diff options
Diffstat (limited to 'wpa_supplicant/README-Windows.txt')
-rw-r--r-- | wpa_supplicant/README-Windows.txt | 450 |
1 files changed, 0 insertions, 450 deletions
diff --git a/wpa_supplicant/README-Windows.txt b/wpa_supplicant/README-Windows.txt deleted file mode 100644 index 292223d2d5fea..0000000000000 --- a/wpa_supplicant/README-Windows.txt +++ /dev/null @@ -1,450 +0,0 @@ -wpa_supplicant for Windows -========================== - -Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors -All Rights Reserved. - -This program is dual-licensed under both the GPL version 2 and BSD -license. Either license may be used at your option. - -This product includes software developed by the OpenSSL Project -for use in the OpenSSL Toolkit (http://www.openssl.org/). This -product includes cryptographic software written by Eric Young -(eay@cryptsoft.com). - - -wpa_supplicant has support for being used as a WPA/WPA2/IEEE 802.1X -Supplicant on Windows. The current port requires that WinPcap -(http://winpcap.polito.it/) is installed for accessing packets and the -driver interface. Both release versions 3.0 and 3.1 are supported. - -The current port is still somewhat experimental. It has been tested -mainly on Windows XP (SP2) with limited set of NDIS drivers. In -addition, the current version has been reported to work with Windows -2000. - -All security modes have been verified to work (at least complete -authentication and successfully ping a wired host): -- plaintext -- static WEP / open system authentication -- static WEP / shared key authentication -- IEEE 802.1X with dynamic WEP keys -- WPA-PSK, TKIP, CCMP, TKIP+CCMP -- WPA-EAP, TKIP, CCMP, TKIP+CCMP -- WPA2-PSK, TKIP, CCMP, TKIP+CCMP -- WPA2-EAP, TKIP, CCMP, TKIP+CCMP - - -Binary version --------------- - -Compiled binary version of the wpa_supplicant and additional tools is -available from http://w1.fi/wpa_supplicant/. These binaries can be -used after installing WinPcap. - -wpa_gui uses Qt 4 framework and may need additional dynamic libraries -(DLLs). These libraries are available from -http://w1.fi/wpa_supplicant/qt4/wpa_gui-qt433-windows-dll.zip -You can copy the DLL files from this ZIP package into the same directory -with wpa_gui.exe to allow wpa_gui to be started. - - -Building wpa_supplicant with mingw ----------------------------------- - -The default build setup for wpa_supplicant is to use MinGW and -cross-compiling from Linux to MinGW/Windows. It should also be -possible to build this under Windows using the MinGW tools, but that -is not tested nor supported and is likely to require some changes to -the Makefile unless cygwin is used. - - -Building wpa_supplicant with MSVC ---------------------------------- - -wpa_supplicant can be built with Microsoft Visual C++ compiler. This -has been tested with Microsoft Visual C++ Toolkit 2003 and Visual -Studio 2005 using the included nmake.mak as a Makefile for nmake. IDE -can also be used by creating a project that includes the files and -defines mentioned in nmake.mak. Example VS2005 solution and project -files are included in vs2005 subdirectory. This can be used as a -starting point for building the programs with VS2005 IDE. Visual Studio -2008 Express Edition is also able to use these project files. - -WinPcap development package is needed for the build and this can be -downloaded from http://www.winpcap.org/install/bin/WpdPack_4_0_2.zip. The -default nmake.mak expects this to be unpacked into C:\dev\WpdPack so -that Include and Lib directories are in this directory. The files can be -stored elsewhere as long as the WINPCAPDIR in nmake.mak is updated to -match with the selected directory. In case a project file in the IDE is -used, these Include and Lib directories need to be added to project -properties as additional include/library directories. - -OpenSSL source package can be downloaded from -http://www.openssl.org/source/openssl-0.9.8i.tar.gz and built and -installed following instructions in INSTALL.W32. Note that if EAP-FAST -support will be included in the wpa_supplicant, OpenSSL needs to be -patched to# support it openssl-0.9.8i-tls-extensions.patch. The example -nmake.mak file expects OpenSSL to be installed into C:\dev\openssl, but -this directory can be modified by changing OPENSSLDIR variable in -nmake.mak. - -If you do not need EAP-FAST support, you may also be able to use Win32 -binary installation package of OpenSSL from -http://www.slproweb.com/products/Win32OpenSSL.html instead of building -the library yourself. In this case, you will need to copy Include and -Lib directories in suitable directory, e.g., C:\dev\openssl for the -default nmake.mak. Copy {Win32OpenSSLRoot}\include into -C:\dev\openssl\include and make C:\dev\openssl\lib subdirectory with -files from {Win32OpenSSLRoot}\VC (i.e., libeay*.lib and ssleay*.lib). -This will end up using dynamically linked OpenSSL (i.e., .dll files are -needed) for it. Alternative, you can copy files from -{Win32OpenSSLRoot}\VC\static to create a static build (no OpenSSL .dll -files needed). - - -Building wpa_supplicant for cygwin ----------------------------------- - -wpa_supplicant can be built for cygwin by installing the needed -development packages for cygwin. This includes things like compiler, -make, openssl development package, etc. In addition, developer's pack -for WinPcap (WPdpack.zip) from -http://winpcap.polito.it/install/default.htm is needed. - -.config file should enable only one driver interface, -CONFIG_DRIVER_NDIS. In addition, include directories may need to be -added to match the system. An example configuration is available in -defconfig. The library and include files for WinPcap will either need -to be installed in compiler/linker default directories or their -location will need to be adding to .config when building -wpa_supplicant. - -Othen than this, the build should be more or less identical to Linux -version, i.e., just run make after having created .config file. An -additional tool, win_if_list.exe, can be built by running "make -win_if_list". - - -Building wpa_gui ----------------- - -wpa_gui uses Qt application framework from Trolltech. It can be built -with the open source version of Qt4 and MinGW. Following commands can -be used to build the binary in the Qt 4 Command Prompt: - -# go to the root directory of wpa_supplicant source code -cd wpa_gui-qt4 -qmake -o Makefile wpa_gui.pro -make -# the wpa_gui.exe binary is created into 'release' subdirectory - - -Using wpa_supplicant for Windows --------------------------------- - -wpa_supplicant, wpa_cli, and wpa_gui behave more or less identically to -Linux version, so instructions in README and example wpa_supplicant.conf -should be applicable for most parts. In addition, there is another -version of wpa_supplicant, wpasvc.exe, which can be used as a Windows -service and which reads its configuration from registry instead of -text file. - -When using access points in "hidden SSID" mode, ap_scan=2 mode need to -be used (see wpa_supplicant.conf for more information). - -Windows NDIS/WinPcap uses quite long interface names, so some care -will be needed when starting wpa_supplicant. Alternatively, the -adapter description can be used as the interface name which may be -easier since it is usually in more human-readable -format. win_if_list.exe can be used to find out the proper interface -name. - -Example steps in starting up wpa_supplicant: - -# win_if_list.exe -ifname: \Device\NPF_GenericNdisWanAdapter -description: Generic NdisWan adapter - -ifname: \Device\NPF_{769E012B-FD17-4935-A5E3-8090C38E25D2} -description: Atheros Wireless Network Adapter (Microsoft's Packet Scheduler) - -ifname: \Device\NPF_{732546E7-E26C-48E3-9871-7537B020A211} -description: Intel 8255x-based Integrated Fast Ethernet (Microsoft's Packet Scheduler) - - -Since the example configuration used Atheros WLAN card, the middle one -is the correct interface in this case. The interface name for -i -command line option is the full string following "ifname:" (the -"\Device\NPF_" prefix can be removed). In other words, wpa_supplicant -would be started with the following command: - -# wpa_supplicant.exe -i'{769E012B-FD17-4935-A5E3-8090C38E25D2}' -c wpa_supplicant.conf -d - --d optional enables some more debugging (use -dd for even more, if -needed). It can be left out if debugging information is not needed. - -With the alternative mechanism for selecting the interface, this -command has identical results in this case: - -# wpa_supplicant.exe -iAtheros -c wpa_supplicant.conf -d - - -Simple configuration example for WPA-PSK: - -#ap_scan=2 -ctrl_interface= -network={ - ssid="test" - key_mgmt=WPA-PSK - proto=WPA - pairwise=TKIP - psk="secret passphrase" -} - -(remove '#' from the comment out ap_scan line to enable mode in which -wpa_supplicant tries to associate with the SSID without doing -scanning; this allows APs with hidden SSIDs to be used) - - -wpa_cli.exe and wpa_gui.exe can be used to interact with the -wpa_supplicant.exe program in the same way as with Linux. Note that -ctrl_interface is using UNIX domain sockets when built for cygwin, but -the native build for Windows uses named pipes and the contents of the -ctrl_interface configuration item is used to control access to the -interface. Anyway, this variable has to be included in the configuration -to enable the control interface. - - -Example SDDL string formats: - -(local admins group has permission, but nobody else): - -ctrl_interface=SDDL=D:(A;;GA;;;BA) - -("A" == "access allowed", "GA" == GENERIC_ALL == all permissions, and -"BA" == "builtin administrators" == the local admins. The empty fields -are for flags and object GUIDs, none of which should be required in this -case.) - -(local admins and the local "power users" group have permissions, -but nobody else): - -ctrl_interface=SDDL=D:(A;;GA;;;BA)(A;;GA;;;PU) - -(One ACCESS_ALLOWED ACE for GENERIC_ALL for builtin administrators, and -one ACCESS_ALLOWED ACE for GENERIC_ALL for power users.) - -(close to wide open, but you have to be a valid user on -the machine): - -ctrl_interface=SDDL=D:(A;;GA;;;AU) - -(One ACCESS_ALLOWED ACE for GENERIC_ALL for the "authenticated users" -group.) - -This one would allow absolutely everyone (including anonymous -users) -- this is *not* recommended, since named pipes can be attached -to from anywhere on the network (i.e. there's no "this machine only" -like there is with 127.0.0.1 sockets): - -ctrl_interface=SDDL=D:(A;;GA;;;BU)(A;;GA;;;AN) - -(BU == "builtin users", "AN" == "anonymous") - -See also [1] for the format of ACEs, and [2] for the possible strings -that can be used for principal names. - -[1] -http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/ace_strings.asp -[2] -http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/sid_strings.asp - - -Starting wpa_supplicant as a Windows service (wpasvc.exe) ---------------------------------------------------------- - -wpa_supplicant can be started as a Windows service by using wpasvc.exe -program that is alternative build of wpa_supplicant.exe. Most of the -core functionality of wpasvc.exe is identical to wpa_supplicant.exe, -but it is using Windows registry for configuration information instead -of a text file and command line parameters. In addition, it can be -registered as a service that can be started automatically or manually -like any other Windows service. - -The root of wpa_supplicant configuration in registry is -HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant. This level includes global -parameters and a 'interfaces' subkey with all the interface configuration -(adapter to confname mapping). Each such mapping is a subkey that has -'adapter', 'config', and 'ctrl_interface' values. - -This program can be run either as a normal command line application, -e.g., for debugging, with 'wpasvc.exe app' or as a Windows service. -Service need to be registered with 'wpasvc.exe reg <full path to -wpasvc.exe>'. Alternatively, 'wpasvc.exe reg' can be used to register -the service with the current location of wpasvc.exe. After this, wpasvc -can be started like any other Windows service (e.g., 'net start wpasvc') -or it can be configured to start automatically through the Services tool -in administrative tasks. The service can be unregistered with -'wpasvc.exe unreg'. - -If the service is set to start during system bootup to make the -network connection available before any user has logged in, there may -be a long (half a minute or so) delay in starting up wpa_supplicant -due to WinPcap needing a driver called "Network Monitor Driver" which -is started by default on demand. - -To speed up wpa_supplicant start during system bootup, "Network -Monitor Driver" can be configured to be started sooner by setting its -startup type to System instead of the default Demand. To do this, open -up Device Manager, select Show Hidden Devices, expand the "Non -Plug-and-Play devices" branch, double click "Network Monitor Driver", -go to the Driver tab, and change the Demand setting to System instead. - -Configuration data is in HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs -key. Each configuration profile has its own key under this. In terms of text -files, each profile would map to a separate text file with possibly multiple -networks. Under each profile, there is a networks key that lists all -networks as a subkey. Each network has set of values in the same way as -network block in the configuration file. In addition, blobs subkey has -possible blobs as values. - -HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test\networks\0000 - ssid="example" - key_mgmt=WPA-PSK - -See win_example.reg for an example on how to setup wpasvc.exe -parameters in registry. It can also be imported to registry as a -starting point for the configuration. - - - -License information for third party software used in this product: - - OpenSSL License - --------------- - -/* ==================================================================== - * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - Original SSLeay License - ----------------------- - -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - - - - Qt Open Source Edition - ---------------------- - -The Qt GUI Toolkit is Copyright (C) 1994-2007 Trolltech ASA. -Qt Open Source Edition is licensed under GPL version 2. - -Source code for the library is available at -http://w1.fi/wpa_supplicant/qt4/qt-win-opensource-src-4.3.3.zip |