2006-03-07 05:26:33 +00:00
|
|
|
/*
|
|
|
|
|
* WPA Supplicant / Configuration file structures
|
2007-07-11 15:48:36 +00:00
|
|
|
* Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
|
2006-03-07 05:26:33 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
|
*
|
|
|
|
|
* Alternatively, this software may be distributed under the terms of BSD
|
|
|
|
|
* license.
|
|
|
|
|
*
|
|
|
|
|
* See README and COPYING for more details.
|
|
|
|
|
*/
|
|
|
|
|
|
2005-06-05 20:52:14 +00:00
|
|
|
#ifndef CONFIG_H
|
|
|
|
|
#define CONFIG_H
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
#define DEFAULT_EAPOL_VERSION 1
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifdef CONFIG_NO_SCAN_PROCESSING
|
|
|
|
|
#define DEFAULT_AP_SCAN 2
|
|
|
|
|
#else /* CONFIG_NO_SCAN_PROCESSING */
|
2006-03-07 05:26:33 +00:00
|
|
|
#define DEFAULT_AP_SCAN 1
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* CONFIG_NO_SCAN_PROCESSING */
|
2006-03-07 05:26:33 +00:00
|
|
|
#define DEFAULT_FAST_REAUTH 1
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
#define DEFAULT_BSS_MAX_COUNT 200
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2005-06-05 20:52:14 +00:00
|
|
|
#include "config_ssid.h"
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* struct wpa_config - wpa_supplicant configuration data
|
|
|
|
|
*
|
|
|
|
|
* This data structure is presents the per-interface (radio) configuration
|
|
|
|
|
* data. In many cases, there is only one struct wpa_config instance, but if
|
|
|
|
|
* more than one network interface is being controlled, one instance is used
|
|
|
|
|
* for each.
|
|
|
|
|
*/
|
2005-06-05 20:52:14 +00:00
|
|
|
struct wpa_config {
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
|
* ssid - Head of the global network list
|
|
|
|
|
*
|
|
|
|
|
* This is the head for the list of all the configured networks.
|
|
|
|
|
*/
|
|
|
|
|
struct wpa_ssid *ssid;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* pssid - Per-priority network lists (in priority order)
|
|
|
|
|
*/
|
|
|
|
|
struct wpa_ssid **pssid;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* num_prio - Number of different priorities used in the pssid lists
|
|
|
|
|
*
|
|
|
|
|
* This indicates how many per-priority network lists are included in
|
|
|
|
|
* pssid.
|
|
|
|
|
*/
|
|
|
|
|
int num_prio;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* eapol_version - IEEE 802.1X/EAPOL version number
|
|
|
|
|
*
|
|
|
|
|
* wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which
|
|
|
|
|
* defines EAPOL version 2. However, there are many APs that do not
|
|
|
|
|
* handle the new version number correctly (they seem to drop the
|
|
|
|
|
* frames completely). In order to make wpa_supplicant interoperate
|
|
|
|
|
* with these APs, the version number is set to 1 by default. This
|
|
|
|
|
* configuration value can be used to set it to the new version (2).
|
|
|
|
|
*/
|
2005-06-05 20:52:14 +00:00
|
|
|
int eapol_version;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ap_scan - AP scanning/selection
|
|
|
|
|
*
|
|
|
|
|
* By default, wpa_supplicant requests driver to perform AP
|
|
|
|
|
* scanning and then uses the scan results to select a
|
|
|
|
|
* suitable AP. Another alternative is to allow the driver to
|
|
|
|
|
* take care of AP scanning and selection and use
|
|
|
|
|
* wpa_supplicant just to process EAPOL frames based on IEEE
|
|
|
|
|
* 802.11 association information from the driver.
|
|
|
|
|
*
|
|
|
|
|
* 1: wpa_supplicant initiates scanning and AP selection (default).
|
|
|
|
|
*
|
|
|
|
|
* 0: Driver takes care of scanning, AP selection, and IEEE 802.11
|
|
|
|
|
* association parameters (e.g., WPA IE generation); this mode can
|
|
|
|
|
* also be used with non-WPA drivers when using IEEE 802.1X mode;
|
|
|
|
|
* do not try to associate with APs (i.e., external program needs
|
|
|
|
|
* to control association). This mode must also be used when using
|
|
|
|
|
* wired Ethernet drivers.
|
|
|
|
|
*
|
|
|
|
|
* 2: like 0, but associate with APs using security policy and SSID
|
|
|
|
|
* (but not BSSID); this can be used, e.g., with ndiswrapper and NDIS
|
|
|
|
|
* drivers to enable operation with hidden SSIDs and optimized roaming;
|
|
|
|
|
* in this mode, the network blocks in the configuration are tried
|
|
|
|
|
* one by one until the driver reports successful association; each
|
|
|
|
|
* network block should have explicit security policy (i.e., only one
|
|
|
|
|
* option in the lists) for key_mgmt, pairwise, group, proto variables.
|
|
|
|
|
*/
|
2005-06-05 20:52:14 +00:00
|
|
|
int ap_scan;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
/**
|
2007-07-11 15:48:36 +00:00
|
|
|
* ctrl_interface - Parameters for the control interface
|
2006-03-07 05:26:33 +00:00
|
|
|
*
|
2007-07-11 15:48:36 +00:00
|
|
|
* If this is specified, %wpa_supplicant will open a control interface
|
|
|
|
|
* that is available for external programs to manage %wpa_supplicant.
|
|
|
|
|
* The meaning of this string depends on which control interface
|
|
|
|
|
* mechanism is used. For all cases, the existance of this parameter
|
|
|
|
|
* in configuration is used to determine whether the control interface
|
|
|
|
|
* is enabled.
|
|
|
|
|
*
|
|
|
|
|
* For UNIX domain sockets (default on Linux and BSD): This is a
|
|
|
|
|
* directory that will be created for UNIX domain sockets for listening
|
|
|
|
|
* to requests from external programs (CLI/GUI, etc.) for status
|
|
|
|
|
* information and configuration. The socket file will be named based
|
|
|
|
|
* on the interface name, so multiple %wpa_supplicant processes can be
|
|
|
|
|
* run at the same time if more than one interface is used.
|
|
|
|
|
* /var/run/wpa_supplicant is the recommended directory for sockets and
|
|
|
|
|
* by default, wpa_cli will use it when trying to connect with
|
|
|
|
|
* %wpa_supplicant.
|
2006-03-07 05:26:33 +00:00
|
|
|
*
|
|
|
|
|
* Access control for the control interface can be configured
|
|
|
|
|
* by setting the directory to allow only members of a group
|
|
|
|
|
* to use sockets. This way, it is possible to run
|
2007-07-11 15:48:36 +00:00
|
|
|
* %wpa_supplicant as root (since it needs to change network
|
2006-03-07 05:26:33 +00:00
|
|
|
* configuration and open raw sockets) and still allow GUI/CLI
|
|
|
|
|
* components to be run as non-root users. However, since the
|
|
|
|
|
* control interface can be used to change the network
|
|
|
|
|
* configuration, this access needs to be protected in many
|
2007-07-11 15:48:36 +00:00
|
|
|
* cases. By default, %wpa_supplicant is configured to use gid
|
2006-03-07 05:26:33 +00:00
|
|
|
* 0 (root). If you want to allow non-root users to use the
|
|
|
|
|
* control interface, add a new group and change this value to
|
|
|
|
|
* match with that group. Add users that should have control
|
|
|
|
|
* interface access to this group.
|
2007-07-11 15:48:36 +00:00
|
|
|
*
|
|
|
|
|
* When configuring both the directory and group, use following format:
|
|
|
|
|
* DIR=/var/run/wpa_supplicant GROUP=wheel
|
|
|
|
|
* DIR=/var/run/wpa_supplicant GROUP=0
|
|
|
|
|
* (group can be either group name or gid)
|
|
|
|
|
*
|
|
|
|
|
* For UDP connections (default on Windows): The value will be ignored.
|
|
|
|
|
* This variable is just used to select that the control interface is
|
|
|
|
|
* to be created. The value can be set to, e.g., udp
|
|
|
|
|
* (ctrl_interface=udp).
|
|
|
|
|
*
|
|
|
|
|
* For Windows Named Pipe: This value can be used to set the security
|
|
|
|
|
* descriptor for controlling access to the control interface. Security
|
|
|
|
|
* descriptor can be set using Security Descriptor String Format (see
|
|
|
|
|
* http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/security_descriptor_string_format.asp).
|
|
|
|
|
* The descriptor string needs to be prefixed with SDDL=. For example,
|
|
|
|
|
* ctrl_interface=SDDL=D: would set an empty DACL (which will reject
|
|
|
|
|
* all connections).
|
2006-03-07 05:26:33 +00:00
|
|
|
*/
|
2007-07-11 15:48:36 +00:00
|
|
|
char *ctrl_interface;
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
2007-07-11 15:48:36 +00:00
|
|
|
* ctrl_interface_group - Control interface group (DEPRECATED)
|
2006-03-07 05:26:33 +00:00
|
|
|
*
|
2007-07-11 15:48:36 +00:00
|
|
|
* This variable is only used for backwards compatibility. Group for
|
2009-03-01 22:10:07 +00:00
|
|
|
* UNIX domain sockets should now be specified using GROUP=group in
|
2007-07-11 15:48:36 +00:00
|
|
|
* ctrl_interface variable.
|
2006-03-07 05:26:33 +00:00
|
|
|
*/
|
2007-07-11 15:48:36 +00:00
|
|
|
char *ctrl_interface_group;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* fast_reauth - EAP fast re-authentication (session resumption)
|
|
|
|
|
*
|
|
|
|
|
* By default, fast re-authentication is enabled for all EAP methods
|
|
|
|
|
* that support it. This variable can be used to disable fast
|
|
|
|
|
* re-authentication (by setting fast_reauth=0). Normally, there is no
|
|
|
|
|
* need to disable fast re-authentication.
|
|
|
|
|
*/
|
2005-06-05 20:52:14 +00:00
|
|
|
int fast_reauth;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* opensc_engine_path - Path to the OpenSSL engine for opensc
|
|
|
|
|
*
|
|
|
|
|
* This is an OpenSSL specific configuration option for loading OpenSC
|
|
|
|
|
* engine (engine_opensc.so); if %NULL, this engine is not loaded.
|
|
|
|
|
*/
|
|
|
|
|
char *opensc_engine_path;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* pkcs11_engine_path - Path to the OpenSSL engine for PKCS#11
|
|
|
|
|
*
|
|
|
|
|
* This is an OpenSSL specific configuration option for loading PKCS#11
|
|
|
|
|
* engine (engine_pkcs11.so); if %NULL, this engine is not loaded.
|
|
|
|
|
*/
|
|
|
|
|
char *pkcs11_engine_path;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* pkcs11_module_path - Path to the OpenSSL OpenSC/PKCS#11 module
|
|
|
|
|
*
|
|
|
|
|
* This is an OpenSSL specific configuration option for configuring
|
|
|
|
|
* path to OpenSC/PKCS#11 engine (opensc-pkcs11.so); if %NULL, this
|
|
|
|
|
* module is not loaded.
|
|
|
|
|
*/
|
|
|
|
|
char *pkcs11_module_path;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* driver_param - Driver interface parameters
|
|
|
|
|
*
|
|
|
|
|
* This text string is passed to the selected driver interface with the
|
|
|
|
|
* optional struct wpa_driver_ops::set_param() handler. This can be
|
|
|
|
|
* used to configure driver specific options without having to add new
|
|
|
|
|
* driver interface functionality.
|
|
|
|
|
*/
|
|
|
|
|
char *driver_param;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* dot11RSNAConfigPMKLifetime - Maximum lifetime of a PMK
|
|
|
|
|
*
|
|
|
|
|
* dot11 MIB variable for the maximum lifetime of a PMK in the PMK
|
|
|
|
|
* cache (unit: seconds).
|
|
|
|
|
*/
|
|
|
|
|
unsigned int dot11RSNAConfigPMKLifetime;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* dot11RSNAConfigPMKReauthThreshold - PMK re-authentication threshold
|
|
|
|
|
*
|
|
|
|
|
* dot11 MIB variable for the percentage of the PMK lifetime
|
|
|
|
|
* that should expire before an IEEE 802.1X reauthentication occurs.
|
|
|
|
|
*/
|
|
|
|
|
unsigned int dot11RSNAConfigPMKReauthThreshold;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* dot11RSNAConfigSATimeout - Security association timeout
|
|
|
|
|
*
|
|
|
|
|
* dot11 MIB variable for the maximum time a security association
|
|
|
|
|
* shall take to set up (unit: seconds).
|
|
|
|
|
*/
|
|
|
|
|
unsigned int dot11RSNAConfigSATimeout;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* update_config - Is wpa_supplicant allowed to update configuration
|
|
|
|
|
*
|
|
|
|
|
* This variable control whether wpa_supplicant is allow to re-write
|
|
|
|
|
* its configuration with wpa_config_write(). If this is zero,
|
|
|
|
|
* configuration data is only changed in memory and the external data
|
|
|
|
|
* is not overriden. If this is non-zero, wpa_supplicant will update
|
|
|
|
|
* the configuration data (e.g., a file) whenever configuration is
|
|
|
|
|
* changed. This update may replace the old configuration which can
|
|
|
|
|
* remove comments from it in case of a text file configuration.
|
|
|
|
|
*/
|
|
|
|
|
int update_config;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* blobs - Configuration blobs
|
|
|
|
|
*/
|
|
|
|
|
struct wpa_config_blob *blobs;
|
2009-03-01 22:10:07 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* uuid - Universally Unique IDentifier (UUID; see RFC 4122) for WPS
|
|
|
|
|
*/
|
|
|
|
|
u8 uuid[16];
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* device_name - Device Name (WPS)
|
|
|
|
|
* User-friendly description of device; up to 32 octets encoded in
|
|
|
|
|
* UTF-8
|
|
|
|
|
*/
|
|
|
|
|
char *device_name;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* manufacturer - Manufacturer (WPS)
|
|
|
|
|
* The manufacturer of the device (up to 64 ASCII characters)
|
|
|
|
|
*/
|
|
|
|
|
char *manufacturer;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* model_name - Model Name (WPS)
|
|
|
|
|
* Model of the device (up to 32 ASCII characters)
|
|
|
|
|
*/
|
|
|
|
|
char *model_name;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* model_number - Model Number (WPS)
|
|
|
|
|
* Additional device description (up to 32 ASCII characters)
|
|
|
|
|
*/
|
|
|
|
|
char *model_number;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* serial_number - Serial Number (WPS)
|
|
|
|
|
* Serial number of the device (up to 32 characters)
|
|
|
|
|
*/
|
|
|
|
|
char *serial_number;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* device_type - Primary Device Type (WPS)
|
|
|
|
|
* Used format: categ-OUI-subcateg
|
|
|
|
|
* categ = Category as an integer value
|
|
|
|
|
* OUI = OUI and type octet as a 4-octet hex-encoded value;
|
|
|
|
|
* 0050F204 for default WPS OUI
|
|
|
|
|
* subcateg = OUI-specific Sub Category as an integer value
|
|
|
|
|
* Examples:
|
|
|
|
|
* 1-0050F204-1 (Computer / PC)
|
|
|
|
|
* 1-0050F204-2 (Computer / Server)
|
|
|
|
|
* 5-0050F204-1 (Storage / NAS)
|
|
|
|
|
* 6-0050F204-1 (Network Infrastructure / AP)
|
|
|
|
|
*/
|
|
|
|
|
char *device_type;
|
|
|
|
|
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
/**
|
|
|
|
|
* config_methods - Config Methods
|
|
|
|
|
*
|
|
|
|
|
* This is a space-separated list of supported WPS configuration
|
|
|
|
|
* methods. For example, "label display push_button keypad".
|
|
|
|
|
* Available methods: usba ethernet label display ext_nfc_token
|
|
|
|
|
* int_nfc_token nfc_interface push_button keypad.
|
|
|
|
|
*/
|
|
|
|
|
char *config_methods;
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
/**
|
|
|
|
|
* os_version - OS Version (WPS)
|
|
|
|
|
* 4-octet operating system version number
|
|
|
|
|
*/
|
|
|
|
|
u8 os_version[4];
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* country - Country code
|
|
|
|
|
*
|
|
|
|
|
* This is the ISO/IEC alpha2 country code for which we are operating
|
|
|
|
|
* in
|
|
|
|
|
*/
|
|
|
|
|
char country[2];
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* wps_cred_processing - Credential processing
|
|
|
|
|
*
|
|
|
|
|
* 0 = process received credentials internally
|
|
|
|
|
* 1 = do not process received credentials; just pass them over
|
|
|
|
|
* ctrl_iface to external program(s)
|
|
|
|
|
* 2 = process received credentials internally and pass them over
|
|
|
|
|
* ctrl_iface to external program(s)
|
|
|
|
|
*/
|
|
|
|
|
int wps_cred_processing;
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* bss_max_count - Maximum number of BSS entries to keep in memory
|
|
|
|
|
*/
|
|
|
|
|
unsigned int bss_max_count;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* filter_ssids - SSID-based scan result filtering
|
|
|
|
|
*
|
|
|
|
|
* 0 = do not filter scan results
|
|
|
|
|
* 1 = only include configured SSIDs in scan results/BSS table
|
|
|
|
|
*/
|
|
|
|
|
int filter_ssids;
|
2005-06-05 20:52:14 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
/* Prototypes for common functions from config.c */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2005-06-05 20:52:14 +00:00
|
|
|
void wpa_config_free(struct wpa_config *ssid);
|
2006-03-07 05:26:33 +00:00
|
|
|
void wpa_config_free_ssid(struct wpa_ssid *ssid);
|
|
|
|
|
struct wpa_ssid * wpa_config_get_network(struct wpa_config *config, int id);
|
|
|
|
|
struct wpa_ssid * wpa_config_add_network(struct wpa_config *config);
|
|
|
|
|
int wpa_config_remove_network(struct wpa_config *config, int id);
|
|
|
|
|
void wpa_config_set_network_defaults(struct wpa_ssid *ssid);
|
|
|
|
|
int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
|
|
|
|
|
int line);
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
char ** wpa_config_get_all(struct wpa_ssid *ssid, int get_keys);
|
2006-03-07 05:26:33 +00:00
|
|
|
char * wpa_config_get(struct wpa_ssid *ssid, const char *var);
|
2007-07-11 15:48:36 +00:00
|
|
|
char * wpa_config_get_no_key(struct wpa_ssid *ssid, const char *var);
|
2006-03-07 05:26:33 +00:00
|
|
|
void wpa_config_update_psk(struct wpa_ssid *ssid);
|
|
|
|
|
int wpa_config_add_prio_network(struct wpa_config *config,
|
|
|
|
|
struct wpa_ssid *ssid);
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
int wpa_config_update_prio_list(struct wpa_config *config);
|
2006-03-07 05:26:33 +00:00
|
|
|
const struct wpa_config_blob * wpa_config_get_blob(struct wpa_config *config,
|
|
|
|
|
const char *name);
|
|
|
|
|
void wpa_config_set_blob(struct wpa_config *config,
|
|
|
|
|
struct wpa_config_blob *blob);
|
|
|
|
|
void wpa_config_free_blob(struct wpa_config_blob *blob);
|
|
|
|
|
int wpa_config_remove_blob(struct wpa_config *config, const char *name);
|
2009-03-01 22:10:07 +00:00
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
|
|
|
|
|
const char *driver_param);
|
2007-07-11 15:48:36 +00:00
|
|
|
#ifndef CONFIG_NO_STDOUT_DEBUG
|
|
|
|
|
void wpa_config_debug_dump_networks(struct wpa_config *config);
|
|
|
|
|
#else /* CONFIG_NO_STDOUT_DEBUG */
|
|
|
|
|
#define wpa_config_debug_dump_networks(c) do { } while (0)
|
|
|
|
|
#endif /* CONFIG_NO_STDOUT_DEBUG */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Prototypes for backend specific functions from the selected config_*.c */
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* wpa_config_read - Read and parse configuration database
|
|
|
|
|
* @name: Name of the configuration (e.g., path and file name for the
|
|
|
|
|
* configuration file)
|
|
|
|
|
* Returns: Pointer to allocated configuration data or %NULL on failure
|
|
|
|
|
*
|
|
|
|
|
* This function reads configuration data, parses its contents, and allocates
|
|
|
|
|
* data structures needed for storing configuration information. The allocated
|
|
|
|
|
* data can be freed with wpa_config_free().
|
|
|
|
|
*
|
|
|
|
|
* Each configuration backend needs to implement this function.
|
|
|
|
|
*/
|
|
|
|
|
struct wpa_config * wpa_config_read(const char *name);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* wpa_config_write - Write or update configuration data
|
|
|
|
|
* @name: Name of the configuration (e.g., path and file name for the
|
|
|
|
|
* configuration file)
|
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
|
* Returns: 0 on success, -1 on failure
|
|
|
|
|
*
|
|
|
|
|
* This function write all configuration data into an external database (e.g.,
|
|
|
|
|
* a text file) in a format that can be read with wpa_config_read(). This can
|
|
|
|
|
* be used to allow wpa_supplicant to update its configuration, e.g., when a
|
|
|
|
|
* new network is added or a password is changed.
|
|
|
|
|
*
|
|
|
|
|
* Each configuration backend needs to implement this function.
|
|
|
|
|
*/
|
|
|
|
|
int wpa_config_write(const char *name, struct wpa_config *config);
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
|
#endif /* CONFIG_H */
|
