From owner-svn-src-vendor@FreeBSD.ORG Sat Apr 18 05:04:15 2015 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BFA65A69; Sat, 18 Apr 2015 05:04:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A90B1801; Sat, 18 Apr 2015 05:04:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3I54FCg009166; Sat, 18 Apr 2015 05:04:15 GMT (envelope-from rpaulo@FreeBSD.org) Received: (from rpaulo@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3I54Dee009139; Sat, 18 Apr 2015 05:04:13 GMT (envelope-from rpaulo@FreeBSD.org) Message-Id: <201504180504.t3I54Dee009139@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: rpaulo set sender to rpaulo@FreeBSD.org using -f From: Rui Paulo Date: Sat, 18 Apr 2015 05:04:13 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r281681 - in vendor/wpa/dist: . hostapd hs20 hs20/client patches src src/ap src/common src/crypto src/drivers src/eap_common src/eap_peer src/eap_server src/eapol_auth src/eapol_supp sr... X-SVN-Group: vendor MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Apr 2015 05:04:15 -0000 Author: rpaulo Date: Sat Apr 18 05:04:12 2015 New Revision: 281681 URL: https://svnweb.freebsd.org/changeset/base/281681 Log: Vendor import of wpa_supplicant/hostapd 2.4. Major changes are: SAE, Suite B, RFC 7268, EAP-PKE, ACS, and tons of bug fixes. Added: vendor/wpa/dist/CONTRIBUTIONS vendor/wpa/dist/hostapd/hapd_module_tests.c (contents, props changed) vendor/wpa/dist/hostapd/wps-ap-nfc.py (contents, props changed) vendor/wpa/dist/hs20/ vendor/wpa/dist/hs20/client/ vendor/wpa/dist/hs20/client/Android.mk (contents, props changed) vendor/wpa/dist/hs20/client/Makefile (contents, props changed) vendor/wpa/dist/hs20/client/devdetail.xml (contents, props changed) vendor/wpa/dist/hs20/client/devinfo.xml (contents, props changed) vendor/wpa/dist/hs20/client/est.c (contents, props changed) vendor/wpa/dist/hs20/client/oma_dm_client.c (contents, props changed) vendor/wpa/dist/hs20/client/osu_client.c (contents, props changed) vendor/wpa/dist/hs20/client/osu_client.h (contents, props changed) vendor/wpa/dist/hs20/client/spp_client.c (contents, props changed) vendor/wpa/dist/patches/openssl-0.9.8za-tls-extensions.patch vendor/wpa/dist/src/ap/acs.c (contents, props changed) vendor/wpa/dist/src/ap/acs.h (contents, props changed) vendor/wpa/dist/src/ap/bss_load.c (contents, props changed) vendor/wpa/dist/src/ap/bss_load.h (contents, props changed) vendor/wpa/dist/src/ap/dfs.c (contents, props changed) vendor/wpa/dist/src/ap/dfs.h (contents, props changed) vendor/wpa/dist/src/ap/dhcp_snoop.c (contents, props changed) vendor/wpa/dist/src/ap/dhcp_snoop.h (contents, props changed) vendor/wpa/dist/src/ap/ndisc_snoop.c (contents, props changed) vendor/wpa/dist/src/ap/ndisc_snoop.h (contents, props changed) vendor/wpa/dist/src/ap/x_snoop.c (contents, props changed) vendor/wpa/dist/src/ap/x_snoop.h (contents, props changed) vendor/wpa/dist/src/common/common_module_tests.c (contents, props changed) vendor/wpa/dist/src/common/hw_features_common.c (contents, props changed) vendor/wpa/dist/src/common/hw_features_common.h (contents, props changed) vendor/wpa/dist/src/common/ieee802_1x_defs.h (contents, props changed) vendor/wpa/dist/src/common/qca-vendor-attr.h (contents, props changed) vendor/wpa/dist/src/common/qca-vendor.h (contents, props changed) vendor/wpa/dist/src/common/sae.c (contents, props changed) vendor/wpa/dist/src/common/sae.h (contents, props changed) vendor/wpa/dist/src/common/tnc.h (contents, props changed) vendor/wpa/dist/src/common/wpa_helpers.c (contents, props changed) vendor/wpa/dist/src/common/wpa_helpers.h (contents, props changed) vendor/wpa/dist/src/crypto/aes-siv.c (contents, props changed) vendor/wpa/dist/src/crypto/aes_siv.h (contents, props changed) vendor/wpa/dist/src/crypto/crypto_module_tests.c (contents, props changed) vendor/wpa/dist/src/crypto/sha256-kdf.c (contents, props changed) vendor/wpa/dist/src/crypto/sha384.h (contents, props changed) vendor/wpa/dist/src/drivers/driver_macsec_qca.c (contents, props changed) vendor/wpa/dist/src/drivers/driver_nl80211.h (contents, props changed) vendor/wpa/dist/src/drivers/driver_nl80211_android.c (contents, props changed) vendor/wpa/dist/src/drivers/driver_nl80211_capa.c (contents, props changed) vendor/wpa/dist/src/drivers/driver_nl80211_event.c (contents, props changed) vendor/wpa/dist/src/drivers/driver_nl80211_monitor.c (contents, props changed) vendor/wpa/dist/src/drivers/driver_nl80211_scan.c (contents, props changed) vendor/wpa/dist/src/drivers/driver_openbsd.c (contents, props changed) vendor/wpa/dist/src/drivers/linux_defines.h (contents, props changed) vendor/wpa/dist/src/eap_common/eap_eke_common.c (contents, props changed) vendor/wpa/dist/src/eap_common/eap_eke_common.h (contents, props changed) vendor/wpa/dist/src/eap_peer/eap_eke.c (contents, props changed) vendor/wpa/dist/src/eap_peer/eap_proxy.h (contents, props changed) vendor/wpa/dist/src/eap_peer/eap_proxy_dummy.c (contents, props changed) vendor/wpa/dist/src/eap_server/eap_server_eke.c (contents, props changed) vendor/wpa/dist/src/pae/ vendor/wpa/dist/src/pae/Makefile (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_cp.c (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_cp.h (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_kay.c (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_kay.h (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_kay_i.h (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_key.c (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_key.h (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_secy_ops.c (contents, props changed) vendor/wpa/dist/src/pae/ieee802_1x_secy_ops.h (contents, props changed) vendor/wpa/dist/src/utils/bitfield.c (contents, props changed) vendor/wpa/dist/src/utils/bitfield.h (contents, props changed) vendor/wpa/dist/src/utils/browser-android.c (contents, props changed) vendor/wpa/dist/src/utils/browser-system.c (contents, props changed) vendor/wpa/dist/src/utils/browser-wpadebug.c (contents, props changed) vendor/wpa/dist/src/utils/browser.c (contents, props changed) vendor/wpa/dist/src/utils/browser.h (contents, props changed) vendor/wpa/dist/src/utils/http-utils.h (contents, props changed) vendor/wpa/dist/src/utils/http_curl.c (contents, props changed) vendor/wpa/dist/src/utils/platform.h (contents, props changed) vendor/wpa/dist/src/utils/utils_module_tests.c (contents, props changed) vendor/wpa/dist/src/utils/xml-utils.c (contents, props changed) vendor/wpa/dist/src/utils/xml-utils.h (contents, props changed) vendor/wpa/dist/src/utils/xml_libxml2.c (contents, props changed) vendor/wpa/dist/src/wps/wps_module_tests.c (contents, props changed) vendor/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.8 (contents, props changed) vendor/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.sgml (contents, props changed) vendor/wpa/dist/wpa_supplicant/eap_proxy_dummy.mak vendor/wpa/dist/wpa_supplicant/eap_proxy_dummy.mk (contents, props changed) vendor/wpa/dist/wpa_supplicant/examples/p2p-nfc.py (contents, props changed) vendor/wpa/dist/wpa_supplicant/mesh.c (contents, props changed) vendor/wpa/dist/wpa_supplicant/mesh.h (contents, props changed) vendor/wpa/dist/wpa_supplicant/mesh_mpm.c (contents, props changed) vendor/wpa/dist/wpa_supplicant/mesh_mpm.h (contents, props changed) vendor/wpa/dist/wpa_supplicant/mesh_rsn.c (contents, props changed) vendor/wpa/dist/wpa_supplicant/mesh_rsn.h (contents, props changed) vendor/wpa/dist/wpa_supplicant/wmm_ac.c (contents, props changed) vendor/wpa/dist/wpa_supplicant/wmm_ac.h (contents, props changed) vendor/wpa/dist/wpa_supplicant/wpas_kay.c (contents, props changed) vendor/wpa/dist/wpa_supplicant/wpas_kay.h (contents, props changed) vendor/wpa/dist/wpa_supplicant/wpas_module_tests.c (contents, props changed) Deleted: vendor/wpa/dist/hostapd/dump_state.c vendor/wpa/dist/hostapd/dump_state.h vendor/wpa/dist/patches/openssl-0.9.8-tls-extensions.patch vendor/wpa/dist/patches/openssl-0.9.8d-tls-extensions.patch vendor/wpa/dist/patches/openssl-0.9.8e-tls-extensions.patch vendor/wpa/dist/patches/openssl-0.9.8g-tls-extensions.patch vendor/wpa/dist/patches/openssl-0.9.8h-tls-extensions.patch vendor/wpa/dist/patches/openssl-0.9.8i-tls-extensions.patch vendor/wpa/dist/patches/openssl-0.9.8x-tls-extensions.patch vendor/wpa/dist/patches/openssl-0.9.9-session-ticket.patch vendor/wpa/dist/src/crypto/crypto_nss.c vendor/wpa/dist/src/crypto/fips_prf_cryptoapi.c vendor/wpa/dist/src/crypto/fips_prf_gnutls.c vendor/wpa/dist/src/crypto/fips_prf_nss.c vendor/wpa/dist/src/crypto/tls_nss.c vendor/wpa/dist/src/drivers/driver_madwifi.c vendor/wpa/dist/src/drivers/driver_test.c vendor/wpa/dist/src/utils/eloop_none.c Modified: vendor/wpa/dist/COPYING vendor/wpa/dist/README vendor/wpa/dist/hostapd/ChangeLog vendor/wpa/dist/hostapd/Makefile vendor/wpa/dist/hostapd/README vendor/wpa/dist/hostapd/README-WPS vendor/wpa/dist/hostapd/config_file.c vendor/wpa/dist/hostapd/ctrl_iface.c vendor/wpa/dist/hostapd/defconfig vendor/wpa/dist/hostapd/eap_register.c vendor/wpa/dist/hostapd/hlr_auc_gw.c vendor/wpa/dist/hostapd/hostapd.8 vendor/wpa/dist/hostapd/hostapd.conf vendor/wpa/dist/hostapd/hostapd.eap_user vendor/wpa/dist/hostapd/hostapd.eap_user_sqlite vendor/wpa/dist/hostapd/hostapd_cli.c vendor/wpa/dist/hostapd/main.c vendor/wpa/dist/src/Makefile vendor/wpa/dist/src/ap/Makefile vendor/wpa/dist/src/ap/accounting.c vendor/wpa/dist/src/ap/ap_config.c vendor/wpa/dist/src/ap/ap_config.h vendor/wpa/dist/src/ap/ap_drv_ops.c vendor/wpa/dist/src/ap/ap_drv_ops.h vendor/wpa/dist/src/ap/ap_list.c vendor/wpa/dist/src/ap/ap_list.h vendor/wpa/dist/src/ap/ap_mlme.c vendor/wpa/dist/src/ap/authsrv.c vendor/wpa/dist/src/ap/beacon.c vendor/wpa/dist/src/ap/beacon.h vendor/wpa/dist/src/ap/ctrl_iface_ap.c vendor/wpa/dist/src/ap/ctrl_iface_ap.h vendor/wpa/dist/src/ap/drv_callbacks.c vendor/wpa/dist/src/ap/eap_user_db.c vendor/wpa/dist/src/ap/gas_serv.c vendor/wpa/dist/src/ap/gas_serv.h vendor/wpa/dist/src/ap/hostapd.c vendor/wpa/dist/src/ap/hostapd.h vendor/wpa/dist/src/ap/hs20.c vendor/wpa/dist/src/ap/hs20.h vendor/wpa/dist/src/ap/hw_features.c vendor/wpa/dist/src/ap/hw_features.h vendor/wpa/dist/src/ap/iapp.c vendor/wpa/dist/src/ap/ieee802_11.c vendor/wpa/dist/src/ap/ieee802_11.h vendor/wpa/dist/src/ap/ieee802_11_auth.c vendor/wpa/dist/src/ap/ieee802_11_ht.c vendor/wpa/dist/src/ap/ieee802_11_shared.c vendor/wpa/dist/src/ap/ieee802_11_vht.c vendor/wpa/dist/src/ap/ieee802_1x.c vendor/wpa/dist/src/ap/ieee802_1x.h vendor/wpa/dist/src/ap/p2p_hostapd.c vendor/wpa/dist/src/ap/peerkey_auth.c vendor/wpa/dist/src/ap/pmksa_cache_auth.c vendor/wpa/dist/src/ap/pmksa_cache_auth.h vendor/wpa/dist/src/ap/sta_info.c vendor/wpa/dist/src/ap/sta_info.h vendor/wpa/dist/src/ap/tkip_countermeasures.c vendor/wpa/dist/src/ap/vlan_init.c vendor/wpa/dist/src/ap/vlan_init.h vendor/wpa/dist/src/ap/wmm.c vendor/wpa/dist/src/ap/wmm.h vendor/wpa/dist/src/ap/wnm_ap.c vendor/wpa/dist/src/ap/wnm_ap.h vendor/wpa/dist/src/ap/wpa_auth.c vendor/wpa/dist/src/ap/wpa_auth.h vendor/wpa/dist/src/ap/wpa_auth_ft.c vendor/wpa/dist/src/ap/wpa_auth_glue.c vendor/wpa/dist/src/ap/wpa_auth_i.h vendor/wpa/dist/src/ap/wpa_auth_ie.c vendor/wpa/dist/src/ap/wpa_auth_ie.h vendor/wpa/dist/src/ap/wps_hostapd.c vendor/wpa/dist/src/ap/wps_hostapd.h vendor/wpa/dist/src/common/Makefile vendor/wpa/dist/src/common/defs.h vendor/wpa/dist/src/common/eapol_common.h vendor/wpa/dist/src/common/ieee802_11_common.c vendor/wpa/dist/src/common/ieee802_11_common.h vendor/wpa/dist/src/common/ieee802_11_defs.h vendor/wpa/dist/src/common/privsep_commands.h vendor/wpa/dist/src/common/version.h vendor/wpa/dist/src/common/wpa_common.c vendor/wpa/dist/src/common/wpa_common.h vendor/wpa/dist/src/common/wpa_ctrl.c vendor/wpa/dist/src/common/wpa_ctrl.h vendor/wpa/dist/src/crypto/Makefile vendor/wpa/dist/src/crypto/aes-ccm.c vendor/wpa/dist/src/crypto/aes-eax.c vendor/wpa/dist/src/crypto/aes-gcm.c vendor/wpa/dist/src/crypto/aes-omac1.c vendor/wpa/dist/src/crypto/aes-unwrap.c vendor/wpa/dist/src/crypto/aes-wrap.c vendor/wpa/dist/src/crypto/aes_wrap.h vendor/wpa/dist/src/crypto/crypto.h vendor/wpa/dist/src/crypto/crypto_internal-rsa.c vendor/wpa/dist/src/crypto/crypto_openssl.c vendor/wpa/dist/src/crypto/dh_groups.c vendor/wpa/dist/src/crypto/dh_groups.h vendor/wpa/dist/src/crypto/md5.c vendor/wpa/dist/src/crypto/milenage.c vendor/wpa/dist/src/crypto/ms_funcs.c vendor/wpa/dist/src/crypto/random.c vendor/wpa/dist/src/crypto/sha1-internal.c vendor/wpa/dist/src/crypto/sha1-prf.c vendor/wpa/dist/src/crypto/sha1.c vendor/wpa/dist/src/crypto/sha256-prf.c vendor/wpa/dist/src/crypto/sha256.h vendor/wpa/dist/src/crypto/tls.h vendor/wpa/dist/src/crypto/tls_gnutls.c vendor/wpa/dist/src/crypto/tls_internal.c vendor/wpa/dist/src/crypto/tls_none.c vendor/wpa/dist/src/crypto/tls_openssl.c vendor/wpa/dist/src/crypto/tls_schannel.c vendor/wpa/dist/src/drivers/Makefile vendor/wpa/dist/src/drivers/android_drv.h vendor/wpa/dist/src/drivers/driver.h vendor/wpa/dist/src/drivers/driver_atheros.c vendor/wpa/dist/src/drivers/driver_bsd.c vendor/wpa/dist/src/drivers/driver_common.c vendor/wpa/dist/src/drivers/driver_hostap.c vendor/wpa/dist/src/drivers/driver_ndis.c vendor/wpa/dist/src/drivers/driver_nl80211.c vendor/wpa/dist/src/drivers/driver_none.c vendor/wpa/dist/src/drivers/driver_privsep.c vendor/wpa/dist/src/drivers/driver_roboswitch.c vendor/wpa/dist/src/drivers/driver_wext.c vendor/wpa/dist/src/drivers/driver_wext.h vendor/wpa/dist/src/drivers/driver_wired.c vendor/wpa/dist/src/drivers/drivers.c vendor/wpa/dist/src/drivers/drivers.mak vendor/wpa/dist/src/drivers/drivers.mk vendor/wpa/dist/src/drivers/linux_ioctl.c vendor/wpa/dist/src/drivers/linux_wext.h vendor/wpa/dist/src/drivers/netlink.c vendor/wpa/dist/src/drivers/nl80211_copy.h vendor/wpa/dist/src/drivers/priv_netlink.h vendor/wpa/dist/src/eap_common/Makefile vendor/wpa/dist/src/eap_common/eap_common.c vendor/wpa/dist/src/eap_common/eap_common.h vendor/wpa/dist/src/eap_common/eap_defs.h vendor/wpa/dist/src/eap_common/eap_fast_common.c vendor/wpa/dist/src/eap_common/eap_fast_common.h vendor/wpa/dist/src/eap_common/eap_gpsk_common.c vendor/wpa/dist/src/eap_common/eap_gpsk_common.h vendor/wpa/dist/src/eap_common/eap_ikev2_common.c vendor/wpa/dist/src/eap_common/eap_ikev2_common.h vendor/wpa/dist/src/eap_common/eap_pax_common.c vendor/wpa/dist/src/eap_common/eap_pax_common.h vendor/wpa/dist/src/eap_common/eap_pwd_common.c vendor/wpa/dist/src/eap_common/eap_pwd_common.h vendor/wpa/dist/src/eap_common/eap_sim_common.c vendor/wpa/dist/src/eap_common/eap_sim_common.h vendor/wpa/dist/src/eap_common/ikev2_common.c vendor/wpa/dist/src/eap_common/ikev2_common.h vendor/wpa/dist/src/eap_peer/Makefile vendor/wpa/dist/src/eap_peer/eap.c vendor/wpa/dist/src/eap_peer/eap.h vendor/wpa/dist/src/eap_peer/eap_aka.c vendor/wpa/dist/src/eap_peer/eap_config.h vendor/wpa/dist/src/eap_peer/eap_fast.c vendor/wpa/dist/src/eap_peer/eap_fast_pac.c vendor/wpa/dist/src/eap_peer/eap_gpsk.c vendor/wpa/dist/src/eap_peer/eap_i.h vendor/wpa/dist/src/eap_peer/eap_ikev2.c vendor/wpa/dist/src/eap_peer/eap_leap.c vendor/wpa/dist/src/eap_peer/eap_methods.c vendor/wpa/dist/src/eap_peer/eap_methods.h vendor/wpa/dist/src/eap_peer/eap_mschapv2.c vendor/wpa/dist/src/eap_peer/eap_pax.c vendor/wpa/dist/src/eap_peer/eap_peap.c vendor/wpa/dist/src/eap_peer/eap_psk.c vendor/wpa/dist/src/eap_peer/eap_pwd.c vendor/wpa/dist/src/eap_peer/eap_sake.c vendor/wpa/dist/src/eap_peer/eap_sim.c vendor/wpa/dist/src/eap_peer/eap_tls.c vendor/wpa/dist/src/eap_peer/eap_tls_common.c vendor/wpa/dist/src/eap_peer/eap_tls_common.h vendor/wpa/dist/src/eap_peer/eap_tnc.c vendor/wpa/dist/src/eap_peer/eap_ttls.c vendor/wpa/dist/src/eap_peer/eap_vendor_test.c vendor/wpa/dist/src/eap_peer/eap_wsc.c vendor/wpa/dist/src/eap_peer/ikev2.c vendor/wpa/dist/src/eap_peer/mschapv2.c vendor/wpa/dist/src/eap_peer/tncc.c vendor/wpa/dist/src/eap_server/Makefile vendor/wpa/dist/src/eap_server/eap.h vendor/wpa/dist/src/eap_server/eap_i.h vendor/wpa/dist/src/eap_server/eap_methods.h vendor/wpa/dist/src/eap_server/eap_server.c vendor/wpa/dist/src/eap_server/eap_server_aka.c vendor/wpa/dist/src/eap_server/eap_server_fast.c vendor/wpa/dist/src/eap_server/eap_server_gpsk.c vendor/wpa/dist/src/eap_server/eap_server_gtc.c vendor/wpa/dist/src/eap_server/eap_server_identity.c vendor/wpa/dist/src/eap_server/eap_server_ikev2.c vendor/wpa/dist/src/eap_server/eap_server_md5.c vendor/wpa/dist/src/eap_server/eap_server_methods.c vendor/wpa/dist/src/eap_server/eap_server_mschapv2.c vendor/wpa/dist/src/eap_server/eap_server_pax.c vendor/wpa/dist/src/eap_server/eap_server_peap.c vendor/wpa/dist/src/eap_server/eap_server_psk.c vendor/wpa/dist/src/eap_server/eap_server_pwd.c vendor/wpa/dist/src/eap_server/eap_server_sake.c vendor/wpa/dist/src/eap_server/eap_server_sim.c vendor/wpa/dist/src/eap_server/eap_server_tls.c vendor/wpa/dist/src/eap_server/eap_server_tls_common.c vendor/wpa/dist/src/eap_server/eap_server_tnc.c vendor/wpa/dist/src/eap_server/eap_server_ttls.c vendor/wpa/dist/src/eap_server/eap_server_wsc.c vendor/wpa/dist/src/eap_server/eap_sim_db.c vendor/wpa/dist/src/eap_server/eap_tls_common.h vendor/wpa/dist/src/eap_server/ikev2.c vendor/wpa/dist/src/eap_server/tncs.c vendor/wpa/dist/src/eapol_auth/Makefile vendor/wpa/dist/src/eapol_auth/eapol_auth_dump.c vendor/wpa/dist/src/eapol_auth/eapol_auth_sm.c vendor/wpa/dist/src/eapol_auth/eapol_auth_sm.h vendor/wpa/dist/src/eapol_auth/eapol_auth_sm_i.h vendor/wpa/dist/src/eapol_supp/Makefile vendor/wpa/dist/src/eapol_supp/eapol_supp_sm.c vendor/wpa/dist/src/eapol_supp/eapol_supp_sm.h vendor/wpa/dist/src/l2_packet/Makefile vendor/wpa/dist/src/l2_packet/l2_packet.h vendor/wpa/dist/src/l2_packet/l2_packet_freebsd.c vendor/wpa/dist/src/l2_packet/l2_packet_linux.c vendor/wpa/dist/src/l2_packet/l2_packet_ndis.c vendor/wpa/dist/src/l2_packet/l2_packet_none.c vendor/wpa/dist/src/l2_packet/l2_packet_pcap.c vendor/wpa/dist/src/l2_packet/l2_packet_privsep.c vendor/wpa/dist/src/l2_packet/l2_packet_winpcap.c vendor/wpa/dist/src/lib.rules vendor/wpa/dist/src/p2p/Makefile vendor/wpa/dist/src/p2p/p2p.c vendor/wpa/dist/src/p2p/p2p.h vendor/wpa/dist/src/p2p/p2p_build.c vendor/wpa/dist/src/p2p/p2p_dev_disc.c vendor/wpa/dist/src/p2p/p2p_go_neg.c vendor/wpa/dist/src/p2p/p2p_group.c vendor/wpa/dist/src/p2p/p2p_i.h vendor/wpa/dist/src/p2p/p2p_invitation.c vendor/wpa/dist/src/p2p/p2p_parse.c vendor/wpa/dist/src/p2p/p2p_pd.c vendor/wpa/dist/src/p2p/p2p_sd.c vendor/wpa/dist/src/p2p/p2p_utils.c vendor/wpa/dist/src/radius/Makefile vendor/wpa/dist/src/radius/radius.c vendor/wpa/dist/src/radius/radius.h vendor/wpa/dist/src/radius/radius_client.c vendor/wpa/dist/src/radius/radius_das.c vendor/wpa/dist/src/radius/radius_das.h vendor/wpa/dist/src/radius/radius_server.c vendor/wpa/dist/src/radius/radius_server.h vendor/wpa/dist/src/rsn_supp/Makefile vendor/wpa/dist/src/rsn_supp/peerkey.c vendor/wpa/dist/src/rsn_supp/peerkey.h vendor/wpa/dist/src/rsn_supp/pmksa_cache.c vendor/wpa/dist/src/rsn_supp/pmksa_cache.h vendor/wpa/dist/src/rsn_supp/preauth.c vendor/wpa/dist/src/rsn_supp/preauth.h vendor/wpa/dist/src/rsn_supp/tdls.c vendor/wpa/dist/src/rsn_supp/wpa.c vendor/wpa/dist/src/rsn_supp/wpa.h vendor/wpa/dist/src/rsn_supp/wpa_ft.c vendor/wpa/dist/src/rsn_supp/wpa_i.h vendor/wpa/dist/src/rsn_supp/wpa_ie.c vendor/wpa/dist/src/rsn_supp/wpa_ie.h vendor/wpa/dist/src/tls/asn1.c vendor/wpa/dist/src/tls/asn1.h vendor/wpa/dist/src/tls/libtommath.c vendor/wpa/dist/src/tls/pkcs1.c vendor/wpa/dist/src/tls/pkcs1.h vendor/wpa/dist/src/tls/rsa.c vendor/wpa/dist/src/tls/rsa.h vendor/wpa/dist/src/tls/tlsv1_client.c vendor/wpa/dist/src/tls/tlsv1_client_read.c vendor/wpa/dist/src/tls/tlsv1_client_write.c vendor/wpa/dist/src/tls/tlsv1_common.c vendor/wpa/dist/src/tls/tlsv1_common.h vendor/wpa/dist/src/tls/tlsv1_record.c vendor/wpa/dist/src/tls/tlsv1_server.c vendor/wpa/dist/src/tls/tlsv1_server.h vendor/wpa/dist/src/tls/tlsv1_server_i.h vendor/wpa/dist/src/tls/tlsv1_server_read.c vendor/wpa/dist/src/tls/tlsv1_server_write.c vendor/wpa/dist/src/tls/x509v3.c vendor/wpa/dist/src/utils/Makefile vendor/wpa/dist/src/utils/base64.c vendor/wpa/dist/src/utils/build_config.h vendor/wpa/dist/src/utils/common.c vendor/wpa/dist/src/utils/common.h vendor/wpa/dist/src/utils/edit.c vendor/wpa/dist/src/utils/edit_readline.c vendor/wpa/dist/src/utils/edit_simple.c vendor/wpa/dist/src/utils/eloop.c vendor/wpa/dist/src/utils/eloop.h vendor/wpa/dist/src/utils/eloop_win.c vendor/wpa/dist/src/utils/ext_password_test.c vendor/wpa/dist/src/utils/ip_addr.c vendor/wpa/dist/src/utils/ip_addr.h vendor/wpa/dist/src/utils/list.h vendor/wpa/dist/src/utils/os.h vendor/wpa/dist/src/utils/os_internal.c vendor/wpa/dist/src/utils/os_none.c vendor/wpa/dist/src/utils/os_unix.c vendor/wpa/dist/src/utils/os_win32.c vendor/wpa/dist/src/utils/pcsc_funcs.c vendor/wpa/dist/src/utils/pcsc_funcs.h vendor/wpa/dist/src/utils/radiotap.c vendor/wpa/dist/src/utils/radiotap.h vendor/wpa/dist/src/utils/radiotap_iter.h vendor/wpa/dist/src/utils/trace.c vendor/wpa/dist/src/utils/trace.h vendor/wpa/dist/src/utils/uuid.c vendor/wpa/dist/src/utils/wpa_debug.c vendor/wpa/dist/src/utils/wpa_debug.h vendor/wpa/dist/src/utils/wpabuf.c vendor/wpa/dist/src/utils/wpabuf.h vendor/wpa/dist/src/wps/Makefile vendor/wpa/dist/src/wps/http_client.c vendor/wpa/dist/src/wps/http_server.c vendor/wpa/dist/src/wps/httpread.c vendor/wpa/dist/src/wps/ndef.c vendor/wpa/dist/src/wps/wps.c vendor/wpa/dist/src/wps/wps.h vendor/wpa/dist/src/wps/wps_attr_build.c vendor/wpa/dist/src/wps/wps_attr_parse.c vendor/wpa/dist/src/wps/wps_attr_parse.h vendor/wpa/dist/src/wps/wps_attr_process.c vendor/wpa/dist/src/wps/wps_common.c vendor/wpa/dist/src/wps/wps_defs.h vendor/wpa/dist/src/wps/wps_dev_attr.c vendor/wpa/dist/src/wps/wps_dev_attr.h vendor/wpa/dist/src/wps/wps_enrollee.c vendor/wpa/dist/src/wps/wps_er.c vendor/wpa/dist/src/wps/wps_er.h vendor/wpa/dist/src/wps/wps_er_ssdp.c vendor/wpa/dist/src/wps/wps_i.h vendor/wpa/dist/src/wps/wps_registrar.c vendor/wpa/dist/src/wps/wps_upnp.c vendor/wpa/dist/src/wps/wps_upnp_ap.c vendor/wpa/dist/src/wps/wps_upnp_i.h vendor/wpa/dist/src/wps/wps_upnp_ssdp.c vendor/wpa/dist/src/wps/wps_upnp_web.c vendor/wpa/dist/src/wps/wps_validate.c vendor/wpa/dist/wpa_supplicant/ChangeLog vendor/wpa/dist/wpa_supplicant/Makefile vendor/wpa/dist/wpa_supplicant/README vendor/wpa/dist/wpa_supplicant/README-HS20 vendor/wpa/dist/wpa_supplicant/README-P2P vendor/wpa/dist/wpa_supplicant/README-WPS vendor/wpa/dist/wpa_supplicant/ap.c vendor/wpa/dist/wpa_supplicant/ap.h vendor/wpa/dist/wpa_supplicant/bgscan.c vendor/wpa/dist/wpa_supplicant/bgscan.h vendor/wpa/dist/wpa_supplicant/bgscan_learn.c vendor/wpa/dist/wpa_supplicant/bgscan_simple.c vendor/wpa/dist/wpa_supplicant/bss.c vendor/wpa/dist/wpa_supplicant/bss.h vendor/wpa/dist/wpa_supplicant/config.c vendor/wpa/dist/wpa_supplicant/config.h vendor/wpa/dist/wpa_supplicant/config_file.c vendor/wpa/dist/wpa_supplicant/config_none.c vendor/wpa/dist/wpa_supplicant/config_ssid.h vendor/wpa/dist/wpa_supplicant/config_winreg.c vendor/wpa/dist/wpa_supplicant/ctrl_iface.c vendor/wpa/dist/wpa_supplicant/ctrl_iface.h vendor/wpa/dist/wpa_supplicant/ctrl_iface_named_pipe.c vendor/wpa/dist/wpa_supplicant/ctrl_iface_udp.c vendor/wpa/dist/wpa_supplicant/ctrl_iface_unix.c vendor/wpa/dist/wpa_supplicant/dbus/Makefile vendor/wpa/dist/wpa_supplicant/dbus/dbus_common.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.h vendor/wpa/dist/wpa_supplicant/dbus/dbus_new.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_new.h vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.h vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.h vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_wps.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.h vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_introspect.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_old.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_old.h vendor/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.c vendor/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.h vendor/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers_wps.c vendor/wpa/dist/wpa_supplicant/defconfig vendor/wpa/dist/wpa_supplicant/doc/docbook/Makefile vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.8 vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.sgml vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.8 vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.sgml vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.8 vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.sgml vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.8 vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.sgml vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.8 vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.sgml vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.8 vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5 vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.sgml vendor/wpa/dist/wpa_supplicant/driver_i.h vendor/wpa/dist/wpa_supplicant/eap_register.c vendor/wpa/dist/wpa_supplicant/eapol_test.c vendor/wpa/dist/wpa_supplicant/events.c vendor/wpa/dist/wpa_supplicant/examples/p2p-action.sh vendor/wpa/dist/wpa_supplicant/examples/wps-ap-cli vendor/wpa/dist/wpa_supplicant/examples/wps-nfc.py vendor/wpa/dist/wpa_supplicant/gas_query.c vendor/wpa/dist/wpa_supplicant/gas_query.h vendor/wpa/dist/wpa_supplicant/hs20_supplicant.c vendor/wpa/dist/wpa_supplicant/hs20_supplicant.h vendor/wpa/dist/wpa_supplicant/ibss_rsn.c vendor/wpa/dist/wpa_supplicant/ibss_rsn.h vendor/wpa/dist/wpa_supplicant/interworking.c vendor/wpa/dist/wpa_supplicant/interworking.h vendor/wpa/dist/wpa_supplicant/main.c vendor/wpa/dist/wpa_supplicant/main_none.c vendor/wpa/dist/wpa_supplicant/main_winmain.c vendor/wpa/dist/wpa_supplicant/main_winsvc.c vendor/wpa/dist/wpa_supplicant/notify.c vendor/wpa/dist/wpa_supplicant/notify.h vendor/wpa/dist/wpa_supplicant/offchannel.c vendor/wpa/dist/wpa_supplicant/p2p_supplicant.c vendor/wpa/dist/wpa_supplicant/p2p_supplicant.h vendor/wpa/dist/wpa_supplicant/preauth_test.c vendor/wpa/dist/wpa_supplicant/scan.c vendor/wpa/dist/wpa_supplicant/scan.h vendor/wpa/dist/wpa_supplicant/sme.c vendor/wpa/dist/wpa_supplicant/sme.h vendor/wpa/dist/wpa_supplicant/tests/test_wpa.c vendor/wpa/dist/wpa_supplicant/todo.txt vendor/wpa/dist/wpa_supplicant/wifi_display.c vendor/wpa/dist/wpa_supplicant/wifi_display.h vendor/wpa/dist/wpa_supplicant/wnm_sta.c vendor/wpa/dist/wpa_supplicant/wnm_sta.h vendor/wpa/dist/wpa_supplicant/wpa_cli.c vendor/wpa/dist/wpa_supplicant/wpa_priv.c vendor/wpa/dist/wpa_supplicant/wpa_supplicant.c vendor/wpa/dist/wpa_supplicant/wpa_supplicant.conf vendor/wpa/dist/wpa_supplicant/wpa_supplicant_i.h vendor/wpa/dist/wpa_supplicant/wpa_supplicant_template.conf vendor/wpa/dist/wpa_supplicant/wpas_glue.c vendor/wpa/dist/wpa_supplicant/wps_supplicant.c vendor/wpa/dist/wpa_supplicant/wps_supplicant.h Added: vendor/wpa/dist/CONTRIBUTIONS ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/wpa/dist/CONTRIBUTIONS Sat Apr 18 05:04:12 2015 (r281681) @@ -0,0 +1,143 @@ +Contributions to hostap.git +--------------------------- + +This software is distributed under a permissive open source license to +allow it to be used in any projects, whether open source or proprietary. +Contributions to the project are welcome and it is important to maintain +clear record of contributions and terms under which they are licensed. +To help with this, following procedure is used to allow acceptance and +recording of the terms. + +All contributions are expected to be licensed under the modified BSD +license (see below). Acknowledgment of the terms is tracked through +inclusion of Signed-off-by tag in the contributions at the end of the +commit log message. This tag indicates that the contributor agrees with +the Developer Certificate of Origin (DCO) version 1.1 terms (see below; +also available from http://developercertificate.org/). + + +The current requirements for contributions to hostap.git +-------------------------------------------------------- + +To indicate your acceptance of Developer's Certificate of Origin 1.1 +terms, please add the following line to the end of the commit message +for each contribution you make to the project: + +Signed-off-by: Your Name + +using your real name. Pseudonyms or anonymous contributions cannot +unfortunately be accepted. + + +History of license and contributions terms +------------------------------------------ + +Until February 11, 2012, in case of most files in hostap.git, "under the +open source license indicated in the file" means that the contribution +is licensed both under GPL v2 and modified BSD license (see below) and +the choice between these licenses is given to anyone who redistributes +or uses the software. As such, the contribution has to be licensed under +both options to allow this choice. + +As of February 11, 2012, the project has chosen to use only the BSD +license option for future distribution. As such, the GPL v2 license +option is no longer used and the contributions are not required to be +licensed until GPL v2. In case of most files in hostap.git, "under the +open source license indicated in the file" means that the contribution +is licensed under the modified BSD license (see below). + +Until February 13, 2014, the project used an extended version of the DCO +that included the identical items (a) through (d) from DCO 1.1 and an +additional item (e): + +(e) The contribution can be licensed under the modified BSD license + as shown below even in case of files that are currently licensed + under other terms. + +This was used during the period when some of the files included the old +license terms. Acceptance of this extended DCO version was indicated +with a Signed-hostap tag in the commit message. This additional item (e) +was used to collect explicit approval to license the contribution with +only the modified BSD license (see below), i.e., without the GPL v2 +option. This was done to allow simpler licensing terms to be used in the +future. It should be noted that the modified BSD license is compatible +with GNU GPL and as such, this possible move to simpler licensing option +does not prevent use of this software in GPL projects. + + +===[ start quote from http://developercertificate.org/ ]======================= + +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +660 York Street, Suite 102, +San Francisco, CA 94110 USA + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. + +===[ end quote from http://developercertificate.org/ ]========================= + + +The license terms used for hostap.git files +------------------------------------------- + +Modified BSD license (no advertisement clause): + +Copyright (c) 2002-2015, Jouni Malinen and contributors +All Rights Reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +3. Neither the name(s) of the above-listed copyright holder(s) nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Modified: vendor/wpa/dist/COPYING ============================================================================== --- vendor/wpa/dist/COPYING Sat Apr 18 04:53:17 2015 (r281680) +++ vendor/wpa/dist/COPYING Sat Apr 18 05:04:12 2015 (r281681) @@ -1,7 +1,7 @@ wpa_supplicant and hostapd -------------------------- -Copyright (c) 2002-2012, Jouni Malinen and contributors +Copyright (c) 2002-2015, Jouni Malinen and contributors All Rights Reserved. Modified: vendor/wpa/dist/README ============================================================================== --- vendor/wpa/dist/README Sat Apr 18 04:53:17 2015 (r281680) +++ vendor/wpa/dist/README Sat Apr 18 05:04:12 2015 (r281681) @@ -1,7 +1,7 @@ wpa_supplicant and hostapd -------------------------- -Copyright (c) 2002-2012, Jouni Malinen and contributors +Copyright (c) 2002-2015, Jouni Malinen and contributors All Rights Reserved. These programs are licensed under the BSD license (the one with Modified: vendor/wpa/dist/hostapd/ChangeLog ============================================================================== --- vendor/wpa/dist/hostapd/ChangeLog Sat Apr 18 04:53:17 2015 (r281680) +++ vendor/wpa/dist/hostapd/ChangeLog Sat Apr 18 05:04:12 2015 (r281681) @@ -1,5 +1,191 @@ ChangeLog for hostapd +2015-03-15 - v2.4 + * allow OpenSSL cipher configuration to be set for internal EAP server + (openssl_ciphers parameter) + * fixed number of small issues based on hwsim test case failures and + static analyzer reports + * fixed Accounting-Request to not include duplicated Acct-Session-Id + * add support for Acct-Multi-Session-Id in RADIUS Accounting messages + * add support for PMKSA caching with SAE + * add support for generating BSS Load element (bss_load_update_period) + * fixed channel switch from VHT to HT + * add INTERFACE-ENABLED and INTERFACE-DISABLED ctrl_iface events + * add support for learning STA IPv4/IPv6 addresses and configuring + ProxyARP support + * dropped support for the madwifi driver interface + * add support for Suite B (128-bit and 192-bit level) key management and + cipher suites + * fixed a regression with driver=wired + * extend EAPOL-Key msg 1/4 retry workaround for changing SNonce + * add BSS_TM_REQ ctrl_iface command to send BSS Transition Management + Request frames and BSS-TM-RESP event to indicate response to such + frame + * add support for EAP Re-Authentication Protocol (ERP) + * fixed AP IE in EAPOL-Key 3/4 when both WPA and FT was enabled + * fixed a regression in HT 20/40 coex Action frame parsing + * set stdout to be line-buffered + * add support for vendor specific VHT extension to enable 256 QAM rates + (VHT-MCS 8 and 9) on 2.4 GHz band + * RADIUS DAS: + - extend Disconnect-Request processing to allow matching of multiple + sessions + - support Acct-Multi-Session-Id as an identifier + - allow PMKSA cache entry to be removed without association + * expire hostapd STA entry if kernel does not have a matching entry + * allow chanlist to be used to specify a subset of channels for ACS + * improve ACS behavior on 2.4 GHz band and allow channel bias to be + configured with acs_chan_bias parameter + * do not reply to a Probe Request frame that includes DSS Parameter Set + element in which the channel does not match the current operating + channel + * add UPDATE_BEACON ctrl_iface command; this can be used to force Beacon + frame contents to be updated and to start beaconing on an interface + that used start_disabled=1 + * fixed some RADIUS server failover cases + +2014-10-09 - v2.3 + * fixed number of minor issues identified in static analyzer warnings + * fixed DFS and channel switch operation for multi-BSS cases + * started to use constant time comparison for various password and hash + values to reduce possibility of any externally measurable timing + differences + * extended explicit clearing of freed memory and expired keys to avoid + keeping private data in memory longer than necessary + * added support for number of new RADIUS attributes from RFC 7268 + (Mobility-Domain-Id, WLAN-HESSID, WLAN-Pairwise-Cipher, + WLAN-Group-Cipher, WLAN-AKM-Suite, WLAN-Group-Mgmt-Pairwise-Cipher) + * fixed GET_CONFIG wpa_pairwise_cipher value + * added code to clear bridge FDB entry on station disconnection + * fixed PMKSA cache timeout from Session-Timeout for WPA/WPA2 cases + * fixed OKC PMKSA cache entry fetch to avoid a possible infinite loop + in case the first entry does not match + * fixed hostapd_cli action script execution to use more robust mechanism + (CVE-2014-3686) + +2014-06-04 - v2.2 + * fixed SAE confirm-before-commit validation to avoid a potential + segmentation fault in an unexpected message sequence that could be + triggered remotely + * extended VHT support + - Operating Mode Notification + - Power Constraint element (local_pwr_constraint) + - Spectrum management capability (spectrum_mgmt_required=1) + - fix VHT80 segment picking in ACS + - fix vht_capab 'Maximum A-MPDU Length Exponent' handling + - fix VHT20 + * fixed HT40 co-ex scan for some pri/sec channel switches + * extended HT40 co-ex support to allow dynamic channel width changes + during the lifetime of the BSS + * fixed HT40 co-ex support to check for overlapping 20 MHz BSS + * fixed MSCHAP UTF-8 to UCS-2 conversion for three-byte encoding; + this fixes password with include UTF-8 characters that use + three-byte encoding EAP methods that use NtPasswordHash + * reverted TLS certificate validation step change in v2.1 that rejected + any AAA server certificate with id-kp-clientAuth even if + id-kp-serverAuth EKU was included + * fixed STA validation step for WPS ER commands to prevent a potential + crash if an ER sends an unexpected PutWLANResponse to a station that + is disassociated, but not fully removed + * enforce full EAP authentication after RADIUS Disconnect-Request by + removing the PMKSA cache entry + * added support for NAS-IP-Address, NAS-identifier, and NAS-IPv6-Address + in RADIUS Disconnect-Request + * added mechanism for removing addresses for MAC ACLs by prefixing an + entry with "-" + * Interworking/Hotspot 2.0 enhancements + - support Hotspot 2.0 Release 2 + * OSEN network for online signup connection + * subscription remediation (based on RADIUS server request or + control interface HS20_WNM_NOTIF for testing purposes) + * Hotspot 2.0 release number indication in WFA RADIUS VSA + * deauthentication request (based on RADIUS server request or + control interface WNM_DEAUTH_REQ for testing purposes) + * Session Info URL RADIUS AVP to trigger ESS Disassociation Imminent + * hs20_icon config parameter to configure icon files for OSU + * osu_* config parameters for OSU Providers list + - do not use Interworking filtering rules on Probe Request if + Interworking is disabled to avoid interop issues + * added/fixed nl80211 functionality + - AP interface teardown optimization + - support vendor specific driver command + (VENDOR []) + * fixed PMF protection of Deauthentication frame when this is triggered + by session timeout + * internal TLS implementation enhancements/fixes + - add SHA256-based cipher suites + - add DHE-RSA cipher suites + - fix X.509 validation of PKCS#1 signature to check for extra data + * RADIUS server functionality + - add minimal RADIUS accounting server support (hostapd-as-server); + this is mainly to enable testing coverage with hwsim scripts + - allow authentication log to be written into SQLite databse + - added option for TLS protocol testing of an EAP peer by simulating + various misbehaviors/known attacks + - MAC ACL support for testing purposes + * fixed PTK derivation for CCMP-256 and GCMP-256 + * extended WPS per-station PSK to support ER case + * added option to configure the management group cipher + (group_mgmt_cipher=AES-128-CMAC (default), BIP-GMAC-128, BIP-GMAC-256, + BIP-CMAC-256) + * fixed AP mode default TXOP Limit values for AC_VI and AC_VO (these + were rounded incorrectly) + * added support for postponing FT response in case PMK-R1 needs to be + pulled from R0KH + * added option to advertise 40 MHz intolerant HT capability with + ht_capab=[40-INTOLERANT] + * remove WPS 1.0 only support, i.e., WSC 2.0 support is now enabled + whenever CONFIG_WPS=y is set + * EAP-pwd fixes + - fix possible segmentation fault on EAP method deinit if an invalid + group is negotiated + * fixed RADIUS client retransmit/failover behavior + - there was a potential ctash due to freed memory being accessed + - failover to a backup server mechanism did not work properly + * fixed a possible crash on double DISABLE command when multiple BSSes + are enabled + * fixed a memory leak in SAE random number generation + * fixed GTK rekeying when the station uses FT protocol + * fixed off-by-one bounds checking in printf_encode() + - this could result in deinial of service in some EAP server cases + * various bug fixes + +2014-02-04 - v2.1 + * added support for simultaneous authentication of equals (SAE) for + stronger password-based authentication with WPA2-Personal + * added nl80211 functionality + - VHT configuration for nl80211 + - support split wiphy dump + - driver-based MAC ACL + - QoS Mapping configuration + * added fully automated regression testing with mac80211_hwsim + * allow ctrl_iface group to be specified on command line (-G) + * allow single hostapd process to control independent WPS interfaces + (wps_independent=1) instead of synchronized operations through all + configured interfaces within a process + * avoid processing received management frames multiple times when using + nl80211 with multiple BSSes + * added support for DFS (processing radar detection events, CAC, channel + re-selection) + * added EAP-EKE server + * added automatic channel selection (ACS) + * added option for using per-BSS (vif) configuration files with + -b: + * extended global control interface ADD/REMOVE commands to allow BSSes + of a radio to be removed individually without having to add/remove all + other BSSes of the radio at the same time + * added support for sending debug info to Linux tracing (-T on command + line) + * replace dump_file functionality with same information being available + through the hostapd control interface + * added support for using Protected Dual of Public Action frames for + GAS/ANQP exchanges when PMF is enabled + * added support for WPS+NFC updates + - improved protocol + - option to fetch and report alternative carrier records for external + NFC operations + * various bug fixes + 2013-01-12 - v2.0 * added AP-STA-DISCONNECTED ctrl_iface event * improved debug logging (human readable event names, interface name Modified: vendor/wpa/dist/hostapd/Makefile ============================================================================== --- vendor/wpa/dist/hostapd/Makefile Sat Apr 18 04:53:17 2015 (r281680) +++ vendor/wpa/dist/hostapd/Makefile Sat Apr 18 05:04:12 2015 (r281681) @@ -6,8 +6,11 @@ ifndef CFLAGS CFLAGS = -MMD -O2 -Wall -g endif -CFLAGS += -I../src -CFLAGS += -I../src/utils +CFLAGS += $(EXTRA_CFLAGS) +CFLAGS += -I$(abspath ../src) +CFLAGS += -I$(abspath ../src/utils) + +export BINDIR ?= /usr/local/bin/ # Uncomment following line and set the path to your kernel tree include # directory if your C library does not include all header files. @@ -15,6 +18,11 @@ CFLAGS += -I../src/utils -include .config +ifdef CONFIG_TESTING_OPTIONS +CFLAGS += -DCONFIG_TESTING_OPTIONS +CONFIG_WPS_TESTING=y +endif + ifndef CONFIG_OS ifdef CONFIG_NATIVE_WINDOWS CONFIG_OS=win32 @@ -54,6 +62,7 @@ OBJS += ../src/ap/preauth_auth.o OBJS += ../src/ap/pmksa_cache_auth.o OBJS += ../src/ap/ieee802_11_shared.o OBJS += ../src/ap/beacon.o +OBJS += ../src/ap/bss_load.o OBJS_c = hostapd_cli.o ../src/common/wpa_ctrl.o ../src/utils/os_$(CONFIG_OS).o @@ -65,6 +74,11 @@ NEED_SHA1=y OBJS += ../src/drivers/drivers.o CFLAGS += -DHOSTAPD +ifdef CONFIG_MODULE_TESTS +CFLAGS += -DCONFIG_MODULE_TESTS +OBJS += hapd_module_tests.o +endif + ifdef CONFIG_WPA_TRACE CFLAGS += -DWPA_TRACE OBJS += ../src/utils/trace.o @@ -72,10 +86,10 @@ HOBJS += ../src/utils/trace.o LDFLAGS += -rdynamic CFLAGS += -funwind-tables ifdef CONFIG_WPA_TRACE_BFD -CFLAGS += -DWPA_TRACE_BFD -LIBS += -lbfd -LIBS_c += -lbfd -LIBS_h += -lbfd +CFLAGS += -DPACKAGE="hostapd" -DWPA_TRACE_BFD +LIBS += -lbfd -ldl -liberty -lz +LIBS_c += -lbfd -ldl -liberty -lz +LIBS_h += -lbfd -ldl -liberty -lz endif endif @@ -84,6 +98,15 @@ CONFIG_ELOOP=eloop endif OBJS += ../src/utils/$(CONFIG_ELOOP).o OBJS_c += ../src/utils/$(CONFIG_ELOOP).o + +ifeq ($(CONFIG_ELOOP), eloop) +# Using glibc < 2.17 requires -lrt for clock_gettime() +LIBS += -lrt +LIBS_c += -lrt +LIBS_h += -lrt +LIBS_n += -lrt +endif + OBJS += ../src/utils/common.o OBJS += ../src/utils/wpa_debug.o OBJS_c += ../src/utils/wpa_debug.o @@ -93,15 +116,24 @@ OBJS += ../src/utils/ip_addr.o OBJS += ../src/common/ieee802_11_common.o OBJS += ../src/common/wpa_common.o +OBJS += ../src/common/hw_features_common.o OBJS += ../src/eapol_auth/eapol_auth_sm.o +ifdef CONFIG_CODE_COVERAGE +CFLAGS += -O0 -fprofile-arcs -ftest-coverage +LIBS += -lgcov +LIBS_c += -lgcov +LIBS_h += -lgcov +LIBS_n += -lgcov +endif + ifndef CONFIG_NO_DUMP_STATE -# define HOSTAPD_DUMP_STATE to include SIGUSR1 handler for dumping state to -# a file (undefine it, if you want to save in binary size) +# define HOSTAPD_DUMP_STATE to include support for dumping internal state +# through control interface commands (undefine it, if you want to save in +# binary size) CFLAGS += -DHOSTAPD_DUMP_STATE -OBJS += dump_state.o OBJS += ../src/eapol_auth/eapol_auth_dump.o endif @@ -139,8 +171,6 @@ OBJS += ctrl_iface.o OBJS += ../src/ap/ctrl_iface_ap.o endif -OBJS += ../src/crypto/md5.o - CFLAGS += -DCONFIG_CTRL_IFACE -DCONFIG_CTRL_IFACE_UNIX ifdef CONFIG_IAPP @@ -158,6 +188,26 @@ CFLAGS += -DCONFIG_PEERKEY OBJS += ../src/ap/peerkey_auth.o endif +ifdef CONFIG_HS20 +NEED_AES_OMAC1=y +CONFIG_PROXYARP=y +endif + +ifdef CONFIG_PROXYARP +CONFIG_L2_PACKET=y +endif + +ifdef CONFIG_SUITEB +CFLAGS += -DCONFIG_SUITEB +NEED_SHA256=y +NEED_AES_OMAC1=y +endif + +ifdef CONFIG_SUITEB192 +CFLAGS += -DCONFIG_SUITEB192 +NEED_SHA384=y +endif + ifdef CONFIG_IEEE80211W CFLAGS += -DCONFIG_IEEE80211W NEED_SHA256=y @@ -174,6 +224,9 @@ endif ifdef CONFIG_SAE CFLAGS += -DCONFIG_SAE +OBJS += ../src/common/sae.o +NEED_ECC=y +NEED_DH_GROUPS=y endif ifdef CONFIG_WNM @@ -212,6 +265,12 @@ OBJS += ../src/l2_packet/l2_packet_none. endif +ifdef CONFIG_ERP +CFLAGS += -DCONFIG_ERP +NEED_SHA256=y +NEED_HMAC_SHA256_KDF=y +endif + ifdef CONFIG_EAP_MD5 CFLAGS += -DEAP_SERVER_MD5 OBJS += ../src/eap_server/eap_server_md5.o @@ -308,7 +367,7 @@ ifdef CONFIG_EAP_GPSK CFLAGS += -DEAP_SERVER_GPSK OBJS += ../src/eap_server/eap_server_gpsk.o ../src/eap_common/eap_gpsk_common.o ifdef CONFIG_EAP_GPSK_SHA256 -CFLAGS += -DEAP_SERVER_GPSK_SHA256 +CFLAGS += -DEAP_GPSK_SHA256 endif NEED_SHA256=y NEED_AES_OMAC1=y @@ -320,6 +379,13 @@ OBJS += ../src/eap_server/eap_server_pwd NEED_SHA256=y endif +ifdef CONFIG_EAP_EKE +CFLAGS += -DEAP_SERVER_EKE +OBJS += ../src/eap_server/eap_server_eke.o ../src/eap_common/eap_eke_common.o +NEED_DH_GROUPS=y +NEED_DH_GROUPS_ALL=y +endif + ifdef CONFIG_EAP_VENDOR_TEST CFLAGS += -DEAP_SERVER_VENDOR_TEST OBJS += ../src/eap_server/eap_server_vendor_test.o @@ -335,10 +401,6 @@ NEED_AES_UNWRAP=y endif ifdef CONFIG_WPS -ifdef CONFIG_WPS2 -CFLAGS += -DCONFIG_WPS2 -endif - CFLAGS += -DCONFIG_WPS -DEAP_SERVER_WSC OBJS += ../src/utils/uuid.o OBJS += ../src/ap/wps_hostapd.o @@ -481,7 +543,8 @@ endif OBJS += ../src/crypto/crypto_gnutls.o HOBJS += ../src/crypto/crypto_gnutls.o ifdef NEED_FIPS186_2_PRF -OBJS += ../src/crypto/fips_prf_gnutls.o +OBJS += ../src/crypto/fips_prf_internal.o +SHA1OBJS += ../src/crypto/sha1-internal.o endif LIBS += -lgcrypt LIBS_h += -lgcrypt @@ -501,21 +564,6 @@ CONFIG_INTERNAL_RC4=y CONFIG_INTERNAL_DH_GROUP5=y endif -ifeq ($(CONFIG_TLS), nss) -ifdef TLS_FUNCS -OBJS += ../src/crypto/tls_nss.o -LIBS += -lssl3 -endif -OBJS += ../src/crypto/crypto_nss.o -ifdef NEED_FIPS186_2_PRF -OBJS += ../src/crypto/fips_prf_nss.o -endif -LIBS += -lnss3 -LIBS_h += -lnss3 -CONFIG_INTERNAL_MD4=y -CONFIG_INTERNAL_DH_GROUP5=y -endif - ifeq ($(CONFIG_TLS), internal) ifndef CONFIG_CRYPTO CONFIG_CRYPTO=internal @@ -622,7 +670,9 @@ ifdef CONFIG_INTERNAL_AES AESOBJS += ../src/crypto/aes-internal.o ../src/crypto/aes-internal-enc.o endif +ifneq ($(CONFIG_TLS), openssl) AESOBJS += ../src/crypto/aes-wrap.o +endif ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y @@ -637,9 +687,11 @@ ifdef NEED_AES_OMAC1 AESOBJS += ../src/crypto/aes-omac1.o endif ifdef NEED_AES_UNWRAP +ifneq ($(CONFIG_TLS), openssl) NEED_AES_DEC=y AESOBJS += ../src/crypto/aes-unwrap.o endif +endif ifdef NEED_AES_CBC NEED_AES_DEC=y AESOBJS += ../src/crypto/aes-cbc.o @@ -679,6 +731,10 @@ ifdef NEED_SHA1 OBJS += $(SHA1OBJS) endif +ifneq ($(CONFIG_TLS), openssl) +OBJS += ../src/crypto/md5.o +endif + ifdef NEED_MD5 ifdef CONFIG_INTERNAL_MD5 OBJS += ../src/crypto/md5-internal.o @@ -716,6 +772,12 @@ endif ifdef NEED_TLS_PRF_SHA256 OBJS += ../src/crypto/sha256-tlsprf.o endif +ifdef NEED_HMAC_SHA256_KDF +OBJS += ../src/crypto/sha256-kdf.o +endif +endif +ifdef NEED_SHA384 +CFLAGS += -DCONFIG_SHA384 endif ifdef NEED_DH_GROUPS @@ -730,6 +792,10 @@ OBJS += ../src/crypto/dh_group5.o endif endif +ifdef NEED_ECC +CFLAGS += -DCONFIG_ECC +endif + ifdef CONFIG_NO_RANDOM_POOL CFLAGS += -DCONFIG_NO_RANDOM_POOL else @@ -768,6 +834,7 @@ OBJS += ../src/ap/wmm.o OBJS += ../src/ap/ap_list.o OBJS += ../src/ap/ieee802_11.o OBJS += ../src/ap/hw_features.o +OBJS += ../src/ap/dfs.o CFLAGS += -DNEED_AP_MLME endif ifdef CONFIG_IEEE80211N @@ -795,6 +862,15 @@ OBJS += ../src/common/gas.o OBJS += ../src/ap/gas_serv.o endif +ifdef CONFIG_PROXYARP +CFLAGS += -DCONFIG_PROXYARP +OBJS += ../src/ap/x_snoop.o +OBJS += ../src/ap/dhcp_snoop.o +ifdef CONFIG_IPV6 +OBJS += ../src/ap/ndisc_snoop.o +endif +endif + OBJS += ../src/drivers/driver_common.o ifdef CONFIG_WPA_CLI_EDIT @@ -803,10 +879,20 @@ else OBJS_c += ../src/utils/edit_simple.o endif +ifdef CONFIG_ACS +CFLAGS += -DCONFIG_ACS +OBJS += ../src/ap/acs.o +LIBS += -lm +endif + ifdef CONFIG_NO_STDOUT_DEBUG CFLAGS += -DCONFIG_NO_STDOUT_DEBUG endif +ifdef CONFIG_DEBUG_LINUX_TRACING +CFLAGS += -DCONFIG_DEBUG_LINUX_TRACING +endif + ifdef CONFIG_DEBUG_FILE CFLAGS += -DCONFIG_DEBUG_FILE endif @@ -827,10 +913,20 @@ ifeq ($(V), 1) Q= E=true endif +ifeq ($(QUIET), 1) +Q=@ +E=true +endif +ifdef CONFIG_CODE_COVERAGE +%.o: %.c + @$(E) " CC " $< + $(Q)cd $(dir $@); $(CC) -c -o $(notdir $@) $(CFLAGS) $(notdir $<) +else %.o: %.c $(Q)$(CC) -c -o $@ $(CFLAGS) $< @$(E) " CC " $< +endif verify_config: @if [ ! -r .config ]; then \ @@ -841,9 +937,10 @@ verify_config: exit 1; \ fi -install: all - mkdir -p $(DESTDIR)/usr/local/bin - for i in $(ALL); do cp -f $$i $(DESTDIR)/usr/local/bin/$$i; done +$(DESTDIR)$(BINDIR)/%: % + install -D $(<) $(@) + +install: $(addprefix $(DESTDIR)$(BINDIR)/,$(ALL)) ../src/drivers/build.hostapd: @if [ -f ../src/drivers/build.wpa_supplicant ]; then \ @@ -864,7 +961,8 @@ hostapd_cli: $(OBJS_c) $(Q)$(CC) $(LDFLAGS) -o hostapd_cli $(OBJS_c) $(LIBS_c) @$(E) " LD " $@ -NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) ../src/crypto/md5.o +NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) +NOBJS += ../src/utils/common.o ifdef NEED_RC4 ifdef CONFIG_INTERNAL_RC4 NOBJS += ../src/crypto/rc4.o @@ -899,9 +997,15 @@ hlr_auc_gw: $(HOBJS) $(Q)$(CC) $(LDFLAGS) -o hlr_auc_gw $(HOBJS) $(LIBS_h) @$(E) " LD " $@ +lcov-html: + lcov -c -d .. > lcov.info + genhtml lcov.info --output-directory lcov-html + clean: $(MAKE) -C ../src clean rm -f core *~ *.o hostapd hostapd_cli nt_password_hash hlr_auc_gw - rm -f *.d + rm -f *.d *.gcno *.gcda *.gcov + rm -f lcov.info + rm -rf lcov-html -include $(OBJS:%.o=%.d) Modified: vendor/wpa/dist/hostapd/README ============================================================================== --- vendor/wpa/dist/hostapd/README Sat Apr 18 04:53:17 2015 (r281680) +++ vendor/wpa/dist/hostapd/README Sat Apr 18 05:04:12 2015 (r281681) @@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and Authenticator and RADIUS authentication server ================================================================ -Copyright (c) 2002-2012, Jouni Malinen and contributors +Copyright (c) 2002-2015, Jouni Malinen and contributors All Rights Reserved. This program is licensed under the BSD license (the one with @@ -74,12 +74,6 @@ Current hardware/software requirements: Please note that station firmware version needs to be 1.7.0 or newer to work in WPA mode. - madwifi driver for cards based on Atheros chip set (ar521x) - (http://sourceforge.net/projects/madwifi/) - Please note that you will need to add the correct path for - madwifi driver root directory in .config (see defconfig file for - an example: CFLAGS += -I) - mac80211-based drivers that support AP mode (with driver=nl80211). This includes drivers for Atheros (ath9k) and Broadcom (b43) chipsets. Modified: vendor/wpa/dist/hostapd/README-WPS ============================================================================== --- vendor/wpa/dist/hostapd/README-WPS Sat Apr 18 04:53:17 2015 (r281680) +++ vendor/wpa/dist/hostapd/README-WPS Sat Apr 18 05:04:12 2015 (r281681) @@ -58,12 +58,10 @@ hostapd configuration WPS is an optional component that needs to be enabled in hostapd build configuration (.config). Here is an example configuration that -includes WPS support and uses madwifi driver interface: +includes WPS support and uses nl80211 driver interface: -CONFIG_DRIVER_MADWIFI=y -CFLAGS += -I/usr/src/madwifi-0.9.3 +CONFIG_DRIVER_NL80211=y CONFIG_WPS=y -CONFIG_WPS2=y CONFIG_WPS_UPNP=y Following parameter can be used to enable support for NFC config method: @@ -75,8 +73,8 @@ Following section shows an example runti (hostapd.conf) that enables WPS: # Configure the driver and network interface -driver=madwifi -interface=ath0 +driver=nl80211 +interface=wlan0 # WPA2-Personal configuration for the AP ssid=wps-test @@ -338,3 +336,17 @@ If the NFC tag contains a password token internal Registrar. This allows station Enrollee from which the password token was received to run through WPS protocol to provision the credential. + +"nfc_get_handover_sel " command can be used to build the +contents of a Handover Select Message for connection handover when this +does not depend on the contents of the Handover Request Message. The +first argument selects the format of the output data and the second +argument selects which type of connection handover is requested (WPS = +Wi-Fi handover as specified in WSC 2.0). + +"nfc_report_handover WPS +" is used to report completed NFC +connection handover. The first parameter indicates whether the local +device initiated or responded to the connection handover and the carrier +records are the selected carrier from the handover request and select +messages as a hexdump. Modified: vendor/wpa/dist/hostapd/config_file.c ============================================================================== --- vendor/wpa/dist/hostapd/config_file.c Sat Apr 18 04:53:17 2015 (r281680) +++ vendor/wpa/dist/hostapd/config_file.c Sat Apr 18 05:04:12 2015 (r281681) @@ -1,6 +1,6 @@ /* * hostapd / Configuration file parser - * Copyright (c) 2003-2012, Jouni Malinen + * Copyright (c) 2003-2015, Jouni Malinen * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -22,7 +22,12 @@ #include "config_file.h" -extern struct wpa_driver_ops *wpa_drivers[]; +#ifndef CONFIG_NO_RADIUS +#ifdef EAP_SERVER +static struct hostapd_radius_attr * +hostapd_parse_radius_attr(const char *value); +#endif /* EAP_SERVER */ +#endif /* CONFIG_NO_RADIUS */ #ifndef CONFIG_NO_VLAN @@ -83,7 +88,7 @@ static int hostapd_config_read_vlan_file return -1; } - vlan = os_malloc(sizeof(*vlan)); + vlan = os_zalloc(sizeof(*vlan)); if (vlan == NULL) { wpa_printf(MSG_ERROR, "Out of memory while reading " "VLAN interfaces from '%s'", fname); @@ -91,14 +96,10 @@ static int hostapd_config_read_vlan_file return -1; } - os_memset(vlan, 0, sizeof(*vlan)); vlan->vlan_id = vlan_id; os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname)); - if (bss->vlan_tail) - bss->vlan_tail->next = vlan; - else - bss->vlan = vlan; - bss->vlan_tail = vlan; + vlan->next = bss->vlan; + bss->vlan = vlan; } fclose(f); @@ -136,6 +137,8 @@ static int hostapd_config_read_maclist(c } while (fgets(buf, sizeof(buf), f)) { + int i, rem = 0; + line++; if (buf[0] == '#') @@ -150,14 +153,32 @@ static int hostapd_config_read_maclist(c } if (buf[0] == '\0') continue; + pos = buf; + if (buf[0] == '-') { + rem = 1; + pos++; + } - if (hwaddr_aton(buf, addr)) { + if (hwaddr_aton(pos, addr)) { wpa_printf(MSG_ERROR, "Invalid MAC address '%s' at " - "line %d in '%s'", buf, line, fname); + "line %d in '%s'", pos, line, fname); fclose(f); return -1; } + if (rem) { + i = 0; + while (i < *num) { + if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) == + 0) { + os_remove_in_array(*acl, *num, + sizeof(**acl), i); + (*num)--; + } else + i++; + } + continue; + } vlan_id = 0; pos = buf; while (*pos != '\0' && *pos != ' ' && *pos != '\t') @@ -195,7 +216,7 @@ static int hostapd_config_read_eap_user( FILE *f; char buf[512], *pos, *start, *pos2; int line = 0, ret = 0, num_methods; - struct hostapd_eap_user *user, *tail = NULL; + struct hostapd_eap_user *user = NULL, *tail = NULL, *new_user = NULL; if (!fname) return 0; @@ -229,6 +250,28 @@ static int hostapd_config_read_eap_user( if (buf[0] == '\0') continue; +#ifndef CONFIG_NO_RADIUS + if (user && os_strncmp(buf, "radius_accept_attr=", 19) == 0) { + struct hostapd_radius_attr *attr, *a; + attr = hostapd_parse_radius_attr(buf + 19); + if (attr == NULL) { + wpa_printf(MSG_ERROR, "Invalid radius_auth_req_attr: %s", + buf + 19); + user = NULL; /* already in the BSS list */ + goto failed; + } + if (user->accept_attr == NULL) { + user->accept_attr = attr; + } else { + a = user->accept_attr; + while (a->next) + a = a->next; + a->next = attr; + } + continue; + } +#endif /* CONFIG_NO_RADIUS */ + user = NULL; if (buf[0] != '"' && buf[0] != '*') { @@ -323,6 +366,10 @@ static int hostapd_config_read_eap_user( EAP_TTLS_AUTH_MSCHAPV2; goto skip_eap; } + if (os_strcmp(start, "MACACL") == 0) { + user->macacl = 1; + goto skip_eap; + } wpa_printf(MSG_ERROR, "Unsupported EAP type " "'%s' on line %d in '%s'", start, line, fname); @@ -337,7 +384,7 @@ static int hostapd_config_read_eap_user( break; start = pos3; } - if (num_methods == 0 && user->ttls_auth == 0) { + if (num_methods == 0 && user->ttls_auth == 0 && !user->macacl) { wpa_printf(MSG_ERROR, "No EAP types configured on " "line %d in '%s'", line, fname); goto failed; @@ -447,7 +494,7 @@ static int hostapd_config_read_eap_user( done: if (tail == NULL) { - tail = conf->eap_user = user; + tail = new_user = user; } else { tail->next = user; tail = user; @@ -455,17 +502,26 @@ static int hostapd_config_read_eap_user( continue; failed: - if (user) { - os_free(user->password); - os_free(user->identity); - os_free(user); - } + if (user) + hostapd_config_free_eap_user(user); *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@FreeBSD.ORG Sat Apr 18 05:05:39 2015 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9A9F6B9E; Sat, 18 Apr 2015 05:05:39 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6EFF780A; Sat, 18 Apr 2015 05:05:39 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3I55dIa010080; Sat, 18 Apr 2015 05:05:39 GMT (envelope-from rpaulo@FreeBSD.org) Received: (from rpaulo@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3I55dQQ010079; Sat, 18 Apr 2015 05:05:39 GMT (envelope-from rpaulo@FreeBSD.org) Message-Id: <201504180505.t3I55dQQ010079@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: rpaulo set sender to rpaulo@FreeBSD.org using -f From: Rui Paulo Date: Sat, 18 Apr 2015 05:05:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r281682 - vendor/wpa/2.4 X-SVN-Group: vendor MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Apr 2015 05:05:39 -0000 Author: rpaulo Date: Sat Apr 18 05:05:38 2015 New Revision: 281682 URL: https://svnweb.freebsd.org/changeset/base/281682 Log: Tag wpa_supplicant/hostapd 2.4. Added: vendor/wpa/2.4/ - copied from r281681, vendor/wpa/dist/