jeltz
/
hostap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove www directory (w1.fi web pages)

Browse Source 
These are now maintained in a separate repository (hostap-www.git)
and do not need to remain in hostap.git.
master
Jouni Malinen 13 years ago
parent 451c367d06
commit f127282232
22 changed files with 0 additions and 2211 deletions
Show Stats Download Patch File Download Diff File

13
www/Makefile
Unescape Escape View File

@ -1,13 +0,0 @@
all: versions.png
%.png: %.fig
fig2dev -Lpng -s5.1 -S4 -m2 $< | \
pngtopnm | \
pnmscale -xscale 0.5 -yscale 0.5 | \
pnmtopng > $@
%.fig: %.dot
dot $< -Tfig -o $@
clean:
rm versions.png versions.fig

70
www/cvs.html
Unescape Escape View File

@ -1,70 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Host AP / hostapd / wpa_supplicant - anonymous CVS/GIT access</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<h2>Host AP / hostapd / wpa_supplicant - anonymous CVS/GIT access</h2>
<p>
Project source code and related files are maintained in a version
control system. The first version up to and including 0.5.x were
maintained in a CVS repository. Starting from 0.6.x, repositories
moved to using GIT. In addition, Host AP driver is now maintained with
the rest of the Linux kernel tree (which is also using GIT).
</p>
<h3>GIT</h3>
<p>Using git protocol: git://w1.fi/srv/git/hostap.git</p>
<p>Using HTTP (if git protocol is firewalled): http://w1.fi/hostap.git</p>
<p>(e.g., to get a clone of the repository you can use git with
"<code>git clone git://w1.fi/srv/git/hostap.git</code>").</p>
<p>WWW interface (gitweb) to the repository:
<a href="/gitweb/gitweb.cgi">http://w1.fi/gitweb/gitweb.cgi</a></p>
</p>
<h3>CVS</h3>
<p>
Anonymous read-only CVS access to the Host AP driver, hostapd, and
wpa_supplicant CVS repository is available using CVS pserver:
</p>
<p><code>export CVSROOT=":pserver:anonymous@hostap.epitest.fi:/cvs"</code></p>
<p><code>cvs login</code></p>
<p>Password is empty, so just hit enter when prompted for a password.</p>
<p>After you have logged in once, you can checkout the source:</p>
<p><code>cvs checkout hostap</code></p>
<p>
If you want to compress the stream to save bandwidth, you can add -z3
option to the command (<code>cvs -z3 checkout hostap</code>).
</p>
<p>
Also other CVS commands like <code>update</code> and <code>log</code> can
be used.
</p>
<hr>
<div>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Mon May 27 20:08:41 EEST 2002 -->
<!-- hhmts start -->
Last modified: Sat Dec 12 16:43:03 EET 2009
<!-- hhmts end -->
</div>
</body>
</html>

265
www/hostapd/index.html
Unescape Escape View File

@ -1,265 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>hostapd: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator</title>
<meta name="description" content="hostapd (IEEE 802.1X, WPA, WPA2, RSN, IEEE 802.11i Authenticator and RADIUS authentication server)">
<meta name="keywords" content="WPA, WPA2, IEEE 802.11i, IEEE 802.1X, WPA Authenticator, hostapd, TKIP, CCMP, EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-SIM, EAP-AKA, EAP-GTC, EAP-MSCHAPv2, EAP-MD5, EAP-PAX, EAP-PSK, EAP-FAST, IEEE 802.1X Supplicant, IEEE 802.1aa, EAPOL, RSN, pre-authentication, PMKSA caching, BSD WPA Authenticator, FreeBSD WPA Authenticator, RADIUS authentication server, EAP authenticator, EAP server, EAP-TNC, TNCS, IF-IMV, IF-TNCCS, WPS">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<h2>hostapd: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator</h2>
<p>hostapd is a user space daemon for access point and authentication
servers. It implements IEEE 802.11 access point management, IEEE
802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and
RADIUS authentication server. The current version supports Linux (Host
AP, madwifi, mac80211-based drivers) and FreeBSD (net80211).</p>
<p>hostapd is designed to be a "daemon" program that runs in the
background and acts as the backend component controlling
authentication. hostapd supports separate frontend programs and an
example text-based frontend, hostapd_cli, is included with
hostapd.</p>
<h4>Supported WPA/IEEE 802.11i/EAP/IEEE 802.1X features</h4>
<ul>
<li>WPA-PSK ("WPA-Personal")</li>
<li>WPA with EAP (with integrated EAP server or an external
RADIUS backend authentication server) ("WPA-Enterprise")</li>
<li>key management for CCMP, TKIP, WEP104, WEP40</li>
<li>WPA and full IEEE 802.11i/RSN/WPA2</li>
<li>RSN: PMKSA caching, pre-authentication</li>
<li>IEEE 802.11r</li>
<li>IEEE 802.11w</li>
<li>RADIUS accounting</li>
<li>RADIUS authentication server with EAP</li>
<li>Wi-Fi Protected Setup (WPS)</li>
</ul>
<h4>Supported EAP methods (integrated EAP server and RADIUS authentication server)</h4>
<ul>
<li>EAP-TLS</li>
<li>EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)</li>
<li>EAP-PEAP/TLS (both PEAPv0 and PEAPv1)</li>
<li>EAP-PEAP/GTC (both PEAPv0 and PEAPv1)</li>
<li>EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)</li>
<li>EAP-TTLS/EAP-MD5-Challenge</li>
<li>EAP-TTLS/EAP-GTC</li>
<li>EAP-TTLS/EAP-MSCHAPv2</li>
<li>EAP-TTLS/MSCHAPv2</li>
<li>EAP-TTLS/EAP-TLS</li>
<li>EAP-TTLS/MSCHAP</li>
<li>EAP-TTLS/PAP</li>
<li>EAP-TTLS/CHAP</li>
<li>EAP-SIM</li>
<li>EAP-AKA</li>
<li>EAP-AKA'</li>
<li>EAP-PAX</li>
<li>EAP-PSK</li>
<li>EAP-SAKE</li>
<li>EAP-FAST</li>
<li>EAP-IKEv2</li>
<li>EAP-GPSK</li>
</ul>
<p>Following methods are also supported, but since they do not generate keying
material, they cannot be used with WPA or IEEE 802.1X WEP keying.</p>
<ul>
<li>EAP-MD5-Challenge</li>
<li>EAP-MSCHAPv2</li>
<li>EAP-GTC</li>
<li>EAP-TNC (Trusted Network Connect; TNCS, IF-IMV, IF-T, IF-TNCCS)</li>
</ul>
<p>More information about EAP methods and interoperability testing is
available in <a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=hostapd/eap_testing.txt">eap_testing.txt</a>.</p>
<h4>Supported wireless cards/drivers</h4>
<ul>
<li><a href="http://wireless.kernel.org/en/developers/Documentation/mac80211">Linux mac80211 drivers</a></li>
<li><a href="http://w1.fi/">Host AP driver for Prism2/2.5/3</a></li>
<li><a href="http://sourceforge.net/projects/madwifi/">madwifi (Atheros ar521x)</a></li>
<li>BSD net80211 layer (e.g., Atheros driver) (FreeBSD 6-CURRENT)</li>
</ul>
<h3><a name="download">Download</a></h3>
<p>
<b>hostapd</b><br>
Copyright (c) 2002-2011, Jouni Malinen &lt;j@w1.fi&gt;
and contributors.
</p>
<p>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
published by the Free Software Foundation. See
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=COPYING">COPYING</a>
for more details.
</p>
<p>Alternatively, this software may be distributed, used, and modified
under the terms of BSD license. See <a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=hostapd/README">README</a>
for more details.</p>
<p>
<b>Please see
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=hostapd/README">README</a>
for the current documentation.</b></p>
<ul>
<li><a href="../releases.html">Release graph</a></li>
<li>Latest stable release:
<ul>
<li><a href="../releases/hostapd-0.7.3.tar.gz">hostapd-0.7.3.tar.gz</a></li>
</ul>
<li>Previous stable release:
<ul>
<li><a href="../releases/hostapd-0.6.10.tar.gz">hostapd-0.6.10.tar.gz</a></li>
</ul>
<!--
<li>Latest development release:
<ul>
<li><a href="../releases/hostapd-0.8.0.tar.gz">hostapd-0.8.0.tar.gz</a></li>
</ul>
-->
<li>ChangeLog:
<ul>
<li><a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=hostapd/ChangeLog">development branch</a></li>
<li><a href="/gitweb/gitweb.cgi?p=hostap-07.git;a=blob_plain;f=hostapd/ChangeLog">stable branch</li>
<li><a href="/gitweb/gitweb.cgi?p=hostap-06.git;a=blob_plain;f=hostapd/ChangeLog">previous stable branch</li>
</ul>
<li><a href="../releases/">Old releases</a></li>
<li><a href="http://lists.shmoo.com/mailman/listinfo/hostap">Mailing list</a></li>
<li><a href="http://lists.shmoo.com/pipermail/hostap/">New mailing list archives</a></li>
<li><a href="/gitweb/gitweb.cgi">Web interface to GIT repository (0.6.x and newer)</a></li>
<li><a href="/cgi-bin/viewcvs.cgi/hostap/">Web interface to CVS repository (0.5.x and older)</a></li>
<li><a href="../releases/snapshots/">Snapshot releases from all active branches</a>
<li><a href="../cvs.html">GIT and read-only anonymous CVS access (pserver)</a></li>
<li><a href="../bugz/">Bug and feature request tracking</a></li>
<li><a href="../wpa_supplicant/devel/">Developers' documentation for wpa_supplicant/hostapd</a></li>
</ul>
<h3>WPA</h3>
<p>The original security mechanism of IEEE 802.11 standard was not
designed to be strong and has proven to be insufficient for most
networks that require some kind of security. Task group I (Security)
of <a href="http://www.ieee802.org/11/">IEEE 802.11 working group</a>
has worked to address the flaws of the base standard and in
practice completed its work in May 2004. The IEEE 802.11i amendment to
the IEEE 802.11 standard was approved in June 2004 and published in
July 2004.</p>
<p><a href="http://www.wi-fi.org/">Wi-Fi Alliance</a> used a draft
version of the IEEE 802.11i work (draft 3.0) to define a subset of the
security enhancements that can be implemented with existing wlan
hardware. This is called Wi-Fi Protected Access (WPA). This has
now become a mandatory component of interoperability testing and
certification done by Wi-Fi Alliance. Wi-Fi has
<a href="http://www.wi-fi.org/OpenSection/protected_access.asp">information
about WPA</a> at its web site.</p>
<p>IEEE 802.11 standard defined wired equivalent privacy (WEP) algorithm
for protecting wireless networks. WEP uses RC4 with 40-bit keys,
24-bit initialization vector (IV), and CRC32 to protect against packet
forgery. All these choices have proven to be insufficient: key space is
too small against current attacks, RC4 key scheduling is insufficient
(beginning of the pseudorandom stream should be skipped), IV space is
too small and IV reuse makes attacks easier, there is no replay
protection, and non-keyed authentication does not protect against bit
flipping packet data.</p>
<p>WPA is an intermediate solution for the security issues. It uses
Temporal Key Integrity Protocol (TKIP) to replace WEP. TKIP is a
compromise on strong security and possibility to use existing
hardware. It still uses RC4 for the encryption like WEP, but with
per-packet RC4 keys. In addition, it implements replay protection,
keyed packet authentication mechanism (Michael MIC).</p>
<p>Keys can be managed using two different mechanisms. WPA can either use
an external authentication server (e.g., RADIUS) and EAP just like
IEEE 802.1X is using or pre-shared keys without need for additional
servers. Wi-Fi calls these "WPA-Enterprise" and "WPA-Personal",
respectively. Both mechanisms will generate a master session key for
the Authenticator (AP) and Supplicant (client station).</p>
<p>WPA implements a new key handshake (4-Way Handshake and Group Key
Handshake) for generating and exchanging data encryption keys between
the Authenticator and Supplicant. This handshake is also used to
verify that both Authenticator and Supplicant know the master session
key. These handshakes are identical regardless of the selected key
management mechanism (only the method for generating master session
key changes).</p>
<h3>IEEE 802.11i / RSN / WPA2</h3>
<p>The design for parts of IEEE 802.11i that were not included in WPA
has finished (May 2004) and this amendment to IEEE 802.11 was approved
in June 2004. Wi-Fi Alliance is using the final IEEE 802.11i as a new
version of WPA called WPA2. This included, e.g., support for more
robust encryption algorithm (CCMP: AES in Counter mode with CBC-MAC)
to replace TKIP, optimizations for handoff (reduced number of messages
in initial key handshake, pre-authentication, and PMKSA caching).</p>
<h4>Configuration file</h4>
<p>hostapd is configured using a text file that lists all the configuration
parameters. See an example configuration file,
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=hostapd/hostapd.conf">hostapd.conf</a>,
for detailed information about the configuration format and supported
fields.</p>
<h3>Feedback, comments, mailing list</h3>
<p>
Any comments, reports on success/failure, ideas for further
improvement, feature requests, etc. are welcome at j@w1.fi.
Please note, that I often receive more email than I have time to answer.
Unfortunately, some messages may not get a reply, but I'll try to go
through my mail whenever time permits.
</p>
<p>
Host AP mailing list can also be used for topics related to
hostapd. Since this list has a broader audience, your likelihood of
getting responses is higher. This list is recommended for general
questions about hostapd and its development. In addition, I
will send release notes to it whenever a new version is available.
</p>
<p>
The mailing list information and web archive is at <a
href="http://lists.shmoo.com/mailman/listinfo/hostap">http://lists.shmoo.com/mailman/listinfo/hostap</a>.
Messages to hostap@shmoo.com will be delivered to the
subscribers. Please note, that due to large number of spam and virus
messages sent to the list address, the list is configured to accept
messages only from subscribed addresses. Messages from unsubscribed addresses
may be accepted manually, but their delivery will be delayed.
</p>
<p>
If you want to make sure your bug report of feature request does not
get lost, please report it through the bug tracking system as
<a href="../bugz/enter_bug.cgi">a new
bug/feature request</a>.
</p>
<hr>
<div>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sun Jan 2 17:20:17 PST 2005 -->
<!-- hhmts start -->
Last modified: Sun Feb 27 12:48:54 EET 2011
<!-- hhmts end -->
</div>
</body>
</html>

284
www/index.html
Unescape Escape View File

@ -1,284 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Host AP Linux driver for Intersil Prism2/2.5/3 wireless LAN cards and WPA Supplicant</title>
<meta name="description" content="Linux driver for Host AP mode of Intersil Prism2/2.5/3 and WPA Supplicant">
<meta name="keywords" content="Host AP, hostap, Prism2, Linux driver for Prism2, Linux access point, software access point, hostapd, IEEE 802.11, IEEE 802.1X, WPA, WPA2, WPA Supplicant, wpa_supplicant, IEEE 802.11i, TKIP, CCMP, EAP-PEAP, EAP-TLS, IEEE 802.1X Supplicant, IEEE 802.1aa, EAPOL, RSN, pre-authentication, PMKSA caching, BSD hostapd, FreeBSD hostapd, RADIUS, authentication server, wireless">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<h2>Host AP driver for Intersil Prism2/2.5/3, hostapd, and WPA Supplicant</h2>
<h3><a name="intro">Introduction</a></h3>
<p>This project includes three main components:</p>
<ul>
<li>Host AP - Linux driver for Prism2/2.5/3</li>
<li><a href="hostapd/">hostapd</a> - user space daemon for access points,
including, e.g., IEEE 802.1X/WPA/EAP Authenticator for number of Linux and
BSD drivers, RADIUS client, integrated EAP server, and RADIUS
authentication server</li>
<li><a href="wpa_supplicant/">wpa_supplicant</a> user space IEEE 802.1X/WPA
supplicant (wireless client) for number of Linux, BSD, and Windows
drivers</li>
</ul>
<p>
Host AP is a Linux driver for wireless LAN cards based on Intersil's
Prism2/2.5/3 chipset. The driver supports a so called Host AP mode, i.e., it
takes care of IEEE 802.11 management functions in the host computer
and acts as an access point. This does not require any special
firmware for the wireless LAN card. In addition to this, it has
support for normal station operations in BSS and possible also in
IBSS. WPA and RSN (WPA2) is supported when used with accompanied tools,
wpa_supplicant (WPA/RSN Supplicant) and hostapd (WPA/RSN Authenticator). All
these programs have been designed for both desktop/laptop computers and
embedded systems.
</p>
<p>
Intersil's station firmware for Prism2 chipset supports a so called
Host AP mode in which the firmware takes care of time critical tasks
like beacon sending and frame acknowledging, but leaves other
management tasks to host computer driver. This driver implements basic
functionality needed to initialize and configure Prism2-based cards,
to send and receive frames, and to gather statistics. In addition, it
includes an implementation of following IEEE 802.11 functions:
authentication (and deauthentication), association (reassociation, and
disassociation), data transmission between two wireless stations,
power saving (PS) mode signaling and frame buffering for PS
stations. The driver has also various features for development
debugging and for researching IEEE 802.11 environments like access to
hardware configuration records, I/O registers, and frames with 802.11
headers.
</p>
<p>
When used with a user space daemon, the combination of the Host AP
driver and hostapd daemon includes additional features. These include
support for IEEE 802.1X and dynamic WEP rekeying, RADIUS Accounting,
RADIUS-based ACL for IEEE 802.11 authentication, minimal IAPP (IEEE
802.11f), WPA, IEEE 802.11i/RSN/WPA2.
</p>
<p>
<a href="http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Wireless.html">Linux
Wireless LAN Howto</a> has some useful information about wireless LAN support
in Linux. In addition, it includes information about which cards are
Prism2-based (and can thus be used in Host AP mode).
</p>
<h3><a name="wpa_supplicant">WPA/RSN Supplicant (wpa_supplicant)</a></h3>
<p>More information is available on <a
href="wpa_supplicant/">wpa_supplicant's own page</a>.</p>
<p>Supported WPA/IEEE 802.11i features:</p>
<ul>
<li>WPA-PSK ("WPA-Personal")</li>
<li>WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise")</li>
<li>key management for CCMP, TKIP, WEP104, WEP40</li>
<li>WPA and full IEEE 802.11i/RSN/WPA2</li>
<li>RSN: PMKSA caching, pre-authentication</li>
</ul>
<p>Supported drivers:</p>
<ul>
<li>Linux drivers that support Linux Wireless Extensions v19 or newer with
WPA/WPA2 extensions</li>
<li>Host AP driver for Prism2/2.5/3</li>
<li>Linuxant DriverLoader with Windows NDIS driver supporting WPA</li>
<li>Agere Systems Inc. Linux Driver (Hermes-I/Hermes-II chipset)</li>
<li>madwifi (Atheros ar521x)</li>
<li>ATMEL AT76C5XXx</li>
<li>Linux ndiswrapper with Windows NDIS driver</li>
<li>Broadcom wl.o driver</li>
<li>Intel ipw2100 and ipw2200</li>
<li>Wired Ethernet drivers</li>
<li>BSD net80211 layer (e.g., Atheros driver) (FreeBSD 6-CURRENT)</li>
<li>Windows NDIS drivers (Windows; at least XP and 2000, others not tested)</li>
</ul>
<h3><a name="wpa_authenticator">WPA/RSN/EAP Authenticator (hostapd)</a></h3>
<p>More information is available on <a
href="hostapd/">hostapd's own page</a>.</p>
<p>Supported WPA/IEEE 802.11i features:</p>
<ul>
<li>WPA-PSK ("WPA-Personal")</li>
<li>WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise")<br>
<li>key management for CCMP, TKIP, WEP104, WEP40</li>
<li>WPA and full IEEE 802.11i/RSN/WPA2</li>
<li>RSN: PMKSA caching, pre-authentication</li>
</ul>
<p>Supported drivers:</p>
<ul>
<li>Linux mac80211-based drivers with AP mode support</li>
<li>Host AP driver for Prism2/2.5/3</li>
<li>madwifi (Atheros ar521x)</li>
<li>BSD net80211 layer (e.g., Atheros driver) (FreeBSD 6-CURRENT)</li>
</ul>
<h3><a name="download">Download</a></h3>
<p>
<b>Host AP driver</b><br>
Copyright (c) 2001-2002, SSH Communications Security Corp and
Jouni Malinen.<br>
Copyright (c) 2002-2007, Jouni Malinen and contributors.<br>
Author: Jouni Malinen &lt;j@w1.fi&gt;
</p>
<p>
<b>Host AP utils</b><br>
Copyright (c) 2002-2005, Jouni Malinen &lt;j@w1.fi&gt;
and contributors.
</p>
<p>
<b>hostapd</b><br>
Copyright (c) 2002-2011, Jouni Malinen &lt;j@w1.fi&gt;
and contributors.
</p>
<p>
<b>wpa_supplicant</b><br>
Copyright (c) 2003-2011, Jouni Malinen &lt;j@w1.fi&gt;
and contributors.
</p>
<p>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
published by the Free Software Foundation. See
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=COPYING">COPYING</a>
for more details. hostapd and wpa_supplicant are alternatively
available under BSD license.
</p>
<p>
<b>Please see
<a href="/cgi-bin/viewcvs.cgi/*checkout*/hostap/README?rev=HEAD&amp;content-type=text/plain">README</a>
for updated documentation of the driver.
Please also check <a href="/cgi-bin/viewcvs.cgi/*checkout*/hostap/FAQ?rev=HEAD&amp;content-type=text/plain">FAQ</a> before sending problem reports.</b>
</p>
<p>
<b>Note!</b>
Host AP driver was added into the main kernel tree in Linux
v2.6.14. The version in the kernel tree should be used instead of this
external hostap-driver package. The external releases are only for
older kernel versions and all the future development will be in the
main kernel tree.
</p>
<ul>
<li><a href="releases.html">Release graph</a></li>
<li>Latest stable release:
<ul>
<li><a href="releases/hostapd-0.7.3.tar.gz">hostapd-0.7.3.tar.gz</a>
<li><a href="releases/wpa_supplicant-0.7.3.tar.gz">wpa_supplicant-0.7.3.tar.gz</a> (source code for all versions)</li>
<li><a href="releases/wpa_supplicant-0.7.3.exe">wpa_supplicant-0.7.3.exe</a> (binary installer for Windows)</li>
<li><a href="releases/wpa_supplicant-windows-bin-0.7.3.zip">wpa_supplicant-windows-bin-0.7.3.zip</a> (binaries for Windows)</li>
</ul>
<li>Previous stable release:
<ul>
<li><a href="releases/hostapd-0.6.10.tar.gz">hostapd-0.6.10.tar.gz</a>
<li><a href="releases/wpa_supplicant-0.6.10.tar.gz">wpa_supplicant-0.6.10.tar.gz</a> (source code for all versions)</li>
<li><a href="releases/wpa_supplicant-0.6.10.exe">wpa_supplicant-0.6.10.exe</a> (binary installer for Windows)</li>
<li><a href="releases/wpa_supplicant-windows-bin-0.6.10.zip">wpa_supplicant-windows-bin-0.6.10.zip</a> (binaries for Windows)</li>
<li><a href="wpa_supplicant/qt4/wpa_gui-qt433-windows-dll.zip">wpa_gui-qt433-windows-dll.zip</a> (Qt4 libraries from wpa_gui/Windows)</li>
</ul>
<!--
<li>Latest development release:
<ul>
<li><a href="releases/hostapd-0.8.0.tar.gz">hostapd-0.8.0.tar.gz</a>
<li><a href="releases/wpa_supplicant-0.8.0.tar.gz">wpa_supplicant-0.8.0.tar.gz</a> (source code for all versions)</li>
<li><a href="releases/wpa_supplicant-0.8.0.exe">wpa_supplicant-0.8.0.exe</a> (binary installer for Windows)</li>
<li><a href="releases/wpa_supplicant-windows-bin-0.8.0.zip">wpa_supplicant-windows-bin-0.8.0.zip</a> (binaries for Windows)</li>
</ul>
-->
<li>ChangeLog:
<ul>
<li>hostapd:
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=hostapd/ChangeLog">[development branch]</a>
<a href="/gitweb/gitweb.cgi?p=hostap-07.git;a=blob_plain;f=hostapd/ChangeLog">[stable branch]</a>
<a href="/gitweb/gitweb.cgi?p=hostap-06.git;a=blob_plain;f=hostapd/ChangeLog">[previous stable branch]</a>
<li>wpa_supplicant:
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/ChangeLog">[development branch]</a>
<a href="/gitweb/gitweb.cgi?p=hostap-07.git;a=blob_plain;f=wpa_supplicant/ChangeLog">[stable branch]</a>
<a href="/gitweb/gitweb.cgi?p=hostap-06.git;a=blob_plain;f=wpa_supplicant/ChangeLog">[previous stable branch]</a>
</ul>
<li><a href="releases/">Old releases</a>
<li><a href="http://lists.shmoo.com/mailman/listinfo/hostap">Mailing list</a>
<li><a href="http://lists.shmoo.com/pipermail/hostap/">New mailing list archives</a>
<li><a href="hostap/">Old mailing list archives</a>
<li><a href="htdig/">Search mailing list archives</a>
<li><a href="/gitweb/gitweb.cgi">Web interface to GIT repository (0.6.x and newer)</a></li>
<li><a href="/cgi-bin/viewcvs.cgi/hostap/">Web interface to CVS repository (0.5.x and older)</a></li>
<li><a href="releases/snapshots/">Snapshot releases from all active branches</a>
<li><a href="cvs.html">GIT and read-only anonymous CVS access (pserver)</a>
<li><a href="links.html">Host AP related links</a>
<li><a href="bugz/">Bug and feature request tracking</a></li>
</ul>
<h3>Wireless Tools for Linux</h3>
<p>
Please, note that you will need quite recent version of Wireless Tools
to use some features of the Host AP driver. Using the
<a href="http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Tools.html#latest">latest</a>
version of the tools is recommended. Some features might also require latest beta version.
</p>
<h3>Feedback, comments, mailing list</h3>
<p>
Any comments, reports on success/failure, ideas for further
improvement, feature requests, etc. are welcome at j@w1.fi.
Please note, that I often receive more email than I have time to answer.
Unfortunately, some messages may not get a reply, but I'll try to go
through my mail whenever time permits.
</p>
<p>
There is also a mailing list for Host AP related messages.
Since this list has a broader audience, your likelihood of getting
responses is higher. This list is recommended for general questions
about Host AP driver and its development. In addition, I will send
release notes to it whenever a new version is available.
</p>
<p>
The mailing list information and web archive is at <a
href="http://lists.shmoo.com/mailman/listinfo/hostap">http://lists.shmoo.com/mailman/listinfo/hostap</a>.
Messages to hostap@shmoo.com will be delivered to the
subscribers. Please note, that due to large number of spam and virus
messages sent to the list address, the list is configured to accept
messages only from subscribed addresses. Messages from unsubscribed addresses
may be accepted manually, but their delivery will be delayed.
</p>
<p>
If you want to make sure your bug report of feature request does not
get lost, please report it through the bug tracking system as
<a href="bugz/enter_bug.cgi">a new bug/feature request</a>.
</p>
<hr>
<div>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Mon May 27 20:08:41 EEST 2002 -->
<!-- hhmts start -->
Last modified: Sun Feb 27 12:51:48 EET 2011
<!-- hhmts end -->
</div>
</body>
</html>

56
www/links.html
Unescape Escape View File

@ -1,56 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Host AP related links</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<h2>Host AP related links</h2>
<p>
Here are some miscellaneous links to pages related to Host AP mode,
driver, etc. Please send any corrections or additions to <a
href="mailto:j@w1.fi">Jouni Malinen</a> (j@w1.fi).
</p>
<h3>General information</h3>
<ul>
<li><a href="http://www.personaltelco.net/index.cgi/HostApMode">PersonalTelco: HostApMode</a>
<li><a href="http://trekweb.com/~jasonb/articles/hostap_20030727.shtml">Jason Boxman: Installing and Setting up basic HostAP box</a>
<li><a href="http://pachome.pacific.net.sg/~yanghwee/sub/How-To-wirelessAP.html">Yang-Hwee TAN: How-To Setup WirelessAP in Linux using HostAP driver</a>
<li><a href="http://linux.junsun.net/intersil-prism/">Jun Sun's
Mini-howto on Flashing Intersil Prism Chipsets</a>
<li><a href="http://home.columbus.rr.com/andrewbarr/dwl520e1.html">Andrew Barr: Using the D-Link DWL-520 rev. E1 with HostAP</a>
</ul>
<h3>IEEE 802.1X (port-based network access control)</h3>
<ul>
<li><a href="http://standards.ieee.org/getieee802/download/802.1X-2001.pdf">IEEE 802.1X-2001 standard from <i>Get IEEE 802</i></a>
<li><a href="http://www.open1x.org/">Open1x (open source implementation of IEEE 802.1X)</a>
<li><a href="http://www.freeradius.org/">FreeRADIUS</a>
<li><a href="http://www.missl.cs.umd.edu/wireless/eaptls/">Adam Sulmicki: HOWTO on EAP/TLS authentication between FreeRADIUS and XSupplicant</a>
</ul>
<h3>Information in other languages</h3>
<ul>
<li><a href="http://bulmalug.net/body.phtml?nIdNoticia=1309">Redes Wireless con Linux (Spanish)</a>
<li><a href="http://bulmalug.net/body.phtml?nIdNoticia=1313">Résaux Sans Fils avec Linux (French)</a>
</ul>
<hr>
<div>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat Aug 31 12:09:59 EEST 2002 -->
<!-- hhmts start -->
Last modified: Thu Mar 8 19:44:09 PST 2007
<!-- hhmts end -->
</div>
</body>
</html>

41
www/releases.html
Unescape Escape View File

@ -1,41 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Host AP driver / wpa_supplicant / hostapd releases</title>
</head>
<body>
<p>
<a href="index.html">Host AP driver</a> /
<a href="wpa_supplicant/">wpa_supplicant</a> /
<a href="hostapd/">hostapd</a> releases
</p>
<p>
<img src="versions.png"><br clear="all">
<ul>
<li>green background = stable release</li>
<li>white background = development release</li>
<li>letters after the version (what was included in the release):
<ul>
<li>d = Host AP driver</li>
<li>u = Host AP driver utilities</li>
<li>h = hostapd</li>
<li>w = wpa_supplicant</li>
</ul></li>
</ul>
</p>
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Mon Feb 20 11:14:29 PST 2006 -->
<!-- hhmts start -->
Last modified: Thu Mar 8 19:44:22 PST 2007
<!-- hhmts end -->
</body>
</html>

116
www/versions.dot
Unescape Escape View File

@ -1,116 +0,0 @@
digraph versions {
size="10,6"
# rankdir=LR
# development releases
node [shape=box]
v001 [label="0.0.1 duh\n2003-04-05"]
v002 [label="0.0.2 duh\n2003-05-03"]
v003 [label="0.0.3 duh\n2003-05-18"]
v004 [label="0.0.4 duh\n2003-07-27"]
v010 [label="0.1.0 duh\n2003-10-14"]
v020 [label="0.2.0 duhw\n2004-02-15"]
v021 [label="0.2.1 duhw\n2004-05-06"]
v022 [label="0.2.2 dhw\n2004-05-31"]
v023 [label="0.2.3 dhw\n2004-06-20"]
v030 [label="0.3.0 duhw\n2004-12-05"]
v031 [label="0.3.1 hw\n2004-12-12"]
v032 [label="0.3.2 duhw\n2004-12-19"]
v033 [label="0.3.3 dhw\n2005-01-02"]
v034 [label="0.3.4 hw\n2005-01-09"]
v035 [label="0.3.5 dhw\n2005-01-23"]
v036 [label="0.3.6 w\n2005-01-24"]
v040 [label="0.4.0 duhw\n2005-04-25"]
v041 [label="0.4.1 dhw\n2005-05-22"]
v042 [label="0.4.2 hw\n2005-06-12"]
v043 [label="0.4.3 hw\n2005-06-26"]
v044 [label="0.4.4 dhw\n2005-08-21"]
v045 [label="0.4.5 dhw\n2005-09-25"]
v046 [label="0.4.6 hw\n2005-10-27"]
v050 [label="0.5.0 hw\n2005-12-18"]
v051 [label="0.5.1 hw\n2006-01-29"]
v052 [label="0.5.2 hw\n2006-03-19"]
v053 [label="0.5.3 hw\n2006-04-27"]
v054 [label="0.5.4 hw\n2006-06-20"]
v055 [label="0.5.5 hw\n2006-08-27"]
v056 [label="0.5.6 hw\n2006-11-24"]
v060 [label="0.6.0 hw\n2007-05-28"]
v061 [label="0.6.1 hw\n2007-11-24"]
v062 [label="0.6.2 hw\n2008-01-01"]
v063 [label="0.6.3 hw\n2008-02-22"]
v064 [label="0.6.4 hw\n2008-08-10"]
v065 [label="0.6.5 hw\n2008-11-01"]
v066 [label="0.6.6 hw\n2008-11-23"]
v067 [label="0.6.7 hw\n2009-01-06"]
v070 [label="0.7.0 hw\n2009-11-21"]
v071 [label="0.7.1 hw\n2010-01-16"]
v072 [label="0.7.2 hw\n2010-04-18"]
# stable releases
node [fillcolor=green style=filled]
v024 [label="0.2.4 dhw\n2004-07-17"]
v025 [label="0.2.5 dhw\n2004-10-03"]
v026 [label="0.2.6 duhw\n2004-12-25"]
v027 [label="0.2.7 w\n2005-02-13"]
v028 [label="0.2.8 duhw\n2006-02-20"]
v037 [label="0.3.7 duhw\n2005-02-12"]
v038 [label="0.3.8 w\n2005-02-13"]
v039 [label="0.3.9 dhw\n2005-06-10"]
v0310 [label="0.3.10 dhw\n2006-02-12"]
v0311 [label="0.3.11 hw\n2006-05-13"]
v047 [label="0.4.7 duhw\n2005-11-20"]
v048 [label="0.4.8 hw\n2006-02-08"]
v049 [label="0.4.9 dhw\n2006-05-06"]
v0410 [label="0.4.10 hw\n2007-02-19"]
v0411 [label="0.4.11 hw\n2008-02-23"]
v057 [label="0.5.7 hw\n2006-12-31"]
v058 [label="0.5.8 hw\n2007-05-28"]
v059 [label="0.5.9 hw\n2007-12-02"]
v0510 [label="0.5.10 hw\n2008-02-19"]
v0511 [label="0.5.11 hw\n2008-11-28"]
v068 [label="0.6.8 hw\n2009-02-15"]
v069 [label="0.6.9 hw\n2009-03-23"]
v0610 [label="0.6.10 hw\n2010-01-12"]
v073 [label="0.7.3 hw\n2010-09-07"]
# development releases
v001 -> v002 -> v003 -> v004
v004 -> v010 -> v020 -> v021 -> v022 -> v023 -> v024
v024 -> v030 -> v031 -> v032 -> v033 -> v034 -> v035 -> v036 -> v037
v037 -> v040 -> v041 -> v042 -> v043 -> v044 -> v045 -> v046 -> v047
v047 -> v050 -> v051 -> v052 -> v053 -> v054 -> v055 -> v056 -> v057
v057 -> v060 -> v061 -> v062 -> v063 -> v064 -> v065 -> v066 -> v067 -> v068
v068 -> v070 -> v071 -> v072 -> v073
{rank=same; v001 v024}
{rank=same; v030 v037}
{rank=same; v040 v047}
{rank=same; v050 v057}
{rank=same; v060 v068}
{rank=same; v070 v073}
# stable releases
v024 -> v025 -> v026 -> v027 -> v028
v037 -> v038 -> v039 -> v0310 -> v0311
v047 -> v048 -> v049 -> v0410 -> v0411
v057 -> v058 -> v059 -> v0510 -> v0511
v068 -> v069 -> v0610
v073
{rank=same; v024 v025 v026 v027 v028}
{rank=same; v037 v038 v039 v0310 v0311}
{rank=same; v047 v048 v049 v0410 v0411}
{rank=same; v057 v058 v059 v0510 v0511}
{rank=same; v068 v069 v0610}
{rank=same; v073}
# edge [style=dashed,color=red]
# v030 -> v036
}

26
www/wpa_supplicant/conf/auth_modes.html
Unescape Escape View File

@ -1,26 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Introduction to wireless authentication modes</title>
<link rel="stylesheet" type="text/css" href="configure.css" />
</head>
<body>
<div id="navig">
<a href="../">wpa_supplicant</a> /
<a href="index.html">configuration</a> /
authentication modes
</div>
<h1>Introduction to wireless authentication modes</h1>
<p class="todo">TODO</p>
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat Feb 25 19:53:25 PST 2006 -->
<!-- hhmts start -->
Last modified: Sun Feb 26 13:46:58 PST 2006
<!-- hhmts end -->
</body>
</html>

49
www/wpa_supplicant/conf/configure.css
Unescape Escape View File

@ -1,49 +0,0 @@
body{
font: normal 80% Verdana, Helvetica;
}
.confdesc{
width: 80%;
border: 1px solid black;
background-color: #ededed;
padding: 5px;
font-size: 90%;
visibility: hidden;
margin-left: 30px;
}
.exampleconf{
width: 98%;
border: 1px solid black;
background-color: #ededed;
padding: 5px;
font-family: Courier;
font-size: 100%;
}
.todo{
font-style: italic;
color: red;
}
.error{
color: red;
}
.credlayer{
display: none;
}
#navig{
font: normal 100% Verdana, Helvetica;
margin-left: 0px;
margin-top: 0px;
padding: 0px;
margin: 0px;
display: inline;
}
#navig a {
text-decoration: none;
color: navy;
}

240
www/wpa_supplicant/conf/configure.html
Unescape Escape View File

@ -1,240 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>wpa_supplicant configuration wizard</title>
<script type="text/javascript" src="configure.js"></script>
<link rel="stylesheet" type="text/css" href="configure.css" />
</head>
<body>
<div id="navig">
<a href="../">wpa_supplicant</a> /
<a href="index.html">configuration</a> /
wizard
</div>
<h1>wpa_supplicant configuration wizard</h1>
<p><a href="../">wpa_supplicant</a> supports large range of security
modes and authentication types. Just looking at the reference
information of available configuration options may not provide enough
high level understanding to select which options are needed. This page
provides information about configuring wpa_supplicant and a wizard for
generating example configuration files to make it easier to understand
different security policies and how they should be configured for
wpa_supplicant.</p>
<p>The wizard goes through steps to select suitable options based on
your input. An example configuration file is updated at each
step. This example can be seen at the bottom of this page.</p>
<h2>Step 1/5: Operating system and driver</h2>
<p>wpa_supplicant can be used with multiple operating systems and
network drivers. Most of the configuration parameters do not depend on
this, but some of the parameters may need to be changed based on
OS/driver capabilities.</p>
<form name="os_driver">
<select name="os" onChange="configure_os()" onBlur="configure_os()">
<option value="select">Select your operating system</option>
<option value="linux">Linux</option>
<option value="windows">Windows 2000/NT/XP</option>
<option value="bsd">FreeBSD/NetBSD</option>
<option value="other">Other</option>
</select>
<select name="driver" onChange="configure_driver()" disabled="disabled">
</select>
</form>
<div id="os_desc" class="confdesc"></div>
<h2>Step 2/5: Network name</h2>
<p>
Wireless networks have a "network name" (SSID = Service Set
Identifier). This is a sequence of up to 32 characters. This name is
used to select which access points (AP) can be used and as such, it
must match with the SSID configured for the desired AP.
</p>
<p>
Some APs allow SSIDs to be "hidden" which requires that the client is
specifically searching for the configured to SSID to be able to
connect. This may require some additional options in wpa_supplicant
configuration, so enable those here by checking "hidden SSID" if your
AP is configured to hide the SSID. This may show up as "brodcast SSID
disabled" or "hidden SSID" or something similar in the AP
configuration. Hidden SSID configuration does not prevent
wpa_supplicant from connecting to APs that do not hide SSID, so it can
be enabled for all cases.
</p>
<form name="network">
SSID: <input type="text" name="ssid" onChange="update_conf()">
<input type="checkbox" name="hidden_ssid" onChange="update_conf()">hidden SSID
</form>
<h2>Step 3/5: Authentication mode</h2>
<p class="todo">TODO: write explanation for different modes</p>
<form name="authmode">
<select name="auth" onChange="configure_auth()" onBlur="configure_auth()">
<option value="select">Select authentication mode</option>
<option value="open">None (unencrypted, open network)</option>
<option value="wep">None (encrypted network, static WEP keys)</option><
<option value="ieee8021x">IEEE 802.1X/EAP without WPA</option>
<option value="wpa-psk">WPA/WPA2-Personal (PSK) (IEEE 802.11i)</option>
<option value="wpa-eap">WPA/WPA2-Enterprise (EAP) (IEEE 802.11i)</option>
</select>
<select name="auth2" onChange="configure_auth2()" disabled="auth2">
</select>
</form>
<div id="auth_desc" class="confdesc"></div>
<h2>Step 4/5: Encryption</h2>
<p class="todo">TODO: different group cipher for WPA/WPA2</p>
<form name="encrmode">
<select name="encr" onChange="configure_encr()" onBlur="configure_encr()">
<option value="select">Select encryption</option>
<option value="none">None (unencrypted open network)</option>
<option value="wep">WEP (Wired Equivalent Privacy)</option>
<option value="tkip">TKIP (Temporal Key Integrity Protocol)</option>
<option value="ccmp">CCMP (AES Counter-Mode/CBC-MAC Protocol)</option>
</select>
</form>
<div id="encr_desc" class="confdesc"></div>
<h2>Step 5/5: Authentication credentials</h2>
<div id="cred_unknown">
Authentication mode (Step 3) must be selected first.
</div>
<div id="cred_open" class="credlayer">
No credentials needed for open network.
</div>
<div id="cred_wep" class="credlayer">
<p>
Static WEP keys requires that at least one key is configured. Up to
four keys can be configured and one of them needs to be selected to be
used for transmitted frames. All configured keys can be used when
decrypting received frames.
</p>
<p>
WEP can be used with different key length. In most cases, either
40-bit or 104-bit keys are used. These key lengths may also be shown
as 64-bit and 128-bit in some cases since WEP adds 24-bit
initialization vector into the keys. 40-bit keys can be entered as
five character string surrounded with double quotation marks, e.g.,
"abcde". Alternatively, they can be entered as a hex string of ten
characters without quotation marks, e.g., 6162636465. Both of these
options configure the same key. 104-bit keys are entered similarly,
with 13-character text string or 26-character hex string.
</p>
<p>
wpa_supplicant uses indexes 0 .. 3 for the WEP keys. Some other user
interfaces may use indexes 1 .. 4, so this needs to be taken into
account when determining which index to use here.
</p>
<form name="cred_wep_form">
WEP key 0: <input type="text" name="wep0" onChange="configure_wep()"><br>
WEP key 1: <input type="text" name="wep1" onChange="configure_wep()"><br>
WEP key 2: <input type="text" name="wep2" onChange="configure_wep()"><br>
WEP key 3: <input type="text" name="wep3" onChange="configure_wep()"><br>
Transmit key <select name="wep_tx_idx">
<option value="0">0
<option value="1">1
<option value="2">2
<option value="3">3
</select>
</form>
</div>
<div id="cred_psk" class="credlayer">
<p>
Passphrase (string of 8 to 63 characters) needs to be configured for
WPA/WPA2-Personal. This passphrase is then converted into a 256-bit
pre-shared key (PSK). Alternatively, a 256-bit PSK can be entered as
64-character hex string into the PSK field. Only one of these options
should be used.
</p>
<form name="cred_psk_form">
Passphrase: <input type="text" name="passphrase" onChange="configure_passphrase()">
PSK: <input type="text" name="psk" size=64 onChange="configure_passphrase()">
</form>
</div>
<div id="cred_eap" class="credlayer">
<p class="todo">TODO: write introduction text for each EAP method</p>
<form name="cred_eap_form">
EAP method: <select name="eap" onChange="update_eap()">
<option value="select">Select EAP method</option>
<option value="TLS">EAP-TLS</option>
<option value="PEAP">EAP-PEAP</option>
<option value="TTLS">EAP-TTLS</option>
<option value="FAST">EAP-FAST</option>
<option value="LEAP">LEAP</option>
<option value="MD5">EAP-MD5</option>
<option value="GTC">EAP-GTC</option>
<option value="OTP">EAP-OTP</option>
<option value="MSCHAPV2">EAP-MSCHAPv2</option>
</select>
Tunneled method (phase 2): <select name="phase2" disabled="disabled" onChange="update_eap2()">
</select><br>
Identity (user name): <input type="text" name="identity" onChange="configure_eap()"><br>
Anonymous identity (user name): <input type="text" name="anon_identity" onChange="configure_eap()" disabled="disabled"><br>
Password: <input type="text" name="password" onChange="configure_eap()" disabled="disabled"><br>
CA certificate: <input type="text" name="ca_cert" onChange="configure_eap()" disabled="disabled"><br>
User certificate: <input type="text" name="client_cert" onChange="configure_eap()" disabled="disabled"><br>
User private key: <input type="text" name="private_key" onChange="configure_eap()" disabled="disabled"><br>
User private key passphrase: <input type="text" name="private_key_passwd" onChange="configure_eap()" disabled="disabled"><br>
EAP-FAST PAC file: <input type="text" name="pac_file" onChange="configure_eap()" disabled="disabled"><br>
</form>
</div>
<div id="cred_desc" class="confdesc"></div>
<h2>Example configuration</h2>
<form>
Configuration example is updated automatically when modifying
information above. However, if it is not updated in some cases (e.g.,
after reloading the page), you can force an update with this button.<br>
<input type="button" value="Update configuration" onClick="update_conf()">
</form>
<p>
This configuration file can be copied to a text file that
wpa_supplicant will then be asked to use with <i>-c&lt;full path to
configuration file&gt;</i> command line option.
</p>
<div id="exampleconf" class="exampleconf">
# example configuration will be generated here<br>
</div>
<br>
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat Feb 25 17:07:35 PST 2006 -->
<!-- hhmts start -->
Last modified: Sun Feb 26 13:47:30 PST 2006
<!-- hhmts end -->
</body>
</html>

544
www/wpa_supplicant/conf/configure.js
Unescape Escape View File

@ -1,544 +0,0 @@
var conf_ap_scan = -1;
var conf_wired = false;
function configure_os()
{
var os = document.os_driver.os.value;
document.os_driver.driver.disabled = false;
document.os_driver.driver[0] = new Option("Select your driver", "select");
if (os == "linux") {
document.os_driver.driver[1] = new Option("madwifi", "madwifi");
document.os_driver.driver[2] = new Option("Host AP (Prism2/2.5/3)", "hostap");
document.os_driver.driver[3] = new Option("Intel ipw2100/2200", "ipw");
document.os_driver.driver[4] = new Option("Any wired Ethernet driver", "linux_wired");
document.os_driver.driver[5] = new Option("Other", "other linux");
} else if (os == "windows") {
document.os_driver.driver[1] = new Option("Any wireless NDIS driver", "ndis_wireless");
document.os_driver.driver[2] = new Option("Any wired (Ethernet) NDIS driver", "ndis_wired");
}
}
function configure_driver()
{
var drv = document.os_driver.driver.value;
var t = document.getElementById("os_desc");
t.innerHTML = "";
t.style.visibility = "hidden";
if (drv == "ndis_wireless") {
conf_ap_scan = 2;
t.innerHTML = "All wireless Windows NDIS drivers support AP selection " +
"and roaming, so in most cases, configuring the driver to take care " +
"of this by setting ap_scan=2 is the recommended configuration for " +
"Windows.";
t.style.visibility = "visible";
} else if (drv == "ndis_wired" || drv == "linux_wired") {
conf_ap_scan = 0;
conf_wired = true;
} else
conf_ap_scan = 1;
update_conf();
}
function update_encr()
{
var auth = document.authmode.auth.value;
var t = document.getElementById("encr_desc");
for (i = 0; i < 6; i++)
document.encrmode.encr[i] = null;
if (auth == "open") {
document.encrmode.encr[0] = new Option("None (unencrypted open network)", "none");
document.encrmode.encr.selectedIndex = 0;
t.innerHTML = "Based on the selected authentication mode (open network), only 'None' is an allowed encryption mode.";
t.style.visibility = "visible";
} else if (auth == "wep") {
document.encrmode.encr[0] = new Option("WEP (Wired Equivalent Privacy)", "wep");
document.encrmode.encr.selectedIndex = 0;
t.innerHTML = "Based on the selected authentication mode (WEP), only 'WEP' is an allowed encryption mode.";
t.style.visibility = "visible";
} else if (auth == "ieee8021x") {
document.encrmode.encr[0] = new Option("None (unencrypted open network)", "none");
document.encrmode.encr[1] = new Option("WEP (Wired Equivalent Privacy)", "wep");
document.encrmode.encr.selectedIndex = conf_wired ? 0 : 1;
t.innerHTML = "Based on the selected authentication mode (IEEE 802.1X), either 'None' or 'WEP' can be selected. In wireless networks, this is most likely going to be 'WEP' and in wired networks, only 'None' is allowed.";
t.style.visibility = "visible";
} else if (auth == "wpa-psk" || auth == "wpa-eap") {
document.encrmode.encr[0] = new Option("TKIP (Temporal Key Integrity Protocol)", "tkip");
document.encrmode.encr[1] = new Option("CCMP (AES Counter-Mode/CBC-MAC Protocol)", "ccmp");
document.encrmode.encr.selectedIndex = (document.authmode.auth2.value == "wpa1") ? 0 : 1;
t.innerHTML = "Based on the selected authentication mode (WPA/WPA2), either 'TKIP' or 'CCMP' can be selected. Most WPA networks are using TKIP whereas WPA2 defaults to CCMP.";
t.style.visibility = "visible";
} else {
t.innerHTML = "";
t.style.visibility = "hidden";
}
}
function update_cred()
{
var auth = document.authmode.auth.value;
var t;
t = document.getElementById("cred_unknown");
t.style.display = "none";
t = document.getElementById("cred_open");
t.style.display = "none";
t = document.getElementById("cred_wep");
t.style.display = "none";
t = document.getElementById("cred_psk");
t.style.display = "none";
t = document.getElementById("cred_eap");
t.style.display = "none";
if (auth == "open") {
t = document.getElementById("cred_open");
t.style.display = "block";
} else if (auth == "wep") {
t = document.getElementById("cred_wep");
t.style.display = "block";
} else if (auth == "wpa-psk") {
t = document.getElementById("cred_psk");
t.style.display = "block";
} else if (auth == "ieee8021x" || auth == "wpa-eap") {
t = document.getElementById("cred_eap");
t.style.display = "block";
} else {
t = document.getElementById("cred_unknown");
t.style.display = "block";
}
}
function configure_auth()
{
var auth = document.authmode.auth.value;
document.authmode.auth2[0] = null;
document.authmode.auth2[1] = null;
document.authmode.auth2.disabled = true;
if (auth == "wep") {
document.authmode.auth2[0] = new Option("Open System authentication", "open");
document.authmode.auth2[1] = new Option("Shared Key authentication", "shared");
document.authmode.auth2.disabled = false;
} else if (auth == "wpa-psk" || auth == "wpa-eap") {
document.authmode.auth2[0] = new Option("WPA (version 1)", "wpa1");
document.authmode.auth2[1] = new Option("WPA2 (IEEE 802.11i)", "wpa2");
document.authmode.auth2.disabled = false;
}
update_encr();
update_cred();
update_conf();
}
function configure_auth2()
{
update_encr();
update_conf();
}
function configure_encr()
{
update_conf();
}
function configure_passphrase()
{
var passphrase = document.cred_psk_form.passphrase.value;
var psk = document.cred_psk_form.psk.value;
var t = document.getElementById("cred_desc");
if (psk.length && (psk.length != 64 || !is_hex(psk))) {
t.innerHTML = "<p class=\"error\">Note: Invalid PSK</p>";
t.style.visibility = "visible";
} else if (psk.length == 0 && passphrase.length &&
(passphrase.length < 8 || passphrase.length > 63)) {
t.innerHTML = "<p class=\"error\">Note: Invalid passphrase</p>";
t.style.visibility = "visible";
} else {
t.innerHTML = "";
t.style.visibility = "hidden";
}
if (psk.length) {
document.cred_psk_form.passphrase.disabled = true;
document.cred_psk_form.psk.disabled = false;
} else if (passphrase.length) {
document.cred_psk_form.passphrase.disabled = false;
document.cred_psk_form.psk.disabled = true;
} else {
document.cred_psk_form.passphrase.disabled = false;
document.cred_psk_form.psk.disabled = false;
}
update_conf();
}
function is_hex(s)
{
if (s.length % 2)
return false;
for (i = 0; i < s.length; i++) {
if (s[i] >= 'a' && s[i] <= 'f')
continue;
if (s[i] >= 'A' && s[i] <= 'F')
continue;
if (s[i] >= '0' && s[i] <= '9')
continue;
return false;
}
return true;
}
function valid_wep_key(key)
{
if (key.length == 0)
return true;
if (key[0] == '"') {
if (key[key.length - 1] != '"')
return false;
return (key.length == 5 + 2 || key.length == 13 + 2 ||
key.length == 16 + 2);
}
return (is_hex(key) &&
(key.length == 10 || key.length == 26 || key.length == 32));
}
function configure_wep()
{
var t = document.getElementById("cred_desc");
var txt = "";
var wep;
wep = document.cred_wep_form.wep0.value;
if (!valid_wep_key(wep))
txt += "<p class=\"error\">Note: Invalid WEP key: " + wep + "</p>\n";
wep = document.cred_wep_form.wep1.value;
if (!valid_wep_key(wep))
txt += "<p class=\"error\">Note: Invalid WEP key: " + wep + "</p>\n";
wep = document.cred_wep_form.wep2.value;
if (!valid_wep_key(wep))
txt += "<p class=\"error\">Note: Invalid WEP key: " + wep + "</p>\n";
wep = document.cred_wep_form.wep3.value;
if (!valid_wep_key(wep))
txt += "<p class=\"error\">Note: Invalid WEP key: " + wep + "</p>\n";
if (txt.length) {
t.innerHTML = txt;
t.style.visibility = "visible";
} else if (t.style.visibility != "hidden")
t.style.visibility = "hidden";
update_conf();
}
function update_eap()
{
var eap = document.cred_eap_form.eap.value;
var n = 0;
if (eap == "PEAP" || eap == "TTLS" || eap == "FAST") {
document.cred_eap_form.phase2[n++] = new Option("EAP-MSCHAPv2", "MSCHAPV2");
document.cred_eap_form.phase2.selectedIndex = n - 1;
if (eap != "FAST") {
document.cred_eap_form.phase2[n++] = new Option("EAP-GTC", "GTC");
document.cred_eap_form.phase2[n++] = new Option("EAP-MD5", "MD5");
document.cred_eap_form.phase2[n++] = new Option("EAP-TLS", "TLS");
document.cred_eap_form.phase2[n++] = new Option("EAP-OTP", "OTP");
}
if (eap == "TTLS") {
document.cred_eap_form.phase2[n++] = new Option("MSCHAPv2", "_MSCHAPV2");
document.cred_eap_form.phase2.selectedIndex = n - 1;
document.cred_eap_form.phase2[n++] = new Option("MSCHAP", "_MSCHAP");
document.cred_eap_form.phase2[n++] = new Option("PAP", "_PAP");
document.cred_eap_form.phase2[n++] = new Option("CHAP", "_CHAP");
}
document.cred_eap_form.phase2.disabled = false;
} else {
document.cred_eap_form.phase2.disabled = true;
}
for (i = 20; i >= n; i--)
document.cred_eap_form.phase2[i] = null;
update_eap2();
}
function update_eap2()
{
var eap = document.cred_eap_form.eap.value;
var password = false;
var ca_cert = false;
var user_cert = false;
if (eap == "PEAP" || eap == "TTLS") {
ca_cert = true;
if (document.cred_eap_form.phase2.value == "TLS")
user_cert = true;
else
password = true;
} else if (eap == "FAST") {
password = true;
} else if (eap == "GTC") {
password = true;
} else if (eap == "LEAP" || eap == "MD5" || eap == "MSCHAPV2") {
password = true;
} else if (eap == "TLS") {
ca_cert = true;
user_cert = true;
}
if (eap == "TTLS") {
document.cred_eap_form.anon_identity.disabled = false;
document.cred_eap_form.anon_identity.value = "anonymous";
} else if (eap == "FAST") {
document.cred_eap_form.anon_identity.disabled = false;
document.cred_eap_form.anon_identity.value = "FAST-000000000000";
} else {
document.cred_eap_form.anon_identity.disabled = true;
}
document.cred_eap_form.password.disabled = !password;
if (ca_cert) {
document.cred_eap_form.ca_cert.disabled = false;
if (document.cred_eap_form.ca_cert.value.length == 0)
document.cred_eap_form.ca_cert.value = "/etc/ca.pem";
} else {
document.cred_eap_form.ca_cert.disabled = true;
}
document.cred_eap_form.client_cert.disabled = !user_cert;
document.cred_eap_form.private_key.disabled = !user_cert;
document.cred_eap_form.private_key_passwd.disabled = !user_cert;
if (eap == "FAST") {
document.cred_eap_form.pac_file.disabled = false;
if (document.cred_eap_form.pac_file.value.length == 0)
document.cred_eap_form.pac_file.value = "/etc/fast.pac";
} else {
document.cred_eap_form.pac_file.disabled = true;
}
configure_eap();
}
function configure_eap()
{
update_conf();
}
function update_conf()
{
var t = document.getElementById("exampleconf");
var txt = "";
var indent = "&nbsp;&nbsp;&nbsp;&nbsp;";
var ap_scan = conf_ap_scan;
var drv = document.os_driver.driver.value;
update_cred();
if (document.network.hidden_ssid.checked && ap_scan == 1 &&
drv != "hostap" && drv != "madwifi") {
/* if the selected driver does not support scan_ssid, must use
* ap_scan=2 mode with hidden SSIDs */
txt += "# this driver requires ap_scan=2 mode when using hidden SSIDs<br>\n";
ap_scan = 2;
}
switch (ap_scan) {
case -1:
txt += "# example configuration will be generated here<br>\n";
break;
case 0:
txt += "# wired drivers do not use scanning<br>\n" +
"ap_scan=0<br><br>\n";
break;
case 1:
txt += "# request AP scanning and decide which AP to use<br>\n" +
"ap_scan=1<br><br>\n";
break;
case 2:
txt += "# request driver to take care of AP selection and roaming<br>\n" +
"ap_scan=2<br><br>\n";
break;
}
if (document.os_driver.os.value == "windows") {
txt += "# enable control interface using local UDP socket<br>\n" +
"ctrl_interface=udp<br>\n";
} else {
txt += "# enable control interface using UNIX domain sockets<br>\n" +
"ctrl_interface=/var/run/wpa_supplicant<br>\n";
}
txt += "<br>\n" +
"# you can include one or more network blocks here<br>\n" +
"network={<br>\n";
if (conf_wired) {
txt += indent + "# wired network - must not configure SSID here<br>\n";
} else {
if (document.network.ssid.value.length == 0)
txt += indent + "# must configure SSID here (Step 2)<br>\n";
txt += indent + "ssid=\"" + document.network.ssid.value + "\"<br>\n";
if (ap_scan == 1 && document.network.hidden_ssid.checked)
txt += indent + "scan_ssid=1<br>\n";
}
var auth = document.authmode.auth.value;
var auth2 = document.authmode.auth2.value;
if (auth == "open" || auth == "wep")
txt += indent + "key_mgmt=NONE<br>\n";
else if (auth == "ieee8021x")
txt += indent + "key_mgmt=IEEE8021X<br>\n";
else if (auth == "wpa-psk")
txt += indent + "key_mgmt=WPA-PSK<br>\n";
else if (auth == "wpa-eap")
txt += indent + "key_mgmt=WPA-EAP<br>\n";
else
txt += indent + "# must set key_mgmt here (Step 3)<br>\n";
if (auth == "wep") {
if (auth2 == "open")
txt += indent + "auth_alg=OPEN<br>\n";
else if (auth2 == "shared")
txt += indent + "auth_alg=SHARED<br>\n";
} else if (auth == "wpa-psk" || auth == "wpa-eap") {
if (auth2 == "wpa1")
txt += indent + "proto=WPA<br>\n";
else if (auth2 == "wpa2")
txt += indent + "proto=WPA2<br>\n";
else
txt += indent + "# WPA proto (v1/v2) should be configured here (Step 3)<br>\n";
}
if (auth == "wpa-psk" || auth == "wpa-eap") {
var encr = document.encrmode.encr.value;
if (encr == "tkip")
txt += indent + "pairwise=TKIP<br>\n";
else if (encr == "ccmp")
txt += indent + "pairwise=CCMP<br>\n";
else
txt += indent + "# should configure pairwise encryption cipher (Step 4)<br>\n";
}
if (auth == "wep") {
var wep;
wep = document.cred_wep_form.wep0.value;
if (wep.length)
txt += indent + "wep_key0=" + wep + "<br>\n";
wep = document.cred_wep_form.wep1.value;
if (wep.length)
txt += indent + "wep_key1=" + wep + "<br>\n";
wep = document.cred_wep_form.wep2.value;
if (wep.length)
txt += indent + "wep_key2=" + wep + "<br>\n";
wep = document.cred_wep_form.wep3.value;
if (wep.length)
txt += indent + "wep_key3=" + wep + "<br>\n";
txt += indent + "wep_tx_keyidx=" + document.cred_wep_form.wep_tx_idx.value + "<br>\n";
} else if (auth == "wpa-psk") {
var passphrase = document.cred_psk_form.passphrase.value;
var psk = document.cred_psk_form.psk.value;
if (psk.length) {
if (psk.length != 64)
txt += indent + "# WPA PSK 64-character hex string<br>\n";
txt += indent + "psk=" + psk + "<br>\n";
} else {
if (passphrase.length < 8)
txt += indent + "# WPA passphrase must be at least 8 characters long<br>\n";
if (passphrase.length > 63)
txt += indent + "# WPA passphrase must be at most 63 characters long<br>\n";
txt += indent + "psk=\"" + passphrase + "\"<br>\n";
}
} else if (auth == "ieee8021x" || auth == "wpa-eap") {
var eap = document.cred_eap_form.eap.value;
if (eap == "select")
txt += indent + "# EAP method needs to be selected (Step 5)<br>\n";
else
txt += indent + "eap=" + eap + "<br>\n";
var phase2 = document.cred_eap_form.phase2;
var eap2 = phase2.value;
if (eap == "PEAP" || eap == "TTLS" || eap == "FAST") {
txt += indent + "phase2=\"auth";
if (eap == "TTLS") {
if (eap2[0] == '_') {
eap2 = eap2.substring(1);
} else
txt += "eap";
}
txt += "=" + eap2 + "\"<br>\n";
}
var identity = document.cred_eap_form.identity.value;
if (identity.length)
txt += indent + "identity=\"" + identity + "\"<br>\n";
var anon = document.cred_eap_form.anon_identity;
if (!anon.disabled && anon.value.length)
txt += indent + "anonymous_identity=\"" + anon.value + "\"<br>\n";
var password = document.cred_eap_form.password;
if (!password.disabled && password.value.length)
txt += indent + "password=\"" + password.value + "\"<br>\n";
var ca_cert = document.cred_eap_form.ca_cert;
if (!ca_cert.disabled) {
txt += indent + "ca_cert=\"" + ca_cert.value + "\"<br>\n";
if (!phase2.disabled && eap2 == "TLS")
txt += indent + "ca_cert2=\"" + ca_cert.value + "\"<br>\n";
}
var client_cert = document.cred_eap_form.client_cert;
if (!client_cert.disabled) {
var e = "";
if (!phase2.disabled && eap2 == "TLS")
e = "2";
if (client_cert.value.length)
txt += indent + "client_cert" + e + "=\"" + client_cert.value + "\"<br>\n";
var key = document.cred_eap_form.private_key.value;
if (key.length)
txt += indent + "private_key" + e + "=\"" + key + "\"<br>\n";
var passwd = document.cred_eap_form.private_key_passwd.value;
if (passwd.length)
txt += indent + "private_key_passwd" + e + "=\"" + passwd + "\"<br>\n";
}
var pac = document.cred_eap_form.pac_file;
if (!pac.disabled && pac.value.length)
txt += indent + "pac_file=\"" + pac.value + "\"<br>\n";
if (eap == "FAST")
txt += indent + "phase1=\"fast_provisioning=1\"<br>\n";
}
txt += "}<br>\n";
txt += "</p>\n";
t.innerHTML = txt;
}

27
www/wpa_supplicant/conf/eap-peap.html
Unescape Escape View File

@ -1,27 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>EAP-PEAP</title>
<link rel="stylesheet" type="text/css" href="configure.css" />
</head>
<body>
<div id="navig">
<a href="../">wpa_supplicant</a> /
<a href="index.html">configuration</a> /
<a href="eap.html">EAP</a> /
EAP-PEAP
</div>
<h1>EAP-PEAP</h1>
<p class="todo">TODO</p>
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat Feb 25 19:53:25 PST 2006 -->
<!-- hhmts start -->
Last modified: Sun Feb 26 13:46:04 PST 2006
<!-- hhmts end -->
</body>
</html>

27
www/wpa_supplicant/conf/eap-tls.html
Unescape Escape View File

@ -1,27 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>EAP-TLS</title>
<link rel="stylesheet" type="text/css" href="configure.css" />
</head>
<body>
<div id="navig">
<a href="../">wpa_supplicant</a> /
<a href="index.html">configuration</a> /
<a href="eap.html">EAP</a> /
EAP-TLS
</div>
<h1>EAP-TLS</h1>
<p class="todo">TODO</p>
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat Feb 25 19:53:25 PST 2006 -->
<!-- hhmts start -->
Last modified: Sun Feb 26 13:46:48 PST 2006
<!-- hhmts end -->
</body>
</html>

31
www/wpa_supplicant/conf/eap.html
Unescape Escape View File

@ -1,31 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Introduction to EAP authentication</title>
<link rel="stylesheet" type="text/css" href="configure.css" />
</head>
<body>
<div id="navig">
<a href="../">wpa_supplicant</a> /
<a href="index.html">configuration</a> /
EAP
</div>
<h1>Introduction to EAP authentication</h1>
<p class="todo">TODO</p>
<ul>
<li><a href="eap-tls.html">EAP-TLS</a></li>
<li><a href="eap-peap.html">EAP-PEAP</a></li>
</ul>
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat Feb 25 19:53:25 PST 2006 -->
<!-- hhmts start -->
Last modified: Sun Feb 26 13:46:19 PST 2006
<!-- hhmts end -->
</body>
</html>

29
www/wpa_supplicant/conf/index.html
Unescape Escape View File

@ -1,29 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Configuring wpa_supplicant</title>
<link rel="stylesheet" type="text/css" href="configure.css" />
</head>
<body>
<div id="navig">
[<a href="../">wpa_supplicant</a>] /
[configuration]
</div>
<h2>Configuring wpa_supplicant</h2>
<ul>
<li><a href="configure.html">wpa_supplicant configuration wizard</a></li>
<li><a href="auth_modes.html">Introduction to wireless authentication modes</a></li>
<li><a href="eap.html">Introduction to EAP authentication</a></li>
</ul>
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat Feb 25 19:53:25 PST 2006 -->
<!-- hhmts start -->
Last modified: Sun Feb 26 13:42:02 PST 2006
<!-- hhmts end -->
</body>
</html>

BIN
www/wpa_supplicant/events.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 25 KiB

357
www/wpa_supplicant/index.html
Unescape Escape View File

@ -1,357 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Linux WPA Supplicant (IEEE 802.1X, WPA, WPA2, RSN, IEEE 802.11i)</title>
<meta name="description" content="WPA Supplicant for Linux, BSD, and Windows (IEEE 802.1X, WPA, WPA2, RSN, IEEE 802.11i)">
<meta name="keywords" content="WPA, WPA2, IEEE 802.11i, IEEE 802.1X, WPA Supplicant, wpa_supplicant, TKIP, CCMP, EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-SIM, EAP-AKA, EAP-PSK, EAP-GTC, EAP-MSCHAPv2, EAP-MD5, EAP-FAST, EAP-PAX, EAP-IKEv2IEEE 802.1X Supplicant, IEEE 802.1aa, EAPOL, RSN, pre-authentication, PMKSA caching, BSD WPA Supplicant, FreeBSD WPA Supplicant, wireless, WinXP WPA Supplicant, EAP-TNC, TNCC, IF-IMC, IF-TNCCS, WPS">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<h2>Linux WPA/WPA2/IEEE 802.1X Supplicant</h2>
<p>wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and
Windows with
support for WPA and WPA2 (IEEE 802.11i / RSN). It is suitable for both
desktop/laptop computers and embedded systems. Supplicant is the IEEE
802.1X/WPA component that is used in the client stations. It
implements key negotiation with a WPA Authenticator and it controls
the roaming and IEEE 802.11 authentication/association of the wlan
driver.</p>
<p>wpa_supplicant is designed to be a "daemon" program that runs in the
background and acts as the backend component controlling the wireless
connection. wpa_supplicant supports separate frontend programs and a
text-based frontend (wpa_cli) and a GUI (wpa_gui) are included with
wpa_supplicant.</p>
<p>wpa_supplicant uses a flexible build configuration that can be used
to select which features are included. This allows minimal code size
(from ca. 50 kB binary for WPA/WPA2-Personal and 130 kB binary for
WPA/WPA2-Enterprise without debugging code to 450 kB with most
features and full debugging support; these example sizes are from a
build for x86 target).</p>
<h4>Supported WPA/IEEE 802.11i features</h4>
<ul>
<li>WPA-PSK ("WPA-Personal")</li>
<li>WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise")</li>
<li>key management for CCMP, TKIP, WEP104, WEP40</li>
<li>WPA and full IEEE 802.11i/RSN/WPA2</li>
<li>RSN: PMKSA caching, pre-authentication</li>
<li>IEEE 802.11r</li>
<li>IEEE 802.11w</li>
<li>Wi-Fi Protected Setup (WPS)</li>
</ul>
<h4>Supported EAP methods (IEEE 802.1X Supplicant)</h4>
<ul>
<li>EAP-TLS</li>
<li>EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)</li>
<li>EAP-PEAP/TLS (both PEAPv0 and PEAPv1)</li>
<li>EAP-PEAP/GTC (both PEAPv0 and PEAPv1)</li>
<li>EAP-PEAP/OTP (both PEAPv0 and PEAPv1)</li>
<li>EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)</li>
<li>EAP-TTLS/EAP-MD5-Challenge</li>
<li>EAP-TTLS/EAP-GTC</li>
<li>EAP-TTLS/EAP-OTP</li>
<li>EAP-TTLS/EAP-MSCHAPv2</li>
<li>EAP-TTLS/EAP-TLS</li>
<li>EAP-TTLS/MSCHAPv2</li>
<li>EAP-TTLS/MSCHAP</li>
<li>EAP-TTLS/PAP</li>
<li>EAP-TTLS/CHAP</li>
<li>EAP-SIM</li>
<li>EAP-AKA</li>
<li>EAP-AKA'</li>
<li>EAP-PSK</li>
<li>EAP-FAST</li>
<li>EAP-PAX</li>
<li>EAP-SAKE</li>
<li>EAP-IKEv2</li>
<li>EAP-GPSK</li>
<li>LEAP (note: requires special support from the driver)</li>
</ul>
<p>Following methods are also supported, but since they do not generate keying
material, they cannot be used with WPA or IEEE 802.1X WEP keying.</p>
<ul>
<li>EAP-MD5-Challenge</li>
<li>EAP-MSCHAPv2</li>
<li>EAP-GTC</li>
<li>EAP-OTP</li>
<li>EAP-TNC (Trusted Network Connect; TNCC, IF-IMC, IF-T, IF-TNCCS)</li>
</ul>
<p>More information about EAP methods and interoperability testing is
available in <a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/eap_testing.txt">eap_testing.txt</a>.</p>
<h4>Supported TLS/crypto libraries</h4>
<ul>
<li>OpenSSL (default)</li>
<li>GnuTLS</li>
</ul>
<h4>Internal TLS/crypto implementation (optional)</h4>
<ul>
<li>can be used in place of an external TLS/crypto library</li>
<li>TLSv1</li>
<li>X.509 certificate processing</li>
<li>PKCS #1</li>
<li>ASN.1</li>
<li>RSA</li>
<li>bignum</li>
<li>minimal size (ca. 50 kB binary, parts of which are already needed for WPA;
TLSv1/X.509/ASN.1/RSA/bignum parts are about 25 kB on x86)</li>
</ul>
<h4>Supported wireless cards/drivers</h4>
<ul>
<li>Linux drivers that support nl80211/cfg80211 (most new drivers)</li>
<li>Linux drivers that support Linux Wireless Extensions v19 or newer with
WPA/WPA2 extensions</li>
<li><a href="http://hostap.epitest.fi/">Host AP driver for Prism2/2.5/3</a> (WPA and WPA2)</li>
<li><a href="http://www.linuxant.com/driverloader/">Linuxant DriverLoader</a> with Windows NDIS driver supporting WPA/WPA2</li>
<li><a href="http://www.agere.com/support/drivers/">Agere Systems Inc. Linux Driver</a> (Hermes-I/Hermes-II chipset) (WPA, but not WPA2)</li>
<li><a href="http://sourceforge.net/projects/madwifi/">madwifi (Atheros ar521x)</a></li>
<li><a href="http://atmelwlandriver.sourceforge.net/">ATMEL AT76C5XXx</a></li>
<li><a href="http://ndiswrapper.sourceforge.net/">Linux ndiswrapper</a></li>
<li>Broadcom wl.o driver</li>
<li><a href="http://sourceforge.net/projects/ipw2100/">Intel ipw2100</a></li>
<li><a href="http://sourceforge.net/projects/ipw2200/">Intel ipw2200</a></li>
<li>Wired Ethernet drivers</li>
<li>BSD net80211 layer (e.g., Atheros driver) (FreeBSD 6-CURRENT and NetBSD current)</li>
<li>Windows NDIS drivers (Windows; at least XP and 2000, others not tested)</li>
</ul>
<p>wpa_supplicant was designed to be portable for different drivers and
operating systems. Hopefully, support for more wlan cards and OSes will be
added in the future. See <a href="devel/">developers' documentation</a>
for more information about the design of wpa_supplicant and porting to
other drivers.</p>
<h3><a name="download">Download</a></h3>
<p>
<b>wpa_supplicant</b><br>
Copyright (c) 2003-2011, Jouni Malinen &lt;j@w1.fi&gt;
and contributors.
</p>
<p>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as
published by the Free Software Foundation. See
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=COPYING">COPYING</a>
for more details.
</p>
<p>Alternatively, this software may be distributed, used, and modified
under the terms of BSD license. See <a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/README">README</a>
for more details.</p>
<p>
<b>Please see
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/README">README</a>
for the current documentation.</b><br>
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/README-Windows.txt">README-Windows.txt</a>
has some more information about the Windows port of wpa_supplicant.</p>
<ul>
<li><a href="../releases.html">Release graph</a></li>
<li>Latest stable release:
<ul>
<li><a href="../releases/wpa_supplicant-0.7.3.tar.gz">wpa_supplicant-0.7.3.tar.gz</a> (source code for all versions)</li>
<li><a href="../releases/wpa_supplicant-0.7.3.exe">wpa_supplicant-0.7.3.exe</a> (binary installer for Windows)</li>
<li><a href="../releases/wpa_supplicant-windows-bin-0.7.3.zip">wpa_supplicant-windows-bin-0.7.3.zip</a> (binaries for Windows)</li>
</ul>
<li>Previous stable release:
<ul>
<li><a href="../releases/wpa_supplicant-0.6.10.tar.gz">wpa_supplicant-0.6.10.tar.gz</a> (source code for all versions)</li>
<li><a href="../releases/wpa_supplicant-0.6.10.exe">wpa_supplicant-0.6.10.exe</a> (binary installer for Windows)</li>
<li><a href="../releases/wpa_supplicant-windows-bin-0.6.10.zip">wpa_supplicant-windows-bin-0.6.10.zip</a> (binaries for Windows)</li>
<li><a href="qt4/wpa_gui-qt433-windows-dll.zip">wpa_gui-qt433-windows-dll.zip</a> (Qt4 libraries from wpa_gui/Windows)</li>
</ul>
<!--
<li>Latest development release:
<ul>
<li><a href="../releases/wpa_supplicant-0.8.0.tar.gz">wpa_supplicant-0.8.0.tar.gz</a> (source code for all versions)</li>
<li><a href="../releases/wpa_supplicant-0.8.0.exe">wpa_supplicant-0.8.0.exe</a> (binary installer for Windows)</li>
<li><a href="../releases/wpa_supplicant-windows-bin-0.8.0.zip">wpa_supplicant-windows-bin-0.8.0.zip</a> (binaries for Windows)</li>
</ul>
-->
<li>ChangeLog:
<ul>
<li><a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/ChangeLog">development branch</a></li>
<li><a href="/gitweb/gitweb.cgi?p=hostap-07.git;a=blob_plain;f=wpa_supplicant/ChangeLog">stable branch</a></li>
<li><a href="/gitweb/gitweb.cgi?p=hostap-06.git;a=blob_plain;f=wpa_supplicant/ChangeLog">previous stable branch</a></li>
</ul>
<li><a href="../releases/">Old releases</a></li>
<li><a href="http://lists.shmoo.com/mailman/listinfo/hostap">Mailing list</a></li>
<li><a href="http://lists.shmoo.com/pipermail/hostap/">New mailing list archives</a></li>
<li><a href="/gitweb/gitweb.cgi">Web interface to GIT repository (0.6.x and newer)</a></li>
<li><a href="/cgi-bin/viewcvs.cgi/hostap/">Web interface to CVS repository (0.5.x and older)</a></li>
<li><a href="../releases/snapshots/">Snapshot releases from all active branches</a>
<li><a href="../cvs.html">GIT and read-only anonymous CVS access (pserver)</a></li>
<li><a href="../bugz/">Bug and feature request tracking</a></li>
<li><a href="devel/">Developers' documentation for wpa_supplicant 0.6.x</a></li>
<li><a href="wpa_gui.html">wpa_gui screenshots</a></li>
</ul>
<h3>WPA</h3>
<p>The original security mechanism of IEEE 802.11 standard was not
designed to be strong and has proven to be insufficient for most
networks that require some kind of security. Task group I (Security)
of <a href="http://www.ieee802.org/11/">IEEE 802.11 working group</a>
has worked to address the flaws of the base standard and in
practice completed its work in May 2004. The IEEE 802.11i amendment to
the IEEE 802.11 standard was approved in June 2004 and published in
July 2004.</p>
<p><a href="http://www.wi-fi.org/">Wi-Fi Alliance</a> used a draft
version of the IEEE 802.11i work (draft 3.0) to define a subset of the
security enhancements that can be implemented with existing wlan
hardware. This is called Wi-Fi Protected Access (WPA). This has
now become a mandatory component of interoperability testing and
certification done by Wi-Fi Alliance. Wi-Fi has
<a href="http://www.wi-fi.org/OpenSection/protected_access.asp">information
about WPA</a> at its web site.</p>
<p>IEEE 802.11 standard defined wired equivalent privacy (WEP) algorithm
for protecting wireless networks. WEP uses RC4 with 40-bit keys,
24-bit initialization vector (IV), and CRC32 to protect against packet
forgery. All these choices have proven to be insufficient: key space is
too small against current attacks, RC4 key scheduling is insufficient
(beginning of the pseudorandom stream should be skipped), IV space is
too small and IV reuse makes attacks easier, there is no replay
protection, and non-keyed authentication does not protect against bit
flipping packet data.</p>
<p>WPA is an intermediate solution for the security issues. It uses
Temporal Key Integrity Protocol (TKIP) to replace WEP. TKIP is a
compromise on strong security and possibility to use existing
hardware. It still uses RC4 for the encryption like WEP, but with
per-packet RC4 keys. In addition, it implements replay protection,
keyed packet authentication mechanism (Michael MIC).</p>
<p>Keys can be managed using two different mechanisms. WPA can either use
an external authentication server (e.g., RADIUS) and EAP just like
IEEE 802.1X is using or pre-shared keys without need for additional
servers. Wi-Fi calls these "WPA-Enterprise" and "WPA-Personal",
respectively. Both mechanisms will generate a master session key for
the Authenticator (AP) and Supplicant (client station).</p>
<p>WPA implements a new key handshake (4-Way Handshake and Group Key
Handshake) for generating and exchanging data encryption keys between
the Authenticator and Supplicant. This handshake is also used to
verify that both Authenticator and Supplicant know the master session
key. These handshakes are identical regardless of the selected key
management mechanism (only the method for generating master session
key changes).</p>
<h3>IEEE 802.11i / RSN / WPA2</h3>
<p>The design for parts of IEEE 802.11i that were not included in WPA
has finished (May 2004) and this amendment to IEEE 802.11 was approved
in June 2004. Wi-Fi Alliance is using the final IEEE 802.11i as a new
version of WPA called WPA2. This included, e.g., support for more
robust encryption algorithm (CCMP: AES in Counter mode with CBC-MAC)
to replace TKIP, optimizations for handoff (reduced number of messages
in initial key handshake, pre-authentication, and PMKSA caching).</p>
<h3>Using wpa_supplicant</h3>
<p>Following steps are used when associating with an AP using WPA:<p>
<ul>
<li>wpa_supplicant requests the kernel driver to scan neighboring BSSes</li>
<li>wpa_supplicant selects a BSS based on its configuration</li>
<li>wpa_supplicant requests the kernel driver to associate with the chosen
BSS</li>
<li>if WPA-EAP: integrated IEEE 802.1X Supplicant completes EAP
authentication with the authentication server (proxied by the
Authenticator in the AP)</li>
<li>If WPA-EAP: master key is received from the IEEE 802.1X Supplicant</li>
<li>If WPA-PSK: wpa_supplicant uses PSK as the master session key</li>
<li>wpa_supplicant completes WPA 4-Way Handshake and Group Key Handshake
with the Authenticator (AP). WPA2 has integrated the initial Group Key
Handshake into the 4-Way Handshake.</li>
<li>wpa_supplicant configures encryption keys for unicast and broadcast</li>
<li>normal data packets can be transmitted and received</li>
</ul>
<h4>Configuration file</h4>
<p>wpa_supplicant is configured using a text file that lists all accepted
networks and security policies, including pre-shared keys. See
example configuration file,
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/wpa_supplicant.conf">wpa_supplicant.conf</a>,
for detailed information about the configuration format and supported
fields. In addition, simpler example configurations are available for
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/plaintext.conf">plaintext</a>,
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/wep.conf">static WEP</a>,
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/ieee8021x.conf">IEEE 802.1X with dynamic WEP (EAP-PEAP/MSCHAPv2)</a>,
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/wpa-psk-tkip.conf">WPA-PSK/TKIP</a>, and
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/wpa2-eap-ccmp.conf">WPA2-EAP/CCMP (EAP-TLS)</a>.
In addition, wpa_supplicant can use OpenSSL engine to avoid need for
exposing private keys in the file system. This can be used for EAP-TLS
authentication with smartcards and TPM tokens.
<a href="/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/examples/openCryptoki.conf">Example configuration for using openCryptoki</a>
shows an example network block and related parameters for EAP-TLS
authentication using PKCS#11 TPM token.
</p>
<h3>Feedback, comments, mailing list</h3>
<p>
Any comments, reports on success/failure, ideas for further
improvement, feature requests, etc. are welcome at j@w1.fi.
Please note, that I often receive more email than I have time to answer.
Unfortunately, some messages may not get a reply, but I'll try to go
through my mail whenever time permits.
</p>
<p>Host AP mailing list can also be used for topics related to
wpa_supplicant. Since this list has a broader audience, your likelihood
of getting responses is higher. This list is recommended for general
questions about wpa_supplicant and its development. In addition, I
will send release notes to it whenever a new version is available.
</p>
<p>
The mailing list information and web archive is at <a
href="http://lists.shmoo.com/mailman/listinfo/hostap">http://lists.shmoo.com/mailman/listinfo/hostap</a>.
Messages to hostap@shmoo.com will be delivered to the
subscribers. Please note, that due to large number of spam and virus
messages sent to the list address, the list is configured to accept
messages only from subscribed addresses. Messages from unsubscribed addresses
may be accepted manually, but their delivery will be delayed.
</p>
<p>
If you want to make sure your bug report of feature request does not
get lost, please report it through the bug tracking system as
<a href="../bugz/enter_bug.cgi">a new
bug/feature request</a>.
</p>
<hr>
<div>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sat May 22 21:41:58 PDT 2004 -->
<!-- hhmts start -->
Last modified: Sun Feb 27 12:48:48 EET 2011
<!-- hhmts end -->
</div>
</body>
</html>

BIN
www/wpa_supplicant/main.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 20 KiB

BIN
www/wpa_supplicant/net_conf.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 13 KiB

BIN
www/wpa_supplicant/scan.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 15 KiB

BIN
www/wpa_supplicant/user_input.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 11 KiB

36
www/wpa_supplicant/wpa_gui.html
Unescape Escape View File

@ -1,36 +0,0 @@
<html>
<head>
<title>wpa_gui screenshots</title>
</head>
<body>
<h1>wpa_gui screenshots</h1>
<h2>Main window</h2>
<img src="main.png">
<h2>Scan results</h2>
<img src="scan.png">
<h2>Network configuration (new network from scan results)</h2>
<img src="net_conf.png">
<h2>Event history</h2>
<img src="events.png">
<h2>User input for authentication credentials</h2>
<img src="user_input.png">
<hr>
<address><a href="mailto:j@w1.fi">Jouni Malinen</a></address>
<!-- Created: Sun May 22 20:23:01 PDT 2005 -->
<!-- hhmts start -->
Last modified: Thu Mar 8 19:44:46 PST 2007
<!-- hhmts end -->
</body>
</html>
Write Preview
Loading…
Cancel
Save