wpa_supplicant软件架构分析。wpa_supplicant 使用。

lovebet体育官网 1

(1)通过adb命令行,可以一直打开supplicant,从而运行wpa_cli,可以化解客户无显示屏而一筹莫展操作WIFI的问题,还足以避免UI的题材牵动至driver。进一步来说,可以就此当不少从来不键盘输入和LCD输出的安卓终端产品的操作及。

 

     
  wpa_supplicant包含两独关键的而是尽工具:wpa_supplicant和wpa_cli。wpa_supplicant是中心程序,
它和wpa_cli的关联就是劳务和客户端的关系:后台运行wpa_supplicant,使用wpa_cli来寻觅、设置、和连续网络。

wpa_supplicant软件架构分析

(2)在wpa_cli交互模式下可以推行很多令,列表如下:

1. 起步命令

wpa supplicant
在开行时,启动命令可以分包很多参数,目前咱们的启航命令如下:

wpa_supplicant /system/bin/wpa_supplicant -Dwext -ieth0
-c/data/wifi/wpa_supplicant.conf -f/data/wifi/wpa_log.txt

 

wpa_supplicant对于启动命令带的参数,用了个别独数据结构来保存,

一个是 wpa_params, 另一个凡是wpa_interface.

及时主要是考虑到wpa_supplicant是足以又支持多个网络接口的。

wpa_params数据结构主要记录与网络接口无关的有参数设置。

倘每一个网络接口就因故一个wpa_interface数据结构来记录。

每当启动命令行中,可以为此-N来指定将描述一个初的网络接口,对于一个新的网络接口,可以用脚六只参数描述:

-i<ifname> : 网络接口名称

-c<conf>: 配置文件名称

-C<ctrl_intf>: 控制接口名称

-D<driver>: 驱动型

-p<driver_param>: 驱动参数

-b<br_ifname>: 桥接口名称

 

 

2. wpa_supplicant 初始化流程

Full command

Short command

Description

status

stat

displays the current connection status

disconnect

disc

prevents wpa_supplicant from connecting to any access point

quit

q

exits wpa_cli

terminate

term

kills wpa_supplicant

reconfigure

recon

reloads wpa_supplicant with the configuration file supplied (-c parameter)

scan

scan

scans for available access points (only scans it, doesn’t display anything)

scan_result

scan_r

displays the results of the last scan

list_networks

list_n

displays a list of configured networks and their status (active or not, enabled or disabled)

select_network

select_n

select a network among those defined to initiate a connection (ie select_network 0)

enable_network

enable_n

makes a configured network available for selection (ie enable_network 0)

disable_network

disable_n

makes a configured network unavailable for selection (ie disable_network 0)

remove_network

remove_n

removes a network and its configuration from the list (ie remove_network 0)

add_network

add_n

adds a new network to the list. Its id will be created automatically

set_network

set_n

shows a very short list of available options to configure a network when supplied with no parameters.

See next section for a list of extremely useful parameters to be used with set_network and get_network.

get_network

get_n

displays the required parameter for the specified network. See next section for a list of parameters

save_config

save_c

saves the configuration

2.1. main()函数:

每当是函数中,主要做了季起事。

a. 解析命令行传进之参数。

b. 调用wpa_supplicant_init()函数,做wpa_supplicant的初始化工作。

c. 调用wpa_supplicant_add_iface()函数,增加网络接口。

d. 调用wpa_supplicant_run()函数,让wpa_supplicant真正的run起来。

 

(3)平台操作实例(仅限于MTK平台 且具ROOT权限)

2.2. wpa_supplicant_init()函数:

a. 打开debug 文件。

b. 注册EAP peer方法。

c. 申请wpa_global内存,该数据结构作为率其他数据结构的一个核心,
主要概括四独片:

wpa_supplicant *ifaces  
/*每个网络接口都有一个遥相呼应的wpa_supplicant数据结构,该指针指向最近入的一个,在wpa_supplicant数据结构中发生指针指向next*/

wpa_params params   /*启航命令行中带的通用的参数*/

ctrl_iface_global_priv *ctrl_iface  /*global 的决定接口*/

ctrl_iface_dbus_priv *dbus_ctrl_iface  /*dbus 的主宰接口*/

d. 设置wpa_global中的wpa_params中之参数。

e. 调用eloop_init函数将全局变量eloop中的user_data指针指于wpa_global。

f. 调用wpa_supplicant_global_ctrl_iface_init函数初始化global
控制接口。

g. 调用wpa_supplicant_dbus_ctrl_iface_init函数初始化dbus 控制接口。

h. 将该daemon的pid写入pid_file中。

 

        A,首先保证ADB连入,且能运行adb
remount,这样避免系统文件只念。然后设置wpa_cli和wpa_supplicant有较强权限。

2.3. wpa_supplicant_add_iface()函数:

该函数根据启动命令行中带有的参数增加网络接口, 有几独就是增几独。

a.
因为wpa_supplicant是和网络接口对应的关键的数据结构,所以,首先分配一个wpa_supplicant数据结构的内存。

b. 调用wpa_supplicant_init_iface()
函数来做网络接口的起工作,主要包括:

设置驱动型,默认是wext;

读取配置文件,并以内部的信息设置及wpa_supplicant数据结构中之conf
指针指向的数据结构,它是一个wpa_config类型;

指令执行设置的主宰接口ctrl_interface和让参数driver_param覆盖配置文件里设置,命令执行被的先;

拷贝网络接口名称以及桥接口名称到wpa_config数据结构;

对此网络布局块来零星单链表描述她,一个凡
config->ssid,它以安排文件被的顺序依次挂载在是链表上,还有一个凡pssid,它是一个二级指针,指向一个指南针数组,该指针数组按照先级从高到底的各个依次保存wpa_ssid指针,相同优先级的在相同链表中挂载。

c. 调用wpa_supplicant_init_iface2() 函数,主要概括:

调用wpa_supplicant_init_eapol()函数来初始化eapol;

调用相应项目的driver的init()函数;

设置driver的param参数;

调用wpa_drv_get_ifname()函数获得网络接口的称,对于wext类型的driver,没有是接口函数;

调用wpa_supplicant_init_wpa()函数来初始化wpa,并召开相应的初始化工作;

调用wpa_supplicant_driver_init()函数,来初始化driver接口参数;在拖欠函数的最后,会

wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;

wpa_supplicant_req_scan(wpa_s, interface_count, 100000);

来主动发起scan,

调用wpa_supplicant_ctrl_iface_init()函数,来初始化控制接口;对于UNIX
SOCKET这种方法,其当地socket文件是由安排文件里之ctrl_interface参数指定的途径加上网络接口名称;

 

        B,运行echo 1 >
/dev/wmtWifi,启动WIFI驱动。但是这要能免会见展现于安卓界面上层,默认是使在开行安卓时开启WIFI模块的,也便设置中的WIFI要默认ON。

2.4. wpa_supplicant_run()函数:

初始化完成以后,让wpa_supplicant的main event loop run起来。

在wpa_supplicant中,有广大跟外界通信的socket,它们还是待注册及eloop
event模块中之,具体地说,就是在eloop_sock_table中增加一宗记录,其中囊括了sock_fd,
handle, eloop_data, user_data。

eloop
event模块就是以这些socket组织起,统一保管,然后于eloop_run中利用select机制来治本socket的通信。

 

        C,进入/system/bin目录,首先运行服务端wpa_supplicant。

3. Wpa_supplicant提供的接口

自从通信层次上划分,wpa_supplicant提供发展的操纵接口 control
interface,用于与另模块(如UI)进行通信,其他模块可经过control
interface
来获取信息或下命令。Wpa_supplicant通过socket通信机制落实下行接口,与本进行通信,获取信息或下命令。

 

./wpa_supplicant -iwlan0 -Dnl80211
-c/system/etc/wifi/wpa_supplicant.conf

3.1 上行接口

Wpa_supplicant提供简单种植艺术的上行接口。一种基于传统dbus机制实现同其它进程中的IPC通信;另一样种植通过Unix
domain socket机制落实进程之中的IPC通信。

好端端启动后底回显如下:

3.1.1 Dbus接口

拖欠接口主要在文件“ctrl_iface_dbus.h”,“ctrl_iface_dbus.c”,“ctrl_iface_dbus_handler.h”和“ctrl_iface_dbus_handler.c”中贯彻,提供一些为主的决定方式。

 

DBusMessage * wpas_dbus_new_invalid_iface_error(DBusMessage
*message);

 

DBusMessage * wpas_dbus_global_add_interface(DBusMessage *message,

                                        struct wpa_global *global);

 

DBusMessage * wpas_dbus_global_remove_interface(DBusMessage
*message,

                                          struct wpa_global *global);

 

DBusMessage * wpas_dbus_global_get_interface(DBusMessage *message,

                                        struct wpa_global *global);

 

DBusMessage * wpas_dbus_global_set_debugparams(DBusMessage
*message,

                                          struct wpa_global *global);

 

DBusMessage * wpas_dbus_iface_scan(DBusMessage *message,

                               struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_scan_results(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_bssid_properties(DBusMessage *message,

                                    struct wpa_supplicant *wpa_s,

                                    struct wpa_scan_res *res);

 

DBusMessage * wpas_dbus_iface_capabilities(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_add_network(DBusMessage *message,

                                     struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_remove_network(DBusMessage *message,

                                        struct wpa_supplicant
*wpa_s);

 

DBusMessage * wpas_dbus_iface_set_network(DBusMessage *message,

                                     struct wpa_supplicant *wpa_s,

                                     struct wpa_ssid *ssid);

 

DBusMessage * wpas_dbus_iface_enable_network(DBusMessage *message,

                                        struct wpa_supplicant *wpa_s,

                                        struct wpa_ssid *ssid);

 

DBusMessage * wpas_dbus_iface_disable_network(DBusMessage
*message,

                                         struct wpa_supplicant
*wpa_s,

                                         struct wpa_ssid *ssid);

 

DBusMessage * wpas_dbus_iface_select_network(DBusMessage *message,

                                             struct wpa_supplicant
*wpa_s);

 

DBusMessage * wpas_dbus_iface_disconnect(DBusMessage *message,

                                    struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_set_ap_scan(DBusMessage *message,

                                          struct wpa_supplicant
*wpa_s);

 

DBusMessage * wpas_dbus_iface_set_smartcard_modules(

       DBusMessage *message, struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_get_state(DBusMessage *message,

                                   struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_get_scanning(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_set_blobs(DBusMessage *message,

                                    struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_remove_blobs(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

lovebet体育官网 2

3.1.2 Unix domain socket 接口

欠接口主要在文件“wpa_ctrl.h”,“wpa_ctrl.c”,“ctrl_iface_unix.c”,“ctrl_iface.h”和“ctrl_iface.c”实现。

 

(1)“wpa_ctrl.h”,“wpa_ctrl.c”完成对control
interface的包装,对外提供联合之接口。其主要的行事是经Unix domain
socket建立一个control interface
的client结点,与当server的wpa_supplicant结点通信。

 

要意义函数:

struct wpa_ctrl * wpa_ctrl_open(const char *ctrl_path);

/* 建立并初始化一个Unix domain
socket的client结点,并同当server的wpa_supplicant结点绑定 */

void wpa_ctrl_close(struct wpa_ctrl *ctrl);

/* 撤销并销毁已起之Unix domain socket的client结点 */

 

int wpa_ctrl_request(struct wpa_ctrl *ctrl, const char *cmd,
size_t cmd_len,

                   char *reply, size_t *reply_len,

                   void (*msg_cb)(char *msg, size_t len));

 

/* 用户模块直接调用该函数对wpa_supplicant发送命令并取所要信息

 * 可以发送的下令如附件1所示 */

Note:

       Wpa_supplicant
提供零星栽由外部模块获取信息的点子:一种植是表面模块通过发送request
命令然后抱response的问答模式,另一样栽是wpa_supplicant主动往外部发送event事件,由外部模块监听接收。

 

      
一般的常用做法是标模块通过调用wpa_ctrl_open()两差,建立两只control
interface接口,一个为ctrl
interface,用于发送命令,获取信息,另一个也monitor
interface,用于监听接收来自于wpa_supplicant的event时间。此举可以降通信的耦合性,避免response和event的互相干扰。

 

int wpa_ctrl_attach(struct wpa_ctrl *ctrl);

/* 注册 某个 control interface 作为 monitor interface */

 

int wpa_ctrl_detach(struct wpa_ctrl *ctrl);

/* 撤销某个 monitor interface 为 普通的 control interface  */

 

int wpa_ctrl_pending(struct wpa_ctrl *ctrl);

/* 判断是否发生悬挂于的event 事件 */

 

int wpa_ctrl_recv(struct wpa_ctrl *ctrl, char *reply, size_t
*reply_len);

/* 获取挂于底event 事件 */

 

(2)“ctrl_iface_unix.c”实现wpa_supplicant的Unix domain
socket通信机制中server结点,完成对client结点的响应。

       其中最为要紧的有数个函数为:

static void wpa_supplicant_ctrl_iface_receive(int sock, void
*eloop_ctx,

                                         void *sock_ctx)

/*
接收并解析client发送request命令,然后根据不同的吩咐调用底层不同之处理函数;

 * 然后以取response结果回馈到 client 结点。

 */

 

static void wpa_supplicant_ctrl_iface_send(struct
ctrl_iface_priv *priv,

                                      int level, const char *buf,

                                      size_t len)

/* 向注册之monitor interfaces 主动发送event事件 */

 

(3)“ctrl_iface.h”和“ctrl_iface.c”主要实现了各种request命令的底层处理函数。

 

不得收入态表明该服务端已经当运行了(也说不定是可输入状态,只要后面的wpa_cali可连续就执行)。-i
-D -c的参数意义可直接在Help中查询,具体多少参数可能以平台不同而发出入。

3.2 下行接口

Wpa_supplicant提供的下水接口主要用以和kernel(driver)进行通信,下发命令和获取信息。

Wpa_supplicant下行接口主要不外乎三栽重要的接口:

1.    PF_INET socket接口,主要用来为kernel
发送ioctl命令,控制并拿走相应信息。

2.    PF_NETLINK socket接口,主要用来收纳kernel发送上来之event
事件。

3.    PF_PACKET socket接口,主要用于向driver传递802.1X报文。

 

一言九鼎涉嫌到的文件包括:“driver.h”,“drivers.c”,“driver_wext.h”,“driver_wext.c”,“l2_packet.h”和“l2_packet_linux.c”。其中“driver.h”,“drivers.c”,“driver_wext.h”和“driver_wext.c”实现PF_INET
socket接口和PF_NETLINK
socket接口;“l2_packet.h”和“l2_packet_linux.c”实现PF_PACKET
socket接口。

 

(1)“driver.h”,“drivers.c”主要用以封装底层差异对外示一个同一的wpa_driver_ops接口。Wpa_supplicant可支撑atmel,
Broadcom, ipw, madwifi, ndis, nl80211, wext等又令。

中间一个极其要害的数据结构为wpa_driver_ops,
其定义了driver相关的各种操作接口。

 

(2)“driver_wext.h”,“driver_wext.c”实现了wext形式的wpa_driver_ops,连创了PF_INET
socket接口和PF_NETLINK
socket接口,然后经就片单接口就和kernel的信息交互。

 

Wext提供的一个生死攸关数据结构也:

struct wpa_driver_wext_data {

       void *ctx;

       int event_sock;

       int ioctl_sock;

       int mlme_sock;

       char ifname[IFNAMSIZ + 1];

       int ifindex;

       int ifindex2;

       int if_removed;

       u8 *assoc_req_ies;

       size_t assoc_req_ies_len;

       u8 *assoc_resp_ies;

       size_t assoc_resp_ies_len;

       struct wpa_driver_capa capa;

       int has_capability;

       int we_version_compiled;

 

       /* for set_auth_alg fallback */

       int use_crypt;

       int auth_alg_fallback;

 

       int operstate;

 

       char mlmedev[IFNAMSIZ + 1];

 

       int scan_complete_events;

};

其中event_sock 为PF_NETLINK socket接口,ioctl_sock为PF_INET
socket借口。

 

Driver_wext.c实现了大量底处理函数用于落实wpa_driver_ops操作参数,其中于重大的有:

void * wpa_driver_wext_init(void *ctx, const char *ifname);

/* 初始化wpa_driver_wext_data 数据结构,并创造PF_NETLINK
socket和 PF_INET socket 接口 */

 

void wpa_driver_wext_deinit(void *priv);

/* 销毁wpa_driver_wext_data 数据结构,PF_NETLINK socket和
PF_INET socket 接口 */

 

static void wpa_driver_wext_event_receive(int sock, void
*eloop_ctx,

                                     void *sock_ctx);

/* 处理kernel主动发送的event事件的 callback 函数 */

 

末,将促成之操作函数映射到一个大局的wpa_driver_ops类型数据结构
wpa_driver_wext_ops中。

 

const struct wpa_driver_ops wpa_driver_wext_ops = {

       .name = “wext”,

       .desc = “Linux wireless extensions (generic)”,

       .get_bssid = wpa_driver_wext_get_bssid,

       .get_ssid = wpa_driver_wext_get_ssid,

       .set_wpa = wpa_driver_wext_set_wpa,

       .set_key = wpa_driver_wext_set_key,

       .set_countermeasures = wpa_driver_wext_set_countermeasures,

       .set_drop_unencrypted =
wpa_driver_wext_set_drop_unencrypted,

       .scan = wpa_driver_wext_scan,

       .get_scan_results2 = wpa_driver_wext_get_scan_results,

       .deauthenticate = wpa_driver_wext_deauthenticate,

       .disassociate = wpa_driver_wext_disassociate,

       .set_mode = wpa_driver_wext_set_mode,

       .associate = wpa_driver_wext_associate,

       .set_auth_alg = wpa_driver_wext_set_auth_alg,

       .init = wpa_driver_wext_init,

       .deinit = wpa_driver_wext_deinit,

       .add_pmkid = wpa_driver_wext_add_pmkid,

       .remove_pmkid = wpa_driver_wext_remove_pmkid,

       .flush_pmkid = wpa_driver_wext_flush_pmkid,

       .get_capa = wpa_driver_wext_get_capa,

       .set_operstate = wpa_driver_wext_set_operstate,

};

 

(3)“l2_packet.h”和“l2_packet_linux.c”主要用来落实PF_PACKET
socket接口,通过该接口,wpa_supplicant可以直接以802.1X
packet发送至L2层,而未经过TCP/IP协议栈。

 

里面最主要的职能函数为:

struct l2_packet_data * l2_packet_init(

       const char *ifname, const u8 *own_addr, unsigned short
protocol,

       void (*rx_callback)(void *ctx, const u8 *src_addr,

                         const u8 *buf, size_t len),

       void *rx_callback_ctx, int l2_hdr);

/* 创建并初始化PF_PACKET socket接口,其中rx_callback
为自L2接收到的packet 处理callback函数 */

 

void l2_packet_deinit(struct l2_packet_data *l2);

/* 销毁 PF_PACKET socket接口 */

 

int l2_packet_send(struct l2_packet_data *l2, const u8 *dst_addr,
u16 proto,

                 const u8 *buf, size_t len);

/* L2交汇packet发送函数,wpa_supplicant用此发送L2叠 802.1X packet  */

 

static void l2_packet_receive(int sock, void *eloop_ctx, void
*sock_ctx);

/*  L2层packet接收函数,接收来自L2层数据后,将那个发送到上层  */

        D,另被一个ADB SHELL,作客户端运行wpa_cali。如下:

4. Control interface commands

       PING

       MIB

       STATUS

       STATUS-VERBOSE

       PMKSA

       SET <variable> <valus>

       LOGON

       LOGOFF

       REASSOCIATE

       RECONNECT

       PREAUTH <BSSID>

       ATTACH

       DETACH

       LEVEL <debug level>

       RECONFIGURE

       TERMINATE

       BSSID <network id> <BSSID>

       LIST_NETWORKS

       DISCONNECT

       SCAN

       SCAN_RESULTS

       BSS

       SELECT_NETWORK <network id>

       ENABLE_NETWORK <network id>

       DISABLE_NETWORK <network id>

       ADD_NETWORK

       REMOVE_NETWORK <network id>

       SET_NETWORK <network id> <variable> <value>

       GET_NETWORK <network id> <variable>

       SAVE_CONFIG


cd /system/bin

Linux无线网络设置(wpa_supplicant的使用)

长机环境:Gentoo Linux 3.1.10
 WPA
Supplicant工具确保得叫你连接受那些以WPA的AP。因为还仅是beta版,所以其的配置方式按会常变化——尽管如此,在多数情况下她曾经能好好之做事。
 安装上wap_supplicant后可透过修改/etc/wpa_supplicant/wpa_supplicant.conf来进行配备无线连接抱点网络
 下面是一个部署文件的实例。
 
 # 请不要涂改下面就同一实施内容,否则将非能够健康工作
 ctrl_interface=/var/run/wpa_supplicant
 
 # 确保只有root用户会诵取WPA的布置
 ctrl_interface_group=0
 
 # 使用wpa_supplicant来围观和抉择AP
 ap_scan=1
 
 #
简单的情:WPA-PSk密码验证办法,PSK是ASCII密码短语,所有法定的加密方法还同意连接
 network={
 ssid=”simple”
 psk=”very secret passphrase”
 # 优先级更强,就会进一步早匹配到。
 priority=5
 }
 
 #
与前的设置同一,但要求针对特定的SSID进行扫描(针对那些拒绝广播SSID的AP)
 network={
 ssid=”second ssid”
 scan_ssid=1
 psk=”very secret passphrase”
 priority=2
 }
 
 # 仅使用WPA-PSK方式。允许用另外合法的加密方法的组成
 network={
 ssid=”example”
 proto=WPA
 key_mgmt=WPA-PSK
 pairwise=CCMP TKIP
 group=CCMP TKIP WEP104 WEP40
 psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
 priority=2
 }
 
 # 明文连接方式(不行使WPA和IEEE802.1X)
 network={
 ssid=”plaintext-test”
 key_mgmt=NONE
 }
 
 # 共享WEP秘钥连接方式(不使WPA和IEEE802.1X)
 network={
 ssid=”static-wep-test”
 key_mgmt=NONE
 wep_key0=”abcde”
 wep_key1=0102030405
 wep_key2=”1234567890123″
 wep_tx_keyidx=0
 priority=5
 }
 
 #
共享WEP秘钥连接方式(无WPA和IEEE802.1X),使用共享秘钥IEEE802.11验证办法
 network={
 ssid=”static-wep-test2″
 key_mgmt=NONE
 wep_key0=”abcde”
 wep_key1=0102030405
 wep_key2=”1234567890123″
 wep_tx_keyidx=0
 priority=5
 auth_alg=SHARED
 }
 
 # 在IBSS/ad-hoc网络被使用WPA-None/TKIP
 network={
 ssid=”test adhoc”
 mode=1
 proto=WPA
 key_mgmt=WPA-NONE
 pairwise=NONE
 group=TKIP
 psk=”secret passphrase”
 }
 
 —
 下面是自个儿之布文件
 
 ctrl_interface=/var/run/wpa_supplicant
 ap_scan=1
 
 #Home Network
 network={
     psk=”yming0221″
     priority=1
     ssid=79616E277320776972656C657373
     mode=0
     bssid=E0:05:C5:17:F8:2C
     key_mgmt=WPA-PSK
 }
 #
 network={
     ssid=”351471azjlb”
     psk=”CCTV1-CCTV2-KTV-1987″
     priority=2
 }
 
 然后还启wlan0连接

 /etc/init.d/net.wlan0 restart

======================================================================================

常用命令:

wpa_supplicant -Dwext -iwlan0 -c配置文件.conf
-C/var/run/wpa_supplicant -B

-B: 后台运行

-c: 配置文件

-C:unix socket 名称

-i:监听的接口

-D:使用的驱动名, 一般也wext或者 nl80211

wpa_passphrase
              创建 wpa_supplicant.conf 的工具

        wpa_passphrase [ ssid ] [ passphrase ]  > conf 文件

wpa_cli

    wpa_cli  [  -p path to ctrl sockets ] [ -i ifname ] [ -hvB ]
[ -a action file ] [ -P pid file ] [command … ]

    wpa_cli -i wlan0     |

                                | list_network

                                | remove_netwok

                                | add_network

                                | set_network %d    | ssid “名称”

                                                              |
key_mgmt 类型(NONE, )

                                                              |
wep_key0 密码

                                                              | psk 密码

                                                              |
wep_tx_keyidx 0

                                | select_network %d

                                | enable_network %d

                                | save_config

                                | scan

                                | scan_results

                                | terminate

wpa_cli -p /data/misc/wpa_supplicant

wpa_cli用法

1: run wpa_supplicant first

use the following command:

       wpa_supplicant -Dwext -iwlan0 -C/data/system/wpa_supplicant
-c/data/misc/wifi/wpa_supplicant.conf

      (use “ps”to make sure wpa_supplicant is running )

 

2: Run the command line tool wpa_cli to connect wifi

       wpa_cli -p/data/system/wpa_supplicant -iwlan0

       Then , it will let you set network interactively

 

       some common command:

       >scan = to scan the neighboring AP

       >scan_results = show the scan results

       >status = check out the current connection information

       >terminate = terminate wpa_supplicant

       >quit = exit wpa_cli

       >add_network = it will return a network id to you

       >set_network <network id> <variable>
<value> = set network variables (shows

list of variables when run without arguments), success will return OK,
or will return Fail

       >select_network <network id> = select a network
(disable others)

       >disable_network <network id> = disable a network

       >enable_network <network id> = enable a network

 

3: example

 

       for AP that doesn`t have encryption

              >add_network      (It will display a network id for
you, assume it returns 0)

              >set_network 0 ssid “666”

              >set_network 0 key_mgmt NONE

              >enable_network 0

              >quit

       if normal, we have connectted to the AP “666”, now you need a IP
to access internet, for example:

              dhcpcd wlan0

              if everything is ok, it will get an IP & can access
internet

 

       for AP that has WEP

              >add_network      (assume returns 1)

              >set_network 1 ssid “666”

              >set_network 1 key_mgmt NONE

              >set_network 1 wep_key0 “your ap passwork”(if usting
ASCII, it need double quotation marks, if using hex, then don`t need
the double quotation marks)

              >set_network 1 wep_tx_keyidx 0

              >select_network 1  (optional, remember, if you are
connecting with another AP, you should select it to disable the another)

              >enable_network 1

              and then ,get an IP to access internet

 

       for AP that has WPA-PSK/WPA2-PSK

              >add_network      (assume returns 2)

              >set_network 2 ssid “666”

              >set_network 2 psk “your pre-shared key”

              >select_network 2  (optional, remember, if you are
connecting with another AP, you should select it to disable the another)

              >enable_network 2

              there is still some others options to be set, but
wpa_supplicant will choose the default for you, the default will
include all we need to set

              and then ,get an IP to access internet

 

       for Hidden AP(补充)

        原则及应有要在地方的基础上来set_network netid scan_ssid
1即可,测试了无加密的Hidden AP,WEP/WPA/WPA2当道理同样

=====================  wpa_supplicant.conf 官方描述(其中包含了
set_network 子命令中所带来的参数与取值范围)
========================================

**##### Example wpa_supplicant configuration file
###############################
#
# This file describes configuration file format and lists all available
option.
# Please also take a look at simpler configuration examples in
‘examples’
# subdirectory.
#
# Empty lines and lines starting with # are ignored

# NOTE! This file may contain password information and should probably
be made
# readable only by root user on multiuser systems.

# Note: All file paths in this configuration file should use full
(absolute,
# not relative to working directory) path in order to allow working
directory
# to be changed. This can happen if wpa_supplicant is run in the
background.

# Whether to allow wpa_supplicant to update (overwrite)
configuration
#
# This option can be used to allow wpa_supplicant to overwrite
configuration
# file whenever configuration is changed (e.g., new network block is
added with
# wpa_cli or wpa_gui, or a password is changed). This is required
for
# wpa_cli/wpa_gui to be able to store the configuration changes
permanently.
# Please note that overwriting configuration file will remove the
comments from
# it.
#update_config=1

# global configuration (shared by all network blocks)
#
# Parameters for the control interface. If this is specified,
wpa_supplicant
# will open a control interface that is available for external programs
to
# manage wpa_supplicant. The meaning of this string depends on which
control
# interface mechanism is used. For all cases, the existance of this
parameter
# in configuration is used to determine whether the control interface
is
# enabled.
#
# For UNIX domain sockets (default on Linux and BSD): This is a
directory that
# will be created for UNIX domain sockets for listening to requests
from
# external programs (CLI/GUI, etc.) for status information and
configuration.
# The socket file will be named based on the interface name, so
multiple
# wpa_supplicant processes can be run at the same time if more than
one
# interface is used.
# /var/run/wpa_supplicant is the recommended directory for sockets and
by
# default, wpa_cli will use it when trying to connect with
wpa_supplicant.
#
# Access control for the control interface can be configured by setting
the
# directory to allow only members of a group to use sockets. This way,
it is
# possible to run wpa_supplicant as root (since it needs to change
network
# configuration and open raw sockets) and still allow GUI/CLI
components to be
# run as non-root users. However, since the control interface can be
used to
# change the network configuration, this access needs to be protected
in many
# cases. By default, wpa_supplicant is configured to use gid 0 (root).
If you
# want to allow non-root users to use the control interface, add a new
group
# and change this value to match with that group. Add users that should
have
# control interface access to this group. If this variable is commented
out or
# not included in the configuration file, group will not be changed
from the
# value it got by default when the directory or socket was created.
#
# When configuring both the directory and group, use following
format:
# DIR=/var/run/wpa_supplicant GROUP=wheel
# DIR=/var/run/wpa_supplicant GROUP=0
# (group can be either group name or gid)
#
# For UDP connections (default on Windows): The value will be ignored.
This
# variable is just used to select that the control interface is to be
created.
# The value can be set to, e.g., udp (ctrl_interface=udp)
#
# For Windows Named Pipe: This value can be used to set the security
descriptor
# for controlling access to the control interface. Security descriptor
can be
# set using Security Descriptor String Format (see
http://msdn.microsoft.com/
# library/default.asp?url=/library/en-us/secauthz/security/
# security_descriptor_string_format.asp). The descriptor string
needs to be
# prefixed with SDDL=. For example, ctrl_interface=SDDL=D: would set
an empty
# DACL (which will reject all connections). See README-Windows.txt for
more
# information about SDDL string format.
#
ctrl_interface=/var/run/wpa_supplicant

# IEEE 802.1X/EAPOL version
# wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which
defines
# EAPOL version 2. However, there are many APs that do not handle the
new
# version number correctly (they seem to drop the frames completely).
In order
# to make wpa_supplicant interoperate with these APs, the version
number is set
# to 1 by default. This configuration value can be used to set it to
the new
# version (2).
eapol_version=1

# AP scanning/selection
# By default, wpa_supplicant requests driver to perform AP scanning
and then
# uses the scan results to select a suitable AP. Another alternative is
to
# allow the driver to take care of AP scanning and selection and use
# wpa_supplicant just to process EAPOL frames based on IEEE 802.11
association
# information from the driver.
# 1: wpa_supplicant initiates scanning and AP selection
# 0: driver takes care of scanning, AP selection, and IEEE 802.11
association
#    parameters (e.g., WPA IE generation); this mode can also be used
with
#    non-WPA drivers when using IEEE 802.1X mode; do not try to
associate with
#    APs (i.e., external program needs to control association). This
mode must
#    also be used when using wired Ethernet drivers.
# 2: like 0, but associate with APs using security policy and SSID (but
not
#    BSSID); this can be used, e.g., with ndiswrapper and NDIS drivers
to
#    enable operation with hidden SSIDs and optimized roaming; in this
mode,
#    the network blocks in the configuration file are tried one by one
until
#    the driver reports successful association; each network block
should have
#    explicit security policy (i.e., only one option in the lists)
for
#    key_mgmt, pairwise, group, proto variables
ap_scan=1

# EAP fast re-authentication
# By default, fast re-authentication is enabled for all EAP methods
that
# support it. This variable can be used to disable fast
re-authentication.
# Normally, there is no need to disable this.
fast_reauth=1

# OpenSSL Engine support
# These options can be used to load OpenSSL engines.
# The two engines that are supported currently are shown below:
# They are both from the opensc project (http://www.opensc.org/)
# By default no engines are loaded.
# make the opensc engine available
#opensc_engine_path=/usr/lib/opensc/engine_opensc.so
# make the pkcs11 engine available
#pkcs11_engine_path=/usr/lib/opensc/engine_pkcs11.so
# configure the path to the pkcs11 module required by the pkcs11
engine
#pkcs11_module_path=/usr/lib/pkcs11/opensc-pkcs11.so

# Dynamic EAP methods
# If EAP methods were built dynamically as shared object files, they
need to be
# loaded here before being used in the network blocks. By default, EAP
methods
# are included statically in the build, so these lines are not needed
#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_tls.so
#load_dynamic_eap=/usr/lib/wpa_supplicant/eap_md5.so

# Driver interface parameters
# This field can be used to configure arbitrary driver interace
parameters. The
# format is specific to the selected driver interface. This field is
not used
# in most cases.
#driver_param=”field=value”

# Country code
# The ISO/IEC alpha2 country code for the country in which this device
is
# currently operating.
#country=US

# Maximum lifetime for PMKSA in seconds; default 43200
#dot11RSNAConfigPMKLifetime=43200
# Threshold for reauthentication (percentage of PMK lifetime); default
70
#dot11RSNAConfigPMKReauthThreshold=70
# Timeout for security association negotiation in seconds; default 60
#dot11RSNAConfigSATimeout=60

# Wi-Fi Protected Setup (WPS) parameters

# Universally Unique IDentifier (UUID; see RFC 4122) of the device
# If not configured, UUID will be generated based on the local MAC
address.
#uuid=12345678-9abc-def0-1234-56789abcdef0

# Device Name
# User-friendly description of device; up to 32 octets encoded in
UTF-8
#device_name=Wireless Client

# Manufacturer
# The manufacturer of the device (up to 64 ASCII characters)
#manufacturer=Company

# Model Name
# Model of the device (up to 32 ASCII characters)
#model_name=cmodel

# Model Number
# Additional device description (up to 32 ASCII characters)
#model_number=123

# Serial Number
# Serial number of the device (up to 32 characters)
#serial_number=12345

# Primary Device Type
# Used format: <categ>-<OUI>-<subcateg>
# categ = Category as an integer value
# OUI = OUI and type octet as a 4-octet hex-encoded value; 0050F204
for
#       default WPS OUI
# subcateg = OUI-specific Sub Category as an integer value
# Examples:
#   1-0050F204-1 (Computer / PC)
#   1-0050F204-2 (Computer / Server)
#   5-0050F204-1 (Storage / NAS)
#   6-0050F204-1 (Network Infrastructure / AP)
#device_type=1-0050F204-1

# OS Version
# 4-octet operating system version number (hex string)
#os_version=01020300

# Credential processing
#   0 = process received credentials internally (default)
#   1 = do not process received credentials; just pass them over
ctrl_iface to
#    external program(s)
#   2 = process received credentials internally and pass them over
ctrl_iface
#    to external program(s)
#wps_cred_processing=0

# network block
#
# Each network (usually AP’s sharing the same SSID) is configured as a
separate
# block in this configuration file. The network blocks are in
preference order
# (the first match is used).
#
# network block fields:
#
# disabled:
#    0 = this network can be used (default)
#    1 = this network block is disabled (can be enabled through
ctrl_iface,
#        e.g., with wpa_cli or wpa_gui)
#
# id_str: Network identifier string for external scripts. This value
is passed
#    to external action script through wpa_cli as WPA_ID_STR
environment
#    variable to make it easier to do network specific configuration.
#
# ssid: SSID (mandatory); either as an ASCII string with double
quotation or
#    as hex string; network name
#
# scan_ssid:
#    0 = do not scan this SSID with specific Probe Request frames
(default)
#    1 = scan with SSID-specific Probe Request frames (this can be used
to
#        find APs that do not accept broadcast SSID or use multiple
SSIDs;
#        this will add latency to scanning, so enable this only when
needed)
#
# bssid: BSSID (optional); if set, this network block is used only
when
#    associating with the AP using the configured BSSID
#
# priority: priority group (integer)
# By default, all networks will get same priority group (0). If some of
the
# networks are more desirable, this field can be used to change the
order in
# which wpa_supplicant goes through the networks when selecting a BSS.
The
# priority groups will be iterated in decreasing priority (i.e., the
larger the
# priority value, the sooner the network is matched against the scan
results).
# Within each priority group, networks will be selected based on
security
# policy, signal strength, etc.
# Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode
are not
# using this priority to select the order for scanning. Instead, they
try the
# networks in the order that used in the configuration file.
#
# mode: IEEE 802.11 operation mode
# 0 = infrastructure (Managed) mode, i.e., associate with an AP
(default)
# 1 = IBSS (ad-hoc, peer-to-peer)
# Note: IBSS can only be used with key_mgmt NONE (plaintext and static
WEP)
# and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). In addition,
ap_scan has
# to be set to 2 for IBSS. WPA-None requires following network block
options:
# proto=WPA, key_mgmt=WPA-NONE, pairwise=NONE, group=TKIP (or CCMP,
but not
# both), and psk must also be set.
#
# frequency: Channel frequency in megahertz (MHz) for IBSS, e.g.,
# 2412 = IEEE 802.11b/g channel 1. This value is used to configure the
initial
# channel for IBSS (adhoc) networks. It is ignored in the
infrastructure mode.
# In addition, this value is only used by the station that creates the
IBSS. If
# an IBSS network with the configured SSID is already present, the
frequency of
# the network will be used instead of this configured value.
#
# proto: list of accepted protocols
# WPA = WPA/IEEE 802.11i/D3.0
# RSN = WPA2/IEEE 802.11i (also WPA2 can be used as an alias for RSN)
# If not set, this defaults to: WPA RSN
#
# key_mgmt: list of accepted authenticated key management protocols
# WPA-PSK = WPA pre-shared key (this requires ‘psk’ field)
# WPA-EAP = WPA using EAP authentication
# IEEE8021X = IEEE 802.1X using EAP authentication and (optionally)
dynamically
#    generated WEP keys
# NONE = WPA is not used; plaintext or static WEP could be used
# WPA-PSK-SHA256 = Like WPA-PSK but using stronger SHA256-based
algorithms
# WPA-EAP-SHA256 = Like WPA-EAP but using stronger SHA256-based
algorithms
# If not set, this defaults to: WPA-PSK WPA-EAP
#
# auth_alg: list of allowed IEEE 802.11 authentication algorithms
# OPEN = Open System authentication (required for WPA/WPA2)
# SHARED = Shared Key authentication (requires static WEP keys)
# LEAP = LEAP/Network EAP (only used with LEAP)
# If not set, automatic selection is used (Open System with LEAP
enabled if
# LEAP is allowed as one of the EAP methods).
#
# pairwise: list of accepted pairwise (unicast) ciphers for WPA
# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE
802.11i/D7.0]
# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
# NONE = Use only Group Keys (deprecated, should not be included if APs
support
#    pairwise keys)
# If not set, this defaults to: CCMP TKIP
#
# group: list of accepted group (broadcast/multicast) ciphers for WPA
# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE
802.11i/D7.0]
# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
# WEP104 = WEP (Wired Equivalent Privacy) with 104-bit key
# WEP40 = WEP (Wired Equivalent Privacy) with 40-bit key [IEEE
802.11]
# If not set, this defaults to: CCMP TKIP WEP104 WEP40
#
# psk: WPA preshared key; 256-bit pre-shared key
# The key used in WPA-PSK mode can be entered either as 64 hex-digits,
i.e.,
# 32 bytes or as an ASCII passphrase (in which case, the real PSK will
be
# generated using the passphrase and SSID). ASCII passphrase must be
between
# 8 and 63 characters (inclusive).
# This field is not needed, if WPA-EAP is used.
# Note: Separate tool, wpa_passphrase, can be used to generate 256-bit
keys
# from ASCII passphrase. This process uses lot of CPU and
wpa_supplicant
# startup and reconfiguration time can be optimized by generating the
PSK only
# only when the passphrase or SSID has actually changed.
#
# eapol_flags: IEEE 802.1X/EAPOL options (bit field)
# Dynamic WEP key required for non-WPA mode
# bit0 (1): require dynamically generated unicast WEP key
# bit1 (2): require dynamically generated broadcast WEP key
#     (3 = require both keys; default)
# Note: When using wired authentication, eapol_flags must be set to 0
for the
# authentication to be completed successfully.
#
# mixed_cell: This option can be used to configure whether so called
mixed
# cells, i.e., networks that use both plaintext and encryption in the
same
# SSID, are allowed when selecting a BSS form scan results.
# 0 = disabled (default)
# 1 = enabled
#
# proactive_key_caching:
# Enable/disable opportunistic PMKSA caching for WPA2.
# 0 = disabled (default)
# 1 = enabled
#
# wep_key0..3: Static WEP key (ASCII in double quotation, e.g. “abcde”
or
# hex without quotation, e.g., 0102030405)
# wep_tx_keyidx: Default WEP key index (TX) (0..3)
#
# peerkey: Whether PeerKey negotiation for direct links (IEEE 802.11e
DLS) is
# allowed. This is only used with RSN/WPA2.
# 0 = disabled (default)
# 1 = enabled
#peerkey=1
#
# wpa_ptk_rekey: Maximum lifetime for PTK in seconds. This can be
used to
# enforce rekeying of PTK to mitigate some attacks against TKIP
deficiencies.
#
# Following fields are only used with internal EAP implementation.
# eap: space-separated list of accepted EAP methods
#    MD5 = EAP-MD5 (unsecure and does not generate keying material
->
#            cannot be used with WPA; to be used as a Phase 2 method
#            with EAP-PEAP or EAP-TTLS)
#       MSCHAPV2 = EAP-MSCHAPv2 (cannot be used separately with WPA; to
be used
#        as a Phase 2 method with EAP-PEAP or EAP-TTLS)
#       OTP = EAP-OTP (cannot be used separately with WPA; to be used
#        as a Phase 2 method with EAP-PEAP or EAP-TTLS)
#       GTC = EAP-GTC (cannot be used separately with WPA; to be used
#        as a Phase 2 method with EAP-PEAP or EAP-TTLS)
#    TLS = EAP-TLS (client and server certificate)
#    PEAP = EAP-PEAP (with tunnelled EAP authentication)
#    TTLS = EAP-TTLS (with tunnelled EAP or PAP/CHAP/MSCHAP/MSCHAPV2
#             authentication)
#    If not set, all compiled in methods are allowed.
#
# identity: Identity string for EAP
#    This field is also used to configure user NAI for
#    EAP-PSK/PAX/SAKE/GPSK.
# anonymous_identity: Anonymous identity string for EAP (to be used as
the
#    unencrypted identity with EAP types that support different
tunnelled
#    identity, e.g., EAP-TTLS)
# password: Password string for EAP. This field can include either
the
#    plaintext password (using ASCII or hex string) or a
NtPasswordHash
#    (16-byte MD4 hash of password) in hash:<32 hex digits>
format.
#    NtPasswordHash can only be used when the password is for MSCHAPv2
or
#    MSCHAP (EAP-MSCHAPv2, EAP-TTLS/MSCHAPv2, EAP-TTLS/MSCHAP, LEAP).
#    EAP-PSK (128-bit PSK), EAP-PAX (128-bit PSK), and EAP-SAKE
(256-bit
#    PSK) is also configured using this field. For EAP-GPSK, this is
a
#    variable length PSK.
# ca_cert: File path to CA certificate file (PEM/DER). This file can
have one
#    or more trusted CA certificates. If ca_cert and ca_path are
not
#    included, server certificate will not be verified. This is
insecure and
#    a trusted CA certificate should always be configured when using
#    EAP-TLS/TTLS/PEAP. Full path should be used since working
directory may
#    change when wpa_supplicant is run in the background.
#    On Windows, trusted CA certificates can be loaded from the
system
#    certificate store by setting this to cert_store://<name>,
e.g.,
#    ca_cert=”cert_store://CA” or ca_cert=”cert_store://ROOT”.
#    Note that when running wpa_supplicant as an application, the
user
#    certificate store (My user account) is used, whereas computer
store
#    (Computer account) is used when running wpasvc as a service.
# ca_path: Directory path for CA certificate files (PEM). This path
may
#    contain multiple CA certificates in OpenSSL format. Common use for
this
#    is to point to system trusted CA list which is often installed
into
#    directory like /etc/ssl/certs. If configured, these certificates
are
#    added to the list of trusted CAs. ca_cert may also be included in
that
#    case, but it is not required.
# client_cert: File path to client certificate file (PEM/DER)
#    Full path should be used since working directory may change when
#    wpa_supplicant is run in the background.
#    Alternatively, a named configuration blob can be used by setting
this
#    to blob://<blob name>.
# private_key: File path to client private key file (PEM/DER/PFX)
#    When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should
be
#    commented out. Both the private key and certificate will be read
from
#    the PKCS#12 file in this case. Full path should be used since
working
#    directory may change when wpa_supplicant is run in the
background.
#    Windows certificate store can be used by leaving client_cert out
and
#    configuring private_key in one of the following formats:
#    cert://substring_to_match
#    hash://certificate_thumbprint_in_hex
#    for example: private_key=”hash://63093aa9c47f56ae88334c7b65a4″
#    Note that when running wpa_supplicant as an application, the
user
#    certificate store (My user account) is used, whereas computer
store
#    (Computer account) is used when running wpasvc as a service.
#    Alternatively, a named configuration blob can be used by setting
this
#    to blob://<blob name>.
# private_key_passwd: Password for private key file (if left out,
this will be
#    asked through control interface)
# dh_file: File path to DH/DSA parameters file (in PEM format)
#    This is an optional configuration file for setting parameters for
an
#    ephemeral DH key exchange. In most cases, the default RSA
#    authentication does not use this configuration. However, it is
possible
#    setup RSA to use ephemeral DH key exchange. In addition, ciphers
with
#    DSA keys always use ephemeral DH keys. This can be used to
achieve
#    forward secrecy. If the file is in DSA parameters format, it will
be
#    automatically converted into DH params.
# subject_match: Substring to be matched against the subject of the
#    authentication server certificate. If this string is set, the
server
#    sertificate is only accepted if it contains this string in the
subject.
#    The subject string is in following format:
#    /C=US/ST=CA/L=San Francisco/CN=Test
AS/emailAddress=as@example.com
# altsubject_match: Semicolon separated string of entries to be
matched against
#    the alternative subject name of the authentication server
certificate.
#    If this string is set, the server sertificate is only accepted if
it
#    contains one of the entries in an alternative subject name
extension.
#    altSubjectName string is in following format: TYPE:VALUE
#    Example: EMAIL:server@example.com
#    Example: DNS:server.example.com;DNS:server2.example.com
#    Following types are supported: EMAIL, DNS, URI
# phase1: Phase1 (outer authentication, i.e., TLS tunnel) parameters
#    (string with field-value pairs, e.g., “peapver=0” or
#    “peapver=1 peaplabel=1”)
#    ‘peapver’ can be used to force which PEAP version (0 or 1) is
used.
#    ‘peaplabel=1’ can be used to force new label, “client PEAP
encryption”,
#    to be used during key derivation when PEAPv1 or newer. Most
existing
#    PEAPv1 implementation seem to be using the old label, “client
EAP
#    encryption”, and wpa_supplicant is now using that as the default
value.
#    Some servers, e.g., Radiator, may require peaplabel=1
configuration to
#    interoperate with PEAPv1; see eap_testing.txt for more details.
#    ‘peap_outer_success=0’ can be used to terminate PEAP
authentication on
#    tunneled EAP-Success. This is required with some RADIUS servers
that
#    implement draft-josefsson-pppext-eap-tls-eap-05.txt (e.g.,
#    Lucent NavisRadius v4.4.0 with PEAP in “IETF Draft 5” mode)
#    include_tls_length=1 can be used to force wpa_supplicant to
include
#    TLS Message Length field in all TLS messages even if they are
not
#    fragmented.
#    sim_min_num_chal=3 can be used to configure EAP-SIM to require
three
#    challenges (by default, it accepts 2 or 3)
#    result_ind=1 can be used to enable EAP-SIM and EAP-AKA to use
#    protected result indication.
#    ‘crypto_binding’ option can be used to control PEAPv0
cryptobinding
#    behavior:
#     * 0 = do not use cryptobinding (default)
#     * 1 = use cryptobinding if server supports it
#     * 2 = require cryptobinding
#    EAP-WSC (WPS) uses following options: pin=<Device Password>
or
#    pbc=1.
# phase2: Phase2 (inner authentication with TLS tunnel) parameters
#    (string with field-value pairs, e.g., “auth=MSCHAPV2” for EAP-PEAP
or
#    “autheap=MSCHAPV2 autheap=MD5” for EAP-TTLS)
# Following certificate/private key fields are used in inner Phase2
# authentication when using EAP-TTLS or EAP-PEAP.
# ca_cert2: File path to CA certificate file. This file can have one
or more
#    trusted CA certificates. If ca_cert2 and ca_path2 are not
included,
#    server certificate will not be verified. This is insecure and a
trusted
#    CA certificate should always be configured.
# ca_path2: Directory path for CA certificate files (PEM)
# client_cert2: File path to client certificate file
# private_key2: File path to client private key file
# private_key2_passwd: Password for private key file
# dh_file2: File path to DH/DSA parameters file (in PEM format)
# subject_match2: Substring to be matched against the subject of the
#    authentication server certificate.
# altsubject_match2: Substring to be matched against the alternative
subject
#    name of the authentication server certificate.
#
# fragment_size: Maximum EAP fragment size in bytes (default 1398).
#    This value limits the fragment size for EAP methods that support
#    fragmentation (e.g., EAP-TLS and EAP-PEAP). This value should be
set
#    small enough to make the EAP messages fit in MTU of the network
#    interface used for EAPOL. The default value is suitable for most
#    cases.
#
# EAP-FAST variables:
# pac_file: File path for the PAC entries. wpa_supplicant will need
to be able
#    to create this file and write updates to it when PAC is being
#    provisioned or refreshed. Full path to the file should be used
since
#    working directory may change when wpa_supplicant is run in the
#    background. Alternatively, a named configuration blob can be used
by
#    setting this to blob://<blob name>
# phase1: fast_provisioning option can be used to enable in-line
provisioning
#         of EAP-FAST credentials (PAC):
#         0 = disabled,
#         1 = allow unauthenticated provisioning,
#         2 = allow authenticated provisioning,
#         3 = allow both unauthenticated and authenticated
provisioning
#    fast_max_pac_list_len=<num> option can be used to set
the maximum
#        number of PAC entries to store in a PAC list (default: 10)
#    fast_pac_format=binary option can be used to select binary
format for
#        storing PAC entries in order to save some space (the default
#        text format uses about 2.5 times the size of minimal binary
#        format)
#
# wpa_supplicant supports number of “EAP workarounds” to work around
# interoperability issues with incorrectly behaving authentication
servers.
# These are enabled by default because some of the issues are present
in large
# number of authentication servers. Strict EAP conformance mode can
be
# configured by disabling workarounds with eap_workaround=0.

# Example blocks:

# Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid
ciphers
network={
    ssid=”simple”
    psk=”very secret passphrase”
    priority=5
}

# Same as previous, but request SSID-specific scanning (for APs that
reject
# broadcast SSID)
network={
    ssid=”second ssid”
    scan_ssid=1
    psk=”very secret passphrase”
    priority=2
}

# Only WPA-PSK is used. Any valid cipher combination is accepted.
network={
    ssid=”example”
    proto=WPA
    key_mgmt=WPA-PSK
    pairwise=CCMP TKIP
    group=CCMP TKIP WEP104 WEP40
  
 psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
    priority=2
}

# WPA-Personal(PSK) with TKIP and enforcement for frequent PTK
rekeying
network={
    ssid=”example”
    proto=WPA
    key_mgmt=WPA-PSK
    pairwise=TKIP
    group=TKIP
    psk=”not so secure passphrase”
    wpa_ptk_rekey=600
}

# Only WPA-EAP is used. Both CCMP and TKIP is accepted. An AP that used
WEP104
# or WEP40 as the group cipher will not be accepted.
network={
    ssid=”example”
    proto=RSN
    key_mgmt=WPA-EAP
    pairwise=CCMP TKIP
    group=CCMP TKIP
    eap=TLS
    identity=”user@example.com”
    ca_cert=”/etc/cert/ca.pem”
    client_cert=”/etc/cert/user.pem”
    private_key=”/etc/cert/user.prv”
    private_key_passwd=”password”
    priority=1
}

# EAP-PEAP/MSCHAPv2 configuration for RADIUS servers that use the new
peaplabel
# (e.g., Radiator)
network={
    ssid=”example”
    key_mgmt=WPA-EAP
    eap=PEAP
    identity=”user@example.com”
    password=”foobar”
    ca_cert=”/etc/cert/ca.pem”
    phase1=”peaplabel=1″
    phase2=”auth=MSCHAPV2″
    priority=10
}

# EAP-TTLS/EAP-MD5-Challenge configuration with anonymous identity for
the
# unencrypted use. Real identity is sent only within an encrypted TLS
tunnel.
network={
    ssid=”example”
    key_mgmt=WPA-EAP
    eap=TTLS
    identity=”user@example.com”
    anonymous_identity=”anonymous@example.com”
    password=”foobar”
    ca_cert=”/etc/cert/ca.pem”
    priority=2
}

# EAP-TTLS/MSCHAPv2 configuration with anonymous identity for the
unencrypted
# use. Real identity is sent only within an encrypted TLS tunnel.
network={
    ssid=”example”
    key_mgmt=WPA-EAP
    eap=TTLS
    identity=”user@example.com”
    anonymous_identity=”anonymous@example.com”
    password=”foobar”
    ca_cert=”/etc/cert/ca.pem”
    phase2=”auth=MSCHAPV2″
}

# WPA-EAP, EAP-TTLS with different CA certificate used for outer and
inner
# authentication.
network={
    ssid=”example”
    key_mgmt=WPA-EAP
    eap=TTLS
    # Phase1 / outer authentication
    anonymous_identity=”anonymous@example.com”
    ca_cert=”/etc/cert/ca.pem”
    # Phase 2 / inner authentication
    phase2=”autheap=TLS”
    ca_cert2=”/etc/cert/ca2.pem”
    client_cert2=”/etc/cer/user.pem”
    private_key2=”/etc/cer/user.prv”
    private_key2_passwd=”password”
    priority=2
}

# Both WPA-PSK and WPA-EAP is accepted. Only CCMP is accepted as
pairwise and
# group cipher.
network={
    ssid=”example”
    bssid=00:11:22:33:44:55
    proto=WPA RSN
    key_mgmt=WPA-PSK WPA-EAP
    pairwise=CCMP
    group=CCMP
  
 psk=06b4be19da289f475aa46a33cb793029d4ab3db7a23ee92382eb0106c72ac7bb
}

# Special characters in SSID, so use hex string. Default to WPA-PSK,
WPA-EAP
# and all valid ciphers.
network={
    ssid=00010203
  
 psk=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
}

# EAP-SIM with a GSM SIM or USIM
network={
    ssid=”eap-sim-test”
    key_mgmt=WPA-EAP
    eap=SIM
    pin=”1234″
    pcsc=””
}

# EAP-PSK
network={
    ssid=”eap-psk-test”
    key_mgmt=WPA-EAP
    eap=PSK
    anonymous_identity=”eap_psk_user”
    password=06b4be19da289f475aa46a33cb793029
    identity=”eap_psk_user@example.com”
}

# IEEE 802.1X/EAPOL with dynamically generated WEP keys (i.e., no WPA)
using
# EAP-TLS for authentication and key generation; require both unicast
and
# broadcast WEP keys.
network={
    ssid=”1x-test”
    key_mgmt=IEEE8021X
    eap=TLS
    identity=”user@example.com”
    ca_cert=”/etc/cert/ca.pem”
    client_cert=”/etc/cert/user.pem”
    private_key=”/etc/cert/user.prv”
    private_key_passwd=”password”
    eapol_flags=3
}

# LEAP with dynamic WEP keys
network={
    ssid=”leap-example”
    key_mgmt=IEEE8021X
    eap=LEAP
    identity=”user”
    password=”foobar”
}

# EAP-IKEv2 using shared secrets for both server and peer
authentication
network={
    ssid=”ikev2-example”
    key_mgmt=WPA-EAP
    eap=IKEV2
    identity=”user”
    password=”foobar”
}

# EAP-FAST with WPA (WPA or WPA2)
network={
    ssid=”eap-fast-test”
    key_mgmt=WPA-EAP
    eap=FAST
    anonymous_identity=”FAST-000102030405″
    identity=”username”
    password=”password”
    phase1=”fast_provisioning=1″
    pac_file=”/etc/wpa_supplicant.eap-fast-pac”
}

network={
    ssid=”eap-fast-test”
    key_mgmt=WPA-EAP
    eap=FAST
    anonymous_identity=”FAST-000102030405″
    identity=”username”
    password=”password”
    phase1=”fast_provisioning=1″
    pac_file=”blob://eap-fast-pac”
}

# Plaintext connection (no WPA, no IEEE 802.1X)
network={
    ssid=”plaintext-test”
    key_mgmt=NONE
}

# Shared WEP key connection (no WPA, no IEEE 802.1X)
network={
    ssid=”static-wep-test”
    key_mgmt=NONE
    wep_key0=”abcde”
    wep_key1=0102030405
    wep_key2=”1234567890123″
    wep_tx_keyidx=0
    priority=5
}

# Shared WEP key connection (no WPA, no IEEE 802.1X) using Shared Key
# IEEE 802.11 authentication
network={
    ssid=”static-wep-test2″
    key_mgmt=NONE
    wep_key0=”abcde”
    wep_key1=0102030405
    wep_key2=”1234567890123″
    wep_tx_keyidx=0
    priority=5
    auth_alg=SHARED
}

# IBSS/ad-hoc network with WPA-None/TKIP.
network={
    ssid=”test adhoc”
    mode=1
    frequency=2412
    proto=WPA
    key_mgmt=WPA-NONE
    pairwise=NONE
    group=TKIP
    psk=”secret passphrase”
}

# Catch all example that allows more or less all configuration modes
network={
    ssid=”example”
    scan_ssid=1
    key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE
    pairwise=CCMP TKIP
    group=CCMP TKIP WEP104 WEP40
    psk=”very secret passphrase”
    eap=TTLS PEAP TLS
    identity=”user@example.com”
    password=”foobar”
    ca_cert=”/etc/cert/ca.pem”
    client_cert=”/etc/cert/user.pem”
    private_key=”/etc/cert/user.prv”
    private_key_passwd=”password”
    phase1=”peaplabel=0″
}

# Example of EAP-TLS with smartcard (openssl engine)
network={
    ssid=”example”
    key_mgmt=WPA-EAP
    eap=TLS
    proto=RSN
    pairwise=CCMP TKIP
    group=CCMP TKIP
    identity=”user@example.com”
    ca_cert=”/etc/cert/ca.pem”
    client_cert=”/etc/cert/user.pem”

    engine=1

    # The engine configured here must be available. Look at
    # OpenSSL engine support in the global section.
    # The key available through the engine must be the private key
    # matching the client certificate configured above.

    # use the opensc engine
    #engine_id=”opensc”
    #key_id=”45″

    # use the pkcs11 engine
    engine_id=”pkcs11″
    key_id=”id_45″

    # Optional PIN configuration; this can be left out and PIN will
be
    # asked through the control interface
    pin=”1234″
}

# Example configuration showing how to use an inlined blob as a CA
certificate
# data instead of using external file
network={
    ssid=”example”
    key_mgmt=WPA-EAP
    eap=TTLS
    identity=”user@example.com”
    anonymous_identity=”anonymous@example.com”
    password=”foobar”
    ca_cert=”blob://exampleblob”
    priority=20
}

blob-base64-exampleblob={
SGVsbG8gV29ybGQhCg==
}

# Wildcard match for SSID (plaintext APs only). This example select
any
# open AP regardless of its SSID.
network={
    key_mgmt=NONE
}
**

掉显如下说明正常并处在交互模式:

lovebet体育官网 3

      E,执行同一多重令看看

scan

lovebet体育官网 4

scan_results

lovebet体育官网 5

        F,连WIFI的命执行,有以下几栽:

for AP that doesn`t have encryption
>add_network (It will display a network id for you, assume it
returns 0)
>set_network 0 ssid “666”
>set_network 0 key_mgmt NONE
>enable_network 0
>quit

for AP that has WEP
>add_network (assume returns 1)
>set_network 1 ssid “666”
>set_network 1 key_mgmt NONE
>set_network 1 wep_key0 “your ap passwork”(if usting ASCII, it
need
double quotation marks, if using hex, then don`t need the double
quotation
marks)
>set_network 1 wep_tx_keyidx 0
>select_network 1 (optional, remember, if you are connecting with
another
AP, you should select it to disable the another)
>enable_network 1

for AP that has WPA-PSK/WPA2-PSK
>add_network (assume returns 2)
>set_network 2 ssid “666”
>set_network 2 psk “your pre-shared key”
>select_network 2 (optional, remember, if you are connecting with
another
AP, you should select it to disable the another)
>enable_network 2

     我要好之试图如下:

lovebet体育官网 6

如上过程尽管证实联网OK,可以上网了。

参照原文:http://cache.baiducontent.com
/c?m=9f65cb4a8c8507ed4fece7631046893b4c4380146d96864968d4e414c42246100024b8ed7a66471980853a3c50f11e41bca770216c5d61aa9bc98b4addb9922b3bcd7a742613d51742c419de8a1c729f7e875a98ea42b3e1&p=8b2a975bcd8711a052eedb2f4a4c&newp=8b2a971f81822dec08e29e7d495d92695c02dc3051dcd14f2895ff0b&user=baidu&fm=sc&query=adb+shell+wifi&qid=&p1=4

参照原文:http://blog.sina.com.cn/s/blog\_55465b470100l73l.html

 

 

 

 

 

 

 

 

 

   
Android网被对于WIFI的安装集成及了“设置”中,其实与手动设置多。这里介绍下什么样手动连接WIFI,以福利以后调试WIFI。

       
第一步而做的就算是一旦加载WIFI模块驱动了。当然要您的WIFI是编译到本里面的,就未待之。我们的WIFI芯片用底凡BCM4330,编译为模块。

insmod /system/lib/modules/kernel/drivers/net/wireless/bcm4330/bcm4330.ko firmware_path=/system/vendor/firmware/bcm4330.bin
\ nvram_path=/system/vendor/firmware/nvram.txt

       这样让模块加载后,需要启动wpa_supplicant

root@android:/ # wpa_supplicant -Dwext -iwlan0
-C/data/system/wpa_supplicant -c/data/misc/wifi/wpa_supplicant.conf &
 

下一场ps|grep wpa看看发生没发起,在wifi工作进程中,这个历程使直都当的。

        接着启动客户端wpa_cli进行安排并一连wifi热点

130|root@android:/ # wpa_cli -p/data/system/wpa_supplicant -iwlan0
wpa_cli v0.8.x
Copyright (c) 2004-2011, Jouni Malinen <j@w1.fi> and
contributors

This program is free software. You can distribute it and/or modify it
under the terms of the GNU General Public License version 2.

Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.

Interactive mode

其中/data/system/wpa_supplicant
是刚刚起步wpa_supplicant的上创建的一个套接字

紧接着进行查找wifi

> scan
OK
<3>CTRL-EVENT-SCAN-RESULTS 

翻搜到的来怎样热点

> scan_result
bssid / frequency / signal level / flags / ssid
40:16:9f:67:0f:00       2462    -42    
[WPA-PSK-TKIP+CCMP][WPA2-PSK-TKIP+CCMP][WPS][ESS]      
HHCN-NET
b0:48:7a:49:44:68       2437    -58     [WPA2-PSK-CCMP][WPS][ESS]
      HHTech.Arch
e0:05:c5:97:d8:5a       2412    -71    
[WPA-PSK-CCMP][WPA2-PSK-CCMP-preauth][ESS]      1103-5
40:16:9f:67:0c:a6       2412    -74    
[WPA-PSK-TKIP+CCMP][WPA2-PSK-TKIP+CCMP][WPS][ESS]      
hardware
b0:48:7a:49:65:54       2437    -58    
[WPA-PSK-CCMP][WPA2-PSK-CCMP][WPS][ESS] Dept_driver

随着设置wifi,就连续Dept_driver这个热点吧

> add_net
3
> set_net 3 ssid “Dept_driver”
OK

Dept_driver的加密方法是WPA2-PSK

> set_net 3 psk “password”
OK
> select_net 3
OK
<3>CTRL-EVENT-STATE-CHANGE id=0 state=0 BSSID=00:00:00:00:0[
2752.332061] dhd_aoe_hostip_clr failed code -23
0:00
<3>CTR[ 2752.337768] dhd_aoe_arp_clr failed code 1
L-EVENT-STATE-CHANGE id=-1 state=3 BSSID=00:00:00:00:00:00
<3>CTRL-EVENT-DISCONNECTED bssid=00:00:00:00:00:00 reason=0
<3>CTRL-EVENT-STATE-CHANGE id=-1 state=0 BSSID=00:00:00:00:00:00
<3>CTRL-EVENT-STATE-CHANGE id=-1 state=3 BSSID=00:00:00:00:00:00
<3>CTRL-EVENT-SCAN-RESULTS 
<3>WPS-AP-AVAILABLE 
<3>Trying to associate with b0:48:7a:49:65:54 (SSID=’Dept_driver’
freq=2437 MHz)
<3>CTRL-EVENT-STATE-CHANGE id=-1 state=5 BSSID=b0:48:7a:49:65:54
[ 2753.153717] wl_iw_set_essid: join SSID=Dept_driver ch=6
<3>CTRL-EVENT-STATE-CHANGE id=3 state=6 BSSID=b0:48:7a:49:65:54
<3>Associated with b0:48:7a:49:65:54
<3>CTRL-EVENT-STATE-CHANGE id=3 state=7 BSSID=00:00:00:00:00:00
<3>CTRL-EVENT-STATE-CHANGE id=3 state=8 BSSID=00:00:00:00:00:00
<3>WPA: Key negotiation completed with b0:48:7a:49:65:54
[PTK=CCMP GTK=CCMP]
<3>CTRL-EVENT-CONNECTED – Connection to b0:48:7a:49:65:54
completed (reauth) [id=3 id_str=]
<3>CTRL-EVENT-STATE-CHANGE id=3 state=9 BSSID=00:00:00:00:00:00

> enable_net 3
OK
> q

诸如此类,就还安好了,接着用dhcpd分配一个IP地址

root@android:/ # dhcpcd wlan0                                          
       
dhcpcd[3940]: version 5.2.10 starting
dhcpcd[3940]: host does not support a monotonic clock – timing can
skew
dhcpcd[3940]: wlan0: rebinding lease of 192.168.1.216
dhcpcd[3940]: wlan0: acknowledged 192.168.1.216 from 192.168.1.1
`�’
dhcpcd[3940]: wlan0: leased 192.168.1.216 for 7200 seconds
dhcpcd[3940]: forked to background, child pid 3971
root@android:/ # busybox ifconfig wlan0                                
       
wlan0     Link encap:Ethernet  HWaddr AC:E8:7B:89:D3:C0  
          inet addr:192.168.1.216  Bcast:255.255.255.255
 Mask:255.255.255.0
          inet6 addr: fe80::aee8:7bff:fe89:d3c0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6637 errors:0 dropped:25 overruns:0 frame:0
          TX packets:4357 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3825961 (3.6 MiB)  TX bytes:704832 (688.3 KiB)

这样就到位了。可以上网了。

 

 

 

wpa_supplicant软件架构分析

2013年11月26日 ⁄ 综合 ⁄ 共
12345字 ⁄ 字号 小 中 大 ⁄
评论关闭

 

初稿地址:http://blog.csdn.net/fxfzz/article/details/6176414

1. 起动命令

wpa
supplicant 在启动时,启动命令可以蕴涵很多参数,目前咱们的起步命令如下:

wpa_supplicant /system/bin/wpa_supplicant -Dwext -ieth0
-c/data/wifi/wpa_supplicant.conf -f/data/wifi/wpa_log.txt

 

wpa_supplicant对于启动命令带的参数,用了点滴单数据结构来保存,

一个是 wpa_params, 另一个是wpa_interface.

立即重要是考虑到wpa_supplicant是足以而且支持多单网络接口的。

wpa_params数据结构主要记录及网络接口无关的有的参数设置。

如每一个网络接口就因此一个wpa_interface数据结构来记录。

以开行命令行中,可以就此-N来指定将描述一个新的网络接口,对于一个初的网络接口,可以为此底六独参数描述:

-i<ifname> : 网络接口名称

-c<conf>: 配置文件名称

-C<ctrl_intf>: 控制接口名称

-D<driver>: 驱动型

-p<driver_param>: 驱动参数

-b<br_ifname>: 桥接口名称

 

2. wpa_supplicant 初始化流程

2.1. main()函数:

在这个函数中,主要做了季宗事。

a. 解析命令行传进的参数。

b. 调用wpa_supplicant_init()函数,做wpa_supplicant的初始化工作。

c. 调用wpa_supplicant_add_iface()函数,增加网络接口。

d. 调用wpa_supplicant_run()函数,让wpa_supplicant真正的run起来。

 

2.2. wpa_supplicant_init()函数:

a. 打开debug 文件。

b. 注册EAP peer方法。

c. 申请wpa_global内存,该数据结构作为率其他数据结构的一个中心, 主要包括四独片:

wpa_supplicant
*ifaces   /*每个网络接口都发出一个遥相呼应之wpa_supplicant数据结构,该指针指向最近投入的一个,在wpa_supplicant数据结构中起指针指向next*/

wpa_params params   /*启动命令行中带的通用的参数*/

ctrl_iface_global_priv *ctrl_iface  /*global 的支配接口*/

ctrl_iface_dbus_priv *dbus_ctrl_iface  /*dbus 的支配接口*/

d. 设置wpa_global中的wpa_params中的参数。

e. 调用eloop_init函数将全局变量eloop中之user_data指针指为wpa_global。

f. 调用wpa_supplicant_global_ctrl_iface_init函数初始化global 控制接口。

g. 调用wpa_supplicant_dbus_ctrl_iface_init函数初始化dbus 控制接口。

h. 将该daemon的pid写入pid_file中。

 

2.3. wpa_supplicant_add_iface()函数:

拖欠函数根据启动命令行中带有的参数增加网络接口, 有几独就是添几个。

a. 因为wpa_supplicant是同网络接口对应之重要性的数据结构,所以,首先分配一个wpa_supplicant数据结构的内存。

b. 调用wpa_supplicant_init_iface() 函数来举行网络接口的上马工作,主要不外乎:

安装驱动型,默认是wext;

读取配置文件,并将里面的信息设置到wpa_supplicant数据结构中的conf 指针指向的数据结构,它是一个wpa_config类型;

指令执行设置的主宰接口ctrl_interface和教参数driver_param覆盖配置文件里设置,命令执行吃的事先;

拷贝网络接口名称以及桥接口名称及wpa_config数据结构;

于网部署块来半点个链表描述其,一个是 config->ssid,它以部署
文件中之一一依次挂载在这链表上,还有一个凡pssid,它是一个二级指针,指向一个指针数组,该指针数组按照先级从高到底的次第依次保存
wpa_ssid指针,相同优先级的以同一链表中挂载。

c. 调用wpa_supplicant_init_iface2() 函数,主要不外乎:

调用wpa_supplicant_init_eapol()函数来初始化eapol;

调用相应项目的driver的init()函数;

设置driver的param参数;

调用wpa_drv_get_ifname()函数获得网络接口的称,对于wext类型的driver,没有此接口函数;

调用wpa_supplicant_init_wpa()函数来初始化wpa,并做相应的初始化工作;

调用wpa_supplicant_driver_init()函数,来初始化driver接口参数;在该函数的终极,会

wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;

wpa_supplicant_req_scan(wpa_s, interface_count, 100000);

来主动发起scan,

调用wpa_supplicant_ctrl_iface_init()函数,来初始化控制接口;对于UNIX
SOCKET这种办法,其当地socket文件是由安排文件里之ctrl_interface参数指定的不二法门加上网络接口名称;

 

2.4. wpa_supplicant_run()函数:

初始化完成之后,让wpa_supplicant的main event loop run起来。

在wpa_supplicant中,有无数暨外边通信的socket,它们都是待注册 到eloop
event模块中的,具体地说,就是当eloop_sock_table中增加一桩记录,其中包了sock_fd,
handle, eloop_data, user_data。

eloop
event模块就是将这些socket组织起,统一保管,然后在eloop_run中利用select机制来治本socket的通信。

 

3. Wpa_supplicant提供的接口

自打通信层次上分,wpa_supplicant提供发展的支配接口 control
interface,用于与其余模块(如UI)进行通信,其他模块可由此control
interface 来获取信息或下命令。Wpa_supplicant通过socket通信机制实现下行接口,与本进行通信,获取信息或下命令。

 

3.1 上行接口

Wpa_supplicant提供个别种植艺术的上行接口。一种基于传统dbus机制实现同其它进程中的IPC通信;另一样种植通过Unix
domain socket机制落实进程之中的IPC通信。

3.1.1 Dbus接口

该接口主要以文书“ctrl_iface_dbus.h”,“ctrl_iface_dbus.c”,“ctrl_iface_dbus_handler.h”和“ctrl_iface_dbus_handler.c”中实现,提供有中坚的操纵措施。

 

DBusMessage * wpas_dbus_new_invalid_iface_error(DBusMessage
*message);

 

DBusMessage * wpas_dbus_global_add_interface(DBusMessage *message,

                                        struct wpa_global *global);

 

DBusMessage * wpas_dbus_global_remove_interface(DBusMessage
*message,

                                          struct wpa_global *global);

 

DBusMessage * wpas_dbus_global_get_interface(DBusMessage *message,

                                        struct wpa_global *global);

 

DBusMessage * wpas_dbus_global_set_debugparams(DBusMessage
*message,

                                          struct wpa_global *global);

 

DBusMessage * wpas_dbus_iface_scan(DBusMessage *message,

                               struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_scan_results(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_bssid_properties(DBusMessage *message,

                                    struct wpa_supplicant *wpa_s,

                                    struct wpa_scan_res *res);

 

DBusMessage * wpas_dbus_iface_capabilities(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_add_network(DBusMessage *message,

                                     struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_remove_network(DBusMessage *message,

                                        struct wpa_supplicant
*wpa_s);

 

DBusMessage * wpas_dbus_iface_set_network(DBusMessage *message,

                                     struct wpa_supplicant *wpa_s,

                                     struct wpa_ssid *ssid);

 

DBusMessage * wpas_dbus_iface_enable_network(DBusMessage *message,

                                        struct wpa_supplicant *wpa_s,

                                        struct wpa_ssid *ssid);

 

DBusMessage * wpas_dbus_iface_disable_network(DBusMessage
*message,

                                         struct wpa_supplicant
*wpa_s,

                                         struct wpa_ssid *ssid);

 

DBusMessage * wpas_dbus_iface_select_network(DBusMessage *message,

                                             struct wpa_supplicant
*wpa_s);

 

DBusMessage * wpas_dbus_iface_disconnect(DBusMessage *message,

                                    struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_set_ap_scan(DBusMessage *message,

                                          struct wpa_supplicant
*wpa_s);

 

DBusMessage * wpas_dbus_iface_set_smartcard_modules(

       DBusMessage *message, struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_get_state(DBusMessage *message,

                                   struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_get_scanning(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_set_blobs(DBusMessage *message,

                                    struct wpa_supplicant *wpa_s);

 

DBusMessage * wpas_dbus_iface_remove_blobs(DBusMessage *message,

                                      struct wpa_supplicant *wpa_s);

 

3.1.2 Unix domain socket 接口

拖欠接口主要在文书“wpa_ctrl.h”,“wpa_ctrl.c”,“ctrl_iface_unix.c”,“ctrl_iface.h”和“ctrl_iface.c”实现。

 

(1)“wpa_ctrl.h”,“wpa_ctrl.c” 完成对control
interface的包裹,对外提供合的接口。其利害攸关的工作是通过Unix domain
socket建立一个control
interface 的client结点,与作为server的wpa_supplicant结点通信。

 

重大力量函数:

struct wpa_ctrl * wpa_ctrl_open(const char *ctrl_path);

/* 建立并初始化一个Unix domain
socket的client结点,并跟当server的wpa_supplicant结点绑定 */

void wpa_ctrl_close(struct wpa_ctrl *ctrl);

/* 撤销并销毁已成立的Unix domain socket的client结点 */

 

int wpa_ctrl_request(struct wpa_ctrl *ctrl, const char *cmd,
size_t cmd_len,

                   char *reply, size_t *reply_len,

                   void (*msg_cb)(char *msg, size_t len));

 

/* 用户模块直接调用该函数对wpa_supplicant发送命令并得到所急需信息

 * 可以发送的吩咐如附件1所示 */

Note:

       Wpa_supplicant 提供简单栽由外部模块获取信息的道:一种是外部模块通过发送request 命令然后拿走response的问答模式,另一样种植是wpa_supplicant主动往外部发送event事件,由外部模块监听接收。

 

       一般的常用做法是表面模块通过调用wpa_ctrl_open()两次,建立两独control
interface接口,一个呢ctrl
interface,用于发送命令,获取信息,另一个乎monitor interface,用于监听接收来自于wpa_supplicant的event时间。此举可以下降通信的耦合性,避免response和event的互干扰。

 

int wpa_ctrl_attach(struct wpa_ctrl *ctrl);

/* 注册 某个 control interface 作为 monitor interface */

 

int wpa_ctrl_detach(struct wpa_ctrl *ctrl);

/* 撤销某个 monitor interface 为 普通的 control interface  */

 

int wpa_ctrl_pending(struct wpa_ctrl *ctrl);

/* 判断是否发悬挂于底event 事件 */

 

int wpa_ctrl_recv(struct wpa_ctrl *ctrl, char *reply, size_t
*reply_len);

/* 获取挂于的event 事件 */

 

(2)“ctrl_iface_unix.c”实现wpa_supplicant的Unix domain
socket通信机制中server结点,完成对client结点的应。

       其中最重点的一定量独函数为:

static void wpa_supplicant_ctrl_iface_receive(int sock, void
*eloop_ctx,

                                         void *sock_ctx)

/* 接收并解析client发送request命令,然后根据不同之命调用底层不同之处理函数;

 * 然后拿沾response结果回馈到 client 结点。

 */

 

static void wpa_supplicant_ctrl_iface_send(struct
ctrl_iface_priv *priv,

                                      int level, const char *buf,

                                      size_t len)

/* 向注册的monitor interfaces 主动发送event事件 */

 

(3)“ctrl_iface.h”和“ctrl_iface.c”主要实现了各种request命令的脚处理函数。

 

3.2 下行接口

Wpa_supplicant提供的下水接口主要用于与kernel(driver)进行通信,下发命令和获取信息。

Wpa_supplicant下行接口主要不外乎三种植重大的接口:

1.    PF_INET socket接口,主要用来为kernel 发送ioctl命令,控制并获得相应信息。

2.    PF_NETLINK socket接口,主要用以吸纳kernel发送上来的event 事件。

3.    PF_PACKET socket接口,主要用来为driver传递802.1X报文。

 

重要涉嫌到之文书管
括:“driver.h”,“drivers.c”,“driver_wext.h”,“driver_wext.c”,“l2_packet.h”和
“l2_packet_linux.c”。其中“driver.h”,“drivers.c”,“driver_wext.h”和
“driver_wext.c”实现PF_INET socket接口和PF_NETLINK socket接口;“l2_packet.h”和“l2_packet_linux.c”实现PF_PACKET socket接口。

 

(1)“driver.h”,“drivers.c”
主要用以封装底层差异对外显示一个相同的wpa_driver_ops接口。Wpa_supplicant可支持atmel,
Broadcom, ipw, madwifi, ndis, nl80211, wext等多种让。

里面一个绝重点的数据结构为wpa_driver_ops, 其定义了driver相关的各种操作接口。

 

(2)“driver_wext.h”,“driver_wext.c”实现了wext形式的wpa_driver_ops,并创办了PF_INET socket接口和PF_NETLINK socket接口,然后通过这点儿只接口就与kernel的信相互。

 

Wext提供的一个重中之重数据结构吧:

struct wpa_driver_wext_data {

       void *ctx;

       int event_sock;

       int ioctl_sock;

       int mlme_sock;

       char ifname[IFNAMSIZ + 1];

       int ifindex;

       int ifindex2;

       int if_removed;

       u8 *assoc_req_ies;

       size_t assoc_req_ies_len;

       u8 *assoc_resp_ies;

       size_t assoc_resp_ies_len;

       struct wpa_driver_capa capa;

       int has_capability;

       int we_version_compiled;

 

       /* for set_auth_alg fallback */

       int use_crypt;

       int auth_alg_fallback;

 

       int operstate;

 

       char mlmedev[IFNAMSIZ + 1];

 

       int scan_complete_events;

};

其中event_sock 为PF_NETLINK socket接口,ioctl_sock为PF_INET socket借口。

 

Driver_wext.c实现了大气根处理函数用于落实wpa_driver_ops操作参数,其中比较重要之发生:

void * wpa_driver_wext_init(void *ctx, const char *ifname);

/* 初始化wpa_driver_wext_data 数据结构,并创建PF_NETLINK socket和 PF_INET socket 接口 */

 

void wpa_driver_wext_deinit(void *priv);

/* 销毁wpa_driver_wext_data 数据结构,PF_NETLINK socket和 PF_INET socket 接口 */

 

static void wpa_driver_wext_event_receive(int sock, void
*eloop_ctx,

                                     void *sock_ctx);

/* 处理kernel主动发送的event事件的 callback 函数 */

 

末段,将促成之操作函数映射到一个大局的wpa_driver_ops类型数据结构 wpa_driver_wext_ops中。

 

const struct wpa_driver_ops wpa_driver_wext_ops = {

       .name = “wext”,

       .desc = “Linux wireless extensions (generic)”,

       .get_bssid = wpa_driver_wext_get_bssid,

       .get_ssid = wpa_driver_wext_get_ssid,

       .set_wpa = wpa_driver_wext_set_wpa,

       .set_key = wpa_driver_wext_set_key,

       .set_countermeasures = wpa_driver_wext_set_countermeasures,

       .set_drop_unencrypted =
wpa_driver_wext_set_drop_unencrypted,

       .scan = wpa_driver_wext_scan,

       .get_scan_results2 = wpa_driver_wext_get_scan_results,

       .deauthenticate = wpa_driver_wext_deauthenticate,

       .disassociate = wpa_driver_wext_disassociate,

       .set_mode = wpa_driver_wext_set_mode,

       .associate = wpa_driver_wext_associate,

       .set_auth_alg = wpa_driver_wext_set_auth_alg,

       .init = wpa_driver_wext_init,

       .deinit = wpa_driver_wext_deinit,

       .add_pmkid = wpa_driver_wext_add_pmkid,

       .remove_pmkid = wpa_driver_wext_remove_pmkid,

       .flush_pmkid = wpa_driver_wext_flush_pmkid,

       .get_capa = wpa_driver_wext_get_capa,

       .set_operstate = wpa_driver_wext_set_operstate,

};

 

(3)“l2_packet.h”和“l2_packet_linux.c”主要用来落实PF_PACKET socket接口,通过该接口,wpa_supplicant可以直接以802.1X
packet发送至L2层,而不经过TCP/IP协议栈。

 

里首要的功用函数为:

struct l2_packet_data * l2_packet_init(

       const char *ifname, const u8 *own_addr, unsigned short
protocol,

       void (*rx_callback)(void *ctx, const u8 *src_addr,

                         const u8 *buf, size_t len),

       void *rx_callback_ctx, int l2_hdr);

/* 创建并初始化PF_PACKET socket接口,其中rx_callback 为自L2接收及之packet 处理callback函数 */

 

void l2_packet_deinit(struct l2_packet_data *l2);

/* 销毁 PF_PACKET socket接口 */

 

int l2_packet_send(struct l2_packet_data *l2, const u8 *dst_addr,
u16 proto,

                 const u8 *buf, size_t len);

/* L2重叠packet发送函数,wpa_supplicant用此发送L2层 802.1X packet  */

 

static void l2_packet_receive(int sock, void *eloop_ctx, void
*sock_ctx);

/*  L2交汇packet接收函数,接收来自L2层数据后,将那个发送到上层  */

4. Control interface commands

       PING

       MIB

       STATUS

       STATUS-VERBOSE

       PMKSA

       SET <variable> <valus>

       LOGON

       LOGOFF

       REASSOCIATE

       RECONNECT

       PREAUTH <BSSID>

       ATTACH

       DETACH

       LEVEL <debug level>

       RECONFIGURE

       TERMINATE

       BSSID <network id> <BSSID>

       LIST_NETWORKS

       DISCONNECT

       SCAN

       SCAN_RESULTS

       BSS

       SELECT_NETWORK <network id>

       ENABLE_NETWORK <network id>

       DISABLE_NETWORK <network id>

       ADD_NETWORK

       REMOVE_NETWORK <network id>

       SET_NETWORK <network id> <variable> <value>

       GET_NETWORK <network id> <variable>

       SAVE_CONFIG

正文译至:https://wiki.archlinux.org/index.php/WPA_Supplicant_%28%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%29

wpa_supplicant 是超过平台的
WPAsupplicant,支持
WEP, WPA 和 WPA2 (IEEE
802.11i / RSN (Robust Secure
Network)). 可以在桌面、笔记本甚至嵌入式系统遭到应用。

wpa_supplicant 是在客户端采用的 IEEE 802.1X/WPA 组件, 支持和 WPA
Authenticator 的相,控制漫游和无线驱动的 IEEE 802.11 验证和干。 

安装


官方软件仓库
中安装软件包 wpa_supplicant。

此外软件包 wpa_supplicant_gui
提供了图形界面wpa_gui。 

启动

本节介绍启动wpa_supplicant的常用方法,选择一个极端符合你的。

systemd

wpa_supplicant提供多种劳务之文本:

  • wpa_supplicant.service
    使用 D-Bus,
    推荐 NetworkManager 的用户.
  • wpa_supplicant@.service
    接受接口名作为参数,并也该接口启动wpa_supplicant守护进程。它读取/etc/wpa_supplicant/wpa_supplicant-interface.conf的布置文件
  • wpa_supplicant-nl80211@.service
     也是接口特定的,但明显强制nl80211驱动程序 (见下文).
    配置文件路径是/etc/wpa_supplicant/wpa_supplicant-nl80211-interface.conf
  • wpa_supplicant-wired@.service – 也是接口特定的, 使用 wired 驱动.
    配置文件路径是/etc/wpa_supplicant/wpa_supplicant-wired-interface.conf

dhcpcd

dhcpcd包含了一个钩子(默认为启用)来机关启动相应无线接口的wpa_supplicant。它只于如下情况下启动:

  • 没有wpa_supplicant进程在拖欠接口在监听。
  • 存在一个wpa_supplicant的配置文件。dhcpcd 默认检查
    /etc/wpa_supplicant.conf 和
    /etc/wpa_supplicant/wpa_supplicant.conf,但得由此在/etc/dhcpcd.conf设置env
    wpa_supplicant_conf=configuration_file_path来添加于定义路径。

手动

wpa_supplicant接受多只令执行参数,特别是:

  • -B – 在后台执行
  • -c 文件名 -路径配置文件
  • -i 接口 – 监听的接口

至于整体的参数列表,参考 man 8 wpa_supplicant。例如,常见的用法是:

# wpa_supplicant -B -i interface -c configuration_file

配置

wpa_supplicant提供了一个参阅布局文件/etc/wpa_supplicant/wpa_supplicant.conf,其中饱含
了独具可用之选项及其用法及例子的详细文档。考虑优先把她备份起来,因为下面描述的自发性抬高网络布局到wpa_supplicant.conf的点子下删除
了文本中的有所注释。

在那个最简易的花样中,一个布置文件,只待一个网部署块。例如:

/etc/wpa_supplicant/foobar.conf

network={
    ssid="..."
}

若是你出一个布局文件,如前节所述,就可以启动wpa_supplicant守护进程,并使一个静态IP或DHCP连接到无线网络。

wpa_passphrase

纱布局好采用wpa_passphrase工具自动生成并上加至布置文件被。这当连续至用密码的安康网络时凡实用的。例如:

$ wpa_passphrase essid passphrase

network={
    ssid="essid"
    #psk="passphrase"
    psk=f5d1c49e15e679bebe385c37648d4141bc5c9297796a8a185d7bc5ac62f954e3
}

一些十分复杂的口令可能需要由文本输入:

$ wpa_passphrase essid < passphrase.txt

提示:wpa_supplicant和wpa_passphrase可以组合起来关联到几乎所有的WPA2(个人)网络:

# wpa_supplicant -B -i interface -c <(wpa_passphrase essid passphrase)

指定驱动

您可能要指定一个使来运。关于支持的驱动程序的列表,请参考wpa_supplicant
-h的出口结果。

  • nl80211 是当前的正儿八经,但无是怀有的无线芯片的模块支持。
  • wext 目前就不合时宜,但准赢得大规模支持。

使用 -D 开关来指定驱动:

# wpa_supplicant -B -i interface -c configuration_file -D driver

使用 wpa_cli

wpa_supplicant可以经过以wpa_cli命令,在运转时手动进行支配。要启用wpa_cli,wpa_supplicant守护上
程必须吃安排为通过在wpa_supplicant的安排文件(默认位置:/etc/wpa_supplicant
/wpa_supplicant.conf)设置ctrl_interface变量来创造一个“控制接口”(套接字)。

用户为以需经过点名可以拜它的组来获准访问该套接字。一个新的组或者为这个于创造,并且用户增长到它,或早已存在的组好下

  • 通常是 wheel。

脚的安装以在/run/wpa_supplicant/中开创套接字并同意wheel组的分子进行访问:

ctrl_interface=DIR=/run/wpa_supplicant GROUP=wheel

可以经过wpa_cli修改的wpa_supplicant配置文件自身。这当手动添加新的纱交布置文件,而无需更起动wpa_supplicant守护进程时凡立竿见影之。为了贯彻就同对象,在布局文件中安装update_config变量设置也1:

update_config=1

在wpa_cli开始前,wpa_supplicant守护进程要处于运行状态。(见#Starting了解详情)。然后启动

$ wpa_cli

它们会招来配置文件被加以位置的操纵套接字,位置也可采取p选项手动设置)。您得应用-i选项配置的接口,不然的话将下wpa_supplicant所管理之第一独给找到的无线接口。

当wpa_cli为调用时,将起交互式提示称(>)。提示包括tab
补全和早已好命令的证明。

使用wpa_cli添加一个新的网络

环视可用网络,在>提示称之后输入“scan”。在围观完后将展示通知:

> scan
OK
<3>CTRL-EVENT-SCAN-RESULTS
>

下一场输入 “scan_results” 来展示结果:

> scan_results
bssid / frequency / signal level / flags / ssid
00:00:00:00:00:00 2462 -49 [WPA2-PSK-CCMP][ESS] MYSSID
11:11:11:11:11:11 2437 -64 [WPA2-PSK-CCMP][ESS] ANOTHERSSID
>

为与MYSSID相关联,需要告诉wpa_supplicant。在配备文件被的逐条网络是为散始发遵循数值进行索引。如果你加加了一个初的网络,它见面让相应地分配一个初数字。

> add_network
0
>

运用这个数字来指定你的设置使用到谁网络。对于一个初的大网,在引号里装其SSID:

> set_network 0 ssid "MYSSID"
OK
>

即你的无线连接抱点没有为保障,cli也显式地欲一个PSK,同样在引号内。密码必须是8-63只字符:

> set_network 0 psk "passkey"
OK
>

使能:

> enable_network 0
OK
>

拿修改写副配置文件:

> save_config
OK
>

动作脚本

wpa_cli可以在后台模式下运行,并执行因wpa_supplicant事件之指定脚本。可以支撑有限类事件:连接和断开。一些环境变量可用于脚本,细节要参见man
8wpa_cli。

脚的例证将应用桌面通知,通知有关事件的用户:

#!/bin/bash

case "$2" in
    CONNECTED)
        notify-send "WPA supplicant: connection established";
        ;;
    DISCONNECTED)
        notify-send "WPA supplicant: connection lost";
        ;;
esac

切记修改剧本为可尽,然后采用-a来传递脚本路径为wpa_cli:

$ wpa_cli -a path_to_script

另外请求参见

  • Kernel.org wpa_supplicant
    documentation

 

 

 

当下可行使wireless-tools 或wpa_supplicant工具来安排无线网络。请牢记要之某些是,对无线网络的配备是全局性的,而不对实际的接口。

wpa_supplicant是一个于好之精选,但缺点是它不支持所有的驱动。请浏览wpa_supplicant网站获得它所支撑之让列表。另外,wpa_supplicant目前只能连续到那些你已经安排好ESSID的无线网络。wireless-tools支持几乎拥有的无线网卡和让,但它不能够连接受那些单纯支持WPA的AP。

透过编译后底wpa_supplicant源程序可以看个别单重要的只是实施工具:wpa_supplicant和wpa_cli。wpa_supplicant是核心程序,它与wpa_cli的涉就是服务以及客户端的干:后台运行wpa_supplicant,使用wpa_cli来查找、设置、和连接网络。

如何用wpa_supplicant使能一个wifi连接?

Step by step:

1、运行wpa_supplicant程序;

执行:/system/bin/wpa_supplicant -d -Dwext -iwlan0
-c/data/misc/wifi/wpa_supplicant.conf

其中:

-d :增加调试信息

-Dwext :wext,驱动名称

-iwlan0 :wlan0,网络接口名称

/system/bin/wpa_supplicant :wpa_supplicant可执行程序path

/data/misc/wifi/wpa_supplicant.conf :wpa_supplicant的配备文件path

2、运行命令行工具wpa_cli ;

执行:wpa_cli -iwlan0
-p/data/system/wpa_supplicant

注,-p/data/system/wpa_supplicant中的wpa_supplicant并无是可执行程序,而是只控制套接字。

此时会进去相互模式。其中交互模式之授命如下表:

Full command

Short command

Description

status

stat

displays the current connection status

disconnect

disc

prevents wpa_supplicant from connecting to any access point

quit

q

exits wpa_cli

terminate

term

kills wpa_supplicant

reconfigure

recon

reloads wpa_supplicant with the configuration file supplied (-c parameter)

scan

scan

scans for available access points (only scans it, doesn’t display anything)

scan_result

scan_r

displays the results of the last scan

list_networks

list_n

displays a list of configured networks and their status (active or not, enabled or disabled)

select_network

select_n

select a network among those defined to initiate a connection (ie select_network 0)

enable_network

enable_n

makes a configured network available for selection (ie enable_network 0)

disable_network

disable_n

makes a configured network unavailable for selection (ie disable_network 0)

remove_network

remove_n

removes a network and its configuration from the list (ie remove_network 0)

add_network

add_n

adds a new network to the list. Its id will be created automatically

set_network

set_n

shows a very short list of available options to configure a network when supplied with no parameters.

See next section for a list of extremely useful parameters to be used with set_network and get_network.

get_network

get_n

displays the required parameter for the specified network. See next section for a list of parameters

save_config

save_c

saves the configuration

 

设置网络的中心格式:set_network <network id> <key>
<parameter> [<parameter>]

亮网络信息之主干格式:get_network <network id>
<key>

相应的参数如下表:

Key

Description

Parameters

ssid

Access point name

string

id_str

String identifying the network

string

priority

Connection priority over other APs

number (0 being the default low priority)

bssid

Mac address of the access point

mac address

scan_ssid

Enable/disbale ssid scan

0, 1, 2

key_mgmt

Type of key management

WPA-PSK, WPA_EAP, None

pairwise

Pairwise ciphers for WPA

CCMP, TKIP

group=TKIP

Group ciphers for WPA

CCMP, TKIP, WEP104, WEP40

psk

Pre-Shared Key (clear or encrypted)

string

wep_key0

WEP key (up to 4: wep_key[0123])

string

eap

Extensible Authentication Protocol

MD5, MSCHAPV2, OTP, GTC, TLS, PEAP, TTLS

identity

EAP identity string

string

password

EAP password

string

ca_cert

Pathname to CA certificate file

/full/path/to/certificate

client_cert

Pathname to client certificate

/full/path/to/certificate (PEM/DER)

private_key

Pathname to a client private key file

/full/path/to/private_key (PEM/DER/PFX)

eg.1、连接无加密的AP

>add_network (It will display a
network id for you, assume it returns 0)

>set_network 0 ssid “666”

>set_network 0 key_mgmt
NONE

>enable_network 0

>quit

eg.2、连接WEP加密AP

>add_network (assume return
1)

>set_network 1 ssid “666”

>set_network 1 key_mgmt
NONE

>set_network 1 wep_key0 “your ap
password”

>enable_network 1

eg.3、连接WPA-PSK/WPA2-PSK加密的AP

>add_network (assume return
2)

>set_network 2 ssid “666”

>set_network 2 psk “your pre-shared
key”

>enable_network 2

顶之,wifi模块就能接二连三上AP了。

3、以上是经过命令行工具wpa_cli来落实wifi网络的连接。当然,也堪由此wpa_supplicant的部署文件来兑现连续。

又回首下运行wpa_supplicant时实施之下令:

/system/bin/wpa_supplicant -d -Dwext
-iwlan0 -c/data/misc/wifi/wpa_supplicant.conf

我们于推行时添加了-c/data/misc/wifi/wpa_supplicant.conf,我们好以我们要连的AP的安装为一定的格式写副wpa_supplicant.conf配置文件被即可。

eg.

ctrl_interface=DIR=/data/system/wpa_supplicant
GROUP=system update_config=1

network={

ssid=”my access point”

proto=WPA

key_mgmt=WPA-PSK

psk=”you pass words”

 

 

 

 

相关文章