head 1.3; access; symbols netbsd-11-0-RC4:1.3 netbsd-11-0-RC3:1.3 netbsd-11-0-RC2:1.3 netbsd-11-0-RC1:1.3 perseant-exfatfs-base-20250801:1.3 netbsd-11:1.3.0.2 netbsd-11-base:1.3 netbsd-10-1-RELEASE:1.1.1.8.6.1 v2_11:1.1.1.9 perseant-exfatfs-base-20240630:1.2 perseant-exfatfs:1.2.0.2 perseant-exfatfs-base:1.2 netbsd-8-3-RELEASE:1.1.1.6 netbsd-9-4-RELEASE:1.1.1.7.2.1 netbsd-10-0-RELEASE:1.1.1.8.6.1 netbsd-10-0-RC6:1.1.1.8.6.1 netbsd-10-0-RC5:1.1.1.8.6.1 netbsd-10-0-RC4:1.1.1.8 netbsd-10-0-RC3:1.1.1.8 netbsd-10-0-RC2:1.1.1.8 netbsd-10-0-RC1:1.1.1.8 netbsd-10:1.1.1.8.0.6 netbsd-10-base:1.1.1.8 netbsd-9-3-RELEASE:1.1.1.7 cjep_sun2x-base1:1.1.1.8 cjep_sun2x:1.1.1.8.0.4 cjep_sun2x-base:1.1.1.8 cjep_staticlib_x-base1:1.1.1.8 netbsd-9-2-RELEASE:1.1.1.7 cjep_staticlib_x:1.1.1.8.0.2 cjep_staticlib_x-base:1.1.1.8 v2_9:1.1.1.8 netbsd-9-1-RELEASE:1.1.1.7 phil-wifi-20200421:1.1.1.7 phil-wifi-20200411:1.1.1.7 is-mlppp:1.1.1.7.0.4 is-mlppp-base:1.1.1.7 phil-wifi-20200406:1.1.1.7 netbsd-8-2-RELEASE:1.1.1.6 netbsd-9-0-RELEASE:1.1.1.7 netbsd-9-0-RC2:1.1.1.7 netbsd-9-0-RC1:1.1.1.7 phil-wifi-20191119:1.1.1.7 netbsd-9:1.1.1.7.0.2 netbsd-9-base:1.1.1.7 phil-wifi-20190609:1.1.1.7 netbsd-8-1-RELEASE:1.1.1.6 netbsd-8-1-RC1:1.1.1.6 pgoyette-compat-merge-20190127:1.1.1.6.12.1 pgoyette-compat-20190127:1.1.1.7 pgoyette-compat-20190118:1.1.1.7 v2_7:1.1.1.7 pgoyette-compat-1226:1.1.1.6 pgoyette-compat-1126:1.1.1.6 pgoyette-compat-1020:1.1.1.6 pgoyette-compat-0930:1.1.1.6 pgoyette-compat-0906:1.1.1.6 netbsd-7-2-RELEASE:1.1.1.3.4.2 pgoyette-compat-0728:1.1.1.6 netbsd-8-0-RELEASE:1.1.1.6 phil-wifi:1.1.1.6.0.14 phil-wifi-base:1.1.1.6 pgoyette-compat-0625:1.1.1.6 netbsd-8-0-RC2:1.1.1.6 pgoyette-compat-0521:1.1.1.6 pgoyette-compat-0502:1.1.1.6 pgoyette-compat-0422:1.1.1.6 netbsd-8-0-RC1:1.1.1.6 pgoyette-compat-0415:1.1.1.6 pgoyette-compat-0407:1.1.1.6 pgoyette-compat-0330:1.1.1.6 pgoyette-compat-0322:1.1.1.6 pgoyette-compat-0315:1.1.1.6 netbsd-7-1-2-RELEASE:1.1.1.3.4.1.6.1 pgoyette-compat:1.1.1.6.0.12 pgoyette-compat-base:1.1.1.6 netbsd-7-1-1-RELEASE:1.1.1.3.4.1.6.1 matt-nb8-mediatek:1.1.1.6.0.10 matt-nb8-mediatek-base:1.1.1.6 perseant-stdc-iso10646:1.1.1.6.0.8 perseant-stdc-iso10646-base:1.1.1.6 netbsd-8:1.1.1.6.0.6 netbsd-8-base:1.1.1.6 prg-localcount2-base3:1.1.1.6 prg-localcount2-base2:1.1.1.6 prg-localcount2-base1:1.1.1.6 prg-localcount2:1.1.1.6.0.4 prg-localcount2-base:1.1.1.6 pgoyette-localcount-20170426:1.1.1.6 bouyer-socketcan-base1:1.1.1.6 pgoyette-localcount-20170320:1.1.1.6 netbsd-7-1:1.1.1.3.4.1.0.6 netbsd-7-1-RELEASE:1.1.1.3.4.1 netbsd-7-1-RC2:1.1.1.3.4.1 netbsd-7-nhusb-base-20170116:1.1.1.3.4.1 bouyer-socketcan:1.1.1.6.0.2 bouyer-socketcan-base:1.1.1.6 pgoyette-localcount-20170107:1.1.1.6 netbsd-7-1-RC1:1.1.1.3.4.1 v2_6:1.1.1.6 pgoyette-localcount-20161104:1.1.1.5 netbsd-7-0-2-RELEASE:1.1.1.3.4.1 localcount-20160914:1.1.1.5 netbsd-7-nhusb:1.1.1.3.4.1.0.4 netbsd-7-nhusb-base:1.1.1.3.4.1 pgoyette-localcount-20160806:1.1.1.5 pgoyette-localcount-20160726:1.1.1.5 pgoyette-localcount:1.1.1.5.0.2 pgoyette-localcount-base:1.1.1.5 netbsd-7-0-1-RELEASE:1.1.1.3.4.1 netbsd-7-0:1.1.1.3.4.1.0.2 netbsd-7-0-RELEASE:1.1.1.3.4.1 netbsd-7-0-RC3:1.1.1.3.4.1 netbsd-7-0-RC2:1.1.1.3.4.1 netbsd-7-0-RC1:1.1.1.3.4.1 v2_4:1.1.1.5 v2_3:1.1.1.4 netbsd-6-0-6-RELEASE:1.1.1.1 netbsd-6-1-5-RELEASE:1.1.1.1 netbsd-7:1.1.1.3.0.4 netbsd-7-base:1.1.1.3 yamt-pagecache-base9:1.1.1.3 yamt-pagecache-tag8:1.1.1.1.6.1 netbsd-6-1-4-RELEASE:1.1.1.1 netbsd-6-0-5-RELEASE:1.1.1.1 tls-earlyentropy:1.1.1.3.0.2 tls-earlyentropy-base:1.1.1.3 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.1.1.3 riastradh-drm2-base3:1.1.1.3 netbsd-6-1-3-RELEASE:1.1.1.1 netbsd-6-0-4-RELEASE:1.1.1.1 v2_0:1.1.1.3 netbsd-6-1-2-RELEASE:1.1.1.1 netbsd-6-0-3-RELEASE:1.1.1.1 netbsd-6-1-1-RELEASE:1.1.1.1 riastradh-drm2-base2:1.1.1.2 riastradh-drm2-base1:1.1.1.2 riastradh-drm2:1.1.1.2.0.2 v1_1:1.1.1.2 riastradh-drm2-base:1.1.1.2 netbsd-6-1:1.1.1.1.0.16 netbsd-6-0-2-RELEASE:1.1.1.1 netbsd-6-1-RELEASE:1.1.1.1 netbsd-6-1-RC4:1.1.1.1 netbsd-6-1-RC3:1.1.1.1 agc-symver:1.1.1.2.0.4 agc-symver-base:1.1.1.2 netbsd-6-1-RC2:1.1.1.1 netbsd-6-1-RC1:1.1.1.1 yamt-pagecache-base8:1.1.1.2 netbsd-6-0-1-RELEASE:1.1.1.1 yamt-pagecache-base7:1.1.1.2 matt-nb6-plus-nbase:1.1.1.1 yamt-pagecache-base6:1.1.1.2 netbsd-6-0:1.1.1.1.0.14 netbsd-6-0-RELEASE:1.1.1.1 v1_0:1.1.1.2 netbsd-6-0-RC2:1.1.1.1 tls-maxphys:1.1.1.1.0.12 tls-maxphys-base:1.1.1.3 matt-nb6-plus:1.1.1.1.0.10 matt-nb6-plus-base:1.1.1.1 netbsd-6-0-RC1:1.1.1.1 yamt-pagecache-base5:1.1.1.1 yamt-pagecache-base4:1.1.1.1 netbsd-6:1.1.1.1.0.8 netbsd-6-base:1.1.1.1 yamt-pagecache-base3:1.1.1.1 yamt-pagecache-base2:1.1.1.1 yamt-pagecache:1.1.1.1.0.6 yamt-pagecache-base:1.1.1.1 v0_7_3:1.1.1.1 cherry-xenmp:1.1.1.1.0.4 cherry-xenmp-base:1.1.1.1 bouyer-quota2-nbase:1.1.1.1 bouyer-quota2:1.1.1.1.0.2 bouyer-quota2-base:1.1.1.1 matt-mips64-premerge-20101231:1.1.1.1 v0_7_2:1.1.1.1 MALINEN:1.1.1; locks; strict; comment @# @; 1.3 date 2024.09.18.15.09.34; author christos; state Exp; branches; next 1.2; commitid qPhWFATOymjLEiqF; 1.2 date 2024.02.13.18.43.45; author christos; state Exp; branches 1.2.2.1; next 1.1; commitid T3O2wNzxh2GzRiYE; 1.1 date 2010.08.04.10.23.24; author christos; state Exp; branches 1.1.1.1; next ; 1.2.2.1 date 2025.08.02.05.24.26; author perseant; state Exp; branches; next ; commitid 23j6GFaDws3O875G; 1.1.1.1 date 2010.08.04.10.23.24; author christos; state Exp; branches 1.1.1.1.6.1 1.1.1.1.8.1 1.1.1.1.12.1 1.1.1.1.14.1 1.1.1.1.16.1; next 1.1.1.2; 1.1.1.2 date 2012.10.07.23.48.01; author christos; state Exp; branches; next 1.1.1.3; 1.1.1.3 date 2014.01.03.02.05.29; author christos; state Exp; branches 1.1.1.3.4.1; next 1.1.1.4; commitid UzsktaU3uSYx2Cjx; 1.1.1.4 date 2014.10.16.19.16.02; author christos; state Exp; branches; next 1.1.1.5; commitid fK26ks8uVlWJysUx; 1.1.1.5 date 2015.04.01.19.24.37; author christos; state Exp; branches 1.1.1.5.2.1; next 1.1.1.6; commitid sORDBLECOsBneVfy; 1.1.1.6 date 2016.11.21.16.42.46; author christos; state Exp; branches 1.1.1.6.12.1 1.1.1.6.14.1; next 1.1.1.7; commitid FbD3JrvDorGB31vz; 1.1.1.7 date 2019.01.04.19.29.15; author christos; state Exp; branches 1.1.1.7.2.1; next 1.1.1.8; commitid 8vcPZDhm20BC5v6B; 1.1.1.8 date 2021.03.01.01.37.50; author christos; state Exp; branches 1.1.1.8.6.1; next 1.1.1.9; commitid UXoTULSrfaRLRxJC; 1.1.1.9 date 2024.09.18.15.02.56; author christos; state Exp; branches; next ; commitid VitRusbKkuz5DiqF; 1.1.1.1.6.1 date 2012.10.30.18.56.30; author yamt; state Exp; branches; next 1.1.1.1.6.2; 1.1.1.1.6.2 date 2014.05.22.15.51.41; author yamt; state Exp; branches; next ; commitid B5sATmssHsox9yBx; 1.1.1.1.8.1 date 2017.08.30.05.48.16; author snj; state Exp; branches; next ; commitid JbOPXArIRlzmmc5A; 1.1.1.1.12.1 date 2012.11.20.02.58.10; author tls; state Exp; branches; next 1.1.1.1.12.2; 1.1.1.1.12.2 date 2014.08.19.23.52.19; author tls; state Exp; branches; next ; commitid jTnpym9Qu0o4R1Nx; 1.1.1.1.14.1 date 2017.08.30.05.50.49; author snj; state Exp; branches; next ; commitid lu0ZNYKowAcxnc5A; 1.1.1.1.16.1 date 2017.08.30.05.49.10; author snj; state Exp; branches; next ; commitid BMvOFDePUHebnc5A; 1.1.1.3.4.1 date 2015.04.29.20.28.38; author snj; state Exp; branches 1.1.1.3.4.1.2.1 1.1.1.3.4.1.6.1; next 1.1.1.3.4.2; commitid aqsfGoFQny3sFwjy; 1.1.1.3.4.2 date 2017.08.12.05.56.20; author snj; state Exp; branches; next ; commitid UR2so85VTD0ZYS2A; 1.1.1.3.4.1.2.1 date 2017.08.12.05.31.36; author snj; state Exp; branches; next ; commitid CoaxPXicrWwYQS2A; 1.1.1.3.4.1.6.1 date 2017.08.12.05.44.04; author snj; state Exp; branches; next ; commitid TGNhASbyrOS6VS2A; 1.1.1.5.2.1 date 2017.01.07.08.54.15; author pgoyette; state Exp; branches; next ; commitid uEL0C1YuiJrlV0Bz; 1.1.1.6.12.1 date 2019.01.18.08.48.43; author pgoyette; state Exp; branches; next ; commitid Lmlzg3OVT2cd6f8B; 1.1.1.6.14.1 date 2019.06.10.21.51.58; author christos; state Exp; branches; next ; commitid jtc8rnCzWiEEHGqB; 1.1.1.7.2.1 date 2024.02.29.11.41.33; author martin; state Exp; branches; next ; commitid JxWuK0x3VE2xYj0F; 1.1.1.8.6.1 date 2024.02.24.13.06.54; author martin; state Exp; branches; next ; commitid CPCGsuzTHTgqDGZE; desc @@ 1.3 log @Merge conflicts between 2.9 and 2.11 @ text @##### Example wpa_supplicant configuration file ############################### # # This file describes configuration file format and lists all available option. # Please also take a look at simpler configuration examples in 'examples' # subdirectory. # # Empty lines and lines starting with # are ignored # NOTE! This file may contain password information and should probably be made # readable only by root user on multiuser systems. # Note: All file paths in this configuration file should use full (absolute, # not relative to working directory) path in order to allow working directory # to be changed. This can happen if wpa_supplicant is run in the background. # Whether to allow wpa_supplicant to update (overwrite) configuration # # This option can be used to allow wpa_supplicant to overwrite configuration # file whenever configuration is changed (e.g., new network block is added with # wpa_cli or wpa_gui, or a password is changed). This is required for # wpa_cli/wpa_gui to be able to store the configuration changes permanently. # Please note that overwriting configuration file will remove the comments from # it. #update_config=1 # global configuration (shared by all network blocks) # # Parameters for the control interface. If this is specified, wpa_supplicant # will open a control interface that is available for external programs to # manage wpa_supplicant. The meaning of this string depends on which control # interface mechanism is used. For all cases, the existence of this parameter # in configuration is used to determine whether the control interface is # enabled. # # For UNIX domain sockets (default on Linux and BSD): This is a directory that # will be created for UNIX domain sockets for listening to requests from # external programs (CLI/GUI, etc.) for status information and configuration. # The socket file will be named based on the interface name, so multiple # wpa_supplicant processes can be run at the same time if more than one # interface is used. # /var/run/wpa_supplicant is the recommended directory for sockets and by # default, wpa_cli will use it when trying to connect with wpa_supplicant. # # Access control for the control interface can be configured by setting the # directory to allow only members of a group to use sockets. This way, it is # possible to run wpa_supplicant as root (since it needs to change network # configuration and open raw sockets) and still allow GUI/CLI components to be # run as non-root users. However, since the control interface can be used to # change the network configuration, this access needs to be protected in many # cases. By default, wpa_supplicant is configured to use gid 0 (root). If you # want to allow non-root users to use the control interface, add a new group # and change this value to match with that group. Add users that should have # control interface access to this group. If this variable is commented out or # not included in the configuration file, group will not be changed from the # value it got by default when the directory or socket was created. # # When configuring both the directory and group, use following format: # DIR=/var/run/wpa_supplicant GROUP=wheel # DIR=/var/run/wpa_supplicant GROUP=0 # (group can be either group name or gid) # # For UDP connections (default on Windows): The value will be ignored. This # variable is just used to select that the control interface is to be created. # The value can be set to, e.g., udp (ctrl_interface=udp) # # For Windows Named Pipe: This value can be used to set the security descriptor # for controlling access to the control interface. Security descriptor can be # set using Security Descriptor String Format (see http://msdn.microsoft.com/ # library/default.asp?url=/library/en-us/secauthz/security/ # security_descriptor_string_format.asp). The descriptor string needs to be # prefixed with SDDL=. For example, ctrl_interface=SDDL=D: would set an empty # DACL (which will reject all connections). See README-Windows.txt for more # information about SDDL string format. # ctrl_interface=/var/run/wpa_supplicant # IEEE 802.1X/EAPOL version # wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which defines # EAPOL version 2. However, there are many APs that do not handle the new # version number correctly (they seem to drop the frames completely). In order # to make wpa_supplicant interoperate with these APs, the version number is set # to 1 by default. This configuration value can be used to set it to the new # version (2). # Note: When using MACsec, eapol_version shall be set to 3, which is # defined in IEEE Std 802.1X-2010. eapol_version=1 # AP scanning/selection # By default, wpa_supplicant requests driver to perform AP scanning and then # uses the scan results to select a suitable AP. Another alternative is to # allow the driver to take care of AP scanning and selection and use # wpa_supplicant just to process EAPOL frames based on IEEE 802.11 association # information from the driver. # 1: wpa_supplicant initiates scanning and AP selection; if no APs matching to # the currently enabled networks are found, a new network (IBSS or AP mode # operation) may be initialized (if configured) (default) # 0: This mode must only be used when using wired Ethernet drivers # (including MACsec). # 2: like 0, but associate with APs using security policy and SSID (but not # BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers to # enable operation with hidden SSIDs and optimized roaming; in this mode, # the network blocks in the configuration file are tried one by one until # the driver reports successful association; each network block should have # explicit security policy (i.e., only one option in the lists) for # key_mgmt, pairwise, group, proto variables # Note: ap_scan=0/2 should not be used with the nl80211 driver interface (the # current Linux interface). ap_scan=1 is the only option working with nl80211. # For finding networks using hidden SSID, scan_ssid=1 in the network block can # be used with nl80211. # When using IBSS or AP mode, ap_scan=2 mode can force the new network to be # created immediately regardless of scan results. ap_scan=1 mode will first try # to scan for existing networks and only if no matches with the enabled # networks are found, a new IBSS or AP mode network is created. ap_scan=1 # Whether to force passive scan for network connection # # By default, scans will send out Probe Request frames on channels that allow # active scanning. This advertise the local station to the world. Normally this # is fine, but users may wish to do passive scanning where the radio should only # listen quietly for Beacon frames and not send any Probe Request frames. Actual # functionality may be driver dependent. # # This parameter can be used to force only passive scanning to be used # for network connection cases. It should be noted that this will slow # down scan operations and reduce likelihood of finding the AP. In # addition, some use cases will override this due to functional # requirements, e.g., for finding an AP that uses hidden SSID # (scan_ssid=1) or P2P device discovery. # # 0: Do normal scans (allow active scans) (default) # 1: Do passive scans. #passive_scan=0 # MPM residency # By default, wpa_supplicant implements the mesh peering manager (MPM) for an # open mesh. However, if the driver can implement the MPM, you may set this to # 0 to use the driver version. When AMPE is enabled, the wpa_supplicant MPM is # always used. # 0: MPM lives in the driver # 1: wpa_supplicant provides an MPM which handles peering (default) #user_mpm=1 # Maximum number of peer links (0-255; default: 99) # Maximum number of mesh peering currently maintained by the STA. #max_peer_links=99 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in mesh STA to clean up inactive stations. #mesh_max_inactivity=300 # Enable 802.11s layer-2 routing and forwarding (dot11MeshForwarding) #mesh_fwding=1 # cert_in_cb - Whether to include a peer certificate dump in events # This controls whether peer certificates for authentication server and # its certificate chain are included in EAP peer certificate events. This is # enabled by default. #cert_in_cb=1 # EAP fast re-authentication # By default, fast re-authentication is enabled for all EAP methods that # support it. This variable can be used to disable fast re-authentication. # Normally, there is no need to disable this. fast_reauth=1 # OpenSSL Engine support # These options can be used to load OpenSSL engines in special or legacy # modes. # The two engines that are supported currently are shown below: # They are both from the opensc project (http://www.opensc.org/) # By default the PKCS#11 engine is loaded if the client_cert or # private_key option appear to be a PKCS#11 URI, and these options # should not need to be used explicitly. # make the opensc engine available #opensc_engine_path=/usr/lib/opensc/engine_opensc.so # make the pkcs11 engine available #pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so # configure the path to the pkcs11 module required by the pkcs11 engine #pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so # OpenSSL cipher string # # This is an OpenSSL specific configuration option for configuring the default # ciphers. If not set, the value configured at build time ("DEFAULT:!EXP:!LOW" # by default) is used. # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation # on cipher suite configuration. This is applicable only if wpa_supplicant is # built to use OpenSSL. #openssl_ciphers=DEFAULT:!EXP:!LOW # Dynamic EAP methods # If EAP methods were built dynamically as shared object files, they need to be # loaded here before being used in the network blocks. By default, EAP methods # are included statically in the build, so these lines are not needed #load_dynamic_eap=/usr/lib/wpa_supplicant/eap_tls.so #load_dynamic_eap=/usr/lib/wpa_supplicant/eap_md5.so # Driver interface parameters # This field can be used to configure arbitrary driver interface parameters. The # format is specific to the selected driver interface. This field is not used # in most cases. #driver_param="field=value" # Country code # The ISO/IEC alpha2 country code for the country in which this device is # currently operating. #country=US # Maximum lifetime for PMKSA in seconds; default 43200 #dot11RSNAConfigPMKLifetime=43200 # Threshold for reauthentication (percentage of PMK lifetime); default 70 #dot11RSNAConfigPMKReauthThreshold=70 # Timeout for security association negotiation in seconds; default 60 #dot11RSNAConfigSATimeout=60 # Wi-Fi Protected Setup (WPS) parameters # Universally Unique IDentifier (UUID; see RFC 4122) of the device # If not configured, UUID will be generated based on the mechanism selected with # the auto_uuid parameter. #uuid=12345678-9abc-def0-1234-56789abcdef0 # Automatic UUID behavior # 0 = generate static value based on the local MAC address (default) # 1 = generate a random UUID every time wpa_supplicant starts #auto_uuid=0 # Device Name # User-friendly description of device; up to 32 octets encoded in UTF-8 #device_name=Wireless Client # Manufacturer # The manufacturer of the device (up to 64 ASCII characters) #manufacturer=Company # Model Name # Model of the device (up to 32 ASCII characters) #model_name=cmodel # Model Number # Additional device description (up to 32 ASCII characters) #model_number=123 # Serial Number # Serial number of the device (up to 32 characters) #serial_number=12345 # Primary Device Type # Used format: -- # categ = Category as an integer value # OUI = OUI and type octet as a 4-octet hex-encoded value; 0050F204 for # default WPS OUI # subcateg = OUI-specific Sub Category as an integer value # Examples: # 1-0050F204-1 (Computer / PC) # 1-0050F204-2 (Computer / Server) # 5-0050F204-1 (Storage / NAS) # 6-0050F204-1 (Network Infrastructure / AP) #device_type=1-0050F204-1 # OS Version # 4-octet operating system version number (hex string) #os_version=01020300 # Config Methods # List of the supported configuration methods # Available methods: usba ethernet label display ext_nfc_token int_nfc_token # nfc_interface push_button keypad virtual_display physical_display # virtual_push_button physical_push_button # For WSC 1.0: #config_methods=label display push_button keypad # For WSC 2.0: #config_methods=label virtual_display virtual_push_button keypad # Credential processing # 0 = process received credentials internally (default) # 1 = do not process received credentials; just pass them over ctrl_iface to # external program(s) # 2 = process received credentials internally and pass them over ctrl_iface # to external program(s) #wps_cred_processing=0 # Whether to enable SAE (WPA3-Personal transition mode) automatically for # WPA2-PSK credentials received using WPS. # 0 = only add the explicitly listed WPA2-PSK configuration (default) # 1 = add both the WPA2-PSK and SAE configuration and enable PMF so that the # station gets configured in WPA3-Personal transition mode (supports both # WPA2-Personal (PSK) and WPA3-Personal (SAE) APs). #wps_cred_add_sae=0 # Vendor attribute in WPS M1, e.g., Windows 7 Vertical Pairing # The vendor attribute contents to be added in M1 (hex string) #wps_vendor_ext_m1=000137100100020001 # NFC password token for WPS # These parameters can be used to configure a fixed NFC password token for the # station. This can be generated, e.g., with nfc_pw_token. When these # parameters are used, the station is assumed to be deployed with a NFC tag # that includes the matching NFC password token (e.g., written based on the # NDEF record from nfc_pw_token). # #wps_nfc_dev_pw_id: Device Password ID (16..65535) #wps_nfc_dh_pubkey: Hexdump of DH Public Key #wps_nfc_dh_privkey: Hexdump of DH Private Key #wps_nfc_dev_pw: Hexdump of Device Password # Priority for the networks added through WPS # This priority value will be set to each network profile that is added # by executing the WPS protocol. #wps_priority=0 # Device Provisioning Protocol (DPP) parameters # # How to process DPP configuration # 0 = report received configuration to an external program for # processing; do not generate any network profile internally (default) # 1 = report received configuration to an external program and generate # a network profile internally, but do not automatically connect # to the created (disabled) profile; the network profile id is # reported to external programs # 2 = report received configuration to an external program, generate # a network profile internally, try to connect to the created # profile automatically #dpp_config_processing=0 # # Name for Enrollee's DPP Configuration Request #dpp_name=Test # # MUD URL for Enrollee's DPP Configuration Request (optional) #dpp_mud_url=https://example.com/mud # Maximum number of BSS entries to keep in memory # Default: 200 # This can be used to limit memory use on the BSS entries (cached scan # results). A larger value may be needed in environments that have huge number # of APs when using ap_scan=1 mode. #bss_max_count=200 # BSS expiration age in seconds. A BSS will be removed from the local cache # if it is not in use and has not been seen for this time. Default is 180. #bss_expiration_age=180 # BSS expiration after number of scans. A BSS will be removed from the local # cache if it is not seen in this number of scans. # Default is 2. #bss_expiration_scan_count=2 # Automatic scan # This is an optional set of parameters for automatic scanning # within an interface in following format: #autoscan=: # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : #autoscan=exponential:3:300 # Which means a delay between scans on a base exponential of 3, # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be #autoscan=periodic:30 # So a delay of 30 seconds will be applied between each scan. # Note: If sched_scan_plans are configured and supported by the driver, # autoscan is ignored. # filter_ssids - SSID-based scan result filtering # 0 = do not filter scan results (default) # 1 = only include configured SSIDs in scan results/BSS table #filter_ssids=0 # Password (and passphrase, etc.) backend for external storage # format: [:] # Test backend which stores passwords in memory. Should only be used for # development purposes. #ext_password_backend=test:pw1=password|pw2=testing # File-based backend which reads passwords from a file. The parameter # identifies the file to read passwords from. The password file follows the # format of wpa_supplicant.conf and accepts simple `key=passphrase` formatted # passwords. #ext_password_backend=file:/path/to/passwords.conf # Disable P2P functionality # p2p_disabled=1 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in P2P GO mode to clean up # inactive stations. #p2p_go_max_inactivity=300 # Passphrase length (8..63) for P2P GO # # This parameter controls the length of the random passphrase that is # generated at the GO. Default: 8. #p2p_passphrase_len=8 # Extra delay between concurrent P2P search iterations # # This value adds extra delay in milliseconds between concurrent search # iterations to make p2p_find friendlier to concurrent operations by avoiding # it from taking 100% of radio resources. The default value is 500 ms. #p2p_search_delay=500 # Opportunistic Key Caching (also known as Proactive Key Caching) default # This parameter can be used to set the default behavior for the # proactive_key_caching parameter. By default, OKC is disabled unless enabled # with the global okc=1 parameter or with the per-network # proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter for RSN networks. By default, PMF is disabled unless enabled with # the global pmf=1/2 parameter or with the per-network ieee80211w=1/2 parameter. # With pmf=1/2, PMF is enabled/required by default, but can be disabled with the # per-network ieee80211w parameter. This global default value does not apply # for non-RSN networks (key_mgmt=NONE) since PMF is available only when using # RSN. #pmf=0 # sae_check_mfp: Require PMF support to select SAE key_mgmt # 0 = Do not check PMF for SAE (default) # 1 = Limit SAE when PMF is not enabled # # When enabled SAE will not be selected if PMF will not be used # for the connection. # Scenarios where this check will limit SAE: # 1) ieee80211w=0 is set for the network # 2) The AP does not have PMF enabled. # 3) ieee80211w is unset, pmf=1 is enabled globally, and # the device does not support the BIP cipher. # Consider the configuration of global parameterss sae_check_mfp=1, pmf=1 and a # network configured with ieee80211w unset and key_mgmt=SAE WPA-PSK. # In the example WPA-PSK will be used if the device does not support # the BIP cipher or the AP has PMF disabled. # Limiting SAE with this check can avoid failing to associate to an AP # that is configured with sae_requires_mfp=1 if the device does # not support PMF due to lack of the BIP cipher. # # Enabling this check helps with compliance of the WPA3 # specification for WPA3-Personal transition mode. # The WPA3 specification section 2.3 "WPA3-Personal transition mode" item 8 # states "A STA shall negotiate PMF when associating to an AP using SAE". # With this check WPA3 capable devices when connecting # to transition mode APs that do not advertise PMF support # will not use SAE and instead fallback to PSK. #sae_check_mfp=0 # Enabled SAE finite cyclic groups in preference order # By default (if this parameter is not set), the mandatory group 19 (ECC group # defined over a 256-bit prime order field, NIST P-256) is preferred and groups # 20 (NIST P-384) and 21 (NIST P-521) are also enabled. If this parameter is # set, the groups will be tried in the indicated order. # The group values are listed in the IANA registry: # http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xml#ipsec-registry-9 # Note that groups 1, 2, 5, 22, 23, and 24 should not be used in production # purposes due limited security (see RFC 8247). Groups that are not as strong as # group 19 (ECC, NIST P-256) are unlikely to be useful for production use cases # since all implementations are required to support group 19. #sae_groups=19 20 21 # SAE mechanism for PWE derivation # 0 = hunting-and-pecking loop only (default without password identifier) # 1 = hash-to-element only (default with password identifier) # 2 = both hunting-and-pecking loop and hash-to-element enabled # Note: The default value is likely to change from 0 to 2 once the new # hash-to-element mechanism has received more interoperability testing. # When using SAE password identifier, the hash-to-element mechanism is used # regardless of the sae_pwe parameter value. #sae_pwe=0 # Default value for DTIM period (if not overridden in network block) #dtim_period=2 # Default value for Beacon interval (if not overridden in network block) #beacon_int=100 # Additional vendor specific elements for Beacon and Probe Response frames # This parameter can be used to add additional vendor specific element(s) into # the end of the Beacon and Probe Response frames. The format for these # element(s) is a hexdump of the raw information elements (id+len+payload for # one or more elements). This is used in AP and P2P GO modes. #ap_vendor_elements=dd0411223301 # Ignore scan results older than request # # The driver may have a cache of scan results that makes it return # information that is older than our scan trigger. This parameter can # be used to configure such old information to be ignored instead of # allowing it to update the internal BSS table. #ignore_old_scan_res=0 # scan_cur_freq: Whether to scan only the current frequency # 0: Scan all available frequencies. (Default) # 1: Scan current operating frequency if another VIF on the same radio # is already associated. # Seconds to consider old scan results valid for association (default: 5) #scan_res_valid_for_connect=5 # MAC address policy default # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) # 3 = use dedicated/pregenerated MAC address (see mac_value) # # By default, permanent MAC address is used unless policy is changed by # the per-network mac_addr parameter. Global mac_addr=1 can be used to # change this default behavior. #mac_addr=0 # Local MAC address to use whenever connecting with this network profile # This is used with mac_addr=3. #mac_value=02:12:34:56:78:9a # Lifetime of random MAC address in seconds (default: 60) #rand_addr_lifetime=60 # MAC address policy for pre-association operations (scanning, ANQP) # 0 = use permanent MAC address # 1 = use random MAC address # 2 = like 1, but maintain OUI (with local admin bit set) #preassoc_mac_addr=0 # MAC address policy for GAS operations # 0 = use permanent MAC address # 1 = use random MAC address # 2 = like 1, but maintain OUI (with local admin bit set) # Note that this setting is ignored when a specific MAC address is needed for # a full protocol exchange that includes GAS, e.g., when going through a DPP # exchange that exposes the configured interface address as part of the DP # Public Action frame exchanges before using GAS. That same address is then used # during the GAS exchange as well to avoid breaking the protocol expectations. #gas_rand_mac_addr=0 # Lifetime of GAS random MAC address in seconds (default: 60) #gas_rand_addr_lifetime=60 # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 # Enable P2P GO advertisement of Interworking # go_interworking=1 # P2P GO Interworking: Access Network Type # 0 = Private network # 1 = Private network with guest access # 2 = Chargeable public network # 3 = Free public network # 4 = Personal device network # 5 = Emergency services only network # 14 = Test or experimental # 15 = Wildcard #go_access_network_type=0 # P2P GO Interworking: Whether the network provides connectivity to the Internet # 0 = Unspecified # 1 = Network provides connectivity to the Internet #go_internet=1 # P2P GO Interworking: Group Venue Info (optional) # The available values are defined in IEEE Std 802.11-2016, 9.4.1.35. # Example values (group,type): # 0,0 = Unspecified # 1,7 = Convention Center # 1,13 = Coffee Shop # 2,0 = Unspecified Business # 7,1 Private Residence #go_venue_group=7 #go_venue_type=1 # Homogeneous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking # is enabled. # hessid=00:11:22:33:44:55 # Automatic network selection behavior # 0 = do not automatically go through Interworking network selection # (i.e., require explicit interworking_select command for this; default) # 1 = perform Interworking network selection if one or more # credentials have been configured and scan did not find a # matching network block #auto_interworking=0 # GAS Address3 field behavior # 0 = P2P specification (Address3 = AP BSSID); default # 1 = IEEE 802.11 standard compliant (Address3 = Wildcard BSSID when # sent to not-associated AP; if associated, AP BSSID) #gas_address3=0 # Publish fine timing measurement (FTM) responder functionality in # the Extended Capabilities element bit 70. # Controls whether FTM responder functionality will be published by AP/STA. # Note that actual FTM responder operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_responder=0 # Publish fine timing measurement (FTM) initiator functionality in # the Extended Capabilities element bit 71. # Controls whether FTM initiator functionality will be published by AP/STA. # Note that actual FTM initiator operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_initiator=0 # credential block # # Each credential used for automatic network selection is configured as a set # of parameters that are compared to the information advertised by the APs when # interworking_select and interworking_connect commands are used. # # credential fields: # # temporary: Whether this credential is temporary and not to be saved # # priority: Priority group # By default, all networks and credentials get the same priority group # (0). This field can be used to give higher priority for credentials # (and similarly in struct wpa_ssid for network blocks) to change the # Interworking automatic networking selection behavior. The matching # network (based on either an enabled network block or a credential) # with the highest priority value will be selected. # # pcsc: Use PC/SC and SIM/USIM card # # realm: Home Realm for Interworking # # username: Username for Interworking network selection # # password: Password for Interworking network selection # # ca_cert: CA certificate for Interworking network selection # # client_cert: File path to client certificate file (PEM/DER) # This field is used with Interworking networking selection for a case # where client certificate/private key is used for authentication # (EAP-TLS). Full path to the file should be used since working # directory may change when wpa_supplicant is run in the background. # # Certificates from PKCS#11 tokens can be referenced by a PKCS#11 URI. # # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read # from the PKCS#12 file in this case. Full path to the file should be # used since working directory may change when wpa_supplicant is run # in the background. # # Keys in PKCS#11 tokens can be referenced by a PKCS#11 URI. # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # # cert://substring_to_match # # hash://certificate_thumbprint_in_hex # # For example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key_passwd: Password for private key file # # imsi: IMSI in | | '-' | format # # milenage: Milenage parameters for SIM/USIM simulator in :: # format # # domain: Home service provider FQDN(s) # This is used to compare against the Domain Name List to figure out # whether the AP is operated by the Home SP. Multiple domain entries can # be used to configure alternative FQDNs that will be considered home # networks. # # home_ois: Home OI(s) # This string field contains one or more comma delimited OIs (hexdump) # identifying the access the access points that support authentication # with this credential. There are an alternative to the use of the realm # parameter. When using Home OIs to match the network, the EAP parameters # need to be pre-configured with the credentials since the NAI Realm # information may not be available or fetched. # A successful authentication with the access point is possible as soon # as at least one Home OI from the list matches an OI in the Roaming # Consortium advertised by the access point. # (Hotspot 2.0 PerProviderSubscription//HomeSP/HomeOIList//HomeOI) # # required_home_ois: Required Home OI(s) # This string field contains the set of Home OI(s) (hexdump) that are # required to be advertised by the AP for the credential to be considered # matching. # (Hotspot 2.0 PerProviderSubscription//HomeSP/HomeOIList//HomeOIRequired) # # roaming_consortium: Roaming Consortium OI # Deprecated: use home_ois instead. # If roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that can be used to determine which access # points support authentication with this credential. This is an # alternative to the use of the realm parameter. When using Roaming # Consortium to match the network, the EAP parameters need to be # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # # required_roaming_consortium: Required Roaming Consortium OI # Deprecated: use required_home_ois instead. # If required_roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that is required to be advertised by the AP for # the credential to be considered matching. # # roaming_consortiums: Roaming Consortium OI(s) memberships # This string field contains one or more comma delimited OIs (hexdump) # identifying the roaming consortiums of which the provider is a member. # The list is sorted from the most preferred one to the least preferred # one. A match between the Roaming Consortium OIs advertised by an AP and # the OIs in this list indicates that successful authentication is # possible. # (Hotspot 2.0 PerProviderSubscription//HomeSP/RoamingConsortiumOI) # # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected # automatically based on ANQP information (e.g., NAI Realm). # # phase1: Pre-configure Phase 1 (outer authentication) parameters # This optional field is used with like the 'eap' parameter. # # phase2: Pre-configure Phase 2 (inner authentication) parameters # This optional field is used with like the 'eap' parameter. # # excluded_ssid: Excluded SSID # This optional field can be used to excluded specific SSID(s) from # matching with the network. Multiple entries can be used to specify more # than one SSID. # # roaming_partner: Roaming partner information # This optional field can be used to configure preferences between roaming # partners. The field is a string in following format: # ,<0/1 exact match>,,<* or country code> # (non-exact match means any subdomain matches the entry; priority is in # 0..255 range with 0 being the highest priority) # # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # # provisioning_sp: FQDN of the SP that provisioned the credential # This optional field can be used to keep track of the SP that provisioned # the credential to find the PPS MO (./Wi-Fi/). # # Minimum backhaul threshold (PPS//Policy/MinBackhauldThreshold/*) # These fields can be used to specify minimum download/upload backhaul # bandwidth that is preferred for the credential. This constraint is # ignored if the AP does not advertise WAN Metrics information or if the # limit would prevent any connection. Values are in kilobits per second. # min_dl_bandwidth_home # min_ul_bandwidth_home # min_dl_bandwidth_roaming # min_ul_bandwidth_roaming # # max_bss_load: Maximum BSS Load Channel Utilization (1..255) # (PPS//Policy/MaximumBSSLoadValue) # This value is used as the maximum channel utilization for network # selection purposes for home networks. If the AP does not advertise # BSS Load or if the limit would prevent any connection, this constraint # will be ignored. # # req_conn_capab: Required connection capability # (PPS//Policy/RequiredProtoPortTuple) # This value is used to configure set of required protocol/port pairs that # a roaming network shall support (include explicitly in Connection # Capability ANQP element). This constraint is ignored if the AP does not # advertise Connection Capability or if this constraint would prevent any # network connection. This policy is not used in home networks. # Format: [: ... # # Example: # sched_scan_plans=10:100 20:200 30 # Multi Band Operation (MBO) non-preferred channels # A space delimited list of non-preferred channels where each channel is a colon # delimited list of values. # Format: # non_pref_chan=::: # Example: # non_pref_chan=81:5:10:2 81:1:0:2 81:9:0:2 # MBO Cellular Data Capabilities # 1 = Cellular data connection available # 2 = Cellular data connection not available # 3 = Not cellular capable (default) #mbo_cell_capa=3 # Optimized Connectivity Experience (OCE) # oce: Enable OCE features (bitmap) # Set BIT(0) to Enable OCE in non-AP STA mode (default; disabled if the driver # does not indicate support for OCE in STA mode) # Set BIT(1) to Enable OCE in STA-CFON mode #oce=1 # Extended Key ID support for Individually Addressed frames # 0 = force off: Do not use Extended Key ID (default) # 1 = auto: Activate Extended Key ID support if the driver supports it #extended_key_id=0 # network block # # Each network (usually AP's sharing the same SSID) is configured as a separate # block in this configuration file. The network blocks are in preference order # (the first match is used). # # network block fields: # # disabled: # 0 = this network can be used (default) # 1 = this network block is disabled (can be enabled through ctrl_iface, # e.g., with wpa_cli or wpa_gui) # # id_str: Network identifier string for external scripts. This value is passed # to external action script through wpa_cli as WPA_ID_STR environment # variable to make it easier to do network specific configuration. # # ssid: SSID (mandatory); network name in one of the optional formats: # - an ASCII string with double quotation # - a hex string (two characters per octet of SSID) # - a printf-escaped ASCII string P"" # # scan_ssid: # 0 = do not scan this SSID with specific Probe Request frames (default) # 1 = scan with SSID-specific Probe Request frames (this can be used to # find APs that do not accept broadcast SSID or use multiple SSIDs; # this will add latency to scanning, so enable this only when needed) # # bssid: BSSID (optional); if set, this network block is used only when # associating with the AP using the configured BSSID # # ignore_broadcast_ssid: SSID broadcast behavior # Send empty SSID in beacons and ignore probe request frames that do not # specify full SSID, i.e., require stations to know SSID. # default: disabled (0) # 1 = send empty (length=0) SSID in beacon and ignore probe request for # broadcast SSID # 2 = clear SSID (ASCII 0), but keep the original length (this may be required # with some clients that do not support empty SSID) and ignore probe # requests for broadcast SSID # # priority: priority group (integer) # By default, all networks will get same priority group (0). If some of the # networks are more desirable, this field can be used to change the order in # which wpa_supplicant goes through the networks when selecting a BSS. The # priority groups will be iterated in decreasing priority (i.e., the larger the # priority value, the sooner the network is matched against the scan results). # Within each priority group, networks will be selected based on security # policy, signal strength, etc. # Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode are not # using this priority to select the order for scanning. Instead, they try the # networks in the order that used in the configuration file. # # mode: IEEE 802.11 operation mode # 0 = infrastructure (Managed) mode, i.e., associate with an AP (default) # 1 = IBSS (ad-hoc, peer-to-peer) # 2 = AP (access point) # Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP) and # WPA-PSK (with proto=RSN). In addition, key_mgmt=WPA-NONE (fixed group key # TKIP/CCMP) is available for backwards compatibility, but its use is # deprecated. WPA-None requires following network block options: # proto=WPA, key_mgmt=WPA-NONE, pairwise=NONE, group=TKIP (or CCMP, but not # both), and psk must also be set. # # frequency: Channel frequency in megahertz (MHz) for IBSS, e.g., # 2412 = IEEE 802.11b/g channel 1. This value is used to configure the initial # channel for IBSS (adhoc) networks. It is ignored in the infrastructure mode. # In addition, this value is only used by the station that creates the IBSS. If # an IBSS network with the configured SSID is already present, the frequency of # the network will be used instead of this configured value. # # pbss: Whether to use PBSS. Relevant to IEEE 802.11ad networks only. # 0 = do not use PBSS # 1 = use PBSS # 2 = don't care (not allowed in AP mode) # Used together with mode configuration. When mode is AP, it means to start a # PCP instead of a regular AP. When mode is infrastructure it means connect # to a PCP instead of AP. In this mode you can also specify 2 (don't care) # which means connect to either PCP or AP. # P2P_GO and P2P_GROUP_FORMATION modes must use PBSS in IEEE 802.11ad network. # For more details, see IEEE Std 802.11ad-2012. # # scan_freq: List of frequencies to scan # Space-separated list of frequencies in MHz to scan when searching for this # BSS. If the subset of channels used by the network is known, this option can # be used to optimize scanning to not occur on channels that the network does # not use. Example: scan_freq=2412 2437 2462 # # freq_list: Array of allowed frequencies # Space-separated list of frequencies in MHz to allow for selecting the BSS. If # set, scan results that do not match any of the specified frequencies are not # considered when selecting a BSS. # # This can also be set on the outside of the network block. In this case, # it limits the frequencies that will be scanned. # # bgscan: Background scanning # wpa_supplicant behavior for background scanning can be specified by # configuring a bgscan module. These modules are responsible for requesting # background scans for the purpose of roaming within an ESS (i.e., within a # single network block with all the APs using the same SSID). The bgscan # parameter uses following format: ":" # Following bgscan modules are available: # simple - Periodic background scans based on signal strength # send_btm_query > 0 means do this many BTM queries before attempting a scan. # bgscan="simple::: # [:]" # bgscan="simple:30:-45:300" # bgscan="simple:30:-45:300:3" # learn - Learn channels used by the network and try to avoid bgscans on other # channels (experimental) # bgscan="learn::: # [:]" # bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan" # Explicitly disable bgscan by setting # bgscan="" # # This option can also be set outside of all network blocks for the bgscan # parameter to apply for all the networks that have no specific bgscan # parameter. # # proto: list of accepted protocols # WPA = WPA/IEEE 802.11i/D3.0 # RSN = WPA2/IEEE 802.11i (also WPA2 can be used as an alias for RSN) # Note that RSN is used also for WPA3. # If not set, this defaults to: WPA RSN # # key_mgmt: list of accepted authenticated key management protocols # WPA-PSK = WPA pre-shared key (this requires 'psk' field) # WPA-EAP = WPA using EAP authentication # IEEE8021X = IEEE 802.1X using EAP authentication and (optionally) dynamically # generated WEP keys # NONE = WPA is not used; plaintext or static WEP could be used # WPA-NONE = WPA-None for IBSS (deprecated; use proto=RSN key_mgmt=WPA-PSK # instead) # FT-PSK = Fast BSS Transition (IEEE 802.11r) with pre-shared key # FT-EAP = Fast BSS Transition (IEEE 802.11r) with EAP authentication # FT-EAP-SHA384 = Fast BSS Transition (IEEE 802.11r) with EAP authentication # and using SHA384 # WPA-PSK-SHA256 = Like WPA-PSK but using stronger SHA256-based algorithms # WPA-EAP-SHA256 = Like WPA-EAP but using stronger SHA256-based algorithms # SAE = Simultaneous authentication of equals; pre-shared key/password -based # authentication with stronger security than WPA-PSK especially when using # not that strong password; a.k.a. WPA3-Personal # FT-SAE = SAE with FT # WPA-EAP-SUITE-B = Suite B 128-bit level # WPA-EAP-SUITE-B-192 = Suite B 192-bit level # OSEN = Hotspot 2.0 Rel 2 online signup connection # FILS-SHA256 = Fast Initial Link Setup with SHA256 # FILS-SHA384 = Fast Initial Link Setup with SHA384 # FT-FILS-SHA256 = FT and Fast Initial Link Setup with SHA256 # FT-FILS-SHA384 = FT and Fast Initial Link Setup with SHA384 # OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open) # DPP = Device Provisioning Protocol # If not set, this defaults to: WPA-PSK WPA-EAP # # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional # 2 = required # The most common configuration options for this based on the PMF (protected # management frames) certification program are: # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # (and similarly for WPA-PSK and WPA-PSK-SHA256 if WPA2-Personal is used) # WPA3-Personal-only mode: ieee80211w=2 and key_mgmt=SAE # # ocv: whether operating channel validation is enabled # This is a countermeasure against multi-channel on-path attacks. # Enabling this automatically also enables ieee80211w, if not yet enabled. # 0 = disabled (default) # 1 = enabled if wpa_supplicant's SME in use. Otherwise enabled only when the # driver indicates support for operating channel validation. #ocv=1 # # auth_alg: list of allowed IEEE 802.11 authentication algorithms # OPEN = Open System authentication (required for WPA/WPA2) # SHARED = Shared Key authentication (requires static WEP keys) # LEAP = LEAP/Network EAP (only used with LEAP) # If not set, automatic selection is used (Open System with LEAP enabled if # LEAP is allowed as one of the EAP methods). # # pairwise: list of accepted pairwise (unicast) ciphers for WPA # CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] # TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] # NONE = Use only Group Keys (deprecated, should not be included if APs support # pairwise keys) # If not set, this defaults to: CCMP TKIP # # group: list of accepted group (broadcast/multicast) ciphers for WPA # CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] # TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] # WEP104 = WEP (Wired Equivalent Privacy) with 104-bit key # WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key [IEEE 802.11] # If not set, this defaults to: CCMP TKIP WEP104 WEP40 # # group_mgmt: list of accepted group management ciphers for RSN (PMF) # AES-128-CMAC = BIP-CMAC-128 # BIP-GMAC-128 # BIP-GMAC-256 # BIP-CMAC-256 # If not set, no constraint on the cipher, i.e., accept whichever cipher the AP # indicates. # # psk: WPA preshared key; 256-bit pre-shared key # The key used in WPA-PSK mode can be entered either as 64 hex-digits, i.e., # 32 bytes or as an ASCII passphrase (in which case, the real PSK will be # generated using the passphrase and SSID). ASCII passphrase must be between # 8 and 63 characters (inclusive). ext: format can # be used to indicate that the PSK/passphrase is stored in external storage. # This field is not needed, if WPA-EAP is used. # Note: Separate tool, wpa_passphrase, can be used to generate 256-bit keys # from ASCII passphrase. This process uses lot of CPU and wpa_supplicant # startup and reconfiguration time can be optimized by generating the PSK only # only when the passphrase or SSID has actually changed. # # mem_only_psk: Whether to keep PSK/passphrase only in memory # 0 = allow psk/passphrase to be stored to the configuration file # 1 = do not store psk/passphrase to the configuration file #mem_only_psk=0 # # sae_password: SAE password # This parameter can be used to set a password for SAE. By default, the # passphrase from the psk parameter is used if this separate parameter is not # used, but psk follows the WPA-PSK constraints (8..63 characters) even though # SAE passwords do not have such constraints. # # sae_password_id: SAE password identifier # This parameter can be used to set an identifier for the SAE password. By # default, no such identifier is used. If set, the specified identifier value # is used by the other peer to select which password to use for authentication. # # eapol_flags: IEEE 802.1X/EAPOL options (bit field) # Dynamic WEP key required for non-WPA mode # bit0 (1): require dynamically generated unicast WEP key # bit1 (2): require dynamically generated broadcast WEP key # (3 = require both keys; default) # Note: When using wired authentication (including MACsec drivers), # eapol_flags must be set to 0 for the authentication to be completed # successfully. # # macsec_policy: IEEE 802.1X/MACsec options # This determines how sessions are secured with MACsec (only for MACsec # drivers). # 0: MACsec not in use (default) # 1: MACsec enabled - Should secure, accept key server's advice to # determine whether to use a secure session or not. # # macsec_integ_only: IEEE 802.1X/MACsec transmit mode # This setting applies only when MACsec is in use, i.e., # - macsec_policy is enabled # - the key server has decided to enable MACsec # 0: Encrypt traffic (default) # 1: Integrity only # # macsec_replay_protect: IEEE 802.1X/MACsec replay protection # This setting applies only when MACsec is in use, i.e., # - macsec_policy is enabled # - the key server has decided to enable MACsec # 0: Replay protection disabled (default) # 1: Replay protection enabled # # macsec_replay_window: IEEE 802.1X/MACsec replay protection window # This determines a window in which replay is tolerated, to allow receipt # of frames that have been misordered by the network. # This setting applies only when MACsec replay protection active, i.e., # - macsec_replay_protect is enabled # - the key server has decided to enable MACsec # 0: No replay window, strict check (default) # 1..2^32-1: number of packets that could be misordered # # macsec_offload - Enable MACsec hardware offload # # This setting applies only when MACsec is in use, i.e., # - the key server has decided to enable MACsec # # 0 = MACSEC_OFFLOAD_OFF (default) # 1 = MACSEC_OFFLOAD_PHY # 2 = MACSEC_OFFLOAD_MAC # # macsec_port: IEEE 802.1X/MACsec port # Port component of the SCI # Range: 1-65534 (default: 1) # # mka_cak, mka_ckn, and mka_priority: IEEE 802.1X/MACsec pre-shared key mode # This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair. # In this mode, instances of wpa_supplicant can act as MACsec peers. The peer # with lower priority will become the key server and start distributing SAKs. # mka_cak (CAK = Secure Connectivity Association Key) takes a 16-byte (128-bit) # hex-string (32 hex-digits) or a 32-byte (256-bit) hex-string (64 hex-digits) # mka_ckn (CKN = CAK Name) takes a 1..32-bytes (8..256 bit) hex-string # (2..64 hex-digits) # mka_priority (Priority of MKA Actor) is in 0..255 range with 255 being # default priority # # mixed_cell: This option can be used to configure whether so called mixed # cells, i.e., networks that use both plaintext and encryption in the same # SSID, are allowed when selecting a BSS from scan results. # 0 = disabled (default) # 1 = enabled # # proactive_key_caching: # Enable/disable opportunistic PMKSA caching for WPA2. # 0 = disabled (default unless changed with the global okc parameter) # 1 = enabled # # ft_eap_pmksa_caching: # Whether FT-EAP PMKSA caching is allowed # 0 = do not try to use PMKSA caching with FT-EAP (default) # 1 = try to use PMKSA caching with FT-EAP # This controls whether to try to use PMKSA caching with FT-EAP for the # FT initial mobility domain association. #ft_eap_pmksa_caching=0 # # wep_key0..3: Static WEP key (ASCII in double quotation, e.g. "abcde" or # hex without quotation, e.g., 0102030405) # wep_tx_keyidx: Default WEP key index (TX) (0..3) # # wpa_ptk_rekey: Maximum lifetime for PTK in seconds. This can be used to # enforce rekeying of PTK to mitigate some attacks against TKIP deficiencies. # # wpa_deny_ptk0_rekey: Workaround for PTK rekey issues # PTK0 rekeys (using only one Key ID value for pairwise keys) can degrade the # security and stability with some cards. # To avoid the issues wpa_supplicant can replace those PTK rekeys (including # EAP reauthentications) with fast reconnects. # # Available options: # 0 = always rekey when configured/instructed (default) # 1 = only rekey when the local driver is explicitly indicating it can perform # this operation without issues # 2 = never allow problematic PTK0 rekeys # # group_rekey: Group rekeying time in seconds. This value, if non-zero, is used # as the dot11RSNAConfigGroupRekeyTime parameter when operating in # Authenticator role in IBSS, or in AP and mesh modes. # # Following fields are only used with internal EAP implementation. # eap: space-separated list of accepted EAP methods # MD5 = EAP-MD5 (insecure and does not generate keying material -> # cannot be used with WPA; to be used as a Phase 2 method # with EAP-PEAP or EAP-TTLS) # MSCHAPV2 = EAP-MSCHAPv2 (cannot be used separately with WPA; to be used # as a Phase 2 method with EAP-PEAP or EAP-TTLS) # OTP = EAP-OTP (cannot be used separately with WPA; to be used # as a Phase 2 method with EAP-PEAP or EAP-TTLS) # GTC = EAP-GTC (cannot be used separately with WPA; to be used # as a Phase 2 method with EAP-PEAP or EAP-TTLS) # TLS = EAP-TLS (client and server certificate) # PEAP = EAP-PEAP (with tunnelled EAP authentication) # TTLS = EAP-TTLS (with tunnelled EAP or PAP/CHAP/MSCHAP/MSCHAPV2 # authentication) # If not set, all compiled in methods are allowed. # # identity: Identity string for EAP # This field is also used to configure user NAI for # EAP-PSK/PAX/SAKE/GPSK. # anonymous_identity: Anonymous identity string for EAP (to be used as the # unencrypted identity with EAP types that support different tunnelled # identity, e.g., EAP-TTLS). This field can also be used with # EAP-SIM/AKA/AKA' to store the pseudonym identity. # password: Password string for EAP. This field can include either the # plaintext password (using ASCII or hex string) or a NtPasswordHash # (16-byte MD4 hash of password) in hash:<32 hex digits> format. # NtPasswordHash can only be used when the password is for MSCHAPv2 or # MSCHAP (EAP-MSCHAPv2, EAP-TTLS/MSCHAPv2, EAP-TTLS/MSCHAP, LEAP). # EAP-PSK (128-bit PSK), EAP-PAX (128-bit PSK), and EAP-SAKE (256-bit # PSK) is also configured using this field. For EAP-GPSK, this is a # variable length PSK. ext: format can # be used to indicate that the password is stored in external storage. # ca_cert: File path to CA certificate file (PEM/DER). This file can have one # or more trusted CA certificates. If ca_cert and ca_path are not # included, server certificate will not be verified. This is insecure and # a trusted CA certificate should always be configured when using # EAP-TLS/TTLS/PEAP. Full path should be used since working directory may # change when wpa_supplicant is run in the background. # # Alternatively, this can be used to only perform matching of the server # certificate (SHA-256 hash of the DER encoded X.509 certificate). In # this case, the possible CA certificates in the server certificate chain # are ignored and only the server certificate is verified. This is # configured with the following format: # hash:://server/sha256/cert_hash_in_hex # For example: "hash://server/sha256/ # 5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a" # # On Windows, trusted CA certificates can be loaded from the system # certificate store by setting this to cert_store://, e.g., # ca_cert="cert_store://CA" or ca_cert="cert_store://ROOT". # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # ca_path: Directory path for CA certificate files (PEM). This path may # contain multiple CA certificates in OpenSSL format. Common use for this # is to point to system trusted CA list which is often installed into # directory like /etc/ssl/certs. If configured, these certificates are # added to the list of trusted CAs. ca_cert may also be included in that # case, but it is not required. # client_cert: File path to client certificate file (PEM/DER) # Full path should be used since working directory may change when # wpa_supplicant is run in the background. # Alternatively, a named configuration blob can be used by setting this # to blob://. # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read from # the PKCS#12 file in this case. Full path should be used since working # directory may change when wpa_supplicant is run in the background. # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # cert://substring_to_match # hash://certificate_thumbprint_in_hex # for example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # Alternatively, a named configuration blob can be used by setting this # to blob://. # private_key_passwd: Password for private key file (if left out, this will be # asked through control interface) # subject_match: Substring to be matched against the subject of the # authentication server certificate. If this string is set, the server # certificate is only accepted if it contains this string in the subject. # The subject string is in following format: # /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as@@example.com # Note: Since this is a substring match, this cannot be used securely to # do a suffix match against a possible domain name in the CN entry. For # such a use case, domain_suffix_match or domain_match should be used # instead. # altsubject_match: Semicolon separated string of entries to be matched against # the alternative subject name of the authentication server certificate. # If this string is set, the server certificate is only accepted if it # contains one of the entries in an alternative subject name extension. # altSubjectName string is in following format: TYPE:VALUE # Example: EMAIL:server@@example.com # Example: DNS:server.example.com;DNS:server2.example.com # Following types are supported: EMAIL, DNS, URI # domain_suffix_match: Constraint for server domain name. If set, this FQDN is # used as a suffix match requirement for the AAA server certificate in # SubjectAltName dNSName element(s). If a matching dNSName is found, this # constraint is met. If no dNSName values are present, this constraint is # matched against SubjectName CN using same suffix match comparison. # # Suffix match here means that the host/domain name is compared one label # at a time starting from the top-level domain and all the labels in # domain_suffix_match shall be included in the certificate. The # certificate may include additional sub-level labels in addition to the # required labels. # # More than one match string can be provided by using semicolons to # separate the strings (e.g., example.org;example.com). When multiple # strings are specified, a match with any one of the values is considered # a sufficient match for the certificate, i.e., the conditions are ORed # together. # # For example, domain_suffix_match=example.com would match # test.example.com but would not match test-example.com. # domain_match: Constraint for server domain name # If set, this FQDN is used as a full match requirement for the # server certificate in SubjectAltName dNSName element(s). If a # matching dNSName is found, this constraint is met. If no dNSName # values are present, this constraint is matched against SubjectName CN # using same full match comparison. This behavior is similar to # domain_suffix_match, but has the requirement of a full match, i.e., # no subdomains or wildcard matches are allowed. Case-insensitive # comparison is used, so "Example.com" matches "example.com", but would # not match "test.Example.com". # # More than one match string can be provided by using semicolons to # separate the strings (e.g., example.org;example.com). When multiple # strings are specified, a match with any one of the values is considered # a sufficient match for the certificate, i.e., the conditions are ORed # together. # phase1: Phase1 (outer authentication, i.e., TLS tunnel) parameters # (string with field-value pairs, e.g., "peapver=0" or # "peapver=1 peaplabel=1") # 'peapver' can be used to force which PEAP version (0 or 1) is used. # 'peaplabel=1' can be used to force new label, "client PEAP encryption", # to be used during key derivation when PEAPv1 or newer. Most existing # PEAPv1 implementation seem to be using the old label, "client EAP # encryption", and wpa_supplicant is now using that as the default value. # Some servers, e.g., Radiator, may require peaplabel=1 configuration to # interoperate with PEAPv1; see eap_testing.txt for more details. # 'peap_outer_success=0' can be used to terminate PEAP authentication on # tunneled EAP-Success. This is required with some RADIUS servers that # implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g., # Lucent NavisRadius v4.4.0 with PEAP in "IETF Draft 5" mode) # include_tls_length=1 can be used to force wpa_supplicant to include # TLS Message Length field in all TLS messages even if they are not # fragmented. # sim_min_num_chal=3 can be used to configure EAP-SIM to require three # challenges (by default, it accepts 2 or 3) # result_ind=1 can be used to enable EAP-SIM and EAP-AKA to use # protected result indication. # 'crypto_binding' option can be used to control PEAPv0 cryptobinding # behavior: # * 0 = do not use cryptobinding (default) # * 1 = use cryptobinding if server supports it # * 2 = require cryptobinding # 'phase2_auth' option can be used to control Phase 2 (i.e., within TLS # tunnel) behavior for PEAP: # * 0 = do not require Phase 2 authentication # * 1 = require Phase 2 authentication when client certificate # (private_key/client_cert) is no used and TLS session resumption was # not used (default) # * 2 = require Phase 2 authentication in all cases # EAP-WSC (WPS) uses following options: pin= or # pbc=1. # # For wired IEEE 802.1X authentication, "allow_canned_success=1" can be # used to configure a mode that allows EAP-Success (and EAP-Failure) # without going through authentication step. Some switches use such # sequence when forcing the port to be authorized/unauthorized or as a # fallback option if the authentication server is unreachable. By default, # wpa_supplicant discards such frames to protect against potential attacks # by rogue devices, but this option can be used to disable that protection # for cases where the server/authenticator does not need to be # authenticated. # phase2: Phase2 (inner authentication with TLS tunnel) parameters # (string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or # "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS). "mschapv2_retry=0" can be # used to disable MSCHAPv2 password retry in authentication failure cases. # # TLS-based methods can use the following parameters to control TLS behavior # (these are normally in the phase1 parameter, but can be used also in the # phase2 parameter when EAP-TLS is used within the inner tunnel): # tls_allow_md5=1 - allow MD5-based certificate signatures (depending on the # TLS library, these may be disabled by default to enforce stronger # security) # tls_disable_time_checks=1 - ignore certificate validity time (this requests # the TLS library to accept certificates even if they are not currently # valid, i.e., have expired or have not yet become valid; this should be # used only for testing purposes) # tls_disable_session_ticket=1 - disable TLS Session Ticket extension # tls_disable_session_ticket=0 - allow TLS Session Ticket extension to be used # Note: If not set, this is automatically set to 1 for EAP-TLS/PEAP/TTLS # as a workaround for broken authentication server implementations unless # EAP workarounds are disabled with eap_workaround=0. # For EAP-FAST, this must be set to 0 (or left unconfigured for the # default value to be used automatically). # tls_disable_tlsv1_0=1 - disable use of TLSv1.0 # tls_disable_tlsv1_0=0 - explicitly enable use of TLSv1.0 (this allows # systemwide TLS policies to be overridden) # tls_disable_tlsv1_1=1 - disable use of TLSv1.1 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_disable_tlsv1_1=0 - explicitly enable use of TLSv1.1 (this allows # systemwide TLS policies to be overridden) # tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_disable_tlsv1_2=0 - explicitly enable use of TLSv1.2 (this allows # systemwide TLS policies to be overridden) # tls_disable_tlsv1_3=1 - disable use of TLSv1.3 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_disable_tlsv1_3=0 - enable TLSv1.3 (experimental - disabled by default) # tls_ext_cert_check=0 - No external server certificate validation (default) # tls_ext_cert_check=1 - External server certificate validation enabled; this # requires an external program doing validation of server certificate # chain when receiving CTRL-RSP-EXT_CERT_CHECK event from the control # interface and report the result of the validation with # CTRL-RSP_EXT_CERT_CHECK. # tls_suiteb=0 - do not apply Suite B 192-bit constraints on TLS (default) # tls_suiteb=1 - apply Suite B 192-bit constraints on TLS; this is used in # particular when using Suite B with RSA keys of >= 3K (3072) bits # allow_unsafe_renegotiation=1 - allow connection with a TLS server that does # not support safe renegotiation (RFC 5746); please note that this # workaround should be only when having to authenticate with an old # authentication server that cannot be updated to use secure TLS # implementation. # # Following certificate/private key fields are used in inner Phase2 # authentication when using EAP-TTLS or EAP-PEAP. # ca_cert2: File path to CA certificate file. This file can have one or more # trusted CA certificates. If ca_cert2 and ca_path2 are not included, # server certificate will not be verified. This is insecure and a trusted # CA certificate should always be configured. # ca_path2: Directory path for CA certificate files (PEM) # client_cert2: File path to client certificate file # private_key2: File path to client private key file # private_key2_passwd: Password for private key file # dh_file2: File path to DH/DSA parameters file (in PEM format) # subject_match2: Substring to be matched against the subject of the # authentication server certificate. See subject_match for more details. # altsubject_match2: Semicolon separated string of entries to be matched # against the alternative subject name of the authentication server # certificate. See altsubject_match documentation for more details. # domain_suffix_match2: Constraint for server domain name. See # domain_suffix_match for more details. # ocsp2: See ocsp for more details. # # Separate machine credentials can be configured for EAP-TEAP Phase 2 with # "machine_" prefix (e.g., "machine_identity") in the configuration parameters. # See the parameters without that prefix for more details on the meaning and # format of each such parameter. # # fragment_size: Maximum EAP fragment size in bytes (default 1398). # This value limits the fragment size for EAP methods that support # fragmentation (e.g., EAP-TLS and EAP-PEAP). This value should be set # small enough to make the EAP messages fit in MTU of the network # interface used for EAPOL. The default value is suitable for most # cases. # # ocsp: Whether to use/require OCSP to check server certificate # 0 = do not use OCSP stapling (TLS certificate status extension) # 1 = try to use OCSP stapling, but not require response # 2 = require valid OCSP stapling response # 3 = require valid OCSP stapling response for all not-trusted # certificates in the server certificate chain # # openssl_ciphers: OpenSSL specific cipher configuration # This can be used to override the global openssl_ciphers configuration # parameter (see above). # # erp: Whether EAP Re-authentication Protocol (ERP) is enabled # # EAP-FAST variables: # pac_file: File path for the PAC entries. wpa_supplicant will need to be able # to create this file and write updates to it when PAC is being # provisioned or refreshed. Full path to the file should be used since # working directory may change when wpa_supplicant is run in the # background. Alternatively, a named configuration blob can be used by # setting this to blob:// # phase1: fast_provisioning option can be used to enable in-line provisioning # of EAP-FAST credentials (PAC): # 0 = disabled, # 1 = allow unauthenticated provisioning, # 2 = allow authenticated provisioning, # 3 = allow both unauthenticated and authenticated provisioning # fast_max_pac_list_len= option can be used to set the maximum # number of PAC entries to store in a PAC list (default: 10) # fast_pac_format=binary option can be used to select binary format for # storing PAC entries in order to save some space (the default # text format uses about 2.5 times the size of minimal binary # format) # # wpa_supplicant supports number of "EAP workarounds" to work around # interoperability issues with incorrectly behaving authentication servers. # These are enabled by default because some of the issues are present in large # number of authentication servers. Strict EAP conformance mode can be # configured by disabling workarounds with eap_workaround=0. # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # # roaming_consortium_selection: Roaming Consortium Selection # The matching Roaming Consortium OI that was used to generate this # network profile. # Station inactivity limit # # If a station does not send anything in ap_max_inactivity seconds, an # empty data frame is sent to it in order to verify whether it is # still in range. If this frame is not ACKed, the station will be # disassociated and then deauthenticated. This feature is used to # clear station table of old entries when the STAs move out of the # range. # # The station can associate again with the AP if it is still in range; # this inactivity poll is just used as a nicer way of verifying # inactivity; i.e., client will not report broken connection because # disassociation frame is not sent immediately without first polling # the STA with a data frame. # default: 300 (i.e., 5 minutes) #ap_max_inactivity=300 # DTIM period in Beacon intervals for AP mode (default: 2) #dtim_period=2 # Beacon interval (default: 100 TU) #beacon_int=100 # WPS in AP mode # 0 = WPS enabled and configured (default) # 1 = WPS disabled #wps_disabled=0 # FILS DH Group # 0 = PFS disabled with FILS shared key authentication (default) # 1-65535 = DH Group to use for FILS PFS #fils_dh_group=0 # DPP PFS # 0: allow PFS to be used or not used (default) # 1: require PFS to be used (note: not compatible with DPP R1) # 2: do not allow PFS to be used #dpp_pfs=0 # DPP Network introduction type # 0: unprotected variant from DPP R1 (default) # 1: privacy protecting (station Connector encrypted) variant from # DPP R3 #dpp_connector_privacy=0 # Whether beacon protection is enabled # This depends on management frame protection (ieee80211w) being enabled and # beacon protection support indication from the driver. # 0 = disabled (default) # 1 = enabled #beacon_prot=0 # OWE DH Group # 0: use default (19) first and then try all supported groups one by one if AP # rejects the selected group # 1-65535: DH Group to use for OWE # Groups 19 (NIST P-256), 20 (NIST P-384), and 21 (NIST P-521) are # currently supported. #owe_group=0 # OWE-only mode (disable transition mode) # 0: enable transition mode (allow connection to either OWE or open BSS) # 1 = disable transition mode (allow connection only with OWE) #owe_only=0 # OWE PTK derivation workaround # Initial OWE implementation used SHA256 when deriving the PTK for all # OWE groups. This was supposed to change to SHA384 for group 20 and # SHA512 for group 21. This parameter can be used to enable older # behavior mainly for testing purposes. There is no impact to group 19 # behavior, but if enabled, this will make group 20 and 21 cases use # SHA256-based PTK derivation which will not work with the updated # OWE implementation on the AP side. #owe_ptk_workaround=0 # Transition Disable indication # The AP can notify authenticated stations to disable transition mode # in their network profiles when the network has completed transition # steps, i.e., once sufficiently large number of APs in the ESS have # been updated to support the more secure alternative. When this # indication is used, the stations are expected to automatically # disable transition mode and less secure security options. This # includes use of WEP, TKIP (including use of TKIP as the group # cipher), and connections without PMF. # Bitmap bits: # bit 0 (0x01): WPA3-Personal (i.e., disable WPA2-Personal = WPA-PSK # and only allow SAE to be used) # bit 1 (0x02): SAE-PK (disable SAE without use of SAE-PK) # bit 2 (0x04): WPA3-Enterprise (move to requiring PMF) # bit 3 (0x08): Enhanced Open (disable use of open network; require # OWE) # SAE-PK mode # 0: automatic SAE/SAE-PK selection based on password; enable # transition mode (allow SAE authentication without SAE-PK) # 1: SAE-PK only (disable transition mode; allow SAE authentication # only with SAE-PK) # 2: disable SAE-PK (allow SAE authentication only without SAE-PK) #sae_pk=0 # MAC address policy # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) #mac_addr=0 # disable_ht: Whether HT (802.11n) should be disabled. # 0 = HT enabled (if AP supports it) # 1 = HT disabled # # disable_ht40: Whether HT-40 (802.11n) should be disabled. # 0 = HT-40 enabled (if AP supports it) # 1 = HT-40 disabled # # disable_sgi: Whether SGI (short guard interval) should be disabled. # 0 = SGI enabled (if AP supports it) # 1 = SGI disabled # # disable_ldpc: Whether LDPC should be disabled. # 0 = LDPC enabled (if AP supports it) # 1 = LDPC disabled # # ht40_intolerant: Whether 40 MHz intolerant should be indicated. # 0 = 40 MHz tolerant (default) # 1 = 40 MHz intolerant # # ht_mcs: Configure allowed MCS rates. # Parsed as an array of bytes, in base-16 (ascii-hex) # ht_mcs="" // Use all available (default) # ht_mcs="0xff 00 00 00 00 00 00 00 00 00 " // Use MCS 0-7 only # ht_mcs="0xff ff 00 00 00 00 00 00 00 00 " // Use MCS 0-15 only # # disable_max_amsdu: Whether MAX_AMSDU should be disabled. # -1 = Do not make any changes. # 0 = Enable MAX-AMSDU if hardware supports it. # 1 = Disable AMSDU # # ampdu_factor: Maximum A-MPDU Length Exponent # Value: 0-3, see 7.3.2.56.3 in IEEE Std 802.11n-2009. # # ampdu_density: Allow overriding AMPDU density configuration. # Treated as hint by the kernel. # -1 = Do not make any changes. # 0-3 = Set AMPDU density (aka factor) to specified value. # # tx_stbc: Allow overriding STBC support for TX streams # Value: 0-1, see IEEE Std 802.11-2016, 9.4.2.56.2. # -1 = Do not make any changes (default) # 0 = Set if not supported # 1 = Set if supported # # rx_stbc: Allow overriding STBC support for RX streams # Value: 0-3, see IEEE Std 802.11-2016, 9.4.2.56.2. # -1 = Do not make any changes (default) # 0 = Set if not supported # 1 = Set for support of one spatial stream # 2 = Set for support of one and two spatial streams # 3 = Set for support of one, two and three spatial streams # disable_vht: Whether VHT should be disabled. # 0 = VHT enabled (if AP supports it) # 1 = VHT disabled # # vht_capa: VHT capabilities to set in the override # vht_capa_mask: mask of VHT capabilities # # vht_rx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for RX NSS 1-8 # vht_tx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for TX NSS 1-8 # 0: MCS 0-7 # 1: MCS 0-8 # 2: MCS 0-9 # 3: not supported # disable_eht: Whether EHT should be disabled. # 0 = EHT enabled (if supported) (default) # 1 = EHT disabled # multi_ap_backhaul_sta: Multi-AP backhaul STA functionality # 0 = normal STA (default) # 1 = backhaul STA # A backhaul STA sends the Multi-AP IE, fails to associate if the AP does not # support Multi-AP, and sets 4-address mode if it does. Thus, the netdev can be # added to a bridge to allow forwarding frames over this backhaul link. # Multi-AP Profile # Indicate the supported Multi-AP profile # 1 = Supports Multi-AP profile 1 as defined in Wi-Fi EasyMesh specification # 2 = Supports Multi-AP profile 2 as defined in Wi-Fi EasyMesh specification #multi_ap_profile=2 ##### Fast Session Transfer (FST) support ##################################### # # The options in this section are only available when the build configuration # option CONFIG_FST is set while compiling wpa_supplicant. They allow this # interface to be a part of FST setup. # # FST is the transfer of a session from a channel to another channel, in the # same or different frequency bands. # # For details, see IEEE Std 802.11ad-2012. # Identifier of an FST Group the interface belongs to. #fst_group_id=bond0 # Interface priority within the FST Group. # Announcing a higher priority for an interface means declaring it more # preferable for FST switch. # fst_priority is in 1..255 range with 1 being the lowest priority. #fst_priority=100 # Default LLT value for this interface in milliseconds. The value used in case # no value provided during session setup. Default is 50 msec. # fst_llt is in 1..4294967 range (due to spec limitation, see 10.32.2.2 # Transitioning between states). #fst_llt=100 # BSS Transition Management # disable_btm - Disable BSS transition management in STA # Set to 0 to enable BSS transition management (default behavior) # Set to 1 to disable BSS transition management #disable_btm=0 # Enable EDMG capability in STA/AP mode, default value is false #enable_edmg=1 # This value is used to configure the channel bonding feature. # Default value is 0. # Relevant only if enable_edmg is true # In AP mode it defines the EDMG channel to use for AP operation. # In STA mode it defines the EDMG channel for connection (if supported by AP). #edmg_channel=9 # BSS max idle period to request # If nonzero, request the specified number of 1000 TU (i.e., 1.024 s) # as the maximum idle period for the STA during association. #max_idle=600 # Example blocks: # Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers network={ ssid="simple" psk="very secret passphrase" priority=5 } # Same as previous, but request SSID-specific scanning (for APs that reject # broadcast SSID) network={ ssid="second ssid" scan_ssid=1 psk="very secret passphrase" priority=2 } # Only WPA-PSK is used. Any valid cipher combination is accepted. network={ ssid="example" proto=WPA key_mgmt=WPA-PSK pairwise=CCMP TKIP group=CCMP TKIP WEP104 WEP40 psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb priority=2 } # WPA-Personal(PSK) with TKIP and enforcement for frequent PTK rekeying network={ ssid="example" proto=WPA key_mgmt=WPA-PSK pairwise=TKIP group=TKIP psk="not so secure passphrase" wpa_ptk_rekey=600 } # Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used WEP104 # or WEP40 as the group cipher will not be accepted. network={ ssid="example" proto=RSN key_mgmt=WPA-EAP pairwise=CCMP TKIP group=CCMP TKIP eap=TLS identity="user@@example.com" ca_cert="/etc/cert/ca.pem" client_cert="/etc/cert/user.pem" private_key="/etc/cert/user.prv" private_key_passwd="password" priority=1 } # EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new peaplabel # (e.g., Radiator) network={ ssid="example" key_mgmt=WPA-EAP eap=PEAP identity="user@@example.com" password="foobar" ca_cert="/etc/cert/ca.pem" phase1="peaplabel=1" phase2="auth=MSCHAPV2" priority=10 } # EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for the # unencrypted use. Real identity is sent only within an encrypted TLS tunnel. network={ ssid="example" key_mgmt=WPA-EAP eap=TTLS identity="user@@example.com" anonymous_identity="anonymous@@example.com" password="foobar" ca_cert="/etc/cert/ca.pem" priority=2 } # EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the unencrypted # use. Real identity is sent only within an encrypted TLS tunnel. network={ ssid="example" key_mgmt=WPA-EAP eap=TTLS identity="user@@example.com" anonymous_identity="anonymous@@example.com" password="foobar" ca_cert="/etc/cert/ca.pem" phase2="auth=MSCHAPV2" } # WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner # authentication. network={ ssid="example" key_mgmt=WPA-EAP eap=TTLS # Phase1 / outer authentication anonymous_identity="anonymous@@example.com" ca_cert="/etc/cert/ca.pem" # Phase 2 / inner authentication phase2="autheap=TLS" ca_cert2="/etc/cert/ca2.pem" client_cert2="/etc/cer/user.pem" private_key2="/etc/cer/user.prv" private_key2_passwd="password" priority=2 } # Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as pairwise and # group cipher. network={ ssid="example" bssid=00:11:22:33:44:55 proto=WPA RSN key_mgmt=WPA-PSK WPA-EAP pairwise=CCMP group=CCMP psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb } # Special characters in SSID, so use hex string. Default to WPA-PSK, WPA-EAP # and all valid ciphers. network={ ssid=00010203 psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f } # EAP-SIM with a GSM SIM or USIM network={ ssid="eap-sim-test" key_mgmt=WPA-EAP eap=SIM pin="1234" pcsc="" } # EAP-PSK network={ ssid="eap-psk-test" key_mgmt=WPA-EAP eap=PSK anonymous_identity="eap_psk_user" password=06b4be19da289f475aa46a33cb793029 identity="eap_psk_user@@example.com" } # IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA) using # EAP-TLS for authentication and key generation; require both unicast and # broadcast WEP keys. network={ ssid="1x-test" key_mgmt=IEEE8021X eap=TLS identity="user@@example.com" ca_cert="/etc/cert/ca.pem" client_cert="/etc/cert/user.pem" private_key="/etc/cert/user.prv" private_key_passwd="password" eapol_flags=3 } # LEAP with dynamic WEP keys network={ ssid="leap-example" key_mgmt=IEEE8021X eap=LEAP identity="user" password="foobar" } # EAP-IKEv2 using shared secrets for both server and peer authentication network={ ssid="ikev2-example" key_mgmt=WPA-EAP eap=IKEV2 identity="user" password="foobar" } # EAP-FAST with WPA (WPA or WPA2) network={ ssid="eap-fast-test" key_mgmt=WPA-EAP eap=FAST anonymous_identity="FAST-000102030405" identity="username" password="password" phase1="fast_provisioning=1" pac_file="/etc/wpa_supplicant.eap-fast-pac" } network={ ssid="eap-fast-test" key_mgmt=WPA-EAP eap=FAST anonymous_identity="FAST-000102030405" identity="username" password="password" phase1="fast_provisioning=1" pac_file="blob://eap-fast-pac" } # Plaintext connection (no WPA, no IEEE 802.1X) network={ ssid="plaintext-test" key_mgmt=NONE } # Shared WEP key connection (no WPA, no IEEE 802.1X) network={ ssid="static-wep-test" key_mgmt=NONE wep_key0="abcde" wep_key1=0102030405 wep_key2="1234567890123" wep_tx_keyidx=0 priority=5 } # Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared Key # IEEE 802.11 authentication network={ ssid="static-wep-test2" key_mgmt=NONE wep_key0="abcde" wep_key1=0102030405 wep_key2="1234567890123" wep_tx_keyidx=0 priority=5 auth_alg=SHARED } # IBSS/ad-hoc network with RSN network={ ssid="ibss-rsn" key_mgmt=WPA-PSK proto=RSN psk="12345678" mode=1 frequency=2412 pairwise=CCMP group=CCMP } # IBSS/ad-hoc network with WPA-None/TKIP (deprecated) network={ ssid="test adhoc" mode=1 frequency=2412 proto=WPA key_mgmt=WPA-NONE pairwise=NONE group=TKIP psk="secret passphrase" } # open mesh network network={ ssid="test mesh" mode=5 frequency=2437 key_mgmt=NONE } # secure (SAE + AMPE) network network={ ssid="secure mesh" mode=5 frequency=2437 key_mgmt=SAE psk="very secret passphrase" } # Catch all example that allows more or less all configuration modes network={ ssid="example" scan_ssid=1 key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE pairwise=CCMP TKIP group=CCMP TKIP WEP104 WEP40 psk="very secret passphrase" eap=TTLS PEAP TLS identity="user@@example.com" password="foobar" ca_cert="/etc/cert/ca.pem" client_cert="/etc/cert/user.pem" private_key="/etc/cert/user.prv" private_key_passwd="password" phase1="peaplabel=0" } # Example of EAP-TLS with smartcard (openssl engine) network={ ssid="example" key_mgmt=WPA-EAP eap=TLS proto=RSN pairwise=CCMP TKIP group=CCMP TKIP identity="user@@example.com" ca_cert="/etc/cert/ca.pem" # Certificate and/or key identified by PKCS#11 URI (RFC7512) client_cert="pkcs11:manufacturer=piv_II;id=%01" private_key="pkcs11:manufacturer=piv_II;id=%01" # Optional PIN configuration; this can be left out and PIN will be # asked through the control interface pin="1234" } # Example configuration showing how to use an inlined blob as a CA certificate # data instead of using external file network={ ssid="example" key_mgmt=WPA-EAP eap=TTLS identity="user@@example.com" anonymous_identity="anonymous@@example.com" password="foobar" ca_cert="blob://exampleblob" priority=20 } blob-base64-exampleblob={ SGVsbG8gV29ybGQhCg== } # Wildcard match for SSID (plaintext APs only). This example select any # open AP regardless of its SSID. network={ key_mgmt=NONE } # Example configuration ignoring two APs - these will be ignored # for this network. network={ ssid="example" psk="very secret passphrase" bssid_ignore=02:11:22:33:44:55 02:22:aa:44:55:66 } # Example configuration limiting AP selection to a specific set of APs; # any other AP not matching the masked address will be ignored. network={ ssid="example" psk="very secret passphrase" bssid_accept=02:55:ae:bc:00:00/ff:ff:ff:ff:00:00 00:00:77:66:55:44/00:00:ff:ff:ff:ff } # Example config file that will only scan on channel 36. freq_list=5180 network={ key_mgmt=NONE } # Example configuration using EAP-TTLS for authentication and key # generation for MACsec network={ key_mgmt=IEEE8021X eap=TTLS phase2="auth=PAP" anonymous_identity="anonymous@@example.com" identity="user@@example.com" password="secretr" ca_cert="/etc/cert/ca.pem" eapol_flags=0 macsec_policy=1 } # Example configuration for MACsec with preshared key network={ key_mgmt=NONE eapol_flags=0 macsec_policy=1 mka_cak=0123456789ABCDEF0123456789ABCDEF mka_ckn=6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435 mka_priority=128 } @ 1.2 log @https://www.phoronix.com/news/IWD-WPA-WiFi-Auth-Vulns https://www.top10vpn.com/research/wifi-vulnerabilities/ PEAP client: Update Phase 2 authentication requirements The previous PEAP client behavior allowed the server to skip Phase 2 authentication with the expectation that the server was authenticated during Phase 1 through TLS server certificate validation. Various PEAP specifications are not exactly clear on what the behavior on this front is supposed to be and as such, this ended up being more flexible than the TTLS/FAST/TEAP cases. However, this is not really ideal when unfortunately common misconfiguration of PEAP is used in deployed devices where the server trust root (ca_cert) is not configured or the user has an easy option for allowing this validation step to be skipped. Change the default PEAP client behavior to be to require Phase 2 authentication to be successfully completed for cases where TLS session resumption is not used and the client certificate has not been configured. Those two exceptions are the main cases where a deployed authentication server might skip Phase 2 and as such, where a more strict default behavior could result in undesired interoperability issues. Requiring Phase 2 authentication will end up disabling TLS session resumption automatically to avoid interoperability issues. Allow Phase 2 authentication behavior to be configured with a new phase1 configuration parameter option: 'phase2_auth' option can be used to control Phase 2 (i.e., within TLS tunnel) behavior for PEAP: * 0 = do not require Phase 2 authentication * 1 = require Phase 2 authentication when client certificate (private_key/client_cert) is no used and TLS session resumption was not used (default) * 2 = require Phase 2 authentication in all cases @ text @d97 2 a98 5 # 0: driver takes care of scanning, AP selection, and IEEE 802.11 association # parameters (e.g., WPA IE generation); this mode can also be used with # non-WPA drivers when using IEEE 802.1X mode; do not try to associate with # APs (i.e., external program needs to control association). This mode must # also be used when using wired Ethernet drivers (including MACsec). d106 2 a107 2 # Note: ap_scan=2 should not be used with the nl80211 driver interface (the # current Linux interface). ap_scan=1 is optimized work working with nl80211. d153 3 d314 20 d372 2 d375 5 d422 28 d463 10 d499 3 d506 1 d513 4 d530 5 d575 1 a575 1 # Homogenous ESS identifier d691 18 d710 1 d720 1 d826 1 a826 1 # roaming_consortium=223344 d876 5 d912 10 d985 1 d987 1 a987 1 # " d989 1 d1045 2 a1046 1 # (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) d1049 1 a1049 1 # This is a countermeasure against multi-channel man-in-the-middle attacks. d1052 2 a1053 1 # 1 = enabled d1152 9 d1202 12 a1300 8 # dh_file: File path to DH/DSA parameters file (in PEM format) # This is an optional configuration file for setting parameters for an # ephemeral DH key exchange. In most cases, the default RSA # authentication does not use this configuration. However, it is possible # setup RSA to use ephemeral DH key exchange. In addition, ciphers with # DSA keys always use ephemeral DH keys. This can be used to achieve # forward secrecy. If the file is in DSA parameters format, it will be # automatically converted into DH params. d1444 5 d1468 6 d1561 67 d1701 4 d1712 6 d1750 15 d2115 1 a2115 1 # Example configuration blacklisting two APs - these will be ignored d2120 1 a2120 1 bssid_blacklist=02:11:22:33:44:55 02:22:aa:44:55:66 d2128 1 a2128 1 bssid_whitelist=02:55:ae:bc:00:00/ff:ff:ff:ff:00:00 00:00:77:66:55:44/00:00:ff:ff:ff:ff @ 1.2.2.1 log @Sync with HEAD @ text @d97 5 a101 2 # 0: This mode must only be used when using wired Ethernet drivers # (including MACsec). d109 2 a110 2 # Note: ap_scan=0/2 should not be used with the nl80211 driver interface (the # current Linux interface). ap_scan=1 is the only option working with nl80211. a155 3 # Enable 802.11s layer-2 routing and forwarding (dot11MeshForwarding) #mesh_fwding=1 a313 20 # Device Provisioning Protocol (DPP) parameters # # How to process DPP configuration # 0 = report received configuration to an external program for # processing; do not generate any network profile internally (default) # 1 = report received configuration to an external program and generate # a network profile internally, but do not automatically connect # to the created (disabled) profile; the network profile id is # reported to external programs # 2 = report received configuration to an external program, generate # a network profile internally, try to connect to the created # profile automatically #dpp_config_processing=0 # # Name for Enrollee's DPP Configuration Request #dpp_name=Test # # MUD URL for Enrollee's DPP Configuration Request (optional) #dpp_mud_url=https://example.com/mud a351 2 # Test backend which stores passwords in memory. Should only be used for # development purposes. a352 5 # File-based backend which reads passwords from a file. The parameter # identifies the file to read passwords from. The password file follows the # format of wpa_supplicant.conf and accepts simple `key=passphrase` formatted # passwords. #ext_password_backend=file:/path/to/passwords.conf a394 28 # sae_check_mfp: Require PMF support to select SAE key_mgmt # 0 = Do not check PMF for SAE (default) # 1 = Limit SAE when PMF is not enabled # # When enabled SAE will not be selected if PMF will not be used # for the connection. # Scenarios where this check will limit SAE: # 1) ieee80211w=0 is set for the network # 2) The AP does not have PMF enabled. # 3) ieee80211w is unset, pmf=1 is enabled globally, and # the device does not support the BIP cipher. # Consider the configuration of global parameterss sae_check_mfp=1, pmf=1 and a # network configured with ieee80211w unset and key_mgmt=SAE WPA-PSK. # In the example WPA-PSK will be used if the device does not support # the BIP cipher or the AP has PMF disabled. # Limiting SAE with this check can avoid failing to associate to an AP # that is configured with sae_requires_mfp=1 if the device does # not support PMF due to lack of the BIP cipher. # # Enabling this check helps with compliance of the WPA3 # specification for WPA3-Personal transition mode. # The WPA3 specification section 2.3 "WPA3-Personal transition mode" item 8 # states "A STA shall negotiate PMF when associating to an AP using SAE". # With this check WPA3 capable devices when connecting # to transition mode APs that do not advertise PMF support # will not use SAE and instead fallback to PSK. #sae_check_mfp=0 a407 10 # SAE mechanism for PWE derivation # 0 = hunting-and-pecking loop only (default without password identifier) # 1 = hash-to-element only (default with password identifier) # 2 = both hunting-and-pecking loop and hash-to-element enabled # Note: The default value is likely to change from 0 to 2 once the new # hash-to-element mechanism has received more interoperability testing. # When using SAE password identifier, the hash-to-element mechanism is used # regardless of the sae_pwe parameter value. #sae_pwe=0 a433 3 # Seconds to consider old scan results valid for association (default: 5) #scan_res_valid_for_connect=5 a437 1 # 3 = use dedicated/pregenerated MAC address (see mac_value) a443 4 # Local MAC address to use whenever connecting with this network profile # This is used with mac_addr=3. #mac_value=02:12:34:56:78:9a a456 5 # Note that this setting is ignored when a specific MAC address is needed for # a full protocol exchange that includes GAS, e.g., when going through a DPP # exchange that exposes the configured interface address as part of the DP # Public Action frame exchanges before using GAS. That same address is then used # during the GAS exchange as well to avoid breaking the protocol expectations. d497 1 a497 1 # Homogeneous ESS identifier a612 18 # home_ois: Home OI(s) # This string field contains one or more comma delimited OIs (hexdump) # identifying the access the access points that support authentication # with this credential. There are an alternative to the use of the realm # parameter. When using Home OIs to match the network, the EAP parameters # need to be pre-configured with the credentials since the NAI Realm # information may not be available or fetched. # A successful authentication with the access point is possible as soon # as at least one Home OI from the list matches an OI in the Roaming # Consortium advertised by the access point. # (Hotspot 2.0 PerProviderSubscription//HomeSP/HomeOIList//HomeOI) # # required_home_ois: Required Home OI(s) # This string field contains the set of Home OI(s) (hexdump) that are # required to be advertised by the AP for the credential to be considered # matching. # (Hotspot 2.0 PerProviderSubscription//HomeSP/HomeOIList//HomeOIRequired) # a613 1 # Deprecated: use home_ois instead. a622 1 # Deprecated: use required_home_ois instead. d728 1 a728 1 # home_ois="223344" a777 5 # Extended Key ID support for Individually Addressed frames # 0 = force off: Do not use Extended Key ID (default) # 1 = auto: Activate Extended Key ID support if the driver supports it #extended_key_id=0 a808 10 # ignore_broadcast_ssid: SSID broadcast behavior # Send empty SSID in beacons and ignore probe request frames that do not # specify full SSID, i.e., require stations to know SSID. # default: disabled (0) # 1 = send empty (length=0) SSID in beacon and ignore probe request for # broadcast SSID # 2 = clear SSID (ASCII 0), but keep the original length (this may be required # with some clients that do not support empty SSID) and ignore probe # requests for broadcast SSID # a871 1 # send_btm_query > 0 means do this many BTM queries before attempting a scan. d873 1 a873 1 # [:]" a874 1 # bgscan="simple:30:-45:300:3" d930 1 a930 2 # (and similarly for WPA-PSK and WPA-PSK-SHA256 if WPA2-Personal is used) # WPA3-Personal-only mode: ieee80211w=2 and key_mgmt=SAE d933 1 a933 1 # This is a countermeasure against multi-channel on-path attacks. d936 1 a936 2 # 1 = enabled if wpa_supplicant's SME in use. Otherwise enabled only when the # driver indicates support for operating channel validation. a1034 9 # macsec_offload - Enable MACsec hardware offload # # This setting applies only when MACsec is in use, i.e., # - the key server has decided to enable MACsec # # 0 = MACSEC_OFFLOAD_OFF (default) # 1 = MACSEC_OFFLOAD_PHY # 2 = MACSEC_OFFLOAD_MAC # a1075 12 # wpa_deny_ptk0_rekey: Workaround for PTK rekey issues # PTK0 rekeys (using only one Key ID value for pairwise keys) can degrade the # security and stability with some cards. # To avoid the issues wpa_supplicant can replace those PTK rekeys (including # EAP reauthentications) with fast reconnects. # # Available options: # 0 = always rekey when configured/instructed (default) # 1 = only rekey when the local driver is explicitly indicating it can perform # this operation without issues # 2 = never allow problematic PTK0 rekeys # d1163 8 a1313 5 # allow_unsafe_renegotiation=1 - allow connection with a TLS server that does # not support safe renegotiation (RFC 5746); please note that this # workaround should be only when having to authenticate with an old # authentication server that cannot be updated to use secure TLS # implementation. a1332 6 # ocsp2: See ocsp for more details. # # Separate machine credentials can be configured for EAP-TEAP Phase 2 with # "machine_" prefix (e.g., "machine_identity") in the configuration parameters. # See the parameters without that prefix for more details on the meaning and # format of each such parameter. a1419 67 # DPP PFS # 0: allow PFS to be used or not used (default) # 1: require PFS to be used (note: not compatible with DPP R1) # 2: do not allow PFS to be used #dpp_pfs=0 # DPP Network introduction type # 0: unprotected variant from DPP R1 (default) # 1: privacy protecting (station Connector encrypted) variant from # DPP R3 #dpp_connector_privacy=0 # Whether beacon protection is enabled # This depends on management frame protection (ieee80211w) being enabled and # beacon protection support indication from the driver. # 0 = disabled (default) # 1 = enabled #beacon_prot=0 # OWE DH Group # 0: use default (19) first and then try all supported groups one by one if AP # rejects the selected group # 1-65535: DH Group to use for OWE # Groups 19 (NIST P-256), 20 (NIST P-384), and 21 (NIST P-521) are # currently supported. #owe_group=0 # OWE-only mode (disable transition mode) # 0: enable transition mode (allow connection to either OWE or open BSS) # 1 = disable transition mode (allow connection only with OWE) #owe_only=0 # OWE PTK derivation workaround # Initial OWE implementation used SHA256 when deriving the PTK for all # OWE groups. This was supposed to change to SHA384 for group 20 and # SHA512 for group 21. This parameter can be used to enable older # behavior mainly for testing purposes. There is no impact to group 19 # behavior, but if enabled, this will make group 20 and 21 cases use # SHA256-based PTK derivation which will not work with the updated # OWE implementation on the AP side. #owe_ptk_workaround=0 # Transition Disable indication # The AP can notify authenticated stations to disable transition mode # in their network profiles when the network has completed transition # steps, i.e., once sufficiently large number of APs in the ESS have # been updated to support the more secure alternative. When this # indication is used, the stations are expected to automatically # disable transition mode and less secure security options. This # includes use of WEP, TKIP (including use of TKIP as the group # cipher), and connections without PMF. # Bitmap bits: # bit 0 (0x01): WPA3-Personal (i.e., disable WPA2-Personal = WPA-PSK # and only allow SAE to be used) # bit 1 (0x02): SAE-PK (disable SAE without use of SAE-PK) # bit 2 (0x04): WPA3-Enterprise (move to requiring PMF) # bit 3 (0x08): Enhanced Open (disable use of open network; require # OWE) # SAE-PK mode # 0: automatic SAE/SAE-PK selection based on password; enable # transition mode (allow SAE authentication without SAE-PK) # 1: SAE-PK only (disable transition mode; allow SAE authentication # only with SAE-PK) # 2: disable SAE-PK (allow SAE authentication only without SAE-PK) #sae_pk=0 a1492 4 # disable_eht: Whether EHT should be disabled. # 0 = EHT enabled (if supported) (default) # 1 = EHT disabled a1499 6 # Multi-AP Profile # Indicate the supported Multi-AP profile # 1 = Supports Multi-AP profile 1 as defined in Wi-Fi EasyMesh specification # 2 = Supports Multi-AP profile 2 as defined in Wi-Fi EasyMesh specification #multi_ap_profile=2 a1531 15 # Enable EDMG capability in STA/AP mode, default value is false #enable_edmg=1 # This value is used to configure the channel bonding feature. # Default value is 0. # Relevant only if enable_edmg is true # In AP mode it defines the EDMG channel to use for AP operation. # In STA mode it defines the EDMG channel for connection (if supported by AP). #edmg_channel=9 # BSS max idle period to request # If nonzero, request the specified number of 1000 TU (i.e., 1.024 s) # as the maximum idle period for the STA during association. #max_idle=600 d1882 1 a1882 1 # Example configuration ignoring two APs - these will be ignored d1887 1 a1887 1 bssid_ignore=02:11:22:33:44:55 02:22:aa:44:55:66 d1895 1 a1895 1 bssid_accept=02:55:ae:bc:00:00/ff:ff:ff:ff:00:00 00:00:77:66:55:44/00:00:ff:ff:ff:ff @ 1.1 log @Initial revision @ text @d31 1 a31 1 # interface mechanism is used. For all cases, the existance of this parameter d84 2 d101 1 a101 1 # also be used when using wired Ethernet drivers. d109 4 d119 43 d169 2 a170 1 # These options can be used to load OpenSSL engines. d173 3 a175 1 # By default no engines are loaded. d183 10 d201 1 a201 1 # This field can be used to configure arbitrary driver interace parameters. The d221 2 a222 1 # If not configured, UUID will be generated based on the local MAC address. d225 5 d270 3 a272 1 # nfc_interface push_button keypad d274 2 d285 29 d321 23 d350 427 d795 4 a798 2 # ssid: SSID (mandatory); either as an ASCII string with double quotation or # as hex string; network name d825 4 a828 3 # Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP) # and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). WPA-None requires # following network block options: d839 11 d861 26 d890 1 d899 6 d907 13 d922 17 d960 8 d972 2 a973 1 # 8 and 63 characters (inclusive). d980 16 d1001 48 a1048 2 # Note: When using wired authentication, eapol_flags must be set to 0 for the # authentication to be completed successfully. d1052 1 a1052 1 # SSID, are allowed when selecting a BSS form scan results. d1058 1 a1058 1 # 0 = disabled (default) d1061 8 a1072 6 # peerkey: Whether PeerKey negotiation for direct links (IEEE 802.11e DLS) is # allowed. This is only used with RSN/WPA2. # 0 = disabled (default) # 1 = enabled #peerkey=1 # d1076 4 d1082 1 a1082 1 # MD5 = EAP-MD5 (unsecure and does not generate keying material -> d1102 2 a1103 1 # identity, e.g., EAP-TTLS) d1111 2 a1112 1 # variable length PSK. d1173 1 a1173 1 # sertificate is only accepted if it contains this string in the subject. d1176 4 d1182 1 a1182 1 # If this string is set, the server sertificate is only accepted if it d1188 36 d1250 7 d1259 10 d1271 44 a1314 1 # "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS) d1327 6 a1332 3 # authentication server certificate. # altsubject_match2: Substring to be matched against the alternative subject # name of the authentication server certificate. d1341 13 d1380 152 d1778 13 a1790 1 # IBSS/ad-hoc network with WPA-None/TKIP. d1802 17 a1847 1 client_cert="/etc/cert/user.pem" d1849 3 a1851 14 engine=1 # The engine configured here must be available. Look at # OpenSSL engine support in the global section. # The key available through the engine must be the private key # matching the client certificate configured above. # use the opensc engine #engine_id="opensc" #key_id="45" # use the pkcs11 engine engine_id="pkcs11" key_id="id_45" d1881 47 @ 1.1.1.1 log @Import wpa_supplicant and hostapd @ text @@ 1.1.1.1.14.1 log @ Pull up following revision(s) (requested by mrg in ticket #1492): doc/3RDPARTY: patch external/bsd/wpa/bin/Makefile.inc: up to 1.6 external/bsd/wpa/bin/hostapd/Makefile: up to 1.10 external/bsd/wpa/bin/hostapd/aes-xinternal.c: up to 1.2 external/bsd/wpa/bin/hostapd/hostapd.8: up to 1.5 external/bsd/wpa/bin/hostapd/hostapd.conf.5: up to 1.3 external/bsd/wpa/bin/hostapd_cli/Makefile: up to 1.3 external/bsd/wpa/bin/hostapd_cli/hostapd_cli.8: up to 1.3 external/bsd/wpa/bin/wpa_cli/Makefile: up to 1.5 external/bsd/wpa/bin/wpa_cli/wpa_cli.8: up to 1.3 external/bsd/wpa/bin/wpa_passphrase/Makefile: up to 1.4 external/bsd/wpa/bin/wpa_passphrase/wpa_passphrase.8: up to 1.4 external/bsd/wpa/bin/wpa_supplicant/Makefile: up to 1.9 external/bsd/wpa/bin/wpa_supplicant/aes-xinternal.c: up to 1.2 external/bsd/wpa/bin/wpa_supplicant/wpa_supplicant.8: up to 1.8 external/bsd/wpa/bin/wpa_supplicant/wpa_supplicant.conf.5: up to 1.4 external/bsd/wpa/dist/CONTRIBUTIONS: up to 1.1.1.3 external/bsd/wpa/dist/COPYING: up to 1.1.1.4 external/bsd/wpa/dist/README: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/.gitignore: delete external/bsd/wpa/dist/hostapd/Android.mk: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/ChangeLog: up to 1.1.1.8 external/bsd/wpa/dist/hostapd/Makefile: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/README: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/README-WPS: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/android.config: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/config_file.c: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/config_file.h: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/ctrl_iface.c: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/ctrl_iface.h: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/defconfig: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/dump_state.c: delete external/bsd/wpa/dist/hostapd/dump_state.h: delete external/bsd/wpa/dist/hostapd/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/eap_register.h: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hapd_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hlr_auc_gw.c: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/hlr_auc_gw.milenage_db: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hlr_auc_gw.txt: up to 1.1.1.1 external/bsd/wpa/dist/hostapd/hostapd.8: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd.android.rc: up to 1.1.1.1 external/bsd/wpa/dist/hostapd/hostapd.conf: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/hostapd.eap_user: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/hostapd.eap_user_sqlite: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd_cli.c: up to 1.9 external/bsd/wpa/dist/hostapd/main.c: up to 1.4 external/bsd/wpa/dist/hostapd/nt_password_hash.c: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/wps-ap-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/Android.mk: up to 1.1.1.3 external/bsd/wpa/dist/hs20/client/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/devdetail.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/devinfo.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/est.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/oma_dm_client.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/osu_client.c: up to 1.1.1.3 external/bsd/wpa/dist/hs20/client/osu_client.h: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/spp_client.c: up to 1.1.1.2 external/bsd/wpa/dist/patches/openssl-0.9.8-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8d-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8e-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8g-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8h-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8i-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.9-session-ticket.patch: delete external/bsd/wpa/dist/src/Makefile: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/accounting.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/accounting.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/acs.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/acs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ap_config.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ap_config.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_drv_ops.c: up to 1.4 external/bsd/wpa/dist/src/ap/ap_drv_ops.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_list.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_list.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ap_mlme.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ap_mlme.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/authsrv.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/authsrv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/beacon.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/beacon.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/bss_load.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/bss_load.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/dfs.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/dfs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dhcp_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dhcp_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/drv_callbacks.c: up to 1.3 external/bsd/wpa/dist/src/ap/eap_user_db.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/gas_serv.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/gas_serv.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/hostapd.c: up to 1.3 external/bsd/wpa/dist/src/ap/hostapd.h: up to 1.3 external/bsd/wpa/dist/src/ap/hs20.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hs20.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hw_features.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/hw_features.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/iapp.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/iapp.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/ieee802_11.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_11.h: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_11_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ieee802_11_auth.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/ieee802_11_ht.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ieee802_11_shared.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ieee802_11_vht.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ieee802_1x.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_1x.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/mbo_ap.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/mbo_ap.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ndisc_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/ndisc_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/neighbor_db.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/neighbor_db.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/p2p_hostapd.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/p2p_hostapd.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/peerkey_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/preauth_auth.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/preauth_auth.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/rrm.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/rrm.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/sta_info.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/sta_info.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/taxonomy.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/taxonomy.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/tkip_countermeasures.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/tkip_countermeasures.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/utils.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/vlan.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_full.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_ifconfig.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_init.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/vlan_init.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/vlan_ioctl.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_util.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/vlan_util.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wmm.c: up to 1.2 external/bsd/wpa/dist/src/ap/wmm.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wnm_ap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/wnm_ap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/wpa_auth.c: up to 1.9 external/bsd/wpa/dist/src/ap/wpa_auth.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wpa_auth_glue.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wpa_auth_glue.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wpa_auth_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ie.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ie.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/wps_hostapd.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wps_hostapd.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/x_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/x_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/common/cli.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/cli.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/common_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/ctrl_iface_common.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/ctrl_iface_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/eapol_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/common/gas.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/gas.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/hw_features_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/hw_features_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/ieee802_11_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_11_common.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_11_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_1x_defs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/linux_bridge.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/linux_vlan.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/privsep_commands.h: up to 1.1.1.4 external/bsd/wpa/dist/src/common/qca-vendor-attr.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/qca-vendor.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/sae.c: up to 1.1.1.3 external/bsd/wpa/dist/src/common/sae.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/tnc.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/version.h: up to 1.1.1.8 external/bsd/wpa/dist/src/common/wpa_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/wpa_common.h: up to 1.2 external/bsd/wpa/dist/src/common/wpa_ctrl.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/wpa_ctrl.h: up to 1.1.1.7 external/bsd/wpa/dist/src/common/wpa_helpers.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/wpa_helpers.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/Makefile: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/aes-cbc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-ccm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-ctr.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-eax.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-encblock.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-gcm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal-dec.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal-enc.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-omac1.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/aes-siv.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes-unwrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-wrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes_siv.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes_wrap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto_cryptoapi.c: delete external/bsd/wpa/dist/src/crypto/crypto_gnutls.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-cipher.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-modexp.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/crypto_internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto_libtomcrypt.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_none.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_nss.c: delete external/bsd/wpa/dist/src/crypto/crypto_openssl.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/des-internal.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/des_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/dh_group5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/dh_group5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/dh_groups.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/dh_groups.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/fips_prf_cryptoapi.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_gnutls.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_internal.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/fips_prf_nss.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_openssl.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md4-internal.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md5-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/md5-non-fips.c: delete external/bsd/wpa/dist/src/crypto/md5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/md5_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/milenage.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/milenage.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/ms_funcs.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/ms_funcs.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/random.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/random.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/rc4.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha1-pbkdf2.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-prf.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-tlsprf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1-tprf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha256-kdf.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256-prf.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha256-tlsprf.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha256.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256.h: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/sha256_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384-internal.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384-prf.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha384_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha512-internal.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha512_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls.h: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_gnutls.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_internal.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_none.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/tls_nss.c: delete external/bsd/wpa/dist/src/crypto/tls_openssl.c: up to 1.1.1.7 external/bsd/wpa/dist/src/crypto/tls_openssl.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls_openssl_ocsp.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls_schannel.c: delete external/bsd/wpa/dist/src/drivers/Apple80211.h: delete external/bsd/wpa/dist/src/drivers/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/MobileApple80211.c: delete external/bsd/wpa/dist/src/drivers/MobileApple80211.h: delete external/bsd/wpa/dist/src/drivers/android_drv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver.h: up to 1.3 external/bsd/wpa/dist/src/drivers/driver_atheros.c: up to 1.1.1.7 external/bsd/wpa/dist/src/drivers/driver_atmel.c: delete external/bsd/wpa/dist/src/drivers/driver_broadcom.c: delete external/bsd/wpa/dist/src/drivers/driver_bsd.c: up to 1.29 external/bsd/wpa/dist/src/drivers/driver_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_hostap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_hostap.h: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_iphone.m: delete external/bsd/wpa/dist/src/drivers/driver_ipw.c: delete external/bsd/wpa/dist/src/drivers/driver_macsec_qca.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_madwifi.c: delete external/bsd/wpa/dist/src/drivers/driver_ndis.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_ndis.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_ndis_.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_ndiswrapper.c: delete external/bsd/wpa/dist/src/drivers/driver_nl80211.c: up to 1.1.1.7 external/bsd/wpa/dist/src/drivers/driver_nl80211.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_android.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_capa.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_event.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_monitor.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_scan.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_none.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_openbsd.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_osx.m: delete external/bsd/wpa/dist/src/drivers/driver_privsep.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_ralink.c: delete external/bsd/wpa/dist/src/drivers/driver_ralink.h: delete external/bsd/wpa/dist/src/drivers/driver_roboswitch.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_test.c: delete external/bsd/wpa/dist/src/drivers/driver_wext.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_wext.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_wired.c: up to 1.2 external/bsd/wpa/dist/src/drivers/drivers.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/drivers.mak: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/drivers.mk: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/linux_defines.h: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/linux_ioctl.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/linux_ioctl.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/linux_wext.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/ndis_events.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/netlink.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/netlink.h: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/nl80211_copy.h: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/priv_netlink.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/rfkill.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/rfkill.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/wireless_copy.h: delete external/bsd/wpa/dist/src/eap_common/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/chap.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/chap.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_common/eap_eke_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_eke_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_common/eap_fast_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_fast_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_pax_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_pax_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_peap_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_peap_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_psk_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_psk_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_sake_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_sake_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_sim_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_sim_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_tlv_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_ttls.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_wsc_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_wsc_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/ikev2_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_common/ikev2_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_peer/eap.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_aka.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_config.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_eke.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/eap_fast.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_fast_pac.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_fast_pac.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/eap_gpsk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_gtc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_leap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_md5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_methods.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_methods.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_mschapv2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_otp.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_pax.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_peap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_proxy.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_proxy_dummy.c: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_psk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_pwd.c: up to 1.5 external/bsd/wpa/dist/src/eap_peer/eap_sake.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_sim.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_tls.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_tnc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_ttls.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_vendor_test.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_wsc.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_peer/ikev2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/ikev2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/mschapv2.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/mschapv2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/tncc.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/tncc.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_methods.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server.c: up to 1.3 external/bsd/wpa/dist/src/eap_server/eap_server_aka.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_eke.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/eap_server_fast.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_gpsk.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_gtc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_identity.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_ikev2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_md5.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_methods.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_mschapv2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_pax.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_peap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_psk.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c: up to 1.4 external/bsd/wpa/dist/src/eap_server/eap_server_sake.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_sim.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_tls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_tls_common.c: up to 1.7 external/bsd/wpa/dist/src/eap_server/eap_server_tnc.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_ttls.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_vendor_test.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap_server_wsc.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_sim_db.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_sim_db.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_tls_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/ikev2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/tncs.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/tncs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eapol_auth/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_dump.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eapol_supp/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.h: up to 1.1.1.5 external/bsd/wpa/dist/src/fst/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_aux.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_aux.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_defs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_iface.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_iface.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_defs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_group.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_group.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_iface.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_iface.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_internal.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_session.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_session.h: up to 1.1.1.1 external/bsd/wpa/dist/src/l2_packet/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet.h: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_freebsd.c: up to 1.5 external/bsd/wpa/dist/src/l2_packet/l2_packet_linux.c: up to 1.1.1.5 external/bsd/wpa/dist/src/l2_packet/l2_packet_ndis.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_none.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_pcap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_privsep.c: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_winpcap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/lib.rules: up to 1.1.1.2 external/bsd/wpa/dist/src/p2p/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/p2p/p2p.c: up to 1.3 external/bsd/wpa/dist/src/p2p/p2p.h: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_build.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_dev_disc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_go_neg.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_group.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_invitation.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_parse.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_pd.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_sd.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_utils.c: up to 1.1.1.5 external/bsd/wpa/dist/src/pae/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.c: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.c: up to 1.1.1.3 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_kay_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_key.c: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_key.h: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.c: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.h: up to 1.1.1.2 external/bsd/wpa/dist/src/radius/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/radius/radius.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius.h: up to 1.1.1.5 external/bsd/wpa/dist/src/radius/radius_client.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius_client.h: up to 1.1.1.4 external/bsd/wpa/dist/src/radius/radius_das.c: up to 1.5 external/bsd/wpa/dist/src/radius/radius_das.h: up to 1.1.1.4 external/bsd/wpa/dist/src/radius/radius_server.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius_server.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/rsn_supp/peerkey.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/peerkey.h: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.c: up to 1.1.1.7 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/preauth.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/preauth.h: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/tdls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/wpa.c: up to 1.1.1.8 external/bsd/wpa/dist/src/rsn_supp/wpa.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.h: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/asn1.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/asn1.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/bignum.c: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/bignum.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/libtommath.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/pkcs1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs1.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/pkcs8.c: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/pkcs8.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/rsa.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_client.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_client.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_client_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_client_ocsp.c: up to 1.1.1.1 external/bsd/wpa/dist/src/tls/tlsv1_client_read.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_client_write.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_cred.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_cred.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_record.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_record.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_server.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_server.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_server_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_server_read.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_server_write.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/x509v3.c: up to 1.1.1.7 external/bsd/wpa/dist/src/tls/x509v3.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/base64.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/base64.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/bitfield.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/bitfield.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser-android.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/browser-system.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/browser-wpadebug.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/browser.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/build_config.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/common.c: up to 1.4 external/bsd/wpa/dist/src/utils/common.h: up to 1.5 external/bsd/wpa/dist/src/utils/edit.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/edit_readline.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit_simple.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/eloop.c: up to 1.13 external/bsd/wpa/dist/src/utils/eloop.h: up to 1.2 external/bsd/wpa/dist/src/utils/eloop_none.c: delete external/bsd/wpa/dist/src/utils/eloop_win.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/ext_password.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/ext_password.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/ext_password_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/ext_password_test.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/http-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/http_curl.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/includes.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/ip_addr.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/ip_addr.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/list.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/module_tests.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/os.h: up to 1.7 external/bsd/wpa/dist/src/utils/os_internal.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/os_none.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/os_unix.c: up to 1.4 external/bsd/wpa/dist/src/utils/os_win32.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/pcsc_funcs.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/pcsc_funcs.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/platform.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/radiotap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/radiotap.h: up to 1.5 external/bsd/wpa/dist/src/utils/radiotap_iter.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/state_machine.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/trace.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/trace.h: up to 1.5 external/bsd/wpa/dist/src/utils/utils_module_tests.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/uuid.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/uuid.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/wpa_debug.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/wpa_debug.h: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/wpabuf.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/wpabuf.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/xml-utils.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml_libxml2.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/http_client.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/http_client.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/http_server.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/http_server.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/httpread.c: up to 1.3 external/bsd/wpa/dist/src/wps/httpread.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/ndef.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/upnp_xml.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/upnp_xml.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/wps.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps.h: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_attr_build.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_attr_parse.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_attr_parse.h: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/wps_attr_process.c: up to 1.2 external/bsd/wpa/dist/src/wps/wps_common.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_defs.h: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_dev_attr.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_dev_attr.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_enrollee.c: up to 1.1.1.8 external/bsd/wpa/dist/src/wps/wps_er.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_er.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_er_ssdp.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/wps_nfc.c: delete external/bsd/wpa/dist/src/wps/wps_nfc_pn531.c: delete external/bsd/wpa/dist/src/wps/wps_registrar.c: up to 1.1.1.8 external/bsd/wpa/dist/src/wps/wps_ufd.c: delete external/bsd/wpa/dist/src/wps/wps_upnp.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_upnp.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_upnp_ap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_upnp_event.c: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/wps_upnp_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_upnp_ssdp.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_upnp_web.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_validate.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/.gitignore: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/Android.mk: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ChangeLog: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/Makefile: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/README: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/README-HS20: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/README-P2P: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/README-WPS: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/README-Windows.txt: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/android.config: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ap.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ap.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/autoscan.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/autoscan.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/autoscan_exponential.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/autoscan_periodic.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/bgscan.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bgscan.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bgscan_learn.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/bgscan_simple.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/binder/.clang-format: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_constants.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_constants.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_i.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_manager.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_manager.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/IIface.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicant.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicantCallbacks.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/iface.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/iface.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/supplicant.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/supplicant.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/blacklist.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/blacklist.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/bss.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/bss.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config.c: up to 1.6 external/bsd/wpa/dist/wpa_supplicant/config.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config_file.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/config_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/config_ssid.h: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/config_winreg.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.c: up to 1.4 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_named_pipe.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_udp.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_unix.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus-wpa_supplicant.conf: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common_i.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.h: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_wps.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_introspect.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers_wps.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service: delete external/bsd/wpa/dist/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service: delete external/bsd/wpa/dist/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/defconfig: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.8: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.sgml: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.sgml: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/driver_i.h: up to 1.2 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mak: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mk: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/eapol_test.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/eapol_test.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/events.c: up to 1.6 external/bsd/wpa/dist/wpa_supplicant/examples/dbus-listen-preq.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-action-udhcp.sh: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-action.sh: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_connect.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_disconnect.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_find.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_flush.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_group_add.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_invite.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_listen.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_stop_find.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/udhcpd-p2p.conf: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/wpas-dbus-new-signals.py: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/wps-ap-cli: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/wps-nfc.py: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/gas_query.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/gas_query.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/interworking.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/interworking.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/libwpa_test.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/main.c: up to 1.4 external/bsd/wpa/dist/wpa_supplicant/main_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_symbian.cpp: delete external/bsd/wpa/dist/wpa_supplicant/main_winmain.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_winsvc.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/mbo.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mlme.c: delete external/bsd/wpa/dist/wpa_supplicant/mlme.h: delete external/bsd/wpa/dist/wpa_supplicant/nfc_pw_token.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/notify.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/notify.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/offchannel.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/offchannel.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant_sd.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/preauth_test.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/scan.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/scan.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/sme.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/sme.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/symbian/README.symbian: delete external/bsd/wpa/dist/wpa_supplicant/symbian/bld.inf: delete external/bsd/wpa/dist/wpa_supplicant/symbian/wpa_supplicant.mmp: delete external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant.service.in: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/tests/link_test.c: delete external/bsd/wpa/dist/wpa_supplicant/tests/test_eap_sim_common.c: delete external/bsd/wpa/dist/wpa_supplicant/tests/test_wpa.c: delete external/bsd/wpa/dist/wpa_supplicant/todo.txt: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/utils/log2pcap.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wifi_display.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wifi_display.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/win_if_list.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_cli.c: up to 1.9 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/.gitignore: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/addinterface.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/addinterface.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/eventhistory.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/eventhistory.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons.qrc: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/README: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/group.svg: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/invitation.svg: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons_png.qrc: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/main.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/networkconfig.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/peers.cpp: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/peers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresults.cpp: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresults.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/signalbar.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/signalbar.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/stringquery.cpp: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/stringquery.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/userdatarequest.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/userdatarequest.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.cpp: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpamsg.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui/.gitignore: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/eventhistory.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/eventhistory.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/main.cpp: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/networkconfig.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/networkconfig.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/scanresults.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/scanresults.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/setup-mingw-cross-compiling: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/userdatarequest.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/userdatarequest.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpa_gui.pro: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpagui.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpagui.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpamsg.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_passphrase.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_priv.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.c: up to 1.9 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.conf: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.nsi: delete external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_conf.mk: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_conf.sh: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_i.h: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_template.conf: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpas_glue.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wpas_glue.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpas_module_tests.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/xcode/wpa_supplicant.xcodeproj/project.pbxproj: delete Update wpa_supplicant/hostapd to 2.6. @ text @d31 1 a31 1 # interface mechanism is used. For all cases, the existence of this parameter a83 2 # Note: When using MACsec, eapol_version shall be set to 3, which is # defined in IEEE Std 802.1X-2010. a99 2 # Note: macsec_qca driver is one type of Ethernet driver which implements # macsec feature. a106 4 # Note: ap_scan=2 should not be used with the nl80211 driver interface (the # current Linux interface). ap_scan=1 is optimized work working with nl80211. # For finding networks using hidden SSID, scan_ssid=1 in the network block can # be used with nl80211. a112 43 # Whether to force passive scan for network connection # # By default, scans will send out Probe Request frames on channels that allow # active scanning. This advertise the local station to the world. Normally this # is fine, but users may wish to do passive scanning where the radio should only # listen quietly for Beacon frames and not send any Probe Request frames. Actual # functionality may be driver dependent. # # This parameter can be used to force only passive scanning to be used # for network connection cases. It should be noted that this will slow # down scan operations and reduce likelihood of finding the AP. In # addition, some use cases will override this due to functional # requirements, e.g., for finding an AP that uses hidden SSID # (scan_ssid=1) or P2P device discovery. # # 0: Do normal scans (allow active scans) (default) # 1: Do passive scans. #passive_scan=0 # MPM residency # By default, wpa_supplicant implements the mesh peering manager (MPM) for an # open mesh. However, if the driver can implement the MPM, you may set this to # 0 to use the driver version. When AMPE is enabled, the wpa_supplicant MPM is # always used. # 0: MPM lives in the driver # 1: wpa_supplicant provides an MPM which handles peering (default) #user_mpm=1 # Maximum number of peer links (0-255; default: 99) # Maximum number of mesh peering currently maintained by the STA. #max_peer_links=99 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in mesh STA to clean up inactive stations. #mesh_max_inactivity=300 # cert_in_cb - Whether to include a peer certificate dump in events # This controls whether peer certificates for authentication server and # its certificate chain are included in EAP peer certificate events. This is # enabled by default. #cert_in_cb=1 d120 1 a120 2 # These options can be used to load OpenSSL engines in special or legacy # modes. d123 1 a123 3 # By default the PKCS#11 engine is loaded if the client_cert or # private_key option appear to be a PKCS#11 URI, and these options # should not need to be used explicitly. a130 10 # OpenSSL cipher string # # This is an OpenSSL specific configuration option for configuring the default # ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the default. # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation # on cipher suite configuration. This is applicable only if wpa_supplicant is # built to use OpenSSL. #openssl_ciphers=DEFAULT:!EXP:!LOW d139 1 a139 1 # This field can be used to configure arbitrary driver interface parameters. The d202 1 a202 3 # nfc_interface push_button keypad virtual_display physical_display # virtual_push_button physical_push_button # For WSC 1.0: a203 2 # For WSC 2.0: #config_methods=label virtual_display virtual_push_button keypad a212 21 # Vendor attribute in WPS M1, e.g., Windows 7 Vertical Pairing # The vendor attribute contents to be added in M1 (hex string) #wps_vendor_ext_m1=000137100100020001 # NFC password token for WPS # These parameters can be used to configure a fixed NFC password token for the # station. This can be generated, e.g., with nfc_pw_token. When these # parameters are used, the station is assumed to be deployed with a NFC tag # that includes the matching NFC password token (e.g., written based on the # NDEF record from nfc_pw_token). # #wps_nfc_dev_pw_id: Device Password ID (16..65535) #wps_nfc_dh_pubkey: Hexdump of DH Public Key #wps_nfc_dh_privkey: Hexdump of DH Private Key #wps_nfc_dev_pw: Hexdump of Device Password # Priority for the networks added through WPS # This priority value will be set to each network profile that is added # by executing the WPS protocol. #wps_priority=0 a219 14 # Automatic scan # This is an optional set of parameters for automatic scanning # within an interface in following format: #autoscan=: # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : #autoscan=exponential:3:300 # Which means a delay between scans on a base exponential of 3, # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be #autoscan=periodic:30 # So a delay of 30 seconds will be applied between each scan. # Note: If sched_scan_plans are configured and supported by the driver, # autoscan is ignored. a225 362 # Password (and passphrase, etc.) backend for external storage # format: [:] #ext_password_backend=test:pw1=password|pw2=testing # Disable P2P functionality # p2p_disabled=1 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in P2P GO mode to clean up # inactive stations. #p2p_go_max_inactivity=300 # Passphrase length (8..63) for P2P GO # # This parameter controls the length of the random passphrase that is # generated at the GO. Default: 8. #p2p_passphrase_len=8 # Extra delay between concurrent P2P search iterations # # This value adds extra delay in milliseconds between concurrent search # iterations to make p2p_find friendlier to concurrent operations by avoiding # it from taking 100% of radio resources. The default value is 500 ms. #p2p_search_delay=500 # Opportunistic Key Caching (also known as Proactive Key Caching) default # This parameter can be used to set the default behavior for the # proactive_key_caching parameter. By default, OKC is disabled unless enabled # with the global okc=1 parameter or with the per-network # proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter for RSN networks. By default, PMF is disabled unless enabled with # the global pmf=1/2 parameter or with the per-network ieee80211w=1/2 parameter. # With pmf=1/2, PMF is enabled/required by default, but can be disabled with the # per-network ieee80211w parameter. This global default value does not apply # for non-RSN networks (key_mgmt=NONE) since PMF is available only when using # RSN. #pmf=0 # Enabled SAE finite cyclic groups in preference order # By default (if this parameter is not set), the mandatory group 19 (ECC group # defined over a 256-bit prime order field) is preferred, but other groups are # also enabled. If this parameter is set, the groups will be tried in the # indicated order. The group values are listed in the IANA registry: # http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xml#ipsec-registry-9 #sae_groups=21 20 19 26 25 # Default value for DTIM period (if not overridden in network block) #dtim_period=2 # Default value for Beacon interval (if not overridden in network block) #beacon_int=100 # Additional vendor specific elements for Beacon and Probe Response frames # This parameter can be used to add additional vendor specific element(s) into # the end of the Beacon and Probe Response frames. The format for these # element(s) is a hexdump of the raw information elements (id+len+payload for # one or more elements). This is used in AP and P2P GO modes. #ap_vendor_elements=dd0411223301 # Ignore scan results older than request # # The driver may have a cache of scan results that makes it return # information that is older than our scan trigger. This parameter can # be used to configure such old information to be ignored instead of # allowing it to update the internal BSS table. #ignore_old_scan_res=0 # scan_cur_freq: Whether to scan only the current frequency # 0: Scan all available frequencies. (Default) # 1: Scan current operating frequency if another VIF on the same radio # is already associated. # MAC address policy default # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) # # By default, permanent MAC address is used unless policy is changed by # the per-network mac_addr parameter. Global mac_addr=1 can be used to # change this default behavior. #mac_addr=0 # Lifetime of random MAC address in seconds (default: 60) #rand_addr_lifetime=60 # MAC address policy for pre-association operations (scanning, ANQP) # 0 = use permanent MAC address # 1 = use random MAC address # 2 = like 1, but maintain OUI (with local admin bit set) #preassoc_mac_addr=0 # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 # Homogenous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking # is enabled. # hessid=00:11:22:33:44:55 # Automatic network selection behavior # 0 = do not automatically go through Interworking network selection # (i.e., require explicit interworking_select command for this; default) # 1 = perform Interworking network selection if one or more # credentials have been configured and scan did not find a # matching network block #auto_interworking=0 # GAS Address3 field behavior # 0 = P2P specification (Address3 = AP BSSID); default # 1 = IEEE 802.11 standard compliant (Address3 = Wildcard BSSID when # sent to not-associated AP; if associated, AP BSSID) #gas_address3=0 # Publish fine timing measurement (FTM) responder functionality in # the Extended Capabilities element bit 70. # Controls whether FTM responder functionality will be published by AP/STA. # Note that actual FTM responder operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_responder=0 # Publish fine timing measurement (FTM) initiator functionality in # the Extended Capabilities element bit 71. # Controls whether FTM initiator functionality will be published by AP/STA. # Note that actual FTM initiator operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_initiator=0 # credential block # # Each credential used for automatic network selection is configured as a set # of parameters that are compared to the information advertised by the APs when # interworking_select and interworking_connect commands are used. # # credential fields: # # temporary: Whether this credential is temporary and not to be saved # # priority: Priority group # By default, all networks and credentials get the same priority group # (0). This field can be used to give higher priority for credentials # (and similarly in struct wpa_ssid for network blocks) to change the # Interworking automatic networking selection behavior. The matching # network (based on either an enabled network block or a credential) # with the highest priority value will be selected. # # pcsc: Use PC/SC and SIM/USIM card # # realm: Home Realm for Interworking # # username: Username for Interworking network selection # # password: Password for Interworking network selection # # ca_cert: CA certificate for Interworking network selection # # client_cert: File path to client certificate file (PEM/DER) # This field is used with Interworking networking selection for a case # where client certificate/private key is used for authentication # (EAP-TLS). Full path to the file should be used since working # directory may change when wpa_supplicant is run in the background. # # Certificates from PKCS#11 tokens can be referenced by a PKCS#11 URI. # # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read # from the PKCS#12 file in this case. Full path to the file should be # used since working directory may change when wpa_supplicant is run # in the background. # # Keys in PKCS#11 tokens can be referenced by a PKCS#11 URI. # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # # cert://substring_to_match # # hash://certificate_thumbprint_in_hex # # For example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key_passwd: Password for private key file # # imsi: IMSI in | | '-' | format # # milenage: Milenage parameters for SIM/USIM simulator in :: # format # # domain: Home service provider FQDN(s) # This is used to compare against the Domain Name List to figure out # whether the AP is operated by the Home SP. Multiple domain entries can # be used to configure alternative FQDNs that will be considered home # networks. # # roaming_consortium: Roaming Consortium OI # If roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that can be used to determine which access # points support authentication with this credential. This is an # alternative to the use of the realm parameter. When using Roaming # Consortium to match the network, the EAP parameters need to be # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected # automatically based on ANQP information (e.g., NAI Realm). # # phase1: Pre-configure Phase 1 (outer authentication) parameters # This optional field is used with like the 'eap' parameter. # # phase2: Pre-configure Phase 2 (inner authentication) parameters # This optional field is used with like the 'eap' parameter. # # excluded_ssid: Excluded SSID # This optional field can be used to excluded specific SSID(s) from # matching with the network. Multiple entries can be used to specify more # than one SSID. # # roaming_partner: Roaming partner information # This optional field can be used to configure preferences between roaming # partners. The field is a string in following format: # ,<0/1 exact match>,,<* or country code> # (non-exact match means any subdomain matches the entry; priority is in # 0..255 range with 0 being the highest priority) # # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # # provisioning_sp: FQDN of the SP that provisioned the credential # This optional field can be used to keep track of the SP that provisioned # the credential to find the PPS MO (./Wi-Fi/). # # Minimum backhaul threshold (PPS//Policy/MinBackhauldThreshold/*) # These fields can be used to specify minimum download/upload backhaul # bandwidth that is preferred for the credential. This constraint is # ignored if the AP does not advertise WAN Metrics information or if the # limit would prevent any connection. Values are in kilobits per second. # min_dl_bandwidth_home # min_ul_bandwidth_home # min_dl_bandwidth_roaming # min_ul_bandwidth_roaming # # max_bss_load: Maximum BSS Load Channel Utilization (1..255) # (PPS//Policy/MaximumBSSLoadValue) # This value is used as the maximum channel utilization for network # selection purposes for home networks. If the AP does not advertise # BSS Load or if the limit would prevent any connection, this constraint # will be ignored. # # req_conn_capab: Required connection capability # (PPS//Policy/RequiredProtoPortTuple) # This value is used to configure set of required protocol/port pairs that # a roaming network shall support (include explicitly in Connection # Capability ANQP element). This constraint is ignored if the AP does not # advertise Connection Capability or if this constraint would prevent any # network connection. This policy is not used in home networks. # Format: [: ... # # Example: # sched_scan_plans=10:100 20:200 30 # Multi Band Operation (MBO) non-preferred channels # A space delimited list of non-preferred channels where each channel is a colon # delimited list of values. # Format: # non_pref_chan=::: # Example: # non_pref_chan="81:5:10:2 81:1:0:2 81:9:0:2" # MBO Cellular Data Capabilities # 1 = Cellular data connection available # 2 = Cellular data connection not available # 3 = Not cellular capable (default) #mbo_cell_capa=3 d244 2 a245 4 # ssid: SSID (mandatory); network name in one of the optional formats: # - an ASCII string with double quotation # - a hex string (two characters per octet of SSID) # - a printf-escaped ASCII string P"" d272 3 a274 4 # Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP) and # WPA-PSK (with proto=RSN). In addition, key_mgmt=WPA-NONE (fixed group key # TKIP/CCMP) is available for backwards compatibility, but its use is # deprecated. WPA-None requires following network block options: a284 11 # pbss: Whether to use PBSS. Relevant to IEEE 802.11ad networks only. # 0 = do not use PBSS # 1 = use PBSS # 2 = don't care (not allowed in AP mode) # Used together with mode configuration. When mode is AP, it means to start a # PCP instead of a regular AP. When mode is infrastructure it means connect # to a PCP instead of AP. In this mode you can also specify 2 (don't care) # which means connect to either PCP or AP. # P2P_GO and P2P_GROUP_FORMATION modes must use PBSS in IEEE 802.11ad network. # For more details, see IEEE Std 802.11ad-2012. # a295 26 # This can also be set on the outside of the network block. In this case, # it limits the frequencies that will be scanned. # # bgscan: Background scanning # wpa_supplicant behavior for background scanning can be specified by # configuring a bgscan module. These modules are responsible for requesting # background scans for the purpose of roaming within an ESS (i.e., within a # single network block with all the APs using the same SSID). The bgscan # parameter uses following format: ":" # Following bgscan modules are available: # simple - Periodic background scans based on signal strength # bgscan="simple::: # " # bgscan="simple:30:-45:300" # learn - Learn channels used by the network and try to avoid bgscans on other # channels (experimental) # bgscan="learn::: # [:]" # bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan" # Explicitly disable bgscan by setting # bgscan="" # # This option can also be set outside of all network blocks for the bgscan # parameter to apply for all the networks that have no specific bgscan # parameter. # a306 4 # WPA-NONE = WPA-None for IBSS (deprecated; use proto=RSN key_mgmt=WPA-PSK # instead) # FT-PSK = Fast BSS Transition (IEEE 802.11r) with pre-shared key # FT-EAP = Fast BSS Transition (IEEE 802.11r) with EAP authentication a308 7 # SAE = Simultaneous authentication of equals; pre-shared key/password -based # authentication with stronger security than WPA-PSK especially when using # not that strong password # FT-SAE = SAE with FT # WPA-EAP-SUITE-B = Suite B 128-bit level # WPA-EAP-SUITE-B-192 = Suite B 192-bit level # OSEN = Hotspot 2.0 Rel 2 online signup connection a310 10 # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional # 2 = required # The most common configuration options for this based on the PMF (protected # management frames) certification program are: # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) # d336 1 a336 2 # 8 and 63 characters (inclusive). ext: format can # be used to indicate that the PSK/passphrase is stored in external storage. a342 5 # mem_only_psk: Whether to keep PSK/passphrase only in memory # 0 = allow psk/passphrase to be stored to the configuration file # 1 = do not store psk/passphrase to the configuration file #mem_only_psk=0 # d348 2 a349 10 # Note: When using wired authentication (including macsec_qca driver), # eapol_flags must be set to 0 for the authentication to be completed # successfully. # # macsec_policy: IEEE 802.1X/MACsec options # This determines how sessions are secured with MACsec. It is currently # applicable only when using the macsec_qca driver interface. # 0: MACsec not in use (default) # 1: MACsec enabled - Should secure, accept key server's advice to # determine whether to use a secure session or not. d353 1 a353 1 # SSID, are allowed when selecting a BSS from scan results. d359 1 a359 1 # 0 = disabled (default unless changed with the global okc parameter) a374 4 # group_rekey: Group rekeying time in seconds. This value, if non-zero, is used # as the dot11RSNAConfigGroupRekeyTime parameter when operating in # Authenticator role in IBSS. # d377 1 a377 1 # MD5 = EAP-MD5 (insecure and does not generate keying material -> d397 1 a397 2 # identity, e.g., EAP-TTLS). This field can also be used with # EAP-SIM/AKA/AKA' to store the pseudonym identity. d405 1 a405 2 # variable length PSK. ext: format can # be used to indicate that the password is stored in external storage. d466 1 a466 1 # certificate is only accepted if it contains this string in the subject. a468 4 # Note: Since this is a substring match, this cannot be used securely to # do a suffix match against a possible domain name in the CN entry. For # such a use case, domain_suffix_match or domain_match should be used # instead. d471 1 a471 1 # If this string is set, the server certificate is only accepted if it a476 24 # domain_suffix_match: Constraint for server domain name. If set, this FQDN is # used as a suffix match requirement for the AAA server certificate in # SubjectAltName dNSName element(s). If a matching dNSName is found, this # constraint is met. If no dNSName values are present, this constraint is # matched against SubjectName CN using same suffix match comparison. # # Suffix match here means that the host/domain name is compared one label # at a time starting from the top-level domain and all the labels in # domain_suffix_match shall be included in the certificate. The # certificate may include additional sub-level labels in addition to the # required labels. # # For example, domain_suffix_match=example.com would match # test.example.com but would not match test-example.com. # domain_match: Constraint for server domain name # If set, this FQDN is used as a full match requirement for the # server certificate in SubjectAltName dNSName element(s). If a # matching dNSName is found, this constraint is met. If no dNSName # values are present, this constraint is matched against SubjectName CN # using same full match comparison. This behavior is similar to # domain_suffix_match, but has the requirement of a full match, i.e., # no subdomains or wildcard matches are allowed. Case-insensitive # comparison is used, so "Example.com" matches "example.com", but would # not match "test.Example.com". a504 10 # # For wired IEEE 802.1X authentication, "allow_canned_success=1" can be # used to configure a mode that allows EAP-Success (and EAP-Failure) # without going through authentication step. Some switches use such # sequence when forcing the port to be authorized/unauthorized or as a # fallback option if the authentication server is unreachable. By default, # wpa_supplicant discards such frames to protect against potential attacks # by rogue devices, but this option can be used to disable that protection # for cases where the server/authenticator does not need to be # authenticated. d507 1 a507 32 # "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS). "mschapv2_retry=0" can be # used to disable MSCHAPv2 password retry in authentication failure cases. # # TLS-based methods can use the following parameters to control TLS behavior # (these are normally in the phase1 parameter, but can be used also in the # phase2 parameter when EAP-TLS is used within the inner tunnel): # tls_allow_md5=1 - allow MD5-based certificate signatures (depending on the # TLS library, these may be disabled by default to enforce stronger # security) # tls_disable_time_checks=1 - ignore certificate validity time (this requests # the TLS library to accept certificates even if they are not currently # valid, i.e., have expired or have not yet become valid; this should be # used only for testing purposes) # tls_disable_session_ticket=1 - disable TLS Session Ticket extension # tls_disable_session_ticket=0 - allow TLS Session Ticket extension to be used # Note: If not set, this is automatically set to 1 for EAP-TLS/PEAP/TTLS # as a workaround for broken authentication server implementations unless # EAP workarounds are disabled with eap_workaround=0. # For EAP-FAST, this must be set to 0 (or left unconfigured for the # default value to be used automatically). # tls_disable_tlsv1_0=1 - disable use of TLSv1.0 # tls_disable_tlsv1_1=1 - disable use of TLSv1.1 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_ext_cert_check=0 - No external server certificate validation (default) # tls_ext_cert_check=1 - External server certificate validation enabled; this # requires an external program doing validation of server certificate # chain when receiving CTRL-RSP-EXT_CERT_CHECK event from the control # interface and report the result of the validation with # CTRL-RSP_EXT_CERT_CHECK. # d520 3 a522 6 # authentication server certificate. See subject_match for more details. # altsubject_match2: Semicolon separated string of entries to be matched # against the alternative subject name of the authentication server # certificate. See altsubject_match documentation for more details. # domain_suffix_match2: Constraint for server domain name. See # domain_suffix_match for more details. a530 13 # ocsp: Whether to use/require OCSP to check server certificate # 0 = do not use OCSP stapling (TLS certificate status extension) # 1 = try to use OCSP stapling, but not require response # 2 = require valid OCSP stapling response # 3 = require valid OCSP stapling response for all not-trusted # certificates in the server certificate chain # # openssl_ciphers: OpenSSL specific cipher configuration # This can be used to override the global openssl_ciphers configuration # parameter (see above). # # erp: Whether EAP Re-authentication Protocol (ERP) is enabled # a556 116 # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # Station inactivity limit # # If a station does not send anything in ap_max_inactivity seconds, an # empty data frame is sent to it in order to verify whether it is # still in range. If this frame is not ACKed, the station will be # disassociated and then deauthenticated. This feature is used to # clear station table of old entries when the STAs move out of the # range. # # The station can associate again with the AP if it is still in range; # this inactivity poll is just used as a nicer way of verifying # inactivity; i.e., client will not report broken connection because # disassociation frame is not sent immediately without first polling # the STA with a data frame. # default: 300 (i.e., 5 minutes) #ap_max_inactivity=300 # DTIM period in Beacon intervals for AP mode (default: 2) #dtim_period=2 # Beacon interval (default: 100 TU) #beacon_int=100 # WPS in AP mode # 0 = WPS enabled and configured (default) # 1 = WPS disabled #wps_disabled=0 # MAC address policy # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) #mac_addr=0 # disable_ht: Whether HT (802.11n) should be disabled. # 0 = HT enabled (if AP supports it) # 1 = HT disabled # # disable_ht40: Whether HT-40 (802.11n) should be disabled. # 0 = HT-40 enabled (if AP supports it) # 1 = HT-40 disabled # # disable_sgi: Whether SGI (short guard interval) should be disabled. # 0 = SGI enabled (if AP supports it) # 1 = SGI disabled # # disable_ldpc: Whether LDPC should be disabled. # 0 = LDPC enabled (if AP supports it) # 1 = LDPC disabled # # ht40_intolerant: Whether 40 MHz intolerant should be indicated. # 0 = 40 MHz tolerant (default) # 1 = 40 MHz intolerant # # ht_mcs: Configure allowed MCS rates. # Parsed as an array of bytes, in base-16 (ascii-hex) # ht_mcs="" // Use all available (default) # ht_mcs="0xff 00 00 00 00 00 00 00 00 00 " // Use MCS 0-7 only # ht_mcs="0xff ff 00 00 00 00 00 00 00 00 " // Use MCS 0-15 only # # disable_max_amsdu: Whether MAX_AMSDU should be disabled. # -1 = Do not make any changes. # 0 = Enable MAX-AMSDU if hardware supports it. # 1 = Disable AMSDU # # ampdu_factor: Maximum A-MPDU Length Exponent # Value: 0-3, see 7.3.2.56.3 in IEEE Std 802.11n-2009. # # ampdu_density: Allow overriding AMPDU density configuration. # Treated as hint by the kernel. # -1 = Do not make any changes. # 0-3 = Set AMPDU density (aka factor) to specified value. # disable_vht: Whether VHT should be disabled. # 0 = VHT enabled (if AP supports it) # 1 = VHT disabled # # vht_capa: VHT capabilities to set in the override # vht_capa_mask: mask of VHT capabilities # # vht_rx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for RX NSS 1-8 # vht_tx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for TX NSS 1-8 # 0: MCS 0-7 # 1: MCS 0-8 # 2: MCS 0-9 # 3: not supported ##### Fast Session Transfer (FST) support ##################################### # # The options in this section are only available when the build configuration # option CONFIG_FST is set while compiling wpa_supplicant. They allow this # interface to be a part of FST setup. # # FST is the transfer of a session from a channel to another channel, in the # same or different frequency bands. # # For details, see IEEE Std 802.11ad-2012. # Identifier of an FST Group the interface belongs to. #fst_group_id=bond0 # Interface priority within the FST Group. # Announcing a higher priority for an interface means declaring it more # preferable for FST switch. # fst_priority is in 1..255 range with 1 being the lowest priority. #fst_priority=100 # Default LLT value for this interface in milliseconds. The value used in case # no value provided during session setup. Default is 50 msec. # fst_llt is in 1..4294967 range (due to spec limitation, see 10.32.2.2 # Transitioning between states). #fst_llt=100 d803 1 a803 13 # IBSS/ad-hoc network with RSN network={ ssid="ibss-rsn" key_mgmt=WPA-PSK proto=RSN psk="12345678" mode=1 frequency=2412 pairwise=CCMP group=CCMP } # IBSS/ad-hoc network with WPA-None/TKIP (deprecated) a814 17 # open mesh network network={ ssid="test mesh" mode=5 frequency=2437 key_mgmt=NONE } # secure (SAE + AMPE) network network={ ssid="secure mesh" mode=5 frequency=2437 key_mgmt=SAE psk="very secret passphrase" } d844 3 d848 12 a859 3 # Certificate and/or key identified by PKCS#11 URI (RFC7512) client_cert="pkcs11:manufacturer=piv_II;id=%01" private_key="pkcs11:manufacturer=piv_II;id=%01" a888 36 # Example configuration blacklisting two APs - these will be ignored # for this network. network={ ssid="example" psk="very secret passphrase" bssid_blacklist=02:11:22:33:44:55 02:22:aa:44:55:66 } # Example configuration limiting AP selection to a specific set of APs; # any other AP not matching the masked address will be ignored. network={ ssid="example" psk="very secret passphrase" bssid_whitelist=02:55:ae:bc:00:00/ff:ff:ff:ff:00:00 00:00:77:66:55:44/00:00:ff:ff:ff:ff } # Example config file that will only scan on channel 36. freq_list=5180 network={ key_mgmt=NONE } # Example MACsec configuration #network={ # key_mgmt=IEEE8021X # eap=TTLS # phase2="auth=PAP" # anonymous_identity="anonymous@@example.com" # identity="user@@example.com" # password="secretr" # ca_cert="/etc/cert/ca.pem" # eapol_flags=0 # macsec_policy=1 #} @ 1.1.1.1.16.1 log @Pull up following revision(s) (requested by mrg in ticket #1492): doc/3RDPARTY: patch external/bsd/wpa/bin/Makefile.inc: up to 1.6 external/bsd/wpa/bin/hostapd/Makefile: up to 1.10 external/bsd/wpa/bin/hostapd/aes-xinternal.c: up to 1.2 external/bsd/wpa/bin/hostapd/hostapd.8: up to 1.5 external/bsd/wpa/bin/hostapd/hostapd.conf.5: up to 1.3 external/bsd/wpa/bin/hostapd_cli/Makefile: up to 1.3 external/bsd/wpa/bin/hostapd_cli/hostapd_cli.8: up to 1.3 external/bsd/wpa/bin/wpa_cli/Makefile: up to 1.5 external/bsd/wpa/bin/wpa_cli/wpa_cli.8: up to 1.3 external/bsd/wpa/bin/wpa_passphrase/Makefile: up to 1.4 external/bsd/wpa/bin/wpa_passphrase/wpa_passphrase.8: up to 1.4 external/bsd/wpa/bin/wpa_supplicant/Makefile: up to 1.9 external/bsd/wpa/bin/wpa_supplicant/aes-xinternal.c: up to 1.2 external/bsd/wpa/bin/wpa_supplicant/wpa_supplicant.8: up to 1.8 external/bsd/wpa/bin/wpa_supplicant/wpa_supplicant.conf.5: up to 1.4 external/bsd/wpa/dist/CONTRIBUTIONS: up to 1.1.1.3 external/bsd/wpa/dist/COPYING: up to 1.1.1.4 external/bsd/wpa/dist/README: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/.gitignore: delete external/bsd/wpa/dist/hostapd/Android.mk: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/ChangeLog: up to 1.1.1.8 external/bsd/wpa/dist/hostapd/Makefile: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/README: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/README-WPS: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/android.config: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/config_file.c: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/config_file.h: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/ctrl_iface.c: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/ctrl_iface.h: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/defconfig: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/dump_state.c: delete external/bsd/wpa/dist/hostapd/dump_state.h: delete external/bsd/wpa/dist/hostapd/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/eap_register.h: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hapd_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hlr_auc_gw.c: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/hlr_auc_gw.milenage_db: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hlr_auc_gw.txt: up to 1.1.1.1 external/bsd/wpa/dist/hostapd/hostapd.8: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd.android.rc: up to 1.1.1.1 external/bsd/wpa/dist/hostapd/hostapd.conf: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/hostapd.eap_user: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/hostapd.eap_user_sqlite: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd_cli.c: up to 1.9 external/bsd/wpa/dist/hostapd/main.c: up to 1.4 external/bsd/wpa/dist/hostapd/nt_password_hash.c: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/wps-ap-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/Android.mk: up to 1.1.1.3 external/bsd/wpa/dist/hs20/client/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/devdetail.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/devinfo.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/est.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/oma_dm_client.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/osu_client.c: up to 1.1.1.3 external/bsd/wpa/dist/hs20/client/osu_client.h: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/spp_client.c: up to 1.1.1.2 external/bsd/wpa/dist/patches/openssl-0.9.8-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8d-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8e-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8g-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8h-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8i-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.9-session-ticket.patch: delete external/bsd/wpa/dist/src/Makefile: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/accounting.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/accounting.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/acs.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/acs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ap_config.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ap_config.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_drv_ops.c: up to 1.4 external/bsd/wpa/dist/src/ap/ap_drv_ops.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_list.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_list.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ap_mlme.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ap_mlme.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/authsrv.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/authsrv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/beacon.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/beacon.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/bss_load.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/bss_load.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/dfs.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/dfs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dhcp_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dhcp_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/drv_callbacks.c: up to 1.3 external/bsd/wpa/dist/src/ap/eap_user_db.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/gas_serv.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/gas_serv.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/hostapd.c: up to 1.3 external/bsd/wpa/dist/src/ap/hostapd.h: up to 1.3 external/bsd/wpa/dist/src/ap/hs20.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hs20.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hw_features.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/hw_features.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/iapp.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/iapp.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/ieee802_11.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_11.h: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_11_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ieee802_11_auth.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/ieee802_11_ht.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ieee802_11_shared.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ieee802_11_vht.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ieee802_1x.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_1x.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/mbo_ap.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/mbo_ap.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ndisc_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/ndisc_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/neighbor_db.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/neighbor_db.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/p2p_hostapd.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/p2p_hostapd.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/peerkey_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/preauth_auth.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/preauth_auth.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/rrm.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/rrm.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/sta_info.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/sta_info.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/taxonomy.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/taxonomy.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/tkip_countermeasures.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/tkip_countermeasures.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/utils.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/vlan.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_full.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_ifconfig.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_init.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/vlan_init.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/vlan_ioctl.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_util.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/vlan_util.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wmm.c: up to 1.2 external/bsd/wpa/dist/src/ap/wmm.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wnm_ap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/wnm_ap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/wpa_auth.c: up to 1.9 external/bsd/wpa/dist/src/ap/wpa_auth.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wpa_auth_glue.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wpa_auth_glue.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wpa_auth_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ie.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ie.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/wps_hostapd.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wps_hostapd.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/x_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/x_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/common/cli.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/cli.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/common_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/ctrl_iface_common.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/ctrl_iface_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/eapol_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/common/gas.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/gas.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/hw_features_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/hw_features_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/ieee802_11_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_11_common.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_11_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_1x_defs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/linux_bridge.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/linux_vlan.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/privsep_commands.h: up to 1.1.1.4 external/bsd/wpa/dist/src/common/qca-vendor-attr.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/qca-vendor.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/sae.c: up to 1.1.1.3 external/bsd/wpa/dist/src/common/sae.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/tnc.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/version.h: up to 1.1.1.8 external/bsd/wpa/dist/src/common/wpa_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/wpa_common.h: up to 1.2 external/bsd/wpa/dist/src/common/wpa_ctrl.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/wpa_ctrl.h: up to 1.1.1.7 external/bsd/wpa/dist/src/common/wpa_helpers.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/wpa_helpers.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/Makefile: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/aes-cbc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-ccm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-ctr.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-eax.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-encblock.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-gcm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal-dec.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal-enc.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-omac1.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/aes-siv.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes-unwrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-wrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes_siv.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes_wrap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto_cryptoapi.c: delete external/bsd/wpa/dist/src/crypto/crypto_gnutls.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-cipher.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-modexp.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/crypto_internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto_libtomcrypt.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_none.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_nss.c: delete external/bsd/wpa/dist/src/crypto/crypto_openssl.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/des-internal.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/des_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/dh_group5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/dh_group5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/dh_groups.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/dh_groups.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/fips_prf_cryptoapi.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_gnutls.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_internal.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/fips_prf_nss.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_openssl.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md4-internal.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md5-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/md5-non-fips.c: delete external/bsd/wpa/dist/src/crypto/md5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/md5_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/milenage.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/milenage.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/ms_funcs.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/ms_funcs.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/random.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/random.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/rc4.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha1-pbkdf2.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-prf.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-tlsprf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1-tprf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha256-kdf.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256-prf.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha256-tlsprf.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha256.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256.h: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/sha256_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384-internal.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384-prf.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha384_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha512-internal.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha512_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls.h: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_gnutls.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_internal.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_none.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/tls_nss.c: delete external/bsd/wpa/dist/src/crypto/tls_openssl.c: up to 1.1.1.7 external/bsd/wpa/dist/src/crypto/tls_openssl.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls_openssl_ocsp.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls_schannel.c: delete external/bsd/wpa/dist/src/drivers/Apple80211.h: delete external/bsd/wpa/dist/src/drivers/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/MobileApple80211.c: delete external/bsd/wpa/dist/src/drivers/MobileApple80211.h: delete external/bsd/wpa/dist/src/drivers/android_drv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver.h: up to 1.3 external/bsd/wpa/dist/src/drivers/driver_atheros.c: up to 1.1.1.7 external/bsd/wpa/dist/src/drivers/driver_atmel.c: delete external/bsd/wpa/dist/src/drivers/driver_broadcom.c: delete external/bsd/wpa/dist/src/drivers/driver_bsd.c: up to 1.29 external/bsd/wpa/dist/src/drivers/driver_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_hostap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_hostap.h: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_iphone.m: delete external/bsd/wpa/dist/src/drivers/driver_ipw.c: delete external/bsd/wpa/dist/src/drivers/driver_macsec_qca.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_madwifi.c: delete external/bsd/wpa/dist/src/drivers/driver_ndis.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_ndis.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_ndis_.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_ndiswrapper.c: delete external/bsd/wpa/dist/src/drivers/driver_nl80211.c: up to 1.1.1.7 external/bsd/wpa/dist/src/drivers/driver_nl80211.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_android.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_capa.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_event.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_monitor.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_scan.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_none.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_openbsd.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_osx.m: delete external/bsd/wpa/dist/src/drivers/driver_privsep.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_ralink.c: delete external/bsd/wpa/dist/src/drivers/driver_ralink.h: delete external/bsd/wpa/dist/src/drivers/driver_roboswitch.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_test.c: delete external/bsd/wpa/dist/src/drivers/driver_wext.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_wext.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_wired.c: up to 1.2 external/bsd/wpa/dist/src/drivers/drivers.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/drivers.mak: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/drivers.mk: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/linux_defines.h: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/linux_ioctl.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/linux_ioctl.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/linux_wext.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/ndis_events.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/netlink.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/netlink.h: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/nl80211_copy.h: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/priv_netlink.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/rfkill.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/rfkill.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/wireless_copy.h: delete external/bsd/wpa/dist/src/eap_common/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/chap.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/chap.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_common/eap_eke_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_eke_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_common/eap_fast_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_fast_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_pax_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_pax_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_peap_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_peap_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_psk_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_psk_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_sake_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_sake_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_sim_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_sim_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_tlv_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_ttls.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_wsc_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_wsc_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/ikev2_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_common/ikev2_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_peer/eap.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_aka.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_config.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_eke.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/eap_fast.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_fast_pac.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_fast_pac.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/eap_gpsk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_gtc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_leap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_md5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_methods.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_methods.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_mschapv2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_otp.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_pax.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_peap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_proxy.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_proxy_dummy.c: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_psk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_pwd.c: up to 1.5 external/bsd/wpa/dist/src/eap_peer/eap_sake.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_sim.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_tls.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_tnc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_ttls.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_vendor_test.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_wsc.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_peer/ikev2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/ikev2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/mschapv2.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/mschapv2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/tncc.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/tncc.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_methods.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server.c: up to 1.3 external/bsd/wpa/dist/src/eap_server/eap_server_aka.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_eke.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/eap_server_fast.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_gpsk.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_gtc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_identity.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_ikev2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_md5.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_methods.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_mschapv2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_pax.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_peap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_psk.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c: up to 1.4 external/bsd/wpa/dist/src/eap_server/eap_server_sake.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_sim.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_tls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_tls_common.c: up to 1.7 external/bsd/wpa/dist/src/eap_server/eap_server_tnc.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_ttls.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_vendor_test.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap_server_wsc.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_sim_db.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_sim_db.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_tls_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/ikev2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/tncs.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/tncs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eapol_auth/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_dump.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eapol_supp/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.h: up to 1.1.1.5 external/bsd/wpa/dist/src/fst/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_aux.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_aux.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_defs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_iface.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_iface.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_defs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_group.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_group.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_iface.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_iface.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_internal.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_session.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_session.h: up to 1.1.1.1 external/bsd/wpa/dist/src/l2_packet/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet.h: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_freebsd.c: up to 1.5 external/bsd/wpa/dist/src/l2_packet/l2_packet_linux.c: up to 1.1.1.5 external/bsd/wpa/dist/src/l2_packet/l2_packet_ndis.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_none.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_pcap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_privsep.c: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_winpcap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/lib.rules: up to 1.1.1.2 external/bsd/wpa/dist/src/p2p/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/p2p/p2p.c: up to 1.3 external/bsd/wpa/dist/src/p2p/p2p.h: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_build.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_dev_disc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_go_neg.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_group.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_invitation.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_parse.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_pd.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_sd.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_utils.c: up to 1.1.1.5 external/bsd/wpa/dist/src/pae/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.c: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.c: up to 1.1.1.3 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_kay_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_key.c: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_key.h: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.c: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.h: up to 1.1.1.2 external/bsd/wpa/dist/src/radius/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/radius/radius.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius.h: up to 1.1.1.5 external/bsd/wpa/dist/src/radius/radius_client.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius_client.h: up to 1.1.1.4 external/bsd/wpa/dist/src/radius/radius_das.c: up to 1.5 external/bsd/wpa/dist/src/radius/radius_das.h: up to 1.1.1.4 external/bsd/wpa/dist/src/radius/radius_server.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius_server.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/rsn_supp/peerkey.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/peerkey.h: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.c: up to 1.1.1.7 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/preauth.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/preauth.h: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/tdls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/wpa.c: up to 1.1.1.8 external/bsd/wpa/dist/src/rsn_supp/wpa.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.h: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/asn1.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/asn1.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/bignum.c: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/bignum.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/libtommath.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/pkcs1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs1.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/pkcs8.c: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/pkcs8.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/rsa.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_client.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_client.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_client_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_client_ocsp.c: up to 1.1.1.1 external/bsd/wpa/dist/src/tls/tlsv1_client_read.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_client_write.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_cred.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_cred.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_record.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_record.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_server.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_server.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_server_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_server_read.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_server_write.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/x509v3.c: up to 1.1.1.7 external/bsd/wpa/dist/src/tls/x509v3.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/base64.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/base64.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/bitfield.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/bitfield.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser-android.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/browser-system.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/browser-wpadebug.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/browser.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/build_config.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/common.c: up to 1.4 external/bsd/wpa/dist/src/utils/common.h: up to 1.5 external/bsd/wpa/dist/src/utils/edit.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/edit_readline.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit_simple.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/eloop.c: up to 1.13 external/bsd/wpa/dist/src/utils/eloop.h: up to 1.2 external/bsd/wpa/dist/src/utils/eloop_none.c: delete external/bsd/wpa/dist/src/utils/eloop_win.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/ext_password.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/ext_password.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/ext_password_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/ext_password_test.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/http-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/http_curl.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/includes.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/ip_addr.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/ip_addr.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/list.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/module_tests.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/os.h: up to 1.7 external/bsd/wpa/dist/src/utils/os_internal.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/os_none.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/os_unix.c: up to 1.4 external/bsd/wpa/dist/src/utils/os_win32.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/pcsc_funcs.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/pcsc_funcs.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/platform.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/radiotap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/radiotap.h: up to 1.5 external/bsd/wpa/dist/src/utils/radiotap_iter.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/state_machine.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/trace.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/trace.h: up to 1.5 external/bsd/wpa/dist/src/utils/utils_module_tests.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/uuid.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/uuid.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/wpa_debug.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/wpa_debug.h: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/wpabuf.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/wpabuf.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/xml-utils.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml_libxml2.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/http_client.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/http_client.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/http_server.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/http_server.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/httpread.c: up to 1.3 external/bsd/wpa/dist/src/wps/httpread.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/ndef.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/upnp_xml.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/upnp_xml.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/wps.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps.h: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_attr_build.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_attr_parse.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_attr_parse.h: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/wps_attr_process.c: up to 1.2 external/bsd/wpa/dist/src/wps/wps_common.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_defs.h: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_dev_attr.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_dev_attr.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_enrollee.c: up to 1.1.1.8 external/bsd/wpa/dist/src/wps/wps_er.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_er.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_er_ssdp.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/wps_nfc.c: delete external/bsd/wpa/dist/src/wps/wps_nfc_pn531.c: delete external/bsd/wpa/dist/src/wps/wps_registrar.c: up to 1.1.1.8 external/bsd/wpa/dist/src/wps/wps_ufd.c: delete external/bsd/wpa/dist/src/wps/wps_upnp.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_upnp.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_upnp_ap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_upnp_event.c: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/wps_upnp_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_upnp_ssdp.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_upnp_web.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_validate.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/.gitignore: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/Android.mk: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ChangeLog: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/Makefile: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/README: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/README-HS20: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/README-P2P: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/README-WPS: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/README-Windows.txt: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/android.config: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ap.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ap.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/autoscan.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/autoscan.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/autoscan_exponential.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/autoscan_periodic.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/bgscan.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bgscan.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bgscan_learn.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/bgscan_simple.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/binder/.clang-format: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_constants.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_constants.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_i.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_manager.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_manager.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/IIface.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicant.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicantCallbacks.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/iface.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/iface.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/supplicant.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/supplicant.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/blacklist.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/blacklist.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/bss.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/bss.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config.c: up to 1.6 external/bsd/wpa/dist/wpa_supplicant/config.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config_file.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/config_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/config_ssid.h: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/config_winreg.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.c: up to 1.4 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_named_pipe.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_udp.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_unix.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus-wpa_supplicant.conf: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common_i.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.h: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_wps.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_introspect.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers_wps.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service: delete external/bsd/wpa/dist/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service: delete external/bsd/wpa/dist/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/defconfig: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.8: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.sgml: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.sgml: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/driver_i.h: up to 1.2 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mak: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mk: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/eapol_test.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/eapol_test.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/events.c: up to 1.6 external/bsd/wpa/dist/wpa_supplicant/examples/dbus-listen-preq.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-action-udhcp.sh: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-action.sh: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_connect.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_disconnect.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_find.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_flush.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_group_add.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_invite.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_listen.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_stop_find.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/udhcpd-p2p.conf: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/wpas-dbus-new-signals.py: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/wps-ap-cli: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/wps-nfc.py: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/gas_query.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/gas_query.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/interworking.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/interworking.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/libwpa_test.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/main.c: up to 1.4 external/bsd/wpa/dist/wpa_supplicant/main_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_symbian.cpp: delete external/bsd/wpa/dist/wpa_supplicant/main_winmain.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_winsvc.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/mbo.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mlme.c: delete external/bsd/wpa/dist/wpa_supplicant/mlme.h: delete external/bsd/wpa/dist/wpa_supplicant/nfc_pw_token.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/notify.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/notify.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/offchannel.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/offchannel.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant_sd.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/preauth_test.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/scan.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/scan.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/sme.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/sme.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/symbian/README.symbian: delete external/bsd/wpa/dist/wpa_supplicant/symbian/bld.inf: delete external/bsd/wpa/dist/wpa_supplicant/symbian/wpa_supplicant.mmp: delete external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant.service.in: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/tests/link_test.c: delete external/bsd/wpa/dist/wpa_supplicant/tests/test_eap_sim_common.c: delete external/bsd/wpa/dist/wpa_supplicant/tests/test_wpa.c: delete external/bsd/wpa/dist/wpa_supplicant/todo.txt: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/utils/log2pcap.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wifi_display.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wifi_display.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/win_if_list.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_cli.c: up to 1.9 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/.gitignore: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/addinterface.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/addinterface.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/eventhistory.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/eventhistory.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons.qrc: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/README: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/group.svg: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/invitation.svg: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons_png.qrc: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/main.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/networkconfig.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/peers.cpp: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/peers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresults.cpp: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresults.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/signalbar.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/signalbar.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/stringquery.cpp: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/stringquery.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/userdatarequest.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/userdatarequest.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.cpp: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpamsg.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui/.gitignore: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/eventhistory.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/eventhistory.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/main.cpp: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/networkconfig.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/networkconfig.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/scanresults.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/scanresults.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/setup-mingw-cross-compiling: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/userdatarequest.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/userdatarequest.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpa_gui.pro: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpagui.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpagui.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpamsg.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_passphrase.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_priv.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.c: up to 1.9 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.conf: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.nsi: delete external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_conf.mk: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_conf.sh: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_i.h: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_template.conf: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpas_glue.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wpas_glue.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpas_module_tests.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/xcode/wpa_supplicant.xcodeproj/project.pbxproj: delete Update wpa_supplicant/hostapd to 2.6. @ text @d31 1 a31 1 # interface mechanism is used. For all cases, the existence of this parameter a83 2 # Note: When using MACsec, eapol_version shall be set to 3, which is # defined in IEEE Std 802.1X-2010. a99 2 # Note: macsec_qca driver is one type of Ethernet driver which implements # macsec feature. a106 4 # Note: ap_scan=2 should not be used with the nl80211 driver interface (the # current Linux interface). ap_scan=1 is optimized work working with nl80211. # For finding networks using hidden SSID, scan_ssid=1 in the network block can # be used with nl80211. a112 43 # Whether to force passive scan for network connection # # By default, scans will send out Probe Request frames on channels that allow # active scanning. This advertise the local station to the world. Normally this # is fine, but users may wish to do passive scanning where the radio should only # listen quietly for Beacon frames and not send any Probe Request frames. Actual # functionality may be driver dependent. # # This parameter can be used to force only passive scanning to be used # for network connection cases. It should be noted that this will slow # down scan operations and reduce likelihood of finding the AP. In # addition, some use cases will override this due to functional # requirements, e.g., for finding an AP that uses hidden SSID # (scan_ssid=1) or P2P device discovery. # # 0: Do normal scans (allow active scans) (default) # 1: Do passive scans. #passive_scan=0 # MPM residency # By default, wpa_supplicant implements the mesh peering manager (MPM) for an # open mesh. However, if the driver can implement the MPM, you may set this to # 0 to use the driver version. When AMPE is enabled, the wpa_supplicant MPM is # always used. # 0: MPM lives in the driver # 1: wpa_supplicant provides an MPM which handles peering (default) #user_mpm=1 # Maximum number of peer links (0-255; default: 99) # Maximum number of mesh peering currently maintained by the STA. #max_peer_links=99 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in mesh STA to clean up inactive stations. #mesh_max_inactivity=300 # cert_in_cb - Whether to include a peer certificate dump in events # This controls whether peer certificates for authentication server and # its certificate chain are included in EAP peer certificate events. This is # enabled by default. #cert_in_cb=1 d120 1 a120 2 # These options can be used to load OpenSSL engines in special or legacy # modes. d123 1 a123 3 # By default the PKCS#11 engine is loaded if the client_cert or # private_key option appear to be a PKCS#11 URI, and these options # should not need to be used explicitly. a130 10 # OpenSSL cipher string # # This is an OpenSSL specific configuration option for configuring the default # ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the default. # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation # on cipher suite configuration. This is applicable only if wpa_supplicant is # built to use OpenSSL. #openssl_ciphers=DEFAULT:!EXP:!LOW d139 1 a139 1 # This field can be used to configure arbitrary driver interface parameters. The d202 1 a202 3 # nfc_interface push_button keypad virtual_display physical_display # virtual_push_button physical_push_button # For WSC 1.0: a203 2 # For WSC 2.0: #config_methods=label virtual_display virtual_push_button keypad a212 21 # Vendor attribute in WPS M1, e.g., Windows 7 Vertical Pairing # The vendor attribute contents to be added in M1 (hex string) #wps_vendor_ext_m1=000137100100020001 # NFC password token for WPS # These parameters can be used to configure a fixed NFC password token for the # station. This can be generated, e.g., with nfc_pw_token. When these # parameters are used, the station is assumed to be deployed with a NFC tag # that includes the matching NFC password token (e.g., written based on the # NDEF record from nfc_pw_token). # #wps_nfc_dev_pw_id: Device Password ID (16..65535) #wps_nfc_dh_pubkey: Hexdump of DH Public Key #wps_nfc_dh_privkey: Hexdump of DH Private Key #wps_nfc_dev_pw: Hexdump of Device Password # Priority for the networks added through WPS # This priority value will be set to each network profile that is added # by executing the WPS protocol. #wps_priority=0 a219 14 # Automatic scan # This is an optional set of parameters for automatic scanning # within an interface in following format: #autoscan=: # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : #autoscan=exponential:3:300 # Which means a delay between scans on a base exponential of 3, # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be #autoscan=periodic:30 # So a delay of 30 seconds will be applied between each scan. # Note: If sched_scan_plans are configured and supported by the driver, # autoscan is ignored. a225 362 # Password (and passphrase, etc.) backend for external storage # format: [:] #ext_password_backend=test:pw1=password|pw2=testing # Disable P2P functionality # p2p_disabled=1 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in P2P GO mode to clean up # inactive stations. #p2p_go_max_inactivity=300 # Passphrase length (8..63) for P2P GO # # This parameter controls the length of the random passphrase that is # generated at the GO. Default: 8. #p2p_passphrase_len=8 # Extra delay between concurrent P2P search iterations # # This value adds extra delay in milliseconds between concurrent search # iterations to make p2p_find friendlier to concurrent operations by avoiding # it from taking 100% of radio resources. The default value is 500 ms. #p2p_search_delay=500 # Opportunistic Key Caching (also known as Proactive Key Caching) default # This parameter can be used to set the default behavior for the # proactive_key_caching parameter. By default, OKC is disabled unless enabled # with the global okc=1 parameter or with the per-network # proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter for RSN networks. By default, PMF is disabled unless enabled with # the global pmf=1/2 parameter or with the per-network ieee80211w=1/2 parameter. # With pmf=1/2, PMF is enabled/required by default, but can be disabled with the # per-network ieee80211w parameter. This global default value does not apply # for non-RSN networks (key_mgmt=NONE) since PMF is available only when using # RSN. #pmf=0 # Enabled SAE finite cyclic groups in preference order # By default (if this parameter is not set), the mandatory group 19 (ECC group # defined over a 256-bit prime order field) is preferred, but other groups are # also enabled. If this parameter is set, the groups will be tried in the # indicated order. The group values are listed in the IANA registry: # http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xml#ipsec-registry-9 #sae_groups=21 20 19 26 25 # Default value for DTIM period (if not overridden in network block) #dtim_period=2 # Default value for Beacon interval (if not overridden in network block) #beacon_int=100 # Additional vendor specific elements for Beacon and Probe Response frames # This parameter can be used to add additional vendor specific element(s) into # the end of the Beacon and Probe Response frames. The format for these # element(s) is a hexdump of the raw information elements (id+len+payload for # one or more elements). This is used in AP and P2P GO modes. #ap_vendor_elements=dd0411223301 # Ignore scan results older than request # # The driver may have a cache of scan results that makes it return # information that is older than our scan trigger. This parameter can # be used to configure such old information to be ignored instead of # allowing it to update the internal BSS table. #ignore_old_scan_res=0 # scan_cur_freq: Whether to scan only the current frequency # 0: Scan all available frequencies. (Default) # 1: Scan current operating frequency if another VIF on the same radio # is already associated. # MAC address policy default # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) # # By default, permanent MAC address is used unless policy is changed by # the per-network mac_addr parameter. Global mac_addr=1 can be used to # change this default behavior. #mac_addr=0 # Lifetime of random MAC address in seconds (default: 60) #rand_addr_lifetime=60 # MAC address policy for pre-association operations (scanning, ANQP) # 0 = use permanent MAC address # 1 = use random MAC address # 2 = like 1, but maintain OUI (with local admin bit set) #preassoc_mac_addr=0 # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 # Homogenous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking # is enabled. # hessid=00:11:22:33:44:55 # Automatic network selection behavior # 0 = do not automatically go through Interworking network selection # (i.e., require explicit interworking_select command for this; default) # 1 = perform Interworking network selection if one or more # credentials have been configured and scan did not find a # matching network block #auto_interworking=0 # GAS Address3 field behavior # 0 = P2P specification (Address3 = AP BSSID); default # 1 = IEEE 802.11 standard compliant (Address3 = Wildcard BSSID when # sent to not-associated AP; if associated, AP BSSID) #gas_address3=0 # Publish fine timing measurement (FTM) responder functionality in # the Extended Capabilities element bit 70. # Controls whether FTM responder functionality will be published by AP/STA. # Note that actual FTM responder operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_responder=0 # Publish fine timing measurement (FTM) initiator functionality in # the Extended Capabilities element bit 71. # Controls whether FTM initiator functionality will be published by AP/STA. # Note that actual FTM initiator operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_initiator=0 # credential block # # Each credential used for automatic network selection is configured as a set # of parameters that are compared to the information advertised by the APs when # interworking_select and interworking_connect commands are used. # # credential fields: # # temporary: Whether this credential is temporary and not to be saved # # priority: Priority group # By default, all networks and credentials get the same priority group # (0). This field can be used to give higher priority for credentials # (and similarly in struct wpa_ssid for network blocks) to change the # Interworking automatic networking selection behavior. The matching # network (based on either an enabled network block or a credential) # with the highest priority value will be selected. # # pcsc: Use PC/SC and SIM/USIM card # # realm: Home Realm for Interworking # # username: Username for Interworking network selection # # password: Password for Interworking network selection # # ca_cert: CA certificate for Interworking network selection # # client_cert: File path to client certificate file (PEM/DER) # This field is used with Interworking networking selection for a case # where client certificate/private key is used for authentication # (EAP-TLS). Full path to the file should be used since working # directory may change when wpa_supplicant is run in the background. # # Certificates from PKCS#11 tokens can be referenced by a PKCS#11 URI. # # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read # from the PKCS#12 file in this case. Full path to the file should be # used since working directory may change when wpa_supplicant is run # in the background. # # Keys in PKCS#11 tokens can be referenced by a PKCS#11 URI. # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # # cert://substring_to_match # # hash://certificate_thumbprint_in_hex # # For example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key_passwd: Password for private key file # # imsi: IMSI in | | '-' | format # # milenage: Milenage parameters for SIM/USIM simulator in :: # format # # domain: Home service provider FQDN(s) # This is used to compare against the Domain Name List to figure out # whether the AP is operated by the Home SP. Multiple domain entries can # be used to configure alternative FQDNs that will be considered home # networks. # # roaming_consortium: Roaming Consortium OI # If roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that can be used to determine which access # points support authentication with this credential. This is an # alternative to the use of the realm parameter. When using Roaming # Consortium to match the network, the EAP parameters need to be # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected # automatically based on ANQP information (e.g., NAI Realm). # # phase1: Pre-configure Phase 1 (outer authentication) parameters # This optional field is used with like the 'eap' parameter. # # phase2: Pre-configure Phase 2 (inner authentication) parameters # This optional field is used with like the 'eap' parameter. # # excluded_ssid: Excluded SSID # This optional field can be used to excluded specific SSID(s) from # matching with the network. Multiple entries can be used to specify more # than one SSID. # # roaming_partner: Roaming partner information # This optional field can be used to configure preferences between roaming # partners. The field is a string in following format: # ,<0/1 exact match>,,<* or country code> # (non-exact match means any subdomain matches the entry; priority is in # 0..255 range with 0 being the highest priority) # # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # # provisioning_sp: FQDN of the SP that provisioned the credential # This optional field can be used to keep track of the SP that provisioned # the credential to find the PPS MO (./Wi-Fi/). # # Minimum backhaul threshold (PPS//Policy/MinBackhauldThreshold/*) # These fields can be used to specify minimum download/upload backhaul # bandwidth that is preferred for the credential. This constraint is # ignored if the AP does not advertise WAN Metrics information or if the # limit would prevent any connection. Values are in kilobits per second. # min_dl_bandwidth_home # min_ul_bandwidth_home # min_dl_bandwidth_roaming # min_ul_bandwidth_roaming # # max_bss_load: Maximum BSS Load Channel Utilization (1..255) # (PPS//Policy/MaximumBSSLoadValue) # This value is used as the maximum channel utilization for network # selection purposes for home networks. If the AP does not advertise # BSS Load or if the limit would prevent any connection, this constraint # will be ignored. # # req_conn_capab: Required connection capability # (PPS//Policy/RequiredProtoPortTuple) # This value is used to configure set of required protocol/port pairs that # a roaming network shall support (include explicitly in Connection # Capability ANQP element). This constraint is ignored if the AP does not # advertise Connection Capability or if this constraint would prevent any # network connection. This policy is not used in home networks. # Format: [: ... # # Example: # sched_scan_plans=10:100 20:200 30 # Multi Band Operation (MBO) non-preferred channels # A space delimited list of non-preferred channels where each channel is a colon # delimited list of values. # Format: # non_pref_chan=::: # Example: # non_pref_chan="81:5:10:2 81:1:0:2 81:9:0:2" # MBO Cellular Data Capabilities # 1 = Cellular data connection available # 2 = Cellular data connection not available # 3 = Not cellular capable (default) #mbo_cell_capa=3 d244 2 a245 4 # ssid: SSID (mandatory); network name in one of the optional formats: # - an ASCII string with double quotation # - a hex string (two characters per octet of SSID) # - a printf-escaped ASCII string P"" d272 3 a274 4 # Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP) and # WPA-PSK (with proto=RSN). In addition, key_mgmt=WPA-NONE (fixed group key # TKIP/CCMP) is available for backwards compatibility, but its use is # deprecated. WPA-None requires following network block options: a284 11 # pbss: Whether to use PBSS. Relevant to IEEE 802.11ad networks only. # 0 = do not use PBSS # 1 = use PBSS # 2 = don't care (not allowed in AP mode) # Used together with mode configuration. When mode is AP, it means to start a # PCP instead of a regular AP. When mode is infrastructure it means connect # to a PCP instead of AP. In this mode you can also specify 2 (don't care) # which means connect to either PCP or AP. # P2P_GO and P2P_GROUP_FORMATION modes must use PBSS in IEEE 802.11ad network. # For more details, see IEEE Std 802.11ad-2012. # a295 26 # This can also be set on the outside of the network block. In this case, # it limits the frequencies that will be scanned. # # bgscan: Background scanning # wpa_supplicant behavior for background scanning can be specified by # configuring a bgscan module. These modules are responsible for requesting # background scans for the purpose of roaming within an ESS (i.e., within a # single network block with all the APs using the same SSID). The bgscan # parameter uses following format: ":" # Following bgscan modules are available: # simple - Periodic background scans based on signal strength # bgscan="simple::: # " # bgscan="simple:30:-45:300" # learn - Learn channels used by the network and try to avoid bgscans on other # channels (experimental) # bgscan="learn::: # [:]" # bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan" # Explicitly disable bgscan by setting # bgscan="" # # This option can also be set outside of all network blocks for the bgscan # parameter to apply for all the networks that have no specific bgscan # parameter. # a306 4 # WPA-NONE = WPA-None for IBSS (deprecated; use proto=RSN key_mgmt=WPA-PSK # instead) # FT-PSK = Fast BSS Transition (IEEE 802.11r) with pre-shared key # FT-EAP = Fast BSS Transition (IEEE 802.11r) with EAP authentication a308 7 # SAE = Simultaneous authentication of equals; pre-shared key/password -based # authentication with stronger security than WPA-PSK especially when using # not that strong password # FT-SAE = SAE with FT # WPA-EAP-SUITE-B = Suite B 128-bit level # WPA-EAP-SUITE-B-192 = Suite B 192-bit level # OSEN = Hotspot 2.0 Rel 2 online signup connection a310 10 # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional # 2 = required # The most common configuration options for this based on the PMF (protected # management frames) certification program are: # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) # d336 1 a336 2 # 8 and 63 characters (inclusive). ext: format can # be used to indicate that the PSK/passphrase is stored in external storage. a342 5 # mem_only_psk: Whether to keep PSK/passphrase only in memory # 0 = allow psk/passphrase to be stored to the configuration file # 1 = do not store psk/passphrase to the configuration file #mem_only_psk=0 # d348 2 a349 10 # Note: When using wired authentication (including macsec_qca driver), # eapol_flags must be set to 0 for the authentication to be completed # successfully. # # macsec_policy: IEEE 802.1X/MACsec options # This determines how sessions are secured with MACsec. It is currently # applicable only when using the macsec_qca driver interface. # 0: MACsec not in use (default) # 1: MACsec enabled - Should secure, accept key server's advice to # determine whether to use a secure session or not. d353 1 a353 1 # SSID, are allowed when selecting a BSS from scan results. d359 1 a359 1 # 0 = disabled (default unless changed with the global okc parameter) a374 4 # group_rekey: Group rekeying time in seconds. This value, if non-zero, is used # as the dot11RSNAConfigGroupRekeyTime parameter when operating in # Authenticator role in IBSS. # d377 1 a377 1 # MD5 = EAP-MD5 (insecure and does not generate keying material -> d397 1 a397 2 # identity, e.g., EAP-TTLS). This field can also be used with # EAP-SIM/AKA/AKA' to store the pseudonym identity. d405 1 a405 2 # variable length PSK. ext: format can # be used to indicate that the password is stored in external storage. d466 1 a466 1 # certificate is only accepted if it contains this string in the subject. a468 4 # Note: Since this is a substring match, this cannot be used securely to # do a suffix match against a possible domain name in the CN entry. For # such a use case, domain_suffix_match or domain_match should be used # instead. d471 1 a471 1 # If this string is set, the server certificate is only accepted if it a476 24 # domain_suffix_match: Constraint for server domain name. If set, this FQDN is # used as a suffix match requirement for the AAA server certificate in # SubjectAltName dNSName element(s). If a matching dNSName is found, this # constraint is met. If no dNSName values are present, this constraint is # matched against SubjectName CN using same suffix match comparison. # # Suffix match here means that the host/domain name is compared one label # at a time starting from the top-level domain and all the labels in # domain_suffix_match shall be included in the certificate. The # certificate may include additional sub-level labels in addition to the # required labels. # # For example, domain_suffix_match=example.com would match # test.example.com but would not match test-example.com. # domain_match: Constraint for server domain name # If set, this FQDN is used as a full match requirement for the # server certificate in SubjectAltName dNSName element(s). If a # matching dNSName is found, this constraint is met. If no dNSName # values are present, this constraint is matched against SubjectName CN # using same full match comparison. This behavior is similar to # domain_suffix_match, but has the requirement of a full match, i.e., # no subdomains or wildcard matches are allowed. Case-insensitive # comparison is used, so "Example.com" matches "example.com", but would # not match "test.Example.com". a504 10 # # For wired IEEE 802.1X authentication, "allow_canned_success=1" can be # used to configure a mode that allows EAP-Success (and EAP-Failure) # without going through authentication step. Some switches use such # sequence when forcing the port to be authorized/unauthorized or as a # fallback option if the authentication server is unreachable. By default, # wpa_supplicant discards such frames to protect against potential attacks # by rogue devices, but this option can be used to disable that protection # for cases where the server/authenticator does not need to be # authenticated. d507 1 a507 32 # "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS). "mschapv2_retry=0" can be # used to disable MSCHAPv2 password retry in authentication failure cases. # # TLS-based methods can use the following parameters to control TLS behavior # (these are normally in the phase1 parameter, but can be used also in the # phase2 parameter when EAP-TLS is used within the inner tunnel): # tls_allow_md5=1 - allow MD5-based certificate signatures (depending on the # TLS library, these may be disabled by default to enforce stronger # security) # tls_disable_time_checks=1 - ignore certificate validity time (this requests # the TLS library to accept certificates even if they are not currently # valid, i.e., have expired or have not yet become valid; this should be # used only for testing purposes) # tls_disable_session_ticket=1 - disable TLS Session Ticket extension # tls_disable_session_ticket=0 - allow TLS Session Ticket extension to be used # Note: If not set, this is automatically set to 1 for EAP-TLS/PEAP/TTLS # as a workaround for broken authentication server implementations unless # EAP workarounds are disabled with eap_workaround=0. # For EAP-FAST, this must be set to 0 (or left unconfigured for the # default value to be used automatically). # tls_disable_tlsv1_0=1 - disable use of TLSv1.0 # tls_disable_tlsv1_1=1 - disable use of TLSv1.1 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_ext_cert_check=0 - No external server certificate validation (default) # tls_ext_cert_check=1 - External server certificate validation enabled; this # requires an external program doing validation of server certificate # chain when receiving CTRL-RSP-EXT_CERT_CHECK event from the control # interface and report the result of the validation with # CTRL-RSP_EXT_CERT_CHECK. # d520 3 a522 6 # authentication server certificate. See subject_match for more details. # altsubject_match2: Semicolon separated string of entries to be matched # against the alternative subject name of the authentication server # certificate. See altsubject_match documentation for more details. # domain_suffix_match2: Constraint for server domain name. See # domain_suffix_match for more details. a530 13 # ocsp: Whether to use/require OCSP to check server certificate # 0 = do not use OCSP stapling (TLS certificate status extension) # 1 = try to use OCSP stapling, but not require response # 2 = require valid OCSP stapling response # 3 = require valid OCSP stapling response for all not-trusted # certificates in the server certificate chain # # openssl_ciphers: OpenSSL specific cipher configuration # This can be used to override the global openssl_ciphers configuration # parameter (see above). # # erp: Whether EAP Re-authentication Protocol (ERP) is enabled # a556 116 # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # Station inactivity limit # # If a station does not send anything in ap_max_inactivity seconds, an # empty data frame is sent to it in order to verify whether it is # still in range. If this frame is not ACKed, the station will be # disassociated and then deauthenticated. This feature is used to # clear station table of old entries when the STAs move out of the # range. # # The station can associate again with the AP if it is still in range; # this inactivity poll is just used as a nicer way of verifying # inactivity; i.e., client will not report broken connection because # disassociation frame is not sent immediately without first polling # the STA with a data frame. # default: 300 (i.e., 5 minutes) #ap_max_inactivity=300 # DTIM period in Beacon intervals for AP mode (default: 2) #dtim_period=2 # Beacon interval (default: 100 TU) #beacon_int=100 # WPS in AP mode # 0 = WPS enabled and configured (default) # 1 = WPS disabled #wps_disabled=0 # MAC address policy # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) #mac_addr=0 # disable_ht: Whether HT (802.11n) should be disabled. # 0 = HT enabled (if AP supports it) # 1 = HT disabled # # disable_ht40: Whether HT-40 (802.11n) should be disabled. # 0 = HT-40 enabled (if AP supports it) # 1 = HT-40 disabled # # disable_sgi: Whether SGI (short guard interval) should be disabled. # 0 = SGI enabled (if AP supports it) # 1 = SGI disabled # # disable_ldpc: Whether LDPC should be disabled. # 0 = LDPC enabled (if AP supports it) # 1 = LDPC disabled # # ht40_intolerant: Whether 40 MHz intolerant should be indicated. # 0 = 40 MHz tolerant (default) # 1 = 40 MHz intolerant # # ht_mcs: Configure allowed MCS rates. # Parsed as an array of bytes, in base-16 (ascii-hex) # ht_mcs="" // Use all available (default) # ht_mcs="0xff 00 00 00 00 00 00 00 00 00 " // Use MCS 0-7 only # ht_mcs="0xff ff 00 00 00 00 00 00 00 00 " // Use MCS 0-15 only # # disable_max_amsdu: Whether MAX_AMSDU should be disabled. # -1 = Do not make any changes. # 0 = Enable MAX-AMSDU if hardware supports it. # 1 = Disable AMSDU # # ampdu_factor: Maximum A-MPDU Length Exponent # Value: 0-3, see 7.3.2.56.3 in IEEE Std 802.11n-2009. # # ampdu_density: Allow overriding AMPDU density configuration. # Treated as hint by the kernel. # -1 = Do not make any changes. # 0-3 = Set AMPDU density (aka factor) to specified value. # disable_vht: Whether VHT should be disabled. # 0 = VHT enabled (if AP supports it) # 1 = VHT disabled # # vht_capa: VHT capabilities to set in the override # vht_capa_mask: mask of VHT capabilities # # vht_rx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for RX NSS 1-8 # vht_tx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for TX NSS 1-8 # 0: MCS 0-7 # 1: MCS 0-8 # 2: MCS 0-9 # 3: not supported ##### Fast Session Transfer (FST) support ##################################### # # The options in this section are only available when the build configuration # option CONFIG_FST is set while compiling wpa_supplicant. They allow this # interface to be a part of FST setup. # # FST is the transfer of a session from a channel to another channel, in the # same or different frequency bands. # # For details, see IEEE Std 802.11ad-2012. # Identifier of an FST Group the interface belongs to. #fst_group_id=bond0 # Interface priority within the FST Group. # Announcing a higher priority for an interface means declaring it more # preferable for FST switch. # fst_priority is in 1..255 range with 1 being the lowest priority. #fst_priority=100 # Default LLT value for this interface in milliseconds. The value used in case # no value provided during session setup. Default is 50 msec. # fst_llt is in 1..4294967 range (due to spec limitation, see 10.32.2.2 # Transitioning between states). #fst_llt=100 d803 1 a803 13 # IBSS/ad-hoc network with RSN network={ ssid="ibss-rsn" key_mgmt=WPA-PSK proto=RSN psk="12345678" mode=1 frequency=2412 pairwise=CCMP group=CCMP } # IBSS/ad-hoc network with WPA-None/TKIP (deprecated) a814 17 # open mesh network network={ ssid="test mesh" mode=5 frequency=2437 key_mgmt=NONE } # secure (SAE + AMPE) network network={ ssid="secure mesh" mode=5 frequency=2437 key_mgmt=SAE psk="very secret passphrase" } d844 3 d848 12 a859 3 # Certificate and/or key identified by PKCS#11 URI (RFC7512) client_cert="pkcs11:manufacturer=piv_II;id=%01" private_key="pkcs11:manufacturer=piv_II;id=%01" a888 36 # Example configuration blacklisting two APs - these will be ignored # for this network. network={ ssid="example" psk="very secret passphrase" bssid_blacklist=02:11:22:33:44:55 02:22:aa:44:55:66 } # Example configuration limiting AP selection to a specific set of APs; # any other AP not matching the masked address will be ignored. network={ ssid="example" psk="very secret passphrase" bssid_whitelist=02:55:ae:bc:00:00/ff:ff:ff:ff:00:00 00:00:77:66:55:44/00:00:ff:ff:ff:ff } # Example config file that will only scan on channel 36. freq_list=5180 network={ key_mgmt=NONE } # Example MACsec configuration #network={ # key_mgmt=IEEE8021X # eap=TTLS # phase2="auth=PAP" # anonymous_identity="anonymous@@example.com" # identity="user@@example.com" # password="secretr" # ca_cert="/etc/cert/ca.pem" # eapol_flags=0 # macsec_policy=1 #} @ 1.1.1.1.8.1 log @Pull up following revision(s) (requested by mrg in ticket #1492): doc/3RDPARTY: patch external/bsd/wpa/bin/Makefile.inc: up to 1.6 external/bsd/wpa/bin/hostapd/Makefile: up to 1.10 external/bsd/wpa/bin/hostapd/aes-xinternal.c: up to 1.2 external/bsd/wpa/bin/hostapd/hostapd.8: up to 1.5 external/bsd/wpa/bin/hostapd/hostapd.conf.5: up to 1.3 external/bsd/wpa/bin/hostapd_cli/Makefile: up to 1.3 external/bsd/wpa/bin/hostapd_cli/hostapd_cli.8: up to 1.3 external/bsd/wpa/bin/wpa_cli/Makefile: up to 1.5 external/bsd/wpa/bin/wpa_cli/wpa_cli.8: up to 1.3 external/bsd/wpa/bin/wpa_passphrase/Makefile: up to 1.4 external/bsd/wpa/bin/wpa_passphrase/wpa_passphrase.8: up to 1.4 external/bsd/wpa/bin/wpa_supplicant/Makefile: up to 1.9 external/bsd/wpa/bin/wpa_supplicant/aes-xinternal.c: up to 1.2 external/bsd/wpa/bin/wpa_supplicant/wpa_supplicant.8: up to 1.8 external/bsd/wpa/bin/wpa_supplicant/wpa_supplicant.conf.5: up to 1.4 external/bsd/wpa/dist/CONTRIBUTIONS: up to 1.1.1.3 external/bsd/wpa/dist/COPYING: up to 1.1.1.4 external/bsd/wpa/dist/README: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/.gitignore: delete external/bsd/wpa/dist/hostapd/Android.mk: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/ChangeLog: up to 1.1.1.8 external/bsd/wpa/dist/hostapd/Makefile: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/README: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/README-WPS: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/android.config: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/config_file.c: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/config_file.h: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/ctrl_iface.c: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/ctrl_iface.h: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/defconfig: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/dump_state.c: delete external/bsd/wpa/dist/hostapd/dump_state.h: delete external/bsd/wpa/dist/hostapd/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/eap_register.h: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hapd_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hlr_auc_gw.c: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/hlr_auc_gw.milenage_db: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hlr_auc_gw.txt: up to 1.1.1.1 external/bsd/wpa/dist/hostapd/hostapd.8: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd.android.rc: up to 1.1.1.1 external/bsd/wpa/dist/hostapd/hostapd.conf: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/hostapd.eap_user: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/hostapd.eap_user_sqlite: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd_cli.c: up to 1.9 external/bsd/wpa/dist/hostapd/main.c: up to 1.4 external/bsd/wpa/dist/hostapd/nt_password_hash.c: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/wps-ap-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/Android.mk: up to 1.1.1.3 external/bsd/wpa/dist/hs20/client/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/devdetail.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/devinfo.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/est.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/oma_dm_client.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/osu_client.c: up to 1.1.1.3 external/bsd/wpa/dist/hs20/client/osu_client.h: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/spp_client.c: up to 1.1.1.2 external/bsd/wpa/dist/patches/openssl-0.9.8-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8d-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8e-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8g-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8h-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8i-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.9-session-ticket.patch: delete external/bsd/wpa/dist/src/Makefile: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/accounting.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/accounting.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/acs.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/acs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ap_config.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ap_config.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_drv_ops.c: up to 1.4 external/bsd/wpa/dist/src/ap/ap_drv_ops.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_list.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_list.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ap_mlme.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ap_mlme.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/authsrv.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/authsrv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/beacon.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/beacon.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/bss_load.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/bss_load.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/dfs.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/dfs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dhcp_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dhcp_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/drv_callbacks.c: up to 1.3 external/bsd/wpa/dist/src/ap/eap_user_db.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/gas_serv.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/gas_serv.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/hostapd.c: up to 1.3 external/bsd/wpa/dist/src/ap/hostapd.h: up to 1.3 external/bsd/wpa/dist/src/ap/hs20.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hs20.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hw_features.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/hw_features.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/iapp.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/iapp.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/ieee802_11.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_11.h: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_11_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ieee802_11_auth.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/ieee802_11_ht.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ieee802_11_shared.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ieee802_11_vht.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ieee802_1x.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/ieee802_1x.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/mbo_ap.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/mbo_ap.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ndisc_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/ndisc_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/neighbor_db.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/neighbor_db.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/p2p_hostapd.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/p2p_hostapd.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/peerkey_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/preauth_auth.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/preauth_auth.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/rrm.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/rrm.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/sta_info.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/sta_info.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/taxonomy.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/taxonomy.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/tkip_countermeasures.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/tkip_countermeasures.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/utils.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/vlan.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_full.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_ifconfig.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_init.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/vlan_init.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/vlan_ioctl.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/vlan_util.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/vlan_util.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wmm.c: up to 1.2 external/bsd/wpa/dist/src/ap/wmm.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wnm_ap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/wnm_ap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/wpa_auth.c: up to 1.9 external/bsd/wpa/dist/src/ap/wpa_auth.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wpa_auth_glue.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wpa_auth_glue.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wpa_auth_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ie.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_ie.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/wps_hostapd.c: up to 1.1.1.7 external/bsd/wpa/dist/src/ap/wps_hostapd.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/x_snoop.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/x_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/common/cli.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/cli.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/common_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/ctrl_iface_common.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/ctrl_iface_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/eapol_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/common/gas.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/gas.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/hw_features_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/hw_features_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/ieee802_11_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_11_common.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_11_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/ieee802_1x_defs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/linux_bridge.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/linux_vlan.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/privsep_commands.h: up to 1.1.1.4 external/bsd/wpa/dist/src/common/qca-vendor-attr.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/qca-vendor.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/sae.c: up to 1.1.1.3 external/bsd/wpa/dist/src/common/sae.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/tnc.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/version.h: up to 1.1.1.8 external/bsd/wpa/dist/src/common/wpa_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/wpa_common.h: up to 1.2 external/bsd/wpa/dist/src/common/wpa_ctrl.c: up to 1.1.1.6 external/bsd/wpa/dist/src/common/wpa_ctrl.h: up to 1.1.1.7 external/bsd/wpa/dist/src/common/wpa_helpers.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/wpa_helpers.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/Makefile: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/aes-cbc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-ccm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-ctr.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-eax.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-encblock.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-gcm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal-dec.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal-enc.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-internal.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-omac1.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/aes-siv.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes-unwrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-wrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes_siv.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes_wrap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto_cryptoapi.c: delete external/bsd/wpa/dist/src/crypto/crypto_gnutls.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-cipher.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-modexp.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_internal-rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/crypto_internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto_libtomcrypt.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_none.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/crypto_nss.c: delete external/bsd/wpa/dist/src/crypto/crypto_openssl.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/des-internal.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/des_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/dh_group5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/dh_group5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/dh_groups.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/dh_groups.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/fips_prf_cryptoapi.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_gnutls.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_internal.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/fips_prf_nss.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_openssl.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md4-internal.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md5-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/md5-non-fips.c: delete external/bsd/wpa/dist/src/crypto/md5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/md5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/md5_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/milenage.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/milenage.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/ms_funcs.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/ms_funcs.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/random.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/random.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/rc4.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha1-pbkdf2.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-prf.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1-tlsprf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1-tprf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256-internal.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha256-kdf.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256-prf.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha256-tlsprf.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha256.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha256.h: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/sha256_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384-internal.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384-prf.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha384.h: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha384_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha512-internal.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha512_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls.h: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_gnutls.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_internal.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_none.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/tls_nss.c: delete external/bsd/wpa/dist/src/crypto/tls_openssl.c: up to 1.1.1.7 external/bsd/wpa/dist/src/crypto/tls_openssl.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls_openssl_ocsp.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls_schannel.c: delete external/bsd/wpa/dist/src/drivers/Apple80211.h: delete external/bsd/wpa/dist/src/drivers/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/MobileApple80211.c: delete external/bsd/wpa/dist/src/drivers/MobileApple80211.h: delete external/bsd/wpa/dist/src/drivers/android_drv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver.h: up to 1.3 external/bsd/wpa/dist/src/drivers/driver_atheros.c: up to 1.1.1.7 external/bsd/wpa/dist/src/drivers/driver_atmel.c: delete external/bsd/wpa/dist/src/drivers/driver_broadcom.c: delete external/bsd/wpa/dist/src/drivers/driver_bsd.c: up to 1.29 external/bsd/wpa/dist/src/drivers/driver_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_hostap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_hostap.h: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_iphone.m: delete external/bsd/wpa/dist/src/drivers/driver_ipw.c: delete external/bsd/wpa/dist/src/drivers/driver_macsec_qca.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_madwifi.c: delete external/bsd/wpa/dist/src/drivers/driver_ndis.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_ndis.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_ndis_.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_ndiswrapper.c: delete external/bsd/wpa/dist/src/drivers/driver_nl80211.c: up to 1.1.1.7 external/bsd/wpa/dist/src/drivers/driver_nl80211.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_android.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_capa.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_event.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_monitor.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_nl80211_scan.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_none.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_openbsd.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_osx.m: delete external/bsd/wpa/dist/src/drivers/driver_privsep.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_ralink.c: delete external/bsd/wpa/dist/src/drivers/driver_ralink.h: delete external/bsd/wpa/dist/src/drivers/driver_roboswitch.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_test.c: delete external/bsd/wpa/dist/src/drivers/driver_wext.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_wext.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_wired.c: up to 1.2 external/bsd/wpa/dist/src/drivers/drivers.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/drivers.mak: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/drivers.mk: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/linux_defines.h: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/linux_ioctl.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/linux_ioctl.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/linux_wext.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/ndis_events.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/netlink.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/netlink.h: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/nl80211_copy.h: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/priv_netlink.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/rfkill.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/rfkill.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/wireless_copy.h: delete external/bsd/wpa/dist/src/eap_common/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/chap.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/chap.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_common/eap_eke_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_eke_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_common/eap_fast_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_fast_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_pax_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_pax_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_peap_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_peap_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_psk_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_psk_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_sake_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_sake_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_sim_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_sim_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_tlv_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_ttls.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_wsc_common.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_wsc_common.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/ikev2_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_common/ikev2_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_peer/eap.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_aka.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_config.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_eke.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/eap_fast.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_fast_pac.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_fast_pac.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/eap_gpsk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_gtc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_leap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_md5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_methods.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_methods.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_mschapv2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_otp.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_pax.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_peap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_proxy.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_proxy_dummy.c: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_psk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_pwd.c: up to 1.5 external/bsd/wpa/dist/src/eap_peer/eap_sake.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_sim.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_tls.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_tnc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_ttls.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap_vendor_test.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_wsc.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_peer/ikev2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/ikev2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/mschapv2.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/mschapv2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/tncc.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/tncc.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_methods.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server.c: up to 1.3 external/bsd/wpa/dist/src/eap_server/eap_server_aka.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_eke.c: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/eap_server_fast.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_gpsk.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_gtc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_identity.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_ikev2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_md5.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_methods.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_mschapv2.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_pax.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_peap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_psk.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c: up to 1.4 external/bsd/wpa/dist/src/eap_server/eap_server_sake.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_sim.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_tls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_tls_common.c: up to 1.7 external/bsd/wpa/dist/src/eap_server/eap_server_tnc.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_ttls.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_server_vendor_test.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap_server_wsc.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_sim_db.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eap_server/eap_sim_db.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_tls_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/ikev2.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/tncs.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/tncs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/eapol_auth/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_dump.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eapol_supp/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.c: up to 1.1.1.7 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.h: up to 1.1.1.5 external/bsd/wpa/dist/src/fst/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_aux.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_aux.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_defs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_iface.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_ctrl_iface.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_defs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_group.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_group.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_iface.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_iface.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_internal.h: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_session.c: up to 1.1.1.1 external/bsd/wpa/dist/src/fst/fst_session.h: up to 1.1.1.1 external/bsd/wpa/dist/src/l2_packet/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet.h: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_freebsd.c: up to 1.5 external/bsd/wpa/dist/src/l2_packet/l2_packet_linux.c: up to 1.1.1.5 external/bsd/wpa/dist/src/l2_packet/l2_packet_ndis.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_none.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_pcap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_privsep.c: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_winpcap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/lib.rules: up to 1.1.1.2 external/bsd/wpa/dist/src/p2p/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/p2p/p2p.c: up to 1.3 external/bsd/wpa/dist/src/p2p/p2p.h: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_build.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_dev_disc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_go_neg.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_group.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_invitation.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_parse.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_pd.c: up to 1.1.1.6 external/bsd/wpa/dist/src/p2p/p2p_sd.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_utils.c: up to 1.1.1.5 external/bsd/wpa/dist/src/pae/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.c: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.c: up to 1.1.1.3 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_kay_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_key.c: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_key.h: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.c: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.h: up to 1.1.1.2 external/bsd/wpa/dist/src/radius/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/radius/radius.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius.h: up to 1.1.1.5 external/bsd/wpa/dist/src/radius/radius_client.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius_client.h: up to 1.1.1.4 external/bsd/wpa/dist/src/radius/radius_das.c: up to 1.5 external/bsd/wpa/dist/src/radius/radius_das.h: up to 1.1.1.4 external/bsd/wpa/dist/src/radius/radius_server.c: up to 1.1.1.6 external/bsd/wpa/dist/src/radius/radius_server.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/rsn_supp/peerkey.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/peerkey.h: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.c: up to 1.1.1.7 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/preauth.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/preauth.h: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/tdls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/wpa.c: up to 1.1.1.8 external/bsd/wpa/dist/src/rsn_supp/wpa.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.h: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/asn1.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/asn1.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/bignum.c: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/bignum.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/libtommath.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/pkcs1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs1.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs5.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/pkcs8.c: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/pkcs8.h: up to 1.1.1.2 external/bsd/wpa/dist/src/tls/rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/rsa.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_client.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_client.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_client_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_client_ocsp.c: up to 1.1.1.1 external/bsd/wpa/dist/src/tls/tlsv1_client_read.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_client_write.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_cred.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_cred.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_record.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_record.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_server.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_server.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_server_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_server_read.c: up to 1.1.1.6 external/bsd/wpa/dist/src/tls/tlsv1_server_write.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/x509v3.c: up to 1.1.1.7 external/bsd/wpa/dist/src/tls/x509v3.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/base64.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/base64.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/bitfield.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/bitfield.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser-android.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/browser-system.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/browser-wpadebug.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/browser.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/build_config.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/common.c: up to 1.4 external/bsd/wpa/dist/src/utils/common.h: up to 1.5 external/bsd/wpa/dist/src/utils/edit.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/edit_readline.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit_simple.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/eloop.c: up to 1.13 external/bsd/wpa/dist/src/utils/eloop.h: up to 1.2 external/bsd/wpa/dist/src/utils/eloop_none.c: delete external/bsd/wpa/dist/src/utils/eloop_win.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/ext_password.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/ext_password.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/ext_password_i.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/ext_password_test.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/http-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/http_curl.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/includes.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/ip_addr.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/ip_addr.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/list.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/module_tests.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/os.h: up to 1.7 external/bsd/wpa/dist/src/utils/os_internal.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/os_none.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/os_unix.c: up to 1.4 external/bsd/wpa/dist/src/utils/os_win32.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/pcsc_funcs.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/pcsc_funcs.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/platform.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/radiotap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/radiotap.h: up to 1.5 external/bsd/wpa/dist/src/utils/radiotap_iter.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/state_machine.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/trace.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/trace.h: up to 1.5 external/bsd/wpa/dist/src/utils/utils_module_tests.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/uuid.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/uuid.h: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/wpa_debug.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/wpa_debug.h: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/wpabuf.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/wpabuf.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/xml-utils.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml_libxml2.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/http_client.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/http_client.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/http_server.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/http_server.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/httpread.c: up to 1.3 external/bsd/wpa/dist/src/wps/httpread.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/ndef.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/upnp_xml.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/upnp_xml.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/wps.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps.h: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_attr_build.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_attr_parse.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_attr_parse.h: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/wps_attr_process.c: up to 1.2 external/bsd/wpa/dist/src/wps/wps_common.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_defs.h: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_dev_attr.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_dev_attr.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_enrollee.c: up to 1.1.1.8 external/bsd/wpa/dist/src/wps/wps_er.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_er.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_er_ssdp.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_i.h: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/wps_nfc.c: delete external/bsd/wpa/dist/src/wps/wps_nfc_pn531.c: delete external/bsd/wpa/dist/src/wps/wps_registrar.c: up to 1.1.1.8 external/bsd/wpa/dist/src/wps/wps_ufd.c: delete external/bsd/wpa/dist/src/wps/wps_upnp.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_upnp.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_upnp_ap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_upnp_event.c: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/wps_upnp_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_upnp_ssdp.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_upnp_web.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_validate.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/.gitignore: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/Android.mk: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ChangeLog: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/Makefile: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/README: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/README-HS20: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/README-P2P: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/README-WPS: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/README-Windows.txt: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/android.config: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ap.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ap.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/autoscan.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/autoscan.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/autoscan_exponential.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/autoscan_periodic.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/bgscan.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bgscan.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bgscan_learn.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/bgscan_simple.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/binder/.clang-format: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_constants.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_constants.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_i.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_manager.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/binder_manager.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/IIface.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicant.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/fi/w1/wpa_supplicant/ISupplicantCallbacks.aidl: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/iface.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/iface.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/supplicant.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/binder/supplicant.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/blacklist.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/blacklist.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/bss.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/bss.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config.c: up to 1.6 external/bsd/wpa/dist/wpa_supplicant/config.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config_file.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/config_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/config_ssid.h: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/config_winreg.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.c: up to 1.4 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_named_pipe.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_udp.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_unix.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus-wpa_supplicant.conf: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common_i.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.h: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_wps.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_introspect.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers_wps.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service: delete external/bsd/wpa/dist/wpa_supplicant/dbus/fi.epitest.hostap.WPASupplicant.service.in: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service: delete external/bsd/wpa/dist/wpa_supplicant/dbus/fi.w1.wpa_supplicant1.service.in: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/defconfig: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.8: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.sgml: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.8: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.sgml: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/driver_i.h: up to 1.2 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mak: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mk: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/eapol_test.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/eapol_test.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/events.c: up to 1.6 external/bsd/wpa/dist/wpa_supplicant/examples/dbus-listen-preq.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-action-udhcp.sh: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-action.sh: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_connect.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_disconnect.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_find.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_flush.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_group_add.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_invite.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_listen.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/p2p/p2p_stop_find.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/udhcpd-p2p.conf: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/wpas-dbus-new-signals.py: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/wps-ap-cli: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/wps-nfc.py: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/gas_query.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/gas_query.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/interworking.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/interworking.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/libwpa_test.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/main.c: up to 1.4 external/bsd/wpa/dist/wpa_supplicant/main_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_symbian.cpp: delete external/bsd/wpa/dist/wpa_supplicant/main_winmain.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_winsvc.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/mbo.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/mlme.c: delete external/bsd/wpa/dist/wpa_supplicant/mlme.h: delete external/bsd/wpa/dist/wpa_supplicant/nfc_pw_token.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/notify.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/notify.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/offchannel.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/offchannel.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant_sd.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/preauth_test.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/scan.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/scan.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/sme.c: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/sme.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/symbian/README.symbian: delete external/bsd/wpa/dist/wpa_supplicant/symbian/bld.inf: delete external/bsd/wpa/dist/wpa_supplicant/symbian/wpa_supplicant.mmp: delete external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant.service.arg.in: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant.service.in: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/tests/link_test.c: delete external/bsd/wpa/dist/wpa_supplicant/tests/test_eap_sim_common.c: delete external/bsd/wpa/dist/wpa_supplicant/tests/test_wpa.c: delete external/bsd/wpa/dist/wpa_supplicant/todo.txt: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/utils/log2pcap.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpa_passphrase/wpa_passphrase.vcproj: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wifi_display.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wifi_display.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/win_if_list.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_cli.c: up to 1.9 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/.gitignore: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/addinterface.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/addinterface.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/eventhistory.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/eventhistory.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons.qrc: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/README: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/group.svg: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons/invitation.svg: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/icons_png.qrc: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/main.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/networkconfig.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/peers.cpp: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/peers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresults.cpp: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresults.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/signalbar.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/signalbar.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/stringquery.cpp: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/stringquery.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/userdatarequest.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/userdatarequest.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.cpp: up to 1.1.1.8 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpamsg.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_gui/.gitignore: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/eventhistory.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/eventhistory.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/main.cpp: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/networkconfig.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/networkconfig.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/scanresults.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/scanresults.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/setup-mingw-cross-compiling: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/userdatarequest.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/userdatarequest.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpa_gui.pro: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpagui.ui: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpagui.ui.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_gui/wpamsg.h: delete external/bsd/wpa/dist/wpa_supplicant/wpa_passphrase.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpa_priv.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.c: up to 1.9 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.conf: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.nsi: delete external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_conf.mk: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_conf.sh: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_i.h: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_template.conf: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpas_glue.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wpas_glue.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpas_module_tests.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/xcode/wpa_supplicant.xcodeproj/project.pbxproj: delete Update wpa_supplicant/hostapd to 2.6. @ text @d31 1 a31 1 # interface mechanism is used. For all cases, the existence of this parameter a83 2 # Note: When using MACsec, eapol_version shall be set to 3, which is # defined in IEEE Std 802.1X-2010. a99 2 # Note: macsec_qca driver is one type of Ethernet driver which implements # macsec feature. a106 4 # Note: ap_scan=2 should not be used with the nl80211 driver interface (the # current Linux interface). ap_scan=1 is optimized work working with nl80211. # For finding networks using hidden SSID, scan_ssid=1 in the network block can # be used with nl80211. a112 43 # Whether to force passive scan for network connection # # By default, scans will send out Probe Request frames on channels that allow # active scanning. This advertise the local station to the world. Normally this # is fine, but users may wish to do passive scanning where the radio should only # listen quietly for Beacon frames and not send any Probe Request frames. Actual # functionality may be driver dependent. # # This parameter can be used to force only passive scanning to be used # for network connection cases. It should be noted that this will slow # down scan operations and reduce likelihood of finding the AP. In # addition, some use cases will override this due to functional # requirements, e.g., for finding an AP that uses hidden SSID # (scan_ssid=1) or P2P device discovery. # # 0: Do normal scans (allow active scans) (default) # 1: Do passive scans. #passive_scan=0 # MPM residency # By default, wpa_supplicant implements the mesh peering manager (MPM) for an # open mesh. However, if the driver can implement the MPM, you may set this to # 0 to use the driver version. When AMPE is enabled, the wpa_supplicant MPM is # always used. # 0: MPM lives in the driver # 1: wpa_supplicant provides an MPM which handles peering (default) #user_mpm=1 # Maximum number of peer links (0-255; default: 99) # Maximum number of mesh peering currently maintained by the STA. #max_peer_links=99 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in mesh STA to clean up inactive stations. #mesh_max_inactivity=300 # cert_in_cb - Whether to include a peer certificate dump in events # This controls whether peer certificates for authentication server and # its certificate chain are included in EAP peer certificate events. This is # enabled by default. #cert_in_cb=1 d120 1 a120 2 # These options can be used to load OpenSSL engines in special or legacy # modes. d123 1 a123 3 # By default the PKCS#11 engine is loaded if the client_cert or # private_key option appear to be a PKCS#11 URI, and these options # should not need to be used explicitly. a130 10 # OpenSSL cipher string # # This is an OpenSSL specific configuration option for configuring the default # ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the default. # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation # on cipher suite configuration. This is applicable only if wpa_supplicant is # built to use OpenSSL. #openssl_ciphers=DEFAULT:!EXP:!LOW d139 1 a139 1 # This field can be used to configure arbitrary driver interface parameters. The d202 1 a202 3 # nfc_interface push_button keypad virtual_display physical_display # virtual_push_button physical_push_button # For WSC 1.0: a203 2 # For WSC 2.0: #config_methods=label virtual_display virtual_push_button keypad a212 21 # Vendor attribute in WPS M1, e.g., Windows 7 Vertical Pairing # The vendor attribute contents to be added in M1 (hex string) #wps_vendor_ext_m1=000137100100020001 # NFC password token for WPS # These parameters can be used to configure a fixed NFC password token for the # station. This can be generated, e.g., with nfc_pw_token. When these # parameters are used, the station is assumed to be deployed with a NFC tag # that includes the matching NFC password token (e.g., written based on the # NDEF record from nfc_pw_token). # #wps_nfc_dev_pw_id: Device Password ID (16..65535) #wps_nfc_dh_pubkey: Hexdump of DH Public Key #wps_nfc_dh_privkey: Hexdump of DH Private Key #wps_nfc_dev_pw: Hexdump of Device Password # Priority for the networks added through WPS # This priority value will be set to each network profile that is added # by executing the WPS protocol. #wps_priority=0 a219 14 # Automatic scan # This is an optional set of parameters for automatic scanning # within an interface in following format: #autoscan=: # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : #autoscan=exponential:3:300 # Which means a delay between scans on a base exponential of 3, # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be #autoscan=periodic:30 # So a delay of 30 seconds will be applied between each scan. # Note: If sched_scan_plans are configured and supported by the driver, # autoscan is ignored. a225 362 # Password (and passphrase, etc.) backend for external storage # format: [:] #ext_password_backend=test:pw1=password|pw2=testing # Disable P2P functionality # p2p_disabled=1 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in P2P GO mode to clean up # inactive stations. #p2p_go_max_inactivity=300 # Passphrase length (8..63) for P2P GO # # This parameter controls the length of the random passphrase that is # generated at the GO. Default: 8. #p2p_passphrase_len=8 # Extra delay between concurrent P2P search iterations # # This value adds extra delay in milliseconds between concurrent search # iterations to make p2p_find friendlier to concurrent operations by avoiding # it from taking 100% of radio resources. The default value is 500 ms. #p2p_search_delay=500 # Opportunistic Key Caching (also known as Proactive Key Caching) default # This parameter can be used to set the default behavior for the # proactive_key_caching parameter. By default, OKC is disabled unless enabled # with the global okc=1 parameter or with the per-network # proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter for RSN networks. By default, PMF is disabled unless enabled with # the global pmf=1/2 parameter or with the per-network ieee80211w=1/2 parameter. # With pmf=1/2, PMF is enabled/required by default, but can be disabled with the # per-network ieee80211w parameter. This global default value does not apply # for non-RSN networks (key_mgmt=NONE) since PMF is available only when using # RSN. #pmf=0 # Enabled SAE finite cyclic groups in preference order # By default (if this parameter is not set), the mandatory group 19 (ECC group # defined over a 256-bit prime order field) is preferred, but other groups are # also enabled. If this parameter is set, the groups will be tried in the # indicated order. The group values are listed in the IANA registry: # http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xml#ipsec-registry-9 #sae_groups=21 20 19 26 25 # Default value for DTIM period (if not overridden in network block) #dtim_period=2 # Default value for Beacon interval (if not overridden in network block) #beacon_int=100 # Additional vendor specific elements for Beacon and Probe Response frames # This parameter can be used to add additional vendor specific element(s) into # the end of the Beacon and Probe Response frames. The format for these # element(s) is a hexdump of the raw information elements (id+len+payload for # one or more elements). This is used in AP and P2P GO modes. #ap_vendor_elements=dd0411223301 # Ignore scan results older than request # # The driver may have a cache of scan results that makes it return # information that is older than our scan trigger. This parameter can # be used to configure such old information to be ignored instead of # allowing it to update the internal BSS table. #ignore_old_scan_res=0 # scan_cur_freq: Whether to scan only the current frequency # 0: Scan all available frequencies. (Default) # 1: Scan current operating frequency if another VIF on the same radio # is already associated. # MAC address policy default # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) # # By default, permanent MAC address is used unless policy is changed by # the per-network mac_addr parameter. Global mac_addr=1 can be used to # change this default behavior. #mac_addr=0 # Lifetime of random MAC address in seconds (default: 60) #rand_addr_lifetime=60 # MAC address policy for pre-association operations (scanning, ANQP) # 0 = use permanent MAC address # 1 = use random MAC address # 2 = like 1, but maintain OUI (with local admin bit set) #preassoc_mac_addr=0 # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 # Homogenous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking # is enabled. # hessid=00:11:22:33:44:55 # Automatic network selection behavior # 0 = do not automatically go through Interworking network selection # (i.e., require explicit interworking_select command for this; default) # 1 = perform Interworking network selection if one or more # credentials have been configured and scan did not find a # matching network block #auto_interworking=0 # GAS Address3 field behavior # 0 = P2P specification (Address3 = AP BSSID); default # 1 = IEEE 802.11 standard compliant (Address3 = Wildcard BSSID when # sent to not-associated AP; if associated, AP BSSID) #gas_address3=0 # Publish fine timing measurement (FTM) responder functionality in # the Extended Capabilities element bit 70. # Controls whether FTM responder functionality will be published by AP/STA. # Note that actual FTM responder operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_responder=0 # Publish fine timing measurement (FTM) initiator functionality in # the Extended Capabilities element bit 71. # Controls whether FTM initiator functionality will be published by AP/STA. # Note that actual FTM initiator operation is managed outside wpa_supplicant. # 0 = Do not publish; default # 1 = Publish #ftm_initiator=0 # credential block # # Each credential used for automatic network selection is configured as a set # of parameters that are compared to the information advertised by the APs when # interworking_select and interworking_connect commands are used. # # credential fields: # # temporary: Whether this credential is temporary and not to be saved # # priority: Priority group # By default, all networks and credentials get the same priority group # (0). This field can be used to give higher priority for credentials # (and similarly in struct wpa_ssid for network blocks) to change the # Interworking automatic networking selection behavior. The matching # network (based on either an enabled network block or a credential) # with the highest priority value will be selected. # # pcsc: Use PC/SC and SIM/USIM card # # realm: Home Realm for Interworking # # username: Username for Interworking network selection # # password: Password for Interworking network selection # # ca_cert: CA certificate for Interworking network selection # # client_cert: File path to client certificate file (PEM/DER) # This field is used with Interworking networking selection for a case # where client certificate/private key is used for authentication # (EAP-TLS). Full path to the file should be used since working # directory may change when wpa_supplicant is run in the background. # # Certificates from PKCS#11 tokens can be referenced by a PKCS#11 URI. # # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read # from the PKCS#12 file in this case. Full path to the file should be # used since working directory may change when wpa_supplicant is run # in the background. # # Keys in PKCS#11 tokens can be referenced by a PKCS#11 URI. # For example: private_key="pkcs11:manufacturer=piv_II;id=%01" # # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # # cert://substring_to_match # # hash://certificate_thumbprint_in_hex # # For example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key_passwd: Password for private key file # # imsi: IMSI in | | '-' | format # # milenage: Milenage parameters for SIM/USIM simulator in :: # format # # domain: Home service provider FQDN(s) # This is used to compare against the Domain Name List to figure out # whether the AP is operated by the Home SP. Multiple domain entries can # be used to configure alternative FQDNs that will be considered home # networks. # # roaming_consortium: Roaming Consortium OI # If roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that can be used to determine which access # points support authentication with this credential. This is an # alternative to the use of the realm parameter. When using Roaming # Consortium to match the network, the EAP parameters need to be # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected # automatically based on ANQP information (e.g., NAI Realm). # # phase1: Pre-configure Phase 1 (outer authentication) parameters # This optional field is used with like the 'eap' parameter. # # phase2: Pre-configure Phase 2 (inner authentication) parameters # This optional field is used with like the 'eap' parameter. # # excluded_ssid: Excluded SSID # This optional field can be used to excluded specific SSID(s) from # matching with the network. Multiple entries can be used to specify more # than one SSID. # # roaming_partner: Roaming partner information # This optional field can be used to configure preferences between roaming # partners. The field is a string in following format: # ,<0/1 exact match>,,<* or country code> # (non-exact match means any subdomain matches the entry; priority is in # 0..255 range with 0 being the highest priority) # # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # # provisioning_sp: FQDN of the SP that provisioned the credential # This optional field can be used to keep track of the SP that provisioned # the credential to find the PPS MO (./Wi-Fi/). # # Minimum backhaul threshold (PPS//Policy/MinBackhauldThreshold/*) # These fields can be used to specify minimum download/upload backhaul # bandwidth that is preferred for the credential. This constraint is # ignored if the AP does not advertise WAN Metrics information or if the # limit would prevent any connection. Values are in kilobits per second. # min_dl_bandwidth_home # min_ul_bandwidth_home # min_dl_bandwidth_roaming # min_ul_bandwidth_roaming # # max_bss_load: Maximum BSS Load Channel Utilization (1..255) # (PPS//Policy/MaximumBSSLoadValue) # This value is used as the maximum channel utilization for network # selection purposes for home networks. If the AP does not advertise # BSS Load or if the limit would prevent any connection, this constraint # will be ignored. # # req_conn_capab: Required connection capability # (PPS//Policy/RequiredProtoPortTuple) # This value is used to configure set of required protocol/port pairs that # a roaming network shall support (include explicitly in Connection # Capability ANQP element). This constraint is ignored if the AP does not # advertise Connection Capability or if this constraint would prevent any # network connection. This policy is not used in home networks. # Format: [: ... # # Example: # sched_scan_plans=10:100 20:200 30 # Multi Band Operation (MBO) non-preferred channels # A space delimited list of non-preferred channels where each channel is a colon # delimited list of values. # Format: # non_pref_chan=::: # Example: # non_pref_chan="81:5:10:2 81:1:0:2 81:9:0:2" # MBO Cellular Data Capabilities # 1 = Cellular data connection available # 2 = Cellular data connection not available # 3 = Not cellular capable (default) #mbo_cell_capa=3 d244 2 a245 4 # ssid: SSID (mandatory); network name in one of the optional formats: # - an ASCII string with double quotation # - a hex string (two characters per octet of SSID) # - a printf-escaped ASCII string P"" d272 3 a274 4 # Note: IBSS can only be used with key_mgmt NONE (plaintext and static WEP) and # WPA-PSK (with proto=RSN). In addition, key_mgmt=WPA-NONE (fixed group key # TKIP/CCMP) is available for backwards compatibility, but its use is # deprecated. WPA-None requires following network block options: a284 11 # pbss: Whether to use PBSS. Relevant to IEEE 802.11ad networks only. # 0 = do not use PBSS # 1 = use PBSS # 2 = don't care (not allowed in AP mode) # Used together with mode configuration. When mode is AP, it means to start a # PCP instead of a regular AP. When mode is infrastructure it means connect # to a PCP instead of AP. In this mode you can also specify 2 (don't care) # which means connect to either PCP or AP. # P2P_GO and P2P_GROUP_FORMATION modes must use PBSS in IEEE 802.11ad network. # For more details, see IEEE Std 802.11ad-2012. # a295 26 # This can also be set on the outside of the network block. In this case, # it limits the frequencies that will be scanned. # # bgscan: Background scanning # wpa_supplicant behavior for background scanning can be specified by # configuring a bgscan module. These modules are responsible for requesting # background scans for the purpose of roaming within an ESS (i.e., within a # single network block with all the APs using the same SSID). The bgscan # parameter uses following format: ":" # Following bgscan modules are available: # simple - Periodic background scans based on signal strength # bgscan="simple::: # " # bgscan="simple:30:-45:300" # learn - Learn channels used by the network and try to avoid bgscans on other # channels (experimental) # bgscan="learn::: # [:]" # bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan" # Explicitly disable bgscan by setting # bgscan="" # # This option can also be set outside of all network blocks for the bgscan # parameter to apply for all the networks that have no specific bgscan # parameter. # a306 4 # WPA-NONE = WPA-None for IBSS (deprecated; use proto=RSN key_mgmt=WPA-PSK # instead) # FT-PSK = Fast BSS Transition (IEEE 802.11r) with pre-shared key # FT-EAP = Fast BSS Transition (IEEE 802.11r) with EAP authentication a308 7 # SAE = Simultaneous authentication of equals; pre-shared key/password -based # authentication with stronger security than WPA-PSK especially when using # not that strong password # FT-SAE = SAE with FT # WPA-EAP-SUITE-B = Suite B 128-bit level # WPA-EAP-SUITE-B-192 = Suite B 192-bit level # OSEN = Hotspot 2.0 Rel 2 online signup connection a310 10 # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional # 2 = required # The most common configuration options for this based on the PMF (protected # management frames) certification program are: # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) # d336 1 a336 2 # 8 and 63 characters (inclusive). ext: format can # be used to indicate that the PSK/passphrase is stored in external storage. a342 5 # mem_only_psk: Whether to keep PSK/passphrase only in memory # 0 = allow psk/passphrase to be stored to the configuration file # 1 = do not store psk/passphrase to the configuration file #mem_only_psk=0 # d348 2 a349 10 # Note: When using wired authentication (including macsec_qca driver), # eapol_flags must be set to 0 for the authentication to be completed # successfully. # # macsec_policy: IEEE 802.1X/MACsec options # This determines how sessions are secured with MACsec. It is currently # applicable only when using the macsec_qca driver interface. # 0: MACsec not in use (default) # 1: MACsec enabled - Should secure, accept key server's advice to # determine whether to use a secure session or not. d353 1 a353 1 # SSID, are allowed when selecting a BSS from scan results. d359 1 a359 1 # 0 = disabled (default unless changed with the global okc parameter) a374 4 # group_rekey: Group rekeying time in seconds. This value, if non-zero, is used # as the dot11RSNAConfigGroupRekeyTime parameter when operating in # Authenticator role in IBSS. # d377 1 a377 1 # MD5 = EAP-MD5 (insecure and does not generate keying material -> d397 1 a397 2 # identity, e.g., EAP-TTLS). This field can also be used with # EAP-SIM/AKA/AKA' to store the pseudonym identity. d405 1 a405 2 # variable length PSK. ext: format can # be used to indicate that the password is stored in external storage. d466 1 a466 1 # certificate is only accepted if it contains this string in the subject. a468 4 # Note: Since this is a substring match, this cannot be used securely to # do a suffix match against a possible domain name in the CN entry. For # such a use case, domain_suffix_match or domain_match should be used # instead. d471 1 a471 1 # If this string is set, the server certificate is only accepted if it a476 24 # domain_suffix_match: Constraint for server domain name. If set, this FQDN is # used as a suffix match requirement for the AAA server certificate in # SubjectAltName dNSName element(s). If a matching dNSName is found, this # constraint is met. If no dNSName values are present, this constraint is # matched against SubjectName CN using same suffix match comparison. # # Suffix match here means that the host/domain name is compared one label # at a time starting from the top-level domain and all the labels in # domain_suffix_match shall be included in the certificate. The # certificate may include additional sub-level labels in addition to the # required labels. # # For example, domain_suffix_match=example.com would match # test.example.com but would not match test-example.com. # domain_match: Constraint for server domain name # If set, this FQDN is used as a full match requirement for the # server certificate in SubjectAltName dNSName element(s). If a # matching dNSName is found, this constraint is met. If no dNSName # values are present, this constraint is matched against SubjectName CN # using same full match comparison. This behavior is similar to # domain_suffix_match, but has the requirement of a full match, i.e., # no subdomains or wildcard matches are allowed. Case-insensitive # comparison is used, so "Example.com" matches "example.com", but would # not match "test.Example.com". a504 10 # # For wired IEEE 802.1X authentication, "allow_canned_success=1" can be # used to configure a mode that allows EAP-Success (and EAP-Failure) # without going through authentication step. Some switches use such # sequence when forcing the port to be authorized/unauthorized or as a # fallback option if the authentication server is unreachable. By default, # wpa_supplicant discards such frames to protect against potential attacks # by rogue devices, but this option can be used to disable that protection # for cases where the server/authenticator does not need to be # authenticated. d507 1 a507 32 # "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS). "mschapv2_retry=0" can be # used to disable MSCHAPv2 password retry in authentication failure cases. # # TLS-based methods can use the following parameters to control TLS behavior # (these are normally in the phase1 parameter, but can be used also in the # phase2 parameter when EAP-TLS is used within the inner tunnel): # tls_allow_md5=1 - allow MD5-based certificate signatures (depending on the # TLS library, these may be disabled by default to enforce stronger # security) # tls_disable_time_checks=1 - ignore certificate validity time (this requests # the TLS library to accept certificates even if they are not currently # valid, i.e., have expired or have not yet become valid; this should be # used only for testing purposes) # tls_disable_session_ticket=1 - disable TLS Session Ticket extension # tls_disable_session_ticket=0 - allow TLS Session Ticket extension to be used # Note: If not set, this is automatically set to 1 for EAP-TLS/PEAP/TTLS # as a workaround for broken authentication server implementations unless # EAP workarounds are disabled with eap_workaround=0. # For EAP-FAST, this must be set to 0 (or left unconfigured for the # default value to be used automatically). # tls_disable_tlsv1_0=1 - disable use of TLSv1.0 # tls_disable_tlsv1_1=1 - disable use of TLSv1.1 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers # that have issues interoperating with updated TLS version) # tls_ext_cert_check=0 - No external server certificate validation (default) # tls_ext_cert_check=1 - External server certificate validation enabled; this # requires an external program doing validation of server certificate # chain when receiving CTRL-RSP-EXT_CERT_CHECK event from the control # interface and report the result of the validation with # CTRL-RSP_EXT_CERT_CHECK. # d520 3 a522 6 # authentication server certificate. See subject_match for more details. # altsubject_match2: Semicolon separated string of entries to be matched # against the alternative subject name of the authentication server # certificate. See altsubject_match documentation for more details. # domain_suffix_match2: Constraint for server domain name. See # domain_suffix_match for more details. a530 13 # ocsp: Whether to use/require OCSP to check server certificate # 0 = do not use OCSP stapling (TLS certificate status extension) # 1 = try to use OCSP stapling, but not require response # 2 = require valid OCSP stapling response # 3 = require valid OCSP stapling response for all not-trusted # certificates in the server certificate chain # # openssl_ciphers: OpenSSL specific cipher configuration # This can be used to override the global openssl_ciphers configuration # parameter (see above). # # erp: Whether EAP Re-authentication Protocol (ERP) is enabled # a556 116 # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # Station inactivity limit # # If a station does not send anything in ap_max_inactivity seconds, an # empty data frame is sent to it in order to verify whether it is # still in range. If this frame is not ACKed, the station will be # disassociated and then deauthenticated. This feature is used to # clear station table of old entries when the STAs move out of the # range. # # The station can associate again with the AP if it is still in range; # this inactivity poll is just used as a nicer way of verifying # inactivity; i.e., client will not report broken connection because # disassociation frame is not sent immediately without first polling # the STA with a data frame. # default: 300 (i.e., 5 minutes) #ap_max_inactivity=300 # DTIM period in Beacon intervals for AP mode (default: 2) #dtim_period=2 # Beacon interval (default: 100 TU) #beacon_int=100 # WPS in AP mode # 0 = WPS enabled and configured (default) # 1 = WPS disabled #wps_disabled=0 # MAC address policy # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) #mac_addr=0 # disable_ht: Whether HT (802.11n) should be disabled. # 0 = HT enabled (if AP supports it) # 1 = HT disabled # # disable_ht40: Whether HT-40 (802.11n) should be disabled. # 0 = HT-40 enabled (if AP supports it) # 1 = HT-40 disabled # # disable_sgi: Whether SGI (short guard interval) should be disabled. # 0 = SGI enabled (if AP supports it) # 1 = SGI disabled # # disable_ldpc: Whether LDPC should be disabled. # 0 = LDPC enabled (if AP supports it) # 1 = LDPC disabled # # ht40_intolerant: Whether 40 MHz intolerant should be indicated. # 0 = 40 MHz tolerant (default) # 1 = 40 MHz intolerant # # ht_mcs: Configure allowed MCS rates. # Parsed as an array of bytes, in base-16 (ascii-hex) # ht_mcs="" // Use all available (default) # ht_mcs="0xff 00 00 00 00 00 00 00 00 00 " // Use MCS 0-7 only # ht_mcs="0xff ff 00 00 00 00 00 00 00 00 " // Use MCS 0-15 only # # disable_max_amsdu: Whether MAX_AMSDU should be disabled. # -1 = Do not make any changes. # 0 = Enable MAX-AMSDU if hardware supports it. # 1 = Disable AMSDU # # ampdu_factor: Maximum A-MPDU Length Exponent # Value: 0-3, see 7.3.2.56.3 in IEEE Std 802.11n-2009. # # ampdu_density: Allow overriding AMPDU density configuration. # Treated as hint by the kernel. # -1 = Do not make any changes. # 0-3 = Set AMPDU density (aka factor) to specified value. # disable_vht: Whether VHT should be disabled. # 0 = VHT enabled (if AP supports it) # 1 = VHT disabled # # vht_capa: VHT capabilities to set in the override # vht_capa_mask: mask of VHT capabilities # # vht_rx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for RX NSS 1-8 # vht_tx_mcs_nss_1/2/3/4/5/6/7/8: override the MCS set for TX NSS 1-8 # 0: MCS 0-7 # 1: MCS 0-8 # 2: MCS 0-9 # 3: not supported ##### Fast Session Transfer (FST) support ##################################### # # The options in this section are only available when the build configuration # option CONFIG_FST is set while compiling wpa_supplicant. They allow this # interface to be a part of FST setup. # # FST is the transfer of a session from a channel to another channel, in the # same or different frequency bands. # # For details, see IEEE Std 802.11ad-2012. # Identifier of an FST Group the interface belongs to. #fst_group_id=bond0 # Interface priority within the FST Group. # Announcing a higher priority for an interface means declaring it more # preferable for FST switch. # fst_priority is in 1..255 range with 1 being the lowest priority. #fst_priority=100 # Default LLT value for this interface in milliseconds. The value used in case # no value provided during session setup. Default is 50 msec. # fst_llt is in 1..4294967 range (due to spec limitation, see 10.32.2.2 # Transitioning between states). #fst_llt=100 d803 1 a803 13 # IBSS/ad-hoc network with RSN network={ ssid="ibss-rsn" key_mgmt=WPA-PSK proto=RSN psk="12345678" mode=1 frequency=2412 pairwise=CCMP group=CCMP } # IBSS/ad-hoc network with WPA-None/TKIP (deprecated) a814 17 # open mesh network network={ ssid="test mesh" mode=5 frequency=2437 key_mgmt=NONE } # secure (SAE + AMPE) network network={ ssid="secure mesh" mode=5 frequency=2437 key_mgmt=SAE psk="very secret passphrase" } d844 3 d848 12 a859 3 # Certificate and/or key identified by PKCS#11 URI (RFC7512) client_cert="pkcs11:manufacturer=piv_II;id=%01" private_key="pkcs11:manufacturer=piv_II;id=%01" a888 36 # Example configuration blacklisting two APs - these will be ignored # for this network. network={ ssid="example" psk="very secret passphrase" bssid_blacklist=02:11:22:33:44:55 02:22:aa:44:55:66 } # Example configuration limiting AP selection to a specific set of APs; # any other AP not matching the masked address will be ignored. network={ ssid="example" psk="very secret passphrase" bssid_whitelist=02:55:ae:bc:00:00/ff:ff:ff:ff:00:00 00:00:77:66:55:44/00:00:ff:ff:ff:ff } # Example config file that will only scan on channel 36. freq_list=5180 network={ key_mgmt=NONE } # Example MACsec configuration #network={ # key_mgmt=IEEE8021X # eap=TTLS # phase2="auth=PAP" # anonymous_identity="anonymous@@example.com" # identity="user@@example.com" # password="secretr" # ca_cert="/etc/cert/ca.pem" # eapol_flags=0 # macsec_policy=1 #} @ 1.1.1.1.12.1 log @Resync to 2012-11-19 00:00:00 UTC @ text @d31 1 a31 1 # interface mechanism is used. For all cases, the existence of this parameter d202 1 a202 3 # nfc_interface push_button keypad virtual_display physical_display # virtual_push_button physical_push_button # For WSC 1.0: a203 2 # For WSC 2.0: #config_methods=label virtual_display virtual_push_button keypad a226 29 # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 # Homogenous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking # is enabled. # hessid=00:11:22:33:44:55 # Home Realm for Interworking #home_realm=example.com # Username for Interworking network selection #home_username=user # Password for Interworking network selection #home_password=secret # CA certificate for Interworking network selection #home_ca_cert=/etc/cert/ca.pem # IMSI in | | '-' | format #home_imsi=232010000000000 # Milenage parameters for SIM/USIM simulator in :: format #home_milenage=90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123 d353 1 a353 1 # SSID, are allowed when selecting a BSS from scan results. @ 1.1.1.1.12.2 log @Rebase to HEAD as of a few days ago. @ text @a216 16 # Vendor attribute in WPS M1, e.g., Windows 7 Vertical Pairing # The vendor attribute contents to be added in M1 (hex string) #wps_vendor_ext_m1=000137100100020001 # NFC password token for WPS # These parameters can be used to configure a fixed NFC password token for the # station. This can be generated, e.g., with nfc_pw_token. When these # parameters are used, the station is assumed to be deployed with a NFC tag # that includes the matching NFC password token (e.g., written based on the # NDEF record from nfc_pw_token). # #wps_nfc_dev_pw_id: Device Password ID (16..65535) #wps_nfc_dh_pubkey: Hexdump of DH Public Key #wps_nfc_dh_privkey: Hexdump of DH Private Key #wps_nfc_dev_pw: Hexdump of Device Password a223 12 # Automatic scan # This is an optional set of parameters for automatic scanning # within an interface in following format: #autoscan=: # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : #autoscan=exponential:3:300 # Which means a delay between scans on a base exponential of 3, # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be #autoscan=periodic:30 # So a delay of 30 seconds will be applied between each scan a229 25 # Password (and passphrase, etc.) backend for external storage # format: [:] #ext_password_backend=test:pw1=password|pw2=testing # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in P2P GO mode to clean up # inactive stations. #p2p_go_max_inactivity=300 # Opportunistic Key Caching (also known as Proactive Key Caching) default # This parameter can be used to set the default behavior for the # proactive_key_caching parameter. By default, OKC is disabled unless enabled # with the global okc=1 parameter or with the per-network # proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter. By default, PMF is disabled unless enabled with the global pmf=1/2 # parameter or with the per-network ieee80211w=1/2 parameter. With pmf=1/2, PMF # is enabled/required by default, but can be disabled with the per-network # ieee80211w parameter. #pmf=0 d242 8 a249 7 # Automatic network selection behavior # 0 = do not automatically go through Interworking network selection # (i.e., require explicit interworking_select command for this; default) # 1 = perform Interworking network selection if one or more # credentials have been configured and scan did not find a # matching network block #auto_interworking=0 d251 5 a255 119 # credential block # # Each credential used for automatic network selection is configured as a set # of parameters that are compared to the information advertised by the APs when # interworking_select and interworking_connect commands are used. # # credential fields: # # priority: Priority group # By default, all networks and credentials get the same priority group # (0). This field can be used to give higher priority for credentials # (and similarly in struct wpa_ssid for network blocks) to change the # Interworking automatic networking selection behavior. The matching # network (based on either an enabled network block or a credential) # with the highest priority value will be selected. # # pcsc: Use PC/SC and SIM/USIM card # # realm: Home Realm for Interworking # # username: Username for Interworking network selection # # password: Password for Interworking network selection # # ca_cert: CA certificate for Interworking network selection # # client_cert: File path to client certificate file (PEM/DER) # This field is used with Interworking networking selection for a case # where client certificate/private key is used for authentication # (EAP-TLS). Full path to the file should be used since working # directory may change when wpa_supplicant is run in the background. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read # from the PKCS#12 file in this case. Full path to the file should be # used since working directory may change when wpa_supplicant is run # in the background. # # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # # cert://substring_to_match # # hash://certificate_thumbprint_in_hex # # For example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key_passwd: Password for private key file # # imsi: IMSI in | | '-' | format # # milenage: Milenage parameters for SIM/USIM simulator in :: # format # # domain: Home service provider FQDN # This is used to compare against the Domain Name List to figure out # whether the AP is operated by the Home SP. # # roaming_consortium: Roaming Consortium OI # If roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that can be used to determine which access # points support authentication with this credential. This is an # alternative to the use of the realm parameter. When using Roaming # Consortium to match the network, the EAP parameters need to be # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected # automatically based on ANQP information (e.g., NAI Realm). # # phase1: Pre-configure Phase 1 (outer authentication) parameters # This optional field is used with like the 'eap' parameter. # # phase2: Pre-configure Phase 2 (inner authentication) parameters # This optional field is used with like the 'eap' parameter. # # excluded_ssid: Excluded SSID # This optional field can be used to excluded specific SSID(s) from # matching with the network. Multiple entries can be used to specify more # than one SSID. # # for example: # #cred={ # realm="example.com" # username="user@@example.com" # password="password" # ca_cert="/etc/wpa_supplicant/ca.pem" # domain="example.com" #} # #cred={ # imsi="310026-000000000" # milenage="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82" #} # #cred={ # realm="example.com" # username="user" # password="password" # ca_cert="/etc/wpa_supplicant/ca.pem" # domain="example.com" # roaming_consortium=223344 # eap=TTLS # phase2="auth=MSCHAPV2" #} d257 2 a258 2 # Hotspot 2.0 # hs20=1 d277 2 a278 4 # ssid: SSID (mandatory); network name in one of the optional formats: # - an ASCII string with double quotation # - a hex string (two characters per octet of SSID) # - a printf-escaped ASCII string P"" a328 17 # bgscan: Background scanning # wpa_supplicant behavior for background scanning can be specified by # configuring a bgscan module. These modules are responsible for requesting # background scans for the purpose of roaming within an ESS (i.e., within a # single network block with all the APs using the same SSID). The bgscan # parameter uses following format: ":" # Following bgscan modules are available: # simple - Periodic background scans based on signal strength # bgscan="simple::: # " # bgscan="simple:30:-45:300" # learn - Learn channels used by the network and try to avoid bgscans on other # channels (experimental) # bgscan="learn::: # [:]" # bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan" # a343 10 # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional # 2 = required # The most common configuration options for this based on the PMF (protected # management frames) certification program are: # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) # d369 1 a369 2 # 8 and 63 characters (inclusive). ext: format can # be used to indicate that the PSK/passphrase is stored in external storage. d392 1 a392 1 # 0 = disabled (default unless changed with the global okc parameter) d430 1 a430 2 # identity, e.g., EAP-TTLS). This field can also be used with # EAP-SIM/AKA/AKA' to store the pseudonym identity. d438 1 a438 2 # variable length PSK. ext: format can # be used to indicate that the password is stored in external storage. a540 19 # # TLS-based methods can use the following parameters to control TLS behavior # (these are normally in the phase1 parameter, but can be used also in the # phase2 parameter when EAP-TLS is used within the inner tunnel): # tls_allow_md5=1 - allow MD5-based certificate signatures (depending on the # TLS library, these may be disabled by default to enforce stronger # security) # tls_disable_time_checks=1 - ignore certificate validity time (this requests # the TLS library to accept certificates even if they are not currently # valid, i.e., have expired or have not yet become valid; this should be # used only for testing purposes) # tls_disable_session_ticket=1 - disable TLS Session Ticket extension # tls_disable_session_ticket=0 - allow TLS Session Ticket extension to be used # Note: If not set, this is automatically set to 1 for EAP-TLS/PEAP/TTLS # as a workaround for broken authentication server implementations unless # EAP workarounds are disabled with eap_workarounds=0. # For EAP-FAST, this must be set to 0 (or left unconfigured for the # default value to be used automatically). # a589 48 # Station inactivity limit # # If a station does not send anything in ap_max_inactivity seconds, an # empty data frame is sent to it in order to verify whether it is # still in range. If this frame is not ACKed, the station will be # disassociated and then deauthenticated. This feature is used to # clear station table of old entries when the STAs move out of the # range. # # The station can associate again with the AP if it is still in range; # this inactivity poll is just used as a nicer way of verifying # inactivity; i.e., client will not report broken connection because # disassociation frame is not sent immediately without first polling # the STA with a data frame. # default: 300 (i.e., 5 minutes) #ap_max_inactivity=300 # DTIM period in Beacon intervals for AP mode (default: 2) #dtim_period=2 # disable_ht: Whether HT (802.11n) should be disabled. # 0 = HT enabled (if AP supports it) # 1 = HT disabled # # disable_ht40: Whether HT-40 (802.11n) should be disabled. # 0 = HT-40 enabled (if AP supports it) # 1 = HT-40 disabled # # disable_sgi: Whether SGI (short guard interval) should be disabled. # 0 = SGI enabled (if AP supports it) # 1 = SGI disabled # # ht_mcs: Configure allowed MCS rates. # Parsed as an array of bytes, in base-16 (ascii-hex) # ht_mcs="" // Use all available (default) # ht_mcs="0xff 00 00 00 00 00 00 00 00 00 " // Use MCS 0-7 only # ht_mcs="0xff ff 00 00 00 00 00 00 00 00 " // Use MCS 0-15 only # # disable_max_amsdu: Whether MAX_AMSDU should be disabled. # -1 = Do not make any changes. # 0 = Enable MAX-AMSDU if hardware supports it. # 1 = Disable AMSDU # # ampdu_density: Allow overriding AMPDU density configuration. # Treated as hint by the kernel. # -1 = Do not make any changes. # 0-3 = Set AMPDU density (aka factor) to specified value. @ 1.1.1.1.6.1 log @sync with head @ text @d31 1 a31 1 # interface mechanism is used. For all cases, the existence of this parameter d202 1 a202 3 # nfc_interface push_button keypad virtual_display physical_display # virtual_push_button physical_push_button # For WSC 1.0: a203 2 # For WSC 2.0: #config_methods=label virtual_display virtual_push_button keypad a226 29 # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 # Homogenous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking # is enabled. # hessid=00:11:22:33:44:55 # Home Realm for Interworking #home_realm=example.com # Username for Interworking network selection #home_username=user # Password for Interworking network selection #home_password=secret # CA certificate for Interworking network selection #home_ca_cert=/etc/cert/ca.pem # IMSI in | | '-' | format #home_imsi=232010000000000 # Milenage parameters for SIM/USIM simulator in :: format #home_milenage=90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123 d353 1 a353 1 # SSID, are allowed when selecting a BSS from scan results. @ 1.1.1.1.6.2 log @sync with head. for a reference, the tree before this commit was tagged as yamt-pagecache-tag8. this commit was splitted into small chunks to avoid a limitation of cvs. ("Protocol error: too many arguments") @ text @a216 16 # Vendor attribute in WPS M1, e.g., Windows 7 Vertical Pairing # The vendor attribute contents to be added in M1 (hex string) #wps_vendor_ext_m1=000137100100020001 # NFC password token for WPS # These parameters can be used to configure a fixed NFC password token for the # station. This can be generated, e.g., with nfc_pw_token. When these # parameters are used, the station is assumed to be deployed with a NFC tag # that includes the matching NFC password token (e.g., written based on the # NDEF record from nfc_pw_token). # #wps_nfc_dev_pw_id: Device Password ID (16..65535) #wps_nfc_dh_pubkey: Hexdump of DH Public Key #wps_nfc_dh_privkey: Hexdump of DH Private Key #wps_nfc_dev_pw: Hexdump of Device Password a223 12 # Automatic scan # This is an optional set of parameters for automatic scanning # within an interface in following format: #autoscan=: # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : #autoscan=exponential:3:300 # Which means a delay between scans on a base exponential of 3, # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be #autoscan=periodic:30 # So a delay of 30 seconds will be applied between each scan a229 25 # Password (and passphrase, etc.) backend for external storage # format: [:] #ext_password_backend=test:pw1=password|pw2=testing # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in P2P GO mode to clean up # inactive stations. #p2p_go_max_inactivity=300 # Opportunistic Key Caching (also known as Proactive Key Caching) default # This parameter can be used to set the default behavior for the # proactive_key_caching parameter. By default, OKC is disabled unless enabled # with the global okc=1 parameter or with the per-network # proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter. By default, PMF is disabled unless enabled with the global pmf=1/2 # parameter or with the per-network ieee80211w=1/2 parameter. With pmf=1/2, PMF # is enabled/required by default, but can be disabled with the per-network # ieee80211w parameter. #pmf=0 d242 8 a249 7 # Automatic network selection behavior # 0 = do not automatically go through Interworking network selection # (i.e., require explicit interworking_select command for this; default) # 1 = perform Interworking network selection if one or more # credentials have been configured and scan did not find a # matching network block #auto_interworking=0 d251 5 a255 119 # credential block # # Each credential used for automatic network selection is configured as a set # of parameters that are compared to the information advertised by the APs when # interworking_select and interworking_connect commands are used. # # credential fields: # # priority: Priority group # By default, all networks and credentials get the same priority group # (0). This field can be used to give higher priority for credentials # (and similarly in struct wpa_ssid for network blocks) to change the # Interworking automatic networking selection behavior. The matching # network (based on either an enabled network block or a credential) # with the highest priority value will be selected. # # pcsc: Use PC/SC and SIM/USIM card # # realm: Home Realm for Interworking # # username: Username for Interworking network selection # # password: Password for Interworking network selection # # ca_cert: CA certificate for Interworking network selection # # client_cert: File path to client certificate file (PEM/DER) # This field is used with Interworking networking selection for a case # where client certificate/private key is used for authentication # (EAP-TLS). Full path to the file should be used since working # directory may change when wpa_supplicant is run in the background. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read # from the PKCS#12 file in this case. Full path to the file should be # used since working directory may change when wpa_supplicant is run # in the background. # # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # # cert://substring_to_match # # hash://certificate_thumbprint_in_hex # # For example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key_passwd: Password for private key file # # imsi: IMSI in | | '-' | format # # milenage: Milenage parameters for SIM/USIM simulator in :: # format # # domain: Home service provider FQDN # This is used to compare against the Domain Name List to figure out # whether the AP is operated by the Home SP. # # roaming_consortium: Roaming Consortium OI # If roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that can be used to determine which access # points support authentication with this credential. This is an # alternative to the use of the realm parameter. When using Roaming # Consortium to match the network, the EAP parameters need to be # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected # automatically based on ANQP information (e.g., NAI Realm). # # phase1: Pre-configure Phase 1 (outer authentication) parameters # This optional field is used with like the 'eap' parameter. # # phase2: Pre-configure Phase 2 (inner authentication) parameters # This optional field is used with like the 'eap' parameter. # # excluded_ssid: Excluded SSID # This optional field can be used to excluded specific SSID(s) from # matching with the network. Multiple entries can be used to specify more # than one SSID. # # for example: # #cred={ # realm="example.com" # username="user@@example.com" # password="password" # ca_cert="/etc/wpa_supplicant/ca.pem" # domain="example.com" #} # #cred={ # imsi="310026-000000000" # milenage="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82" #} # #cred={ # realm="example.com" # username="user" # password="password" # ca_cert="/etc/wpa_supplicant/ca.pem" # domain="example.com" # roaming_consortium=223344 # eap=TTLS # phase2="auth=MSCHAPV2" #} d257 2 a258 2 # Hotspot 2.0 # hs20=1 d277 2 a278 4 # ssid: SSID (mandatory); network name in one of the optional formats: # - an ASCII string with double quotation # - a hex string (two characters per octet of SSID) # - a printf-escaped ASCII string P"" a328 17 # bgscan: Background scanning # wpa_supplicant behavior for background scanning can be specified by # configuring a bgscan module. These modules are responsible for requesting # background scans for the purpose of roaming within an ESS (i.e., within a # single network block with all the APs using the same SSID). The bgscan # parameter uses following format: ":" # Following bgscan modules are available: # simple - Periodic background scans based on signal strength # bgscan="simple::: # " # bgscan="simple:30:-45:300" # learn - Learn channels used by the network and try to avoid bgscans on other # channels (experimental) # bgscan="learn::: # [:]" # bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan" # a343 10 # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional # 2 = required # The most common configuration options for this based on the PMF (protected # management frames) certification program are: # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) # d369 1 a369 2 # 8 and 63 characters (inclusive). ext: format can # be used to indicate that the PSK/passphrase is stored in external storage. d392 1 a392 1 # 0 = disabled (default unless changed with the global okc parameter) d430 1 a430 2 # identity, e.g., EAP-TTLS). This field can also be used with # EAP-SIM/AKA/AKA' to store the pseudonym identity. d438 1 a438 2 # variable length PSK. ext: format can # be used to indicate that the password is stored in external storage. a540 19 # # TLS-based methods can use the following parameters to control TLS behavior # (these are normally in the phase1 parameter, but can be used also in the # phase2 parameter when EAP-TLS is used within the inner tunnel): # tls_allow_md5=1 - allow MD5-based certificate signatures (depending on the # TLS library, these may be disabled by default to enforce stronger # security) # tls_disable_time_checks=1 - ignore certificate validity time (this requests # the TLS library to accept certificates even if they are not currently # valid, i.e., have expired or have not yet become valid; this should be # used only for testing purposes) # tls_disable_session_ticket=1 - disable TLS Session Ticket extension # tls_disable_session_ticket=0 - allow TLS Session Ticket extension to be used # Note: If not set, this is automatically set to 1 for EAP-TLS/PEAP/TTLS # as a workaround for broken authentication server implementations unless # EAP workarounds are disabled with eap_workarounds=0. # For EAP-FAST, this must be set to 0 (or left unconfigured for the # default value to be used automatically). # a589 48 # Station inactivity limit # # If a station does not send anything in ap_max_inactivity seconds, an # empty data frame is sent to it in order to verify whether it is # still in range. If this frame is not ACKed, the station will be # disassociated and then deauthenticated. This feature is used to # clear station table of old entries when the STAs move out of the # range. # # The station can associate again with the AP if it is still in range; # this inactivity poll is just used as a nicer way of verifying # inactivity; i.e., client will not report broken connection because # disassociation frame is not sent immediately without first polling # the STA with a data frame. # default: 300 (i.e., 5 minutes) #ap_max_inactivity=300 # DTIM period in Beacon intervals for AP mode (default: 2) #dtim_period=2 # disable_ht: Whether HT (802.11n) should be disabled. # 0 = HT enabled (if AP supports it) # 1 = HT disabled # # disable_ht40: Whether HT-40 (802.11n) should be disabled. # 0 = HT-40 enabled (if AP supports it) # 1 = HT-40 disabled # # disable_sgi: Whether SGI (short guard interval) should be disabled. # 0 = SGI enabled (if AP supports it) # 1 = SGI disabled # # ht_mcs: Configure allowed MCS rates. # Parsed as an array of bytes, in base-16 (ascii-hex) # ht_mcs="" // Use all available (default) # ht_mcs="0xff 00 00 00 00 00 00 00 00 00 " // Use MCS 0-7 only # ht_mcs="0xff ff 00 00 00 00 00 00 00 00 " // Use MCS 0-15 only # # disable_max_amsdu: Whether MAX_AMSDU should be disabled. # -1 = Do not make any changes. # 0 = Enable MAX-AMSDU if hardware supports it. # 1 = Disable AMSDU # # ampdu_density: Allow overriding AMPDU density configuration. # Treated as hint by the kernel. # -1 = Do not make any changes. # 0-3 = Set AMPDU density (aka factor) to specified value. @ 1.1.1.2 log @from hostap.epitest.fi @ text @d31 1 a31 1 # interface mechanism is used. For all cases, the existence of this parameter d202 1 a202 3 # nfc_interface push_button keypad virtual_display physical_display # virtual_push_button physical_push_button # For WSC 1.0: a203 2 # For WSC 2.0: #config_methods=label virtual_display virtual_push_button keypad a226 29 # Interworking (IEEE 802.11u) # Enable Interworking # interworking=1 # Homogenous ESS identifier # If this is set, scans will be used to request response only from BSSes # belonging to the specified Homogeneous ESS. This is used only if interworking # is enabled. # hessid=00:11:22:33:44:55 # Home Realm for Interworking #home_realm=example.com # Username for Interworking network selection #home_username=user # Password for Interworking network selection #home_password=secret # CA certificate for Interworking network selection #home_ca_cert=/etc/cert/ca.pem # IMSI in | | '-' | format #home_imsi=232010000000000 # Milenage parameters for SIM/USIM simulator in :: format #home_milenage=90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123 d353 1 a353 1 # SSID, are allowed when selecting a BSS from scan results. @ 1.1.1.3 log @import v2_0: 2013-01-12 - v2.0 * removed Qt3-based wpa_gui (obsoleted by wpa_qui-qt4) * removed unmaintained driver wrappers broadcom, iphone, osx, ralink, hostap, madwifi (hostap and madwifi remain available for hostapd; their wpa_supplicant functionality is obsoleted by wext) * improved debug logging (human readable event names, interface name included in more entries) * changed AP mode behavior to enable WPS only for open and WPA/WPA2-Personal configuration * improved P2P concurrency operations - better coordination of concurrent scan and P2P search operations - avoid concurrent remain-on-channel operation requests by canceling previous operations prior to starting a new one - reject operations that would require multi-channel concurrency if the driver does not support it - add parameter to select whether STA or P2P connection is preferred if the driver cannot support both at the same time - allow driver to indicate channel changes - added optional delay= parameter for p2p_find to avoid taking all radio resources - use 500 ms p2p_find search delay by default during concurrent operations - allow all channels in GO Negotiation if the driver supports multi-channel concurrency * added number of small changes to make it easier for static analyzers to understand the implementation * fixed number of small bugs (see git logs for more details) * nl80211: number of updates to use new cfg80211/nl80211 functionality - replace monitor interface with nl80211 commands for AP mode - additional information for driver-based AP SME - STA entry authorization in RSN IBSS * EAP-pwd: - fixed KDF for group 21 and zero-padding - added support for fragmentation - increased maximum number of hunting-and-pecking iterations * avoid excessive Probe Response retries for broadcast Probe Request frames (only with drivers using wpa_supplicant AP mode SME/MLME) * added "GET country" ctrl_iface command * do not save an invalid network block in wpa_supplicant.conf to avoid problems reading the file on next start * send STA connected/disconnected ctrl_iface events to both the P2P group and parent interfaces * added preliminary support for using TLS v1.2 (CONFIG_TLSV12=y) * added "SET pno <1/0>" ctrl_iface command to start/stop preferred network offload with sched_scan driver command * merged in number of changes from Android repository for P2P, nl80211, and build parameters * changed P2P GO mode configuration to use driver capabilities to automatically enable HT operations when supported * added "wpa_cli status wps" command to fetch WPA2-Personal passhrase for WPS use cases in AP mode * EAP-AKA: keep pseudonym identity across EAP exchanges to match EAP-SIM behavior * improved reassociation behavior in cases where association is rejected or when an AP disconnects us to handle common load balancing mechanisms - try to avoid extra scans when the needed information is available * added optional "join" argument for p2p_prov_disc ctrl_iface command * added group ifname to P2P-PROV-DISC-* events * added P2P Device Address to AP-STA-DISCONNECTED event and use p2p_dev_addr parameter name with AP-STA-CONNECTED * added workarounds for WPS PBC overlap detection for some P2P use cases where deployed stations work incorrectly * optimize WPS connection speed by disconnecting prior to WPS scan and by using single channel scans when AP channel is known * PCSC and SIM/USIM improvements: - accept 0x67 (Wrong length) as a response to READ RECORD to fix issues with some USIM cards - try to read MNC length from SIM/USIM - build realm according to 3GPP TS 23.003 with identity from the SIM - allow T1 protocol to be enabled * added more WPS and P2P information available through D-Bus * improve P2P negotiation robustness - extra waits to get ACK frames through - longer timeouts for cases where deployed devices have been identified have issues meeting the specification requirements - more retries for some P2P frames - handle race conditions in GO Negotiation start by both devices - ignore unexpected GO Negotiation Response frame * added support for libnl 3.2 and newer * added P2P persistent group info to P2P_PEER data * maintain a list of P2P Clients for persistent group on GO * AP: increased initial group key handshake retransmit timeout to 500 ms * added optional dev_id parameter for p2p_find * added P2P-FIND-STOPPED ctrl_iface event * fixed issues in WPA/RSN element validation when roaming with ap_scan=1 and driver-based BSS selection * do not expire P2P peer entries while connected with the peer in a group * fixed WSC element inclusion in cases where P2P is disabled * AP: added a WPS workaround for mixed mode AP Settings with Windows 7 * EAP-SIM: fixed AT_COUNTER_TOO_SMALL use * EAP-SIM/AKA: append realm to pseudonym identity * EAP-SIM/AKA: store pseudonym identity in network configuration to allow it to persist over multiple EAP sessions and wpa_supplicant restarts * EAP-AKA': updated to RFC 5448 (username prefixes changed); note: this breaks interoperability with older versions * added support for WFA Hotspot 2.0 - GAS/ANQP to fetch network information - credential configuration and automatic network selections based on credential match with ANQP information * limited PMKSA cache entries to be used only with the network context that was used to create them * improved PMKSA cache expiration to avoid unnecessary disconnections * adjusted bgscan_simple fast-scan backoff to avoid too frequent background scans * removed ctrl_iface event on P2P PD Response in join-group case * added option to fetch BSS table entry based on P2P Device Address ("BSS p2p_dev_addr=") * added BSS entry age to ctrl_iface BSS command output * added optional MASK=0xH option for ctrl_iface BSS command to select which fields are included in the response * added optional RANGE=ALL|N1-N2 option for ctrl_iface BSS command to fetch information about several BSSes in one call * simplified licensing terms by selecting the BSD license as the only alternative * added "P2P_SET disallow_freq " ctrl_iface command to disable channels from P2P use * added p2p_pref_chan configuration parameter to allow preferred P2P channels to be specified * added support for advertising immediate availability of a WPS credential for P2P use cases * optimized scan operations for P2P use cases (use single channel scan for a specific SSID when possible) * EAP-TTLS: fixed peer challenge generation for MSCHAPv2 * SME: do not use reassociation after explicit disconnection request (local or a notification from an AP) * added support for sending debug info to Linux tracing (-T on command line) * added support for using Deauthentication reason code 3 as an indication of P2P group termination * added wps_vendor_ext_m1 configuration parameter to allow vendor specific attributes to be added to WPS M1 * started using separate TLS library context for tunneled TLS (EAP-PEAP/TLS, EAP-TTLS/TLS, EAP-FAST/TLS) to support different CA certificate configuration between Phase 1 and Phase 2 * added optional "auto" parameter for p2p_connect to request automatic GO Negotiation vs. join-a-group selection * added disabled_scan_offload parameter to disable automatic scan offloading (sched_scan) * added optional persistent= parameter for p2p_connect to allow forcing of a specific SSID/passphrase for GO Negotiation * added support for OBSS scan requests and 20/40 BSS coexistence reports * reject PD Request for unknown group * removed scripts and notes related to Windows binary releases (which have not been used starting from 1.x) * added initial support for WNM operations - Keep-alive based on BSS max idle period - WNM-Sleep Mode - minimal BSS Transition Management processing * added autoscan module to control scanning behavior while not connected - autoscan_periodic and autoscan_exponential modules * added new WPS NFC ctrl_iface mechanism - added initial support NFC connection handover - removed obsoleted WPS_OOB command (including support for deprecated UFD config_method) * added optional framework for external password storage ("ext:") * wpa_cli: added optional support for controlling wpa_supplicant remotely over UDP (CONFIG_CTRL_IFACE=udp-remote) for testing purposes * wpa_cli: extended tab completion to more commands * changed SSID output to use printf-escaped strings instead of masking of non-ASCII characters - SSID can now be configured in the same format: ssid=P"abc\x00test" * removed default ACM=1 from AC_VO and AC_VI * added optional "ht40" argument for P2P ctrl_iface commands to allow 40 MHz channels to be requested on the 5 GHz band * added optional parameters for p2p_invite command to specify channel when reinvoking a persistent group as the GO * improved FIPS mode builds with OpenSSL - "make fips" with CONFIG_FIPS=y to build wpa_supplicant with the OpenSSL FIPS object module - replace low level OpenSSL AES API calls to use EVP - use OpenSSL keying material exporter when possible - do not export TLS keys in FIPS mode - remove MD5 from CONFIG_FIPS=y builds - use OpenSSL function for PKBDF2 passphrase-to-PSK - use OpenSSL HMAC implementation - mix RAND_bytes() output into random_get_bytes() to force OpenSSL DRBG to be used in FIPS mode - use OpenSSL CMAC implementation * added mechanism to disable TLS Session Ticket extension - a workaround for servers that do not support TLS extensions that was enabled by default in recent OpenSSL versions - tls_disable_session_ticket=1 - automatically disable TLS Session Ticket extension by default when using EAP-TLS/PEAP/TTLS (i.e., only use it with EAP-FAST) * changed VENDOR-TEST EAP method to use proper private enterprise number (this will not interoperate with older versions) * disable network block temporarily on authentication failures * improved WPS AP selection during WPS PIN iteration * added support for configuring GCMP cipher for IEEE 802.11ad * added support for Wi-Fi Display extensions - WFD_SUBELEMENT_SET ctrl_iface command to configure WFD subelements - SET wifi_display <0/1> to disable/enable WFD support - WFD service discovery - an external program is needed to manage the audio/video streaming and codecs * optimized scan result use for network selection - use the internal BSS table instead of raw scan results - allow unnecessary scans to be skipped if fresh information is available (e.g., after GAS/ANQP round for Interworking) * added support for 256-bit AES with internal TLS implementation * allow peer to propose channel in P2P invitation process for a persistent group * added disallow_aps parameter to allow BSSIDs/SSIDs to be disallowed from network selection * re-enable the networks disabled during WPS operations * allow P2P functionality to be disabled per interface (p2p_disabled=1) * added secondary device types into P2P_PEER output * added an option to disable use of a separate P2P group interface (p2p_no_group_iface=1) * fixed P2P Bonjour SD to match entries with both compressed and not compressed domain name format and support multiple Bonjour PTR matches for the same key * use deauthentication instead of disassociation for all disconnection operations; this removes the now unused disassociate() wpa_driver_ops callback * optimized PSK generation on P2P GO by caching results to avoid multiple PBKDF2 operations * added okc=1 global configuration parameter to allow OKC to be enabled by default for all network blocks * added a workaround for WPS PBC session overlap detection to avoid interop issues with deployed station implementations that do not remove active PBC indication from Probe Request frames properly * added basic support for 60 GHz band * extend EAPOL frames processing workaround for roaming cases (postpone processing of unexpected EAPOL frame until association event to handle reordered events) @ text @a216 16 # Vendor attribute in WPS M1, e.g., Windows 7 Vertical Pairing # The vendor attribute contents to be added in M1 (hex string) #wps_vendor_ext_m1=000137100100020001 # NFC password token for WPS # These parameters can be used to configure a fixed NFC password token for the # station. This can be generated, e.g., with nfc_pw_token. When these # parameters are used, the station is assumed to be deployed with a NFC tag # that includes the matching NFC password token (e.g., written based on the # NDEF record from nfc_pw_token). # #wps_nfc_dev_pw_id: Device Password ID (16..65535) #wps_nfc_dh_pubkey: Hexdump of DH Public Key #wps_nfc_dh_privkey: Hexdump of DH Private Key #wps_nfc_dev_pw: Hexdump of Device Password a223 12 # Automatic scan # This is an optional set of parameters for automatic scanning # within an interface in following format: #autoscan=: # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : #autoscan=exponential:3:300 # Which means a delay between scans on a base exponential of 3, # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be #autoscan=periodic:30 # So a delay of 30 seconds will be applied between each scan a229 25 # Password (and passphrase, etc.) backend for external storage # format: [:] #ext_password_backend=test:pw1=password|pw2=testing # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in P2P GO mode to clean up # inactive stations. #p2p_go_max_inactivity=300 # Opportunistic Key Caching (also known as Proactive Key Caching) default # This parameter can be used to set the default behavior for the # proactive_key_caching parameter. By default, OKC is disabled unless enabled # with the global okc=1 parameter or with the per-network # proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter. By default, PMF is disabled unless enabled with the global pmf=1/2 # parameter or with the per-network ieee80211w=1/2 parameter. With pmf=1/2, PMF # is enabled/required by default, but can be disabled with the per-network # ieee80211w parameter. #pmf=0 d242 8 a249 7 # Automatic network selection behavior # 0 = do not automatically go through Interworking network selection # (i.e., require explicit interworking_select command for this; default) # 1 = perform Interworking network selection if one or more # credentials have been configured and scan did not find a # matching network block #auto_interworking=0 d251 5 a255 119 # credential block # # Each credential used for automatic network selection is configured as a set # of parameters that are compared to the information advertised by the APs when # interworking_select and interworking_connect commands are used. # # credential fields: # # priority: Priority group # By default, all networks and credentials get the same priority group # (0). This field can be used to give higher priority for credentials # (and similarly in struct wpa_ssid for network blocks) to change the # Interworking automatic networking selection behavior. The matching # network (based on either an enabled network block or a credential) # with the highest priority value will be selected. # # pcsc: Use PC/SC and SIM/USIM card # # realm: Home Realm for Interworking # # username: Username for Interworking network selection # # password: Password for Interworking network selection # # ca_cert: CA certificate for Interworking network selection # # client_cert: File path to client certificate file (PEM/DER) # This field is used with Interworking networking selection for a case # where client certificate/private key is used for authentication # (EAP-TLS). Full path to the file should be used since working # directory may change when wpa_supplicant is run in the background. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key: File path to client private key file (PEM/DER/PFX) # When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be # commented out. Both the private key and certificate will be read # from the PKCS#12 file in this case. Full path to the file should be # used since working directory may change when wpa_supplicant is run # in the background. # # Windows certificate store can be used by leaving client_cert out and # configuring private_key in one of the following formats: # # cert://substring_to_match # # hash://certificate_thumbprint_in_hex # # For example: private_key="hash://63093aa9c47f56ae88334c7b65a4" # # Note that when running wpa_supplicant as an application, the user # certificate store (My user account) is used, whereas computer store # (Computer account) is used when running wpasvc as a service. # # Alternatively, a named configuration blob can be used by setting # this to blob://blob_name. # # private_key_passwd: Password for private key file # # imsi: IMSI in | | '-' | format # # milenage: Milenage parameters for SIM/USIM simulator in :: # format # # domain: Home service provider FQDN # This is used to compare against the Domain Name List to figure out # whether the AP is operated by the Home SP. # # roaming_consortium: Roaming Consortium OI # If roaming_consortium_len is non-zero, this field contains the # Roaming Consortium OI that can be used to determine which access # points support authentication with this credential. This is an # alternative to the use of the realm parameter. When using Roaming # Consortium to match the network, the EAP parameters need to be # pre-configured with the credential since the NAI Realm information # may not be available or fetched. # # eap: Pre-configured EAP method # This optional field can be used to specify which EAP method will be # used with this credential. If not set, the EAP method is selected # automatically based on ANQP information (e.g., NAI Realm). # # phase1: Pre-configure Phase 1 (outer authentication) parameters # This optional field is used with like the 'eap' parameter. # # phase2: Pre-configure Phase 2 (inner authentication) parameters # This optional field is used with like the 'eap' parameter. # # excluded_ssid: Excluded SSID # This optional field can be used to excluded specific SSID(s) from # matching with the network. Multiple entries can be used to specify more # than one SSID. # # for example: # #cred={ # realm="example.com" # username="user@@example.com" # password="password" # ca_cert="/etc/wpa_supplicant/ca.pem" # domain="example.com" #} # #cred={ # imsi="310026-000000000" # milenage="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82" #} # #cred={ # realm="example.com" # username="user" # password="password" # ca_cert="/etc/wpa_supplicant/ca.pem" # domain="example.com" # roaming_consortium=223344 # eap=TTLS # phase2="auth=MSCHAPV2" #} d257 2 a258 2 # Hotspot 2.0 # hs20=1 d277 2 a278 4 # ssid: SSID (mandatory); network name in one of the optional formats: # - an ASCII string with double quotation # - a hex string (two characters per octet of SSID) # - a printf-escaped ASCII string P"" a328 17 # bgscan: Background scanning # wpa_supplicant behavior for background scanning can be specified by # configuring a bgscan module. These modules are responsible for requesting # background scans for the purpose of roaming within an ESS (i.e., within a # single network block with all the APs using the same SSID). The bgscan # parameter uses following format: ":" # Following bgscan modules are available: # simple - Periodic background scans based on signal strength # bgscan="simple::: # " # bgscan="simple:30:-45:300" # learn - Learn channels used by the network and try to avoid bgscans on other # channels (experimental) # bgscan="learn::: # [:]" # bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan" # a343 10 # ieee80211w: whether management frame protection is enabled # 0 = disabled (default unless changed with the global pmf parameter) # 1 = optional # 2 = required # The most common configuration options for this based on the PMF (protected # management frames) certification program are: # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) # d369 1 a369 2 # 8 and 63 characters (inclusive). ext: format can # be used to indicate that the PSK/passphrase is stored in external storage. d392 1 a392 1 # 0 = disabled (default unless changed with the global okc parameter) d430 1 a430 2 # identity, e.g., EAP-TTLS). This field can also be used with # EAP-SIM/AKA/AKA' to store the pseudonym identity. d438 1 a438 2 # variable length PSK. ext: format can # be used to indicate that the password is stored in external storage. a540 19 # # TLS-based methods can use the following parameters to control TLS behavior # (these are normally in the phase1 parameter, but can be used also in the # phase2 parameter when EAP-TLS is used within the inner tunnel): # tls_allow_md5=1 - allow MD5-based certificate signatures (depending on the # TLS library, these may be disabled by default to enforce stronger # security) # tls_disable_time_checks=1 - ignore certificate validity time (this requests # the TLS library to accept certificates even if they are not currently # valid, i.e., have expired or have not yet become valid; this should be # used only for testing purposes) # tls_disable_session_ticket=1 - disable TLS Session Ticket extension # tls_disable_session_ticket=0 - allow TLS Session Ticket extension to be used # Note: If not set, this is automatically set to 1 for EAP-TLS/PEAP/TTLS # as a workaround for broken authentication server implementations unless # EAP workarounds are disabled with eap_workarounds=0. # For EAP-FAST, this must be set to 0 (or left unconfigured for the # default value to be used automatically). # a589 48 # Station inactivity limit # # If a station does not send anything in ap_max_inactivity seconds, an # empty data frame is sent to it in order to verify whether it is # still in range. If this frame is not ACKed, the station will be # disassociated and then deauthenticated. This feature is used to # clear station table of old entries when the STAs move out of the # range. # # The station can associate again with the AP if it is still in range; # this inactivity poll is just used as a nicer way of verifying # inactivity; i.e., client will not report broken connection because # disassociation frame is not sent immediately without first polling # the STA with a data frame. # default: 300 (i.e., 5 minutes) #ap_max_inactivity=300 # DTIM period in Beacon intervals for AP mode (default: 2) #dtim_period=2 # disable_ht: Whether HT (802.11n) should be disabled. # 0 = HT enabled (if AP supports it) # 1 = HT disabled # # disable_ht40: Whether HT-40 (802.11n) should be disabled. # 0 = HT-40 enabled (if AP supports it) # 1 = HT-40 disabled # # disable_sgi: Whether SGI (short guard interval) should be disabled. # 0 = SGI enabled (if AP supports it) # 1 = SGI disabled # # ht_mcs: Configure allowed MCS rates. # Parsed as an array of bytes, in base-16 (ascii-hex) # ht_mcs="" // Use all available (default) # ht_mcs="0xff 00 00 00 00 00 00 00 00 00 " // Use MCS 0-7 only # ht_mcs="0xff ff 00 00 00 00 00 00 00 00 " // Use MCS 0-15 only # # disable_max_amsdu: Whether MAX_AMSDU should be disabled. # -1 = Do not make any changes. # 0 = Enable MAX-AMSDU if hardware supports it. # 1 = Disable AMSDU # # ampdu_density: Allow overriding AMPDU density configuration. # Treated as hint by the kernel. # -1 = Do not make any changes. # 0-3 = Set AMPDU density (aka factor) to specified value. @ 1.1.1.3.4.1 log @Pull up following revision(s) (requested by christos in ticket #720): doc/3RDPARTY: patch external/bsd/wpa/bin/hostapd/Makefile: up to 1.8 external/bsd/wpa/bin/wpa_passphrase/Makefile: up to 1.3 external/bsd/wpa/bin/wpa_supplicant/Makefile: up to 1.5 external/bsd/wpa/dist/CONTRIBUTIONS: up to 1.1.1.2 external/bsd/wpa/dist/COPYING: up to 1.1.1.3 external/bsd/wpa/dist/README: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/Android.mk: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/ChangeLog: up to 1.1.1.7 external/bsd/wpa/dist/hostapd/Makefile: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/README: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/README-WPS: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/android.config: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/config_file.c: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/ctrl_iface.c: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/defconfig: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/dump_state.c: delete external/bsd/wpa/dist/hostapd/dump_state.h: delete external/bsd/wpa/dist/hostapd/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/hostapd/hapd_module_tests.c: up to 1.1.1.1 external/bsd/wpa/dist/hostapd/hlr_auc_gw.c: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/hostapd.8: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd.conf: up to 1.1.1.6 external/bsd/wpa/dist/hostapd/hostapd.eap_user: up to 1.1.1.3 external/bsd/wpa/dist/hostapd/hostapd.eap_user_sqlite: up to 1.1.1.2 external/bsd/wpa/dist/hostapd/hostapd_cli.c: up to 1.7 external/bsd/wpa/dist/hostapd/main.c: up to 1.1.1.5 external/bsd/wpa/dist/hostapd/wps-ap-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/Android.mk: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/devdetail.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/devinfo.xml: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/est.c: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/oma_dm_client.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/osu_client.c: up to 1.1.1.2 external/bsd/wpa/dist/hs20/client/osu_client.h: up to 1.1.1.1 external/bsd/wpa/dist/hs20/client/spp_client.c: up to 1.1.1.1 external/bsd/wpa/dist/patches/openssl-0.9.8-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8d-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8e-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8g-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8h-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8i-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8x-tls-extensions.patch: delete external/bsd/wpa/dist/patches/openssl-0.9.8za-tls-extensions.patch: up to 1.1.1.2 external/bsd/wpa/dist/patches/openssl-0.9.9-session-ticket.patch: delete external/bsd/wpa/dist/src/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/accounting.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/acs.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/acs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ap_config.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ap_config.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ap_drv_ops.c: up to 1.3 external/bsd/wpa/dist/src/ap/ap_drv_ops.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ap_list.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ap_list.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ap_mlme.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/authsrv.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/beacon.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/beacon.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/bss_load.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/bss_load.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ctrl_iface_ap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/dfs.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dfs.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/dhcp_snoop.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/dhcp_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/drv_callbacks.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/eap_user_db.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/gas_serv.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/gas_serv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hostapd.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/hostapd.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/hs20.c: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hs20.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/hw_features.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/hw_features.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/iapp.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ieee802_11.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ieee802_11.h: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ieee802_11_auth.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ieee802_11_ht.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/ieee802_11_shared.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/ieee802_11_vht.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/ieee802_1x.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/ieee802_1x.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/ndisc_snoop.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/ndisc_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/p2p_hostapd.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/peerkey_auth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/pmksa_cache_auth.h: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/sta_info.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/sta_info.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/tkip_countermeasures.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/vlan_init.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/vlan_init.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wmm.c: up to 1.1.1.4 external/bsd/wpa/dist/src/ap/wmm.h: up to 1.1.1.2 external/bsd/wpa/dist/src/ap/wnm_ap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/wnm_ap.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/wpa_auth.c: up to 1.8 external/bsd/wpa/dist/src/ap/wpa_auth.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_glue.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wpa_auth_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/wpa_auth_ie.c: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/wpa_auth_ie.h: up to 1.1.1.3 external/bsd/wpa/dist/src/ap/wps_hostapd.c: up to 1.1.1.6 external/bsd/wpa/dist/src/ap/wps_hostapd.h: up to 1.1.1.5 external/bsd/wpa/dist/src/ap/x_snoop.c: up to 1.1.1.1 external/bsd/wpa/dist/src/ap/x_snoop.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/common/common_module_tests.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/defs.h: up to 1.1.1.5 external/bsd/wpa/dist/src/common/eapol_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/hw_features_common.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/hw_features_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/ieee802_11_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/common/ieee802_11_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/common/ieee802_11_defs.h: up to 1.1.1.5 external/bsd/wpa/dist/src/common/ieee802_1x_defs.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/privsep_commands.h: up to 1.1.1.3 external/bsd/wpa/dist/src/common/qca-vendor-attr.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/qca-vendor.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/sae.c: up to 1.1.1.2 external/bsd/wpa/dist/src/common/sae.h: up to 1.1.1.2 external/bsd/wpa/dist/src/common/tnc.h: up to 1.1.1.1 external/bsd/wpa/dist/src/common/version.h: up to 1.1.1.7 external/bsd/wpa/dist/src/common/wpa_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/common/wpa_common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/common/wpa_ctrl.c: up to 1.1.1.5 external/bsd/wpa/dist/src/common/wpa_ctrl.h: up to 1.1.1.6 external/bsd/wpa/dist/src/common/wpa_helpers.c: up to 1.1.1.1 external/bsd/wpa/dist/src/common/wpa_helpers.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/Makefile: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/aes-ccm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-eax.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-gcm.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/aes-omac1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-siv.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes-unwrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes-wrap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/aes_siv.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/aes_wrap.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/crypto.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/crypto_internal-rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/crypto_module_tests.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/crypto_nss.c: delete external/bsd/wpa/dist/src/crypto/crypto_openssl.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/dh_groups.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/dh_groups.h: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/fips_prf_cryptoapi.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_gnutls.c: delete external/bsd/wpa/dist/src/crypto/fips_prf_nss.c: delete external/bsd/wpa/dist/src/crypto/md5.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/milenage.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/ms_funcs.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/random.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1-internal.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha1-prf.c: up to 1.1.1.2 external/bsd/wpa/dist/src/crypto/sha1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha256-kdf.c: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/sha256-prf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/crypto/sha256.h: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/sha384.h: up to 1.1.1.1 external/bsd/wpa/dist/src/crypto/tls.h: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/tls_gnutls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/tls_internal.c: up to 1.1.1.5 external/bsd/wpa/dist/src/crypto/tls_none.c: up to 1.1.1.4 external/bsd/wpa/dist/src/crypto/tls_nss.c: delete external/bsd/wpa/dist/src/crypto/tls_openssl.c: up to 1.1.1.6 external/bsd/wpa/dist/src/crypto/tls_schannel.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/android_drv.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver.h: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_atheros.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_bsd.c: up to 1.11 external/bsd/wpa/dist/src/drivers/driver_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_hostap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_macsec_qca.c: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/driver_madwifi.c: delete external/bsd/wpa/dist/src/drivers/driver_ndis.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_nl80211.c: up to 1.1.1.6 external/bsd/wpa/dist/src/drivers/driver_nl80211.h: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_nl80211_android.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_nl80211_capa.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_nl80211_event.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_nl80211_monitor.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_nl80211_scan.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_none.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_openbsd.c: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/driver_privsep.c: up to 1.1.1.3 external/bsd/wpa/dist/src/drivers/driver_roboswitch.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_test.c: delete external/bsd/wpa/dist/src/drivers/driver_wext.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/driver_wext.h: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/driver_wired.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/drivers.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/drivers.mak: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/drivers.mk: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/linux_defines.h: up to 1.1.1.1 external/bsd/wpa/dist/src/drivers/linux_ioctl.c: up to 1.1.1.4 external/bsd/wpa/dist/src/drivers/linux_wext.h: up to 1.1.1.2 external/bsd/wpa/dist/src/drivers/netlink.c: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/nl80211_copy.h: up to 1.1.1.5 external/bsd/wpa/dist/src/drivers/priv_netlink.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_common/eap_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_common/eap_eke_common.c: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_common/eap_eke_common.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_common/eap_fast_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_fast_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_gpsk_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_ikev2_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_pax_common.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_pax_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/eap_sim_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_common/eap_sim_common.h: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_common/ikev2_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_common/ikev2_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_peer/eap.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/eap.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_aka.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_config.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_eke.c: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_fast.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_fast_pac.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_gpsk.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_ikev2.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_leap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_methods.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_methods.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_mschapv2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_pax.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_peap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_proxy.h: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_proxy_dummy.c: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_peer/eap_psk.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_pwd.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_sake.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_sim.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_tls.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_peer/eap_tnc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_ttls.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/eap_vendor_test.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/eap_wsc.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_peer/ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_peer/mschapv2.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_peer/tncc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/eap_server/eap.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_methods.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server.c: up to 1.2 external/bsd/wpa/dist/src/eap_server/eap_server_aka.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_eke.c: up to 1.1.1.1 external/bsd/wpa/dist/src/eap_server/eap_server_fast.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_gpsk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_gtc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap_server_identity.c: up to 1.1.1.3 external/bsd/wpa/dist/src/eap_server/eap_server_ikev2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_md5.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_methods.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_mschapv2.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_pax.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_peap.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_psk.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_sake.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_server_sim.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_tls.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_tls_common.c: up to 1.6 external/bsd/wpa/dist/src/eap_server/eap_server_tnc.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/eap_server_ttls.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_server_wsc.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eap_server/eap_sim_db.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eap_server/eap_tls_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/ikev2.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eap_server/tncs.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eapol_auth/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_dump.c: up to 1.1.1.4 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.c: up to 1.1.1.5 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm.h: up to 1.1.1.5 external/bsd/wpa/dist/src/eapol_auth/eapol_auth_sm_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/eapol_supp/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.c: up to 1.1.1.6 external/bsd/wpa/dist/src/eapol_supp/eapol_supp_sm.h: up to 1.1.1.5 external/bsd/wpa/dist/src/l2_packet/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/l2_packet/l2_packet.h: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_freebsd.c: up to 1.5 external/bsd/wpa/dist/src/l2_packet/l2_packet_linux.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_ndis.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_none.c: up to 1.1.1.4 external/bsd/wpa/dist/src/l2_packet/l2_packet_pcap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_privsep.c: up to 1.1.1.3 external/bsd/wpa/dist/src/l2_packet/l2_packet_winpcap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/lib.rules: up to 1.1.1.2 external/bsd/wpa/dist/src/p2p/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/p2p/p2p.c: up to 1.2 external/bsd/wpa/dist/src/p2p/p2p.h: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_build.c: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_dev_disc.c: up to 1.1.1.3 external/bsd/wpa/dist/src/p2p/p2p_go_neg.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_group.c: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_invitation.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_parse.c: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_pd.c: up to 1.1.1.5 external/bsd/wpa/dist/src/p2p/p2p_sd.c: up to 1.1.1.4 external/bsd/wpa/dist/src/p2p/p2p_utils.c: up to 1.1.1.4 external/bsd/wpa/dist/src/pae/Makefile: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.c: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_cp.h: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.c: up to 1.1.1.2 external/bsd/wpa/dist/src/pae/ieee802_1x_kay.h: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_kay_i.h: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_key.c: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_key.h: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.c: up to 1.1.1.1 external/bsd/wpa/dist/src/pae/ieee802_1x_secy_ops.h: up to 1.1.1.1 external/bsd/wpa/dist/src/radius/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/radius/radius.c: up to 1.1.1.5 external/bsd/wpa/dist/src/radius/radius.h: up to 1.1.1.4 external/bsd/wpa/dist/src/radius/radius_client.c: up to 1.1.1.5 external/bsd/wpa/dist/src/radius/radius_das.c: up to 1.4 external/bsd/wpa/dist/src/radius/radius_das.h: up to 1.1.1.3 external/bsd/wpa/dist/src/radius/radius_server.c: up to 1.1.1.5 external/bsd/wpa/dist/src/radius/radius_server.h: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/rsn_supp/peerkey.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/peerkey.h: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.c: up to 1.1.1.6 external/bsd/wpa/dist/src/rsn_supp/pmksa_cache.h: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/preauth.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/preauth.h: up to 1.1.1.3 external/bsd/wpa/dist/src/rsn_supp/tdls.c: up to 1.1.1.4 external/bsd/wpa/dist/src/rsn_supp/wpa.c: up to 1.1.1.7 external/bsd/wpa/dist/src/rsn_supp/wpa.h: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.c: up to 1.1.1.5 external/bsd/wpa/dist/src/rsn_supp/wpa_ie.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/asn1.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/asn1.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/libtommath.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/pkcs1.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/pkcs1.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/rsa.c: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/rsa.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_client.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_client_read.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_client_write.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_common.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_common.h: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_record.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/tlsv1_server.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_server.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_server_i.h: up to 1.1.1.3 external/bsd/wpa/dist/src/tls/tlsv1_server_read.c: up to 1.1.1.5 external/bsd/wpa/dist/src/tls/tlsv1_server_write.c: up to 1.1.1.4 external/bsd/wpa/dist/src/tls/x509v3.c: up to 1.1.1.6 external/bsd/wpa/dist/src/utils/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/base64.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/bitfield.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/bitfield.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser-android.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/browser-system.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/browser-wpadebug.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/browser.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/browser.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/build_config.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/common.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/common.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/edit.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit_readline.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/edit_simple.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/eloop.c: up to 1.6 external/bsd/wpa/dist/src/utils/eloop.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/eloop_none.c: delete external/bsd/wpa/dist/src/utils/eloop_win.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/ext_password_test.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/http-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/http_curl.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/ip_addr.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/ip_addr.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/list.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/os.h: up to 1.6 external/bsd/wpa/dist/src/utils/os_internal.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/os_none.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/os_unix.c: up to 1.3 external/bsd/wpa/dist/src/utils/os_win32.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/pcsc_funcs.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/pcsc_funcs.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/platform.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/radiotap.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/radiotap.h: up to 1.4 external/bsd/wpa/dist/src/utils/radiotap_iter.h: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/trace.c: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/trace.h: up to 1.4 external/bsd/wpa/dist/src/utils/utils_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/src/utils/uuid.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/wpa_debug.c: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/wpa_debug.h: up to 1.1.1.5 external/bsd/wpa/dist/src/utils/wpabuf.c: up to 1.1.1.3 external/bsd/wpa/dist/src/utils/wpabuf.h: up to 1.1.1.4 external/bsd/wpa/dist/src/utils/xml-utils.c: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml-utils.h: up to 1.1.1.1 external/bsd/wpa/dist/src/utils/xml_libxml2.c: up to 1.1.1.1 external/bsd/wpa/dist/src/wps/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/http_client.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/http_server.c: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/httpread.c: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/ndef.c: up to 1.1.1.3 external/bsd/wpa/dist/src/wps/wps.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps.h: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_attr_build.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_attr_parse.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_attr_parse.h: up to 1.1.1.2 external/bsd/wpa/dist/src/wps/wps_attr_process.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_common.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_defs.h: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_dev_attr.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_dev_attr.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_enrollee.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_er.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_er.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_er_ssdp.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_i.h: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_module_tests.c: up to 1.1.1.1 external/bsd/wpa/dist/src/wps/wps_registrar.c: up to 1.1.1.7 external/bsd/wpa/dist/src/wps/wps_upnp.c: up to 1.1.1.6 external/bsd/wpa/dist/src/wps/wps_upnp_ap.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_upnp_i.h: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_upnp_ssdp.c: up to 1.1.1.5 external/bsd/wpa/dist/src/wps/wps_upnp_web.c: up to 1.1.1.4 external/bsd/wpa/dist/src/wps/wps_validate.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/Android.mk: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ChangeLog: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/Makefile: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/README: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/README-HS20: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/README-P2P: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/README-WPS: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/android.config: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/ap.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ap.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bgscan.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/bgscan.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/bgscan_learn.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/bgscan_simple.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bss.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/bss.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/config.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/config_file.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/config_ssid.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/config_winreg.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_named_pipe.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_udp.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/ctrl_iface_unix.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/Makefile: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_common.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_dict_helpers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.h: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_wps.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_new_introspect.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers_wps.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/defconfig: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/Makefile: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.8: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.sgml: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.8: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.sgml: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.8: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.sgml: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.8: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.sgml: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.8: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.sgml: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.8: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.sgml: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.8: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.sgml: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/driver_i.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mak: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_proxy_dummy.mk: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/eap_register.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/eapol_test.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/events.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-action.sh: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/p2p-nfc.py: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/examples/wps-ap-cli: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/examples/wps-nfc.py: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/gas_query.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/gas_query.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/hs20_supplicant.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/ibss_rsn.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/interworking.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/interworking.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/main.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/main_none.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_winmain.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/main_winsvc.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/mesh.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh_mpm.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/mesh_rsn.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/notify.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/notify.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/offchannel.c: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/p2p_supplicant.h: up to 1.1.1.4 external/bsd/wpa/dist/wpa_supplicant/preauth_test.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/scan.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/scan.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/sme.c: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/sme.h: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-nl80211.service.arg.in: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant-wired.service.arg.in: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/systemd/wpa_supplicant.service.arg.in: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/tests/test_wpa.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/todo.txt: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wifi_display.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wifi_display.h: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wmm_ac.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wnm_sta.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_cli.c: up to 1.6 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresults.cpp: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.cpp: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/scanresultsitem.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpa_gui.pro: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.cpp: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wpa_gui-qt4/wpagui.h: up to 1.1.1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_priv.c: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.c: up to 1.3 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.conf: up to 1.1.1.5 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_i.h: up to 1.1.1.7 external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant_template.conf: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wpas_glue.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.c: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpas_kay.h: up to 1.1.1.1 external/bsd/wpa/dist/wpa_supplicant/wpas_module_tests.c: up to 1.1.1.2 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.c: up to 1.1.1.6 external/bsd/wpa/dist/wpa_supplicant/wps_supplicant.h: up to 1.1.1.5 Update wpa_supplicant/hostapd to 2.4. @ text @a83 2 # Note: When using MACsec, eapol_version shall be set to 3, which is # defined in IEEE Std 802.1X-2010. a99 2 # Note: macsec_qca driver is one type of Ethernet driver which implements # macsec feature. a112 24 # MPM residency # By default, wpa_supplicant implements the mesh peering manager (MPM) for an # open mesh. However, if the driver can implement the MPM, you may set this to # 0 to use the driver version. When AMPE is enabled, the wpa_supplicant MPM is # always used. # 0: MPM lives in the driver # 1: wpa_supplicant provides an MPM which handles peering (default) #user_mpm=1 # Maximum number of peer links (0-255; default: 99) # Maximum number of mesh peering currently maintained by the STA. #max_peer_links=99 # Timeout in seconds to detect STA inactivity (default: 300 seconds) # # This timeout value is used in mesh STA to clean up inactive stations. #mesh_max_inactivity=300 # cert_in_cb - Whether to include a peer certificate dump in events # This controls whether peer certificates for authentication server and # its certificate chain are included in EAP peer certificate events. This is # enabled by default. #cert_in_cb=1 a130 10 # OpenSSL cipher string # # This is an OpenSSL specific configuration option for configuring the default # ciphers. If not set, "DEFAULT:!EXP:!LOW" is used as the default. # See https://www.openssl.org/docs/apps/ciphers.html for OpenSSL documentation # on cipher suite configuration. This is applicable only if wpa_supplicant is # built to use OpenSSL. #openssl_ciphers=DEFAULT:!EXP:!LOW d244 2 a245 2 # autoscan is like bgscan but on disconnected or inactive state. # For instance, on exponential module parameters would be : d248 2 a249 2 # up to the limit of 300 seconds (3, 9, 27 ... 300) # For periodic module, parameters would be d251 1 a251 1 # So a delay of 30 seconds will be applied between each scan a267 13 # Passphrase length (8..63) for P2P GO # # This parameter controls the length of the random passphrase that is # generated at the GO. Default: 8. #p2p_passphrase_len=8 # Extra delay between concurrent P2P search iterations # # This value adds extra delay in milliseconds between concurrent search # iterations to make p2p_find friendlier to concurrent operations by avoiding # it from taking 100% of radio resources. The default value is 500 ms. #p2p_search_delay=500 a283 53 # Enabled SAE finite cyclic groups in preference order # By default (if this parameter is not set), the mandatory group 19 (ECC group # defined over a 256-bit prime order field) is preferred, but other groups are # also enabled. If this parameter is set, the groups will be tried in the # indicated order. The group values are listed in the IANA registry: # http://www.iana.org/assignments/ipsec-registry/ipsec-registry.xml#ipsec-registry-9 #sae_groups=21 20 19 26 25 # Default value for DTIM period (if not overridden in network block) #dtim_period=2 # Default value for Beacon interval (if not overridden in network block) #beacon_int=100 # Additional vendor specific elements for Beacon and Probe Response frames # This parameter can be used to add additional vendor specific element(s) into # the end of the Beacon and Probe Response frames. The format for these # element(s) is a hexdump of the raw information elements (id+len+payload for # one or more elements). This is used in AP and P2P GO modes. #ap_vendor_elements=dd0411223301 # Ignore scan results older than request # # The driver may have a cache of scan results that makes it return # information that is older than our scan trigger. This parameter can # be used to configure such old information to be ignored instead of # allowing it to update the internal BSS table. #ignore_old_scan_res=0 # scan_cur_freq: Whether to scan only the current frequency # 0: Scan all available frequencies. (Default) # 1: Scan current operating frequency if another VIF on the same radio # is already associated. # MAC address policy default # 0 = use permanent MAC address # 1 = use random MAC address for each ESS connection # 2 = like 1, but maintain OUI (with local admin bit set) # # By default, permanent MAC address is used unless policy is changed by # the per-network mac_addr parameter. Global mac_addr=1 can be used to # change this default behavior. #mac_addr=0 # Lifetime of random MAC address in seconds (default: 60) #rand_addr_lifetime=60 # MAC address policy for pre-association operations (scanning, ANQP) # 0 = use permanent MAC address # 1 = use random MAC address # 2 = like 1, but maintain OUI (with local admin bit set) #preassoc_mac_addr=0 a310 2 # temporary: Whether this credential is temporary and not to be saved # d368 1 a368 1 # domain: Home service provider FQDN(s) d370 1 a370 3 # whether the AP is operated by the Home SP. Multiple domain entries can # be used to configure alternative FQDNs that will be considered home # networks. a396 53 # roaming_partner: Roaming partner information # This optional field can be used to configure preferences between roaming # partners. The field is a string in following format: # ,<0/1 exact match>,,<* or country code> # (non-exact match means any subdomain matches the entry; priority is in # 0..255 range with 0 being the highest priority) # # update_identifier: PPS MO ID # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # # provisioning_sp: FQDN of the SP that provisioned the credential # This optional field can be used to keep track of the SP that provisioned # the credential to find the PPS MO (./Wi-Fi/). # # Minimum backhaul threshold (PPS//Policy/MinBackhauldThreshold/*) # These fields can be used to specify minimum download/upload backhaul # bandwidth that is preferred for the credential. This constraint is # ignored if the AP does not advertise WAN Metrics information or if the # limit would prevent any connection. Values are in kilobits per second. # min_dl_bandwidth_home # min_ul_bandwidth_home # min_dl_bandwidth_roaming # min_ul_bandwidth_roaming # # max_bss_load: Maximum BSS Load Channel Utilization (1..255) # (PPS//Policy/MaximumBSSLoadValue) # This value is used as the maximum channel utilization for network # selection purposes for home networks. If the AP does not advertise # BSS Load or if the limit would prevent any connection, this constraint # will be ignored. # # req_conn_capab: Required connection capability # (PPS//Policy/RequiredProtoPortTuple) # This value is used to configure set of required protocol/port pairs that # a roaming network shall support (include explicitly in Connection # Capability ANQP element). This constraint is ignored if the AP does not # advertise Connection Capability or if this constraint would prevent any # network connection. This policy is not used in home networks. # Format: [: