Please test and let me know if there are any problems.
Only in /usr/ports/security/wpa_supplicant: CVS diff -ur /usr/ports/security/wpa_supplicant/Makefile /tmp/wpa_supplicant/Makefile --- /usr/ports/security/wpa_supplicant/Makefile Sun Jan 24 18:11:20 2010 +++ /tmp/wpa_supplicant/Makefile Sun Jan 24 18:16:59 2010 @@ -2,13 +2,13 @@ COMMENT= IEEE 802.1X supplicant -DISTNAME= wpa_supplicant-0.5.8 +DISTNAME= wpa_supplicant-0.6.10 PKGNAME= ${DISTNAME}p0 CATEGORIES= security net HOMEPAGE= http://hostap.epitest.fi/wpa_supplicant/ -MAINTAINER= Reyk Floeter <r...@openbsd.org> +MAINTAINER= Jay Reffner <1cc386ea8e4...@gmail.com> # Dual BSD/GPL PERMIT_PACKAGE_CDROM= Yes @@ -21,6 +21,8 @@ USE_GMAKE= Yes NO_REGRESS= Yes + +WRKBUILD = ${WRKDIR}/${DISTNAME}/wpa_supplicant MAN5= wpa_supplicant.conf.5 MAN8= wpa_background.8 wpa_cli.8 wpa_passphrase.8 wpa_supplicant.8 diff -ur /usr/ports/security/wpa_supplicant/distinfo /tmp/wpa_supplicant/distinfo --- /usr/ports/security/wpa_supplicant/distinfo Sun Jan 24 18:11:20 2010 +++ /tmp/wpa_supplicant/distinfo Sun Jan 24 18:12:24 2010 @@ -1,5 +1,5 @@ -MD5 (wpa_supplicant-0.5.8.tar.gz) = e7IvK83u1Us/tUB9bYvJuw== -RMD160 (wpa_supplicant-0.5.8.tar.gz) = MizVy6iv/+g0O9jFdOiUH9WV260= -SHA1 (wpa_supplicant-0.5.8.tar.gz) = Q0VF+vR1gERin1dNgpOVEb6N6ws= -SHA256 (wpa_supplicant-0.5.8.tar.gz) = L5dV4uP5bSY4CFfvlb53Zebidva1MZTHBjPAJ0hdZ/A= -SIZE (wpa_supplicant-0.5.8.tar.gz) = 714467 +MD5 (wpa_supplicant-0.6.10.tar.gz) = iYWxAw11Pl90+Kz8NOWRuw== +RMD160 (wpa_supplicant-0.6.10.tar.gz) = PCtSaf0mG6aVonYgQIhYinmSwAI= +SHA1 (wpa_supplicant-0.6.10.tar.gz) = 0sk3WGB94lCo3aetyPizBNCgdM4= +SHA256 (wpa_supplicant-0.6.10.tar.gz) = rCfGnCbj9OBvuhPg3I4cftewASqVJjvPzw85voBZ8v0= +SIZE (wpa_supplicant-0.6.10.tar.gz) = 1190391 Only in /usr/ports/security/wpa_supplicant/files: CVS diff -ur /usr/ports/security/wpa_supplicant/files/wpa_supplicant.conf /tmp/wpa_supplicant/files/wpa_supplicant.conf --- /usr/ports/security/wpa_supplicant/files/wpa_supplicant.conf Sun Jan 24 18:11:20 2010 +++ /tmp/wpa_supplicant/files/wpa_supplicant.conf Sun Jan 24 18:12:24 2010 @@ -3,7 +3,7 @@ # port authentication. See wpa_supplicant.conf(5). ctrl_interface=/var/run/wpa_supplicant -ctrl_interface_group=wheel +ctrl_interface_group=_dot1x ap_scan=0 network={ @@ -12,4 +12,136 @@ identity="user" password="password" eapol_flags=0 +} + +# +#WPA-Personal (PSK) as home network and WPA-Enterprise with EAP-TLS as work +# network +# allow frontend (e.g., wpa_cli) to be used by all users in '_dot1x' group +# +ctrl_interface=/var/run/wpa_supplicant +ctrl_interface_group=_dot1x +# +# home network; allow all valid ciphers +# +network={ + ssid="home" + scan_ssid=1 + key_mgmt=WPA-PSK + psk="secret passphrase" +} + +# +# work network; use EAP-TLS with WPA; allow only CCMP and TKIP ciphers +# +network={ + ssid="work" + scan_ssid=1 + key_mgmt=WPA-EAP + pairwise=CCMP TKIP + group=CCMP TKIP + eap=TLS + identity="u...@example.com" + ca_cert="/etc/cert/ca.pem" + client_cert="/etc/cert/user.pem" + private_key="/etc/cert/user.prv" + private_key_passwd="password" +} + +# +# PEAP/RADIUS Configuration Example +# +ctrl_interface=/var/run/wpa_supplicant +ctrl_interface_group=_dot1x +network={ + ssid="example" + scan_ssid=1 + key_mgmt=WPA-EAP + eap=PEAP + identity="u...@example.com" + password="foobar" + ca_cert="/etc/cert/ca.pem" + phase1="peaplabel=0" + phase2="auth=MSCHAPV2" +} + +# +#EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for the +# unencrypted use. Real identity is sent only within an encrypted TLS tunnel. +# +ctrl_interface=/var/run/wpa_supplicant +ctrl_interface_group=_dot1x +network={ + ssid="example" + scan_ssid=1 + key_mgmt=WPA-EAP + eap=TTLS + identity="u...@example.com" + anonymous_identity="anonym...@example.com" + password="foobar" + ca_cert="/etc/cert/ca.pem" + phase2="auth=MD5" +} + +# +#IEEE 802.1X (i.e., no WPA) with dynamic WEP keys (require both unicast and +# broadcast); use EAP-TLS for authentication +# +ctrl_interface=/var/run/wpa_supplicant +ctrl_interface_group=_dot1x +network={ + ssid="1x-test" + scan_ssid=1 + key_mgmt=IEEE8021X + eap=TLS + identity="u...@example.com" + ca_cert="/etc/cert/ca.pem" + client_cert="/etc/cert/user.pem" + private_key="/etc/cert/user.prv" + private_key_passwd="password" + eapol_flags=3 +} + +# +#Catch all example that allows more or less all configuration modes. The +# configuration options are used based on what security policy is used in the +# selected SSID. This is mostly for testing and is not recommended for normal +# use. +# +ctrl_interface=/var/run/wpa_supplicant +ctrl_interface_group=_dot1x +network={ + ssid="example" + scan_ssid=1 + key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE + pairwise=CCMP TKIP + group=CCMP TKIP WEP104 WEP40 + psk="very secret passphrase" + eap=TTLS PEAP TLS + identity="u...@example.com" + password="foobar" + ca_cert="/etc/cert/ca.pem" + client_cert="/etc/cert/user.pem" + private_key="/etc/cert/user.prv" + private_key_passwd="password" + phase1="peaplabel=0" + ca_cert2="/etc/cert/ca2.pem" + client_cert2="/etc/cer/user.pem" + private_key2="/etc/cer/user.prv" + private_key2_passwd="password" +} + +# +# Authentication for wired Ethernet. This can be used with 'wired' or +# 'roboswitch' interface (-Dwired or -Droboswitch on command line). +# +ctrl_interface=/var/run/wpa_supplicant +ctrl_interface_group=_dot1x +ap_scan=0 +network={ + key_mgmt=IEEE8021X + eap=MD5 + identity="user" + password="password" + eapol_flags=0 } Only in /usr/ports/security/wpa_supplicant/patches: CVS Only in /usr/ports/security/wpa_supplicant/patches: patch-common_h Only in /usr/ports/security/wpa_supplicant/patches: patch-config Only in /usr/ports/security/wpa_supplicant/patches: patch-driver_wired_c Only in /usr/ports/security/wpa_supplicant/patches: patch-os_internal_c Only in /usr/ports/security/wpa_supplicant/patches: patch-os_unix_c Only in /tmp/wpa_supplicant/patches: patch-wpa_supplicant_Makefile Only in /tmp/wpa_supplicant/patches: patch-wpa_supplicant__config Only in /usr/ports/security/wpa_supplicant/pkg: CVS diff -ur /usr/ports/security/wpa_supplicant/pkg/DESCR /tmp/wpa_supplicant/pkg/DESCR --- /usr/ports/security/wpa_supplicant/pkg/DESCR Sun Jan 24 18:11:20 2010 +++ /tmp/wpa_supplicant/pkg/DESCR Sun Jan 24 18:18:33 2010 @@ -1,3 +1,2 @@ wpa_supplicant is the implementation of an IEEE 802.1X supplicant. -This port is for wired authentication only (Ethernet PAE) and does not -support the wireless WPA/WPA2 functionality. +This port is for wired (EAPOL) and wireless (WPA/WPS) authentication. Only in /tmp/wpa_supplicant/pkg: MESSAGE diff -ur /usr/ports/security/wpa_supplicant/pkg/PLIST /tmp/wpa_supplicant/pkg/PLIST --- /usr/ports/security/wpa_supplicant/pkg/PLIST Sun Jan 24 18:11:20 2010 +++ /tmp/wpa_supplicant/pkg/PLIST Sun Jan 24 18:12:24 2010 @@ -1,13 +1,15 @@ -...@comment $OpenBSD: PLIST,v 1.1 2007/07/01 19:50:57 reyk Exp $ +...@comment $OpenBSD$ +...@newgroup _dot1x:648 @man man/man5/wpa_supplicant.conf.5 @man man/man8/wpa_background.8 @man man/man8/wpa_cli.8 @man man/man8/wpa_passphrase.8 @man man/man8/wpa_supplicant.8 -sbin/wpa_cli -sbin/wpa_passphrase -sbin/wpa_supplicant +...@group _dot1x +...@bin sbin/wpa_cli +...@bin sbin/wpa_passphrase +...@bin sbin/wpa_priv +...@bin sbin/wpa_supplicant share/examples/wpa_supplicant/ share/examples/wpa_supplicant/wpa_supplicant.conf -...@sample ${SYSCONFDIR}/wpa_supplicant.conf share/examples/wpa_supplicant/wpa_supplicant.conf.dist
smime.p7s
Description: S/MIME Cryptographic Signature