AOSP: These files have been removed from AOSP

diff --git a/build_nsis.sh b/build_nsis.sh
deleted file mode 100755
index e41bc36..0000000
--- a/build_nsis.sh
+++ /dev/null

@@ -1,16 +0,0 @@
-#!/bin/sh
-
-if [ -d nsis.in ]; then
-	/bin/rm -r nsis.in
-fi
-
-unzip -j -d nsis.in $1 -VER=echo$1 | sed "s/.*wpa_supplicant-windows-bin-$$.*$$.zip/\1/"
-
-cat wpa_supplicant/wpa_supplicant.nsi |
-	sed "s/@WPAVER@/$VER/g" \ - > nsis.in/wpa_supplicant.nsi - -makensis nsis.in/wpa_supplicant.nsi - -/bin/rm -r nsis.in  diff --git a/build_release b/build_release deleted file mode 100755 index 22dcd42..0000000 --- a/build_release +++ /dev/null  @@ -1,148 +0,0 @@ -#!/bin/sh - -WINLOCAL=/home/jm/H-win/local - -set -e - -if [ -z "$1" ]; then
-    echo "build_release <version> [nobin]"
-    exit 1
-fi
-
-TMP=tmp.build_release
-RELDIR=pwd/Release
-VER=$1 -NOW=date +%Y-%m-%d - -echo "Version:$VER - $NOW" - -DATEw=head -n 3 wpa_supplicant/ChangeLog | tail -n 1 | sed "s/ .*//" -DATEh=head -n 3 hostapd/ChangeLog | tail -n 1 | sed "s/ .*//" - -if [ "$DATEw" != "$NOW" -o "$DATEh" != "$NOW" ]; then - echo "NOTE! Date mismatch in ChangeLog: wpa_supplicant$DATEw hostapd $DATEh !=$NOW"
-fi
-
-if [ -r $TMP ]; then - echo "Temporary directory '$TMP' exists. Remove it before running this."
-    exit 1
-fi
-
-mkdir $TMP -mkdir -p$RELDIR
-
-git archive --format=tar --prefix=wpa-$VER/ HEAD \ - README COPYING patches src wpa_supplicant hostapd | - gzip >$RELDIR/wpa-$VER.tar.gz -git archive --format=tar --prefix=hostapd-$VER/ HEAD \
-	README COPYING patches src hostapd |
-	gzip > $RELDIR/hostapd-$VER.tar.gz
-git archive --format=tar --prefix=wpa_supplicant-$VER/ HEAD \ - README COPYING patches src wpa_supplicant | - tar --directory=$TMP -xf -
-
-cd $TMP -make -C wpa_supplicant-$VER/wpa_supplicant/doc/docbook man
-rm -f wpa_supplicant-$VER/wpa_supplicant/doc/docbook/manpage.{links,refs} -tar czf$RELDIR/wpa_supplicant-$VER.tar.gz wpa_supplicant-$VER
-cd ..
-rm -r $TMP - -if [ "$2" = "nobin" ]; then
-    exit 0
-fi
-
-
-cd $RELDIR - - PDIR=wpa_supplicant-$VER
-    WDIR=wpa_supplicant-windows-bin-$VER - tar xzf$PDIR.tar.gz
-    mkdir "$WDIR" - cd "$PDIR/wpa_supplicant"
-    cat > .config <<EOF
-CONFIG_DRIVER_NDIS=y
-CONFIG_NATIVE_WINDOWS=y
-
-CC=i586-mingw32msvc-gcc
-STRIP=i586-mingw32msvc-strip
-PLATFORMSDKLIB=$WINLOCAL/lib -CONFIG_NDIS_EVENTS_INTEGRATED=y - -CFLAGS += -I$WINLOCAL/include
-LIBS += -L$WINLOCAL/lib -LIBS_w += -L$WINLOCAL/lib
-LIBS_p += -L$WINLOCAL/lib - -CONFIG_EAP_SIM=y -CONFIG_SIM_SIMULATOR=y -CONFIG_EAP_AKA=y -CONFIG_USIM_SIMULATOR=y -CONFIG_EAP_LEAP=y -CONFIG_EAP_FAST=y -CONFIG_EAP_TLS=y - -CONFIG_CTRL_IFACE=y -CONFIG_EAP_FAST=y -CONFIG_EAP_MSCHAPV2=y -CONFIG_EAP_TTLS=y -CONFIG_EAP_PEAP=y -CONFIG_EAP_MD5=y -CONFIG_EAP_GTC=y -CONFIG_EAP_OTP=y -CONFIG_EAP_PAX=y -CONFIG_EAP_SAKE=y -CONFIG_EAP_PSK=y -CONFIG_EAP_TNC=y -CONFIG_PKCS12=y -CONFIG_PCSC=y -CONFIG_WPS=y - -CONFIG_L2_PACKET=winpcap -CONFIG_MAIN=main_winsvc -CONFIG_BACKEND=winreg -CONFIG_ELOOP=eloop_win -CFLAGS += -DCONFIG_DEBUG_FILE -EOF - - # First, build the Windows service & registry version and rename it - make -j2 windows-bin - mv wpa_supplicant.exe wpasvc.exe - - # Then, build "the standard" wpa_supplicant.exe - cat >> .config <<EOF -CONFIG_MAIN=main -CONFIG_BACKEND=file -EOF - - make -j2 windows-bin - - for i in COPYING; do - unix2dos < ../$i > ../../"$WDIR"/$i
-    done
-	unix2dos < $i > ../../"$WDIR"/$i - done - mv *.exe ../../"$WDIR"
-    cp win_example.reg ../../"$WDIR" - - cd wpa_gui-qt4 - make -C icons - qmake -spec win32-x-g++ - make -j2 - cp release/wpa_gui.exe ../../../"$WDIR"
-    lrelease wpa_gui.pro
-    cp lang/wpa_gui_de.qm ../../../"$WDIR" - cd ../../.. - rm -rf "$PDIR"
-    zip "$WDIR.zip" "$WDIR"/*
-    rm -rf "$WDIR" - -cd$RELDIR/..
-
-./build_nsis.sh "$RELDIR/$WDIR.zip"
-mv wpa_supplicant-$VER.exe$RELDIR
-
-ls -l $RELDIR/*$VER*
-
-exit 0

diff --git a/doc/.gitignore b/doc/.gitignore
deleted file mode 100644
index 4ea164e..0000000
--- a/doc/.gitignore
+++ /dev/null

@@ -1,8 +0,0 @@
-doxygen.warnings
-hostapd.eps
-hostapd.png
-html
-latex
-wpa_supplicant.eps
-wpa_supplicant.png
-wpa_supplicant-devel.pdf

diff --git a/doc/Makefile b/doc/Makefile
deleted file mode 100644
index 5c1b386..0000000
--- a/doc/Makefile
+++ /dev/null

@@ -1,26 +0,0 @@
-all: docs
-
-%.eps: %.fig
-	fig2dev -L eps $*.fig$*.eps
-
-%.png: %.fig
-	fig2dev -L png -m 3 $*.fig | pngtopnm | pnmscale 0.4 | pnmtopng \ - >$*.png
-
-docs-pics: wpa_supplicant.png wpa_supplicant.eps hostapd.png hostapd.eps
-
-docs: docs-pics
-	(cd ..; doxygen doc/doxygen.conf; cd doc)
-	$(MAKE) -C latex - cp latex/refman.pdf wpa_supplicant-devel.pdf - -html: docs-pics - (cd ..; doxygen doc/doxygen.conf; cd doc) - -clean: - rm -f *~ - rm -f wpa_supplicant.eps wpa_supplicant.png - rm -f hostapd.eps hostapd.png - rm -f doxygen.warnings - rm -rf html latex - rm -f wpa_supplicant-devel.pdf  diff --git a/doc/code_structure.doxygen b/doc/code_structure.doxygen deleted file mode 100644 index 96f6160..0000000 --- a/doc/code_structure.doxygen +++ /dev/null  @@ -1,322 +0,0 @@ -/** -\page code_structure Structure of the source code - -[ \ref wpa_supplicant_core "wpa_supplicant core functionality" | -\ref generic_helper_func "Generic helper functions" | -\ref crypto_func "Cryptographic functions" | -\ref tls_func "TLS library" | -\ref configuration "Configuration" | -\ref ctrl_iface "Control interface" | -\ref wpa_code "WPA supplicant" | -\ref eap_peer "EAP peer" | -\ref eapol_supp "EAPOL supplicant" | -\ref win_port "Windows port" | -\ref test_programs "Test programs" ] - -%wpa_supplicant implementation is divided into number of independent -modules. Core code includes functionality for controlling the network -selection, association, and configuration. Independent modules include -WPA code (key handshake, PMKSA caching, pre-authentication), EAPOL -state machine, and EAP state machine and methods. In addition, there -are number of separate files for generic helper functions. - -Both WPA and EAPOL/EAP state machines can be used separately in other -programs than %wpa_supplicant. As an example, the included test -programs eapol_test and preauth_test are using these modules. - -\ref driver_wrapper "Driver interface API" is defined in driver.h and -all hardware/driver dependent functionality is implemented in -driver_*.c. - - -\section wpa_supplicant_core wpa_supplicant core functionality - -wpa_supplicant.c - Program initialization, main control loop - -main.c - main() for UNIX-like operating systems and MinGW (Windows); this - uses command line arguments to configure wpa_supplicant - -events.c - Driver event processing; wpa_supplicant_event() and related functions - -wpa_supplicant_i.h - Internal definitions for %wpa_supplicant core; should not be - included into independent modules - - -\section generic_helper_func Generic helper functions - -%wpa_supplicant uses generic helper functions some of which are shared -with with hostapd. The following C files are currently used: - -eloop.c and eloop.h - Event loop (select() loop with registerable timeouts, socket read - callbacks, and signal callbacks) - -common.c and common.h - Common helper functions - -defs.h - Definitions shared by multiple files - -l2_packet.h, l2_packet_linux.c, and l2_packet_pcap.c - Layer 2 (link) access wrapper (includes native Linux implementation - and wrappers for libdnet/libpcap). A new l2_packet implementation - may need to be added when porting to new operating systems that are - not supported by libdnet/libpcap. Makefile can be used to select which - l2_packet implementation is included. l2_packet_linux.c uses Linux - packet sockets and l2_packet_pcap.c has a more portable version using - libpcap and libdnet. - -pcsc_funcs.c and pcsc_funcs.h - Wrapper for PC/SC lite SIM and smart card readers - -priv_netlink.h - Private version of netlink definitions from Linux kernel header files; - this could be replaced with C library header file once suitable - version becomes commonly available - -version.h - Version number definitions - -wireless_copy.h - Private version of Linux wireless extensions definitions from kernel - header files; this could be replaced with C library header file once - suitable version becomes commonly available - - -\section crypto_func Cryptographic functions - -md5.c and md5.h - MD5 (replaced with a crypto library if TLS support is included) - HMAC-MD5 (keyed checksum for message authenticity validation) - -rc4.c and rc4.h - RC4 (broadcast/default key encryption) - -sha1.c and sha1.h - SHA-1 (replaced with a crypto library if TLS support is included) - HMAC-SHA-1 (keyed checksum for message authenticity validation) - PRF-SHA-1 (pseudorandom (key/nonce generation) function) - PBKDF2-SHA-1 (ASCII passphrase to shared secret) - T-PRF (for EAP-FAST) - TLS-PRF (RFC 2246) - -sha256.c and sha256.h - SHA-256 (replaced with a crypto library if TLS support is included) - -aes_wrap.c, aes_wrap.h, aes.c - AES (replaced with a crypto library if TLS support is included), - AES Key Wrap Algorithm with 128-bit KEK, RFC3394 (broadcast/default - key encryption), - One-Key CBC MAC (OMAC1) hash with AES-128, - AES-128 CTR mode encryption, - AES-128 EAX mode encryption/decryption, - AES-128 CBC - -crypto.h - Definition of crypto library wrapper - -crypto_openssl.c - Wrapper functions for libcrypto (OpenSSL) - -crypto_internal.c - Wrapper functions for internal crypto implementation - -crypto_gnutls.c - Wrapper functions for libgcrypt (used by GnuTLS) - -ms_funcs.c and ms_funcs.h - Helper functions for MSCHAPV2 and LEAP - -tls.h - Definition of TLS library wrapper - -tls_none.c - Dummy implementation of TLS library wrapper for cases where TLS - functionality is not included. - -tls_openssl.c - TLS library wrapper for openssl - -tls_internal.c - TLS library for internal TLS implementation - -tls_gnutls.c - TLS library wrapper for GnuTLS - - -\section tls_func TLS library - -asn1.c and asn1.h - ASN.1 DER parsing - -bignum.c and bignum.h - Big number math - -rsa.c and rsa.h - RSA - -x509v3.c and x509v3.h - X.509v3 certificate parsing and processing - -tlsv1_client.c, tlsv1_client.h - TLSv1 client (RFC 2246) - -tlsv1_client_i.h - Internal structures for TLSv1 client - -tlsv1_client_read.c - TLSv1 client: read handshake messages - -tlsv1_client_write.c - TLSv1 client: write handshake messages - -tlsv1_common.c and tlsv1_common.h - Common TLSv1 routines and definitions - -tlsv1_cred.c and tlsv1_cred.h - TLSv1 credentials - -tlsv1_record.c and tlsv1_record.h - TLSv1 record protocol - - -\section configuration Configuration - -config_ssid.h - Definition of per network configuration items - -config.h - Definition of the %wpa_supplicant configuration - -config.c - Configuration parser and common functions - -config_file.c - Configuration backend for text files (e.g., wpa_supplicant.conf) - -config_winreg.c - Configuration backend for Windows registry - - -\section ctrl_iface Control interface - -%wpa_supplicant has a \ref ctrl_iface_page "control interface" -that can be used to get status -information and manage operations from external programs. An example -command line interface (wpa_cli) and GUI (wpa_gui) for this interface -are included in the %wpa_supplicant distribution. - -ctrl_iface.c and ctrl_iface.h - %wpa_supplicant-side of the control interface - -ctrl_iface_unix.c - UNIX domain sockets -based control interface backend - -ctrl_iface_udp.c - UDP sockets -based control interface backend - -ctrl_iface_named_pipe.c - Windows named pipes -based control interface backend - -wpa_ctrl.c and wpa_ctrl.h - Library functions for external programs to provide access to the - %wpa_supplicant control interface - -wpa_cli.c - Example program for using %wpa_supplicant control interface - - -\section wpa_code WPA supplicant - -wpa.c and wpa.h - WPA state machine and 4-Way/Group Key Handshake processing - -preauth.c and preauth.h - PMKSA caching and pre-authentication (RSN/WPA2) - -wpa_i.h - Internal definitions for WPA code; not to be included to other modules. - -\section eap_peer EAP peer - -\ref eap_peer_module "EAP peer implementation" is a separate module that -can be used by other programs than just %wpa_supplicant. - -eap.c and eap.h - EAP state machine and method interface - -eap_defs.h - Common EAP definitions - -eap_i.h - Internal definitions for EAP state machine and EAP methods; not to be - included in other modules - -eap_sim_common.c and eap_sim_common.h - Common code for EAP-SIM and EAP-AKA - -eap_tls_common.c and eap_tls_common.h - Common code for EAP-PEAP, EAP-TTLS, and EAP-FAST - -eap_tlv.c and eap_tlv.h - EAP-TLV code for EAP-PEAP and EAP-FAST - -eap_ttls.c and eap_ttls.h - EAP-TTLS - -eap_pax.c, eap_pax_common.h, eap_pax_common.c - EAP-PAX - -eap_psk.c, eap_psk_common.h, eap_psk_common.c - EAP-PSK (note: this is not needed for WPA-PSK) - -eap_sake.c, eap_sake_common.h, eap_sake_common.c - EAP-SAKE - -eap_gpsk.c, eap_gpsk_common.h, eap_gpsk_common.c - EAP-GPSK - -eap_aka.c, eap_fast.c, eap_gtc.c, eap_leap.c, eap_md5.c, eap_mschapv2.c, -eap_otp.c, eap_peap.c, eap_sim.c, eap_tls.c - Other EAP method implementations - - -\section eapol_supp EAPOL supplicant - -eapol_supp_sm.c and eapol_supp_sm.h - EAPOL supplicant state machine and IEEE 802.1X processing - - -\section win_port Windows port - -ndis_events.c - Code for receiving NdisMIndicateStatus() events and delivering them to - %wpa_supplicant driver_ndis.c in more easier to use form - -win_if_list.c - External program for listing current network interface - - -\section test_programs Test programs - -radius_client.c and radius_client.h - RADIUS authentication client implementation for eapol_test - -radius.c and radius.h - RADIUS message processing for eapol_test - -eapol_test.c - Standalone EAP testing tool with integrated RADIUS authentication - client - -preauth_test.c - Standalone RSN pre-authentication tool - -wpa_passphrase.c - WPA ASCII passphrase to PSK conversion - -*/  diff --git a/doc/ctrl_iface.doxygen b/doc/ctrl_iface.doxygen deleted file mode 100644 index f820f9e..0000000 --- a/doc/ctrl_iface.doxygen +++ /dev/null  @@ -1,1053 +0,0 @@ -/** -\page ctrl_iface_page %wpa_supplicant control interface - -%wpa_supplicant implements a control interface that can be used by -external programs to control the operations of the %wpa_supplicant -daemon and to get status information and event notifications. There is -a small C library, in a form of a single C file, wpa_ctrl.c, that -provides helper functions to facilitate the use of the control -interface. External programs can link this file into them and then use -the library functions documented in wpa_ctrl.h to interact with -%wpa_supplicant. This library can also be used with C++. wpa_cli.c and -wpa_gui are example programs using this library. - -There are multiple mechanisms for inter-process communication. For -example, Linux version of %wpa_supplicant is using UNIX domain sockets -for the control interface and Windows version UDP sockets. The use of -the functions defined in wpa_ctrl.h can be used to hide the details of -the used IPC from external programs. - - -\section using_ctrl_iface Using the control interface - -External programs, e.g., a GUI or a configuration utility, that need to -communicate with %wpa_supplicant should link in wpa_ctrl.c. This -allows them to use helper functions to open connection to the control -interface with wpa_ctrl_open() and to send commands with -wpa_ctrl_request(). - -%wpa_supplicant uses the control interface for two types of communication: -commands and unsolicited event messages. Commands are a pair of -messages, a request from the external program and a response from -%wpa_supplicant. These can be executed using wpa_ctrl_request(). -Unsolicited event messages are sent by %wpa_supplicant to the control -interface connection without specific request from the external program -for receiving each message. However, the external program needs to -attach to the control interface with wpa_ctrl_attach() to receive these -unsolicited messages. - -If the control interface connection is used both for commands and -unsolicited event messages, there is potential for receiving an -unsolicited message between the command request and response. -wpa_ctrl_request() caller will need to supply a callback, msg_cb, -for processing these messages. Often it is easier to open two -control interface connections by calling wpa_ctrl_open() twice and -then use one of the connections for commands and the other one for -unsolicited messages. This way command request/response pairs will -not be broken by unsolicited messages. wpa_cli is an example of how -to use only one connection for both purposes and wpa_gui demonstrates -how to use two separate connections. - -Once the control interface connection is not needed anymore, it should -be closed by calling wpa_ctrl_close(). If the connection was used for -unsolicited event messages, it should be first detached by calling -wpa_ctrl_detach(). - - -\section ctrl_iface_cmds Control interface commands - -Following commands can be used with wpa_ctrl_request(): - -\subsection ctrl_iface_PING PING - -This command can be used to test whether %wpa_supplicant is replying -to the control interface commands. The expected reply is \c PONG if the -connection is open and %wpa_supplicant is processing commands. - - -\subsection ctrl_iface_MIB MIB - -Request a list of MIB variables (dot1x, dot11). The output is a text -block with each line in \c variable=value format. For example: - -\verbatim -dot11RSNAOptionImplemented=TRUE -dot11RSNAPreauthenticationImplemented=TRUE -dot11RSNAEnabled=FALSE -dot11RSNAPreauthenticationEnabled=FALSE -dot11RSNAConfigVersion=1 -dot11RSNAConfigPairwiseKeysSupported=5 -dot11RSNAConfigGroupCipherSize=128 -dot11RSNAConfigPMKLifetime=43200 -dot11RSNAConfigPMKReauthThreshold=70 -dot11RSNAConfigNumberOfPTKSAReplayCounters=1 -dot11RSNAConfigSATimeout=60 -dot11RSNAAuthenticationSuiteSelected=00-50-f2-2 -dot11RSNAPairwiseCipherSelected=00-50-f2-4 -dot11RSNAGroupCipherSelected=00-50-f2-4 -dot11RSNAPMKIDUsed= -dot11RSNAAuthenticationSuiteRequested=00-50-f2-2 -dot11RSNAPairwiseCipherRequested=00-50-f2-4 -dot11RSNAGroupCipherRequested=00-50-f2-4 -dot11RSNAConfigNumberOfGTKSAReplayCounters=0 -dot11RSNA4WayHandshakeFailures=0 -dot1xSuppPaeState=5 -dot1xSuppHeldPeriod=60 -dot1xSuppAuthPeriod=30 -dot1xSuppStartPeriod=30 -dot1xSuppMaxStart=3 -dot1xSuppSuppControlledPortStatus=Authorized -dot1xSuppBackendPaeState=2 -dot1xSuppEapolFramesRx=0 -dot1xSuppEapolFramesTx=440 -dot1xSuppEapolStartFramesTx=2 -dot1xSuppEapolLogoffFramesTx=0 -dot1xSuppEapolRespFramesTx=0 -dot1xSuppEapolReqIdFramesRx=0 -dot1xSuppEapolReqFramesRx=0 -dot1xSuppInvalidEapolFramesRx=0 -dot1xSuppEapLengthErrorFramesRx=0 -dot1xSuppLastEapolFrameVersion=0 -dot1xSuppLastEapolFrameSource=00:00:00:00:00:00 -\endverbatim - - -\subsection ctrl_iface_STATUS STATUS - -Request current WPA/EAPOL/EAP status information. The output is a text -block with each line in \c variable=value format. For example: - -\verbatim -bssid=02:00:01:02:03:04 -ssid=test network -pairwise_cipher=CCMP -group_cipher=CCMP -key_mgmt=WPA-PSK -wpa_state=COMPLETED -ip_address=192.168.1.21 -Supplicant PAE state=AUTHENTICATED -suppPortStatus=Authorized -EAP state=SUCCESS -\endverbatim - - -\subsection ctrl_iface_STATUS-VERBOSE STATUS-VERBOSE - -Same as STATUS, but with more verbosity (i.e., more \c variable=value pairs). - -\verbatim -bssid=02:00:01:02:03:04 -ssid=test network -id=0 -pairwise_cipher=CCMP -group_cipher=CCMP -key_mgmt=WPA-PSK -wpa_state=COMPLETED -ip_address=192.168.1.21 -Supplicant PAE state=AUTHENTICATED -suppPortStatus=Authorized -heldPeriod=60 -authPeriod=30 -startPeriod=30 -maxStart=3 -portControl=Auto -Supplicant Backend state=IDLE -EAP state=SUCCESS -reqMethod=0 -methodState=NONE -decision=COND_SUCC -ClientTimeout=60 -\endverbatim - - -\subsection ctrl_iface_PMKSA PMKSA - -Show PMKSA cache - -\verbatim -Index / AA / PMKID / expiration (in seconds) / opportunistic -1 / 02:00:01:02:03:04 / 000102030405060708090a0b0c0d0e0f / 41362 / 0 -2 / 02:00:01:33:55:77 / 928389281928383b34afb34ba4212345 / 362 / 1 -\endverbatim - - -\subsection ctrl_iface_SET SET <variable> <value> - -Set variables: -- EAPOL::heldPeriod -- EAPOL::authPeriod -- EAPOL::startPeriod -- EAPOL::maxStart -- dot11RSNAConfigPMKLifetime -- dot11RSNAConfigPMKReauthThreshold -- dot11RSNAConfigSATimeout - -Example command: -\verbatim -SET EAPOL::heldPeriod 45 -\endverbatim - - -\subsection ctrl_iface_LOGON LOGON - -IEEE 802.1X EAPOL state machine logon. - - -\subsection ctrl_iface_LOGOFF LOGOFF - -IEEE 802.1X EAPOL state machine logoff. - - -\subsection ctrl_iface_REASSOCIATE REASSOCIATE - -Force reassociation. - - -\subsection ctrl_iface_RECONNECT RECONNECT - -Connect if disconnected (i.e., like \c REASSOCIATE, but only connect -if in disconnected state). - - -\subsection ctrl_iface_PREAUTH PREAUTH <BSSID> - -Start pre-authentication with the given BSSID. - - -\subsection ctrl_iface_ATTACH ATTACH - -Attach the connection as a monitor for unsolicited events. This can -be done with wpa_ctrl_attach(). - - -\subsection ctrl_iface_DETACH DETACH - -Detach the connection as a monitor for unsolicited events. This can -be done with wpa_ctrl_detach(). - - -\subsection ctrl_iface_LEVEL LEVEL <debug level> - -Change debug level. - - -\subsection ctrl_iface_RECONFIGURE RECONFIGURE - -Force %wpa_supplicant to re-read its configuration data. - - -\subsection ctrl_iface_TERMINATE TERMINATE - -Terminate %wpa_supplicant process. - - -\subsection ctrl_iface_BSSID BSSID <network id> <BSSID> - -Set preferred BSSID for a network. Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_LIST_NETWORKS LIST_NETWORKS - -List configured networks. - -\verbatim -network id / ssid / bssid / flags -0 example network any [CURRENT] -\endverbatim - -(note: fields are separated with tabs) - - -\subsection ctrl_iface_DISCONNECT DISCONNECT - -Disconnect and wait for \c REASSOCIATE or \c RECONNECT command before -connecting. - - -\subsection ctrl_iface_SCAN SCAN - -Request a new BSS scan. - - -\subsection ctrl_iface_SCAN_RESULTS SCAN_RESULTS - -Get the latest scan results. - -\verbatim -bssid / frequency / signal level / flags / ssid -00:09:5b:95:e0:4e 2412 208 [WPA-PSK-CCMP] jkm private -02:55:24:33:77:a3 2462 187 [WPA-PSK-TKIP] testing -00:09:5b:95:e0:4f 2412 209 jkm guest -\endverbatim - -(note: fields are separated with tabs) - - -\subsection ctrl_iface_BSS BSS - -Get detailed per-BSS scan results. \c BSS command can be used to -iterate through scan results one BSS at a time and to fetch all -information from the found BSSes. This provides access to the same -data that is available through \c SCAN_RESULTS but in a way that -avoids problems with large number of scan results not fitting in the -ctrl_iface messages. - -There are two options for selecting the BSS with the \c BSS command: -"BSS <idx>" requests information for the BSS identified by the index -(0 .. size-1) in the scan results table and "BSS <BSSID>" requests -information for the given BSS (based on BSSID in 00:01:02:03:04:05 -format). - -BSS information is presented in following format. Please note that new -fields may be added to this field=value data, so the ctrl_iface user -should be prepared to ignore values it does not understand. - -\verbatim -bssid=00:09:5b:95:e0:4e -freq=2412 -beacon_int=0 -capabilities=0x0011 -qual=51 -noise=161 -level=212 -tsf=0000000000000000 -ie=000b6a6b6d2070726976617465010180dd180050f20101000050f20401000050f20401000050f2020000 -ssid=jkm private -\endverbatim - - - -\subsection ctrl_iface_SELECT_NETWORK SELECT_NETWORK <network id> - -Select a network (disable others). Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_ENABLE_NETWORK ENABLE_NETWORK <network id> - -Enable a network. Network id can be received from the -\c LIST_NETWORKS command output. Special network id \c all can be -used to enable all network. - - -\subsection ctrl_iface_DISABLE_NETWORK DISABLE_NETWORK <network id> - -Disable a network. Network id can be received from the -\c LIST_NETWORKS command output. Special network id \c all can be -used to disable all network. - - -\subsection ctrl_iface_ADD_NETWORK ADD_NETWORK - -Add a new network. This command creates a new network with empty -configuration. The new network is disabled and once it has been -configured it can be enabled with \c ENABLE_NETWORK command. \c ADD_NETWORK -returns the network id of the new network or FAIL on failure. - - -\subsection ctrl_iface_REMOVE_NETWORK REMOVE_NETWORK <network id> - -Remove a network. Network id can be received from the -\c LIST_NETWORKS command output. Special network id \c all can be -used to remove all network. - - -\subsection ctrl_iface_SET_NETWORK SET_NETWORK <network id> <variable> <value> - -Set network variables. Network id can be received from the -\c LIST_NETWORKS command output. - -This command uses the same variables and data formats as the -configuration file. See example wpa_supplicant.conf for more details. - -- ssid (network name, SSID) -- psk (WPA passphrase or pre-shared key) -- key_mgmt (key management protocol) -- identity (EAP identity) -- password (EAP password) -- ... - - -\subsection ctrl_iface_GET_NETWORK GET_NETWORK <network id> <variable> - -Get network variables. Network id can be received from the -\c LIST_NETWORKS command output. - - -\subsection ctrl_iface_SAVE_CONFIG SAVE_CONFIG - -Save the current configuration. - - -\subsection ctrl_iface_P2P_FIND P2P_FIND - -Start P2P device discovery. Optional parameter can be used to specify -the duration for the discovery in seconds (e.g., "P2P_FIND 5"). If the -duration is not specified, discovery will be started for indefinite -time, i.e., until it is terminated by P2P_STOP_FIND or P2P_CONNECT (to -start group formation with a discovered peer). - -The default search type is to first run a full scan of all channels -and then continue scanning only social channels (1, 6, 11). This -behavior can be changed by specifying a different search type: social -(e.g., "P2P_FIND 5 type=social") will skip the initial full scan and -only search social channels; progressive (e.g., "P2P_FIND -type=progressive") starts with a full scan and then searches -progressively through all channels one channel at the time with the -social channel scans. Progressive device discovery can be used to find -new groups (and groups that were not found during the initial scan, -e.g., due to the GO being asleep) over time without adding -considerable extra delay for every Search state round. - - -\subsection ctrl_iface_P2P_STOP_FIND P2P_STOP_FIND - -Stop ongoing P2P device discovery or other operation (connect, listen -mode). - - -\subsection ctrl_iface_P2P_CONNECT P2P_CONNECT - -Start P2P group formation with a discovered P2P peer. This includes -group owner negotiation, group interface setup, provisioning, and -establishing data connection. - -P2P_CONNECT <peer device address> <pbc|pin|PIN#> -[label|display|keypad] [persistent] [join|auth] [go_intent=<0..15>] - -Start P2P group formation with a discovered P2P peer. This includes -optional group owner negotiation, group interface setup, provisioning, -and establishing data connection. - -The <pbc|pin|PIN#> parameter specifies the WPS provisioning -method. "pbc" string starts pushbutton method, "pin" string start PIN -method using an automatically generated PIN (which will be returned as -the command return code), PIN# means that a pre-selected PIN can be -used (e.g., 12345670). [label|display|keypad] is used with PIN method -to specify which PIN is used (label=PIN from local label, -display=dynamically generated random PIN from local display, -keypad=PIN entered from peer device label or display). "persistent" -parameter can be used to request a persistent group to be formed. - -"join" indicates that this is a command to join an existing group as a -client. It skips the GO Negotiation part. - -"auth" indicates that the WPS parameters are authorized for the peer -device without actually starting GO Negotiation (i.e., the peer is -expected to initiate GO Negotiation). This is mainly for testing -purposes. - -The optional "go_intent" parameter can be used to override the default -GO Intent value. - - -\subsection ctrl_iface_P2P_LISTEN P2P_LISTEN - -Start Listen-only state. Optional parameter can be used to specify the -duration for the Listen operation in seconds. This command may not -be of that much use during normal operations and is mainly designed -for testing. It can also be used to keep the device discoverable -without having to maintain a group. - - -\subsection ctrl_iface_P2P_GROUP_REMOVE P2P_GROUP_REMOVE - -Terminate a P2P group. If a new virtual network interface was used for -the group, it will also be removed. The network interface name of the -group interface is used as a parameter for this command. - - -\subsection ctrl_iface_P2P_GROUP_ADD P2P_GROUP_ADD - -Set up a P2P group owner manually (i.e., without group owner -negotiation with a specific peer). This is also known as autonomous -GO. Optional persistent=<network id> can be used to specify restart of -a persistent group. - - -\subsection ctrl_iface_P2P_PROV_DISC P2P_PROV_DISC - -Send P2P provision discovery request to the specified peer. The -parameters for this command are the P2P device address of the peer and -the desired configuration method. For example, "P2P_PROV_DISC -02:01:02:03:04:05 display" would request the peer to display a PIN for -us and "P2P_PROV_DISC 02:01:02:03:04:05 keypad" would request the peer -to enter a PIN that we display. - - -\subsection ctrl_iface_P2P_GET_PASSPHRASE P2P_GET_PASSPHRASE - -Get the passphrase for a group (only available when acting as a GO). - - -\subsection ctrl_iface_P2P_SERV_DISC_REQ P2P_SERV_DISC_REQ - -Schedule a P2P service discovery request. The parameters for this -command are the device address of the peer device (or 00:00:00:00:00:00 -for wildcard query that is sent to every discovered P2P peer that -supports service discovery) and P2P Service Query TLV(s) as hexdump. -For example, "P2P_SERV_DISC_REQ 00:00:00:00:00:00 02000001" schedules -a request for listing all supported service discovery protocols and -requests this to be sent to all discovered peers. The pending requests -are sent during device discovery (see \ref ctrl_iface_P2P_FIND). - -This command returns an identifier for the pending query (e.g., -"1f77628") that can be used to cancel the request. Directed requests -will be automatically removed when the specified peer has replied to -it. - - -\subsection ctrl_iface_P2P_SERV_DISC_CANCEL_REQ P2P_SERV_DISC_CANCEL_REQ - -Cancel a pending P2P service discovery request. This command takes a -single parameter: identifier for the pending query (the value returned -by \ref ctrl_iface_P2P_SERV_DISC_REQ), e.g., -"P2P_SERV_DISC_CANCEL_REQ 1f77628". - - -\subsection ctrl_iface_P2P_SERV_DISC_RESP P2P_SERV_DISC_RESP - -Reply to a service discovery query. This command takes following -parameters: frequency in MHz, destination address, dialog token, -response TLV(s). The first three parameters are copied from the -request event. For example, -"P2P_SERV_DISC_RESP 2437 02:40:61:c2:f3:b7 1 0300000101". - - -\subsection ctrl_iface_P2P_SERVICE_UPDATE P2P_SERVICE_UPDATE - -Indicate that local services have changed. This is used to increment -the P2P service indicator value so that peers know when previously -cached information may have changed. - - -\subsection ctrl_iface_P2P_SERV_DISC_EXTERNAL P2P_SERV_DISC_EXTERNAL - -Configure external processing of P2P service requests: 0 (default) = -no external processing of requests (i.e., internal code will reject -each request), 1 = external processing of requests (external program -is responsible for replying to service discovery requests with -\ref ctrl_iface_P2P_SERV_DISC_RESP). - - -\subsection ctrl_iface_P2P_REJECT P2P_REJECT - -Reject connection attempt from a peer (specified with a device -address). This is a mechanism to reject a pending GO Negotiation with -a peer and request to automatically block any further connection or -discovery of the peer. - - -\subsection ctrl_iface_P2P_INVITE P2P_INVITE - -Invite a peer to join a group or to (re)start a persistent group. - - -\subsection ctrl_iface_P2P_PEER P2P_PEER - -Fetch information about a discovered peer. This command takes in an -argument specifying which peer to select: P2P Device Address of the -peer, "FIRST" to indicate the first peer in the list, or "NEXT-<P2P -Device Address>" to indicate the entry following the specified peer -(to allow for iterating through the list). - - -\subsection ctrl_iface_P2P_EXT_LISTEN P2P_EXT_LISTEN - -Enable/disable extended listen timing. Without parameters, this -command disables extended listen timing. When enabling the feature, -two parameters are used: availibility period and availability interval -(both in milliseconds and with range of 1-65535). - - -\section ctrl_iface_interactive Interactive requests - -If %wpa_supplicant needs additional information during authentication -(e.g., password), it will use a specific prefix, \c CTRL-REQ- -(\a WPA_CTRL_REQ macro) in an unsolicited event message. An external -program, e.g., a GUI, can provide such information by using -\c CTRL-RSP- (\a WPA_CTRL_RSP macro) prefix in a command with matching -field name. - -The following fields can be requested in this way from the user: -- IDENTITY (EAP identity/user name) -- PASSWORD (EAP password) -- NEW_PASSWORD (New password if the server is requesting password change) -- PIN (PIN code for accessing a SIM or smartcard) -- OTP (one-time password; like password, but the value is used only once) -- PASSPHRASE (passphrase for a private key file) - -\verbatim -CTRL-REQ-<field name>-<network id>-<human readable text> -CTRL-RSP-<field name>-<network id>-<value> -\endverbatim - -For example, request from %wpa_supplicant: -\verbatim -CTRL-REQ-PASSWORD-1-Password needed for SSID test-network -\endverbatim - -And a matching reply from the GUI: -\verbatim -CTRL-RSP-PASSWORD-1-secret -\endverbatim - - -\subsection ctrl_iface_GET_CAPABILITY GET_CAPABILITY <option> [strict] - -Get list of supported functionality (eap, pairwise, group, -proto). Supported functionality is shown as space separate lists of -values used in the same format as in %wpa_supplicant configuration. -If optional argument, 'strict', is added, only the values that the -driver claims to explicitly support are included. Without this, all -available capabilities are included if the driver does not provide -a mechanism for querying capabilities. - -Example request/reply pairs: - -\verbatim -GET_CAPABILITY eap -AKA FAST GTC LEAP MD5 MSCHAPV2 OTP PAX PEAP PSK SIM TLS TTLS -\endverbatim - -\verbatim -GET_CAPABILITY pairwise -CCMP TKIP NONE -\endverbatim - -\verbatim -GET_CAPABILITY pairwise strict -\endverbatim - -\verbatim -GET_CAPABILITY group -CCMP TKIP WEP104 WEP40 -\endverbatim - -\verbatim -GET_CAPABILITY key_mgmt -WPA-PSK WPA-EAP IEEE8021X NONE -\endverbatim - -\verbatim -GET_CAPABILITY proto -RSN WPA -\endverbatim - -\verbatim -GET_CAPABILITY auth_alg -OPEN SHARED LEAP -\endverbatim - - -\subsection ctrl_iface_AP_SCAN AP_SCAN <ap_scan value> - -Change ap_scan value: -0 = no scanning, -1 = %wpa_supplicant requests scans and uses scan results to select the AP, -2 = %wpa_supplicant does not use scanning and just requests driver to -associate and take care of AP selection - - -\subsection ctrl_iface_INTERFACES INTERFACES - -List configured interfaces. - -\verbatim -wlan0 -eth0 -\endverbatim - - -\section ctrl_iface_events Control interface events - -%wpa_supplicant generates number messages based on events like -connection or a completion of a task. These are available to external -programs that attach to receive unsolicited messages over the control -interface with wpa_ctrl_attach(). - -The event messages will be delivered over the attach control interface -as text strings that start with the priority level of the message and -a fixed prefix text as defined in wpa_ctrl.h. After this, optional -additional information may be included depending on the event -message. For example, following event message is delivered when new -scan results are available: - -\verbatim -<2>CTRL-EVENT-SCAN-RESULTS -\endverbatim - -Following priority levels are used: -- 0 = MSGDUMP -- 1 = DEBUG -- 2 = INFO -- 3 = WARNING -- 4 = ERROR - -By default, any priority level greater than equal to 2 (INFO) are -delivered over the attached control interface. LEVEL command can be -used to set the level of messages which will be delivered. It should -be noted that there are many debug messages that do not include any -particulat prefix and are subject to change. They may be used for -debug information, but can usually be ignored by external programs. - -In most cases, the external program can skip over the priority field -in the beginning of the event message and then compare the following -text to the event strings from wpa_ctrl.h that the program is -interested in processing. - -Following subsections describe the most common event notifications -generated by %wpa_supplicant. - -\subsection ctrl_iface_event_CTRL_REQ CTRL-REQ- - -WPA_CTRL_REQ: Request information from a user. See -\ref ctrl_iface_interactive "Interactive requests" sections for more -details. - -\subsection ctrl_iface_event_CONNECTED CTRL-EVENT-CONNECTED - -WPA_EVENT_CONNECTED: Indicate successfully completed authentication -and that the data connection is now enabled. - -\subsection ctrl_iface_event_DISCONNECTED CTRL-EVENT-DISCONNECTED - -WPA_EVENT_DISCONNECTED: Disconnected, data connection is not available - -\subsection ctrl_iface_event_TERMINATING CTRL-EVENT-TERMINATING - -WPA_EVENT_TERMINATING: %wpa_supplicant is exiting - -\subsection ctrl_iface_event_PASSWORD_CHANGED CTRL-EVENT-PASSWORD-CHANGED - -WPA_EVENT_PASSWORD_CHANGED: Password change was completed successfully - -\subsection ctrl_iface_event_EAP_NOTIFICATION CTRL-EVENT-EAP-NOTIFICATION - -WPA_EVENT_EAP_NOTIFICATION: EAP-Request/Notification received - -\subsection ctrl_iface_event_EAP_STARTED CTRL-EVENT-EAP-STARTED - -WPA_EVENT_EAP_STARTED: EAP authentication started (EAP-Request/Identity -received) - -\subsection ctrl_iface_event_EAP_METHOD CTRL-EVENT-EAP-METHOD - -WPA_EVENT_EAP_METHOD: EAP method selected - -\subsection ctrl_iface_event_EAP_SUCCESS CTRL-EVENT-EAP-SUCCESS - -WPA_EVENT_EAP_SUCCESS: EAP authentication completed successfully - -\subsection ctrl_iface_event_EAP_FAILURE CTRL-EVENT-EAP-FAILURE - -WPA_EVENT_EAP_FAILURE: EAP authentication failed (EAP-Failure received) - -\subsection ctrl_iface_event_SCAN_RESULTS CTRL-EVENT-SCAN-RESULTS - -WPA_EVENT_SCAN_RESULTS: New scan results available - -\subsection ctrl_iface_event_BSS_ADDED CTRL-EVENT-BSS-ADDED - -WPA_EVENT_BSS_ADDED: A new BSS entry was added. The event prefix is -followed by the BSS entry id and BSSID. - -\verbatim -CTRL-EVENT-BSS-ADDED 34 00:11:22:33:44:55 -\endverbatim - -\subsection ctrl_iface_event_BSS_REMOVED CTRL-EVENT-BSS-REMOVED - -WPA_EVENT_BSS_REMOVED: A BSS entry was removed. The event prefix is -followed by BSS entry id and BSSID. - -\verbatim -CTRL-EVENT-BSS-REMOVED 34 00:11:22:33:44:55 -\endverbatim - -\subsection ctrl_iface_event_WPS_OVERLAP_DETECTED WPS-OVERLAP-DETECTED - -WPS_EVENT_OVERLAP: WPS overlap detected in PBC mode - -\subsection ctrl_iface_event_WPS_AP_AVAILABLE_PBC WPS-AP-AVAILABLE-PBC - -WPS_EVENT_AP_AVAILABLE_PBC: Available WPS AP with active PBC found in -scan results. - -\subsection ctrl_iface_event_WPS_AP_AVAILABLE_PIN WPS-AP-AVAILABLE-PIN - -WPS_EVENT_AP_AVAILABLE_PIN: Available WPS AP with recently selected PIN -registrar found in scan results. - -\subsection ctrl_iface_event_WPS_AP_AVAILABLE WPS-AP-AVAILABLE - -WPS_EVENT_AP_AVAILABLE: Available WPS AP found in scan results - -\subsection ctrl_iface_event_WPS_CRED_RECEIVED WPS-CRED-RECEIVED - -WPS_EVENT_CRED_RECEIVED: A new credential received - -\subsection ctrl_iface_event_WPS_M2D WPS-M2D - -WPS_EVENT_M2D: M2D received - -\subsection ctrl_iface_event_WPS_FAIL - -WPS_EVENT_FAIL: WPS registration failed after M2/M2D - -\subsection ctrl_iface_event_WPS_SUCCESS WPS-SUCCESS - -WPS_EVENT_SUCCESS: WPS registration completed successfully - -\subsection ctrl_iface_event_WPS_TIMEOUT WPS-TIMEOUT - -WPS_EVENT_TIMEOUT: WPS enrollment attempt timed out and was terminated - -\subsection ctrl_iface_event_WPS_ENROLLEE_SEEN WPS-ENROLLEE-SEEN - -WPS_EVENT_ENROLLEE_SEEN: WPS Enrollee was detected (used in AP mode). -The event prefix is followed by MAC addr, UUID-E, pri dev type, -config methods, dev passwd id, request type, [dev name]. - -\verbatim -WPS-ENROLLEE-SEEN 02:00:00:00:01:00 -572cf82f-c957-5653-9b16-b5cfb298abf1 1-0050F204-1 0x80 4 1 -[Wireless Client] -\endverbatim - -\subsection ctrl_iface_event_WPS_ER_AP_ADD WPS-ER-AP-ADD - -WPS_EVENT_ER_AP_ADD: WPS ER discovered an AP - -\verbatim -WPS-ER-AP-ADD 87654321-9abc-def0-1234-56789abc0002 02:11:22:33:44:55 -pri_dev_type=6-0050F204-1 wps_state=1 |Very friendly name|Company| -Long description of the model|WAP|http://w1.fi/|http://w1.fi/hostapd/ -\endverbatim - -\subsection ctrl_iface_event_WPS_ER_AP_REMOVE WPS-ER-AP-REMOVE - -WPS_EVENT_ER_AP_REMOVE: WPS ER removed an AP entry - -\verbatim -WPS-ER-AP-REMOVE 87654321-9abc-def0-1234-56789abc0002 -\endverbatim - -\subsection ctrl_iface_event_WPS_ER_ENROLLEE_ADD WPS-ER-ENROLLEE-ADD - -WPS_EVENT_ER_ENROLLEE_ADD: WPS ER discovered a new Enrollee - -\verbatim -WPS-ER-ENROLLEE-ADD 2b7093f1-d6fb-5108-adbb-bea66bb87333 -02:66:a0:ee:17:27 M1=1 config_methods=0x14d dev_passwd_id=0 -pri_dev_type=1-0050F204-1 -|Wireless Client|Company|cmodel|123|12345| -\endverbatim - -\subsection ctrl_iface_event_WPS_ER_ENROLLEE_REMOVE WPS-ER-ENROLLEE-REMOVE - -WPS_EVENT_ER_ENROLLEE_REMOVE: WPS ER removed an Enrollee entry - -\verbatim -WPS-ER-ENROLLEE-REMOVE 2b7093f1-d6fb-5108-adbb-bea66bb87333 -02:66:a0:ee:17:27 -\endverbatim - -\subsection ctrl_iface_event_WPS_PIN_NEEDED WPS-PIN-NEEDED - -WPS_EVENT_PIN_NEEDED: PIN is needed to complete provisioning with an -Enrollee. This is followed by information about the Enrollee (UUID, -MAC address, device name, manufacturer, model name, model number, -serial number, primary device type). -\verbatim -WPS-PIN-NEEDED 5a02a5fa-9199-5e7c-bc46-e183d3cb32f7 02:2a:c4:18:5b:f3 -[Wireless Client|Company|cmodel|123|12345|1-0050F204-1] -\endverbatim - -\subsection ctrl_iface_event_WPS_NEW_AP_SETTINGS WPS-NEW-AP-SETTINGS - -WPS_EVENT_NEW_AP_SETTINGS: New AP settings were received - -\subsection ctrl_iface_event_WPS_REG_SUCCESS WPS-REG-SUCCESS - -WPS_EVENT_REG_SUCCESS: WPS provisioning was completed successfully -(AP/Registrar) - -\subsection ctrl_iface_event_WPS_AP_SETUP_LOCKED WPS-AP-SETUP-LOCKED - -WPS_EVENT_AP_SETUP_LOCKED: AP changed into setup locked state due to -multiple failed configuration attempts using the AP PIN. - -\subsection ctrl_iface_event_AP_STA_CONNECTED AP-STA-CONNECTED - -AP_STA_CONNECTED: A station associated with us (AP mode event). The -event prefix is followed by the MAC address of the station. - -\verbatim -AP-STA-CONNECTED 02:2a:c4:18:5b:f3 -\endverbatim - -\subsection ctrl_iface_event_AP_STA_DISCONNECTED AP-STA-DISCONNECTED - -AP_STA_DISCONNECTED: A station disassociated (AP mode event) - -\verbatim -AP-STA-DISCONNECTED 02:2a:c4:18:5b:f3 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_DEVICE_FOUND P2P-DEVICE-FOUND - -P2P_EVENT_DEVICE_FOUND: Indication of a discovered P2P device with -information about that device. - -\verbatim -P2P-DEVICE-FOUND 02:b5:64:63:30:63 p2p_dev_addr=02:b5:64:63:30:63 -pri_dev_type=1-0050f204-1 name='Wireless Client' config_methods=0x84 -dev_capab=0x21 group_capab=0x0 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_GO_NEG_REQUEST P2P-GO-NEG-REQUEST - -P2P_EVENT_GO_NEG_REQUEST: A P2P device requested GO negotiation, but we -were not ready to start the negotiation. - -\verbatim -P2P-GO-NEG-REQUEST 02:40:61:c2:f3:b7 dev_passwd_id=4 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_GO_NEG_SUCCESS P2P-GO-NEG-SUCCESS - -P2P_EVENT_GO_NEG_SUCCESS: Indication of successfully complete group -owner negotiation. - -\subsection ctrl_iface_event_P2P_EVENT_GO_NEG_FAILURE P2P-GO-NEG-FAILURE - -P2P_EVENT_GO_NEG_FAILURE: Indication of failed group owner negotiation. - -\subsection ctrl_iface_event_P2P_EVENT_GROUP_FORMATION_SUCCESS P2P-GROUP-FORMATION-SUCCESS - -P2P_EVENT_GROUP_FORMATION_SUCCESS: Indication that P2P group formation -has been completed successfully. - -\subsection ctrl_iface_event_P2P_EVENT_GROUP_FORMATION_FAILURE P2P-GROUP-FORMATION-FAILURE - -P2P_EVENT_GROUP_FORMATION_FAILURE: Indication that P2P group formation -failed (e.g., due to provisioning failure or timeout). - -\subsection ctrl_iface_event_P2P_EVENT_GROUP_STARTED P2P-GROUP-STARTED - -P2P_EVENT_GROUP_STARTED: Indication of a new P2P group having been -started. Additional parameters: network interface name for the group, -role (GO/client), SSID. The passphrase used in the group is also -indicated here if known (on GO) or PSK (on client). If the group is a -persistent one, a flag indicating that is included. - -\verbatim -P2P-GROUP-STARTED wlan0-p2p-0 GO ssid="DIRECT-3F Testing" -passphrase="12345678" go_dev_addr=02:40:61:c2:f3:b7 [PERSISTENT] -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_GROUP_REMOVED P2P-GROUP-REMOVED - -P2P_EVENT_GROUP_REMOVED: Indication of a P2P group having been removed. -Additional parameters: network interface name for the group, role -(GO/client). - -\verbatim -P2P-GROUP-REMOVED wlan0-p2p-0 GO -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_PROV_DISC_SHOW_PIN P2P-PROV-DISC-SHOW-PIN - -P2P_EVENT_PROV_DISC_SHOW_PIN: Request from the peer for us to display -a PIN that will be entered on the peer. The following parameters are -included after the event prefix: peer_address PIN. The PIN is a -random PIN generated for this connection. P2P_CONNECT command can be -used to accept the request with the same PIN configured for the -connection. - -\verbatim -P2P-PROV-DISC-SHOW-PIN 02:40:61:c2:f3:b7 12345670 -p2p_dev_addr=02:40:61:c2:f3:b7 pri_dev_type=1-0050F204-1 name='Test' -config_methods=0x188 dev_capab=0x21 group_capab=0x0 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_PROV_DISC_ENTER_PIN P2P-PROV-DISC-ENTER-PIN - -P2P_EVENT_PROV_DISC_ENTER_PIN: Request from the peer for us to enter a -PIN displayed on the peer. The following parameter is included after -the event prefix: peer address. - -\verbatim -P2P-PROV-DISC-ENTER-PIN 02:40:61:c2:f3:b7 p2p_dev_addr=02:40:61:c2:f3:b7 -pri_dev_type=1-0050F204-1 name='Test' config_methods=0x188 -dev_capab=0x21 group_capab=0x0 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_PROV_DISC_PBC_REQ P2P-PROV-DISC-PBC-REQ - -P2P_EVENT_PROV_DISC_PBC_REQ: Request from the peer for us to connect -using PBC. The following parameters are included after the event prefix: -peer_address. P2P_CONNECT command can be used to accept the request. - -\verbatim -P2P-PROV-DISC-PBC-REQ 02:40:61:c2:f3:b7 p2p_dev_addr=02:40:61:c2:f3:b7 -pri_dev_type=1-0050F204-1 name='Test' config_methods=0x188 -dev_capab=0x21 group_capab=0x0 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_PROV_DISC_PBC_RESP P2P-PROV-DISC-PBC-RESP - -P2P_EVENT_PROV_DISC_PBC_RESP: The peer accepted our provision discovery -request to connect using PBC. The following parameters are included -after the event prefix: peer_address. P2P_CONNECT command can be used to -start GO Negotiation after this. - -\verbatim -P2P-PROV-DISC-PBC-RESP 02:40:61:c2:f3:b7 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_SERV_DISC_REQ P2P-SERV-DISC-REQ - -P2P-SERV-DISC-REQ: Indicate reception of a P2P service discovery -request. The following parameters are included after the event prefix: -frequency in MHz, source address, dialog token, Service Query TLV(s) as -hexdump. - -\verbatim -P2P-SERV-DISC-REQ 2412 02:40:61:c2:f3:b7 0 0 02000001 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_SERV_DISC_RESP P2P-SERV-DISC-RESP - -P2P-SERV-DISC-RESP: Indicate reception of a P2P service discovery -response. The following parameters are included after the event prefix: -source address, dialog token, Service Response TLV(s) as hexdump. - -\verbatim -P2P-SERV-DISC-RESP 02:40:61:c2:f3:b7 0 0300000101 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_INVITATION_RECEIVED P2P-INVITATION-RECEIVED - -P2P-INVITATION-RECEIVED: Indicate reception of a P2P Invitation -Request. For persistent groups, the parameter after the event prefix -indicates which network block includes the persistent group data. - -\verbatim -P2P-INVITATION-RECEIVED sa=02:40:61:c2:f3:b7 persistent=0 -\endverbatim - -\subsection ctrl_iface_event_P2P_EVENT_INVITATION_RESULT P2P-INVITATION-RESULT - -P2P-INVITATION-RESULT: Indicate result of a P2P invitation that was -requested with \ref ctrl_iface_P2P_INVITE. The parameter -status=<value> shows the status code returned by the peer (or -1 on -local failure or timeout). - -\verbatim -P2P-INVITATION-RESULT status=1 -\endverbatim - -*/  diff --git a/doc/dbus.doxygen b/doc/dbus.doxygen deleted file mode 100644 index eeea200..0000000 --- a/doc/dbus.doxygen +++ /dev/null  @@ -1,715 +0,0 @@ -/** -\page dbus %wpa_supplicant D-Bus API - -This section documents the %wpa_supplicant D-Bus API. Every D-Bus -interface implemented by %wpa_supplicant is described here including -their methods, signals, and properties with arguments, returned -values, and possible errors. - -Interfaces: -- \ref dbus_main -- \ref dbus_interface -- \ref dbus_wps -- \ref dbus_bss -- \ref dbus_network - - -\section dbus_main fi.w1.wpa_supplicant1 - -Interface implemented by the main %wpa_supplicant D-Bus object -registered in the bus with fi.w1.wpa_supplicant1 name. - -\subsection dbus_main_methods Methods - - <ul> - <li> - <h3>CreateInterface ( a{sv} : args ) --> o : interface</h3> - <p>Registers a wireless interface in %wpa_supplicant.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : args</dt> - <dd> - A dictionary with arguments used to add the interface to %wpa_supplicant. The dictionary may contain the following entries: - <table> - <tr><th>Key</th><th>Value type</th><th>Description</th><th>Required</th> - <tr><td>Ifname</td><td>s</td><td>Name of the network interface to control, e.g., wlan0</td><td>Yes</td> - <tr><td>Bridge_ifname</td><td>s</td><td>Name of the bridge interface to control, e.g., br0</td><td>No</td> - <tr><td>Driver</td><td>s</td><td>Driver name which the interface uses, e.g., nl80211</td><td>No</td> - </table> - </dd> - </dl> - <h4>Returns</h4> - <dl> - <dt>o : interface</dt> - <dd>A D-Bus path to object representing created interface</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.InterfaceExists</dt> - <dd>%wpa_supplicant already controls this interface.</dd> - <dt>fi.w1.wpa_supplicant1.UnknownError</dt> - <dd>Creating interface failed for an unknown reason.</dd> - <dt>fi.w1.wpa_supplicant1.InvalidArgs</dt> - <dd>Invalid entries were found in the passed argument.</dd> - </dl> - </li> - - <li> - <h3>RemoveInterface ( o : interface ) --> nothing</h3> - <p>Deregisters a wireless interface from %wpa_supplicant.</p> - <h4>Arguments</h4> - <dl> - <dt>o : interface</dt> - <dd>A D-Bus path to an object representing an interface to remove returned by CreateInterface</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.InterfaceUnknown</dt> - <dd>Object pointed by the path doesn't exist or doesn't represent an interface.</dd> - <dt>fi.w1.wpa_supplicant1.UnknownError</dt> - <dd>Removing interface failed for an unknown reason.</dd> - </dl> - </li> - - <li> - <h3>GetInterface ( s : ifname ) --> o : interface</h3> - <p>Returns a D-Bus path to an object related to an interface which %wpa_supplicant already controls.</p> - <h4>Arguments</h4> - <dl> - <dt>s : ifname</dt> - <dd>Name of the network interface, e.g., wlan0</dd> - </dl> - <h4>Returns</h4> - <dl> - <dt>o : interface</dt> - <dd>A D-Bus path to an object representing an interface</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.InterfaceUnknown</dt> - <dd>An interface with the passed name in not controlled by %wpa_supplicant.</dd> - <dt>fi.w1.wpa_supplicant1.UnknownError</dt> - <dd>Getting an interface object path failed for an unknown reason.</dd> - </dl> - </li> - </ul> - -\subsection dbus_main_properties Properties - - <ul> - <li> - <h3>DebugLevel - s - (read/write)</h3> - <p>Global %wpa_supplicant debugging level. Possible values are - "msgdump" (verbose debugging), "debug" (debugging), - "info" (informative), "warning" (warnings), and "error" (errors).</p> - </li> - - <li> - <h3>DebugTimestamp - b - (read/write)</h3> - <p>Global %wpa_supplicant debugging parameter. Determines if timestamps are shown in debug logs.</p> - </li> - - <li> - <h3>DebugShowKeys - b - (read/write)</h3> - <p>Global %wpa_supplicant debugging parameter. Determines if secrets are shown in debug logs.</p> - </li> - - <li> - <h3>Interfaces - ao - (read)</h3> - <p>An array with paths to D-Bus objects representing controlled interfaces each.</p> - </li> - - <li> - <h3>EapMethods - as - (read)</h3> - <p>An array with supported EAP methods names.</p> - </li> - </ul> - -\subsection dbus_main_signals Signals - - <ul> - <li> - <h3>InterfaceAdded ( o : interface, a{sv} : properties )</h3> - <p>A new interface was added to %wpa_supplicant.</p> - <h4>Arguments</h4> - <dl> - <dt>o : interface</dt> - <dd>A D-Bus path to an object representing the added interface</dd> - </dl> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary containing properties of added interface.</dd> - </dl> - </li> - - <li> - <h3>InterfaceRemoved ( o : interface )</h3> - <p>An interface was removed from %wpa_supplicant.</p> - <h4>Arguments</h4> - <dl> - <dt>o : interface</dt> - <dd>A D-Bus path to an object representing the removed interface</dd> - </dl> - </li> - - <li> - <h3>PropertiesChanged ( a{sv} : properties )</h3> - <p>Some properties have changed.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary with pairs of properties names which have changed and theirs new values. Possible dictionary keys are: "DebugParams"</dd> - </dl> - </li> - </ul> - - -\section dbus_interface fi.w1.wpa_supplicant1.Interface - -Interface implemented by objects related to network interface added to -%wpa_supplicant, i.e., returned by -fi.w1.wpa_supplicant1.CreateInterface. - -\subsection dbus_interface_methods Methods - - <ul> - <li> - <h3>Scan ( a{sv} : args ) --> nothing</h3> - <p>Triggers a scan.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : args</dt> - <dd> - A dictionary with arguments describing scan type: - <table> - <tr><th>Key</th><th>Value type</th><th>Description</th><th>Required</th> - <tr><td>Type</td><td>s</td><td>Type of the scan. Possible values: "active", "passive"</td><td>Yes</td> - <tr><td>SSIDs</td><td>aay</td><td>Array of SSIDs to scan for (applies only if scan type is active)</td><td>No</td> - <tr><td>IEs</td><td>aay</td><td>Information elements to used in active scan (applies only if scan type is active)</td><td>No</td> - <tr><td>Channels</td><td>a(uu)</td><td>Array of frequencies to scan in form of (center, width) in MHz.</td><td>No</td> - </table> - </dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.InvalidArgs</dt> - <dd>Invalid entries were found in the passed argument.</dd> - </dl> - </li> - - <li> - <h3>Disconnect ( ) --> nothing</h3> - <p>Disassociates the interface from current network.</p> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.NotConnected</dt> - <dd>Interface is not connected to any network.</dd> - </dl> - </li> - - <li> - <h3>AddNetwork ( a{sv} : args ) --> o : network</h3> - <p>Adds a new network to the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : args</dt> - <dd>A dictionary with network configuration. Dictionary entries are equivalent to entries in the "network" block in %wpa_supplicant configuration file. Entry values should be appropriate type to the entry, e.g., an entry with key "frequency" should have value type int.</dd> - </dl> - <h4>Returns</h4> - <dl> - <dt>o : network</dt> - <dd>A D-Bus path to an object representing a configured network</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.InvalidArgs</dt> - <dd>Invalid entries were found in the passed argument.</dd> - <dt>fi.w1.wpa_supplicant1.UnknownError</dt> - <dd>Adding network failed for an unknown reason.</dd> - </dl> - </li> - - <li> - <h3>RemoveNetwork ( o : network ) --> nothing</h3> - <p>Removes a configured network from the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>o : network</dt> - <dd>A D-Bus path to an object representing a configured network returned by fi.w1.wpa_supplicant1.Interface.AddNetwork</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.NetworkUnknown</dt> - <dd>A passed path doesn't point to any network object.</dd> - <dt>fi.w1.wpa_supplicant1.InvalidArgs</dt> - <dd>A passed path doesn't point to any network object.</dd> - <dt>fi.w1.wpa_supplicant1.UnknownError</dt> - <dd>Removing network failed for an unknown reason.</dd> - </dl> - </li> - - <li> - <h3>SelectNetwork ( o : network ) --> nothing</h3> - <p>Attempt association with a configured network.</p> - <h4>Arguments</h4> - <dl> - <dt>o : network</dt> - <dd>A D-Bus path to an object representing a configured network returned by fi.w1.wpa_supplicant1.Interface.AddNetwork</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.NetworkUnknown</dt> - <dd>A passed path doesn't point to any network object.</dd> - <dt>fi.w1.wpa_supplicant1.InvalidArgs</dt> - <dd>A passed path doesn't point to any network object.</dd> - </dl> - </li> - - <li> - <h3>AddBlob ( s : name, ay : data ) --> nothing</h3> - <p>Adds a blob to the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>s : name</dt> - <dd>A name of a blob</dd> - <dt>ay : data</dt> - <dd>A blob data</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.BlobExists</dt> - <dd>A blob with the specified name already exists.</dd> - </dl> - </li> - - <li> - <h3>RemoveBlob ( s : name ) --> nothing</h3> - <p>Removes the blob from the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>s : name</dt> - <dd>A name of the blob to remove</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.BlobUnknown</dt> - <dd>A blob with the specified name doesn't exist.</dd> - </dl> - </li> - - <li> - <h3>GetBlob ( s : name ) --> ay : data</h3> - <p>Returns the blob data of a previously added blob.</p> - <h4>Arguments</h4> - <dl> - <dt>s : name</dt> - <dd>A name of the blob</dd> - </dl> - <h4>Returns</h4> - <dl> - <dt>ay : data</dt> - <dd>A blob data</dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.BlobUnknown</dt> - <dd>A blob with the specified name doesn't exist.</dd> - </dl> - </li> - </ul> - -\subsection dbus_interface_properties Properties - - <ul> - <li> - <h3>Capabilities - a{sv} - (read)</h3> - <p>Capabilities of the interface. Dictionary contains following entries:</p> - <table> - <tr><th>Key</th><th>Value type</th><th>Description</th> - <tr><td>Pairwise</td><td>as</td><td>Possible array elements: "ccmp", "tkip", "none"</td> - <tr><td>Group</td><td>as</td><td>Possible array elements: "ccmp", "tkip", "wep104", "wep40"</td> - <tr><td>KeyMgmt</td><td>as</td><td>Possible array elements: "wpa-psk", "wpa-ft-psk", "wpa-psk-sha256", "wpa-eap", "wpa-ft-eap", "wpa-eap-sha256", "ieee8021x", "wpa-none", "wps", "none"</td> - <tr><td>Protocol</td><td>as</td><td>Possible array elements: "rsn", "wpa"</td> - <tr><td>AuthAlg</td><td>as</td><td>Possible array elements: "open", "shared", "leap"</td> - <tr><td>Scan</td><td>as</td><td>Possible array elements: "active", "passive", "ssid"</td> - <tr><td>Modes</td><td>as</td><td>Possible array elements: "infrastructure", "ad-hoc", "ap"</td> - </table> - </li> - - <li> - <h3>State - s - (read)</h3> - <p>A state of the interface. Possible values are: return "disconnected", "inactive", "scanning", "authenticating", "associating", "associated", "4way_handshake", "group_handshake", "completed","unknown".</p> - </li> - - <li> - <h3>Scanning - b - (read)</h3> - <p>Determines if the interface is already scanning or not</p> - </li> - - <li> - <h3>ApScan - u - (read/write)</h3> - <p>Identical to ap_scan entry in %wpa_supplicant configuration file. Possible values are 0, 1 or 2.</p> - </li> - - <li> - <h3>Ifname - s - (read)</h3> - <p>Name of network interface controlled by the interface, e.g., wlan0.</p> - </li> - - <li> - <h3>BridgeIfname - s - (read)</h3> - <p>Name of bridge network interface controlled by the interface, e.g., br0.</p> - </li> - - <li> - <h3>Driver - s - (read)</h3> - <p>Name of driver used by the interface, e.g., nl80211.</p> - </li> - - <li> - <h3>CurrentBSS - o - (read)</h3> - <p>Path to D-Bus object representing BSS which %wpa_supplicant is associated with, or "/" if is not associated at all.</p> - </li> - - <li> - <h3>CurrentNetwork - o - (read)</h3> - <p>Path to D-Bus object representing configured network which %wpa_supplicant uses at the moment, or "/" if doesn't use any.</p> - </li> - - <li> - <h3>Blobs - as - (read)</h3> - <p>List of blobs names added to the Interface.</p> - </li> - - <li> - <h3>BSSs - ao - (read)</h3> - <p>List of D-Bus objects paths representing BSSs known to the interface, i.e., scan results.</p> - </li> - - <li> - <h3>Networks - ao - (read)</h3> - <p>List of D-Bus objects paths representing configured networks.</p> - </li> - </ul> - -\subsection dbus_interface_signals Signals - - <ul> - <li> - <h3>ScanDone ( b : success )</h3> - <p>Scanning finished. </p> - <h4>Arguments</h4> - <dl> - <dt>s : success</dt> - <dd>Determines if scanning was successful. If so, results are available.</dd> - </dl> - </li> - - <li> - <h3>BSSAdded ( o : BSS, a{sv} : properties )</h3> - <p>Interface became aware of a new BSS.</p> - <h4>Arguments</h4> - <dl> - <dt>o : BSS</dt> - <dd>A D-Bus path to an object representing the new BSS.</dd> - </dl> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary containing properties of added BSS.</dd> - </dl> - </li> - - <li> - <h3>BSSRemoved ( o : BSS )</h3> - <p>BSS disappeared.</p> - <h4>Arguments</h4> - <dl> - <dt>o : BSS</dt> - <dd>A D-Bus path to an object representing the BSS.</dd> - </dl> - </li> - - <li> - <h3>BlobAdded ( s : blobName )</h3> - <p>A new blob has been added to the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>s : blobName</dt> - <dd>A name of the added blob.</dd> - </dl> - </li> - - <li> - <h3>BlobRemoved ( s : blobName )</h3> - <p>A blob has been removed from the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>s : blobName</dt> - <dd>A name of the removed blob.</dd> - </dl> - </li> - - <li> - <h3>NetworkAdded ( o : network, a{sv} : properties )</h3> - <p>A new network has been added to the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>o : network</dt> - <dd>A D-Bus path to an object representing the added network.</dd> - </dl> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary containing properties of added network.</dd> - </dl> - </li> - - <li> - <h3>NetworkRemoved ( o : network )</h3> - <p>The network has been removed from the interface.</p> - <h4>Arguments</h4> - <dl> - <dt>o : network</dt> - <dd>A D-Bus path to an object representing the removed network.</dd> - </dl> - </li> - - <li> - <h3>NetworkSelected ( o : network )</h3> - <p>The network has been selected.</p> - <h4>Arguments</h4> - <dl> - <dt>o : network</dt> - <dd>A D-Bus path to an object representing the selected network.</dd> - </dl> - </li> - - <li> - <h3>PropertiesChanged ( a{sv} : properties )</h3> - <p>Some properties have changed.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary with pairs of properties names which have changed and theirs new values. Possible dictionary keys are: "ApScan", "Scanning", "State", "CurrentBSS", "CurrentNetwork"</dd> - </dl> - </li> - </ul> - - -\section dbus_wps fi.w1.wpa_supplicant1.Interface.WPS - -Interface implemented by objects related to network interface added to -%wpa_supplicant, i.e., returned by fi.w1.wpa_supplicant1.CreateInterface. - -\subsection dbus_wps_methods Methods - - <ul> - <li> - <h3>Start ( a{sv} : args ) --> a{sv} : output</h3> - <p>Starts WPS configuration.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : args</dt> - <dd> - A dictionary with arguments used to start WPS configuration. The dictionary may contain the following entries: - <table> - <tr><th>Key</th><th>Value type</th><th>Description</th><th>Required</th> - <tr><td>Role</td><td>s</td><td>The device's role. Possible values are "enrollee" and "registrar".</td><td>Yes</td> - <tr><td>Type</td><td>s</td><td>WPS authentication type. Applies only for enrollee role. Possible values are "pin" and "pbc".</td><td>Yes, for enrollee role; otherwise no</td> - <tr><td>Pin</td><td>s</td><td>WPS Pin.</td><td>Yes, for registrar role; otherwise optional</td> - <tr><td>Bssid</td><td>ay</td><td></td><td>No</td> - </table> - </dd> - </dl> - <h4>Returns</h4> - <dl> - <dt>a{sv} : output</dt> - <dd> - <table> - <tr><th>Key</th><th>Value type</th><th>Description</th><th>Required</th> - <tr><td>Pin</td><td>s</td><td>Newly generated PIN, if not specified for enrollee role and pin authentication type.</td><td>No</td> - </table> - </dd> - </dl> - <h4>Possible errors</h4> - <dl> - <dt>fi.w1.wpa_supplicant1.UnknownError</dt> - <dd>Starting WPS configuration failed for an unknown reason.</dd> - <dt>fi.w1.wpa_supplicant1.InvalidArgs</dt> - <dd>Invalid entries were found in the passed argument.</dd> - </dl> - </li> - </ul> - -\subsection dbus_wps_properties Properties - - <ul> - <li> - <h3>ProcessCredentials - b - (read/write)</h3> - <p>Determines if the interface will process the credentials (credentials_processed configuration file parameter).</p> - </li> - </ul> - -\subsection dbus_wps_signals Signals - - <ul> - <li> - <h3>Event ( s : name, a{sv} : args )</h3> - <p>WPS event occurred.</p> - <h4>Arguments</h4> - <dl> - <dt>s : event</dt> - <dd>Event type. Possible values are: "success, "fail" and "m2d"</dd> - <dt>a{sv} : args</dt> - <dd> - Event arguments. Empty for success event, one entry ( "msg" : i ) for fail event and following entries for m2d event: - <table> - <tr><th>config_methods</th><th>Value type</th> - <tr><td>manufacturer</td><td>q</td> - <tr><td>model_name</td><td>ay</td> - <tr><td>model_number</td><td>ay</td> - <tr><td>serial_number</td><td>ay</td> - <tr><td>dev_name</td><td>ay</td> - <tr><td>primary_dev_type</td><td>ay</td> - <tr><td>config_error</td><td>q</td> - <tr><td>dev_password_id</td><td>q</td> - </table> - </dd> - </dl> - </li> - - <li> - <h3>Credentials ( a{sv} : credentials )</h3> - <p>WPS credentials. Dictionary contains:</p> - <table> - <tr><th>Key</th><th>Value type</th><th>Description</th> - <tr><td>BSSID</td><td>ay</td><td></td> - <tr><td>SSID</td><td>s</td><td></td> - <tr><td>AuthType</td><td>as</td><td>Possible array elements: "open", "shared", "wpa-psk", "wpa-eap", "wpa2-eap", "wpa2-psk"</td> - <tr><td>EncrType</td><td>as</td><td>Possible array elements: "none", "wep", "tkip", "aes"</td> - <tr><td>Key</td><td>ay</td><td>Key data</td> - <tr><td>KeyIndex</td><td>u</td><td>Key index</td> - </table> - </li> - - <li> - <h3>PropertiesChanged ( a{sv} : properties )</h3> - <p>Some properties have changed.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary with pairs of properties names which have changed and theirs new values. Possible dictionary keys are: "ProcessCredentials"</dd> - </dl> - </li> - </ul> - - -\section dbus_bss fi.w1.wpa_supplicant1.BSS - -Interface implemented by objects representing a scanned BSSs, i.e., -scan results. - -\subsection dbus_bss_properties Properties - - <ul> - <li> - <h3>BSSID - ay - (read)</h3> - <p>BSSID of the BSS.</p> - </li> - <li> - <h3>SSID - ay - (read)</h3> - <p>SSID of the BSS.</p> - </li> - <li> - <h3>WPA - a{sv} - (read)</h3> - <p>WPA information of the BSS. Empty dictionary indicates no WPA support. Dictionary entries are:</p> - <table> - <tr><td>KeyMgmt</td><td>as</td><td>Key management suite. Possible array elements: "wpa-psk", "wpa-eap", "wpa-none"</td> - <tr><td>Pairwise</td><td>as</td><td>Pairwise cipher suites. Possible array elements: "ccmp", "tkip"</td> - <tr><td>Group</td><td>s</td><td>Group cipher suite. Possible values are: "ccmp", "tkip", "wep104", "wep40"</td> - </table> - </li> - <li> - <h3>RSN - a{sv} - (read)</h3> - <p>RSN information of the BSS. Empty dictionary indicates no RSN support. Dictionary entries are:</p> - <table> - <tr><td>KeyMgmt</td><td>as</td><td>Key management suite. Possible array elements: "wpa-psk", "wpa-eap", "wpa-ft-psk", "wpa-ft-eap", "wpa-psk-sha256", "wpa-eap-sha256",</td> - <tr><td>Pairwise</td><td>as</td><td>Pairwise cipher suites. Possible array elements: "ccmp", "tkip"</td> - <tr><td>Group</td><td>s</td><td>Group cipher suite. Possible values are: "ccmp", "tkip", "wep104", "wep40"</td> - <tr><td>MgmtGroup</td><td>s</td><td>Mangement frames cipher suite. Possible values are: "aes128cmac"</td> - </table> - </li> - <li> - <h3>IEs - ay - (read)</h3> - <p>All IEs of the BSS as a chain of TLVs</p> - </li> - <li> - <h3>Privacy - b - (read)</h3> - <p>Indicates if BSS supports privacy.</p> - </li> - <li> - <h3>Mode - s - (read)</h3> - <p>Describes mode of the BSS. Possible values are: "ad-hoc" and "infrastructure".</p> - </li> - <li> - <h3>Frequency - q - (read)</h3> - <p>Frequency of the BSS in MHz.</p> - </li> - <li> - <h3>Rates - au - (read)</h3> - <p>Descending ordered array of rates supported by the BSS in bits per second.</p> - </li> - <li> - <h3>Signal - n - (read)</h3> - <p>Signal strength of the BSS.</p> - </li> - </ul> - -\subsection dbus_bss_signals Signals - - <ul> - <li> - <h3>PropertiesChanged ( a{sv} : properties )</h3> - <p>Some properties have changed.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary with pairs of properties names which have changed and theirs new values.</dd> - </dl> - </li> - </ul> - - -\section dbus_network fi.w1.wpa_supplicant1.Network - -Interface implemented by objects representing configured networks, -i.e., returned by fi.w1.wpa_supplicant1.Interface.AddNetwork. - -\subsection dbus_network_properties Properties - - <ul> - <li> - <h3>Enabled - b - (read/write)</h3> - <p>Determines if the configured network is enabled or not.</p> - </li> - - <li> - <h3>Properties - a{sv} - (read)</h3> - <p>Properties of the configured network. Dictionary contains entries from "network" block of %wpa_supplicant configuration file. All values are string type, e.g., frequency is "2437", not 2437. - </li> - </ul> - -\subsection dbus_network_signals Signals - - <ul> - <li> - <h3>PropertiesChanged ( a{sv} : properties )</h3> - <p>Some properties have changed.</p> - <h4>Arguments</h4> - <dl> - <dt>a{sv} : properties</dt> - <dd>A dictionary with pairs of properties names which have changed and theirs new values. Possible dictionary keys are: "Enabled"</dd> - </dl> - </li> - </ul> - -*/  diff --git a/doc/directories.doxygen b/doc/directories.doxygen deleted file mode 100644 index 7465afe..0000000 --- a/doc/directories.doxygen +++ /dev/null  @@ -1,90 +0,0 @@ -/** - -\dir hostapd hostapd - -hostapd-specific code for configuration, control interface, and AP -management. - - -\dir src/common Common functionality - -This module includes IEEE 802.11, IEEE 802.1X, and WPA related -functionality that is shared between AP and station modes. - - -\dir src/crypto Cryptographical functionality and wrappers - -This module defines crypto and tls interfaces to provide portability -layer for different crypto/TLS libraries. Wrappers for number of -libraries are also included here. In addition, internal implementation -of various crypto functions are provided as an alternative for an -external library and to extend some algorithms. - - -\dir src/drivers Driver wrappers - -This directory includes the driver interface definition and all the -driver wrappers that can be used to interact with different drivers -without making rest of the software dependent on which particular -driver is used. - - -\dir src/eap_common Common EAP functionality for server and peer - - -\dir src/eap_peer EAP peer - - -\dir src/eap_server EAP server - - -\dir src/eapol_auth EAPOL authenticator - - -\dir src/eapol_supp EAPOL supplicant - - -\dir src/l2_packet Layer 2 packet interface - -This module defines an interface for layer 2 (link layer) packet -sendinf and receiving. All the wrappers for supported mechanisms are -also included here. This is used to port packet access for new -operating systems without having to make rest of the source code -depend on which OS network stack is used. - - -\dir src/radius RADIUS - -RADIUS module includes RADIUS message building and parsing -functionality and separate RADIUS client and server functions. - - -\dir src/rsn_supp IEEE 802.11 RSN and WPA supplicant - - -\dir src/tls Internal TLS server and client implementation - -This module can be used as an alternative to using an external TLS -library. - - -\dir src/utils Utility functions - -Independent set of helper functions that most other components -use. This includes portability wrappers and helpers for common tasks. - - -\dir src/wps Wi-Fi Protected Setup - -This directory includes Wi-Fi Protected Setup functions for Registrar -(both internal in an AP and an External Registrar and -Enrollee. Minimal UPnP and HTTP functionality is also provided for the -functionality needed to implement Wi-Fi Protected Setup. - - -\dir wpa_supplicant %wpa_supplicant - -%wpa_supplicant-specific code for configuration, control interface, and -client management. - -*/  diff --git a/doc/doxygen.conf b/doc/doxygen.conf deleted file mode 100644 index 6a1cb3e..0000000 --- a/doc/doxygen.conf +++ /dev/null  @@ -1,1534 +0,0 @@ -# Doxyfile 1.6.1 - -# This file describes the settings to be used by the documentation system -# doxygen (www.doxygen.org) for a project -# -# All text after a hash (#) is considered a comment and will be ignored -# The format is: -# TAG = value [value, ...] -# For lists items can also be appended using: -# TAG += value [value, ...] -# Values that contain spaces should be placed between quotes (" ") - -#--------------------------------------------------------------------------- -# Project related configuration options -#--------------------------------------------------------------------------- - -# This tag specifies the encoding used for all characters in the config file -# that follow. The default is UTF-8 which is also the encoding used for all -# text before the first occurrence of this tag. Doxygen uses libiconv (or the -# iconv built into libc) for the transcoding. See -# http://www.gnu.org/software/libiconv for the list of possible encodings. - -DOXYFILE_ENCODING = UTF-8 - -# The PROJECT_NAME tag is a single word (or a sequence of words surrounded -# by quotes) that should identify the project. - -PROJECT_NAME = wpa_supplicant / hostapd - -# The PROJECT_NUMBER tag can be used to enter a project or revision number. -# This could be handy for archiving the generated documentation or -# if some version control system is used. - -PROJECT_NUMBER = 0.7.x - -# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) -# base path where the generated documentation will be put. -# If a relative path is entered, it will be relative to the location -# where doxygen was started. If left blank the current directory will be used. - -OUTPUT_DIRECTORY = doc - -# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create -# 4096 sub-directories (in 2 levels) under the output directory of each output -# format and will distribute the generated files over these directories. -# Enabling this option can be useful when feeding doxygen a huge amount of -# source files, where putting all generated files in the same directory would -# otherwise cause performance problems for the file system. - -CREATE_SUBDIRS = NO - -# The OUTPUT_LANGUAGE tag is used to specify the language in which all -# documentation generated by doxygen is written. Doxygen will use this -# information to generate all constant output in the proper language. -# The default language is English, other supported languages are: -# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional, -# Croatian, Czech, Danish, Dutch, Esperanto, Farsi, Finnish, French, German, -# Greek, Hungarian, Italian, Japanese, Japanese-en (Japanese with English -# messages), Korean, Korean-en, Lithuanian, Norwegian, Macedonian, Persian, -# Polish, Portuguese, Romanian, Russian, Serbian, Serbian-Cyrilic, Slovak, -# Slovene, Spanish, Swedish, Ukrainian, and Vietnamese. - -OUTPUT_LANGUAGE = English - -# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will -# include brief member descriptions after the members that are listed in -# the file and class documentation (similar to JavaDoc). -# Set to NO to disable this. - -BRIEF_MEMBER_DESC = YES - -# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend -# the brief description of a member or function before the detailed description. -# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the -# brief descriptions will be completely suppressed. - -REPEAT_BRIEF = YES - -# This tag implements a quasi-intelligent brief description abbreviator -# that is used to form the text in various listings. Each string -# in this list, if found as the leading text of the brief description, will be -# stripped from the text and the result after processing the whole list, is -# used as the annotated text. Otherwise, the brief description is used as-is. -# If left blank, the following values are used ("$name" is automatically
-# replaced with the name of the entity): "The $name class" "The$name widget"
-# "The $name file" "is" "provides" "specifies" "contains" -# "represents" "a" "an" "the" - -ABBREVIATE_BRIEF = - -# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then -# Doxygen will generate a detailed section even if there is only a brief -# description. - -ALWAYS_DETAILED_SEC = NO - -# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all -# inherited members of a class in the documentation of that class as if those -# members were ordinary class members. Constructors, destructors and assignment -# operators of the base classes will not be shown. - -INLINE_INHERITED_MEMB = NO - -# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full -# path before files name in the file list and in the header files. If set -# to NO the shortest path that makes the file name unique will be used. - -FULL_PATH_NAMES = YES - -# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag -# can be used to strip a user-defined part of the path. Stripping is -# only done if one of the specified strings matches the left-hand part of -# the path. The tag can be used to show relative paths in the file list. -# If left blank the directory from which doxygen is run is used as the -# path to strip. - -STRIP_FROM_PATH = - -# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of -# the path mentioned in the documentation of a class, which tells -# the reader which header file to include in order to use a class. -# If left blank only the name of the header file containing the class -# definition is used. Otherwise one should specify the include paths that -# are normally passed to the compiler using the -I flag. - -STRIP_FROM_INC_PATH = - -# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter -# (but less readable) file names. This can be useful is your file systems -# doesn't support long names like on DOS, Mac, or CD-ROM. - -SHORT_NAMES = NO - -# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen -# will interpret the first line (until the first dot) of a JavaDoc-style -# comment as the brief description. If set to NO, the JavaDoc -# comments will behave just like regular Qt-style comments -# (thus requiring an explicit @brief command for a brief description.) - -JAVADOC_AUTOBRIEF = NO - -# If the QT_AUTOBRIEF tag is set to YES then Doxygen will -# interpret the first line (until the first dot) of a Qt-style -# comment as the brief description. If set to NO, the comments -# will behave just like regular Qt-style comments (thus requiring -# an explicit \brief command for a brief description.) - -QT_AUTOBRIEF = NO - -# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen -# treat a multi-line C++ special comment block (i.e. a block of //! or /// -# comments) as a brief description. This used to be the default behaviour. -# The new default is to treat a multi-line C++ comment block as a detailed -# description. Set this tag to YES if you prefer the old behaviour instead. - -MULTILINE_CPP_IS_BRIEF = NO - -# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented -# member inherits the documentation from any documented member that it -# re-implements. - -INHERIT_DOCS = YES - -# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce -# a new page for each member. If set to NO, the documentation of a member will -# be part of the file/class/namespace that contains it. - -SEPARATE_MEMBER_PAGES = NO - -# The TAB_SIZE tag can be used to set the number of spaces in a tab. -# Doxygen uses this value to replace tabs by spaces in code fragments. - -TAB_SIZE = 8 - -# This tag can be used to specify a number of aliases that acts -# as commands in the documentation. An alias has the form "name=value". -# For example adding "sideeffect=\par Side Effects:\n" will allow you to -# put the command \sideeffect (or @sideeffect) in the documentation, which -# will result in a user-defined paragraph with heading "Side Effects:". -# You can put \n's in the value part of an alias to insert newlines. - -ALIASES = - -# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C -# sources only. Doxygen will then generate output that is more tailored for C. -# For instance, some of the names that are used will be different. The list -# of all members will be omitted, etc. - -OPTIMIZE_OUTPUT_FOR_C = YES - -# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java -# sources only. Doxygen will then generate output that is more tailored for -# Java. For instance, namespaces will be presented as packages, qualified -# scopes will look different, etc. - -OPTIMIZE_OUTPUT_JAVA = NO - -# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran -# sources only. Doxygen will then generate output that is more tailored for -# Fortran. - -OPTIMIZE_FOR_FORTRAN = NO - -# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL -# sources. Doxygen will then generate output that is tailored for -# VHDL. - -OPTIMIZE_OUTPUT_VHDL = NO - -# Doxygen selects the parser to use depending on the extension of the files it parses. -# With this tag you can assign which parser to use for a given extension. -# Doxygen has a built-in mapping, but you can override or extend it using this tag. -# The format is ext=language, where ext is a file extension, and language is one of -# the parsers supported by doxygen: IDL, Java, Javascript, C#, C, C++, D, PHP, -# Objective-C, Python, Fortran, VHDL, C, C++. For instance to make doxygen treat -# .inc files as Fortran files (default is PHP), and .f files as C (default is Fortran), -# use: inc=Fortran f=C. Note that for custom extensions you also need to set FILE_PATTERNS otherwise the files are not read by doxygen. - -EXTENSION_MAPPING = - -# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want -# to include (a tag file for) the STL sources as input, then you should -# set this tag to YES in order to let doxygen match functions declarations and -# definitions whose arguments contain STL classes (e.g. func(std::string); v.s. -# func(std::string) {}). This also make the inheritance and collaboration -# diagrams that involve STL classes more complete and accurate. - -BUILTIN_STL_SUPPORT = NO - -# If you use Microsoft's C++/CLI language, you should set this option to YES to -# enable parsing support. - -CPP_CLI_SUPPORT = NO - -# Set the SIP_SUPPORT tag to YES if your project consists of sip sources only. -# Doxygen will parse them like normal C++ but will assume all classes use public -# instead of private inheritance when no explicit protection keyword is present. - -SIP_SUPPORT = NO - -# For Microsoft's IDL there are propget and propput attributes to indicate getter -# and setter methods for a property. Setting this option to YES (the default) -# will make doxygen to replace the get and set methods by a property in the -# documentation. This will only work if the methods are indeed getting or -# setting a simple type. If this is not the case, or you want to show the -# methods anyway, you should set this option to NO. - -IDL_PROPERTY_SUPPORT = YES - -# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC -# tag is set to YES, then doxygen will reuse the documentation of the first -# member in the group (if any) for the other members of the group. By default -# all members of a group must be documented explicitly. - -DISTRIBUTE_GROUP_DOC = NO - -# Set the SUBGROUPING tag to YES (the default) to allow class member groups of -# the same type (for instance a group of public functions) to be put as a -# subgroup of that type (e.g. under the Public Functions section). Set it to -# NO to prevent subgrouping. Alternatively, this can be done per class using -# the \nosubgrouping command. - -SUBGROUPING = YES - -# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum -# is documented as struct, union, or enum with the name of the typedef. So -# typedef struct TypeS {} TypeT, will appear in the documentation as a struct -# with name TypeT. When disabled the typedef will appear as a member of a file, -# namespace, or class. And the struct will be named TypeS. This can typically -# be useful for C code in case the coding convention dictates that all compound -# types are typedef'ed and only the typedef is referenced, never the tag name. - -TYPEDEF_HIDES_STRUCT = NO - -# The SYMBOL_CACHE_SIZE determines the size of the internal cache use to -# determine which symbols to keep in memory and which to flush to disk. -# When the cache is full, less often used symbols will be written to disk. -# For small to medium size projects (<1000 input files) the default value is -# probably good enough. For larger projects a too small cache size can cause -# doxygen to be busy swapping symbols to and from disk most of the time -# causing a significant performance penality. -# If the system has enough physical memory increasing the cache will improve the -# performance by keeping more symbols in memory. Note that the value works on -# a logarithmic scale so increasing the size by one will roughly double the -# memory usage. The cache size is given by this formula: -# 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0, -# corresponding to a cache size of 2^16 = 65536 symbols - -SYMBOL_CACHE_SIZE = 0 - -#--------------------------------------------------------------------------- -# Build related configuration options -#--------------------------------------------------------------------------- - -# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in -# documentation are documented, even if no documentation was available. -# Private class members and static file members will be hidden unless -# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES - -EXTRACT_ALL = NO - -# If the EXTRACT_PRIVATE tag is set to YES all private members of a class -# will be included in the documentation. - -EXTRACT_PRIVATE = NO - -# If the EXTRACT_STATIC tag is set to YES all static members of a file -# will be included in the documentation. - -EXTRACT_STATIC = NO - -# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) -# defined locally in source files will be included in the documentation. -# If set to NO only classes defined in header files are included. - -EXTRACT_LOCAL_CLASSES = YES - -# This flag is only useful for Objective-C code. When set to YES local -# methods, which are defined in the implementation section but not in -# the interface are included in the documentation. -# If set to NO (the default) only methods in the interface are included. - -EXTRACT_LOCAL_METHODS = NO - -# If this flag is set to YES, the members of anonymous namespaces will be -# extracted and appear in the documentation as a namespace called -# 'anonymous_namespace{file}', where file will be replaced with the base -# name of the file that contains the anonymous namespace. By default -# anonymous namespace are hidden. - -EXTRACT_ANON_NSPACES = NO - -# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all -# undocumented members of documented classes, files or namespaces. -# If set to NO (the default) these members will be included in the -# various overviews, but no documentation section is generated. -# This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_MEMBERS = NO - -# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all -# undocumented classes that are normally visible in the class hierarchy. -# If set to NO (the default) these classes will be included in the various -# overviews. This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_CLASSES = NO - -# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all -# friend (class|struct|union) declarations. -# If set to NO (the default) these declarations will be included in the -# documentation. - -HIDE_FRIEND_COMPOUNDS = NO - -# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any -# documentation blocks found inside the body of a function. -# If set to NO (the default) these blocks will be appended to the -# function's detailed documentation block. - -HIDE_IN_BODY_DOCS = NO - -# The INTERNAL_DOCS tag determines if documentation -# that is typed after a \internal command is included. If the tag is set -# to NO (the default) then the documentation will be excluded. -# Set it to YES to include the internal documentation. - -INTERNAL_DOCS = NO - -# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate -# file names in lower-case letters. If set to YES upper-case letters are also -# allowed. This is useful if you have classes or files whose names only differ -# in case and if your file system supports case sensitive file names. Windows -# and Mac users are advised to set this option to NO. - -CASE_SENSE_NAMES = YES - -# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen -# will show members with their full class and namespace scopes in the -# documentation. If set to YES the scope will be hidden. - -HIDE_SCOPE_NAMES = NO - -# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen -# will put a list of the files that are included by a file in the documentation -# of that file. - -SHOW_INCLUDE_FILES = YES - -# If the INLINE_INFO tag is set to YES (the default) then a tag [inline] -# is inserted in the documentation for inline members. - -INLINE_INFO = YES - -# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen -# will sort the (detailed) documentation of file and class members -# alphabetically by member name. If set to NO the members will appear in -# declaration order. - -SORT_MEMBER_DOCS = YES - -# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the -# brief documentation of file, namespace and class members alphabetically -# by member name. If set to NO (the default) the members will appear in -# declaration order. - -SORT_BRIEF_DOCS = NO - -# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the (brief and detailed) documentation of class members so that constructors and destructors are listed first. If set to NO (the default) the constructors will appear in the respective orders defined by SORT_MEMBER_DOCS and SORT_BRIEF_DOCS. This tag will be ignored for brief docs if SORT_BRIEF_DOCS is set to NO and ignored for detailed docs if SORT_MEMBER_DOCS is set to NO. - -SORT_MEMBERS_CTORS_1ST = NO - -# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the -# hierarchy of group names into alphabetical order. If set to NO (the default) -# the group names will appear in their defined order. - -SORT_GROUP_NAMES = NO - -# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be -# sorted by fully-qualified names, including namespaces. If set to -# NO (the default), the class list will be sorted only by class name, -# not including the namespace part. -# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. -# Note: This option applies only to the class list, not to the -# alphabetical list. - -SORT_BY_SCOPE_NAME = NO - -# The GENERATE_TODOLIST tag can be used to enable (YES) or -# disable (NO) the todo list. This list is created by putting \todo -# commands in the documentation. - -GENERATE_TODOLIST = YES - -# The GENERATE_TESTLIST tag can be used to enable (YES) or -# disable (NO) the test list. This list is created by putting \test -# commands in the documentation. - -GENERATE_TESTLIST = YES - -# The GENERATE_BUGLIST tag can be used to enable (YES) or -# disable (NO) the bug list. This list is created by putting \bug -# commands in the documentation. - -GENERATE_BUGLIST = YES - -# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or -# disable (NO) the deprecated list. This list is created by putting -# \deprecated commands in the documentation. - -GENERATE_DEPRECATEDLIST= YES - -# The ENABLED_SECTIONS tag can be used to enable conditional -# documentation sections, marked by \if sectionname ... \endif. - -ENABLED_SECTIONS = - -# The MAX_INITIALIZER_LINES tag determines the maximum number of lines -# the initial value of a variable or define consists of for it to appear in -# the documentation. If the initializer consists of more lines than specified -# here it will be hidden. Use a value of 0 to hide initializers completely. -# The appearance of the initializer of individual variables and defines in the -# documentation can be controlled using \showinitializer or \hideinitializer -# command in the documentation regardless of this setting. - -MAX_INITIALIZER_LINES = 30 - -# Set the SHOW_USED_FILES tag to NO to disable the list of files generated -# at the bottom of the documentation of classes and structs. If set to YES the -# list will mention the files that were used to generate the documentation. - -SHOW_USED_FILES = YES - -# If the sources in your project are distributed over multiple directories -# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy -# in the documentation. The default is NO. - -SHOW_DIRECTORIES = YES - -# Set the SHOW_FILES tag to NO to disable the generation of the Files page. -# This will remove the Files entry from the Quick Index and from the -# Folder Tree View (if specified). The default is YES. - -SHOW_FILES = YES - -# Set the SHOW_NAMESPACES tag to NO to disable the generation of the -# Namespaces page. -# This will remove the Namespaces entry from the Quick Index -# and from the Folder Tree View (if specified). The default is YES. - -SHOW_NAMESPACES = YES - -# The FILE_VERSION_FILTER tag can be used to specify a program or script that -# doxygen should invoke to get the current version for each file (typically from -# the version control system). Doxygen will invoke the program by executing (via -# popen()) the command <command> <input-file>, where <command> is the value of -# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file -# provided by doxygen. Whatever the program writes to standard output -# is used as the file version. See the manual for examples. - -FILE_VERSION_FILTER = - -# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed by -# doxygen. The layout file controls the global structure of the generated output files -# in an output format independent way. The create the layout file that represents -# doxygen's defaults, run doxygen with the -l option. You can optionally specify a -# file name after the option, if omitted DoxygenLayout.xml will be used as the name -# of the layout file. - -LAYOUT_FILE = - -#--------------------------------------------------------------------------- -# configuration options related to warning and progress messages -#--------------------------------------------------------------------------- - -# The QUIET tag can be used to turn on/off the messages that are generated -# by doxygen. Possible values are YES and NO. If left blank NO is used. - -QUIET = NO - -# The WARNINGS tag can be used to turn on/off the warning messages that are -# generated by doxygen. Possible values are YES and NO. If left blank -# NO is used. - -WARNINGS = YES - -# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings -# for undocumented members. If EXTRACT_ALL is set to YES then this flag will -# automatically be disabled. - -WARN_IF_UNDOCUMENTED = YES - -# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for -# potential errors in the documentation, such as not documenting some -# parameters in a documented function, or documenting parameters that -# don't exist or using markup commands wrongly. - -WARN_IF_DOC_ERROR = YES - -# This WARN_NO_PARAMDOC option can be abled to get warnings for -# functions that are documented, but have no documentation for their parameters -# or return value. If set to NO (the default) doxygen will only warn about -# wrong or incomplete parameter documentation, but not about the absence of -# documentation. - -WARN_NO_PARAMDOC = YES - -# The WARN_FORMAT tag determines the format of the warning messages that -# doxygen can produce. The string should contain the$file, $line, and$text
-# tags, which will be replaced by the file and line number from which the
-# warning originated and the warning text. Optionally the format may contain
-# $version, which will be replaced by the version of the file (if it could -# be obtained via FILE_VERSION_FILTER) - -WARN_FORMAT = "$file:$line:$text"
-
-# The WARN_LOGFILE tag can be used to specify a file to which warning
-# and error messages should be written. If left blank the output is written
-# to stderr.
-
-WARN_LOGFILE           = doc/doxygen.warnings
-
-#---------------------------------------------------------------------------
-# configuration options related to the input files
-#---------------------------------------------------------------------------
-
-# The INPUT tag can be used to specify the files and/or directories that contain
-# documented source files. You may enter file names like "myfile.cpp" or
-# directories like "/usr/src/myproject". Separate the files or directories
-# with spaces.
-
-INPUT                  = \
-	doc \
-	hostapd \
-	wpa_supplicant \
-	src/ap \
-	src/common \
-	src/crypto \
-	src/drivers \
-	src/eap_common \
-	src/eapol_auth \
-	src/eapol_supp \
-	src/eap_peer \
-	src/eap_server \
-	src/l2_packet \
-	src/rsn_supp \
-	src/tls \
-	src/utils \
-	src/wps
-
-# This tag can be used to specify the character encoding of the source files
-# that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is
-# also the default input encoding. Doxygen uses libiconv (or the iconv built
-# into libc) for the transcoding. See http://www.gnu.org/software/libiconv for
-# the list of possible encodings.
-
-INPUT_ENCODING         = UTF-8
-
-# If the value of the INPUT tag contains directories, you can use the
-# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank the following patterns are tested:
-# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx
-# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py *.f90
-
-FILE_PATTERNS          = *.c *.h *.cpp *.m *.doxygen
-
-# The RECURSIVE tag can be used to turn specify whether or not subdirectories
-# should be searched for input files as well. Possible values are YES and NO.
-# If left blank NO is used.
-
-RECURSIVE              = NO
-
-# The EXCLUDE tag can be used to specify files and/or directories that should
-# excluded from the INPUT source files. This way you can easily exclude a
-# subdirectory from a directory tree whose root is specified with the INPUT tag.
-
-EXCLUDE                =
-
-# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
-# directories that are symbolic links (a Unix filesystem feature) are excluded
-# from the input.
-
-
-# If the value of the INPUT tag contains directories, you can use the
-# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
-# certain files from those directories. Note that the wildcards are matched
-# against the file with absolute path, so to exclude all test directories
-# for example use the pattern */test/*
-
-EXCLUDE_PATTERNS       =
-
-# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
-# (namespaces, classes, functions, etc.) that should be excluded from the
-# output. The symbol name can be a fully qualified name, a word, or if the
-# wildcard * is used, a substring. Examples: ANamespace, AClass,
-# AClass::ANamespace, ANamespace::*Test
-
-EXCLUDE_SYMBOLS        =
-
-# The EXAMPLE_PATH tag can be used to specify one or more files or
-# directories that contain example code fragments that are included (see
-# the \include command).
-
-EXAMPLE_PATH           =
-
-# If the value of the EXAMPLE_PATH tag contains directories, you can use the
-# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank all files are included.
-
-EXAMPLE_PATTERNS       =
-
-# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
-# searched for input files to be used with the \include or \dontinclude
-# commands irrespective of the value of the RECURSIVE tag.
-# Possible values are YES and NO. If left blank NO is used.
-
-EXAMPLE_RECURSIVE      = NO
-
-# The IMAGE_PATH tag can be used to specify one or more files or
-# directories that contain image that are included in the documentation (see
-# the \image command).
-
-IMAGE_PATH             = doc
-
-# The INPUT_FILTER tag can be used to specify a program that doxygen should
-# invoke to filter for each input file. Doxygen will invoke the filter program
-# by executing (via popen()) the command <filter> <input-file>, where <filter>
-# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
-# input file. Doxygen will then use the output that the filter program writes
-# to standard output.
-# If FILTER_PATTERNS is specified, this tag will be
-# ignored.
-
-# http://w1.fi/tools/kerneldoc2doxygen-hostap.pl
-INPUT_FILTER           = kerneldoc2doxygen-hostap.pl
-
-# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
-# basis.
-# Doxygen will compare the file name with each pattern and apply the
-# filter if there is a match.
-# The filters are a list of the form:
-# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
-# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
-# is applied to all files.
-
-FILTER_PATTERNS        =
-
-# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
-# INPUT_FILTER) will be used to filter the input files when producing source
-# files to browse (i.e. when SOURCE_BROWSER is set to YES).
-
-FILTER_SOURCE_FILES    = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to source browsing
-#---------------------------------------------------------------------------
-
-# If the SOURCE_BROWSER tag is set to YES then a list of source files will
-# be generated. Documented entities will be cross-referenced with these sources.
-# Note: To get rid of all source code in the generated output, make sure also
-# VERBATIM_HEADERS is set to NO.
-
-SOURCE_BROWSER         = NO
-
-# Setting the INLINE_SOURCES tag to YES will include the body
-# of functions and classes directly in the documentation.
-
-INLINE_SOURCES         = NO
-
-# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
-# doxygen to hide any special comment blocks from generated source code
-# fragments. Normal C and C++ comments will always remain visible.
-
-
-# If the REFERENCED_BY_RELATION tag is set to YES
-# then for each documented function all documented
-# functions referencing it will be listed.
-
-REFERENCED_BY_RELATION = NO
-
-# If the REFERENCES_RELATION tag is set to YES
-# then for each documented function all documented entities
-# called/used by that function will be listed.
-
-REFERENCES_RELATION    = NO
-
-# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
-# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
-# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
-# link to the source code.
-# Otherwise they will link to the documentation.
-
-
-# If the USE_HTAGS tag is set to YES then the references to source code
-# will point to the HTML generated by the htags(1) tool instead of doxygen
-# built-in source browser. The htags tool is part of GNU's global source
-# tagging system (see http://www.gnu.org/software/global/global.html). You
-# will need version 4.8.6 or higher.
-
-USE_HTAGS              = NO
-
-# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
-# will generate a verbatim copy of the header file for each class for
-# which an include is specified. Set to NO to disable this.
-
-
-#---------------------------------------------------------------------------
-# configuration options related to the alphabetical class index
-#---------------------------------------------------------------------------
-
-# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
-# of all compounds will be generated. Enable this if the project
-# contains a lot of classes, structs, unions or interfaces.
-
-ALPHABETICAL_INDEX     = YES
-
-# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
-# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
-# in which this list will be split (can be a number in the range [1..20])
-
-COLS_IN_ALPHA_INDEX    = 3
-
-# In case all classes in a project start with a common prefix, all
-# classes will be put under the same header in the alphabetical index.
-# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
-# should be ignored while generating the index headers.
-
-IGNORE_PREFIX          =
-
-#---------------------------------------------------------------------------
-# configuration options related to the HTML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
-# generate HTML output.
-
-GENERATE_HTML          = YES
-
-# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank html' will be used as the default path.
-
-HTML_OUTPUT            = html
-
-# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
-# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
-# doxygen will generate files with .html extension.
-
-HTML_FILE_EXTENSION    = .html
-
-# The HTML_HEADER tag can be used to specify a personal HTML header for
-# each generated HTML page. If it is left blank doxygen will generate a
-
-
-# The HTML_FOOTER tag can be used to specify a personal HTML footer for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard footer.
-
-HTML_FOOTER            =
-
-# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
-# style sheet that is used by each HTML page. It can be used to
-# fine-tune the look of the HTML output. If the tag is left blank doxygen
-# will generate a default style sheet. Note that doxygen will try to copy
-# the style sheet file to the HTML output directory, so don't put your own
-# stylesheet in the HTML output directory as well, or it will be erased!
-
-HTML_STYLESHEET        =
-
-# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
-# files or namespaces will be aligned in HTML using tables. If set to
-# NO a bullet list will be used.
-
-HTML_ALIGN_MEMBERS     = YES
-
-# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
-# documentation will contain sections that can be hidden and shown after the
-# page has loaded. For this to work a browser that supports
-# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox
-# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
-
-HTML_DYNAMIC_SECTIONS  = NO
-
-# If the GENERATE_DOCSET tag is set to YES, additional index files
-# will be generated that can be used as input for Apple's Xcode 3
-# integrated development environment, introduced with OSX 10.5 (Leopard).
-# To create a documentation set, doxygen will generate a Makefile in the
-# HTML output directory. Running make will produce the docset in that
-# directory and running "make install" will install the docset in
-# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find
-# it at startup.
-
-GENERATE_DOCSET        = NO
-
-# When GENERATE_DOCSET tag is set to YES, this tag determines the name of the
-# feed. A documentation feed provides an umbrella under which multiple
-# documentation sets from a single provider (such as a company or product suite)
-# can be grouped.
-
-DOCSET_FEEDNAME        = "Doxygen generated docs"
-
-# When GENERATE_DOCSET tag is set to YES, this tag specifies a string that
-# should uniquely identify the documentation set bundle. This should be a
-# reverse domain-name style string, e.g. com.mycompany.MyDocSet. Doxygen
-# will append .docset to the name.
-
-DOCSET_BUNDLE_ID       = org.doxygen.Project
-
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files
-# will be generated that can be used as input for tools like the
-# Microsoft HTML help workshop to generate a compiled HTML help file (.chm)
-# of the generated HTML documentation.
-
-GENERATE_HTMLHELP      = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
-# be used to specify the file name of the resulting .chm file. You
-# can add a path in front of the file if the result should not be
-# written to the html output directory.
-
-CHM_FILE               =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
-# be used to specify the location (absolute path including file name) of
-# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
-# the HTML help compiler on the generated index.hhp.
-
-HHC_LOCATION           =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
-# controls if a separate .chi index file is generated (YES) or that
-# it should be included in the master .chm file (NO).
-
-GENERATE_CHI           = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_INDEX_ENCODING
-# is used to encode HtmlHelp index (hhk), content (hhc) and project file
-# content.
-
-CHM_INDEX_ENCODING     =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
-
-BINARY_TOC             = NO
-
-# The TOC_EXPAND flag can be set to YES to add extra items for group members
-# to the contents of the HTML help documentation and to the tree view.
-
-TOC_EXPAND             = NO
-
-# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and QHP_VIRTUAL_FOLDER
-# are set, an additional index file will be generated that can be used as input for
-# Qt's qhelpgenerator to generate a Qt Compressed Help (.qch) of the generated
-# HTML documentation.
-
-GENERATE_QHP           = NO
-
-# If the QHG_LOCATION tag is specified, the QCH_FILE tag can
-# be used to specify the file name of the resulting .qch file.
-# The path specified is relative to the HTML output folder.
-
-QCH_FILE               =
-
-# The QHP_NAMESPACE tag specifies the namespace to use when generating
-# http://doc.trolltech.com/qthelpproject.html#namespace
-
-QHP_NAMESPACE          =
-
-# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating
-# http://doc.trolltech.com/qthelpproject.html#virtual-folders
-
-QHP_VIRTUAL_FOLDER     = doc
-
-# If QHP_CUST_FILTER_NAME is set, it specifies the name of a custom filter to add.
-# http://doc.trolltech.com/qthelpproject.html#custom-filters
-
-QHP_CUST_FILTER_NAME   =
-
-# <a href="http://doc.trolltech.com/qthelpproject.html#custom-filters">Qt Help Project / Custom Filters</a>.
-
-QHP_CUST_FILTER_ATTRS  =
-
-# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this project's
-# filter section matches.
-# <a href="http://doc.trolltech.com/qthelpproject.html#filter-attributes">Qt Help Project / Filter Attributes</a>.
-
-QHP_SECT_FILTER_ATTRS  =
-
-# If the GENERATE_QHP tag is set to YES, the QHG_LOCATION tag can
-# be used to specify the location of Qt's qhelpgenerator.
-# If non-empty doxygen will try to run qhelpgenerator on the generated
-# .qhp file.
-
-QHG_LOCATION           =
-
-# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
-# top of each HTML page. The value NO (the default) enables the index and
-# the value YES disables it.
-
-DISABLE_INDEX          = NO
-
-# This tag can be used to set the number of enum values (range [1..20])
-# that doxygen will group on one line in the generated HTML documentation.
-
-ENUM_VALUES_PER_LINE   = 4
-
-# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
-# structure should be generated to display hierarchical information.
-# If the tag value is set to YES, a side panel will be generated
-# containing a tree-like index structure (just like the one that
-# is generated for HTML Help). For this to work a browser that supports
-# JavaScript, DHTML, CSS and frames is required (i.e. any modern browser).
-# Windows users are probably better off using the HTML help feature.
-
-GENERATE_TREEVIEW      = NO
-
-# By enabling USE_INLINE_TREES, doxygen will generate the Groups, Directories,
-# and Class Hierarchy pages using a tree view instead of an ordered list.
-
-USE_INLINE_TREES       = NO
-
-# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
-# used to set the initial width (in pixels) of the frame in which the tree
-# is shown.
-
-TREEVIEW_WIDTH         = 250
-
-# Use this tag to change the font size of Latex formulas included
-# as images in the HTML documentation. The default is 10. Note that
-# when you change the font size after a successful doxygen run you need
-# to manually remove any form_*.png images from the HTML output directory
-# to force them to be regenerated.
-
-FORMULA_FONTSIZE       = 10
-
-# When the SEARCHENGINE tag is enable doxygen will generate a search box for the HTML output. The underlying search engine uses javascript
-# and DHTML and should work on any modern browser. Note that when using HTML help (GENERATE_HTMLHELP) or Qt help (GENERATE_QHP)
-# there is already a search function so this one should typically
-# be disabled.
-
-SEARCHENGINE           = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to the LaTeX output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
-# generate Latex output.
-
-GENERATE_LATEX         = YES
-
-# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank latex' will be used as the default path.
-
-LATEX_OUTPUT           = latex
-
-# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
-# invoked. If left blank latex' will be used as the default command name.
-
-LATEX_CMD_NAME         = latex
-
-# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
-# generate index for LaTeX. If left blank makeindex' will be used as the
-# default command name.
-
-MAKEINDEX_CMD_NAME     = makeindex
-
-# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
-# LaTeX documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_LATEX          = NO
-
-# The PAPER_TYPE tag can be used to set the paper type that is used
-# by the printer. Possible values are: a4, a4wide, letter, legal and
-# executive. If left blank a4wide will be used.
-
-PAPER_TYPE             = a4wide
-
-# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
-# packages that should be included in the LaTeX output.
-
-EXTRA_PACKAGES         =
-
-# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
-# the generated latex document. The header should contain everything until
-# the first chapter. If it is left blank doxygen will generate a
-# standard header. Notice: only use this tag if you know what you are doing!
-
-
-# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
-# is prepared for conversion to pdf (using ps2pdf). The pdf file will
-# contain links (just like the HTML output) instead of page references
-# This makes the output suitable for online browsing using a pdf viewer.
-
-
-# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
-# plain latex in the generated Makefile. Set this option to YES to get a
-# higher quality PDF documentation.
-
-USE_PDFLATEX           = YES
-
-# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
-# command to the generated LaTeX files. This will instruct LaTeX to keep
-# running if errors occur, instead of asking the user for help.
-# This option is also used when generating formulas in HTML.
-
-LATEX_BATCHMODE        = NO
-
-# If LATEX_HIDE_INDICES is set to YES then doxygen will not
-# include the index chapters (such as File Index, Compound Index, etc.)
-# in the output.
-
-LATEX_HIDE_INDICES     = NO
-
-# If LATEX_SOURCE_CODE is set to YES then doxygen will include source code with syntax highlighting in the LaTeX output. Note that which sources are shown also depends on other settings such as SOURCE_BROWSER.
-
-LATEX_SOURCE_CODE      = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the RTF output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
-# The RTF output is optimized for Word 97 and may not look very pretty with
-# other RTF readers or editors.
-
-GENERATE_RTF           = NO
-
-# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank rtf' will be used as the default path.
-
-RTF_OUTPUT             = rtf
-
-# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
-# RTF documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_RTF            = NO
-
-# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
-# will contain hyperlink fields. The RTF file will
-# contain links (just like the HTML output) instead of page references.
-# This makes the output suitable for online browsing using WORD or other
-# programs which support those fields.
-
-
-# Load stylesheet definitions from file. Syntax is similar to doxygen's
-# config file, i.e. a series of assignments. You only have to provide
-# replacements, missing definitions are set to their default value.
-
-RTF_STYLESHEET_FILE    =
-
-# Set optional variables used in the generation of an rtf document.
-# Syntax is similar to doxygen's config file.
-
-RTF_EXTENSIONS_FILE    =
-
-#---------------------------------------------------------------------------
-# configuration options related to the man page output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
-# generate man pages
-
-GENERATE_MAN           = NO
-
-# The MAN_OUTPUT tag is used to specify where the man pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank man' will be used as the default path.
-
-MAN_OUTPUT             = man
-
-# The MAN_EXTENSION tag determines the extension that is added to
-# the generated man pages (default is the subroutine's section .3)
-
-MAN_EXTENSION          = .3
-
-# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
-# then it will generate one additional man file for each entity
-# documented in the real man page(s). These additional files
-# only source the real man page, but without them the man command
-# would be unable to find the correct page. The default is NO.
-
-
-#---------------------------------------------------------------------------
-# configuration options related to the XML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_XML tag is set to YES Doxygen will
-# generate an XML file that captures the structure of
-# the code including all documentation.
-
-GENERATE_XML           = NO
-
-# The XML_OUTPUT tag is used to specify where the XML pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank xml' will be used as the default path.
-
-XML_OUTPUT             = xml
-
-# The XML_SCHEMA tag can be used to specify an XML schema,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_SCHEMA             =
-
-# The XML_DTD tag can be used to specify an XML DTD,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_DTD                =
-
-# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
-# dump the program listings (including syntax highlighting
-# and cross-referencing information) to the XML output. Note that
-# enabling this will significantly increase the size of the XML output.
-
-XML_PROGRAMLISTING     = YES
-
-#---------------------------------------------------------------------------
-# configuration options for the AutoGen Definitions output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
-# generate an AutoGen Definitions (see autogen.sf.net) file
-# that captures the structure of the code including all
-# documentation. Note that this feature is still experimental
-# and incomplete at the moment.
-
-GENERATE_AUTOGEN_DEF   = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the Perl module output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_PERLMOD tag is set to YES Doxygen will
-# generate a Perl module file that captures the structure of
-# the code including all documentation. Note that this
-# feature is still experimental and incomplete at the
-# moment.
-
-GENERATE_PERLMOD       = NO
-
-# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
-# the necessary Makefile rules, Perl scripts and LaTeX code to be able
-# to generate PDF and DVI output from the Perl module output.
-
-PERLMOD_LATEX          = NO
-
-# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
-# nicely formatted so it can be parsed by a human reader.
-# This is useful
-# if you want to understand what is going on.
-# On the other hand, if this
-# tag is set to NO the size of the Perl module output will be much smaller
-# and Perl will parse it just the same.
-
-PERLMOD_PRETTY         = YES
-
-# The names of the make variables in the generated doxyrules.make file
-# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
-# This is useful so different doxyrules.make files included by the same
-# Makefile don't overwrite each other's variables.
-
-PERLMOD_MAKEVAR_PREFIX =
-
-#---------------------------------------------------------------------------
-# Configuration options related to the preprocessor
-#---------------------------------------------------------------------------
-
-# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
-# evaluate all C-preprocessor directives found in the sources and include
-# files.
-
-ENABLE_PREPROCESSING   = YES
-
-# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
-# names in the source code. If set to NO (the default) only conditional
-# compilation will be performed. Macro expansion can be done in a controlled
-# way by setting EXPAND_ONLY_PREDEF to YES.
-
-MACRO_EXPANSION        = NO
-
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
-# then the macro expansion is limited to the macros specified with the
-# PREDEFINED and EXPAND_AS_DEFINED tags.
-
-EXPAND_ONLY_PREDEF     = NO
-
-# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
-# in the INCLUDE_PATH (see below) will be search if a #include is found.
-
-SEARCH_INCLUDES        = YES
-
-# The INCLUDE_PATH tag can be used to specify one or more directories that
-# contain include files that are not input files but should be processed by
-# the preprocessor.
-
-INCLUDE_PATH           =
-
-# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
-# patterns (like *.h and *.hpp) to filter out the header-files in the
-# directories. If left blank, the patterns specified with FILE_PATTERNS will
-# be used.
-
-INCLUDE_FILE_PATTERNS  =
-
-# The PREDEFINED tag can be used to specify one or more macro names that
-# are defined before the preprocessor is started (similar to the -D option of
-# gcc). The argument of the tag is a list of macros of the form: name
-# or name=definition (no spaces). If the definition and the = are
-# omitted =1 is assumed. To prevent a macro definition from being
-# undefined via #undef or recursively expanded use the := operator
-# instead of the = operator.
-
-PREDEFINED             = IEEE8021X_EAPOL CONFIG_CTRL_IFACE
-
-# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
-# this tag can be used to specify a list of macro names that should be expanded.
-# The macro definition that is found in the sources will be used.
-# Use the PREDEFINED tag if you want to use a different macro definition.
-
-EXPAND_AS_DEFINED      =
-
-# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
-# doxygen's preprocessor will remove all function-like macros that are alone
-# on a line, have an all uppercase name, and do not end with a semicolon. Such
-# function macros are typically used for boiler-plate code, and will confuse
-# the parser if not removed.
-
-SKIP_FUNCTION_MACROS   = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to external references
-#---------------------------------------------------------------------------
-
-# The TAGFILES option can be used to specify one or more tagfiles.
-# Optionally an initial location of the external documentation
-# can be added for each tagfile. The format of a tag file without
-# this location is as follows:
-#
-# TAGFILES = file1 file2 ...
-# Adding location for the tag files is done as follows:
-#
-# TAGFILES = file1=loc1 "file2 = loc2" ...
-# where "loc1" and "loc2" can be relative or absolute paths or
-# URLs. If a location is present for each tag, the installdox tool
-# does not have to be run to correct the links.
-# Note that each tag file must have a unique name
-# (where the name does NOT include the path)
-# If a tag file is not located in the directory in which doxygen
-# is run, you must also specify the path to the tagfile here.
-
-TAGFILES               =
-
-# When a file name is specified after GENERATE_TAGFILE, doxygen will create
-# a tag file that is based on the input files it reads.
-
-GENERATE_TAGFILE       =
-
-# If the ALLEXTERNALS tag is set to YES all external classes will be listed
-# in the class index. If set to NO only the inherited external classes
-# will be listed.
-
-ALLEXTERNALS           = NO
-
-# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
-# in the modules index. If set to NO, only the current project's groups will
-# be listed.
-
-EXTERNAL_GROUPS        = YES
-
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of which perl').
-
-PERL_PATH              = /usr/bin/perl
-
-#---------------------------------------------------------------------------
-# Configuration options related to the dot tool
-#---------------------------------------------------------------------------
-
-# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
-# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
-# or super classes. Setting the tag to NO turns the diagrams off. Note that
-# this option is superseded by the HAVE_DOT option below. This is only a
-# fallback. It is recommended to install and use dot, since it yields more
-# powerful graphs.
-
-CLASS_DIAGRAMS         = NO
-
-# You can define message sequence charts within doxygen comments using the \msc
-# command. Doxygen will then run the mscgen tool (see
-# http://www.mcternan.me.uk/mscgen/) to produce the chart and insert it in the
-# documentation. The MSCGEN_PATH tag allows you to specify the directory where
-# the mscgen tool resides. If left empty the tool is assumed to be found in the
-# default search path.
-
-MSCGEN_PATH            =
-
-# If set to YES, the inheritance and collaboration graphs will hide
-# inheritance and usage relations if the target is undocumented
-# or is not a class.
-
-HIDE_UNDOC_RELATIONS   = YES
-
-# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
-# available from the path. This tool is part of Graphviz, a graph visualization
-# toolkit from AT&T and Lucent Bell Labs. The other options in this section
-# have no effect if this option is set to NO (the default)
-
-HAVE_DOT               = YES
-
-# By default doxygen will write a font called FreeSans.ttf to the output
-# directory and reference it in all dot files that doxygen generates. This
-# font does not include all possible unicode characters however, so when you need
-# these (or just want a differently looking font) you can specify the font name
-# using DOT_FONTNAME. You need need to make sure dot is able to find the font,
-# which can be done by putting it in a standard location or by setting the
-# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory
-# containing the font.
-
-DOT_FONTNAME           = FreeSans
-
-# The DOT_FONTSIZE tag can be used to set the size of the font of dot graphs.
-# The default size is 10pt.
-
-DOT_FONTSIZE           = 10
-
-# By default doxygen will tell dot to use the output directory to look for the
-# FreeSans.ttf font (which doxygen will put there itself). If you specify a
-# different font using DOT_FONTNAME you can set the path where dot
-# can find it using this tag.
-
-DOT_FONTPATH           =
-
-# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect inheritance relations. Setting this tag to YES will force the
-# the CLASS_DIAGRAMS tag to NO.
-
-CLASS_GRAPH            = NO
-
-# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect implementation dependencies (inheritance, containment, and
-# class references variables) of the class with other documented classes.
-
-COLLABORATION_GRAPH    = NO
-
-# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for groups, showing the direct groups dependencies
-
-GROUP_GRAPHS           = NO
-
-# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
-# collaboration diagrams in a style similar to the OMG's Unified Modeling
-# Language.
-
-UML_LOOK               = NO
-
-# If set to YES, the inheritance and collaboration graphs will show the
-# relations between templates and their instances.
-
-TEMPLATE_RELATIONS     = NO
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
-# tags are set to YES then doxygen will generate a graph for each documented
-# file showing the direct and indirect include dependencies of the file with
-# other documented files.
-
-INCLUDE_GRAPH          = NO
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
-# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
-# documented header file showing the documented files that directly or
-# indirectly include this file.
-
-INCLUDED_BY_GRAPH      = NO
-
-# If the CALL_GRAPH and HAVE_DOT options are set to YES then
-# doxygen will generate a call dependency graph for every global function
-# or class method. Note that enabling this option will significantly increase
-# the time of a run. So in most cases it will be better to enable call graphs
-# for selected functions only using the \callgraph command.
-
-CALL_GRAPH             = NO
-
-# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then
-# doxygen will generate a caller dependency graph for every global function
-# or class method. Note that enabling this option will significantly increase
-# the time of a run. So in most cases it will be better to enable caller
-# graphs for selected functions only using the \callergraph command.
-
-CALLER_GRAPH           = NO
-
-# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
-# will graphical hierarchy of all classes instead of a textual one.
-
-GRAPHICAL_HIERARCHY    = NO
-
-# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES
-# then doxygen will show the dependencies a directory has on other directories
-# in a graphical way. The dependency relations are determined by the #include
-# relations between the files in the directories.
-
-DIRECTORY_GRAPH        = YES
-
-# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
-# generated by dot. Possible values are png, jpg, or gif
-# If left blank png will be used.
-
-DOT_IMAGE_FORMAT       = png
-
-# The tag DOT_PATH can be used to specify the path where the dot tool can be
-# found. If left blank, it is assumed the dot tool can be found in the path.
-
-DOT_PATH               =
-
-# The DOTFILE_DIRS tag can be used to specify one or more directories that
-# contain dot files that are included in the documentation (see the
-# \dotfile command).
-
-DOTFILE_DIRS           =
-
-# The DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
-# nodes that will be shown in the graph. If the number of nodes in a graph
-# becomes larger than this value, doxygen will truncate the graph, which is
-# visualized by representing a node as a red box. Note that doxygen if the
-# number of direct children of the root node in a graph is already larger than
-# DOT_GRAPH_MAX_NODES then the graph will not be shown at all. Also note
-# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
-
-DOT_GRAPH_MAX_NODES    = 50
-
-# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the
-# graphs generated by dot. A depth value of 3 means that only nodes reachable
-# from the root by following a path via at most 3 edges will be shown. Nodes
-# that lay further from the root node will be omitted. Note that setting this
-# option to 1 or 2 may greatly reduce the computation time needed for large
-# code bases. Also note that the size of a graph can be further restricted by
-# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
-
-MAX_DOT_GRAPH_DEPTH    = 0
-
-# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
-# background. This is disabled by default, because dot on Windows does not
-# seem to support this out of the box. Warning: Depending on the platform used,
-# enabling this option may lead to badly anti-aliased labels on the edges of
-# a graph (i.e. they become hard to read).
-
-DOT_TRANSPARENT        = NO
-
-# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output
-# files in one run (i.e. multiple -o and -T options on the command line). This
-# makes dot run faster, but since only newer versions of dot (>1.8.10)
-# support this, this feature is disabled by default.
-
-DOT_MULTI_TARGETS      = YES
-
-# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
-# generate a legend page explaining the meaning of the various boxes and
-# arrows in the dot generated graphs.
-
-GENERATE_LEGEND        = YES
-
-# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
-# remove the intermediate dot files that are used to generate
-# the various graphs.
-
-DOT_CLEANUP            = YES

diff --git a/doc/driver_wrapper.doxygen b/doc/driver_wrapper.doxygen
deleted file mode 100644
index 28aea50..0000000
--- a/doc/driver_wrapper.doxygen
+++ /dev/null

@@ -1,180 +0,0 @@
-/**
-\page driver_wrapper Driver wrapper implementation (driver.h, drivers.c)
-
-All hardware and driver dependent functionality is in separate C files
-that implement defined wrapper functions. Other parts
-of the %wpa_supplicant are designed to be hardware, driver, and operating
-system independent.
-
-Driver wrappers need to implement whatever calls are used in the
-target operating system/driver for controlling wireless LAN
-devices. As an example, in case of Linux, these are mostly some glue
-code and ioctl() calls and netlink message parsing for Linux Wireless
-Extensions (WE). Since features required for WPA were added only recently to
-Linux Wireless Extensions (in version 18), some driver specific code is used
-in number of driver interface implementations. These driver dependent parts
-can be replaced with generic code in driver_wext.c once the target driver
-includes full support for WE-18. After that, all Linux drivers, at
-least in theory, could use the same driver wrapper code.
-
-A driver wrapper needs to implement some or all of the functions
-defined in driver.h. These functions are registered by filling struct
-wpa_driver_ops with function pointers. Hardware independent parts of
-%wpa_supplicant will call these functions to control the driver/wlan
-card. In addition, support for driver events is required. The event
-callback function, wpa_supplicant_event(), and its parameters are
-documented in driver.h. In addition, a pointer to the 'struct
-wpa_driver_ops' needs to be registered in drivers.c file.
-
-When porting to other operating systems, the driver wrapper should be
-modified to use the native interface of the target OS. It is possible
-that some extra requirements for the interface between the driver
-wrapper and generic %wpa_supplicant code are discovered during porting
-to a new operating system. These will be addressed on case by case
-basis by modifying the interface and updating the other driver
-wrappers for this. The goal is to avoid changing this interface
-without very good reasons in order to limit the number of changes
-needed to other wrappers and hardware independent parts of
-%wpa_supplicant. When changes are required, recommended way is to
-make them in backwards compatible way that allows existing driver
-interface implementations to be compiled without any modification.
-
-Generic Linux Wireless Extensions functions are implemented in
-driver_wext.c. All Linux driver wrappers can use these when the kernel
-driver supports the generic ioctl()s and wireless events. Driver
-specific functions are implemented in separate C files, e.g.,
-driver_hostap.c. These files need to define struct wpa_driver_ops
-entry that will be used in wpa_supplicant.c when calling driver
-functions. struct wpa_driver_ops entries are registered in drivers.c.
-
-In general, it is likely to be useful to first take a look at couple
-of driver interface examples before starting on implementing a new
-one. driver_hostap.c and driver_wext.c include a complete
-implementation for Linux drivers that use %wpa_supplicant-based control
-of WPA IE and roaming. driver_ndis.c (with help from driver_ndis_.c)
-is an example of a complete interface for Windows NDIS interface for
-drivers that generate WPA IE themselves and decide when to roam. These
-example implementations include full support for all security modes.
-
-
-\section driver_req Driver requirements for WPA
-
-WPA introduces new requirements for the device driver. At least some
-of these need to be implemented in order to provide enough support for
-%wpa_supplicant.
-
-\subsection driver_tkip_ccmp TKIP/CCMP
-
-WPA requires that the pairwise cipher suite (encryption algorithm for
-unicast data packets) is TKIP or CCMP. These are new encryption
-protocols and thus, the driver will need to be modified to support
-them. Depending on the used wlan hardware, some parts of these may be
-implemented by the hardware/firmware.
-
-Specification for both TKIP and CCMP is available from IEEE (IEEE
-802.11i amendment). Fully functional, hardware independent
-implementation of both encryption protocols is also available in Host
-AP driver (driver/modules/hostap_{tkip,ccmp}.c). In addition, Linux 2.6
-kernel tree has generic implementations for WEP, TKIP, and CCMP that can
-be used in Linux drivers.
-
-The driver will also need to provide configuration mechanism to allow
-user space programs to configure TKIP and CCMP. Linux Wireless Extensions
-v18 added support for configuring these algorithms and
-individual/non-default keys. If the target kernel does not include WE-18,
-private ioctls can be used to provide similar functionality.
-
-\subsection driver_roaming Roaming control and scanning support
-
-%wpa_supplicant can optionally control AP selection based on the
-information received from Beacon and/or Probe Response frames
-(ap_scan=1 mode in configuration). This means that the driver should
-support external control for scan process. In case of Linux, use of
-new Wireless Extensions scan support (i.e., 'iwlist wlan0 scan') is
-recommended. The current driver wrapper (driver_wext.c) uses this for
-scan results.
-
-Scan results must also include the WPA information element. Support for
-this was added in WE-18. With older versions, a custom event can be used
-to provide the full WPA IE (including element id and length) as a hex
-string that is included in the scan results.
-
-%wpa_supplicant needs to also be able to request the driver to
-associate with a specific BSS. Current Host AP driver and matching
-driver_hostap.c wrapper uses following sequence for this
-request. Similar/identical mechanism should be usable also with other
-drivers.
-
-- set WPA IE for AssocReq with private ioctl
-- set SSID with SIOCSIWESSID
-- set channel/frequency with SIOCSIWFREQ
-- set BSSID with SIOCSIWAP
-  (this last ioctl will trigger the driver to request association)
-
-\subsection driver_wpa_ie WPA IE generation
-
-%wpa_supplicant selects which cipher suites and key management suites
-are used. Based on this information, it generates a WPA IE. This is
-provided to the driver interface in the associate call. This does not
-match with Windows NDIS drivers which generate the WPA IE
-themselves.
-
-%wpa_supplicant allows Windows NDIS-like behavior by providing the
-selected cipher and key management suites in the associate call. If
-the driver generates its own WPA IE and that differs from the one
-generated by %wpa_supplicant, the driver has to inform %wpa_supplicant
-about the used WPA IE (i.e., the one it used in (Re)Associate
-Request). This notification is done using EVENT_ASSOCINFO event (see
-driver.h). %wpa_supplicant is normally configured to use
-ap_scan=2 mode with drivers that control WPA IE generation and roaming.
-
-\subsection driver_events Driver events
-
-%wpa_supplicant needs to receive event callbacks when certain events
-occur (association, disassociation, Michael MIC failure, scan results
-available, PMKSA caching candidate). These events and the callback
-details are defined in driver.h (wpa_supplicant_event() function
-and enum wpa_event_type).
-
-On Linux, association and disassociation can use existing Wireless
-Extensions event that is reporting new AP with SIOCGIWAP
-event. Similarly, completion of a scan can be reported with SIOCGIWSCAN
-event.
-
-Michael MIC failure event was added in WE-18. Older versions of Wireless
-Extensions will need to use a custom event. Host AP driver used a custom
-event with following contents: MLME-MICHAELMICFAILURE.indication(keyid=#
-the driver can be moved to use WE-18 mechanism.
-
-\subsection driver_wext_summary Summary of Linux Wireless Extensions use
-
-AP selection depends on ap_scan configuration:
-
-ap_scan=1:
-
-- %wpa_supplicant requests scan with SIOCSIWSCAN
-- driver reports scan complete with wireless event SIOCGIWSCAN
-- %wpa_supplicant reads scan results with SIOCGIWSCAN (multiple call if
-  a larget buffer is needed)
-- %wpa_supplicant decides which AP to use based on scan results
-- %wpa_supplicant configures driver to associate with the selected BSS
-  (SIOCSIWMODE, SIOCSIWGENIE, SIOCSIWAUTH, SIOCSIWFREQ,
-   SIOCSIWESSID, SIOCSIWAP)
-
-ap_scan=2:
-
-- %wpa_supplicant configures driver to associate with an SSID
-  (SIOCSIWMODE, SIOCSIWGENIE, SIOCSIWAUTH, SIOCSIWESSID)
-
-
-After this, both modes use similar steps:
-
-- optionally (or required for drivers that generate WPA/RSN IE for
-  (Re)AssocReq), driver reports association parameters (AssocReq IEs)
-  with wireless event IWEVASSOCREQIE (and optionally IWEVASSOCRESPIE)
-- driver reports association with wireless event SIOCGIWAP
-- %wpa_supplicant takes care of EAPOL frame handling (validating
-  information from associnfo and if needed, from scan results if WPA/RSN
-  IE from the Beacon frame is not reported through associnfo)
-*/

diff --git a/doc/eap.doxygen b/doc/eap.doxygen
deleted file mode 100644
index 6a24829..0000000
--- a/doc/eap.doxygen
+++ /dev/null

@@ -1,87 +0,0 @@
-/**
-\page eap_peer_module EAP peer implementation
-
-Extensible Authentication Protocol (EAP) is an authentication framework
-defined in RFC 3748. %wpa_supplicant uses a separate code module for EAP
-peer implementation. This module was designed to use only a minimal set
-of direct function calls (mainly, to debug/event functions) in order for
-it to be usable in other programs. The design of the EAP
-implementation is based loosely on RFC 4137. The state machine is
-defined in this RFC and so is the interface between the peer state
-machine and methods. As such, this RFC provides useful information for
-understanding the EAP peer implementation in %wpa_supplicant.
-
-Some of the terminology used in EAP state machine is referring to
-EAPOL (IEEE 802.1X), but there is no strict requirement on the lower
-layer being IEEE 802.1X if EAP module is built for other programs than
-%wpa_supplicant. These terms should be understood to refer to the
-lower layer as defined in RFC 4137.
-
-
-
-Each EAP method is implemented as a separate module, usually as one C
-file named eap_<name of the method>.c, e.g., eap_md5.c. All EAP
-methods use the same interface between the peer state machine and
-method specific functions. This allows new EAP methods to be added
-without modifying the core EAP state machine implementation.
-
-New EAP methods need to be registered by adding them into the build
-(Makefile) and the EAP method registration list in the
-eap_peer_register_methods() function of eap_methods.c. Each EAP
-method should use a build-time configuration option, e.g., EAP_TLS, in
-order to make it possible to select which of the methods are included
-in the build.
-
-EAP methods must implement the interface defined in eap_i.h. struct
-eap_method defines the needed function pointers that each EAP method
-must provide. In addition, the EAP type and name are registered using
-this structure. This interface is based on section 4.4 of RFC 4137.
-
-It is recommended that the EAP methods would use generic helper
-functions, eap_msg_alloc() and eap_hdr_validate() when processing
-messages. This allows code sharing and can avoid missing some of the
-functions make it easier to change between expanded and legacy EAP
-
-When adding an EAP method that uses a vendor specific EAP type
-(Expanded Type as defined in RFC 3748, Chapter 5.7), the new method
-must be registered by passing vendor id instead of EAP_VENDOR_IETF to
-eap_peer_method_alloc(). These methods must not try to emulate
-expanded types by registering a legacy EAP method for type 254. See
-eap_vendor_test.c for an example of an EAP method implementation that
-is implemented as an expanded type.
-
-
-\section used_eap_library Using EAP implementation as a library
-
-The Git repository has an eap_example directory that contains an
-example showing how EAP peer and server code from %wpa_supplicant and
-hostapd can be used as a library. The example program initializes both
-an EAP server and an EAP peer entities and then runs through an
-EAP-PEAP/MSCHAPv2 authentication.
-
-eap_example_peer.c shows the initialization and glue code needed to
-control the EAP peer implementation. eap_example_server.c does the
-same for EAP server. eap_example.c is an example that ties in both the
-EAP server and client parts to allow an EAP authentication to be
-shown.
-
-In this example, the EAP messages are passed between the server and
-the peer are passed by direct function calls within the same process.
-In practice, server and peer functionalities would likely reside in
-separate devices and the EAP messages would be transmitted between the
-devices based on an external protocol. For example, in IEEE 802.11
-uses IEEE 802.1X EAPOL state machines to control the transmission of
-EAP messages and WiMax supports optional PMK EAP authentication
-mechanism that transmits EAP messages as defined in IEEE 802.16e.
-
-The EAP library links in number of helper functions from src/utils and
-src/crypto directories. Most of these are suitable as-is, but it may
-be desirable to replace the debug output code in src/utils/wpa_debug.c
-by dropping this file from the library and re-implementing the
-functions there in a way that better fits in with the main
-application.
-
-*/

diff --git a/doc/eap_server.doxygen b/doc/eap_server.doxygen
deleted file mode 100644
index 4aca53d..0000000
--- a/doc/eap_server.doxygen
+++ /dev/null

@@ -1,56 +0,0 @@
-/**
-\page eap_server_module EAP server implementation
-
-Extensible Authentication Protocol (EAP) is an authentication framework
-defined in RFC 3748. hostapd uses a separate code module for EAP server
-implementation. This module was designed to use only a minimal set of
-direct function calls (mainly, to debug/event functions) in order for
-it to be usable in other programs. The design of the EAP
-implementation is based loosely on RFC 4137. The state machine is
-defined in this RFC and so is the interface between the server state
-machine and methods. As such, this RFC provides useful information for
-understanding the EAP server implementation in hostapd.
-
-Some of the terminology used in EAP state machine is referring to
-EAPOL (IEEE 802.1X), but there is no strict requirement on the lower
-layer being IEEE 802.1X if EAP module is built for other programs than
-%wpa_supplicant. These terms should be understood to refer to the
-lower layer as defined in RFC 4137.
-
-
-
-Each EAP method is implemented as a separate module, usually as one C
-file named eap_<name of the method>.c, e.g., eap_md5.c. All EAP
-methods use the same interface between the server state machine and
-method specific functions. This allows new EAP methods to be added
-without modifying the core EAP state machine implementation.
-
-New EAP methods need to be registered by adding them into the build
-(Makefile) and the EAP method registration list in the
-eap_server_register_methods() function of eap_methods.c. Each EAP
-method should use a build-time configuration option, e.g., EAP_TLS, in
-order to make it possible to select which of the methods are included
-in the build.
-
-EAP methods must implement the interface defined in eap_i.h. struct
-eap_method defines the needed function pointers that each EAP method
-must provide. In addition, the EAP type and name are registered using
-this structure. This interface is based on section 4.4 of RFC 4137.
-
-It is recommended that the EAP methods would use generic helper
-functions, eap_msg_alloc() and eap_hdr_validate() when processing
-messages. This allows code sharing and can avoid missing some of the
-functions make it easier to change between expanded and legacy EAP
-
-When adding an EAP method that uses a vendor specific EAP type
-(Expanded Type as defined in RFC 3748, Chapter 5.7), the new method
-must be registered by passing vendor id instead of EAP_VENDOR_IETF to
-eap_server_method_alloc(). These methods must not try to emulate
-expanded types by registering a legacy EAP method for type 254. See
-eap_vendor_test.c for an example of an EAP method implementation that
-is implemented as an expanded type.
-
-*/

diff --git a/doc/hostapd.fig b/doc/hostapd.fig
deleted file mode 100644
index af3f0be..0000000
--- a/doc/hostapd.fig
+++ /dev/null

@@ -1,264 +0,0 @@
-#FIG 3.2
-Landscape
-Center
-Inches
-Letter
-100.00
-Single
--2
-1200 2
-6 1875 4050 2925 4350
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1875 4050 2925 4050 2925 4350 1875 4350 1875 4050
-4 0 0 50 -1 0 12 0.0000 4 180 735 2025 4275 l2_packet\001
--6
-6 4725 1200 5925 1500
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4725 1200 5925 1200 5925 1500 4725 1500 4725 1200
-4 0 0 50 -1 0 12 0.0000 4 135 1005 4800 1425 GUI frontend\001
--6
-6 6000 2700 7200 3225
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6000 2700 7200 2700 7200 3225 6000 3225 6000 2700
-4 0 0 50 -1 0 12 0.0000 4 135 975 6075 2925 WPA/WPA2\001
-4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 3150 state machine\001
--6
-6 6000 4950 7200 5475
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6000 4950 7200 4950 7200 5475 6000 5475 6000 4950
-4 0 0 50 -1 0 12 0.0000 4 135 360 6075 5175 EAP\001
-4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 5400 state machine\001
--6
-6 4350 3900 5025 4425
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4350 3900 5025 3900 5025 4425 4350 4425 4350 3900
-4 0 0 50 -1 0 12 0.0000 4 105 420 4500 4125 event\001
-4 0 0 50 -1 0 12 0.0000 4 180 315 4500 4350 loop\001
--6
-6 4275 2550 5100 2850
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4275 2550 5100 2550 5100 2850 4275 2850 4275 2550
-4 0 0 50 -1 0 12 0.0000 4 135 450 4425 2775 ctrl i/f\001
--6
-6 6000 3900 7200 4425
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6000 3900 7200 3900 7200 4425 6000 4425 6000 3900
-4 0 0 50 -1 0 12 0.0000 4 135 600 6075 4125 EAPOL\001
-4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 4350 state machine\001
--6
-6 2775 3150 4050 3450
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 2775 3150 4050 3150 4050 3450 2775 3450 2775 3150
-4 0 0 50 -1 0 12 0.0000 4 180 990 2925 3375 configuration\001
--6
-6 3450 1200 4575 1500
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 3450 1200 4575 1200 4575 1500 3450 1500 3450 1200
-4 0 0 50 -1 0 12 0.0000 4 180 870 3600 1425 hostapd_cli\001
--6
-6 3525 7800 5775 8100
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 3525 7800 5775 7800 5775 8100 3525 8100 3525 7800
-4 0 0 50 -1 0 12 0.0000 4 135 2145 3600 8025 kernel network device driver\001
--6
-6 4275 6000 5100 6300
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4275 6000 5100 6000 5100 6300 4275 6300 4275 6000
-4 0 0 50 -1 0 12 0.0000 4 135 630 4350 6225 driver i/f\001
--6
-6 8175 4725 9225 5025
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 4725 9225 4725 9225 5025 8175 5025 8175 4725
-4 0 0 50 -1 0 12 0.0000 4 135 735 8250 4950 EAP-TLS\001
--6
-6 9300 4725 10350 5025
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 4725 10350 4725 10350 5025 9300 5025 9300 4725
-4 0 0 50 -1 0 12 0.0000 4 135 810 9375 4950 EAP-MD5\001
--6
-6 8175 5100 9225 5400
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 5100 9225 5100 9225 5400 8175 5400 8175 5100
-4 0 0 50 -1 0 12 0.0000 4 135 885 8250 5325 EAP-PEAP\001
--6
-6 9300 5100 10350 5400
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 5100 10350 5100 10350 5400 9300 5400 9300 5100
-4 0 0 50 -1 0 12 0.0000 4 135 840 9375 5325 EAP-TTLS\001
--6
-6 8175 5475 9225 5775
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 5475 9225 5475 9225 5775 8175 5775 8175 5475
-4 0 0 50 -1 0 12 0.0000 4 135 780 8250 5700 EAP-GTC\001
--6
-6 8175 5850 9225 6150
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 5850 9225 5850 9225 6150 8175 6150 8175 5850
-4 0 0 50 -1 0 12 0.0000 4 135 750 8250 6075 EAP-SIM\001
--6
-6 8175 6225 9225 6525
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 6225 9225 6225 9225 6525 8175 6525 8175 6225
-4 0 0 50 -1 0 12 0.0000 4 135 765 8250 6450 EAP-PSK\001
--6
-6 9300 5850 10350 6150
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 5850 10350 5850 10350 6150 9300 6150 9300 5850
-4 0 0 50 -1 0 12 0.0000 4 135 825 9375 6075 EAP-AKA\001
--6
-6 9300 5475 10350 5775
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 5475 10350 5475 10350 5775 9300 5775 9300 5475
-4 0 0 50 -1 0 12 0.0000 4 135 795 9375 5700 EAP-PAX\001
--6
-6 8175 6600 9675 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 6600 9675 6600 9675 6900 8175 6900 8175 6600
-4 0 0 50 -1 0 12 0.0000 4 135 1365 8250 6825 EAP-MSCHAPv2\001
--6
-6 8700 3450 9375 3750
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8700 3450 9375 3450 9375 3750 8700 3750 8700 3450
-4 0 0 50 -1 0 12 0.0000 4 150 480 8775 3675 crypto\001
--6
-6 9600 3450 10275 3750
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9600 3450 10275 3450 10275 3750 9600 3750 9600 3450
-4 0 0 50 -1 0 12 0.0000 4 135 315 9750 3675 TLS\001
--6
-6 6000 5775 7200 6300
-6 6000 5775 7200 6300
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6000 5775 7200 5775 7200 6300 6000 6300 6000 5775
-4 0 0 50 -1 0 12 0.0000 4 135 690 6075 6000 RADIUS\001
--6
-4 0 0 50 -1 0 12 0.0000 4 90 480 6075 6225 server\001
--6
-6 8100 2250 8925 2775
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8100 2250 8925 2250 8925 2775 8100 2775 8100 2250
-4 0 0 50 -1 0 12 0.0000 4 135 690 8175 2475 RADIUS\001
-4 0 0 50 -1 0 12 0.0000 4 135 420 8175 2700 client\001
--6
-6 3150 5475 4425 5775
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 3150 5475 4425 5475 4425 5775 3150 5775 3150 5475
-4 0 0 50 -1 0 12 0.0000 4 135 990 3300 5700 driver events\001
--6
-6 1950 5550 2625 6075
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1950 5550 2625 5550 2625 6075 1950 6075 1950 5550
-4 0 0 50 -1 0 12 0.0000 4 135 540 2025 5775 Station\001
-4 0 0 50 -1 0 12 0.0000 4 135 375 2025 6000 table\001
--6
-6 1875 4725 2925 5250
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1875 4725 2925 4725 2925 5250 1875 5250 1875 4725
-4 0 0 50 -1 0 12 0.0000 4 135 960 1950 4950 IEEE 802.11\001
-4 0 0 50 -1 0 12 0.0000 4 135 555 1950 5175 MLME\001
--6
-2 1 1 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2
-	 1275 4200 1875 4200
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 4500 2550 3900 1500
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 4800 2550 5400 1500
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 2925 4200 4350 4200
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 5025 3900 6000 3000
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 5025 4200 6000 4200
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4650 6000 4650 4425
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6600 4425 6600 4950
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6600 3225 6600 3900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 7200 5250 8100 5250
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 9075 4425 9075 3750
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 7200 3000 8700 3525
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4650 3900 4650 2850
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 7200 4125 8700 3675
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6000 4350 5025 6000
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6000 3150 4875 6000
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1500 2100 10800 2100 10800 7500 1500 7500 1500 2100
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 9900 4425 9900 3750
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 1
-	 4350 3900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4350 3900 4050 3450
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4350 4425 4050 5475
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 2250 7200 4200 7800
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 7200 7200 5100 7800
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 2775 6900 3675 6900 3675 7200 2775 7200 2775 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 3750 6900 4650 6900 4650 7200 3750 7200 3750 6900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 4
-	 2250 6900 2250 6600 7200 6600 7200 6900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 3225 6900 3225 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4200 6900 4200 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 5175 6900 5175 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6150 6900 6150 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4650 6600 4650 6300
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1800 6900 2700 6900 2700 7200 1800 7200 1800 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4725 6900 5625 6900 5625 7200 4725 7200 4725 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 5700 6900 6600 6900 6600 7200 5700 7200 5700 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6675 6900 7800 6900 7800 7200 6675 7200 6675 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8100 6975 10425 6975 10425 4425 8100 4425 8100 6975
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6600 5475 6600 5775
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 5025 4425 6000 5775
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 3
-	 4800 3900 5925 2550 8100 2550
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 7200 3900 8475 2775
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9450 2250 10425 2250 10425 2775 9450 2775 9450 2250
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 8925 2475 9450 2475
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 2325 5550 2325 5250
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 2925 4950 4350 4275
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 3
-	 2850 4725 5775 2400 8100 2400
-4 0 0 50 -1 0 12 0.0000 4 135 915 375 3975 EAPOL and\001
-4 0 0 50 -1 0 12 0.0000 4 180 630 375 4200 pre-auth\001
-4 0 0 50 -1 0 12 0.0000 4 180 810 375 4425 ethertypes\001
-4 0 0 50 -1 0 12 0.0000 4 135 1050 375 4650 from/to kernel\001
-4 0 0 50 -1 0 12 0.0000 4 135 1920 3675 1875 frontend control interface\001
-4 0 0 50 -1 2 14 0.0000 4 195 720 1637 2371 hostapd\001
-4 0 0 50 -1 0 12 0.0000 4 180 600 3825 7125 prism54\001
-4 0 0 50 -1 0 12 0.0000 4 180 510 1875 7125 hostap\001
-4 0 0 50 -1 0 12 0.0000 4 135 600 2850 7125 madwifi\001
-4 0 0 50 -1 0 12 0.0000 4 135 270 4800 7125 bsd\001
-4 0 0 50 -1 0 12 0.0000 4 105 300 6750 7125 test\001
-4 0 0 50 -1 0 12 0.0000 4 135 420 5775 7125 wired\001
-4 0 0 50 -1 0 12 0.0000 4 135 1050 8700 4650 EAP methods\001
-4 0 0 50 -1 0 12 0.0000 4 135 690 9525 2475 RADIUS\001
-4 0 0 50 -1 0 12 0.0000 4 180 825 9525 2700 accounting\001

diff --git a/doc/hostapd_ctrl_iface.doxygen b/doc/hostapd_ctrl_iface.doxygen
deleted file mode 100644
index ae778bc..0000000
--- a/doc/hostapd_ctrl_iface.doxygen
+++ /dev/null

@@ -1,66 +0,0 @@
-/**
-\page hostapd_ctrl_iface_page hostapd control interface
-
-hostapd implements a control interface that can be used by
-external programs to control the operations of the hostapd
-daemon and to get status information and event notifications. There is
-a small C library, in a form of a single C file, wpa_ctrl.c, that
-provides helper functions to facilitate the use of the control
-interface. External programs can link this file into them and then use
-the library functions documented in wpa_ctrl.h to interact with
-%wpa_supplicant. This library can also be used with C++. hostapd_cli.c
-is an example program using this library.
-
-There are multiple mechanisms for inter-process communication. For
-example, Linux version of hostapd is using UNIX domain sockets for the
-control interface. The use of the functions defined in wpa_ctrl.h can
-be used to hide the details of the used IPC from external programs.
-
-
-\section using_ctrl_iface Using the control interface
-
-External programs, e.g., a GUI or a configuration utility, that need to
-communicate with hostapd should link in wpa_ctrl.c. This
-allows them to use helper functions to open connection to the control
-interface with wpa_ctrl_open() and to send commands with
-wpa_ctrl_request().
-
-hostapd uses the control interface for two types of communication:
-commands and unsolicited event messages. Commands are a pair of
-messages, a request from the external program and a response from
-hostapd. These can be executed using wpa_ctrl_request().
-Unsolicited event messages are sent by hostapd to the control
-interface connection without specific request from the external program
-for receiving each message. However, the external program needs to
-attach to the control interface with wpa_ctrl_attach() to receive these
-unsolicited messages.
-
-If the control interface connection is used both for commands and
-unsolicited event messages, there is potential for receiving an
-unsolicited message between the command request and response.
-wpa_ctrl_request() caller will need to supply a callback, msg_cb,
-for processing these messages. Often it is easier to open two
-control interface connections by calling wpa_ctrl_open() twice and
-then use one of the connections for commands and the other one for
-unsolicited messages. This way command request/response pairs will
-not be broken by unsolicited messages. wpa_cli is an example of how
-to use only one connection for both purposes and wpa_gui demonstrates
-how to use two separate connections.
-
-Once the control interface connection is not needed anymore, it should
-be closed by calling wpa_ctrl_close(). If the connection was used for
-unsolicited event messages, it should be first detached by calling
-wpa_ctrl_detach().
-
-
-\section ctrl_iface_cmds Control interface commands
-
-Following commands can be used with wpa_ctrl_request():
-
-\subsection ctrl_iface_PING PING
-
-This command can be used to test whether hostapd is replying
-to the control interface commands. The expected reply is \c PONG if the
-connection is open and hostapd is processing commands.
-
-*/

diff --git a/doc/mainpage.doxygen b/doc/mainpage.doxygen
deleted file mode 100644
index 09d2550..0000000
--- a/doc/mainpage.doxygen
+++ /dev/null

@@ -1,95 +0,0 @@
-/**
-\mainpage Developers' documentation for wpa_supplicant and hostapd
-
-The goal of this documentation and comments in the source code is to
-give enough information for other developers to understand how
-%wpa_supplicant and hostapd have been implemented, how they can be
-modified, how new drivers can be supported, and how the source code
-can be ported to other operating systems. If any information is
-missing, feel free to contact Jouni Malinen <j@w1.fi> for more
-information. Contributions as patch files are also very welcome at the
-contributions to %wpa_supplicant and hostapd are expected to use
-compatible licensing terms.
-
-and hostapd Git repository is available from the project home page at
-http://w1.fi/wpa_supplicant/. This developers' documentation is also
-available as a PDF file from
-http://w1.fi/wpa_supplicant/wpa_supplicant-devel.pdf .
-
-
-\section wpa_supplicant wpa_supplicant
-
-%wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with
-support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE
-802.1X/WPA component that is used in the client stations. It
-implements key negotiation with a WPA Authenticator and it can optionally
-control roaming and IEEE 802.11 authentication/association of the wlan
-driver.
-
-The design goal for %wpa_supplicant was to use hardware, driver, and
-OS independent, portable C code for all WPA functionality. The source
-code is divided into separate C files as shown on the \ref
-code_structure "code structure page". All hardware/driver specific
-functionality is in separate files that implement a \ref
-driver_wrapper "well-defined driver API". Information about porting
-to different target boards and operating systems is available on
-the \ref porting "porting page".
-
-EAPOL (IEEE 802.1X) state machines are implemented as a separate
-module that interacts with \ref eap_peer_module "EAP peer implementation".
-In addition to programs aimed at normal production use,
-%wpa_supplicant source tree includes number of \ref testing_tools
-"testing and development tools" that make it easier to test the
-programs without having to setup a full test setup with wireless
-cards. These tools can also be used to implement automatic test
-suites.
-
-%wpa_supplicant implements a
-\ref ctrl_iface_page "control interface" that can be used by
-external programs to control the operations of the %wpa_supplicant
-daemon and to get status information and event notifications. There is
-a small C library that provides helper functions to facilitate the use of the
-control interface. This library can also be used with C++.
-
-\image html wpa_supplicant.png "wpa_supplicant modules"
-\image latex wpa_supplicant.eps "wpa_supplicant modules" width=15cm
-
-
-\section hostapd hostapd
-
-hostapd includes IEEE 802.11 access point management (authentication /
-association), IEEE 802.1X/WPA/WPA2 Authenticator, EAP server, and
-RADIUS authentication server functionality. It can be build with
-various configuration option, e.g., a standalone AP management
-solution or a RADIUS authentication server with support for number of
-EAP methods.
-
-The design goal for hostapd was to use hardware, driver, and
-OS independent, portable C code for all WPA functionality. The source
-code is divided into separate C files as shown on the \ref
-code_structure "code structure page". All hardware/driver specific
-functionality is in separate files that implement a \ref
-driver_wrapper "well-defined driver API". Information about porting
-to different target boards and operating systems is available on
-the \ref porting "porting page".
-
-EAPOL (IEEE 802.1X) state machines are implemented as a separate
-module that interacts with \ref eap_server_module "EAP server implementation".
-Similarly, RADIUS authentication server is in its own separate module.
-Both IEEE 802.1X and RADIUS authentication server can use EAP server
-functionality.
-
-hostapd implements a \ref hostapd_ctrl_iface_page "control interface"
-that can be used by external programs to control the operations of the
-hostapdt daemon and to get status information and event notifications.
-There is a small C library that provides helper functions to facilitate
-the use of the control interface. This library can also be used with
-C++.
-
-\image html hostapd.png "hostapd modules"
-\image latex hostapd.eps "hostapd modules" width=15cm
-
-*/

diff --git a/doc/porting.doxygen b/doc/porting.doxygen
deleted file mode 100644
index 7ea6a34..0000000
--- a/doc/porting.doxygen
+++ /dev/null

@@ -1,208 +0,0 @@
-/**
-\page porting Porting to different target boards and operating systems
-
-%wpa_supplicant was designed to be easily portable to different
-hardware (board, CPU) and software (OS, drivers) targets. It is
-already used with number of operating systems and numerous wireless
-card models and drivers. The main %wpa_supplicant repository includes
-support for Linux, FreeBSD, and Windows. In addition, the code has been
-ported to number of other operating systems like VxWorks, PalmOS,
-Windows CE, and Windows Mobile. On the hardware
-side, %wpa_supplicant is used on various systems: desktops, laptops,
-PDAs, and embedded devices with CPUs including x86, PowerPC,
-arm/xscale, and MIPS. Both big and little endian configurations are
-supported.
-
-
-\section ansi_c_extra Extra functions on top of ANSI C
-
-%wpa_supplicant is mostly using ANSI C functions that are available on
-most targets. However, couple of additional functions that are common
-on modern UNIX systems are used. Number of these are listed with
-prototypes in common.h (the \verbatim #ifdef CONFIG_ANSI_C_EXTRA \endverbatim
-block). These functions may need to be implemented or at least defined
-as macros to native functions in the target OS or C library.
-
-Many of the common ANSI C functions are used through a wrapper
-definitions in os.h to allow these to be replaced easily with a
-platform specific version in case standard C libraries are not
-available. In addition, os.h defines couple of common platform
-specific functions that are implemented in os_unix.c for UNIX like
-targets and in os_win32.c for Win32 API. If the target platform does
-not support either of these examples, a new os_*.c file may need to be
-
-Unless OS_NO_C_LIB_DEFINES is defined, the standard ANSI C and POSIX
-functions are used by defining the os_*() wrappers to use them
-directly in order to avoid extra cost in size and speed. If the target
-platform needs different versions of the functions, os.h can be
-modified to define the suitable macros or alternatively,
-OS_NO_C_LIB_DEFINES may be defined for the build and the wrapper
-functions can then be implemented in a new os_*.c wrapper file.
-
-common.h defines number of helper macros for handling integers of
-different size and byte order. Suitable version of these definitions
-may need to be added for the target platform.
-
-
-\section configuration_backend Configuration backend
-
-%wpa_supplicant implements a configuration interface that allows the
-backend to be easily replaced in order to read configuration data from
-a suitable source depending on the target platform. config.c
-implements the generic code that can be shared with all configuration
-backends. Each backend is implemented in its own config_*.c file.
-
-The included config_file.c backend uses a text file for configuration
-and config_winreg.c uses Windows registry. These files can be used as
-an example for a new configuration backend if the target platform uses
-different mechanism for configuration parameters. In addition,
-config_none.c can be used as an empty starting point for building a
-new configuration backend.
-
-
-\section driver_iface_porting Driver interface
-
-Unless the target OS and driver is already supported, most porting
-projects have to implement a driver wrapper. This may be done by
-adding a new driver interface module or modifying an existing module
-(driver_*.c) if the new target is similar to one of them. \ref
-driver_wrapper "Driver wrapper implementation" describes the details
-of the driver interface and discusses the tasks involved in porting
-this part of %wpa_supplicant.
-
-
-\section l2_packet_porting l2_packet (link layer access)
-
-(link layer) packets with two Ethertypes: EAP-over-LAN (EAPOL) 0x888e
-and RSN pre-authentication 0x88c7. l2_packet.h defines the interfaces
-used for this in the core %wpa_supplicant implementation.
-
-If the target operating system supports a generic mechanism for link
-layer access, that is likely the best mechanism for providing the
-needed functionality for %wpa_supplicant. Linux packet socket is an
-example of such a generic mechanism. If this is not available, a
-separate interface may need to be implemented to the network stack or
-driver. This is usually an intermediate or protocol driver that is
-operating between the device driver and the OS network stack. If such
-a mechanism is not feasible, the interface can also be implemented
-directly in the device driver.
-
-The main %wpa_supplicant repository includes l2_packet implementations
-for Linux using packet sockets (l2_packet_linux.c), more portable
-version using libpcap/libdnet libraries (l2_packet_pcap.c; this
-supports WinPcap, too), and FreeBSD specific version of libpcap
-interface (l2_packet_freebsd.c).
-
-If the target operating system is supported by libpcap (receiving) and
-libdnet (sending), l2_packet_pcap.c can likely be used with minimal or
-no changes. If this is not a case or a proprietary interface for link
-layer is required, a new l2_packet module may need to be
-added. Alternatively, struct wpa_driver_ops::send_eapol() handler can
-be used to override the l2_packet library if the link layer access is
-integrated with the driver interface implementation.
-
-
-\section eloop_porting Event loop
-
-%wpa_supplicant uses a single process/thread model and an event loop
-to provide callbacks on events (registered timeout, received packet,
-signal). eloop.h defines the event loop interface. eloop.c is an
-implementation of such an event loop using select() and sockets. This
-is suitable for most UNIX/POSIX systems. When porting to other
-operating systems, it may be necessary to replace that implementation
-with OS specific mechanisms that provide similar functionality.
-
-
-\section ctrl_iface_porting Control interface
-
-%wpa_supplicant uses a \ref ctrl_iface_page "control interface"
-to allow external processed
-to get status information and to control the operations. Currently,
-this is implemented with socket based communication; both UNIX domain
-sockets and UDP sockets are supported. If the target OS does not
-support sockets, this interface will likely need to be modified to use
-another mechanism like message queues. The control interface is
-optional component, so it is also possible to run %wpa_supplicant
-without porting this part.
-
-The %wpa_supplicant side of the control interface is implemented in
-ctrl_iface.c. Matching client side is implemented as a control
-interface library in wpa_ctrl.c.
-
-
-\section entry_point Program entry point
-
-%wpa_supplicant defines a set of functions that can be used to
-initialize main supplicant processing. Each operating system has a
-mechanism for starting new processing or threads. This is usually a
-function with a specific set of arguments and calling convention. This
-function is responsible on initializing %wpa_supplicant.
-
-main.c includes an entry point for UNIX-like operating system, i.e.,
-main() function that uses command line arguments for setting
-parameters for %wpa_supplicant. When porting to other operating
-systems, similar OS-specific entry point implementation is needed. It
-can be implemented in a new file that is then linked with
-%wpa_supplicant instead of main.o. main.c is also a good example on
-how the initialization process should be done.
-
-The supplicant initialization functions are defined in
-wpa_supplicant_i.h. In most cases, the entry point function should
-start by fetching configuration parameters. After this, a global
-%wpa_supplicant context is initialized with a call to
-wpa_supplicant_init(). After this, existing network interfaces can be
-used to start the main event loop. Once this returns at program
-termination time, wpa_supplicant_deinit() is used to release global
-context data.
-
-used dynamically to add and remove interfaces based on when
-%wpa_supplicant processing is needed for them. This can be done, e.g.,
-when hotplug network adapters are being inserted and ejected. It is
-also possible to do this when a network interface is being
-enabled/disabled if it is desirable that %wpa_supplicant processing
-for the interface is fully enabled/disabled at the same time.
-
-
-\section simple_build Simple build example
-
-One way to start a porting project is to begin with a very simple
-build of %wpa_supplicant with WPA-PSK support and once that is
-
-Following command can be used to build very simple version of
-%wpa_supplicant:
-
-\verbatim
-cc -o wpa_supplicant config.c eloop.c common.c md5.c rc4.c sha1.c \
-	config_none.c l2_packet_none.c tls_none.c wpa.c preauth.c \
-	aes_wrap.c wpa_supplicant.c events.c main_none.c drivers.c
-\endverbatim
-
-The end result is not really very useful since it uses empty functions
-for configuration parsing and layer 2 packet access and does not
-include a driver interface. However, this is a good starting point
-since the build is complete in the sense that all functions are
-present and this is easy to configure to a build system by just
-including the listed C files.
-
-Once this version can be build successfully, the end result can be
-driver interface (driver_*.c and matching CONFIG_DRIVER_* define for
-registration in drivers.c), configuration parser/writer (config_*.c),
-and layer 2 packet access implementation (l2_packet_*.c). After these
-components have been added, the end result should be a working
-WPA/WPA2-PSK enabled supplicant.
-
-After the basic functionality has been verified to work, more features
-can be added by linking in more files and defining C pre-processor
-defines. Currently, the best source of information for what options
-are available and which files needs to be included is in the Makefile
-used for building the supplicant with make. Similar configuration will
-be needed for build systems that either use different type of make
-tool or a GUI-based project configuration.
-
-*/

diff --git a/doc/testing_tools.doxygen b/doc/testing_tools.doxygen
deleted file mode 100644
index 01db0b6..0000000
--- a/doc/testing_tools.doxygen
+++ /dev/null

@@ -1,363 +0,0 @@
-/**
-\page testing_tools Testing and development tools
-
-[ \ref eapol_test "eapol_test" |
-\ref preauth_test "preauth_test" |
-\ref driver_test "driver_test" |
-\ref unit_tests "Unit tests" |
-\ref wpa_trace "Tracing code" ]
-
-%wpa_supplicant source tree includes number of testing and development
-tools that make it easier to test the programs without having to setup
-a full test setup with wireless cards. In addition, these tools can be
-used to implement automatic tests suites.
-
-\section eapol_test eapol_test - EAP peer and RADIUS client testing
-
-eapol_test is a program that links together the same EAP peer
-implementation that %wpa_supplicant is using and the RADIUS
-authentication client code from hostapd. In addition, it has minimal
-glue code to combine these two components in similar ways to IEEE
-802.1X/EAPOL Authenticator state machines. In other words, it
-integrates IEEE 802.1X Authenticator (normally, an access point) and
-IEEE 802.1X Supplicant (normally, a wireless client) together to
-generate a single program that can be used to test EAP methods without
-having to setup an access point and a wireless client.
-
-The main uses for eapol_test are in interoperability testing of EAP
-methods against RADIUS servers and in development testing for new EAP
-methods. It can be easily used to automate EAP testing for
-interoperability and regression since the program can be run from
-shell scripts without require additional test components apart from a
-RADIUS server. For example, the automated EAP tests described in
-eap_testing.txt are implemented with eapol_test. Similarly, eapol_test
-could be used to implement an automated regression test suite for a
-
-eapol_test uses the same build time configuration file, .config, as
-%wpa_supplicant. This file is used to select which EAP methods are
-included in eapol_test. This program is not built with the default
-Makefile target, so a separate make command needs to be used to
-compile the tool:
-
-\verbatim
-make eapol_test
-\endverbatim
-
-The resulting eapol_test binary has following command like options:
-
-\verbatim
-usage:
-eapol_test [-nWS] -c<conf> [-a<AS IP>] [-p<AS port>] [-s<AS secret>] \
-           [-r<count>] [-t<timeout>] [-C<Connect-Info>] \
-eapol_test scard
-eapol_test sim <PIN> <num triplets> [debug]
-
-options:
-  -c<conf> = configuration file
-  -a<AS IP> = IP address of the authentication server, default 127.0.0.1
-  -p<AS port> = UDP port of the authentication server, default 1812
-  -s<AS secret> = shared secret with the authentication server, default 'radius'
-  -r<count> = number of re-authentications
-  -W = wait for a control interface monitor before starting
-  -S = save configuration after authentiation
-  -n = no MPPE keys expected
-  -t<timeout> = sets timeout in seconds (default: 30 s)
-  -C<Connect-Info> = RADIUS Connect-Info (default: CONNECT 11Mbps 802.11b)
-                           default: 02:00:00:00:00:01)
-\endverbatim
-
-
-As an example,
-\verbatim
-eapol_test -ctest.conf -a127.0.0.1 -p1812 -ssecret -r1
-\endverbatim
-tries to complete EAP authentication based on the network
-configuration from test.conf against the RADIUS server running on the
-local host. A re-authentication is triggered to test fast
-re-authentication. The configuration file uses the same format for
-network blocks as %wpa_supplicant.
-
-
-\section preauth_test preauth_test - WPA2 pre-authentication and EAP peer testing
-
-preauth_test is similar to eapol_test in the sense that in combines
-EAP peer implementation with something else, in this case, with WPA2
-pre-authentication. This tool can be used to test pre-authentication
-based on the code that %wpa_supplicant is using. As such, it tests
-both the %wpa_supplicant implementation and the functionality of an
-access point.
-
-preauth_test is built with:
-
-\verbatim
-make preauth_test
-\endverbatim
-
-and it uses following command line arguments:
-
-\verbatim
-usage: preauth_test <conf> <target MAC address> <ifname>
-\endverbatim
-
-For example,
-\verbatim
-preauth_test test.conf 02:11:22:33:44:55 eth0
-\endverbatim
-would use network configuration from test.conf to try to complete
-pre-authentication with AP using BSSID 02:11:22:33:44:55. The
-pre-authentication packets would be sent using the eth0 interface.
-
-
-\section driver_test driver_test - driver interface for testing wpa_supplicant
-
-%wpa_supplicant was designed to support number of different ways to
-communicate with a network device driver. This design uses \ref
-driver_wrapper "driver interface API" and number of driver interface
-implementations. One of these is driver_test.c, i.e., a test driver
-interface that is actually not using any drivers. Instead, it provides
-a mechanism for running %wpa_supplicant without having to have a
-device driver or wireless LAN hardware for that matter.
-
-driver_test can be used to talk directly with hostapd's driver_test
-component to create a test setup where one or more clients and access
-points can be tested within one test host and without having to have
-multiple wireless cards. This makes it easier to test the core code in
-%wpa_supplicant, and hostapd for that matter. Since driver_test uses
-the same driver API than any other driver interface implementation,
-the core code of %wpa_supplicant and hostapd can be tested with the
-same coverage as one would get when using real wireless cards. The
-only area that is not tested is the driver interface implementation
-(driver_*.c).
-
-Having the possibility to use simulated network components makes it
-much easier to do development testing while adding new features and to
-reproduce reported bugs. As such, it is often easiest to just do most
-of the development and bug fixing without using real hardware. Once
-the driver_test setup has been used to implement a new feature or fix
-a bug, the end result can be verified with wireless LAN cards. In many
-cases, this may even be unnecessary, depending on what area the
-feature/bug is relating to. Of course, changes to driver interfaces
-will still require use of real hardware.
-
-Since multiple components can be run within a single host, testing of
-complex network configuration, e.g., large number of clients
-association with an access point, becomes quite easy. All the tests
-can also be automated without having to resort to complex test setup
-
-driver_test can be included in the %wpa_supplicant build in the same
-way as any other driver interface, i.e., by adding the following line
-into .config:
-
-\verbatim
-CONFIG_DRIVER_TEST=y
-\endverbatim
-
-When running %wpa_supplicant, the test interface is selected by using
-\a -Dtest command line argument. The interface name (\a -i argument)
-can be selected arbitrarily, i.e., it does not need to match with any
-existing network interface. The interface name is used to generate a
-MAC address, so when using multiple clients, each should use a
-different interface, e.g., \a sta1, \a sta2, and so on.
-
-%wpa_supplicant and hostapd are configured in the same way as they
-would be for normal use. Following example shows a simple test setup
-for WPA-PSK.
-
-hostapd is configured with following psk-test.conf configuration file:
-
-\verbatim
-driver=test
-
-interface=ap1
-logger_stdout=-1
-logger_stdout_level=0
-debug=2
-dump_file=/tmp/hostapd.dump
-
-test_socket=/tmp/Test/ap1
-
-ssid=jkm-test-psk
-
-wpa=1
-wpa_key_mgmt=WPA-PSK
-wpa_pairwise=TKIP
-wpa_passphrase=12345678
-\endverbatim
-
-and started with following command:
-
-\verbatim
-hostapd psk-test.conf
-\endverbatim
-
-%wpa_supplicant uses following configuration file:
-
-\verbatim
-driver_param=test_socket=/tmp/Test/ap1
-
-network={
-    ssid="jkm-test-psk"
-    key_mgmt=WPA-PSK
-    psk="12345678"
-}
-\endverbatim
-
-%wpa_supplicant can then be started with following command:
-
-\verbatim
-wpa_supplicant -Dtest -cpsk-test.conf -ista1 -ddK
-\endverbatim
-
-If run without debug information, i.e., with
-
-\verbatim
-wpa_supplicant -Dtest -cpsk-test.conf -ista1
-\endverbatim
-
-%wpa_supplicant completes authentication and prints following events:
-
-\verbatim
-Trying to associate with 02:b8:a6:62:08:5a (SSID='jkm-test-psk' freq=0 MHz)
-Associated with 02:b8:a6:62:08:5a
-WPA: Key negotiation completed with 02:b8:a6:62:08:5a [PTK=TKIP GTK=TKIP]
-CTRL-EVENT-CONNECTED - Connection to 02:b8:a6:62:08:5a completed (auth)
-\endverbatim
-
-If test setup is using multiple clients, it is possible to run
-multiple %wpa_supplicant processes. Alternatively, the support for
-multiple interfaces can be used with just one process to save some
-resources on single-CPU systems. For example, following command runs
-two clients:
-
-\verbatim
-./wpa_supplicant -Dtest -cpsk-test.conf -ista1 \
-	-N -Dtest -cpsk-test.conf -ista2
-\endverbatim
-
-This shows following event log:
-
-\verbatim
-Trying to associate with 02:b8:a6:62:08:5a (SSID='jkm-test-psk' freq=0 MHz)
-Associated with 02:b8:a6:62:08:5a
-WPA: Key negotiation completed with 02:b8:a6:62:08:5a [PTK=TKIP GTK=TKIP]
-CTRL-EVENT-CONNECTED - Connection to 02:b8:a6:62:08:5a completed (auth)
-Trying to associate with 02:b8:a6:62:08:5a (SSID='jkm-test-psk' freq=0 MHz)
-Associated with 02:b8:a6:62:08:5a
-WPA: Key negotiation completed with 02:b8:a6:62:08:5a [PTK=TKIP GTK=TKIP]
-CTRL-EVENT-CONNECTED - Connection to 02:b8:a6:62:08:5a completed (auth)
-\endverbatim
-
-hostapd shows this with following events:
-
-\verbatim
-ap1: STA 02:b5:64:63:30:63 IEEE 802.11: associated
-ap1: STA 02:b5:64:63:30:63 WPA: pairwise key handshake completed (WPA)
-ap1: STA 02:b5:64:63:30:63 WPA: group key handshake completed (WPA)
-ap1: STA 02:2a:c4:18:5b:f3 IEEE 802.11: associated
-ap1: STA 02:2a:c4:18:5b:f3 WPA: pairwise key handshake completed (WPA)
-ap1: STA 02:2a:c4:18:5b:f3 WPA: group key handshake completed (WPA)
-\endverbatim
-
-By default, driver_param is simulating a driver that uses the WPA/RSN
-IE generated by %wpa_supplicant. Driver-generated IE and AssocInfo
-events can be tested by adding \a use_associnfo=1 to the \a driver_param
-line in the configuration file. For example:
-
-\verbatim
-driver_param=test_socket=/tmp/Test/ap1 use_associnfo=1
-\endverbatim
-
-
-\section unit_tests Unit tests
-
-Number of the components (.c files) used in %wpa_supplicant define
-their own unit tests for automated validation of the basic
-functionality. Most of the tests for cryptographic algorithms are
-using standard test vectors to validate functionality. These tests can
-be useful especially when verifying port to a new CPU target.
-
-The test programs are collected in the tests subdirectory. All
-automated unit tests can be run with
-
-\verbatim
-make run-tests
-\endverbatim
-
-This make target builds and runs each test and terminates with zero
-exit code if all tests were completed successfully.
-
-
-\section wpa_trace Tracing code for developer debuggin
-
-%wpa_supplicant and hostapd can be built with tracing code that will
-track and analyze memory allocations and other resource registrations
-and certain API uses. If incorrect use is detected, a backtrace of the
-call location (and/or allocation location) is shown. This can also be
-used to detect certain categories of memory leaks and report them
-automatically when the program is terminated. The report will also
-include information about forgotten eloop events.
-
-The trace code can be enabled with CONFIG_WPA_TRACE=y build
-option. More verbose backtrace information can be generated if libbfd
-is available and the binaries are not stripped of symbol
-information. This is enabled with CONFIG_WPA_TRACE_BFD=y.
-
-For example, a memory leak (forgotten os_free() call) would show up
-like this when the program is terminated:
-
-\verbatim
-MEMLEAK[0x82d200]: len 128
-WPA_TRACE: memleak - START
-[0]: ./wpa_supplicant(os_malloc+0x59) [0x41a5e9]
-     os_malloc() ../src/utils/os_unix.c:359
-[1]: ./wpa_supplicant(os_zalloc+0x16) [0x41a676]
-     os_zalloc() ../src/utils/os_unix.c:418
-[2]: ./wpa_supplicant(wpa_supplicant_init+0x38) [0x48b508]
-     wpa_supplicant_init() wpa_supplicant.c:2315
-[3]: ./wpa_supplicant(main+0x2f3) [0x491073]
-     main() main.c:252
-WPA_TRACE: memleak - END
-MEMLEAK: total 128 bytes
-\endverbatim
-
-Another type of error that can be detected is freeing of memory area
-that was registered for some use and is still be referenced:
-
-\verbatim
-WPA_TRACE: Freeing referenced memory - START
-[2]: ./wpa_supplicant(os_free+0x5c) [0x41a53c]
-     os_free() ../src/utils/os_unix.c:411
-[3]: ./wpa_supplicant(wpa_supplicant_remove_iface+0x30) [0x48b380]
-     wpa_supplicant_remove_iface() wpa_supplicant.c:2259
-[4]: ./wpa_supplicant(wpa_supplicant_deinit+0x20) [0x48b3e0]
-     wpa_supplicant_deinit() wpa_supplicant.c:2430
-[5]: ./wpa_supplicant(main+0x357) [0x4910d7]
-     main() main.c:276
-WPA_TRACE: Freeing referenced memory - END
-WPA_TRACE: Reference registration - START
-[1]: ./wpa_supplicant [0x41c040]
-[2]: ./wpa_supplicant(wpa_supplicant_ctrl_iface_deinit+0x17) [0x473247]
-     wpa_supplicant_ctrl_iface_deinit() ctrl_iface_unix.c:436
-[3]: ./wpa_supplicant [0x48b21c]
-     wpa_supplicant_cleanup() wpa_supplicant.c:378
-     wpa_supplicant_deinit_iface() wpa_supplicant.c:2155
-[4]: ./wpa_supplicant(wpa_supplicant_remove_iface+0x30) [0x48b380]
-     wpa_supplicant_remove_iface() wpa_supplicant.c:2259
-[5]: ./wpa_supplicant(wpa_supplicant_deinit+0x20) [0x48b3e0]
-     wpa_supplicant_deinit() wpa_supplicant.c:2430
-[6]: ./wpa_supplicant(main+0x357) [0x4910d7]
-     main() main.c:276
-WPA_TRACE: Reference registration - END
-Aborted
-\endverbatim
-
-This type of error results in showing backtraces for both the location
-where the incorrect freeing happened and the location where the memory
-area was marked referenced.
-
-*/

diff --git a/doc/wpa_supplicant.fig b/doc/wpa_supplicant.fig
deleted file mode 100644
index 06abfb5..0000000
--- a/doc/wpa_supplicant.fig
+++ /dev/null

@@ -1,247 +0,0 @@
-#FIG 3.2
-Landscape
-Center
-Inches
-Letter
-100.00
-Single
--2
-1200 2
-6 1875 4050 2925 4350
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1875 4050 2925 4050 2925 4350 1875 4350 1875 4050
-4 0 0 50 -1 0 12 0.0000 4 180 735 2025 4275 l2_packet\001
--6
-6 3450 1200 4275 1500
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 3450 1200 4275 1200 4275 1500 3450 1500 3450 1200
-4 0 0 50 -1 0 12 0.0000 4 180 585 3600 1425 wpa_cli\001
--6
-6 4725 1200 5925 1500
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4725 1200 5925 1200 5925 1500 4725 1500 4725 1200
-4 0 0 50 -1 0 12 0.0000 4 135 1005 4800 1425 GUI frontend\001
--6
-6 6000 2700 7200 3225
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6000 2700 7200 2700 7200 3225 6000 3225 6000 2700
-4 0 0 50 -1 0 12 0.0000 4 135 975 6075 2925 WPA/WPA2\001
-4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 3150 state machine\001
--6
-6 6000 4950 7200 5475
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6000 4950 7200 4950 7200 5475 6000 5475 6000 4950
-4 0 0 50 -1 0 12 0.0000 4 135 360 6075 5175 EAP\001
-4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 5400 state machine\001
--6
-6 8700 3000 9375 3300
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8700 3000 9375 3000 9375 3300 8700 3300 8700 3000
-4 0 0 50 -1 0 12 0.0000 4 150 480 8775 3225 crypto\001
--6
-6 4350 3900 5025 4425
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4350 3900 5025 3900 5025 4425 4350 4425 4350 3900
-4 0 0 50 -1 0 12 0.0000 4 105 420 4500 4125 event\001
-4 0 0 50 -1 0 12 0.0000 4 180 315 4500 4350 loop\001
--6
-6 4275 2550 5100 2850
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4275 2550 5100 2550 5100 2850 4275 2850 4275 2550
-4 0 0 50 -1 0 12 0.0000 4 135 450 4425 2775 ctrl i/f\001
--6
-6 6000 3900 7200 4425
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6000 3900 7200 3900 7200 4425 6000 4425 6000 3900
-4 0 0 50 -1 0 12 0.0000 4 135 600 6075 4125 EAPOL\001
-4 0 0 50 -1 0 12 0.0000 4 135 1065 6075 4350 state machine\001
--6
-6 1800 6000 7800 8100
-6 1800 6000 7800 7200
-6 1800 6900 2700 7200
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1800 6900 2700 6900 2700 7200 1800 7200 1800 6900
-4 0 0 50 -1 0 12 0.0000 4 105 375 1875 7125 wext\001
--6
-6 4725 6900 5625 7200
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4725 6900 5625 6900 5625 7200 4725 7200 4725 6900
-4 0 0 50 -1 0 12 0.0000 4 135 555 4800 7125 hermes\001
--6
-6 6675 6900 7800 7200
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 6675 6900 7800 6900 7800 7200 6675 7200 6675 6900
-4 0 0 50 -1 0 12 0.0000 4 180 930 6750 7125 ndiswrapper\001
--6
-6 5700 6900 6600 7200
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 5700 6900 6600 6900 6600 7200 5700 7200 5700 6900
-4 0 0 50 -1 0 12 0.0000 4 135 420 5775 7125 atmel\001
--6
-6 4275 6000 5100 6300
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 4275 6000 5100 6000 5100 6300 4275 6300 4275 6000
-4 0 0 50 -1 0 12 0.0000 4 135 630 4350 6225 driver i/f\001
--6
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 2775 6900 3675 6900 3675 7200 2775 7200 2775 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 3750 6900 4650 6900 4650 7200 3750 7200 3750 6900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 4
-	 2250 6900 2250 6600 7200 6600 7200 6900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 3225 6900 3225 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4200 6900 4200 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 5175 6900 5175 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6150 6900 6150 6600
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4650 6600 4650 6300
-4 0 0 50 -1 0 12 0.0000 4 180 510 2850 7125 hostap\001
-4 0 0 50 -1 0 12 0.0000 4 135 600 3825 7125 madwifi\001
--6
-6 3525 7800 5775 8100
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 3525 7800 5775 7800 5775 8100 3525 8100 3525 7800
-4 0 0 50 -1 0 12 0.0000 4 135 2145 3600 8025 kernel network device driver\001
--6
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 2250 7200 4200 7800
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 7200 7200 5100 7800
--6
-6 9600 3000 10275 3300
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9600 3000 10275 3000 10275 3300 9600 3300 9600 3000
-4 0 0 50 -1 0 12 0.0000 4 135 315 9750 3225 TLS\001
--6
-6 8100 4425 10425 7350
-6 8175 4725 9225 5025
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 4725 9225 4725 9225 5025 8175 5025 8175 4725
-4 0 0 50 -1 0 12 0.0000 4 135 735 8250 4950 EAP-TLS\001
--6
-6 9300 4725 10350 5025
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 4725 10350 4725 10350 5025 9300 5025 9300 4725
-4 0 0 50 -1 0 12 0.0000 4 135 810 9375 4950 EAP-MD5\001
--6
-6 8175 5100 9225 5400
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 5100 9225 5100 9225 5400 8175 5400 8175 5100
-4 0 0 50 -1 0 12 0.0000 4 135 885 8250 5325 EAP-PEAP\001
--6
-6 9300 5100 10350 5400
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 5100 10350 5100 10350 5400 9300 5400 9300 5100
-4 0 0 50 -1 0 12 0.0000 4 135 840 9375 5325 EAP-TTLS\001
--6
-6 8175 5475 9225 5775
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 5475 9225 5475 9225 5775 8175 5775 8175 5475
-4 0 0 50 -1 0 12 0.0000 4 135 780 8250 5700 EAP-GTC\001
--6
-6 9300 5475 10350 5775
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 5475 10350 5475 10350 5775 9300 5775 9300 5475
-4 0 0 50 -1 0 12 0.0000 4 135 765 9375 5700 EAP-OTP\001
--6
-6 8175 5850 9225 6150
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 5850 9225 5850 9225 6150 8175 6150 8175 5850
-4 0 0 50 -1 0 12 0.0000 4 135 750 8250 6075 EAP-SIM\001
--6
-6 9300 6225 10350 6525
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 6225 10350 6225 10350 6525 9300 6525 9300 6225
-4 0 0 50 -1 0 12 0.0000 4 135 465 9375 6450 LEAP\001
--6
-6 8175 6225 9225 6525
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 6225 9225 6225 9225 6525 8175 6525 8175 6225
-4 0 0 50 -1 0 12 0.0000 4 135 765 8250 6450 EAP-PSK\001
--6
-6 9300 5850 10350 6150
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 5850 10350 5850 10350 6150 9300 6150 9300 5850
-4 0 0 50 -1 0 12 0.0000 4 135 825 9375 6075 EAP-AKA\001
--6
-6 8175 6975 9675 7275
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 6975 9675 6975 9675 7275 8175 7275 8175 6975
-4 0 0 50 -1 0 12 0.0000 4 135 1365 8250 7200 EAP-MSCHAPv2\001
--6
-6 9300 6600 10350 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 9300 6600 10350 6600 10350 6900 9300 6900 9300 6600
-4 0 0 50 -1 0 12 0.0000 4 135 870 9375 6825 EAP-FAST\001
--6
-6 8175 6600 9225 6900
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8175 6600 9225 6600 9225 6900 8175 6900 8175 6600
-4 0 0 50 -1 0 12 0.0000 4 135 795 8250 6825 EAP-PAX\001
--6
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 8100 7350 10425 7350 10425 4425 8100 4425 8100 7350
-4 0 0 50 -1 0 12 0.0000 4 135 1050 8700 4650 EAP methods\001
--6
-6 2775 5025 4050 5325
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 2775 5025 4050 5025 4050 5325 2775 5325 2775 5025
-4 0 0 50 -1 0 12 0.0000 4 135 990 2925 5250 driver events\001
--6
-6 2775 3150 4050 3450
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 2775 3150 4050 3150 4050 3450 2775 3450 2775 3150
-4 0 0 50 -1 0 12 0.0000 4 180 990 2925 3375 configuration\001
--6
-2 1 1 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2
-	 1275 4200 1875 4200
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 4500 2550 3900 1500
-2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2
-	 4800 2550 5400 1500
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 2925 4200 4350 4200
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 5025 3900 6000 3000
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 5025 4200 6000 4200
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4650 6000 4650 4425
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6600 4425 6600 4950
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6600 3225 6600 3900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 7200 5250 8100 5250
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 9075 4425 9075 3300
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 7200 3000 8700 3150
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4650 3900 4650 2850
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 7200 4125 8700 3300
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6000 4350 5025 6000
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 6000 3150 4875 6000
-2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5
-	 1500 2100 10800 2100 10800 7500 1500 7500 1500 2100
-2 1 0 1 2 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 9900 4425 9900 3300
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 1
-	 4350 3900
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4350 3900 4050 3450
-2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2
-	 4350 4425 4050 5025
-4 0 0 50 -1 0 12 0.0000 4 135 915 375 3975 EAPOL and\001
-4 0 0 50 -1 0 12 0.0000 4 180 630 375 4200 pre-auth\001
-4 0 0 50 -1 0 12 0.0000 4 180 810 375 4425 ethertypes\001
-4 0 0 50 -1 0 12 0.0000 4 135 1050 375 4650 from/to kernel\001
-4 0 0 50 -1 0 12 0.0000 4 135 1920 3675 1875 frontend control interface\001
-4 0 0 50 -1 2 14 0.0000 4 210 1440 1637 2371 wpa_supplicant\001

diff --git a/eap_example/.gitignore b/eap_example/.gitignore
deleted file mode 100644
index 4d6d2d1..0000000
--- a/eap_example/.gitignore
+++ /dev/null

@@ -1,4 +0,0 @@
-*.d
-eap_example
-libeap.so
-libeap.a

diff --git a/eap_example/Makefile b/eap_example/Makefile
deleted file mode 100644
index 0cc19bd..0000000
--- a/eap_example/Makefile
+++ /dev/null

@@ -1,152 +0,0 @@
-ALL=eap_example
-
-all: $(ALL) - -ifndef CC -CC=gcc -endif - -ifndef RANLIB -RANLIB=ranlib -endif - -ifndef CFLAGS -CFLAGS = -MMD -O2 -Wall -g -endif - - -CFLAGS += -I. -CFLAGS += -I../src -CFLAGS += -I../src/utils - - -OBJS_both += ../src/utils/libutils.a -OBJS_both += ../src/crypto/libcrypto.a -OBJS_both += ../src/tls/libtls.a - -OBJS_both += ../src/eap_common/eap_peap_common.o -OBJS_both += ../src/eap_common/eap_psk_common.o -OBJS_both += ../src/eap_common/eap_pax_common.o -OBJS_both += ../src/eap_common/eap_sake_common.o -OBJS_both += ../src/eap_common/eap_gpsk_common.o -OBJS_both += ../src/eap_common/chap.o - -OBJS_peer += ../src/eap_peer/eap_tls.o -OBJS_peer += ../src/eap_peer/eap_peap.o -OBJS_peer += ../src/eap_peer/eap_ttls.o -OBJS_peer += ../src/eap_peer/eap_md5.o -OBJS_peer += ../src/eap_peer/eap_mschapv2.o -OBJS_peer += ../src/eap_peer/mschapv2.o -OBJS_peer += ../src/eap_peer/eap_otp.o -OBJS_peer += ../src/eap_peer/eap_gtc.o -OBJS_peer += ../src/eap_peer/eap_leap.o -OBJS_peer += ../src/eap_peer/eap_psk.o -OBJS_peer += ../src/eap_peer/eap_pax.o -OBJS_peer += ../src/eap_peer/eap_sake.o -OBJS_peer += ../src/eap_peer/eap_gpsk.o -OBJS_peer += ../src/eap_peer/eap.o -OBJS_peer += ../src/eap_common/eap_common.o -OBJS_peer += ../src/eap_peer/eap_methods.o -OBJS_peer += ../src/eap_peer/eap_tls_common.o - -CFLAGS += -DEAP_TLS -CFLAGS += -DEAP_PEAP -CFLAGS += -DEAP_TTLS -CFLAGS += -DEAP_MD5 -CFLAGS += -DEAP_MSCHAPv2 -CFLAGS += -DEAP_GTC -CFLAGS += -DEAP_OTP -CFLAGS += -DEAP_LEAP -CFLAGS += -DEAP_PSK -CFLAGS += -DEAP_PAX -CFLAGS += -DEAP_SAKE -CFLAGS += -DEAP_GPSK -DEAP_GPSK_SHA256 - -CFLAGS += -DEAP_SERVER_IDENTITY -CFLAGS += -DEAP_SERVER_TLS -CFLAGS += -DEAP_SERVER_PEAP -CFLAGS += -DEAP_SERVER_TTLS -CFLAGS += -DEAP_SERVER_MD5 -CFLAGS += -DEAP_SERVER_MSCHAPV2 -CFLAGS += -DEAP_SERVER_GTC -CFLAGS += -DEAP_SERVER_PSK -CFLAGS += -DEAP_SERVER_PAX -CFLAGS += -DEAP_SERVER_SAKE -CFLAGS += -DEAP_SERVER_GPSK -DEAP_SERVER_GPSK_SHA256 - -CFLAGS += -DIEEE8021X_EAPOL - - -# Optional components to add EAP server support -OBJS_server += ../src/eap_server/eap_server_tls.o -OBJS_server += ../src/eap_server/eap_server_peap.o -OBJS_server += ../src/eap_server/eap_server_ttls.o -OBJS_server += ../src/eap_server/eap_server_md5.o -OBJS_server += ../src/eap_server/eap_server_mschapv2.o -OBJS_server += ../src/eap_server/eap_server_gtc.o -OBJS_server += ../src/eap_server/eap_server_psk.o -OBJS_server += ../src/eap_server/eap_server_pax.o -OBJS_server += ../src/eap_server/eap_server_sake.o -OBJS_server += ../src/eap_server/eap_server_gpsk.o -OBJS_server += ../src/eap_server/eap_server.o -OBJS_server += ../src/eap_server/eap_server_identity.o -OBJS_server += ../src/eap_server/eap_server_methods.o -OBJS_server += ../src/eap_server/eap_server_tls_common.o -CFLAGS += -DEAP_SERVER - - -ifndef LDO -LDO=$(CC)
-endif
-
-Q=@
-E=echo
-ifeq ($(V), 1) -Q= -E=true -endif - -%.o: %.c -$(Q)$(CC) -c -o$@ $(CFLAGS)$<
-	@$(E) " CC "$<
-
-
-OBJS_lib=$(OBJS_both)$(OBJS_peer) $(OBJS_server) - -OBJS_ex = eap_example.o eap_example_peer.o eap_example_server.o - - -../src/utils/libutils.a: -$(MAKE) -C ../src/utils
-
-../src/crypto/libcrypto.a:
-	$(MAKE) -C ../src/crypto - -../src/tls/libtls.a: -$(MAKE) -C ../src/tls
-
-
-ifneq ($(CONFIG_SOLIB), yes) -LIBEAP = libeap.a -libeap.a:$(OBJS_lib)
-	$(AR) crT libeap.a$(OBJS_lib)
-	$(RANLIB) libeap.a - -else -CFLAGS += -fPIC -DPIC -LDFLAGS += -shared - -LIBEAP = libeap.so -libeap.so:$(OBJS_lib)
-	$(LDO)$(LDFLAGS) $(OBJS_lib) -o$(LIBEAP)
-
-endif
-
-eap_example: $(OBJS_ex)$(LIBEAP)
-	$(LDO)$(LDFLAGS) -o eap_example $(OBJS_ex) -L. -leap$(LIBS)
-
-clean:
-	$(MAKE) -C ../src clean - rm -f core *~ *.o *.d libeap.a libeap.so$(ALL)
-
--include $(OBJS:%.o=%.d)  diff --git a/eap_example/README b/eap_example/README deleted file mode 100644 index 0c2921e..0000000 --- a/eap_example/README +++ /dev/null  @@ -1,42 +0,0 @@ -EAP peer/server library and example program -Copyright (c) 2007, Jouni Malinen <j@w1.fi> - -This software may be distributed under the terms of the BSD license. -See the parent directory README for more details. - - -The interfaces of the EAP server/peer implementation are based on RFC -4137 (EAP State Machines). This RFC is coordinated with the state -machines defined in IEEE 802.1X-2004. hostapd and wpa_supplicant -include implementation of the IEEE 802.1X EAPOL state machines and the -interface between them and EAP. However, the EAP implementation can be -used with other protocols, too, by providing a compatible interface -which maps the EAPOL<->EAP variables to another protocol. - -This directory contains an example showing how EAP peer and server -code from wpa_supplicant and hostapd can be used as a library. The -example program initializes both an EAP server and an EAP peer -entities and then runs through an EAP-PEAP/MSCHAPv2 authentication. - -eap_example_peer.c shows the initialization and glue code needed to -control the EAP peer implementation. eap_example_server.c does the -same for EAP server. eap_example.c is an example that ties in both the -EAP server and client parts to allow an EAP authentication to be -shown. - -In this example, the EAP messages are passed between the server and -the peer are passed by direct function calls within the same process. -In practice, server and peer functionalities would likely reside in -separate devices and the EAP messages would be transmitted between the -devices based on an external protocol. For example, in IEEE 802.11 -uses IEEE 802.1X EAPOL state machines to control the transmission of -EAP messages and WiMax supports optional PMK EAP authentication -mechanism that transmits EAP messages as defined in IEEE 802.16e. - - -The EAP library links in number of helper functions from src/utils and -src/crypto directories. Most of these are suitable as-is, but it may -be desirable to replace the debug output code in src/utils/wpa_debug.c -by dropping this file from the library and re-implementing the -functions there in a way that better fits in with the main -application.  diff --git a/eap_example/ca.pem b/eap_example/ca.pem deleted file mode 100644 index bfae1cc..0000000 --- a/eap_example/ca.pem +++ /dev/null  @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDBzCCAnCgAwIBAgIJAIb4NS4TdLXUMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV -BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMQ4wDAYDVQQKEwV3MS5maTEQMA4G -A1UEAxMHVGVzdCBDQTEbMBkGCSqGSIb3DQEJARYMdGVzdGNhQHcxLmZpMB4XDTA3 -MTIwOTAzMTQzN1oXDTE3MTIwNjAzMTQzN1owYTELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCkNhbGlmb3JuaWExDjAMBgNVBAoTBXcxLmZpMRAwDgYDVQQDEwdUZXN0IENB -MRswGQYJKoZIhvcNAQkBFgx0ZXN0Y2FAdzEuZmkwgZ8wDQYJKoZIhvcNAQEBBQAD -gY0AMIGJAoGBAO6GoecRclnILh9FTvqnY/yUZmeJDgC+3/PQiicpMDhAzCkWAmi+ -a1LSnqakNN/GdCy3q053TFLFEzhEHkhhRwY/zzj2vZIcFZESoUhr67CzCpcPmTGa -AfOzsGPjaH6xYcaOR4RZMfXd/EKfAauHxj3LuCusLL5hK/FwxWhQJNJrAgMBAAGj -gcYwgcMwHQYDVR0OBBYEFKhJuSLJ6JhcB/dRgB8j0h9mOlpKMIGTBgNVHSMEgYsw -gYiAFKhJuSLJ6JhcB/dRgB8j0h9mOlpKoWWkYzBhMQswCQYDVQQGEwJVUzETMBEG -A1UECBMKQ2FsaWZvcm5pYTEOMAwGA1UEChMFdzEuZmkxEDAOBgNVBAMTB1Rlc3Qg -Q0ExGzAZBgkqhkiG9w0BCQEWDHRlc3RjYUB3MS5maYIJAIb4NS4TdLXUMAwGA1Ud -EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAuU+5Uerq+n8WgiIsiANT3wUoGe2Y -cnoQi2nVjUHrivgMDufH0tgh1AVfc3wVNNREdGC136qr1KBNqalQx2rKZ76xeNqW -sQa2LIC2wE7Q7LJsltUcUjPyZHGUhBqWjKsCvlonfNB6JHkEayTEvVvyupgzTsxW -QuuRdZ0sNv/S8VI= ------END CERTIFICATE-----  diff --git a/eap_example/eap_example.c b/eap_example/eap_example.c deleted file mode 100644 index 68f3c00..0000000 --- a/eap_example/eap_example.c +++ /dev/null  @@ -1,49 +0,0 @@ -/* - * Example application showing how EAP peer and server code from - * wpa_supplicant/hostapd can be used as a library. This example program - * initializes both an EAP server and an EAP peer entities and then runs - * through an EAP-PEAP/MSCHAPv2 authentication. - * Copyright (c) 2007, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" - - -int eap_example_peer_init(void); -void eap_example_peer_deinit(void); -int eap_example_peer_step(void); - -int eap_example_server_init(void); -void eap_example_server_deinit(void); -int eap_example_server_step(void); - - -extern int wpa_debug_level; - -int main(int argc, char *argv[]) -{ - int res_s, res_p; - - wpa_debug_level = 0; - - if (eap_example_peer_init() < 0 || - eap_example_server_init() < 0) - return -1; - - do { - printf("---[ server ]--------------------------------\n"); - res_s = eap_example_server_step(); - printf("---[ peer ]----------------------------------\n"); - res_p = eap_example_peer_step(); - } while (res_s || res_p); - - eap_example_peer_deinit(); - eap_example_server_deinit(); - - return 0; -}  diff --git a/eap_example/eap_example_peer.c b/eap_example/eap_example_peer.c deleted file mode 100644 index bfeafa0..0000000 --- a/eap_example/eap_example_peer.c +++ /dev/null  @@ -1,372 +0,0 @@ -/* - * Example application showing how EAP peer code from wpa_supplicant can be - * used as a library. - * Copyright (c) 2007, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "eap_peer/eap.h" -#include "eap_peer/eap_config.h" -#include "wpabuf.h" - -void eap_example_server_rx(const u8 *data, size_t data_len); - - -struct eap_peer_ctx { - Boolean eapSuccess; - Boolean eapRestart; - Boolean eapFail; - Boolean eapResp; - Boolean eapNoResp; - Boolean eapReq; - Boolean portEnabled; - Boolean altAccept; /* for EAP */ - Boolean altReject; /* for EAP */ - - struct wpabuf *eapReqData; /* for EAP */ - - unsigned int idleWhile; /* for EAP state machine */ - - struct eap_peer_config eap_config; - struct eap_sm *eap; -}; - - -static struct eap_peer_ctx eap_ctx; - - -static struct eap_peer_config * peer_get_config(void *ctx) -{ - struct eap_peer_ctx *peer = ctx; - return &peer->eap_config; -} - - -static Boolean peer_get_bool(void *ctx, enum eapol_bool_var variable) -{ - struct eap_peer_ctx *peer = ctx; - if (peer == NULL) - return FALSE; - switch (variable) { - case EAPOL_eapSuccess: - return peer->eapSuccess; - case EAPOL_eapRestart: - return peer->eapRestart; - case EAPOL_eapFail: - return peer->eapFail; - case EAPOL_eapResp: - return peer->eapResp; - case EAPOL_eapNoResp: - return peer->eapNoResp; - case EAPOL_eapReq: - return peer->eapReq; - case EAPOL_portEnabled: - return peer->portEnabled; - case EAPOL_altAccept: - return peer->altAccept; - case EAPOL_altReject: - return peer->altReject; - } - return FALSE; -} - - -static void peer_set_bool(void *ctx, enum eapol_bool_var variable, - Boolean value) -{ - struct eap_peer_ctx *peer = ctx; - if (peer == NULL) - return; - switch (variable) { - case EAPOL_eapSuccess: - peer->eapSuccess = value; - break; - case EAPOL_eapRestart: - peer->eapRestart = value; - break; - case EAPOL_eapFail: - peer->eapFail = value; - break; - case EAPOL_eapResp: - peer->eapResp = value; - break; - case EAPOL_eapNoResp: - peer->eapNoResp = value; - break; - case EAPOL_eapReq: - peer->eapReq = value; - break; - case EAPOL_portEnabled: - peer->portEnabled = value; - break; - case EAPOL_altAccept: - peer->altAccept = value; - break; - case EAPOL_altReject: - peer->altReject = value; - break; - } -} - - -static unsigned int peer_get_int(void *ctx, enum eapol_int_var variable) -{ - struct eap_peer_ctx *peer = ctx; - if (peer == NULL) - return 0; - switch (variable) { - case EAPOL_idleWhile: - return peer->idleWhile; - } - return 0; -} - - -static void peer_set_int(void *ctx, enum eapol_int_var variable, - unsigned int value) -{ - struct eap_peer_ctx *peer = ctx; - if (peer == NULL) - return; - switch (variable) { - case EAPOL_idleWhile: - peer->idleWhile = value; - break; - } -} - - -static struct wpabuf * peer_get_eapReqData(void *ctx) -{ - struct eap_peer_ctx *peer = ctx; - if (peer == NULL || peer->eapReqData == NULL) - return NULL; - - return peer->eapReqData; -} - - -static void peer_set_config_blob(void *ctx, struct wpa_config_blob *blob) -{ - printf("TODO: %s\n", __func__); -} - - -static const struct wpa_config_blob * -peer_get_config_blob(void *ctx, const char *name) -{ - printf("TODO: %s\n", __func__); - return NULL; -} - - -static void peer_notify_pending(void *ctx) -{ - printf("TODO: %s\n", __func__); -} - - -static int eap_peer_register_methods(void) -{ - int ret = 0; - -#ifdef EAP_MD5 - if (ret == 0) - ret = eap_peer_md5_register(); -#endif /* EAP_MD5 */ - -#ifdef EAP_TLS - if (ret == 0) - ret = eap_peer_tls_register(); -#endif /* EAP_TLS */ - -#ifdef EAP_MSCHAPv2 - if (ret == 0) - ret = eap_peer_mschapv2_register(); -#endif /* EAP_MSCHAPv2 */ - -#ifdef EAP_PEAP - if (ret == 0) - ret = eap_peer_peap_register(); -#endif /* EAP_PEAP */ - -#ifdef EAP_TTLS - if (ret == 0) - ret = eap_peer_ttls_register(); -#endif /* EAP_TTLS */ - -#ifdef EAP_GTC - if (ret == 0) - ret = eap_peer_gtc_register(); -#endif /* EAP_GTC */ - -#ifdef EAP_OTP - if (ret == 0) - ret = eap_peer_otp_register(); -#endif /* EAP_OTP */ - -#ifdef EAP_SIM - if (ret == 0) - ret = eap_peer_sim_register(); -#endif /* EAP_SIM */ - -#ifdef EAP_LEAP - if (ret == 0) - ret = eap_peer_leap_register(); -#endif /* EAP_LEAP */ - -#ifdef EAP_PSK - if (ret == 0) - ret = eap_peer_psk_register(); -#endif /* EAP_PSK */ - -#ifdef EAP_AKA - if (ret == 0) - ret = eap_peer_aka_register(); -#endif /* EAP_AKA */ - -#ifdef EAP_AKA_PRIME - if (ret == 0) - ret = eap_peer_aka_prime_register(); -#endif /* EAP_AKA_PRIME */ - -#ifdef EAP_FAST - if (ret == 0) - ret = eap_peer_fast_register(); -#endif /* EAP_FAST */ - -#ifdef EAP_PAX - if (ret == 0) - ret = eap_peer_pax_register(); -#endif /* EAP_PAX */ - -#ifdef EAP_SAKE - if (ret == 0) - ret = eap_peer_sake_register(); -#endif /* EAP_SAKE */ - -#ifdef EAP_GPSK - if (ret == 0) - ret = eap_peer_gpsk_register(); -#endif /* EAP_GPSK */ - -#ifdef EAP_WSC - if (ret == 0) - ret = eap_peer_wsc_register(); -#endif /* EAP_WSC */ - -#ifdef EAP_IKEV2 - if (ret == 0) - ret = eap_peer_ikev2_register(); -#endif /* EAP_IKEV2 */ - -#ifdef EAP_VENDOR_TEST - if (ret == 0) - ret = eap_peer_vendor_test_register(); -#endif /* EAP_VENDOR_TEST */ - -#ifdef EAP_TNC - if (ret == 0) - ret = eap_peer_tnc_register(); -#endif /* EAP_TNC */ - - return ret; -} - - -static struct eapol_callbacks eap_cb; -static struct eap_config eap_conf; - -int eap_example_peer_init(void) -{ - if (eap_peer_register_methods() < 0) - return -1; - - os_memset(&eap_ctx, 0, sizeof(eap_ctx)); - - eap_ctx.eap_config.identity = (u8 *) os_strdup("user"); - eap_ctx.eap_config.identity_len = 4; - eap_ctx.eap_config.password = (u8 *) os_strdup("password"); - eap_ctx.eap_config.password_len = 8; - eap_ctx.eap_config.ca_cert = (u8 *) os_strdup("ca.pem"); - eap_ctx.eap_config.fragment_size = 1398; - - os_memset(&eap_cb, 0, sizeof(eap_cb)); - eap_cb.get_config = peer_get_config; - eap_cb.get_bool = peer_get_bool; - eap_cb.set_bool = peer_set_bool; - eap_cb.get_int = peer_get_int; - eap_cb.set_int = peer_set_int; - eap_cb.get_eapReqData = peer_get_eapReqData; - eap_cb.set_config_blob = peer_set_config_blob; - eap_cb.get_config_blob = peer_get_config_blob; - eap_cb.notify_pending = peer_notify_pending; - - os_memset(&eap_conf, 0, sizeof(eap_conf)); - eap_ctx.eap = eap_peer_sm_init(&eap_ctx, &eap_cb, &eap_ctx, &eap_conf); - if (eap_ctx.eap == NULL) - return -1; - - /* Enable "port" to allow authentication */ - eap_ctx.portEnabled = TRUE; - - return 0; -} - - -void eap_example_peer_deinit(void) -{ - eap_peer_sm_deinit(eap_ctx.eap); - eap_peer_unregister_methods(); - wpabuf_free(eap_ctx.eapReqData); - os_free(eap_ctx.eap_config.identity); - os_free(eap_ctx.eap_config.password); - os_free(eap_ctx.eap_config.ca_cert); -} - - -int eap_example_peer_step(void) -{ - int res; - res = eap_peer_sm_step(eap_ctx.eap); - - if (eap_ctx.eapResp) { - struct wpabuf *resp; - printf("==> Response\n"); - eap_ctx.eapResp = FALSE; - resp = eap_get_eapRespData(eap_ctx.eap); - if (resp) { - /* Send EAP response to the server */ - eap_example_server_rx(wpabuf_head(resp), - wpabuf_len(resp)); - wpabuf_free(resp); - } - } - - if (eap_ctx.eapSuccess) { - res = 0; - if (eap_key_available(eap_ctx.eap)) { - const u8 *key; - size_t key_len; - key = eap_get_eapKeyData(eap_ctx.eap, &key_len); - wpa_hexdump(MSG_DEBUG, "EAP keying material", - key, key_len); - } - } - - return res; -} - - -void eap_example_peer_rx(const u8 *data, size_t data_len) -{ - /* Make received EAP message available to the EAP library */ - eap_ctx.eapReq = TRUE; - wpabuf_free(eap_ctx.eapReqData); - eap_ctx.eapReqData = wpabuf_alloc_copy(data, data_len); -}  diff --git a/eap_example/eap_example_server.c b/eap_example/eap_example_server.c deleted file mode 100644 index 7097bca..0000000 --- a/eap_example/eap_example_server.c +++ /dev/null  @@ -1,295 +0,0 @@ -/* - * Example application showing how EAP server code from hostapd can be used as - * a library. - * Copyright (c) 2007, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "crypto/tls.h" -#include "eap_server/eap.h" -#include "wpabuf.h" - -void eap_example_peer_rx(const u8 *data, size_t data_len); - - -struct eap_server_ctx { - struct eap_eapol_interface *eap_if; - struct eap_sm *eap; - void *tls_ctx; -}; - -static struct eap_server_ctx eap_ctx; - - -static int server_get_eap_user(void *ctx, const u8 *identity, - size_t identity_len, int phase2, - struct eap_user *user) -{ - os_memset(user, 0, sizeof(*user)); - - if (!phase2) { - /* Only allow EAP-PEAP as the Phase 1 method */ - user->methods[0].vendor = EAP_VENDOR_IETF; - user->methods[0].method = EAP_TYPE_PEAP; - return 0; - } - - if (identity_len != 4 || identity == NULL || - os_memcmp(identity, "user", 4) != 0) { - printf("Unknown user\n"); - return -1; - } - - /* Only allow EAP-MSCHAPv2 as the Phase 2 method */ - user->methods[0].vendor = EAP_VENDOR_IETF; - user->methods[0].method = EAP_TYPE_MSCHAPV2; - user->password = (u8 *) os_strdup("password"); - user->password_len = 8; - - return 0; -} - - -static const char * server_get_eap_req_id_text(void *ctx, size_t *len) -{ - *len = 0; - return NULL; -} - - -static struct eapol_callbacks eap_cb; -static struct eap_config eap_conf; - -static int eap_example_server_init_tls(void) -{ - struct tls_config tconf; - struct tls_connection_params tparams; - - os_memset(&tconf, 0, sizeof(tconf)); - eap_ctx.tls_ctx = tls_init(&tconf); - if (eap_ctx.tls_ctx == NULL) - return -1; - - os_memset(&tparams, 0, sizeof(tparams)); - tparams.ca_cert = "ca.pem"; - tparams.client_cert = "server.pem"; - /* tparams.private_key = "server.key"; */ - tparams.private_key = "server-key.pem"; - /* tparams.private_key_passwd = "whatever"; */ - - if (tls_global_set_params(eap_ctx.tls_ctx, &tparams)) { - printf("Failed to set TLS parameters\n"); - return -1; - } - - if (tls_global_set_verify(eap_ctx.tls_ctx, 0)) { - printf("Failed to set check_crl\n"); - return -1; - } - - return 0; -} - - -static int eap_server_register_methods(void) -{ - int ret = 0; - -#ifdef EAP_SERVER_IDENTITY - if (ret == 0) - ret = eap_server_identity_register(); -#endif /* EAP_SERVER_IDENTITY */ - -#ifdef EAP_SERVER_MD5 - if (ret == 0) - ret = eap_server_md5_register(); -#endif /* EAP_SERVER_MD5 */ - -#ifdef EAP_SERVER_TLS - if (ret == 0) - ret = eap_server_tls_register(); -#endif /* EAP_SERVER_TLS */ - -#ifdef EAP_SERVER_MSCHAPV2 - if (ret == 0) - ret = eap_server_mschapv2_register(); -#endif /* EAP_SERVER_MSCHAPV2 */ - -#ifdef EAP_SERVER_PEAP - if (ret == 0) - ret = eap_server_peap_register(); -#endif /* EAP_SERVER_PEAP */ - -#ifdef EAP_SERVER_TLV - if (ret == 0) - ret = eap_server_tlv_register(); -#endif /* EAP_SERVER_TLV */ - -#ifdef EAP_SERVER_GTC - if (ret == 0) - ret = eap_server_gtc_register(); -#endif /* EAP_SERVER_GTC */ - -#ifdef EAP_SERVER_TTLS - if (ret == 0) - ret = eap_server_ttls_register(); -#endif /* EAP_SERVER_TTLS */ - -#ifdef EAP_SERVER_SIM - if (ret == 0) - ret = eap_server_sim_register(); -#endif /* EAP_SERVER_SIM */ - -#ifdef EAP_SERVER_AKA - if (ret == 0) - ret = eap_server_aka_register(); -#endif /* EAP_SERVER_AKA */ - -#ifdef EAP_SERVER_AKA_PRIME - if (ret == 0) - ret = eap_server_aka_prime_register(); -#endif /* EAP_SERVER_AKA_PRIME */ - -#ifdef EAP_SERVER_PAX - if (ret == 0) - ret = eap_server_pax_register(); -#endif /* EAP_SERVER_PAX */ - -#ifdef EAP_SERVER_PSK - if (ret == 0) - ret = eap_server_psk_register(); -#endif /* EAP_SERVER_PSK */ - -#ifdef EAP_SERVER_SAKE - if (ret == 0) - ret = eap_server_sake_register(); -#endif /* EAP_SERVER_SAKE */ - -#ifdef EAP_SERVER_GPSK - if (ret == 0) - ret = eap_server_gpsk_register(); -#endif /* EAP_SERVER_GPSK */ - -#ifdef EAP_SERVER_VENDOR_TEST - if (ret == 0) - ret = eap_server_vendor_test_register(); -#endif /* EAP_SERVER_VENDOR_TEST */ - -#ifdef EAP_SERVER_FAST - if (ret == 0) - ret = eap_server_fast_register(); -#endif /* EAP_SERVER_FAST */ - -#ifdef EAP_SERVER_WSC - if (ret == 0) - ret = eap_server_wsc_register(); -#endif /* EAP_SERVER_WSC */ - -#ifdef EAP_SERVER_IKEV2 - if (ret == 0) - ret = eap_server_ikev2_register(); -#endif /* EAP_SERVER_IKEV2 */ - -#ifdef EAP_SERVER_TNC - if (ret == 0) - ret = eap_server_tnc_register(); -#endif /* EAP_SERVER_TNC */ - - return ret; -} - - -int eap_example_server_init(void) -{ - if (eap_server_register_methods() < 0) - return -1; - - os_memset(&eap_ctx, 0, sizeof(eap_ctx)); - - if (eap_example_server_init_tls() < 0) - return -1; - - os_memset(&eap_cb, 0, sizeof(eap_cb)); - eap_cb.get_eap_user = server_get_eap_user; - eap_cb.get_eap_req_id_text = server_get_eap_req_id_text; - - os_memset(&eap_conf, 0, sizeof(eap_conf)); - eap_conf.eap_server = 1; - eap_conf.ssl_ctx = eap_ctx.tls_ctx; - - eap_ctx.eap = eap_server_sm_init(&eap_ctx, &eap_cb, &eap_conf); - if (eap_ctx.eap == NULL) - return -1; - - eap_ctx.eap_if = eap_get_interface(eap_ctx.eap); - - /* Enable "port" and request EAP to start authentication. */ - eap_ctx.eap_if->portEnabled = TRUE; - eap_ctx.eap_if->eapRestart = TRUE; - - return 0; -} - - -void eap_example_server_deinit(void) -{ - eap_server_sm_deinit(eap_ctx.eap); - eap_server_unregister_methods(); - tls_deinit(eap_ctx.tls_ctx); -} - - -int eap_example_server_step(void) -{ - int res, process = 0; - - res = eap_server_sm_step(eap_ctx.eap); - - if (eap_ctx.eap_if->eapReq) { - printf("==> Request\n"); - process = 1; - eap_ctx.eap_if->eapReq = 0; - } - - if (eap_ctx.eap_if->eapSuccess) { - printf("==> Success\n"); - process = 1; - res = 0; - eap_ctx.eap_if->eapSuccess = 0; - - if (eap_ctx.eap_if->eapKeyAvailable) { - wpa_hexdump(MSG_DEBUG, "EAP keying material", - eap_ctx.eap_if->eapKeyData, - eap_ctx.eap_if->eapKeyDataLen); - } - } - - if (eap_ctx.eap_if->eapFail) { - printf("==> Fail\n"); - process = 1; - eap_ctx.eap_if->eapFail = 0; - } - - if (process && eap_ctx.eap_if->eapReqData) { - /* Send EAP response to the server */ - eap_example_peer_rx(wpabuf_head(eap_ctx.eap_if->eapReqData), - wpabuf_len(eap_ctx.eap_if->eapReqData)); - } - - return res; -} - - -void eap_example_server_rx(const u8 *data, size_t data_len) -{ - /* Make received EAP message available to the EAP library */ - wpabuf_free(eap_ctx.eap_if->eapRespData); - eap_ctx.eap_if->eapRespData = wpabuf_alloc_copy(data, data_len); - if (eap_ctx.eap_if->eapRespData) - eap_ctx.eap_if->eapResp = TRUE; -}  diff --git a/eap_example/server-key.pem b/eap_example/server-key.pem deleted file mode 100644 index d98c4dd..0000000 --- a/eap_example/server-key.pem +++ /dev/null  @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDToYuDPmjEWu+/Aj0RVWTSb07sX6dAkPnrTaUjZAG5AhjRqJWz -zD50kFmVKi+R7GgS5tlGzLUtokdwjuSUAmz8tMXwIwmVeS0HluFDVSi94XbVRczE -+nyoDigg1RGyy1mc3t5RG84bvNatq98OceJag4ngh8L8I4k1qTLRMlyBJwIDAQAB -AoGAP+v0asDn/h8FeSkg7uJfIJyUNxsxNnRTuHnsXkMvrgTvICyOgw828hhDpqVm -VuoUCVmG2Tatpsn0UBApBHezGRh0u1syWoGM8fiDvZmoYmhFe5FxKnftg3KNXhDf -Agk4OxwNNPBXpQFQP+GNxh6Qs7FEkYHLRh/J7vC0+wp3UWECQQDzcTQZXqYPow5M -uinL819HKfh1n2257w1HGvw8cMCiYbKRyR74Q18TJcxuEyEwnPrg5ZGpMPDKiIOU -SlgAMLBXAkEA3oxBpRue1Kqb2+Fq6lhZ7PQiZC5F69upIb/wxbk8ByImEl1pUKFW -rV+YoKujbnj77PmMq1+R0dFkT1ai3zDzsQJBAMa3CUgMMpFhEDMhYyzQJF36rI2W -7gJwV+5K4MqVXyktho3qFhWhKOKAYDcZ9mWwPjmGKzhocqVgecd6SAsfs1ECQA7r -xHL3eRy1G6IQaQSxS8YxUCT7XUDFB3/1yITZOIcZ6QeOL8NyLceOA0OyflCn1+w5 -hw7uZ25z5Y/UNTNVquECQEgto3zPneEW06qkEnRz9EbLtWR3nRBS/QGrjOFNUuln -pNhVUH4RB17Kk35xveUTz4U/Iw/WRfGNjFLHrtR/5xk= ------END RSA PRIVATE KEY-----  diff --git a/eap_example/server.key b/eap_example/server.key deleted file mode 100644 index 4f32591..0000000 --- a/eap_example/server.key +++ /dev/null Binary files differ  diff --git a/eap_example/server.pem b/eap_example/server.pem deleted file mode 100644 index 02f6e7b..0000000 --- a/eap_example/server.pem +++ /dev/null  @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC0zCCAjygAwIBAgIJAIb4NS4TdLXVMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV -BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMQ4wDAYDVQQKEwV3MS5maTEQMA4G -A1UEAxMHVGVzdCBDQTEbMBkGCSqGSIb3DQEJARYMdGVzdGNhQHcxLmZpMB4XDTA3 -MTIwOTAzMTUwOFoXDTE3MTIwNjAzMTUwOFoweTELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDjAMBgNVBAoT -BXcxLmZpMRAwDgYDVQQDEwdUZXN0IEFTMRswGQYJKoZIhvcNAQkBFgx0ZXN0YXNA -dzEuZmkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANOhi4M+aMRa778CPRFV -ZNJvTuxfp0CQ+etNpSNkAbkCGNGolbPMPnSQWZUqL5HsaBLm2UbMtS2iR3CO5JQC -bPy0xfAjCZV5LQeW4UNVKL3hdtVFzMT6fKgOKCDVEbLLWZze3lEbzhu81q2r3w5x -4lqDieCHwvwjiTWpMtEyXIEnAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4 -QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRb -xGTC3mPimgyGb5vYLLV5wyc9ITAfBgNVHSMEGDAWgBSoSbkiyeiYXAf3UYAfI9If -ZjpaSjANBgkqhkiG9w0BAQUFAAOBgQA9wVGtroz/rsx1EeALJejW01SAr4kpTxoS -WP6zuWFb+J/lJd7DeVM6/QBYAwZb0fB6nwSpJJCj6XDRZtN/yLeaTd/rCZrfom4Z -8gbkWMTXDn2Cea2VnCe5W0gK+4dIj5DD5CpPvgt4lYqlwN0WAih6twd7Q4x/tiiJ -ejNQzlTHOg== ------END CERTIFICATE-----  diff --git a/mac80211_hwsim/tests/0001-wpa2-psk/hostapd.conf b/mac80211_hwsim/tests/0001-wpa2-psk/hostapd.conf deleted file mode 100644 index 08cde7e..0000000 --- a/mac80211_hwsim/tests/0001-wpa2-psk/hostapd.conf +++ /dev/null  @@ -1,11 +0,0 @@ -interface=wlan0 -driver=nl80211 - -hw_mode=g -channel=1 -ssid=mac80211 test - -wpa=2 -wpa_key_mgmt=WPA-PSK -wpa_pairwise=CCMP -wpa_passphrase=12345678  diff --git a/mac80211_hwsim/tests/0001-wpa2-psk/test.txt b/mac80211_hwsim/tests/0001-wpa2-psk/test.txt deleted file mode 100644 index 05d85a0..0000000 --- a/mac80211_hwsim/tests/0001-wpa2-psk/test.txt +++ /dev/null  @@ -1,7 +0,0 @@ -# WPA2-Personal (PSK) with CCMP, AP and single client - -modprobe mac80211_hwsim - -hostapd hostapd.conf - -wpa_supplicant -Dwext -iwlan1 -c wpa_supplicant.conf  diff --git a/mac80211_hwsim/tests/0001-wpa2-psk/wpa_supplicant.conf b/mac80211_hwsim/tests/0001-wpa2-psk/wpa_supplicant.conf deleted file mode 100644 index 299128c..0000000 --- a/mac80211_hwsim/tests/0001-wpa2-psk/wpa_supplicant.conf +++ /dev/null  @@ -1,10 +0,0 @@ -ctrl_interface=/var/run/wpa_supplicant - -network={ - ssid="mac80211 test" - psk="12345678" - key_mgmt=WPA-PSK - proto=WPA2 - pairwise=CCMP - group=CCMP -}  diff --git a/mac80211_hwsim/tests/0002-vlan/hostapd.accept b/mac80211_hwsim/tests/0002-vlan/hostapd.accept deleted file mode 100644 index e97a175..0000000 --- a/mac80211_hwsim/tests/0002-vlan/hostapd.accept +++ /dev/null  @@ -1,2 +0,0 @@ -02:00:00:00:01:00 1 -02:00:00:00:02:00 2  diff --git a/mac80211_hwsim/tests/0002-vlan/hostapd.conf b/mac80211_hwsim/tests/0002-vlan/hostapd.conf deleted file mode 100644 index 8698f0e..0000000 --- a/mac80211_hwsim/tests/0002-vlan/hostapd.conf +++ /dev/null  @@ -1,12 +0,0 @@ -interface=wlan0 -driver=nl80211 - -hw_mode=g -channel=1 -ssid=mac80211 test - -dynamic_vlan=2 -vlan_file=hostapd.vlan - -macaddr_acl=0 -accept_mac_file=hostapd.accept  diff --git a/mac80211_hwsim/tests/0002-vlan/hostapd.vlan b/mac80211_hwsim/tests/0002-vlan/hostapd.vlan deleted file mode 100644 index b3750b2..0000000 --- a/mac80211_hwsim/tests/0002-vlan/hostapd.vlan +++ /dev/null  @@ -1 +0,0 @@ -* vlan#  diff --git a/mac80211_hwsim/tests/0002-vlan/test.txt b/mac80211_hwsim/tests/0002-vlan/test.txt deleted file mode 100644 index 8c92f1c..0000000 --- a/mac80211_hwsim/tests/0002-vlan/test.txt +++ /dev/null  @@ -1,15 +0,0 @@ -# Plaintext connection, two clients, different VLANs - -modprobe mac80211_hwsim radios=3 - -hostapd hostapd.conf - -ifconfig wlan1 up -iwconfig wlan1 essid "mac80211 test" - -ifconfig wlan2 up -iwconfig wlan2 essid "mac80211 test" - -# Expected results: -# STA1(wlan1) is bound to vlan1 -# STA2(wlan2) is bound to vlan2  diff --git a/mac80211_hwsim/tools/Makefile b/mac80211_hwsim/tools/Makefile deleted file mode 100644 index ec0d2dc..0000000 --- a/mac80211_hwsim/tools/Makefile +++ /dev/null  @@ -1,11 +0,0 @@ -all: hwsim_test - -ifndef CC -CC=gcc -endif - -ifndef CFLAGS -CFLAGS = -O2 -Wall -g -endif - -hwsim_test: hwsim_test.o  diff --git a/mac80211_hwsim/tools/hwsim_test.c b/mac80211_hwsim/tools/hwsim_test.c deleted file mode 100644 index 75e5984..0000000 --- a/mac80211_hwsim/tools/hwsim_test.c +++ /dev/null  @@ -1,238 +0,0 @@ -/* - * hwsim_test - Data connectivity test for mac80211_hwsim - * Copyright (c) 2009, Atheros Communications - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <sys/ioctl.h> -#include <sys/socket.h> -#include <sys/select.h> -#include <netpacket/packet.h> -#include <net/ethernet.h> -#include <net/if.h> -#include <arpa/inet.h> - -#define MAC2STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5] -#define MACSTR "%02x:%02x:%02x:%02x:%02x:%02x" - -#define HWSIM_ETHERTYPE ETHERTYPE_IP -#define HWSIM_PACKETLEN 1500 - -static unsigned char addr1[ETH_ALEN], addr2[ETH_ALEN], bcast[ETH_ALEN]; - -static void tx(int s, const char *ifname, int ifindex, - const unsigned char *src, const unsigned char *dst) -{ - char buf[HWSIM_PACKETLEN], *pos; - struct ether_header *eth; - int i; - - printf("TX: %s(ifindex=%d) " MACSTR " -> " MACSTR "\n", - ifname, ifindex, MAC2STR(src), MAC2STR(dst)); - - eth = (struct ether_header *) buf; - memcpy(eth->ether_dhost, dst, ETH_ALEN); - memcpy(eth->ether_shost, src, ETH_ALEN); - eth->ether_type = htons(HWSIM_ETHERTYPE); - pos = (char *) (eth + 1); - for (i = 0; i < sizeof(buf) - sizeof(*eth); i++) - *pos++ = i; - - if (send(s, buf, sizeof(buf), 0) < 0) - perror("send"); -} - - -struct rx_result { - int rx_unicast1:1; - int rx_broadcast1:1; - int rx_unicast2:1; - int rx_broadcast2:1; -}; - - -static void rx(int s, int iface, const char *ifname, int ifindex, - struct rx_result *res) -{ - char buf[HWSIM_PACKETLEN + 1], *pos; - struct ether_header *eth; - int len, i; - - len = recv(s, buf, sizeof(buf), 0); - if (len < 0) { - perror("recv"); - return; - } - eth = (struct ether_header *) buf; - - printf("RX: %s(ifindex=%d) " MACSTR " -> " MACSTR " (len=%d)\n", - ifname, ifindex, - MAC2STR(eth->ether_shost), MAC2STR(eth->ether_dhost), len); - - if (len != HWSIM_PACKETLEN) { - printf("Ignore frame with unexpected RX length\n"); - return; - } - - pos = (char *) (eth + 1); - for (i = 0; i < sizeof(buf) - 1 - sizeof(*eth); i++) { - if ((unsigned char) *pos != (unsigned char) i) { - printf("Ignore frame with unexpected contents\n"); - printf("i=%d received=0x%x expected=0x%x\n", - i, (unsigned char) *pos, (unsigned char) i); - return; - } - pos++; - } - - if (iface == 1 && - memcmp(eth->ether_dhost, addr1, ETH_ALEN) == 0 && - memcmp(eth->ether_shost, addr2, ETH_ALEN) == 0) - res->rx_unicast1 = 1; - else if (iface == 1 && - memcmp(eth->ether_dhost, bcast, ETH_ALEN) == 0 && - memcmp(eth->ether_shost, addr2, ETH_ALEN) == 0) - res->rx_broadcast1 = 1; - else if (iface == 2 && - memcmp(eth->ether_dhost, addr2, ETH_ALEN) == 0 && - memcmp(eth->ether_shost, addr1, ETH_ALEN) == 0) - res->rx_unicast2 = 1; - else if (iface == 2 && - memcmp(eth->ether_dhost, bcast, ETH_ALEN) == 0 && - memcmp(eth->ether_shost, addr1, ETH_ALEN) == 0) - res->rx_broadcast2 = 1; -} - - -int main(int argc, char *argv[]) -{ - int s1 = -1, s2 = -1, ret = -1; - struct ifreq ifr; - int ifindex1, ifindex2; - struct sockaddr_ll ll; - fd_set rfds; - struct timeval tv; - struct rx_result res; - - if (argc != 3) { - fprintf(stderr, "usage: hwsim_test <ifname1> <ifname2>\n"); - return -1; - } - - memset(bcast, 0xff, ETH_ALEN); - - s1 = socket(PF_PACKET, SOCK_RAW, htons(HWSIM_ETHERTYPE)); - if (s1 < 0) { - perror("socket"); - goto fail; - } - - s2 = socket(PF_PACKET, SOCK_RAW, htons(HWSIM_ETHERTYPE)); - if (s2 < 0) { - perror("socket"); - goto fail; - } - - memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, argv[1], sizeof(ifr.ifr_name)); - if (ioctl(s1, SIOCGIFINDEX, &ifr) < 0) { - perror("ioctl[SIOCGIFINDEX]"); - goto fail; - } - ifindex1 = ifr.ifr_ifindex; - if (ioctl(s1, SIOCGIFHWADDR, &ifr) < 0) { - perror("ioctl[SIOCGIFHWADDR]"); - goto fail; - } - memcpy(addr1, ifr.ifr_hwaddr.sa_data, ETH_ALEN); - - memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, argv[2], sizeof(ifr.ifr_name)); - if (ioctl(s2, SIOCGIFINDEX, &ifr) < 0) { - perror("ioctl[SIOCGIFINDEX]"); - goto fail; - } - ifindex2 = ifr.ifr_ifindex; - if (ioctl(s2, SIOCGIFHWADDR, &ifr) < 0) { - perror("ioctl[SIOCGIFHWADDR]"); - goto fail; - } - memcpy(addr2, ifr.ifr_hwaddr.sa_data, ETH_ALEN); - - memset(&ll, 0, sizeof(ll)); - ll.sll_family = PF_PACKET; - ll.sll_ifindex = ifindex1; - ll.sll_protocol = htons(HWSIM_ETHERTYPE); - if (bind(s1, (struct sockaddr *) &ll, sizeof(ll)) < 0) { - perror("bind"); - goto fail; - } - - memset(&ll, 0, sizeof(ll)); - ll.sll_family = PF_PACKET; - ll.sll_ifindex = ifindex2; - ll.sll_protocol = htons(HWSIM_ETHERTYPE); - if (bind(s2, (struct sockaddr *) &ll, sizeof(ll)) < 0) { - perror("bind"); - goto fail; - } - - tx(s1, argv[1], ifindex1, addr1, addr2); - tx(s1, argv[1], ifindex1, addr1, bcast); - tx(s2, argv[2], ifindex2, addr2, addr1); - tx(s2, argv[2], ifindex2, addr2, bcast); - - tv.tv_sec = 1; - tv.tv_usec = 0; - - memset(&res, 0, sizeof(res)); - for (;;) { - int r; - FD_ZERO(&rfds); - FD_SET(s1, &rfds); - FD_SET(s2, &rfds); - - r = select(s2 + 1, &rfds, NULL, NULL, &tv); - if (r < 0) { - perror("select"); - goto fail; - } - - if (r == 0) - break; /* timeout */ - - if (FD_ISSET(s1, &rfds)) - rx(s1, 1, argv[1], ifindex1, &res); - if (FD_ISSET(s2, &rfds)) - rx(s2, 2, argv[2], ifindex2, &res); - - if (res.rx_unicast1 && res.rx_broadcast1 && - res.rx_unicast2 && res.rx_broadcast2) { - ret = 0; - break; - } - } - - if (ret) { - printf("Did not receive all expected frames:\n" - "rx_unicast1=%d rx_broadcast1=%d " - "rx_unicast2=%d rx_broadcast2=%d\n", - res.rx_unicast1, res.rx_broadcast1, - res.rx_unicast2, res.rx_broadcast2); - } else { - printf("Both unicast and broadcast working in both " - "directions\n"); - } - -fail: - close(s1); - close(s2); - - return ret; -}  diff --git a/patches/openssl-0.9.8-tls-extensions.patch b/patches/openssl-0.9.8-tls-extensions.patch deleted file mode 100644 index 44490cc..0000000 --- a/patches/openssl-0.9.8-tls-extensions.patch +++ /dev/null  @@ -1,429 +0,0 @@ -This patch is adding support for TLS hello extensions and externally -generated pre-shared key material to OpenSSL 0.9.8. This is -based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - - - -diff -uprN openssl-0.9.8.orig/include/openssl/ssl.h openssl-0.9.8/include/openssl/ssl.h ---- openssl-0.9.8.orig/include/openssl/ssl.h 2005-06-10 12:51:16.000000000 -0700 -+++ openssl-0.9.8/include/openssl/ssl.h 2005-07-19 20:02:15.000000000 -0700 -@@ -340,6 +340,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -361,6 +362,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -968,6 +971,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1533,6 +1545,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1714,6 +1733,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8.orig/include/openssl/tls1.h openssl-0.9.8/include/openssl/tls1.h ---- openssl-0.9.8.orig/include/openssl/tls1.h 2003-07-22 05:34:21.000000000 -0700 -+++ openssl-0.9.8/include/openssl/tls1.h 2005-07-19 20:02:15.000000000 -0700 -@@ -282,6 +282,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8.orig/ssl/Makefile openssl-0.9.8/ssl/Makefile ---- openssl-0.9.8.orig/ssl/Makefile 2005-05-30 16:20:30.000000000 -0700 -+++ openssl-0.9.8/ssl/Makefile 2005-07-19 20:02:15.000000000 -0700 -@@ -24,7 +24,7 @@ LIBSRC= \ - s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \ - s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ - s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ -- t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ -+ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ - d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ - d1_both.c d1_enc.c \ - ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ -@@ -35,7 +35,7 @@ LIBOBJ= \ - s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ - s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ - s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ -- t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \ -+ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ - d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \ - d1_both.o d1_enc.o \ - ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ -@@ -968,3 +968,4 @@ t1_srvr.o: ../include/openssl/ssl23.h .. - t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h - t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h - t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c -+t1_ext.o: t1_ext.c ssl_locl.h -diff -uprN openssl-0.9.8.orig/ssl/s3_clnt.c openssl-0.9.8/ssl/s3_clnt.c ---- openssl-0.9.8.orig/ssl/s3_clnt.c 2005-05-16 03:11:03.000000000 -0700 -+++ openssl-0.9.8/ssl/s3_clnt.c 2005-07-19 20:02:15.000000000 -0700 -@@ -606,6 +606,20 @@ int ssl3_client_hello(SSL *s) - } - *(p++)=0; /* Add the NULL method */ - -+ /* send client hello extensions if any */ -+ if (s->version >= TLS1_VERSION && s->tls_extension) -+ { -+ // set the total extensions length -+ s2n(s->tls_extension->length + 4, p); -+ -+ // put the extensions with type and length -+ s2n(s->tls_extension->type, p); -+ s2n(s->tls_extension->length, p); -+ -+ memcpy(p, s->tls_extension->data, s->tls_extension->length); -+ p+=s->tls_extension->length; -+ } -+ - l=(p-d); - d=buf; - *(d++)=SSL3_MT_CLIENT_HELLO; -@@ -628,7 +642,7 @@ int ssl3_get_server_hello(SSL *s) - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - unsigned char *p,*d; -- int i,al,ok; -+ int i,al,ok,pre_shared; - unsigned int j; - long n; - SSL_COMP *comp; -@@ -693,7 +707,24 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -- if (j != 0 && j == s->session->session_id_length -+ /* check if we want to resume the session based on external pre-shared secret */ -+ pre_shared = 0; -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ s->session->session_id_length = j; -+ memcpy(s->session->session_id, p, j); -+ pre_shared = 1; -+ } -+ } -+ -+ if ((pre_shared || j != 0) && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { - if(s->sid_ctx_length != s->session->sid_ctx_length -diff -uprN openssl-0.9.8.orig/ssl/s3_srvr.c openssl-0.9.8/ssl/s3_srvr.c ---- openssl-0.9.8.orig/ssl/s3_srvr.c 2005-05-22 17:32:55.000000000 -0700 -+++ openssl-0.9.8/ssl/s3_srvr.c 2005-07-19 20:02:15.000000000 -0700 -@@ -955,6 +955,75 @@ int ssl3_get_client_hello(SSL *s) - } - #endif - -+ /* Check for TLS client hello extension here */ -+ if (p < (d+n) && s->version >= TLS1_VERSION) -+ { -+ if (s->tls_extension_cb) -+ { -+ TLS_EXTENSION tls_ext; -+ unsigned short ext_total_len; -+ -+ n2s(p, ext_total_len); -+ n2s(p, tls_ext.type); -+ n2s(p, tls_ext.length); -+ -+ // sanity check in TLS extension len -+ if (tls_ext.length > (d+n) - p) -+ { -+ // just cut the lenth to packet border -+ tls_ext.length = (d+n) - p; -+ } -+ -+ tls_ext.data = p; -+ -+ // returns an alert code or 0 -+ al = s->tls_extension_cb(s, &tls_ext, s->tls_extension_cb_arg); -+ if (al != 0) -+ { -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); -+ goto f_err; -+ } -+ } -+ } -+ -+ /* Check if we want to use external pre-shared secret for this handshake */ -+ /* for not reused session only */ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } -+ - /* Given s->session->ciphers and SSL_get_ciphers, we must - * pick a cipher */ - -diff -uprN openssl-0.9.8.orig/ssl/ssl_err.c openssl-0.9.8/ssl/ssl_err.c ---- openssl-0.9.8.orig/ssl/ssl_err.c 2005-06-10 12:51:16.000000000 -0700 -+++ openssl-0.9.8/ssl/ssl_err.c 2005-07-19 20:02:15.000000000 -0700 -@@ -242,6 +242,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -uprN openssl-0.9.8.orig/ssl/ssl.h openssl-0.9.8/ssl/ssl.h ---- openssl-0.9.8.orig/ssl/ssl.h 2005-06-10 12:51:16.000000000 -0700 -+++ openssl-0.9.8/ssl/ssl.h 2005-07-19 20:02:15.000000000 -0700 -@@ -340,6 +340,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -361,6 +362,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -968,6 +971,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1533,6 +1545,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1714,6 +1733,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8.orig/ssl/ssl_sess.c openssl-0.9.8/ssl/ssl_sess.c ---- openssl-0.9.8.orig/ssl/ssl_sess.c 2005-04-29 13:10:06.000000000 -0700 -+++ openssl-0.9.8/ssl/ssl_sess.c 2005-07-19 20:02:15.000000000 -0700 -@@ -656,6 +656,15 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -uprN openssl-0.9.8.orig/ssl/t1_ext.c openssl-0.9.8/ssl/t1_ext.c ---- openssl-0.9.8.orig/ssl/t1_ext.c 1969-12-31 16:00:00.000000000 -0800 -+++ openssl-0.9.8/ssl/t1_ext.c 2005-07-19 20:03:29.000000000 -0700 -@@ -0,0 +1,48 @@ -+ -+#include <stdio.h> -+#include "ssl_locl.h" -+ -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ if(ext_data) -+ { -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ s->tls_extension_cb = cb; -+ s->tls_extension_cb_arg = arg; -+ -+ return 1; -+ } -+ -+ return 0; -+} -diff -uprN openssl-0.9.8.orig/ssl/t1_lib.c openssl-0.9.8/ssl/t1_lib.c ---- openssl-0.9.8.orig/ssl/t1_lib.c 2005-04-26 09:02:40.000000000 -0700 -+++ openssl-0.9.8/ssl/t1_lib.c 2005-07-19 20:02:15.000000000 -0700 -@@ -131,6 +131,10 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } - ssl3_free(s); - } - -diff -uprN openssl-0.9.8.orig/ssl/tls1.h openssl-0.9.8/ssl/tls1.h ---- openssl-0.9.8.orig/ssl/tls1.h 2003-07-22 05:34:21.000000000 -0700 -+++ openssl-0.9.8/ssl/tls1.h 2005-07-19 20:02:15.000000000 -0700 -@@ -282,6 +282,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8.orig/util/ssleay.num openssl-0.9.8/util/ssleay.num ---- openssl-0.9.8.orig/util/ssleay.num 2005-05-08 17:22:02.000000000 -0700 -+++ openssl-0.9.8/util/ssleay.num 2005-07-19 20:02:15.000000000 -0700 -@@ -226,3 +226,6 @@ DTLSv1_server_method - SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP - SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP - SSL_SESSION_get_id 277 EXIST::FUNCTION: -+SSL_set_hello_extension 278 EXIST::FUNCTION: -+SSL_set_hello_extension_cb 279 EXIST::FUNCTION: -+SSL_set_session_secret_cb 280 EXIST::FUNCTION:  diff --git a/patches/openssl-0.9.8d-tls-extensions.patch b/patches/openssl-0.9.8d-tls-extensions.patch deleted file mode 100644 index eec6db8..0000000 --- a/patches/openssl-0.9.8d-tls-extensions.patch +++ /dev/null  @@ -1,429 +0,0 @@ -This patch is adding support for TLS hello extensions and externally -generated pre-shared key material to OpenSSL 0.9.8d. This is -based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - - - -diff -uprN openssl-0.9.8d.orig/include/openssl/ssl.h openssl-0.9.8d/include/openssl/ssl.h ---- openssl-0.9.8d.orig/include/openssl/ssl.h 2006-06-14 06:52:49.000000000 -0700 -+++ openssl-0.9.8d/include/openssl/ssl.h 2006-12-10 08:20:02.000000000 -0800 -@@ -345,6 +345,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -366,6 +367,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -973,6 +976,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1538,6 +1550,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1719,6 +1738,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8d.orig/include/openssl/tls1.h openssl-0.9.8d/include/openssl/tls1.h ---- openssl-0.9.8d.orig/include/openssl/tls1.h 2006-06-14 10:52:01.000000000 -0700 -+++ openssl-0.9.8d/include/openssl/tls1.h 2006-12-10 08:20:02.000000000 -0800 -@@ -296,6 +296,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8d.orig/ssl/Makefile openssl-0.9.8d/ssl/Makefile ---- openssl-0.9.8d.orig/ssl/Makefile 2006-02-03 17:49:35.000000000 -0800 -+++ openssl-0.9.8d/ssl/Makefile 2006-12-10 08:20:02.000000000 -0800 -@@ -24,7 +24,7 @@ LIBSRC= \ - s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \ - s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ - s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ -- t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ -+ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ - d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ - d1_both.c d1_enc.c \ - ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ -@@ -35,7 +35,7 @@ LIBOBJ= \ - s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ - s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ - s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ -- t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \ -+ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ - d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \ - d1_both.o d1_enc.o \ - ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ -@@ -968,3 +968,4 @@ t1_srvr.o: ../include/openssl/ssl23.h .. - t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h - t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h - t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c -+t1_ext.o: t1_ext.c ssl_locl.h -diff -uprN openssl-0.9.8d.orig/ssl/s3_clnt.c openssl-0.9.8d/ssl/s3_clnt.c ---- openssl-0.9.8d.orig/ssl/s3_clnt.c 2005-12-12 23:41:46.000000000 -0800 -+++ openssl-0.9.8d/ssl/s3_clnt.c 2006-12-10 08:20:02.000000000 -0800 -@@ -601,6 +601,20 @@ int ssl3_client_hello(SSL *s) - #endif - *(p++)=0; /* Add the NULL method */ - -+ /* send client hello extensions if any */ -+ if (s->version >= TLS1_VERSION && s->tls_extension) -+ { -+ // set the total extensions length -+ s2n(s->tls_extension->length + 4, p); -+ -+ // put the extensions with type and length -+ s2n(s->tls_extension->type, p); -+ s2n(s->tls_extension->length, p); -+ -+ memcpy(p, s->tls_extension->data, s->tls_extension->length); -+ p+=s->tls_extension->length; -+ } -+ - l=(p-d); - d=buf; - *(d++)=SSL3_MT_CLIENT_HELLO; -@@ -623,7 +637,7 @@ int ssl3_get_server_hello(SSL *s) - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - unsigned char *p,*d; -- int i,al,ok; -+ int i,al,ok,pre_shared; - unsigned int j; - long n; - #ifndef OPENSSL_NO_COMP -@@ -690,7 +704,24 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -- if (j != 0 && j == s->session->session_id_length -+ /* check if we want to resume the session based on external pre-shared secret */ -+ pre_shared = 0; -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ s->session->session_id_length = j; -+ memcpy(s->session->session_id, p, j); -+ pre_shared = 1; -+ } -+ } -+ -+ if ((pre_shared || j != 0) && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { - if(s->sid_ctx_length != s->session->sid_ctx_length -diff -uprN openssl-0.9.8d.orig/ssl/s3_srvr.c openssl-0.9.8d/ssl/s3_srvr.c ---- openssl-0.9.8d.orig/ssl/s3_srvr.c 2006-09-28 04:29:03.000000000 -0700 -+++ openssl-0.9.8d/ssl/s3_srvr.c 2006-12-10 08:20:02.000000000 -0800 -@@ -943,6 +943,75 @@ int ssl3_get_client_hello(SSL *s) - } - #endif - -+ /* Check for TLS client hello extension here */ -+ if (p < (d+n) && s->version >= TLS1_VERSION) -+ { -+ if (s->tls_extension_cb) -+ { -+ TLS_EXTENSION tls_ext; -+ unsigned short ext_total_len; -+ -+ n2s(p, ext_total_len); -+ n2s(p, tls_ext.type); -+ n2s(p, tls_ext.length); -+ -+ // sanity check in TLS extension len -+ if (tls_ext.length > (d+n) - p) -+ { -+ // just cut the lenth to packet border -+ tls_ext.length = (d+n) - p; -+ } -+ -+ tls_ext.data = p; -+ -+ // returns an alert code or 0 -+ al = s->tls_extension_cb(s, &tls_ext, s->tls_extension_cb_arg); -+ if (al != 0) -+ { -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); -+ goto f_err; -+ } -+ } -+ } -+ -+ /* Check if we want to use external pre-shared secret for this handshake */ -+ /* for not reused session only */ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } -+ - /* Given s->session->ciphers and SSL_get_ciphers, we must - * pick a cipher */ - -diff -uprN openssl-0.9.8d.orig/ssl/ssl.h openssl-0.9.8d/ssl/ssl.h ---- openssl-0.9.8d.orig/ssl/ssl.h 2006-06-14 06:52:49.000000000 -0700 -+++ openssl-0.9.8d/ssl/ssl.h 2006-12-10 08:20:02.000000000 -0800 -@@ -345,6 +345,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -366,6 +367,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -973,6 +976,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1538,6 +1550,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1719,6 +1738,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8d.orig/ssl/ssl_err.c openssl-0.9.8d/ssl/ssl_err.c ---- openssl-0.9.8d.orig/ssl/ssl_err.c 2006-01-08 13:52:46.000000000 -0800 -+++ openssl-0.9.8d/ssl/ssl_err.c 2006-12-10 08:20:02.000000000 -0800 -@@ -242,6 +242,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -uprN openssl-0.9.8d.orig/ssl/ssl_sess.c openssl-0.9.8d/ssl/ssl_sess.c ---- openssl-0.9.8d.orig/ssl/ssl_sess.c 2005-12-30 15:51:57.000000000 -0800 -+++ openssl-0.9.8d/ssl/ssl_sess.c 2006-12-10 08:20:02.000000000 -0800 -@@ -656,6 +656,15 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -uprN openssl-0.9.8d.orig/ssl/t1_ext.c openssl-0.9.8d/ssl/t1_ext.c ---- openssl-0.9.8d.orig/ssl/t1_ext.c 1969-12-31 16:00:00.000000000 -0800 -+++ openssl-0.9.8d/ssl/t1_ext.c 2006-12-10 08:20:02.000000000 -0800 -@@ -0,0 +1,48 @@ -+ -+#include <stdio.h> -+#include "ssl_locl.h" -+ -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ if(ext_data) -+ { -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ s->tls_extension_cb = cb; -+ s->tls_extension_cb_arg = arg; -+ -+ return 1; -+ } -+ -+ return 0; -+} -diff -uprN openssl-0.9.8d.orig/ssl/t1_lib.c openssl-0.9.8d/ssl/t1_lib.c ---- openssl-0.9.8d.orig/ssl/t1_lib.c 2005-08-05 16:52:07.000000000 -0700 -+++ openssl-0.9.8d/ssl/t1_lib.c 2006-12-10 08:20:02.000000000 -0800 -@@ -97,6 +97,10 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } - ssl3_free(s); - } - -diff -uprN openssl-0.9.8d.orig/ssl/tls1.h openssl-0.9.8d/ssl/tls1.h ---- openssl-0.9.8d.orig/ssl/tls1.h 2006-06-14 10:52:01.000000000 -0700 -+++ openssl-0.9.8d/ssl/tls1.h 2006-12-10 08:20:02.000000000 -0800 -@@ -296,6 +296,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8d.orig/util/ssleay.num openssl-0.9.8d/util/ssleay.num ---- openssl-0.9.8d.orig/util/ssleay.num 2005-05-08 17:22:02.000000000 -0700 -+++ openssl-0.9.8d/util/ssleay.num 2006-12-10 08:20:02.000000000 -0800 -@@ -226,3 +226,6 @@ DTLSv1_server_method - SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP - SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP - SSL_SESSION_get_id 277 EXIST::FUNCTION: -+SSL_set_hello_extension 278 EXIST::FUNCTION: -+SSL_set_hello_extension_cb 279 EXIST::FUNCTION: -+SSL_set_session_secret_cb 280 EXIST::FUNCTION:  diff --git a/patches/openssl-0.9.8e-tls-extensions.patch b/patches/openssl-0.9.8e-tls-extensions.patch deleted file mode 100644 index ede053f..0000000 --- a/patches/openssl-0.9.8e-tls-extensions.patch +++ /dev/null  @@ -1,353 +0,0 @@ -This patch is adding support for TLS hello extensions and externally -generated pre-shared key material to OpenSSL 0.9.8e. This is -based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - - - -diff -uprN openssl-0.9.8e.orig/ssl/Makefile openssl-0.9.8e/ssl/Makefile ---- openssl-0.9.8e.orig/ssl/Makefile 2006-02-03 17:49:35.000000000 -0800 -+++ openssl-0.9.8e/ssl/Makefile 2007-03-22 20:23:19.000000000 -0700 -@@ -24,7 +24,7 @@ LIBSRC= \ - s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c \ - s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c \ - s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \ -- t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c \ -+ t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c t1_ext.c \ - d1_meth.c d1_srvr.c d1_clnt.c d1_lib.c d1_pkt.c \ - d1_both.c d1_enc.c \ - ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \ -@@ -35,7 +35,7 @@ LIBOBJ= \ - s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \ - s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o \ - s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \ -- t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o \ -+ t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o t1_ext.o \ - d1_meth.o d1_srvr.o d1_clnt.o d1_lib.o d1_pkt.o \ - d1_both.o d1_enc.o \ - ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \ -@@ -968,3 +968,4 @@ t1_srvr.o: ../include/openssl/ssl23.h .. - t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h - t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h - t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c -+t1_ext.o: t1_ext.c ssl_locl.h -diff -uprN openssl-0.9.8e.orig/ssl/s3_clnt.c openssl-0.9.8e/ssl/s3_clnt.c ---- openssl-0.9.8e.orig/ssl/s3_clnt.c 2006-09-28 05:23:15.000000000 -0700 -+++ openssl-0.9.8e/ssl/s3_clnt.c 2007-03-22 20:23:19.000000000 -0700 -@@ -601,6 +601,20 @@ int ssl3_client_hello(SSL *s) - #endif - *(p++)=0; /* Add the NULL method */ - -+ /* send client hello extensions if any */ -+ if (s->version >= TLS1_VERSION && s->tls_extension) -+ { -+ // set the total extensions length -+ s2n(s->tls_extension->length + 4, p); -+ -+ // put the extensions with type and length -+ s2n(s->tls_extension->type, p); -+ s2n(s->tls_extension->length, p); -+ -+ memcpy(p, s->tls_extension->data, s->tls_extension->length); -+ p+=s->tls_extension->length; -+ } -+ - l=(p-d); - d=buf; - *(d++)=SSL3_MT_CLIENT_HELLO; -@@ -623,7 +637,7 @@ int ssl3_get_server_hello(SSL *s) - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - unsigned char *p,*d; -- int i,al,ok; -+ int i,al,ok,pre_shared; - unsigned int j; - long n; - #ifndef OPENSSL_NO_COMP -@@ -690,7 +704,24 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -- if (j != 0 && j == s->session->session_id_length -+ /* check if we want to resume the session based on external pre-shared secret */ -+ pre_shared = 0; -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ s->session->session_id_length = j; -+ memcpy(s->session->session_id, p, j); -+ pre_shared = 1; -+ } -+ } -+ -+ if ((pre_shared || j != 0) && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { - if(s->sid_ctx_length != s->session->sid_ctx_length -diff -uprN openssl-0.9.8e.orig/ssl/s3_srvr.c openssl-0.9.8e/ssl/s3_srvr.c ---- openssl-0.9.8e.orig/ssl/s3_srvr.c 2007-02-07 12:36:40.000000000 -0800 -+++ openssl-0.9.8e/ssl/s3_srvr.c 2007-03-22 20:23:19.000000000 -0700 -@@ -945,6 +945,75 @@ int ssl3_get_client_hello(SSL *s) - } - #endif - -+ /* Check for TLS client hello extension here */ -+ if (p < (d+n) && s->version >= TLS1_VERSION) -+ { -+ if (s->tls_extension_cb) -+ { -+ TLS_EXTENSION tls_ext; -+ unsigned short ext_total_len; -+ -+ n2s(p, ext_total_len); -+ n2s(p, tls_ext.type); -+ n2s(p, tls_ext.length); -+ -+ // sanity check in TLS extension len -+ if (tls_ext.length > (d+n) - p) -+ { -+ // just cut the lenth to packet border -+ tls_ext.length = (d+n) - p; -+ } -+ -+ tls_ext.data = p; -+ -+ // returns an alert code or 0 -+ al = s->tls_extension_cb(s, &tls_ext, s->tls_extension_cb_arg); -+ if (al != 0) -+ { -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PEER_ERROR); -+ goto f_err; -+ } -+ } -+ } -+ -+ /* Check if we want to use external pre-shared secret for this handshake */ -+ /* for not reused session only */ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } -+ - /* Given s->session->ciphers and SSL_get_ciphers, we must - * pick a cipher */ - -diff -uprN openssl-0.9.8e.orig/ssl/ssl.h openssl-0.9.8e/ssl/ssl.h ---- openssl-0.9.8e.orig/ssl/ssl.h 2007-02-19 09:55:07.000000000 -0800 -+++ openssl-0.9.8e/ssl/ssl.h 2007-03-22 20:23:19.000000000 -0700 -@@ -345,6 +345,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -366,6 +367,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -973,6 +976,15 @@ struct ssl_st - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ -+ -+ /* TLS externsions */ -+ TLS_EXTENSION *tls_extension; -+ int (*tls_extension_cb)(SSL *s, TLS_EXTENSION *tls_ext, void *arg); -+ void *tls_extension_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; - }; - - #ifdef __cplusplus -@@ -1538,6 +1550,13 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1719,6 +1738,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -uprN openssl-0.9.8e.orig/ssl/ssl_err.c openssl-0.9.8e/ssl/ssl_err.c ---- openssl-0.9.8e.orig/ssl/ssl_err.c 2006-11-21 12:14:46.000000000 -0800 -+++ openssl-0.9.8e/ssl/ssl_err.c 2007-03-22 20:23:19.000000000 -0700 -@@ -242,6 +242,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -uprN openssl-0.9.8e.orig/ssl/ssl_sess.c openssl-0.9.8e/ssl/ssl_sess.c ---- openssl-0.9.8e.orig/ssl/ssl_sess.c 2007-02-10 02:40:24.000000000 -0800 -+++ openssl-0.9.8e/ssl/ssl_sess.c 2007-03-22 20:23:19.000000000 -0700 -@@ -656,6 +656,15 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -uprN openssl-0.9.8e.orig/ssl/t1_ext.c openssl-0.9.8e/ssl/t1_ext.c ---- openssl-0.9.8e.orig/ssl/t1_ext.c 1969-12-31 16:00:00.000000000 -0800 -+++ openssl-0.9.8e/ssl/t1_ext.c 2007-03-22 20:23:19.000000000 -0700 -@@ -0,0 +1,48 @@ -+ -+#include <stdio.h> -+#include "ssl_locl.h" -+ -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ if(ext_data) -+ { -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+ -+int SSL_set_hello_extension_cb(SSL *s, int (*cb)(SSL *, TLS_EXTENSION *, void *), void *arg) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ s->tls_extension_cb = cb; -+ s->tls_extension_cb_arg = arg; -+ -+ return 1; -+ } -+ -+ return 0; -+} -diff -uprN openssl-0.9.8e.orig/ssl/t1_lib.c openssl-0.9.8e/ssl/t1_lib.c ---- openssl-0.9.8e.orig/ssl/t1_lib.c 2007-01-21 08:07:25.000000000 -0800 -+++ openssl-0.9.8e/ssl/t1_lib.c 2007-03-22 20:23:19.000000000 -0700 -@@ -97,6 +97,10 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } - ssl3_free(s); - } - -diff -uprN openssl-0.9.8e.orig/ssl/tls1.h openssl-0.9.8e/ssl/tls1.h ---- openssl-0.9.8e.orig/ssl/tls1.h 2006-06-14 10:52:01.000000000 -0700 -+++ openssl-0.9.8e/ssl/tls1.h 2007-03-22 20:23:19.000000000 -0700 -@@ -296,6 +296,14 @@ extern "C" { - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -uprN openssl-0.9.8e.orig/util/ssleay.num openssl-0.9.8e/util/ssleay.num ---- openssl-0.9.8e.orig/util/ssleay.num 2006-11-30 05:04:43.000000000 -0800 -+++ openssl-0.9.8e/util/ssleay.num 2007-03-22 20:24:07.000000000 -0700 -@@ -238,3 +238,6 @@ SSL_CTX_set_info_callback - SSL_CTX_sess_get_new_cb 287 EXIST::FUNCTION: - SSL_CTX_get_client_cert_cb 288 EXIST::FUNCTION: - SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION: -+SSL_set_hello_extension 290 EXIST::FUNCTION: -+SSL_set_hello_extension_cb 291 EXIST::FUNCTION: -+SSL_set_session_secret_cb 292 EXIST::FUNCTION:  diff --git a/patches/openssl-0.9.8g-tls-extensions.patch b/patches/openssl-0.9.8g-tls-extensions.patch deleted file mode 100644 index 8ccbfaa..0000000 --- a/patches/openssl-0.9.8g-tls-extensions.patch +++ /dev/null  @@ -1,330 +0,0 @@ -This patch adds support for TLS SessionTicket extension (RFC 5077) for -the parts used by EAP-FAST (RFC 4851). - -This is based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - -OpenSSL 0.9.8g does not enable TLS extension support by default, so it -will need to be enabled by adding enable-tlsext to config script -command line. - - -diff -upr openssl-0.9.8g.orig/ssl/s3_clnt.c openssl-0.9.8g/ssl/s3_clnt.c ---- openssl-0.9.8g.orig/ssl/s3_clnt.c 2007-08-31 03:28:51.000000000 +0300 -+++ openssl-0.9.8g/ssl/s3_clnt.c 2008-04-15 17:11:46.000000000 +0300 -@@ -727,6 +727,20 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -+#ifndef OPENSSL_NO_TLSEXT -+ /* check if we want to resume the session based on external pre-shared secret */ -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ } -+ } -+#endif /* OPENSSL_NO_TLSEXT */ -+ - if (j != 0 && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { -diff -upr openssl-0.9.8g.orig/ssl/s3_srvr.c openssl-0.9.8g/ssl/s3_srvr.c ---- openssl-0.9.8g.orig/ssl/s3_srvr.c 2007-09-30 21:55:59.000000000 +0300 -+++ openssl-0.9.8g/ssl/s3_srvr.c 2008-04-15 17:10:37.000000000 +0300 -@@ -928,6 +928,59 @@ int ssl3_get_client_hello(SSL *s) - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); - goto err; - } -+ -+ /* Check if we want to use external pre-shared secret for this -+ * handshake for not reused session only. We need to generate -+ * server_random before calling tls_session_secret_cb in order to allow -+ * SessionTicket processing to use it in key derivation. */ -+ { -+ unsigned long Time; -+ unsigned char *pos; -+ Time=(unsigned long)time(NULL); /* Time */ -+ pos=s->s3->server_random; -+ l2n(Time,pos); -+ if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0) -+ { -+ al=SSL_AD_INTERNAL_ERROR; -+ goto f_err; -+ } -+ } -+ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } - #endif - /* Worst case, we will use the NULL compression, but if we have other - * options, we will now look for them. We have i-1 compression -@@ -1066,16 +1119,22 @@ int ssl3_send_server_hello(SSL *s) - unsigned char *buf; - unsigned char *p,*d; - int i,sl; -- unsigned long l,Time; -+ unsigned long l; -+#ifdef OPENSSL_NO_TLSEXT -+ unsigned long Time; -+#endif - - if (s->state == SSL3_ST_SW_SRVR_HELLO_A) - { - buf=(unsigned char *)s->init_buf->data; -+#ifdef OPENSSL_NO_TLSEXT - p=s->s3->server_random; -+ /* Generate server_random if it was not needed previously */ - Time=(unsigned long)time(NULL); /* Time */ - l2n(Time,p); - if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) - return -1; -+#endif - /* Do the message type and length last */ - d=p= &(buf[4]); - -diff -upr openssl-0.9.8g.orig/ssl/ssl.h openssl-0.9.8g/ssl/ssl.h ---- openssl-0.9.8g.orig/ssl/ssl.h 2007-10-19 10:42:38.000000000 +0300 -+++ openssl-0.9.8g/ssl/ssl.h 2008-04-15 17:10:37.000000000 +0300 -@@ -342,6 +342,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -363,6 +364,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -1004,6 +1007,14 @@ struct ssl_st - */ - /* RFC4507 session ticket expected to be received or sent */ - int tlsext_ticket_expected; -+ -+ /* TLS extensions */ -+ TLS_EXTENSION *tls_extension; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; -+ - SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ - #define session_ctx initial_ctx - #else -@@ -1589,6 +1600,12 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1778,6 +1795,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -upr openssl-0.9.8g.orig/ssl/ssl_err.c openssl-0.9.8g/ssl/ssl_err.c ---- openssl-0.9.8g.orig/ssl/ssl_err.c 2007-10-11 17:36:59.000000000 +0300 -+++ openssl-0.9.8g/ssl/ssl_err.c 2008-04-15 17:10:37.000000000 +0300 -@@ -250,6 +250,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -upr openssl-0.9.8g.orig/ssl/ssl_sess.c openssl-0.9.8g/ssl/ssl_sess.c ---- openssl-0.9.8g.orig/ssl/ssl_sess.c 2007-10-19 10:36:34.000000000 +0300 -+++ openssl-0.9.8g/ssl/ssl_sess.c 2008-04-15 17:10:37.000000000 +0300 -@@ -704,6 +704,52 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+#ifndef OPENSSL_NO_TLSEXT -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ -+ if(ext_data) -+ { -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } else { -+ s->tls_extension->length = 0; -+ s->tls_extension->data = NULL; -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+#endif /* OPENSSL_NO_TLSEXT */ -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -upr openssl-0.9.8g.orig/ssl/t1_lib.c openssl-0.9.8g/ssl/t1_lib.c ---- openssl-0.9.8g.orig/ssl/t1_lib.c 2007-10-19 10:44:10.000000000 +0300 -+++ openssl-0.9.8g/ssl/t1_lib.c 2008-04-15 17:10:37.000000000 +0300 -@@ -105,6 +105,12 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+#ifndef OPENSSL_NO_TLSEXT -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } -+#endif - ssl3_free(s); - } - -@@ -174,8 +180,24 @@ unsigned char *ssl_add_clienthello_tlsex - int ticklen; - if (s->session && s->session->tlsext_tick) - ticklen = s->session->tlsext_ticklen; -+ else if (s->session && s->tls_extension && -+ s->tls_extension->type == TLSEXT_TYPE_session_ticket && -+ s->tls_extension->data) -+ { -+ ticklen = s->tls_extension->length; -+ s->session->tlsext_tick = OPENSSL_malloc(ticklen); -+ if (!s->session->tlsext_tick) -+ return NULL; -+ memcpy(s->session->tlsext_tick, s->tls_extension->data, -+ ticklen); -+ s->session->tlsext_ticklen = ticklen; -+ } - else - ticklen = 0; -+ if (ticklen == 0 && s->tls_extension && -+ s->tls_extension->type == TLSEXT_TYPE_session_ticket && -+ s->tls_extension->data == NULL) -+ goto skip_ext; - /* Check for enough room 2 for extension type, 2 for len - * rest for ticket - */ -@@ -189,6 +211,7 @@ unsigned char *ssl_add_clienthello_tlsex - ret += ticklen; - } - } -+ skip_ext: - - if ((extdatalen = ret-p-2)== 0) - return p; -@@ -543,6 +566,8 @@ int tls1_process_ticket(SSL *s, unsigned - s->tlsext_ticket_expected = 1; - return 0; /* Cache miss */ - } -+ if (s->tls_session_secret_cb) -+ return 0; - return tls_decrypt_ticket(s, p, size, session_id, len, - ret); - } -diff -upr openssl-0.9.8g.orig/ssl/tls1.h openssl-0.9.8g/ssl/tls1.h ---- openssl-0.9.8g.orig/ssl/tls1.h 2007-08-28 04:12:44.000000000 +0300 -+++ openssl-0.9.8g/ssl/tls1.h 2008-04-15 17:10:37.000000000 +0300 -@@ -365,6 +365,14 @@ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SER - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -upr openssl-0.9.8g.orig/util/ssleay.num openssl-0.9.8g/util/ssleay.num ---- openssl-0.9.8g.orig/util/ssleay.num 2007-08-13 01:31:16.000000000 +0300 -+++ openssl-0.9.8g/util/ssleay.num 2008-04-15 17:10:37.000000000 +0300 -@@ -241,3 +241,5 @@ SSL_CTX_sess_get_remove_cb - SSL_set_SSL_CTX 290 EXIST::FUNCTION: - SSL_get_servername 291 EXIST::FUNCTION:TLSEXT - SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT -+SSL_set_hello_extension 305 EXIST::FUNCTION:TLSEXT -+SSL_set_session_secret_cb 306 EXIST::FUNCTION:TLSEXT  diff --git a/patches/openssl-0.9.8h-tls-extensions.patch b/patches/openssl-0.9.8h-tls-extensions.patch deleted file mode 100644 index c68f227..0000000 --- a/patches/openssl-0.9.8h-tls-extensions.patch +++ /dev/null  @@ -1,344 +0,0 @@ -This patch adds support for TLS SessionTicket extension (RFC 5077) for -the parts used by EAP-FAST (RFC 4851). - -This is based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - -OpenSSL 0.9.8h does not enable TLS extension support by default, so it -will need to be enabled by adding enable-tlsext to config script -command line. - - -diff -upr openssl-0.9.8h.orig/ssl/s3_clnt.c openssl-0.9.8h/ssl/s3_clnt.c ---- openssl-0.9.8h.orig/ssl/s3_clnt.c 2008-05-28 10:29:27.000000000 +0300 -+++ openssl-0.9.8h/ssl/s3_clnt.c 2008-05-29 10:44:25.000000000 +0300 -@@ -752,6 +752,20 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -+#ifndef OPENSSL_NO_TLSEXT -+ /* check if we want to resume the session based on external pre-shared secret */ -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->session->cipher=pref_cipher ? pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ } -+ } -+#endif /* OPENSSL_NO_TLSEXT */ -+ - if (j != 0 && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { -@@ -2693,11 +2707,8 @@ static int ssl3_check_finished(SSL *s) - { - int ok; - long n; -- /* If we have no ticket or session ID is non-zero length (a match of -- * a non-zero session length would never reach here) it cannot be a -- * resumed session. -- */ -- if (!s->session->tlsext_tick || s->session->session_id_length) -+ /* If we have no ticket it cannot be a resumed session. */ -+ if (!s->session->tlsext_tick) - return 1; - /* this function is called when we really expect a Certificate - * message, so permit appropriate message length */ -diff -upr openssl-0.9.8h.orig/ssl/s3_srvr.c openssl-0.9.8h/ssl/s3_srvr.c ---- openssl-0.9.8h.orig/ssl/s3_srvr.c 2008-04-30 19:11:32.000000000 +0300 -+++ openssl-0.9.8h/ssl/s3_srvr.c 2008-05-28 18:49:34.000000000 +0300 -@@ -959,6 +959,59 @@ int ssl3_get_client_hello(SSL *s) - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); - goto err; - } -+ -+ /* Check if we want to use external pre-shared secret for this -+ * handshake for not reused session only. We need to generate -+ * server_random before calling tls_session_secret_cb in order to allow -+ * SessionTicket processing to use it in key derivation. */ -+ { -+ unsigned long Time; -+ unsigned char *pos; -+ Time=(unsigned long)time(NULL); /* Time */ -+ pos=s->s3->server_random; -+ l2n(Time,pos); -+ if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0) -+ { -+ al=SSL_AD_INTERNAL_ERROR; -+ goto f_err; -+ } -+ } -+ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } - #endif - /* Worst case, we will use the NULL compression, but if we have other - * options, we will now look for them. We have i-1 compression -@@ -1097,16 +1150,22 @@ int ssl3_send_server_hello(SSL *s) - unsigned char *buf; - unsigned char *p,*d; - int i,sl; -- unsigned long l,Time; -+ unsigned long l; -+#ifdef OPENSSL_NO_TLSEXT -+ unsigned long Time; -+#endif - - if (s->state == SSL3_ST_SW_SRVR_HELLO_A) - { - buf=(unsigned char *)s->init_buf->data; -+#ifdef OPENSSL_NO_TLSEXT - p=s->s3->server_random; -+ /* Generate server_random if it was not needed previously */ - Time=(unsigned long)time(NULL); /* Time */ - l2n(Time,p); - if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) - return -1; -+#endif - /* Do the message type and length last */ - d=p= &(buf[4]); - -diff -upr openssl-0.9.8h.orig/ssl/ssl.h openssl-0.9.8h/ssl/ssl.h ---- openssl-0.9.8h.orig/ssl/ssl.h 2008-04-30 19:11:32.000000000 +0300 -+++ openssl-0.9.8h/ssl/ssl.h 2008-05-28 18:49:34.000000000 +0300 -@@ -343,6 +343,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_extension_st TLS_EXTENSION; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -364,6 +365,8 @@ DECLARE_STACK_OF(SSL_CIPHER) - typedef struct ssl_st SSL; - typedef struct ssl_ctx_st SSL_CTX; - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -1027,6 +1030,14 @@ struct ssl_st - - /* RFC4507 session ticket expected to be received or sent */ - int tlsext_ticket_expected; -+ -+ /* TLS extensions */ -+ TLS_EXTENSION *tls_extension; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; -+ - SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ - #define session_ctx initial_ctx - #else -@@ -1625,6 +1636,12 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1815,6 +1832,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_HELLO_EXTENSION 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -diff -upr openssl-0.9.8h.orig/ssl/ssl_err.c openssl-0.9.8h/ssl/ssl_err.c ---- openssl-0.9.8h.orig/ssl/ssl_err.c 2007-10-12 03:00:30.000000000 +0300 -+++ openssl-0.9.8h/ssl/ssl_err.c 2008-05-28 18:49:34.000000000 +0300 -@@ -251,6 +251,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_HELLO_EXTENSION), "SSL_set_hello_extension"}, - {0,NULL} - }; - -diff -upr openssl-0.9.8h.orig/ssl/ssl_sess.c openssl-0.9.8h/ssl/ssl_sess.c ---- openssl-0.9.8h.orig/ssl/ssl_sess.c 2007-10-17 20:30:15.000000000 +0300 -+++ openssl-0.9.8h/ssl/ssl_sess.c 2008-05-28 18:49:34.000000000 +0300 -@@ -704,6 +704,52 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+#ifndef OPENSSL_NO_TLSEXT -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+{ -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+} -+ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+{ -+ if(s->version >= TLS1_VERSION) -+ { -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ s->tls_extension = NULL; -+ } -+ -+ s->tls_extension = OPENSSL_malloc(sizeof(TLS_EXTENSION) + ext_len); -+ if(!s->tls_extension) -+ { -+ SSLerr(SSL_F_SSL_SET_HELLO_EXTENSION, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ s->tls_extension->type = ext_type; -+ -+ if(ext_data) -+ { -+ s->tls_extension->length = ext_len; -+ s->tls_extension->data = s->tls_extension + 1; -+ memcpy(s->tls_extension->data, ext_data, ext_len); -+ } else { -+ s->tls_extension->length = 0; -+ s->tls_extension->data = NULL; -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+} -+#endif /* OPENSSL_NO_TLSEXT */ -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -diff -upr openssl-0.9.8h.orig/ssl/t1_lib.c openssl-0.9.8h/ssl/t1_lib.c ---- openssl-0.9.8h.orig/ssl/t1_lib.c 2008-05-28 10:26:33.000000000 +0300 -+++ openssl-0.9.8h/ssl/t1_lib.c 2008-05-28 18:49:34.000000000 +0300 -@@ -106,6 +106,12 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+#ifndef OPENSSL_NO_TLSEXT -+ if(s->tls_extension) -+ { -+ OPENSSL_free(s->tls_extension); -+ } -+#endif - ssl3_free(s); - } - -@@ -175,8 +181,24 @@ unsigned char *ssl_add_clienthello_tlsex - int ticklen; - if (s->session && s->session->tlsext_tick) - ticklen = s->session->tlsext_ticklen; -+ else if (s->session && s->tls_extension && -+ s->tls_extension->type == TLSEXT_TYPE_session_ticket && -+ s->tls_extension->data) -+ { -+ ticklen = s->tls_extension->length; -+ s->session->tlsext_tick = OPENSSL_malloc(ticklen); -+ if (!s->session->tlsext_tick) -+ return NULL; -+ memcpy(s->session->tlsext_tick, s->tls_extension->data, -+ ticklen); -+ s->session->tlsext_ticklen = ticklen; -+ } - else - ticklen = 0; -+ if (ticklen == 0 && s->tls_extension && -+ s->tls_extension->type == TLSEXT_TYPE_session_ticket && -+ s->tls_extension->data == NULL) -+ goto skip_ext; - /* Check for enough room 2 for extension type, 2 for len - * rest for ticket - */ -@@ -190,6 +212,7 @@ unsigned char *ssl_add_clienthello_tlsex - ret += ticklen; - } - } -+ skip_ext: - - if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) - { -@@ -774,6 +797,8 @@ int tls1_process_ticket(SSL *s, unsigned - s->tlsext_ticket_expected = 1; - return 0; /* Cache miss */ - } -+ if (s->tls_session_secret_cb) -+ return 0; - return tls_decrypt_ticket(s, p, size, session_id, len, - ret); - } -diff -upr openssl-0.9.8h.orig/ssl/tls1.h openssl-0.9.8h/ssl/tls1.h ---- openssl-0.9.8h.orig/ssl/tls1.h 2008-04-30 19:11:33.000000000 +0300 -+++ openssl-0.9.8h/ssl/tls1.h 2008-05-28 18:49:34.000000000 +0300 -@@ -398,6 +398,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_extension_st -+{ -+ unsigned short type; -+ unsigned short length; -+ void *data; -+}; -+ - #ifdef __cplusplus - } - #endif -diff -upr openssl-0.9.8h.orig/util/ssleay.num openssl-0.9.8h/util/ssleay.num ---- openssl-0.9.8h.orig/util/ssleay.num 2007-08-13 01:31:16.000000000 +0300 -+++ openssl-0.9.8h/util/ssleay.num 2008-05-28 18:49:34.000000000 +0300 -@@ -241,3 +241,5 @@ SSL_CTX_sess_get_remove_cb - SSL_set_SSL_CTX 290 EXIST::FUNCTION: - SSL_get_servername 291 EXIST::FUNCTION:TLSEXT - SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT -+SSL_set_hello_extension 305 EXIST::FUNCTION:TLSEXT -+SSL_set_session_secret_cb 306 EXIST::FUNCTION:TLSEXT  diff --git a/patches/openssl-0.9.8i-tls-extensions.patch b/patches/openssl-0.9.8i-tls-extensions.patch deleted file mode 100644 index 90bff54..0000000 --- a/patches/openssl-0.9.8i-tls-extensions.patch +++ /dev/null  @@ -1,404 +0,0 @@ -This patch adds support for TLS SessionTicket extension (RFC 5077) for -the parts used by EAP-FAST (RFC 4851). - -This is based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - -OpenSSL 0.9.8i does not enable TLS extension support by default, so it -will need to be enabled by adding enable-tlsext to config script -command line. - - -Index: openssl-0.9.8i/ssl/s3_clnt.c -=================================================================== ---- openssl-0.9.8i.orig/ssl/s3_clnt.c 2008-06-16 19:56:41.000000000 +0300 -+++ openssl-0.9.8i/ssl/s3_clnt.c 2008-11-23 20:39:40.000000000 +0200 -@@ -759,6 +759,21 @@ - goto f_err; - } - -+#ifndef OPENSSL_NO_TLSEXT -+ /* check if we want to resume the session based on external pre-shared secret */ -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ NULL, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->session->cipher=pref_cipher ? -+ pref_cipher : ssl_get_cipher_by_char(s,p+j); -+ } -+ } -+#endif /* OPENSSL_NO_TLSEXT */ -+ - if (j != 0 && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { -@@ -2701,11 +2716,8 @@ - { - int ok; - long n; -- /* If we have no ticket or session ID is non-zero length (a match of -- * a non-zero session length would never reach here) it cannot be a -- * resumed session. -- */ -- if (!s->session->tlsext_tick || s->session->session_id_length) -+ /* If we have no ticket it cannot be a resumed session. */ -+ if (!s->session->tlsext_tick) - return 1; - /* this function is called when we really expect a Certificate - * message, so permit appropriate message length */ -Index: openssl-0.9.8i/ssl/s3_srvr.c -=================================================================== ---- openssl-0.9.8i.orig/ssl/s3_srvr.c 2008-09-14 21:16:09.000000000 +0300 -+++ openssl-0.9.8i/ssl/s3_srvr.c 2008-11-23 20:37:40.000000000 +0200 -@@ -959,6 +959,59 @@ - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); - goto err; - } -+ -+ /* Check if we want to use external pre-shared secret for this -+ * handshake for not reused session only. We need to generate -+ * server_random before calling tls_session_secret_cb in order to allow -+ * SessionTicket processing to use it in key derivation. */ -+ { -+ unsigned long Time; -+ unsigned char *pos; -+ Time=(unsigned long)time(NULL); /* Time */ -+ pos=s->s3->server_random; -+ l2n(Time,pos); -+ if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0) -+ { -+ al=SSL_AD_INTERNAL_ERROR; -+ goto f_err; -+ } -+ } -+ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } - #endif - /* Worst case, we will use the NULL compression, but if we have other - * options, we will now look for them. We have i-1 compression -@@ -1097,16 +1150,22 @@ - unsigned char *buf; - unsigned char *p,*d; - int i,sl; -- unsigned long l,Time; -+ unsigned long l; -+#ifdef OPENSSL_NO_TLSEXT -+ unsigned long Time; -+#endif - - if (s->state == SSL3_ST_SW_SRVR_HELLO_A) - { - buf=(unsigned char *)s->init_buf->data; -+#ifdef OPENSSL_NO_TLSEXT - p=s->s3->server_random; -+ /* Generate server_random if it was not needed previously */ - Time=(unsigned long)time(NULL); /* Time */ - l2n(Time,p); - if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) - return -1; -+#endif - /* Do the message type and length last */ - d=p= &(buf[4]); - -Index: openssl-0.9.8i/ssl/ssl_err.c -=================================================================== ---- openssl-0.9.8i.orig/ssl/ssl_err.c 2008-08-13 22:44:44.000000000 +0300 -+++ openssl-0.9.8i/ssl/ssl_err.c 2008-11-23 20:33:43.000000000 +0200 -@@ -253,6 +253,7 @@ - {ERR_FUNC(SSL_F_TLS1_ENC), "TLS1_ENC"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"}, - {0,NULL} - }; - -Index: openssl-0.9.8i/ssl/ssl.h -=================================================================== ---- openssl-0.9.8i.orig/ssl/ssl.h 2008-08-13 22:44:44.000000000 +0300 -+++ openssl-0.9.8i/ssl/ssl.h 2008-11-23 20:35:41.000000000 +0200 -@@ -344,6 +344,7 @@ - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -362,6 +363,9 @@ - - DECLARE_STACK_OF(SSL_CIPHER) - -+typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg); -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -1034,6 +1038,18 @@ - - /* RFC4507 session ticket expected to be received or sent */ - int tlsext_ticket_expected; -+ -+ /* TLS Session Ticket extension override */ -+ TLS_SESSION_TICKET_EXT *tlsext_session_ticket; -+ -+ /* TLS Session Ticket extension callback */ -+ tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb; -+ void *tls_session_ticket_ext_cb_arg; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; -+ - SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ - #define session_ctx initial_ctx - #else -@@ -1632,6 +1648,15 @@ - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* TLS extensions functions */ -+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len); -+ -+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, -+ void *arg); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1824,6 +1849,7 @@ - #define SSL_F_TLS1_ENC 210 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_SESSION_TICKET_EXT 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -Index: openssl-0.9.8i/ssl/ssl_sess.c -=================================================================== ---- openssl-0.9.8i.orig/ssl/ssl_sess.c 2008-06-04 21:35:27.000000000 +0300 -+++ openssl-0.9.8i/ssl/ssl_sess.c 2008-11-23 20:32:24.000000000 +0200 -@@ -707,6 +707,61 @@ - return(s->session_timeout); - } - -+#ifndef OPENSSL_NO_TLSEXT -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+ { -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+ } -+ -+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, -+ void *arg) -+ { -+ if (s == NULL) return(0); -+ s->tls_session_ticket_ext_cb = cb; -+ s->tls_session_ticket_ext_cb_arg = arg; -+ return(1); -+ } -+ -+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) -+ { -+ if (s->version >= TLS1_VERSION) -+ { -+ if (s->tlsext_session_ticket) -+ { -+ OPENSSL_free(s->tlsext_session_ticket); -+ s->tlsext_session_ticket = NULL; -+ } -+ -+ s->tlsext_session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); -+ if (!s->tlsext_session_ticket) -+ { -+ SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ if (ext_data) -+ { -+ s->tlsext_session_ticket->length = ext_len; -+ s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1; -+ memcpy(s->tlsext_session_ticket->data, ext_data, ext_len); -+ } -+ else -+ { -+ s->tlsext_session_ticket->length = 0; -+ s->tlsext_session_ticket->data = NULL; -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+ } -+#endif /* OPENSSL_NO_TLSEXT */ -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -Index: openssl-0.9.8i/ssl/t1_lib.c -=================================================================== ---- openssl-0.9.8i.orig/ssl/t1_lib.c 2008-09-04 01:13:04.000000000 +0300 -+++ openssl-0.9.8i/ssl/t1_lib.c 2008-11-23 20:31:20.000000000 +0200 -@@ -106,6 +106,12 @@ - - void tls1_free(SSL *s) - { -+#ifndef OPENSSL_NO_TLSEXT -+ if (s->tlsext_session_ticket) -+ { -+ OPENSSL_free(s->tlsext_session_ticket); -+ } -+#endif - ssl3_free(s); - } - -@@ -175,8 +181,23 @@ - int ticklen; - if (s->session && s->session->tlsext_tick) - ticklen = s->session->tlsext_ticklen; -+ else if (s->session && s->tlsext_session_ticket && -+ s->tlsext_session_ticket->data) -+ { -+ ticklen = s->tlsext_session_ticket->length; -+ s->session->tlsext_tick = OPENSSL_malloc(ticklen); -+ if (!s->session->tlsext_tick) -+ return NULL; -+ memcpy(s->session->tlsext_tick, -+ s->tlsext_session_ticket->data, -+ ticklen); -+ s->session->tlsext_ticklen = ticklen; -+ } - else - ticklen = 0; -+ if (ticklen == 0 && s->tlsext_session_ticket && -+ s->tlsext_session_ticket->data == NULL) -+ goto skip_ext; - /* Check for enough room 2 for extension type, 2 for len - * rest for ticket - */ -@@ -190,6 +211,7 @@ - ret += ticklen; - } - } -+ skip_ext: - - if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) - { -@@ -407,6 +429,15 @@ - } - - } -+ else if (type == TLSEXT_TYPE_session_ticket) -+ { -+ if (s->tls_session_ticket_ext_cb && -+ !s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg)) -+ { -+ *al = TLS1_AD_INTERNAL_ERROR; -+ return 0; -+ } -+ } - else if (type == TLSEXT_TYPE_status_request - && s->ctx->tlsext_status_cb) - { -@@ -553,6 +584,12 @@ - } - else if (type == TLSEXT_TYPE_session_ticket) - { -+ if (s->tls_session_ticket_ext_cb && -+ !s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg)) -+ { -+ *al = TLS1_AD_INTERNAL_ERROR; -+ return 0; -+ } - if ((SSL_get_options(s) & SSL_OP_NO_TICKET) - || (size > 0)) - { -@@ -776,6 +813,15 @@ - s->tlsext_ticket_expected = 1; - return 0; /* Cache miss */ - } -+ if (s->tls_session_secret_cb) -+ { -+ /* Indicate cache miss here and instead of -+ * generating the session from ticket now, -+ * trigger abbreviated handshake based on -+ * external mechanism to calculate the master -+ * secret later. */ -+ return 0; -+ } - return tls_decrypt_ticket(s, p, size, session_id, len, - ret); - } -Index: openssl-0.9.8i/ssl/tls1.h -=================================================================== ---- openssl-0.9.8i.orig/ssl/tls1.h 2008-04-30 19:11:33.000000000 +0300 -+++ openssl-0.9.8i/ssl/tls1.h 2008-11-23 20:22:38.000000000 +0200 -@@ -398,6 +398,13 @@ - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS extension struct */ -+struct tls_session_ticket_ext_st -+ { -+ unsigned short length; -+ void *data; -+ }; -+ - #ifdef __cplusplus - } - #endif -Index: openssl-0.9.8i/util/ssleay.num -=================================================================== ---- openssl-0.9.8i.orig/util/ssleay.num 2008-06-05 13:57:21.000000000 +0300 -+++ openssl-0.9.8i/util/ssleay.num 2008-11-23 20:22:05.000000000 +0200 -@@ -242,3 +242,5 @@ - SSL_get_servername 291 EXIST::FUNCTION:TLSEXT - SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT - SSL_CTX_set_client_cert_engine 293 EXIST::FUNCTION:ENGINE -+SSL_set_session_ticket_ext 306 EXIST::FUNCTION:TLSEXT -+SSL_set_session_secret_cb 307 EXIST::FUNCTION:TLSEXT  diff --git a/patches/openssl-0.9.9-session-ticket.patch b/patches/openssl-0.9.9-session-ticket.patch deleted file mode 100644 index 3afa639..0000000 --- a/patches/openssl-0.9.9-session-ticket.patch +++ /dev/null  @@ -1,374 +0,0 @@ -This patch adds support for TLS SessionTicket extension (RFC 5077) for -the parts used by EAP-FAST (RFC 4851). - -This is based on the patch from Alexey Kobozev <akobozev@cisco.com> -(sent to openssl-dev mailing list on Tue, 07 Jun 2005 15:40:58 +0300). - -NOTE: This patch (without SSL_set_hello_extension() wrapper) was -merged into the upstream OpenSSL 0.9.9 tree and as such, an external -patch for EAP-FAST support is not needed anymore. - - - -Index: openssl-SNAP-20081111/ssl/s3_clnt.c -=================================================================== ---- openssl-SNAP-20081111.orig/ssl/s3_clnt.c -+++ openssl-SNAP-20081111/ssl/s3_clnt.c -@@ -788,6 +788,23 @@ int ssl3_get_server_hello(SSL *s) - goto f_err; - } - -+#ifndef OPENSSL_NO_TLSEXT -+ /* check if we want to resume the session based on external pre-shared secret */ -+ if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if (s->tls_session_secret_cb(s, s->session->master_key, -+ &s->session->master_key_length, -+ NULL, &pref_cipher, -+ s->tls_session_secret_cb_arg)) -+ { -+ s->session->cipher = pref_cipher ? -+ pref_cipher : ssl_get_cipher_by_char(s, p+j); -+ } -+ } -+#endif /* OPENSSL_NO_TLSEXT */ -+ - if (j != 0 && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { -@@ -2927,11 +2944,8 @@ static int ssl3_check_finished(SSL *s) - { - int ok; - long n; -- /* If we have no ticket or session ID is non-zero length (a match of -- * a non-zero session length would never reach here) it cannot be a -- * resumed session. -- */ -- if (!s->session->tlsext_tick || s->session->session_id_length) -+ /* If we have no ticket it cannot be a resumed session. */ -+ if (!s->session->tlsext_tick) - return 1; - /* this function is called when we really expect a Certificate - * message, so permit appropriate message length */ -Index: openssl-SNAP-20081111/ssl/s3_srvr.c -=================================================================== ---- openssl-SNAP-20081111.orig/ssl/s3_srvr.c -+++ openssl-SNAP-20081111/ssl/s3_srvr.c -@@ -1010,6 +1010,59 @@ int ssl3_get_client_hello(SSL *s) - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); - goto err; - } -+ -+ /* Check if we want to use external pre-shared secret for this -+ * handshake for not reused session only. We need to generate -+ * server_random before calling tls_session_secret_cb in order to allow -+ * SessionTicket processing to use it in key derivation. */ -+ { -+ unsigned long Time; -+ unsigned char *pos; -+ Time=(unsigned long)time(NULL); /* Time */ -+ pos=s->s3->server_random; -+ l2n(Time,pos); -+ if (RAND_pseudo_bytes(pos,SSL3_RANDOM_SIZE-4) <= 0) -+ { -+ al=SSL_AD_INTERNAL_ERROR; -+ goto f_err; -+ } -+ } -+ -+ if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) -+ { -+ SSL_CIPHER *pref_cipher=NULL; -+ -+ s->session->master_key_length=sizeof(s->session->master_key); -+ if(s->tls_session_secret_cb(s, s->session->master_key, &s->session->master_key_length, -+ ciphers, &pref_cipher, s->tls_session_secret_cb_arg)) -+ { -+ s->hit=1; -+ s->session->ciphers=ciphers; -+ s->session->verify_result=X509_V_OK; -+ -+ ciphers=NULL; -+ -+ /* check if some cipher was preferred by call back */ -+ pref_cipher=pref_cipher ? pref_cipher : ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s)); -+ if (pref_cipher == NULL) -+ { -+ al=SSL_AD_HANDSHAKE_FAILURE; -+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); -+ goto f_err; -+ } -+ -+ s->session->cipher=pref_cipher; -+ -+ if (s->cipher_list) -+ sk_SSL_CIPHER_free(s->cipher_list); -+ -+ if (s->cipher_list_by_id) -+ sk_SSL_CIPHER_free(s->cipher_list_by_id); -+ -+ s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); -+ s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers); -+ } -+ } - #endif - - /* Worst case, we will use the NULL compression, but if we have other -@@ -1134,16 +1187,22 @@ int ssl3_send_server_hello(SSL *s) - unsigned char *buf; - unsigned char *p,*d; - int i,sl; -- unsigned long l,Time; -+ unsigned long l; -+#ifdef OPENSSL_NO_TLSEXT -+ unsigned long Time; -+#endif - - if (s->state == SSL3_ST_SW_SRVR_HELLO_A) - { - buf=(unsigned char *)s->init_buf->data; -+#ifdef OPENSSL_NO_TLSEXT - p=s->s3->server_random; -+ /* Generate server_random if it was not needed previously */ - Time=(unsigned long)time(NULL); /* Time */ - l2n(Time,p); - if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) - return -1; -+#endif - /* Do the message type and length last */ - d=p= &(buf[4]); - -Index: openssl-SNAP-20081111/ssl/ssl_err.c -=================================================================== ---- openssl-SNAP-20081111.orig/ssl/ssl_err.c -+++ openssl-SNAP-20081111/ssl/ssl_err.c -@@ -263,6 +263,7 @@ static ERR_STRING_DATA SSL_str_functs[]= - {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"}, - {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "TLS1_SETUP_KEY_BLOCK"}, - {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"}, -+{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"}, - {0,NULL} - }; - -Index: openssl-SNAP-20081111/ssl/ssl.h -=================================================================== ---- openssl-SNAP-20081111.orig/ssl/ssl.h -+++ openssl-SNAP-20081111/ssl/ssl.h -@@ -355,6 +355,7 @@ extern "C" { - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ - typedef struct ssl_st *ssl_crock_st; -+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT; - - /* used to hold info on the particular ciphers used */ - typedef struct ssl_cipher_st -@@ -378,6 +379,8 @@ typedef struct ssl_cipher_st - - DECLARE_STACK_OF(SSL_CIPHER) - -+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); -+ - /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ - typedef struct ssl_method_st - { -@@ -1145,6 +1148,13 @@ struct ssl_st - void *tlsext_opaque_prf_input; - size_t tlsext_opaque_prf_input_len; - -+ /* TLS Session Ticket extension override */ -+ TLS_SESSION_TICKET_EXT *tlsext_session_ticket; -+ -+ /* TLS pre-shared secret session resumption */ -+ tls_session_secret_cb_fn tls_session_secret_cb; -+ void *tls_session_secret_cb_arg; -+ - SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ - #define session_ctx initial_ctx - #else -@@ -1746,6 +1756,16 @@ void *SSL_COMP_get_compression_methods(v - int SSL_COMP_add_compression_method(int id,void *cm); - #endif - -+/* NOTE: This function will be removed; it is only here for backwards -+ * compatibility for the API during testing. */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len); -+ -+/* TLS extensions functions */ -+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len); -+ -+/* Pre-shared secret session resumption functions */ -+int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); -+ - /* BEGIN ERROR CODES */ - /* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. -@@ -1948,6 +1968,7 @@ void ERR_load_SSL_strings(void); - #define SSL_F_TLS1_PRF 284 - #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 - #define SSL_F_WRITE_PENDING 212 -+#define SSL_F_SSL_SET_SESSION_TICKET_EXT 213 - - /* Reason codes. */ - #define SSL_R_APP_DATA_IN_HANDSHAKE 100 -Index: openssl-SNAP-20081111/ssl/ssl_sess.c -=================================================================== ---- openssl-SNAP-20081111.orig/ssl/ssl_sess.c -+++ openssl-SNAP-20081111/ssl/ssl_sess.c -@@ -834,6 +834,62 @@ long SSL_CTX_get_timeout(const SSL_CTX * - return(s->session_timeout); - } - -+#ifndef OPENSSL_NO_TLSEXT -+int SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s, void *secret, int *secret_len, -+ STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg), void *arg) -+ { -+ if (s == NULL) return(0); -+ s->tls_session_secret_cb = tls_session_secret_cb; -+ s->tls_session_secret_cb_arg = arg; -+ return(1); -+ } -+ -+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) -+ { -+ if (s->version >= TLS1_VERSION) -+ { -+ if (s->tlsext_session_ticket) -+ { -+ OPENSSL_free(s->tlsext_session_ticket); -+ s->tlsext_session_ticket = NULL; -+ } -+ -+ s->tlsext_session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); -+ if (!s->tlsext_session_ticket) -+ { -+ SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE); -+ return 0; -+ } -+ -+ if (ext_data) -+ { -+ s->tlsext_session_ticket->length = ext_len; -+ s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1; -+ memcpy(s->tlsext_session_ticket->data, ext_data, ext_len); -+ } -+ else -+ { -+ s->tlsext_session_ticket->length = 0; -+ s->tlsext_session_ticket->data = NULL; -+ } -+ -+ return 1; -+ } -+ -+ return 0; -+ } -+ -+/* NOTE: This function will be removed; it is only here for backwards -+ * compatibility for the API during testing. */ -+int SSL_set_hello_extension(SSL *s, int ext_type, void *ext_data, int ext_len) -+ { -+ if (ext_type != TLSEXT_TYPE_session_ticket) -+ return 0; -+ -+ return SSL_set_session_ticket_ext(s, ext_data, ext_len); -+ } -+#endif /* OPENSSL_NO_TLSEXT */ -+ - typedef struct timeout_param_st - { - SSL_CTX *ctx; -Index: openssl-SNAP-20081111/ssl/t1_lib.c -=================================================================== ---- openssl-SNAP-20081111.orig/ssl/t1_lib.c -+++ openssl-SNAP-20081111/ssl/t1_lib.c -@@ -154,6 +154,12 @@ int tls1_new(SSL *s) - - void tls1_free(SSL *s) - { -+#ifndef OPENSSL_NO_TLSEXT -+ if (s->tlsext_session_ticket) -+ { -+ OPENSSL_free(s->tlsext_session_ticket); -+ } -+#endif /* OPENSSL_NO_TLSEXT */ - ssl3_free(s); - } - -@@ -357,8 +363,23 @@ unsigned char *ssl_add_clienthello_tlsex - int ticklen; - if (s->session && s->session->tlsext_tick) - ticklen = s->session->tlsext_ticklen; -+ else if (s->session && s->tlsext_session_ticket && -+ s->tlsext_session_ticket->data) -+ { -+ ticklen = s->tlsext_session_ticket->length; -+ s->session->tlsext_tick = OPENSSL_malloc(ticklen); -+ if (!s->session->tlsext_tick) -+ return NULL; -+ memcpy(s->session->tlsext_tick, -+ s->tlsext_session_ticket->data, -+ ticklen); -+ s->session->tlsext_ticklen = ticklen; -+ } - else - ticklen = 0; -+ if (ticklen == 0 && s->tlsext_session_ticket && -+ s->tlsext_session_ticket->data == NULL) -+ goto skip_ext; - /* Check for enough room 2 for extension type, 2 for len - * rest for ticket - */ -@@ -371,6 +392,7 @@ unsigned char *ssl_add_clienthello_tlsex - ret += ticklen; - } - } -+ skip_ext: - - #ifdef TLSEXT_TYPE_opaque_prf_input - if (s->s3->client_opaque_prf_input != NULL) -@@ -1435,6 +1457,15 @@ int tls1_process_ticket(SSL *s, unsigned - s->tlsext_ticket_expected = 1; - return 0; /* Cache miss */ - } -+ if (s->tls_session_secret_cb) -+ { -+ /* Indicate cache miss here and instead of -+ * generating the session from ticket now, -+ * trigger abbreviated handshake based on -+ * external mechanism to calculate the master -+ * secret later. */ -+ return 0; -+ } - return tls_decrypt_ticket(s, p, size, session_id, len, - ret); - } -Index: openssl-SNAP-20081111/ssl/tls1.h -=================================================================== ---- openssl-SNAP-20081111.orig/ssl/tls1.h -+++ openssl-SNAP-20081111/ssl/tls1.h -@@ -512,6 +512,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T - #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ - #endif - -+/* TLS Session Ticket extension struct */ -+struct tls_session_ticket_ext_st -+ { -+ unsigned short length; -+ void *data; -+ }; -+ - #ifdef __cplusplus - } - #endif -Index: openssl-SNAP-20081111/util/ssleay.num -=================================================================== ---- openssl-SNAP-20081111.orig/util/ssleay.num -+++ openssl-SNAP-20081111/util/ssleay.num -@@ -254,3 +254,5 @@ PEM_read_bio_SSL_SESSION - SSL_CTX_set_psk_server_callback 303 EXIST::FUNCTION:PSK - SSL_get_psk_identity 304 EXIST::FUNCTION:PSK - PEM_write_SSL_SESSION 305 EXIST:!WIN16:FUNCTION: -+SSL_set_session_ticket_ext 306 EXIST::FUNCTION:TLSEXT -+SSL_set_session_secret_cb 307 EXIST::FUNCTION:TLSEXT  diff --git a/radius_example/.gitignore b/radius_example/.gitignore deleted file mode 100644 index c43e0fa..0000000 --- a/radius_example/.gitignore +++ /dev/null  @@ -1,2 +0,0 @@ -*.d -radius_example  diff --git a/radius_example/Makefile b/radius_example/Makefile deleted file mode 100644 index 92e992c..0000000 --- a/radius_example/Makefile +++ /dev/null  @@ -1,45 +0,0 @@ -ALL=radius_example - -all:$(ALL)
-
-ifndef CC
-CC=gcc
-endif
-
-ifndef LDO
-LDO=$(CC) -endif - -ifndef CFLAGS -CFLAGS = -MMD -O2 -Wall -g -endif - -CFLAGS += -I. -CFLAGS += -I../src -CFLAGS += -I../src/utils - -LIBS = ../src/radius/libradius.a -LIBS += ../src/crypto/libcrypto.a -LIBS += ../src/utils/libutils.a - -../src/utils/libutils.a: -$(MAKE) -C ../src/utils
-
-../src/crypto/libcrypto.a:
-	$(MAKE) -C ../src/crypto - -../src/radius/libradius.a: -$(MAKE) -C ../src/radius
-
-#CLAGS += -DCONFIG_IPV6
-
-
-radius_example: $(OBJS_ex)$(LIBS)
-	$(LDO)$(LDFLAGS) -o radius_example $(OBJS_ex)$(LIBS)
-
-clean:
-	$(MAKE) -C ../src clean - rm -f core *~ *.o *.d$(ALL)
-
--include $(OBJS:%.o=%.d)  diff --git a/radius_example/README b/radius_example/README deleted file mode 100644 index ec458e3..0000000 --- a/radius_example/README +++ /dev/null  @@ -1,35 +0,0 @@ -Example application using RADIUS client as a library -Copyright (c) 2007, Jouni Malinen <j@w1.fi> - -This software may be distributed under the terms of the BSD license. -See the parent directory README for more details. - - -This directory contains an example showing how the RADIUS client -functionality from hostapd can be used as a library in another -program. The example program initializes the RADIUS client and send a -Access-Request using User-Name and User-Password attributes. A reply -from the RADIUS authentication server will be processed and it is used -as a trigger to terminate the example program. - -The RADIUS library links in couple of helper functions from src/utils and -src/crypto directories. Most of these are suitable as-is, but it may -be desirable to replace the debug output code in src/utils/wpa_debug.c -by dropping this file from the library and re-implementing the -functions there in a way that better fits in with the main -application. - -RADIUS client implementation takes care of receiving messages, -timeouts, and retransmissions of packets. Consequently, it requires -functionality for registering timeouts and received packet -notifications. This is implemented using the generic event loop -implementation (see src/utils/eloop.h). - -The main application may either use the included event loop -implementation or alternatively, implement eloop_* wrapper functions -to use whatever event loop design is used in the main program. This -would involve removing src/utils/eloop.o from the library and -implementing following functions defines in src/utils/eloop.h: -eloop_register_timeout(), eloop_cancel_timeout(), -eloop_register_read_sock(), eloop_unregister_read_sock(), and -eloop_terminated().  diff --git a/radius_example/radius_example.c b/radius_example/radius_example.c deleted file mode 100644 index 066707f..0000000 --- a/radius_example/radius_example.c +++ /dev/null  @@ -1,154 +0,0 @@ -/* - * Example application using RADIUS client as a library - * Copyright (c) 2007, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "eloop.h" -#include "radius/radius.h" -#include "radius/radius_client.h" - -extern int wpa_debug_level; - -struct radius_ctx { - struct radius_client_data *radius; - struct hostapd_radius_servers conf; - u8 radius_identifier; - struct in_addr own_ip_addr; -}; - - -static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module, - int level, const char *txt, size_t len) -{ - printf("%s\n", txt); -} - - -/* Process the RADIUS frames from Authentication Server */ -static RadiusRxResult receive_auth(struct radius_msg *msg, - struct radius_msg *req, - const u8 *shared_secret, - size_t shared_secret_len, - void *data) -{ - /* struct radius_ctx *ctx = data; */ - printf("Received RADIUS Authentication message; code=%d\n", - radius_msg_get_hdr(msg)->code); - - /* We're done for this example, so request eloop to terminate. */ - eloop_terminate(); - - return RADIUS_RX_PROCESSED; -} - - -static void start_example(void *eloop_ctx, void *timeout_ctx) -{ - struct radius_ctx *ctx = eloop_ctx; - struct radius_msg *msg; - - printf("Sending a RADIUS authentication message\n"); - - ctx->radius_identifier = radius_client_get_id(ctx->radius); - msg = radius_msg_new(RADIUS_CODE_ACCESS_REQUEST, - ctx->radius_identifier); - if (msg == NULL) { - printf("Could not create net RADIUS packet\n"); - return; - } - - radius_msg_make_authenticator(msg, (u8 *) ctx, sizeof(*ctx)); - - if (!radius_msg_add_attr(msg, RADIUS_ATTR_USER_NAME, - (u8 *) "user", 4)) { - printf("Could not add User-Name\n"); - radius_msg_free(msg); - return; - } - - if (!radius_msg_add_attr_user_password( - msg, (u8 *) "password", 8, - ctx->conf.auth_server->shared_secret, - ctx->conf.auth_server->shared_secret_len)) { - printf("Could not add User-Password\n"); - radius_msg_free(msg); - return; - } - - if (!radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IP_ADDRESS, - (u8 *) &ctx->own_ip_addr, 4)) { - printf("Could not add NAS-IP-Address\n"); - radius_msg_free(msg); - return; - } - - radius_client_send(ctx->radius, msg, RADIUS_AUTH, NULL); -} - - -int main(int argc, char *argv[]) -{ - struct radius_ctx ctx; - struct hostapd_radius_server *srv; - - if (os_program_init()) - return -1; - - hostapd_logger_register_cb(hostapd_logger_cb); - - os_memset(&ctx, 0, sizeof(ctx)); - inet_aton("127.0.0.1", &ctx.own_ip_addr); - - if (eloop_init()) { - printf("Failed to initialize event loop\n"); - return -1; - } - - srv = os_zalloc(sizeof(*srv)); - if (srv == NULL) - return -1; - - srv->addr.af = AF_INET; - srv->port = 1812; - if (hostapd_parse_ip_addr("127.0.0.1", &srv->addr) < 0) { - printf("Failed to parse IP address\n"); - return -1; - } - srv->shared_secret = (u8 *) os_strdup("radius"); - srv->shared_secret_len = 6; - - ctx.conf.auth_server = ctx.conf.auth_servers = srv; - ctx.conf.num_auth_servers = 1; - ctx.conf.msg_dumps = 1; - - ctx.radius = radius_client_init(&ctx, &ctx.conf); - if (ctx.radius == NULL) { - printf("Failed to initialize RADIUS client\n"); - return -1; - } - - if (radius_client_register(ctx.radius, RADIUS_AUTH, receive_auth, - &ctx) < 0) { - printf("Failed to register RADIUS authentication handler\n"); - return -1; - } - - eloop_register_timeout(0, 0, start_example, &ctx, NULL); - - eloop_run(); - - radius_client_deinit(ctx.radius); - os_free(srv->shared_secret); - os_free(srv); - - eloop_destroy(); - os_program_deinit(); - - return 0; -}  diff --git a/tests/.gitignore b/tests/.gitignore deleted file mode 100644 index 39c7447..0000000 --- a/tests/.gitignore +++ /dev/null  @@ -1,14 +0,0 @@ -test-aes -test-asn1 -test-base64 -test-https -test-list -test-md4 -test-md5 -test-milenage -test-ms_funcs -test-rc4 -test-sha1 -test-sha256 -test-x509 -test-x509v3  diff --git a/tests/Makefile b/tests/Makefile deleted file mode 100644 index 0774337..0000000 --- a/tests/Makefile +++ /dev/null  @@ -1,100 +0,0 @@ -TESTS=test-base64 test-md4 test-md5 test-milenage test-ms_funcs test-sha1 \ - test-sha256 test-aes test-asn1 test-x509 test-x509v3 test-list test-rc4 - -all:$(TESTS)
-
-ifndef CC
-CC=gcc
-endif
-
-ifndef LDO
-LDO=$(CC) -endif - -ifndef CFLAGS -CFLAGS = -MMD -O2 -Wall -g -endif - -CFLAGS += -I../src -CFLAGS += -I../src/utils - -SLIBS = ../src/utils/libutils.a - -DLIBS = ../src/crypto/libcrypto.a \ - ../src/tls/libtls.a - -LIBS =$(SLIBS) $(DLIBS) -LLIBS = -Wl,--start-group$(DLIBS) -Wl,--end-group $(SLIBS) - -../src/utils/libutils.a: -$(MAKE) -C ../src/utils
-
-../src/crypto/libcrypto.a:
-	$(MAKE) -C ../src/crypto - -../src/tls/libtls.a: -$(MAKE) -C ../src/tls
-
-
-test-aes: test-aes.o $(LIBS) -$(LDO) $(LDFLAGS) -o$@ $^ - -test-asn1: test-asn1.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$^
-
-test-base64: test-base64.o $(LIBS) -$(LDO) $(LDFLAGS) -o$@ $^ - -test-https: test-https.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$< $(LLIBS) - -test-list: test-list.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$^
-
-test-md4: test-md4.o $(LIBS) -$(LDO) $(LDFLAGS) -o$@ $^ - -test-md5: test-md5.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$^
-
-test-milenage: test-milenage.o $(LIBS) -$(LDO) $(LDFLAGS) -o$@ $^ - -test-ms_funcs: test-ms_funcs.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$^
-
-test-rc4: test-rc4.o $(LIBS) -$(LDO) $(LDFLAGS) -o$@ $^ - -test-sha1: test-sha1.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$^
-
-test-sha256: test-sha256.o $(LIBS) -$(LDO) $(LDFLAGS) -o$@ $^ - -test-x509: test-x509.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$< $(LLIBS) - -test-x509v3: test-x509v3.o$(LIBS)
-	$(LDO)$(LDFLAGS) -o $@$< $(LLIBS) - - -run-tests:$(TESTS)
-	./test-aes
-	./test-list
-	./test-md4
-	./test-md5
-	./test-milenage
-	./test-sha1
-	./test-sha256
-	@echo
-	@echo All tests completed successfully.
-
-clean:
-	$(MAKE) -C ../src clean - rm -f$(TESTS) *~ *.o *.d
-	rm -f test-https
-	rm -f test_x509v3_nist.out.*
-	rm -f test_x509v3_nist2.out.*
-
--include $(OBJS:%.o=%.d)  diff --git a/tests/test-aes.c b/tests/test-aes.c deleted file mode 100644 index f84d86d..0000000 --- a/tests/test-aes.c +++ /dev/null  @@ -1,302 +0,0 @@ -/* - * Test program for AES - * Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "crypto/crypto.h" -#include "crypto/aes_wrap.h" - -#define BLOCK_SIZE 16 - -static void test_aes_perf(void) -{ -#if 0 /* this did not seem to work with new compiler?! */ -#ifdef __i386__ -#define rdtscll(val) \ - __asm__ __volatile__("rdtsc" : "=A" (val)) - const int num_iters = 10; - int i; - unsigned int start, end; - u8 key[16], pt[16], ct[16]; - void *ctx; - - printf("keySetupEnc:"); - for (i = 0; i < num_iters; i++) { - rdtscll(start); - ctx = aes_encrypt_init(key, 16); - rdtscll(end); - aes_encrypt_deinit(ctx); - printf(" %d", end - start); - } - printf("\n"); - - printf("Encrypt:"); - ctx = aes_encrypt_init(key, 16); - for (i = 0; i < num_iters; i++) { - rdtscll(start); - aes_encrypt(ctx, pt, ct); - rdtscll(end); - printf(" %d", end - start); - } - aes_encrypt_deinit(ctx); - printf("\n"); -#endif /* __i386__ */ -#endif -} - - -static int test_eax(void) -{ - u8 msg[] = { 0xF7, 0xFB }; - u8 key[] = { 0x91, 0x94, 0x5D, 0x3F, 0x4D, 0xCB, 0xEE, 0x0B, - 0xF4, 0x5E, 0xF5, 0x22, 0x55, 0xF0, 0x95, 0xA4 }; - u8 nonce[] = { 0xBE, 0xCA, 0xF0, 0x43, 0xB0, 0xA2, 0x3D, 0x84, - 0x31, 0x94, 0xBA, 0x97, 0x2C, 0x66, 0xDE, 0xBD }; - u8 hdr[] = { 0xFA, 0x3B, 0xFD, 0x48, 0x06, 0xEB, 0x53, 0xFA }; - u8 cipher[] = { 0x19, 0xDD, 0x5C, 0x4C, 0x93, 0x31, 0x04, 0x9D, - 0x0B, 0xDA, 0xB0, 0x27, 0x74, 0x08, 0xF6, 0x79, - 0x67, 0xE5 }; - u8 data[sizeof(msg)], tag[BLOCK_SIZE]; - - memcpy(data, msg, sizeof(msg)); - if (aes_128_eax_encrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr), - data, sizeof(data), tag)) { - printf("AES-128 EAX mode encryption failed\n"); - return 1; - } - if (memcmp(data, cipher, sizeof(data)) != 0) { - printf("AES-128 EAX mode encryption returned invalid cipher " - "text\n"); - return 1; - } - if (memcmp(tag, cipher + sizeof(data), BLOCK_SIZE) != 0) { - printf("AES-128 EAX mode encryption returned invalid tag\n"); - return 1; - } - - if (aes_128_eax_decrypt(key, nonce, sizeof(nonce), hdr, sizeof(hdr), - data, sizeof(data), tag)) { - printf("AES-128 EAX mode decryption failed\n"); - return 1; - } - if (memcmp(data, msg, sizeof(data)) != 0) { - printf("AES-128 EAX mode decryption returned invalid plain " - "text\n"); - return 1; - } - - return 0; -} - - -static int test_cbc(void) -{ - struct cbc_test_vector { - u8 key[16]; - u8 iv[16]; - u8 plain[32]; - u8 cipher[32]; - size_t len; - } vectors[] = { - { - { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, - 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06 }, - { 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30, - 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41 }, - "Single block msg", - { 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8, - 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a }, - 16 - }, - { - { 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, - 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a }, - { 0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, - 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58 }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, - { 0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, - 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a, - 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, - 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 }, - 32 - } - }; - int ret = 0; - u8 *buf; - unsigned int i; - - for (i = 0; i < sizeof(vectors) / sizeof(vectors[0]); i++) { - struct cbc_test_vector *tv = &vectors[i]; - buf = malloc(tv->len); - if (buf == NULL) { - ret++; - break; - } - memcpy(buf, tv->plain, tv->len); - if (aes_128_cbc_encrypt(tv->key, tv->iv, buf, tv->len) || - memcmp(buf, tv->cipher, tv->len) != 0) { - printf("AES-CBC encrypt %d failed\n", i); - ret++; - } - memcpy(buf, tv->cipher, tv->len); - if (aes_128_cbc_decrypt(tv->key, tv->iv, buf, tv->len) || - memcmp(buf, tv->plain, tv->len) != 0) { - printf("AES-CBC decrypt %d failed\n", i); - ret++; - } - free(buf); - } - - return ret; -} - - -/* OMAC1 AES-128 test vectors from - * http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/omac/omac-ad.pdf - * which are same as the examples from NIST SP800-38B - * http://csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf - */ - -struct omac1_test_vector { - u8 k[16]; - u8 msg[64]; - int msg_len; - u8 tag[16]; -}; - -static struct omac1_test_vector test_vectors[] = -{ - { - { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, - 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, - { }, - 0, - { 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, - 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46 } - }, - { - { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, - 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, - { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, - 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, - 16, - { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, - 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c } - }, - { - { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, - 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, - { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, - 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, - 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, - 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, - 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11 }, - 40, - { 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30, - 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27 } - }, - { - { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, - 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, - { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, - 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, - 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, - 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, - 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, - 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, - 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, - 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, - 64, - { 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92, - 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe } - }, -}; - - -int main(int argc, char *argv[]) -{ - u8 kek[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f - }; - u8 plain[] = { - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, - 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff - }; - u8 crypt[] = { - 0x1F, 0xA6, 0x8B, 0x0A, 0x81, 0x12, 0xB4, 0x47, - 0xAE, 0xF3, 0x4B, 0xD8, 0xFB, 0x5A, 0x7B, 0x82, - 0x9D, 0x3E, 0x86, 0x23, 0x71, 0xD2, 0xCF, 0xE5 - }; - u8 result[24]; - int ret = 0; - unsigned int i; - struct omac1_test_vector *tv; - - if (aes_wrap(kek, 2, plain, result)) { - printf("AES-WRAP-128-128 reported failure\n"); - ret++; - } - if (memcmp(result, crypt, 24) != 0) { - printf("AES-WRAP-128-128 failed\n"); - ret++; - } - if (aes_unwrap(kek, 2, crypt, result)) { - printf("AES-UNWRAP-128-128 reported failure\n"); - ret++; - } - if (memcmp(result, plain, 16) != 0) { - printf("AES-UNWRAP-128-128 failed\n"); - ret++; - for (i = 0; i < 16; i++) - printf(" %02x", result[i]); - printf("\n"); - } - - test_aes_perf(); - - for (i = 0; i < sizeof(test_vectors) / sizeof(test_vectors[0]); i++) { - tv = &test_vectors[i]; - if (omac1_aes_128(tv->k, tv->msg, tv->msg_len, result) || - memcmp(result, tv->tag, 16) != 0) { - printf("OMAC1-AES-128 test vector %d failed\n", i); - ret++; - } - - if (tv->msg_len > 1) { - const u8 *addr[2]; - size_t len[2]; - - addr[0] = tv->msg; - len[0] = 1; - addr[1] = tv->msg + 1; - len[1] = tv->msg_len - 1; - - if (omac1_aes_128_vector(tv->k, 2, addr, len, - result) || - memcmp(result, tv->tag, 16) != 0) { - printf("OMAC1-AES-128(vector) test vector %d " - "failed\n", i); - ret++; - } - } - } - - ret += test_eax(); - - ret += test_cbc(); - - if (ret) - printf("FAILED!\n"); - - return ret; -}  diff --git a/tests/test-asn1.c b/tests/test-asn1.c deleted file mode 100644 index 7b6f7be..0000000 --- a/tests/test-asn1.c +++ /dev/null  @@ -1,197 +0,0 @@ -/* - * Testing tool for ASN.1 routines - * Copyright (c) 2006-2009, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "tls/asn1.h" - -extern int wpa_debug_level; - - -static const char * asn1_class_str(int class) -{ - switch (class) { - case ASN1_CLASS_UNIVERSAL: - return "Universal"; - case ASN1_CLASS_APPLICATION: - return "Application"; - case ASN1_CLASS_CONTEXT_SPECIFIC: - return "Context-specific"; - case ASN1_CLASS_PRIVATE: - return "Private"; - default: - return "?"; - } -} - - -int asn1_parse(const u8 *buf, size_t len, int level) -{ - const u8 *pos, *prev, *end; - char prefix[10], str[100]; - int _level; - struct asn1_hdr hdr; - struct asn1_oid oid; - u8 tmp; - - _level = level; - if ((size_t) _level > sizeof(prefix) - 1) - _level = sizeof(prefix) - 1; - memset(prefix, ' ', _level); - prefix[_level] = '\0'; - - pos = buf; - end = buf + len; - - while (pos < end) { - if (asn1_get_next(pos, end - pos, &hdr) < 0) - return -1; - - prev = pos; - pos = hdr.payload; - - wpa_printf(MSG_MSGDUMP, "ASN.1:%s Class %d(%s) P/C %d(%s) " - "Tag %u Length %u", - prefix, hdr.class, asn1_class_str(hdr.class), - hdr.constructed, - hdr.constructed ? "Constructed" : "Primitive", - hdr.tag, hdr.length); - - if (hdr.class == ASN1_CLASS_CONTEXT_SPECIFIC && - hdr.constructed) { - if (asn1_parse(pos, hdr.length, level + 1) < 0) - return -1; - pos += hdr.length; - } - - if (hdr.class != ASN1_CLASS_UNIVERSAL) - continue; - - switch (hdr.tag) { - case ASN1_TAG_EOC: - if (hdr.length) { - wpa_printf(MSG_DEBUG, "ASN.1: Non-zero " - "end-of-contents length (%u)", - hdr.length); - return -1; - } - wpa_printf(MSG_MSGDUMP, "ASN.1:%s EOC", prefix); - break; - case ASN1_TAG_BOOLEAN: - if (hdr.length != 1) { - wpa_printf(MSG_DEBUG, "ASN.1: Unexpected " - "Boolean length (%u)", hdr.length); - return -1; - } - tmp = *pos++; - wpa_printf(MSG_MSGDUMP, "ASN.1:%s Boolean %s", - prefix, tmp ? "TRUE" : "FALSE"); - break; - case ASN1_TAG_INTEGER: - wpa_hexdump(MSG_MSGDUMP, "ASN.1: INTEGER", - pos, hdr.length); - pos += hdr.length; - break; - case ASN1_TAG_BITSTRING: - wpa_hexdump(MSG_MSGDUMP, "ASN.1: BitString", - pos, hdr.length); - pos += hdr.length; - break; - case ASN1_TAG_OCTETSTRING: - wpa_hexdump(MSG_MSGDUMP, "ASN.1: OctetString", - pos, hdr.length); - pos += hdr.length; - break; - case ASN1_TAG_NULL: - if (hdr.length) { - wpa_printf(MSG_DEBUG, "ASN.1: Non-zero Null " - "length (%u)", hdr.length); - return -1; - } - wpa_printf(MSG_MSGDUMP, "ASN.1:%s Null", prefix); - break; - case ASN1_TAG_OID: - if (asn1_get_oid(prev, end - prev, &oid, &prev) < 0) { - wpa_printf(MSG_DEBUG, "ASN.1: Invalid OID"); - return -1; - } - asn1_oid_to_str(&oid, str, sizeof(str)); - wpa_printf(MSG_DEBUG, "ASN.1:%s OID %s", prefix, str); - pos += hdr.length; - break; - case ANS1_TAG_RELATIVE_OID: - wpa_hexdump(MSG_MSGDUMP, "ASN.1: Relative OID", - pos, hdr.length); - pos += hdr.length; - break; - case ASN1_TAG_SEQUENCE: - wpa_printf(MSG_MSGDUMP, "ASN.1:%s SEQUENCE", prefix); - if (asn1_parse(pos, hdr.length, level + 1) < 0) - return -1; - pos += hdr.length; - break; - case ASN1_TAG_SET: - wpa_printf(MSG_MSGDUMP, "ASN.1:%s SET", prefix); - if (asn1_parse(pos, hdr.length, level + 1) < 0) - return -1; - pos += hdr.length; - break; - case ASN1_TAG_PRINTABLESTRING: - wpa_hexdump_ascii(MSG_MSGDUMP, - "ASN.1: PrintableString", - pos, hdr.length); - pos += hdr.length; - break; - case ASN1_TAG_IA5STRING: - wpa_hexdump_ascii(MSG_MSGDUMP, "ASN.1: IA5String", - pos, hdr.length); - pos += hdr.length; - break; - case ASN1_TAG_UTCTIME: - wpa_hexdump_ascii(MSG_MSGDUMP, "ASN.1: UTCTIME", - pos, hdr.length); - pos += hdr.length; - break; - case ASN1_TAG_VISIBLESTRING: - wpa_hexdump_ascii(MSG_MSGDUMP, "ASN.1: VisibleString", - pos, hdr.length); - pos += hdr.length; - break; - default: - wpa_printf(MSG_DEBUG, "ASN.1: Unknown tag %d", - hdr.tag); - return -1; - } - } - - return 0; -} - - -int main(int argc, char *argv[]) -{ - FILE *f; - u8 buf[3000]; - size_t len; - - wpa_debug_level = 0; - - f = fopen(argv[1], "rb"); - if (f == NULL) - return -1; - len = fread(buf, 1, sizeof(buf), f); - fclose(f); - - if (asn1_parse(buf, len, 0) < 0) - printf("Failed to parse DER ASN.1\n"); - - printf("\n\n"); - - return 0; -}  diff --git a/tests/test-base64.c b/tests/test-base64.c deleted file mode 100644 index 980febf..0000000 --- a/tests/test-base64.c +++ /dev/null  @@ -1,42 +0,0 @@ -/* - * Base64 encoding/decoding (RFC1341) - test program - * Copyright (c) 2005, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "utils/includes.h" -#include "utils/os.h" -#include "utils/base64.h" - -int main(int argc, char *argv[]) -{ - FILE *f; - size_t len, elen; - unsigned char *buf, *e; - - if (argc != 4) { - printf("Usage: base64 <encode|decode> <in file> <out file>\n"); - return -1; - } - - buf = (unsigned char *) os_readfile(argv[2], &len); - if (buf == NULL) - return -1; - - if (strcmp(argv[1], "encode") == 0) - e = base64_encode(buf, len, &elen); - else - e = base64_decode(buf, len, &elen); - if (e == NULL) - return -2; - f = fopen(argv[3], "w"); - if (f == NULL) - return -3; - fwrite(e, 1, elen, f); - fclose(f); - free(e); - - return 0; -}  diff --git a/tests/test-https.c b/tests/test-https.c deleted file mode 100644 index 2f41500..0000000 --- a/tests/test-https.c +++ /dev/null  @@ -1,228 +0,0 @@ -/* - * Testing tool for TLSv1 client routines using HTTPS - * Copyright (c) 2011, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" -#include <netdb.h> - -#include "common.h" -#include "crypto/tls.h" - -extern int wpa_debug_level; -extern int wpa_debug_show_keys; - - -static void https_tls_event_cb(void *ctx, enum tls_event ev, - union tls_event_data *data) -{ - wpa_printf(MSG_DEBUG, "HTTPS: TLS event %d", ev); -} - - -static struct wpabuf * https_recv(int s) -{ - struct wpabuf *in; - int len, ret; - fd_set rfds; - struct timeval tv; - - in = wpabuf_alloc(20000); - if (in == NULL) - return NULL; - - FD_ZERO(&rfds); - FD_SET(s, &rfds); - tv.tv_sec = 5; - tv.tv_usec = 0; - - wpa_printf(MSG_DEBUG, "Waiting for more data"); - ret = select(s + 1, &rfds, NULL, NULL, &tv); - if (ret < 0) { - wpa_printf(MSG_ERROR, "select: %s", strerror(errno)); - wpabuf_free(in); - return NULL; - } - if (ret == 0) { - /* timeout */ - wpa_printf(MSG_INFO, "Timeout on waiting for data"); - wpabuf_free(in); - return NULL; - } - - len = recv(s, wpabuf_put(in, 0), wpabuf_tailroom(in), 0); - if (len < 0) { - wpa_printf(MSG_ERROR, "recv: %s", strerror(errno)); - wpabuf_free(in); - return NULL; - } - if (len == 0) { - wpa_printf(MSG_DEBUG, "No more data available"); - wpabuf_free(in); - return NULL; - } - wpa_printf(MSG_DEBUG, "Received %d bytes", len); - wpabuf_put(in, len); - - return in; -} - - -static int https_client(int s, const char *path) -{ - struct tls_config conf; - void *tls; - struct tls_connection *conn; - struct wpabuf *in, *out, *appl; - int res = -1; - int need_more_data; - - os_memset(&conf, 0, sizeof(conf)); - conf.event_cb = https_tls_event_cb; - tls = tls_init(&conf); - if (tls == NULL) - return -1; - - conn = tls_connection_init(tls); - if (conn == NULL) { - tls_deinit(tls); - return -1; - } - - in = NULL; - - for (;;) { - appl = NULL; - out = tls_connection_handshake2(tls, conn, in, &appl, - &need_more_data); - wpabuf_free(in); - in = NULL; - if (out == NULL) { - if (need_more_data) - goto read_more; - goto done; - } - if (tls_connection_get_failed(tls, conn)) { - wpa_printf(MSG_ERROR, "TLS handshake failed"); - goto done; - } - if (tls_connection_established(tls, conn)) - break; - wpa_printf(MSG_DEBUG, "Sending %d bytes", - (int) wpabuf_len(out)); - if (send(s, wpabuf_head(out), wpabuf_len(out), 0) < 0) { - wpa_printf(MSG_ERROR, "send: %s", strerror(errno)); - goto done; - } - wpabuf_free(out); - out = NULL; - - read_more: - in = https_recv(s); - if (in == NULL) - goto done; - } - wpabuf_free(out); - out = NULL; - - wpa_printf(MSG_INFO, "TLS connection established"); - if (appl) - wpa_hexdump_buf(MSG_DEBUG, "Received application data", appl); - - in = wpabuf_alloc(100 + os_strlen(path)); - if (in == NULL) - goto done; - wpabuf_put_str(in, "GET "); - wpabuf_put_str(in, path); - wpabuf_put_str(in, " HTTP/1.0\r\n\r\n"); - out = tls_connection_encrypt(tls, conn, in); - wpabuf_free(in); - in = NULL; - if (out == NULL) - goto done; - - wpa_printf(MSG_INFO, "Sending HTTP request: %d bytes", - (int) wpabuf_len(out)); - if (send(s, wpabuf_head(out), wpabuf_len(out), 0) < 0) { - wpa_printf(MSG_ERROR, "send: %s", strerror(errno)); - goto done; - } - wpabuf_free(out); - out = NULL; - - wpa_printf(MSG_INFO, "Reading HTTP response"); - for (;;) { - int need_more_data; - in = https_recv(s); - if (in == NULL) - goto done; - out = tls_connection_decrypt2(tls, conn, in, &need_more_data); - if (need_more_data) - wpa_printf(MSG_DEBUG, "HTTP: Need more data"); - wpabuf_free(in); - in = NULL; - if (out == NULL) - goto done; - wpa_hexdump_ascii(MSG_INFO, "Response", wpabuf_head(out), - wpabuf_len(out)); - wpabuf_free(out); - out = NULL; - } - - res = 0; -done: - wpabuf_free(out); - wpabuf_free(in); - wpabuf_free(appl); - tls_connection_deinit(tls, conn); - tls_deinit(tls); - - return res; -} - - -int main(int argc, char *argv[]) -{ - struct addrinfo hints, *result, *rp; - int res, s; - - wpa_debug_level = 0; - wpa_debug_show_keys = 1; - - if (argc < 4) { - wpa_printf(MSG_INFO, "usage: test-https server port path"); - return -1; - } - - os_memset(&hints, 0, sizeof(hints)); - hints.ai_family = AF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - res = getaddrinfo(argv[1], argv[2], &hints, &result); - if (res) { - wpa_printf(MSG_ERROR, "getaddrinfo: %s", gai_strerror(res)); - return -1; - } - - for (rp = result; rp; rp = rp->ai_next) { - s = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol); - if (s < 0) - continue; - if (connect(s, rp->ai_addr, rp->ai_addrlen) == 0) - break; - close(s); - } - freeaddrinfo(result); - - if (rp == NULL) { - wpa_printf(MSG_ERROR, "Could not connect"); - return -1; - } - - https_client(s, argv[3]); - close(s); - - return 0; -}  diff --git a/tests/test-list.c b/tests/test-list.c deleted file mode 100644 index 01bcbf6..0000000 --- a/tests/test-list.c +++ /dev/null  @@ -1,72 +0,0 @@ -/* - * Doubly-linked list - test program - * Copyright (c) 2009, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "utils/includes.h" -#include "utils/os.h" -#include "utils/list.h" - -struct test { - struct dl_list list; - int value; -}; - -static void dump_list(struct dl_list *head) -{ - struct test *t; - printf("dump:"); - dl_list_for_each(t, head, struct test, list) - printf(" %d", t->value); - printf(" (len=%d%s)\n", dl_list_len(head), - dl_list_empty(head) ? " empty" : ""); -} - -int main(int argc, char *argv[]) -{ - struct dl_list head; - struct test *t, *tmp; - int i; - - dl_list_init(&head); - dump_list(&head); - - for (i = 0; i < 5; i++) { - t = os_zalloc(sizeof(*t)); - if (t == NULL) - return -1; - t->value = i; - dl_list_add(&head, &t->list); - dump_list(&head); - } - - for (i = 10; i > 5; i--) { - t = os_zalloc(sizeof(*t)); - if (t == NULL) - return -1; - t->value = i; - dl_list_add_tail(&head, &t->list); - dump_list(&head); - } - - i = 0; - dl_list_for_each(t, &head, struct test, list) - if (++i == 5) - break; - printf("move: %d\n", t->value); - dl_list_del(&t->list); - dl_list_add(&head, &t->list); - dump_list(&head); - - dl_list_for_each_safe(t, tmp, &head, struct test, list) { - printf("delete: %d\n", t->value); - dl_list_del(&t->list); - os_free(t); - dump_list(&head); - } - - return 0; -}  diff --git a/tests/test-md4.c b/tests/test-md4.c deleted file mode 100644 index 903fd10..0000000 --- a/tests/test-md4.c +++ /dev/null  @@ -1,93 +0,0 @@ -/* - * Test program for MD4 (test vectors from RFC 1320) - * Copyright (c) 2006-2009, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "crypto/crypto.h" - -int main(int argc, char *argv[]) -{ - struct { - char *data; - char *hash; - } tests[] = { - { - "", - "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31" - "\xb7\x3c\x59\xd7\xe0\xc0\x89\xc0" - }, - { - "a", - "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46" - "\x24\x5e\x05\xfb\xdb\xd6\xfb\x24" - }, - { - "abc", - "\xa4\x48\x01\x7a\xaf\x21\xd8\x52" - "\x5f\xc1\x0a\xe8\x7a\xa6\x72\x9d" - }, - { - "message digest", - "\xd9\x13\x0a\x81\x64\x54\x9f\xe8" - "\x18\x87\x48\x06\xe1\xc7\x01\x4b" - }, - { - "abcdefghijklmnopqrstuvwxyz", - "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd" - "\xee\xa8\xed\x63\xdf\x41\x2d\xa9" - }, - { - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" - "0123456789", - "\x04\x3f\x85\x82\xf2\x41\xdb\x35" - "\x1c\xe6\x27\xe1\x53\xe7\xf0\xe4" - }, - { - "12345678901234567890123456789012345678901234567890" - "123456789012345678901234567890", - "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19" - "\x9c\x3e\x7b\x16\x4f\xcc\x05\x36" - } - }; - unsigned int i; - u8 hash[16]; - const u8 *addr[2]; - size_t len[2]; - int errors = 0; - - for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) { - printf("MD4 test case %d:", i); - - addr[0] = (u8 *) tests[i].data; - len[0] = strlen(tests[i].data); - md4_vector(1, addr, len, hash); - if (memcmp(hash, tests[i].hash, 16) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - - if (len[0]) { - addr[0] = (u8 *) tests[i].data; - len[0] = strlen(tests[i].data); - addr[1] = (u8 *) tests[i].data + 1; - len[1] = strlen(tests[i].data) - 1; - md4_vector(1, addr, len, hash); - if (memcmp(hash, tests[i].hash, 16) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - } - - printf("\n"); - } - - return errors; -}  diff --git a/tests/test-md5.c b/tests/test-md5.c deleted file mode 100644 index 5ae0671..0000000 --- a/tests/test-md5.c +++ /dev/null  @@ -1,93 +0,0 @@ -/* - * Test program for MD5 (test vectors from RFC 1321) - * Copyright (c) 2006, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "crypto/crypto.h" - -int main(int argc, char *argv[]) -{ - struct { - char *data; - char *hash; - } tests[] = { - { - "", - "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04" - "\xe9\x80\x09\x98\xec\xf8\x42\x7e" - }, - { - "a", - "\x0c\xc1\x75\xb9\xc0\xf1\xb6\xa8" - "\x31\xc3\x99\xe2\x69\x77\x26\x61" - }, - { - "abc", - "\x90\x01\x50\x98\x3c\xd2\x4f\xb0" - "\xd6\x96\x3f\x7d\x28\xe1\x7f\x72" - }, - { - "message digest", - "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d" - "\x52\x5a\x2f\x31\xaa\xf1\x61\xd0" - }, - { - "abcdefghijklmnopqrstuvwxyz", - "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00" - "\x7d\xfb\x49\x6c\xca\x67\xe1\x3b" - }, - { - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" - "0123456789", - "\xd1\x74\xab\x98\xd2\x77\xd9\xf5" - "\xa5\x61\x1c\x2c\x9f\x41\x9d\x9f" - }, - { - "12345678901234567890123456789012345678901234567890" - "123456789012345678901234567890", - "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55" - "\xac\x49\xda\x2e\x21\x07\xb6\x7a" - } - }; - unsigned int i; - u8 hash[16]; - const u8 *addr[2]; - size_t len[2]; - int errors = 0; - - for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) { - printf("MD5 test case %d:", i); - - addr[0] = (u8 *) tests[i].data; - len[0] = strlen(tests[i].data); - md5_vector(1, addr, len, hash); - if (memcmp(hash, tests[i].hash, 16) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - - if (len[0]) { - addr[0] = (u8 *) tests[i].data; - len[0] = strlen(tests[i].data); - addr[1] = (u8 *) tests[i].data + 1; - len[1] = strlen(tests[i].data) - 1; - md5_vector(1, addr, len, hash); - if (memcmp(hash, tests[i].hash, 16) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - } - - printf("\n"); - } - - return errors; -}  diff --git a/tests/test-milenage.c b/tests/test-milenage.c deleted file mode 100644 index b41e1a7..0000000 --- a/tests/test-milenage.c +++ /dev/null  @@ -1,817 +0,0 @@ -#include "includes.h" - -#include "common.h" -#include "crypto/aes_wrap.h" -#include "crypto/milenage.h" - - -extern int wpa_debug_level; - - -/** - * milenage_opc - Determine OPc from OP and K - * @op: OP = 128-bit operator variant algorithm configuration field - * @k: K = 128-bit subscriber key - * @opc: Buffer for OPc = 128-bit value derived from OP and K - */ -static int milenage_opc(const u8 *op, const u8 *k, u8 *opc) -{ - int i; - /* OP_C = OP XOR E_K(OP) */ - if (aes_128_encrypt_block(k, op, opc) < 0) - return -1; - for (i = 0; i < 16; i++) - opc[i] ^= op[i]; - return 0; -} - - -struct gsm_milenage_test_set { - u8 ki[16]; - u8 rand[16]; - u8 opc[16]; - u8 sres1[4]; - u8 sres2[4]; - u8 kc[8]; -}; - -static const struct gsm_milenage_test_set gsm_test_sets[] = -{ - { - /* 3GPP TS 55.205 v6.0.0 - Test Set 1 */ - { 0x46, 0x5b, 0x5c, 0xe8, 0xb1, 0x99, 0xb4, 0x9f, - 0xaa, 0x5f, 0x0a, 0x2e, 0xe2, 0x38, 0xa6, 0xbc }, - { 0x23, 0x55, 0x3c, 0xbe, 0x96, 0x37, 0xa8, 0x9d, - 0x21, 0x8a, 0xe6, 0x4d, 0xae, 0x47, 0xbf, 0x35 }, - { 0xcd, 0x63, 0xcb, 0x71, 0x95, 0x4a, 0x9f, 0x4e, - 0x48, 0xa5, 0x99, 0x4e, 0x37, 0xa0, 0x2b, 0xaf }, - { 0x46, 0xf8, 0x41, 0x6a }, - { 0xa5, 0x42, 0x11, 0xd5 }, - { 0xea, 0xe4, 0xbe, 0x82, 0x3a, 0xf9, 0xa0, 0x8b } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 2 */ - { 0xfe, 0xc8, 0x6b, 0xa6, 0xeb, 0x70, 0x7e, 0xd0, - 0x89, 0x05, 0x75, 0x7b, 0x1b, 0xb4, 0x4b, 0x8f }, - { 0x9f, 0x7c, 0x8d, 0x02, 0x1a, 0xcc, 0xf4, 0xdb, - 0x21, 0x3c, 0xcf, 0xf0, 0xc7, 0xf7, 0x1a, 0x6a }, - { 0x10, 0x06, 0x02, 0x0f, 0x0a, 0x47, 0x8b, 0xf6, - 0xb6, 0x99, 0xf1, 0x5c, 0x06, 0x2e, 0x42, 0xb3 }, - { 0x8c, 0x30, 0x8a, 0x5e }, - { 0x80, 0x11, 0xc4, 0x8c }, - { 0xaa, 0x01, 0x73, 0x9b, 0x8c, 0xaa, 0x97, 0x6d } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 3 */ - { 0x9e, 0x59, 0x44, 0xae, 0xa9, 0x4b, 0x81, 0x16, - 0x5c, 0x82, 0xfb, 0xf9, 0xf3, 0x2d, 0xb7, 0x51 }, - { 0xce, 0x83, 0xdb, 0xc5, 0x4a, 0xc0, 0x27, 0x4a, - 0x15, 0x7c, 0x17, 0xf8, 0x0d, 0x01, 0x7b, 0xd6 }, - { 0xa6, 0x4a, 0x50, 0x7a, 0xe1, 0xa2, 0xa9, 0x8b, - 0xb8, 0x8e, 0xb4, 0x21, 0x01, 0x35, 0xdc, 0x87 }, - { 0xcf, 0xbc, 0xe3, 0xfe }, - { 0xf3, 0x65, 0xcd, 0x68 }, - { 0x9a, 0x8e, 0xc9, 0x5f, 0x40, 0x8c, 0xc5, 0x07 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 4 */ - { 0x4a, 0xb1, 0xde, 0xb0, 0x5c, 0xa6, 0xce, 0xb0, - 0x51, 0xfc, 0x98, 0xe7, 0x7d, 0x02, 0x6a, 0x84 }, - { 0x74, 0xb0, 0xcd, 0x60, 0x31, 0xa1, 0xc8, 0x33, - 0x9b, 0x2b, 0x6c, 0xe2, 0xb8, 0xc4, 0xa1, 0x86 }, - { 0xdc, 0xf0, 0x7c, 0xbd, 0x51, 0x85, 0x52, 0x90, - 0xb9, 0x2a, 0x07, 0xa9, 0x89, 0x1e, 0x52, 0x3e }, - { 0x96, 0x55, 0xe2, 0x65 }, - { 0x58, 0x60, 0xfc, 0x1b }, - { 0xcd, 0xc1, 0xdc, 0x08, 0x41, 0xb8, 0x1a, 0x22 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 5 */ - { 0x6c, 0x38, 0xa1, 0x16, 0xac, 0x28, 0x0c, 0x45, - 0x4f, 0x59, 0x33, 0x2e, 0xe3, 0x5c, 0x8c, 0x4f }, - { 0xee, 0x64, 0x66, 0xbc, 0x96, 0x20, 0x2c, 0x5a, - 0x55, 0x7a, 0xbb, 0xef, 0xf8, 0xba, 0xbf, 0x63 }, - { 0x38, 0x03, 0xef, 0x53, 0x63, 0xb9, 0x47, 0xc6, - 0xaa, 0xa2, 0x25, 0xe5, 0x8f, 0xae, 0x39, 0x34 }, - { 0x13, 0x68, 0x8f, 0x17 }, - { 0x16, 0xc8, 0x23, 0x3f }, - { 0xdf, 0x75, 0xbc, 0x5e, 0xa8, 0x99, 0x87, 0x9f } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 6 */ - { 0x2d, 0x60, 0x9d, 0x4d, 0xb0, 0xac, 0x5b, 0xf0, - 0xd2, 0xc0, 0xde, 0x26, 0x70, 0x14, 0xde, 0x0d }, - { 0x19, 0x4a, 0xa7, 0x56, 0x01, 0x38, 0x96, 0xb7, - 0x4b, 0x4a, 0x2a, 0x3b, 0x0a, 0xf4, 0x53, 0x9e }, - { 0xc3, 0x5a, 0x0a, 0xb0, 0xbc, 0xbf, 0xc9, 0x25, - 0x2c, 0xaf, 0xf1, 0x5f, 0x24, 0xef, 0xbd, 0xe0 }, - { 0x55, 0x3d, 0x00, 0xb3 }, - { 0x8c, 0x25, 0xa1, 0x6c }, - { 0x84, 0xb4, 0x17, 0xae, 0x3a, 0xea, 0xb4, 0xf3 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 7 */ - { 0xa5, 0x30, 0xa7, 0xfe, 0x42, 0x8f, 0xad, 0x10, - 0x82, 0xc4, 0x5e, 0xdd, 0xfc, 0xe1, 0x38, 0x84 }, - { 0x3a, 0x4c, 0x2b, 0x32, 0x45, 0xc5, 0x0e, 0xb5, - 0xc7, 0x1d, 0x08, 0x63, 0x93, 0x95, 0x76, 0x4d }, - { 0x27, 0x95, 0x3e, 0x49, 0xbc, 0x8a, 0xf6, 0xdc, - 0xc6, 0xe7, 0x30, 0xeb, 0x80, 0x28, 0x6b, 0xe3 }, - { 0x59, 0xf1, 0xa4, 0x4a }, - { 0xa6, 0x32, 0x41, 0xe1 }, - { 0x3b, 0x4e, 0x24, 0x4c, 0xdc, 0x60, 0xce, 0x03 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 8 */ - { 0xd9, 0x15, 0x1c, 0xf0, 0x48, 0x96, 0xe2, 0x58, - 0x30, 0xbf, 0x2e, 0x08, 0x26, 0x7b, 0x83, 0x60 }, - { 0xf7, 0x61, 0xe5, 0xe9, 0x3d, 0x60, 0x3f, 0xeb, - 0x73, 0x0e, 0x27, 0x55, 0x6c, 0xb8, 0xa2, 0xca }, - { 0xc4, 0xc9, 0x3e, 0xff, 0xe8, 0xa0, 0x81, 0x38, - 0xc2, 0x03, 0xd4, 0xc2, 0x7c, 0xe4, 0xe3, 0xd9 }, - { 0x50, 0x58, 0x88, 0x61 }, - { 0x4a, 0x90, 0xb2, 0x17 }, - { 0x8d, 0x4e, 0xc0, 0x1d, 0xe5, 0x97, 0xac, 0xfe } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 9 */ - { 0xa0, 0xe2, 0x97, 0x1b, 0x68, 0x22, 0xe8, 0xd3, - 0x54, 0xa1, 0x8c, 0xc2, 0x35, 0x62, 0x4e, 0xcb }, - { 0x08, 0xef, 0xf8, 0x28, 0xb1, 0x3f, 0xdb, 0x56, - 0x27, 0x22, 0xc6, 0x5c, 0x7f, 0x30, 0xa9, 0xb2 }, - { 0x82, 0xa2, 0x6f, 0x22, 0xbb, 0xa9, 0xe9, 0x48, - 0x8f, 0x94, 0x9a, 0x10, 0xd9, 0x8e, 0x9c, 0xc4 }, - { 0xcd, 0xe6, 0xb0, 0x27 }, - { 0x4b, 0xc2, 0x21, 0x2d }, - { 0xd8, 0xde, 0xbc, 0x4f, 0xfb, 0xcd, 0x60, 0xaa } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 10 */ - { 0x0d, 0xa6, 0xf7, 0xba, 0x86, 0xd5, 0xea, 0xc8, - 0xa1, 0x9c, 0xf5, 0x63, 0xac, 0x58, 0x64, 0x2d }, - { 0x67, 0x9a, 0xc4, 0xdb, 0xac, 0xd7, 0xd2, 0x33, - 0xff, 0x9d, 0x68, 0x06, 0xf4, 0x14, 0x9c, 0xe3 }, - { 0x0d, 0xb1, 0x07, 0x1f, 0x87, 0x67, 0x56, 0x2c, - 0xa4, 0x3a, 0x0a, 0x64, 0xc4, 0x1e, 0x8d, 0x08 }, - { 0x02, 0xd1, 0x3a, 0xcd }, - { 0x6f, 0xc3, 0x0f, 0xee }, - { 0xf0, 0xea, 0xa5, 0x0a, 0x1e, 0xdc, 0xeb, 0xb7 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 11 */ - { 0x77, 0xb4, 0x58, 0x43, 0xc8, 0x8e, 0x58, 0xc1, - 0x0d, 0x20, 0x26, 0x84, 0x51, 0x5e, 0xd4, 0x30 }, - { 0x4c, 0x47, 0xeb, 0x30, 0x76, 0xdc, 0x55, 0xfe, - 0x51, 0x06, 0xcb, 0x20, 0x34, 0xb8, 0xcd, 0x78 }, - { 0xd4, 0x83, 0xaf, 0xae, 0x56, 0x24, 0x09, 0xa3, - 0x26, 0xb5, 0xbb, 0x0b, 0x20, 0xc4, 0xd7, 0x62 }, - { 0x44, 0x38, 0x9d, 0x01 }, - { 0xae, 0xfa, 0x35, 0x7b }, - { 0x82, 0xdb, 0xab, 0x7f, 0x83, 0xf0, 0x63, 0xda } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 12 */ - { 0x72, 0x9b, 0x17, 0x72, 0x92, 0x70, 0xdd, 0x87, - 0xcc, 0xdf, 0x1b, 0xfe, 0x29, 0xb4, 0xe9, 0xbb }, - { 0x31, 0x1c, 0x4c, 0x92, 0x97, 0x44, 0xd6, 0x75, - 0xb7, 0x20, 0xf3, 0xb7, 0xe9, 0xb1, 0xcb, 0xd0 }, - { 0x22, 0x8c, 0x2f, 0x2f, 0x06, 0xac, 0x32, 0x68, - 0xa9, 0xe6, 0x16, 0xee, 0x16, 0xdb, 0x4b, 0xa1 }, - { 0x03, 0xe0, 0xfd, 0x84 }, - { 0x98, 0xdb, 0xbd, 0x09 }, - { 0x3c, 0x66, 0xcb, 0x98, 0xca, 0xb2, 0xd3, 0x3d } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 13 */ - { 0xd3, 0x2d, 0xd2, 0x3e, 0x89, 0xdc, 0x66, 0x23, - 0x54, 0xca, 0x12, 0xeb, 0x79, 0xdd, 0x32, 0xfa }, - { 0xcf, 0x7d, 0x0a, 0xb1, 0xd9, 0x43, 0x06, 0x95, - 0x0b, 0xf1, 0x20, 0x18, 0xfb, 0xd4, 0x68, 0x87 }, - { 0xd2, 0x2a, 0x4b, 0x41, 0x80, 0xa5, 0x32, 0x57, - 0x08, 0xa5, 0xff, 0x70, 0xd9, 0xf6, 0x7e, 0xc7 }, - { 0xbe, 0x73, 0xb3, 0xdc }, - { 0xaf, 0x4a, 0x41, 0x1e }, - { 0x96, 0x12, 0xb5, 0xd8, 0x8a, 0x41, 0x30, 0xbb } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 14 */ - { 0xaf, 0x7c, 0x65, 0xe1, 0x92, 0x72, 0x21, 0xde, - 0x59, 0x11, 0x87, 0xa2, 0xc5, 0x98, 0x7a, 0x53 }, - { 0x1f, 0x0f, 0x85, 0x78, 0x46, 0x4f, 0xd5, 0x9b, - 0x64, 0xbe, 0xd2, 0xd0, 0x94, 0x36, 0xb5, 0x7a }, - { 0xa4, 0xcf, 0x5c, 0x81, 0x55, 0xc0, 0x8a, 0x7e, - 0xff, 0x41, 0x8e, 0x54, 0x43, 0xb9, 0x8e, 0x55 }, - { 0x8f, 0xe0, 0x19, 0xc7 }, - { 0x7b, 0xff, 0xa5, 0xc2 }, - { 0x75, 0xa1, 0x50, 0xdf, 0x3c, 0x6a, 0xed, 0x08 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 15 */ - { 0x5b, 0xd7, 0xec, 0xd3, 0xd3, 0x12, 0x7a, 0x41, - 0xd1, 0x25, 0x39, 0xbe, 0xd4, 0xe7, 0xcf, 0x71 }, - { 0x59, 0xb7, 0x5f, 0x14, 0x25, 0x1c, 0x75, 0x03, - 0x1d, 0x0b, 0xcb, 0xac, 0x1c, 0x2c, 0x04, 0xc7 }, - { 0x76, 0x08, 0x9d, 0x3c, 0x0f, 0xf3, 0xef, 0xdc, - 0x6e, 0x36, 0x72, 0x1d, 0x4f, 0xce, 0xb7, 0x47 }, - { 0x27, 0x20, 0x2b, 0x82 }, - { 0x7e, 0x3f, 0x44, 0xc7 }, - { 0xb7, 0xf9, 0x2e, 0x42, 0x6a, 0x36, 0xfe, 0xc5 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 16 */ - { 0x6c, 0xd1, 0xc6, 0xce, 0xb1, 0xe0, 0x1e, 0x14, - 0xf1, 0xb8, 0x23, 0x16, 0xa9, 0x0b, 0x7f, 0x3d }, - { 0xf6, 0x9b, 0x78, 0xf3, 0x00, 0xa0, 0x56, 0x8b, - 0xce, 0x9f, 0x0c, 0xb9, 0x3c, 0x4b, 0xe4, 0xc9 }, - { 0xa2, 0x19, 0xdc, 0x37, 0xf1, 0xdc, 0x7d, 0x66, - 0x73, 0x8b, 0x58, 0x43, 0xc7, 0x99, 0xf2, 0x06 }, - { 0xdd, 0xd7, 0xef, 0xe6 }, - { 0x70, 0xf6, 0xbd, 0xb9 }, - { 0x88, 0xd9, 0xde, 0x10, 0xa2, 0x20, 0x04, 0xc5 } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 17 */ - { 0xb7, 0x3a, 0x90, 0xcb, 0xcf, 0x3a, 0xfb, 0x62, - 0x2d, 0xba, 0x83, 0xc5, 0x8a, 0x84, 0x15, 0xdf }, - { 0xb1, 0x20, 0xf1, 0xc1, 0xa0, 0x10, 0x2a, 0x2f, - 0x50, 0x7d, 0xd5, 0x43, 0xde, 0x68, 0x28, 0x1f }, - { 0xdf, 0x0c, 0x67, 0x86, 0x8f, 0xa2, 0x5f, 0x74, - 0x8b, 0x70, 0x44, 0xc6, 0xe7, 0xc2, 0x45, 0xb8 }, - { 0x67, 0xe4, 0xff, 0x3f }, - { 0x47, 0x9d, 0xd2, 0x5c }, - { 0xa8, 0x19, 0xe5, 0x77, 0xa8, 0xd6, 0x17, 0x5b } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 18 */ - { 0x51, 0x22, 0x25, 0x02, 0x14, 0xc3, 0x3e, 0x72, - 0x3a, 0x5d, 0xd5, 0x23, 0xfc, 0x14, 0x5f, 0xc0 }, - { 0x81, 0xe9, 0x2b, 0x6c, 0x0e, 0xe0, 0xe1, 0x2e, - 0xbc, 0xeb, 0xa8, 0xd9, 0x2a, 0x99, 0xdf, 0xa5 }, - { 0x98, 0x1d, 0x46, 0x4c, 0x7c, 0x52, 0xeb, 0x6e, - 0x50, 0x36, 0x23, 0x49, 0x84, 0xad, 0x0b, 0xcf }, - { 0x8a, 0x3b, 0x8d, 0x17 }, - { 0x28, 0xd7, 0xb0, 0xf2 }, - { 0x9a, 0x8d, 0x0e, 0x88, 0x3f, 0xf0, 0x88, 0x7a } - }, { - /* 3GPP TS 55.205 v6.0.0 - Test Set 19 */ - { 0x90, 0xdc, 0xa4, 0xed, 0xa4, 0x5b, 0x53, 0xcf, - 0x0f, 0x12, 0xd7, 0xc9, 0xc3, 0xbc, 0x6a, 0x89 }, - { 0x9f, 0xdd, 0xc7, 0x20, 0x92, 0xc6, 0xad, 0x03, - 0x6b, 0x6e, 0x46, 0x47, 0x89, 0x31, 0x5b, 0x78 }, - { 0xcb, 0x9c, 0xcc, 0xc4, 0xb9, 0x25, 0x8e, 0x6d, - 0xca, 0x47, 0x60, 0x37, 0x9f, 0xb8, 0x25, 0x81 }, - { 0xdf, 0x58, 0x52, 0x2f }, - { 0xa9, 0x51, 0x00, 0xe2 }, - { 0xed, 0x29, 0xb2, 0xf1, 0xc2, 0x7f, 0x9f, 0x34 } - } -}; - -#define NUM_GSM_TESTS (sizeof(gsm_test_sets) / sizeof(gsm_test_sets[0])) - - -struct milenage_test_set { - u8 k[16]; - u8 rand[16]; - u8 sqn[6]; - u8 amf[2]; - u8 op[16]; - u8 opc[16]; - u8 f1[8]; - u8 f1star[8]; - u8 f2[8]; - u8 f3[16]; - u8 f4[16]; - u8 f5[6]; - u8 f5star[6]; -}; - -static const struct milenage_test_set test_sets[] = -{ - { - /* 3GPP TS 35.208 v6.0.0 - 4.3.1 Test Set 1 */ - { 0x46, 0x5b, 0x5c, 0xe8, 0xb1, 0x99, 0xb4, 0x9f, - 0xaa, 0x5f, 0x0a, 0x2e, 0xe2, 0x38, 0xa6, 0xbc }, - { 0x23, 0x55, 0x3c, 0xbe, 0x96, 0x37, 0xa8, 0x9d, - 0x21, 0x8a, 0xe6, 0x4d, 0xae, 0x47, 0xbf, 0x35 }, - { 0xff, 0x9b, 0xb4, 0xd0, 0xb6, 0x07 }, - { 0xb9, 0xb9 }, - { 0xcd, 0xc2, 0x02, 0xd5, 0x12, 0x3e, 0x20, 0xf6, - 0x2b, 0x6d, 0x67, 0x6a, 0xc7, 0x2c, 0xb3, 0x18 }, - { 0xcd, 0x63, 0xcb, 0x71, 0x95, 0x4a, 0x9f, 0x4e, - 0x48, 0xa5, 0x99, 0x4e, 0x37, 0xa0, 0x2b, 0xaf }, - { 0x4a, 0x9f, 0xfa, 0xc3, 0x54, 0xdf, 0xaf, 0xb3 }, - { 0x01, 0xcf, 0xaf, 0x9e, 0xc4, 0xe8, 0x71, 0xe9 }, - { 0xa5, 0x42, 0x11, 0xd5, 0xe3, 0xba, 0x50, 0xbf }, - { 0xb4, 0x0b, 0xa9, 0xa3, 0xc5, 0x8b, 0x2a, 0x05, - 0xbb, 0xf0, 0xd9, 0x87, 0xb2, 0x1b, 0xf8, 0xcb }, - { 0xf7, 0x69, 0xbc, 0xd7, 0x51, 0x04, 0x46, 0x04, - 0x12, 0x76, 0x72, 0x71, 0x1c, 0x6d, 0x34, 0x41 }, - { 0xaa, 0x68, 0x9c, 0x64, 0x83, 0x70 }, - { 0x45, 0x1e, 0x8b, 0xec, 0xa4, 0x3b } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.2 Test Set 2 */ - { 0x46, 0x5b, 0x5c, 0xe8, 0xb1, 0x99, 0xb4, 0x9f, - 0xaa, 0x5f, 0x0a, 0x2e, 0xe2, 0x38, 0xa6, 0xbc }, - { 0x23, 0x55, 0x3c, 0xbe, 0x96, 0x37, 0xa8, 0x9d, - 0x21, 0x8a, 0xe6, 0x4d, 0xae, 0x47, 0xbf, 0x35 }, - { 0xff, 0x9b, 0xb4, 0xd0, 0xb6, 0x07 }, - { 0xb9, 0xb9 }, - { 0xcd, 0xc2, 0x02, 0xd5, 0x12, 0x3e, 0x20, 0xf6, - 0x2b, 0x6d, 0x67, 0x6a, 0xc7, 0x2c, 0xb3, 0x18 }, - { 0xcd, 0x63, 0xcb, 0x71, 0x95, 0x4a, 0x9f, 0x4e, - 0x48, 0xa5, 0x99, 0x4e, 0x37, 0xa0, 0x2b, 0xaf }, - { 0x4a, 0x9f, 0xfa, 0xc3, 0x54, 0xdf, 0xaf, 0xb3 }, - { 0x01, 0xcf, 0xaf, 0x9e, 0xc4, 0xe8, 0x71, 0xe9 }, - { 0xa5, 0x42, 0x11, 0xd5, 0xe3, 0xba, 0x50, 0xbf }, - { 0xb4, 0x0b, 0xa9, 0xa3, 0xc5, 0x8b, 0x2a, 0x05, - 0xbb, 0xf0, 0xd9, 0x87, 0xb2, 0x1b, 0xf8, 0xcb }, - { 0xf7, 0x69, 0xbc, 0xd7, 0x51, 0x04, 0x46, 0x04, - 0x12, 0x76, 0x72, 0x71, 0x1c, 0x6d, 0x34, 0x41 }, - { 0xaa, 0x68, 0x9c, 0x64, 0x83, 0x70 }, - { 0x45, 0x1e, 0x8b, 0xec, 0xa4, 0x3b } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.3 Test Set 3 */ - { 0xfe, 0xc8, 0x6b, 0xa6, 0xeb, 0x70, 0x7e, 0xd0, - 0x89, 0x05, 0x75, 0x7b, 0x1b, 0xb4, 0x4b, 0x8f }, - { 0x9f, 0x7c, 0x8d, 0x02, 0x1a, 0xcc, 0xf4, 0xdb, - 0x21, 0x3c, 0xcf, 0xf0, 0xc7, 0xf7, 0x1a, 0x6a }, - { 0x9d, 0x02, 0x77, 0x59, 0x5f, 0xfc }, - { 0x72, 0x5c }, - { 0xdb, 0xc5, 0x9a, 0xdc, 0xb6, 0xf9, 0xa0, 0xef, - 0x73, 0x54, 0x77, 0xb7, 0xfa, 0xdf, 0x83, 0x74 }, - { 0x10, 0x06, 0x02, 0x0f, 0x0a, 0x47, 0x8b, 0xf6, - 0xb6, 0x99, 0xf1, 0x5c, 0x06, 0x2e, 0x42, 0xb3 }, - { 0x9c, 0xab, 0xc3, 0xe9, 0x9b, 0xaf, 0x72, 0x81 }, - { 0x95, 0x81, 0x4b, 0xa2, 0xb3, 0x04, 0x43, 0x24 }, - { 0x80, 0x11, 0xc4, 0x8c, 0x0c, 0x21, 0x4e, 0xd2 }, - { 0x5d, 0xbd, 0xbb, 0x29, 0x54, 0xe8, 0xf3, 0xcd, - 0xe6, 0x65, 0xb0, 0x46, 0x17, 0x9a, 0x50, 0x98 }, - { 0x59, 0xa9, 0x2d, 0x3b, 0x47, 0x6a, 0x04, 0x43, - 0x48, 0x70, 0x55, 0xcf, 0x88, 0xb2, 0x30, 0x7b }, - { 0x33, 0x48, 0x4d, 0xc2, 0x13, 0x6b }, - { 0xde, 0xac, 0xdd, 0x84, 0x8c, 0xc6 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.4 Test Set 4 */ - { 0x9e, 0x59, 0x44, 0xae, 0xa9, 0x4b, 0x81, 0x16, - 0x5c, 0x82, 0xfb, 0xf9, 0xf3, 0x2d, 0xb7, 0x51 }, - { 0xce, 0x83, 0xdb, 0xc5, 0x4a, 0xc0, 0x27, 0x4a, - 0x15, 0x7c, 0x17, 0xf8, 0x0d, 0x01, 0x7b, 0xd6 }, - { 0x0b, 0x60, 0x4a, 0x81, 0xec, 0xa8 }, - { 0x9e, 0x09 }, - { 0x22, 0x30, 0x14, 0xc5, 0x80, 0x66, 0x94, 0xc0, - 0x07, 0xca, 0x1e, 0xee, 0xf5, 0x7f, 0x00, 0x4f }, - { 0xa6, 0x4a, 0x50, 0x7a, 0xe1, 0xa2, 0xa9, 0x8b, - 0xb8, 0x8e, 0xb4, 0x21, 0x01, 0x35, 0xdc, 0x87 }, - { 0x74, 0xa5, 0x82, 0x20, 0xcb, 0xa8, 0x4c, 0x49 }, - { 0xac, 0x2c, 0xc7, 0x4a, 0x96, 0x87, 0x18, 0x37 }, - { 0xf3, 0x65, 0xcd, 0x68, 0x3c, 0xd9, 0x2e, 0x96 }, - { 0xe2, 0x03, 0xed, 0xb3, 0x97, 0x15, 0x74, 0xf5, - 0xa9, 0x4b, 0x0d, 0x61, 0xb8, 0x16, 0x34, 0x5d }, - { 0x0c, 0x45, 0x24, 0xad, 0xea, 0xc0, 0x41, 0xc4, - 0xdd, 0x83, 0x0d, 0x20, 0x85, 0x4f, 0xc4, 0x6b }, - { 0xf0, 0xb9, 0xc0, 0x8a, 0xd0, 0x2e }, - { 0x60, 0x85, 0xa8, 0x6c, 0x6f, 0x63 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.5 Test Set 5 */ - { 0x4a, 0xb1, 0xde, 0xb0, 0x5c, 0xa6, 0xce, 0xb0, - 0x51, 0xfc, 0x98, 0xe7, 0x7d, 0x02, 0x6a, 0x84 }, - { 0x74, 0xb0, 0xcd, 0x60, 0x31, 0xa1, 0xc8, 0x33, - 0x9b, 0x2b, 0x6c, 0xe2, 0xb8, 0xc4, 0xa1, 0x86 }, - { 0xe8, 0x80, 0xa1, 0xb5, 0x80, 0xb6 }, - { 0x9f, 0x07 }, - { 0x2d, 0x16, 0xc5, 0xcd, 0x1f, 0xdf, 0x6b, 0x22, - 0x38, 0x35, 0x84, 0xe3, 0xbe, 0xf2, 0xa8, 0xd8 }, - { 0xdc, 0xf0, 0x7c, 0xbd, 0x51, 0x85, 0x52, 0x90, - 0xb9, 0x2a, 0x07, 0xa9, 0x89, 0x1e, 0x52, 0x3e }, - { 0x49, 0xe7, 0x85, 0xdd, 0x12, 0x62, 0x6e, 0xf2 }, - { 0x9e, 0x85, 0x79, 0x03, 0x36, 0xbb, 0x3f, 0xa2 }, - { 0x58, 0x60, 0xfc, 0x1b, 0xce, 0x35, 0x1e, 0x7e }, - { 0x76, 0x57, 0x76, 0x6b, 0x37, 0x3d, 0x1c, 0x21, - 0x38, 0xf3, 0x07, 0xe3, 0xde, 0x92, 0x42, 0xf9 }, - { 0x1c, 0x42, 0xe9, 0x60, 0xd8, 0x9b, 0x8f, 0xa9, - 0x9f, 0x27, 0x44, 0xe0, 0x70, 0x8c, 0xcb, 0x53 }, - { 0x31, 0xe1, 0x1a, 0x60, 0x91, 0x18 }, - { 0xfe, 0x25, 0x55, 0xe5, 0x4a, 0xa9 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.6 Test Set 6 */ - { 0x6c, 0x38, 0xa1, 0x16, 0xac, 0x28, 0x0c, 0x45, - 0x4f, 0x59, 0x33, 0x2e, 0xe3, 0x5c, 0x8c, 0x4f }, - { 0xee, 0x64, 0x66, 0xbc, 0x96, 0x20, 0x2c, 0x5a, - 0x55, 0x7a, 0xbb, 0xef, 0xf8, 0xba, 0xbf, 0x63 }, - { 0x41, 0x4b, 0x98, 0x22, 0x21, 0x81 }, - { 0x44, 0x64 }, - { 0x1b, 0xa0, 0x0a, 0x1a, 0x7c, 0x67, 0x00, 0xac, - 0x8c, 0x3f, 0xf3, 0xe9, 0x6a, 0xd0, 0x87, 0x25 }, - { 0x38, 0x03, 0xef, 0x53, 0x63, 0xb9, 0x47, 0xc6, - 0xaa, 0xa2, 0x25, 0xe5, 0x8f, 0xae, 0x39, 0x34 }, - { 0x07, 0x8a, 0xdf, 0xb4, 0x88, 0x24, 0x1a, 0x57 }, - { 0x80, 0x24, 0x6b, 0x8d, 0x01, 0x86, 0xbc, 0xf1 }, - { 0x16, 0xc8, 0x23, 0x3f, 0x05, 0xa0, 0xac, 0x28 }, - { 0x3f, 0x8c, 0x75, 0x87, 0xfe, 0x8e, 0x4b, 0x23, - 0x3a, 0xf6, 0x76, 0xae, 0xde, 0x30, 0xba, 0x3b }, - { 0xa7, 0x46, 0x6c, 0xc1, 0xe6, 0xb2, 0xa1, 0x33, - 0x7d, 0x49, 0xd3, 0xb6, 0x6e, 0x95, 0xd7, 0xb4 }, - { 0x45, 0xb0, 0xf6, 0x9a, 0xb0, 0x6c }, - { 0x1f, 0x53, 0xcd, 0x2b, 0x11, 0x13 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.7 Test Set 7 */ - { 0x2d, 0x60, 0x9d, 0x4d, 0xb0, 0xac, 0x5b, 0xf0, - 0xd2, 0xc0, 0xde, 0x26, 0x70, 0x14, 0xde, 0x0d }, - { 0x19, 0x4a, 0xa7, 0x56, 0x01, 0x38, 0x96, 0xb7, - 0x4b, 0x4a, 0x2a, 0x3b, 0x0a, 0xf4, 0x53, 0x9e }, - { 0x6b, 0xf6, 0x94, 0x38, 0xc2, 0xe4 }, - { 0x5f, 0x67 }, - { 0x46, 0x0a, 0x48, 0x38, 0x54, 0x27, 0xaa, 0x39, - 0x26, 0x4a, 0xac, 0x8e, 0xfc, 0x9e, 0x73, 0xe8 }, - { 0xc3, 0x5a, 0x0a, 0xb0, 0xbc, 0xbf, 0xc9, 0x25, - 0x2c, 0xaf, 0xf1, 0x5f, 0x24, 0xef, 0xbd, 0xe0 }, - { 0xbd, 0x07, 0xd3, 0x00, 0x3b, 0x9e, 0x5c, 0xc3 }, - { 0xbc, 0xb6, 0xc2, 0xfc, 0xad, 0x15, 0x22, 0x50 }, - { 0x8c, 0x25, 0xa1, 0x6c, 0xd9, 0x18, 0xa1, 0xdf }, - { 0x4c, 0xd0, 0x84, 0x60, 0x20, 0xf8, 0xfa, 0x07, - 0x31, 0xdd, 0x47, 0xcb, 0xdc, 0x6b, 0xe4, 0x11 }, - { 0x88, 0xab, 0x80, 0xa4, 0x15, 0xf1, 0x5c, 0x73, - 0x71, 0x12, 0x54, 0xa1, 0xd3, 0x88, 0xf6, 0x96 }, - { 0x7e, 0x64, 0x55, 0xf3, 0x4c, 0xf3 }, - { 0xdc, 0x6d, 0xd0, 0x1e, 0x8f, 0x15 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.8 Test Set 8 */ - { 0xa5, 0x30, 0xa7, 0xfe, 0x42, 0x8f, 0xad, 0x10, - 0x82, 0xc4, 0x5e, 0xdd, 0xfc, 0xe1, 0x38, 0x84 }, - { 0x3a, 0x4c, 0x2b, 0x32, 0x45, 0xc5, 0x0e, 0xb5, - 0xc7, 0x1d, 0x08, 0x63, 0x93, 0x95, 0x76, 0x4d }, - { 0xf6, 0x3f, 0x5d, 0x76, 0x87, 0x84 }, - { 0xb9, 0x0e }, - { 0x51, 0x1c, 0x6c, 0x4e, 0x83, 0xe3, 0x8c, 0x89, - 0xb1, 0xc5, 0xd8, 0xdd, 0xe6, 0x24, 0x26, 0xfa }, - { 0x27, 0x95, 0x3e, 0x49, 0xbc, 0x8a, 0xf6, 0xdc, - 0xc6, 0xe7, 0x30, 0xeb, 0x80, 0x28, 0x6b, 0xe3 }, - { 0x53, 0x76, 0x1f, 0xbd, 0x67, 0x9b, 0x0b, 0xad }, - { 0x21, 0xad, 0xfd, 0x33, 0x4a, 0x10, 0xe7, 0xce }, - { 0xa6, 0x32, 0x41, 0xe1, 0xff, 0xc3, 0xe5, 0xab }, - { 0x10, 0xf0, 0x5b, 0xab, 0x75, 0xa9, 0x9a, 0x5f, - 0xbb, 0x98, 0xa9, 0xc2, 0x87, 0x67, 0x9c, 0x3b }, - { 0xf9, 0xec, 0x08, 0x65, 0xeb, 0x32, 0xf2, 0x23, - 0x69, 0xca, 0xde, 0x40, 0xc5, 0x9c, 0x3a, 0x44 }, - { 0x88, 0x19, 0x6c, 0x47, 0x98, 0x6f }, - { 0xc9, 0x87, 0xa3, 0xd2, 0x31, 0x15 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.9 Test Set 9 */ - { 0xd9, 0x15, 0x1c, 0xf0, 0x48, 0x96, 0xe2, 0x58, - 0x30, 0xbf, 0x2e, 0x08, 0x26, 0x7b, 0x83, 0x60 }, - { 0xf7, 0x61, 0xe5, 0xe9, 0x3d, 0x60, 0x3f, 0xeb, - 0x73, 0x0e, 0x27, 0x55, 0x6c, 0xb8, 0xa2, 0xca }, - { 0x47, 0xee, 0x01, 0x99, 0x82, 0x0a }, - { 0x91, 0x13 }, - { 0x75, 0xfc, 0x22, 0x33, 0xa4, 0x42, 0x94, 0xee, - 0x8e, 0x6d, 0xe2, 0x5c, 0x43, 0x53, 0xd2, 0x6b }, - { 0xc4, 0xc9, 0x3e, 0xff, 0xe8, 0xa0, 0x81, 0x38, - 0xc2, 0x03, 0xd4, 0xc2, 0x7c, 0xe4, 0xe3, 0xd9 }, - { 0x66, 0xcc, 0x4b, 0xe4, 0x48, 0x62, 0xaf, 0x1f }, - { 0x7a, 0x4b, 0x8d, 0x7a, 0x87, 0x53, 0xf2, 0x46 }, - { 0x4a, 0x90, 0xb2, 0x17, 0x1a, 0xc8, 0x3a, 0x76 }, - { 0x71, 0x23, 0x6b, 0x71, 0x29, 0xf9, 0xb2, 0x2a, - 0xb7, 0x7e, 0xa7, 0xa5, 0x4c, 0x96, 0xda, 0x22 }, - { 0x90, 0x52, 0x7e, 0xba, 0xa5, 0x58, 0x89, 0x68, - 0xdb, 0x41, 0x72, 0x73, 0x25, 0xa0, 0x4d, 0x9e }, - { 0x82, 0xa0, 0xf5, 0x28, 0x7a, 0x71 }, - { 0x52, 0x7d, 0xbf, 0x41, 0xf3, 0x5f } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.10 Test Set 10 */ - { 0xa0, 0xe2, 0x97, 0x1b, 0x68, 0x22, 0xe8, 0xd3, - 0x54, 0xa1, 0x8c, 0xc2, 0x35, 0x62, 0x4e, 0xcb }, - { 0x08, 0xef, 0xf8, 0x28, 0xb1, 0x3f, 0xdb, 0x56, - 0x27, 0x22, 0xc6, 0x5c, 0x7f, 0x30, 0xa9, 0xb2 }, - { 0xdb, 0x5c, 0x06, 0x64, 0x81, 0xe0 }, - { 0x71, 0x6b }, - { 0x32, 0x37, 0x92, 0xfa, 0xca, 0x21, 0xfb, 0x4d, - 0x5d, 0x6f, 0x13, 0xc1, 0x45, 0xa9, 0xd2, 0xc1 }, - { 0x82, 0xa2, 0x6f, 0x22, 0xbb, 0xa9, 0xe9, 0x48, - 0x8f, 0x94, 0x9a, 0x10, 0xd9, 0x8e, 0x9c, 0xc4 }, - { 0x94, 0x85, 0xfe, 0x24, 0x62, 0x1c, 0xb9, 0xf6 }, - { 0xbc, 0xe3, 0x25, 0xce, 0x03, 0xe2, 0xe9, 0xb9 }, - { 0x4b, 0xc2, 0x21, 0x2d, 0x86, 0x24, 0x91, 0x0a }, - { 0x08, 0xce, 0xf6, 0xd0, 0x04, 0xec, 0x61, 0x47, - 0x1a, 0x3c, 0x3c, 0xda, 0x04, 0x81, 0x37, 0xfa }, - { 0xed, 0x03, 0x18, 0xca, 0x5d, 0xeb, 0x92, 0x06, - 0x27, 0x2f, 0x6e, 0x8f, 0xa6, 0x4b, 0xa4, 0x11 }, - { 0xa2, 0xf8, 0x58, 0xaa, 0x9e, 0x5d }, - { 0x74, 0xe7, 0x6f, 0xbb, 0xec, 0x38 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.11 Test Set 11 */ - { 0x0d, 0xa6, 0xf7, 0xba, 0x86, 0xd5, 0xea, 0xc8, - 0xa1, 0x9c, 0xf5, 0x63, 0xac, 0x58, 0x64, 0x2d }, - { 0x67, 0x9a, 0xc4, 0xdb, 0xac, 0xd7, 0xd2, 0x33, - 0xff, 0x9d, 0x68, 0x06, 0xf4, 0x14, 0x9c, 0xe3 }, - { 0x6e, 0x23, 0x31, 0xd6, 0x92, 0xad }, - { 0x22, 0x4a }, - { 0x4b, 0x9a, 0x26, 0xfa, 0x45, 0x9e, 0x3a, 0xcb, - 0xff, 0x36, 0xf4, 0x01, 0x5d, 0xe3, 0xbd, 0xc1 }, - { 0x0d, 0xb1, 0x07, 0x1f, 0x87, 0x67, 0x56, 0x2c, - 0xa4, 0x3a, 0x0a, 0x64, 0xc4, 0x1e, 0x8d, 0x08 }, - { 0x28, 0x31, 0xd7, 0xae, 0x90, 0x88, 0xe4, 0x92 }, - { 0x9b, 0x2e, 0x16, 0x95, 0x11, 0x35, 0xd5, 0x23 }, - { 0x6f, 0xc3, 0x0f, 0xee, 0x6d, 0x12, 0x35, 0x23 }, - { 0x69, 0xb1, 0xca, 0xe7, 0xc7, 0x42, 0x9d, 0x97, - 0x5e, 0x24, 0x5c, 0xac, 0xb0, 0x5a, 0x51, 0x7c }, - { 0x74, 0xf2, 0x4e, 0x8c, 0x26, 0xdf, 0x58, 0xe1, - 0xb3, 0x8d, 0x7d, 0xcd, 0x4f, 0x1b, 0x7f, 0xbd }, - { 0x4c, 0x53, 0x9a, 0x26, 0xe1, 0xfa }, - { 0x07, 0x86, 0x1e, 0x12, 0x69, 0x28 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.12 Test Set 12 */ - { 0x77, 0xb4, 0x58, 0x43, 0xc8, 0x8e, 0x58, 0xc1, - 0x0d, 0x20, 0x26, 0x84, 0x51, 0x5e, 0xd4, 0x30 }, - { 0x4c, 0x47, 0xeb, 0x30, 0x76, 0xdc, 0x55, 0xfe, - 0x51, 0x06, 0xcb, 0x20, 0x34, 0xb8, 0xcd, 0x78 }, - { 0xfe, 0x1a, 0x87, 0x31, 0x00, 0x5d }, - { 0xad, 0x25 }, - { 0xbf, 0x32, 0x86, 0xc7, 0xa5, 0x14, 0x09, 0xce, - 0x95, 0x72, 0x4d, 0x50, 0x3b, 0xfe, 0x6e, 0x70 }, - { 0xd4, 0x83, 0xaf, 0xae, 0x56, 0x24, 0x09, 0xa3, - 0x26, 0xb5, 0xbb, 0x0b, 0x20, 0xc4, 0xd7, 0x62 }, - { 0x08, 0x33, 0x2d, 0x7e, 0x9f, 0x48, 0x45, 0x70 }, - { 0xed, 0x41, 0xb7, 0x34, 0x48, 0x9d, 0x52, 0x07 }, - { 0xae, 0xfa, 0x35, 0x7b, 0xea, 0xc2, 0xa8, 0x7a }, - { 0x90, 0x8c, 0x43, 0xf0, 0x56, 0x9c, 0xb8, 0xf7, - 0x4b, 0xc9, 0x71, 0xe7, 0x06, 0xc3, 0x6c, 0x5f }, - { 0xc2, 0x51, 0xdf, 0x0d, 0x88, 0x8d, 0xd9, 0x32, - 0x9b, 0xcf, 0x46, 0x65, 0x5b, 0x22, 0x6e, 0x40 }, - { 0x30, 0xff, 0x25, 0xcd, 0xad, 0xf6 }, - { 0xe8, 0x4e, 0xd0, 0xd4, 0x67, 0x7e } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.13 Test Set 13 */ - { 0x72, 0x9b, 0x17, 0x72, 0x92, 0x70, 0xdd, 0x87, - 0xcc, 0xdf, 0x1b, 0xfe, 0x29, 0xb4, 0xe9, 0xbb }, - { 0x31, 0x1c, 0x4c, 0x92, 0x97, 0x44, 0xd6, 0x75, - 0xb7, 0x20, 0xf3, 0xb7, 0xe9, 0xb1, 0xcb, 0xd0 }, - { 0xc8, 0x5c, 0x4c, 0xf6, 0x59, 0x16 }, - { 0x5b, 0xb2 }, - { 0xd0, 0x4c, 0x9c, 0x35, 0xbd, 0x22, 0x62, 0xfa, - 0x81, 0x0d, 0x29, 0x24, 0xd0, 0x36, 0xfd, 0x13 }, - { 0x22, 0x8c, 0x2f, 0x2f, 0x06, 0xac, 0x32, 0x68, - 0xa9, 0xe6, 0x16, 0xee, 0x16, 0xdb, 0x4b, 0xa1 }, - { 0xff, 0x79, 0x4f, 0xe2, 0xf8, 0x27, 0xeb, 0xf8 }, - { 0x24, 0xfe, 0x4d, 0xc6, 0x1e, 0x87, 0x4b, 0x52 }, - { 0x98, 0xdb, 0xbd, 0x09, 0x9b, 0x3b, 0x40, 0x8d }, - { 0x44, 0xc0, 0xf2, 0x3c, 0x54, 0x93, 0xcf, 0xd2, - 0x41, 0xe4, 0x8f, 0x19, 0x7e, 0x1d, 0x10, 0x12 }, - { 0x0c, 0x9f, 0xb8, 0x16, 0x13, 0x88, 0x4c, 0x25, - 0x35, 0xdd, 0x0e, 0xab, 0xf3, 0xb4, 0x40, 0xd8 }, - { 0x53, 0x80, 0xd1, 0x58, 0xcf, 0xe3 }, - { 0x87, 0xac, 0x3b, 0x55, 0x9f, 0xb6 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.14 Test Set 14 */ - { 0xd3, 0x2d, 0xd2, 0x3e, 0x89, 0xdc, 0x66, 0x23, - 0x54, 0xca, 0x12, 0xeb, 0x79, 0xdd, 0x32, 0xfa }, - { 0xcf, 0x7d, 0x0a, 0xb1, 0xd9, 0x43, 0x06, 0x95, - 0x0b, 0xf1, 0x20, 0x18, 0xfb, 0xd4, 0x68, 0x87 }, - { 0x48, 0x41, 0x07, 0xe5, 0x6a, 0x43 }, - { 0xb5, 0xe6 }, - { 0xfe, 0x75, 0x90, 0x5b, 0x9d, 0xa4, 0x7d, 0x35, - 0x62, 0x36, 0xd0, 0x31, 0x4e, 0x09, 0xc3, 0x2e }, - { 0xd2, 0x2a, 0x4b, 0x41, 0x80, 0xa5, 0x32, 0x57, - 0x08, 0xa5, 0xff, 0x70, 0xd9, 0xf6, 0x7e, 0xc7 }, - { 0xcf, 0x19, 0xd6, 0x2b, 0x6a, 0x80, 0x98, 0x66 }, - { 0x5d, 0x26, 0x95, 0x37, 0xe4, 0x5e, 0x2c, 0xe6 }, - { 0xaf, 0x4a, 0x41, 0x1e, 0x11, 0x39, 0xf2, 0xc2 }, - { 0x5a, 0xf8, 0x6b, 0x80, 0xed, 0xb7, 0x0d, 0xf5, - 0x29, 0x2c, 0xc1, 0x12, 0x1c, 0xba, 0xd5, 0x0c }, - { 0x7f, 0x4d, 0x6a, 0xe7, 0x44, 0x0e, 0x18, 0x78, - 0x9a, 0x8b, 0x75, 0xad, 0x3f, 0x42, 0xf0, 0x3a }, - { 0x21, 0x7a, 0xf4, 0x92, 0x72, 0xad }, - { 0x90, 0x0e, 0x10, 0x1c, 0x67, 0x7e } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.15 Test Set 15 */ - { 0xaf, 0x7c, 0x65, 0xe1, 0x92, 0x72, 0x21, 0xde, - 0x59, 0x11, 0x87, 0xa2, 0xc5, 0x98, 0x7a, 0x53 }, - { 0x1f, 0x0f, 0x85, 0x78, 0x46, 0x4f, 0xd5, 0x9b, - 0x64, 0xbe, 0xd2, 0xd0, 0x94, 0x36, 0xb5, 0x7a }, - { 0x3d, 0x62, 0x7b, 0x01, 0x41, 0x8d }, - { 0x84, 0xf6 }, - { 0x0c, 0x7a, 0xcb, 0x8d, 0x95, 0xb7, 0xd4, 0xa3, - 0x1c, 0x5a, 0xca, 0x6d, 0x26, 0x34, 0x5a, 0x88 }, - { 0xa4, 0xcf, 0x5c, 0x81, 0x55, 0xc0, 0x8a, 0x7e, - 0xff, 0x41, 0x8e, 0x54, 0x43, 0xb9, 0x8e, 0x55 }, - { 0xc3, 0x7c, 0xae, 0x78, 0x05, 0x64, 0x20, 0x32 }, - { 0x68, 0xcd, 0x09, 0xa4, 0x52, 0xd8, 0xdb, 0x7c }, - { 0x7b, 0xff, 0xa5, 0xc2, 0xf4, 0x1f, 0xbc, 0x05 }, - { 0x3f, 0x8c, 0x3f, 0x3c, 0xcf, 0x76, 0x25, 0xbf, - 0x77, 0xfc, 0x94, 0xbc, 0xfd, 0x22, 0xfd, 0x26 }, - { 0xab, 0xcb, 0xae, 0x8f, 0xd4, 0x61, 0x15, 0xe9, - 0x96, 0x1a, 0x55, 0xd0, 0xda, 0x5f, 0x20, 0x78 }, - { 0x83, 0x7f, 0xd7, 0xb7, 0x44, 0x19 }, - { 0x56, 0xe9, 0x7a, 0x60, 0x90, 0xb1 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.16 Test Set 16 */ - { 0x5b, 0xd7, 0xec, 0xd3, 0xd3, 0x12, 0x7a, 0x41, - 0xd1, 0x25, 0x39, 0xbe, 0xd4, 0xe7, 0xcf, 0x71 }, - { 0x59, 0xb7, 0x5f, 0x14, 0x25, 0x1c, 0x75, 0x03, - 0x1d, 0x0b, 0xcb, 0xac, 0x1c, 0x2c, 0x04, 0xc7 }, - { 0xa2, 0x98, 0xae, 0x89, 0x29, 0xdc }, - { 0xd0, 0x56 }, - { 0xf9, 0x67, 0xf7, 0x60, 0x38, 0xb9, 0x20, 0xa9, - 0xcd, 0x25, 0xe1, 0x0c, 0x08, 0xb4, 0x99, 0x24 }, - { 0x76, 0x08, 0x9d, 0x3c, 0x0f, 0xf3, 0xef, 0xdc, - 0x6e, 0x36, 0x72, 0x1d, 0x4f, 0xce, 0xb7, 0x47 }, - { 0xc3, 0xf2, 0x5c, 0xd9, 0x43, 0x09, 0x10, 0x7e }, - { 0xb0, 0xc8, 0xba, 0x34, 0x36, 0x65, 0xaf, 0xcc }, - { 0x7e, 0x3f, 0x44, 0xc7, 0x59, 0x1f, 0x6f, 0x45 }, - { 0xd4, 0x2b, 0x2d, 0x61, 0x5e, 0x49, 0xa0, 0x3a, - 0xc2, 0x75, 0xa5, 0xae, 0xf9, 0x7a, 0xf8, 0x92 }, - { 0x0b, 0x3f, 0x8d, 0x02, 0x4f, 0xe6, 0xbf, 0xaf, - 0xaa, 0x98, 0x2b, 0x8f, 0x82, 0xe3, 0x19, 0xc2 }, - { 0x5b, 0xe1, 0x14, 0x95, 0x52, 0x5d }, - { 0x4d, 0x6a, 0x34, 0xa1, 0xe4, 0xeb } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.17 Test Set 17 */ - { 0x6c, 0xd1, 0xc6, 0xce, 0xb1, 0xe0, 0x1e, 0x14, - 0xf1, 0xb8, 0x23, 0x16, 0xa9, 0x0b, 0x7f, 0x3d }, - { 0xf6, 0x9b, 0x78, 0xf3, 0x00, 0xa0, 0x56, 0x8b, - 0xce, 0x9f, 0x0c, 0xb9, 0x3c, 0x4b, 0xe4, 0xc9 }, - { 0xb4, 0xfc, 0xe5, 0xfe, 0xb0, 0x59 }, - { 0xe4, 0xbb }, - { 0x07, 0x8b, 0xfc, 0xa9, 0x56, 0x46, 0x59, 0xec, - 0xd8, 0x85, 0x1e, 0x84, 0xe6, 0xc5, 0x9b, 0x48 }, - { 0xa2, 0x19, 0xdc, 0x37, 0xf1, 0xdc, 0x7d, 0x66, - 0x73, 0x8b, 0x58, 0x43, 0xc7, 0x99, 0xf2, 0x06 }, - { 0x69, 0xa9, 0x08, 0x69, 0xc2, 0x68, 0xcb, 0x7b }, - { 0x2e, 0x0f, 0xdc, 0xf9, 0xfd, 0x1c, 0xfa, 0x6a }, - { 0x70, 0xf6, 0xbd, 0xb9, 0xad, 0x21, 0x52, 0x5f }, - { 0x6e, 0xda, 0xf9, 0x9e, 0x5b, 0xd9, 0xf8, 0x5d, - 0x5f, 0x36, 0xd9, 0x1c, 0x12, 0x72, 0xfb, 0x4b }, - { 0xd6, 0x1c, 0x85, 0x3c, 0x28, 0x0d, 0xd9, 0xc4, - 0x6f, 0x29, 0x7b, 0xae, 0xc3, 0x86, 0xde, 0x17 }, - { 0x1c, 0x40, 0x8a, 0x85, 0x8b, 0x3e }, - { 0xaa, 0x4a, 0xe5, 0x2d, 0xaa, 0x30 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.18 Test Set 18 */ - { 0xb7, 0x3a, 0x90, 0xcb, 0xcf, 0x3a, 0xfb, 0x62, - 0x2d, 0xba, 0x83, 0xc5, 0x8a, 0x84, 0x15, 0xdf }, - { 0xb1, 0x20, 0xf1, 0xc1, 0xa0, 0x10, 0x2a, 0x2f, - 0x50, 0x7d, 0xd5, 0x43, 0xde, 0x68, 0x28, 0x1f }, - { 0xf1, 0xe8, 0xa5, 0x23, 0xa3, 0x6d }, - { 0x47, 0x1b }, - { 0xb6, 0x72, 0x04, 0x7e, 0x00, 0x3b, 0xb9, 0x52, - 0xdc, 0xa6, 0xcb, 0x8a, 0xf0, 0xe5, 0xb7, 0x79 }, - { 0xdf, 0x0c, 0x67, 0x86, 0x8f, 0xa2, 0x5f, 0x74, - 0x8b, 0x70, 0x44, 0xc6, 0xe7, 0xc2, 0x45, 0xb8 }, - { 0xeb, 0xd7, 0x03, 0x41, 0xbc, 0xd4, 0x15, 0xb0 }, - { 0x12, 0x35, 0x9f, 0x5d, 0x82, 0x22, 0x0c, 0x14 }, - { 0x47, 0x9d, 0xd2, 0x5c, 0x20, 0x79, 0x2d, 0x63 }, - { 0x66, 0x19, 0x5d, 0xbe, 0xd0, 0x31, 0x32, 0x74, - 0xc5, 0xca, 0x77, 0x66, 0x61, 0x5f, 0xa2, 0x5e }, - { 0x66, 0xbe, 0xc7, 0x07, 0xeb, 0x2a, 0xfc, 0x47, - 0x6d, 0x74, 0x08, 0xa8, 0xf2, 0x92, 0x7b, 0x36 }, - { 0xae, 0xfd, 0xaa, 0x5d, 0xdd, 0x99 }, - { 0x12, 0xec, 0x2b, 0x87, 0xfb, 0xb1 } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.19 Test Set 19 */ - { 0x51, 0x22, 0x25, 0x02, 0x14, 0xc3, 0x3e, 0x72, - 0x3a, 0x5d, 0xd5, 0x23, 0xfc, 0x14, 0x5f, 0xc0 }, - { 0x81, 0xe9, 0x2b, 0x6c, 0x0e, 0xe0, 0xe1, 0x2e, - 0xbc, 0xeb, 0xa8, 0xd9, 0x2a, 0x99, 0xdf, 0xa5 }, - { 0x16, 0xf3, 0xb3, 0xf7, 0x0f, 0xc2 }, - { 0xc3, 0xab }, - { 0xc9, 0xe8, 0x76, 0x32, 0x86, 0xb5, 0xb9, 0xff, - 0xbd, 0xf5, 0x6e, 0x12, 0x97, 0xd0, 0x88, 0x7b }, - { 0x98, 0x1d, 0x46, 0x4c, 0x7c, 0x52, 0xeb, 0x6e, - 0x50, 0x36, 0x23, 0x49, 0x84, 0xad, 0x0b, 0xcf }, - { 0x2a, 0x5c, 0x23, 0xd1, 0x5e, 0xe3, 0x51, 0xd5 }, - { 0x62, 0xda, 0xe3, 0x85, 0x3f, 0x3a, 0xf9, 0xd2 }, - { 0x28, 0xd7, 0xb0, 0xf2, 0xa2, 0xec, 0x3d, 0xe5 }, - { 0x53, 0x49, 0xfb, 0xe0, 0x98, 0x64, 0x9f, 0x94, - 0x8f, 0x5d, 0x2e, 0x97, 0x3a, 0x81, 0xc0, 0x0f }, - { 0x97, 0x44, 0x87, 0x1a, 0xd3, 0x2b, 0xf9, 0xbb, - 0xd1, 0xdd, 0x5c, 0xe5, 0x4e, 0x3e, 0x2e, 0x5a }, - { 0xad, 0xa1, 0x5a, 0xeb, 0x7b, 0xb8 }, - { 0xd4, 0x61, 0xbc, 0x15, 0x47, 0x5d } - }, { - /* 3GPP TS 35.208 v6.0.0 - 4.3.20 Test Set 20 */ - { 0x90, 0xdc, 0xa4, 0xed, 0xa4, 0x5b, 0x53, 0xcf, - 0x0f, 0x12, 0xd7, 0xc9, 0xc3, 0xbc, 0x6a, 0x89 }, - { 0x9f, 0xdd, 0xc7, 0x20, 0x92, 0xc6, 0xad, 0x03, - 0x6b, 0x6e, 0x46, 0x47, 0x89, 0x31, 0x5b, 0x78 }, - { 0x20, 0xf8, 0x13, 0xbd, 0x41, 0x41 }, - { 0x61, 0xdf }, - { 0x3f, 0xfc, 0xfe, 0x5b, 0x7b, 0x11, 0x11, 0x58, - 0x99, 0x20, 0xd3, 0x52, 0x8e, 0x84, 0xe6, 0x55 }, - { 0xcb, 0x9c, 0xcc, 0xc4, 0xb9, 0x25, 0x8e, 0x6d, - 0xca, 0x47, 0x60, 0x37, 0x9f, 0xb8, 0x25, 0x81 }, - { 0x09, 0xdb, 0x94, 0xea, 0xb4, 0xf8, 0x14, 0x9e }, - { 0xa2, 0x94, 0x68, 0xaa, 0x97, 0x75, 0xb5, 0x27 }, - { 0xa9, 0x51, 0x00, 0xe2, 0x76, 0x09, 0x52, 0xcd }, - { 0xb5, 0xf2, 0xda, 0x03, 0x88, 0x3b, 0x69, 0xf9, - 0x6b, 0xf5, 0x2e, 0x02, 0x9e, 0xd9, 0xac, 0x45 }, - { 0xb4, 0x72, 0x13, 0x68, 0xbc, 0x16, 0xea, 0x67, - 0x87, 0x5c, 0x55, 0x98, 0x68, 0x8b, 0xb0, 0xef }, - { 0x83, 0xcf, 0xd5, 0x4d, 0xb9, 0x13 }, - { 0x4f, 0x20, 0x39, 0x39, 0x2d, 0xdc } - } -}; - -#define NUM_TESTS (sizeof(test_sets) / sizeof(test_sets[0])) - - -int main(int argc, char *argv[]) -{ - u8 buf[16], buf2[16], buf3[16], buf4[16], buf5[16], opc[16]; - u8 auts[14], sqn[6], _rand[16]; - int ret = 0, res, i; - const struct milenage_test_set *t; - size_t res_len; - - wpa_debug_level = 0; - - printf("Milenage test sets\n"); - for (i = 0; i < NUM_TESTS; i++) { - t = &test_sets[i]; - printf("Test Set %d\n", i + 1); - - milenage_opc(t->op, t->k, opc); - if (memcmp(opc, t->opc, 16) != 0) { - printf("- milenage_opc failed\n"); - ret++; - } - - if (milenage_f1(opc, t->k, t->rand, t->sqn, t->amf, buf, buf2) - || memcmp(buf, t->f1, 8) != 0) { - printf("- milenage_f1 failed\n"); - ret++; - } - if (memcmp(buf2, t->f1star, 8) != 0) { - printf("- milenage_f1* failed\n"); - ret++; - } - - if (milenage_f2345(opc, t->k, t->rand, buf, buf2, buf3, buf4, - buf5) || - memcmp(buf, t->f2, 8) != 0) { - printf("- milenage_f2 failed\n"); - ret++; - } - if (memcmp(buf2, t->f3, 16) != 0) { - printf("- milenage_f3 failed\n"); - ret++; - } - if (memcmp(buf3, t->f4, 16) != 0) { - printf("- milenage_f4 failed\n"); - ret++; - } - if (memcmp(buf4, t->f5, 6) != 0) { - printf("- milenage_f5 failed\n"); - ret++; - } - if (memcmp(buf5, t->f5star, 6) != 0) { - printf("- milenage_f5* failed\n"); - ret++; - } - } - - printf("milenage_auts test:\n"); - os_memcpy(auts, "\x4f\x20\x39\x39\x2d\xdd", 6); - os_memcpy(auts + 6, "\x4b\xb4\x31\x6e\xd4\xa1\x46\x88", 8); - res = milenage_auts(t->opc, t->k, t->rand, auts, buf); - printf("AUTS for test set %d: %d / SQN=%02x%02x%02x%02x%02x%02x\n", - i, res, buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); - if (res) - ret++; - - os_memset(_rand, 0xaa, sizeof(_rand)); - os_memcpy(auts, - "\x43\x68\x1a\xd3\xda\xf0\x06\xbc\xde\x40\x5a\x20\x72\x67", - 14); - res = milenage_auts(t->opc, t->k, _rand, auts, buf); - printf("AUTS from a test USIM: %d / SQN=%02x%02x%02x%02x%02x%02x\n", - res, buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); - if (res) - ret++; - - printf("milenage_generate test:\n"); - os_memcpy(sqn, "\x00\x00\x00\x00\x40\x44", 6); - os_memcpy(_rand, "\x12\x69\xb8\x23\x41\x39\x35\x66\xfb\x99\x41\xe9\x84" - "\x4f\xe6\x2f", 16); - res_len = 8; - milenage_generate(t->opc, t->amf, t->k, sqn, _rand, buf, buf2, buf3, - buf4, &res_len); - wpa_hexdump(MSG_DEBUG, "SQN", sqn, 6); - wpa_hexdump(MSG_DEBUG, "RAND", _rand, 16); - wpa_hexdump(MSG_DEBUG, "AUTN", buf, 16); - wpa_hexdump(MSG_DEBUG, "IK", buf2, 16); - wpa_hexdump(MSG_DEBUG, "CK", buf3, 16); - wpa_hexdump(MSG_DEBUG, "RES", buf4, res_len); - - printf("GSM-Milenage test sets\n"); - for (i = 0; i < NUM_GSM_TESTS; i++) { - const struct gsm_milenage_test_set *g; - u8 sres[4], kc[8]; - g = &gsm_test_sets[i]; - printf("Test Set %d\n", i + 1); - gsm_milenage(g->opc, g->ki, g->rand, sres, kc); - if (memcmp(g->kc, kc, 8) != 0) { - printf("- gsm_milenage Kc failed\n"); - ret++; - } -#ifdef GSM_MILENAGE_ALT_SRES - if (memcmp(g->sres2, sres, 4) != 0) { - printf("- gsm_milenage SRES#2 failed\n"); - ret++; - } -#else /* GSM_MILENAGE_ALT_SRES */ - if (memcmp(g->sres1, sres, 4) != 0) { - printf("- gsm_milenage SRES#1 failed\n"); - ret++; - } -#endif /* GSM_MILENAGE_ALT_SRES */ - } - - if (ret) - printf("Something failed\n"); - else - printf("OK\n"); - - return ret; -}  diff --git a/tests/test-ms_funcs.c b/tests/test-ms_funcs.c deleted file mode 100644 index b740bc9..0000000 --- a/tests/test-ms_funcs.c +++ /dev/null  @@ -1,114 +0,0 @@ -/* - * Test program for ms_funcs - * Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "crypto/ms_funcs.c" - - -int main(int argc, char *argv[]) -{ - /* Test vector from RFC2759 example */ - char *username = "User"; - char *password = "clientPass"; - u8 auth_challenge[] = { - 0x5B, 0x5D, 0x7C, 0x7D, 0x7B, 0x3F, 0x2F, 0x3E, - 0x3C, 0x2C, 0x60, 0x21, 0x32, 0x26, 0x26, 0x28 - }; - u8 peer_challenge[] = { - 0x21, 0x40, 0x23, 0x24, 0x25, 0x5E, 0x26, 0x2A, - 0x28, 0x29, 0x5F, 0x2B, 0x3A, 0x33, 0x7C, 0x7E - }; - u8 challenge[] = { 0xD0, 0x2E, 0x43, 0x86, 0xBC, 0xE9, 0x12, 0x26 }; - u8 password_hash[] = { - 0x44, 0xEB, 0xBA, 0x8D, 0x53, 0x12, 0xB8, 0xD6, - 0x11, 0x47, 0x44, 0x11, 0xF5, 0x69, 0x89, 0xAE - }; - u8 nt_response[] = { - 0x82, 0x30, 0x9E, 0xCD, 0x8D, 0x70, 0x8B, 0x5E, - 0xA0, 0x8F, 0xAA, 0x39, 0x81, 0xCD, 0x83, 0x54, - 0x42, 0x33, 0x11, 0x4A, 0x3D, 0x85, 0xD6, 0xDF - }; - u8 password_hash_hash[] = { - 0x41, 0xC0, 0x0C, 0x58, 0x4B, 0xD2, 0xD9, 0x1C, - 0x40, 0x17, 0xA2, 0xA1, 0x2F, 0xA5, 0x9F, 0x3F - }; - u8 authenticator_response[] = { - 0x40, 0x7A, 0x55, 0x89, 0x11, 0x5F, 0xD0, 0xD6, - 0x20, 0x9F, 0x51, 0x0F, 0xE9, 0xC0, 0x45, 0x66, - 0x93, 0x2C, 0xDA, 0x56 - }; - u8 master_key[] = { - 0xFD, 0xEC, 0xE3, 0x71, 0x7A, 0x8C, 0x83, 0x8C, - 0xB3, 0x88, 0xE5, 0x27, 0xAE, 0x3C, 0xDD, 0x31 - }; - u8 send_start_key[] = { - 0x8B, 0x7C, 0xDC, 0x14, 0x9B, 0x99, 0x3A, 0x1B, - 0xA1, 0x18, 0xCB, 0x15, 0x3F, 0x56, 0xDC, 0xCB - }; - u8 buf[32]; - - int errors = 0; - - printf("Testing ms_funcs.c\n"); - - if (challenge_hash(peer_challenge, auth_challenge, - (u8 *) username, strlen(username), - buf) || - memcmp(challenge, buf, sizeof(challenge)) != 0) { - printf("challenge_hash failed\n"); - errors++; - } - - if (nt_password_hash((u8 *) password, strlen(password), buf) || - memcmp(password_hash, buf, sizeof(password_hash)) != 0) { - printf("nt_password_hash failed\n"); - errors++; - } - - if (generate_nt_response(auth_challenge, peer_challenge, - (u8 *) username, strlen(username), - (u8 *) password, strlen(password), - buf) || - memcmp(nt_response, buf, sizeof(nt_response)) != 0) { - printf("generate_nt_response failed\n"); - errors++; - } - - if (hash_nt_password_hash(password_hash, buf) || - memcmp(password_hash_hash, buf, sizeof(password_hash_hash)) != 0) { - printf("hash_nt_password_hash failed\n"); - errors++; - } - - if (generate_authenticator_response((u8 *) password, strlen(password), - peer_challenge, auth_challenge, - (u8 *) username, strlen(username), - nt_response, buf) || - memcmp(authenticator_response, buf, sizeof(authenticator_response)) - != 0) { - printf("generate_authenticator_response failed\n"); - errors++; - } - - if (get_master_key(password_hash_hash, nt_response, buf) || - memcmp(master_key, buf, sizeof(master_key)) != 0) { - printf("get_master_key failed\n"); - errors++; - } - - if (get_asymetric_start_key(master_key, buf, sizeof(send_start_key), - 1, 1) || - memcmp(send_start_key, buf, sizeof(send_start_key)) != 0) { - printf("get_asymetric_start_key failed\n"); - errors++; - } - - if (errors) - printf("FAILED! %d errors\n", errors); - - return errors; -}  diff --git a/tests/test-rc4.c b/tests/test-rc4.c deleted file mode 100644 index 6ac2ef3..0000000 --- a/tests/test-rc4.c +++ /dev/null  @@ -1,250 +0,0 @@ -/* - * Test program for RC4 - * Copyright (c) 2011, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "crypto/crypto.h" - - -struct rc4_test_vector { - size_t key_len; - const u8 *key; - const u8 *stream0; - const u8 *stream240; - const u8 *stream496; - const u8 *stream752; - const u8 *stream1008; - const u8 *stream1520; - const u8 *stream2032; - const u8 *stream3056; - const u8 *stream4080; -}; - -/* RFC 6229 test vectors */ -static const struct rc4_test_vector tests[] = { - { - 5, (u8 *) "\x01\x02\x03\x04\x05", - (u8 *) "\xb2\x39\x63\x05\xf0\x3d\xc0\x27\xcc\xc3\x52\x4a\x0a\x11\x18\xa8\x69\x82\x94\x4f\x18\xfc\x82\xd5\x89\xc4\x03\xa4\x7a\x0d\x09\x19", - (u8 *) "\x28\xcb\x11\x32\xc9\x6c\xe2\x86\x42\x1d\xca\xad\xb8\xb6\x9e\xae\x1c\xfc\xf6\x2b\x03\xed\xdb\x64\x1d\x77\xdf\xcf\x7f\x8d\x8c\x93", - (u8 *) "\x42\xb7\xd0\xcd\xd9\x18\xa8\xa3\x3d\xd5\x17\x81\xc8\x1f\x40\x41\x64\x59\x84\x44\x32\xa7\xda\x92\x3c\xfb\x3e\xb4\x98\x06\x61\xf6", - (u8 *) "\xec\x10\x32\x7b\xde\x2b\xee\xfd\x18\xf9\x27\x76\x80\x45\x7e\x22\xeb\x62\x63\x8d\x4f\x0b\xa1\xfe\x9f\xca\x20\xe0\x5b\xf8\xff\x2b", - (u8 *) "\x45\x12\x90\x48\xe6\xa0\xed\x0b\x56\xb4\x90\x33\x8f\x07\x8d\xa5\x30\xab\xbc\xc7\xc2\x0b\x01\x60\x9f\x23\xee\x2d\x5f\x6b\xb7\xdf", - (u8 *) "\x32\x94\xf7\x44\xd8\xf9\x79\x05\x07\xe7\x0f\x62\xe5\xbb\xce\xea\xd8\x72\x9d\xb4\x18\x82\x25\x9b\xee\x4f\x82\x53\x25\xf5\xa1\x30", - (u8 *) "\x1e\xb1\x4a\x0c\x13\xb3\xbf\x47\xfa\x2a\x0b\xa9\x3a\xd4\x5b\x8b\xcc\x58\x2f\x8b\xa9\xf2\x65\xe2\xb1\xbe\x91\x12\xe9\x75\xd2\xd7", - (u8 *) "\xf2\xe3\x0f\x9b\xd1\x02\xec\xbf\x75\xaa\xad\xe9\xbc\x35\xc4\x3c\xec\x0e\x11\xc4\x79\xdc\x32\x9d\xc8\xda\x79\x68\xfe\x96\x56\x81", - (u8 *) "\x06\x83\x26\xa2\x11\x84\x16\xd2\x1f\x9d\x04\xb2\xcd\x1c\xa0\x50\xff\x25\xb5\x89\x95\x99\x67\x07\xe5\x1f\xbd\xf0\x8b\x34\xd8\x75" - }, - { - 7, (u8 *) "\x01\x02\x03\x04\x05\x06\x07", - (u8 *) "\x29\x3f\x02\xd4\x7f\x37\xc9\xb6\x33\xf2\xaf\x52\x85\xfe\xb4\x6b\xe6\x20\xf1\x39\x0d\x19\xbd\x84\xe2\xe0\xfd\x75\x20\x31\xaf\xc1", - (u8 *) "\x91\x4f\x02\x53\x1c\x92\x18\x81\x0d\xf6\x0f\x67\xe3\x38\x15\x4c\xd0\xfd\xb5\x83\x07\x3c\xe8\x5a\xb8\x39\x17\x74\x0e\xc0\x11\xd5", - (u8 *) "\x75\xf8\x14\x11\xe8\x71\xcf\xfa\x70\xb9\x0c\x74\xc5\x92\xe4\x54\x0b\xb8\x72\x02\x93\x8d\xad\x60\x9e\x87\xa5\xa1\xb0\x79\xe5\xe4", - (u8 *) "\xc2\x91\x12\x46\xb6\x12\xe7\xe7\xb9\x03\xdf\xed\xa1\xda\xd8\x66\x32\x82\x8f\x91\x50\x2b\x62\x91\x36\x8d\xe8\x08\x1d\xe3\x6f\xc2", - (u8 *) "\xf3\xb9\xa7\xe3\xb2\x97\xbf\x9a\xd8\x04\x51\x2f\x90\x63\xef\xf1\x8e\xcb\x67\xa9\xba\x1f\x55\xa5\xa0\x67\xe2\xb0\x26\xa3\x67\x6f", - (u8 *) "\xd2\xaa\x90\x2b\xd4\x2d\x0d\x7c\xfd\x34\x0c\xd4\x58\x10\x52\x9f\x78\xb2\x72\xc9\x6e\x42\xea\xb4\xc6\x0b\xd9\x14\xe3\x9d\x06\xe3", - (u8 *) "\xf4\x33\x2f\xd3\x1a\x07\x93\x96\xee\x3c\xee\x3f\x2a\x4f\xf0\x49\x05\x45\x97\x81\xd4\x1f\xda\x7f\x30\xc1\xbe\x7e\x12\x46\xc6\x23", - (u8 *) "\xad\xfd\x38\x68\xb8\xe5\x14\x85\xd5\xe6\x10\x01\x7e\x3d\xd6\x09\xad\x26\x58\x1c\x0c\x5b\xe4\x5f\x4c\xea\x01\xdb\x2f\x38\x05\xd5", - (u8 *) "\xf3\x17\x2c\xef\xfc\x3b\x3d\x99\x7c\x85\xcc\xd5\xaf\x1a\x95\x0c\xe7\x4b\x0b\x97\x31\x22\x7f\xd3\x7c\x0e\xc0\x8a\x47\xdd\xd8\xb8" - }, - { - 8, (u8 *) "\x01\x02\x03\x04\x05\x06\x07\x08", - (u8 *) "\x97\xab\x8a\x1b\xf0\xaf\xb9\x61\x32\xf2\xf6\x72\x58\xda\x15\xa8\x82\x63\xef\xdb\x45\xc4\xa1\x86\x84\xef\x87\xe6\xb1\x9e\x5b\x09", - (u8 *) "\x96\x36\xeb\xc9\x84\x19\x26\xf4\xf7\xd1\xf3\x62\xbd\xdf\x6e\x18\xd0\xa9\x90\xff\x2c\x05\xfe\xf5\xb9\x03\x73\xc9\xff\x4b\x87\x0a", - (u8 *) "\x73\x23\x9f\x1d\xb7\xf4\x1d\x80\xb6\x43\xc0\xc5\x25\x18\xec\x63\x16\x3b\x31\x99\x23\xa6\xbd\xb4\x52\x7c\x62\x61\x26\x70\x3c\x0f", - (u8 *) "\x49\xd6\xc8\xaf\x0f\x97\x14\x4a\x87\xdf\x21\xd9\x14\x72\xf9\x66\x44\x17\x3a\x10\x3b\x66\x16\xc5\xd5\xad\x1c\xee\x40\xc8\x63\xd0", - (u8 *) "\x27\x3c\x9c\x4b\x27\xf3\x22\xe4\xe7\x16\xef\x53\xa4\x7d\xe7\xa4\xc6\xd0\xe7\xb2\x26\x25\x9f\xa9\x02\x34\x90\xb2\x61\x67\xad\x1d", - (u8 *) "\x1f\xe8\x98\x67\x13\xf0\x7c\x3d\x9a\xe1\xc1\x63\xff\x8c\xf9\xd3\x83\x69\xe1\xa9\x65\x61\x0b\xe8\x87\xfb\xd0\xc7\x91\x62\xaa\xfb", - (u8 *) "\x0a\x01\x27\xab\xb4\x44\x84\xb9\xfb\xef\x5a\xbc\xae\x1b\x57\x9f\xc2\xcd\xad\xc6\x40\x2e\x8e\xe8\x66\xe1\xf3\x7b\xdb\x47\xe4\x2c", - (u8 *) "\x26\xb5\x1e\xa3\x7d\xf8\xe1\xd6\xf7\x6f\xc3\xb6\x6a\x74\x29\xb3\xbc\x76\x83\x20\x5d\x4f\x44\x3d\xc1\xf2\x9d\xda\x33\x15\xc8\x7b", - (u8 *) "\xd5\xfa\x5a\x34\x69\xd2\x9a\xaa\xf8\x3d\x23\x58\x9d\xb8\xc8\x5b\x3f\xb4\x6e\x2c\x8f\x0f\x06\x8e\xdc\xe8\xcd\xcd\x7d\xfc\x58\x62" - }, - { - 10, (u8 *) "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a", - (u8 *) "\xed\xe3\xb0\x46\x43\xe5\x86\xcc\x90\x7d\xc2\x18\x51\x70\x99\x02\x03\x51\x6b\xa7\x8f\x41\x3b\xeb\x22\x3a\xa5\xd4\xd2\xdf\x67\x11", - (u8 *) "\x3c\xfd\x6c\xb5\x8e\xe0\xfd\xde\x64\x01\x76\xad\x00\x00\x04\x4d\x48\x53\x2b\x21\xfb\x60\x79\xc9\x11\x4c\x0f\xfd\x9c\x04\xa1\xad", - (u8 *) "\x3e\x8c\xea\x98\x01\x71\x09\x97\x90\x84\xb1\xef\x92\xf9\x9d\x86\xe2\x0f\xb4\x9b\xdb\x33\x7e\xe4\x8b\x8d\x8d\xc0\xf4\xaf\xef\xfe", - (u8 *) "\x5c\x25\x21\xea\xcd\x79\x66\xf1\x5e\x05\x65\x44\xbe\xa0\xd3\x15\xe0\x67\xa7\x03\x19\x31\xa2\x46\xa6\xc3\x87\x5d\x2f\x67\x8a\xcb", - (u8 *) "\xa6\x4f\x70\xaf\x88\xae\x56\xb6\xf8\x75\x81\xc0\xe2\x3e\x6b\x08\xf4\x49\x03\x1d\xe3\x12\x81\x4e\xc6\xf3\x19\x29\x1f\x4a\x05\x16", - (u8 *) "\xbd\xae\x85\x92\x4b\x3c\xb1\xd0\xa2\xe3\x3a\x30\xc6\xd7\x95\x99\x8a\x0f\xed\xdb\xac\x86\x5a\x09\xbc\xd1\x27\xfb\x56\x2e\xd6\x0a", - (u8 *) "\xb5\x5a\x0a\x5b\x51\xa1\x2a\x8b\xe3\x48\x99\xc3\xe0\x47\x51\x1a\xd9\xa0\x9c\xea\x3c\xe7\x5f\xe3\x96\x98\x07\x03\x17\xa7\x13\x39", - (u8 *) "\x55\x22\x25\xed\x11\x77\xf4\x45\x84\xac\x8c\xfa\x6c\x4e\xb5\xfc\x7e\x82\xcb\xab\xfc\x95\x38\x1b\x08\x09\x98\x44\x21\x29\xc2\xf8", - (u8 *) "\x1f\x13\x5e\xd1\x4c\xe6\x0a\x91\x36\x9d\x23\x22\xbe\xf2\x5e\x3c\x08\xb6\xbe\x45\x12\x4a\x43\xe2\xeb\x77\x95\x3f\x84\xdc\x85\x53" - }, - { - 16, (u8 *) "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10", - (u8 *) "\x9a\xc7\xcc\x9a\x60\x9d\x1e\xf7\xb2\x93\x28\x99\xcd\xe4\x1b\x97\x52\x48\xc4\x95\x90\x14\x12\x6a\x6e\x8a\x84\xf1\x1d\x1a\x9e\x1c", - (u8 *) "\x06\x59\x02\xe4\xb6\x20\xf6\xcc\x36\xc8\x58\x9f\x66\x43\x2f\x2b\xd3\x9d\x56\x6b\xc6\xbc\xe3\x01\x07\x68\x15\x15\x49\xf3\x87\x3f", - (u8 *) "\xb6\xd1\xe6\xc4\xa5\xe4\x77\x1c\xad\x79\x53\x8d\xf2\x95\xfb\x11\xc6\x8c\x1d\x5c\x55\x9a\x97\x41\x23\xdf\x1d\xbc\x52\xa4\x3b\x89", - (u8 *) "\xc5\xec\xf8\x8d\xe8\x97\xfd\x57\xfe\xd3\x01\x70\x1b\x82\xa2\x59\xec\xcb\xe1\x3d\xe1\xfc\xc9\x1c\x11\xa0\xb2\x6c\x0b\xc8\xfa\x4d", - (u8 *) "\xe7\xa7\x25\x74\xf8\x78\x2a\xe2\x6a\xab\xcf\x9e\xbc\xd6\x60\x65\xbd\xf0\x32\x4e\x60\x83\xdc\xc6\xd3\xce\xdd\x3c\xa8\xc5\x3c\x16", - (u8 *) "\xb4\x01\x10\xc4\x19\x0b\x56\x22\xa9\x61\x16\xb0\x01\x7e\xd2\x97\xff\xa0\xb5\x14\x64\x7e\xc0\x4f\x63\x06\xb8\x92\xae\x66\x11\x81", - (u8 *) "\xd0\x3d\x1b\xc0\x3c\xd3\x3d\x70\xdf\xf9\xfa\x5d\x71\x96\x3e\xbd\x8a\x44\x12\x64\x11\xea\xa7\x8b\xd5\x1e\x8d\x87\xa8\x87\x9b\xf5", - (u8 *) "\xfa\xbe\xb7\x60\x28\xad\xe2\xd0\xe4\x87\x22\xe4\x6c\x46\x15\xa3\xc0\x5d\x88\xab\xd5\x03\x57\xf9\x35\xa6\x3c\x59\xee\x53\x76\x23", - (u8 *) "\xff\x38\x26\x5c\x16\x42\xc1\xab\xe8\xd3\xc2\xfe\x5e\x57\x2b\xf8\xa3\x6a\x4c\x30\x1a\xe8\xac\x13\x61\x0c\xcb\xc1\x22\x56\xca\xcc" - }, - { - 24, (u8 *) "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18", - (u8 *) "\x05\x95\xe5\x7f\xe5\xf0\xbb\x3c\x70\x6e\xda\xc8\xa4\xb2\xdb\x11\xdf\xde\x31\x34\x4a\x1a\xf7\x69\xc7\x4f\x07\x0a\xee\x9e\x23\x26", - (u8 *) "\xb0\x6b\x9b\x1e\x19\x5d\x13\xd8\xf4\xa7\x99\x5c\x45\x53\xac\x05\x6b\xd2\x37\x8e\xc3\x41\xc9\xa4\x2f\x37\xba\x79\xf8\x8a\x32\xff", - (u8 *) "\xe7\x0b\xce\x1d\xf7\x64\x5a\xdb\x5d\x2c\x41\x30\x21\x5c\x35\x22\x9a\x57\x30\xc7\xfc\xb4\xc9\xaf\x51\xff\xda\x89\xc7\xf1\xad\x22", - (u8 *) "\x04\x85\x05\x5f\xd4\xf6\xf0\xd9\x63\xef\x5a\xb9\xa5\x47\x69\x82\x59\x1f\xc6\x6b\xcd\xa1\x0e\x45\x2b\x03\xd4\x55\x1f\x6b\x62\xac", - (u8 *) "\x27\x53\xcc\x83\x98\x8a\xfa\x3e\x16\x88\xa1\xd3\xb4\x2c\x9a\x02\x93\x61\x0d\x52\x3d\x1d\x3f\x00\x62\xb3\xc2\xa3\xbb\xc7\xc7\xf0", - (u8 *) "\x96\xc2\x48\x61\x0a\xad\xed\xfe\xaf\x89\x78\xc0\x3d\xe8\x20\x5a\x0e\x31\x7b\x3d\x1c\x73\xb9\xe9\xa4\x68\x8f\x29\x6d\x13\x3a\x19", - (u8 *) "\xbd\xf0\xe6\xc3\xcc\xa5\xb5\xb9\xd5\x33\xb6\x9c\x56\xad\xa1\x20\x88\xa2\x18\xb6\xe2\xec\xe1\xe6\x24\x6d\x44\xc7\x59\xd1\x9b\x10", - (u8 *) "\x68\x66\x39\x7e\x95\xc1\x40\x53\x4f\x94\x26\x34\x21\x00\x6e\x40\x32\xcb\x0a\x1e\x95\x42\xc6\xb3\xb8\xb3\x98\xab\xc3\xb0\xf1\xd5", - (u8 *) "\x29\xa0\xb8\xae\xd5\x4a\x13\x23\x24\xc6\x2e\x42\x3f\x54\xb4\xc8\x3c\xb0\xf3\xb5\x02\x0a\x98\xb8\x2a\xf9\xfe\x15\x44\x84\xa1\x68" - }, - { - 32, (u8 *) "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20", - (u8 *) "\xea\xa6\xbd\x25\x88\x0b\xf9\x3d\x3f\x5d\x1e\x4c\xa2\x61\x1d\x91\xcf\xa4\x5c\x9f\x7e\x71\x4b\x54\xbd\xfa\x80\x02\x7c\xb1\x43\x80", - (u8 *) "\x11\x4a\xe3\x44\xde\xd7\x1b\x35\xf2\xe6\x0f\xeb\xad\x72\x7f\xd8\x02\xe1\xe7\x05\x6b\x0f\x62\x39\x00\x49\x64\x22\x94\x3e\x97\xb6", - (u8 *) "\x91\xcb\x93\xc7\x87\x96\x4e\x10\xd9\x52\x7d\x99\x9c\x6f\x93\x6b\x49\xb1\x8b\x42\xf8\xe8\x36\x7c\xbe\xb5\xef\x10\x4b\xa1\xc7\xcd", - (u8 *) "\x87\x08\x4b\x3b\xa7\x00\xba\xde\x95\x56\x10\x67\x27\x45\xb3\x74\xe7\xa7\xb9\xe9\xec\x54\x0d\x5f\xf4\x3b\xdb\x12\x79\x2d\x1b\x35", - (u8 *) "\xc7\x99\xb5\x96\x73\x8f\x6b\x01\x8c\x76\xc7\x4b\x17\x59\xbd\x90\x7f\xec\x5b\xfd\x9f\x9b\x89\xce\x65\x48\x30\x90\x92\xd7\xe9\x58", - (u8 *) "\x40\xf2\x50\xb2\x6d\x1f\x09\x6a\x4a\xfd\x4c\x34\x0a\x58\x88\x15\x3e\x34\x13\x5c\x79\xdb\x01\x02\x00\x76\x76\x51\xcf\x26\x30\x73", - (u8 *) "\xf6\x56\xab\xcc\xf8\x8d\xd8\x27\x02\x7b\x2c\xe9\x17\xd4\x64\xec\x18\xb6\x25\x03\xbf\xbc\x07\x7f\xba\xbb\x98\xf2\x0d\x98\xab\x34", - (u8 *) "\x8a\xed\x95\xee\x5b\x0d\xcb\xfb\xef\x4e\xb2\x1d\x3a\x3f\x52\xf9\x62\x5a\x1a\xb0\x0e\xe3\x9a\x53\x27\x34\x6b\xdd\xb0\x1a\x9c\x18", - (u8 *) "\xa1\x3a\x7c\x79\xc7\xe1\x19\xb5\xab\x02\x96\xab\x28\xc3\x00\xb9\xf3\xe4\xc0\xa2\xe0\x2d\x1d\x01\xf7\xf0\xa7\x46\x18\xaf\x2b\x48" - }, - { - 5, (u8 *) "\x83\x32\x22\x77\x2a", - (u8 *) "\x80\xad\x97\xbd\xc9\x73\xdf\x8a\x2e\x87\x9e\x92\xa4\x97\xef\xda\x20\xf0\x60\xc2\xf2\xe5\x12\x65\x01\xd3\xd4\xfe\xa1\x0d\x5f\xc0", - (u8 *) "\xfa\xa1\x48\xe9\x90\x46\x18\x1f\xec\x6b\x20\x85\xf3\xb2\x0e\xd9\xf0\xda\xf5\xba\xb3\xd5\x96\x83\x98\x57\x84\x6f\x73\xfb\xfe\x5a", - (u8 *) "\x1c\x7e\x2f\xc4\x63\x92\x32\xfe\x29\x75\x84\xb2\x96\x99\x6b\xc8\x3d\xb9\xb2\x49\x40\x6c\xc8\xed\xff\xac\x55\xcc\xd3\x22\xba\x12", - (u8 *) "\xe4\xf9\xf7\xe0\x06\x61\x54\xbb\xd1\x25\xb7\x45\x56\x9b\xc8\x97\x75\xd5\xef\x26\x2b\x44\xc4\x1a\x9c\xf6\x3a\xe1\x45\x68\xe1\xb9", - (u8 *) "\x6d\xa4\x53\xdb\xf8\x1e\x82\x33\x4a\x3d\x88\x66\xcb\x50\xa1\xe3\x78\x28\xd0\x74\x11\x9c\xab\x5c\x22\xb2\x94\xd7\xa9\xbf\xa0\xbb", - (u8 *) "\xad\xb8\x9c\xea\x9a\x15\xfb\xe6\x17\x29\x5b\xd0\x4b\x8c\xa0\x5c\x62\x51\xd8\x7f\xd4\xaa\xae\x9a\x7e\x4a\xd5\xc2\x17\xd3\xf3\x00", - (u8 *) "\xe7\x11\x9b\xd6\xdd\x9b\x22\xaf\xe8\xf8\x95\x85\x43\x28\x81\xe2\x78\x5b\x60\xfd\x7e\xc4\xe9\xfc\xb6\x54\x5f\x35\x0d\x66\x0f\xab", - (u8 *) "\xaf\xec\xc0\x37\xfd\xb7\xb0\x83\x8e\xb3\xd7\x0b\xcd\x26\x83\x82\xdb\xc1\xa7\xb4\x9d\x57\x35\x8c\xc9\xfa\x6d\x61\xd7\x3b\x7c\xf0", - (u8 *) "\x63\x49\xd1\x26\xa3\x7a\xfc\xba\x89\x79\x4f\x98\x04\x91\x4f\xdc\xbf\x42\xc3\x01\x8c\x2f\x7c\x66\xbf\xde\x52\x49\x75\x76\x81\x15" - }, - { - 7, (u8 *) "\x19\x10\x83\x32\x22\x77\x2a", - (u8 *) "\xbc\x92\x22\xdb\xd3\x27\x4d\x8f\xc6\x6d\x14\xcc\xbd\xa6\x69\x0b\x7a\xe6\x27\x41\x0c\x9a\x2b\xe6\x93\xdf\x5b\xb7\x48\x5a\x63\xe3", - (u8 *) "\x3f\x09\x31\xaa\x03\xde\xfb\x30\x0f\x06\x01\x03\x82\x6f\x2a\x64\xbe\xaa\x9e\xc8\xd5\x9b\xb6\x81\x29\xf3\x02\x7c\x96\x36\x11\x81", - (u8 *) "\x74\xe0\x4d\xb4\x6d\x28\x64\x8d\x7d\xee\x8a\x00\x64\xb0\x6c\xfe\x9b\x5e\x81\xc6\x2f\xe0\x23\xc5\x5b\xe4\x2f\x87\xbb\xf9\x32\xb8", - (u8 *) "\xce\x17\x8f\xc1\x82\x6e\xfe\xcb\xc1\x82\xf5\x79\x99\xa4\x61\x40\x8b\xdf\x55\xcd\x55\x06\x1c\x06\xdb\xa6\xbe\x11\xde\x4a\x57\x8a", - (u8 *) "\x62\x6f\x5f\x4d\xce\x65\x25\x01\xf3\x08\x7d\x39\xc9\x2c\xc3\x49\x42\xda\xac\x6a\x8f\x9a\xb9\xa7\xfd\x13\x7c\x60\x37\x82\x56\x82", - (u8 *) "\xcc\x03\xfd\xb7\x91\x92\xa2\x07\x31\x2f\x53\xf5\xd4\xdc\x33\xd9\xf7\x0f\x14\x12\x2a\x1c\x98\xa3\x15\x5d\x28\xb8\xa0\xa8\xa4\x1d", - (u8 *) "\x2a\x3a\x30\x7a\xb2\x70\x8a\x9c\x00\xfe\x0b\x42\xf9\xc2\xd6\xa1\x86\x26\x17\x62\x7d\x22\x61\xea\xb0\xb1\x24\x65\x97\xca\x0a\xe9", - (u8 *) "\x55\xf8\x77\xce\x4f\x2e\x1d\xdb\xbf\x8e\x13\xe2\xcd\xe0\xfd\xc8\x1b\x15\x56\xcb\x93\x5f\x17\x33\x37\x70\x5f\xbb\x5d\x50\x1f\xc1", - (u8 *) "\xec\xd0\xe9\x66\x02\xbe\x7f\x8d\x50\x92\x81\x6c\xcc\xf2\xc2\xe9\x02\x78\x81\xfa\xb4\x99\x3a\x1c\x26\x20\x24\xa9\x4f\xff\x3f\x61" - }, - { - 8, (u8 *) "\x64\x19\x10\x83\x32\x22\x77\x2a", - (u8 *) "\xbb\xf6\x09\xde\x94\x13\x17\x2d\x07\x66\x0c\xb6\x80\x71\x69\x26\x46\x10\x1a\x6d\xab\x43\x11\x5d\x6c\x52\x2b\x4f\xe9\x36\x04\xa9", - (u8 *) "\xcb\xe1\xff\xf2\x1c\x96\xf3\xee\xf6\x1e\x8f\xe0\x54\x2c\xbd\xf0\x34\x79\x38\xbf\xfa\x40\x09\xc5\x12\xcf\xb4\x03\x4b\x0d\xd1\xa7", - (u8 *) "\x78\x67\xa7\x86\xd0\x0a\x71\x47\x90\x4d\x76\xdd\xf1\xe5\x20\xe3\x8d\x3e\x9e\x1c\xae\xfc\xcc\xb3\xfb\xf8\xd1\x8f\x64\x12\x0b\x32", - (u8 *) "\x94\x23\x37\xf8\xfd\x76\xf0\xfa\xe8\xc5\x2d\x79\x54\x81\x06\x72\xb8\x54\x8c\x10\xf5\x16\x67\xf6\xe6\x0e\x18\x2f\xa1\x9b\x30\xf7", - (u8 *) "\x02\x11\xc7\xc6\x19\x0c\x9e\xfd\x12\x37\xc3\x4c\x8f\x2e\x06\xc4\xbd\xa6\x4f\x65\x27\x6d\x2a\xac\xb8\xf9\x02\x12\x20\x3a\x80\x8e", - (u8 *) "\xbd\x38\x20\xf7\x32\xff\xb5\x3e\xc1\x93\xe7\x9d\x33\xe2\x7c\x73\xd0\x16\x86\x16\x86\x19\x07\xd4\x82\xe3\x6c\xda\xc8\xcf\x57\x49", - (u8 *) "\x97\xb0\xf0\xf2\x24\xb2\xd2\x31\x71\x14\x80\x8f\xb0\x3a\xf7\xa0\xe5\x96\x16\xe4\x69\x78\x79\x39\xa0\x63\xce\xea\x9a\xf9\x56\xd1", - (u8 *) "\xc4\x7e\x0d\xc1\x66\x09\x19\xc1\x11\x01\x20\x8f\x9e\x69\xaa\x1f\x5a\xe4\xf1\x28\x96\xb8\x37\x9a\x2a\xad\x89\xb5\xb5\x53\xd6\xb0", - (u8 *) "\x6b\x6b\x09\x8d\x0c\x29\x3b\xc2\x99\x3d\x80\xbf\x05\x18\xb6\xd9\x81\x70\xcc\x3c\xcd\x92\xa6\x98\x62\x1b\x93\x9d\xd3\x8f\xe7\xb9" - }, - { - 10, (u8 *) "\x8b\x37\x64\x19\x10\x83\x32\x22\x77\x2a", - (u8 *) "\xab\x65\xc2\x6e\xdd\xb2\x87\x60\x0d\xb2\xfd\xa1\x0d\x1e\x60\x5c\xbb\x75\x90\x10\xc2\x96\x58\xf2\xc7\x2d\x93\xa2\xd1\x6d\x29\x30", - (u8 *) "\xb9\x01\xe8\x03\x6e\xd1\xc3\x83\xcd\x3c\x4c\x4d\xd0\xa6\xab\x05\x3d\x25\xce\x49\x22\x92\x4c\x55\xf0\x64\x94\x33\x53\xd7\x8a\x6c", - (u8 *) "\x12\xc1\xaa\x44\xbb\xf8\x7e\x75\xe6\x11\xf6\x9b\x2c\x38\xf4\x9b\x28\xf2\xb3\x43\x4b\x65\xc0\x98\x77\x47\x00\x44\xc6\xea\x17\x0d", - (u8 *) "\xbd\x9e\xf8\x22\xde\x52\x88\x19\x61\x34\xcf\x8a\xf7\x83\x93\x04\x67\x55\x9c\x23\xf0\x52\x15\x84\x70\xa2\x96\xf7\x25\x73\x5a\x32", - (u8 *) "\x8b\xab\x26\xfb\xc2\xc1\x2b\x0f\x13\xe2\xab\x18\x5e\xab\xf2\x41\x31\x18\x5a\x6d\x69\x6f\x0c\xfa\x9b\x42\x80\x8b\x38\xe1\x32\xa2", - (u8 *) "\x56\x4d\x3d\xae\x18\x3c\x52\x34\xc8\xaf\x1e\x51\x06\x1c\x44\xb5\x3c\x07\x78\xa7\xb5\xf7\x2d\x3c\x23\xa3\x13\x5c\x7d\x67\xb9\xf4", - (u8 *) "\xf3\x43\x69\x89\x0f\xcf\x16\xfb\x51\x7d\xca\xae\x44\x63\xb2\xdd\x02\xf3\x1c\x81\xe8\x20\x07\x31\xb8\x99\xb0\x28\xe7\x91\xbf\xa7", - (u8 *) "\x72\xda\x64\x62\x83\x22\x8c\x14\x30\x08\x53\x70\x17\x95\x61\x6f\x4e\x0a\x8c\x6f\x79\x34\xa7\x88\xe2\x26\x5e\x81\xd6\xd0\xc8\xf4", - (u8 *) "\x43\x8d\xd5\xea\xfe\xa0\x11\x1b\x6f\x36\xb4\xb9\x38\xda\x2a\x68\x5f\x6b\xfc\x73\x81\x58\x74\xd9\x71\x00\xf0\x86\x97\x93\x57\xd8" - }, - { - 16, (u8 *) "\xeb\xb4\x62\x27\xc6\xcc\x8b\x37\x64\x19\x10\x83\x32\x22\x77\x2a", - (u8 *) "\x72\x0c\x94\xb6\x3e\xdf\x44\xe1\x31\xd9\x50\xca\x21\x1a\x5a\x30\xc3\x66\xfd\xea\xcf\x9c\xa8\x04\x36\xbe\x7c\x35\x84\x24\xd2\x0b", - (u8 *) "\xb3\x39\x4a\x40\xaa\xbf\x75\xcb\xa4\x22\x82\xef\x25\xa0\x05\x9f\x48\x47\xd8\x1d\xa4\x94\x2d\xbc\x24\x9d\xef\xc4\x8c\x92\x2b\x9f", - (u8 *) "\x08\x12\x8c\x46\x9f\x27\x53\x42\xad\xda\x20\x2b\x2b\x58\xda\x95\x97\x0d\xac\xef\x40\xad\x98\x72\x3b\xac\x5d\x69\x55\xb8\x17\x61", - (u8 *) "\x3c\xb8\x99\x93\xb0\x7b\x0c\xed\x93\xde\x13\xd2\xa1\x10\x13\xac\xef\x2d\x67\x6f\x15\x45\xc2\xc1\x3d\xc6\x80\xa0\x2f\x4a\xdb\xfe", - (u8 *) "\xb6\x05\x95\x51\x4f\x24\xbc\x9f\xe5\x22\xa6\xca\xd7\x39\x36\x44\xb5\x15\xa8\xc5\x01\x17\x54\xf5\x90\x03\x05\x8b\xdb\x81\x51\x4e", - (u8 *) "\x3c\x70\x04\x7e\x8c\xbc\x03\x8e\x3b\x98\x20\xdb\x60\x1d\xa4\x95\x11\x75\xda\x6e\xe7\x56\xde\x46\xa5\x3e\x2b\x07\x56\x60\xb7\x70", - (u8 *) "\x00\xa5\x42\xbb\xa0\x21\x11\xcc\x2c\x65\xb3\x8e\xbd\xba\x58\x7e\x58\x65\xfd\xbb\x5b\x48\x06\x41\x04\xe8\x30\xb3\x80\xf2\xae\xde", - (u8 *) "\x34\xb2\x1a\xd2\xad\x44\xe9\x99\xdb\x2d\x7f\x08\x63\xf0\xd9\xb6\x84\xa9\x21\x8f\xc3\x6e\x8a\x5f\x2c\xcf\xbe\xae\x53\xa2\x7d\x25", - (u8 *) "\xa2\x22\x1a\x11\xb8\x33\xcc\xb4\x98\xa5\x95\x40\xf0\x54\x5f\x4a\x5b\xbe\xb4\x78\x7d\x59\xe5\x37\x3f\xdb\xea\x6c\x6f\x75\xc2\x9b" - }, - { - 24, (u8 *) "\xc1\x09\x16\x39\x08\xeb\xe5\x1d\xeb\xb4\x62\x27\xc6\xcc\x8b\x37\x64\x19\x10\x83\x32\x22\x77\x2a", - (u8 *) "\x54\xb6\x4e\x6b\x5a\x20\xb5\xe2\xec\x84\x59\x3d\xc7\x98\x9d\xa7\xc1\x35\xee\xe2\x37\xa8\x54\x65\xff\x97\xdc\x03\x92\x4f\x45\xce", - (u8 *) "\xcf\xcc\x92\x2f\xb4\xa1\x4a\xb4\x5d\x61\x75\xaa\xbb\xf2\xd2\x01\x83\x7b\x87\xe2\xa4\x46\xad\x0e\xf7\x98\xac\xd0\x2b\x94\x12\x4f", - (u8 *) "\x17\xa6\xdb\xd6\x64\x92\x6a\x06\x36\xb3\xf4\xc3\x7a\x4f\x46\x94\x4a\x5f\x9f\x26\xae\xee\xd4\xd4\xa2\x5f\x63\x2d\x30\x52\x33\xd9", - (u8 *) "\x80\xa3\xd0\x1e\xf0\x0c\x8e\x9a\x42\x09\xc1\x7f\x4e\xeb\x35\x8c\xd1\x5e\x7d\x5f\xfa\xaa\xbc\x02\x07\xbf\x20\x0a\x11\x77\x93\xa2", - (u8 *) "\x34\x96\x82\xbf\x58\x8e\xaa\x52\xd0\xaa\x15\x60\x34\x6a\xea\xfa\xf5\x85\x4c\xdb\x76\xc8\x89\xe3\xad\x63\x35\x4e\x5f\x72\x75\xe3", - (u8 *) "\x53\x2c\x7c\xec\xcb\x39\xdf\x32\x36\x31\x84\x05\xa4\xb1\x27\x9c\xba\xef\xe6\xd9\xce\xb6\x51\x84\x22\x60\xe0\xd1\xe0\x5e\x3b\x90", - (u8 *) "\xe8\x2d\x8c\x6d\xb5\x4e\x3c\x63\x3f\x58\x1c\x95\x2b\xa0\x42\x07\x4b\x16\xe5\x0a\xbd\x38\x1b\xd7\x09\x00\xa9\xcd\x9a\x62\xcb\x23", - (u8 *) "\x36\x82\xee\x33\xbd\x14\x8b\xd9\xf5\x86\x56\xcd\x8f\x30\xd9\xfb\x1e\x5a\x0b\x84\x75\x04\x5d\x9b\x20\xb2\x62\x86\x24\xed\xfd\x9e", - (u8 *) "\x63\xed\xd6\x84\xfb\x82\x62\x82\xfe\x52\x8f\x9c\x0e\x92\x37\xbc\xe4\xdd\x2e\x98\xd6\x96\x0f\xae\x0b\x43\x54\x54\x56\x74\x33\x91" - }, - { - 32, (u8 *) "\x1a\xda\x31\xd5\xcf\x68\x82\x21\xc1\x09\x16\x39\x08\xeb\xe5\x1d\xeb\xb4\x62\x27\xc6\xcc\x8b\x37\x64\x19\x10\x83\x32\x22\x77\x2a", - (u8 *) "\xdd\x5b\xcb\x00\x18\xe9\x22\xd4\x94\x75\x9d\x7c\x39\x5d\x02\xd3\xc8\x44\x6f\x8f\x77\xab\xf7\x37\x68\x53\x53\xeb\x89\xa1\xc9\xeb", - (u8 *) "\xaf\x3e\x30\xf9\xc0\x95\x04\x59\x38\x15\x15\x75\xc3\xfb\x90\x98\xf8\xcb\x62\x74\xdb\x99\xb8\x0b\x1d\x20\x12\xa9\x8e\xd4\x8f\x0e", - (u8 *) "\x25\xc3\x00\x5a\x1c\xb8\x5d\xe0\x76\x25\x98\x39\xab\x71\x98\xab\x9d\xcb\xc1\x83\xe8\xcb\x99\x4b\x72\x7b\x75\xbe\x31\x80\x76\x9c", - (u8 *) "\xa1\xd3\x07\x8d\xfa\x91\x69\x50\x3e\xd9\xd4\x49\x1d\xee\x4e\xb2\x85\x14\xa5\x49\x58\x58\x09\x6f\x59\x6e\x4b\xcd\x66\xb1\x06\x65", - (u8 *) "\x5f\x40\xd5\x9e\xc1\xb0\x3b\x33\x73\x8e\xfa\x60\xb2\x25\x5d\x31\x34\x77\xc7\xf7\x64\xa4\x1b\xac\xef\xf9\x0b\xf1\x4f\x92\xb7\xcc", - (u8 *) "\xac\x4e\x95\x36\x8d\x99\xb9\xeb\x78\xb8\xda\x8f\x81\xff\xa7\x95\x8c\x3c\x13\xf8\xc2\x38\x8b\xb7\x3f\x38\x57\x6e\x65\xb7\xc4\x46", - (u8 *) "\x13\xc4\xb9\xc1\xdf\xb6\x65\x79\xed\xdd\x8a\x28\x0b\x9f\x73\x16\xdd\xd2\x78\x20\x55\x01\x26\x69\x8e\xfa\xad\xc6\x4b\x64\xf6\x6e", - (u8 *) "\xf0\x8f\x2e\x66\xd2\x8e\xd1\x43\xf3\xa2\x37\xcf\x9d\xe7\x35\x59\x9e\xa3\x6c\x52\x55\x31\xb8\x80\xba\x12\x43\x34\xf5\x7b\x0b\x70", - (u8 *) "\xd5\xa3\x9e\x3d\xfc\xc5\x02\x80\xba\xc4\xa6\xb5\xaa\x0d\xca\x7d\x37\x0b\x1c\x1f\xe6\x55\x91\x6d\x97\xfd\x0d\x47\xca\x1d\x72\xb8" - } -}; - -#define NUM_TESTS (sizeof(tests) / sizeof(tests[0])) - - -static int run_test(unsigned int i, const u8 *key, size_t key_len, - const u8 *stream, int offset) -{ - u8 res[32]; - os_memset(res, 0, sizeof(res)); - if (rc4_skip(key, key_len, offset, res, sizeof(res)) < 0 || - os_memcmp(res, stream, 32) != 0) { - printf("RC4 test case %d (offset %d) - FAILED!\n", - i + 1, offset); - return 1; - } - return 0; -} - - -int main(int argc, char *argv[]) -{ - int ret = 0; - unsigned int i; - - for (i = 0; i < NUM_TESTS; i++) { - const struct rc4_test_vector *test = &tests[i]; - ret += run_test(i, test->key, test->key_len, - test->stream0, 0); - ret += run_test(i, test->key, test->key_len, - test->stream240, 240); - ret += run_test(i, test->key, test->key_len, - test->stream496, 496); - ret += run_test(i, test->key, test->key_len, - test->stream752, 752); - ret += run_test(i, test->key, test->key_len, - test->stream1008, 1008); - ret += run_test(i, test->key, test->key_len, - test->stream1520, 1520); - ret += run_test(i, test->key, test->key_len, - test->stream2032, 2032); - ret += run_test(i, test->key, test->key_len, - test->stream3056, 3056); - ret += run_test(i, test->key, test->key_len, - test->stream4080, 4080); - } - - if (ret == 0) - printf("All RC4 test cases passed\n"); - - return ret; -}  diff --git a/tests/test-sha1.c b/tests/test-sha1.c deleted file mode 100644 index 4141c49..0000000 --- a/tests/test-sha1.c +++ /dev/null  @@ -1,442 +0,0 @@ -/* - * Test program for SHA1 and MD5 - * Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "crypto/crypto.h" -#include "crypto/md5.h" -#include "crypto/sha1.h" - - -static int test_eap_fast(void) -{ - /* RFC 4851, Appendix B.1 */ - const u8 pac_key[] = { - 0x0B, 0x97, 0x39, 0x0F, 0x37, 0x51, 0x78, 0x09, - 0x81, 0x1E, 0xFD, 0x9C, 0x6E, 0x65, 0x94, 0x2B, - 0x63, 0x2C, 0xE9, 0x53, 0x89, 0x38, 0x08, 0xBA, - 0x36, 0x0B, 0x03, 0x7C, 0xD1, 0x85, 0xE4, 0x14 - }; - const u8 seed[] = { - 0x3F, 0xFB, 0x11, 0xC4, 0x6C, 0xBF, 0xA5, 0x7A, - 0x54, 0x40, 0xDA, 0xE8, 0x22, 0xD3, 0x11, 0xD3, - 0xF7, 0x6D, 0xE4, 0x1D, 0xD9, 0x33, 0xE5, 0x93, - 0x70, 0x97, 0xEB, 0xA9, 0xB3, 0x66, 0xF4, 0x2A, - 0x00, 0x00, 0x00, 0x02, 0x6A, 0x66, 0x43, 0x2A, - 0x8D, 0x14, 0x43, 0x2C, 0xEC, 0x58, 0x2D, 0x2F, - 0xC7, 0x9C, 0x33, 0x64, 0xBA, 0x04, 0xAD, 0x3A, - 0x52, 0x54, 0xD6, 0xA5, 0x79, 0xAD, 0x1E, 0x00 - }; - const u8 master_secret[] = { - 0x4A, 0x1A, 0x51, 0x2C, 0x01, 0x60, 0xBC, 0x02, - 0x3C, 0xCF, 0xBC, 0x83, 0x3F, 0x03, 0xBC, 0x64, - 0x88, 0xC1, 0x31, 0x2F, 0x0B, 0xA9, 0xA2, 0x77, - 0x16, 0xA8, 0xD8, 0xE8, 0xBD, 0xC9, 0xD2, 0x29, - 0x38, 0x4B, 0x7A, 0x85, 0xBE, 0x16, 0x4D, 0x27, - 0x33, 0xD5, 0x24, 0x79, 0x87, 0xB1, 0xC5, 0xA2 - }; - const u8 key_block[] = { - 0x59, 0x59, 0xBE, 0x8E, 0x41, 0x3A, 0x77, 0x74, - 0x8B, 0xB2, 0xE5, 0xD3, 0x60, 0xAC, 0x4D, 0x35, - 0xDF, 0xFB, 0xC8, 0x1E, 0x9C, 0x24, 0x9C, 0x8B, - 0x0E, 0xC3, 0x1D, 0x72, 0xC8, 0x84, 0x9D, 0x57, - 0x48, 0x51, 0x2E, 0x45, 0x97, 0x6C, 0x88, 0x70, - 0xBE, 0x5F, 0x01, 0xD3, 0x64, 0xE7, 0x4C, 0xBB, - 0x11, 0x24, 0xE3, 0x49, 0xE2, 0x3B, 0xCD, 0xEF, - 0x7A, 0xB3, 0x05, 0x39, 0x5D, 0x64, 0x8A, 0x44, - 0x11, 0xB6, 0x69, 0x88, 0x34, 0x2E, 0x8E, 0x29, - 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05, - 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96, - 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84, - 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98, - 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71 - }; - const u8 sks[] = { - 0xD6, 0x4B, 0x7D, 0x72, 0x17, 0x59, 0x28, 0x05, - 0xAF, 0xF9, 0xB7, 0xFF, 0x66, 0x6D, 0xA1, 0x96, - 0x8F, 0x0B, 0x5E, 0x06, 0x46, 0x7A, 0x44, 0x84, - 0x64, 0xC1, 0xC8, 0x0C, 0x96, 0x44, 0x09, 0x98, - 0xFF, 0x92, 0xA8, 0xB4, 0xC6, 0x42, 0x28, 0x71 - }; - const u8 isk[] = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - }; - const u8 imck[] = { - 0x16, 0x15, 0x3C, 0x3F, 0x21, 0x55, 0xEF, 0xD9, - 0x7F, 0x34, 0xAE, 0xC8, 0x1A, 0x4E, 0x66, 0x80, - 0x4C, 0xC3, 0x76, 0xF2, 0x8A, 0xA9, 0x6F, 0x96, - 0xC2, 0x54, 0x5F, 0x8C, 0xAB, 0x65, 0x02, 0xE1, - 0x18, 0x40, 0x7B, 0x56, 0xBE, 0xEA, 0xA7, 0xC5, - 0x76, 0x5D, 0x8F, 0x0B, 0xC5, 0x07, 0xC6, 0xB9, - 0x04, 0xD0, 0x69, 0x56, 0x72, 0x8B, 0x6B, 0xB8, - 0x15, 0xEC, 0x57, 0x7B - }; - const u8 msk[] = { - 0x4D, 0x83, 0xA9, 0xBE, 0x6F, 0x8A, 0x74, 0xED, - 0x6A, 0x02, 0x66, 0x0A, 0x63, 0x4D, 0x2C, 0x33, - 0xC2, 0xDA, 0x60, 0x15, 0xC6, 0x37, 0x04, 0x51, - 0x90, 0x38, 0x63, 0xDA, 0x54, 0x3E, 0x14, 0xB9, - 0x27, 0x99, 0x18, 0x1E, 0x07, 0xBF, 0x0F, 0x5A, - 0x5E, 0x3C, 0x32, 0x93, 0x80, 0x8C, 0x6C, 0x49, - 0x67, 0xED, 0x24, 0xFE, 0x45, 0x40, 0xA0, 0x59, - 0x5E, 0x37, 0xC2, 0xE9, 0xD0, 0x5D, 0x0A, 0xE3 - }; - const u8 emsk[] = { - 0x3A, 0xD4, 0xAB, 0xDB, 0x76, 0xB2, 0x7F, 0x3B, - 0xEA, 0x32, 0x2C, 0x2B, 0x74, 0xF4, 0x28, 0x55, - 0xEF, 0x2D, 0xBA, 0x78, 0xC9, 0x57, 0x2F, 0x0D, - 0x06, 0xCD, 0x51, 0x7C, 0x20, 0x93, 0x98, 0xA9, - 0x76, 0xEA, 0x70, 0x21, 0xD7, 0x0E, 0x25, 0x54, - 0x97, 0xED, 0xB2, 0x8A, 0xF6, 0xED, 0xFD, 0x0A, - 0x2A, 0xE7, 0xA1, 0x58, 0x90, 0x10, 0x50, 0x44, - 0xB3, 0x82, 0x85, 0xDB, 0x06, 0x14, 0xD2, 0xF9 - }; - /* RFC 4851, Appendix B.2 */ - u8 tlv[] = { - 0x80, 0x0C, 0x00, 0x38, 0x00, 0x01, 0x01, 0x00, - 0xD8, 0x6A, 0x8C, 0x68, 0x3C, 0x32, 0x31, 0xA8, - 0x56, 0x63, 0xB6, 0x40, 0x21, 0xFE, 0x21, 0x14, - 0x4E, 0xE7, 0x54, 0x20, 0x79, 0x2D, 0x42, 0x62, - 0xC9, 0xBF, 0x53, 0x7F, 0x54, 0xFD, 0xAC, 0x58, - 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF, - 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC, - 0x05, 0xC5, 0x5B, 0xB7 - }; - const u8 compound_mac[] = { - 0x43, 0x24, 0x6E, 0x30, 0x92, 0x17, 0x6D, 0xCF, - 0xE6, 0xE0, 0x69, 0xEB, 0x33, 0x61, 0x6A, 0xCC, - 0x05, 0xC5, 0x5B, 0xB7 - }; - u8 buf[512]; - const u8 *simck, *cmk; - int errors = 0; - - printf("EAP-FAST test cases\n"); - - printf("- T-PRF (SHA1) test case / master_secret\n"); - sha1_t_prf(pac_key, sizeof(pac_key), "PAC to master secret label hash", - seed, sizeof(seed), buf, sizeof(master_secret)); - if (memcmp(master_secret, buf, sizeof(master_secret)) != 0) { - printf("T-PRF test - FAILED!\n"); - errors++; - } - - printf("- PRF (TLS, SHA1/MD5) test case / key_block\n"); - if (tls_prf_sha1_md5(master_secret, sizeof(master_secret), - "key expansion", seed, sizeof(seed), - buf, sizeof(key_block)) || - memcmp(key_block, buf, sizeof(key_block)) != 0) { - printf("PRF test - FAILED!\n"); - errors++; - } - - printf("- T-PRF (SHA1) test case / IMCK\n"); - sha1_t_prf(sks, sizeof(sks), "Inner Methods Compound Keys", - isk, sizeof(isk), buf, sizeof(imck)); - if (memcmp(imck, buf, sizeof(imck)) != 0) { - printf("T-PRF test - FAILED!\n"); - errors++; - } - - simck = imck; - cmk = imck + 40; - - printf("- T-PRF (SHA1) test case / MSK\n"); - sha1_t_prf(simck, 40, "Session Key Generating Function", - (u8 *) "", 0, buf, sizeof(msk)); - if (memcmp(msk, buf, sizeof(msk)) != 0) { - printf("T-PRF test - FAILED!\n"); - errors++; - } - - printf("- T-PRF (SHA1) test case / EMSK\n"); - sha1_t_prf(simck, 40, "Extended Session Key Generating Function", - (u8 *) "", 0, buf, sizeof(msk)); - if (memcmp(emsk, buf, sizeof(emsk)) != 0) { - printf("T-PRF test - FAILED!\n"); - errors++; - } - - printf("- Compound MAC test case\n"); - memset(tlv + sizeof(tlv) - 20, 0, 20); - hmac_sha1(cmk, 20, tlv, sizeof(tlv), tlv + sizeof(tlv) - 20); - if (memcmp(tlv + sizeof(tlv) - 20, compound_mac, sizeof(compound_mac)) - != 0) { - printf("Compound MAC test - FAILED!\n"); - errors++; - } - - return errors; -} - - -static u8 key0[] = -{ - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b -}; -static u8 data0[] = "Hi There"; -static u8 prf0[] = -{ - 0xbc, 0xd4, 0xc6, 0x50, 0xb3, 0x0b, 0x96, 0x84, - 0x95, 0x18, 0x29, 0xe0, 0xd7, 0x5f, 0x9d, 0x54, - 0xb8, 0x62, 0x17, 0x5e, 0xd9, 0xf0, 0x06, 0x06, - 0xe1, 0x7d, 0x8d, 0xa3, 0x54, 0x02, 0xff, 0xee, - 0x75, 0xdf, 0x78, 0xc3, 0xd3, 0x1e, 0x0f, 0x88, - 0x9f, 0x01, 0x21, 0x20, 0xc0, 0x86, 0x2b, 0xeb, - 0x67, 0x75, 0x3e, 0x74, 0x39, 0xae, 0x24, 0x2e, - 0xdb, 0x83, 0x73, 0x69, 0x83, 0x56, 0xcf, 0x5a -}; - -static u8 key1[] = "Jefe"; -static u8 data1[] = "what do ya want for nothing?"; -static u8 prf1[] = -{ - 0x51, 0xf4, 0xde, 0x5b, 0x33, 0xf2, 0x49, 0xad, - 0xf8, 0x1a, 0xeb, 0x71, 0x3a, 0x3c, 0x20, 0xf4, - 0xfe, 0x63, 0x14, 0x46, 0xfa, 0xbd, 0xfa, 0x58, - 0x24, 0x47, 0x59, 0xae, 0x58, 0xef, 0x90, 0x09, - 0xa9, 0x9a, 0xbf, 0x4e, 0xac, 0x2c, 0xa5, 0xfa, - 0x87, 0xe6, 0x92, 0xc4, 0x40, 0xeb, 0x40, 0x02, - 0x3e, 0x7b, 0xab, 0xb2, 0x06, 0xd6, 0x1d, 0xe7, - 0xb9, 0x2f, 0x41, 0x52, 0x90, 0x92, 0xb8, 0xfc -}; - - -static u8 key2[] = -{ - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa -}; -static u8 data2[] = -{ - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd -}; -static u8 prf2[] = -{ - 0xe1, 0xac, 0x54, 0x6e, 0xc4, 0xcb, 0x63, 0x6f, - 0x99, 0x76, 0x48, 0x7b, 0xe5, 0xc8, 0x6b, 0xe1, - 0x7a, 0x02, 0x52, 0xca, 0x5d, 0x8d, 0x8d, 0xf1, - 0x2c, 0xfb, 0x04, 0x73, 0x52, 0x52, 0x49, 0xce, - 0x9d, 0xd8, 0xd1, 0x77, 0xea, 0xd7, 0x10, 0xbc, - 0x9b, 0x59, 0x05, 0x47, 0x23, 0x91, 0x07, 0xae, - 0xf7, 0xb4, 0xab, 0xd4, 0x3d, 0x87, 0xf0, 0xa6, - 0x8f, 0x1c, 0xbd, 0x9e, 0x2b, 0x6f, 0x76, 0x07 -}; - - -struct passphrase_test { - char *passphrase; - char *ssid; - char psk[32]; -}; - -static struct passphrase_test passphrase_tests[] = -{ - { - "password", - "IEEE", - { - 0xf4, 0x2c, 0x6f, 0xc5, 0x2d, 0xf0, 0xeb, 0xef, - 0x9e, 0xbb, 0x4b, 0x90, 0xb3, 0x8a, 0x5f, 0x90, - 0x2e, 0x83, 0xfe, 0x1b, 0x13, 0x5a, 0x70, 0xe2, - 0x3a, 0xed, 0x76, 0x2e, 0x97, 0x10, 0xa1, 0x2e - } - }, - { - "ThisIsAPassword", - "ThisIsASSID", - { - 0x0d, 0xc0, 0xd6, 0xeb, 0x90, 0x55, 0x5e, 0xd6, - 0x41, 0x97, 0x56, 0xb9, 0xa1, 0x5e, 0xc3, 0xe3, - 0x20, 0x9b, 0x63, 0xdf, 0x70, 0x7d, 0xd5, 0x08, - 0xd1, 0x45, 0x81, 0xf8, 0x98, 0x27, 0x21, 0xaf - } - }, - { - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ", - { - 0xbe, 0xcb, 0x93, 0x86, 0x6b, 0xb8, 0xc3, 0x83, - 0x2c, 0xb7, 0x77, 0xc2, 0xf5, 0x59, 0x80, 0x7c, - 0x8c, 0x59, 0xaf, 0xcb, 0x6e, 0xae, 0x73, 0x48, - 0x85, 0x00, 0x13, 0x00, 0xa9, 0x81, 0xcc, 0x62 - } - }, -}; - -#define NUM_PASSPHRASE_TESTS \ -(sizeof(passphrase_tests) / sizeof(passphrase_tests[0])) - - -struct rfc6070_test { - char *p; - char *s; - int c; - char dk[32]; - size_t dk_len; -}; - -static struct rfc6070_test rfc6070_tests[] = -{ - { - "password", - "salt", - 1, - { - 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71, - 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06, - 0x2f, 0xe0, 0x37, 0xa6 - }, - 20 - }, - { - "password", - "salt", - 2, - { - 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, - 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0, - 0xd8, 0xde, 0x89, 0x57 - }, - 20 - }, - { - "password", - "salt", - 4096, - { - 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a, - 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0, - 0x65, 0xa4, 0x29, 0xc1 - }, - 20 - }, -#if 0 /* This takes quite long to derive.. */ - { - "password", - "salt", - 16777216, - { - 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4, - 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c, - 0x26, 0x34, 0xe9, 0x84 - }, - 20 - }, -#endif - { - "passwordPASSWORDpassword", - "saltSALTsaltSALTsaltSALTsaltSALTsalt", - 4096, - { - 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b, - 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a, - 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70, - 0x38 - }, - 25 - }, -#if 0 /* \0 not currently supported in passphrase parameters.. */ - { - "pass\0word", - "sa\0lt", - 4096, - { - 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d, - 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 - }, - 16 - }, -#endif -}; - -#define NUM_RFC6070_TESTS \ -(sizeof(rfc6070_tests) / sizeof(rfc6070_tests[0])) - - -int main(int argc, char *argv[]) -{ - u8 res[512]; - int ret = 0; - unsigned int i; - - printf("PRF-SHA1 test cases:\n"); - - sha1_prf(key0, sizeof(key0), "prefix", data0, sizeof(data0) - 1, - res, sizeof(prf0)); - if (memcmp(res, prf0, sizeof(prf0)) == 0) - printf("Test case 0 - OK\n"); - else { - printf("Test case 0 - FAILED!\n"); - ret++; - } - - sha1_prf(key1, sizeof(key1) - 1, "prefix", data1, sizeof(data1) - 1, - res, sizeof(prf1)); - if (memcmp(res, prf1, sizeof(prf1)) == 0) - printf("Test case 1 - OK\n"); - else { - printf("Test case 1 - FAILED!\n"); - ret++; - } - - sha1_prf(key2, sizeof(key2), "prefix", data2, sizeof(data2), - res, sizeof(prf2)); - if (memcmp(res, prf2, sizeof(prf2)) == 0) - printf("Test case 2 - OK\n"); - else { - printf("Test case 2 - FAILED!\n"); - ret++; - } - - ret += test_eap_fast(); - - printf("PBKDF2-SHA1 Passphrase test cases:\n"); - for (i = 0; i < NUM_PASSPHRASE_TESTS; i++) { - u8 psk[32]; - struct passphrase_test *test = &passphrase_tests[i]; - pbkdf2_sha1(test->passphrase, - test->ssid, strlen(test->ssid), - 4096, psk, 32); - if (memcmp(psk, test->psk, 32) == 0) - printf("Test case %d - OK\n", i); - else { - printf("Test case %d - FAILED!\n", i); - ret++; - } - } - - printf("PBKDF2-SHA1 test cases (RFC 6070):\n"); - for (i = 0; i < NUM_RFC6070_TESTS; i++) { - u8 dk[25]; - struct rfc6070_test *test = &rfc6070_tests[i]; - pbkdf2_sha1(test->p, test->s, strlen(test->s), test->c, - dk, test->dk_len); - if (memcmp(dk, test->dk, test->dk_len) == 0) - printf("Test case %d - OK\n", i); - else { - printf("Test case %d - FAILED!\n", i); - ret++; - } - } - - return ret; -}  diff --git a/tests/test-sha256.c b/tests/test-sha256.c deleted file mode 100644 index 9d45439..0000000 --- a/tests/test-sha256.c +++ /dev/null  @@ -1,325 +0,0 @@ -/* - * Test program for SHA256 - * Copyright (c) 2006, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "crypto/sha256.h" -#include "crypto/crypto.h" - -struct { - char *data; - u8 hash[32]; -} tests[] = { - { - "abc", - { - 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, - 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, - 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, - 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad - } - }, - { - "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - { - 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, - 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39, - 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, - 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 - } - } -}; - -struct hmac_test { - u8 key[80]; - size_t key_len; - u8 data[128]; - size_t data_len; - u8 hash[32]; -} hmac_tests[] = { - /* draft-ietf-ipsec-ciph-sha-256-01.txt */ - { - { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, - 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, - 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, - 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 - }, - 32, - "abc", 3, - { - 0xa2, 0x1b, 0x1f, 0x5d, 0x4c, 0xf4, 0xf7, 0x3a, - 0x4d, 0xd9, 0x39, 0x75, 0x0f, 0x7a, 0x06, 0x6a, - 0x7f, 0x98, 0xcc, 0x13, 0x1c, 0xb1, 0x6a, 0x66, - 0x92, 0x75, 0x90, 0x21, 0xcf, 0xab, 0x81, 0x81 - } - }, - { - { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, - 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, - 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, - 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 - }, - 32, - "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - 56, - { - 0x10, 0x4f, 0xdc, 0x12, 0x57, 0x32, 0x8f, 0x08, - 0x18, 0x4b, 0xa7, 0x31, 0x31, 0xc5, 0x3c, 0xae, - 0xe6, 0x98, 0xe3, 0x61, 0x19, 0x42, 0x11, 0x49, - 0xea, 0x8c, 0x71, 0x24, 0x56, 0x69, 0x7d, 0x30 - } - }, - { - { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, - 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, - 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, - 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20 - }, - 32, - "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" - "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - 112, - { - 0x47, 0x03, 0x05, 0xfc, 0x7e, 0x40, 0xfe, 0x34, - 0xd3, 0xee, 0xb3, 0xe7, 0x73, 0xd9, 0x5a, 0xab, - 0x73, 0xac, 0xf0, 0xfd, 0x06, 0x04, 0x47, 0xa5, - 0xeb, 0x45, 0x95, 0xbf, 0x33, 0xa9, 0xd1, 0xa3 - } - }, - { - { - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b - }, - 32, - "Hi There", - 8, - { - 0x19, 0x8a, 0x60, 0x7e, 0xb4, 0x4b, 0xfb, 0xc6, - 0x99, 0x03, 0xa0, 0xf1, 0xcf, 0x2b, 0xbd, 0xc5, - 0xba, 0x0a, 0xa3, 0xf3, 0xd9, 0xae, 0x3c, 0x1c, - 0x7a, 0x3b, 0x16, 0x96, 0xa0, 0xb6, 0x8c, 0xf7 - } - }, - { - "Jefe", - 4, - "what do ya want for nothing?", - 28, - { - 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, - 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, - 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, - 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 - } - }, - { - { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa - }, - 32, - { - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, - 0xdd, 0xdd - }, - 50, - { - 0xcd, 0xcb, 0x12, 0x20, 0xd1, 0xec, 0xcc, 0xea, - 0x91, 0xe5, 0x3a, 0xba, 0x30, 0x92, 0xf9, 0x62, - 0xe5, 0x49, 0xfe, 0x6c, 0xe9, 0xed, 0x7f, 0xdc, - 0x43, 0x19, 0x1f, 0xbd, 0xe4, 0x5c, 0x30, 0xb0 - } - }, - { - { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, - 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, - 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, - 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, - 0x21, 0x22, 0x23, 0x24, 0x25 - }, - 37, - { - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, - 0xcd, 0xcd - }, - 50, - { - 0xd4, 0x63, 0x3c, 0x17, 0xf6, 0xfb, 0x8d, 0x74, - 0x4c, 0x66, 0xde, 0xe0, 0xf8, 0xf0, 0x74, 0x55, - 0x6e, 0xc4, 0xaf, 0x55, 0xef, 0x07, 0x99, 0x85, - 0x41, 0x46, 0x8e, 0xb4, 0x9b, 0xd2, 0xe9, 0x17 - } - }, - { - { - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, - 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c - }, - 32, - "Test With Truncation", - 20, - { - 0x75, 0x46, 0xaf, 0x01, 0x84, 0x1f, 0xc0, 0x9b, - 0x1a, 0xb9, 0xc3, 0x74, 0x9a, 0x5f, 0x1c, 0x17, - 0xd4, 0xf5, 0x89, 0x66, 0x8a, 0x58, 0x7b, 0x27, - 0x00, 0xa9, 0xc9, 0x7c, 0x11, 0x93, 0xcf, 0x42 - } - }, - { - { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa - }, - 80, - "Test Using Larger Than Block-Size Key - Hash Key First", - 54, - { - 0x69, 0x53, 0x02, 0x5e, 0xd9, 0x6f, 0x0c, 0x09, - 0xf8, 0x0a, 0x96, 0xf7, 0x8e, 0x65, 0x38, 0xdb, - 0xe2, 0xe7, 0xb8, 0x20, 0xe3, 0xdd, 0x97, 0x0e, - 0x7d, 0xdd, 0x39, 0x09, 0x1b, 0x32, 0x35, 0x2f - } - }, - { - { - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa - }, - 80, - "Test Using Larger Than Block-Size Key and Larger Than One " - "Block-Size Data", - 73, - { - 0x63, 0x55, 0xac, 0x22, 0xe8, 0x90, 0xd0, 0xa3, - 0xc8, 0x48, 0x1a, 0x5c, 0xa4, 0x82, 0x5b, 0xc8, - 0x84, 0xd3, 0xe7, 0xa1, 0xff, 0x98, 0xa2, 0xfc, - 0x2a, 0xc7, 0xd8, 0xe0, 0x64, 0xc3, 0xb2, 0xe6 - } - } -}; - - -int main(int argc, char *argv[]) -{ - - unsigned int i; - u8 hash[32]; - const u8 *addr[2]; - size_t len[2]; - int errors = 0; - - for (i = 0; i < sizeof(tests) / sizeof(tests[0]); i++) { - printf("SHA256 test case %d:", i + 1); - - addr[0] = (u8 *) tests[i].data; - len[0] = strlen(tests[i].data); - sha256_vector(1, addr, len, hash); - if (memcmp(hash, tests[i].hash, 32) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - - if (len[0]) { - addr[0] = (u8 *) tests[i].data; - len[0] = 1; - addr[1] = (u8 *) tests[i].data + 1; - len[1] = strlen(tests[i].data) - 1; - sha256_vector(2, addr, len, hash); - if (memcmp(hash, tests[i].hash, 32) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - } - - printf("\n"); - } - - for (i = 0; i < sizeof(hmac_tests) / sizeof(hmac_tests[0]); i++) { - struct hmac_test *t = &hmac_tests[i]; - printf("HMAC-SHA256 test case %d:", i + 1); - - hmac_sha256(t->key, t->key_len, t->data, t->data_len, hash); - if (memcmp(hash, t->hash, 32) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - - addr[0] = t->data; - len[0] = t->data_len; - hmac_sha256_vector(t->key, t->key_len, 1, addr, len, hash); - if (memcmp(hash, t->hash, 32) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - - if (len[0]) { - addr[0] = t->data; - len[0] = 1; - addr[1] = t->data + 1; - len[1] = t->data_len - 1; - hmac_sha256_vector(t->key, t->key_len, 2, addr, len, - hash); - if (memcmp(hash, t->hash, 32) != 0) { - printf(" FAIL"); - errors++; - } else - printf(" OK"); - } - - printf("\n"); - } - - printf("Test IEEE 802.11r KDF\n"); - sha256_prf((u8 *) "abc", 3, "KDF test", (u8 *) "data", 4, - hash, sizeof(hash)); - /* TODO: add proper test case for this */ - - return errors; -}  diff --git a/tests/test-x509.c b/tests/test-x509.c deleted file mode 100644 index e92ea61..0000000 --- a/tests/test-x509.c +++ /dev/null  @@ -1,38 +0,0 @@ -/* - * Testing tool for X.509v3 routines - * Copyright (c) 2006-2009, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "tls/x509v3.h" - -extern int wpa_debug_level; - - -int main(int argc, char *argv[]) -{ - FILE *f; - u8 buf[3000]; - size_t len; - struct x509_certificate *cert; - - wpa_debug_level = 0; - - f = fopen(argv[1], "rb"); - if (f == NULL) - return -1; - len = fread(buf, 1, sizeof(buf), f); - fclose(f); - - cert = x509_certificate_parse(buf, len); - if (cert == NULL) - printf("Failed to parse X.509 certificate\n"); - x509_certificate_free(cert); - - return 0; -}  diff --git a/tests/test-x509v3.c b/tests/test-x509v3.c deleted file mode 100644 index 1290b5c..0000000 --- a/tests/test-x509v3.c +++ /dev/null  @@ -1,63 +0,0 @@ -/* - * Testing tool for X.509v3 routines - * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi> - * - * This software may be distributed under the terms of the BSD license. - * See README for more details. - */ - -#include "includes.h" - -#include "common.h" -#include "tls/asn1.h" -#include "tls/x509v3.h" - -extern int wpa_debug_level; - - -int main(int argc, char *argv[]) -{ - char *buf; - size_t len; - struct x509_certificate *certs = NULL, *last = NULL, *cert; - int i, reason; - - wpa_debug_level = 0; - - if (argc < 3 || strcmp(argv[1], "-v") != 0) { - printf("usage: test_x509v3 -v <cert1.der> <cert2.der> ..\n"); - return -1; - } - - for (i = 2; i < argc; i++) { - printf("Reading: %s\n", argv[i]); - buf = os_readfile(argv[i], &len); - if (buf == NULL) { - printf("Failed to read '%s'\n", argv[i]); - return -1; - } - - cert = x509_certificate_parse((u8 *) buf, len); - if (cert == NULL) { - printf("Failed to parse X.509 certificate\n"); - return -1; - } - - free(buf); - - if (certs == NULL) - certs = cert; - else - last->next = cert; - last = cert; - } - - printf("\n\nValidating certificate chain\n"); - if (x509_certificate_chain_validate(last, certs, &reason, 0) < 0) { - printf("\nCertificate chain validation failed: %d\n", reason); - return -1; - } - printf("\nCertificate chain is valid\n"); - - return 0; -}  diff --git a/tests/test_x509v3_nist.sh b/tests/test_x509v3_nist.sh deleted file mode 100755 index d3f94bb..0000000 --- a/tests/test_x509v3_nist.sh +++ /dev/null  @@ -1,144 +0,0 @@ -#!/bin/bash - -# X.509 Path Validation Test Suite, Version 1.07 -# http://csrc.nist.gov/pki/testing/x509paths_old.html -# http://csrc.nist.gov/pki/testing/x509tests.tgz - -if [ -z "$1" ]; then
-    echo "usage: $0 <path to X509tests directory>" - exit 1 -fi - -TESTS=$1
-
-if [ ! -d $TESTS ]; then - echo "Not a directory:$TESTS"
-    exit 1
-fi
-
-X509TEST="./test-x509v3 -v"
-TMPOUT=test_x509v3_nist.out
-
-# TODO: add support for validating CRLs
-
-END="End Certificate "
-ROOT="Trust Anchor "
-ICA="Intermediate Certificate "
-
-SUCCESS=""
-FAILURE=""
-
-function run_test
-{
-    NUM=$1 - RES=$2
-    shift 2
-    $X509TEST "$@" > $TMPOUT.$NUM
-    VALRES=$? - OK=0 - if [$RES -eq 0 ]; then
-	# expecting success
-	if [ $VALRES -eq 0 ]; then - OK=1 - else - echo "test$NUM failed - expected validation success"
-	    OK=0
-	fi
-    else
-	# expecting failure
-	if [ $VALRES -eq 0 ]; then - echo "test$NUM failed - expected validation failure"
-	    OK=0
-	else
-	    REASON=grep "Certificate chain validation failed: " $TMPOUT.$NUM
-	    if [ $? -eq 0 ]; then - REASONNUM=echo "$REASON" | colrm 1 37
-		if [ $REASONNUM -eq$RES ]; then
-		    OK=1
-		else
-		    echo "test$NUM failed - expected validation result$RES; result was $REASONNUM" - OK=0 - fi - else - echo "test$NUM failed - expected validation failure; other type of error detected"
-		OK=0
-	    fi
-	fi
-    fi
-    if [ $OK -eq 1 ]; then - rm$TMPOUT.$NUM - SUCCESS="$SUCCESS $NUM" - else - FAILURE="$FAILURE $NUM" - fi -} - -P=$TESTS/test
-
-run_test 1 0 "${P}1/${END}CP.01.01.crt" "${P}1/${ROOT}CP.01.01.crt"
-run_test 2 1 "${P}2/${END}CP.01.02.crt" "${P}2/${ICA}CP.01.02.crt" "${P}2/${ROOT}CP.01.01.crt"
-run_test 3 1 "${P}3/${END}CP.01.03.crt" "${P}3/${ICA}CP.01.03.crt" "${P}3/${ROOT}CP.01.01.crt"
-run_test 4 0 "${P}4/${END}CP.02.01.crt" "${P}4/${ICA}2 CP.02.01.crt" "${P}4/${ICA}1 CP.02.01.crt" "${P}4/${ROOT}CP.01.01.crt"
-run_test 5 4 "${P}5/${END}CP.02.02.crt" "${P}5/${ICA}CP.02.02.crt" "${P}5/${ROOT}CP.01.01.crt"
-run_test 6 4 "${P}6/${END}CP.02.03.crt" "${P}6/${ICA}CP.02.03.crt" "${P}6/${ROOT}CP.01.01.crt"
-run_test 7 0 "${P}7/${END}CP.02.04.crt" "${P}7/${ICA}CP.02.04.crt" "${P}7/${ROOT}CP.01.01.crt"
-run_test 8 4 "${P}8/${END}CP.02.05.crt" "${P}8/${ICA}CP.02.05.crt" "${P}8/${ROOT}CP.01.01.crt"
-run_test 9 4 "${P}9/${END}CP.03.01.crt" "${P}9/${ICA}CP.03.01.crt" "${P}9/${ROOT}CP.01.01.crt"
-run_test 10 4 "${P}10/${END}CP.03.02.crt" "${P}10/${ICA}CP.03.02.crt" "${P}10/${ROOT}CP.01.01.crt"
-run_test 11 4 "${P}11/${END}CP.03.03.crt" "${P}11/${ICA}CP.03.03.crt" "${P}11/${ROOT}CP.01.01.crt"
-run_test 12 0 "${P}12/${END}CP.03.04.crt" "${P}12/${ICA}CP.03.04.crt" "${P}12/${ROOT}CP.01.01.crt"
-run_test 13 5 "${P}13/${END}CP.04.01.crt" "${P}13/${ICA}CP.04.01.crt" "${P}13/${ROOT}CP.01.01.crt"
-run_test 14 5 "${P}14/${END}CP.04.02.crt" "${P}14/${ICA}CP.04.02.crt" "${P}14/${ROOT}CP.01.01.crt"
-run_test 15 0 "${P}15/${END}CP.04.03.crt" "${P}15/${ICA}CP.04.03.crt" "${P}15/${ROOT}CP.01.01.crt"
-run_test 16 0 "${P}16/${END}CP.04.04.crt" "${P}16/${ICA}CP.04.04.crt" "${P}16/${ROOT}CP.01.01.crt"
-run_test 17 0 "${P}17/${END}CP.04.05.crt" "${P}17/${ICA}CP.04.05.crt" "${P}17/${ROOT}CP.01.01.crt"
-run_test 18 0 "${P}18/${END}CP.04.06.crt" "${P}18/${ICA}CP.04.06.crt" "${P}18/${ROOT}CP.01.01.crt"
-run_test 19 1 "${P}19/${END}CP.05.01.crt" "${P}19/${ICA}CP.05.01.crt" "${P}19/${ROOT}CP.01.01.crt"
-run_test 20 3 "${P}20/${END}CP.06.01.crt" "${P}20/${ICA}CP.06.01.crt" "${P}20/${ROOT}CP.01.01.crt"
-run_test 21 3 "${P}21/${END}CP.06.02.crt" "${P}21/${ICA}CP.06.02.crt" "${P}21/${ROOT}CP.01.01.crt"
-run_test 22 1 "${P}22/${END}IC.01.01.crt" "${P}22/${ICA}IC.01.01.crt" "${P}22/${ROOT}CP.01.01.crt"
-run_test 23 1 "${P}23/${END}IC.02.01.crt" "${P}23/${ICA}IC.02.01.crt" "${P}23/${ROOT}CP.01.01.crt"
-run_test 24 0 "${P}24/${END}IC.02.02.crt" "${P}24/${ICA}IC.02.02.crt" "${P}24/${ROOT}CP.01.01.crt"
-run_test 25 1 "${P}25/${END}IC.02.03.crt" "${P}25/${ICA}IC.02.03.crt" "${P}25/${ROOT}CP.01.01.crt"
-run_test 26 0 "${P}26/${END}IC.02.04.crt" "${P}26/${ICA}IC.02.04.crt" "${P}26/${ROOT}CP.01.01.crt"
-run_test 27 0 "${P}27/${END}IC.04.01.crt" "${P}27/${ICA}IC.04.01.crt" "${P}27/${ROOT}CP.01.01.crt"
-run_test 28 1 "${P}28/${END}IC.05.01.crt" "${P}28/${ICA}IC.05.01.crt" "${P}28/${ROOT}CP.01.01.crt"
-run_test 29 1 "${P}29/${END}IC.05.02.crt" "${P}29/${ICA}IC.05.02.crt" "${P}29/${ROOT}CP.01.01.crt"
-run_test 30 0 "${P}30/${END}IC.05.03.crt" "${P}30/${ICA}IC.05.03.crt" "${P}30/${ROOT}CP.01.01.crt"
-run_test 31 1 "${P}31/${END}IC.06.01.crt" "${P}31/${ICA}IC.06.01.crt" "${P}31/${ROOT}CP.01.01.crt"
-run_test 32 1 "${P}32/${END}IC.06.02.crt" "${P}32/${ICA}IC.06.02.crt" "${P}32/${ROOT}CP.01.01.crt"
-run_test 33 0 "${P}33/${END}IC.06.03.crt" "${P}33/${ICA}IC.06.03.crt" "${P}33/${ROOT}CP.01.01.crt"
-run_test 34 0 "${P}34/${END}PP.01.01.crt" "${P}34/${ICA}PP.01.01.crt" "${P}34/${ROOT}CP.01.01.crt"
-run_test 35 0 "${P}35/${END}PP.01.02.crt" "${P}35/${ICA}PP.01.02.crt" "${P}35/${ROOT}CP.01.01.crt"
-run_test 36 0 "${P}36/${END}PP.01.03.crt" "${P}36/${ICA}2 PP.01.03.crt" "${P}36/${ICA}1 PP.01.03.crt" "${P}36/${ROOT}CP.01.01.crt"
-run_test 37 0 "${P}37/${END}PP.01.04.crt" "${P}37/${ICA}2 PP.01.04.crt" "${P}37/${ICA}1 PP.01.04.crt" "${P}37/${ROOT}CP.01.01.crt"
-run_test 38 0 "${P}38/${END}PP.01.05.crt" "${P}38/${ICA}2 PP.01.05.crt" "${P}38/${ICA}1 PP.01.05.crt" "${P}38/${ROOT}CP.01.01.crt"
-run_test 39 0 "${P}39/${END}PP.01.06.crt" "${P}39/${ICA}3 PP.01.06.crt" "${P}39/${ICA}2 PP.01.06.crt" "${P}39/${ICA}1 PP.01.06.crt" "${P}39/${ROOT}CP.01.01.crt"
-run_test 40 0 "${P}40/${END}PP.01.07.crt" "${P}40/${ICA}3 PP.01.07.crt" "${P}40/${ICA}2 PP.01.07.crt" "${P}40/${ICA}1 PP.01.07.crt" "${P}40/${ROOT}CP.01.01.crt"
-run_test 41 0 "${P}41/${END}PP.01.08.crt" "${P}41/${ICA}3 PP.01.08.crt" "${P}41/${ICA}2 PP.01.08.crt" "${P}41/${ICA}1 PP.01.08.crt" "${P}41/${ROOT}CP.01.01.crt"
-run_test 42 0 "${P}42/${END}PP.01.09.crt" "${P}42/${ICA}4 PP.01.09.crt" "${P}42/${ICA}3 PP.01.09.crt" "${P}42/${ICA}2 PP.01.09.crt" "${P}42/${ICA}1 PP.01.09.crt" "${P}42/${ROOT}CP.01.01.crt"
-run_test 43 0 "${P}43/${END}PP.06.01.crt" "${P}43/${ICA}4 PP.06.01.crt" "${P}43/${ICA}3 PP.06.01.crt" "${P}43/${ICA}2 PP.06.01.crt" "${P}43/${ICA}1 PP.06.01.crt" "${P}43/${ROOT}CP.01.01.crt"
-run_test 44 0 "${P}44/${END}PP.06.02.crt" "${P}44/${ICA}4 PP.06.02.crt" "${P}44/${ICA}3 PP.06.02.crt" "${P}44/${ICA}2 PP.06.02.crt" "${P}44/${ICA}1 PP.06.02.crt" "${P}44/${ROOT}CP.01.01.crt"
-run_test 45 0 "${P}45/${END}PP.06.03.crt" "${P}45/${ICA}4 PP.06.03.crt" "${P}45/${ICA}3 PP.06.03.crt" "${P}45/${ICA}2 PP.06.03.crt" "${P}45/${ICA}1 PP.06.03.crt" "${P}45/${ROOT}CP.01.01.crt"
-run_test 46 0 "${P}46/${END}PP.06.04.crt" "${P}46/${ICA}4 PP.06.04.crt" "${P}46/${ICA}3 PP.06.04.crt" "${P}46/${ICA}2 PP.06.04.crt" "${P}46/${ICA}1 PP.06.04.crt" "${P}46/${ROOT}CP.01.01.crt"
-run_test 47 0 "${P}47/${END}PP.06.05.crt" "${P}47/${ICA}4 PP.06.05.crt" "${P}47/${ICA}3 PP.06.05.crt" "${P}47/${ICA}2 PP.06.05.crt" "${P}47/${ICA}1 PP.06.05.crt" "${P}47/${ROOT}CP.01.01.crt"
-run_test 48 0 "${P}48/${END}PP.08.01.crt" "${P}48/${ICA}PP.08.01.crt" "${P}48/${ROOT}CP.01.01.crt"
-run_test 49 0 "${P}49/${END}PP.08.02.crt" "${P}49/${ICA}PP.08.02.crt" "${P}49/${ROOT}CP.01.01.crt"
-run_test 50 0 "${P}50/${END}PP.08.03.crt" "${P}50/${ICA}PP.08.03.crt" "${P}50/${ROOT}CP.01.01.crt"
-run_test 51 0 "${P}51/${END}PP.08.04.crt" "${P}51/${ICA}PP.08.04.crt" "${P}51/${ROOT}CP.01.01.crt"
-run_test 52 0 "${P}52/${END}PP.08.05.crt" "${P}52/${ICA}PP.08.05.crt" "${P}52/${ROOT}CP.01.01.crt"
-run_test 53 0 "${P}53/${END}PP.08.06.crt" "${P}53/${ICA}PP.08.06.crt" "${P}53/${ROOT}CP.01.01.crt"
-run_test 54 1 "${P}54/${END}PL.01.01.crt" "${P}54/${ICA}2 PL.01.01.crt" "${P}54/${ICA}1 PL.01.01.crt" "${P}54/${ROOT}CP.01.01.crt"
-run_test 55 1 "${P}55/${END}PL.01.02.crt" "${P}55/${ICA}2 PL.01.02.crt" "${P}55/${ICA}1 PL.01.02.crt" "${P}55/${ROOT}CP.01.01.crt"
-run_test 56 0 "${P}56/${END}PL.01.03.crt" "${P}56/${ICA}PL.01.03.crt" "${P}56/${ROOT}CP.01.01.crt"
-run_test 57 0 "${P}57/${END}PL.01.04.crt" "${P}57/${ICA}PL.01.04.crt" "${P}57/${ROOT}CP.01.01.crt"
-run_test 58 1 "${P}58/${END}PL.01.05.crt" "${P}58/${ICA}3 PL.01.05.crt" "${P}58/${ICA}2 PL.01.05.crt" "${P}58/${ICA}1 PL.01.05.crt" "${P}58/${ROOT}CP.01.01.crt"
-run_test 59 1 "${P}59/${END}PL.01.06.crt" "${P}59/${ICA}3 PL.01.06.crt" "${P}59/${ICA}2 PL.01.06.crt" "${P}59/${ICA}1 PL.01.06.crt" "${P}59/${ROOT}CP.01.01.crt"
-run_test 60 1 "${P}60/${END}PL.01.07.crt" "${P}60/${ICA}4 PL.01.07.crt" "${P}60/${ICA}3 PL.01.07.crt" "${P}60/${ICA}2 PL.01.07.crt" "${P}60/${ICA}1 PL.01.07.crt" "${P}60/${ROOT}CP.01.01.crt"
-run_test 61 1 "${P}61/${END}PL.01.08.crt" "${P}61/${ICA}4 PL.01.08.crt" "${P}61/${ICA}3 PL.01.08.crt" "${P}61/${ICA}2 PL.01.08.crt" "${P}61/${ICA}1 PL.01.08.crt" "${P}61/${ROOT}CP.01.01.crt"
-run_test 62 0 "${P}62/${END}PL.01.09.crt" "${P}62/${ICA}4 PL.01.09.crt" "${P}62/${ICA}3 PL.01.09.crt" "${P}62/${ICA}2 PL.01.09.crt" "${P}62/${ICA}1 PL.01.09.crt" "${P}62/${ROOT}CP.01.01.crt"
-run_test 63 0 "${P}63/${END}PL.01.10.crt" "${P}63/${ICA}4 PL.01.10.crt" "${P}63/${ICA}3 PL.01.10.crt" "${P}63/${ICA}2 PL.01.10.crt" "${P}63/${ICA}1 PL.01.10.crt" "${P}63/${ROOT}CP.01.01.crt"
-
-
-echo "Successful tests:$SUCCESS" -echo "Failed tests:$FAILURE"

diff --git a/tests/test_x509v3_nist2.sh b/tests/test_x509v3_nist2.sh
deleted file mode 100755
index 572bd9d..0000000
--- a/tests/test_x509v3_nist2.sh
+++ /dev/null

@@ -1,165 +0,0 @@
-#!/bin/bash
-
-# Public Key Interoperability Test Suite (PKITS)
-# http://csrc.nist.gov/pki/testing/x509paths.html
-# http://csrc.nist.gov/groups/ST/crypto_apps_infra/documents/PKITS_data.zip
-
-if [ -z "$1" ]; then - echo "usage:$0 <path to root test directory>"
-    exit 1
-fi
-
-TESTS=$1 - -if [ ! -d$TESTS ]; then
-    echo "Not a directory: $TESTS" - exit 1 -fi - -X509TEST="$PWD/test-x509v3 -v"
-TMPOUT="$PWD/test_x509v3_nist2.out" - -# TODO: add support for validating CRLs - -SUCCESS="" -FAILURE="" - -function run_test -{ - NUM=$1
-    RES=$2 - shift 2 -$X509TEST "$@" TrustAnchorRootCertificate.crt >$TMPOUT.$NUM - VALRES=$?
-    OK=0
-    if [ $RES -eq 0 ]; then - # expecting success - if [$VALRES -eq 0 ]; then
-	    OK=1
-	else
-	    echo "$NUM failed - expected validation success" - OK=0 - fi - else - # expecting failure - if [$VALRES -eq 0 ]; then
-	    echo "$NUM failed - expected validation failure" - OK=0 - else - REASON=grep "Certificate chain validation failed: "$TMPOUT.$NUM - if [$? -eq 0 ]; then
-		REASONNUM=echo "$REASON" | colrm 1 37 - if [$REASONNUM -eq $RES ]; then - OK=1 - else - echo "$NUM failed - expected validation result $RES; result was$REASONNUM"
-		    OK=0
-		fi
-	    else
-		echo "$NUM failed - expected validation failure; other type of error detected" - OK=0 - fi - fi - fi - if [$OK -eq 1 ]; then
-	rm $TMPOUT.$NUM
-	SUCCESS="$SUCCESS$NUM"
-    else
-	FAILURE="$FAILURE$NUM"
-    fi
-}
-
-pushd $TESTS/certs - -run_test 4.1.1 0 ValidCertificatePathTest1EE.crt GoodCACert.crt -run_test 4.1.2 1 InvalidCASignatureTest2EE.crt BadSignedCACert.crt -run_test 4.1.3 1 InvalidEESignatureTest3EE.crt GoodCACert.crt - -run_test 4.2.1 4 InvalidCAnotBeforeDateTest1EE.crt BadnotBeforeDateCACert.crt -run_test 4.2.2 4 InvalidEEnotBeforeDateTest2EE.crt GoodCACert.crt -run_test 4.2.3 0 Validpre2000UTCnotBeforeDateTest3EE.crt GoodCACert.crt -run_test 4.2.4 0 ValidGeneralizedTimenotBeforeDateTest4EE.crt GoodCACert.crt -run_test 4.2.5 4 InvalidCAnotAfterDateTest5EE.crt BadnotAfterDateCACert.crt -run_test 4.2.6 4 InvalidEEnotAfterDateTest6EE.crt GoodCACert.crt -run_test 4.2.7 4 Invalidpre2000UTCEEnotAfterDateTest7EE.crt GoodCACert.crt -run_test 4.2.8 0 ValidGeneralizedTimenotAfterDateTest8EE.crt GoodCACert.crt - -run_test 4.3.1 5 InvalidNameChainingTest1EE.crt GoodCACert.crt -run_test 4.3.2 5 InvalidNameChainingOrderTest2EE.crt NameOrderingCACert.crt -run_test 4.3.3 0 ValidNameChainingWhitespaceTest3EE.crt GoodCACert.crt -run_test 4.3.4 0 ValidNameChainingWhitespaceTest4EE.crt GoodCACert.crt -run_test 4.3.5 0 ValidNameChainingCapitalizationTest5EE.crt GoodCACert.crt -run_test 4.3.6 0 ValidNameUIDsTest6EE.crt UIDCACert.crt -run_test 4.3.7 0 ValidRFC3280MandatoryAttributeTypesTest7EE.crt RFC3280MandatoryAttributeTypesCACert.crt -run_test 4.3.8 0 ValidRFC3280OptionalAttributeTypesTest8EE.crt RFC3280OptionalAttributeTypesCACert.crt -run_test 4.3.9 0 ValidUTF8StringEncodedNamesTest9EE.crt UTF8StringEncodedNamesCACert.crt -run_test 4.3.10 0 ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt RolloverfromPrintableStringtoUTF8StringCACert.crt -run_test 4.3.11 0 ValidUTF8StringCaseInsensitiveMatchTest11EE.crt UTF8StringCaseInsensitiveMatchCACert.crt - -run_test 4.4.1 1 InvalidMissingCRLTest1EE.crt NoCRLCACert.crt -# skip rest of 4.4.x tests since CRLs are not yet supported - -run_test 4.5.1 0 ValidBasicSelfIssuedOldWithNewTest1EE.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt BasicSelfIssuedNewKeyCACert.crt -run_test 4.5.2 3 InvalidBasicSelfIssuedOldWithNewTest2EE.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt BasicSelfIssuedNewKeyCACert.crt -run_test 4.5.3 0 ValidBasicSelfIssuedNewWithOldTest3EE.crt BasicSelfIssuedOldKeyNewWithOldCACert.crt BasicSelfIssuedOldKeyCACert.crt -run_test 4.5.4 0 ValidBasicSelfIssuedNewWithOldTest4EE.crt BasicSelfIssuedOldKeyNewWithOldCACert.crt BasicSelfIssuedOldKeyCACert.crt -run_test 4.5.5 3 InvalidBasicSelfIssuedNewWithOldTest5EE.crt BasicSelfIssuedOldKeyNewWithOldCACert.crt BasicSelfIssuedOldKeyCACert.crt -run_test 4.5.6 0 ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt BasicSelfIssuedCRLSigningKeyCACert.crt -run_test 4.5.7 3 InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt BasicSelfIssuedCRLSigningKeyCACert.crt -run_test 4.5.8 1 InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt BasicSelfIssuedCRLSigningKeyCACert.crt - -run_test 4.6.1 1 InvalidMissingbasicConstraintsTest1EE.crt MissingbasicConstraintsCACert.crt -run_test 4.6.2 1 InvalidcAFalseTest2EE.crt basicConstraintsCriticalcAFalseCACert.crt -run_test 4.6.3 1 InvalidcAFalseTest3EE.crt basicConstraintsNotCriticalcAFalseCACert.crt -run_test 4.6.4 0 ValidbasicConstraintsNotCriticalTest4EE.crt basicConstraintsNotCriticalCACert.crt -run_test 4.6.5 1 InvalidpathLenConstraintTest5EE.crt pathLenConstraint0subCACert.crt pathLenConstraint0CACert.crt -run_test 4.6.6 1 InvalidpathLenConstraintTest6EE.crt pathLenConstraint0subCACert.crt pathLenConstraint0CACert.crt -run_test 4.6.7 0 ValidpathLenConstraintTest7EE.crt pathLenConstraint0CACert.crt -run_test 4.6.8 0 ValidpathLenConstraintTest8EE.crt pathLenConstraint0CACert.crt -run_test 4.6.9 1 InvalidpathLenConstraintTest9EE.crt pathLenConstraint6subsubCA00Cert.crt pathLenConstraint6subCA0Cert.crt pathLenConstraint6CACert.crt -run_test 4.6.10 1 InvalidpathLenConstraintTest10EE.crt pathLenConstraint6subsubCA00Cert.crt pathLenConstraint6subCA0Cert.crt pathLenConstraint6CACert.crt -run_test 4.6.11 1 InvalidpathLenConstraintTest11EE.crt pathLenConstraint6subsubsubCA11XCert.crt pathLenConstraint6subsubCA11Cert.crt pathLenConstraint6subCA1Cert.crt pathLenConstraint6CACert.crt -run_test 4.6.12 1 InvalidpathLenConstraintTest12EE.crt pathLenConstraint6subsubsubCA11XCert.crt pathLenConstraint6subsubCA11Cert.crt pathLenConstraint6subCA1Cert.crt pathLenConstraint6CACert.crt -run_test 4.6.13 0 ValidpathLenConstraintTest13EE.crt pathLenConstraint6subsubsubCA41XCert.crt pathLenConstraint6subsubCA41Cert.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6CACert.crt -run_test 4.6.14 0 ValidpathLenConstraintTest14EE.crt pathLenConstraint6subsubsubCA41XCert.crt pathLenConstraint6subsubCA41Cert.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6CACert.crt -run_test 4.6.15 0 ValidSelfIssuedpathLenConstraintTest15EE.crt pathLenConstraint0SelfIssuedCACert.crt pathLenConstraint0CACert.crt -run_test 4.6.16 1 InvalidSelfIssuedpathLenConstraintTest16EE.crt pathLenConstraint0subCA2Cert.crt pathLenConstraint0SelfIssuedCACert.crt pathLenConstraint0CACert.crt -run_test 4.6.17 0 ValidSelfIssuedpathLenConstraintTest17EE.crt pathLenConstraint1SelfIssuedsubCACert.crt pathLenConstraint1subCACert.crt pathLenConstraint1SelfIssuedCACert.crt pathLenConstraint1CACert.crt - -run_test 4.7.1 1 InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt keyUsageCriticalkeyCertSignFalseCACert.crt -run_test 4.7.2 1 InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt keyUsageNotCriticalkeyCertSignFalseCACert.crt -run_test 4.7.3 0 ValidkeyUsageNotCriticalTest3EE.crt keyUsageNotCriticalCACert.crt -run_test 4.7.4 1 InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt keyUsageCriticalcRLSignFalseCACert.crt -run_test 4.7.5 1 InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt keyUsageNotCriticalcRLSignFalseCACert.crt - -run_test 4.8.1 0 ValidCertificatePathTest1EE.crt GoodCACert.crt -run_test 4.8.2 0 AllCertificatesNoPoliciesTest2EE.crt NoPoliciesCACert.crt -run_test 4.8.3 0 DifferentPoliciesTest3EE.crt PoliciesP2subCACert.crt GoodCACert.crt -run_test 4.8.4 0 DifferentPoliciesTest4EE.crt GoodsubCACert.crt GoodCACert.crt -run_test 4.8.5 0 DifferentPoliciesTest5EE.crt PoliciesP2subCA2Cert.crt GoodCACert.crt -run_test 4.8.6 0 OverlappingPoliciesTest6EE.crt PoliciesP1234subsubCAP123P12Cert.crt PoliciesP1234subCAP123Cert.crt PoliciesP1234CACert.crt -run_test 4.8.7 0 DifferentPoliciesTest7EE.crt PoliciesP123subsubCAP12P1Cert.crt PoliciesP123subCAP12Cert.crt PoliciesP123CACert.crt -run_test 4.8.8 0 DifferentPoliciesTest8EE.crt PoliciesP12subsubCAP1P2Cert.crt PoliciesP12subCAP1Cert.crt PoliciesP12CACert.crt -run_test 4.8.9 0 DifferentPoliciesTest9EE.crt PoliciesP123subsubsubCAP12P2P1Cert.crt PoliciesP123subsubCAP12P2Cert.crt PoliciesP123subCAP12Cert.crt PoliciesP123CACert.crt -run_test 4.8.10 0 AllCertificatesSamePoliciesTest10EE.crt PoliciesP12CACert.crt -run_test 4.8.11 0 AllCertificatesanyPolicyTest11EE.crt anyPolicyCACert.crt -run_test 4.8.12 0 DifferentPoliciesTest12EE.crt PoliciesP3CACert.crt -run_test 4.8.13 0 AllCertificatesSamePoliciesTest13EE.crt PoliciesP123CACert.crt -run_test 4.8.14 0 AnyPolicyTest14EE.crt anyPolicyCACert.crt -run_test 4.8.15 0 UserNoticeQualifierTest15EE.crt -run_test 4.8.16 0 UserNoticeQualifierTest16EE.crt GoodCACert.crt -run_test 4.8.17 0 UserNoticeQualifierTest17EE.crt GoodCACert.crt -run_test 4.8.18 0 UserNoticeQualifierTest18EE.crt PoliciesP12CACert.crt -run_test 4.8.19 0 UserNoticeQualifierTest19EE.crt TrustAnchorRootCertificate.crt -run_test 4.8.20 0 CPSPointerQualifierTest20EE.crt GoodCACert.crt - -if false; then -# DSA tests -run_test 4.1.4 0 ValidDSASignaturesTest4EE.crt DSACACert.crt -fi - -popd - - -echo "Successful tests:$SUCCESS"
-echo "Failed tests:$FAILURE"  diff --git a/wlantest/Makefile b/wlantest/Makefile deleted file mode 100644 index c165ed4..0000000 --- a/wlantest/Makefile +++ /dev/null  @@ -1,111 +0,0 @@ -ALL=wlantest wlantest_cli - -all:$(ALL)
-
-ifndef CC
-CC=gcc
-endif
-
-ifndef RANLIB
-RANLIB=ranlib
-endif
-
-ifndef CFLAGS
-CFLAGS = -MMD -O2 -Wall -g
-endif
-
-
-CFLAGS += -I.
-CFLAGS += -I../src
-CFLAGS += -I../src/utils
-
-
-ifndef LDO
-LDO=$(CC) -endif - -Q=@ -E=echo -ifeq ($(V), 1)
-Q=
-E=true
-endif
-
-%.o: %.c
-	$(Q)$(CC) -c -o $@$(CFLAGS) $< - @$(E) "  CC " $< - - -OBJS_lib += ../src/utils/libutils.a -OBJS_lib += ../src/crypto/libcrypto.a - -CFLAGS += -DCONFIG_PEERKEY -CFLAGS += -DCONFIG_IEEE80211W -CFLAGS += -DCONFIG_IEEE80211R - -OBJS += ../src/common/ieee802_11_common.o -OBJS += ../src/common/wpa_common.o -OBJS += ../src/radius/radius.o -OBJS += ../src/rsn_supp/wpa_ie.o - -OBJS += wlantest.o -OBJS += readpcap.o -OBJS += writepcap.o -OBJS += monitor.o -OBJS += process.o -OBJS += wired.o -OBJS += rx_mgmt.o -OBJS += rx_data.o -OBJS += rx_eapol.o -OBJS += rx_ip.o -OBJS += rx_tdls.o -OBJS += bss.o -OBJS += sta.o -OBJS += crc32.o -OBJS += ccmp.o -OBJS += tkip.o -OBJS += ctrl.o -OBJS += inject.o -OBJS += wep.o - -LIBS += -lpcap - - -../src/utils/libutils.a: -$(MAKE) -C ../src/utils
-
-../src/crypto/libcrypto.a:
-	$(MAKE) -C ../src/crypto - - -ifneq ($(CONFIG_SOLIB), yes)
-LIBWLANTEST = libwlantest.a
-libwlantest.a: $(OBJS_lib) -$(AR) crT libwlantest.a $(OBJS_lib) -$(RANLIB) libwlantest.a
-
-else
-CFLAGS  += -fPIC -DPIC
-LDFLAGS += -shared
-
-LIBWLANTEST  = libwlantest.so
-libwlantest.so: $(OBJS_lib) -$(LDO) $(LDFLAGS)$(OBJS_lib) -o $(LIBWLANTEST) - -endif - - -OBJS_cli = wlantest_cli.o - - -wlantest:$(OBJS) $(LIBWLANTEST) -$(LDO) $(LDFLAGS) -o wlantest$(OBJS) -L. -lwlantest $(LIBS) - -wlantest_cli:$(OBJS_cli) $(LIBWLANTEST) -$(LDO) $(LDFLAGS) -o wlantest_cli$(OBJS_cli) -L. -lwlantest
-
-clean:
-	$(MAKE) -C ../src clean - rm -f core *~ *.o *.d libwlantest.a libwlantest.so$(ALL)
-
--include \$(OBJS:%.o=%.d)

diff --git a/wlantest/bss.c b/wlantest/bss.c
deleted file mode 100644
index 94f2580..0000000
--- a/wlantest/bss.c
+++ /dev/null

@@ -1,297 +0,0 @@
-/*
- * BSS list
- * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
- *
- * See README for more details.
- */
-
-#include "utils/includes.h"
-
-#include "utils/common.h"
-#include "common/defs.h"
-#include "common/ieee802_11_defs.h"
-#include "common/ieee802_11_common.h"
-#include "crypto/sha1.h"
-#include "wlantest.h"
-
-
-struct wlantest_bss * bss_find(struct wlantest *wt, const u8 *bssid)
-{
-	struct wlantest_bss *bss;
-
-	dl_list_for_each(bss, &wt->bss, struct wlantest_bss, list) {
-		if (os_memcmp(bss->bssid, bssid, ETH_ALEN) == 0)
-			return bss;
-	}
-
-	return NULL;
-}
-
-
-struct wlantest_bss * bss_get(struct wlantest *wt, const u8 *bssid)
-{
-	struct wlantest_bss *bss;
-
-	if (bssid[0] & 0x01)
-		return NULL; /* Skip group addressed frames */
-
-	bss = bss_find(wt, bssid);
-	if (bss)
-		return bss;
-
-	bss = os_zalloc(sizeof(*bss));
-	if (bss == NULL)
-		return NULL;
-	dl_list_init(&bss->sta);
-	dl_list_init(&bss->pmk);
-	dl_list_init(&bss->tdls);
-	os_memcpy(bss->bssid, bssid, ETH_ALEN);
-	wpa_printf(MSG_DEBUG, "Discovered new BSS - " MACSTR,
-		   MAC2STR(bss->bssid));
-	return bss;
-}
-
-
-void pmk_deinit(struct wlantest_pmk *pmk)
-{
-	dl_list_del(&pmk->list);
-	os_free(pmk);
-}
-
-
-void tdls_deinit(struct wlantest_tdls *tdls)
-{
-	dl_list_del(&tdls->list);
-	os_free(tdls);
-}
-
-
-void bss_deinit(struct wlantest_bss *bss)
-{
-	struct wlantest_sta *sta, *n;
-	struct wlantest_pmk *pmk, *np;
-	struct wlantest_tdls *tdls, *nt;
-	dl_list_for_each_safe(sta, n, &bss->sta, struct wlantest_sta, list)
-		sta_deinit(sta);
-	dl_list_for_each_safe(pmk, np, &bss->pmk, struct wlantest_pmk, list)
-		pmk_deinit(pmk);
-	dl_list_for_each_safe(tdls, nt, &bss->tdls, struct wlantest_tdls, list)
-		tdls_deinit(tdls);
-	dl_list_del(&bss->list);
-	os_free(bss);
-}
-
-
-				const char *passphrase)
-{
-	struct wlantest_pmk *pmk;
-
-	pmk = os_zalloc(sizeof(*pmk));
-	if (pmk == NULL)
-		return -1;
-	if (pbkdf2_sha1(passphrase, (char *) bss->ssid, bss->ssid_len, 4096,
-			pmk->pmk, sizeof(pmk->pmk)) < 0) {
-		os_free(pmk);
-		return -1;
-	}
-
-	wpa_printf(MSG_INFO, "Add possible PMK for BSSID " MACSTR
-		   " based on passphrase '%s'",
-		   MAC2STR(bss->bssid), passphrase);
-	wpa_hexdump(MSG_DEBUG, "Possible PMK", pmk->pmk, sizeof(pmk->pmk));
-
-	return 0;
-}
-
-
-static void bss_add_pmk(struct wlantest *wt, struct wlantest_bss *bss)
-{
-	struct wlantest_passphrase *p;
-
-	dl_list_for_each(p, &wt->passphrase, struct wlantest_passphrase, list)
-	{
-		    os_memcmp(p->bssid, bss->bssid, ETH_ALEN) != 0)
-			continue;
-		if (p->ssid_len &&
-		    (p->ssid_len != bss->ssid_len ||
-		     os_memcmp(p->ssid, bss->ssid, p->ssid_len) != 0))
-			continue;
-
-		if (bss_add_pmk_from_passphrase(bss, p->passphrase) < 0)
-			break;
-	}
-}
-
-
-void bss_update(struct wlantest *wt, struct wlantest_bss *bss,
-		struct ieee802_11_elems *elems)
-{
-	struct wpa_ie_data data;
-	int update = 0;
-
-	if (bss->capab_info != bss->prev_capab_info)
-		update = 1;
-
-	if (elems->ssid == NULL || elems->ssid_len > 32) {
-		wpa_printf(MSG_INFO, "Invalid or missing SSID in a Beacon "
-			   "frame for " MACSTR, MAC2STR(bss->bssid));
-		bss->parse_error_reported = 1;
-		return;
-	}
-
-	if (bss->ssid_len != elems->ssid_len ||
-	    os_memcmp(bss->ssid, elems->ssid, bss->ssid_len) != 0) {
-		wpa_printf(MSG_DEBUG, "Store SSID '%s' for BSSID " MACSTR,
-			   wpa_ssid_txt(elems->ssid, elems->ssid_len),
-			   MAC2STR(bss->bssid));
-		os_memcpy(bss->ssid, elems->ssid, elems->ssid_len);
-		bss->ssid_len = elems->ssid_len;
-	}
-
-
-	if (elems->rsn_ie == NULL) {
-		if (bss->rsnie[0]) {
-			wpa_printf(MSG_INFO, "BSS " MACSTR " - RSN IE removed",
-				   MAC2STR(bss->bssid));
-			bss->rsnie[0] = 0;
-			update = 1;
-		}
-	} else {
-		if (bss->rsnie[0] == 0 ||
-		    os_memcmp(bss->rsnie, elems->rsn_ie - 2,
-			      elems->rsn_ie_len + 2) != 0) {
-			wpa_printf(MSG_INFO, "BSS " MACSTR " - RSN IE "
-				   "stored", MAC2STR(bss->bssid));
-			wpa_hexdump(MSG_DEBUG, "RSN IE", elems->rsn_ie - 2,
-				    elems->rsn_ie_len + 2);
-			update = 1;
-		}
-		os_memcpy(bss->rsnie, elems->rsn_ie - 2,
-			  elems->rsn_ie_len + 2);
-	}
-
-	if (elems->wpa_ie == NULL) {
-		if (bss->wpaie[0]) {
-			wpa_printf(MSG_INFO, "BSS " MACSTR " - WPA IE removed",
-				   MAC2STR(bss->bssid));
-			bss->wpaie[0] = 0;
-			update = 1;
-		}
-	} else {
-		if (bss->wpaie[0] == 0 ||
-		    os_memcmp(bss->wpaie, elems->wpa_ie - 2,
-			      elems->wpa_ie_len + 2) != 0) {
-			wpa_printf(MSG_INFO, "BSS " MACSTR " - WPA IE "
-				   "stored", MAC2STR(bss->bssid));
-			wpa_hexdump(MSG_DEBUG, "WPA IE", elems->wpa_ie - 2,
-				    elems->wpa_ie_len + 2);
-			update = 1;
-		}
-		os_memcpy(bss->wpaie, elems->wpa_ie - 2,
-			  elems->wpa_ie_len + 2);
-	}
-
-	if (!update)
-		return;
-
-	bss->prev_capab_info = bss->capab_info;
-	bss->proto = 0;
-	bss->pairwise_cipher = 0;
-	bss->group_cipher = 0;
-	bss->key_mgmt = 0;
-	bss->rsn_capab = 0;
-	bss->mgmt_group_cipher = 0;
-
-	if (bss->wpaie[0]) {
-		if (wpa_parse_wpa_ie_wpa(bss->wpaie, 2 + bss->wpaie[1], &data)
-		    < 0) {
-			wpa_printf(MSG_INFO, "Failed to parse WPA IE from "
-				   MACSTR, MAC2STR(bss->bssid));
-		} else {
-			bss->proto |= data.proto;
-			bss->pairwise_cipher |= data.pairwise_cipher;
-			bss->group_cipher |= data.group_cipher;
-			bss->key_mgmt |= data.key_mgmt;
-			bss->rsn_capab = data.capabilities;
-			bss->mgmt_group_cipher |= data.mgmt_group_cipher;
-		}
-	}
-
-	if (bss->rsnie[0]) {
-		if (wpa_parse_wpa_ie_rsn(bss->rsnie, 2 + bss->rsnie[1], &data)
-		    < 0) {
-			wpa_printf(MSG_INFO, "Failed to parse RSN IE from "
-				   MACSTR, MAC2STR(bss->bssid));
-		} else {
-			bss->proto |= data.proto;
-			bss->pairwise_cipher |= data.pairwise_cipher;
-			bss->group_cipher |= data.group_cipher;
-			bss->key_mgmt |= data.key_mgmt;
-			bss->rsn_capab = data.capabilities;
-			bss->mgmt_group_cipher |= data.mgmt_group_cipher;
-		}
-	}
-
-	if (!(bss->proto & WPA_PROTO_RSN) ||
-	    !(bss->rsn_capab & WPA_CAPABILITY_MFPC))
-		bss->mgmt_group_cipher = 0;
-
-	if (!bss->wpaie[0] && !bss->rsnie[0] &&
-	    (bss->capab_info & WLAN_CAPABILITY_PRIVACY))
-		bss->group_cipher = WPA_CIPHER_WEP40;
-
-	wpa_printf(MSG_INFO, "BSS " MACSTR
-		   " proto=%s%s%s"
-		   "pairwise=%s%s%s%s"
-		   "group=%s%s%s%s%s%s"
-		   "mgmt_group_cipher=%s"
-		   "key_mgmt=%s%s%s%s%s%s%s%s"
-		   "rsn_capab=%s%s%s%s%s",
-		   MAC2STR(bss->bssid),
-		   bss->proto == 0 ? "OPEN " : "",
-		   bss->proto & WPA_PROTO_WPA ? "WPA " : "",
-		   bss->proto & WPA_PROTO_RSN ? "WPA2 " : "",
-		   bss->pairwise_cipher == 0 ? "N/A " : "",
-		   bss->pairwise_cipher & WPA_CIPHER_NONE ? "NONE " : "",
-		   bss->pairwise_cipher & WPA_CIPHER_TKIP ? "TKIP " : "",
-		   bss->pairwise_cipher & WPA_CIPHER_CCMP ? "CCMP " : "",
-		   bss->group_cipher == 0 ? "N/A " : "",
-		   bss->group_cipher & WPA_CIPHER_NONE ? "NONE " : "",
-		   bss->group_cipher & WPA_CIPHER_WEP40 ? "WEP40 " : "",
-		   bss->group_cipher & WPA_CIPHER_WEP104 ? "WEP104 " : "",
-		   bss->group_cipher & WPA_CIPHER_TKIP ? "TKIP " : "",
-		   bss->group_cipher & WPA_CIPHER_CCMP ? "CCMP " : "",
-		   bss->mgmt_group_cipher & WPA_CIPHER_AES_128_CMAC ? "BIP " :
-		   "N/A ",
-		   bss->key_mgmt == 0 ? "N/A " : "",
-		   bss->key_mgmt & WPA_KEY_MGMT_IEEE8021X ? "EAP " : "",
-		   bss->key_mgmt & WPA_KEY_MGMT_PSK ? "PSK " : "",
-		   bss->key_mgmt & WPA_KEY_MGMT_WPA_NONE ? "WPA-NONE " : "",
-		   bss->key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X ? "FT-EAP " : "",
-		   bss->key_mgmt & WPA_KEY_MGMT_FT_PSK ? "FT-PSK " : "",
-		   bss->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256 ?
-		   "EAP-SHA256 " : "",
-		   bss->key_mgmt & WPA_KEY_MGMT_PSK_SHA256 ?
-		   "PSK-SHA256 " : "",
-		   bss->rsn_capab & WPA_CAPABILITY_PREAUTH ? "PREAUTH " : "",
-		   bss->rsn_capab & WPA_CAPABILITY_NO_PAIRWISE ?
-		   "NO_PAIRWISE " : "",
-		   bss->rsn_capab & WPA_CAPABILITY_MFPR ? "MFPR " : "",
-		   bss->rsn_capab & WPA_CAPABILITY_MFPC ? "MFPC " : "",
-		   bss->rsn_capab & WPA_CAPABILITY_PEERKEY_ENABLED ?
-		   "PEERKEY " : "");
-}
-
-
-void bss_flush(struct wlantest *wt)
-{
-	struct wlantest_bss *bss, *n;
-	dl_list_for_each_safe(bss, n, &wt->bss, struct wlantest_bss, list)
-		bss_deinit(bss);
-}

diff --git a/wlantest/ccmp.c b/wlantest/ccmp.c
deleted file mode 100644
index 6292ee0..0000000
--- a/wlantest/ccmp.c
+++ /dev/null

@@ -1,349 +0,0 @@
-/*
- * CTR with CBC-MAC Protocol (CCMP)
- * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
- *
- * See README for more details.
- */
-
-#include "utils/includes.h"
-
-#include "utils/common.h"
-#include "common/ieee802_11_defs.h"
-#include "crypto/aes.h"
-#include "wlantest.h"
-
-
-static void ccmp_aad_nonce(const struct ieee80211_hdr *hdr, const u8 *data,
-{
-	u16 fc, stype, seq;
-	int qos = 0, addr4 = 0;
-	u8 *pos;
-
-	nonce[0] = 0;
-
-	fc = le_to_host16(hdr->frame_control);
-	stype = WLAN_FC_GET_STYPE(fc);
-	if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
-	    (WLAN_FC_TODS | WLAN_FC_FROMDS))
-
-	if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_DATA) {
-		fc &= ~0x0070; /* Mask subtype bits */
-		if (stype & 0x08) {
-			const u8 *qc;
-			qos = 1;
-			fc &= ~WLAN_FC_ORDER;
-			qc = (const u8 *) (hdr + 1);
-				qc += ETH_ALEN;
-			nonce[0] = qc[0] & 0x0f;
-		}
-	} else if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT)
-		nonce[0] |= 0x10; /* Management */
-
-	fc &= ~(WLAN_FC_RETRY | WLAN_FC_PWRMGT | WLAN_FC_MOREDATA);
-	fc |= WLAN_FC_ISWEP;
-	pos = aad + 2;
-	os_memcpy(pos, hdr->addr1, 3 * ETH_ALEN);
-	pos += 3 * ETH_ALEN;
-	seq = le_to_host16(hdr->seq_ctrl);
-	seq &= ~0xfff0; /* Mask Seq#; do not modify Frag# */
-	WPA_PUT_LE16(pos, seq);
-	pos += 2;
-
-	os_memcpy(pos, hdr + 1, addr4 * ETH_ALEN + qos * 2);
-	pos += addr4 * ETH_ALEN;
-	if (qos) {
-		pos[0] &= ~0x70;
-		if (1 /* FIX: either device has SPP A-MSDU Capab = 0 */)
-			pos[0] &= ~0x80;
-		pos++;
-		*pos++ = 0x00;
-	}
-
-
-	os_memcpy(nonce + 1, hdr->addr2, ETH_ALEN);
-	nonce[7] = data[7]; /* PN5 */
-	nonce[8] = data[6]; /* PN4 */
-	nonce[9] = data[5]; /* PN3 */
-	nonce[10] = data[4]; /* PN2 */
-	nonce[11] = data[1]; /* PN1 */
-	nonce[12] = data[0]; /* PN0 */
-}
-
-
-static void xor_aes_block(u8 *dst, const u8 *src)
-{
-	u32 *d = (u32 *) dst;
-	u32 *s = (u32 *) src;
-	*d++ ^= *s++;
-	*d++ ^= *s++;
-	*d++ ^= *s++;
-	*d++ ^= *s++;
-}
-
-
-u8 * ccmp_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
-		  const u8 *data, size_t data_len, size_t *decrypted_len)
-{
-	u8 aad[2 + 30], nonce[13];
-	u8 b[AES_BLOCK_SIZE], x[AES_BLOCK_SIZE], a[AES_BLOCK_SIZE];
-	void *aes;
-	const u8 *m, *mpos, *mic;
-	size_t mlen, last;
-	int i;
-	u8 *plain, *ppos;
-	u8 t[8];
-
-	if (data_len < 8 + 8)
-		return NULL;
-
-	plain = os_malloc(data_len + AES_BLOCK_SIZE);
-	if (plain == NULL)
-		return NULL;
-
-	aes = aes_encrypt_init(tk, 16);
-	if (aes == NULL) {
-		os_free(plain);
-		return NULL;
-	}
-
-	m = data + 8;
-	mlen = data_len - 8 - 8;
-	last = mlen % AES_BLOCK_SIZE;
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP nonce", nonce, 13);
-
-	/* CCM: M=8 L=2, Adata=1, M' = (M-2)/2 = 3, L' = L-1 = 1 */
-
-	/* A_i = Flags | Nonce N | Counter i */
-	a[0] = 0x01; /* Flags = L' */
-	os_memcpy(&a[1], nonce, 13);
-
-	/* Decryption */
-
-	mic = data + data_len - 8;
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP U", mic, 8);
-	/* U = T XOR S_0; S_0 = E(K, A_0) */
-	WPA_PUT_BE16(&a[14], 0);
-	aes_encrypt(aes, a, x);
-	for (i = 0; i < 8; i++)
-		t[i] = mic[i] ^ x[i];
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP T", t, 8);
-
-	/* plaintext = msg XOR (S_1 | S_2 | ... | S_n) */
-	ppos = plain;
-	mpos = m;
-	for (i = 1; i <= mlen / AES_BLOCK_SIZE; i++) {
-		WPA_PUT_BE16(&a[14], i);
-		/* S_i = E(K, A_i) */
-		aes_encrypt(aes, a, ppos);
-		xor_aes_block(ppos, mpos);
-		ppos += AES_BLOCK_SIZE;
-		mpos += AES_BLOCK_SIZE;
-	}
-	if (last) {
-		WPA_PUT_BE16(&a[14], i);
-		aes_encrypt(aes, a, ppos);
-		/* XOR zero-padded last block */
-		for (i = 0; i < last; i++)
-			*ppos++ ^= *mpos++;
-	}
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP decrypted", plain, mlen);
-
-	/* Authentication */
-	/* B_0: Flags | Nonce N | l(m) */
-	b[0] = 0x40 /* Adata */ | (3 /* M' */ << 3) | 1 /* L' */;
-	os_memcpy(&b[1], nonce, 13);
-	WPA_PUT_BE16(&b[14], mlen);
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP B_0", b, AES_BLOCK_SIZE);
-	aes_encrypt(aes, b, x); /* X_1 = E(K, B_0) */
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP B_1", aad, AES_BLOCK_SIZE);
-	aes_encrypt(aes, aad, x); /* X_2 = E(K, X_1 XOR B_1) */
-
-		    AES_BLOCK_SIZE);
-	aes_encrypt(aes, &aad[AES_BLOCK_SIZE], x); /* X_3 = E(K, X_2 XOR B_2)
-						    */
-
-	ppos = plain;
-	for (i = 0; i < mlen / AES_BLOCK_SIZE; i++) {
-		/* X_i+1 = E(K, X_i XOR B_i) */
-		xor_aes_block(x, ppos);
-		ppos += AES_BLOCK_SIZE;
-		aes_encrypt(aes, x, x);
-	}
-	if (last) {
-		/* XOR zero-padded last block */
-		for (i = 0; i < last; i++)
-			x[i] ^= *ppos++;
-		aes_encrypt(aes, x, x);
-	}
-
-	aes_encrypt_deinit(aes);
-
-	if (os_memcmp(x, t, 8) != 0) {
-		u16 seq_ctrl = le_to_host16(hdr->seq_ctrl);
-		wpa_printf(MSG_INFO, "Invalid CCMP MIC in frame: A1=" MACSTR
-			   " A2=" MACSTR " A3=" MACSTR " seq=%u frag=%u",
-			   WLAN_GET_SEQ_SEQ(seq_ctrl),
-			   WLAN_GET_SEQ_FRAG(seq_ctrl));
-		wpa_hexdump(MSG_DEBUG, "CCMP decrypted", plain, mlen);
-		os_free(plain);
-		return NULL;
-	}
-
-	*decrypted_len = mlen;
-	return plain;
-}
-
-
-void ccmp_get_pn(u8 *pn, const u8 *data)
-{
-	pn[0] = data[7]; /* PN5 */
-	pn[1] = data[6]; /* PN4 */
-	pn[2] = data[5]; /* PN3 */
-	pn[3] = data[4]; /* PN2 */
-	pn[4] = data[1]; /* PN1 */
-	pn[5] = data[0]; /* PN0 */
-}
-
-
-u8 * ccmp_encrypt(const u8 *tk, u8 *frame, size_t len, size_t hdrlen, u8 *qos,
-		  u8 *pn, int keyid, size_t *encrypted_len)
-{
-	u8 aad[2 + 30], nonce[13];
-	u8 b[AES_BLOCK_SIZE], x[AES_BLOCK_SIZE], a[AES_BLOCK_SIZE];
-	void *aes;
-	u8 *crypt, *pos, *ppos, *mpos;
-	size_t plen, last;
-	struct ieee80211_hdr *hdr;
-	int i;
-
-	if (len < hdrlen || hdrlen < 24)
-		return NULL;
-	plen = len - hdrlen;
-	last = plen % AES_BLOCK_SIZE;
-
-	crypt = os_malloc(hdrlen + 8 + plen + 8 + AES_BLOCK_SIZE);
-	if (crypt == NULL)
-		return NULL;
-
-	os_memcpy(crypt, frame, hdrlen);
-	hdr = (struct ieee80211_hdr *) crypt;
-	hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP);
-	pos = crypt + hdrlen;
-	*pos++ = pn[5]; /* PN0 */
-	*pos++ = pn[4]; /* PN1 */
-	*pos++ = 0x00; /* Rsvd */
-	*pos++ = 0x20 | (keyid << 6);
-	*pos++ = pn[3]; /* PN2 */
-	*pos++ = pn[2]; /* PN3 */
-	*pos++ = pn[1]; /* PN4 */
-	*pos++ = pn[0]; /* PN5 */
-
-	aes = aes_encrypt_init(tk, 16);
-	if (aes == NULL) {
-		os_free(crypt);
-		return NULL;
-	}
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP nonce", nonce, 13);
-
-	/* Authentication */
-	/* B_0: Flags | Nonce N | l(m) */
-	b[0] = 0x40 /* Adata */ | (3 /* M' */ << 3) | 1 /* L' */;
-	os_memcpy(&b[1], nonce, 13);
-	WPA_PUT_BE16(&b[14], plen);
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP B_0", b, AES_BLOCK_SIZE);
-	aes_encrypt(aes, b, x); /* X_1 = E(K, B_0) */
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP B_1", aad, AES_BLOCK_SIZE);
-	aes_encrypt(aes, aad, x); /* X_2 = E(K, X_1 XOR B_1) */
-
-		    AES_BLOCK_SIZE);
-	aes_encrypt(aes, &aad[AES_BLOCK_SIZE], x); /* X_3 = E(K, X_2 XOR B_2)
-						    */
-
-	ppos = frame + hdrlen;
-	for (i = 0; i < plen / AES_BLOCK_SIZE; i++) {
-		/* X_i+1 = E(K, X_i XOR B_i) */
-		xor_aes_block(x, ppos);
-		ppos += AES_BLOCK_SIZE;
-		aes_encrypt(aes, x, x);
-	}
-	if (last) {
-		/* XOR zero-padded last block */
-		for (i = 0; i < last; i++)
-			x[i] ^= *ppos++;
-		aes_encrypt(aes, x, x);
-	}
-
-	/* Encryption */
-
-	/* CCM: M=8 L=2, Adata=1, M' = (M-2)/2 = 3, L' = L-1 = 1 */
-
-	/* A_i = Flags | Nonce N | Counter i */
-	a[0] = 0x01; /* Flags = L' */
-	os_memcpy(&a[1], nonce, 13);
-
-	ppos = crypt + hdrlen + 8;
-
-	/* crypt = msg XOR (S_1 | S_2 | ... | S_n) */
-	mpos = frame + hdrlen;
-	for (i = 1; i <= plen / AES_BLOCK_SIZE; i++) {
-		WPA_PUT_BE16(&a[14], i);
-		/* S_i = E(K, A_i) */
-		aes_encrypt(aes, a, ppos);
-		xor_aes_block(ppos, mpos);
-		ppos += AES_BLOCK_SIZE;
-		mpos += AES_BLOCK_SIZE;
-	}
-	if (last) {
-		WPA_PUT_BE16(&a[14], i);
-		aes_encrypt(aes, a, ppos);
-		/* XOR zero-padded last block */
-		for (i = 0; i < last; i++)
-			*ppos++ ^= *mpos++;
-	}
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP T", x, 8);
-	/* U = T XOR S_0; S_0 = E(K, A_0) */
-	WPA_PUT_BE16(&a[14], 0);
-	aes_encrypt(aes, a, b);
-	for (i = 0; i < 8; i++)
-		ppos[i] = x[i] ^ b[i];
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP U", ppos, 8);
-
-	wpa_hexdump(MSG_EXCESSIVE, "CCMP encrypted", crypt + hdrlen + 8, plen);
-
-	aes_encrypt_deinit(aes);
-
-	*encrypted_len = hdrlen + 8 + plen + 8;
-
-	return crypt;
-}

diff --git a/wlantest/crc32.c b/wlantest/crc32.c
deleted file mode 100644
--- a/wlantest/crc32.c
+++ /dev/null

@@ -1,84 +0,0 @@
-/*
- * 32-bit CRC for FCS calculation
- * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
- *
- * See README for more details.
- */
-
-#include "utils/includes.h"
-
-#include "utils/common.h"
-
-/*
- * IEEE 802.11 FCS CRC32
- * G(x) = x^32 + x^26 + x^23 + x^22 + x^16 + x^12 + x^11 + x^10 + x^8 + x^7 +
- *        x^5 + x^4 + x^2 + x + 1
- */
-static const u32 crc32_table[256] = {
-	0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419,
-	0x706af48f, 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4,
-	0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07,
-	0x90bf1d91, 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de,
-	0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
-	0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4,
-	0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,
-	0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3,
-	0x45df5c75, 0xdcd60dcf, 0xabd13d59, 0x26d930ac, 0x51de003a,
-	0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599,
-	0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
-	0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190,
-	0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f,
-	0x9fbfe4a5, 0xe8b8d433, 0x7807c9a2, 0x0f00f934, 0x9609a88e,
-	0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01,
-	0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed,
-	0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
-	0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3,
-	0xfbd44c65, 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2,
-	0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a,
-	0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5,
-	0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, 0xbe0b1010,
-	0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
-	0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17,
-	0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6,
-	0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615,
-	0x73dc1683, 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8,
-	0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, 0xf00f9344,
-	0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
-	0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a,
-	0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5,
-	0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1,
-	0xa6bc5767, 0x3fb506dd, 0x48b2364b, 0xd80d2bda, 0xaf0a1b4c,
-	0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef,
-	0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
-	0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe,
-	0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31,
-	0x2cd99e8b, 0x5bdeae1d, 0x9b64c2b0, 0xec63f226, 0x756aa39c,
-	0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713,
-	0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b,
-	0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
-	0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1,
-	0x18b74777, 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c,
-	0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, 0xa00ae278,
-	0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7,
-	0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, 0x40df0b66,
-	0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
-	0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605,
-	0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8,
-	0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b,
-	0x2d02ef8d
-};
-
-
-u32 crc32(const u8 *frame, size_t frame_len)
-{
-	size_t i;
-	u32 crc;
-
-	crc = 0xFFFFFFFF;
-	for (i = 0; i < frame_len; i++)
-		crc = crc32_table[(crc ^ frame[i]) & 0xff] ^ (crc >> 8);
-
-	return ~crc;
-}

diff --git a/wlantest/ctrl.c b/wlantest/ctrl.c
deleted file mode 100644
index bed5d6c..0000000
--- a/wlantest/ctrl.c
+++ /dev/null

@@ -1,1364 +0,0 @@
-/*
- * wlantest control interface
- * Copyright (c) 2010, Jouni Malinen <j@w1.fi>
- *
- * See README for more details.
- */
-
-#include "utils/includes.h"
-#include <sys/un.h>
-
-#include "utils/common.h"
-#include "utils/eloop.h"
-#include "common/defs.h"
-#include "common/version.h"
-#include "common/ieee802_11_defs.h"
-#include "wlantest.h"
-#include "wlantest_ctrl.h"
-
-
-static u8 * attr_get(u8 *buf, size_t buflen, enum wlantest_ctrl_attr attr,
-		     size_t *len)
-{
-	u8 *pos = buf;
-
-	while (pos + 8 <= buf + buflen) {
-		enum wlantest_ctrl_attr a;
-		size_t alen;
-		a = WPA_GET_BE32(pos);
-		pos += 4;
-		alen = WPA_GET_BE32(pos);
-		pos += 4;
-		if (pos + alen > buf + buflen) {
-			wpa_printf(MSG_DEBUG, "Invalid control message "
-				   "attribute");
-			return NULL;
-		}
-		if (a == attr) {
-			*len = alen;
-			return pos;
-		}
-		pos += alen;
-	}
-
-	return NULL;
-}
-
-
-static u8 * attr_get_macaddr(u8 *buf, size_t buflen,
-			     enum wlantest_ctrl_attr attr)
-{
-}
-
-
-static int attr_get_int(u8 *buf, size_t buflen, enum wlantest_ctrl_attr attr)
-{
-	u8 *pos;
-	size_t len;
-	pos = attr_get(buf, buflen, attr, &len);
-	if (pos == NULL || len != 4)
-		return -1;
-	return WPA_GET_BE32(pos);
-}
-
-
-static u8 * attr_add_str(u8 *pos, u8 *end, enum wlantest_ctrl_attr attr,
-			 const char *str)
-{
-	size_t len = os_strlen(str);
-
-	if (pos == NULL || end - pos < 8 + len)
-		return NULL;
-	WPA_PUT_BE32(pos, attr);
-	pos += 4;
-	WPA_PUT_BE32(pos, len);
-	pos += 4;
-	os_memcpy(pos, str, len);
-	pos += len;
-	return pos;
-}
-
-
-static u8 * attr_add_be32(u8 *pos, u8 *end, enum wlantest_ctrl_attr attr,
-			  u32 val)
-{
-	if (pos == NULL || end - pos < 12)
-		return NULL;
-	WPA_PUT_BE32(pos, attr);
-	pos += 4;
-	WPA_PUT_BE32(pos, 4);
-	pos += 4;
-	WPA_PUT_BE32(pos, val);
-	pos += 4;
-	return pos;
-}
-
-
-static void ctrl_disconnect(struct wlantest *wt, int sock)
-{
-	int i;
-	wpa_printf(MSG_DEBUG, "Disconnect control interface connection %d",
-		   sock);
-	for (i = 0; i < MAX_CTRL_CONNECTIONS; i++) {
-		if (wt->ctrl_socks[i] == sock) {
-			close(wt->ctrl_socks[i]);
-			wt->ctrl_socks[i] = -1;
-			break;
-		}
-	}
-}
-
-
-static void ctrl_send(struct wlantest *wt, int sock, const u8 *buf,
-		      size_t len)
-{
-	if (send(sock, buf, len, 0) < 0) {
-		wpa_printf(MSG_INFO, "send(ctrl): %s", strerror(errno));
-		ctrl_disconnect(wt, sock);
-	}
-}
-
-
-static void ctrl_send_simple(struct wlantest *wt, int sock,
-			     enum wlantest_ctrl_cmd cmd)
-{
-	u8 buf[4];
-	WPA_PUT_BE32(buf, cmd);
-	ctrl_send(wt, sock, buf, sizeof(buf));
-}
-
-
-static struct wlantest_bss * ctrl_get_bss(struct wlantest *wt, int sock,
-					  u8 *cmd, size_t clen)
-{
-	struct wlantest_bss *bss;
-	u8 *pos;
-	size_t len;
-
-	pos = attr_get(cmd, clen, WLANTEST_ATTR_BSSID, &len);
-	if (pos == NULL || len != ETH_ALEN) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return NULL;
-	}
-
-	bss = bss_find(wt, pos);
-	if (bss == NULL) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return NULL;
-	}
-
-	return bss;
-}
-
-
-static struct wlantest_sta * ctrl_get_sta(struct wlantest *wt, int sock,
-					  u8 *cmd, size_t clen,
-					  struct wlantest_bss *bss)
-{
-	struct wlantest_sta *sta;
-	u8 *pos;
-	size_t len;
-
-	if (bss == NULL)
-		return NULL;
-
-	pos = attr_get(cmd, clen, WLANTEST_ATTR_STA_ADDR, &len);
-	if (pos == NULL || len != ETH_ALEN) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return NULL;
-	}
-
-	sta = sta_find(bss, pos);
-	if (sta == NULL) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return NULL;
-	}
-
-	return sta;
-}
-
-
-static struct wlantest_sta * ctrl_get_sta2(struct wlantest *wt, int sock,
-					   u8 *cmd, size_t clen,
-					   struct wlantest_bss *bss)
-{
-	struct wlantest_sta *sta;
-	u8 *pos;
-	size_t len;
-
-	if (bss == NULL)
-		return NULL;
-
-	pos = attr_get(cmd, clen, WLANTEST_ATTR_STA2_ADDR, &len);
-	if (pos == NULL || len != ETH_ALEN) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return NULL;
-	}
-
-	sta = sta_find(bss, pos);
-	if (sta == NULL) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return NULL;
-	}
-
-	return sta;
-}
-
-
-static void ctrl_list_bss(struct wlantest *wt, int sock)
-{
-	u8 buf[WLANTEST_CTRL_MAX_RESP_LEN], *pos, *len;
-	struct wlantest_bss *bss;
-
-	pos = buf;
-	WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
-	pos += 4;
-	WPA_PUT_BE32(pos, WLANTEST_ATTR_BSSID);
-	pos += 4;
-	len = pos; /* to be filled */
-	pos += 4;
-
-	dl_list_for_each(bss, &wt->bss, struct wlantest_bss, list) {
-		if (pos + ETH_ALEN > buf + WLANTEST_CTRL_MAX_RESP_LEN)
-			break;
-		os_memcpy(pos, bss->bssid, ETH_ALEN);
-		pos += ETH_ALEN;
-	}
-
-	WPA_PUT_BE32(len, pos - len - 4);
-	ctrl_send(wt, sock, buf, pos - buf);
-}
-
-
-static void ctrl_list_sta(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
-{
-	u8 buf[WLANTEST_CTRL_MAX_RESP_LEN], *pos, *len;
-	struct wlantest_bss *bss;
-	struct wlantest_sta *sta;
-
-	bss = ctrl_get_bss(wt, sock, cmd, clen);
-	if (bss == NULL)
-		return;
-
-	pos = buf;
-	WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
-	pos += 4;
-	pos += 4;
-	len = pos; /* to be filled */
-	pos += 4;
-
-	dl_list_for_each(sta, &bss->sta, struct wlantest_sta, list) {
-		if (pos + ETH_ALEN > buf + WLANTEST_CTRL_MAX_RESP_LEN)
-			break;
-		pos += ETH_ALEN;
-	}
-
-	WPA_PUT_BE32(len, pos - len - 4);
-	ctrl_send(wt, sock, buf, pos - buf);
-}
-
-
-static void ctrl_flush(struct wlantest *wt, int sock)
-{
-	wpa_printf(MSG_DEBUG, "Drop all collected BSS data");
-	bss_flush(wt);
-	ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
-}
-
-
-static void ctrl_clear_sta_counters(struct wlantest *wt, int sock, u8 *cmd,
-				    size_t clen)
-{
-	struct wlantest_bss *bss;
-	struct wlantest_sta *sta;
-
-	bss = ctrl_get_bss(wt, sock, cmd, clen);
-	sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
-	if (sta == NULL) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return;
-	}
-
-	os_memset(sta->counters, 0, sizeof(sta->counters));
-	ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
-}
-
-
-static void ctrl_clear_bss_counters(struct wlantest *wt, int sock, u8 *cmd,
-				    size_t clen)
-{
-	struct wlantest_bss *bss;
-
-	bss = ctrl_get_bss(wt, sock, cmd, clen);
-	if (bss == NULL) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return;
-	}
-
-	os_memset(bss->counters, 0, sizeof(bss->counters));
-	ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
-}
-
-
-static void ctrl_clear_tdls_counters(struct wlantest *wt, int sock, u8 *cmd,
-				     size_t clen)
-{
-	struct wlantest_bss *bss;
-	struct wlantest_sta *sta;
-	struct wlantest_sta *sta2;
-	struct wlantest_tdls *tdls;
-
-	bss = ctrl_get_bss(wt, sock, cmd, clen);
-	sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
-	sta2 = ctrl_get_sta2(wt, sock, cmd, clen, bss);
-	if (sta == NULL || sta2 == NULL) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return;
-	}
-
-	dl_list_for_each(tdls, &bss->tdls, struct wlantest_tdls, list) {
-		if ((tdls->init == sta && tdls->resp == sta2) ||
-		    (tdls->init == sta2 && tdls->resp == sta))
-			os_memset(tdls->counters, 0, sizeof(tdls->counters));
-	}
-	ctrl_send_simple(wt, sock, WLANTEST_CTRL_SUCCESS);
-}
-
-
-static void ctrl_get_sta_counter(struct wlantest *wt, int sock, u8 *cmd,
-				 size_t clen)
-{
-	struct wlantest_bss *bss;
-	struct wlantest_sta *sta;
-	u32 counter;
-	u8 buf[4 + 12], *end, *pos;
-
-	bss = ctrl_get_bss(wt, sock, cmd, clen);
-	sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
-	if (sta == NULL)
-		return;
-
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return;
-	}
-	if (counter >= NUM_WLANTEST_STA_COUNTER) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return;
-	}
-
-	pos = buf;
-	end = buf + sizeof(buf);
-	WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
-	pos += 4;
-	pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
-			    sta->counters[counter]);
-	ctrl_send(wt, sock, buf, pos - buf);
-}
-
-
-static void ctrl_get_bss_counter(struct wlantest *wt, int sock, u8 *cmd,
-				 size_t clen)
-{
-	struct wlantest_bss *bss;
-	u32 counter;
-	u8 buf[4 + 12], *end, *pos;
-
-	bss = ctrl_get_bss(wt, sock, cmd, clen);
-	if (bss == NULL)
-		return;
-
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return;
-	}
-	if (counter >= NUM_WLANTEST_BSS_COUNTER) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return;
-	}
-
-	pos = buf;
-	end = buf + sizeof(buf);
-	WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
-	pos += 4;
-	pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
-			    bss->counters[counter]);
-	ctrl_send(wt, sock, buf, pos - buf);
-}
-
-
-static void ctrl_get_tdls_counter(struct wlantest *wt, int sock, u8 *cmd,
-				  size_t clen)
-{
-	struct wlantest_bss *bss;
-	struct wlantest_sta *sta;
-	struct wlantest_sta *sta2;
-	struct wlantest_tdls *tdls;
-	u32 counter;
-	u8 buf[4 + 12], *end, *pos;
-	int found = 0;
-
-	bss = ctrl_get_bss(wt, sock, cmd, clen);
-	sta = ctrl_get_sta(wt, sock, cmd, clen, bss);
-	sta2 = ctrl_get_sta2(wt, sock, cmd, clen, bss);
-	if (sta == NULL || sta2 == NULL) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return;
-	}
-
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return;
-	}
-	if (counter >= NUM_WLANTEST_TDLS_COUNTER) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_INVALID_CMD);
-		return;
-	}
-
-	dl_list_for_each(tdls, &bss->tdls, struct wlantest_tdls, list) {
-		if (tdls->init == sta && tdls->resp == sta2) {
-			found = 1;
-			break;
-		}
-	}
-
-	if (!found) {
-		ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
-		return;
-	}
-
-	pos = buf;
-	end = buf + sizeof(buf);
-	WPA_PUT_BE32(pos, WLANTEST_CTRL_SUCCESS);
-	pos += 4;
-	pos = attr_add_be32(pos, end, WLANTEST_ATTR_COUNTER,
-			    tdls->counters[counter]);
-	ctrl_send(wt, sock, buf, pos - buf);
-}
-
-
-static void build_mgmt_hdr(struct ieee80211_mgmt *mgmt,
-			   struct wlantest_bss *bss, struct wlantest_sta *sta,
-			   int sender_ap, int stype)
-{
-	os_memset(mgmt, 0, 24);
-	mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, stype);
-	if (sender_ap) {
-		if (sta)
-		else
-			os_memset(mgmt->da, 0xff, ETH_ALEN);
-		os_memcpy(mgmt->sa, bss->bssid, ETH_ALEN);
-	} else {
-		os_memcpy(mgmt->da, bss->bssid, ETH_ALEN);
-	}
-	os_memcpy(mgmt->bssid, bss->bssid, ETH_ALEN);
-}
-
-
-static int ctrl_inject_auth(struct wlantest *wt, struct wlantest_bss *bss,
-			    struct wlantest_sta *sta, int sender_ap,
-			    enum wlantest_inject_protection prot)
-{
-	struct ieee80211_mgmt mgmt;
-
-	if (prot != WLANTEST_INJECT_NORMAL &&
-	    prot != WLANTEST_INJECT_UNPROTECTED)
-		return -1; /* Authentication frame is never protected */
-	if (sta == NULL)
-		return -1; /* No broadcast Authentication frames */
-
-	if (sender_ap)
-		wpa_printf(MSG_INFO, "INJECT: Auth " MACSTR " -> " MACSTR,
-	else
-		wpa_printf(MSG_INFO, "INJECT: Auth " MACSTR " -> " MACSTR,
-	build_mgmt_hdr(&mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_AUTH);
-
-	mgmt.u.auth.auth_alg = host_to_le16(WLAN_AUTH_OPEN);
-	mgmt.u.auth.auth_transaction = host_to_le16(1);
-	mgmt.u.auth.status_code = host_to_le16(WLAN_STATUS_SUCCESS);
-
-	return wlantest_inject(wt, bss, sta, (u8 *) &mgmt, 24 + 6,
-			       WLANTEST_INJECT_UNPROTECTED);
-}
-
-
-static int ctrl_inject_assocreq(struct wlantest *wt, struct wlantest_bss *bss,
-				struct wlantest_sta *sta, int sender_ap,
-				enum wlantest_inject_protection prot)
-{
-	u8 *buf;
-	struct ieee80211_mgmt *mgmt;
-	int ret;
-
-	if (prot != WLANTEST_INJECT_NORMAL &&
-	    prot != WLANTEST_INJECT_UNPROTECTED)
-		return -1; /* Association Request frame is never protected */
-	if (sta == NULL)
-		return -1; /* No broadcast Association Request frames */
-	if (sender_ap)
-		return -1; /* No Association Request frame sent by AP */
-	if (sta->assocreq_ies == NULL) {
-		wpa_printf(MSG_INFO, "INJECT: No previous (Re)Association "
-			   "Request available for " MACSTR,
-		return -1;
-	}
-
-	wpa_printf(MSG_INFO, "INJECT: AssocReq " MACSTR " -> " MACSTR,
-	buf = os_malloc(sizeof(*mgmt) + sta->assocreq_ies_len);
-	if (buf == NULL)
-		return -1;
-	mgmt = (struct ieee80211_mgmt *) buf;
-
-	build_mgmt_hdr(mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_ASSOC_REQ);
-
-	mgmt->u.assoc_req.capab_info = host_to_le16(sta->assocreq_capab_info);
-	mgmt->u.assoc_req.listen_interval =
-		host_to_le16(sta->assocreq_listen_int);
-	os_memcpy(mgmt->u.assoc_req.variable, sta->assocreq_ies,
-		  sta->assocreq_ies_len);
-
-	ret = wlantest_inject(wt, bss, sta, buf,
-			      24 + 4 + sta->assocreq_ies_len,
-			      WLANTEST_INJECT_UNPROTECTED);
-	os_free(buf);
-	return ret;
-}
-
-
-static int ctrl_inject_reassocreq(struct wlantest *wt,
-				  struct wlantest_bss *bss,
-				  struct wlantest_sta *sta, int sender_ap,
-				  enum wlantest_inject_protection prot)
-{
-	u8 *buf;
-	struct ieee80211_mgmt *mgmt;
-	int ret;
-
-	if (prot != WLANTEST_INJECT_NORMAL &&
-	    prot != WLANTEST_INJECT_UNPROTECTED)
-		return -1; /* Reassociation Request frame is never protected */
-	if (sta == NULL)
-		return -1; /* No broadcast Reassociation Request frames */
-	if (sender_ap)
-		return -1; /* No Reassociation Request frame sent by AP */
-	if (sta->assocreq_ies == NULL) {
-		wpa_printf(MSG_INFO, "INJECT: No previous (Re)Association "
-			   "Request available for " MACSTR,
-		return -1;
-	}
-
-	wpa_printf(MSG_INFO, "INJECT: ReassocReq " MACSTR " -> " MACSTR,
-	buf = os_malloc(sizeof(*mgmt) + sta->assocreq_ies_len);
-	if (buf == NULL)
-		return -1;
-	mgmt = (struct ieee80211_mgmt *) buf;
-
-	build_mgmt_hdr(mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_REASSOC_REQ);
-
-	mgmt->u.reassoc_req.capab_info =
-		host_to_le16(sta->assocreq_capab_info);
-	mgmt->u.reassoc_req.listen_interval =
-		host_to_le16(sta->assocreq_listen_int);
-	os_memcpy(mgmt->u.reassoc_req.current_ap, bss->bssid, ETH_ALEN);
-	os_memcpy(mgmt->u.reassoc_req.variable, sta->assocreq_ies,
-		  sta->assocreq_ies_len);
-
-	ret = wlantest_inject(wt, bss, sta, buf,
-			      24 + 10 + sta->assocreq_ies_len,
-			      WLANTEST_INJECT_UNPROTECTED);
-	os_free(buf);
-	return ret;
-}
-
-
-static int ctrl_inject_deauth(struct wlantest *wt, struct wlantest_bss *bss,
-			      struct wlantest_sta *sta, int sender_ap,
-			      enum wlantest_inject_protection prot)
-{
-	struct ieee80211_mgmt mgmt;
-
-	if (sender_ap) {
-		if (sta)
-			wpa_printf(MSG_INFO, "INJECT: Deauth " MACSTR " -> "
-				   MACSTR,
-		else
-			wpa_printf(MSG_INFO, "INJECT: Deauth " MACSTR
-	} else
-		wpa_printf(MSG_INFO, "INJECT: Deauth " MACSTR " -> " MACSTR,
-	build_mgmt_hdr(&mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_DEAUTH);
-
-	mgmt.u.deauth.reason_code = host_to_le16(WLAN_REASON_UNSPECIFIED);
-
-	return wlantest_inject(wt, bss, sta, (u8 *) &mgmt, 24 + 2, prot);
-}
-
-
-static int ctrl_inject_disassoc(struct wlantest *wt, struct wlantest_bss *bss,
-				struct wlantest_sta *sta, int sender_ap,
-				enum wlantest_inject_protection prot)
-{
-	struct ieee80211_mgmt mgmt;
-
-	if (sender_ap) {
-		if (sta)
-			wpa_printf(MSG_INFO, "INJECT: Disassoc " MACSTR " -> "
-				   MACSTR,
-		else
-			wpa_printf(MSG_INFO, "INJECT: Disassoc " MACSTR
-	} else
-		wpa_printf(MSG_INFO, "INJECT: Disassoc " MACSTR " -> " MACSTR,
-	build_mgmt_hdr(&mgmt, bss, sta, sender_ap, WLAN_FC_STYPE_DISASSOC);
-
-	mgmt.u.disassoc.reason_code = host_to_le16(WLAN_REASON_UNSPECIFIED);
-
-	return wlantest_inject(wt, bss, sta, (u8 *) &mgmt, 24 + 2, prot);
-}
-
-
-static int ctrl_inject_saqueryreq(struct wlantest *wt,
-				  struct wlantest_bss *bss,
-				  struct wlantest_sta *sta, int sender_ap,
-				  enum wlantest_inject_protection prot)
-{
-	struct ieee80211_mgmt mgmt;
-
-	if (sta == NULL)
-		return -1; /* No broadcast SA Query frames */