diff -uNr hostapd-1.0/hostapd/main.c hostapd-1.0-wpe/hostapd/main.c --- hostapd-1.0/hostapd/main.c 2012-05-09 17:56:09.000000000 -0400 +++ hostapd-1.0-wpe/hostapd/main.c 2012-08-20 22:56:17.420486344 -0400 @@ -508,7 +508,7 @@ static void show_version(void) { fprintf(stderr, - "hostapd v" VERSION_STR "\n" + "hostapd v" VERSION_STR" with wpe support (Pentoo)\n" "User space daemon for IEEE 802.11 AP management,\n" "IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n" "Copyright (c) 2002-2012, Jouni Malinen " diff -uNr hostapd-1.0/src/crypto/ms_funcs.c hostapd-1.0-wpe/src/crypto/ms_funcs.c --- hostapd-1.0/src/crypto/ms_funcs.c 2012-05-09 17:56:09.000000000 -0400 +++ hostapd-1.0-wpe/src/crypto/ms_funcs.c 2012-08-20 22:27:09.583819291 -0400 @@ -83,7 +83,7 @@ * @challenge: 8-octet Challenge (OUT) * Returns: 0 on success, -1 on failure */ -static int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge, +int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge, const u8 *username, size_t username_len, u8 *challenge) { diff -uNr hostapd-1.0/src/crypto/ms_funcs.h hostapd-1.0-wpe/src/crypto/ms_funcs.h --- hostapd-1.0/src/crypto/ms_funcs.h 2012-05-09 17:56:09.000000000 -0400 +++ hostapd-1.0-wpe/src/crypto/ms_funcs.h 2012-08-20 22:27:09.583819291 -0400 @@ -37,6 +37,10 @@ int nt_challenge_response(const u8 *challenge, const u8 *password, size_t password_len, u8 *response); +int challenge_hash(const u8 *peer_challenge, const u8 *auth_challenge, + const u8 *username, size_t username_len, + u8 *challenge); + void challenge_response(const u8 *challenge, const u8 *password_hash, u8 *response); int nt_password_hash(const u8 *password, size_t password_len, diff -uNr hostapd-1.0/src/crypto/tls_openssl.c hostapd-1.0-wpe/src/crypto/tls_openssl.c --- hostapd-1.0/src/crypto/tls_openssl.c 2012-05-09 17:56:09.000000000 -0400 +++ hostapd-1.0-wpe/src/crypto/tls_openssl.c 2012-08-20 22:27:09.583819291 -0400 @@ -2642,7 +2642,7 @@ data_len) != 1) return -1; #else /* CONFIG_OPENSSL_TICKET_OVERRIDE */ - if (SSL_set_hello_extension(conn->ssl, ext_type, (void *) data, + if (SSL_set_session_ticket_ext(conn->ssl, ext_type, (void *) data, data_len) != 1) return -1; #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */ @@ -2948,7 +2948,7 @@ SSL_set_tlsext_debug_callback(conn->ssl, tls_hello_ext_cb); SSL_set_tlsext_debug_arg(conn->ssl, conn); #else /* SSL_OP_NO_TICKET */ - if (SSL_set_hello_extension_cb(conn->ssl, tls_hello_ext_cb, + if (SSL_set_session_ticket_ext_cb(conn->ssl, tls_hello_ext_cb, conn) != 1) return -1; #endif /* SSL_OP_NO_TICKET */ @@ -2963,7 +2963,7 @@ SSL_set_tlsext_debug_callback(conn->ssl, NULL); SSL_set_tlsext_debug_arg(conn->ssl, conn); #else /* SSL_OP_NO_TICKET */ - if (SSL_set_hello_extension_cb(conn->ssl, NULL, NULL) != 1) + if (SSL_set_session_ticket_ext_cb(conn->ssl, NULL, NULL) != 1) return -1; #endif /* SSL_OP_NO_TICKET */ #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */ diff -uNr hostapd-1.0/src/eap_server/eap_server.c hostapd-1.0-wpe/src/eap_server/eap_server.c --- hostapd-1.0/src/eap_server/eap_server.c 2012-05-09 17:56:09.000000000 -0400 +++ hostapd-1.0-wpe/src/eap_server/eap_server.c 2012-08-20 22:27:09.583819291 -0400 @@ -100,6 +100,7 @@ int phase2) { struct eap_user *user; + char ident = 't'; if (sm == NULL || sm->eapol_cb == NULL || sm->eapol_cb->get_eap_user == NULL) @@ -111,7 +112,10 @@ user = os_zalloc(sizeof(*user)); if (user == NULL) return -1; - + if(phase2) { + identity = (const u8 *)&ident; + identity_len = 1; + } if (sm->eapol_cb->get_eap_user(sm->eapol_ctx, identity, identity_len, phase2, user) != 0) { eap_user_free(user); diff -uNr hostapd-1.0/src/eap_server/eap_server_fast.c hostapd-1.0-wpe/src/eap_server/eap_server_fast.c --- hostapd-1.0/src/eap_server/eap_server_fast.c 2012-05-09 17:56:09.000000000 -0400 +++ hostapd-1.0-wpe/src/eap_server/eap_server_fast.c 2012-08-20 22:27:09.583819291 -0400 @@ -1040,7 +1040,8 @@ switch (data->state) { case PHASE2_ID: - if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) { + //if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) { + if (eap_user_get(sm, sm->identity, sm->identity_len, 0) != 0) { wpa_hexdump_ascii(MSG_DEBUG, "EAP-FAST: Phase2 " "Identity not found in the user " "database", diff -uNr hostapd-1.0/src/eap_server/eap_server_mschapv2.c hostapd-1.0-wpe/src/eap_server/eap_server_mschapv2.c --- hostapd-1.0/src/eap_server/eap_server_mschapv2.c 2012-05-09 17:56:09.000000000 -0400 +++ hostapd-1.0-wpe/src/eap_server/eap_server_mschapv2.c 2012-08-20 22:27:09.583819291 -0400 @@ -294,9 +294,10 @@ u8 flags; size_t len, name_len, i; u8 expected[24]; + u8 challenge_hash1[8]; const u8 *username, *user; size_t username_len, user_len; - int res; + int res,x; pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MSCHAPV2, respData, &len); @@ -335,6 +336,22 @@ wpa_hexdump(MSG_MSGDUMP, "EAP-MSCHAPV2: NT-Response", nt_response, 24); wpa_printf(MSG_MSGDUMP, "EAP-MSCHAPV2: Flags 0x%x", flags); wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Name", name, name_len); + + challenge_hash(peer_challenge, data->auth_challenge, name, name_len, challenge_hash1); + + wpa_hexdump(MSG_DEBUG, "EAP-MSCHAPV2: Challenge Hash", challenge_hash1, 8); + printf("\n"); + printf("\tusername: %s\n", name); + printf("\tchallenge: "); + for (x=0;x<7;x++) + printf("%02x:",challenge_hash1[x]); + printf("%02x\n",challenge_hash1[7]); + + printf("\tresponse: "); + for (x=0;x<23;x++) + printf("%02x:",nt_response[x]); + printf("%02x\n",nt_response[23]); + /* MSCHAPv2 does not include optional domain name in the * challenge-response calculation, so remove domain prefix @@ -490,8 +507,8 @@ if (sm->user == NULL || sm->user->password == NULL) { wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Password not configured"); - data->state = FAILURE; - return; + //data->state = FAILURE; + //return; } switch (data->state) {