +17,7 @@
#include <unistd.h>
#endif
+#include <cstdio>
#include <QMessageBox>
#include "wpagui.h"
diff --git a/wpa_gui/networkconfig.ui.h b/wpa_gui/networkconfig.ui.h
index a3cd733d06c2..22afed9b316c 100644
--- a/wpa_gui/networkconfig.ui.h
+++ b/wpa_gui/networkconfig.ui.h
@@ -10,6 +10,7 @@
** destructor.
*****************************************************************************/
+#include <stdlib.h>
enum {
AUTH_NONE = 0,
diff --git a/wpa_gui/userdatarequest.ui.h b/wpa_gui/userdatarequest.ui.h
index 4b47ccdbad0d..66d4478d23e2 100644
--- a/wpa_gui/userdatarequest.ui.h
+++ b/wpa_gui/userdatarequest.ui.h
@@ -10,6 +10,8 @@
** destructor.
*****************************************************************************/
+#include <stdlib.h>
+
int UserDataRequest::setParams(WpaGui *_wpagui, const char *reqMsg)
{
char *tmp, *pos, *pos2;
diff --git a/wpa_gui/wpagui.ui.h b/wpa_gui/wpagui.ui.h
index 6db886243fa6..3f86c169a73f 100644
--- a/wpa_gui/wpagui.ui.h
+++ b/wpa_gui/wpagui.ui.h
@@ -16,6 +16,7 @@
#include <unistd.h>
#endif
+#include <stdlib.h>
void WpaGui::init()
{
diff --git a/wpa_i.h b/wpa_i.h
index b5adb5e2c0d7..d1cab4bbf945 100644
--- a/wpa_i.h
+++ b/wpa_i.h
@@ -146,11 +146,6 @@ static inline wpa_states wpa_sm_get_state(struct wpa_sm *sm)
return sm->ctx->get_state(sm->ctx->ctx);
}
-static inline void wpa_sm_req_scan(struct wpa_sm *sm, int sec, int usec)
-{
- sm->ctx->req_scan(sm->ctx->ctx, sec, usec);
-}
-
static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code)
{
sm->ctx->deauthenticate(sm->ctx->ctx, reason_code);
diff --git a/wpa_supplicant.c b/wpa_supplicant.c
index b7d3066d63fc..94a5c8adeec9 100644
--- a/wpa_supplicant.c
+++ b/wpa_supplicant.c
@@ -362,7 +362,6 @@ static void wpa_supplicant_notify_eapol_done(void *ctx)
if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X) {
wpa_supplicant_set_state(wpa_s, WPA_4WAY_HANDSHAKE);
} else {
- eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
wpa_supplicant_cancel_auth_timeout(wpa_s);
wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
}
@@ -490,6 +489,28 @@ void wpa_blacklist_clear(struct wpa_supplicant *wpa_s)
*/
void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
{
+ /* If there's at least one network that should be specifically scanned
+ * then don't cancel the scan and reschedule. Some drivers do
+ * background scanning which generates frequent scan results, and that
+ * causes the specific SSID scan to get continually pushed back and
+ * never happen, which causes hidden APs to never get probe-scanned.
+ */
+ if (eloop_is_timeout_registered(wpa_supplicant_scan, wpa_s, NULL) &&
+ wpa_s->conf->ap_scan == 1) {
+ struct wpa_ssid *ssid = wpa_s->conf->ssid;
+
+ while (ssid) {
+ if (!ssid->disabled && ssid->scan_ssid)
+ break;
+ ssid = ssid->next;
+ }
+ if (ssid) {
+ wpa_msg(wpa_s, MSG_DEBUG, "Not rescheduling scan to "
+ "ensure that specific SSID scans occur");
+ return;
+ }
+ }
+
wpa_msg(wpa_s, MSG_DEBUG, "Setting scan request: %d sec %d usec",
sec, usec);
eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
@@ -1049,6 +1070,7 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
if (wpa_s->scan_res_tried == 0 && wpa_s->conf->ap_scan == 1) {
wpa_s->scan_res_tried++;
+ wpa_s->scan_req = scan_req;
wpa_printf(MSG_DEBUG, "Trying to get current scan results "
"first without requesting a new scan to speed up "
"initial association");
@@ -1519,13 +1541,15 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
} else {
/* Timeout for IEEE 802.11 authentication and association */
- int timeout;
- if (assoc_failed)
- timeout = 5;
- else if (wpa_s->conf->ap_scan == 1)
- timeout = 10;
- else
- timeout = 60;
+ int timeout = 60;
+
+ if (assoc_failed) {
+ /* give IBSS a bit more time */
+ timeout = ssid->mode ? 10 : 5;
+ } else if (wpa_s->conf->ap_scan == 1) {
+ /* give IBSS a bit more time */
+ timeout = ssid->mode ? 20 : 10;
+ }
wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
}
@@ -1795,12 +1819,6 @@ static int _wpa_ether_send(void *wpa_s, const u8 *dest, u16 proto,
}
-static void _wpa_supplicant_req_scan(void *wpa_s, int sec, int usec)
-{
- wpa_supplicant_req_scan(wpa_s, sec, usec);
-}
-
-
static void _wpa_supplicant_cancel_auth_timeout(void *wpa_s)
{
wpa_supplicant_cancel_auth_timeout(wpa_s);
@@ -1822,12 +1840,16 @@ static wpa_states _wpa_supplicant_get_state(void *wpa_s)
static void _wpa_supplicant_disassociate(void *wpa_s, int reason_code)
{
wpa_supplicant_disassociate(wpa_s, reason_code);
+ /* Schedule a scan to make sure we continue looking for networks */
+ wpa_supplicant_req_scan(wpa_s, 0, 0);
}
static void _wpa_supplicant_deauthenticate(void *wpa_s, int reason_code)
{
wpa_supplicant_deauthenticate(wpa_s, reason_code);
+ /* Schedule a scan to make sure we continue looking for networks */
+ wpa_supplicant_req_scan(wpa_s, 0, 0);
}
@@ -2205,7 +2227,6 @@ static int wpa_supplicant_init_wpa(struct wpa_supplicant *wpa_s)
ctx->ctx = wpa_s;
ctx->set_state = _wpa_supplicant_set_state;
ctx->get_state = _wpa_supplicant_get_state;
- ctx->req_scan = _wpa_supplicant_req_scan;
ctx->deauthenticate = _wpa_supplicant_deauthenticate;
ctx->disassociate = _wpa_supplicant_disassociate;
ctx->set_key = wpa_supplicant_set_key;
@@ -2488,8 +2509,6 @@ struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
return NULL;
wpa_debug_open_file(params->wpa_debug_file_path);
- if (params->wpa_debug_syslog)
- wpa_debug_open_syslog();
ret = eap_peer_register_methods();
if (ret) {
@@ -2614,6 +2633,5 @@ void wpa_supplicant_deinit(struct wpa_global *global)
os_free(global->params.ctrl_interface);
os_free(global);
- wpa_debug_close_syslog();
wpa_debug_close_file();
}
diff --git a/wpa_supplicant_i.h b/wpa_supplicant_i.h
index 95d171c0a23f..0d6f24a938df 100644
--- a/wpa_supplicant_i.h
+++ b/wpa_supplicant_i.h
@@ -161,11 +161,6 @@ struct wpa_params {
* wpa_debug_file_path - Path of debug file or %NULL to use stdout
*/
const char *wpa_debug_file_path;
-
- /**
- * wpa_debug_syslog - Enable log output through syslog
- */
- const char *wpa_debug_syslog;
};
/**