* WPA-None requires ap_scan=2:
The major difference between ap_scan=1 (default) and 2 is, that no
IEEE80211_IOC_SCAN* ioctls/functions are called, though, there is a
dependency on those. For example the call to wpa_driver_bsd_scan()
sets the interface UP, this never happens, therefore the interface
must be marked up in wpa_driver_bsd_associate(). IEEE80211_IOC_SSID
also is not called, which means that the SSID has not been set prior
to the IEEE80211_MLME_ASSOC call.
* WPA-None has no support for sequence number updates, it doesn't make
sense to check for replay violations..
* I had some crashes right after the switch to RUN state, issue is
that sc->sc_lastrs was not yet defined.
Approved by: rpaulo (mentor)
MFC after: 3 weeks
directory [1]
- add the FILES section to the wpa_supplicant.conf.5 file, so that people
will be able to detect the example configuration file easier. [2]
PR: docs/121821 [2]
Approved by: brooks [1]
MFC after: 3 days
wpa_supplicant expects that it has exclusive access to the net80211 state so
when its starts poking in the WEP/WPA settings and the card is already
scanning it can cause net80211 to try and associate incorrectly with a
protected AP.
This is an inconvenience for firmware based cards such as iwi where it can be
sent an auth instruction with incomplete security info and cause a firmware
error.
Remove the 'ifconfig up' from network.subr since wpa_supplicant will
immediately down the interface again.
Reported by: Guy Helmer (and others)
Reviewed by: sam, brooks, avatar
MFC after: 3 days
WPA_SUPPLICANT_CFLAGS, etc. (consult the Makefile's for details)
o enable ipv6 support in hostapd (for communication w/ a radius backend)
PR: bin/116164
Submitted by: "Scot Hetzel" <swhetzel@gmail.com>
Approved by: re (gnn)
MFC after: 2 weeks
o unix domain socket to wpa_cli is configured w/ CONFIG_CTRL_IFACE_UNIX
o terminate on last interface option is configured w/ CONFIG_TERMINATE_ONLASTIF
o ndis/Packet32.c fixups to force roaming mode to manual
o document new mixed_cell config knob
Submitted by: thompsa (Packet32.c)
Reviewed by: thompsa, sephe
Approved by: re (hrs)
wep key configure at key indices > 0 and 802.1x/EAPOL operation
with ap's that want the station to install a key at indices > 0.
Hard work by: Joe Love
Reviewed by: avatar
MFC after: 1 week
ENABLE_WPA_SUPPLICANT_EAPOL is no more, now use NO_WPA_SUPPLICANT_EAPOL
to build with only WPA-PSK support.
Reviewed by: ru, bsdimp (basic approach)
MFC after: 1 week
a card is ejected). wpa_supplicant requires that internal events
for interfaces coming+going include a name but after an interface
is removed you cannot use if_indextoname to map the interface index
in the RTM_IFINFO (or RTM_IFANNOUNCE) msg to an interface name.
Instead record the interface index in the driver-private data area
and use that to filter msgs from the routing socket. This insures
that when we have a message to process we know the interface name.
The end result is that we can now dispatch an "interface removed"
event that is understood when notified than an interface went away
(where previously the event dispatched was ignored because the
interface name was unrecognized).
This change also insures we only process events for our interface.
The only downside is that we can no longer wait for an interface
to arrive as we need to map the interface name to an index at
startup. This is not important as wpa_supplicant should be launched
by devd and not include a separate mechanism for doing interface
discovery.
MFC after: 3 days
o use proper api for setting/deleting keys instead of depending
on key indices
o check mac address to decide whether a key is unicast or group/global
o check set_tx on key set to decide whether a group/global key should
also be marked as default
o explicitly set IEEE80211_KEY_GROUP flag for group keys instead of
depending on kernel auto-add kludge
With the above changes static wep key handling works.
Reviewed by: avatar
Approved by: re (scottl)
o reorg driver to consolidate state setup in the associate method
o add set_auth_alg method
o cleanup interface state on deinit
o change associate to use revised MLME ioctl api so we can support
ap_scan=2 methodology
o cleanup associate to support WEP and no cipher cases
o s/__FUNCTION__/__func__/