# Driver interface for Host AP driver
-# CONFIG_DRIVER_HOSTAP=y
+#CONFIG_DRIVER_HOSTAP=y
# Driver interface for Agere driver
#CONFIG_DRIVER_HERMES=y
# Driver interface for madwifi driver
CONFIG_DRIVER_MADWIFI=y
-# Change include directories to match with the local setup
-#CFLAGS += -I../madwifi/wpa
+# Set include directory to the madwifi source tree
+#CFLAGS += -I../../madwifi
# Driver interface for Prism54 driver
# (Note: Prism54 is not yet supported, i.e., this will not work as-is and is
# Driver interface for Atmel driver
#CONFIG_DRIVER_ATMEL=y
-# Driver interface for Broadcom driver
+# Driver interface for old Broadcom driver
+# Please note that the newer Broadcom driver ("hybrid Linux driver") supports
+# Linux wireless extensions and does not need (or even work) with the old
+# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver.
#CONFIG_DRIVER_BROADCOM=y
# Example path for wlioctl.h; change to match your configuration
#CFLAGS += -I/opt/WRT54GS/release/src/include
# Driver interface for generic Linux wireless extensions
CONFIG_DRIVER_WEXT=y
+# Driver interface for Linux drivers using the nl80211 kernel interface
+CONFIG_DRIVER_NL80211=y
+
# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
#CONFIG_DRIVER_BSD=y
#CFLAGS += -I/usr/local/include
# Driver interface for wired Ethernet drivers
CONFIG_DRIVER_WIRED=y
+# Driver interface for the Broadcom RoboSwitch family
+#CONFIG_DRIVER_ROBOSWITCH=y
+
# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
# included)
CONFIG_IEEE8021X_EAPOL=y
# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
#CONFIG_EAP_AKA=y
+# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
+# This requires CONFIG_EAP_AKA to be enabled, too.
+#CONFIG_EAP_AKA_PRIME=y
+
+# Enable USIM simulator (Milenage) for EAP-AKA
+#CONFIG_USIM_SIMULATOR=y
+
# EAP-SAKE
#CONFIG_EAP_SAKE=y
# EAP-TNC and related Trusted Network Connect support (experimental)
#CONFIG_EAP_TNC=y
+# Wi-Fi Protected Setup (WPS)
+#CONFIG_WPS=y
+
# EAP-IKEv2
#CONFIG_EAP_IKEV2=y
#LIBS += -L$(LTM_PATH)
#LIBS_p += -L$(LTM_PATH)
#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
# This is only for Windows builds and requires WMI-related header files and
#CONFIG_DYNAMIC_EAP_METHODS=y
# Include client MLME (management frame processing).
-# This can be used to move MLME processing of Devicescape IEEE 802.11 stack
-# into user space.
+# This can be used to move MLME processing of Linux mac80211 stack into user
+# space. Please note that this is currently only available with
+# driver_nl80211.c and only with a modified version of Linux kernel and
+# wpa_supplicant.
#CONFIG_CLIENT_MLME=y
-# Currently, driver_devicescape.c build requires some additional parameters
-# to be able to include some of the kernel header files. Following lines can
-# be used to set these (WIRELESS_DEV must point to the root directory of the
-# wireless-dev.git tree).
-#WIRELESS_DEV=/usr/src/wireless-dev
-#CFLAGS += -I$(WIRELESS_DEV)/net/mac80211
-
-# IEEE 802.11r/D4.1 (Fast BSS Transition)
-# This enables an experimental implementation of a draft version of
-# IEEE 802.11r. This draft is still subject to change, so it should be noted
-# that this version may not comply with the final standard.
+
+# IEEE Std 802.11r-2008 (Fast BSS Transition)
#CONFIG_IEEE80211R=y
# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
# Enable privilege separation (see README 'Privilege separation' for details)
#CONFIG_PRIVSEP=y
+
+# Enable mitigation against certain attacks against TKIP by delaying Michael
+# MIC error reports by a random amount of time between 0 and 60 seconds
+#CONFIG_DELAYED_MIC_ERROR_REPORT=y
#ifdef EAP_TLS_OPENSSL
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
-@@ -536,7 +536,7 @@ wpa_supplicant_select_bss_non_wpa(struct
+@@ -541,7 +541,7 @@ wpa_supplicant_select_bss_non_wpa(struct
"BSSID mismatch");
continue;
}
if (!(ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
!(ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
!(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA))
-@@ -546,7 +546,7 @@ wpa_supplicant_select_bss_non_wpa(struct
+@@ -551,7 +551,7 @@ wpa_supplicant_select_bss_non_wpa(struct
continue;
}
(WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK |
WPA_KEY_MGMT_IEEE8021X_SHA256 |
-@@ -635,6 +635,9 @@ static void wpa_supplicant_event_scan_re
+@@ -640,6 +640,9 @@ static void wpa_supplicant_event_scan_re
wpa_s->disconnected)
return;
while (selected == NULL) {
for (prio = 0; prio < wpa_s->conf->num_prio; prio++) {
selected = wpa_supplicant_select_bss(
-@@ -647,6 +650,7 @@ static void wpa_supplicant_event_scan_re
+@@ -652,6 +655,7 @@ static void wpa_supplicant_event_scan_re
wpa_printf(MSG_DEBUG, "No APs found - clear blacklist "
"and try again");
wpa_blacklist_clear(wpa_s);
wpa_s->blacklist_cleared++;
} else if (selected == NULL) {
break;
-@@ -682,10 +686,12 @@ static void wpa_supplicant_event_scan_re
+@@ -687,10 +691,12 @@ static void wpa_supplicant_event_scan_re
rsn_preauth_scan_results(wpa_s->wpa, wpa_s->scan_res);
} else {
wpa_printf(MSG_DEBUG, "No suitable AP found.");
return;
req_scan:
-@@ -889,6 +895,9 @@ static void wpa_supplicant_event_disasso
+@@ -894,6 +900,9 @@ static void wpa_supplicant_event_disasso
}
if (wpa_s->wpa_state >= WPA_ASSOCIATED)
wpa_supplicant_req_scan(wpa_s, 0, 100000);