[oe] [PATCH] wpa-supplicant: Build from git sources
Maupin, Chase
chase.maupin at ti.com
Wed Apr 13 19:45:42 UTC 2011
> -----Original Message-----
> From: Reizer, Eyal
> Sent: Wednesday, April 13, 2011 11:38 AM
> To: Maupin, Chase; openembedded-devel at lists.openembedded.org
> Subject: RE: [oe] [PATCH] wpa-supplicant: Build from git sources
>
> I have also checked the option of using 0.7.inc the git recipe.
> However there are a couple of differences like in the do_configure section
> and also
> in SRC_URI (which uses a git address instead of a zip).
> I would need to make significant modification to the include file as well
> as to both 0.7.3 and
> The git recipe to be able to use the same include file which I don't think
> are worth the effort,
> and adds a risk of breaking the 0.7.3 recipe.
Eyal,
Why don't you just include the .inc file and then override the parts that need to be different? No reason to duplicate all the other functions.
>
> > -----Original Message-----
> > From: Reizer, Eyal
> > Sent: Wednesday, April 13, 2011 9:20 AM
> > To: Maupin, Chase; openembedded-devel at lists.openembedded.org
> > Subject: RE: [oe] [PATCH] wpa-supplicant: Build from git sources
> >
> > I will improve the commit message to clear this confusion.
> >
> > The version built from the git is actually version 0.8.x which is a new
> > family of versions and include new features (like wifi-direct) used by
> > new mac80211 versions.
> > It would look proper if we include a 0.7.inc file in it.
> >
> > As this is currently the only 0.8 version I think it is better to wait
> > until 0.8 comes out as an official zip and than create such an include
> > file as well for 0.8
> >
> > > -----Original Message-----
> > > From: Maupin, Chase
> > > Sent: Wednesday, April 13, 2011 7:54 AM
> > > To: openembedded-devel at lists.openembedded.org
> > > Cc: Reizer, Eyal
> > > Subject: RE: [oe] [PATCH] wpa-supplicant: Build from git sources
> > >
> > > > -----Original Message-----
> > > > From: openembedded-devel-bounces at lists.openembedded.org
> > > > [mailto:openembedded-devel-bounces at lists.openembedded.org] On
> > Behalf
> > > Of
> > > > Eyal Reizer
> > > > Sent: Tuesday, April 12, 2011 4:54 PM
> > > > To: openembedded-devel at lists.openembedded.org
> > > > Cc: Reizer, Eyal
> > > > Subject: [oe] [PATCH] wpa-supplicant: Build from git sources
> > > >
> > >
> > > Need a more detailed commit message. Can you re-use the wpa-
> > > supplicant-0.7.inc include file? 90% of this stuff seems the same.
> > >
> > > > Signed-off-by: Eyal Reizer <eyalr at ti.com>
> > > > ---
> > > > .../wpa-supplicant-git/99_wpa_supplicant | 1 +
> > > > .../wpa-supplicant-git/defaults-sane | 8 +
> > > > .../wpa-supplicant/wpa-supplicant-git/defconfig | 422
> > > ++++++++++++
> > > > .../wpa-supplicant-git/wpa-supplicant.sh | 85 +++
> > > > .../wpa-supplicant-git/wpa_supplicant.conf | 690
> > > > ++++++++++++++++++++
> > > > .../wpa-supplicant-git/wpa_supplicant.conf-sane | 7 +
> > > > recipes/wpa-supplicant/wpa-supplicant_git.bb | 103 +++
> > > > 7 files changed, 1316 insertions(+), 0 deletions(-)
> > > > create mode 100755 recipes/wpa-supplicant/wpa-supplicant-
> > > > git/99_wpa_supplicant
> > > > create mode 100755 recipes/wpa-supplicant/wpa-supplicant-
> > > git/defaults-
> > > > sane
> > > > create mode 100755 recipes/wpa-supplicant/wpa-supplicant-
> > > git/defconfig
> > > > create mode 100755 recipes/wpa-supplicant/wpa-supplicant-git/wpa-
> > > > supplicant.sh
> > > > create mode 100755 recipes/wpa-supplicant/wpa-supplicant-
> > > > git/wpa_supplicant.conf
> > > > create mode 100755 recipes/wpa-supplicant/wpa-supplicant-
> > > > git/wpa_supplicant.conf-sane
> > > > create mode 100755 recipes/wpa-supplicant/wpa-supplicant_git.bb
> > > >
> > > > diff --git a/recipes/wpa-supplicant/wpa-supplicant-
> > > git/99_wpa_supplicant
> > > > b/recipes/wpa-supplicant/wpa-supplicant-git/99_wpa_supplicant
> > > > new file mode 100755
> > > > index 0000000..6ff4dd8
> > > > --- /dev/null
> > > > +++ b/recipes/wpa-supplicant/wpa-supplicant-git/99_wpa_supplicant
> > > > @@ -0,0 +1 @@
> > > > +d root root 0700 /var/run/wpa_supplicant none
> > > > diff --git a/recipes/wpa-supplicant/wpa-supplicant-git/defaults-
> > sane
> > > > b/recipes/wpa-supplicant/wpa-supplicant-git/defaults-sane
> > > > new file mode 100755
> > > > index 0000000..67c4cbd
> > > > --- /dev/null
> > > > +++ b/recipes/wpa-supplicant/wpa-supplicant-git/defaults-sane
> > > > @@ -0,0 +1,8 @@
> > > > +# Useful flags:
> > > > +# -i <ifname> Interface (required, unless specified in
> > > config)
> > > > +# -D <driver> Wireless Driver
> > > > +# -d Debugging (-dd for more)
> > > > +# -q Quiet (-qq for more)
> > > > +
> > > > +CONFIG="/etc/wpa_supplicant.conf"
> > > > +OPTIONS="-i eth1 -D wext"
> > > > diff --git a/recipes/wpa-supplicant/wpa-supplicant-git/defconfig
> > > > b/recipes/wpa-supplicant/wpa-supplicant-git/defconfig
> > > > new file mode 100755
> > > > index 0000000..d9be1a8
> > > > --- /dev/null
> > > > +++ b/recipes/wpa-supplicant/wpa-supplicant-git/defconfig
> > > > @@ -0,0 +1,422 @@
> > > > +# Example wpa_supplicant build time configuration
> > > > +#
> > > > +# This file lists the configuration options that are used when
> > > building
> > > > the
> > > > +# hostapd binary. All lines starting with # are ignored.
> > > Configuration
> > > > option
> > > > +# lines must be commented out complete, if they are not to be
> > > included,
> > > > i.e.,
> > > > +# just setting VARIABLE=n is not disabling that variable.
> > > > +#
> > > > +# This file is included in Makefile, so variables like CFLAGS and
> > > LIBS
> > > > can also
> > > > +# be modified from here. In most cases, these lines should use +=
> > in
> > > > order not
> > > > +# to override previous values of the variables.
> > > > +
> > > > +
> > > > +# Uncomment following two lines and fix the paths if you have
> > > installed
> > > > OpenSSL
> > > > +# or GnuTLS in non-default location
> > > > +#CFLAGS += -I/usr/local/openssl/include
> > > > +#LIBS += -L/usr/local/openssl/lib
> > > > +
> > > > +# Some Red Hat versions seem to include kerberos header files from
> > > > OpenSSL, but
> > > > +# the kerberos files are not in the default include path.
> > Following
> > > line
> > > > can be
> > > > +# used to fix build issues on such systems (krb5.h not found).
> > > > +#CFLAGS += -I/usr/include/kerberos
> > > > +
> > > > +# Example configuration for various cross-compilation platforms
> > > > +
> > > > +#### sveasoft (e.g., for Linksys WRT54G)
> > > > ######################################
> > > > +#CC=mipsel-uclibc-gcc
> > > > +#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
> > > > +#CFLAGS += -Os
> > > > +#CPPFLAGS += -I../src/include -I../../src/router/openssl/include
> > > > +#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl
> > > >
> > >
> > +######################################################################
> > > ###
> > > > ######
> > > > +
> > > > +#### openwrt (e.g., for Linksys WRT54G)
> > > > #######################################
> > > > +#CC=mipsel-uclibc-gcc
> > > > +#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
> > > > +#CFLAGS += -Os
> > > > +#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \
> > > > +# -I../WRT54GS/release/src/include
> > > > +#LIBS = -lssl
> > > >
> > >
> > +######################################################################
> > > ###
> > > > ######
> > > > +
> > > > +CC=$(CROSS_COMPILE)gcc
> > > > +#CFLAGS += -DCONFIG_LIBNL20
> > > > +#CPPFLAGS += -DCONFIG_LIBNL20
> > > > +#LIBS += -L$(NFSROOT)/lib -lnl
> > > > +#LIBS_p += -L$(NFSROOT)/lib
> > > > +#LIBDIR = $(NFSROOT)/lib
> > > > +#BINDIR = $(NFSROOT)/usr/sbin
> > > > +
> > > > +CONFIG_WAPI=y
> > > > +CONFIG_LIBNL20=y
> > > > +NEED_BGSCAN=y
> > > > +CONFIG_BGSCAN_LEARN=y
> > > > +
> > > > +# Driver interface for Host AP driver
> > > > +#CONFIG_DRIVER_HOSTAP=y
> > > > +
> > > > +# Driver interface for Agere driver
> > > > +#CONFIG_DRIVER_HERMES=y
> > > > +# Change include directories to match with the local setup
> > > > +#CFLAGS += -I../../hcf -I../../include -I../../include/hcf
> > > > +#CFLAGS += -I../../include/wireless
> > > > +
> > > > +# Driver interface for madwifi driver
> > > > +# Deprecated; use CONFIG_DRIVER_WEXT=y instead.
> > > > +#CONFIG_DRIVER_MADWIFI=y
> > > > +# Set include directory to the madwifi source tree
> > > > +#CFLAGS += -I../../madwifi
> > > > +
> > > > +# Driver interface for ndiswrapper
> > > > +# Deprecated; use CONFIG_DRIVER_WEXT=y instead.
> > > > +#CONFIG_DRIVER_NDISWRAPPER=y
> > > > +
> > > > +# Driver interface for Atmel driver
> > > > +#CONFIG_DRIVER_ATMEL=y
> > > > +
> > > > +# Driver interface for old Broadcom driver
> > > > +# Please note that the newer Broadcom driver ("hybrid Linux
> > driver")
> > > > supports
> > > > +# Linux wireless extensions and does not need (or even work) with
> > > the old
> > > > +# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver.
> > > > +#CONFIG_DRIVER_BROADCOM=y
> > > > +# Example path for wlioctl.h; change to match your configuration
> > > > +#CFLAGS += -I/opt/WRT54GS/release/src/include
> > > > +
> > > > +# Driver interface for Intel ipw2100/2200 driver
> > > > +# Deprecated; use CONFIG_DRIVER_WEXT=y instead.
> > > > +#CONFIG_DRIVER_IPW=y
> > > > +
> > > > +# Driver interface for Ralink driver
> > > > +#CONFIG_DRIVER_RALINK=y
> > > > +
> > > > +# Driver interface for generic Linux wireless extensions
> > > > +CONFIG_DRIVER_WEXT=y
> > > > +
> > > > +# Driver interface for Linux drivers using the nl80211 kernel
> > > interface
> > > > +CONFIG_DRIVER_NL80211=y
> > > > +
> > > > +# Driver interface for FreeBSD net80211 layer (e.g., Atheros
> > driver)
> > > > +#CONFIG_DRIVER_BSD=y
> > > > +#CFLAGS += -I/usr/local/include
> > > > +#LIBS += -L/usr/local/lib
> > > > +#LIBS_p += -L/usr/local/lib
> > > > +#LIBS_c += -L/usr/local/lib
> > > > +
> > > > +# Driver interface for Windows NDIS
> > > > +#CONFIG_DRIVER_NDIS=y
> > > > +#CFLAGS += -I/usr/include/w32api/ddk
> > > > +#LIBS += -L/usr/local/lib
> > > > +# For native build using mingw
> > > > +#CONFIG_NATIVE_WINDOWS=y
> > > > +# Additional directories for cross-compilation on Linux host for
> > > mingw
> > > > target
> > > > +#CFLAGS += -I/opt/mingw/mingw32/include/ddk
> > > > +#LIBS += -L/opt/mingw/mingw32/lib
> > > > +#CC=mingw32-gcc
> > > > +# By default, driver_ndis uses WinPcap for low-level operations.
> > > This can
> > > > be
> > > > +# replaced with the following option which replaces WinPcap calls
> > > with
> > > > NDISUIO.
> > > > +# However, this requires that WZC is disabled (net stop wzcsvc)
> > > before
> > > > starting
> > > > +# wpa_supplicant.
> > > > +# CONFIG_USE_NDISUIO=y
> > > > +
> > > > +# Driver interface for development testing
> > > > +#CONFIG_DRIVER_TEST=y
> > > > +
> > > > +# Include client MLME (management frame processing) for test
> > driver
> > > > +# This can be used to test MLME operations in hostapd with the
> > test
> > > > interface.
> > > > +# space.
> > > > +#CONFIG_CLIENT_MLME=y
> > > > +
> > > > +# Driver interface for wired Ethernet drivers
> > > > +CONFIG_DRIVER_WIRED=y
> > > > +
> > > > +# Driver interface for the Broadcom RoboSwitch family
> > > > +#CONFIG_DRIVER_ROBOSWITCH=y
> > > > +
> > > > +# Driver interface for no driver (e.g., WPS ER only)
> > > > +#CONFIG_DRIVER_NONE=y
> > > > +
> > > > +# Solaris libraries
> > > > +#LIBS += -lsocket -ldlpi -lnsl
> > > > +#LIBS_c += -lsocket
> > > > +
> > > > +# Enable IEEE 802.1X Supplicant (automatically included if any EAP
> > > method
> > > > is
> > > > +# included)
> > > > +CONFIG_IEEE8021X_EAPOL=y
> > > > +
> > > > +# EAP-MD5
> > > > +CONFIG_EAP_MD5=y
> > > > +
> > > > +# EAP-MSCHAPv2
> > > > +CONFIG_EAP_MSCHAPV2=y
> > > > +
> > > > +# EAP-TLS
> > > > +CONFIG_EAP_TLS=y
> > > > +
> > > > +# EAL-PEAP
> > > > +CONFIG_EAP_PEAP=y
> > > > +
> > > > +# EAP-TTLS
> > > > +CONFIG_EAP_TTLS=y
> > > > +
> > > > +# EAP-FAST
> > > > +# Note: Default OpenSSL package does not include support for all
> > the
> > > > +# functionality needed for EAP-FAST. If EAP-FAST is enabled with
> > > OpenSSL,
> > > > +# the OpenSSL library must be patched (openssl-0.9.8d-tls-
> > > > extensions.patch)
> > > > +# to add the needed functions.
> > > > +#CONFIG_EAP_FAST=y
> > > > +
> > > > +# EAP-GTC
> > > > +CONFIG_EAP_GTC=y
> > > >
> > > > +
> > > > +# EAP-OTP
> > > > +CONFIG_EAP_OTP=y
> > > > +
> > > > +# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
> > > > +#CONFIG_EAP_SIM=y
> > > > +
> > > > +# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
> > > > +#CONFIG_EAP_PSK=y
> > > > +
> > > > +# EAP-PAX
> > > > +#CONFIG_EAP_PAX=y
> > > > +
> > > > +# LEAP
> > > > +CONFIG_EAP_LEAP=y
> > > > +
> > > > +# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
> > > > +#CONFIG_EAP_AKA=y
> > > > +
> > > > +# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
> > > > +# This requires CONFIG_EAP_AKA to be enabled, too.
> > > > +#CONFIG_EAP_AKA_PRIME=y
> > > > +
> > > > +# Enable USIM simulator (Milenage) for EAP-AKA
> > > > +#CONFIG_USIM_SIMULATOR=y
> > > > +
> > > > +# EAP-SAKE
> > > > +#CONFIG_EAP_SAKE=y
> > > > +
> > > > +# EAP-GPSK
> > > > +#CONFIG_EAP_GPSK=y
> > > > +# Include support for optional SHA256 cipher suite in EAP-GPSK
> > > > +#CONFIG_EAP_GPSK_SHA256=y
> > > > +
> > > > +# EAP-TNC and related Trusted Network Connect support
> > (experimental)
> > > > +#CONFIG_EAP_TNC=y
> > > > +
> > > > +# Wi-Fi Protected Setup (WPS)
> > > > +CONFIG_WPS=y
> > > > +# Enable WSC 2.0 support
> > > > +CONFIG_WPS2=y
> > > > +
> > > > +# EAP-IKEv2
> > > > +#CONFIG_EAP_IKEV2=y
> > > > +
> > > > +# PKCS#12 (PFX) support (used to read private key and certificate
> > > file
> > > > from
> > > > +# a file that usually has extension .p12 or .pfx)
> > > > +CONFIG_PKCS12=y
> > > > +
> > > > +# Smartcard support (i.e., private key on a smartcard), e.g., with
> > > > openssl
> > > > +# engine.
> > > > +CONFIG_SMARTCARD=y
> > > > +
> > > > +# PC/SC interface for smartcards (USIM, GSM SIM)
> > > > +# Enable this if EAP-SIM or EAP-AKA is included
> > > > +#CONFIG_PCSC=y
> > > > +
> > > > +# Development testing
> > > > +#CONFIG_EAPOL_TEST=y
> > > > +
> > > > +# Select control interface backend for external programs, e.g,
> > > wpa_cli:
> > > > +# unix = UNIX domain sockets (default for Linux/*BSD)
> > > > +# udp = UDP sockets using localhost (127.0.0.1)
> > > > +# named_pipe = Windows Named Pipe (default for Windows)
> > > > +# y = use default (backwards compatibility)
> > > > +# If this option is commented out, control interface is not
> > included
> > > in
> > > > the
> > > > +# build.
> > > > +CONFIG_CTRL_IFACE=y
> > > > +
> > > > +# Include support for GNU Readline and History Libraries in
> > wpa_cli.
> > > > +# When building a wpa_cli binary for distribution, please note
> > that
> > > these
> > > > +# libraries are licensed under GPL and as such, BSD license may
> > not
> > > apply
> > > > for
> > > > +# the resulting binary.
> > > > +#CONFIG_READLINE=y
> > > > +
> > > > +# Remove debugging code that is printing out debug message to
> > > stdout.
> > > > +# This can be used to reduce the size of the wpa_supplicant
> > > considerably
> > > > +# if debugging code is not needed. The size reduction can be
> > around
> > > 35%
> > > > +# (e.g., 90 kB).
> > > > +#CONFIG_NO_STDOUT_DEBUG=y
> > > > +
> > > > +# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant,
> > > to
> > > > save
> > > > +# 35-50 kB in code size.
> > > > +#CONFIG_NO_WPA=y
> > > > +
> > > > +# Remove WPA2 support. This allows WPA to be used, but removes
> > WPA2
> > > code
> > > > to
> > > > +# save about 1 kB in code size when building only WPA-Personal (no
> > > EAP
> > > > support)
> > > > +# or 6 kB if building for WPA-Enterprise.
> > > > +#CONFIG_NO_WPA2=y
> > > > +
> > > > +# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
> > > > +# This option can be used to reduce code size by removing support
> > > for
> > > > +# converting ASCII passphrases into PSK. If this functionality is
> > > removed,
> > > > the
> > > > +# PSK can only be configured as the 64-octet hexstring (e.g., from
> > > > +# wpa_passphrase). This saves about 0.5 kB in code size.
> > > > +#CONFIG_NO_WPA_PASSPHRASE=y
> > > > +
> > > > +# Disable scan result processing (ap_mode=1) to save code size by
> > > about 1
> > > > kB.
> > > > +# This can be used if ap_scan=1 mode is never enabled.
> > > > +#CONFIG_NO_SCAN_PROCESSING=y
> > > > +
> > > > +# Select configuration backend:
> > > > +# file = text file (e.g., wpa_supplicant.conf; note: the
> > > configuration
> > > > file
> > > > +# path is given on command line, not here; this option is
> > just used
> > > to
> > > > +# select the backend that allows configuration files to be
> > used)
> > > > +# winreg = Windows registry (see win_example.reg for an example)
> > > > +CONFIG_BACKEND=file
> > > > +
> > > > +# Remove configuration write functionality (i.e., to allow the
> > > > configuration
> > > > +# file to be updated based on runtime configuration changes). The
> > > runtime
> > > > +# configuration can still be changed, the changes are just not
> > going
> > > to
> > > > be
> > > > +# persistent over restarts. This option can be used to reduce code
> > > size
> > > > by
> > > > +# about 3.5 kB.
> > > > +#CONFIG_NO_CONFIG_WRITE=y
> > > > +
> > > > +# Remove support for configuration blobs to reduce code size by
> > > about 1.5
> > > > kB.
> > > > +#CONFIG_NO_CONFIG_BLOBS=y
> > > > +
> > > > +# Select program entry point implementation:
> > > > +# main = UNIX/POSIX like main() function (default)
> > > > +# main_winsvc = Windows service (read parameters from registry)
> > > > +# main_none = Very basic example (development use only)
> > > > +#CONFIG_MAIN=main
> > > > +
> > > > +# Select wrapper for operatins system and C library specific
> > > functions
> > > > +# unix = UNIX/POSIX like systems (default)
> > > > +# win32 = Windows systems
> > > > +# none = Empty template
> > > > +#CONFIG_OS=unix
> > > > +
> > > > +# Select event loop implementation
> > > > +# eloop = select() loop (default)
> > > > +# eloop_win = Windows events and WaitForMultipleObject() loop
> > > > +# eloop_none = Empty template
> > > > +#CONFIG_ELOOP=eloop
> > > > +
> > > > +# Select layer 2 packet implementation
> > > > +# linux = Linux packet socket (default)
> > > > +# pcap = libpcap/libdnet/WinPcap
> > > > +# freebsd = FreeBSD libpcap
> > > > +# winpcap = WinPcap with receive thread
> > > > +# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
> > > > +# none = Empty template
> > > > +#CONFIG_L2_PACKET=linux
> > > > +
> > > > +# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
> > > > +CONFIG_PEERKEY=y
> > > > +
> > > > +# IEEE 802.11w (management frame protection)
> > > > +# This version is an experimental implementation based on IEEE
> > > > 802.11w/D1.0
> > > > +# draft and is subject to change since the standard has not yet
> > been
> > > > finalized.
> > > > +# Driver support is also needed for IEEE 802.11w.
> > > > +#CONFIG_IEEE80211W=y
> > > > +
> > > > +# Select TLS implementation
> > > > +# openssl = OpenSSL (default)
> > > > +# gnutls = GnuTLS (needed for TLS/IA, see also
> > CONFIG_GNUTLS_EXTRA)
> > > > +# internal = Internal TLSv1 implementation (experimental)
> > > > +# none = Empty template
> > > > +#CONFIG_TLS=openssl
> > > > +
> > > > +# Whether to enable TLS/IA support, which is required for EAP-
> > > TTLSv1.
> > > > +# You need CONFIG_TLS=gnutls for this to have any effect. Please
> > > note
> > > > that
> > > > +# even though the core GnuTLS library is released under LGPL, this
> > > extra
> > > > +# library uses GPL and as such, the terms of GPL apply to the
> > > combination
> > > > +# of wpa_supplicant and GnuTLS if this option is enabled. BSD
> > > license may
> > > > not
> > > > +# apply for distribution of the resulting binary.
> > > > +#CONFIG_GNUTLS_EXTRA=y
> > > > +
> > > > +# If CONFIG_TLS=internal is used, additional library and include
> > > paths
> > > > are
> > > > +# needed for LibTomMath. Alternatively, an integrated, minimal
> > > version of
> > > > +# LibTomMath can be used. See beginning of libtommath.c for
> > details
> > > on
> > > > benefits
> > > > +# and drawbacks of this option.
> > > > +#CONFIG_INTERNAL_LIBTOMMATH=y
> > > > +#ifndef CONFIG_INTERNAL_LIBTOMMATH
> > > > +#LTM_PATH=/usr/src/libtommath-0.39
> > > > +#CFLAGS += -I$(LTM_PATH)
> > > > +#LIBS += -L$(LTM_PATH)
> > > > +#LIBS_p += -L$(LTM_PATH)
> > > > +#endif
> > > > +# At the cost of about 4 kB of additional binary size, the
> > internal
> > > > LibTomMath
> > > > +# can be configured to include faster routines for exptmod, sqr,
> > and
> > > div
> > > > to
> > > > +# speed up DH and RSA calculation considerably
> > > > +#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
> > > > +
> > > > +# Include NDIS event processing through WMI into
> > > wpa_supplicant/wpasvc.
> > > > +# This is only for Windows builds and requires WMI-related header
> > > files
> > > > and
> > > > +# WbemUuid.Lib from Platform SDK even when building with MinGW.
> > > > +#CONFIG_NDIS_EVENTS_INTEGRATED=y
> > > > +#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
> > > > +
> > > > +# Add support for old DBus control interface
> > > > +# (fi.epitest.hostap.WPASupplicant)
> > > > +#CONFIG_CTRL_IFACE_DBUS=y
> > > > +
> > > > +# Add support for new DBus control interface
> > > > +# (fi.w1.hostap.wpa_supplicant1)
> > > > +#CONFIG_CTRL_IFACE_DBUS_NEW=y
> > > > +
> > > > +# Add introspection support for new DBus control interface
> > > > +#CONFIG_CTRL_IFACE_DBUS_INTRO=y
> > > > +
> > > > +# Add support for loading EAP methods dynamically as shared
> > > libraries.
> > > > +# When this option is enabled, each EAP method can be either
> > > included
> > > > +# statically (CONFIG_EAP_<method>=y) or dynamically
> > > > (CONFIG_EAP_<method>=dyn).
> > > > +# Dynamic EAP methods are build as shared objects (eap_*.so) and
> > > they
> > > > need to
> > > > +# be loaded in the beginning of the wpa_supplicant configuration
> > > file
> > > > +# (see load_dynamic_eap parameter in the example file) before
> > being
> > > used
> > > > in
> > > > +# the network blocks.
> > > > +#
> > > > +# Note that some shared parts of EAP methods are included in the
> > > main
> > > > program
> > > > +# and in order to be able to use dynamic EAP methods using these
> > > parts,
> > > > the
> > > > +# main program must have been build with the EAP method enabled
> > (=y
> > > or
> > > > =dyn).
> > > > +# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as
> > dynamic
> > > > libraries
> > > > +# unless at least one of them was included in the main build to
> > > force
> > > > inclusion
> > > > +# of the shared code. Similarly, at least one of EAP-SIM/AKA must
> > be
> > > > included
> > > > +# in the main build to be able to load these methods dynamically.
> > > > +#
> > > > +# Please also note that using dynamic libraries will increase the
> > > total
> > > > binary
> > > > +# size. Thus, it may not be the best option for targets that have
> > > limited
> > > > +# amount of memory/flash.
> > > > +#CONFIG_DYNAMIC_EAP_METHODS=y
> > > > +
> > > > +# IEEE Std 802.11r-2008 (Fast BSS Transition)
> > > > +#CONFIG_IEEE80211R=y
> > > > +
> > > > +# Add support for writing debug log to a file
> > (/tmp/wpa_supplicant-
> > > log-
> > > > #.txt)
> > > > +CONFIG_DEBUG_FILE=y
> > > > +
> > > > +# Enable privilege separation (see README 'Privilege separation'
> > for
> > > > details)
> > > > +#CONFIG_PRIVSEP=y
> > > > +
> > > > +# Enable mitigation against certain attacks against TKIP by
> > delaying
> > > > Michael
> > > > +# MIC error reports by a random amount of time between 0 and 60
> > > seconds
> > > > +#CONFIG_DELAYED_MIC_ERROR_REPORT=y
> > > > +
> > > > +# Enable tracing code for developer debugging
> > > > +# This tracks use of memory allocations and other registrations
> > and
> > > > reports
> > > > +# incorrect use with a backtrace of call (or allocation) location.
> > > > +#CONFIG_WPA_TRACE=y
> > > > +# For BSD, comment out these.
> > > > +#LIBS += -lexecinfo
> > > > +#LIBS_p += -lexecinfo
> > > > +#LIBS_c += -lexecinfo
> > > > +
> > > > +# Use libbfd to get more details for developer debugging
> > > > +# This enables use of libbfd to get more detailed symbols for the
> > > > backtraces
> > > > +# generated by CONFIG_WPA_TRACE=y.
> > > > +#CONFIG_WPA_TRACE_BFD=y
> > > > +# For BSD, comment out these.
> > > > +#LIBS += -lbfd -liberty -lz
> > > > +#LIBS_p += -lbfd -liberty -lz
> > > > +#LIBS_c += -lbfd -liberty -lz
> > > > diff --git a/recipes/wpa-supplicant/wpa-supplicant-git/wpa-
> > > supplicant.sh
> > > > b/recipes/wpa-supplicant/wpa-supplicant-git/wpa-supplicant.sh
> > > > new file mode 100755
> > > > index 0000000..5c9e5d3
> > > > --- /dev/null
> > > > +++ b/recipes/wpa-supplicant/wpa-supplicant-git/wpa-supplicant.sh
> > > > @@ -0,0 +1,85 @@
> > > > +#!/bin/sh
> > > > +
> > > > +
> > > > +WPA_SUP_BIN="/usr/sbin/wpa_supplicant"
> > > > +WPA_SUP_PNAME="wpa_supplicant"
> > > > +WPA_SUP_PIDFILE="/var/run/wpa_supplicant.$IFACE.pid"
> > > > +WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $IFACE"
> > > > +
> > > > +VERBOSITY=0
> > > > +
> > > > +
> > > > +if [ -s "$IF_WPA_CONF" ]; then
> > > > + WPA_SUP_CONF="-c $IF_WPA_CONF"
> > > > +else
> > > > + exit 0
> > > > +fi
> > > > +
> > > > +if [ ! -x "$WPA_SUP_BIN" ]; then
> > > > +
> > > > + if [ "$VERBOSITY" = "1" ]; then
> > > > + echo "$WPA_SUP_PNAME: binaries not executable or missing
> > > from
> > > > $WPA_SUP_BIN"
> > > > + fi
> > > > +
> > > > + exit 1
> > > > +fi
> > > > +
> > > > +if [ "$MODE" = "start" ] ; then
> > > > + # driver type of interface, defaults to wext when undefined
> > > > + if [ -s "/etc/wpa_supplicant/driver.$IFACE" ]; then
> > > > + IF_WPA_DRIVER=$(cat "/etc/wpa_supplicant/driver.$IFACE")
> > > > + elif [ -z "$IF_WPA_DRIVER" ]; then
> > > > +
> > > > + if [ "$VERBOSITY" = "1" ]; then
> > > > + echo "$WPA_SUP_PNAME: wpa-driver not provided,
> using
> > > > \"wext\""
> > > > + fi
> > > > +
> > > > + IF_WPA_DRIVER="wext"
> > > > + fi
> > > > +
> > > > + # if we have passed the criteria, start wpa_supplicant
> > > > + if [ -n "$WPA_SUP_CONF" ]; then
> > > > +
> > > > + if [ "$VERBOSITY" = "1" ]; then
> > > > + echo "$WPA_SUP_PNAME: $WPA_SUP_BIN
> $WPA_SUP_OPTIONS
> > > > $WPA_SUP_CONF -D $IF_WPA_DRIVER"
> > > > + fi
> > > > +
> > > > + start-stop-daemon --start --quiet \
> > > > + --name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --
> > > pidfile
> > > > $WPA_SUP_PIDFILE \
> > > > + -- $WPA_SUP_OPTIONS $WPA_SUP_CONF -D
> $IF_WPA_DRIVER
> > > > + fi
> > > > +
> > > > + # if the interface socket exists, then wpa_supplicant was
> invoked
> > > > successfully
> > > > + if [ -S "$WPA_COMMON_CTRL_IFACE/$IFACE" ]; then
> > > > +
> > > > + if [ "$VERBOSITY" = "1" ]; then
> > > > + echo "$WPA_SUP_PNAME: ctrl_interface socket
> located
> > > at
> > > > $WPA_COMMON_CTRL_IFACE/$IFACE"
> > > > + fi
> > > > +
> > > > + exit 0
> > > > +
> > > > + fi
> > > > +
> > > > +elif [ "$MODE" = "stop" ]; then
> > > > +
> > > > + if [ -f "$WPA_SUP_PIDFILE" ]; then
> > > > +
> > > > + if [ "$VERBOSITY" = "1" ]; then
> > > > + echo "$WPA_SUP_PNAME: terminating $WPA_SUP_PNAME
> > > daemon"
> > > > + fi
> > > > +
> > > > + start-stop-daemon --stop --quiet \
> > > > + --name $WPA_SUP_PNAME --pidfile
> $WPA_SUP_PIDFILE
> > > > +
> > > > + if [ -S "$WPA_COMMON_CTRL_IFACE/$IFACE" ]; then
> > > > + rm -f $WPA_COMMON_CTRL_IFACE/$IFACE
> > > > + fi
> > > > +
> > > > + if [ -f "$WPA_SUP_PIDFILE" ]; then
> > > > + rm -f $WPA_SUP_PIDFILE
> > > > + fi
> > > > + fi
> > > > +
> > > > +fi
> > > > +
> > > > +exit 0
> > > > diff --git a/recipes/wpa-supplicant/wpa-supplicant-
> > > git/wpa_supplicant.conf
> > > > b/recipes/wpa-supplicant/wpa-supplicant-git/wpa_supplicant.conf
> > > > new file mode 100755
> > > > index 0000000..f0c993d
> > > > --- /dev/null
> > > > +++ b/recipes/wpa-supplicant/wpa-supplicant-git/wpa_supplicant.conf
> > > > @@ -0,0 +1,690 @@
> > > > +##### Example wpa_supplicant configuration file
> > > > ###############################
> > > > +#
> > > > +# This file describes configuration file format and lists all
> > > available
> > > > option.
> > > > +# Please also take a look at simpler configuration examples in
> > > 'examples'
> > > > +# subdirectory.
> > > > +#
> > > > +# Empty lines and lines starting with # are ignored
> > > > +
> > > > +# NOTE! This file may contain password information and should
> > > probably be
> > > > made
> > > > +# readable only by root user on multiuser systems.
> > > > +
> > > > +# Note: All file paths in this configuration file should use full
> > > > (absolute,
> > > > +# not relative to working directory) path in order to allow
> > working
> > > > directory
> > > > +# to be changed. This can happen if wpa_supplicant is run in the
> > > > background.
> > > > +
> > > > +# Whether to allow wpa_supplicant to update (overwrite)
> > > configuration
> > > > +#
> > > > +# This option can be used to allow wpa_supplicant to overwrite
> > > > configuration
> > > > +# file whenever configuration is changed (e.g., new network block
> > is
> > > > added with
> > > > +# wpa_cli or wpa_gui, or a password is changed). This is required
> > > for
> > > > +# wpa_cli/wpa_gui to be able to store the configuration changes
> > > > permanently.
> > > > +# Please note that overwriting configuration file will remove the
> > > > comments from
> > > > +# it.
> > > > +#update_config=1
> > > > +
> > > > +# global configuration (shared by all network blocks)
> > > > +#
> > > > +# Parameters for the control interface. If this is specified,
> > > > wpa_supplicant
> > > > +# will open a control interface that is available for external
> > > programs
> > > > to
> > > > +# manage wpa_supplicant. The meaning of this string depends on
> > which
> > > > control
> > > > +# interface mechanism is used. For all cases, the existance of
> > this
> > > > parameter
> > > > +# in configuration is used to determine whether the control
> > > interface is
> > > > +# enabled.
> > > > +#
> > > > +# For UNIX domain sockets (default on Linux and BSD): This is a
> > > directory
> > > > that
> > > > +# will be created for UNIX domain sockets for listening to
> > requests
> > > from
> > > > +# external programs (CLI/GUI, etc.) for status information and
> > > > configuration.
> > > > +# The socket file will be named based on the interface name, so
> > > multiple
> > > > +# wpa_supplicant processes can be run at the same time if more
> > than
> > > one
> > > > +# interface is used.
> > > > +# /var/run/wpa_supplicant is the recommended directory for sockets
> > > and by
> > > > +# default, wpa_cli will use it when trying to connect with
> > > wpa_supplicant.
> > > > +#
> > > > +# Access control for the control interface can be configured by
> > > setting
> > > > the
> > > > +# directory to allow only members of a group to use sockets. This
> > > way, it
> > > > is
> > > > +# possible to run wpa_supplicant as root (since it needs to change
> > > > network
> > > > +# configuration and open raw sockets) and still allow GUI/CLI
> > > components
> > > > to be
> > > > +# run as non-root users. However, since the control interface can
> > be
> > > used
> > > > to
> > > > +# change the network configuration, this access needs to be
> > > protected in
> > > > many
> > > > +# cases. By default, wpa_supplicant is configured to use gid 0
> > > (root). If
> > > > you
> > > > +# want to allow non-root users to use the control interface, add a
> > > new
> > > > group
> > > > +# and change this value to match with that group. Add users that
> > > should
> > > > have
> > > > +# control interface access to this group. If this variable is
> > > commented
> > > > out or
> > > > +# not included in the configuration file, group will not be
> > changed
> > > from
> > > > the
> > > > +# value it got by default when the directory or socket was
> > created.
> > > > +#
> > > > +# When configuring both the directory and group, use following
> > > format:
> > > > +# DIR=/var/run/wpa_supplicant GROUP=wheel
> > > > +# DIR=/var/run/wpa_supplicant GROUP=0
> > > > +# (group can be either group name or gid)
> > > > +#
> > > > +# For UDP connections (default on Windows): The value will be
> > > ignored.
> > > > This
> > > > +# variable is just used to select that the control interface is to
> > > be
> > > > created.
> > > > +# The value can be set to, e.g., udp (ctrl_interface=udp)
> > > > +#
> > > > +# For Windows Named Pipe: This value can be used to set the
> > security
> > > > descriptor
> > > > +# for controlling access to the control interface. Security
> > > descriptor
> > > > can be
> > > > +# set using Security Descriptor String Format (see
> > > > http://msdn.microsoft.com/
> > > > +# library/default.asp?url=/library/en-us/secauthz/security/
> > > > +# security_descriptor_string_format.asp). The descriptor string
> > > needs to
> > > > be
> > > > +# prefixed with SDDL=. For example, ctrl_interface=SDDL=D: would
> > set
> > > an
> > > > empty
> > > > +# DACL (which will reject all connections). See README-Windows.txt
> > > for
> > > > more
> > > > +# information about SDDL string format.
> > > > +#
> > > > +ctrl_interface=/var/run/wpa_supplicant
> > > > +
> > > > +# IEEE 802.1X/EAPOL version
> > > > +# wpa_supplicant is implemented based on IEEE Std 802.1X-2004
> > which
> > > > defines
> > > > +# EAPOL version 2. However, there are many APs that do not handle
> > > the new
> > > > +# version number correctly (they seem to drop the frames
> > > completely). In
> > > > order
> > > > +# to make wpa_supplicant interoperate with these APs, the version
> > > number
> > > > is set
> > > > +# to 1 by default. This configuration value can be used to set it
> > to
> > > the
> > > > new
> > > > +# version (2).
> > > > +eapol_version=1
> > > > +
> > > > +# AP scanning/selection
> > > > +# By default, wpa_supplicant requests driver to perform AP
> > scanning
> > > and
> > > > then
> > > > +# uses the scan results to select a suitable AP. Another
> > alternative
> > > is
> > > > to
> > > > +# allow the driver to take care of AP scanning and selection and
> > use
> > > > +# wpa_supplicant just to process EAPOL frames based on IEEE 802.11
> > > > association
> > > > +# information from the driver.
> > > > +# 1: wpa_supplicant initiates scanning and AP selection
> > > > +# 0: driver takes care of scanning, AP selection, and IEEE 802.11
> > > > association
> > > > +# parameters (e.g., WPA IE generation); this mode can also be
> > > used
> > > > with
> > > > +# non-WPA drivers when using IEEE 802.1X mode; do not try to
> > > associate
> > > > with
> > > > +# APs (i.e., external program needs to control association).
> > This
> > > mode
> > > > must
> > > > +# also be used when using wired Ethernet drivers.
> > > > +# 2: like 0, but associate with APs using security policy and SSID
> > > (but
> > > > not
> > > > +# BSSID); this can be used, e.g., with ndiswrapper and NDIS
> > > drivers to
> > > > +# enable operation with hidden SSIDs and optimized roaming; in
> > > this
> > > > mode,
> > > > +# the network blocks in the configuration file are tried one by
> > > one
> > > > until
> > > > +# the driver reports successful association; each network block
> > > should
> > > > have
> > > > +# explicit security policy (i.e., only one option in the lists)
> > > for
> > > > +# key_mgmt, pairwise, group, proto variables
> > > > +ap_scan=1
> > > > +
> > > > +# EAP fast re-authentication
> > > > +# By default, fast re-authentication is enabled for all EAP
> > methods
> > > that
> > > > +# support it. This variable can be used to disable fast re-
> > > authentication.
> > > > +# Normally, there is no need to disable this.
> > > > +fast_reauth=1
> > > > +
> > > > +# OpenSSL Engine support
> > > > +# These options can be used to load OpenSSL engines.
> > > > +# The two engines that are supported currently are shown below:
> > > > +# They are both from the opensc project (http://www.opensc.org/)
> > > > +# By default no engines are loaded.
> > > > +# make the opensc engine available
> > > > +#opensc_engine_path=/usr/lib/opensc/engine_opensc.so
> > > > +# make the pkcs11 engine available
> > > > +#pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so
> > > > +# configure the path to the pkcs11 module required by the pkcs11
> > > engine
> > > > +#pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so
> > > > +
> > > > +# Dynamic EAP methods
> > > > +# If EAP methods were built dynamically as shared object files,
> > they
> > > need
> > > > to be
> > > > +# loaded here before being used in the network blocks. By default,
> > > EAP
> > > > methods
> > > > +# are included statically in the build, so these lines are not
> > > needed
> > > > +#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_tls.so
> > > > +#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_md5.so
> > > > +
> > > > +# Driver interface parameters
> > > > +# This field can be used to configure arbitrary driver interace
> > > > parameters. The
> > > > +# format is specific to the selected driver interface. This field
> > is
> > > not
> > > > used
> > > > +# in most cases.
> > > > +#driver_param="field=value"
> > > > +
> > > > +# Maximum lifetime for PMKSA in seconds; default 43200
> > > > +#dot11RSNAConfigPMKLifetime=43200
> > > > +# Threshold for reauthentication (percentage of PMK lifetime);
> > > default 70
> > > > +#dot11RSNAConfigPMKReauthThreshold=70
> > > > +# Timeout for security association negotiation in seconds; default
> > > 60
> > > > +#dot11RSNAConfigSATimeout=60
> > > > +
> > > > +# network block
> > > > +#
> > > > +# Each network (usually AP's sharing the same SSID) is configured
> > as
> > > a
> > > > separate
> > > > +# block in this configuration file. The network blocks are in
> > > preference
> > > > order
> > > > +# (the first match is used).
> > > > +#
> > > > +# network block fields:
> > > > +#
> > > > +# disabled:
> > > > +# 0 = this network can be used (default)
> > > > +# 1 = this network block is disabled (can be enabled through
> > > > ctrl_iface,
> > > > +# e.g., with wpa_cli or wpa_gui)
> > > > +#
> > > > +# id_str: Network identifier string for external scripts. This
> > value
> > > is
> > > > passed
> > > > +# to external action script through wpa_cli as WPA_ID_STR
> > > environment
> > > > +# variable to make it easier to do network specific
> > configuration.
> > > > +#
> > > > +# ssid: SSID (mandatory); either as an ASCII string with double
> > > quotation
> > > > or
> > > > +# as hex string; network name
> > > > +#
> > > > +# scan_ssid:
> > > > +# 0 = do not scan this SSID with specific Probe Request
> > frames
> > > > (default)
> > > > +# 1 = scan with SSID-specific Probe Request frames (this can
> > be
> > > used
> > > > to
> > > > +# find APs that do not accept broadcast SSID or use
> > multiple
> > > > SSIDs;
> > > > +# this will add latency to scanning, so enable this only
> > when
> > > > needed)
> > > > +#
> > > > +# bssid: BSSID (optional); if set, this network block is used only
> > > when
> > > > +# associating with the AP using the configured BSSID
> > > > +#
> > > > +# priority: priority group (integer)
> > > > +# By default, all networks will get same priority group (0). If
> > some
> > > of
> > > > the
> > > > +# networks are more desirable, this field can be used to change
> > the
> > > order
> > > > in
> > > > +# which wpa_supplicant goes through the networks when selecting a
> > > BSS.
> > > > The
> > > > +# priority groups will be iterated in decreasing priority (i.e.,
> > the
> > > > larger the
> > > > +# priority value, the sooner the network is matched against the
> > scan
> > > > results).
> > > > +# Within each priority group, networks will be selected based on
> > > security
> > > > +# policy, signal strength, etc.
> > > > +# Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode
> > > are
> > > > not
> > > > +# using this priority to select the order for scanning. Instead,
> > > they try
> > > > the
> > > > +# networks in the order that used in the configuration file.
> > > > +#
> > > > +# mode: IEEE 802.11 operation mode
> > > > +# 0 = infrastructure (Managed) mode, i.e., associate with an AP
> > > (default)
> > > > +# 1 = IBSS (ad-hoc, peer-to-peer)
> > > > +# Note: IBSS can only be used with key_mgmt NONE (plaintext and
> > > static
> > > > WEP)
> > > > +# and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). In addition,
> > > ap_scan
> > > > has
> > > > +# to be set to 2 for IBSS. WPA-None requires following network
> > block
> > > > options:
> > > > +# proto=WPA, key_mgmt=WPA-NONE, pairwise=NONE, group=TKIP (or
> > CCMP,
> > > but
> > > > not
> > > > +# both), and psk must also be set.
> > > > +#
> > > > +# proto: list of accepted protocols
> > > > +# WPA = WPA/IEEE 802.11i/D3.0
> > > > +# RSN = WPA2/IEEE 802.11i (also WPA2 can be used as an alias for
> > > RSN)
> > > > +# If not set, this defaults to: WPA RSN
> > > > +#
> > > > +# key_mgmt: list of accepted authenticated key management
> > protocols
> > > > +# WPA-PSK = WPA pre-shared key (this requires 'psk' field)
> > > > +# WPA-EAP = WPA using EAP authentication (this can use an external
> > > > +# program, e.g., Xsupplicant, for IEEE 802.1X EAP
> > Authentication
> > > > +# IEEE8021X = IEEE 802.1X using EAP authentication and
> > (optionally)
> > > > dynamically
> > > > +# generated WEP keys
> > > > +# NONE = WPA is not used; plaintext or static WEP could be used
> > > > +# If not set, this defaults to: WPA-PSK WPA-EAP
> > > > +#
> > > > +# auth_alg: list of allowed IEEE 802.11 authentication algorithms
> > > > +# OPEN = Open System authentication (required for WPA/WPA2)
> > > > +# SHARED = Shared Key authentication (requires static WEP keys)
> > > > +# LEAP = LEAP/Network EAP (only used with LEAP)
> > > > +# If not set, automatic selection is used (Open System with LEAP
> > > enabled
> > > > if
> > > > +# LEAP is allowed as one of the EAP methods).
> > > > +#
> > > > +# pairwise: list of accepted pairwise (unicast) ciphers for WPA
> > > > +# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE
> > > 802.11i/D7.0]
> > > > +# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
> > > > +# NONE = Use only Group Keys (deprecated, should not be included
> > if
> > > APs
> > > > support
> > > > +# pairwise keys)
> > > > +# If not set, this defaults to: CCMP TKIP
> > > > +#
> > > > +# group: list of accepted group (broadcast/multicast) ciphers for
> > > WPA
> > > > +# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE
> > > 802.11i/D7.0]
> > > > +# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
> > > > +# WEP104 = WEP (Wired Equivalent Privacy) with 104-bit key
> > > > +# WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key [IEEE
> > > 802.11]
> > > > +# If not set, this defaults to: CCMP TKIP WEP104 WEP40
> > > > +#
> > > > +# psk: WPA preshared key; 256-bit pre-shared key
> > > > +# The key used in WPA-PSK mode can be entered either as 64 hex-
> > > digits,
> > > > i.e.,
> > > > +# 32 bytes or as an ASCII passphrase (in which case, the real PSK
> > > will be
> > > > +# generated using the passphrase and SSID). ASCII passphrase must
> > be
> > > > between
> > > > +# 8 and 63 characters (inclusive).
> > > > +# This field is not needed, if WPA-EAP is used.
> > > > +# Note: Separate tool, wpa_passphrase, can be used to generate
> > 256-
> > > bit
> > > > keys
> > > > +# from ASCII passphrase. This process uses lot of CPU and
> > > wpa_supplicant
> > > > +# startup and reconfiguration time can be optimized by generating
> > > the PSK
> > > > only
> > > > +# only when the passphrase or SSID has actually changed.
> > > > +#
> > > > +# eapol_flags: IEEE 802.1X/EAPOL options (bit field)
> > > > +# Dynamic WEP key required for non-WPA mode
> > > > +# bit0 (1): require dynamically generated unicast WEP key
> > > > +# bit1 (2): require dynamically generated broadcast WEP key
> > > > +# (3 = require both keys; default)
> > > > +# Note: When using wired authentication, eapol_flags must be set
> > to
> > > 0 for
> > > > the
> > > > +# authentication to be completed successfully.
> > > > +#
> > > > +# proactive_key_caching:
> > > > +# Enable/disable opportunistic PMKSA caching for WPA2.
> > > > +# 0 = disabled (default)
> > > > +# 1 = enabled
> > > > +#
> > > > +# wep_key0..3: Static WEP key (ASCII in double quotation, e.g.
> > > "abcde" or
> > > > +# hex without quotation, e.g., 0102030405)
> > > > +# wep_tx_keyidx: Default WEP key index (TX) (0..3)
> > > > +#
> > > > +# peerkey: Whether PeerKey negotiation for direct links (IEEE
> > > 802.11e
> > > > DLS) is
> > > > +# allowed. This is only used with RSN/WPA2.
> > > > +# 0 = disabled (default)
> > > > +# 1 = enabled
> > > > +#peerkey=1
> > > > +#
> > > > +# Following fields are only used with internal EAP implementation.
> > > > +# eap: space-separated list of accepted EAP methods
> > > > +# MD5 = EAP-MD5 (unsecure and does not generate keying
> > material ->
> > > > +# cannot be used with WPA; to be used as a Phase
> > 2
> > > method
> > > > +# with EAP-PEAP or EAP-TTLS)
> > > > +# MSCHAPV2 = EAP-MSCHAPv2 (cannot be used separately with
> > WPA;
> > > to
> > > > be used
> > > > +# as a Phase 2 method with EAP-PEAP or EAP-TTLS)
> > > > +# OTP = EAP-OTP (cannot be used separately with WPA; to be
> > > used
> > > > +# as a Phase 2 method with EAP-PEAP or EAP-TTLS)
> > > > +# GTC = EAP-GTC (cannot be used separately with WPA; to be
> > > used
> > > > +# as a Phase 2 method with EAP-PEAP or EAP-TTLS)
> > > > +# TLS = EAP-TLS (client and server certificate)
> > > > +# PEAP = EAP-PEAP (with tunnelled EAP authentication)
> > > > +# TTLS = EAP-TTLS (with tunnelled EAP or
> > PAP/CHAP/MSCHAP/MSCHAPV2
> > > > +# authentication)
> > > > +# If not set, all compiled in methods are allowed.
> > > > +#
> > > > +# identity: Identity string for EAP
> > > > +# anonymous_identity: Anonymous identity string for EAP (to be
> > used
> > > as
> > > > the
> > > > +# unencrypted identity with EAP types that support different
> > > tunnelled
> > > > +# identity, e.g., EAP-TTLS)
> > > > +# password: Password string for EAP
> > > > +# ca_cert: File path to CA certificate file (PEM/DER). This file
> > can
> > > have
> > > > one
> > > > +# or more trusted CA certificates. If ca_cert and ca_path are
> > not
> > > > +# included, server certificate will not be verified. This is
> > > insecure
> > > > and
> > > > +# a trusted CA certificate should always be configured when
> > using
> > > > +# EAP-TLS/TTLS/PEAP. Full path should be used since working
> > > directory
> > > > may
> > > > +# change when wpa_supplicant is run in the background.
> > > > +# On Windows, trusted CA certificates can be loaded from the
> > system
> > > > +# certificate store by setting this to cert_store://<name>,
> > e.g.,
> > > > +# ca_cert="cert_store://CA" or ca_cert="cert_store://ROOT".
> > > > +# Note that when running wpa_supplicant as an application,
> > the user
> > > > +# certificate store (My user account) is used, whereas
> > computer
> > > store
> > > > +# (Computer account) is used when running wpasvc as a
> > service.
> > > > +# ca_path: Directory path for CA certificate files (PEM). This
> > path
> > > may
> > > > +# contain multiple CA certificates in OpenSSL format. Common
> > use
> > > for
> > > > this
> > > > +# is to point to system trusted CA list which is often
> > installed
> > > into
> > > > +# directory like /etc/ssl/certs. If configured, these
> > certificates
> > > are
> > > > +# added to the list of trusted CAs. ca_cert may also be
> > included in
> > > > that
> > > > +# case, but it is not required.
> > > > +# client_cert: File path to client certificate file (PEM/DER)
> > > > +# Full path should be used since working directory may change
> > when
> > > > +# wpa_supplicant is run in the background.
> > > > +# Alternatively, a named configuration blob can be used by
> > setting
> > > > this
> > > > +# to blob://<blob name>.
> > > > +# private_key: File path to client private key file (PEM/DER/PFX)
> > > > +# When PKCS#12/PFX file (.p12/.pfx) is used, client_cert
> > should be
> > > > +# commented out. Both the private key and certificate will be
> > read
> > > > from
> > > > +# the PKCS#12 file in this case. Full path should be used
> > since
> > > > working
> > > > +# directory may change when wpa_supplicant is run in the
> > > background.
> > > > +# Windows certificate store can be used by leaving
> > client_cert out
> > > and
> > > > +# configuring private_key in one of the following formats:
> > > > +# cert://substring_to_match
> > > > +# hash://certificate_thumbprint_in_hex
> > > > +# for example:
> > private_key="hash://63093aa9c47f56ae88334c7b65a4"
> > > > +# Note that when running wpa_supplicant as an application,
> > the user
> > > > +# certificate store (My user account) is used, whereas
> > computer
> > > store
> > > > +# (Computer account) is used when running wpasvc as a
> > service.
> > > > +# Alternatively, a named configuration blob can be used by
> > setting
> > > > this
> > > > +# to blob://<blob name>.
> > > > +# private_key_passwd: Password for private key file (if left out,
> > > this
> > > > will be
> > > > +# asked through control interface)
> > > > +# dh_file: File path to DH/DSA parameters file (in PEM format)
> > > > +# This is an optional configuration file for setting
> > parameters for
> > > an
> > > > +# ephemeral DH key exchange. In most cases, the default RSA
> > > > +# authentication does not use this configuration. However, it
> > is
> > > > possible
> > > > +# setup RSA to use ephemeral DH key exchange. In addition,
> > ciphers
> > > > with
> > > > +# DSA keys always use ephemeral DH keys. This can be used to
> > > achieve
> > > > +# forward secrecy. If the file is in DSA parameters format,
> > it will
> > > be
> > > > +# automatically converted into DH params.
> > > > +# subject_match: Substring to be matched against the subject of
> > the
> > > > +# authentication server certificate. If this string is set,
> > the
> > > server
> > > > +# sertificate is only accepted if it contains this string in
> > the
> > > > subject.
> > > > +# The subject string is in following format:
> > > > +# /C=US/ST=CA/L=San Francisco/CN=Test
> > > AS/emailAddress=as at example.com
> > > > +# altsubject_match: Semicolon separated string of entries to be
> > > matched
> > > > against
> > > > +# the alternative subject name of the authentication server
> > > > certificate.
> > > > +# If this string is set, the server sertificate is only
> > accepted if
> > > it
> > > > +# contains one of the entries in an alternative subject name
> > > extension.
> > > > +# altSubjectName string is in following format: TYPE:VALUE
> > > > +# Example: EMAIL:server at example.com
> > > > +# Example: DNS:server.example.com;DNS:server2.example.com
> > > > +# Following types are supported: EMAIL, DNS, URI
> > > > +# phase1: Phase1 (outer authentication, i.e., TLS tunnel)
> > parameters
> > > > +# (string with field-value pairs, e.g., "peapver=0" or
> > > > +# "peapver=1 peaplabel=1")
> > > > +# 'peapver' can be used to force which PEAP version (0 or 1)
> > is
> > > used.
> > > > +# 'peaplabel=1' can be used to force new label, "client PEAP
> > > > encryption",
> > > > +# to be used during key derivation when PEAPv1 or newer. Most
> > > existing
> > > > +# PEAPv1 implementation seem to be using the old label,
> > "client EAP
> > > > +# encryption", and wpa_supplicant is now using that as the
> > default
> > > > value.
> > > > +# Some servers, e.g., Radiator, may require peaplabel=1
> > > configuration
> > > > to
> > > > +# interoperate with PEAPv1; see eap_testing.txt for more
> > details.
> > > > +# 'peap_outer_success=0' can be used to terminate PEAP
> > > authentication
> > > > on
> > > > +# tunneled EAP-Success. This is required with some RADIUS
> > servers
> > > that
> > > > +# implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g.,
> > > > +# Lucent NavisRadius v4.4.0 with PEAP in "IETF Draft 5" mode)
> > > > +# include_tls_length=1 can be used to force wpa_supplicant to
> > > include
> > > > +# TLS Message Length field in all TLS messages even if they
> > are not
> > > > +# fragmented.
> > > > +# sim_min_num_chal=3 can be used to configure EAP-SIM to
> > require
> > > three
> > > > +# challenges (by default, it accepts 2 or 3)
> > > > +# phase2: Phase2 (inner authentication with TLS tunnel) parameters
> > > > +# (string with field-value pairs, e.g., "auth=MSCHAPV2" for
> > EAP-
> > > PEAP
> > > > or
> > > > +# "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS)
> > > > +# Following certificate/private key fields are used in inner
> > Phase2
> > > > +# authentication when using EAP-TTLS or EAP-PEAP.
> > > > +# ca_cert2: File path to CA certificate file. This file can have
> > one
> > > or
> > > > more
> > > > +# trusted CA certificates. If ca_cert2 and ca_path2 are not
> > > included,
> > > > +# server certificate will not be verified. This is insecure
> > and a
> > > > trusted
> > > > +# CA certificate should always be configured.
> > > > +# ca_path2: Directory path for CA certificate files (PEM)
> > > > +# client_cert2: File path to client certificate file
> > > > +# private_key2: File path to client private key file
> > > > +# private_key2_passwd: Password for private key file
> > > > +# dh_file2: File path to DH/DSA parameters file (in PEM format)
> > > > +# subject_match2: Substring to be matched against the subject of
> > the
> > > > +# authentication server certificate.
> > > > +# altsubject_match2: Substring to be matched against the
> > alternative
> > > > subject
> > > > +# name of the authentication server certificate.
> > > > +#
> > > > +# fragment_size: Maximum EAP fragment size in bytes (default
> > 1398).
> > > > +# This value limits the fragment size for EAP methods that
> > support
> > > > +# fragmentation (e.g., EAP-TLS and EAP-PEAP). This value
> > should be
> > > set
> > > > +# small enough to make the EAP messages fit in MTU of the
> > network
> > > > +# interface used for EAPOL. The default value is suitable for
> > most
> > > > +# cases.
> > > > +#
> > > > +# EAP-PSK variables:
> > > > +# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex
> > > format
> > > > +# nai: user NAI
> > > > +#
> > > > +# EAP-PAX variables:
> > > > +# eappsk: 16-byte (128-bit, 32 hex digits) pre-shared key in hex
> > > format
> > > > +#
> > > > +# EAP-SAKE variables:
> > > > +# eappsk: 32-byte (256-bit, 64 hex digits) pre-shared key in hex
> > > format
> > > > +# (this is concatenation of Root-Secret-A and Root-Secret-B)
> > > > +# nai: user NAI (PEERID)
> > > > +#
> > > > +# EAP-GPSK variables:
> > > > +# eappsk: Pre-shared key in hex format (at least 128 bits, i.e.,
> > 32
> > > hex
> > > > digits)
> > > > +# nai: user NAI (ID_Client)
> > > > +#
> > > > +# EAP-FAST variables:
> > > > +# pac_file: File path for the PAC entries. wpa_supplicant will
> > need
> > > to be
> > > > able
> > > > +# to create this file and write updates to it when PAC is
> > being
> > > > +# provisioned or refreshed. Full path to the file should be
> > used
> > > since
> > > > +# working directory may change when wpa_supplicant is run in
> > the
> > > > +# background. Alternatively, a named configuration blob can
> > be used
> > > by
> > > > +# setting this to blob://<blob name>
> > > > +# phase1: fast_provisioning=1 option enables in-line provisioning
> > of
> > > EAP-
> > > > FAST
> > > > +# credentials (PAC)
> > > > +#
> > > > +# wpa_supplicant supports number of "EAP workarounds" to work
> > around
> > > > +# interoperability issues with incorrectly behaving authentication
> > > > servers.
> > > > +# These are enabled by default because some of the issues are
> > > present in
> > > > large
> > > > +# number of authentication servers. Strict EAP conformance mode
> > can
> > > be
> > > > +# configured by disabling workarounds with eap_workaround=0.
> > > > +
> > > > +# Example blocks:
> > > > +
> > > > +# Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all
> > valid
> > > > ciphers
> > > > +network={
> > > > + ssid="simple"
> > > > + psk="very secret passphrase"
> > > > + priority=5
> > > > +}
> > > > +
> > > > +# Same as previous, but request SSID-specific scanning (for APs
> > that
> > > > reject
> > > > +# broadcast SSID)
> > > > +network={
> > > > + ssid="second ssid"
> > > > + scan_ssid=1
> > > > + psk="very secret passphrase"
> > > > + priority=2
> > > > +}
> > > > +
> > > > +# Only WPA-PSK is used. Any valid cipher combination is accepted.
> > > > +network={
> > > > + ssid="example"
> > > > + proto=WPA
> > > > + key_mgmt=WPA-PSK
> > > > + pairwise=CCMP TKIP
> > > > + group=CCMP TKIP WEP104 WEP40
> > > > +
> > > psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac
> > > 7bb
> > > > + priority=2
> > > > +}
> > > > +
> > > > +# Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that
> > > used
> > > > WEP104
> > > > +# or WEP40 as the group cipher will not be accepted.
> > > > +network={
> > > > + ssid="example"
> > > > + proto=RSN
> > > > + key_mgmt=WPA-EAP
> > > > + pairwise=CCMP TKIP
> > > > + group=CCMP TKIP
> > > > + eap=TLS
> > > > + identity="user at example.com"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + client_cert="/etc/cert/user.pem"
> > > > + private_key="/etc/cert/user.prv"
> > > > + private_key_passwd="password"
> > > > + priority=1
> > > > +}
> > > > +
> > > > +# EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the
> > > new
> > > > peaplabel
> > > > +# (e.g., Radiator)
> > > > +network={
> > > > + ssid="example"
> > > > + key_mgmt=WPA-EAP
> > > > + eap=PEAP
> > > > + identity="user at example.com"
> > > > + password="foobar"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + phase1="peaplabel=1"
> > > > + phase2="auth=MSCHAPV2"
> > > > + priority=10
> > > > +}
> > > > +
> > > > +# EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity
> > > for
> > > > the
> > > > +# unencrypted use. Real identity is sent only within an encrypted
> > > TLS
> > > > tunnel.
> > > > +network={
> > > > + ssid="example"
> > > > + key_mgmt=WPA-EAP
> > > > + eap=TTLS
> > > > + identity="user at example.com"
> > > > + anonymous_identity="anonymous at example.com"
> > > > + password="foobar"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + priority=2
> > > > +}
> > > > +
> > > > +# EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the
> > > > unencrypted
> > > > +# use. Real identity is sent only within an encrypted TLS tunnel.
> > > > +network={
> > > > + ssid="example"
> > > > + key_mgmt=WPA-EAP
> > > > + eap=TTLS
> > > > + identity="user at example.com"
> > > > + anonymous_identity="anonymous at example.com"
> > > > + password="foobar"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + phase2="auth=MSCHAPV2"
> > > > +}
> > > > +
> > > > +# WPA-EAP, EAP-TTLS with different CA certificate used for outer
> > and
> > > > inner
> > > > +# authentication.
> > > > +network={
> > > > + ssid="example"
> > > > + key_mgmt=WPA-EAP
> > > > + eap=TTLS
> > > > + # Phase1 / outer authentication
> > > > + anonymous_identity="anonymous at example.com"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + # Phase 2 / inner authentication
> > > > + phase2="autheap=TLS"
> > > > + ca_cert2="/etc/cert/ca2.pem"
> > > > + client_cert2="/etc/cer/user.pem"
> > > > + private_key2="/etc/cer/user.prv"
> > > > + private_key2_passwd="password"
> > > > + priority=2
> > > > +}
> > > > +
> > > > +# Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as
> > > pairwise
> > > > and
> > > > +# group cipher.
> > > > +network={
> > > > + ssid="example"
> > > > + bssid=00:11:22:33:44:55
> > > > + proto=WPA RSN
> > > > + key_mgmt=WPA-PSK WPA-EAP
> > > > + pairwise=CCMP
> > > > + group=CCMP
> > > > +
> > > psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac
> > > 7bb
> > > > +}
> > > > +
> > > > +# Special characters in SSID, so use hex string. Default to WPA-
> > PSK,
> > > WPA-
> > > > EAP
> > > > +# and all valid ciphers.
> > > > +network={
> > > > + ssid=00010203
> > > > +
> > > psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1
> > > e1f
> > > > +}
> > > > +
> > > > +
> > > > +# IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no
> > > WPA)
> > > > using
> > > > +# EAP-TLS for authentication and key generation; require both
> > > unicast and
> > > > +# broadcast WEP keys.
> > > > +network={
> > > > + ssid="1x-test"
> > > > + key_mgmt=IEEE8021X
> > > > + eap=TLS
> > > > + identity="user at example.com"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + client_cert="/etc/cert/user.pem"
> > > > + private_key="/etc/cert/user.prv"
> > > > + private_key_passwd="password"
> > > > + eapol_flags=3
> > > > +}
> > > > +
> > > > +
> > > > +# LEAP with dynamic WEP keys
> > > > +network={
> > > > + ssid="leap-example"
> > > > + key_mgmt=IEEE8021X
> > > > + eap=LEAP
> > > > + identity="user"
> > > > + password="foobar"
> > > > +}
> > > > +
> > > > +# Plaintext connection (no WPA, no IEEE 802.1X)
> > > > +network={
> > > > + ssid="plaintext-test"
> > > > + key_mgmt=NONE
> > > > +}
> > > > +
> > > > +
> > > > +# Shared WEP key connection (no WPA, no IEEE 802.1X)
> > > > +network={
> > > > + ssid="static-wep-test"
> > > > + key_mgmt=NONE
> > > > + wep_key0="abcde"
> > > > + wep_key1=0102030405
> > > > + wep_key2="1234567890123"
> > > > + wep_tx_keyidx=0
> > > > + priority=5
> > > > +}
> > > > +
> > > > +
> > > > +# Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared
> > > Key
> > > > +# IEEE 802.11 authentication
> > > > +network={
> > > > + ssid="static-wep-test2"
> > > > + key_mgmt=NONE
> > > > + wep_key0="abcde"
> > > > + wep_key1=0102030405
> > > > + wep_key2="1234567890123"
> > > > + wep_tx_keyidx=0
> > > > + priority=5
> > > > + auth_alg=SHARED
> > > > +}
> > > > +
> > > > +
> > > > +# IBSS/ad-hoc network with WPA-None/TKIP.
> > > > +network={
> > > > + ssid="test adhoc"
> > > > + mode=1
> > > > + proto=WPA
> > > > + key_mgmt=WPA-NONE
> > > > + pairwise=NONE
> > > > + group=TKIP
> > > > + psk="secret passphrase"
> > > > +}
> > > > +
> > > > +
> > > > +# Catch all example that allows more or less all configuration
> > modes
> > > > +network={
> > > > + ssid="example"
> > > > + scan_ssid=1
> > > > + key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE
> > > > + pairwise=CCMP TKIP
> > > > + group=CCMP TKIP WEP104 WEP40
> > > > + psk="very secret passphrase"
> > > > + eap=TTLS PEAP TLS
> > > > + identity="user at example.com"
> > > > + password="foobar"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + client_cert="/etc/cert/user.pem"
> > > > + private_key="/etc/cert/user.prv"
> > > > + private_key_passwd="password"
> > > > + phase1="peaplabel=0"
> > > > +}
> > > > +
> > > > +# Example of EAP-TLS with smartcard (openssl engine)
> > > > +network={
> > > > + ssid="example"
> > > > + key_mgmt=WPA-EAP
> > > > + eap=TLS
> > > > + proto=RSN
> > > > + pairwise=CCMP TKIP
> > > > + group=CCMP TKIP
> > > > + identity="user at example.com"
> > > > + ca_cert="/etc/cert/ca.pem"
> > > > + client_cert="/etc/cert/user.pem"
> > > > +
> > > > + engine=1
> > > > +
> > > > + # The engine configured here must be available. Look at
> > > > + # OpenSSL engine support in the global section.
> > > > + # The key available through the engine must be the private key
> > > > + # matching the client certificate configured above.
> > > > +
> > > > + # use the opensc engine
> > > > + #engine_id="opensc"
> > > > + #key_id="45"
> > > > +
> > > > + # use the pkcs11 engine
> > > > + engine_id="pkcs11"
> > > > + key_id="id_45"
> > > > +
> > > > + # Optional PIN configuration; this can be left out and PIN
> will
> > > be
> > > > + # asked through the control interface
> > > > + pin="1234"
> > > > +}
> > > > +
> > > > +# Example configuration showing how to use an inlined blob as a CA
> > > > certificate
> > > > +# data instead of using external file
> > > > +network={
> > > > + ssid="example"
> > > > + key_mgmt=WPA-EAP
> > > > + eap=TTLS
> > > > + identity="user at example.com"
> > > > + anonymous_identity="anonymous at example.com"
> > > > + password="foobar"
> > > > + ca_cert="blob://exampleblob"
> > > > + priority=20
> > > > +}
> > > > +
> > > > +blob-base64-exampleblob={
> > > > +SGVsbG8gV29ybGQhCg==
> > > > +}
> > > > +
> > > > +
> > > > +# Wildcard match for SSID (plaintext APs only). This example
> > select
> > > any
> > > > +# open AP regardless of its SSID.
> > > > +network={
> > > > + key_mgmt=NONE
> > > > +}
> > > > diff --git a/recipes/wpa-supplicant/wpa-supplicant-
> > > > git/wpa_supplicant.conf-sane b/recipes/wpa-supplicant/wpa-
> > supplicant-
> > > > git/wpa_supplicant.conf-sane
> > > > new file mode 100755
> > > > index 0000000..c91ffe0
> > > > --- /dev/null
> > > > +++ b/recipes/wpa-supplicant/wpa-supplicant-
> > git/wpa_supplicant.conf-
> > > sane
> > > > @@ -0,0 +1,7 @@
> > > > +ctrl_interface=/var/run/wpa_supplicant
> > > > +ctrl_interface_group=0
> > > > +update_config=1
> > > > +
> > > > +network={
> > > > + key_mgmt=NONE
> > > > +}
> > > > diff --git a/recipes/wpa-supplicant/wpa-supplicant_git.bb
> > > b/recipes/wpa-
> > > > supplicant/wpa-supplicant_git.bb
> > > > new file mode 100755
> > > > index 0000000..5292a2c
> > > > --- /dev/null
> > > > +++ b/recipes/wpa-supplicant/wpa-supplicant_git.bb
> > > > @@ -0,0 +1,103 @@
> > > > +DESCRIPTION = "A Client for Wi-Fi Protected Access (WPA)."
> > > > +HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/"
> > > > +BUGTRACKER = "http://hostap.epitest.fi/bugz/"
> > > > +SECTION = "network"
> > > > +LICENSE = "GPLv2 | BSD"
> > > > +LIC_FILES_CHKSUM =
> > > > "file://../COPYING;md5=c54ce9345727175ff66d17b67ff51f58 \
> > > > +
> > > file://../README;md5=54cfc88015d3ce83f7156e63c6bb1738
> > > > \
> > > > +
> > > >
> > >
> > file://wpa_supplicant.c;beginline=1;endline=17;md5=acdc5a4b0d6345f21f13
> > > 6ea
> > > > ce747260e"
> > > > +
> > > > +SRCREV = "b8fb017272ed4794339978c9fbc0e74571a44728"
> > > > +PR = "r0"
> > > > +PR_append = "+gitr${SRCREV}"
> > > > +
> > > > +DEFAULT_PREFERENCE = "-1"
> > > > +
> > > > +DEPENDS = "gnutls dbus libnl openssl
> > > ${@base_contains("COMBINED_FEATURES",
> > > > "madwifi", "madwifi-ng", "",d)}"
> > > > +RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli"
> > > > +
> > > > +SRC_URI = "git://w1.fi/srv/git/hostap.git;protocol=git \
> > > > + file://defconfig \
> > > > + file://defaults-sane \
> > > > + file://wpa-supplicant.sh \
> > > > + file://wpa_supplicant.conf \
> > > > + file://wpa_supplicant.conf-sane \
> > > > + file://99_wpa_supplicant"
> > > > +
> > > > +S = "${WORKDIR}/git/wpa_supplicant"
> > > > +
> > > > +PACKAGES_prepend = "wpa-supplicant-passphrase wpa-supplicant-cli "
> > > > +FILES_wpa-supplicant-passphrase = "/usr/sbin/wpa_passphrase"
> > > > +FILES_wpa-supplicant-cli = "/usr/sbin/wpa_cli"
> > > > +FILES_${PN} += " /usr/share/dbus-1/system-services/*"
> > > > +
> > > > +do_configure () {
> > > > + install -m 0755 ${WORKDIR}/defconfig .config
> > > > + echo "CFLAGS += -I${STAGING_INCDIR}" >> .config
> > > > + echo "LIBS += -L${STAGING_LIBDIR}" >> .config
> > > > + echo "LIBS_p += -L${STAGING_LIBDIR}" >> .config
> > > > + if [ "${@base_contains('COMBINED_FEATURES', 'madwifi', 1, 0,
> d)}"
> > > =
> > > > "1" ]; then
> > > > + echo "CONFIG_DRIVER_MADWIFI=y" >> .config
> > > > + echo "CFLAGS += -I${STAGING_INCDIR}/madwifi-ng"
> >> .config
> > > > + fi
> > > > +}
> > > > +
> > > > +do_compile () {
> > > > + make
> > > > +}
> > > > +
> > > > +do_install () {
> > > > + install -d ${D}${sbindir}
> > > > + install -m 755 wpa_supplicant ${D}${sbindir}
> > > > + install -m 755 wpa_passphrase ${D}${sbindir}
> > > > + install -m 755 wpa_cli ${D}${sbindir}
> > > > +
> > > > + install -d ${D}${docdir}/wpa_supplicant
> > > > + install -m 644 README ${WORKDIR}/wpa_supplicant.conf
> > > > ${D}${docdir}/wpa_supplicant
> > > > +
> > > > + install -d ${D}${sysconfdir}/default
> > > > + install -m 600 ${WORKDIR}/defaults-sane
> > > > ${D}${sysconfdir}/default/wpa
> > > > + install -m 600 ${WORKDIR}/wpa_supplicant.conf-sane
> > > > ${D}${sysconfdir}/wpa_supplicant.conf
> > > > +
> > > > + install -d ${D}${sysconfdir}/network/if-pre-up.d/
> > > > + install -d ${D}${sysconfdir}/network/if-post-down.d/
> > > > + install -d ${D}${sysconfdir}/network/if-down.d/
> > > > + install -m 644 ${WORKDIR}/wpa_supplicant.conf
> ${D}${sysconfdir}
> > > > + install -m 755 ${WORKDIR}/wpa-supplicant.sh
> > > > ${D}${sysconfdir}/network/if-pre-up.d/wpa-supplicant
> > > > + cd ${D}${sysconfdir}/network/ && \
> > > > + ln -sf ../if-pre-up.d/wpa-supplicant if-post-down.d/wpa-
> > > supplicant
> > > > +
> > > > + if grep -q ^CONFIG_CTRL_IFACE_DBUS=y .config || grep -q
> > > > ^CONFIG_CTRL_IFACE_DBUS_NEW=y .config; then
> > > > + install -d ${D}/${sysconfdir}/dbus-1/system.d
> > > > + install -m 644 ${S}/dbus/dbus-wpa_supplicant.conf
> > > > ${D}/${sysconfdir}/dbus-1/system.d
> > > > + install -d ${D}/${datadir}/dbus-1/system-services
> > > > + if grep -q ^CONFIG_CTRL_IFACE_DBUS=y .config; then
> > > > + sed -i -e s:/sbin:${sbindir}:g
> > > > ${S}/dbus/fi.epitest.hostap.WPASupplicant.service
> > > > + install -m 644
> > > > ${S}/dbus/fi.epitest.hostap.WPASupplicant.service
> > > ${D}/${datadir}/dbus-
> > > > 1/system-services
> > > > + fi
> > > > + if grep -q ^CONFIG_CTRL_IFACE_DBUS_NEW=y .config; then
> > > > + sed -i -e s:/sbin:${sbindir}:g
> > > > ${S}/dbus/fi.w1.wpa_supplicant1.service
> > > > + install -m 644
> > > ${S}/dbus/fi.w1.wpa_supplicant1.service
> > > > ${D}/${datadir}/dbus-1/system-services
> > > > + fi
> > > > + fi
> > > > +
> > > > + install -d ${D}/etc/default/volatiles
> > > > + install -m 0644 ${WORKDIR}/99_wpa_supplicant
> > > > ${D}/etc/default/volatiles
> > > > +}
> > > > +
> > > > +#we introduce MY_ARCH to get 'armv5te' as arch instead of the
> > > misleading
> > > > 'arm' on armv5te builds
> > > > +MY_ARCH := "${PACKAGE_ARCH}"
> > > > +PACKAGE_ARCH = "${@base_contains('COMBINED_FEATURES', 'madwifi',
> > > > '${MACHINE_ARCH}', '${MY_ARCH}', d)}"
> > > > +
> > > > +pkg_postinst_wpa-supplicant () {
> > > > + # can't do this offline
> > > > + if [ "x$D" != "x" ]; then
> > > > + exit 1
> > > > + fi
> > > > +
> > > > + DBUSPID=`pidof dbus-daemon`
> > > > +
> > > > + if [ "x$DBUSPID" != "x" ]; then
> > > > + /etc/init.d/dbus-1 reload
> > > > + fi
> > > > +}
> > > > --
> > > > 1.7.0.4
> > > >
> > > >
> > > > _______________________________________________
> > > > Openembedded-devel mailing list
> > > > Openembedded-devel at lists.openembedded.org
> > > > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-
> > > devel
More information about the Openembedded-devel
mailing list