OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wpa_supplicant?expand=0&rev=24

2009-05-06 16:55:20 +00:00 · 2009-05-06 16:55:20 +00:00 · 864bf8993f
commit 864bf8993f
parent 395b0c09e0
15 changed files with 826 additions and 672 deletions
--- a/411
+++ b/411
@ -1,31 +1,382 @@
-CONFIG_DRIVER_HOSTAP=y
-CONFIG_DRIVER_PRISM54=y
-# CONFIG_DRIVER_HERMES
-# CONFIG_DRIVER_MADWIFI gets dynamically added when needed
-CONFIG_DRIVER_ATMEL=y
-CONFIG_DRIVER_WEXT=y
-#CONFIG_DRIVER_NDISWRAPPER=y
-#CONFIG_DRIVER_IPW=y
-CONFIG_DRIVER_WIRED=y
-CONFIG_WIRELESS_EXTENSION=y
-CONFIG_IEEE8021X_EAPOL=y
-CONFIG_EAP_MD5=y
-CONFIG_MSCHAPV2=y
-CONFIG_EAP_TLS=y
-CONFIG_EAP_PEAP=y
-CONFIG_EAP_TTLS=y
-CONFIG_EAP_GTC=y
-CONFIG_EAP_OTP=y
-CONFIG_EAP_PSK=y
-CONFIG_EAP_PAX=y
-CONFIG_EAP_LEAP=y
-CONFIG_PKCS12=y
-CONFIG_SMARTCARD=y
-CONFIG_CTRL_IFACE=y
-CONFIG_CTRL_IFACE_DBUS=y
-CONFIG_READLINE=y
-#CONFIG_PCSC
-#CONFIG_EAP_SIM
-#CONFIG_EAP_AKA
-CONFIG_DEBUG_FILE=y
+# Example wpa_supplicant build time configuration
+#
+# This file lists the configuration options that are used when building the
+# hostapd binary. All lines starting with # are ignored. Configuration option
+# lines must be commented out complete, if they are not to be included, i.e.,
+# just setting VARIABLE=n is not disabling that variable.
+#
+# This file is included in Makefile, so variables like CFLAGS and LIBS can also
+# be modified from here. In most cases, these lines should use += in order not
+# to override previous values of the variables.

+
+# Uncomment following two lines and fix the paths if you have installed OpenSSL
+# or GnuTLS in non-default location
+#CFLAGS += -I/usr/local/openssl/include
+#LIBS += -L/usr/local/openssl/lib
+
+# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
+# the kerberos files are not in the default include path. Following line can be
+# used to fix build issues on such systems (krb5.h not found).
+#CFLAGS += -I/usr/include/kerberos
+
+# Example configuration for various cross-compilation platforms
+
+#### sveasoft (e.g., for Linksys WRT54G) ######################################
+#CC=mipsel-uclibc-gcc
+#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
+#CFLAGS += -Os
+#CPPFLAGS += -I../src/include -I../../src/router/openssl/include
+#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl
+###############################################################################
+
+#### openwrt (e.g., for Linksys WRT54G) #######################################
+#CC=mipsel-uclibc-gcc
+#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
+#CFLAGS += -Os
+#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \
+#	-I../WRT54GS/release/src/include
+#LIBS = -lssl
+###############################################################################
+
+
+# Driver interface for Host AP driver
+CONFIG_DRIVER_HOSTAP=y
+
+# Driver interface for Agere driver
+#CONFIG_DRIVER_HERMES=y
+# Change include directories to match with the local setup
+#CFLAGS += -I../../hcf -I../../include -I../../include/hcf
+#CFLAGS += -I../../include/wireless
+
+# Driver interface for madwifi driver
+#CONFIG_DRIVER_MADWIFI=y
+# Set include directory to the madwifi source tree
+#CFLAGS += -I../../madwifi
+
+# Driver interface for Prism54 driver
+# (Note: Prism54 is not yet supported, i.e., this will not work as-is and is
+# for developers only)
+CONFIG_DRIVER_PRISM54=y
+
+# Driver interface for ndiswrapper
+CONFIG_DRIVER_NDISWRAPPER=y
+
+# Driver interface for Atmel driver
+CONFIG_DRIVER_ATMEL=y
+
+# Driver interface for old Broadcom driver
+# Please note that the newer Broadcom driver ("hybrid Linux driver") supports
+# Linux wireless extensions and does not need (or even work) with the old
+# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver.
+#CONFIG_DRIVER_BROADCOM=y
+# Example path for wlioctl.h; change to match your configuration
+#CFLAGS += -I/opt/WRT54GS/release/src/include
+
+# Driver interface for Intel ipw2100/2200 driver
+#CONFIG_DRIVER_IPW=y
+
+# Driver interface for Ralink driver
+CONFIG_DRIVER_RALINK=y
+
+# Driver interface for generic Linux wireless extensions
+CONFIG_DRIVER_WEXT=y
+
+# Driver interface for Linux drivers using the nl80211 kernel interface
+CONFIG_DRIVER_NL80211=y
+
+# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
+#CONFIG_DRIVER_BSD=y
+#CFLAGS += -I/usr/local/include
+#LIBS += -L/usr/local/lib
+
+# Driver interface for Windows NDIS
+#CONFIG_DRIVER_NDIS=y
+#CFLAGS += -I/usr/include/w32api/ddk
+#LIBS += -L/usr/local/lib
+# For native build using mingw
+#CONFIG_NATIVE_WINDOWS=y
+# Additional directories for cross-compilation on Linux host for mingw target
+#CFLAGS += -I/opt/mingw/mingw32/include/ddk
+#LIBS += -L/opt/mingw/mingw32/lib
+#CC=mingw32-gcc
+# By default, driver_ndis uses WinPcap for low-level operations. This can be
+# replaced with the following option which replaces WinPcap calls with NDISUIO.
+# However, this requires that WZC is disabled (net stop wzcsvc) before starting
+# wpa_supplicant.
+# CONFIG_USE_NDISUIO=y
+
+# Driver interface for development testing
+#CONFIG_DRIVER_TEST=y
+
+# Driver interface for wired Ethernet drivers
+CONFIG_DRIVER_WIRED=y
+
+# Driver interface for the Broadcom RoboSwitch family
+#CONFIG_DRIVER_ROBOSWITCH=y
+
+# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
+# included)
+CONFIG_IEEE8021X_EAPOL=y
+
+# EAP-MD5
+CONFIG_EAP_MD5=y
+
+# EAP-MSCHAPv2
+CONFIG_EAP_MSCHAPV2=y
+
+# EAP-TLS
+CONFIG_EAP_TLS=y
+
+# EAL-PEAP
+CONFIG_EAP_PEAP=y
+
+# EAP-TTLS
+CONFIG_EAP_TTLS=y
+
+# EAP-FAST
+# Note: Default OpenSSL package does not include support for all the
+# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL,
+# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch)
+# to add the needed functions.
+#CONFIG_EAP_FAST=y
+
+# EAP-GTC
+CONFIG_EAP_GTC=y
+
+# EAP-OTP
+CONFIG_EAP_OTP=y
+
+# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
+#CONFIG_EAP_SIM=y
+
+# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
+CONFIG_EAP_PSK=y
+
+# EAP-PAX
+CONFIG_EAP_PAX=y
+
+# LEAP
+CONFIG_EAP_LEAP=y
+
+# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
+# CONFIG_EAP_AKA=y
+
+# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
+# This requires CONFIG_EAP_AKA to be enabled, too.
+#CONFIG_EAP_AKA_PRIME=y
+
+# Enable USIM simulator (Milenage) for EAP-AKA
+#CONFIG_USIM_SIMULATOR=y
+
+# EAP-SAKE
+CONFIG_EAP_SAKE=y
+
+# EAP-GPSK
+CONFIG_EAP_GPSK=y
+# Include support for optional SHA256 cipher suite in EAP-GPSK
+CONFIG_EAP_GPSK_SHA256=y
+
+# EAP-TNC and related Trusted Network Connect support (experimental)
+CONFIG_EAP_TNC=y
+
+# Wi-Fi Protected Setup (WPS)
+CONFIG_WPS=y
+
+# EAP-IKEv2
+CONFIG_EAP_IKEV2=y
+
+# PKCS#12 (PFX) support (used to read private key and certificate file from
+# a file that usually has extension .p12 or .pfx)
+CONFIG_PKCS12=y
+
+# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
+# engine.
+CONFIG_SMARTCARD=y
+
+# PC/SC interface for smartcards (USIM, GSM SIM)
+# Enable this if EAP-SIM or EAP-AKA is included
+#CONFIG_PCSC=y
+
+# Development testing
+#CONFIG_EAPOL_TEST=y
+
+# Select control interface backend for external programs, e.g, wpa_cli:
+# unix = UNIX domain sockets (default for Linux/*BSD)
+# udp = UDP sockets using localhost (127.0.0.1)
+# named_pipe = Windows Named Pipe (default for Windows)
+# y = use default (backwards compatibility)
+# If this option is commented out, control interface is not included in the
+# build.
+CONFIG_CTRL_IFACE=y
+
+# Include support for GNU Readline and History Libraries in wpa_cli.
+# When building a wpa_cli binary for distribution, please note that these
+# libraries are licensed under GPL and as such, BSD license may not apply for
+# the resulting binary.
+#CONFIG_READLINE=y
+
+# Remove debugging code that is printing out debug message to stdout.
+# This can be used to reduce the size of the wpa_supplicant considerably
+# if debugging code is not needed. The size reduction can be around 35%
+# (e.g., 90 kB).
+#CONFIG_NO_STDOUT_DEBUG=y
+
+# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
+# 35-50 kB in code size.
+#CONFIG_NO_WPA=y
+
+# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to
+# save about 1 kB in code size when building only WPA-Personal (no EAP support)
+# or 6 kB if building for WPA-Enterprise.
+#CONFIG_NO_WPA2=y
+
+# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
+# This option can be used to reduce code size by removing support for
+# converting ASCII passphrases into PSK. If this functionality is removed, the
+# PSK can only be configured as the 64-octet hexstring (e.g., from
+# wpa_passphrase). This saves about 0.5 kB in code size.
+#CONFIG_NO_WPA_PASSPHRASE=y
+
+# Remove AES extra functions. This can be used to reduce code size by about
+# 1.5 kB by removing extra AES modes that are not needed for commonly used
+# client configurations (they are needed for some EAP types).
+#CONFIG_NO_AES_EXTRAS=y
+
+# Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
+# This can be used if ap_scan=1 mode is never enabled.
+#CONFIG_NO_SCAN_PROCESSING=y
+
+# Select configuration backend:
+# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
+#	path is given on command line, not here; this option is just used to
+#	select the backend that allows configuration files to be used)
+# winreg = Windows registry (see win_example.reg for an example)
+CONFIG_BACKEND=file
+
+# Remove configuration write functionality (i.e., to allow the configuration
+# file to be updated based on runtime configuration changes). The runtime
+# configuration can still be changed, the changes are just not going to be
+# persistent over restarts. This option can be used to reduce code size by
+# about 3.5 kB.
+#CONFIG_NO_CONFIG_WRITE=y
+
+# Remove support for configuration blobs to reduce code size by about 1.5 kB.
+#CONFIG_NO_CONFIG_BLOBS=y
+
+# Select program entry point implementation:
+# main = UNIX/POSIX like main() function (default)
+# main_winsvc = Windows service (read parameters from registry)
+# main_none = Very basic example (development use only)
+#CONFIG_MAIN=main
+
+# Select wrapper for operatins system and C library specific functions
+# unix = UNIX/POSIX like systems (default)
+# win32 = Windows systems
+# none = Empty template
+#CONFIG_OS=unix
+
+# Select event loop implementation
+# eloop = select() loop (default)
+# eloop_win = Windows events and WaitForMultipleObject() loop
+# eloop_none = Empty template
+#CONFIG_ELOOP=eloop
+
+# Select layer 2 packet implementation
+# linux = Linux packet socket (default)
+# pcap = libpcap/libdnet/WinPcap
+# freebsd = FreeBSD libpcap
+# winpcap = WinPcap with receive thread
+# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
+# none = Empty template
+#CONFIG_L2_PACKET=linux
+
+# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
+CONFIG_PEERKEY=y
+
+# IEEE 802.11w (management frame protection)
+# This version is an experimental implementation based on IEEE 802.11w/D1.0
+# draft and is subject to change since the standard has not yet been finalized.
+# Driver support is also needed for IEEE 802.11w.
+CONFIG_IEEE80211W=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA)
+# internal = Internal TLSv1 implementation (experimental)
+# none = Empty template
+#CONFIG_TLS=openssl
+
+# Whether to enable TLS/IA support, which is required for EAP-TTLSv1.
+# You need CONFIG_TLS=gnutls for this to have any effect. Please note that
+# even though the core GnuTLS library is released under LGPL, this extra
+# library uses GPL and as such, the terms of GPL apply to the combination
+# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not
+# apply for distribution of the resulting binary.
+#CONFIG_GNUTLS_EXTRA=y
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
+# This is only for Windows builds and requires WMI-related header files and
+# WbemUuid.Lib from Platform SDK even when building with MinGW.
+#CONFIG_NDIS_EVENTS_INTEGRATED=y
+#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
+
+# Add support for DBus control interface
+CONFIG_CTRL_IFACE_DBUS=y
+
+# Add support for loading EAP methods dynamically as shared libraries.
+# When this option is enabled, each EAP method can be either included
+# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
+# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
+# be loaded in the beginning of the wpa_supplicant configuration file
+# (see load_dynamic_eap parameter in the example file) before being used in
+# the network blocks.
+#
+# Note that some shared parts of EAP methods are included in the main program
+# and in order to be able to use dynamic EAP methods using these parts, the
+# main program must have been build with the EAP method enabled (=y or =dyn).
+# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
+# unless at least one of them was included in the main build to force inclusion
+# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
+# in the main build to be able to load these methods dynamically.
+#
+# Please also note that using dynamic libraries will increase the total binary
+# size. Thus, it may not be the best option for targets that have limited
+# amount of memory/flash.
+#CONFIG_DYNAMIC_EAP_METHODS=y
+
+# Include client MLME (management frame processing).
+# This can be used to move MLME processing of Linux mac80211 stack into user
+# space. Please note that this is currently only available with
+# driver_nl80211.c and only with a modified version of Linux kernel and
+# wpa_supplicant.
+#CONFIG_CLIENT_MLME=y
+
+# IEEE Std 802.11r-2008 (Fast BSS Transition)
+#CONFIG_IEEE80211R=y
+
+# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
+#CONFIG_DEBUG_FILE=y
+
+# Enable privilege separation (see README 'Privilege separation' for details)
+#CONFIG_PRIVSEP=y
+
+# Enable mitigation against certain attacks against TKIP by delaying Michael
+# MIC error reports by a random amount of time between 0 and 60 seconds
+#CONFIG_DELAYED_MIC_ERROR_REPORT=y
--- a/wpa_supplicant-0.6.4.tar.bz2
+++ b/wpa_supplicant-0.6.4.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3690117bc4d9160ae9414bb72e2d76e10d8073a0977e6c6ba2eb4a352bf38114
-size 776742
--- a/wpa_supplicant-0.6.9.tar.bz2
+++ b/wpa_supplicant-0.6.9.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:443a04570db108521c3aaebd371daae8970089d90da9c08828109e8ef20ad906
+size 889846
--- a/wpa_supplicant-dont_report_empty_initial_scan.patch
+++ b/wpa_supplicant-dont_report_empty_initial_scan.patch
@ -1,39 +0,0 @@
-From: Dan Nicholson <dbn.lists@gmail.com>
-Date: Wed, 24 Sep 2008 09:51:08 +0000 (+0300)
-Subject: Don't post scan results when initial scan is emtpy
-X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=23e072374ea500002b8beec5d0e87f9fc6a7609c;hp=2064c2f98515016c376f3b69bfe161c85639e764
-
-Don't post scan results when initial scan is emtpy
-
-When the initial scan is made, just the cached results from the driver
-are used. If this is empty, it's useless to post the results since
-another scan is being scheduled immediately. This just causes extra
-processing from listeners for no gain.
---
-
-diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
-index 0f9b338..04e3152 100644
--- a/wpa_supplicant/events.c
-+++ b/wpa_supplicant/events.c
-@@ -551,9 +551,18 @@ static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s)
- 		goto req_scan;
- 	}
- 
-	wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
-
-	wpa_supplicant_dbus_notify_scan_results(wpa_s);
-+	/*
-+	 * Don't post the results if this was the initial cached
-+	 * and there were no results.
-+	 */
-+	if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1 &&
-+	    wpa_s->scan_res->num == 0) {
-+		wpa_msg(wpa_s, MSG_DEBUG, "Cached scan results are "
-+			"empty - not posting");
-+	} else {
-+		wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
-+		wpa_supplicant_dbus_notify_scan_results(wpa_s);
-+	}
- 
- 	if (wpa_s->conf->ap_scan == 2 || wpa_s->disconnected)
- 		return;
--- a/wpa_supplicant-driver-wext-debug.patch
+++ b/wpa_supplicant-driver-wext-debug.patch
@ -1,121 +1,143 @@
--- BUILD/wpa_supplicant-0.6.4/src/drivers/driver_wext.c
-+++ BUILD/wpa_supplicant-0.6.4/src/drivers/driver_wext.c
-@@ -2174,20 +2174,32 @@
+diff -ur BUILD/wpa_supplicant-0.6.8/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.8/src/drivers/driver_wext.c
+--- BUILD/wpa_supplicant-0.6.8/src/drivers/driver_wext.c	2009-02-15 19:00:00.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.8/src/drivers/driver_wext.c	2009-03-06 10:29:08.000000000 +0100
+@@ -2055,19 +2055,26 @@
+ 	 * SIOCSIWENCODE here.
 	 */
 	if (drv->auth_alg_fallback &&
- 	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because auth_alg_fallback failed", __FUNCTION__);
+-	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
+	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because auth_alg_fallback failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 
 	if (!params->bssid &&
- 	    wpa_driver_wext_set_bssid(drv, NULL) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
+-	    wpa_driver_wext_set_bssid(drv, NULL) < 0)
+	    wpa_driver_wext_set_bssid(drv, NULL) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 
- 	if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_mode failed", __FUNCTION__);
- 		ret = -1;
-+}
 	/* TODO: should consider getting wpa version and cipher/key_mgmt suites
 	 * from configuration, not from here, where only the selected suite is
 	 * available */
 	if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
- 	    < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_gen_ie failed", __FUNCTION__);
+-	    < 0)
+	    < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_gen_ie failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
+
 	if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
 		value = IW_AUTH_WPA_VERSION_DISABLED;
 	else if (params->wpa_ie[0] == WLAN_EID_RSN)
-@@ -2196,26 +2208,41 @@
+@@ -2075,27 +2082,41 @@
+ 	else
 		value = IW_AUTH_WPA_VERSION_WPA;
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_WPA_VERSION, value) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(WPA_VERSION) failed", __FUNCTION__);
+-					   IW_AUTH_WPA_VERSION, value) < 0)
+					   IW_AUTH_WPA_VERSION, value) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(WPA_VERSION) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
+
 	value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_CIPHER_PAIRWISE, value) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_PAIRWISE) failed", __FUNCTION__);
+-					   IW_AUTH_CIPHER_PAIRWISE, value) < 0)
+					   IW_AUTH_CIPHER_PAIRWISE, value) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_PAIRWISE) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
+
 	value = wpa_driver_wext_cipher2wext(params->group_suite);
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_CIPHER_GROUP, value) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_GROUP) failed", __FUNCTION__);
+-					   IW_AUTH_CIPHER_GROUP, value) < 0)
+					   IW_AUTH_CIPHER_GROUP, value) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_GROUP) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
+
 	value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_KEY_MGMT, value) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(KEY_MGMT) failed", __FUNCTION__);
+-					   IW_AUTH_KEY_MGMT, value) < 0)
+					   IW_AUTH_KEY_MGMT, value) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(KEY_MGMT) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
+
 	value = params->key_mgmt_suite != KEY_MGMT_NONE ||
 		params->pairwise_suite != CIPHER_NONE ||
 		params->group_suite != CIPHER_NONE ||
 		params->wpa_ie_len;
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_PRIVACY_INVOKED, value) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(PRIVACY_INVOKED) failed", __FUNCTION__);
+-					   IW_AUTH_PRIVACY_INVOKED, value) < 0)
+					   IW_AUTH_PRIVACY_INVOKED, value) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(PRIVACY_INVOKED) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 
 	/* Allow unencrypted EAPOL messages even if pairwise keys are set when
 	 * not using WPA. IEEE 802.1X specifies that these frames are not
-@@ -2231,7 +2258,11 @@
+@@ -2106,12 +2127,18 @@
+ 	else
+ 		allow_unencrypted_eapol = 1;
+ 
+-	if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
+	if (wpa_driver_wext_set_psk(drv, params->psk) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_psk failed", __FUNCTION__);
+ 		ret = -1;
+	}
+
 	if (wpa_driver_wext_set_auth_param(drv,
 					   IW_AUTH_RX_UNENCRYPTED_EAPOL,
- 					   allow_unencrypted_eapol) < 0)
-		ret = -1;
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__);
-+                ret = -1;
-+}
+-					   allow_unencrypted_eapol) < 0)
+					   allow_unencrypted_eapol) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__);
+ 		ret = -1;
+	}
 +
- #ifdef WEXT_MFP_PENDING
 #ifdef CONFIG_IEEE80211W
 	switch (params->mgmt_frame_protection) {
-@@ -2250,12 +2281,21 @@
+ 	case NO_MGMT_FRAME_PROTECTION:
+@@ -2124,16 +2151,26 @@
+ 		value = IW_AUTH_MFP_REQUIRED;
+ 		break;
+ 	};
+-	if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
+	if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(IW_AUTH_MFP) failed", __FUNCTION__);
+ 		ret = -1;
+	}
 #endif /* CONFIG_IEEE80211W */
- #endif /* WEXT_MFP_PENDING */
- 	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__);
+-	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
+	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__);
 		ret = -1;
-+}
- 	if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_ssid failed", __FUNCTION__);
+-	if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
+	}
+
+	if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_ssid failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
+
 	if (params->bssid &&
- 	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
-+{
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid2 failed", __FUNCTION__);
+-	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
+	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0) {
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 
 	return ret;
 }
-@@ -2280,6 +2320,8 @@
+@@ -2158,6 +2195,10 @@
 	res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
 					     algs);
 	drv->auth_alg_fallback = res == -2;
-+if (res == -2)
-+wpa_printf(MSG_DEBUG, "%s: falling back to ENCODE for AUTH", __FUNCTION__);
+
+	if (res == -2)
+		wpa_printf(MSG_DEBUG, "%s: falling back to ENCODE for AUTH", __FUNCTION__);
+
 	return res;
 }
 
--- a/wpa_supplicant-fix_ap_ordering.patch
+++ b/wpa_supplicant-fix_ap_ordering.patch
@ -1,21 +0,0 @@
-diff -ur BUILD/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c BUILD2/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c
--- BUILD/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c	2008-08-10 19:33:12.000000000 +0200
-+++ BUILD2/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c	2009-01-28 14:01:42.000000000 +0100
-@@ -125,10 +125,13 @@
- 		return -1;
- 
- 	/* best/max rate preferred if signal level close enough XXX */
-	maxrate_a = wpa_scan_get_max_rate(wa);
-	maxrate_b = wpa_scan_get_max_rate(wb);
-	if (maxrate_a != maxrate_b && abs(wb->level - wa->level) < 5)
-		return maxrate_b - maxrate_a;
-+	if ( (wb->level != 0 && wa->level != 0 && abs(wb->level - wa->level) < 5) ||
-+	     (abs(wb->qual - wa->qual) < 10) ) {
-+		maxrate_a = wpa_scan_get_max_rate(wa);
-+		maxrate_b = wpa_scan_get_max_rate(wb);
-+		if (maxrate_a != maxrate_b)
-+			return maxrate_b - maxrate_a;
-+	}
- 
- 	/* use freq for channel preference */
- 
--- a/wpa_supplicant-fix_set_mode.patch
+++ b/wpa_supplicant-fix_set_mode.patch
@ -1,149 +0,0 @@
-From: Dan Williams <dcbw@redhat.com>
-Date: Mon, 29 Sep 2008 13:45:49 +0000 (+0300)
-Subject: Add an optional set_mode() driver_ops handler for setting mode before keys
-X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=ec5f180a24cd31ba9d3d7f2abc9dc557fd16602f;hp=1a647aaa691d91c4a5ffccce09291592c4340062
-
-Add an optional set_mode() driver_ops handler for setting mode before keys
-
-A bug just got reported as a result of this for mac80211 drivers.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=459399
-
-The basic problem is that since taking the device down clears the keys
-from the driver on many mac80211-based cards, and since the mode gets
-set _after_ the keys have been set in the driver, the keys get cleared
-on a mode switch and the resulting association is wrong.  The report is
-about ad-hoc mode specifically, but this could happen when switching
-from adhoc back to managed mode.
---
-
-diff --git a/src/drivers/driver.h b/src/drivers/driver.h
-index 70dc075..77a2ceb 100644
--- a/src/drivers/driver.h
-+++ b/src/drivers/driver.h
-@@ -929,6 +929,20 @@ struct wpa_driver_ops {
- 	 * Returns: 0 on success, -1 on failure
- 	 */
- 	int (*set_probe_req_ie)(void *, const u8 *ies, size_t ies_len);
-+
-+ 	/**
-+	 * set_mode - Request driver to set the operating mode
-+	 * @priv: private driver interface data
-+	 * @mode: Operation mode (infra/ibss) IEEE80211_MODE_*
-+	 *
-+	 * This handler will be called before any key configuration and call to
-+	 * associate() handler in order to allow the operation mode to be
-+	 * configured as early as possible. This information is also available
-+	 * in associate() params and as such, some driver wrappers may not need
-+	 * to implement set_mode() handler.
-+	 * Returns: 0 on success, -1 on failure
-+	 */
-+	int (*set_mode)(void *priv, int mode);
- };
- 
- /**
-diff --git a/src/drivers/driver_ndis.c b/src/drivers/driver_ndis.c
-index da4f90f..f55bd2e 100644
--- a/src/drivers/driver_ndis.c
-+++ b/src/drivers/driver_ndis.c
-@@ -2829,5 +2829,7 @@ const struct wpa_driver_ops wpa_driver_ndis_ops = {
- 	NULL /* mlme_remove_sta */,
- 	NULL /* update_ft_ies */,
- 	NULL /* send_ft_action */,
-	wpa_driver_ndis_get_scan_results
-+	wpa_driver_ndis_get_scan_results,
-+	NULL /* set_probe_req_ie */,
-+	NULL /* set_mode */
- };
-diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
-index 98dddd6..a207363 100644
--- a/src/drivers/driver_nl80211.c
-+++ b/src/drivers/driver_nl80211.c
-@@ -2226,8 +2226,6 @@ static int wpa_driver_nl80211_associate(
- 	    wpa_driver_nl80211_set_bssid(drv, NULL) < 0)
- 		ret = -1;
- 
-	if (wpa_driver_nl80211_set_mode(drv, params->mode) < 0)
-		ret = -1;
- 	/* TODO: should consider getting wpa version and cipher/key_mgmt suites
- 	 * from configuration, not from here, where only the selected suite is
- 	 * available */
-@@ -2859,6 +2857,7 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
- 	.get_scan_results2 = wpa_driver_nl80211_get_scan_results,
- 	.deauthenticate = wpa_driver_nl80211_deauthenticate,
- 	.disassociate = wpa_driver_nl80211_disassociate,
-+	.set_mode = wpa_driver_nl80211_set_mode,
- 	.associate = wpa_driver_nl80211_associate,
- 	.set_auth_alg = wpa_driver_nl80211_set_auth_alg,
- 	.init = wpa_driver_nl80211_init,
-diff --git a/src/drivers/driver_test.c b/src/drivers/driver_test.c
-index 5c6e6f1..7f7f129 100644
--- a/src/drivers/driver_test.c
-+++ b/src/drivers/driver_test.c
-@@ -982,5 +982,6 @@ const struct wpa_driver_ops wpa_driver_test_ops = {
- 	NULL /* update_ft_ies */,
- 	NULL /* send_ft_action */,
- 	wpa_driver_test_get_scan_results2,
-	NULL /* set_probe_req_ie */
-+	NULL /* set_probe_req_ie */,
-+	NULL /* set_mode */
- };
-diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c
-index 6b7f1a7..a618a74 100644
--- a/src/drivers/driver_wext.c
-+++ b/src/drivers/driver_wext.c
-@@ -2206,11 +2206,6 @@ int wpa_driver_wext_associate(void *priv,
- 	    wpa_driver_wext_set_bssid(drv, NULL) < 0)
- 		ret = -1;
- 
-	if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
-{
-wpa_printf(MSG_DEBUG, "%s: assoc failed because set_mode failed", __FUNCTION__);
-		ret = -1;
-}
- 	/* TODO: should consider getting wpa version and cipher/key_mgmt suites
- 	 * from configuration, not from here, where only the selected suite is
- 	 * available */
-@@ -2782,6 +2780,7 @@ const struct wpa_driver_ops wpa_driver_wext_ops = {
- 	.get_scan_results2 = wpa_driver_wext_get_scan_results,
- 	.deauthenticate = wpa_driver_wext_deauthenticate,
- 	.disassociate = wpa_driver_wext_disassociate,
-+	.set_mode = wpa_driver_wext_set_mode,
- 	.associate = wpa_driver_wext_associate,
- 	.set_auth_alg = wpa_driver_wext_set_auth_alg,
- 	.init = wpa_driver_wext_init,
-diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
-index 4c9482f..a36c65b 100644
--- a/wpa_supplicant/wpa_supplicant.c
-+++ b/wpa_supplicant/wpa_supplicant.c
-@@ -937,6 +937,11 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
- 	 * previous association. */
- 	wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
- 
-+	if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
-+		wpa_printf(MSG_WARNING, "Failed to set operating mode");
-+		assoc_failed = 1;
-+	}
-+
- #ifdef IEEE8021X_EAPOL
- 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
- 		if (ssid->leap) {
-diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
-index a2e3dd5..9afae2a 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
-+++ b/wpa_supplicant/wpa_supplicant_i.h
-@@ -448,6 +448,14 @@ static inline int wpa_drv_set_wpa(struct wpa_supplicant *wpa_s, int enabled)
- 	return 0;
- }
- 
-+static inline int wpa_drv_set_mode(struct wpa_supplicant *wpa_s, int mode)
-+{
-+	if (wpa_s->driver->set_mode) {
-+		return wpa_s->driver->set_mode(wpa_s->drv_priv, mode);
-+	}
-+	return 0;
-+}
-+
- static inline int wpa_drv_associate(struct wpa_supplicant *wpa_s,
- 				    struct wpa_driver_associate_params *params)
- {
--- a/wpa_supplicant-gcc44.patch
+++ b/wpa_supplicant-gcc44.patch
@ -1,30 +0,0 @@
--- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/networkconfig.cpp	2008-08-10 17:33:12.000000000 +0000
-+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp	2009-03-01 15:57:45.000000000 +0000
-@@ -12,6 +12,7 @@
-  * See README and COPYING for more details.
-  */
- 
-+#include <stdio.h>
- #include <QMessageBox>
- 
- #include "networkconfig.h"
--- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/scanresults.cpp	2008-08-10 17:33:12.000000000 +0000
-+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/scanresults.cpp	2009-03-01 15:57:29.000000000 +0000
-@@ -12,6 +12,7 @@
-  * See README and COPYING for more details.
-  */
- 
-+#include <stdio.h>
- #include "scanresults.h"
- #include "wpagui.h"
- #include "networkconfig.h"
--- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/wpagui.cpp	2008-08-10 17:33:12.000000000 +0000
-+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/wpagui.cpp	2009-03-01 15:57:08.000000000 +0000
-@@ -20,6 +20,7 @@
- #include <QMessageBox>
- #include <QCloseEvent>
- 
-+#include <stdio.h>
- #include "wpagui.h"
- #include "dirent.h"
- #include "wpa_ctrl.h"
--- a/wpa_supplicant-hide_secrets-2.patch
+++ b/wpa_supplicant-hide_secrets-2.patch
@ -1,60 +0,0 @@
-iff -ur BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c BUILD2/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c
--- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c	2008-08-10 19:33:12.000000000 +0200
-+++ BUILD2/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c	2008-12-08 15:36:59.000000000 +0100
-@@ -798,6 +798,8 @@
- 	int id;
- 	struct wpa_ssid *ssid;
- 	char *name, *value;
-+	int show_value = 1;
-+	const char *nokey = "[REMOVED]";
- 
- 	/* cmd: "<network id> <variable name> <value>" */
- 	name = os_strchr(cmd, ' ');
-@@ -805,6 +807,15 @@
- 		return -1;
- 	*name++ = '\0';
- 
-+	/* Only show passwords and keys if requested */
-+	if (!strncmp (name, "wep_key", 7)
-+			|| !strncmp (name, "psk", 3)
-+			|| !strncmp (name, "password", 8)
-+			|| !strncmp (name, "pin", 3)
-+			|| !strncmp (name, "private_key_passwd", 18)) {
-+		show_value = wpa_s->global->params.wpa_debug_show_keys;
-+	}
-+
- 	value = os_strchr(name, ' ');
- 	if (value == NULL)
- 		return -1;
-@@ -1346,6 +1358,19 @@
- 	    os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
- 		wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
- 				      (const u8 *) buf, os_strlen(buf));
-+	} else if (strncmp(buf, "SET_NETWORK ", 12) == 0) {
-+		/* Check for forbidden material here too */
-+		if (strstr (buf, " wep_key")
-+				|| strstr (buf, " psk ")
-+				|| strstr (buf, " password ")
-+				|| strstr (buf, " pin ")
-+				|| strstr (buf, " private_key_passwd ")) {
-+			wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
-+				      (const u8 *) buf, os_strlen(buf));
-+		} else {
-+			wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface",
-+					  (const u8 *) buf, os_strlen(buf));
-+		}
- 	} else {
- 		wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface",
- 				  (const u8 *) buf, os_strlen(buf));
-diff -ur BUILD/wpa_supplicant-0.6.4/wpa_supplicant/config.c BUILD2//wpa_supplicant-0.6.4/wpa_supplicant/config.c
--- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/config.c	2008-12-08 16:35:13.000000000 +0100
-+++ BUILD2//wpa_supplicant-0.6.4/wpa_supplicant/config.c	2008-12-08 16:34:25.000000000 +0100
-@@ -1001,7 +1001,7 @@
- 				   "password.", line);
- 			return -1;
- 		}
-		wpa_hexdump_ascii(MSG_MSGDUMP, data->name,
-+		wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
- 				  (u8 *) tmp, res_len);
- 
- 		os_free(ssid->eap.password);
--- a/wpa_supplicant-pkcs11-init-args.patch
+++ b/wpa_supplicant-pkcs11-init-args.patch
@ -1,8 +1,7 @@
-Index: wpa_supplicant-0.6.4/src/crypto/tls.h
-===================================================================
--- wpa_supplicant-0.6.4.orig/src/crypto/tls.h
-+++ wpa_supplicant-0.6.4/src/crypto/tls.h
-@@ -32,6 +32,7 @@ struct tls_config {
+diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h
+--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h	2009-05-05 11:47:15.000000000 +0200
+@@ -32,6 +32,7 @@
 	const char *opensc_engine_path;
 	const char *pkcs11_engine_path;
 	const char *pkcs11_module_path;
@ -10,11 +9,10 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls.h
 };
 
 /**
-Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/src/crypto/tls_openssl.c
-+++ wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
-@@ -653,9 +653,11 @@ static int tls_engine_load_dynamic_gener
+diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c
+--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c	2009-05-05 11:47:15.000000000 +0200
+@@ -667,9 +667,11 @@
  * tls_engine_load_dynamic_pkcs11 - load the pkcs11 engine provided by opensc
  * @pkcs11_so_path: pksc11_so_path from the configuration
  * @pcks11_module_path: pkcs11_module_path from the configuration
@ -27,7 +25,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 {
 	char *engine_id = "pkcs11";
 	const char *pre_cmd[] = {
-@@ -668,6 +670,7 @@ static int tls_engine_load_dynamic_pkcs1
+@@ -682,6 +684,7 @@
 	};
 	const char *post_cmd[] = {
 		"MODULE_PATH", NULL /* pkcs11_module_path */,
@ -35,7 +33,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 		NULL, NULL
 	};
 
-@@ -678,6 +681,9 @@ static int tls_engine_load_dynamic_pkcs1
+@@ -692,6 +695,9 @@
 	pre_cmd[3] = engine_id;
 	post_cmd[1] = pkcs11_module_path;
 
@ -45,7 +43,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 	wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s",
 		   pkcs11_so_path);
 
-@@ -747,7 +753,8 @@ void * tls_init(const struct tls_config
+@@ -761,7 +767,8 @@
 
 		if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) ||
 		    tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path,
@ -55,53 +53,21 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 			tls_deinit(ssl);
 			return NULL;
 		}
-Index: wpa_supplicant-0.6.4/src/eap_peer/eap.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/src/eap_peer/eap.c
-+++ wpa_supplicant-0.6.4/src/eap_peer/eap.c
-@@ -1169,6 +1169,7 @@ struct eap_sm * eap_peer_sm_init(void *e
- 	tlsconf.opensc_engine_path = conf->opensc_engine_path;
- 	tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
- 	tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
-+	tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args;
- 	sm->ssl_ctx = tls_init(&tlsconf);
- 	if (sm->ssl_ctx == NULL) {
- 		wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
-Index: wpa_supplicant-0.6.4/src/eap_peer/eap.h
-===================================================================
--- wpa_supplicant-0.6.4.orig/src/eap_peer/eap.h
-+++ wpa_supplicant-0.6.4/src/eap_peer/eap.h
-@@ -246,6 +246,13 @@ struct eap_config {
- 	 */
- 	const char *pkcs11_module_path;
- 	/**
-+	 * pkcs11_module_init_args - OpenSC PKCS#11 module initialization 
-+	 * arguments for OpenSSL engine.
-+	 *
-+	 * Usually, NULL.
-+	 */
-+	const char *pkcs11_module_init_args;
-+	/**
- 	 * mac_addr - MAC address of the peer
- 	 *
- 	 * This can be left %NULL if not available.
-Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/src/eapol_supp/eapol_supp_sm.c
-+++ wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.c
-@@ -1801,6 +1801,7 @@ struct eapol_sm *eapol_sm_init(struct ea
+diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c
+--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c	2009-05-05 11:47:15.000000000 +0200
+@@ -1834,6 +1834,7 @@
 	conf.opensc_engine_path = ctx->opensc_engine_path;
 	conf.pkcs11_engine_path = ctx->pkcs11_engine_path;
 	conf.pkcs11_module_path = ctx->pkcs11_module_path;
 +	conf.pkcs11_module_init_args = ctx->pkcs11_module_init_args;
 #endif /* EAP_TLS_OPENSSL */
+ 	conf.wps = ctx->wps;
 
- 	sm->eap = eap_peer_sm_init(sm, &eapol_cb, sm->ctx->msg_ctx, &conf);
-Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
-===================================================================
--- wpa_supplicant-0.6.4.orig/src/eapol_supp/eapol_supp_sm.h
-+++ wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
-@@ -198,6 +198,15 @@ struct eapol_ctx {
+diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h
+--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h	2009-05-05 11:47:15.000000000 +0200
+@@ -198,6 +198,15 @@
 	 * module is not loaded.
 	 */
 	const char *pkcs11_module_path;
@ -117,23 +83,70 @@ Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
 #endif /* EAP_TLS_OPENSSL */
 
 	/**
-Index: wpa_supplicant-0.6.4/wpa_supplicant/config.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config.c
-+++ wpa_supplicant-0.6.4/wpa_supplicant/config.c
-@@ -1526,6 +1526,7 @@ void wpa_config_free(struct wpa_config *
+diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c
+--- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c	2009-05-05 11:47:15.000000000 +0200
+@@ -1188,6 +1188,7 @@
+ 	tlsconf.opensc_engine_path = conf->opensc_engine_path;
+ 	tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
+ 	tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
+	tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args;
+ 	sm->ssl_ctx = tls_init(&tlsconf);
+ 	if (sm->ssl_ctx == NULL) {
+ 		wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
+diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h
+--- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h	2009-05-05 11:48:04.000000000 +0200
+@@ -246,6 +246,13 @@
+ 	 */
+ 	const char *pkcs11_module_path;
+ 	/**
+ 	 * pkcs11_module_init_args - OpenSC PKCS#11 module initialization 
+ 	 * arguments for OpenSSL engine.
+ 	 *
+ 	 * Usually, NULL.
+ 	 */
+ 	const char *pkcs11_module_init_args;
+ 	/**
+ 	 * wps - WPS context data
+ 	 *
+ 	 * This is only used by EAP-WSC and can be left %NULL if not available.
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-05-05 11:47:15.000000000 +0200
+@@ -1580,6 +1580,7 @@
 	os_free(config->opensc_engine_path);
 	os_free(config->pkcs11_engine_path);
 	os_free(config->pkcs11_module_path);
 +	os_free(config->pkcs11_module_init_args);
 #endif /* EAP_TLS_OPENSSL */
 	os_free(config->driver_param);
- 	os_free(config->pssid);
-Index: wpa_supplicant-0.6.4/wpa_supplicant/config.h
-===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config.h
-+++ wpa_supplicant-0.6.4/wpa_supplicant/config.h
-@@ -194,6 +194,15 @@ struct wpa_config {
+ 	os_free(config->device_name);
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-05-05 11:49:24.000000000 +0200
+@@ -444,6 +444,7 @@
+ 	{ STR(opensc_engine_path) },
+ 	{ STR(pkcs11_engine_path) },
+ 	{ STR(pkcs11_module_path) },
+	{ STR(pkcs11_module_init_args) },
+ #endif /* EAP_TLS_OPENSSL */
+ 	{ STR(driver_param) },
+ 	{ INT(dot11RSNAConfigPMKLifetime) },
+@@ -854,6 +855,9 @@
+ 	if (config->pkcs11_module_path)
+ 		fprintf(f, "pkcs11_module_path=%s\n",
+ 			config->pkcs11_module_path);
+	if (config->pkcs11_module_init_args)
+		fprintf(f, "pkcs11_module_init_args=%s\n",
+			config->pkcs11_module_init_args);
+ #endif /* EAP_TLS_OPENSSL */
+ 	if (config->driver_param)
+ 		fprintf(f, "driver_param=%s\n", config->driver_param);
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-05-05 11:47:15.000000000 +0200
+@@ -195,6 +195,15 @@
 	 * module is not loaded.
 	 */
 	char *pkcs11_module_path;
@ -149,52 +162,10 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/config.h
 #endif /* EAP_TLS_OPENSSL */
 
 	/**
-Index: wpa_supplicant-0.6.4/wpa_supplicant/config_file.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config_file.c
-+++ wpa_supplicant-0.6.4/wpa_supplicant/config_file.c
-@@ -355,6 +355,16 @@ static int wpa_config_process_pkcs11_mod
- 	return 0;
- }
- 
-+static int wpa_config_process_pkcs11_module_init_args(struct wpa_config *config,
-+					       char *pos)
-+{
-+	os_free(config->pkcs11_module_init_args);
-+	config->pkcs11_module_init_args = os_strdup(pos);
-+	wpa_printf(MSG_DEBUG, "pkcs11_module_init_args='%s'",
-+		   config->pkcs11_module_init_args);
-+	return 0;
-+}
-+
- #endif /* EAP_TLS_OPENSSL */
- 
- 
-@@ -457,6 +467,9 @@ static int wpa_config_process_global(str
- 
- 	if (os_strncmp(pos, "pkcs11_module_path=", 19) == 0)
- 		return wpa_config_process_pkcs11_module_path(config, pos + 19);
-+
-+	if (os_strncmp(pos, "pkcs11_module_init_args=", 24) == 0)
-+		return wpa_config_process_pkcs11_module_init_args(config, pos + 24);
- #endif /* EAP_TLS_OPENSSL */
- 
- 	if (os_strncmp(pos, "driver_param=", 13) == 0)
-@@ -827,6 +840,9 @@ static void wpa_config_write_global(FILE
- 	if (config->pkcs11_module_path)
- 		fprintf(f, "pkcs11_module_path=%s\n",
- 			config->pkcs11_module_path);
-+	if (config->pkcs11_module_init_args)
-+		fprintf(f, "pkcs11_module_init_args=%s\n",
-+			config->pkcs11_module_init_args);
- #endif /* EAP_TLS_OPENSSL */
- 	if (config->driver_param)
- 		fprintf(f, "driver_param=%s\n", config->driver_param);
-Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/ctrl_iface_dbus_handlers.c
-+++ wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
-@@ -858,7 +858,7 @@ out:
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c	2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c	2009-05-05 11:47:15.000000000 +0200
+@@ -866,7 +866,7 @@
 static const char *dont_quote[] = {
 	"key_mgmt", "proto", "pairwise", "auth_alg", "group", "eap",
 	"opensc_engine_path", "pkcs11_engine_path", "pkcs11_module_path",
@ -203,7 +174,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 };
 
 static dbus_bool_t should_quote_opt(const char *key)
-@@ -1196,6 +1196,7 @@ DBusMessage * wpas_dbus_iface_set_smartc
+@@ -1204,6 +1204,7 @@
 	char *opensc_engine_path = NULL;
 	char *pkcs11_engine_path = NULL;
 	char *pkcs11_module_path = NULL;
@ -211,7 +182,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 	struct wpa_dbus_dict_entry entry;
 
 	if (!dbus_message_iter_init(message, &iter))
-@@ -1222,6 +1223,11 @@ DBusMessage * wpas_dbus_iface_set_smartc
+@@ -1230,6 +1231,11 @@
 			pkcs11_module_path = os_strdup(entry.str_value);
 			if (pkcs11_module_path == NULL)
 				goto error;
@ -223,7 +194,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 		} else {
 			wpa_dbus_dict_entry_clear(&entry);
 			goto error;
-@@ -1236,6 +1242,8 @@ DBusMessage * wpas_dbus_iface_set_smartc
+@@ -1244,6 +1250,8 @@
 	wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path;
 	os_free(wpa_s->conf->pkcs11_module_path);
 	wpa_s->conf->pkcs11_module_path = pkcs11_module_path;
@ -232,7 +203,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 #endif /* EAP_TLS_OPENSSL */
 
 	eapol_sm_deinit(wpa_s->eapol);
-@@ -1247,6 +1255,7 @@ error:
+@@ -1257,6 +1265,7 @@
 	os_free(opensc_engine_path);
 	os_free(pkcs11_engine_path);
 	os_free(pkcs11_module_path);
@ -240,11 +211,10 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 	return wpas_dbus_new_invalid_opts_error(message, NULL);
 }
 
-Index: wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/eapol_test.c
-+++ wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
-@@ -335,6 +335,7 @@ static int test_eapol(struct eapol_test_
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c	2009-05-05 11:47:15.000000000 +0200
+@@ -408,6 +408,7 @@
 	ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
 	ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
 	ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
@ -252,28 +222,26 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
 #endif /* EAP_TLS_OPENSSL */
 
 	wpa_s->eapol = eapol_sm_init(ctx);
-Index: wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/wpa_supplicant.c
-+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant.c
-@@ -560,7 +560,7 @@ int wpa_supplicant_reload_configuration(
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c	2009-05-05 11:47:15.000000000 +0200
+@@ -557,6 +557,7 @@
+ 	ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
+ 	ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
+ 	ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
+	ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args;
+ #endif /* EAP_TLS_OPENSSL */
+ 	ctx->wps = wpa_s->wps;
+ 	ctx->eap_param_needed = wpa_supplicant_eap_param_needed;
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c	2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c	2009-05-05 11:47:15.000000000 +0200
+@@ -577,7 +577,7 @@
 	wpa_s->current_ssid = NULL;
 	/*
 	 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
 -	 * pkcs11_engine_path, pkcs11_module_path.
 +	 * pkcs11_engine_path, pkcs11_module_path, pkcs11_module_init_args.
 	 */
- 	if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK ||
- 	    wpa_s->key_mgmt == WPA_KEY_MGMT_FT_PSK) {
-Index: wpa_supplicant-0.6.4/wpa_supplicant/wpas_glue.c
-===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/wpas_glue.c
-+++ wpa_supplicant-0.6.4/wpa_supplicant/wpas_glue.c
-@@ -535,6 +535,7 @@ int wpa_supplicant_init_eapol(struct wpa
- 	ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
- 	ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
- 	ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
-+	ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args;
- #endif /* EAP_TLS_OPENSSL */
- 	ctx->eap_param_needed = wpa_supplicant_eap_param_needed;
- 	ctx->cb = wpa_supplicant_eapol_cb;
+ 	if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
+ 		/*
--- a/wpa_supplicant-respect_no_reply.patch
+++ b/wpa_supplicant-respect_no_reply.patch
@ -1,22 +0,0 @@
--- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus.c
-+++ BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus.c
-@@ -547,7 +547,8 @@
- 
- 	/* If the message was handled, send back the reply */
- 	if (reply) {
-		dbus_connection_send(connection, reply, NULL);
-+		if(!dbus_message_get_no_reply(message))
-+			dbus_connection_send(connection, reply, NULL);
- 		dbus_message_unref(reply);
- 	}
- 
-@@ -606,7 +607,8 @@
- 
- 	/* If the message was handled, send back the reply */
- 	if (reply) {
-		dbus_connection_send(connection, reply, NULL);
-+		if (!dbus_message_get_no_reply(message))
-+			dbus_connection_send(connection, reply, NULL);
- 		dbus_message_unref(reply);
- 	}
- 
--- a/wpa_supplicant-restore_scan_request_setting.patch
+++ b/wpa_supplicant-restore_scan_request_setting.patch
@ -1,25 +0,0 @@
-From: Dan Nicholson <dbn.lists@gmail.com>
-Date: Wed, 24 Sep 2008 09:48:33 +0000 (+0300)
-Subject: Restore scan request settings if initial association failed
-X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=2064c2f98515016c376f3b69bfe161c85639e764;hp=76dca8929507feca772a35e830329934ae685444
-
-Restore scan request settings if initial association failed
-
-The scan path to initiate another scan if the initial association failed
-was broken due to wpa_s->scan_req being zeroed earlier in
-wpa_supplicant_scan(). This caused the second scan to bail out early
-since it thought this was not a requested scan.
---
-
-diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c
-index c2549e2..8767109 100644
--- a/wpa_supplicant/scan.c
-+++ b/wpa_supplicant/scan.c
-@@ -137,6 +137,7 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
- 	if (wpa_s->scan_res_tried == 0 && wpa_s->conf->ap_scan == 1 &&
- 	    !wpa_s->use_client_mlme) {
- 		wpa_s->scan_res_tried++;
-+		wpa_s->scan_req = scan_req;
- 		wpa_printf(MSG_DEBUG, "Trying to get current scan results "
- 			   "first without requesting a new scan to speed up "
- 			   "initial association");
--- a/wpa_supplicant-roaming.patch
+++ b/wpa_supplicant-roaming.patch
@ -1,16 +1,16 @@
-diff -ur wpa_supplicant-0.6.4/src/drivers/driver.h wpa_supplicant-0.6.4_us/src/drivers/driver.h
--- wpa_supplicant-0.6.4/src/drivers/driver.h	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/src/drivers/driver.h	2008-10-13 13:50:55.000000000 +0200
-@@ -929,6 +929,8 @@
- 	 * Returns: 0 on success, -1 on failure
+diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h
+--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h	2009-05-04 14:26:47.000000000 +0200
+@@ -963,6 +963,8 @@
 	 */
 	int (*set_mode)(void *priv, int mode);
-+
-+	int (*get_default_roaming)(void *priv);
- };
 
- /**
-@@ -1052,7 +1054,13 @@
+	int (*get_default_roaming)(void *priv);
+ 
+ 	/**
+ 	 * set_country - Set country
+ 	 * @priv: Private driver interface data
+@@ -1147,7 +1149,13 @@
 	 * FT authentication sequence from the AP. The FT IEs are included in
 	 * the extra information in union wpa_event_data::ft_ies.
 	 */
@ -25,10 +25,10 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver.h wpa_supplicant-0.6.4_us/src/d
 } wpa_event_type;
 
 
-diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/src/drivers/driver_wext.c
--- wpa_supplicant-0.6.4/src/drivers/driver_wext.c	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/src/drivers/driver_wext.c	2008-10-13 14:54:03.000000000 +0200
-@@ -643,10 +642,18 @@
+diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c
+--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c	2009-05-04 14:32:17.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c	2009-05-04 14:28:20.000000000 +0200
+@@ -524,10 +524,18 @@
 				drv->assoc_req_ies = NULL;
 				os_free(drv->assoc_resp_ies);
 				drv->assoc_resp_ies = NULL;
@ -47,7 +47,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 				wpa_driver_wext_event_assoc_ies(drv);
 				wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
 			}
-@@ -1027,6 +1034,30 @@
+@@ -891,6 +899,30 @@
 	return wpa_driver_wext_set_ifflags_ifname(drv, drv->ifname, flags);
 }
 
@ -78,7 +78,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 
 /**
  * wpa_driver_wext_init - Initialize WE driver interface
-@@ -1078,6 +1109,9 @@
+@@ -942,6 +974,9 @@
 
 	drv->mlme_sock = -1;
 
@ -88,7 +88,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 	wpa_driver_wext_finish_drv_init(drv);
 
 	return drv;
-@@ -1153,6 +1187,7 @@
+@@ -1017,6 +1052,7 @@
 	int flags;
 
 	eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
@ -96,7 +96,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 
 	/*
 	 * Clear possibly configured driver parameters in order to make it
-@@ -1206,6 +1241,69 @@
+@@ -1058,6 +1094,69 @@
 	wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
 }
 
@ -166,7 +166,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 
 /**
  * wpa_driver_wext_scan - Request the driver to initiate scan
-@@ -1753,6 +1850,7 @@
+@@ -1610,6 +1709,7 @@
 		if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
 			drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
 
@ -174,17 +174,15 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 		wpa_printf(MSG_DEBUG, "  capabilities: key_mgmt 0x%x enc 0x%x "
 			   "flags 0x%x",
 			   drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags);
-@@ -2766,6 +2865,7 @@
+@@ -2388,4 +2488,5 @@
 	.flush_pmkid = wpa_driver_wext_flush_pmkid,
 	.get_capa = wpa_driver_wext_get_capa,
 	.set_operstate = wpa_driver_wext_set_operstate,
 +	.get_default_roaming = wpa_driver_get_default_roaming,
- #ifdef CONFIG_CLIENT_MLME
- 	.get_hw_feature_data = wpa_driver_wext_get_hw_feature_data,
- 	.set_channel = wpa_driver_wext_set_channel,
-diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.h wpa_supplicant-0.6.4_us/src/drivers/driver_wext.h
--- wpa_supplicant-0.6.4/src/drivers/driver_wext.h	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/src/drivers/driver_wext.h	2008-10-13 14:08:22.000000000 +0200
+ };
+diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h
+--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h	2009-05-04 14:26:04.000000000 +0200
@@ -43,6 +43,9 @@
 	char mlmedev[IFNAMSIZ + 1];
 
@ -203,10 +201,10 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.h wpa_supplicant-0.6.4_us/
 
 int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
 					const char *ifname);
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.c wpa_supplicant-0.6.4_us/wpa_supplicant/config.c
--- wpa_supplicant-0.6.4/wpa_supplicant/config.c	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config.c	2008-09-29 13:13:31.000000000 +0200
-@@ -1883,6 +1883,7 @@
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-05-04 14:26:04.000000000 +0200
+@@ -1943,6 +1943,7 @@
 	config->eapol_version = DEFAULT_EAPOL_VERSION;
 	config->ap_scan = DEFAULT_AP_SCAN;
 	config->fast_reauth = DEFAULT_FAST_REAUTH;
@ -214,10 +212,10 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.c wpa_supplicant-0.6.4_us/wp
 
 	if (ctrl_interface)
 		config->ctrl_interface = os_strdup(ctrl_interface);
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config_file.c wpa_supplicant-0.6.4_us/wpa_supplicant/config_file.c
--- wpa_supplicant-0.6.4/wpa_supplicant/config_file.c	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config_file.c	2008-09-29 13:20:10.000000000 +0200
-@@ -312,6 +312,12 @@
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-05-04 14:31:03.000000000 +0200
+@@ -306,6 +306,12 @@
 	return 0;
 }
 
@ -228,21 +226,19 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config_file.c wpa_supplicant-0.6.4_
 +	return 0;
 +}
 
- static int wpa_config_process_fast_reauth(struct wpa_config *config, char *pos)
- {
-@@ -445,6 +451,9 @@
- 	if (os_strncmp(pos, "ap_scan=", 8) == 0)
- 		return wpa_config_process_ap_scan(config, pos + 8);
- 
-+	if (os_strncmp(pos, "roaming=", 8) == 0)
-+		return wpa_config_process_roaming(config, pos + 8);
-+
- 	if (os_strncmp(pos, "fast_reauth=", 12) == 0)
- 		return wpa_config_process_fast_reauth(config, pos + 12);
- 
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.h wpa_supplicant-0.6.4_us/wpa_supplicant/config.h
--- wpa_supplicant-0.6.4/wpa_supplicant/config.h	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config.h	2008-10-13 13:42:01.000000000 +0200
+ static int wpa_config_parse_str(const struct global_parse_data *data,
+ 				struct wpa_config *config, int line,
+@@ -457,6 +463,7 @@
+ 	{ STR(device_type) },
+ 	{ FUNC(os_version) },
+ 	{ INT_RANGE(wps_cred_processing, 0, 2) },
+	{ FUNC(roaming) },
+ #endif /* CONFIG_WPS */
+ 	{ FUNC(country) }
+ };
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-05-04 14:26:04.000000000 +0200
@@ -22,6 +22,7 @@
 #define DEFAULT_AP_SCAN 1
 #endif /* CONFIG_NO_SCAN_PROCESSING */
@ -263,10 +259,10 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.h wpa_supplicant-0.6.4_us/wp
 	 * blobs - Configuration blobs
 	 */
 	struct wpa_config_blob *blobs;
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wpa_supplicant/events.c
--- wpa_supplicant-0.6.4/wpa_supplicant/events.c	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/events.c	2008-10-13 13:53:52.000000000 +0200
-@@ -613,6 +613,21 @@
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c	2009-05-04 14:26:04.000000000 +0200
+@@ -706,6 +706,21 @@
 }
 #endif /* CONFIG_NO_SCAN_PROCESSING */
 
@ -288,7 +284,7 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wp
 
 static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
 					   union wpa_event_data *data)
-@@ -955,6 +970,9 @@
+@@ -1114,6 +1129,9 @@
 		wpa_supplicant_event_ft_response(wpa_s, data);
 		break;
 #endif /* CONFIG_IEEE80211R */
@ -298,14 +294,14 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wp
 	default:
 		wpa_printf(MSG_INFO, "Unknown event %d", event);
 		break;
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant_i.h wpa_supplicant-0.6.4_us/wpa_supplicant/wpa_supplicant_i.h
--- wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant_i.h	2008-08-10 19:33:12.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/wpa_supplicant_i.h	2008-10-13 13:53:43.000000000 +0200
-@@ -334,6 +334,7 @@
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h	2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h	2009-05-04 14:32:01.000000000 +0200
+@@ -350,6 +350,7 @@
 	struct wpa_client_mlme mlme;
 	int use_client_mlme;
 	int driver_4way_handshake;
 +	struct os_time last_roaming_attempt;
- };
- 
 
+ 	int pending_mic_error_report;
+ 	int pending_mic_error_pairwise;
--- a/wpa_supplicant.changes
+++ b/wpa_supplicant.changes
@ -1,3 +1,90 @@
+-------------------------------------------------------------------
+Tue Apr  7 13:02:49 CEST 2009 - hschaa@suse.de
+
+- Enable ralink driver (bnc#481380)
+- Enable nl80211 driver (bnc#485453)
+- Rebase all SUSE patches to 0.6.9
+- Remove upstreamed patches
+- Update to 0.6.9
+	* driver_ndis: add PAE group address to the multicast address list to
+	  fix wired IEEE 802.1X authentication
+	* fixed IEEE 802.11r key derivation function to match with the standard
+	  (note: this breaks interoperability with previous version) [Bug 303]
+	* increased wpa_cli ping interval to 5 seconds and made this
+	  configurable with a new command line options (-G<seconds>)
+	* fixed scan buffer processing with WEXT to handle up to 65535
+	  byte result buffer (previously, limited to 32768 bytes)
+	* added support for Wi-Fi Protected Setup (WPS)
+	  (wpa_supplicant can now be configured to act as a WPS Enrollee to
+	  enroll credentials for a network using PIN and PBC methods; in
+	  addition, wpa_supplicant can act as a wireless WPS Registrar to
+	  configure an AP); WPS support can be enabled by adding CONFIG_WPS=y
+	  into .config and setting the runtime configuration variables in
+	  wpa_supplicant.conf (see WPS section in the example configuration
+	  file); new wpa_cli commands wps_pin, wps_pbc, and wps_reg are used to
+	  manage WPS negotiation; see README-WPS for more details
+	* added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
+	* added support for using driver_test over UDP socket
+	* fixed PEAPv0 Cryptobinding interoperability issue with Windows Server
+	  2008 NPS; optional cryptobinding is now enabled (again) by default
+	* fixed PSK editing in wpa_gui
+	* changed EAP-GPSK to use the IANA assigned EAP method type 51
+	* added a Windows installer that includes WinPcap and all the needed
+	  DLLs; in addition, it set up the registry automatically so that user
+	  will only need start wpa_gui to get prompted to start the wpasvc
+	  servide and add a new interface if needed through wpa_gui dialog
+	* updated management frame protection to use IEEE 802.11w/D7.0
+	* added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
+	  (can be used to simulate test SIM/USIM card with a known private key;
+	  enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
+	  and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
+	* added a new network configuration option, wpa_ptk_rekey, that can be
+	  used to enforce frequent PTK rekeying, e.g., to mitigate some attacks
+	  against TKIP deficiencies
+	* added an optional mitigation mechanism for certain attacks against
+	  TKIP by delaying Michael MIC error reports by a random amount of time
+	  between 0 and 60 seconds; this can be enabled with a build option
+	  CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
+	* fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
+	  not bytes
+	* updated OpenSSL code for EAP-FAST to use an updated version of the
+	  session ticket overriding API that was included into the upstream
+	  OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
+	  needed with that version anymore)
+	* updated userspace MLME instructions to match with the current Linux
+	  mac80211 implementation; please also note that this can only be used
+	  with driver_nl80211.c (the old code from driver_wext.c was removed)
+	* added support (Linux only) for RoboSwitch chipsets (often found in
+	  consumer grade routers); driver interface 'roboswitch'
+	* fixed canceling of PMKSA caching when using drivers that generate
+	  RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
+	  about
+	* added support for SHA-256 as X.509 certificate digest when using the
+	  internal X.509/TLSv1 implementation
+	* updated management frame protection to use IEEE 802.11w/D6.0
+	* added support for using SHA256-based stronger key derivation for WPA2
+	  (IEEE 802.11w)
+	* fixed FT (IEEE 802.11r) authentication after a failed association to
+	  use correct FTIE
+	* added support for configuring Phase 2 (inner/tunneled) authentication
+	  method with wpa_gui-qt4
+	* added support for EAP Sequences in EAP-FAST Phase 2
+	* added support for using TNC with EAP-FAST
+	* added driver_ps3 for the PS3 Linux wireless driver
+	* added support for optional cryptobinding with PEAPv0
+	* fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
+	  allow fallback to full handshake if server rejects PAC-Opaque
+	* added fragmentation support for EAP-TNC
+	* added support for parsing PKCS #8 formatted private keys into the
+	  internal TLS implementation (both PKCS #1 RSA key and PKCS #8
+	  encapsulated RSA key can now be used)
+	* added option of using faster, but larger, routines in the internal
+	  LibTomMath (for internal TLS implementation) to speed up DH and RSA
+	  calculations (CONFIG_INTERNAL_LIBTOMMATH_FAST=y)
+	* fixed race condition between disassociation event and group key
+	  handshake to avoid getting stuck in incorrect state [Bug 261]
+	* fixed opportunistic key caching (proactive_key_caching)
+
 -------------------------------------------------------------------
 Sun Mar  1 17:03:04 CET 2009 - coolo@suse.de

--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@ -1,5 +1,5 @@
 #
-# spec file for package wpa_supplicant (Version 0.6.4)
+# spec file for package wpa_supplicant (Version 0.6.9)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@ -19,10 +19,10 @@


 Name:           wpa_supplicant
-BuildRequires:  dbus-1-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel
+BuildRequires:  dbus-1-devel libnl-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel
 Url:            http://hostap.epitest.fi/wpa_supplicant/
-Version:        0.6.4
-Release:        25
+Version:        0.6.9
+Release:        1
 License:        BSD 3-Clause; GPL v2 or later
 Group:          Productivity/Networking/Other
 Summary:        WPA supplicant implementation
@ -31,22 +31,21 @@ Source1:        config
 Source2:        %{name}.conf
 Source3:        fi.epitest.hostap.WPASupplicant.service
 Patch0:         wpa_supplicant-driver-wext-debug.patch
+# wpa_supplicant-flush-debug-output.patch won't go upstream as it might
+# change timings
 Patch1:         wpa_supplicant-flush-debug-output.patch
+# wpa_supplicant-sigusr1-changes-debuglevel.patch won't go upstream as it
+# is not portable
 Patch2:         wpa_supplicant-sigusr1-changes-debuglevel.patch
 Patch3:         wpa_supplicant-dbus-iface-segfault-fix.patch
 Patch4:         wpa_supplicant-errormsg.patch
-Patch5:         wpa_supplicant-roaming.patch
-Patch6:         wpa_supplicant-restore_scan_request_setting.patch
-Patch7:         wpa_supplicant-dont_report_empty_initial_scan.patch
-Patch8:         wpa_supplicant-fix_set_mode.patch
+Patch5:         wpa_supplicant-dbus-reset-eapol.patch
+Patch6:         wpa_supplicant-fix_dbus_config.patch
+Patch7:         wpa_supplicant-fix_dbus_config2.patch
+# wpa_supplicant-roaming.patch won't go upstream as it is an ugly hack, once
+# roaming is implemented in a clean way this patch should be removed
+Patch8:         wpa_supplicant-roaming.patch
 Patch9:         wpa_supplicant-pkcs11-init-args.patch
-Patch10:        wpa_supplicant-dbus-reset-eapol.patch
-Patch11:        wpa_supplicant-hide_secrets-2.patch
-Patch12:        wpa_supplicant-fix_dbus_config.patch
-Patch13:        wpa_supplicant-fix_dbus_config2.patch
-Patch14:        wpa_supplicant-fix_ap_ordering.patch
-Patch15:        wpa_supplicant-respect_no_reply.patch
-Patch16:        wpa_supplicant-gcc44.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
@ -85,18 +84,11 @@ cp %{SOURCE1} wpa_supplicant/.config
 %patch2 -p2
 %patch3 -p2
 %patch4 -p2
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
 %patch5 -p1
-%patch9 -p1
-%patch10 -p1
-%patch11 -p2
-%patch12 -p1
-%patch13 -p2
-%patch14 -p2
-%patch15 -p2
-%patch16 -p1
+%patch6 -p1
+%patch7 -p2
+%patch8 -p2
+%patch9 -p2

 %build
 cd wpa_supplicant
@ -141,6 +133,90 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
 /usr/sbin/wpa_gui

 %changelog
+* Tue Apr 07 2009 hschaa@suse.de
+- Enable ralink driver (bnc#481380)
+- Enable nl80211 driver (bnc#485453)
+- Rebase all SUSE patches to 0.6.9
+- Remove upstreamed patches
+- Update to 0.6.9
+  * driver_ndis: add PAE group address to the multicast address list to
+  fix wired IEEE 802.1X authentication
+  * fixed IEEE 802.11r key derivation function to match with the standard
+  (note: this breaks interoperability with previous version) [Bug 303]
+  * increased wpa_cli ping interval to 5 seconds and made this
+  configurable with a new command line options (-G<seconds>)
+  * fixed scan buffer processing with WEXT to handle up to 65535
+  byte result buffer (previously, limited to 32768 bytes)
+  * added support for Wi-Fi Protected Setup (WPS)
+  (wpa_supplicant can now be configured to act as a WPS Enrollee to
+  enroll credentials for a network using PIN and PBC methods; in
+  addition, wpa_supplicant can act as a wireless WPS Registrar to
+  configure an AP); WPS support can be enabled by adding CONFIG_WPS=y
+  into .config and setting the runtime configuration variables in
+  wpa_supplicant.conf (see WPS section in the example configuration
+  file); new wpa_cli commands wps_pin, wps_pbc, and wps_reg are used to
+  manage WPS negotiation; see README-WPS for more details
+  * added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
+  * added support for using driver_test over UDP socket
+  * fixed PEAPv0 Cryptobinding interoperability issue with Windows Server
+  2008 NPS; optional cryptobinding is now enabled (again) by default
+  * fixed PSK editing in wpa_gui
+  * changed EAP-GPSK to use the IANA assigned EAP method type 51
+  * added a Windows installer that includes WinPcap and all the needed
+  DLLs; in addition, it set up the registry automatically so that user
+  will only need start wpa_gui to get prompted to start the wpasvc
+  servide and add a new interface if needed through wpa_gui dialog
+  * updated management frame protection to use IEEE 802.11w/D7.0
+  * added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
+  (can be used to simulate test SIM/USIM card with a known private key;
+  enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
+  and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
+  * added a new network configuration option, wpa_ptk_rekey, that can be
+  used to enforce frequent PTK rekeying, e.g., to mitigate some attacks
+  against TKIP deficiencies
+  * added an optional mitigation mechanism for certain attacks against
+  TKIP by delaying Michael MIC error reports by a random amount of time
+  between 0 and 60 seconds; this can be enabled with a build option
+  CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
+  * fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
+  not bytes
+  * updated OpenSSL code for EAP-FAST to use an updated version of the
+  session ticket overriding API that was included into the upstream
+  OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
+  needed with that version anymore)
+  * updated userspace MLME instructions to match with the current Linux
+  mac80211 implementation; please also note that this can only be used
+  with driver_nl80211.c (the old code from driver_wext.c was removed)
+  * added support (Linux only) for RoboSwitch chipsets (often found in
+  consumer grade routers); driver interface 'roboswitch'
+  * fixed canceling of PMKSA caching when using drivers that generate
+  RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
+  about
+  * added support for SHA-256 as X.509 certificate digest when using the
+  internal X.509/TLSv1 implementation
+  * updated management frame protection to use IEEE 802.11w/D6.0
+  * added support for using SHA256-based stronger key derivation for WPA2
+  (IEEE 802.11w)
+  * fixed FT (IEEE 802.11r) authentication after a failed association to
+  use correct FTIE
+  * added support for configuring Phase 2 (inner/tunneled) authentication
+  method with wpa_gui-qt4
+  * added support for EAP Sequences in EAP-FAST Phase 2
+  * added support for using TNC with EAP-FAST
+  * added driver_ps3 for the PS3 Linux wireless driver
+  * added support for optional cryptobinding with PEAPv0
+  * fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
+  allow fallback to full handshake if server rejects PAC-Opaque
+  * added fragmentation support for EAP-TNC
+  * added support for parsing PKCS #8 formatted private keys into the
+  internal TLS implementation (both PKCS #1 RSA key and PKCS #8
+  encapsulated RSA key can now be used)
+  * added option of using faster, but larger, routines in the internal
+  LibTomMath (for internal TLS implementation) to speed up DH and RSA
+  calculations (CONFIG_INTERNAL_LIBTOMMATH_FAST=y)
+  * fixed race condition between disassociation event and group key
+  handshake to avoid getting stuck in incorrect state [Bug 261]
+  * fixed opportunistic key caching (proactive_key_caching)
 * Sun Mar 01 2009 coolo@suse.de
 - fix compilation with gcc 4.4
 * Mon Feb 09 2009 hschaa@suse.de
@ -174,7 +250,7 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
  mode
 * Mon Sep 29 2008 hschaa@suse.de
 - add roaming capability (FATE 303806)
-* Tue Sep 23 2008 ro@suse.de
+* Wed Sep 24 2008 ro@suse.de
 - drop buildreq for madwifi (dropped package)
 * Tue Sep 02 2008 ro@suse.de
 - update to 0.6.4
@ -601,7 +677,7 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
  * fixed couple of unaligned reads in scan result parsing to fix WPA
  connection on some platforms (e.g., ARM)
 - disabled madwifi support on ppc
-* Tue Sep 28 2004 jg@suse.de
+* Wed Sep 29 2004 jg@suse.de
 - added support for ipw2100 driver
 * Tue Aug 31 2004 jg@suse.de
 - added support for writing pid-file