5 files changed, 29 insertions, 26 deletions

diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index 9db577bc0c9..1d2af36c305 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ifconfig.8,v 1.173 2008/12/12 22:09:26 claudio Exp $
+.\"	$OpenBSD: ifconfig.8,v 1.174 2009/02/13 17:24:54 damien Exp $
 .\"	$NetBSD: ifconfig.8,v 1.11 1996/01/04 21:27:29 pk Exp $
 .\"     $FreeBSD: ifconfig.8,v 1.16 1998/02/01 07:03:29 steve Exp $
 .\"
@@ -31,7 +31,7 @@
 .\"
 .\"     @(#)ifconfig.8	8.4 (Berkeley) 6/1/94
 .\"
-.Dd $Mdocdate: December 12 2008 $
+.Dd $Mdocdate: February 13 2009 $
 .Dt IFCONFIG 8
 .Os
 .Sh NAME
@@ -734,7 +734,7 @@ authentication (also known as personal mode) uses a 256-bit pre-shared key.
 authentication (also known as enterprise mode) is meant to be used with
 an external IEEE 802.1X authentication server.
 The default value is
-.Dq psk,802.1x .
+.Dq psk .
 .Dq psk
 can only be used if a pre-shared key is configured using the
 .Cm wpapsk
diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c
index e8a499c0882..3b96b824382 100644
--- a/sbin/ifconfig/ifconfig.c
+++ b/sbin/ifconfig/ifconfig.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ifconfig.c,v 1.211 2009/02/06 22:07:04 grange Exp $	*/
+/*	$OpenBSD: ifconfig.c,v 1.212 2009/02/13 17:24:54 damien Exp $	*/
 /*	$NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $	*/
 
 /*
@@ -1517,7 +1517,7 @@ setifwpaakms(const char *val, int d)
 		if (strcasecmp(str, "psk") == 0)
 			rval |= IEEE80211_WPA_AKM_PSK;
 		else if (strcasecmp(str, "802.1x") == 0)
-			rval |= IEEE80211_WPA_AKM_IEEE8021X;
+			rval |= IEEE80211_WPA_AKM_8021X;
 		else
 			errx(1, "wpaakms: unknown akm: %s", str);
 		str = strtok(NULL, ",");
@@ -1928,7 +1928,7 @@ ieee80211_status(void)
 			fputs("psk", stdout);
 			sep = ",";
 		}
-		if (wpa.i_akms & IEEE80211_WPA_AKM_IEEE8021X)
+		if (wpa.i_akms & IEEE80211_WPA_AKM_8021X)
 			printf("%s802.1x", sep);
 
 		fputs(" wpaciphers ", stdout);
diff --git a/sys/net80211/ieee80211_crypto.c b/sys/net80211/ieee80211_crypto.c
index c6a6a165cbf..64ab098eae5 100644
--- a/sys/net80211/ieee80211_crypto.c
+++ b/sys/net80211/ieee80211_crypto.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ieee80211_crypto.c,v 1.57 2009/01/26 19:09:41 damien Exp $	*/
+/*	$OpenBSD: ieee80211_crypto.c,v 1.58 2009/02/13 17:24:54 damien Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -67,8 +67,7 @@ ieee80211_crypto_attach(struct ifnet *ifp)
 	TAILQ_INIT(&ic->ic_pmksa);
 	if (ic->ic_caps & IEEE80211_C_RSN) {
 		ic->ic_rsnprotos = IEEE80211_PROTO_WPA | IEEE80211_PROTO_RSN;
-		ic->ic_rsnakms = IEEE80211_AKM_PSK | IEEE80211_AKM_SHA256_PSK |
-		    IEEE80211_AKM_8021X | IEEE80211_AKM_SHA256_8021X;
+		ic->ic_rsnakms = IEEE80211_AKM_PSK;
 		ic->ic_rsnciphers = IEEE80211_CIPHER_TKIP |
 		    IEEE80211_CIPHER_CCMP;
 		ic->ic_rsngroupcipher = IEEE80211_CIPHER_TKIP;
diff --git a/sys/net80211/ieee80211_ioctl.c b/sys/net80211/ieee80211_ioctl.c
index 44903e5091f..37f7c6ae01a 100644
--- a/sys/net80211/ieee80211_ioctl.c
+++ b/sys/net80211/ieee80211_ioctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ieee80211_ioctl.c,v 1.29 2009/01/26 19:09:41 damien Exp $	*/
+/*	$OpenBSD: ieee80211_ioctl.c,v 1.30 2009/02/13 17:24:54 damien Exp $	*/
 /*	$NetBSD: ieee80211_ioctl.c,v 1.15 2004/05/06 02:58:16 dyoung Exp $	*/
 
 /*-
@@ -237,15 +237,15 @@ ieee80211_ioctl_setwpaparms(struct ieee80211com *ic,
 
 	ic->ic_rsnakms = 0;
 	if (wpa->i_akms & IEEE80211_WPA_AKM_PSK)
-		ic->ic_rsnakms |=
-		    IEEE80211_AKM_PSK | IEEE80211_AKM_SHA256_PSK;
-	if (wpa->i_akms & IEEE80211_WPA_AKM_IEEE8021X)
-		ic->ic_rsnakms |=
-		    IEEE80211_AKM_8021X | IEEE80211_AKM_SHA256_8021X;
-	if (ic->ic_rsnakms == 0)	/* set to default (PSK+802.1X) */
-		ic->ic_rsnakms =
-		    IEEE80211_AKM_PSK | IEEE80211_AKM_8021X /*|
-		    IEEE80211_AKM_SHA256_PSK | IEEE80211_AKM_SHA256_8021X*/;
+		ic->ic_rsnakms |= IEEE80211_AKM_PSK;
+	if (wpa->i_akms & IEEE80211_WPA_AKM_SHA256_PSK)
+		ic->ic_rsnakms |= IEEE80211_AKM_SHA256_PSK;
+	if (wpa->i_akms & IEEE80211_WPA_AKM_8021X)
+		ic->ic_rsnakms |= IEEE80211_AKM_8021X;
+	if (wpa->i_akms & IEEE80211_WPA_AKM_SHA256_8021X)
+		ic->ic_rsnakms |= IEEE80211_AKM_SHA256_8021X;
+	if (ic->ic_rsnakms == 0)	/* set to default (PSK) */
+		ic->ic_rsnakms = IEEE80211_AKM_PSK;
 
 	if (wpa->i_groupcipher == IEEE80211_WPA_CIPHER_WEP40)
 		ic->ic_rsngroupcipher = IEEE80211_CIPHER_WEP40;
@@ -291,12 +291,14 @@ ieee80211_ioctl_getwpaparms(struct ieee80211com *ic,
 		wpa->i_protos |= IEEE80211_WPA_PROTO_WPA2;
 
 	wpa->i_akms = 0;
-	if (ic->ic_rsnakms &
-	    (IEEE80211_AKM_PSK | IEEE80211_AKM_SHA256_PSK))
+	if (ic->ic_rsnakms & IEEE80211_AKM_PSK)
 		wpa->i_akms |= IEEE80211_WPA_AKM_PSK;
-	if (ic->ic_rsnakms &
-	    (IEEE80211_AKM_8021X | IEEE80211_AKM_SHA256_8021X))
-		wpa->i_akms |= IEEE80211_WPA_AKM_IEEE8021X;
+	if (ic->ic_rsnakms & IEEE80211_AKM_SHA256_PSK)
+		wpa->i_akms |= IEEE80211_WPA_AKM_SHA256_PSK;
+	if (ic->ic_rsnakms & IEEE80211_AKM_8021X)
+		wpa->i_akms |= IEEE80211_WPA_AKM_8021X;
+	if (ic->ic_rsnakms & IEEE80211_AKM_SHA256_8021X)
+		wpa->i_akms |= IEEE80211_WPA_AKM_SHA256_8021X;
 
 	if (ic->ic_rsngroupcipher == IEEE80211_CIPHER_WEP40)
 		wpa->i_groupcipher = IEEE80211_WPA_CIPHER_WEP40;
diff --git a/sys/net80211/ieee80211_ioctl.h b/sys/net80211/ieee80211_ioctl.h
index 9d8db88b3d5..e836b3ee832 100644
--- a/sys/net80211/ieee80211_ioctl.h
+++ b/sys/net80211/ieee80211_ioctl.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ieee80211_ioctl.h,v 1.15 2009/01/26 19:09:41 damien Exp $	*/
+/*	$OpenBSD: ieee80211_ioctl.h,v 1.16 2009/02/13 17:24:54 damien Exp $	*/
 /*	$NetBSD: ieee80211_ioctl.h,v 1.7 2004/04/30 22:51:04 dyoung Exp $	*/
 
 /*-
@@ -205,7 +205,9 @@ struct ieee80211_wpapsk {
 #define IEEE80211_WPA_CIPHER_WEP104	0x10
 
 #define IEEE80211_WPA_AKM_PSK		0x01
-#define IEEE80211_WPA_AKM_IEEE8021X	0x02
+#define IEEE80211_WPA_AKM_8021X		0x02
+#define IEEE80211_WPA_AKM_SHA256_PSK	0x04
+#define IEEE80211_WPA_AKM_SHA256_8021X	0x08
 
 struct ieee80211_wpaparams {
 	char	i_name[IFNAMSIZ];		/* if_name, e.g. "wi0" */