I will merge this with my port diff to update to 2.0 and send out a diff soon.
Mark Kettenis <[email protected]> wrote: >The recent rantings on misc@ made me look at getting this to work once >more. And this time I got it to work, sortof. The approach uses >wpa_supplicant, but since the OpenBSD net80211 stack takes care of >most of the key management (including the so-called 4-way handshake) >we only really need it to do the IEEE 802.1X EAP authentication for us >and have it insert the pairwise master key (PMK) into the net80211 >stack. To do this I wrote a very simple OpenBSD "driver" for >wpa_supplicant that implements the bare essentials. A diff against >the current wpa_supplicant git tree is attached below. It should >apply cleanly agains wpa_supplicant-2.0.tar.gz and might just work >with older releases. As my driver doesn't support scanning for APs >and configuring the interface you need to configure the interface >yourself. Since you athenticate against a specific AP, it's best to >explicitly configure the desired BSSID. You'll need to explicitly >configure 802.1x authetication. You'll end up with something like: > ># ifconfig rsu0 nwid humppa bssid 11:22:33:44:55:66 wpa wpaakms 802.1x >up > >Give it a couple of seconds to associate with the AP, and start >wpa_supplicant: > > # wpa_supplicant -i rsu0 -c /etc/wpa_supplicant.conf > >The wpa_supplicant program will print some messages about the >authenticaton process. If authentication is successful, this should >end with woething like: > >rsu0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully >rsu0: CTRL-EVENT-CONNECTED - Connection to 11:22:33:44:55:66 completed >[id=0 id_str=] > >At that point ifconfig(8) should report the link status as "active". > > >Here is my /etc/wpa_supplicant.conf. You'll probably have to tweak >the "eap" line to match whatever the network you're connecting to is >using. And obviously you'll have to change the "ssid", "identity" and >"password" lines. > ># $OpenBSD: wpa_supplicant.conf,v 1.1 2007/07/01 19:50:57 reyk Exp $ ># Sample wpa_supplicant configuration file for wired IEEE 802.1x ># port authentication. See wpa_supplicant.conf(5). > >ctrl_interface=/var/run/wpa_supplicant >ctrl_interface_group=wheel >ap_scan=0 > >network={ > ssid="humppa" > key_mgmt=WPA-EAP > eap=TTLS PEAP > identity="user" > password="password" >} > > >Here is my .config file for building wpa_supplicant: > >CONFIG_DRIVER_OPENBSD=y >CONFIG_DRIVER_WIRED=y >CONFIG_IEEE8021X_EAPOL=y >CONFIG_EAP_MD5=y >CONFIG_EAP_MSCHAPV2=y >CONFIG_EAP_TLS=y >CONFIG_EAP_PEAP=y >CONFIG_EAP_TTLS=y >CONFIG_EAP_GTC=y >CONFIG_EAP_OTP=y >CONFIG_EAP_LEAP=y >CONFIG_PKCS12=y >CONFIG_SMARTCARD=y >CONFIG_CTRL_IFACE=y >CONFIG_BACKEND=file >CONFIG_PEERKEY=y > > >And here is the diff: > >diff --git a/src/drivers/driver_openbsd.c >b/src/drivers/driver_openbsd.c >new file mode 100644 >index 0000000..e94eda0 >--- /dev/null >+++ b/src/drivers/driver_openbsd.c >@@ -0,0 +1,136 @@ >+/* >+ * Driver interaction with OpenBSD net80211 layer >+ * Copyright (c) 2013, Mark Kettenis >+ * >+ * This software may be distributed under the terms of the BSD >license. >+ * See README for more details. >+ */ >+ >+#include "includes.h" >+#include <sys/ioctl.h> >+ >+#include <net/if.h> >+#include <net80211/ieee80211.h> >+#include <net80211/ieee80211_crypto.h> >+#include <net80211/ieee80211_ioctl.h> >+ >+#include "common.h" >+#include "driver.h" >+ >+struct openbsd_driver_data { >+ char ifname[IFNAMSIZ + 1]; >+ void *ctx; >+ >+ int sock; /* open socket for 802.11 ioctls */ >+}; >+ >+ >+static int >+wpa_driver_openbsd_get_ssid(void *priv, u8 *ssid) >+{ >+ struct openbsd_driver_data *drv = priv; >+ struct ieee80211_nwid nwid; >+ struct ifreq ifr; >+ >+ os_memset(&ifr, 0, sizeof(ifr)); >+ os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); >+ ifr.ifr_data = (void *)&nwid; >+ if (ioctl(drv->sock, SIOCG80211NWID, &ifr) < 0 || >+ nwid.i_len > IEEE80211_NWID_LEN) >+ return -1; >+ >+ os_memcpy(ssid, nwid.i_nwid, nwid.i_len); >+ return nwid.i_len; >+} >+ >+static int >+wpa_driver_openbsd_get_bssid(void *priv, u8 *bssid) >+{ >+ struct openbsd_driver_data *drv = priv; >+ struct ieee80211_bssid id; >+ >+ os_strlcpy(id.i_name, drv->ifname, sizeof(id.i_name)); >+ if (ioctl(drv->sock, SIOCG80211BSSID, &id) < 0) >+ return -1; >+ >+ os_memcpy(bssid, id.i_bssid, IEEE80211_ADDR_LEN); >+ return 0; >+} >+ >+ >+static int >+wpa_driver_openbsd_get_capa(void *priv, struct wpa_driver_capa *capa) >+{ >+ os_memset(capa, 0, sizeof(*capa)); >+ capa->flags = WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; >+ return 0; >+} >+ >+ >+static int >+wpa_driver_openbsd_set_key(const char *ifname, void *priv, enum >wpa_alg alg, >+ const unsigned char *addr, int key_idx, int set_tx, const u8 >*seq, >+ size_t seq_len, const u8 *key, size_t key_len) >+{ >+ struct openbsd_driver_data *drv = priv; >+ struct ieee80211_keyavail keyavail; >+ >+ if (alg != WPA_ALG_PMK || key_len > IEEE80211_PMK_LEN) >+ return -1; >+ >+ memset(&keyavail, 0, sizeof(keyavail)); >+ os_strlcpy(keyavail.i_name, drv->ifname, sizeof(keyavail.i_name)); >+ if (wpa_driver_openbsd_get_bssid(priv, keyavail.i_macaddr) < 0) >+ return -1; >+ memcpy(keyavail.i_key, key, key_len); >+ >+ if (ioctl(drv->sock, SIOCS80211KEYAVAIL, &keyavail) < 0) >+ return -1; >+ >+ return 0; >+} >+ >+static void * >+wpa_driver_openbsd_init(void *ctx, const char *ifname) >+{ >+ struct openbsd_driver_data *drv; >+ >+ drv = os_zalloc(sizeof(*drv)); >+ if (drv == NULL) >+ return NULL; >+ >+ drv->sock = socket(PF_INET, SOCK_DGRAM, 0); >+ if (drv->sock < 0) >+ goto fail; >+ >+ drv->ctx = ctx; >+ os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); >+ >+ return drv; >+ >+fail: >+ os_free(drv); >+ return NULL; >+} >+ >+ >+static void >+wpa_driver_openbsd_deinit(void *priv) >+{ >+ struct openbsd_driver_data *drv = priv; >+ >+ close(drv->sock); >+ os_free(drv); >+} >+ >+ >+const struct wpa_driver_ops wpa_driver_openbsd_ops = { >+ .name = "openbsd", >+ .desc = "OpenBSD 802.11 support", >+ .get_ssid = wpa_driver_openbsd_get_ssid, >+ .get_bssid = wpa_driver_openbsd_get_bssid, >+ .get_capa = wpa_driver_openbsd_get_capa, >+ .set_key = wpa_driver_openbsd_set_key, >+ .init = wpa_driver_openbsd_init, >+ .deinit = wpa_driver_openbsd_deinit, >+}; >diff --git a/src/drivers/drivers.c b/src/drivers/drivers.c >index a92eddf..1d0ff6e 100644 >--- a/src/drivers/drivers.c >+++ b/src/drivers/drivers.c >@@ -24,6 +24,9 @@ extern struct wpa_driver_ops wpa_driver_madwifi_ops; >/* driver_madwifi.c */ > #ifdef CONFIG_DRIVER_BSD > extern struct wpa_driver_ops wpa_driver_bsd_ops; /* driver_bsd.c */ > #endif /* CONFIG_DRIVER_BSD */ >+#ifdef CONFIG_DRIVER_OPENBSD >+extern struct wpa_driver_ops wpa_driver_openbsd_ops; /* >driver_openbsd.c */ >+#endif /* CONFIG_DRIVER_OPENBSD */ > #ifdef CONFIG_DRIVER_NDIS > extern struct wpa_driver_ops wpa_driver_ndis_ops; /* driver_ndis.c */ > #endif /* CONFIG_DRIVER_NDIS */ >@@ -62,6 +65,9 @@ struct wpa_driver_ops *wpa_drivers[] = > #ifdef CONFIG_DRIVER_BSD > &wpa_driver_bsd_ops, > #endif /* CONFIG_DRIVER_BSD */ >+#ifdef CONFIG_DRIVER_OPENBSD >+ &wpa_driver_openbsd_ops, >+#endif /* CONFIG_DRIVER_OPENBSD */ > #ifdef CONFIG_DRIVER_NDIS > &wpa_driver_ndis_ops, > #endif /* CONFIG_DRIVER_NDIS */ >diff --git a/src/drivers/drivers.mak b/src/drivers/drivers.mak >index c7a98d3..68ff910 100644 >--- a/src/drivers/drivers.mak >+++ b/src/drivers/drivers.mak >@@ -55,6 +55,14 @@ CONFIG_L2_FREEBSD=y > CONFIG_DNET_PCAP=y > endif > >+ifdef CONFIG_DRIVER_OPENBSD >+ifndef CONFIG_L2_PACKET >+CONFIG_L2_PACKET=freebsd >+endif >+DRV_CFLAGS += -DCONFIG_DRIVER_OPENBSD >+DRV_OBJS += ../src/drivers/driver_openbsd.o >+endif >+ > ifdef CONFIG_DRIVER_TEST > DRV_CFLAGS += -DCONFIG_DRIVER_TEST > DRV_OBJS += ../src/drivers/driver_test.o >diff --git a/src/drivers/drivers.mk b/src/drivers/drivers.mk >index 23fcbb7..db8561a 100644 >--- a/src/drivers/drivers.mk >+++ b/src/drivers/drivers.mk >@@ -55,6 +55,14 @@ CONFIG_L2_FREEBSD=y > CONFIG_DNET_PCAP=y > endif > >+ifdef CONFIG_DRIVER_OPENBSD >+ifndef CONFIG_L2_PACKET >+CONFIG_L2_PACKET=freebsd >+endif >+DRV_CFLAGS += -DCONFIG_DRIVER_OPENBSD >+DRV_OBJS += src/drivers/driver_openbsd.c >+endif >+ > ifdef CONFIG_DRIVER_TEST > DRV_CFLAGS += -DCONFIG_DRIVER_TEST > DRV_OBJS += src/drivers/driver_test.c
