[pkg-wpa-devel] r1291 - in /wpasupplicant/trunk: debian/ patches/ src/common/ src/crypto/ src/drivers/ src/eap_common/ src/eap_peer/ src/eap_server/ src/hlr_auc_gw/ src/rsn_supp/ wpa_supplicant/ wpa_supplicant/doc/docbook/ wpa_supplicant/wpa_gui-qt4/ wpa_supplicant/wpa_gui-qt4/icons/

kelmo-guest at users.alioth.debian.org kelmo-guest at users.alioth.debian.org
Sun Dec 7 13:49:05 UTC 2008


Author: kelmo-guest
Date: Sun Dec  7 13:49:04 2008
New Revision: 1291

URL: http://svn.debian.org/wsvn/pkg-wpa/?sc=1&rev=1291
Log:
* New upstream release.
* Update debian/copyright to include copyright holders of new source files
  (src/drivers/driver_roboswitch.*).

Added:
    wpasupplicant/trunk/src/drivers/driver_roboswitch.c
      - copied unchanged from r1290, wpasupplicant/branches/upstream/current/src/drivers/driver_roboswitch.c
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/icons_png.qrc
      - copied unchanged from r1290, wpasupplicant/branches/upstream/current/wpa_supplicant/wpa_gui-qt4/icons_png.qrc
Modified:
    wpasupplicant/trunk/debian/changelog
    wpasupplicant/trunk/debian/copyright
    wpasupplicant/trunk/patches/openssl-0.9.9-session-ticket.patch
    wpasupplicant/trunk/src/common/version.h
    wpasupplicant/trunk/src/crypto/tls_openssl.c
    wpasupplicant/trunk/src/drivers/driver.h
    wpasupplicant/trunk/src/drivers/driver_broadcom.c
    wpasupplicant/trunk/src/drivers/driver_ndis.c
    wpasupplicant/trunk/src/drivers/driver_wext.c
    wpasupplicant/trunk/src/drivers/drivers.c
    wpasupplicant/trunk/src/eap_common/eap_sim_common.c
    wpasupplicant/trunk/src/eap_common/eap_sim_common.h
    wpasupplicant/trunk/src/eap_peer/eap.c
    wpasupplicant/trunk/src/eap_peer/eap_aka.c
    wpasupplicant/trunk/src/eap_peer/eap_config.h
    wpasupplicant/trunk/src/eap_peer/eap_fast.c
    wpasupplicant/trunk/src/eap_peer/eap_peap.c
    wpasupplicant/trunk/src/eap_peer/eap_sim.c
    wpasupplicant/trunk/src/eap_peer/eap_tls.c
    wpasupplicant/trunk/src/eap_peer/eap_tls_common.c
    wpasupplicant/trunk/src/eap_server/eap_aka.c
    wpasupplicant/trunk/src/eap_server/eap_fast.c
    wpasupplicant/trunk/src/eap_server/eap_tls.c
    wpasupplicant/trunk/src/hlr_auc_gw/milenage.c
    wpasupplicant/trunk/src/hlr_auc_gw/milenage.h
    wpasupplicant/trunk/src/rsn_supp/wpa.c
    wpasupplicant/trunk/src/rsn_supp/wpa.h
    wpasupplicant/trunk/src/rsn_supp/wpa_i.h
    wpasupplicant/trunk/wpa_supplicant/ChangeLog
    wpasupplicant/trunk/wpa_supplicant/Makefile
    wpasupplicant/trunk/wpa_supplicant/README
    wpasupplicant/trunk/wpa_supplicant/README-Windows.txt
    wpasupplicant/trunk/wpa_supplicant/config.c
    wpasupplicant/trunk/wpa_supplicant/config_file.c
    wpasupplicant/trunk/wpa_supplicant/config_ssid.h
    wpasupplicant/trunk/wpa_supplicant/config_winreg.c
    wpasupplicant/trunk/wpa_supplicant/defconfig
    wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.conf.sgml
    wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.sgml
    wpasupplicant/trunk/wpa_supplicant/eap_testing.txt
    wpasupplicant/trunk/wpa_supplicant/events.c
    wpasupplicant/trunk/wpa_supplicant/scan.c
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/icons/Makefile
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/main.cpp
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/scanresults.cpp
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro
    wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp
    wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c
    wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf
    wpasupplicant/trunk/wpa_supplicant/wpa_supplicant_i.h
    wpasupplicant/trunk/wpa_supplicant/wpas_glue.c

Modified: wpasupplicant/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/debian/changelog?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/debian/changelog (original)
+++ wpasupplicant/trunk/debian/changelog Sun Dec  7 13:49:04 2008
@@ -1,3 +1,11 @@
+wpasupplicant (0.6.6-1) experimental; urgency=low
+
+  * New upstream release.
+  * Update debian/copyright to include copyright holders of new source files
+    (src/drivers/driver_roboswitch.*).
+
+ -- Kel Modderman <kel at otaku42.de>  Sun, 07 Dec 2008 23:43:59 +1000
+
 wpasupplicant (0.6.5-2) experimental; urgency=low
 
   * Bugfix: "Missing -d in testing for a directory in init script". 

Modified: wpasupplicant/trunk/debian/copyright
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/debian/copyright?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/debian/copyright (original)
+++ wpasupplicant/trunk/debian/copyright Sun Dec  7 13:49:04 2008
@@ -56,6 +56,10 @@
 Copyright: Copyright (c) 2007, Snowpin Lee <snowpin_lee at ralinktech.com.tw>
 License: BSD | GPL-2
 
+Files: src/drivers/driver_roboswitch.*
+Copyright: Copyright (c) 2008 Jouke Witteveen
+License: BSD | GPL-2
+
 Files: src/l2_packet/l2_packet_freebsd.c
 Copyright: Copyright (c) 2003-2005, Jouni Malinen <j at w1.fi>
 Copyright: Copyright (c) 2005, Sam Leffler <sam at errno.com>

Modified: wpasupplicant/trunk/patches/openssl-0.9.9-session-ticket.patch
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/patches/openssl-0.9.9-session-ticket.patch?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/patches/openssl-0.9.9-session-ticket.patch (original)
+++ wpasupplicant/trunk/patches/openssl-0.9.9-session-ticket.patch Sun Dec  7 13:49:04 2008
@@ -6,32 +6,35 @@
 
 
 
-Index: openssl-SNAP-20080928/ssl/s3_clnt.c
-===================================================================
---- openssl-SNAP-20080928.orig/ssl/s3_clnt.c
-+++ openssl-SNAP-20080928/ssl/s3_clnt.c
-@@ -788,6 +788,20 @@ int ssl3_get_server_hello(SSL *s)
+Index: openssl-SNAP-20081111/ssl/s3_clnt.c
+===================================================================
+--- openssl-SNAP-20081111.orig/ssl/s3_clnt.c
++++ openssl-SNAP-20081111/ssl/s3_clnt.c
+@@ -788,6 +788,23 @@ int ssl3_get_server_hello(SSL *s)
  		goto f_err;
  		}
  
 +#ifndef OPENSSL_NO_TLSEXT
 +	/* check if we want to resume the session based on external pre-shared secret */
 +	if (s->version >= TLS1_VERSION && s->tls_session_secret_cb)
-+	{
++		{
 +		SSL_CIPHER *pref_cipher=NULL;
 +		s->session->master_key_length=sizeof(s->session->master_key);
-+		if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length,
-+			NULL, &pref_cipher, s->tls_session_secret_cb_arg))
-+		{
-+			s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j);
++		if (s->tls_session_secret_cb(s, s->session->master_key,
++					     &s->session->master_key_length,
++					     NULL, &pref_cipher,
++					     s->tls_session_secret_cb_arg))
++			{
++			s->session->cipher = pref_cipher ?
++				pref_cipher : ssl_get_cipher_by_char(s, p+j);
++			}
 +		}
-+	}
 +#endif /* OPENSSL_NO_TLSEXT */
 +
  	if (j != 0 && j == s->session->session_id_length
  	    && memcmp(p,s->session->session_id,j) == 0)
  	    {
-@@ -2927,11 +2941,8 @@ static int ssl3_check_finished(SSL *s)
+@@ -2927,11 +2944,8 @@ static int ssl3_check_finished(SSL *s)
  	{
  	int ok;
  	long n;
@@ -45,10 +48,10 @@
  		return 1;
  	/* this function is called when we really expect a Certificate
  	 * message, so permit appropriate message length */
-Index: openssl-SNAP-20080928/ssl/s3_srvr.c
-===================================================================
---- openssl-SNAP-20080928.orig/ssl/s3_srvr.c
-+++ openssl-SNAP-20080928/ssl/s3_srvr.c
+Index: openssl-SNAP-20081111/ssl/s3_srvr.c
+===================================================================
+--- openssl-SNAP-20081111.orig/ssl/s3_srvr.c
++++ openssl-SNAP-20081111/ssl/s3_srvr.c
 @@ -1010,6 +1010,59 @@ int ssl3_get_client_hello(SSL *s)
  			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
  			goto err;
@@ -65,20 +68,20 @@
 +		pos=s->s3->server_random;
 +		l2n(Time,pos);
 +		if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0)
-+		{
++			{
 +			al=SSL_AD_INTERNAL_ERROR;
 +			goto f_err;
-+		}
++			}
 +	}
 +
 +	if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb)
-+	{
++		{
 +		SSL_CIPHER *pref_cipher=NULL;
 +
 +		s->session->master_key_length=sizeof(s->session->master_key);
 +		if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length,
 +			ciphers, &pref_cipher, s->tls_session_secret_cb_arg))
-+		{
++			{
 +			s->hit=1;
 +			s->session->ciphers=ciphers;
 +			s->session->verify_result=X509_V_OK;
@@ -104,8 +107,8 @@
 +
 +			s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
 +			s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
++			}
 +		}
-+	}
  #endif
  
  	/* Worst case, we will use the NULL compression, but if we have other
@@ -133,27 +136,27 @@
  		/* Do the message type and length last */
  		d=p= &(buf[4]);
  
-Index: openssl-SNAP-20080928/ssl/ssl_err.c
-===================================================================
---- openssl-SNAP-20080928.orig/ssl/ssl_err.c
-+++ openssl-SNAP-20080928/ssl/ssl_err.c
+Index: openssl-SNAP-20081111/ssl/ssl_err.c
+===================================================================
+--- openssl-SNAP-20081111.orig/ssl/ssl_err.c
++++ openssl-SNAP-20081111/ssl/ssl_err.c
 @@ -263,6 +263,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
  {ERR_FUNC(SSL_F_TLS1_PRF),	"tls1_prf"},
  {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK),	"TLS1_SETUP_KEY_BLOCK"},
  {ERR_FUNC(SSL_F_WRITE_PENDING),	"WRITE_PENDING"},
-+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"},
++{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"},
  {0,NULL}
  	};
  
-Index: openssl-SNAP-20080928/ssl/ssl.h
-===================================================================
---- openssl-SNAP-20080928.orig/ssl/ssl.h
-+++ openssl-SNAP-20080928/ssl/ssl.h
+Index: openssl-SNAP-20081111/ssl/ssl.h
+===================================================================
+--- openssl-SNAP-20081111.orig/ssl/ssl.h
++++ openssl-SNAP-20081111/ssl/ssl.h
 @@ -355,6 +355,7 @@ extern "C" {
   * 'struct ssl_st *' function parameters used to prototype callbacks
   * in SSL_CTX. */
  typedef struct ssl_st *ssl_crock_st;
-+typedef struct tls_extension_st TLS_EXTENSION;
++typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
  
  /* used to hold info on the particular ciphers used */
  typedef struct ssl_cipher_st
@@ -170,8 +173,8 @@
  	void *tlsext_opaque_prf_input;
  	size_t tlsext_opaque_prf_input_len;
  
-+	/* TLS extensions */
-+	TLS_EXTENSION *tls_extension;
++	/* TLS Session Ticket extension override */
++	TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
 +
 +	/* TLS pre-shared secret session resumption */
 +	tls_session_secret_cb_fn tls_session_secret_cb;
@@ -180,12 +183,16 @@
  	SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
  #define session_ctx initial_ctx
  #else
-@@ -1746,6 +1756,12 @@ void *SSL_COMP_get_compression_methods(v
+@@ -1746,6 +1756,16 @@ void *SSL_COMP_get_compression_methods(v
  int SSL_COMP_add_compression_method(int id,void *cm);
  #endif
  
++/* NOTE: This function will be removed; it is only here for backwards
++ * compatibility for the API during testing. */
++int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len);
++
 +/* TLS extensions functions */
-+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len);
++int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
 +
 +/* Pre-shared secret session resumption functions */
 +int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
@@ -193,114 +200,123 @@
  /* BEGIN ERROR CODES */
  /* The following lines are auto generated by the script mkerr.pl. Any changes
   * made after this point may be overwritten when the script is next run.
-@@ -1948,6 +1964,7 @@ void ERR_load_SSL_strings(void);
+@@ -1948,6 +1968,7 @@ void ERR_load_SSL_strings(void);
  #define SSL_F_TLS1_PRF					 284
  #define SSL_F_TLS1_SETUP_KEY_BLOCK			 211
  #define SSL_F_WRITE_PENDING				 212
-+#define SSL_F_SSL_SET_HELLO_EXTENSION			 213
++#define SSL_F_SSL_SET_SESSION_TICKET_EXT		 213
  
  /* Reason codes. */
  #define SSL_R_APP_DATA_IN_HANDSHAKE			 100
-Index: openssl-SNAP-20080928/ssl/ssl_sess.c
-===================================================================
---- openssl-SNAP-20080928.orig/ssl/ssl_sess.c
-+++ openssl-SNAP-20080928/ssl/ssl_sess.c
-@@ -834,6 +834,52 @@ long SSL_CTX_get_timeout(const SSL_CTX *
+Index: openssl-SNAP-20081111/ssl/ssl_sess.c
+===================================================================
+--- openssl-SNAP-20081111.orig/ssl/ssl_sess.c
++++ openssl-SNAP-20081111/ssl/ssl_sess.c
+@@ -834,6 +834,62 @@ long SSL_CTX_get_timeout(const SSL_CTX *
  	return(s->session_timeout);
  	}
  
 +#ifndef OPENSSL_NO_TLSEXT
 +int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len,
 +	STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg)
-+{
++	{
 +	if (s == NULL) return(0);
 +	s->tls_session_secret_cb = tls_session_secret_cb;
 +	s->tls_session_secret_cb_arg = arg;
 +	return(1);
-+}
-+
++	}
++
++int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
++	{
++	if (s->version >= TLS1_VERSION)
++		{
++		if (s->tlsext_session_ticket)
++			{
++			OPENSSL_free(s->tlsext_session_ticket);
++			s->tlsext_session_ticket = NULL;
++			}
++
++		s->tlsext_session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
++		if (!s->tlsext_session_ticket)
++			{
++			SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
++			return 0;
++			}
++
++		if (ext_data)
++			{
++			s->tlsext_session_ticket->length = ext_len;
++			s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1;
++			memcpy(s->tlsext_session_ticket->data, ext_data, ext_len);
++			}
++		else
++			{
++			s->tlsext_session_ticket->length = 0;
++			s->tlsext_session_ticket->data = NULL;
++			}
++
++		return 1;
++		}
++
++	return 0;
++	}
++
++/* NOTE: This function will be removed; it is only here for backwards
++ * compatibility for the API during testing. */
 +int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len)
-+{
-+	if(s->version >= TLS1_VERSION)
-+	{
-+		if(s->tls_extension)
-+		{
-+			OPENSSL_free(s->tls_extension);
-+			s->tls_extension = NULL;
-+		}
-+
-+		s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len);
-+		if(!s->tls_extension)
-+		{
-+			SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE);
-+			return 0;
-+		}
-+
-+		s->tls_extension->type = ext_type;
-+
-+		if(ext_data)
-+		{
-+			s->tls_extension->length = ext_len;
-+			s->tls_extension->data = s->tls_extension + 1;
-+			memcpy(s->tls_extension->data, ext_data, ext_len);
-+		} else {
-+			s->tls_extension->length = 0;
-+			s->tls_extension->data = NULL;
-+		}
-+
-+		return 1;
++	{
++	if (ext_type != TLSEXT_TYPE_session_ticket)
++		return 0;
++
++	return SSL_set_session_ticket_ext(s, ext_data, ext_len);
 +	}
-+
-+	return 0;
-+}
 +#endif /* OPENSSL_NO_TLSEXT */
 +
  typedef struct timeout_param_st
  	{
  	SSL_CTX *ctx;
-Index: openssl-SNAP-20080928/ssl/t1_lib.c
-===================================================================
---- openssl-SNAP-20080928.orig/ssl/t1_lib.c
-+++ openssl-SNAP-20080928/ssl/t1_lib.c
+Index: openssl-SNAP-20081111/ssl/t1_lib.c
+===================================================================
+--- openssl-SNAP-20081111.orig/ssl/t1_lib.c
++++ openssl-SNAP-20081111/ssl/t1_lib.c
 @@ -154,6 +154,12 @@ int tls1_new(SSL *s)
  
  void tls1_free(SSL *s)
  	{
 +#ifndef OPENSSL_NO_TLSEXT
-+	if(s->tls_extension)
-+	{
-+		OPENSSL_free(s->tls_extension);
-+	}
-+#endif
++	if (s->tlsext_session_ticket)
++		{
++		OPENSSL_free(s->tlsext_session_ticket);
++		}
++#endif /* OPENSSL_NO_TLSEXT */
  	ssl3_free(s);
  	}
  
-@@ -357,8 +363,24 @@ unsigned char *ssl_add_clienthello_tlsex
+@@ -357,8 +363,23 @@ unsigned char *ssl_add_clienthello_tlsex
  		int ticklen;
  		if (s->session && s->session->tlsext_tick)
  			ticklen = s->session->tlsext_ticklen;
-+		else if (s->session && s->tls_extension &&
-+			s->tls_extension->type == TLSEXT_TYPE_session_ticket &&
-+			s->tls_extension->data)
-+		{
-+			ticklen = s->tls_extension->length;
++		else if (s->session && s->tlsext_session_ticket &&
++			 s->tlsext_session_ticket->data)
++			{
++			ticklen = s->tlsext_session_ticket->length;
 +			s->session->tlsext_tick = OPENSSL_malloc(ticklen);
 +			if (!s->session->tlsext_tick)
 +				return NULL;
-+			memcpy(s->session->tlsext_tick, s->tls_extension->data,
++			memcpy(s->session->tlsext_tick,
++			       s->tlsext_session_ticket->data,
 +			       ticklen);
 +			s->session->tlsext_ticklen = ticklen;
-+		}
++			}
  		else
  			ticklen = 0;
-+		if (ticklen == 0 && s->tls_extension &&
-+		    s->tls_extension->type == TLSEXT_TYPE_session_ticket &&
-+		    s->tls_extension->data == NULL)
++		if (ticklen == 0 && s->tlsext_session_ticket &&
++		    s->tlsext_session_ticket->data == NULL)
 +			goto skip_ext;
  		/* Check for enough room 2 for extension type, 2 for len
   		 * rest for ticket
    		 */
-@@ -371,6 +393,7 @@ unsigned char *ssl_add_clienthello_tlsex
+@@ -371,6 +392,7 @@ unsigned char *ssl_add_clienthello_tlsex
  			ret += ticklen;
  			}
  		}
@@ -308,7 +324,7 @@
  
  #ifdef TLSEXT_TYPE_opaque_prf_input
  	if (s->s3->client_opaque_prf_input != NULL)
-@@ -1435,6 +1458,15 @@ int tls1_process_ticket(SSL *s, unsigned
+@@ -1435,6 +1457,15 @@ int tls1_process_ticket(SSL *s, unsigned
  				s->tlsext_ticket_expected = 1;
  				return 0;	/* Cache miss */
  				}
@@ -324,32 +340,31 @@
  			return tls_decrypt_ticket(s, p, size, session_id, len,
  									ret);
  			}
-Index: openssl-SNAP-20080928/ssl/tls1.h
-===================================================================
---- openssl-SNAP-20080928.orig/ssl/tls1.h
-+++ openssl-SNAP-20080928/ssl/tls1.h
-@@ -512,6 +512,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
+Index: openssl-SNAP-20081111/ssl/tls1.h
+===================================================================
+--- openssl-SNAP-20081111.orig/ssl/tls1.h
++++ openssl-SNAP-20081111/ssl/tls1.h
+@@ -512,6 +512,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
  #define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"  /*master secret*/
  #endif
  
-+/* TLS extension struct */
-+struct tls_extension_st
-+{
-+	unsigned short type;
++/* TLS Session Ticket extension struct */
++struct tls_session_ticket_ext_st
++	{
 +	unsigned short length;
 +	void *data;
-+};
++	};
 +
  #ifdef  __cplusplus
  }
  #endif
-Index: openssl-SNAP-20080928/util/ssleay.num
-===================================================================
---- openssl-SNAP-20080928.orig/util/ssleay.num
-+++ openssl-SNAP-20080928/util/ssleay.num
+Index: openssl-SNAP-20081111/util/ssleay.num
+===================================================================
+--- openssl-SNAP-20081111.orig/util/ssleay.num
++++ openssl-SNAP-20081111/util/ssleay.num
 @@ -254,3 +254,5 @@ PEM_read_bio_SSL_SESSION                
  SSL_CTX_set_psk_server_callback         303	EXIST::FUNCTION:PSK
  SSL_get_psk_identity                    304	EXIST::FUNCTION:PSK
  PEM_write_SSL_SESSION                   305	EXIST:!WIN16:FUNCTION:
-+SSL_set_hello_extension			306	EXIST::FUNCTION:TLSEXT
++SSL_set_session_ticket_ext		306	EXIST::FUNCTION:TLSEXT
 +SSL_set_session_secret_cb		307	EXIST::FUNCTION:TLSEXT

Modified: wpasupplicant/trunk/src/common/version.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/common/version.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/common/version.h (original)
+++ wpasupplicant/trunk/src/common/version.h Sun Dec  7 13:49:04 2008
@@ -1,6 +1,6 @@
 #ifndef VERSION_H
 #define VERSION_H
 
-#define VERSION_STR "0.6.5"
+#define VERSION_STR "0.6.6"
 
 #endif /* VERSION_H */

Modified: wpasupplicant/trunk/src/crypto/tls_openssl.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/tls_openssl.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/tls_openssl.c (original)
+++ wpasupplicant/trunk/src/crypto/tls_openssl.c Sun Dec  7 13:49:04 2008
@@ -1,6 +1,6 @@
 /*
  * WPA Supplicant / SSL/TLS interface functions for openssl
- * Copyright (c) 2004-2007, Jouni Malinen <j at w1.fi>
+ * Copyright (c) 2004-2008, Jouni Malinen <j at w1.fi>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
@@ -35,6 +35,16 @@
 #define OPENSSL_d2i_TYPE const unsigned char **
 #else
 #define OPENSSL_d2i_TYPE unsigned char **
+#endif
+
+#if OPENSSL_VERSION_NUMBER >= 0x00909000L
+#ifdef SSL_OP_NO_TICKET
+/*
+ * Session ticket override patch was merged into OpenSSL 0.9.9 tree on
+ * 2008-11-15. This version uses a bit different API compared to the old patch.
+ */
+#define CONFIG_OPENSSL_TICKET_OVERRIDE
+#endif
 #endif
 
 static int tls_openssl_ref_count = 0;
@@ -2333,12 +2343,18 @@
 				    int ext_type, const u8 *data,
 				    size_t data_len)
 {
-	if (conn == NULL || conn->ssl == NULL)
-		return -1;
-
+	if (conn == NULL || conn->ssl == NULL || ext_type != 35)
+		return -1;
+
+#ifdef CONFIG_OPENSSL_TICKET_OVERRIDE
+	if (SSL_set_session_ticket_ext(conn->ssl, (void *) data,
+				       data_len) != 1)
+		return -1;
+#else /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 	if (SSL_set_hello_extension(conn->ssl, ext_type, (void *) data,
 				    data_len) != 1)
 		return -1;
+#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 
 	return 0;
 }
@@ -2564,6 +2580,33 @@
 }
 
 
+#ifdef CONFIG_OPENSSL_TICKET_OVERRIDE
+static int tls_session_ticket_ext_cb(SSL *s, const unsigned char *data,
+				     int len, void *arg)
+{
+	struct tls_connection *conn = arg;
+
+	if (conn == NULL || conn->session_ticket_cb == NULL)
+		return 0;
+
+	wpa_printf(MSG_DEBUG, "OpenSSL: %s: length=%d", __func__, len);
+
+	os_free(conn->session_ticket);
+	conn->session_ticket = NULL;
+
+	wpa_hexdump(MSG_DEBUG, "OpenSSL: ClientHello SessionTicket "
+		    "extension", data, len);
+
+	conn->session_ticket = os_malloc(len);
+	if (conn->session_ticket == NULL)
+		return 0;
+
+	os_memcpy(conn->session_ticket, data, len);
+	conn->session_ticket_len = len;
+
+	return 1;
+}
+#else /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 #ifdef SSL_OP_NO_TICKET
 static void tls_hello_ext_cb(SSL *s, int client_server, int type,
 			     unsigned char *data, int len, void *arg)
@@ -2618,6 +2661,7 @@
 	return 0;
 }
 #endif /* SSL_OP_NO_TICKET */
+#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 #endif /* EAP_FAST || EAP_FAST_DYNAMIC */
 
 
@@ -2634,6 +2678,10 @@
 		if (SSL_set_session_secret_cb(conn->ssl, tls_sess_sec_cb,
 					      conn) != 1)
 			return -1;
+#ifdef CONFIG_OPENSSL_TICKET_OVERRIDE
+		SSL_set_session_ticket_ext_cb(conn->ssl,
+					      tls_session_ticket_ext_cb, conn);
+#else /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 #ifdef SSL_OP_NO_TICKET
 		SSL_set_tlsext_debug_callback(conn->ssl, tls_hello_ext_cb);
 		SSL_set_tlsext_debug_arg(conn->ssl, conn);
@@ -2642,9 +2690,13 @@
 					       conn) != 1)
 			return -1;
 #endif /* SSL_OP_NO_TICKET */
+#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 	} else {
 		if (SSL_set_session_secret_cb(conn->ssl, NULL, NULL) != 1)
 			return -1;
+#ifdef CONFIG_OPENSSL_TICKET_OVERRIDE
+		SSL_set_session_ticket_ext_cb(conn->ssl, NULL, NULL);
+#else /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 #ifdef SSL_OP_NO_TICKET
 		SSL_set_tlsext_debug_callback(conn->ssl, NULL);
 		SSL_set_tlsext_debug_arg(conn->ssl, conn);
@@ -2652,6 +2704,7 @@
 		if (SSL_set_hello_extension_cb(conn->ssl, NULL, NULL) != 1)
 			return -1;
 #endif /* SSL_OP_NO_TICKET */
+#endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
 	}
 
 	return 0;

Modified: wpasupplicant/trunk/src/drivers/driver.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/driver.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/driver.h (original)
+++ wpasupplicant/trunk/src/drivers/driver.h Sun Dec  7 13:49:04 2008
@@ -711,7 +711,7 @@
 	 * @priv: private driver interface data
 	 *
 	 * Returns: Pointer to the interface name. This can differ from the
-	 * interface name used in init() call.
+	 * interface name used in init() call. Init() is called first.
 	 *
 	 * This optional function can be used to allow the driver interface to
 	 * replace the interface name with something else, e.g., based on an
@@ -944,6 +944,13 @@
 	 */
 	int (*set_mode)(void *priv, int mode);
 };
+
+/* Function to check whether a driver is for wired connections */
+static inline int IS_WIRED(const struct wpa_driver_ops *drv)
+{
+	return os_strcmp(drv->name, "wired") == 0 ||
+		os_strcmp(drv->name, "roboswitch") == 0;
+}
 
 /**
  * enum wpa_event_type - Event type for wpa_supplicant_event() calls

Modified: wpasupplicant/trunk/src/drivers/driver_broadcom.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/driver_broadcom.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/driver_broadcom.c (original)
+++ wpasupplicant/trunk/src/drivers/driver_broadcom.c Sun Dec  7 13:49:04 2008
@@ -488,8 +488,9 @@
 		wbi = (wl_bss_info_t *) ((u8 *) wbi + wbi->length);
 	}
 
-	wpa_printf(MSG_MSGDUMP, "Received %d bytes of scan results (%d BSSes)",
-		   wsr->buflen, ap_num);
+	wpa_printf(MSG_MSGDUMP, "Received %d bytes of scan results (%lu "
+		   "BSSes)",
+		   wsr->buflen, (unsigned long) ap_num);
 	
 	os_free(buf);
 	return ap_num;

Modified: wpasupplicant/trunk/src/drivers/driver_ndis.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/driver_ndis.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/driver_ndis.c (original)
+++ wpasupplicant/trunk/src/drivers/driver_ndis.c Sun Dec  7 13:49:04 2008
@@ -731,6 +731,32 @@
 }
 
 
+static struct wpa_scan_res * wpa_driver_ndis_add_scan_ssid(
+	struct wpa_scan_res *r, NDIS_802_11_SSID *ssid)
+{
+	struct wpa_scan_res *nr;
+	u8 *pos;
+
+	if (wpa_scan_get_ie(r, WLAN_EID_SSID))
+		return r; /* SSID IE already present */
+
+	if (ssid->SsidLength == 0 || ssid->SsidLength > 32)
+		return r; /* No valid SSID inside scan data */
+
+	nr = os_realloc(r, sizeof(*r) + r->ie_len + 2 + ssid->SsidLength);
+	if (nr == NULL)
+		return r;
+
+	pos = ((u8 *) (nr + 1)) + nr->ie_len;
+	*pos++ = WLAN_EID_SSID;
+	*pos++ = ssid->SsidLength;
+	os_memcpy(pos, ssid->Ssid, ssid->SsidLength);
+	nr->ie_len += 2 + ssid->SsidLength;
+
+	return nr;
+}
+
+
 static struct wpa_scan_results * wpa_driver_ndis_get_scan_results(void *priv)
 {
 	struct wpa_driver_ndis_data *drv = priv;
@@ -804,6 +830,7 @@
 		os_memcpy(r + 1, bss->IEs + sizeof(NDIS_802_11_FIXED_IEs),
 			  bss->IELength - sizeof(NDIS_802_11_FIXED_IEs));
 		r->ie_len = bss->IELength - sizeof(NDIS_802_11_FIXED_IEs);
+		r = wpa_driver_ndis_add_scan_ssid(r, &bss->Ssid);
 
 		results->res[results->num++] = r;
 

Modified: wpasupplicant/trunk/src/drivers/driver_wext.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/driver_wext.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/driver_wext.c (original)
+++ wpasupplicant/trunk/src/drivers/driver_wext.c Sun Dec  7 13:49:04 2008
@@ -30,126 +30,6 @@
 #include "driver_wext.h"
 #include "ieee802_11_defs.h"
 #include "wpa_common.h"
-
-#ifdef CONFIG_CLIENT_MLME
-#include <netpacket/packet.h>
-/* old definitions from net/mac80211 */
-
-typedef u32 __bitwise __be32;
-typedef u64 __bitwise __be64;
-
-#define PRISM2_IOCTL_PRISM2_PARAM (SIOCIWFIRSTPRIV + 0)
-#define PRISM2_IOCTL_GET_PRISM2_PARAM (SIOCIWFIRSTPRIV + 1)
-#define PRISM2_IOCTL_HOSTAPD (SIOCIWFIRSTPRIV + 3)
-
-#define PRISM2_PARAM_USER_SPACE_MLME 1045
-#define PRISM2_PARAM_MGMT_IF		1046
-#define PRISM2_HOSTAPD_ADD_STA 2
-#define PRISM2_HOSTAPD_REMOVE_STA 3
-#define PRISM2_HOSTAPD_GET_HW_FEATURES	1002
-#define PRISM2_HOSTAPD_MAX_BUF_SIZE	2048
-
-#ifndef ALIGNED
-#define ALIGNED __attribute__ ((aligned))
-#endif
-
-struct prism2_hostapd_param {
-	u32 cmd;
-	u8 sta_addr[ETH_ALEN];
-	u8 pad[2];
-	union {
-		struct {
-			u16 aid;
-			u16 capability;
-			u8 supp_rates[32];
-			u8 wds_flags;
-#define IEEE80211_STA_DYNAMIC_ENC BIT(0)
-			u8 enc_flags;
-			u16 listen_interval;
-		} add_sta;
-		struct {
-			u16 num_modes;
-			u16 flags;
-			u8 data[0] ALIGNED; /* num_modes * feature data */
-		} hw_features;
-		struct {
-			u16 mode; /* MODE_* */
-			u16 num_supported_rates;
-			u16 num_basic_rates;
-			u8 data[0] ALIGNED; /* num_supported_rates * u16 +
-					     * num_basic_rates * u16 */
-		} set_rate_sets;
-		struct {
-			u16 mode; /* MODE_* */
-			u16 chan;
-			u32 flag;
-			u8 power_level; /* regulatory limit in dBm */
-			u8 antenna_max;
-		} set_channel_flag;
-		struct {
-			u32 rd;
-		} set_regulatory_domain;
-		struct {
-			u32 queue;
-			s32 aifs;
-			u32 cw_min;
-			u32 cw_max;
-			u32 burst_time; /* maximum burst time in 0.1 ms, i.e.,
-					 * 10 = 1 ms */
-		} tx_queue_params;
-	} u;
-};
-
-struct hostapd_ioctl_hw_modes_hdr {
-	int mode;
-	int num_channels;
-	int num_rates;
-};
-
-/*
- * frame format for the management interface that is slated
- * to be replaced by "cooked monitor" with radiotap
- */
-#define IEEE80211_FI_VERSION 0x80211001
-struct ieee80211_frame_info {
-	__be32 version;
-	__be32 length;
-	__be64 mactime;
-	__be64 hosttime;
-	__be32 phytype;
-	__be32 channel;
-	__be32 datarate;
-	__be32 antenna;
-	__be32 priority;
-	__be32 ssi_type;
-	__be32 ssi_signal;
-	__be32 ssi_noise;
-	__be32 preamble;
-	__be32 encoding;
-
-	/* Note: this structure is otherwise identical to capture format used
-	 * in linux-wlan-ng, but this additional field is used to provide meta
-	 * data about the frame to hostapd. This was the easiest method for
-	 * providing this information, but this might change in the future. */
-	__be32 msg_type;
-} __attribute__ ((packed));
-
-/* old mode definitions */
-enum {
-	MODE_IEEE80211A = 0 /* IEEE 802.11a */,
-	MODE_IEEE80211B = 1 /* IEEE 802.11b only */,
-	MODE_ATHEROS_TURBO = 2 /* Atheros Turbo mode (2x.11a at 5 GHz) */,
-	MODE_IEEE80211G = 3 /* IEEE 802.11g (and 802.11b compatibility) */,
-	MODE_ATHEROS_TURBOG = 4 /* Atheros Turbo mode (2x.11g at 2.4 GHz) */,
-	NUM_IEEE80211_MODES = 5
-};
-
-#ifndef ETH_P_ALL
-#define ETH_P_ALL 0x0003
-#endif
-#endif /* CONFIG_CLIENT_MLME */
-
-
 
 
 static int wpa_driver_wext_flush_pmkid(void *priv);
@@ -999,46 +879,6 @@
 }
 
 
-#ifdef CONFIG_CLIENT_MLME
-
-static int wpa_driver_prism2_param_set(struct wpa_driver_wext_data *drv,
-				       int param, int value)
-{
-	struct iwreq iwr;
-	int *i;
-
-	os_memset(&iwr, 0, sizeof(iwr));
-	os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
-	i = (int *) iwr.u.name;
-	*i++ = param;
-	*i++ = value;
-
-	return ioctl(drv->ioctl_sock, PRISM2_IOCTL_PRISM2_PARAM, &iwr);
-}
-
-
-static int wpa_driver_prism2_param_get(struct wpa_driver_wext_data *drv,
-				       int param)
-{
-	struct iwreq iwr;
-	int *i;
-
-	os_memset(&iwr, 0, sizeof(iwr));
-	os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
-	i = (int *) iwr.u.name;
-	*i = param;
-
-	if (ioctl(drv->ioctl_sock, PRISM2_IOCTL_GET_PRISM2_PARAM, &iwr) < 0) {
-		perror("ioctl[PRISM2_IOCTL_GET_PRISM2_PARAM]");
-		return -1;
-	}
-
-	return *i;
-}
-
-#endif /* CONFIG_CLIENT_MLME */
-
-
 /**
  * wpa_driver_wext_set_ifflags - Set interface flags (SIOCSIFFLAGS)
  * @drv: driver_wext private data
@@ -1192,18 +1032,6 @@
 
 	if (wpa_driver_wext_get_ifflags(drv, &flags) == 0)
 		(void) wpa_driver_wext_set_ifflags(drv, flags & ~IFF_UP);
-
-#ifdef CONFIG_CLIENT_MLME
-	if (drv->mlmedev[0]) {
-		if (wpa_driver_wext_get_ifflags_ifname(drv, drv->mlmedev,
-						       &flags) == 0)
-			(void) wpa_driver_wext_set_ifflags_ifname(
-				drv, drv->mlmedev, flags & ~IFF_UP);
-		wpa_driver_prism2_param_set(drv, PRISM2_PARAM_MGMT_IF, 0);
-		wpa_driver_prism2_param_set(drv, PRISM2_PARAM_USER_SPACE_MLME,
-					    0);
-	}
-#endif /* CONFIG_CLIENT_MLME */
 
 	close(drv->event_sock);
 	close(drv->ioctl_sock);
@@ -2463,304 +2291,6 @@
 }
 
 
-#ifdef CONFIG_CLIENT_MLME
-static int hostapd_ioctl(struct wpa_driver_wext_data *drv,
-			 struct prism2_hostapd_param *param, int len)
-{
-	struct iwreq iwr;
-
-	os_memset(&iwr, 0, sizeof(iwr));
-	os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
-	iwr.u.data.pointer = (caddr_t) param;
-	iwr.u.data.length = len;
-
-	if (ioctl(drv->ioctl_sock, PRISM2_IOCTL_HOSTAPD, &iwr) < 0) {
-		perror("ioctl[PRISM2_IOCTL_HOSTAPD]");
-		return -1;
-	}
-
-	return 0;
-}
-
-
-static struct wpa_hw_modes *
-wpa_driver_wext_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
-{
-	struct wpa_driver_wext_data *drv = priv;
-	struct prism2_hostapd_param *param;
-	u8 *pos, *end;
-	struct wpa_hw_modes *modes = NULL;
-	int i;
-
-	param = os_zalloc(PRISM2_HOSTAPD_MAX_BUF_SIZE);
-	if (param == NULL)
-		return NULL;
-	param->cmd = PRISM2_HOSTAPD_GET_HW_FEATURES;
-
-	if (hostapd_ioctl(drv, param, PRISM2_HOSTAPD_MAX_BUF_SIZE) < 0) {
-		perror("ioctl[PRISM2_IOCTL_HOSTAPD]");
-		goto out;
-	}
-
-	*num_modes = param->u.hw_features.num_modes;
-	*flags = param->u.hw_features.flags;
-
-	pos = param->u.hw_features.data;
-	end = pos + PRISM2_HOSTAPD_MAX_BUF_SIZE -
-		(param->u.hw_features.data - (u8 *) param);
-
-	modes = os_zalloc(*num_modes * sizeof(struct wpa_hw_modes));
-	if (modes == NULL)
-		goto out;
-
-	for (i = 0; i < *num_modes; i++) {
-		struct hostapd_ioctl_hw_modes_hdr *hdr;
-		struct wpa_hw_modes *feature;
-		int clen, rlen;
-
-		hdr = (struct hostapd_ioctl_hw_modes_hdr *) pos;
-		pos = (u8 *) (hdr + 1);
-		clen = hdr->num_channels * sizeof(struct wpa_channel_data);
-		rlen = hdr->num_rates * sizeof(struct wpa_rate_data);
-
-		feature = &modes[i];
-		switch (hdr->mode) {
-		case MODE_IEEE80211A:
-			feature->mode = WPA_MODE_IEEE80211A;
-			break;
-		case MODE_IEEE80211B:
-			feature->mode = WPA_MODE_IEEE80211B;
-			break;
-		case MODE_IEEE80211G:
-			feature->mode = WPA_MODE_IEEE80211G;
-			break;
-		case MODE_ATHEROS_TURBO:
-		case MODE_ATHEROS_TURBOG:
-			wpa_printf(MSG_ERROR, "Skip unsupported hw_mode=%d in "
-				   "get_hw_features data", hdr->mode);
-			pos += clen + rlen;
-			continue;
-		default:
-			wpa_printf(MSG_ERROR, "Unknown hw_mode=%d in "
-				   "get_hw_features data", hdr->mode);
-			wpa_supplicant_sta_free_hw_features(modes, *num_modes);
-			modes = NULL;
-			break;
-		}
-		feature->num_channels = hdr->num_channels;
-		feature->num_rates = hdr->num_rates;
-
-		feature->channels = os_malloc(clen);
-		feature->rates = os_malloc(rlen);
-		if (!feature->channels || !feature->rates ||
-		    pos + clen + rlen > end) {
-			wpa_supplicant_sta_free_hw_features(modes, *num_modes);
-			modes = NULL;
-			break;
-		}
-
-		os_memcpy(feature->channels, pos, clen);
-		pos += clen;
-		os_memcpy(feature->rates, pos, rlen);
-		pos += rlen;
-	}
-
-out:
-	os_free(param);
-	return modes;
-}
-
-
-int wpa_driver_wext_set_channel(void *priv, wpa_hw_mode phymode, int chan,
-				int freq)
-{
-	return wpa_driver_wext_set_freq(priv, freq);
-}
-
-
-static void wpa_driver_wext_mlme_read(int sock, void *eloop_ctx,
-				      void *sock_ctx)
-{
-	struct wpa_driver_wext_data *drv = eloop_ctx;
-	int len;
-	unsigned char buf[3000];
-	struct ieee80211_frame_info *fi;
-	struct ieee80211_rx_status rx_status;
-
-	len = recv(sock, buf, sizeof(buf), 0);
-	if (len < 0) {
-		perror("recv[MLME]");
-		return;
-	}
-
-	if (len < (int) sizeof(struct ieee80211_frame_info)) {
-		wpa_printf(MSG_DEBUG, "WEXT: Too short MLME frame (len=%d)",
-			   len);
-		return;
-	}
-
-	fi = (struct ieee80211_frame_info *) buf;
-	if (ntohl(fi->version) != IEEE80211_FI_VERSION) {
-		wpa_printf(MSG_DEBUG, "WEXT: Invalid MLME frame info version "
-			   "0x%x", ntohl(fi->version));
-		return;
-	}
-
-	os_memset(&rx_status, 0, sizeof(rx_status));
-	rx_status.ssi = ntohl(fi->ssi_signal);
-	rx_status.channel = ntohl(fi->channel);
-
-	wpa_supplicant_sta_rx(drv->ctx,
-			      buf + sizeof(struct ieee80211_frame_info),
-			      len - sizeof(struct ieee80211_frame_info),
-			      &rx_status);
-}
-
-
-static int wpa_driver_wext_open_mlme(struct wpa_driver_wext_data *drv)
-{
-	int flags, ifindex, s;
-	struct sockaddr_ll addr;
-	struct ifreq ifr;
-
-	if (wpa_driver_prism2_param_set(drv, PRISM2_PARAM_USER_SPACE_MLME, 1) <
-	    0) {
-		wpa_printf(MSG_ERROR, "WEXT: Failed to configure driver to "
-			   "use user space MLME");
-		return -1;
-	}
-
-	if (wpa_driver_prism2_param_set(drv, PRISM2_PARAM_MGMT_IF, 1) < 0) {
-		wpa_printf(MSG_ERROR, "WEXT: Failed to add management "
-			   "interface for user space MLME");
-		return -1;
-	}
-
-	ifindex = wpa_driver_prism2_param_get(drv, PRISM2_PARAM_MGMT_IF);
-	if (ifindex <= 0) {
-		wpa_printf(MSG_ERROR, "WEXT: MLME management device not "
-			   "found");
-		return -1;
-	}
-
-	os_memset(&ifr, 0, sizeof(ifr));
-	ifr.ifr_ifindex = ifindex;
-	if (ioctl(drv->ioctl_sock, SIOCGIFNAME, &ifr) != 0) {
-		perror("ioctl(SIOCGIFNAME)");
-		return -1;
-	}
-	os_strlcpy(drv->mlmedev, ifr.ifr_name, sizeof(drv->mlmedev));
-	wpa_printf(MSG_DEBUG, "WEXT: MLME management device '%s'",
-		   drv->mlmedev);
-
-	if (wpa_driver_wext_get_ifflags_ifname(drv, drv->mlmedev, &flags) != 0
-	    || wpa_driver_wext_set_ifflags_ifname(drv, drv->mlmedev,
-						  flags | IFF_UP) != 0) {
-		wpa_printf(MSG_ERROR, "WEXT: Could not set interface "
-			   "'%s' UP", drv->mlmedev);
-		return -1;
-	}
-
-	s = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
-	if (s < 0) {
-		perror("socket[PF_PACKET,SOCK_RAW]");
-		return -1;
-	}
-
-	os_memset(&addr, 0, sizeof(addr));
-	addr.sll_family = AF_PACKET;
-	addr.sll_ifindex = ifindex;
-
-	if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
-		perror("bind(MLME)");
-		return -1;
-	}
-
-	if (eloop_register_read_sock(s, wpa_driver_wext_mlme_read, drv, NULL))
-	{
-		wpa_printf(MSG_ERROR, "WEXT: Could not register MLME read "
-			   "socket");
-		close(s);
-		return -1;
-	}
-
-	return s;
-}
-
-
-static int wpa_driver_wext_send_mlme(void *priv, const u8 *data,
-				     size_t data_len)
-{
-	struct wpa_driver_wext_data *drv = priv;
-	int ret;
-
-	ret = send(drv->mlme_sock, data, data_len, 0);
-	if (ret < 0) {
-		perror("send[MLME]");
-		return -1;
-	}
-
-	return 0;
-}
-
-
-static int wpa_driver_wext_mlme_add_sta(void *priv, const u8 *addr,
-					const u8 *supp_rates,
-					size_t supp_rates_len)
-{
-	struct wpa_driver_wext_data *drv = priv;
-	struct prism2_hostapd_param param;
-	size_t len;
-
-	os_memset(&param, 0, sizeof(param));
-	param.cmd = PRISM2_HOSTAPD_ADD_STA;
-	os_memcpy(param.sta_addr, addr, ETH_ALEN);
-	len = supp_rates_len;
-	if (len > sizeof(param.u.add_sta.supp_rates))
-		len = sizeof(param.u.add_sta.supp_rates);
-	os_memcpy(param.u.add_sta.supp_rates, supp_rates, len);
-	return hostapd_ioctl(drv, &param, sizeof(param));
-}
-
-
-static int wpa_driver_wext_mlme_remove_sta(void *priv, const u8 *addr)
-{
-	struct wpa_driver_wext_data *drv = priv;
-	struct prism2_hostapd_param param;
-
-	os_memset(&param, 0, sizeof(param));
-	param.cmd = PRISM2_HOSTAPD_REMOVE_STA;
-	os_memcpy(param.sta_addr, addr, ETH_ALEN);
-	return hostapd_ioctl(drv, &param, sizeof(param));
-}
-
-#endif /* CONFIG_CLIENT_MLME */
-
-
-static int wpa_driver_wext_set_param(void *priv, const char *param)
-{
-#ifdef CONFIG_CLIENT_MLME
-	struct wpa_driver_wext_data *drv = priv;
-
-	if (param == NULL)
-		return 0;
-
-	wpa_printf(MSG_DEBUG, "%s: param='%s'", __func__, param);
-
-	if (os_strstr(param, "use_mlme=1")) {
-		wpa_printf(MSG_DEBUG, "WEXT: Using user space MLME");
-		drv->capa.flags |= WPA_DRIVER_FLAGS_USER_SPACE_MLME;
-
-		drv->mlme_sock = wpa_driver_wext_open_mlme(drv);
-		if (drv->mlme_sock < 0)
-			return -1;
-	}
-#endif /* CONFIG_CLIENT_MLME */
-
-	return 0;
-}
-
-
 int wpa_driver_wext_get_version(struct wpa_driver_wext_data *drv)
 {
 	return drv->we_version_compiled;
@@ -2785,19 +2315,9 @@
 	.set_auth_alg = wpa_driver_wext_set_auth_alg,
 	.init = wpa_driver_wext_init,
 	.deinit = wpa_driver_wext_deinit,
-	.set_param = wpa_driver_wext_set_param,
 	.add_pmkid = wpa_driver_wext_add_pmkid,
 	.remove_pmkid = wpa_driver_wext_remove_pmkid,
 	.flush_pmkid = wpa_driver_wext_flush_pmkid,
 	.get_capa = wpa_driver_wext_get_capa,
 	.set_operstate = wpa_driver_wext_set_operstate,
-#ifdef CONFIG_CLIENT_MLME
-	.get_hw_feature_data = wpa_driver_wext_get_hw_feature_data,
-	.set_channel = wpa_driver_wext_set_channel,
-	.set_ssid = wpa_driver_wext_set_ssid,
-	.set_bssid = wpa_driver_wext_set_bssid,
-	.send_mlme = wpa_driver_wext_send_mlme,
-	.mlme_add_sta = wpa_driver_wext_mlme_add_sta,
-	.mlme_remove_sta = wpa_driver_wext_mlme_remove_sta,
-#endif /* CONFIG_CLIENT_MLME */
 };

Modified: wpasupplicant/trunk/src/drivers/drivers.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/drivers.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/drivers.c (original)
+++ wpasupplicant/trunk/src/drivers/drivers.c Sun Dec  7 13:49:04 2008
@@ -70,6 +70,10 @@
 #ifdef CONFIG_DRIVER_IPHONE
 extern struct wpa_driver_ops wpa_driver_iphone_ops; /* driver_iphone.m */
 #endif /* CONFIG_DRIVER_IPHONE */
+#ifdef CONFIG_DRIVER_ROBOSWITCH
+/* driver_roboswitch.c */
+extern struct wpa_driver_ops wpa_driver_roboswitch_ops;
+#endif /* CONFIG_DRIVER_ROBOSWITCH */
 
 
 struct wpa_driver_ops *wpa_supplicant_drivers[] =
@@ -128,5 +132,8 @@
 #ifdef CONFIG_DRIVER_IPHONE
 	&wpa_driver_iphone_ops,
 #endif /* CONFIG_DRIVER_IPHONE */
+#ifdef CONFIG_DRIVER_ROBOSWITCH
+	&wpa_driver_roboswitch_ops,
+#endif /* CONFIG_DRIVER_ROBOSWITCH */
 	NULL
 };

Modified: wpasupplicant/trunk/src/eap_common/eap_sim_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_sim_common.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_sim_common.c (original)
+++ wpasupplicant/trunk/src/eap_common/eap_sim_common.c Sun Dec  7 13:49:04 2008
@@ -517,6 +517,7 @@
 			break;
 		case EAP_SIM_AT_RES:
 			wpa_printf(MSG_DEBUG, "EAP-SIM: AT_RES");
+			attr->res_len_bits = WPA_GET_BE16(apos);
 			apos += 2;
 			alen -= 2;
 			if (!aka || alen < EAP_AKA_MIN_RES_LEN ||

Modified: wpasupplicant/trunk/src/eap_common/eap_sim_common.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_sim_common.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_sim_common.h (original)
+++ wpasupplicant/trunk/src/eap_common/eap_sim_common.h Sun Dec  7 13:49:04 2008
@@ -137,6 +137,7 @@
 	const u8 *checkcode;
 	size_t num_chal, version_list_len, encr_data_len;
 	size_t next_pseudonym_len, next_reauth_id_len, identity_len, res_len;
+	size_t res_len_bits;
 	size_t checkcode_len;
 	enum eap_sim_id_req id_req;
 	int notification, counter, selected_version, client_error_code;

Modified: wpasupplicant/trunk/src/eap_peer/eap.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap.c Sun Dec  7 13:49:04 2008
@@ -906,8 +906,8 @@
 #endif /* PCSC_FUNCS */
 
 
-static int eap_sm_get_scard_identity(struct eap_sm *sm,
-				     struct eap_peer_config *conf)
+static int eap_sm_set_scard_pin(struct eap_sm *sm,
+				struct eap_peer_config *conf)
 {
 #ifdef PCSC_FUNCS
 	if (scard_set_pin(sm->scard_ctx, conf->pin)) {
@@ -922,6 +922,18 @@
 		eap_sm_request_pin(sm);
 		return -1;
 	}
+	return 0;
+#else /* PCSC_FUNCS */
+	return -1;
+#endif /* PCSC_FUNCS */
+}
+
+static int eap_sm_get_scard_identity(struct eap_sm *sm,
+				     struct eap_peer_config *conf)
+{
+#ifdef PCSC_FUNCS
+	if (eap_sm_set_scard_pin(sm, conf))
+		return -1;
 
 	return eap_sm_imsi_identity(sm, conf);
 #else /* PCSC_FUNCS */
@@ -985,6 +997,9 @@
 			eap_sm_request_identity(sm);
 			return NULL;
 		}
+	} else if (config->pcsc) {
+		if (eap_sm_set_scard_pin(sm, config) < 0)
+			return NULL;
 	}
 
 	resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IDENTITY, identity_len,

Modified: wpasupplicant/trunk/src/eap_peer/eap_aka.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_aka.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_aka.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_aka.c Sun Dec  7 13:49:04 2008
@@ -20,6 +20,10 @@
 #include "eap_common/eap_sim_common.h"
 #include "sha1.h"
 #include "crypto.h"
+#include "eap_peer/eap_config.h"
+#ifdef CONFIG_USIM_SIMULATOR
+#include "hlr_auc_gw/milenage.h"
+#endif /* CONFIG_USIM_SIMULATOR */
 
 
 struct eap_aka_data {
@@ -116,12 +120,58 @@
 
 static int eap_aka_umts_auth(struct eap_sm *sm, struct eap_aka_data *data)
 {
+	struct eap_peer_config *conf;
+
 	wpa_printf(MSG_DEBUG, "EAP-AKA: UMTS authentication algorithm");
-#ifdef PCSC_FUNCS
-	return scard_umts_auth(sm->scard_ctx, data->rand,
-			       data->autn, data->res, &data->res_len,
-			       data->ik, data->ck, data->auts);
-#else /* PCSC_FUNCS */
+
+	conf = eap_get_config(sm);
+	if (conf == NULL)
+		return -1;
+	if (conf->pcsc) {
+		return scard_umts_auth(sm->scard_ctx, data->rand,
+				       data->autn, data->res, &data->res_len,
+				       data->ik, data->ck, data->auts);
+	}
+
+#ifdef CONFIG_USIM_SIMULATOR
+	if (conf->password) {
+		u8 opc[16], k[16], sqn[6];
+		const char *pos;
+		wpa_printf(MSG_DEBUG, "EAP-AKA: Use internal Milenage "
+			   "implementation for UMTS authentication");
+		if (conf->password_len < 78) {
+			wpa_printf(MSG_DEBUG, "EAP-AKA: invalid Milenage "
+				   "password");
+			return -1;
+		}
+		pos = (const char *) conf->password;
+		if (hexstr2bin(pos, k, 16))
+			return -1;
+		pos += 32;
+		if (*pos != ':')
+			return -1;
+		pos++;
+
+		if (hexstr2bin(pos, opc, 16))
+			return -1;
+		pos += 32;
+		if (*pos != ':')
+			return -1;
+		pos++;
+
+		if (hexstr2bin(pos, sqn, 6))
+			return -1;
+
+		return milenage_check(opc, k, sqn, data->rand, data->autn,
+				      data->ik, data->ck,
+				      data->res, &data->res_len, data->auts);
+	}
+#endif /* CONFIG_USIM_SIMULATOR */
+
+#ifdef CONFIG_USIM_HARDCODED
+	wpa_printf(MSG_DEBUG, "EAP-AKA: Use hardcoded Kc and SRES values for "
+		   "testing");
+
 	/* These hardcoded Kc and SRES values are used for testing.
 	 * Could consider making them configurable. */
 	os_memset(data->res, '2', EAP_AKA_RES_MAX_LEN);
@@ -148,7 +198,14 @@
 	}
 #endif
 	return 0;
-#endif /* PCSC_FUNCS */
+
+#else /* CONFIG_USIM_HARDCODED */
+
+	wpa_printf(MSG_DEBUG, "EAP-AKA: No UMTS authentication algorith "
+		   "enabled");
+	return -1;
+
+#endif /* CONFIG_USIM_HARDCODED */
 }
 
 
@@ -415,7 +472,7 @@
 	msg = eap_sim_msg_init(EAP_CODE_RESPONSE, id, EAP_TYPE_AKA,
 			       EAP_AKA_SUBTYPE_CHALLENGE);
 	wpa_printf(MSG_DEBUG, "   AT_RES");
-	eap_sim_msg_add(msg, EAP_SIM_AT_RES, data->res_len,
+	eap_sim_msg_add(msg, EAP_SIM_AT_RES, data->res_len * 8,
 			data->res, data->res_len);
 	eap_aka_add_checkcode(data, msg);
 	if (data->use_result_ind) {

Modified: wpasupplicant/trunk/src/eap_peer/eap_config.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_config.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_config.h (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_config.h Sun Dec  7 13:49:04 2008
@@ -353,8 +353,8 @@
 	 *
 	 * crypto_binding option can be used to control PEAPv0 cryptobinding
 	 * behavior:
-	 * 0 = do not use cryptobinding
-	 * 1 = use cryptobinding if server supports it (default)
+	 * 0 = do not use cryptobinding (default)
+	 * 1 = use cryptobinding if server supports it
 	 * 2 = require cryptobinding
 	 */
 	char *phase1;
@@ -407,6 +407,47 @@
 	 * using a smartcard.
 	 */
 	char *engine_id;
+
+	/**
+	 * engine2 - Enable OpenSSL engine (e.g., for smartcard) (Phase 2)
+	 *
+	 * This is used if private key operations for EAP-TLS are performed
+	 * using a smartcard.
+	 *
+	 * This field is like engine, but used for phase 2 (inside
+	 * EAP-TTLS/PEAP/FAST tunnel) authentication.
+	 */
+	int engine2;
+
+
+	/**
+	 * pin2 - PIN for USIM, GSM SIM, and smartcards (Phase 2)
+	 *
+	 * This field is used to configure PIN for SIM and smartcards for
+	 * EAP-SIM and EAP-AKA. In addition, this is used with EAP-TLS if a
+	 * smartcard is used for private key operations.
+	 *
+	 * This field is like pin2, but used for phase 2 (inside
+	 * EAP-TTLS/PEAP/FAST tunnel) authentication.
+	 *
+	 * If left out, this will be asked through control interface.
+	 */
+	char *pin2;
+
+	/**
+	 * engine2_id - Engine ID for OpenSSL engine (Phase 2)
+	 *
+	 * "opensc" to select OpenSC engine or "pkcs11" to select PKCS#11
+	 * engine.
+	 *
+	 * This is used if private key operations for EAP-TLS are performed
+	 * using a smartcard.
+	 *
+	 * This field is like engine_id, but used for phase 2 (inside
+	 * EAP-TTLS/PEAP/FAST tunnel) authentication.
+	 */
+	char *engine2_id;
+
 
 	/**
 	 * key_id - Key ID for OpenSSL engine

Modified: wpasupplicant/trunk/src/eap_peer/eap_fast.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_fast.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_fast.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_fast.c Sun Dec  7 13:49:04 2008
@@ -1194,7 +1194,9 @@
 	}
 
 	if (data->current_pac == NULL && data->provisioning &&
-	    !data->anon_provisioning && !tlv.pac) {
+	    !data->anon_provisioning && !tlv.pac &&
+	    (tlv.iresult == EAP_TLV_RESULT_SUCCESS ||
+	     tlv.result == EAP_TLV_RESULT_SUCCESS)) {
 		/*
 		 * Need to request Tunnel PAC when using authenticated
 		 * provisioning.
@@ -1206,10 +1208,10 @@
 
 	if (tlv.result == EAP_TLV_RESULT_SUCCESS && !failed) {
 		tmp = eap_fast_tlv_result(EAP_TLV_RESULT_SUCCESS, 0);
-		resp = wpabuf_concat(resp, tmp);
+		resp = wpabuf_concat(tmp, resp);
 	} else if (failed) {
 		tmp = eap_fast_tlv_result(EAP_TLV_RESULT_FAILURE, 0);
-		resp = wpabuf_concat(resp, tmp);
+		resp = wpabuf_concat(tmp, resp);
 	}
 
 	if (resp && tlv.result == EAP_TLV_RESULT_SUCCESS && !failed &&

Modified: wpasupplicant/trunk/src/eap_peer/eap_peap.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_peap.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_peap.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_peap.c Sun Dec  7 13:49:04 2008
@@ -65,6 +65,7 @@
 	struct wpabuf *pending_phase2_req;
 	enum { NO_BINDING, OPTIONAL_BINDING, REQUIRE_BINDING } crypto_binding;
 	int crypto_binding_used;
+	u8 binding_nonce[32];
 	u8 ipmk[40];
 	u8 cmk[20];
 	int soh; /* Whether IF-TNCCS-SOH (Statement of Health; Microsoft NAP)
@@ -139,7 +140,7 @@
 	data->peap_version = EAP_PEAP_VERSION;
 	data->force_peap_version = -1;
 	data->peap_outer_success = 2;
-	data->crypto_binding = OPTIONAL_BINDING;
+	data->crypto_binding = NO_BINDING;
 
 	if (config && config->phase1 &&
 	    eap_peap_parse_phase1(data, config->phase1) < 0) {
@@ -304,11 +305,6 @@
 	const u8 *addr[2];
 	size_t len[2];
 	u16 tlv_type;
-	u8 binding_nonce[32];
-
-	/* FIX: should binding_nonce be copied from request? */
-	if (os_get_random(binding_nonce, 32))
-		return -1;
 
 	/* Compound_MAC: HMAC-SHA1-160(cryptobinding TLV | EAP type) */
 	addr[0] = wpabuf_put(buf, 0);
@@ -326,7 +322,7 @@
 	wpabuf_put_u8(buf, data->peap_version); /* Version */
 	wpabuf_put_u8(buf, data->peap_version); /* RecvVersion */
 	wpabuf_put_u8(buf, 1); /* SubType: 0 = Request, 1 = Response */
-	wpabuf_put_data(buf, binding_nonce, 32); /* Nonce */
+	wpabuf_put_data(buf, data->binding_nonce, 32); /* Nonce */
 	mac = wpabuf_put(buf, 20); /* Compound_MAC */
 	wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC CMK", data->cmk, 20);
 	wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC data 1",
@@ -417,17 +413,24 @@
 		return -1;
 	}
 	pos += 4;
+	os_memcpy(data->binding_nonce, pos, 32);
 	pos += 32; /* Nonce */
 
 	/* Compound_MAC: HMAC-SHA1-160(cryptobinding TLV | EAP type) */
 	os_memcpy(buf, crypto_tlv, 60);
 	os_memset(buf + 4 + 4 + 32, 0, 20); /* Compound_MAC */
 	buf[60] = EAP_TYPE_PEAP;
+	wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Compound_MAC data",
+		    buf, sizeof(buf));
 	hmac_sha1(data->cmk, 20, buf, sizeof(buf), mac);
 
 	if (os_memcmp(mac, pos, SHA1_MAC_LEN) != 0) {
 		wpa_printf(MSG_DEBUG, "EAP-PEAP: Invalid Compound_MAC in "
 			   "cryptobinding TLV");
+		wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Received MAC",
+			    pos, SHA1_MAC_LEN);
+		wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Expected MAC",
+			    mac, SHA1_MAC_LEN);
 		return -1;
 	}
 
@@ -523,6 +526,9 @@
 			if (result_tlv == NULL)
 				return -1;
 			force_failure = 1;
+			crypto_tlv = NULL; /* do not include Cryptobinding TLV
+					    * in response, if the received
+					    * cryptobinding was invalid. */
 		}
 	} else if (!crypto_tlv && data->crypto_binding == REQUIRE_BINDING) {
 		wpa_printf(MSG_DEBUG, "EAP-PEAP: No cryptobinding TLV");

Modified: wpasupplicant/trunk/src/eap_peer/eap_sim.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_sim.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_sim.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_sim.c Sun Dec  7 13:49:04 2008
@@ -19,6 +19,9 @@
 #include "eap_config.h"
 #include "pcsc_funcs.h"
 #include "eap_common/eap_sim_common.h"
+#ifdef CONFIG_SIM_SIMULATOR
+#include "hlr_auc_gw/milenage.h"
+#endif /* CONFIG_SIM_SIMULATOR */
 
 
 struct eap_sim_data {
@@ -142,26 +145,81 @@
 
 static int eap_sim_gsm_auth(struct eap_sm *sm, struct eap_sim_data *data)
 {
+	struct eap_peer_config *conf;
+
 	wpa_printf(MSG_DEBUG, "EAP-SIM: GSM authentication algorithm");
-#ifdef PCSC_FUNCS
-	if (scard_gsm_auth(sm->scard_ctx, data->rand[0],
-			   data->sres[0], data->kc[0]) ||
-	    scard_gsm_auth(sm->scard_ctx, data->rand[1],
-			   data->sres[1], data->kc[1]) ||
-	    (data->num_chal > 2 &&
-	     scard_gsm_auth(sm->scard_ctx, data->rand[2],
-			    data->sres[2], data->kc[2]))) {
-		wpa_printf(MSG_DEBUG, "EAP-SIM: GSM SIM authentication could "
-			   "not be completed");
+
+	conf = eap_get_config(sm);
+	if (conf == NULL)
 		return -1;
-	}
-#else /* PCSC_FUNCS */
+	if (conf->pcsc) {
+		if (scard_gsm_auth(sm->scard_ctx, data->rand[0],
+				   data->sres[0], data->kc[0]) ||
+		    scard_gsm_auth(sm->scard_ctx, data->rand[1],
+				   data->sres[1], data->kc[1]) ||
+		    (data->num_chal > 2 &&
+		     scard_gsm_auth(sm->scard_ctx, data->rand[2],
+				    data->sres[2], data->kc[2]))) {
+			wpa_printf(MSG_DEBUG, "EAP-SIM: GSM SIM "
+				   "authentication could not be completed");
+			return -1;
+		}
+		return 0;
+	}
+
+#ifdef CONFIG_SIM_SIMULATOR
+	if (conf->password) {
+		u8 opc[16], k[16];
+		const char *pos;
+		size_t i;
+		wpa_printf(MSG_DEBUG, "EAP-SIM: Use internal GSM-Milenage "
+			   "implementation for authentication");
+		if (conf->password_len < 65) {
+			wpa_printf(MSG_DEBUG, "EAP-SIM: invalid GSM-Milenage "
+				   "password");
+			return -1;
+		}
+		pos = (const char *) conf->password;
+		if (hexstr2bin(pos, k, 16))
+			return -1;
+		pos += 32;
+		if (*pos != ':')
+			return -1;
+		pos++;
+
+		if (hexstr2bin(pos, opc, 16))
+			return -1;
+
+		for (i = 0; i < data->num_chal; i++) {
+			if (gsm_milenage(opc, k, data->rand[i],
+					 data->sres[i], data->kc[i])) {
+				wpa_printf(MSG_DEBUG, "EAP-SIM: "
+					   "GSM-Milenage authentication "
+					   "could not be completed");
+				return -1;
+			}
+			wpa_hexdump(MSG_DEBUG, "EAP-SIM: RAND",
+				    data->rand[i], GSM_RAND_LEN);
+			wpa_hexdump_key(MSG_DEBUG, "EAP-SIM: SRES",
+					data->sres[i], EAP_SIM_SRES_LEN);
+			wpa_hexdump_key(MSG_DEBUG, "EAP-SIM: Kc",
+					data->kc[i], EAP_SIM_KC_LEN);
+		}
+		return 0;
+	}
+#endif /* CONFIG_SIM_SIMULATOR */
+
+#ifdef CONFIG_SIM_HARDCODED
 	/* These hardcoded Kc and SRES values are used for testing. RAND to
 	 * KC/SREC mapping is very bogus as far as real authentication is
 	 * concerned, but it is quite useful for cases where the AS is rotating
 	 * the order of pre-configured values. */
 	{
 		size_t i;
+
+		wpa_printf(MSG_DEBUG, "EAP-SIM: Use hardcoded Kc and SRES "
+			   "values for testing");
+
 		for (i = 0; i < data->num_chal; i++) {
 			if (data->rand[i][0] == 0xaa) {
 				os_memcpy(data->kc[i],
@@ -184,8 +242,16 @@
 			}
 		}
 	}
-#endif /* PCSC_FUNCS */
+
 	return 0;
+
+#else /* CONFIG_SIM_HARDCODED */
+
+	wpa_printf(MSG_DEBUG, "EAP-SIM: No GSM authentication algorithm "
+		   "enabled");
+	return -1;
+
+#endif /* CONFIG_SIM_HARDCODED */
 }
 
 

Modified: wpasupplicant/trunk/src/eap_peer/eap_tls.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_tls.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_tls.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_tls.c Sun Dec  7 13:49:04 2008
@@ -36,7 +36,8 @@
 	struct eap_peer_config *config = eap_get_config(sm);
 	if (config == NULL ||
 	    ((sm->init_phase2 ? config->private_key2 : config->private_key)
-	    == NULL && config->engine == 0)) {
+	     == NULL &&
+	     (sm->init_phase2 ? config->engine2 : config->engine) == 0)) {
 		wpa_printf(MSG_INFO, "EAP-TLS: Private key not configured");
 		return NULL;
 	}

Modified: wpasupplicant/trunk/src/eap_peer/eap_tls_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_tls_common.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_tls_common.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_tls_common.c Sun Dec  7 13:49:04 2008
@@ -56,6 +56,7 @@
 	params->dh_file = (char *) config->dh_file;
 	params->subject_match = (char *) config->subject_match;
 	params->altsubject_match = (char *) config->altsubject_match;
+	params->engine = config->engine;
 	params->engine_id = config->engine_id;
 	params->pin = config->pin;
 	params->key_id = config->key_id;
@@ -75,8 +76,9 @@
 	params->dh_file = (char *) config->dh_file2;
 	params->subject_match = (char *) config->subject_match2;
 	params->altsubject_match = (char *) config->altsubject_match2;
-	params->engine_id = config->engine_id;
-	params->pin = config->pin;
+	params->engine = config->engine2;
+	params->engine_id = config->engine2_id;
+	params->pin = config->pin2;
 	params->key_id = config->key2_id;
 	params->cert_id = config->cert2_id;
 	params->ca_cert_id = config->ca_cert2_id;
@@ -89,11 +91,13 @@
 				    struct eap_peer_config *config, int phase2)
 {
 	os_memset(params, 0, sizeof(*params));
-	params->engine = config->engine;
-	if (phase2)
+	if (phase2) {
+		wpa_printf(MSG_DEBUG, "TLS: using phase2 config options");
 		eap_tls_params_from_conf2(params, config);
-	else
+	} else {
+		wpa_printf(MSG_DEBUG, "TLS: using phase1 config options");
 		eap_tls_params_from_conf1(params, config);
+	}
 	params->tls_ia = data->tls_ia;
 
 	/*

Modified: wpasupplicant/trunk/src/eap_server/eap_aka.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_aka.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_aka.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_aka.c Sun Dec  7 13:49:04 2008
@@ -666,10 +666,19 @@
 		return;
 	}
 
-	if (attr->res == NULL || attr->res_len != data->res_len ||
+	/*
+	 * AT_RES is padded, so verify that there is enough room for RES and
+	 * that the RES length in bits matches with the expected RES.
+	 */
+	if (attr->res == NULL || attr->res_len < data->res_len ||
+	    attr->res_len_bits != data->res_len * 8 ||
 	    os_memcmp(attr->res, data->res, data->res_len) != 0) {
 		wpa_printf(MSG_WARNING, "EAP-AKA: Challenge message did not "
-			   "include valid AT_RES");
+			   "include valid AT_RES (attr len=%lu, res len=%lu "
+			   "bits, expected %lu bits)",
+			   (unsigned long) attr->res_len,
+			   (unsigned long) attr->res_len_bits,
+			   (unsigned long) data->res_len * 8);
 		data->notification = EAP_SIM_GENERAL_FAILURE_BEFORE_AUTH;
 		eap_aka_state(data, NOTIFICATION);
 		return;

Modified: wpasupplicant/trunk/src/eap_server/eap_fast.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_fast.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_fast.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_fast.c Sun Dec  7 13:49:04 2008
@@ -241,12 +241,20 @@
 	if (os_get_time(&now) < 0 || lifetime <= 0 || now.sec > lifetime) {
 		wpa_printf(MSG_DEBUG, "EAP-FAST: PAC-Key not valid anymore "
 			   "(lifetime=%ld now=%ld)", lifetime, now.sec);
-		os_free(buf);
-		return 0;
-	}
-
-	if (lifetime - now.sec < data->pac_key_refresh_time)
+		data->send_new_pac = 2;
+		/*
+		 * Allow PAC to be used to allow a PAC update with some level
+		 * of server authentication (i.e., do not fall back to full TLS
+		 * handshake since we cannot be sure that the peer would be
+		 * able to validate server certificate now). However, reject
+		 * the authentication since the PAC was not valid anymore. Peer
+		 * can connect again with the newly provisioned PAC after this.
+		 */
+	} else if (lifetime - now.sec < data->pac_key_refresh_time) {
+		wpa_printf(MSG_DEBUG, "EAP-FAST: PAC-Key soft timeout; send "
+			   "an update if authentication succeeds");
 		data->send_new_pac = 1;
+	}
 
 	eap_fast_derive_master_secret(pac_key, server_random, client_random,
 				      master_secret);
@@ -1218,7 +1226,8 @@
 
 		wpa_printf(MSG_DEBUG, "EAP-FAST: PAC-Acknowledgement received "
 			   "- PAC provisioning succeeded");
-		eap_fast_state(data, data->anon_provisioning ?
+		eap_fast_state(data, (data->anon_provisioning ||
+				      data->send_new_pac == 2) ?
 			       FAILURE : SUCCESS);
 		return;
 	}

Modified: wpasupplicant/trunk/src/eap_server/eap_tls.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_tls.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_tls.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_tls.c Sun Dec  7 13:49:04 2008
@@ -26,6 +26,7 @@
 struct eap_tls_data {
 	struct eap_ssl_data ssl;
 	enum { START, CONTINUE, SUCCESS, FAILURE } state;
+	int established;
 };
 
 
@@ -109,25 +110,24 @@
 static struct wpabuf * eap_tls_buildReq(struct eap_sm *sm, void *priv, u8 id)
 {
 	struct eap_tls_data *data = priv;
-
+	struct wpabuf *res;
 
 	if (data->ssl.state == FRAG_ACK) {
 		return eap_server_tls_build_ack(id, EAP_TYPE_TLS, 0);
 	}
 
 	if (data->ssl.state == WAIT_FRAG_ACK) {
-		return eap_server_tls_build_msg(&data->ssl, EAP_TYPE_TLS, 0,
-						id);
+		res = eap_server_tls_build_msg(&data->ssl, EAP_TYPE_TLS, 0,
+					       id);
+		goto check_established;
 	}
 
 	switch (data->state) {
 	case START:
 		return eap_tls_build_start(sm, data, id);
 	case CONTINUE:
-		if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
-			wpa_printf(MSG_DEBUG, "EAP-TLS: Done");
-			eap_tls_state(data, SUCCESS);
-		}
+		if (tls_connection_established(sm->ssl_ctx, data->ssl.conn))
+			data->established = 1;
 		break;
 	default:
 		wpa_printf(MSG_DEBUG, "EAP-TLS: %s - unexpected state %d",
@@ -135,7 +135,17 @@
 		return NULL;
 	}
 
-	return eap_server_tls_build_msg(&data->ssl, EAP_TYPE_TLS, 0, id);
+	res = eap_server_tls_build_msg(&data->ssl, EAP_TYPE_TLS, 0, id);
+
+check_established:
+	if (data->established && data->ssl.state != WAIT_FRAG_ACK) {
+		/* TLS handshake has been completed and there are no more
+		 * fragments waiting to be sent out. */
+		wpa_printf(MSG_DEBUG, "EAP-TLS: Done");
+		eap_tls_state(data, SUCCESS);
+	}
+
+	return res;
 }
 
 

Modified: wpasupplicant/trunk/src/hlr_auc_gw/milenage.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/hlr_auc_gw/milenage.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/hlr_auc_gw/milenage.c (original)
+++ wpasupplicant/trunk/src/hlr_auc_gw/milenage.c Sun Dec  7 13:49:04 2008
@@ -52,9 +52,9 @@
 		return -1;
 
 	/* tmp2 = IN1 = SQN || AMF || SQN || AMF */
-	memcpy(tmp2, sqn, 6);
-	memcpy(tmp2 + 6, amf, 2);
-	memcpy(tmp2 + 8, tmp2, 8);
+	os_memcpy(tmp2, sqn, 6);
+	os_memcpy(tmp2 + 6, amf, 2);
+	os_memcpy(tmp2 + 8, tmp2, 8);
 
 	/* OUT1 = E_K(TEMP XOR rot(IN1 XOR OP_C, r1) XOR c1) XOR OP_C */
 
@@ -72,9 +72,9 @@
 	for (i = 0; i < 16; i++)
 		tmp1[i] ^= opc[i];
 	if (mac_a)
-		memcpy(mac_a, tmp1, 8); /* f1 */
+		os_memcpy(mac_a, tmp1, 8); /* f1 */
 	if (mac_s)
-		memcpy(mac_s, tmp1 + 8, 8); /* f1* */
+		os_memcpy(mac_s, tmp1 + 8, 8); /* f1* */
 	return 0;
 }
 
@@ -119,9 +119,9 @@
 	for (i = 0; i < 16; i++)
 		tmp3[i] ^= opc[i];
 	if (res)
-		memcpy(res, tmp3 + 8, 8); /* f2 */
+		os_memcpy(res, tmp3 + 8, 8); /* f2 */
 	if (ak)
-		memcpy(ak, tmp3, 6); /* f5 */
+		os_memcpy(ak, tmp3, 6); /* f5 */
 
 	/* f3 */
 	if (ck) {
@@ -181,7 +181,7 @@
 		       u8 *ck, u8 *res, size_t *res_len)
 {
 	int i;
-	u8 mac_a[16], ak[6];
+	u8 mac_a[8], ak[6];
 
 	if (*res_len < 8) {
 		*res_len = 0;
@@ -197,8 +197,8 @@
 	/* AUTN = (SQN ^ AK) || AMF || MAC */
 	for (i = 0; i < 6; i++)
 		autn[i] = sqn[i] ^ ak[i];
-	memcpy(autn + 6, amf, 2);
-	memcpy(autn + 8, mac_a, 8);
+	os_memcpy(autn + 6, amf, 2);
+	os_memcpy(autn + 8, mac_a, 8);
 }
 
 
@@ -250,11 +250,81 @@
 		kc[i] = ck[i] ^ ck[i + 8] ^ ik[i] ^ ik[i + 8];
 
 #ifdef GSM_MILENAGE_ALT_SRES
-	memcpy(sres, res, 4);
+	os_memcpy(sres, res, 4);
 #else /* GSM_MILENAGE_ALT_SRES */
 	for (i = 0; i < 4; i++)
 		sres[i] = res[i] ^ res[i + 4];
 #endif /* GSM_MILENAGE_ALT_SRES */
+	return 0;
+}
+
+
+/**
+ * milenage_generate - Generate AKA AUTN,IK,CK,RES
+ * @opc: OPc = 128-bit operator variant algorithm configuration field (encr.)
+ * @k: K = 128-bit subscriber key
+ * @sqn: SQN = 48-bit sequence number
+ * @_rand: RAND = 128-bit random challenge
+ * @autn: AUTN = 128-bit authentication token
+ * @ik: Buffer for IK = 128-bit integrity key (f4), or %NULL
+ * @ck: Buffer for CK = 128-bit confidentiality key (f3), or %NULL
+ * @res: Buffer for RES = 64-bit signed response (f2), or %NULL
+ * @res_len: Variable that will be set to RES length
+ * @auts: 112-bit buffer for AUTS
+ * Returns: 0 on success, -1 on failure, or -2 on synchronization failure
+ */
+int milenage_check(const u8 *opc, const u8 *k, const u8 *sqn, const u8 *_rand,
+		   const u8 *autn, u8 *ik, u8 *ck, u8 *res, size_t *res_len,
+		   u8 *auts)
+{
+	int i;
+	u8 mac_a[8], ak[6], rx_sqn[6];
+	const u8 *amf;
+
+	wpa_hexdump(MSG_DEBUG, "Milenage: AUTN", autn, 16);
+	wpa_hexdump(MSG_DEBUG, "Milenage: RAND", _rand, 16);
+
+	if (milenage_f2345(opc, k, _rand, res, ck, ik, ak, NULL))
+		return -1;
+
+	*res_len = 8;
+	wpa_hexdump_key(MSG_DEBUG, "Milenage: RES", res, *res_len);
+	wpa_hexdump_key(MSG_DEBUG, "Milenage: CK", ck, 16);
+	wpa_hexdump_key(MSG_DEBUG, "Milenage: IK", ik, 16);
+	wpa_hexdump_key(MSG_DEBUG, "Milenage: AK", ak, 6);
+
+	/* AUTN = (SQN ^ AK) || AMF || MAC */
+	for (i = 0; i < 6; i++)
+		rx_sqn[i] = autn[i] ^ ak[i];
+	wpa_hexdump(MSG_DEBUG, "Milenage: SQN", rx_sqn, 6);
+
+	if (os_memcmp(rx_sqn, sqn, 6) <= 0) {
+		u8 auts_amf[2] = { 0x00, 0x00 }; /* TS 33.102 v7.0.0, 6.3.3 */
+		if (milenage_f2345(opc, k, _rand, NULL, NULL, NULL, NULL, ak))
+			return -1;
+		wpa_hexdump_key(MSG_DEBUG, "Milenage: AK*", ak, 6);
+		for (i = 0; i < 6; i++)
+			auts[i] = sqn[i] ^ ak[i];
+		if (milenage_f1(opc, k, _rand, sqn, auts_amf, NULL, auts + 6))
+			return -1;
+		wpa_hexdump(MSG_DEBUG, "Milenage: AUTS", auts, 14);
+		return -2;
+	}
+
+	amf = autn + 6;
+	wpa_hexdump(MSG_DEBUG, "Milenage: AMF", amf, 2);
+	if (milenage_f1(opc, k, _rand, rx_sqn, amf, mac_a, NULL))
+		return -1;
+
+	wpa_hexdump(MSG_DEBUG, "Milenage: MAC_A", mac_a, 8);
+
+	if (os_memcmp(mac_a, autn + 8, 8) != 0) {
+		wpa_printf(MSG_DEBUG, "Milenage: MAC mismatch");
+		wpa_hexdump(MSG_DEBUG, "Milenage: Received MAC_A",
+			    autn + 8, 8);
+		return -1;
+	}
+
 	return 0;
 }
 
@@ -1006,17 +1076,18 @@
 	}
 
 	printf("milenage_auts test:\n");
-	memcpy(auts, "\x4f\x20\x39\x39\x2d\xdd", 6);
-	memcpy(auts + 6, "\x4b\xb4\x31\x6e\xd4\xa1\x46\x88", 8);
+	os_memcpy(auts, "\x4f\x20\x39\x39\x2d\xdd", 6);
+	os_memcpy(auts + 6, "\x4b\xb4\x31\x6e\xd4\xa1\x46\x88", 8);
 	res = milenage_auts(t->opc, t->k, t->rand, auts, buf);
 	printf("AUTS for test set %d: %d / SQN=%02x%02x%02x%02x%02x%02x\n",
 	       i, res, buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
 	if (res)
 		ret++;
 
-	memset(_rand, 0xaa, sizeof(_rand));
-	memcpy(auts,
-	       "\x43\x68\x1a\xd3\xda\xf0\x06\xbc\xde\x40\x5a\x20\x72\x67", 14);
+	os_memset(_rand, 0xaa, sizeof(_rand));
+	os_memcpy(auts,
+		  "\x43\x68\x1a\xd3\xda\xf0\x06\xbc\xde\x40\x5a\x20\x72\x67",
+		  14);
 	res = milenage_auts(t->opc, t->k, _rand, auts, buf);
 	printf("AUTS from a test USIM: %d / SQN=%02x%02x%02x%02x%02x%02x\n",
 	       res, buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
@@ -1024,9 +1095,9 @@
 		ret++;
 
 	printf("milenage_generate test:\n");
-	memcpy(sqn, "\x00\x00\x00\x00\x40\x44", 6);
-	memcpy(_rand, "\x12\x69\xb8\x23\x41\x39\x35\x66\xfb\x99\x41\xe9\x84"
-	       "\x4f\xe6\x2f", 16);
+	os_memcpy(sqn, "\x00\x00\x00\x00\x40\x44", 6);
+	os_memcpy(_rand, "\x12\x69\xb8\x23\x41\x39\x35\x66\xfb\x99\x41\xe9\x84"
+		  "\x4f\xe6\x2f", 16);
 	res_len = 8;
 	milenage_generate(t->opc, t->amf, t->k, sqn, _rand, buf, buf2, buf3,
 			  buf4, &res_len);

Modified: wpasupplicant/trunk/src/hlr_auc_gw/milenage.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/hlr_auc_gw/milenage.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/hlr_auc_gw/milenage.h (original)
+++ wpasupplicant/trunk/src/hlr_auc_gw/milenage.h Sun Dec  7 13:49:04 2008
@@ -22,5 +22,8 @@
 		  u8 *sqn);
 int gsm_milenage(const u8 *opc, const u8 *k, const u8 *_rand, u8 *sres,
 		 u8 *kc);
+int milenage_check(const u8 *opc, const u8 *k, const u8 *sqn, const u8 *_rand,
+		   const u8 *autn, u8 *ik, u8 *ck, u8 *res, size_t *res_len,
+		   u8 *auts);
 
 #endif /* MILENAGE_H */

Modified: wpasupplicant/trunk/src/rsn_supp/wpa.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/rsn_supp/wpa.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/rsn_supp/wpa.c (original)
+++ wpasupplicant/trunk/src/rsn_supp/wpa.c Sun Dec  7 13:49:04 2008
@@ -133,7 +133,6 @@
  * @sm: Pointer to WPA state machine data from wpa_sm_init()
  * @error: Indicate whether this is an Michael MIC error report
  * @pairwise: 1 = error report for pairwise packet, 0 = for group packet
- * Returns: Pointer to the current network structure or %NULL on failure
  *
  * Send an EAPOL-Key Request to the current authenticator. This function is
  * used to request rekeying and it is usually called when a local Michael MIC
@@ -267,7 +266,7 @@
 					   "caching attempt");
 				sm->cur_pmksa = NULL;
 				abort_cached = 1;
-			} else {
+			} else if (!abort_cached) {
 				return -1;
 			}
 		}
@@ -486,6 +485,14 @@
 		wpa_ft_prepare_auth_request(sm);
 	}
 #endif /* CONFIG_IEEE80211R */
+}
+
+
+static void wpa_sm_rekey_ptk(void *eloop_ctx, void *timeout_ctx)
+{
+	struct wpa_sm *sm = eloop_ctx;
+	wpa_printf(MSG_DEBUG, "WPA: Request PTK rekeying");
+	wpa_sm_key_request(sm, 0, 1);
 }
 
 
@@ -533,6 +540,13 @@
 			   "driver.");
 		return -1;
 	}
+
+	if (sm->wpa_ptk_rekey) {
+		eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
+		eloop_register_timeout(sm->wpa_ptk_rekey, 0, wpa_sm_rekey_ptk,
+				       sm, NULL);
+	}
+
 	return 0;
 }
 
@@ -1849,6 +1863,7 @@
 		return;
 	pmksa_cache_deinit(sm->pmksa);
 	eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL);
+	eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
 	os_free(sm->assoc_wpa_ie);
 	os_free(sm->ap_wpa_ie);
 	os_free(sm->ap_rsn_ie);
@@ -2018,6 +2033,7 @@
 			sm->ssid_len = config->ssid_len;
 		} else
 			sm->ssid_len = 0;
+		sm->wpa_ptk_rekey = config->wpa_ptk_rekey;
 	} else {
 		sm->network_ctx = NULL;
 		sm->peerkey_enabled = 0;
@@ -2026,6 +2042,7 @@
 		sm->eap_workaround = 0;
 		sm->eap_conf_ctx = NULL;
 		sm->ssid_len = 0;
+		sm->wpa_ptk_rekey = 0;
 	}
 	if (config == NULL || config->network_ctx != sm->network_ctx)
 		pmksa_cache_notify_reconfig(sm->pmksa);

Modified: wpasupplicant/trunk/src/rsn_supp/wpa.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/rsn_supp/wpa.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/rsn_supp/wpa.h (original)
+++ wpasupplicant/trunk/src/rsn_supp/wpa.h Sun Dec  7 13:49:04 2008
@@ -85,6 +85,7 @@
 	void *eap_conf_ctx;
 	const u8 *ssid;
 	size_t ssid_len;
+	int wpa_ptk_rekey;
 };
 
 #ifndef CONFIG_NO_WPA

Modified: wpasupplicant/trunk/src/rsn_supp/wpa_i.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/rsn_supp/wpa_i.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/src/rsn_supp/wpa_i.h (original)
+++ wpasupplicant/trunk/src/rsn_supp/wpa_i.h Sun Dec  7 13:49:04 2008
@@ -60,6 +60,7 @@
 	void *eap_conf_ctx;
 	u8 ssid[32];
 	size_t ssid_len;
+	int wpa_ptk_rekey;
 
 	u8 own_addr[ETH_ALEN];
 	const char *ifname;

Modified: wpasupplicant/trunk/wpa_supplicant/ChangeLog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/ChangeLog?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/ChangeLog (original)
+++ wpasupplicant/trunk/wpa_supplicant/ChangeLog Sun Dec  7 13:49:04 2008
@@ -1,4 +1,31 @@
 ChangeLog for wpa_supplicant
+
+2008-11-23 - v0.6.6
+	* added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
+	  (can be used to simulate test SIM/USIM card with a known private key;
+	  enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
+	  and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
+	* added a new network configuration option, wpa_ptk_rekey, that can be
+	  used to enforce frequent PTK rekeying, e.g., to mitigate some attacks
+	  against TKIP deficiencies
+	* added an optional mitigation mechanism for certain attacks against
+	  TKIP by delaying Michael MIC error reports by a random amount of time
+	  between 0 and 60 seconds; this can be enabled with a build option
+	  CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
+	* fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
+	  not bytes
+	* updated OpenSSL code for EAP-FAST to use an updated version of the
+	  session ticket overriding API that was included into the upstream
+	  OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
+	  needed with that version anymore)
+	* updated userspace MLME instructions to match with the current Linux
+	  mac80211 implementation; please also note that this can only be used
+	  with driver_nl80211.c (the old code from driver_wext.c was removed)
+	* added support (Linux only) for RoboSwitch chipsets (often found in
+	  consumer grade routers); driver interface 'roboswitch'
+	* fixed canceling of PMKSA caching when using drivers that generate
+	  RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
+	  about
 
 2008-11-01 - v0.6.5
 	* added support for SHA-256 as X.509 certificate digest when using the

Modified: wpasupplicant/trunk/wpa_supplicant/Makefile
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/Makefile?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/Makefile (original)
+++ wpasupplicant/trunk/wpa_supplicant/Makefile Sun Dec  7 13:49:04 2008
@@ -235,6 +235,11 @@
 LIBS += -framework CoreFoundation
 endif
 
+ifdef CONFIG_DRIVER_ROBOSWITCH
+CFLAGS += -DCONFIG_DRIVER_ROBOSWITCH
+OBJS_d += ../src/drivers/driver_roboswitch.o
+endif
+
 ifndef CONFIG_L2_PACKET
 CONFIG_L2_PACKET=linux
 endif
@@ -576,6 +581,20 @@
 else
 LIBS += -lpcsclite -lpthread
 endif
+endif
+
+ifdef CONFIG_SIM_SIMULATOR
+CFLAGS += -DCONFIG_SIM_SIMULATOR
+NEED_MILENAGE=y
+endif
+
+ifdef CONFIG_USIM_SIMULATOR
+CFLAGS += -DCONFIG_USIM_SIMULATOR
+NEED_MILENAGE=y
+endif
+
+ifdef NEED_MILENAGE
+OBJS += ../src/hlr_auc_gw/milenage.o
 endif
 
 ifndef CONFIG_TLS
@@ -937,6 +956,10 @@
 CFLAGS += -DCONFIG_DEBUG_FILE
 endif
 
+ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
+CFLAGS += -DCONFIG_DELAYED_MIC_ERROR_REPORT
+endif
+
 OBJS += ../src/drivers/scan_helpers.o
 
 OBJS_wpa_rm := ctrl_iface.o mlme.o ctrl_iface_unix.o

Modified: wpasupplicant/trunk/wpa_supplicant/README
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/README?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/README (original)
+++ wpasupplicant/trunk/wpa_supplicant/README Sun Dec  7 13:49:04 2008
@@ -525,6 +525,7 @@
   broadcom = Broadcom wl.o driver
   ipw = Intel ipw2100/2200 driver (old; use wext with Linux 2.6.13 or newer)
   wired = wpa_supplicant wired Ethernet driver
+  roboswitch = wpa_supplicant Broadcom switch driver
   bsd = BSD 802.11 support (Atheros, etc.)
   ndis = Windows NDIS driver
 
@@ -694,8 +695,8 @@
 }
 
 
-6) Authentication for wired Ethernet. This can be used with 'wired' interface
-   (-Dwired on command line).
+6) Authentication for wired Ethernet. This can be used with 'wired' or
+   'roboswitch' interface (-Dwired or -Droboswitch on command line).
 
 ctrl_interface=/var/run/wpa_supplicant
 ctrl_interface_group=wheel

Modified: wpasupplicant/trunk/wpa_supplicant/README-Windows.txt
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/README-Windows.txt?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/README-Windows.txt (original)
+++ wpasupplicant/trunk/wpa_supplicant/README-Windows.txt Sun Dec  7 13:49:04 2008
@@ -9,7 +9,9 @@
 license. Either license may be used at your option.
 
 This product includes software developed by the OpenSSL Project
-for use in the OpenSSL Toolkit (http://www.openssl.org/)
+for use in the OpenSSL Toolkit (http://www.openssl.org/). This
+product includes cryptographic software written by Eric Young
+(eay at cryptsoft.com).
 
 
 wpa_supplicant has support for being used as a WPA/WPA2/IEEE 802.1X

Modified: wpasupplicant/trunk/wpa_supplicant/config.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/config.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/config.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/config.c Sun Dec  7 13:49:04 2008
@@ -1331,10 +1331,13 @@
 	{ STRe(key_id) },
 	{ STRe(cert_id) },
 	{ STRe(ca_cert_id) },
+	{ STR_KEYe(pin2) },
+	{ STRe(engine2_id) },
 	{ STRe(key2_id) },
 	{ STRe(cert2_id) },
 	{ STRe(ca_cert2_id) },
 	{ INTe(engine) },
+	{ INTe(engine2) },
 	{ INT(eapol_flags) },
 #endif /* IEEE8021X_EAPOL */
 	{ FUNC_KEY(wep_key0) },
@@ -1357,7 +1360,8 @@
 #endif /* CONFIG_IEEE80211W */
 	{ INT_RANGE(peerkey, 0, 1) },
 	{ INT_RANGE(mixed_cell, 0, 1) },
-	{ INT_RANGE(frequency, 0, 10000) }
+	{ INT_RANGE(frequency, 0, 10000) },
+	{ INT(wpa_ptk_rekey) }
 };
 
 #undef OFFSET
@@ -1496,6 +1500,8 @@
 	os_free(eap->key2_id);
 	os_free(eap->cert2_id);
 	os_free(eap->ca_cert2_id);
+	os_free(eap->pin2);
+	os_free(eap->engine2_id);
 	os_free(eap->otp);
 	os_free(eap->pending_req_otp);
 	os_free(eap->pac_file);

Modified: wpasupplicant/trunk/wpa_supplicant/config_file.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/config_file.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/config_file.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/config_file.c Sun Dec  7 13:49:04 2008
@@ -758,9 +758,12 @@
 	STR(cert_id);
 	STR(ca_cert_id);
 	STR(key2_id);
+	STR(pin2);
+	STR(engine2_id);
 	STR(cert2_id);
 	STR(ca_cert2_id);
 	INTe(engine);
+	INTe(engine2);
 	INT_DEF(eapol_flags, DEFAULT_EAPOL_FLAGS);
 #endif /* IEEE8021X_EAPOL */
 	for (i = 0; i < 4; i++)

Modified: wpasupplicant/trunk/wpa_supplicant/config_ssid.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/config_ssid.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/config_ssid.h (original)
+++ wpasupplicant/trunk/wpa_supplicant/config_ssid.h Sun Dec  7 13:49:04 2008
@@ -334,6 +334,14 @@
 	 * will be used instead of this configured value.
 	 */
 	int frequency;
+
+	/**
+	 * wpa_ptk_rekey - Maximum lifetime for PTK in seconds
+	 *
+	 * This value can be used to enforce rekeying of PTK to mitigate some
+	 * attacks against TKIP deficiencies.
+	 */
+	int wpa_ptk_rekey;
 };
 
 #endif /* CONFIG_SSID_H */

Modified: wpasupplicant/trunk/wpa_supplicant/config_winreg.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/config_winreg.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/config_winreg.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/config_winreg.c Sun Dec  7 13:49:04 2008
@@ -770,9 +770,12 @@
 	STR(cert_id);
 	STR(ca_cert_id);
 	STR(key2_id);
+	STR(pin2);
+	STR(engine2_id);
 	STR(cert2_id);
 	STR(ca_cert2_id);
 	INTe(engine);
+	INTe(engine2);
 	INT_DEF(eapol_flags, DEFAULT_EAPOL_FLAGS);
 #endif /* IEEE8021X_EAPOL */
 	for (i = 0; i < 4; i++)

Modified: wpasupplicant/trunk/wpa_supplicant/defconfig
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/defconfig?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/defconfig (original)
+++ wpasupplicant/trunk/wpa_supplicant/defconfig Sun Dec  7 13:49:04 2008
@@ -106,6 +106,9 @@
 # Driver interface for wired Ethernet drivers
 CONFIG_DRIVER_WIRED=y
 
+# Driver interface for the Broadcom RoboSwitch family
+#CONFIG_DRIVER_ROBOSWITCH=y
+
 # Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
 # included)
 CONFIG_IEEE8021X_EAPOL=y
@@ -152,6 +155,9 @@
 
 # EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
 #CONFIG_EAP_AKA=y
+
+# Enable USIM simulator (Milenage) for EAP-AKA
+#CONFIG_USIM_SIMULATOR=y
 
 # EAP-SAKE
 #CONFIG_EAP_SAKE=y
@@ -343,14 +349,15 @@
 #CONFIG_DYNAMIC_EAP_METHODS=y
 
 # Include client MLME (management frame processing).
-# This can be used to move MLME processing of Devicescape IEEE 802.11 stack
-# into user space.
+# This can be used to move MLME processing of Linux mac80211 stack into user
+# space.
 #CONFIG_CLIENT_MLME=y
-# Currently, driver_devicescape.c build requires some additional parameters
-# to be able to include some of the kernel header files. Following lines can
-# be used to set these (WIRELESS_DEV must point to the root directory of the
-# wireless-dev.git tree).
-#WIRELESS_DEV=/usr/src/wireless-dev
+# Currently, driver_nl80211.c build requires some additional parameters to be
+# able to include some of the kernel header files. Following lines can be used
+# to set these (WIRELESS_DEV must point to the root directory of the
+# wireless-testing.git tree). In addition, mac80211 may need external patches
+# to enable userspace MLME support.
+#WIRELESS_DEV=/usr/src/wireless-testing
 #CFLAGS += -I$(WIRELESS_DEV)/net/mac80211
 
 # IEEE Std 802.11r-2008 (Fast BSS Transition)
@@ -361,3 +368,7 @@
 
 # Enable privilege separation (see README 'Privilege separation' for details)
 #CONFIG_PRIVSEP=y
+
+# Enable mitigation against certain attacks against TKIP by delaying Michael
+# MIC error reports by a random amount of time between 0 and 60 seconds
+#CONFIG_DELAYED_MIC_ERROR_REPORT=y

Modified: wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.conf.sgml
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.conf.sgml?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.conf.sgml (original)
+++ wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.conf.sgml Sun Dec  7 13:49:04 2008
@@ -174,7 +174,8 @@
 
       <listitem>
 	<para>Authentication for wired Ethernet. This can be used with
-       <emphasis>wired</emphasis> interface (-Dwired on command line).</para>
+        <emphasis>wired</emphasis> or <emphasis>roboswitch</emphasis> interface
+        (-Dwired or -Droboswitch on command line).</para>
 
 <blockquote><programlisting>
 ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel

Modified: wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.sgml
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.sgml?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.sgml (original)
+++ wpasupplicant/trunk/wpa_supplicant/doc/docbook/wpa_supplicant.sgml Sun Dec  7 13:49:04 2008
@@ -310,6 +310,13 @@
       </varlistentry>
 
       <varlistentry>
+	<term>roboswitch</term>
+	<listitem>
+	  <para>wpa_supplicant Broadcom switch driver</para>
+	</listitem>
+      </varlistentry>
+
+      <varlistentry>
 	<term>bsd</term>
 	<listitem>
 	  <para>BSD 802.11 support (Atheros, etc.).</para>

Modified: wpasupplicant/trunk/wpa_supplicant/eap_testing.txt
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/eap_testing.txt?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/eap_testing.txt (original)
+++ wpasupplicant/trunk/wpa_supplicant/eap_testing.txt Sun Dec  7 13:49:04 2008
@@ -58,7 +58,7 @@
 EAP-PEAPv0/GTC		+   -   +   -   +   +   +   +   -   -   +   +
 EAP-PEAPv0/OTP		-   -   -   -   -   +   -   -   -   -   -   -
 EAP-PEAPv0/MD5		+   -   -   +   +   +   +   +   -   -   +   -
-EAP-PEAPv0/TLS		+   +   -   +   +   +   F   +   -   -   +   -
+EAP-PEAPv0/TLS		+   +   -   +   +   +   F   +   -   -   +   +
 EAP-PEAPv0/SIM		-   -   -   -   -   -   -   -   -   -   +   -
 EAP-PEAPv0/AKA		-   -   -   -   -   -   -   -   -   -   +   -
 EAP-PEAPv0/PSK		-   -   -   -   -   -   -   -   -   -   +   -
@@ -69,7 +69,7 @@
 EAP-PEAPv1/GTC		-   -   +   +   +   +1  +   +5  +8  -   +   +
 EAP-PEAPv1/OTP		-   -   -   -   -   +1  -   -   -   -   -   -
 EAP-PEAPv1/MD5		-   -   -   +   +   +1  +   +5  -   -   +   -
-EAP-PEAPv1/TLS		-   -   -   +   +   +1  F   +5  -   -   +   -
+EAP-PEAPv1/TLS		-   -   -   +   +   +1  F   +5  -   -   +   +
 EAP-PEAPv1/SIM		-   -   -   -   -   -   -   -   -   -   +   -
 EAP-PEAPv1/AKA		-   -   -   -   -   -   -   -   -   -   +   -
 EAP-PEAPv1/PSK		-   -   -   -   -   -   -   -   -   -   +   -
@@ -354,13 +354,6 @@
 - EAP-SIM
 - EAP-PAX
 
-Cisco Secure ACS 3.3(1) for Windows Server
-- PEAPv1/GTC worked, but PEAPv0/GTC failed in the end after password was
-  sent successfully; ACS is replying with empty PEAP packet (TLS ACK);
-  wpa_supplicant tries to decrypt this.. Replying with TLS ACK and and
-  marking the connection completed was enough to make this work.
-
-
 PEAPv1:
 
 Funk Odyssey 2.01.00.653:

Modified: wpasupplicant/trunk/wpa_supplicant/events.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/events.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/events.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/events.c Sun Dec  7 13:49:04 2008
@@ -862,6 +862,22 @@
 }
 
 
+#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
+static void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx,
+						    void *sock_ctx)
+{
+	struct wpa_supplicant *wpa_s = eloop_ctx;
+
+	if (!wpa_s->pending_mic_error_report)
+		return;
+
+	wpa_printf(MSG_DEBUG, "WPA: Sending pending MIC error report");
+	wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise);
+	wpa_s->pending_mic_error_report = 0;
+}
+#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
+
+
 static void
 wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s,
 					 union wpa_event_data *data)
@@ -871,10 +887,25 @@
 
 	wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected");
 	pairwise = (data && data->michael_mic_failure.unicast);
-	wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
 	os_get_time(&t);
-	if (wpa_s->last_michael_mic_error &&
-	    t.sec - wpa_s->last_michael_mic_error <= 60) {
+	if ((wpa_s->last_michael_mic_error &&
+	     t.sec - wpa_s->last_michael_mic_error <= 60) ||
+	    wpa_s->pending_mic_error_report) {
+		if (wpa_s->pending_mic_error_report) {
+			/*
+			 * Send the pending MIC error report immediately since
+			 * we are going to start countermeasures and AP better
+			 * do the same.
+			 */
+			wpa_sm_key_request(wpa_s->wpa, 1,
+					   wpa_s->pending_mic_error_pairwise);
+		}
+
+		/* Send the new MIC error report immediately since we are going
+		 * to start countermeasures and AP better do the same.
+		 */
+		wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
+
 		/* initialize countermeasures */
 		wpa_s->countermeasures = 1;
 		wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started");
@@ -895,8 +926,46 @@
 				       wpa_s, NULL);
 		/* TODO: mark the AP rejected for 60 second. STA is
 		 * allowed to associate with another AP.. */
+	} else {
+#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
+		if (wpa_s->mic_errors_seen) {
+			/*
+			 * Reduce the effectiveness of Michael MIC error
+			 * reports as a means for attacking against TKIP if
+			 * more than one MIC failure is noticed with the same
+			 * PTK. We delay the transmission of the reports by a
+			 * random time between 0 and 60 seconds in order to
+			 * force the attacker wait 60 seconds before getting
+			 * the information on whether a frame resulted in a MIC
+			 * failure.
+			 */
+			u8 rval[4];
+			int sec;
+
+			if (os_get_random(rval, sizeof(rval)) < 0)
+				sec = os_random() % 60;
+			else
+				sec = WPA_GET_BE32(rval) % 60;
+			wpa_printf(MSG_DEBUG, "WPA: Delay MIC error report %d "
+				   "seconds", sec);
+			wpa_s->pending_mic_error_report = 1;
+			wpa_s->pending_mic_error_pairwise = pairwise;
+			eloop_cancel_timeout(
+				wpa_supplicant_delayed_mic_error_report,
+				wpa_s, NULL);
+			eloop_register_timeout(
+				sec, os_random() % 1000000,
+				wpa_supplicant_delayed_mic_error_report,
+				wpa_s, NULL);
+		} else {
+			wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
+		}
+#else /* CONFIG_DELAYED_MIC_ERROR_REPORT */
+		wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
+#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
 	}
 	wpa_s->last_michael_mic_error = t.sec;
+	wpa_s->mic_errors_seen++;
 }
 
 

Modified: wpasupplicant/trunk/wpa_supplicant/scan.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/scan.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/scan.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/scan.c Sun Dec  7 13:49:04 2008
@@ -70,9 +70,9 @@
 	wpa_s->scan_req = 0;
 
 	if (wpa_s->conf->ap_scan != 0 &&
-	    wpa_s->driver && os_strcmp(wpa_s->driver->name, "wired") == 0) {
-		wpa_printf(MSG_DEBUG, "Using wired driver - overriding "
-			   "ap_scan configuration");
+	    wpa_s->driver && IS_WIRED(wpa_s->driver)) {
+		wpa_printf(MSG_DEBUG, "Using wired authentication - "
+			   "overriding ap_scan configuration");
 		wpa_s->conf->ap_scan = 0;
 	}
 

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/icons/Makefile
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/icons/Makefile?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/icons/Makefile (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/icons/Makefile Sun Dec  7 13:49:04 2008
@@ -4,7 +4,7 @@
 SVG   := $(NAME).svg
 SIZES := 16x16 22x22 32x32 48x48 64x64 128x128
 ICONS := $(addsuffix .png,$(SIZES))
-ICONS += $(addsuffix .xpm,16x16 32x32)
+ICONS += $(addsuffix .xpm,$(NAME) $(NAME)-16)
 
 all: $(ICONS)
 
@@ -15,9 +15,13 @@
 	        --export-height=$(word 2,$(subst x, ,$(@:.png=))) \
 		--export-png=hicolor/$(@:.png=)/apps/$(NAME).png
 
-%.xpm:
+$(NAME).xpm:
 	mkdir -p pixmaps/
-	convert hicolor/$(@:.xpm=)/apps/$(NAME).png pixmaps/$@
+	convert hicolor/32x32/apps/$(NAME).png pixmaps/$@
+
+$(NAME)-16.xpm:
+	mkdir -p pixmaps/
+	convert hicolor/16x16/apps/$(NAME).png pixmaps/$@
 
 clean:
 	$(RM) -r pixmaps hicolor

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/main.cpp
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/main.cpp?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/main.cpp (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/main.cpp Sun Dec  7 13:49:04 2008
@@ -27,7 +27,7 @@
 #ifdef CONFIG_NATIVE_WINDOWS
 	WSADATA wsaData;
 	if (WSAStartup(MAKEWORD(2, 0), &wsaData)) {
-		printf("Could not find a usable WinSock.dll\n");
+		/* printf("Could not find a usable WinSock.dll\n"); */
 		return -1;
 	}
 #endif /* CONFIG_NATIVE_WINDOWS */

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp Sun Dec  7 13:49:04 2008
@@ -12,6 +12,7 @@
  * See README and COPYING for more details.
  */
 
+#include <cstdio>
 #include <QMessageBox>
 
 #include "networkconfig.h"

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/scanresults.cpp
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/scanresults.cpp?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/scanresults.cpp (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/scanresults.cpp Sun Dec  7 13:49:04 2008
@@ -11,6 +11,8 @@
  *
  * See README and COPYING for more details.
  */
+
+#include <cstdio>
 
 #include "scanresults.h"
 #include "wpagui.h"

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling Sun Dec  7 13:49:04 2008
@@ -9,3 +9,5 @@
     sed s%/usr/lib/qt4%/q/jm/qt4-win/4.3.3/lib%g |
     sed s%/usr/include/qt4%/q/jm/qt4-win/4.3.3/include%g > tmp.Makefile.Release &&
 mv -f tmp.Makefile.Release Makefile.Release
+
+make -C icons

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro Sun Dec  7 13:49:04 2008
@@ -11,9 +11,10 @@
   SOURCES += ../../src/utils/os_win32.c
 } else:win32-g++ {
   # cross compilation to win32
-  LIBS += -lws2_32 -static
+  LIBS += -lws2_32 -static -mwindows
   DEFINES += CONFIG_NATIVE_WINDOWS CONFIG_CTRL_IFACE_NAMED_PIPE
   SOURCES += ../../src/utils/os_win32.c
+  RESOURCES += icons_png.qrc
 } else {
   DEFINES += CONFIG_CTRL_IFACE_UNIX
   SOURCES += ../../src/utils/os_unix.c

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp Sun Dec  7 13:49:04 2008
@@ -17,14 +17,25 @@
 #include <unistd.h>
 #endif
 
+#include <cstdio>
 #include <QMessageBox>
 #include <QCloseEvent>
+#include <QImageReader>
 
 #include "wpagui.h"
 #include "dirent.h"
 #include "wpa_ctrl.h"
 #include "userdatarequest.h"
 #include "networkconfig.h"
+
+#if 1
+/* Silence stdout */
+#define printf wpagui_printf
+static int wpagui_printf(const char *, ...)
+{
+	return 0;
+}
+#endif
 
 WpaGui::WpaGui(QWidget *parent, const char *, Qt::WFlags)
 	: QMainWindow(parent)
@@ -1094,7 +1105,10 @@
 
 	tray_icon = new QSystemTrayIcon(this);
 	tray_icon->setToolTip(qAppName() + " - wpa_supplicant user interface");
-	tray_icon->setIcon(QIcon(":/icons/wpa_gui.svg"));
+	if (QImageReader::supportedImageFormats().contains(QByteArray("svg")))
+		tray_icon->setIcon(QIcon(":/icons/wpa_gui.svg"));
+	else
+		tray_icon->setIcon(QIcon(":/icons/wpa_gui.png"));
 
 	connect(tray_icon,
 		SIGNAL(activated(QSystemTrayIcon::ActivationReason)),

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c Sun Dec  7 13:49:04 2008
@@ -212,7 +212,7 @@
 				     int sec, int usec)
 {
 	if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
-	    wpa_s->driver && os_strcmp(wpa_s->driver->name, "wired") == 0)
+	    wpa_s->driver && IS_WIRED(wpa_s->driver))
 		return;
 
 	wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
@@ -273,8 +273,7 @@
 				EAPOL_REQUIRE_KEY_BROADCAST;
 		}
 
-		if (wpa_s->conf && wpa_s->driver &&
-		    os_strcmp(wpa_s->driver->name, "wired") == 0) {
+		if (wpa_s->conf && wpa_s->driver && IS_WIRED(wpa_s->driver)) {
 			eapol_conf.required_keys = 0;
 		}
 	}
@@ -1388,7 +1387,7 @@
 	}
 
 	wired = wpa_s->conf->ap_scan == 0 && wpa_s->driver &&
-		os_strcmp(wpa_s->driver->name, "wired") == 0;
+		IS_WIRED(wpa_s->driver);
 
 	entry = wpa_s->conf->ssid;
 	while (entry) {

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf Sun Dec  7 13:49:04 2008
@@ -275,6 +275,9 @@
 # 0 = disabled (default)
 # 1 = enabled
 #peerkey=1
+#
+# wpa_ptk_rekey: Maximum lifetime for PTK in seconds. This can be used to
+# enforce rekeying of PTK to mitigate some attacks against TKIP deficiencies.
 #
 # Following fields are only used with internal EAP implementation.
 # eap: space-separated list of accepted EAP methods
@@ -391,8 +394,8 @@
 #	protected result indication.
 #	'crypto_binding' option can be used to control PEAPv0 cryptobinding
 #	behavior:
-#	 * 0 = do not use cryptobinding
-#	 * 1 = use cryptobinding if server supports it (default)
+#	 * 0 = do not use cryptobinding (default)
+#	 * 1 = use cryptobinding if server supports it
 #	 * 2 = require cryptobinding
 # phase2: Phase2 (inner authentication with TLS tunnel) parameters
 #	(string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or
@@ -475,6 +478,17 @@
 	priority=2
 }
 
+# WPA-Personal(PSK) with TKIP and enforcement for frequent PTK rekeying
+network={
+	ssid="example"
+	proto=WPA
+	key_mgmt=WPA-PSK
+	pairwise=TKIP
+	group=TKIP
+	psk="not so secure passphrase"
+	wpa_ptk_rekey=600
+}
+
 # Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used WEP104
 # or WEP40 as the group cipher will not be accepted.
 network={

Modified: wpasupplicant/trunk/wpa_supplicant/wpa_supplicant_i.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_supplicant_i.h?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_supplicant_i.h (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_supplicant_i.h Sun Dec  7 13:49:04 2008
@@ -334,6 +334,10 @@
 	struct wpa_client_mlme mlme;
 	int use_client_mlme;
 	int driver_4way_handshake;
+
+	int pending_mic_error_report;
+	int pending_mic_error_pairwise;
+	int mic_errors_seen; /* Michael MIC errors with the current PTK */
 };
 
 

Modified: wpasupplicant/trunk/wpa_supplicant/wpas_glue.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpas_glue.c?rev=1291&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpas_glue.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpas_glue.c Sun Dec  7 13:49:04 2008
@@ -427,11 +427,16 @@
 }
 
 
-static int wpa_supplicant_set_key(void *wpa_s, wpa_alg alg,
+static int wpa_supplicant_set_key(void *_wpa_s, wpa_alg alg,
 				  const u8 *addr, int key_idx, int set_tx,
 				  const u8 *seq, size_t seq_len,
 				  const u8 *key, size_t key_len)
 {
+	struct wpa_supplicant *wpa_s = _wpa_s;
+	if (alg == WPA_ALG_TKIP && key_idx == 0 && key_len == 32) {
+		/* Clear the MIC error counter when setting a new PTK. */
+		wpa_s->mic_errors_seen = 0;
+	}
 	return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len,
 			       key, key_len);
 }
@@ -626,6 +631,7 @@
 #endif /* IEEE8021X_EAPOL */
 		conf.ssid = ssid->ssid;
 		conf.ssid_len = ssid->ssid_len;
+		conf.wpa_ptk_rekey = ssid->wpa_ptk_rekey;
 	}
 	wpa_sm_set_config(wpa_s->wpa, ssid ? &conf : NULL);
 }




More information about the Pkg-wpa-devel mailing list