本文介绍了嵌入式ARM-Linux上的常用应用程序wpa_supplicant(以及wpa_supplicant依赖的libnl和openssl)的编译、配置和运行使用,iw、hostapd等应用的编译和使用。
wpa_supplicant 编译和配置运行
从https://w1.fi/wpa_supplicant/ (git地址git://w1.fi/hostap.git)下载最新的wpa_supplicant源码压缩包,目前最新的为版本2.5. wpa_supplicant的编译依赖于openssl和libnl库(Netlink Protocol Library Suite (libnl)),openssl是ssl协议的开源库(OpenSSL , Secure Sockets Layer (SSL v2/v3) Transport Layer Security (TLS v1)).(压缩包地址:http://www.openssl.org/source/ ,Git地址:https://github.com/openssl/openssl ),libnl是网络相关的库(压缩包地址:http://www.infradead.org/~tgr/libnl/ , Git地址 : http://git.infradead.org/users/tgr/libnl.git)。
编译libnl
解压源代码包。进入libnl目录,执行 ./configure 配置编译环境;执行make进行编译
export ARCH=arm
export CROSS_COMPILE=arm-linux-gnueabi-
./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-static &&
make
然后执行sudo make install,libnl.so会被安装至/usr/local/lib/目录下,相应的头文件也会被copy到/usr/local/include/netlink下。
如果报出编译错误:“../include/netlink_local.h:218:error 'ULONG_MAX' undeclared",我们在对应文件添加一个头文件 #include即可解决问题;
编译openssl
进入openssl目录, ./config shared # 一定要加shared, 否则编译出来的是静态库。执行make进行编译,完成后执行make install,编译好的openssl库和头文件等被安装在目录/usr/local/ssl下
export ARCH=arm
export CROSS_COMPILE=arm-linux-gnueabi-
./config --prefix=/usr \
--openssldir=/etc/ssl \
--libdir=lib \
shared \
zlib-dynamic &&
make
If you want to disable installing the static libraries, use this sed:
sed -i 's# libcrypto.a##;s# libssl.a##' Makefile
Now, as the root user:
make MANDIR=/usr/share/man MANSUFFIX=ssl install &&
install -dv -m755 /usr/share/doc/openssl-1.0.2e &&
cp -vfr doc/* /usr/share/doc/openssl-1.0.2e
编译wpa_supplicant
添加修改配置文件
进入wpa_supplicant/wpa_supplicant目录,执行cp defconfig .config 拷贝生成编译配置,然后修改配置文件 .config,
#如果选择的不是libnl的1.0版本,需要根据libnl的版本打开下面的选项
CONFIG_LIBNL32=y
CONFIG_LIBNL20=y 选择libnl的版本
#添加openssl和libnl的头文件和库文件目录,更新编译链接环境变量
CFLAGS += -I/usr/local/ssl/include
CFLAGS += -I/usr/local/include/ libnl3
CFLAGS += -I/usr/local/include/netlink
LIBS += -L/usr/local/ssl/lib
LIBS += -L/usr/local/lib
LIBS_p += -L/usr/local/ssl/lib # 不加此行,编wpa_passphrase出错。
cp defconfig .config
make CC=arm-linux-gnueabi-gcc
make install DESTDIR=/home/export/rootfs
执行make进行编译
成功后生成三个目标文件wpa_supplicant, wpa_cli, wpa_passphrase,至此编译完成。
运行wpa_supplicant
需要保证libssl库在我们的搜索路径里,否则不做处理,会出现找不到libnl, ssl 和crypto库的错误。
./wpa_supplicant
./wpa_supplicant: error while loading shared libraries: libssl.so.1.1.0: cannot open shared object file: No such file or directory
将/usr/local/ssl/lib下的libssl.so.x.x.x 和 libcrypto.so.xxx 拷贝到/lib目录下即可,或者:export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/ssl/lib,或者在/etc/ld.so.conf 文件中添加库的搜索路径。(或者在/etc/ld.so.conf.d 下新建一个.conf文件,将搜索路径一行一个加入).
cp /usr/arm-linux-gnueabi/lib/libnl.so.1.1.4 /home/export/rootfs/lib/
cp /usr/arm-linux-gnueabi/lib/libcrypto.so.1.0.0 /home/export/rootfs/lib/
cp /usr/arm-linux-gnueabi/lib/libssl.so.1.0.0 /home/export/rootfs/lib/
配置wpa_supplicant
wpa_supplicant runs as a daemon and requires a configuration file. Create a file called /etc/wpa_supplicant.conf with the following contents:
network={
ssid="MySSID"
key_mgmt=WPA-PSK
proto=RSN
pairwise=CCMP TKIP
psk="MyPassPhrase"
}
The above file works with both WPA (TKIP) and WPA2 (CCMP/AES). Please insert your access point name at MySSID and your pass phrase at MyPassPhase.
Once configured, wpa_supplicant can be started using:
wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant.conf
编译错误处理
Error#1
#######################################################################
CC ../src/drivers/driver_wired.c
../src/drivers/driver_nl80211.c:25:31: fatal error: netlink/genl/genl.h: No such file or directory
compilation terminated.
make: *** [../src/drivers/driver_nl80211.o] Error 1
#######################################################################
Solution #1
sudo apt-get -y install libssl-dev libnl-3-dev
echo CFLAGS +=-I/usr/include/libnl3/ >> .config
make
Error#2
../src/drivers/driver_nl80211.c:95:9: warning: passing argument 1 of ‘genl_ctrl_alloc_cache’ from incompatible pointer type [enabled by default]
/usr/include/libnl3/netlink/genl/ctrl.h:25:14: note: expected ‘struct nl_sock *’ but argument is of type ‘struct nl_handle *’
../src/drivers/driver_nl80211.c:95:9: error: too few arguments to function ‘genl_ctrl_alloc_cache’
/usr/include/libnl3/netlink/genl/ctrl.h:25:14: note: declared here
Solution #2
sudo apt-get install libnl-genl-3-dev
echo CONFIG_LIBNL32=y >> .config
make
Usage
usage:
wpa_supplicant [-BddhKLqqtvW] [-P] [-g] \
[-G] \
-i-c [-C] [-D] [-p] \
[-b] [-e] \
[-o] [-O] \
[-N -i -c [-C] [-D] \
[-p] [-b] [-I] …]
drivers:
nl80211 = Linux nl80211/cfg80211
wext = Linux wireless extensions (generic)
wired = Wired Ethernet driver
options:
-b = optional bridge interface name
-B = run daemon in the background
-c = Configuration file
-C = ctrl_interface parameter (only used if -c is not)
-i = interface name
-I = additional configuration file
-d = increase debugging verbosity (-dd even more)
-D = driver name (can be multiple drivers: nl80211,wext)
-e = entropy file
-g = global ctrl_interface
-G = global ctrl_interface group
-K = include keys (passwords, etc.) in debug output
-t = include timestamp in debug messages
-h = show this help text
-L = show license (BSD)
-o = override driver parameter for new interfaces
-O = override ctrl_interface parameter for new interfaces
-p = driver parameters
-P = PID file
-q = decrease debugging verbosity (-qq even less)
-v = show version
-W = wait for a control interface monitor before starting
-N = start describing new interface
example:
wpa_supplicant -Dnl80211 -iwlan0 -c/etc/wpa_supplicant.conf
wpa_cli [-pctrl sockets>] [-i] [-hvB] [-a] \
[-P] [-g] [-G] [command..]
-h = help (show this usage text)
-v = shown version information
-a = run in daemon mode executing the action file based on events from
wpa_supplicant
-B = run a daemon in the background
default path: /var/run/wpa_supplicant
default interface: first interface found in socket path
commands:
status [verbose] = get current WPA/EAPOL/EAP status
ifname = get current interface name
ping = pings wpa_supplicant
relog = re-open log-file (allow rolling logs)
note = add a note to wpa_supplicant debug log
mib = get MIB variables (dot1x, dot11)
help [command] = show usage help
interface [ifname] = show interfaces/select interface
level = change debug level
license = show full wpa_cli license
quit = exit wpa_cli
set = set variables (shows list of variables when run without arguments)
get = get information
logon = IEEE 802.1X EAPOL state machine logon
logoff = IEEE 802.1X EAPOL state machine logoff
pmksa = show PMKSA cache
reassociate = force reassociation
preauthenticate = force preauthentication
identity = configure identity for an SSID
password = configure password for an SSID
new_password = change password for an SSID
pin = configure pin for an SSID
otp = configure one-time-password for an SSID
passphrase = configure private key passphrase
for an SSID
sim = report SIM operation result
bssid = set preferred BSSID for an SSID
blacklist = add a BSSID to the blacklist
blacklist clear = clear the blacklist
blacklist = display the blacklist
log_level [] = update the log level/timestamp
log_level = display the current log level and log options
list_networks = list configured networks
select_network = select a network (disable others)
enable_network = enable a network
disable_network = disable a network
add_network = add a network
remove_network = remove a network
set_network = set network variables (shows
list of variables when run without arguments)
get_network = get network variables
list_creds = list configured credentials
add_cred = add a credential
remove_cred = remove a credential
set_cred = set credential variables
save_config = save the current configuration
disconnect = disconnect and wait for reassociate/reconnect command before
connecting
reconnect = like reassociate, but only takes effect if already disconnected
scan = request new BSS scan
scan_results = get latest scan results
bss < | > = get detailed scan result info
get_capability = get capabilies
reconfigure = force wpa_supplicant to re-read its configuration file
terminate = terminate wpa_supplicant
interface_add = adds new interface, all parameters but are optional
interface_remove = removes the interface
interface_list = list available interfaces
ap_scan = set ap_scan parameter
scan_interval = set scan_interval parameter (in seconds)
bss_expire_age = set BSS expiration age parameter
bss_expire_count = set BSS expiration scan count parameter
bss_flush = set BSS flush age (0 by default)
stkstart = request STK negotiation with
ft_ds = request over-the-DS FT with wps_pbc [BSSID] = start Wi-Fi Protected Setup: Push Button Configuration
wps_pin [PIN] = start WPS PIN method (returns PIN, if not hardcoded)
wps_check_pin = verify PIN checksum
wps_cancel Cancels the pending WPS operation
wps_reg = start WPS Registrar to configure an AP
wps_ap_pin [params..] = enable/disable AP PIN
wps_er_start [IP address] = start Wi-Fi Protected Setup External Registrar
wps_er_stop = stop Wi-Fi Protected Setup External Registrar
wps_er_pin = add an Enrollee PIN to External Registrar
wps_er_pbc = accept an Enrollee PBC using External Registrar
wps_er_learn = learn AP configuration
wps_er_set_config = set AP configuration for enrolling
wps_er_config = configure AP
ibss_rsn = request RSN authentication with in IBSS
sta = get information about an associated station (AP)
all_sta = get information about all associated stations (AP)
deauthenticate = deauthenticate a station
disassociate = disassociate a station
chan_switch [sec_channel_offset=] [center_freq1=] [center_freq2=] [bandwidth=] [blocktx] [ht|vht] = CSA parameters
suspend = notification of suspend/hibernate
resume = notification of resume/thaw
drop_sa = drop SA without deauth/disassoc (test command)
roam = roam to the specified BSS
p2p_find [timeout] [type=*] = find P2P Devices for up-to timeout seconds
p2p_stop_find = stop P2P Devices search
p2p_connect [ht40] = connect to a P2P Device
p2p_listen [timeout] = listen for P2P Devices for up-to timeout seconds
p2p_group_remove = remove P2P group interface (terminate group if GO)
p2p_group_add [ht40] = add a new P2P group (local end as GO)
p2p_prov_disc = request provisioning discovery
p2p_get_passphrase = get the passphrase for a group (GO only)
p2p_serv_disc_req = schedule service discovery request
p2p_serv_disc_cancel_req = cancel pending service discovery request
p2p_serv_disc_resp = service discovery response
p2p_service_update = indicate change in local services
p2p_serv_disc_external = set external processing of service discovery
p2p_service_flush = remove all stored service entries
p2p_service_add = add a local service
p2p_service_del [|service] = remove a local service
p2p_reject = reject connection attempts from a specific peer
p2p_invite [peer=addr] = invite peer
p2p_peers [discovered] = list known (optionally, only fully discovered) P2P peers
p2p_peer = show information about known P2P peer
p2p_set = set a P2P parameter
p2p_flush = flush P2P state
p2p_cancel = cancel P2P group formation
p2p_unauthorize
= unauthorize a peer
p2p_presence_req [] [] = request GO presence
p2p_ext_listen [] = set extended listen timing
p2p_remove_client = remove a peer from all groups
sta_autoconnect <0/1> = disable/enable automatic reconnection
tdls_discover = request TDLS discovery with
tdls_setup = request TDLS setup with
tdls_teardown = tear down TDLS with
signal_poll = get signal parameters
pktcnt_poll = get TX/RX packet counters
reauthenticate = trigger IEEE 802.1X/EAPOL reauthentication
raw = Sent unprocessed command
flush = flush wpa_supplicant state
radio_work = radio_work Configuration
Set wpa_supplicant.conf to the following:
You have to change the values according to the response of
# wpa_passphrase .
For WPA-PSK
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
# ap_scan=2 was the one for me you may try 0 or 1 indstead of 2
ap_scan=2
fast_reauth=1
network={
ssid="my_network"
proto=WPA
key_mgmt=WPA-PSK
pairwise=TKIP
group=TKIP
psk="secret_password"
}
For WPA2-Personal
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
ap_scan=1
network={
ssid="my_network"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="secret_password"
}
Bringing up the network card manually
Bring up the network interface with
# ifconfig ath0 up
.
NOTE!
At the moment there is a problem within the madwifi driver or wpa_supplicant passing dhcp. That??s why I use a fixed IP.
There are two patches one for wpa_supllicant (http://hostap.epitest.fi/bugz/show_bug.cgi?id=63) and one for madwifi
(http://article.gmane.org/gmane.linux.drivers.madwifi.devel/1275). Each one is supposed to work.
Change the routes and add the default gateway.
Bringing up the device at boottime (for Gentoo users)
Make a symbolic link# cd /etc/init.d/
# ln -s net.lo net.ath0
Copy wpa_supplicant.conf to /etc/conf.d/wpa_supplicant.
Edit /etc/conf.d/net
#
#net
#
modules=( "wpa_supplicant" )
wpa_supplicant_ath0="-Dmadwifi"modules=( "wpa_supplicant" )
wpa_timeout_ath0=60
config_ath0=("netmask 255.255.255.0")
routes_ath0=("default gw ")
Add net.ath0 to the default runlevel by executing
# rc-update add net.ath0 default
Make sure all needed modules are in /etc/modules.autoload/2.x
iw的编译和配置运行
iw is a new nl80211 (802.11 netlink interface) based CLI configuration utility for wireless devices.
Netlink Protocol Library Suite
Download, cross compile and install the Netlink Protocol libraries:
wget http://www.infradead.org/~tgr/libnl/files/libnl-3.2.24.tar.gz
tar -xzf libnl-3.2.24.tar.gz
cd libnl-3.2.24
./configure --host=arm-linux-gnueabi --prefix=/usr/arm-linux-gnueabi
make
make install
cd include
make install
iw
With the Netlink Protocol Library Suite prerequisite installed, download and build the iw nl80211 based CLI configuration utility:
wget https://www.kernel.org/pub/software/network/iw/iw-3.15.tar.gz
tar -xzf iw-3.15.tar.gz
cd iw-3.15/
export PKG_CONFIG_PATH=/usr/arm-linux-gnueabi/lib/pkgconfig
export CC=arm-linux-gnueabi-gcc
make
Manually install iw and required libraries on your target root-fs:
cp iw /home/export/rootfs/sbin/
cp /usr/arm-linux-gnueabi/lib/libnl-genl-3.so.200 /home/export/rootfs/lib/
cp /usr/arm-linux-gnueabi/lib/libnl-3.so.200 /home/export/rootfs/lib/
And update the dynamic linker run-time bindings on your target:
ldconfig -v
hostapd
hostapd is an 802.11 Access Point and IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator daemon.
Download, extract and build hostapd:
wget http://hostap.epitest.fi/releases/hostapd-2.2.tar.gz
tar -xzf hostapd-2.2.tar.gz
cd hostapd-2.2/hostapd
cp defconfig .config
make CC=arm-linux-gnueabi-gcc
make install DESTDIR=/home/export/rootfs
rfkill is a userspace tool to query the state of the rfkill switches.
Download, extract and build rfkill:
tar -xzf rfkill-0.5.tar.gz
cd rfkill-0.5/
make CC=arm-linux-gnueabi-gcc
)
)
