OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wpa_supplicant?expand=0&rev=24

2009-05-06 16:55:20 +00:00 · 2009-05-06 16:55:20 +00:00 · 864bf8993f
commit 864bf8993f
parent 395b0c09e0
15 changed files with 826 additions and 672 deletions
--- a/411
+++ b/411
@ -1,31 +1,382 @@
-CONFIG_DRIVER_HOSTAP=y
+# Example wpa_supplicant build time configuration
-CONFIG_DRIVER_PRISM54=y
+#
-# CONFIG_DRIVER_HERMES
+# This file lists the configuration options that are used when building the
-# CONFIG_DRIVER_MADWIFI gets dynamically added when needed
+# hostapd binary. All lines starting with # are ignored. Configuration option
-CONFIG_DRIVER_ATMEL=y
+# lines must be commented out complete, if they are not to be included, i.e.,
-CONFIG_DRIVER_WEXT=y
+# just setting VARIABLE=n is not disabling that variable.
-#CONFIG_DRIVER_NDISWRAPPER=y
+#
-#CONFIG_DRIVER_IPW=y
+# This file is included in Makefile, so variables like CFLAGS and LIBS can also
-CONFIG_DRIVER_WIRED=y
+# be modified from here. In most cases, these lines should use += in order not
-CONFIG_WIRELESS_EXTENSION=y
+# to override previous values of the variables.
 CONFIG_IEEE8021X_EAPOL=y
 CONFIG_EAP_MD5=y
 CONFIG_MSCHAPV2=y
 CONFIG_EAP_TLS=y
 CONFIG_EAP_PEAP=y
 CONFIG_EAP_TTLS=y
 CONFIG_EAP_GTC=y
 CONFIG_EAP_OTP=y
 CONFIG_EAP_PSK=y
 CONFIG_EAP_PAX=y
 CONFIG_EAP_LEAP=y
 CONFIG_PKCS12=y
 CONFIG_SMARTCARD=y
 CONFIG_CTRL_IFACE=y
 CONFIG_CTRL_IFACE_DBUS=y
 CONFIG_READLINE=y
 #CONFIG_PCSC
 #CONFIG_EAP_SIM
 #CONFIG_EAP_AKA
 CONFIG_DEBUG_FILE=y
 # Uncomment following two lines and fix the paths if you have installed OpenSSL
 # or GnuTLS in non-default location
 #CFLAGS += -I/usr/local/openssl/include
 #LIBS += -L/usr/local/openssl/lib
 # Some Red Hat versions seem to include kerberos header files from OpenSSL, but
 # the kerberos files are not in the default include path. Following line can be
 # used to fix build issues on such systems (krb5.h not found).
 #CFLAGS += -I/usr/include/kerberos
 # Example configuration for various cross-compilation platforms
 #### sveasoft (e.g., for Linksys WRT54G) ######################################
 #CC=mipsel-uclibc-gcc
 #CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
 #CFLAGS += -Os
 #CPPFLAGS += -I../src/include -I../../src/router/openssl/include
 #LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl
 ###############################################################################
 #### openwrt (e.g., for Linksys WRT54G) #######################################
 #CC=mipsel-uclibc-gcc
 #CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
 #CFLAGS += -Os
 #CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \
 #	-I../WRT54GS/release/src/include
 #LIBS = -lssl
 ###############################################################################
 # Driver interface for Host AP driver
 CONFIG_DRIVER_HOSTAP=y
 # Driver interface for Agere driver
 #CONFIG_DRIVER_HERMES=y
 # Change include directories to match with the local setup
 #CFLAGS += -I../../hcf -I../../include -I../../include/hcf
 #CFLAGS += -I../../include/wireless
 # Driver interface for madwifi driver
 #CONFIG_DRIVER_MADWIFI=y
 # Set include directory to the madwifi source tree
 #CFLAGS += -I../../madwifi
 # Driver interface for Prism54 driver
 # (Note: Prism54 is not yet supported, i.e., this will not work as-is and is
 # for developers only)
 CONFIG_DRIVER_PRISM54=y
 # Driver interface for ndiswrapper
 CONFIG_DRIVER_NDISWRAPPER=y
 # Driver interface for Atmel driver
 CONFIG_DRIVER_ATMEL=y
 # Driver interface for old Broadcom driver
 # Please note that the newer Broadcom driver ("hybrid Linux driver") supports
 # Linux wireless extensions and does not need (or even work) with the old
 # driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver.
 #CONFIG_DRIVER_BROADCOM=y
 # Example path for wlioctl.h; change to match your configuration
 #CFLAGS += -I/opt/WRT54GS/release/src/include
 # Driver interface for Intel ipw2100/2200 driver
 #CONFIG_DRIVER_IPW=y
 # Driver interface for Ralink driver
 CONFIG_DRIVER_RALINK=y
 # Driver interface for generic Linux wireless extensions
 CONFIG_DRIVER_WEXT=y
 # Driver interface for Linux drivers using the nl80211 kernel interface
 CONFIG_DRIVER_NL80211=y
 # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
 #CONFIG_DRIVER_BSD=y
 #CFLAGS += -I/usr/local/include
 #LIBS += -L/usr/local/lib
 # Driver interface for Windows NDIS
 #CONFIG_DRIVER_NDIS=y
 #CFLAGS += -I/usr/include/w32api/ddk
 #LIBS += -L/usr/local/lib
 # For native build using mingw
 #CONFIG_NATIVE_WINDOWS=y
 # Additional directories for cross-compilation on Linux host for mingw target
 #CFLAGS += -I/opt/mingw/mingw32/include/ddk
 #LIBS += -L/opt/mingw/mingw32/lib
 #CC=mingw32-gcc
 # By default, driver_ndis uses WinPcap for low-level operations. This can be
 # replaced with the following option which replaces WinPcap calls with NDISUIO.
 # However, this requires that WZC is disabled (net stop wzcsvc) before starting
 # wpa_supplicant.
 # CONFIG_USE_NDISUIO=y
 # Driver interface for development testing
 #CONFIG_DRIVER_TEST=y
 # Driver interface for wired Ethernet drivers
 CONFIG_DRIVER_WIRED=y
 # Driver interface for the Broadcom RoboSwitch family
 #CONFIG_DRIVER_ROBOSWITCH=y
 # Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
 # included)
 CONFIG_IEEE8021X_EAPOL=y
 # EAP-MD5
 CONFIG_EAP_MD5=y
 # EAP-MSCHAPv2
 CONFIG_EAP_MSCHAPV2=y
 # EAP-TLS
 CONFIG_EAP_TLS=y
 # EAL-PEAP
 CONFIG_EAP_PEAP=y
 # EAP-TTLS
 CONFIG_EAP_TTLS=y
 # EAP-FAST
 # Note: Default OpenSSL package does not include support for all the
 # functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL,
 # the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch)
 # to add the needed functions.
 #CONFIG_EAP_FAST=y
 # EAP-GTC
 CONFIG_EAP_GTC=y
 # EAP-OTP
 CONFIG_EAP_OTP=y
 # EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
 #CONFIG_EAP_SIM=y
 # EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
 CONFIG_EAP_PSK=y
 # EAP-PAX
 CONFIG_EAP_PAX=y
 # LEAP
 CONFIG_EAP_LEAP=y
 # EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
 # CONFIG_EAP_AKA=y
 # EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
 # This requires CONFIG_EAP_AKA to be enabled, too.
 #CONFIG_EAP_AKA_PRIME=y
 # Enable USIM simulator (Milenage) for EAP-AKA
 #CONFIG_USIM_SIMULATOR=y
 # EAP-SAKE
 CONFIG_EAP_SAKE=y
 # EAP-GPSK
 CONFIG_EAP_GPSK=y
 # Include support for optional SHA256 cipher suite in EAP-GPSK
 CONFIG_EAP_GPSK_SHA256=y
 # EAP-TNC and related Trusted Network Connect support (experimental)
 CONFIG_EAP_TNC=y
 # Wi-Fi Protected Setup (WPS)
 CONFIG_WPS=y
 # EAP-IKEv2
 CONFIG_EAP_IKEV2=y
 # PKCS#12 (PFX) support (used to read private key and certificate file from
 # a file that usually has extension .p12 or .pfx)
 CONFIG_PKCS12=y
 # Smartcard support (i.e., private key on a smartcard), e.g., with openssl
 # engine.
 CONFIG_SMARTCARD=y
 # PC/SC interface for smartcards (USIM, GSM SIM)
 # Enable this if EAP-SIM or EAP-AKA is included
 #CONFIG_PCSC=y
 # Development testing
 #CONFIG_EAPOL_TEST=y
 # Select control interface backend for external programs, e.g, wpa_cli:
 # unix = UNIX domain sockets (default for Linux/*BSD)
 # udp = UDP sockets using localhost (127.0.0.1)
 # named_pipe = Windows Named Pipe (default for Windows)
 # y = use default (backwards compatibility)
 # If this option is commented out, control interface is not included in the
 # build.
 CONFIG_CTRL_IFACE=y
 # Include support for GNU Readline and History Libraries in wpa_cli.
 # When building a wpa_cli binary for distribution, please note that these
 # libraries are licensed under GPL and as such, BSD license may not apply for
 # the resulting binary.
 #CONFIG_READLINE=y
 # Remove debugging code that is printing out debug message to stdout.
 # This can be used to reduce the size of the wpa_supplicant considerably
 # if debugging code is not needed. The size reduction can be around 35%
 # (e.g., 90 kB).
 #CONFIG_NO_STDOUT_DEBUG=y
 # Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
 # 35-50 kB in code size.
 #CONFIG_NO_WPA=y
 # Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to
 # save about 1 kB in code size when building only WPA-Personal (no EAP support)
 # or 6 kB if building for WPA-Enterprise.
 #CONFIG_NO_WPA2=y
 # Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
 # This option can be used to reduce code size by removing support for
 # converting ASCII passphrases into PSK. If this functionality is removed, the
 # PSK can only be configured as the 64-octet hexstring (e.g., from
 # wpa_passphrase). This saves about 0.5 kB in code size.
 #CONFIG_NO_WPA_PASSPHRASE=y
 # Remove AES extra functions. This can be used to reduce code size by about
 # 1.5 kB by removing extra AES modes that are not needed for commonly used
 # client configurations (they are needed for some EAP types).
 #CONFIG_NO_AES_EXTRAS=y
 # Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
 # This can be used if ap_scan=1 mode is never enabled.
 #CONFIG_NO_SCAN_PROCESSING=y
 # Select configuration backend:
 # file = text file (e.g., wpa_supplicant.conf; note: the configuration file
 #	path is given on command line, not here; this option is just used to
 #	select the backend that allows configuration files to be used)
 # winreg = Windows registry (see win_example.reg for an example)
 CONFIG_BACKEND=file
 # Remove configuration write functionality (i.e., to allow the configuration
 # file to be updated based on runtime configuration changes). The runtime
 # configuration can still be changed, the changes are just not going to be
 # persistent over restarts. This option can be used to reduce code size by
 # about 3.5 kB.
 #CONFIG_NO_CONFIG_WRITE=y
 # Remove support for configuration blobs to reduce code size by about 1.5 kB.
 #CONFIG_NO_CONFIG_BLOBS=y
 # Select program entry point implementation:
 # main = UNIX/POSIX like main() function (default)
 # main_winsvc = Windows service (read parameters from registry)
 # main_none = Very basic example (development use only)
 #CONFIG_MAIN=main
 # Select wrapper for operatins system and C library specific functions
 # unix = UNIX/POSIX like systems (default)
 # win32 = Windows systems
 # none = Empty template
 #CONFIG_OS=unix
 # Select event loop implementation
 # eloop = select() loop (default)
 # eloop_win = Windows events and WaitForMultipleObject() loop
 # eloop_none = Empty template
 #CONFIG_ELOOP=eloop
 # Select layer 2 packet implementation
 # linux = Linux packet socket (default)
 # pcap = libpcap/libdnet/WinPcap
 # freebsd = FreeBSD libpcap
 # winpcap = WinPcap with receive thread
 # ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
 # none = Empty template
 #CONFIG_L2_PACKET=linux
 # PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
 CONFIG_PEERKEY=y
 # IEEE 802.11w (management frame protection)
 # This version is an experimental implementation based on IEEE 802.11w/D1.0
 # draft and is subject to change since the standard has not yet been finalized.
 # Driver support is also needed for IEEE 802.11w.
 CONFIG_IEEE80211W=y
 # Select TLS implementation
 # openssl = OpenSSL (default)
 # gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA)
 # internal = Internal TLSv1 implementation (experimental)
 # none = Empty template
 #CONFIG_TLS=openssl
 # Whether to enable TLS/IA support, which is required for EAP-TTLSv1.
 # You need CONFIG_TLS=gnutls for this to have any effect. Please note that
 # even though the core GnuTLS library is released under LGPL, this extra
 # library uses GPL and as such, the terms of GPL apply to the combination
 # of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not
 # apply for distribution of the resulting binary.
 #CONFIG_GNUTLS_EXTRA=y
 # If CONFIG_TLS=internal is used, additional library and include paths are
 # needed for LibTomMath. Alternatively, an integrated, minimal version of
 # LibTomMath can be used. See beginning of libtommath.c for details on benefits
 # and drawbacks of this option.
 #CONFIG_INTERNAL_LIBTOMMATH=y
 #ifndef CONFIG_INTERNAL_LIBTOMMATH
 #LTM_PATH=/usr/src/libtommath-0.39
 #CFLAGS += -I$(LTM_PATH)
 #LIBS += -L$(LTM_PATH)
 #LIBS_p += -L$(LTM_PATH)
 #endif
 # At the cost of about 4 kB of additional binary size, the internal LibTomMath
 # can be configured to include faster routines for exptmod, sqr, and div to
 # speed up DH and RSA calculation considerably
 #CONFIG_INTERNAL_LIBTOMMATH_FAST=y
 # Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
 # This is only for Windows builds and requires WMI-related header files and
 # WbemUuid.Lib from Platform SDK even when building with MinGW.
 #CONFIG_NDIS_EVENTS_INTEGRATED=y
 #PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
 # Add support for DBus control interface
 CONFIG_CTRL_IFACE_DBUS=y
 # Add support for loading EAP methods dynamically as shared libraries.
 # When this option is enabled, each EAP method can be either included
 # statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
 # Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
 # be loaded in the beginning of the wpa_supplicant configuration file
 # (see load_dynamic_eap parameter in the example file) before being used in
 # the network blocks.
 #
 # Note that some shared parts of EAP methods are included in the main program
 # and in order to be able to use dynamic EAP methods using these parts, the
 # main program must have been build with the EAP method enabled (=y or =dyn).
 # This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
 # unless at least one of them was included in the main build to force inclusion
 # of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
 # in the main build to be able to load these methods dynamically.
 #
 # Please also note that using dynamic libraries will increase the total binary
 # size. Thus, it may not be the best option for targets that have limited
 # amount of memory/flash.
 #CONFIG_DYNAMIC_EAP_METHODS=y
 # Include client MLME (management frame processing).
 # This can be used to move MLME processing of Linux mac80211 stack into user
 # space. Please note that this is currently only available with
 # driver_nl80211.c and only with a modified version of Linux kernel and
 # wpa_supplicant.
 #CONFIG_CLIENT_MLME=y
 # IEEE Std 802.11r-2008 (Fast BSS Transition)
 #CONFIG_IEEE80211R=y
 # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
 #CONFIG_DEBUG_FILE=y
 # Enable privilege separation (see README 'Privilege separation' for details)
 #CONFIG_PRIVSEP=y
 # Enable mitigation against certain attacks against TKIP by delaying Michael
 # MIC error reports by a random amount of time between 0 and 60 seconds
 #CONFIG_DELAYED_MIC_ERROR_REPORT=y
--- a/wpa_supplicant-0.6.4.tar.bz2
+++ b/wpa_supplicant-0.6.4.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:3690117bc4d9160ae9414bb72e2d76e10d8073a0977e6c6ba2eb4a352bf38114
 size 776742
--- a/wpa_supplicant-0.6.9.tar.bz2
+++ b/wpa_supplicant-0.6.9.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:443a04570db108521c3aaebd371daae8970089d90da9c08828109e8ef20ad906
 size 889846
--- a/wpa_supplicant-dont_report_empty_initial_scan.patch
+++ b/wpa_supplicant-dont_report_empty_initial_scan.patch
@ -1,39 +0,0 @@
 From: Dan Nicholson <dbn.lists@gmail.com>
 Date: Wed, 24 Sep 2008 09:51:08 +0000 (+0300)
 Subject: Don't post scan results when initial scan is emtpy
 X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=23e072374ea500002b8beec5d0e87f9fc6a7609c;hp=2064c2f98515016c376f3b69bfe161c85639e764
 Don't post scan results when initial scan is emtpy
 When the initial scan is made, just the cached results from the driver
 are used. If this is empty, it's useless to post the results since
 another scan is being scheduled immediately. This just causes extra
 processing from listeners for no gain.
 ---
 diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
 index 0f9b338..04e3152 100644
 --- a/wpa_supplicant/events.c
 +++ b/wpa_supplicant/events.c
@@ -551,9 +551,18 @@ static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s)
 		goto req_scan;
 	}
 -	wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
 -
 -	wpa_supplicant_dbus_notify_scan_results(wpa_s);
 +	/*
 +	 * Don't post the results if this was the initial cached
 +	 * and there were no results.
 +	 */
 +	if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1 &&
 +	    wpa_s->scan_res->num == 0) {
 +		wpa_msg(wpa_s, MSG_DEBUG, "Cached scan results are "
 +			"empty - not posting");
 +	} else {
 +		wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
 +		wpa_supplicant_dbus_notify_scan_results(wpa_s);
 +	}
 	if (wpa_s->conf->ap_scan == 2 || wpa_s->disconnected)
 		return;
--- a/wpa_supplicant-driver-wext-debug.patch
+++ b/wpa_supplicant-driver-wext-debug.patch
@ -1,121 +1,143 @@
--- BUILD/wpa_supplicant-0.6.4/src/drivers/driver_wext.c
+diff -ur BUILD/wpa_supplicant-0.6.8/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.8/src/drivers/driver_wext.c
-+++ BUILD/wpa_supplicant-0.6.4/src/drivers/driver_wext.c
+--- BUILD/wpa_supplicant-0.6.8/src/drivers/driver_wext.c	2009-02-15 19:00:00.000000000 +0100
-@@ -2174,20 +2174,32 @@
+++ BUILD2/wpa_supplicant-0.6.8/src/drivers/driver_wext.c	2009-03-06 10:29:08.000000000 +0100
@@ -2055,19 +2055,26 @@
 	 * SIOCSIWENCODE here.
 	 */
 	if (drv->auth_alg_fallback &&
- 	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
+-	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
-+{
+	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because auth_alg_fallback failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because auth_alg_fallback failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 	if (!params->bssid &&
- 	    wpa_driver_wext_set_bssid(drv, NULL) < 0)
+-	    wpa_driver_wext_set_bssid(drv, NULL) < 0)
-+{
+	    wpa_driver_wext_set_bssid(drv, NULL) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 	if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
 +{
 +wpa_printf(MSG_DEBUG, "%s: assoc failed because set_mode failed", __FUNCTION__);
 		ret = -1;
 +}
 	/* TODO: should consider getting wpa version and cipher/key_mgmt suites
 	 * from configuration, not from here, where only the selected suite is
 	 * available */
 	if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
- 	    < 0)
+-	    < 0)
-+{
+	    < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_gen_ie failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_gen_ie failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 +
 	if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
 		value = IW_AUTH_WPA_VERSION_DISABLED;
 	else if (params->wpa_ie[0] == WLAN_EID_RSN)
-@@ -2196,26 +2208,41 @@
+@@ -2075,27 +2082,41 @@
 	else
 		value = IW_AUTH_WPA_VERSION_WPA;
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_WPA_VERSION, value) < 0)
+-					   IW_AUTH_WPA_VERSION, value) < 0)
-+{
+					   IW_AUTH_WPA_VERSION, value) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(WPA_VERSION) failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(WPA_VERSION) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 +
 	value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_CIPHER_PAIRWISE, value) < 0)
+-					   IW_AUTH_CIPHER_PAIRWISE, value) < 0)
-+{
+					   IW_AUTH_CIPHER_PAIRWISE, value) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_PAIRWISE) failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_PAIRWISE) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 +
 	value = wpa_driver_wext_cipher2wext(params->group_suite);
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_CIPHER_GROUP, value) < 0)
+-					   IW_AUTH_CIPHER_GROUP, value) < 0)
-+{
+					   IW_AUTH_CIPHER_GROUP, value) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_GROUP) failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_GROUP) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 +
 	value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_KEY_MGMT, value) < 0)
+-					   IW_AUTH_KEY_MGMT, value) < 0)
-+{
+					   IW_AUTH_KEY_MGMT, value) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(KEY_MGMT) failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(KEY_MGMT) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 +
 	value = params->key_mgmt_suite != KEY_MGMT_NONE ||
 		params->pairwise_suite != CIPHER_NONE ||
 		params->group_suite != CIPHER_NONE ||
 		params->wpa_ie_len;
 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_PRIVACY_INVOKED, value) < 0)
+-					   IW_AUTH_PRIVACY_INVOKED, value) < 0)
-+{
+					   IW_AUTH_PRIVACY_INVOKED, value) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(PRIVACY_INVOKED) failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(PRIVACY_INVOKED) failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 	/* Allow unencrypted EAPOL messages even if pairwise keys are set when
 	 * not using WPA. IEEE 802.1X specifies that these frames are not
-@@ -2231,7 +2258,11 @@
+@@ -2106,12 +2127,18 @@
 	else
 		allow_unencrypted_eapol = 1;
 -	if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
 +	if (wpa_driver_wext_set_psk(drv, params->psk) < 0) {
 +		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_psk failed", __FUNCTION__);
 		ret = -1;
 +	}
 +
 	if (wpa_driver_wext_set_auth_param(drv,
 					   IW_AUTH_RX_UNENCRYPTED_EAPOL,
- 					   allow_unencrypted_eapol) < 0)
+-					   allow_unencrypted_eapol) < 0)
-		ret = -1;
+					   allow_unencrypted_eapol) < 0) {
-+{
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__);
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__);
+ 		ret = -1;
-+                ret = -1;
+	}
 +}
 +
 #ifdef WEXT_MFP_PENDING
 #ifdef CONFIG_IEEE80211W
 	switch (params->mgmt_frame_protection) {
-@@ -2250,12 +2281,21 @@
+ 	case NO_MGMT_FRAME_PROTECTION:
@@ -2124,16 +2151,26 @@
 		value = IW_AUTH_MFP_REQUIRED;
 		break;
 	};
 -	if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
 +	if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) {
 +		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(IW_AUTH_MFP) failed", __FUNCTION__);
 		ret = -1;
 +	}
 #endif /* CONFIG_IEEE80211W */
- #endif /* WEXT_MFP_PENDING */
+-	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
- 	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
+	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0) {
-+{
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__);
 +wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__);
 		ret = -1;
-+}
+-	if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
- 	if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
+	}
-+{
+
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_ssid failed", __FUNCTION__);
+	if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) {
 +		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_ssid failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 +
 	if (params->bssid &&
- 	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
+-	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
-+{
+	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0) {
-+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid2 failed", __FUNCTION__);
+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
 		ret = -1;
-+}
+	}
 	return ret;
 }
-@@ -2280,6 +2320,8 @@
+@@ -2158,6 +2195,10 @@
 	res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
 					     algs);
 	drv->auth_alg_fallback = res == -2;
-+if (res == -2)
+
-+wpa_printf(MSG_DEBUG, "%s: falling back to ENCODE for AUTH", __FUNCTION__);
+	if (res == -2)
 +		wpa_printf(MSG_DEBUG, "%s: falling back to ENCODE for AUTH", __FUNCTION__);
 +
 	return res;
 }
--- a/wpa_supplicant-fix_ap_ordering.patch
+++ b/wpa_supplicant-fix_ap_ordering.patch
@ -1,21 +0,0 @@
 diff -ur BUILD/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c BUILD2/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c
 --- BUILD/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c	2008-08-10 19:33:12.000000000 +0200
 +++ BUILD2/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c	2009-01-28 14:01:42.000000000 +0100
@@ -125,10 +125,13 @@
 		return -1;
 	/* best/max rate preferred if signal level close enough XXX */
 -	maxrate_a = wpa_scan_get_max_rate(wa);
 -	maxrate_b = wpa_scan_get_max_rate(wb);
 -	if (maxrate_a != maxrate_b && abs(wb->level - wa->level) < 5)
 -		return maxrate_b - maxrate_a;
 +	if ( (wb->level != 0 && wa->level != 0 && abs(wb->level - wa->level) < 5) ||
 +	     (abs(wb->qual - wa->qual) < 10) ) {
 +		maxrate_a = wpa_scan_get_max_rate(wa);
 +		maxrate_b = wpa_scan_get_max_rate(wb);
 +		if (maxrate_a != maxrate_b)
 +			return maxrate_b - maxrate_a;
 +	}
 	/* use freq for channel preference */
--- a/wpa_supplicant-fix_set_mode.patch
+++ b/wpa_supplicant-fix_set_mode.patch
@ -1,149 +0,0 @@
 From: Dan Williams <dcbw@redhat.com>
 Date: Mon, 29 Sep 2008 13:45:49 +0000 (+0300)
 Subject: Add an optional set_mode() driver_ops handler for setting mode before keys
 X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=ec5f180a24cd31ba9d3d7f2abc9dc557fd16602f;hp=1a647aaa691d91c4a5ffccce09291592c4340062
 Add an optional set_mode() driver_ops handler for setting mode before keys
 A bug just got reported as a result of this for mac80211 drivers.
 https://bugzilla.redhat.com/show_bug.cgi?id=459399
 The basic problem is that since taking the device down clears the keys
 from the driver on many mac80211-based cards, and since the mode gets
 set _after_ the keys have been set in the driver, the keys get cleared
 on a mode switch and the resulting association is wrong.  The report is
 about ad-hoc mode specifically, but this could happen when switching
 from adhoc back to managed mode.
 ---
 diff --git a/src/drivers/driver.h b/src/drivers/driver.h
 index 70dc075..77a2ceb 100644
 --- a/src/drivers/driver.h
 +++ b/src/drivers/driver.h
@@ -929,6 +929,20 @@ struct wpa_driver_ops {
 	 * Returns: 0 on success, -1 on failure
 	 */
 	int (*set_probe_req_ie)(void *, const u8 *ies, size_t ies_len);
 +
 + 	/**
 +	 * set_mode - Request driver to set the operating mode
 +	 * @priv: private driver interface data
 +	 * @mode: Operation mode (infra/ibss) IEEE80211_MODE_*
 +	 *
 +	 * This handler will be called before any key configuration and call to
 +	 * associate() handler in order to allow the operation mode to be
 +	 * configured as early as possible. This information is also available
 +	 * in associate() params and as such, some driver wrappers may not need
 +	 * to implement set_mode() handler.
 +	 * Returns: 0 on success, -1 on failure
 +	 */
 +	int (*set_mode)(void *priv, int mode);
 };
 /**
 diff --git a/src/drivers/driver_ndis.c b/src/drivers/driver_ndis.c
 index da4f90f..f55bd2e 100644
 --- a/src/drivers/driver_ndis.c
 +++ b/src/drivers/driver_ndis.c
@@ -2829,5 +2829,7 @@ const struct wpa_driver_ops wpa_driver_ndis_ops = {
 	NULL /* mlme_remove_sta */,
 	NULL /* update_ft_ies */,
 	NULL /* send_ft_action */,
 -	wpa_driver_ndis_get_scan_results
 +	wpa_driver_ndis_get_scan_results,
 +	NULL /* set_probe_req_ie */,
 +	NULL /* set_mode */
 };
 diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
 index 98dddd6..a207363 100644
 --- a/src/drivers/driver_nl80211.c
 +++ b/src/drivers/driver_nl80211.c
@@ -2226,8 +2226,6 @@ static int wpa_driver_nl80211_associate(
 	    wpa_driver_nl80211_set_bssid(drv, NULL) < 0)
 		ret = -1;
 -	if (wpa_driver_nl80211_set_mode(drv, params->mode) < 0)
 -		ret = -1;
 	/* TODO: should consider getting wpa version and cipher/key_mgmt suites
 	 * from configuration, not from here, where only the selected suite is
 	 * available */
@@ -2859,6 +2857,7 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
 	.get_scan_results2 = wpa_driver_nl80211_get_scan_results,
 	.deauthenticate = wpa_driver_nl80211_deauthenticate,
 	.disassociate = wpa_driver_nl80211_disassociate,
 +	.set_mode = wpa_driver_nl80211_set_mode,
 	.associate = wpa_driver_nl80211_associate,
 	.set_auth_alg = wpa_driver_nl80211_set_auth_alg,
 	.init = wpa_driver_nl80211_init,
 diff --git a/src/drivers/driver_test.c b/src/drivers/driver_test.c
 index 5c6e6f1..7f7f129 100644
 --- a/src/drivers/driver_test.c
 +++ b/src/drivers/driver_test.c
@@ -982,5 +982,6 @@ const struct wpa_driver_ops wpa_driver_test_ops = {
 	NULL /* update_ft_ies */,
 	NULL /* send_ft_action */,
 	wpa_driver_test_get_scan_results2,
 -	NULL /* set_probe_req_ie */
 +	NULL /* set_probe_req_ie */,
 +	NULL /* set_mode */
 };
 diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c
 index 6b7f1a7..a618a74 100644
 --- a/src/drivers/driver_wext.c
 +++ b/src/drivers/driver_wext.c
@@ -2206,11 +2206,6 @@ int wpa_driver_wext_associate(void *priv,
 	    wpa_driver_wext_set_bssid(drv, NULL) < 0)
 		ret = -1;
 -	if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
 -{
 -wpa_printf(MSG_DEBUG, "%s: assoc failed because set_mode failed", __FUNCTION__);
 -		ret = -1;
 -}
 	/* TODO: should consider getting wpa version and cipher/key_mgmt suites
 	 * from configuration, not from here, where only the selected suite is
 	 * available */
@@ -2782,6 +2780,7 @@ const struct wpa_driver_ops wpa_driver_wext_ops = {
 	.get_scan_results2 = wpa_driver_wext_get_scan_results,
 	.deauthenticate = wpa_driver_wext_deauthenticate,
 	.disassociate = wpa_driver_wext_disassociate,
 +	.set_mode = wpa_driver_wext_set_mode,
 	.associate = wpa_driver_wext_associate,
 	.set_auth_alg = wpa_driver_wext_set_auth_alg,
 	.init = wpa_driver_wext_init,
 diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
 index 4c9482f..a36c65b 100644
 --- a/wpa_supplicant/wpa_supplicant.c
 +++ b/wpa_supplicant/wpa_supplicant.c
@@ -937,6 +937,11 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
 	 * previous association. */
 	wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
 +	if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
 +		wpa_printf(MSG_WARNING, "Failed to set operating mode");
 +		assoc_failed = 1;
 +	}
 +
 #ifdef IEEE8021X_EAPOL
 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
 		if (ssid->leap) {
 diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
 index a2e3dd5..9afae2a 100644
 --- a/wpa_supplicant/wpa_supplicant_i.h
 +++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -448,6 +448,14 @@ static inline int wpa_drv_set_wpa(struct wpa_supplicant *wpa_s, int enabled)
 	return 0;
 }
 +static inline int wpa_drv_set_mode(struct wpa_supplicant *wpa_s, int mode)
 +{
 +	if (wpa_s->driver->set_mode) {
 +		return wpa_s->driver->set_mode(wpa_s->drv_priv, mode);
 +	}
 +	return 0;
 +}
 +
 static inline int wpa_drv_associate(struct wpa_supplicant *wpa_s,
 				    struct wpa_driver_associate_params *params)
 {
--- a/wpa_supplicant-gcc44.patch
+++ b/wpa_supplicant-gcc44.patch
@ -1,30 +0,0 @@
 --- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/networkconfig.cpp	2008-08-10 17:33:12.000000000 +0000
 +++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp	2009-03-01 15:57:45.000000000 +0000
@@ -12,6 +12,7 @@
  * See README and COPYING for more details.
  */
 +#include <stdio.h>
 #include <QMessageBox>
 #include "networkconfig.h"
 --- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/scanresults.cpp	2008-08-10 17:33:12.000000000 +0000
 +++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/scanresults.cpp	2009-03-01 15:57:29.000000000 +0000
@@ -12,6 +12,7 @@
  * See README and COPYING for more details.
  */
 +#include <stdio.h>
 #include "scanresults.h"
 #include "wpagui.h"
 #include "networkconfig.h"
 --- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/wpagui.cpp	2008-08-10 17:33:12.000000000 +0000
 +++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/wpagui.cpp	2009-03-01 15:57:08.000000000 +0000
@@ -20,6 +20,7 @@
 #include <QMessageBox>
 #include <QCloseEvent>
 +#include <stdio.h>
 #include "wpagui.h"
 #include "dirent.h"
 #include "wpa_ctrl.h"
--- a/wpa_supplicant-hide_secrets-2.patch
+++ b/wpa_supplicant-hide_secrets-2.patch
@ -1,60 +0,0 @@
 iff -ur BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c BUILD2/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c
 --- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c	2008-08-10 19:33:12.000000000 +0200
 +++ BUILD2/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c	2008-12-08 15:36:59.000000000 +0100
@@ -798,6 +798,8 @@
 	int id;
 	struct wpa_ssid *ssid;
 	char *name, *value;
 +	int show_value = 1;
 +	const char *nokey = "[REMOVED]";
 	/* cmd: "<network id> <variable name> <value>" */
 	name = os_strchr(cmd, ' ');
@@ -805,6 +807,15 @@
 		return -1;
 	*name++ = '\0';
 +	/* Only show passwords and keys if requested */
 +	if (!strncmp (name, "wep_key", 7)
 +			|| !strncmp (name, "psk", 3)
 +			|| !strncmp (name, "password", 8)
 +			|| !strncmp (name, "pin", 3)
 +			|| !strncmp (name, "private_key_passwd", 18)) {
 +		show_value = wpa_s->global->params.wpa_debug_show_keys;
 +	}
 +
 	value = os_strchr(name, ' ');
 	if (value == NULL)
 		return -1;
@@ -1346,6 +1358,19 @@
 	    os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
 		wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
 				      (const u8 *) buf, os_strlen(buf));
 +	} else if (strncmp(buf, "SET_NETWORK ", 12) == 0) {
 +		/* Check for forbidden material here too */
 +		if (strstr (buf, " wep_key")
 +				|| strstr (buf, " psk ")
 +				|| strstr (buf, " password ")
 +				|| strstr (buf, " pin ")
 +				|| strstr (buf, " private_key_passwd ")) {
 +			wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
 +				      (const u8 *) buf, os_strlen(buf));
 +		} else {
 +			wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface",
 +					  (const u8 *) buf, os_strlen(buf));
 +		}
 	} else {
 		wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface",
 				  (const u8 *) buf, os_strlen(buf));
 diff -ur BUILD/wpa_supplicant-0.6.4/wpa_supplicant/config.c BUILD2//wpa_supplicant-0.6.4/wpa_supplicant/config.c
 --- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/config.c	2008-12-08 16:35:13.000000000 +0100
 +++ BUILD2//wpa_supplicant-0.6.4/wpa_supplicant/config.c	2008-12-08 16:34:25.000000000 +0100
@@ -1001,7 +1001,7 @@
 				   "password.", line);
 			return -1;
 		}
 -		wpa_hexdump_ascii(MSG_MSGDUMP, data->name,
 +		wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
 				  (u8 *) tmp, res_len);
 		os_free(ssid->eap.password);
--- a/wpa_supplicant-pkcs11-init-args.patch
+++ b/wpa_supplicant-pkcs11-init-args.patch
@ -1,8 +1,7 @@
-Index: wpa_supplicant-0.6.4/src/crypto/tls.h
+diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h	2009-03-23 15:06:28.000000000 +0100
--- wpa_supplicant-0.6.4.orig/src/crypto/tls.h
+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h	2009-05-05 11:47:15.000000000 +0200
-+++ wpa_supplicant-0.6.4/src/crypto/tls.h
+@@ -32,6 +32,7 @@
@@ -32,6 +32,7 @@ struct tls_config {
 	const char *opensc_engine_path;
 	const char *pkcs11_engine_path;
 	const char *pkcs11_module_path;
@ -10,11 +9,10 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls.h
 };
 /**
-Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
+diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c	2009-03-23 15:06:28.000000000 +0100
--- wpa_supplicant-0.6.4.orig/src/crypto/tls_openssl.c
+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c	2009-05-05 11:47:15.000000000 +0200
-+++ wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
+@@ -667,9 +667,11 @@
@@ -653,9 +653,11 @@ static int tls_engine_load_dynamic_gener
  * tls_engine_load_dynamic_pkcs11 - load the pkcs11 engine provided by opensc
  * @pkcs11_so_path: pksc11_so_path from the configuration
  * @pcks11_module_path: pkcs11_module_path from the configuration
@ -27,7 +25,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 {
 	char *engine_id = "pkcs11";
 	const char *pre_cmd[] = {
-@@ -668,6 +670,7 @@ static int tls_engine_load_dynamic_pkcs1
+@@ -682,6 +684,7 @@
 	};
 	const char *post_cmd[] = {
 		"MODULE_PATH", NULL /* pkcs11_module_path */,
@ -35,7 +33,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 		NULL, NULL
 	};
-@@ -678,6 +681,9 @@ static int tls_engine_load_dynamic_pkcs1
+@@ -692,6 +695,9 @@
 	pre_cmd[3] = engine_id;
 	post_cmd[1] = pkcs11_module_path;
@ -45,7 +43,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 	wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s",
 		   pkcs11_so_path);
-@@ -747,7 +753,8 @@ void * tls_init(const struct tls_config
+@@ -761,7 +767,8 @@
 		if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) ||
 		    tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path,
@ -55,53 +53,21 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
 			tls_deinit(ssl);
 			return NULL;
 		}
-Index: wpa_supplicant-0.6.4/src/eap_peer/eap.c
+diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c	2009-03-23 15:06:28.000000000 +0100
--- wpa_supplicant-0.6.4.orig/src/eap_peer/eap.c
+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c	2009-05-05 11:47:15.000000000 +0200
-+++ wpa_supplicant-0.6.4/src/eap_peer/eap.c
+@@ -1834,6 +1834,7 @@
@@ -1169,6 +1169,7 @@ struct eap_sm * eap_peer_sm_init(void *e
 	tlsconf.opensc_engine_path = conf->opensc_engine_path;
 	tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
 	tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
 +	tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args;
 	sm->ssl_ctx = tls_init(&tlsconf);
 	if (sm->ssl_ctx == NULL) {
 		wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
 Index: wpa_supplicant-0.6.4/src/eap_peer/eap.h
 ===================================================================
 --- wpa_supplicant-0.6.4.orig/src/eap_peer/eap.h
 +++ wpa_supplicant-0.6.4/src/eap_peer/eap.h
@@ -246,6 +246,13 @@ struct eap_config {
 	 */
 	const char *pkcs11_module_path;
 	/**
 +	 * pkcs11_module_init_args - OpenSC PKCS#11 module initialization 
 +	 * arguments for OpenSSL engine.
 +	 *
 +	 * Usually, NULL.
 +	 */
 +	const char *pkcs11_module_init_args;
 +	/**
 	 * mac_addr - MAC address of the peer
 	 *
 	 * This can be left %NULL if not available.
 Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.c
 ===================================================================
 --- wpa_supplicant-0.6.4.orig/src/eapol_supp/eapol_supp_sm.c
 +++ wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.c
@@ -1801,6 +1801,7 @@ struct eapol_sm *eapol_sm_init(struct ea
 	conf.opensc_engine_path = ctx->opensc_engine_path;
 	conf.pkcs11_engine_path = ctx->pkcs11_engine_path;
 	conf.pkcs11_module_path = ctx->pkcs11_module_path;
 +	conf.pkcs11_module_init_args = ctx->pkcs11_module_init_args;
 #endif /* EAP_TLS_OPENSSL */
 	conf.wps = ctx->wps;
- 	sm->eap = eap_peer_sm_init(sm, &eapol_cb, sm->ctx->msg_ctx, &conf);
+diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h
-Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
+--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h	2009-03-23 15:06:28.000000000 +0100
-===================================================================
+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h	2009-05-05 11:47:15.000000000 +0200
--- wpa_supplicant-0.6.4.orig/src/eapol_supp/eapol_supp_sm.h
+@@ -198,6 +198,15 @@
 +++ wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
@@ -198,6 +198,15 @@ struct eapol_ctx {
 	 * module is not loaded.
 	 */
 	const char *pkcs11_module_path;
@ -117,23 +83,70 @@ Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
 #endif /* EAP_TLS_OPENSSL */
 	/**
-Index: wpa_supplicant-0.6.4/wpa_supplicant/config.c
+diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c	2009-03-23 15:06:28.000000000 +0100
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config.c
+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c	2009-05-05 11:47:15.000000000 +0200
-+++ wpa_supplicant-0.6.4/wpa_supplicant/config.c
+@@ -1188,6 +1188,7 @@
-@@ -1526,6 +1526,7 @@ void wpa_config_free(struct wpa_config *
+ 	tlsconf.opensc_engine_path = conf->opensc_engine_path;
 	tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
 	tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
 +	tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args;
 	sm->ssl_ctx = tls_init(&tlsconf);
 	if (sm->ssl_ctx == NULL) {
 		wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
 diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h
 --- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h	2009-03-23 15:06:28.000000000 +0100
 +++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h	2009-05-05 11:48:04.000000000 +0200
@@ -246,6 +246,13 @@
 	 */
 	const char *pkcs11_module_path;
 	/**
 + 	 * pkcs11_module_init_args - OpenSC PKCS#11 module initialization 
 + 	 * arguments for OpenSSL engine.
 + 	 *
 + 	 * Usually, NULL.
 + 	 */
 + 	const char *pkcs11_module_init_args;
 + 	/**
 	 * wps - WPS context data
 	 *
 	 * This is only used by EAP-WSC and can be left %NULL if not available.
 diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c
 --- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-05-05 11:49:45.000000000 +0200
 +++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-05-05 11:47:15.000000000 +0200
@@ -1580,6 +1580,7 @@
 	os_free(config->opensc_engine_path);
 	os_free(config->pkcs11_engine_path);
 	os_free(config->pkcs11_module_path);
 +	os_free(config->pkcs11_module_init_args);
 #endif /* EAP_TLS_OPENSSL */
 	os_free(config->driver_param);
- 	os_free(config->pssid);
+ 	os_free(config->device_name);
-Index: wpa_supplicant-0.6.4/wpa_supplicant/config.h
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-05-05 11:49:45.000000000 +0200
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config.h
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-05-05 11:49:24.000000000 +0200
-+++ wpa_supplicant-0.6.4/wpa_supplicant/config.h
+@@ -444,6 +444,7 @@
-@@ -194,6 +194,15 @@ struct wpa_config {
+ 	{ STR(opensc_engine_path) },
 	{ STR(pkcs11_engine_path) },
 	{ STR(pkcs11_module_path) },
 +	{ STR(pkcs11_module_init_args) },
 #endif /* EAP_TLS_OPENSSL */
 	{ STR(driver_param) },
 	{ INT(dot11RSNAConfigPMKLifetime) },
@@ -854,6 +855,9 @@
 	if (config->pkcs11_module_path)
 		fprintf(f, "pkcs11_module_path=%s\n",
 			config->pkcs11_module_path);
 +	if (config->pkcs11_module_init_args)
 +		fprintf(f, "pkcs11_module_init_args=%s\n",
 +			config->pkcs11_module_init_args);
 #endif /* EAP_TLS_OPENSSL */
 	if (config->driver_param)
 		fprintf(f, "driver_param=%s\n", config->driver_param);
 diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h
 --- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-05-05 11:49:45.000000000 +0200
 +++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-05-05 11:47:15.000000000 +0200
@@ -195,6 +195,15 @@
 	 * module is not loaded.
 	 */
 	char *pkcs11_module_path;
@ -149,52 +162,10 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/config.h
 #endif /* EAP_TLS_OPENSSL */
 	/**
-Index: wpa_supplicant-0.6.4/wpa_supplicant/config_file.c
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c	2009-05-05 11:49:45.000000000 +0200
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config_file.c
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c	2009-05-05 11:47:15.000000000 +0200
-+++ wpa_supplicant-0.6.4/wpa_supplicant/config_file.c
+@@ -866,7 +866,7 @@
@@ -355,6 +355,16 @@ static int wpa_config_process_pkcs11_mod
 	return 0;
 }
 +static int wpa_config_process_pkcs11_module_init_args(struct wpa_config *config,
 +					       char *pos)
 +{
 +	os_free(config->pkcs11_module_init_args);
 +	config->pkcs11_module_init_args = os_strdup(pos);
 +	wpa_printf(MSG_DEBUG, "pkcs11_module_init_args='%s'",
 +		   config->pkcs11_module_init_args);
 +	return 0;
 +}
 +
 #endif /* EAP_TLS_OPENSSL */
@@ -457,6 +467,9 @@ static int wpa_config_process_global(str
 	if (os_strncmp(pos, "pkcs11_module_path=", 19) == 0)
 		return wpa_config_process_pkcs11_module_path(config, pos + 19);
 +
 +	if (os_strncmp(pos, "pkcs11_module_init_args=", 24) == 0)
 +		return wpa_config_process_pkcs11_module_init_args(config, pos + 24);
 #endif /* EAP_TLS_OPENSSL */
 	if (os_strncmp(pos, "driver_param=", 13) == 0)
@@ -827,6 +840,9 @@ static void wpa_config_write_global(FILE
 	if (config->pkcs11_module_path)
 		fprintf(f, "pkcs11_module_path=%s\n",
 			config->pkcs11_module_path);
 +	if (config->pkcs11_module_init_args)
 +		fprintf(f, "pkcs11_module_init_args=%s\n",
 +			config->pkcs11_module_init_args);
 #endif /* EAP_TLS_OPENSSL */
 	if (config->driver_param)
 		fprintf(f, "driver_param=%s\n", config->driver_param);
 Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 ===================================================================
 --- wpa_supplicant-0.6.4.orig/wpa_supplicant/ctrl_iface_dbus_handlers.c
 +++ wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
@@ -858,7 +858,7 @@ out:
 static const char *dont_quote[] = {
 	"key_mgmt", "proto", "pairwise", "auth_alg", "group", "eap",
 	"opensc_engine_path", "pkcs11_engine_path", "pkcs11_module_path",
@ -203,7 +174,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 };
 static dbus_bool_t should_quote_opt(const char *key)
-@@ -1196,6 +1196,7 @@ DBusMessage * wpas_dbus_iface_set_smartc
+@@ -1204,6 +1204,7 @@
 	char *opensc_engine_path = NULL;
 	char *pkcs11_engine_path = NULL;
 	char *pkcs11_module_path = NULL;
@ -211,7 +182,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 	struct wpa_dbus_dict_entry entry;
 	if (!dbus_message_iter_init(message, &iter))
-@@ -1222,6 +1223,11 @@ DBusMessage * wpas_dbus_iface_set_smartc
+@@ -1230,6 +1231,11 @@
 			pkcs11_module_path = os_strdup(entry.str_value);
 			if (pkcs11_module_path == NULL)
 				goto error;
@ -223,7 +194,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 		} else {
 			wpa_dbus_dict_entry_clear(&entry);
 			goto error;
-@@ -1236,6 +1242,8 @@ DBusMessage * wpas_dbus_iface_set_smartc
+@@ -1244,6 +1250,8 @@
 	wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path;
 	os_free(wpa_s->conf->pkcs11_module_path);
 	wpa_s->conf->pkcs11_module_path = pkcs11_module_path;
@ -232,7 +203,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 #endif /* EAP_TLS_OPENSSL */
 	eapol_sm_deinit(wpa_s->eapol);
-@@ -1247,6 +1255,7 @@ error:
+@@ -1257,6 +1265,7 @@
 	os_free(opensc_engine_path);
 	os_free(pkcs11_engine_path);
 	os_free(pkcs11_module_path);
@ -240,11 +211,10 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
 	return wpas_dbus_new_invalid_opts_error(message, NULL);
 }
-Index: wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c	2009-03-23 15:06:28.000000000 +0100
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/eapol_test.c
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c	2009-05-05 11:47:15.000000000 +0200
-+++ wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
+@@ -408,6 +408,7 @@
@@ -335,6 +335,7 @@ static int test_eapol(struct eapol_test_
 	ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
 	ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
 	ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
@ -252,28 +222,26 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
 #endif /* EAP_TLS_OPENSSL */
 	wpa_s->eapol = eapol_sm_init(ctx);
-Index: wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant.c
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c
-===================================================================
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c	2009-03-23 15:06:28.000000000 +0100
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/wpa_supplicant.c
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c	2009-05-05 11:47:15.000000000 +0200
-+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant.c
+@@ -557,6 +557,7 @@
-@@ -560,7 +560,7 @@ int wpa_supplicant_reload_configuration(
+ 	ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
 	ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
 	ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
 +	ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args;
 #endif /* EAP_TLS_OPENSSL */
 	ctx->wps = wpa_s->wps;
 	ctx->eap_param_needed = wpa_supplicant_eap_param_needed;
 diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c
 --- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c	2009-05-05 11:49:45.000000000 +0200
 +++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c	2009-05-05 11:47:15.000000000 +0200
@@ -577,7 +577,7 @@
 	wpa_s->current_ssid = NULL;
 	/*
 	 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
 -	 * pkcs11_engine_path, pkcs11_module_path.
 +	 * pkcs11_engine_path, pkcs11_module_path, pkcs11_module_init_args.
 	 */
- 	if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK ||
+ 	if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
- 	    wpa_s->key_mgmt == WPA_KEY_MGMT_FT_PSK) {
+ 		/*
 Index: wpa_supplicant-0.6.4/wpa_supplicant/wpas_glue.c
 ===================================================================
 --- wpa_supplicant-0.6.4.orig/wpa_supplicant/wpas_glue.c
 +++ wpa_supplicant-0.6.4/wpa_supplicant/wpas_glue.c
@@ -535,6 +535,7 @@ int wpa_supplicant_init_eapol(struct wpa
 	ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
 	ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
 	ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
 +	ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args;
 #endif /* EAP_TLS_OPENSSL */
 	ctx->eap_param_needed = wpa_supplicant_eap_param_needed;
 	ctx->cb = wpa_supplicant_eapol_cb;
--- a/wpa_supplicant-respect_no_reply.patch
+++ b/wpa_supplicant-respect_no_reply.patch
@ -1,22 +0,0 @@
 --- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus.c
 +++ BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus.c
@@ -547,7 +547,8 @@
 	/* If the message was handled, send back the reply */
 	if (reply) {
 -		dbus_connection_send(connection, reply, NULL);
 +		if(!dbus_message_get_no_reply(message))
 +			dbus_connection_send(connection, reply, NULL);
 		dbus_message_unref(reply);
 	}
@@ -606,7 +607,8 @@
 	/* If the message was handled, send back the reply */
 	if (reply) {
 -		dbus_connection_send(connection, reply, NULL);
 +		if (!dbus_message_get_no_reply(message))
 +			dbus_connection_send(connection, reply, NULL);
 		dbus_message_unref(reply);
 	}
--- a/wpa_supplicant-restore_scan_request_setting.patch
+++ b/wpa_supplicant-restore_scan_request_setting.patch
@ -1,25 +0,0 @@
 From: Dan Nicholson <dbn.lists@gmail.com>
 Date: Wed, 24 Sep 2008 09:48:33 +0000 (+0300)
 Subject: Restore scan request settings if initial association failed
 X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=2064c2f98515016c376f3b69bfe161c85639e764;hp=76dca8929507feca772a35e830329934ae685444
 Restore scan request settings if initial association failed
 The scan path to initiate another scan if the initial association failed
 was broken due to wpa_s->scan_req being zeroed earlier in
 wpa_supplicant_scan(). This caused the second scan to bail out early
 since it thought this was not a requested scan.
 ---
 diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c
 index c2549e2..8767109 100644
 --- a/wpa_supplicant/scan.c
 +++ b/wpa_supplicant/scan.c
@@ -137,6 +137,7 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
 	if (wpa_s->scan_res_tried == 0 && wpa_s->conf->ap_scan == 1 &&
 	    !wpa_s->use_client_mlme) {
 		wpa_s->scan_res_tried++;
 +		wpa_s->scan_req = scan_req;
 		wpa_printf(MSG_DEBUG, "Trying to get current scan results "
 			   "first without requesting a new scan to speed up "
 			   "initial association");
--- a/wpa_supplicant-roaming.patch
+++ b/wpa_supplicant-roaming.patch
@ -1,16 +1,16 @@
-diff -ur wpa_supplicant-0.6.4/src/drivers/driver.h wpa_supplicant-0.6.4_us/src/drivers/driver.h
+diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h
--- wpa_supplicant-0.6.4/src/drivers/driver.h	2008-08-10 19:33:12.000000000 +0200
+--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h	2009-03-23 15:06:28.000000000 +0100
-+++ wpa_supplicant-0.6.4_us/src/drivers/driver.h	2008-10-13 13:50:55.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h	2009-05-04 14:26:47.000000000 +0200
-@@ -929,6 +929,8 @@
+@@ -963,6 +963,8 @@
 	 * Returns: 0 on success, -1 on failure
 	 */
 	int (*set_mode)(void *priv, int mode);
 +
 +	int (*get_default_roaming)(void *priv);
 };
- /**
+	int (*get_default_roaming)(void *priv);
-@@ -1052,7 +1054,13 @@
+ 
 	/**
 	 * set_country - Set country
 	 * @priv: Private driver interface data
@@ -1147,7 +1149,13 @@
 	 * FT authentication sequence from the AP. The FT IEs are included in
 	 * the extra information in union wpa_event_data::ft_ies.
 	 */
@ -25,10 +25,10 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver.h wpa_supplicant-0.6.4_us/src/d
 } wpa_event_type;
-diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/src/drivers/driver_wext.c
+diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c
--- wpa_supplicant-0.6.4/src/drivers/driver_wext.c	2008-08-10 19:33:12.000000000 +0200
+--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c	2009-05-04 14:32:17.000000000 +0200
-+++ wpa_supplicant-0.6.4_us/src/drivers/driver_wext.c	2008-10-13 14:54:03.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c	2009-05-04 14:28:20.000000000 +0200
-@@ -643,10 +642,18 @@
+@@ -524,10 +524,18 @@
 				drv->assoc_req_ies = NULL;
 				os_free(drv->assoc_resp_ies);
 				drv->assoc_resp_ies = NULL;
@ -47,7 +47,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 				wpa_driver_wext_event_assoc_ies(drv);
 				wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
 			}
-@@ -1027,6 +1034,30 @@
+@@ -891,6 +899,30 @@
 	return wpa_driver_wext_set_ifflags_ifname(drv, drv->ifname, flags);
 }
@ -78,7 +78,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 /**
  * wpa_driver_wext_init - Initialize WE driver interface
-@@ -1078,6 +1109,9 @@
+@@ -942,6 +974,9 @@
 	drv->mlme_sock = -1;
@ -88,7 +88,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 	wpa_driver_wext_finish_drv_init(drv);
 	return drv;
-@@ -1153,6 +1187,7 @@
+@@ -1017,6 +1052,7 @@
 	int flags;
 	eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
@ -96,7 +96,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 	/*
 	 * Clear possibly configured driver parameters in order to make it
-@@ -1206,6 +1241,69 @@
+@@ -1058,6 +1094,69 @@
 	wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
 }
@ -166,7 +166,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 /**
  * wpa_driver_wext_scan - Request the driver to initiate scan
-@@ -1753,6 +1850,7 @@
+@@ -1610,6 +1709,7 @@
 		if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
 			drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
@ -174,17 +174,15 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
 		wpa_printf(MSG_DEBUG, "  capabilities: key_mgmt 0x%x enc 0x%x "
 			   "flags 0x%x",
 			   drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags);
-@@ -2766,6 +2865,7 @@
+@@ -2388,4 +2488,5 @@
 	.flush_pmkid = wpa_driver_wext_flush_pmkid,
 	.get_capa = wpa_driver_wext_get_capa,
 	.set_operstate = wpa_driver_wext_set_operstate,
 +	.get_default_roaming = wpa_driver_get_default_roaming,
- #ifdef CONFIG_CLIENT_MLME
+ };
- 	.get_hw_feature_data = wpa_driver_wext_get_hw_feature_data,
+diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h
- 	.set_channel = wpa_driver_wext_set_channel,
+--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h	2009-03-23 15:06:28.000000000 +0100
-diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.h wpa_supplicant-0.6.4_us/src/drivers/driver_wext.h
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h	2009-05-04 14:26:04.000000000 +0200
 --- wpa_supplicant-0.6.4/src/drivers/driver_wext.h	2008-08-10 19:33:12.000000000 +0200
 +++ wpa_supplicant-0.6.4_us/src/drivers/driver_wext.h	2008-10-13 14:08:22.000000000 +0200
@@ -43,6 +43,9 @@
 	char mlmedev[IFNAMSIZ + 1];
@ -203,10 +201,10 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.h wpa_supplicant-0.6.4_us/
 int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
 					const char *ifname);
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.c wpa_supplicant-0.6.4_us/wpa_supplicant/config.c
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c
--- wpa_supplicant-0.6.4/wpa_supplicant/config.c	2008-08-10 19:33:12.000000000 +0200
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-03-23 15:06:28.000000000 +0100
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config.c	2008-09-29 13:13:31.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c	2009-05-04 14:26:04.000000000 +0200
-@@ -1883,6 +1883,7 @@
+@@ -1943,6 +1943,7 @@
 	config->eapol_version = DEFAULT_EAPOL_VERSION;
 	config->ap_scan = DEFAULT_AP_SCAN;
 	config->fast_reauth = DEFAULT_FAST_REAUTH;
@ -214,10 +212,10 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.c wpa_supplicant-0.6.4_us/wp
 	if (ctrl_interface)
 		config->ctrl_interface = os_strdup(ctrl_interface);
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config_file.c wpa_supplicant-0.6.4_us/wpa_supplicant/config_file.c
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c
--- wpa_supplicant-0.6.4/wpa_supplicant/config_file.c	2008-08-10 19:33:12.000000000 +0200
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-03-23 15:06:28.000000000 +0100
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config_file.c	2008-09-29 13:20:10.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c	2009-05-04 14:31:03.000000000 +0200
-@@ -312,6 +312,12 @@
+@@ -306,6 +306,12 @@
 	return 0;
 }
@ -228,21 +226,19 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config_file.c wpa_supplicant-0.6.4_
 +	return 0;
 +}
- static int wpa_config_process_fast_reauth(struct wpa_config *config, char *pos)
+ static int wpa_config_parse_str(const struct global_parse_data *data,
- {
+ 				struct wpa_config *config, int line,
-@@ -445,6 +451,9 @@
+@@ -457,6 +463,7 @@
- 	if (os_strncmp(pos, "ap_scan=", 8) == 0)
+ 	{ STR(device_type) },
- 		return wpa_config_process_ap_scan(config, pos + 8);
+ 	{ FUNC(os_version) },
- 
+ 	{ INT_RANGE(wps_cred_processing, 0, 2) },
-+	if (os_strncmp(pos, "roaming=", 8) == 0)
+	{ FUNC(roaming) },
-+		return wpa_config_process_roaming(config, pos + 8);
+ #endif /* CONFIG_WPS */
-+
+ 	{ FUNC(country) }
- 	if (os_strncmp(pos, "fast_reauth=", 12) == 0)
+ };
- 		return wpa_config_process_fast_reauth(config, pos + 12);
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h
- 
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-03-23 15:06:28.000000000 +0100
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.h wpa_supplicant-0.6.4_us/wpa_supplicant/config.h
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h	2009-05-04 14:26:04.000000000 +0200
 --- wpa_supplicant-0.6.4/wpa_supplicant/config.h	2008-08-10 19:33:12.000000000 +0200
 +++ wpa_supplicant-0.6.4_us/wpa_supplicant/config.h	2008-10-13 13:42:01.000000000 +0200
@@ -22,6 +22,7 @@
 #define DEFAULT_AP_SCAN 1
 #endif /* CONFIG_NO_SCAN_PROCESSING */
@ -263,10 +259,10 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.h wpa_supplicant-0.6.4_us/wp
 	 * blobs - Configuration blobs
 	 */
 	struct wpa_config_blob *blobs;
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wpa_supplicant/events.c
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c
--- wpa_supplicant-0.6.4/wpa_supplicant/events.c	2008-08-10 19:33:12.000000000 +0200
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c	2009-03-23 15:06:28.000000000 +0100
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/events.c	2008-10-13 13:53:52.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c	2009-05-04 14:26:04.000000000 +0200
-@@ -613,6 +613,21 @@
+@@ -706,6 +706,21 @@
 }
 #endif /* CONFIG_NO_SCAN_PROCESSING */
@ -288,7 +284,7 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wp
 static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
 					   union wpa_event_data *data)
-@@ -955,6 +970,9 @@
+@@ -1114,6 +1129,9 @@
 		wpa_supplicant_event_ft_response(wpa_s, data);
 		break;
 #endif /* CONFIG_IEEE80211R */
@ -298,14 +294,14 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wp
 	default:
 		wpa_printf(MSG_INFO, "Unknown event %d", event);
 		break;
-diff -ur wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant_i.h wpa_supplicant-0.6.4_us/wpa_supplicant/wpa_supplicant_i.h
+diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h
--- wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant_i.h	2008-08-10 19:33:12.000000000 +0200
+--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h	2009-03-23 15:06:28.000000000 +0100
-+++ wpa_supplicant-0.6.4_us/wpa_supplicant/wpa_supplicant_i.h	2008-10-13 13:53:43.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h	2009-05-04 14:32:01.000000000 +0200
-@@ -334,6 +334,7 @@
+@@ -350,6 +350,7 @@
 	struct wpa_client_mlme mlme;
 	int use_client_mlme;
 	int driver_4way_handshake;
 +	struct os_time last_roaming_attempt;
 };
 	int pending_mic_error_report;
 	int pending_mic_error_pairwise;
--- a/wpa_supplicant.changes
+++ b/wpa_supplicant.changes
@ -1,3 +1,90 @@
 -------------------------------------------------------------------
 Tue Apr  7 13:02:49 CEST 2009 - hschaa@suse.de
 - Enable ralink driver (bnc#481380)
 - Enable nl80211 driver (bnc#485453)
 - Rebase all SUSE patches to 0.6.9
 - Remove upstreamed patches
 - Update to 0.6.9
 	* driver_ndis: add PAE group address to the multicast address list to
 	  fix wired IEEE 802.1X authentication
 	* fixed IEEE 802.11r key derivation function to match with the standard
 	  (note: this breaks interoperability with previous version) [Bug 303]
 	* increased wpa_cli ping interval to 5 seconds and made this
 	  configurable with a new command line options (-G<seconds>)
 	* fixed scan buffer processing with WEXT to handle up to 65535
 	  byte result buffer (previously, limited to 32768 bytes)
 	* added support for Wi-Fi Protected Setup (WPS)
 	  (wpa_supplicant can now be configured to act as a WPS Enrollee to
 	  enroll credentials for a network using PIN and PBC methods; in
 	  addition, wpa_supplicant can act as a wireless WPS Registrar to
 	  configure an AP); WPS support can be enabled by adding CONFIG_WPS=y
 	  into .config and setting the runtime configuration variables in
 	  wpa_supplicant.conf (see WPS section in the example configuration
 	  file); new wpa_cli commands wps_pin, wps_pbc, and wps_reg are used to
 	  manage WPS negotiation; see README-WPS for more details
 	* added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
 	* added support for using driver_test over UDP socket
 	* fixed PEAPv0 Cryptobinding interoperability issue with Windows Server
 	  2008 NPS; optional cryptobinding is now enabled (again) by default
 	* fixed PSK editing in wpa_gui
 	* changed EAP-GPSK to use the IANA assigned EAP method type 51
 	* added a Windows installer that includes WinPcap and all the needed
 	  DLLs; in addition, it set up the registry automatically so that user
 	  will only need start wpa_gui to get prompted to start the wpasvc
 	  servide and add a new interface if needed through wpa_gui dialog
 	* updated management frame protection to use IEEE 802.11w/D7.0
 	* added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
 	  (can be used to simulate test SIM/USIM card with a known private key;
 	  enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
 	  and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
 	* added a new network configuration option, wpa_ptk_rekey, that can be
 	  used to enforce frequent PTK rekeying, e.g., to mitigate some attacks
 	  against TKIP deficiencies
 	* added an optional mitigation mechanism for certain attacks against
 	  TKIP by delaying Michael MIC error reports by a random amount of time
 	  between 0 and 60 seconds; this can be enabled with a build option
 	  CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
 	* fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
 	  not bytes
 	* updated OpenSSL code for EAP-FAST to use an updated version of the
 	  session ticket overriding API that was included into the upstream
 	  OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
 	  needed with that version anymore)
 	* updated userspace MLME instructions to match with the current Linux
 	  mac80211 implementation; please also note that this can only be used
 	  with driver_nl80211.c (the old code from driver_wext.c was removed)
 	* added support (Linux only) for RoboSwitch chipsets (often found in
 	  consumer grade routers); driver interface 'roboswitch'
 	* fixed canceling of PMKSA caching when using drivers that generate
 	  RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
 	  about
 	* added support for SHA-256 as X.509 certificate digest when using the
 	  internal X.509/TLSv1 implementation
 	* updated management frame protection to use IEEE 802.11w/D6.0
 	* added support for using SHA256-based stronger key derivation for WPA2
 	  (IEEE 802.11w)
 	* fixed FT (IEEE 802.11r) authentication after a failed association to
 	  use correct FTIE
 	* added support for configuring Phase 2 (inner/tunneled) authentication
 	  method with wpa_gui-qt4
 	* added support for EAP Sequences in EAP-FAST Phase 2
 	* added support for using TNC with EAP-FAST
 	* added driver_ps3 for the PS3 Linux wireless driver
 	* added support for optional cryptobinding with PEAPv0
 	* fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
 	  allow fallback to full handshake if server rejects PAC-Opaque
 	* added fragmentation support for EAP-TNC
 	* added support for parsing PKCS #8 formatted private keys into the
 	  internal TLS implementation (both PKCS #1 RSA key and PKCS #8
 	  encapsulated RSA key can now be used)
 	* added option of using faster, but larger, routines in the internal
 	  LibTomMath (for internal TLS implementation) to speed up DH and RSA
 	  calculations (CONFIG_INTERNAL_LIBTOMMATH_FAST=y)
 	* fixed race condition between disassociation event and group key
 	  handshake to avoid getting stuck in incorrect state [Bug 261]
 	* fixed opportunistic key caching (proactive_key_caching)
 -------------------------------------------------------------------
 Sun Mar  1 17:03:04 CET 2009 - coolo@suse.de
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@ -1,5 +1,5 @@
 #
-# spec file for package wpa_supplicant (Version 0.6.4)
+# spec file for package wpa_supplicant (Version 0.6.9)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@ -19,10 +19,10 @@
 Name:           wpa_supplicant
-BuildRequires:  dbus-1-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel
+BuildRequires:  dbus-1-devel libnl-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel
 Url:            http://hostap.epitest.fi/wpa_supplicant/
-Version:        0.6.4
+Version:        0.6.9
-Release:        25
+Release:        1
 License:        BSD 3-Clause; GPL v2 or later
 Group:          Productivity/Networking/Other
 Summary:        WPA supplicant implementation
@ -31,22 +31,21 @@ Source1:        config
 Source2:        %{name}.conf
 Source3:        fi.epitest.hostap.WPASupplicant.service
 Patch0:         wpa_supplicant-driver-wext-debug.patch
 # wpa_supplicant-flush-debug-output.patch won't go upstream as it might
 # change timings
 Patch1:         wpa_supplicant-flush-debug-output.patch
 # wpa_supplicant-sigusr1-changes-debuglevel.patch won't go upstream as it
 # is not portable
 Patch2:         wpa_supplicant-sigusr1-changes-debuglevel.patch
 Patch3:         wpa_supplicant-dbus-iface-segfault-fix.patch
 Patch4:         wpa_supplicant-errormsg.patch
-Patch5:         wpa_supplicant-roaming.patch
+Patch5:         wpa_supplicant-dbus-reset-eapol.patch
-Patch6:         wpa_supplicant-restore_scan_request_setting.patch
+Patch6:         wpa_supplicant-fix_dbus_config.patch
-Patch7:         wpa_supplicant-dont_report_empty_initial_scan.patch
+Patch7:         wpa_supplicant-fix_dbus_config2.patch
-Patch8:         wpa_supplicant-fix_set_mode.patch
+# wpa_supplicant-roaming.patch won't go upstream as it is an ugly hack, once
 # roaming is implemented in a clean way this patch should be removed
 Patch8:         wpa_supplicant-roaming.patch
 Patch9:         wpa_supplicant-pkcs11-init-args.patch
 Patch10:        wpa_supplicant-dbus-reset-eapol.patch
 Patch11:        wpa_supplicant-hide_secrets-2.patch
 Patch12:        wpa_supplicant-fix_dbus_config.patch
 Patch13:        wpa_supplicant-fix_dbus_config2.patch
 Patch14:        wpa_supplicant-fix_ap_ordering.patch
 Patch15:        wpa_supplicant-respect_no_reply.patch
 Patch16:        wpa_supplicant-gcc44.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %description
@ -85,18 +84,11 @@ cp %{SOURCE1} wpa_supplicant/.config
 %patch2 -p2
 %patch3 -p2
 %patch4 -p2
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
 %patch5 -p1
-%patch9 -p1
+%patch6 -p1
-%patch10 -p1
+%patch7 -p2
-%patch11 -p2
+%patch8 -p2
-%patch12 -p1
+%patch9 -p2
 %patch13 -p2
 %patch14 -p2
 %patch15 -p2
 %patch16 -p1
 %build
 cd wpa_supplicant
@ -141,6 +133,90 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
 /usr/sbin/wpa_gui
 %changelog
 * Tue Apr 07 2009 hschaa@suse.de
 - Enable ralink driver (bnc#481380)
 - Enable nl80211 driver (bnc#485453)
 - Rebase all SUSE patches to 0.6.9
 - Remove upstreamed patches
 - Update to 0.6.9
  * driver_ndis: add PAE group address to the multicast address list to
  fix wired IEEE 802.1X authentication
  * fixed IEEE 802.11r key derivation function to match with the standard
  (note: this breaks interoperability with previous version) [Bug 303]
  * increased wpa_cli ping interval to 5 seconds and made this
  configurable with a new command line options (-G<seconds>)
  * fixed scan buffer processing with WEXT to handle up to 65535
  byte result buffer (previously, limited to 32768 bytes)
  * added support for Wi-Fi Protected Setup (WPS)
  (wpa_supplicant can now be configured to act as a WPS Enrollee to
  enroll credentials for a network using PIN and PBC methods; in
  addition, wpa_supplicant can act as a wireless WPS Registrar to
  configure an AP); WPS support can be enabled by adding CONFIG_WPS=y
  into .config and setting the runtime configuration variables in
  wpa_supplicant.conf (see WPS section in the example configuration
  file); new wpa_cli commands wps_pin, wps_pbc, and wps_reg are used to
  manage WPS negotiation; see README-WPS for more details
  * added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
  * added support for using driver_test over UDP socket
  * fixed PEAPv0 Cryptobinding interoperability issue with Windows Server
  2008 NPS; optional cryptobinding is now enabled (again) by default
  * fixed PSK editing in wpa_gui
  * changed EAP-GPSK to use the IANA assigned EAP method type 51
  * added a Windows installer that includes WinPcap and all the needed
  DLLs; in addition, it set up the registry automatically so that user
  will only need start wpa_gui to get prompted to start the wpasvc
  servide and add a new interface if needed through wpa_gui dialog
  * updated management frame protection to use IEEE 802.11w/D7.0
  * added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
  (can be used to simulate test SIM/USIM card with a known private key;
  enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
  and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
  * added a new network configuration option, wpa_ptk_rekey, that can be
  used to enforce frequent PTK rekeying, e.g., to mitigate some attacks
  against TKIP deficiencies
  * added an optional mitigation mechanism for certain attacks against
  TKIP by delaying Michael MIC error reports by a random amount of time
  between 0 and 60 seconds; this can be enabled with a build option
  CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
  * fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
  not bytes
  * updated OpenSSL code for EAP-FAST to use an updated version of the
  session ticket overriding API that was included into the upstream
  OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
  needed with that version anymore)
  * updated userspace MLME instructions to match with the current Linux
  mac80211 implementation; please also note that this can only be used
  with driver_nl80211.c (the old code from driver_wext.c was removed)
  * added support (Linux only) for RoboSwitch chipsets (often found in
  consumer grade routers); driver interface 'roboswitch'
  * fixed canceling of PMKSA caching when using drivers that generate
  RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
  about
  * added support for SHA-256 as X.509 certificate digest when using the
  internal X.509/TLSv1 implementation
  * updated management frame protection to use IEEE 802.11w/D6.0
  * added support for using SHA256-based stronger key derivation for WPA2
  (IEEE 802.11w)
  * fixed FT (IEEE 802.11r) authentication after a failed association to
  use correct FTIE
  * added support for configuring Phase 2 (inner/tunneled) authentication
  method with wpa_gui-qt4
  * added support for EAP Sequences in EAP-FAST Phase 2
  * added support for using TNC with EAP-FAST
  * added driver_ps3 for the PS3 Linux wireless driver
  * added support for optional cryptobinding with PEAPv0
  * fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
  allow fallback to full handshake if server rejects PAC-Opaque
  * added fragmentation support for EAP-TNC
  * added support for parsing PKCS #8 formatted private keys into the
  internal TLS implementation (both PKCS #1 RSA key and PKCS #8
  encapsulated RSA key can now be used)
  * added option of using faster, but larger, routines in the internal
  LibTomMath (for internal TLS implementation) to speed up DH and RSA
  calculations (CONFIG_INTERNAL_LIBTOMMATH_FAST=y)
  * fixed race condition between disassociation event and group key
  handshake to avoid getting stuck in incorrect state [Bug 261]
  * fixed opportunistic key caching (proactive_key_caching)
 * Sun Mar 01 2009 coolo@suse.de
 - fix compilation with gcc 4.4
 * Mon Feb 09 2009 hschaa@suse.de
@ -174,7 +250,7 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
  mode
 * Mon Sep 29 2008 hschaa@suse.de
 - add roaming capability (FATE 303806)
-* Tue Sep 23 2008 ro@suse.de
+* Wed Sep 24 2008 ro@suse.de
 - drop buildreq for madwifi (dropped package)
 * Tue Sep 02 2008 ro@suse.de
 - update to 0.6.4
@ -601,7 +677,7 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
  * fixed couple of unaligned reads in scan result parsing to fix WPA
  connection on some platforms (e.g., ARM)
 - disabled madwifi support on ppc
-* Tue Sep 28 2004 jg@suse.de
+* Wed Sep 29 2004 jg@suse.de
 - added support for ipw2100 driver
 * Tue Aug 31 2004 jg@suse.de
 - added support for writing pid-file