pool/wpa_supplicant
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/wpa_supplicant?expand=0&rev=24

Browse Source
This commit is contained in:
OBS User unknown 2009-05-06 16:55:20 +00:00 committed by Git OBS Bridge
parent 395b0c09e0
commit 864bf8993f
15 changed files with 826 additions and 672 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

411
config
View File

@ -1,31 +1,382 @@
CONFIG_DRIVER_HOSTAP=y
CONFIG_DRIVER_PRISM54=y
# CONFIG_DRIVER_HERMES
# CONFIG_DRIVER_MADWIFI gets dynamically added when needed
CONFIG_DRIVER_ATMEL=y
CONFIG_DRIVER_WEXT=y
#CONFIG_DRIVER_NDISWRAPPER=y
#CONFIG_DRIVER_IPW=y
CONFIG_DRIVER_WIRED=y
CONFIG_WIRELESS_EXTENSION=y
CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_MD5=y
CONFIG_MSCHAPV2=y
CONFIG_EAP_TLS=y
CONFIG_EAP_PEAP=y
CONFIG_EAP_TTLS=y
CONFIG_EAP_GTC=y
CONFIG_EAP_OTP=y
CONFIG_EAP_PSK=y
CONFIG_EAP_PAX=y
CONFIG_EAP_LEAP=y
CONFIG_PKCS12=y
CONFIG_SMARTCARD=y
CONFIG_CTRL_IFACE=y
CONFIG_CTRL_IFACE_DBUS=y
CONFIG_READLINE=y
#CONFIG_PCSC
#CONFIG_EAP_SIM
#CONFIG_EAP_AKA
CONFIG_DEBUG_FILE=y
# Example wpa_supplicant build time configuration
#
# This file lists the configuration options that are used when building the
# hostapd binary. All lines starting with # are ignored. Configuration option
# lines must be commented out complete, if they are not to be included, i.e.,
# just setting VARIABLE=n is not disabling that variable.
#
# This file is included in Makefile, so variables like CFLAGS and LIBS can also
# be modified from here. In most cases, these lines should use += in order not
# to override previous values of the variables.
# Uncomment following two lines and fix the paths if you have installed OpenSSL
# or GnuTLS in non-default location
#CFLAGS += -I/usr/local/openssl/include
#LIBS += -L/usr/local/openssl/lib
# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
# the kerberos files are not in the default include path. Following line can be
# used to fix build issues on such systems (krb5.h not found).
#CFLAGS += -I/usr/include/kerberos
# Example configuration for various cross-compilation platforms
#### sveasoft (e.g., for Linksys WRT54G) ######################################
#CC=mipsel-uclibc-gcc
#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
#CFLAGS += -Os
#CPPFLAGS += -I../src/include -I../../src/router/openssl/include
#LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl
###############################################################################
#### openwrt (e.g., for Linksys WRT54G) #######################################
#CC=mipsel-uclibc-gcc
#CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc
#CFLAGS += -Os
#CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \
# -I../WRT54GS/release/src/include
#LIBS = -lssl
###############################################################################
# Driver interface for Host AP driver
CONFIG_DRIVER_HOSTAP=y
# Driver interface for Agere driver
#CONFIG_DRIVER_HERMES=y
# Change include directories to match with the local setup
#CFLAGS += -I../../hcf -I../../include -I../../include/hcf
#CFLAGS += -I../../include/wireless
# Driver interface for madwifi driver
#CONFIG_DRIVER_MADWIFI=y
# Set include directory to the madwifi source tree
#CFLAGS += -I../../madwifi
# Driver interface for Prism54 driver
# (Note: Prism54 is not yet supported, i.e., this will not work as-is and is
# for developers only)
CONFIG_DRIVER_PRISM54=y
# Driver interface for ndiswrapper
CONFIG_DRIVER_NDISWRAPPER=y
# Driver interface for Atmel driver
CONFIG_DRIVER_ATMEL=y
# Driver interface for old Broadcom driver
# Please note that the newer Broadcom driver ("hybrid Linux driver") supports
# Linux wireless extensions and does not need (or even work) with the old
# driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver.
#CONFIG_DRIVER_BROADCOM=y
# Example path for wlioctl.h; change to match your configuration
#CFLAGS += -I/opt/WRT54GS/release/src/include
# Driver interface for Intel ipw2100/2200 driver
#CONFIG_DRIVER_IPW=y
# Driver interface for Ralink driver
CONFIG_DRIVER_RALINK=y
# Driver interface for generic Linux wireless extensions
CONFIG_DRIVER_WEXT=y
# Driver interface for Linux drivers using the nl80211 kernel interface
CONFIG_DRIVER_NL80211=y
# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
#CONFIG_DRIVER_BSD=y
#CFLAGS += -I/usr/local/include
#LIBS += -L/usr/local/lib
# Driver interface for Windows NDIS
#CONFIG_DRIVER_NDIS=y
#CFLAGS += -I/usr/include/w32api/ddk
#LIBS += -L/usr/local/lib
# For native build using mingw
#CONFIG_NATIVE_WINDOWS=y
# Additional directories for cross-compilation on Linux host for mingw target
#CFLAGS += -I/opt/mingw/mingw32/include/ddk
#LIBS += -L/opt/mingw/mingw32/lib
#CC=mingw32-gcc
# By default, driver_ndis uses WinPcap for low-level operations. This can be
# replaced with the following option which replaces WinPcap calls with NDISUIO.
# However, this requires that WZC is disabled (net stop wzcsvc) before starting
# wpa_supplicant.
# CONFIG_USE_NDISUIO=y
# Driver interface for development testing
#CONFIG_DRIVER_TEST=y
# Driver interface for wired Ethernet drivers
CONFIG_DRIVER_WIRED=y
# Driver interface for the Broadcom RoboSwitch family
#CONFIG_DRIVER_ROBOSWITCH=y
# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
# included)
CONFIG_IEEE8021X_EAPOL=y
# EAP-MD5
CONFIG_EAP_MD5=y
# EAP-MSCHAPv2
CONFIG_EAP_MSCHAPV2=y
# EAP-TLS
CONFIG_EAP_TLS=y
# EAL-PEAP
CONFIG_EAP_PEAP=y
# EAP-TTLS
CONFIG_EAP_TTLS=y
# EAP-FAST
# Note: Default OpenSSL package does not include support for all the
# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL,
# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch)
# to add the needed functions.
#CONFIG_EAP_FAST=y
# EAP-GTC
CONFIG_EAP_GTC=y
# EAP-OTP
CONFIG_EAP_OTP=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
#CONFIG_EAP_SIM=y
# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
CONFIG_EAP_PSK=y
# EAP-PAX
CONFIG_EAP_PAX=y
# LEAP
CONFIG_EAP_LEAP=y
# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
# CONFIG_EAP_AKA=y
# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
# This requires CONFIG_EAP_AKA to be enabled, too.
#CONFIG_EAP_AKA_PRIME=y
# Enable USIM simulator (Milenage) for EAP-AKA
#CONFIG_USIM_SIMULATOR=y
# EAP-SAKE
CONFIG_EAP_SAKE=y
# EAP-GPSK
CONFIG_EAP_GPSK=y
# Include support for optional SHA256 cipher suite in EAP-GPSK
CONFIG_EAP_GPSK_SHA256=y
# EAP-TNC and related Trusted Network Connect support (experimental)
CONFIG_EAP_TNC=y
# Wi-Fi Protected Setup (WPS)
CONFIG_WPS=y
# EAP-IKEv2
CONFIG_EAP_IKEV2=y
# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
CONFIG_PKCS12=y
# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
# engine.
CONFIG_SMARTCARD=y
# PC/SC interface for smartcards (USIM, GSM SIM)
# Enable this if EAP-SIM or EAP-AKA is included
#CONFIG_PCSC=y
# Development testing
#CONFIG_EAPOL_TEST=y
# Select control interface backend for external programs, e.g, wpa_cli:
# unix = UNIX domain sockets (default for Linux/*BSD)
# udp = UDP sockets using localhost (127.0.0.1)
# named_pipe = Windows Named Pipe (default for Windows)
# y = use default (backwards compatibility)
# If this option is commented out, control interface is not included in the
# build.
CONFIG_CTRL_IFACE=y
# Include support for GNU Readline and History Libraries in wpa_cli.
# When building a wpa_cli binary for distribution, please note that these
# libraries are licensed under GPL and as such, BSD license may not apply for
# the resulting binary.
#CONFIG_READLINE=y
# Remove debugging code that is printing out debug message to stdout.
# This can be used to reduce the size of the wpa_supplicant considerably
# if debugging code is not needed. The size reduction can be around 35%
# (e.g., 90 kB).
#CONFIG_NO_STDOUT_DEBUG=y
# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
# 35-50 kB in code size.
#CONFIG_NO_WPA=y
# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to
# save about 1 kB in code size when building only WPA-Personal (no EAP support)
# or 6 kB if building for WPA-Enterprise.
#CONFIG_NO_WPA2=y
# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
# This option can be used to reduce code size by removing support for
# converting ASCII passphrases into PSK. If this functionality is removed, the
# PSK can only be configured as the 64-octet hexstring (e.g., from
# wpa_passphrase). This saves about 0.5 kB in code size.
#CONFIG_NO_WPA_PASSPHRASE=y
# Remove AES extra functions. This can be used to reduce code size by about
# 1.5 kB by removing extra AES modes that are not needed for commonly used
# client configurations (they are needed for some EAP types).
#CONFIG_NO_AES_EXTRAS=y
# Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
# This can be used if ap_scan=1 mode is never enabled.
#CONFIG_NO_SCAN_PROCESSING=y
# Select configuration backend:
# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
# path is given on command line, not here; this option is just used to
# select the backend that allows configuration files to be used)
# winreg = Windows registry (see win_example.reg for an example)
CONFIG_BACKEND=file
# Remove configuration write functionality (i.e., to allow the configuration
# file to be updated based on runtime configuration changes). The runtime
# configuration can still be changed, the changes are just not going to be
# persistent over restarts. This option can be used to reduce code size by
# about 3.5 kB.
#CONFIG_NO_CONFIG_WRITE=y
# Remove support for configuration blobs to reduce code size by about 1.5 kB.
#CONFIG_NO_CONFIG_BLOBS=y
# Select program entry point implementation:
# main = UNIX/POSIX like main() function (default)
# main_winsvc = Windows service (read parameters from registry)
# main_none = Very basic example (development use only)
#CONFIG_MAIN=main
# Select wrapper for operatins system and C library specific functions
# unix = UNIX/POSIX like systems (default)
# win32 = Windows systems
# none = Empty template
#CONFIG_OS=unix
# Select event loop implementation
# eloop = select() loop (default)
# eloop_win = Windows events and WaitForMultipleObject() loop
# eloop_none = Empty template
#CONFIG_ELOOP=eloop
# Select layer 2 packet implementation
# linux = Linux packet socket (default)
# pcap = libpcap/libdnet/WinPcap
# freebsd = FreeBSD libpcap
# winpcap = WinPcap with receive thread
# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
# none = Empty template
#CONFIG_L2_PACKET=linux
# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
CONFIG_PEERKEY=y
# IEEE 802.11w (management frame protection)
# This version is an experimental implementation based on IEEE 802.11w/D1.0
# draft and is subject to change since the standard has not yet been finalized.
# Driver support is also needed for IEEE 802.11w.
CONFIG_IEEE80211W=y
# Select TLS implementation
# openssl = OpenSSL (default)
# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA)
# internal = Internal TLSv1 implementation (experimental)
# none = Empty template
#CONFIG_TLS=openssl
# Whether to enable TLS/IA support, which is required for EAP-TTLSv1.
# You need CONFIG_TLS=gnutls for this to have any effect. Please note that
# even though the core GnuTLS library is released under LGPL, this extra
# library uses GPL and as such, the terms of GPL apply to the combination
# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not
# apply for distribution of the resulting binary.
#CONFIG_GNUTLS_EXTRA=y
# If CONFIG_TLS=internal is used, additional library and include paths are
# needed for LibTomMath. Alternatively, an integrated, minimal version of
# LibTomMath can be used. See beginning of libtommath.c for details on benefits
# and drawbacks of this option.
#CONFIG_INTERNAL_LIBTOMMATH=y
#ifndef CONFIG_INTERNAL_LIBTOMMATH
#LTM_PATH=/usr/src/libtommath-0.39
#CFLAGS += -I$(LTM_PATH)
#LIBS += -L$(LTM_PATH)
#LIBS_p += -L$(LTM_PATH)
#endif
# At the cost of about 4 kB of additional binary size, the internal LibTomMath
# can be configured to include faster routines for exptmod, sqr, and div to
# speed up DH and RSA calculation considerably
#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
# This is only for Windows builds and requires WMI-related header files and
# WbemUuid.Lib from Platform SDK even when building with MinGW.
#CONFIG_NDIS_EVENTS_INTEGRATED=y
#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
# Add support for DBus control interface
CONFIG_CTRL_IFACE_DBUS=y
# Add support for loading EAP methods dynamically as shared libraries.
# When this option is enabled, each EAP method can be either included
# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
# be loaded in the beginning of the wpa_supplicant configuration file
# (see load_dynamic_eap parameter in the example file) before being used in
# the network blocks.
#
# Note that some shared parts of EAP methods are included in the main program
# and in order to be able to use dynamic EAP methods using these parts, the
# main program must have been build with the EAP method enabled (=y or =dyn).
# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
# unless at least one of them was included in the main build to force inclusion
# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
# in the main build to be able to load these methods dynamically.
#
# Please also note that using dynamic libraries will increase the total binary
# size. Thus, it may not be the best option for targets that have limited
# amount of memory/flash.
#CONFIG_DYNAMIC_EAP_METHODS=y
# Include client MLME (management frame processing).
# This can be used to move MLME processing of Linux mac80211 stack into user
# space. Please note that this is currently only available with
# driver_nl80211.c and only with a modified version of Linux kernel and
# wpa_supplicant.
#CONFIG_CLIENT_MLME=y
# IEEE Std 802.11r-2008 (Fast BSS Transition)
#CONFIG_IEEE80211R=y
# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
#CONFIG_DEBUG_FILE=y
# Enable privilege separation (see README 'Privilege separation' for details)
#CONFIG_PRIVSEP=y
# Enable mitigation against certain attacks against TKIP by delaying Michael
# MIC error reports by a random amount of time between 0 and 60 seconds
#CONFIG_DELAYED_MIC_ERROR_REPORT=y

3
wpa_supplicant-0.6.4.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3690117bc4d9160ae9414bb72e2d76e10d8073a0977e6c6ba2eb4a352bf38114
size 776742

3
wpa_supplicant-0.6.9.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:443a04570db108521c3aaebd371daae8970089d90da9c08828109e8ef20ad906
size 889846

39
wpa_supplicant-dont_report_empty_initial_scan.patch
View File

@ -1,39 +0,0 @@
From: Dan Nicholson <dbn.lists@gmail.com>
Date: Wed, 24 Sep 2008 09:51:08 +0000 (+0300)
Subject: Don't post scan results when initial scan is emtpy
X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=23e072374ea500002b8beec5d0e87f9fc6a7609c;hp=2064c2f98515016c376f3b69bfe161c85639e764
Don't post scan results when initial scan is emtpy
When the initial scan is made, just the cached results from the driver
are used. If this is empty, it's useless to post the results since
another scan is being scheduled immediately. This just causes extra
processing from listeners for no gain.
---
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 0f9b338..04e3152 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -551,9 +551,18 @@ static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s)
goto req_scan;
}
- wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
-
- wpa_supplicant_dbus_notify_scan_results(wpa_s);
+ /*
+ * Don't post the results if this was the initial cached
+ * and there were no results.
+ */
+ if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1 &&
+ wpa_s->scan_res->num == 0) {
+ wpa_msg(wpa_s, MSG_DEBUG, "Cached scan results are "
+ "empty - not posting");
+ } else {
+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
+ wpa_supplicant_dbus_notify_scan_results(wpa_s);
+ }
if (wpa_s->conf->ap_scan == 2 || wpa_s->disconnected)
return;

122
wpa_supplicant-driver-wext-debug.patch
View File

@ -1,121 +1,143 @@
--- BUILD/wpa_supplicant-0.6.4/src/drivers/driver_wext.c
+++ BUILD/wpa_supplicant-0.6.4/src/drivers/driver_wext.c
@@ -2174,20 +2174,32 @@
diff -ur BUILD/wpa_supplicant-0.6.8/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.8/src/drivers/driver_wext.c
--- BUILD/wpa_supplicant-0.6.8/src/drivers/driver_wext.c 2009-02-15 19:00:00.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.8/src/drivers/driver_wext.c 2009-03-06 10:29:08.000000000 +0100
@@ -2055,19 +2055,26 @@
* SIOCSIWENCODE here.
*/
if (drv->auth_alg_fallback &&
wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
+{
- wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
+ wpa_driver_wext_auth_alg_fallback(drv, params) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because auth_alg_fallback failed", __FUNCTION__);
ret = -1;
+ }
if (!params->bssid &&
wpa_driver_wext_set_bssid(drv, NULL) < 0)
+{
- wpa_driver_wext_set_bssid(drv, NULL) < 0)
+ wpa_driver_wext_set_bssid(drv, NULL) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
ret = -1;
+ }
if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
+{
+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_mode failed", __FUNCTION__);
ret = -1;
+}
/* TODO: should consider getting wpa version and cipher/key_mgmt suites
* from configuration, not from here, where only the selected suite is
* available */
if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
< 0)
+{
- < 0)
+ < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_gen_ie failed", __FUNCTION__);
ret = -1;
+ }
+
if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
value = IW_AUTH_WPA_VERSION_DISABLED;
else if (params->wpa_ie[0] == WLAN_EID_RSN)
@@ -2196,26 +2208,41 @@
@@ -2075,27 +2082,41 @@
else
value = IW_AUTH_WPA_VERSION_WPA;
if (wpa_driver_wext_set_auth_param(drv,
IW_AUTH_WPA_VERSION, value) < 0)
+{
- IW_AUTH_WPA_VERSION, value) < 0)
+ IW_AUTH_WPA_VERSION, value) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(WPA_VERSION) failed", __FUNCTION__);
ret = -1;
+ }
+
value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
if (wpa_driver_wext_set_auth_param(drv,
IW_AUTH_CIPHER_PAIRWISE, value) < 0)
+{
- IW_AUTH_CIPHER_PAIRWISE, value) < 0)
+ IW_AUTH_CIPHER_PAIRWISE, value) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_PAIRWISE) failed", __FUNCTION__);
ret = -1;
+ }
+
value = wpa_driver_wext_cipher2wext(params->group_suite);
if (wpa_driver_wext_set_auth_param(drv,
IW_AUTH_CIPHER_GROUP, value) < 0)
+{
- IW_AUTH_CIPHER_GROUP, value) < 0)
+ IW_AUTH_CIPHER_GROUP, value) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_GROUP) failed", __FUNCTION__);
ret = -1;
+ }
+
value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
if (wpa_driver_wext_set_auth_param(drv,
IW_AUTH_KEY_MGMT, value) < 0)
+{
- IW_AUTH_KEY_MGMT, value) < 0)
+ IW_AUTH_KEY_MGMT, value) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(KEY_MGMT) failed", __FUNCTION__);
ret = -1;
+ }
+
value = params->key_mgmt_suite != KEY_MGMT_NONE ||
params->pairwise_suite != CIPHER_NONE ||
params->group_suite != CIPHER_NONE ||
params->wpa_ie_len;
if (wpa_driver_wext_set_auth_param(drv,
IW_AUTH_PRIVACY_INVOKED, value) < 0)
+{
- IW_AUTH_PRIVACY_INVOKED, value) < 0)
+ IW_AUTH_PRIVACY_INVOKED, value) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(PRIVACY_INVOKED) failed", __FUNCTION__);
ret = -1;
+ }
/* Allow unencrypted EAPOL messages even if pairwise keys are set when
* not using WPA. IEEE 802.1X specifies that these frames are not
@@ -2231,7 +2258,11 @@
if (wpa_driver_wext_set_auth_param(drv,
IW_AUTH_RX_UNENCRYPTED_EAPOL,
allow_unencrypted_eapol) < 0)
- ret = -1;
+{
+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__);
+ ret = -1;
+}
+
#ifdef WEXT_MFP_PENDING
#ifdef CONFIG_IEEE80211W
switch (params->mgmt_frame_protection) {
@@ -2250,12 +2281,21 @@
#endif /* CONFIG_IEEE80211W */
#endif /* WEXT_MFP_PENDING */
if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
+{
+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__);
@@ -2106,12 +2127,18 @@
else
allow_unencrypted_eapol = 1;
- if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
+ if (wpa_driver_wext_set_psk(drv, params->psk) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_psk failed", __FUNCTION__);
ret = -1;
+ }
if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
+{
+
if (wpa_driver_wext_set_auth_param(drv,
IW_AUTH_RX_UNENCRYPTED_EAPOL,
- allow_unencrypted_eapol) < 0)
+ allow_unencrypted_eapol) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__);
ret = -1;
+ }
+
#ifdef CONFIG_IEEE80211W
switch (params->mgmt_frame_protection) {
case NO_MGMT_FRAME_PROTECTION:
@@ -2124,16 +2151,26 @@
value = IW_AUTH_MFP_REQUIRED;
break;
};
- if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
+ if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(IW_AUTH_MFP) failed", __FUNCTION__);
ret = -1;
+ }
#endif /* CONFIG_IEEE80211W */
- if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
+ if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__);
ret = -1;
- if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
+ }
+
+ if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_ssid failed", __FUNCTION__);
ret = -1;
+ }
+
if (params->bssid &&
wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
+{
+wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid2 failed", __FUNCTION__);
- wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
+ wpa_driver_wext_set_bssid(drv, params->bssid) < 0) {
+ wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
ret = -1;
+ }
return ret;
}
@@ -2280,6 +2320,8 @@
@@ -2158,6 +2195,10 @@
res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
algs);
drv->auth_alg_fallback = res == -2;
+
+ if (res == -2)
+ wpa_printf(MSG_DEBUG, "%s: falling back to ENCODE for AUTH", __FUNCTION__);
+
return res;
}

21
wpa_supplicant-fix_ap_ordering.patch
View File

@ -1,21 +0,0 @@
diff -ur BUILD/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c BUILD2/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c
--- BUILD/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c 2008-08-10 19:33:12.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.4/src/drivers/scan_helpers.c 2009-01-28 14:01:42.000000000 +0100
@@ -125,10 +125,13 @@
return -1;
/* best/max rate preferred if signal level close enough XXX */
- maxrate_a = wpa_scan_get_max_rate(wa);
- maxrate_b = wpa_scan_get_max_rate(wb);
- if (maxrate_a != maxrate_b && abs(wb->level - wa->level) < 5)
- return maxrate_b - maxrate_a;
+ if ( (wb->level != 0 && wa->level != 0 && abs(wb->level - wa->level) < 5) ||
+ (abs(wb->qual - wa->qual) < 10) ) {
+ maxrate_a = wpa_scan_get_max_rate(wa);
+ maxrate_b = wpa_scan_get_max_rate(wb);
+ if (maxrate_a != maxrate_b)
+ return maxrate_b - maxrate_a;
+ }
/* use freq for channel preference */

149
wpa_supplicant-fix_set_mode.patch
View File

@ -1,149 +0,0 @@
From: Dan Williams <dcbw@redhat.com>
Date: Mon, 29 Sep 2008 13:45:49 +0000 (+0300)
Subject: Add an optional set_mode() driver_ops handler for setting mode before keys
X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=ec5f180a24cd31ba9d3d7f2abc9dc557fd16602f;hp=1a647aaa691d91c4a5ffccce09291592c4340062
Add an optional set_mode() driver_ops handler for setting mode before keys
A bug just got reported as a result of this for mac80211 drivers.
https://bugzilla.redhat.com/show_bug.cgi?id=459399
The basic problem is that since taking the device down clears the keys
from the driver on many mac80211-based cards, and since the mode gets
set _after_ the keys have been set in the driver, the keys get cleared
on a mode switch and the resulting association is wrong. The report is
about ad-hoc mode specifically, but this could happen when switching
from adhoc back to managed mode.
---
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 70dc075..77a2ceb 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -929,6 +929,20 @@ struct wpa_driver_ops {
* Returns: 0 on success, -1 on failure
*/
int (*set_probe_req_ie)(void *, const u8 *ies, size_t ies_len);
+
+ /**
+ * set_mode - Request driver to set the operating mode
+ * @priv: private driver interface data
+ * @mode: Operation mode (infra/ibss) IEEE80211_MODE_*
+ *
+ * This handler will be called before any key configuration and call to
+ * associate() handler in order to allow the operation mode to be
+ * configured as early as possible. This information is also available
+ * in associate() params and as such, some driver wrappers may not need
+ * to implement set_mode() handler.
+ * Returns: 0 on success, -1 on failure
+ */
+ int (*set_mode)(void *priv, int mode);
};
/**
diff --git a/src/drivers/driver_ndis.c b/src/drivers/driver_ndis.c
index da4f90f..f55bd2e 100644
--- a/src/drivers/driver_ndis.c
+++ b/src/drivers/driver_ndis.c
@@ -2829,5 +2829,7 @@ const struct wpa_driver_ops wpa_driver_ndis_ops = {
NULL /* mlme_remove_sta */,
NULL /* update_ft_ies */,
NULL /* send_ft_action */,
- wpa_driver_ndis_get_scan_results
+ wpa_driver_ndis_get_scan_results,
+ NULL /* set_probe_req_ie */,
+ NULL /* set_mode */
};
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 98dddd6..a207363 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -2226,8 +2226,6 @@ static int wpa_driver_nl80211_associate(
wpa_driver_nl80211_set_bssid(drv, NULL) < 0)
ret = -1;
- if (wpa_driver_nl80211_set_mode(drv, params->mode) < 0)
- ret = -1;
/* TODO: should consider getting wpa version and cipher/key_mgmt suites
* from configuration, not from here, where only the selected suite is
* available */
@@ -2859,6 +2857,7 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
.get_scan_results2 = wpa_driver_nl80211_get_scan_results,
.deauthenticate = wpa_driver_nl80211_deauthenticate,
.disassociate = wpa_driver_nl80211_disassociate,
+ .set_mode = wpa_driver_nl80211_set_mode,
.associate = wpa_driver_nl80211_associate,
.set_auth_alg = wpa_driver_nl80211_set_auth_alg,
.init = wpa_driver_nl80211_init,
diff --git a/src/drivers/driver_test.c b/src/drivers/driver_test.c
index 5c6e6f1..7f7f129 100644
--- a/src/drivers/driver_test.c
+++ b/src/drivers/driver_test.c
@@ -982,5 +982,6 @@ const struct wpa_driver_ops wpa_driver_test_ops = {
NULL /* update_ft_ies */,
NULL /* send_ft_action */,
wpa_driver_test_get_scan_results2,
- NULL /* set_probe_req_ie */
+ NULL /* set_probe_req_ie */,
+ NULL /* set_mode */
};
diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c
index 6b7f1a7..a618a74 100644
--- a/src/drivers/driver_wext.c
+++ b/src/drivers/driver_wext.c
@@ -2206,11 +2206,6 @@ int wpa_driver_wext_associate(void *priv,
wpa_driver_wext_set_bssid(drv, NULL) < 0)
ret = -1;
- if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
-{
-wpa_printf(MSG_DEBUG, "%s: assoc failed because set_mode failed", __FUNCTION__);
- ret = -1;
-}
/* TODO: should consider getting wpa version and cipher/key_mgmt suites
* from configuration, not from here, where only the selected suite is
* available */
@@ -2782,6 +2780,7 @@ const struct wpa_driver_ops wpa_driver_wext_ops = {
.get_scan_results2 = wpa_driver_wext_get_scan_results,
.deauthenticate = wpa_driver_wext_deauthenticate,
.disassociate = wpa_driver_wext_disassociate,
+ .set_mode = wpa_driver_wext_set_mode,
.associate = wpa_driver_wext_associate,
.set_auth_alg = wpa_driver_wext_set_auth_alg,
.init = wpa_driver_wext_init,
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 4c9482f..a36c65b 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -937,6 +937,11 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
* previous association. */
wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
+ if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
+ wpa_printf(MSG_WARNING, "Failed to set operating mode");
+ assoc_failed = 1;
+ }
+
#ifdef IEEE8021X_EAPOL
if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
if (ssid->leap) {
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index a2e3dd5..9afae2a 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -448,6 +448,14 @@ static inline int wpa_drv_set_wpa(struct wpa_supplicant *wpa_s, int enabled)
return 0;
}
+static inline int wpa_drv_set_mode(struct wpa_supplicant *wpa_s, int mode)
+{
+ if (wpa_s->driver->set_mode) {
+ return wpa_s->driver->set_mode(wpa_s->drv_priv, mode);
+ }
+ return 0;
+}
+
static inline int wpa_drv_associate(struct wpa_supplicant *wpa_s,
struct wpa_driver_associate_params *params)
{

30
wpa_supplicant-gcc44.patch
View File

@ -1,30 +0,0 @@
--- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/networkconfig.cpp 2008-08-10 17:33:12.000000000 +0000
+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp 2009-03-01 15:57:45.000000000 +0000
@@ -12,6 +12,7 @@
* See README and COPYING for more details.
*/
+#include <stdio.h>
#include <QMessageBox>
#include "networkconfig.h"
--- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/scanresults.cpp 2008-08-10 17:33:12.000000000 +0000
+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/scanresults.cpp 2009-03-01 15:57:29.000000000 +0000
@@ -12,6 +12,7 @@
* See README and COPYING for more details.
*/
+#include <stdio.h>
#include "scanresults.h"
#include "wpagui.h"
#include "networkconfig.h"
--- wpa_supplicant-0.6.4.orig//wpa_supplicant/wpa_gui-qt4/wpagui.cpp 2008-08-10 17:33:12.000000000 +0000
+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_gui-qt4/wpagui.cpp 2009-03-01 15:57:08.000000000 +0000
@@ -20,6 +20,7 @@
#include <QMessageBox>
#include <QCloseEvent>
+#include <stdio.h>
#include "wpagui.h"
#include "dirent.h"
#include "wpa_ctrl.h"

60
wpa_supplicant-hide_secrets-2.patch
View File

@ -1,60 +0,0 @@
iff -ur BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c BUILD2/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c
--- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c 2008-08-10 19:33:12.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface.c 2008-12-08 15:36:59.000000000 +0100
@@ -798,6 +798,8 @@
int id;
struct wpa_ssid *ssid;
char *name, *value;
+ int show_value = 1;
+ const char *nokey = "[REMOVED]";
/* cmd: "<network id> <variable name> <value>" */
name = os_strchr(cmd, ' ');
@@ -805,6 +807,15 @@
return -1;
*name++ = '\0';
+ /* Only show passwords and keys if requested */
+ if (!strncmp (name, "wep_key", 7)
+ || !strncmp (name, "psk", 3)
+ || !strncmp (name, "password", 8)
+ || !strncmp (name, "pin", 3)
+ || !strncmp (name, "private_key_passwd", 18)) {
+ show_value = wpa_s->global->params.wpa_debug_show_keys;
+ }
+
value = os_strchr(name, ' ');
if (value == NULL)
return -1;
@@ -1346,6 +1358,19 @@
os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
(const u8 *) buf, os_strlen(buf));
+ } else if (strncmp(buf, "SET_NETWORK ", 12) == 0) {
+ /* Check for forbidden material here too */
+ if (strstr (buf, " wep_key")
+ || strstr (buf, " psk ")
+ || strstr (buf, " password ")
+ || strstr (buf, " pin ")
+ || strstr (buf, " private_key_passwd ")) {
+ wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
+ (const u8 *) buf, os_strlen(buf));
+ } else {
+ wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface",
+ (const u8 *) buf, os_strlen(buf));
+ }
} else {
wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface",
(const u8 *) buf, os_strlen(buf));
diff -ur BUILD/wpa_supplicant-0.6.4/wpa_supplicant/config.c BUILD2//wpa_supplicant-0.6.4/wpa_supplicant/config.c
--- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/config.c 2008-12-08 16:35:13.000000000 +0100
+++ BUILD2//wpa_supplicant-0.6.4/wpa_supplicant/config.c 2008-12-08 16:34:25.000000000 +0100
@@ -1001,7 +1001,7 @@
"password.", line);
return -1;
}
- wpa_hexdump_ascii(MSG_MSGDUMP, data->name,
+ wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
(u8 *) tmp, res_len);
os_free(ssid->eap.password);

246
wpa_supplicant-pkcs11-init-args.patch
View File

@ -1,8 +1,7 @@
Index: wpa_supplicant-0.6.4/src/crypto/tls.h
===================================================================
--- wpa_supplicant-0.6.4.orig/src/crypto/tls.h
+++ wpa_supplicant-0.6.4/src/crypto/tls.h
@@ -32,6 +32,7 @@ struct tls_config {
diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h
--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-05-05 11:47:15.000000000 +0200
@@ -32,6 +32,7 @@
const char *opensc_engine_path;
const char *pkcs11_engine_path;
const char *pkcs11_module_path;
@ -10,11 +9,10 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls.h
};
/**
Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
===================================================================
--- wpa_supplicant-0.6.4.orig/src/crypto/tls_openssl.c
+++ wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
@@ -653,9 +653,11 @@ static int tls_engine_load_dynamic_gener
diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c
--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-05-05 11:47:15.000000000 +0200
@@ -667,9 +667,11 @@
* tls_engine_load_dynamic_pkcs11 - load the pkcs11 engine provided by opensc
* @pkcs11_so_path: pksc11_so_path from the configuration
* @pcks11_module_path: pkcs11_module_path from the configuration
@ -27,7 +25,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
{
char *engine_id = "pkcs11";
const char *pre_cmd[] = {
@@ -668,6 +670,7 @@ static int tls_engine_load_dynamic_pkcs1
@@ -682,6 +684,7 @@
};
const char *post_cmd[] = {
"MODULE_PATH", NULL /* pkcs11_module_path */,
@ -35,7 +33,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
NULL, NULL
};
@@ -678,6 +681,9 @@ static int tls_engine_load_dynamic_pkcs1
@@ -692,6 +695,9 @@
pre_cmd[3] = engine_id;
post_cmd[1] = pkcs11_module_path;
@ -45,7 +43,7 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s",
pkcs11_so_path);
@@ -747,7 +753,8 @@ void * tls_init(const struct tls_config
@@ -761,7 +767,8 @@
if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) ||
tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path,
@ -55,53 +53,21 @@ Index: wpa_supplicant-0.6.4/src/crypto/tls_openssl.c
tls_deinit(ssl);
return NULL;
}
Index: wpa_supplicant-0.6.4/src/eap_peer/eap.c
===================================================================
--- wpa_supplicant-0.6.4.orig/src/eap_peer/eap.c
+++ wpa_supplicant-0.6.4/src/eap_peer/eap.c
@@ -1169,6 +1169,7 @@ struct eap_sm * eap_peer_sm_init(void *e
tlsconf.opensc_engine_path = conf->opensc_engine_path;
tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
+ tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args;
sm->ssl_ctx = tls_init(&tlsconf);
if (sm->ssl_ctx == NULL) {
wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
Index: wpa_supplicant-0.6.4/src/eap_peer/eap.h
===================================================================
--- wpa_supplicant-0.6.4.orig/src/eap_peer/eap.h
+++ wpa_supplicant-0.6.4/src/eap_peer/eap.h
@@ -246,6 +246,13 @@ struct eap_config {
*/
const char *pkcs11_module_path;
/**
+ * pkcs11_module_init_args - OpenSC PKCS#11 module initialization
+ * arguments for OpenSSL engine.
+ *
+ * Usually, NULL.
+ */
+ const char *pkcs11_module_init_args;
+ /**
* mac_addr - MAC address of the peer
*
* This can be left %NULL if not available.
Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.c
===================================================================
--- wpa_supplicant-0.6.4.orig/src/eapol_supp/eapol_supp_sm.c
+++ wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.c
@@ -1801,6 +1801,7 @@ struct eapol_sm *eapol_sm_init(struct ea
diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c
--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-05-05 11:47:15.000000000 +0200
@@ -1834,6 +1834,7 @@
conf.opensc_engine_path = ctx->opensc_engine_path;
conf.pkcs11_engine_path = ctx->pkcs11_engine_path;
conf.pkcs11_module_path = ctx->pkcs11_module_path;
+ conf.pkcs11_module_init_args = ctx->pkcs11_module_init_args;
#endif /* EAP_TLS_OPENSSL */
conf.wps = ctx->wps;
sm->eap = eap_peer_sm_init(sm, &eapol_cb, sm->ctx->msg_ctx, &conf);
Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
===================================================================
--- wpa_supplicant-0.6.4.orig/src/eapol_supp/eapol_supp_sm.h
+++ wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
@@ -198,6 +198,15 @@ struct eapol_ctx {
diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h
--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-05-05 11:47:15.000000000 +0200
@@ -198,6 +198,15 @@
* module is not loaded.
*/
const char *pkcs11_module_path;
@ -117,23 +83,70 @@ Index: wpa_supplicant-0.6.4/src/eapol_supp/eapol_supp_sm.h
#endif /* EAP_TLS_OPENSSL */
/**
Index: wpa_supplicant-0.6.4/wpa_supplicant/config.c
===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config.c
+++ wpa_supplicant-0.6.4/wpa_supplicant/config.c
@@ -1526,6 +1526,7 @@ void wpa_config_free(struct wpa_config *
diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c
--- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-05-05 11:47:15.000000000 +0200
@@ -1188,6 +1188,7 @@
tlsconf.opensc_engine_path = conf->opensc_engine_path;
tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path;
tlsconf.pkcs11_module_path = conf->pkcs11_module_path;
+ tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args;
sm->ssl_ctx = tls_init(&tlsconf);
if (sm->ssl_ctx == NULL) {
wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS "
diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h
--- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-05-05 11:48:04.000000000 +0200
@@ -246,6 +246,13 @@
*/
const char *pkcs11_module_path;
/**
+ * pkcs11_module_init_args - OpenSC PKCS#11 module initialization
+ * arguments for OpenSSL engine.
+ *
+ * Usually, NULL.
+ */
+ const char *pkcs11_module_init_args;
+ /**
* wps - WPS context data
*
* This is only used by EAP-WSC and can be left %NULL if not available.
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:47:15.000000000 +0200
@@ -1580,6 +1580,7 @@
os_free(config->opensc_engine_path);
os_free(config->pkcs11_engine_path);
os_free(config->pkcs11_module_path);
+ os_free(config->pkcs11_module_init_args);
#endif /* EAP_TLS_OPENSSL */
os_free(config->driver_param);
os_free(config->pssid);
Index: wpa_supplicant-0.6.4/wpa_supplicant/config.h
===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config.h
+++ wpa_supplicant-0.6.4/wpa_supplicant/config.h
@@ -194,6 +194,15 @@ struct wpa_config {
os_free(config->device_name);
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:24.000000000 +0200
@@ -444,6 +444,7 @@
{ STR(opensc_engine_path) },
{ STR(pkcs11_engine_path) },
{ STR(pkcs11_module_path) },
+ { STR(pkcs11_module_init_args) },
#endif /* EAP_TLS_OPENSSL */
{ STR(driver_param) },
{ INT(dot11RSNAConfigPMKLifetime) },
@@ -854,6 +855,9 @@
if (config->pkcs11_module_path)
fprintf(f, "pkcs11_module_path=%s\n",
config->pkcs11_module_path);
+ if (config->pkcs11_module_init_args)
+ fprintf(f, "pkcs11_module_init_args=%s\n",
+ config->pkcs11_module_init_args);
#endif /* EAP_TLS_OPENSSL */
if (config->driver_param)
fprintf(f, "driver_param=%s\n", config->driver_param);
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:47:15.000000000 +0200
@@ -195,6 +195,15 @@
* module is not loaded.
*/
char *pkcs11_module_path;
@ -149,52 +162,10 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/config.h
#endif /* EAP_TLS_OPENSSL */
/**
Index: wpa_supplicant-0.6.4/wpa_supplicant/config_file.c
===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/config_file.c
+++ wpa_supplicant-0.6.4/wpa_supplicant/config_file.c
@@ -355,6 +355,16 @@ static int wpa_config_process_pkcs11_mod
return 0;
}
+static int wpa_config_process_pkcs11_module_init_args(struct wpa_config *config,
+ char *pos)
+{
+ os_free(config->pkcs11_module_init_args);
+ config->pkcs11_module_init_args = os_strdup(pos);
+ wpa_printf(MSG_DEBUG, "pkcs11_module_init_args='%s'",
+ config->pkcs11_module_init_args);
+ return 0;
+}
+
#endif /* EAP_TLS_OPENSSL */
@@ -457,6 +467,9 @@ static int wpa_config_process_global(str
if (os_strncmp(pos, "pkcs11_module_path=", 19) == 0)
return wpa_config_process_pkcs11_module_path(config, pos + 19);
+
+ if (os_strncmp(pos, "pkcs11_module_init_args=", 24) == 0)
+ return wpa_config_process_pkcs11_module_init_args(config, pos + 24);
#endif /* EAP_TLS_OPENSSL */
if (os_strncmp(pos, "driver_param=", 13) == 0)
@@ -827,6 +840,9 @@ static void wpa_config_write_global(FILE
if (config->pkcs11_module_path)
fprintf(f, "pkcs11_module_path=%s\n",
config->pkcs11_module_path);
+ if (config->pkcs11_module_init_args)
+ fprintf(f, "pkcs11_module_init_args=%s\n",
+ config->pkcs11_module_init_args);
#endif /* EAP_TLS_OPENSSL */
if (config->driver_param)
fprintf(f, "driver_param=%s\n", config->driver_param);
Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/ctrl_iface_dbus_handlers.c
+++ wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
@@ -858,7 +858,7 @@ out:
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:47:15.000000000 +0200
@@ -866,7 +866,7 @@
static const char *dont_quote[] = {
"key_mgmt", "proto", "pairwise", "auth_alg", "group", "eap",
"opensc_engine_path", "pkcs11_engine_path", "pkcs11_module_path",
@ -203,7 +174,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
};
static dbus_bool_t should_quote_opt(const char *key)
@@ -1196,6 +1196,7 @@ DBusMessage * wpas_dbus_iface_set_smartc
@@ -1204,6 +1204,7 @@
char *opensc_engine_path = NULL;
char *pkcs11_engine_path = NULL;
char *pkcs11_module_path = NULL;
@ -211,7 +182,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
struct wpa_dbus_dict_entry entry;
if (!dbus_message_iter_init(message, &iter))
@@ -1222,6 +1223,11 @@ DBusMessage * wpas_dbus_iface_set_smartc
@@ -1230,6 +1231,11 @@
pkcs11_module_path = os_strdup(entry.str_value);
if (pkcs11_module_path == NULL)
goto error;
@ -223,7 +194,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
} else {
wpa_dbus_dict_entry_clear(&entry);
goto error;
@@ -1236,6 +1242,8 @@ DBusMessage * wpas_dbus_iface_set_smartc
@@ -1244,6 +1250,8 @@
wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path;
os_free(wpa_s->conf->pkcs11_module_path);
wpa_s->conf->pkcs11_module_path = pkcs11_module_path;
@ -232,7 +203,7 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
#endif /* EAP_TLS_OPENSSL */
eapol_sm_deinit(wpa_s->eapol);
@@ -1247,6 +1255,7 @@ error:
@@ -1257,6 +1265,7 @@
os_free(opensc_engine_path);
os_free(pkcs11_engine_path);
os_free(pkcs11_module_path);
@ -240,11 +211,10 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus_handlers.c
return wpas_dbus_new_invalid_opts_error(message, NULL);
}
Index: wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/eapol_test.c
+++ wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
@@ -335,6 +335,7 @@ static int test_eapol(struct eapol_test_
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-05-05 11:47:15.000000000 +0200
@@ -408,6 +408,7 @@
ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
@ -252,28 +222,26 @@ Index: wpa_supplicant-0.6.4/wpa_supplicant/eapol_test.c
#endif /* EAP_TLS_OPENSSL */
wpa_s->eapol = eapol_sm_init(ctx);
Index: wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant.c
===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/wpa_supplicant.c
+++ wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant.c
@@ -560,7 +560,7 @@ int wpa_supplicant_reload_configuration(
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-05-05 11:47:15.000000000 +0200
@@ -557,6 +557,7 @@
ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
+ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args;
#endif /* EAP_TLS_OPENSSL */
ctx->wps = wpa_s->wps;
ctx->eap_param_needed = wpa_supplicant_eap_param_needed;
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:49:45.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:47:15.000000000 +0200
@@ -577,7 +577,7 @@
wpa_s->current_ssid = NULL;
/*
* TODO: should notify EAPOL SM about changes in opensc_engine_path,
- * pkcs11_engine_path, pkcs11_module_path.
+ * pkcs11_engine_path, pkcs11_module_path, pkcs11_module_init_args.
*/
if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK ||
wpa_s->key_mgmt == WPA_KEY_MGMT_FT_PSK) {
Index: wpa_supplicant-0.6.4/wpa_supplicant/wpas_glue.c
===================================================================
--- wpa_supplicant-0.6.4.orig/wpa_supplicant/wpas_glue.c
+++ wpa_supplicant-0.6.4/wpa_supplicant/wpas_glue.c
@@ -535,6 +535,7 @@ int wpa_supplicant_init_eapol(struct wpa
ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
+ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args;
#endif /* EAP_TLS_OPENSSL */
ctx->eap_param_needed = wpa_supplicant_eap_param_needed;
ctx->cb = wpa_supplicant_eapol_cb;
if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
/*

22
wpa_supplicant-respect_no_reply.patch
View File

@ -1,22 +0,0 @@
--- BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus.c
+++ BUILD/wpa_supplicant-0.6.4/wpa_supplicant/ctrl_iface_dbus.c
@@ -547,7 +547,8 @@
/* If the message was handled, send back the reply */
if (reply) {
- dbus_connection_send(connection, reply, NULL);
+ if(!dbus_message_get_no_reply(message))
+ dbus_connection_send(connection, reply, NULL);
dbus_message_unref(reply);
}
@@ -606,7 +607,8 @@
/* If the message was handled, send back the reply */
if (reply) {
- dbus_connection_send(connection, reply, NULL);
+ if (!dbus_message_get_no_reply(message))
+ dbus_connection_send(connection, reply, NULL);
dbus_message_unref(reply);
}

25
wpa_supplicant-restore_scan_request_setting.patch
View File

@ -1,25 +0,0 @@
From: Dan Nicholson <dbn.lists@gmail.com>
Date: Wed, 24 Sep 2008 09:48:33 +0000 (+0300)
Subject: Restore scan request settings if initial association failed
X-Git-Url: http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff_plain;h=2064c2f98515016c376f3b69bfe161c85639e764;hp=76dca8929507feca772a35e830329934ae685444
Restore scan request settings if initial association failed
The scan path to initiate another scan if the initial association failed
was broken due to wpa_s->scan_req being zeroed earlier in
wpa_supplicant_scan(). This caused the second scan to bail out early
since it thought this was not a requested scan.
---
diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c
index c2549e2..8767109 100644
--- a/wpa_supplicant/scan.c
+++ b/wpa_supplicant/scan.c
@@ -137,6 +137,7 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
if (wpa_s->scan_res_tried == 0 && wpa_s->conf->ap_scan == 1 &&
!wpa_s->use_client_mlme) {
wpa_s->scan_res_tried++;
+ wpa_s->scan_req = scan_req;
wpa_printf(MSG_DEBUG, "Trying to get current scan results "
"first without requesting a new scan to speed up "
"initial association");

114
wpa_supplicant-roaming.patch
View File

@ -1,16 +1,16 @@
diff -ur wpa_supplicant-0.6.4/src/drivers/driver.h wpa_supplicant-0.6.4_us/src/drivers/driver.h
--- wpa_supplicant-0.6.4/src/drivers/driver.h 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/src/drivers/driver.h 2008-10-13 13:50:55.000000000 +0200
@@ -929,6 +929,8 @@
* Returns: 0 on success, -1 on failure
diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h
--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-05-04 14:26:47.000000000 +0200
@@ -963,6 +963,8 @@
*/
int (*set_mode)(void *priv, int mode);
+
+ int (*get_default_roaming)(void *priv);
};
+ int (*get_default_roaming)(void *priv);
+
/**
@@ -1052,7 +1054,13 @@
* set_country - Set country
* @priv: Private driver interface data
@@ -1147,7 +1149,13 @@
* FT authentication sequence from the AP. The FT IEs are included in
* the extra information in union wpa_event_data::ft_ies.
*/
@ -25,10 +25,10 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver.h wpa_supplicant-0.6.4_us/src/d
} wpa_event_type;
diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/src/drivers/driver_wext.c
--- wpa_supplicant-0.6.4/src/drivers/driver_wext.c 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/src/drivers/driver_wext.c 2008-10-13 14:54:03.000000000 +0200
@@ -643,10 +642,18 @@
diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c
--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:32:17.000000000 +0200
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:28:20.000000000 +0200
@@ -524,10 +524,18 @@
drv->assoc_req_ies = NULL;
os_free(drv->assoc_resp_ies);
drv->assoc_resp_ies = NULL;
@ -47,7 +47,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
wpa_driver_wext_event_assoc_ies(drv);
wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
}
@@ -1027,6 +1034,30 @@
@@ -891,6 +899,30 @@
return wpa_driver_wext_set_ifflags_ifname(drv, drv->ifname, flags);
}
@ -78,7 +78,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
/**
* wpa_driver_wext_init - Initialize WE driver interface
@@ -1078,6 +1109,9 @@
@@ -942,6 +974,9 @@
drv->mlme_sock = -1;
@ -88,7 +88,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
wpa_driver_wext_finish_drv_init(drv);
return drv;
@@ -1153,6 +1187,7 @@
@@ -1017,6 +1052,7 @@
int flags;
eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
@ -96,7 +96,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
/*
* Clear possibly configured driver parameters in order to make it
@@ -1206,6 +1241,69 @@
@@ -1058,6 +1094,69 @@
wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
}
@ -166,7 +166,7 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
/**
* wpa_driver_wext_scan - Request the driver to initiate scan
@@ -1753,6 +1850,7 @@
@@ -1610,6 +1709,7 @@
if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
@ -174,17 +174,15 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.c wpa_supplicant-0.6.4_us/
wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x "
"flags 0x%x",
drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags);
@@ -2766,6 +2865,7 @@
@@ -2388,4 +2488,5 @@
.flush_pmkid = wpa_driver_wext_flush_pmkid,
.get_capa = wpa_driver_wext_get_capa,
.set_operstate = wpa_driver_wext_set_operstate,
+ .get_default_roaming = wpa_driver_get_default_roaming,
#ifdef CONFIG_CLIENT_MLME
.get_hw_feature_data = wpa_driver_wext_get_hw_feature_data,
.set_channel = wpa_driver_wext_set_channel,
diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.h wpa_supplicant-0.6.4_us/src/drivers/driver_wext.h
--- wpa_supplicant-0.6.4/src/drivers/driver_wext.h 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/src/drivers/driver_wext.h 2008-10-13 14:08:22.000000000 +0200
};
diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h
--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-05-04 14:26:04.000000000 +0200
@@ -43,6 +43,9 @@
char mlmedev[IFNAMSIZ + 1];
@ -203,10 +201,10 @@ diff -ur wpa_supplicant-0.6.4/src/drivers/driver_wext.h wpa_supplicant-0.6.4_us/
int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
const char *ifname);
diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.c wpa_supplicant-0.6.4_us/wpa_supplicant/config.c
--- wpa_supplicant-0.6.4/wpa_supplicant/config.c 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config.c 2008-09-29 13:13:31.000000000 +0200
@@ -1883,6 +1883,7 @@
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-04 14:26:04.000000000 +0200
@@ -1943,6 +1943,7 @@
config->eapol_version = DEFAULT_EAPOL_VERSION;
config->ap_scan = DEFAULT_AP_SCAN;
config->fast_reauth = DEFAULT_FAST_REAUTH;
@ -214,10 +212,10 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.c wpa_supplicant-0.6.4_us/wp
if (ctrl_interface)
config->ctrl_interface = os_strdup(ctrl_interface);
diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config_file.c wpa_supplicant-0.6.4_us/wpa_supplicant/config_file.c
--- wpa_supplicant-0.6.4/wpa_supplicant/config_file.c 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config_file.c 2008-09-29 13:20:10.000000000 +0200
@@ -312,6 +312,12 @@
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-04 14:31:03.000000000 +0200
@@ -306,6 +306,12 @@
return 0;
}
@ -228,21 +226,19 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config_file.c wpa_supplicant-0.6.4_
+ return 0;
+}
static int wpa_config_process_fast_reauth(struct wpa_config *config, char *pos)
{
@@ -445,6 +451,9 @@
if (os_strncmp(pos, "ap_scan=", 8) == 0)
return wpa_config_process_ap_scan(config, pos + 8);
+ if (os_strncmp(pos, "roaming=", 8) == 0)
+ return wpa_config_process_roaming(config, pos + 8);
+
if (os_strncmp(pos, "fast_reauth=", 12) == 0)
return wpa_config_process_fast_reauth(config, pos + 12);
diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.h wpa_supplicant-0.6.4_us/wpa_supplicant/config.h
--- wpa_supplicant-0.6.4/wpa_supplicant/config.h 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/wpa_supplicant/config.h 2008-10-13 13:42:01.000000000 +0200
static int wpa_config_parse_str(const struct global_parse_data *data,
struct wpa_config *config, int line,
@@ -457,6 +463,7 @@
{ STR(device_type) },
{ FUNC(os_version) },
{ INT_RANGE(wps_cred_processing, 0, 2) },
+ { FUNC(roaming) },
#endif /* CONFIG_WPS */
{ FUNC(country) }
};
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-04 14:26:04.000000000 +0200
@@ -22,6 +22,7 @@
#define DEFAULT_AP_SCAN 1
#endif /* CONFIG_NO_SCAN_PROCESSING */
@ -263,10 +259,10 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/config.h wpa_supplicant-0.6.4_us/wp
* blobs - Configuration blobs
*/
struct wpa_config_blob *blobs;
diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wpa_supplicant/events.c
--- wpa_supplicant-0.6.4/wpa_supplicant/events.c 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/wpa_supplicant/events.c 2008-10-13 13:53:52.000000000 +0200
@@ -613,6 +613,21 @@
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-05-04 14:26:04.000000000 +0200
@@ -706,6 +706,21 @@
}
#endif /* CONFIG_NO_SCAN_PROCESSING */
@ -288,7 +284,7 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wp
static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
union wpa_event_data *data)
@@ -955,6 +970,9 @@
@@ -1114,6 +1129,9 @@
wpa_supplicant_event_ft_response(wpa_s, data);
break;
#endif /* CONFIG_IEEE80211R */
@ -298,14 +294,14 @@ diff -ur wpa_supplicant-0.6.4/wpa_supplicant/events.c wpa_supplicant-0.6.4_us/wp
default:
wpa_printf(MSG_INFO, "Unknown event %d", event);
break;
diff -ur wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant_i.h wpa_supplicant-0.6.4_us/wpa_supplicant/wpa_supplicant_i.h
--- wpa_supplicant-0.6.4/wpa_supplicant/wpa_supplicant_i.h 2008-08-10 19:33:12.000000000 +0200
+++ wpa_supplicant-0.6.4_us/wpa_supplicant/wpa_supplicant_i.h 2008-10-13 13:53:43.000000000 +0200
@@ -334,6 +334,7 @@
diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h
--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-03-23 15:06:28.000000000 +0100
+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-05-04 14:32:01.000000000 +0200
@@ -350,6 +350,7 @@
struct wpa_client_mlme mlme;
int use_client_mlme;
int driver_4way_handshake;
+ struct os_time last_roaming_attempt;
};
int pending_mic_error_report;
int pending_mic_error_pairwise;

87
wpa_supplicant.changes
View File

@ -1,3 +1,90 @@
-------------------------------------------------------------------
Tue Apr 7 13:02:49 CEST 2009 - hschaa@suse.de
- Enable ralink driver (bnc#481380)
- Enable nl80211 driver (bnc#485453)
- Rebase all SUSE patches to 0.6.9
- Remove upstreamed patches
- Update to 0.6.9
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* added support for Wi-Fi Protected Setup (WPS)
(wpa_supplicant can now be configured to act as a WPS Enrollee to
enroll credentials for a network using PIN and PBC methods; in
addition, wpa_supplicant can act as a wireless WPS Registrar to
configure an AP); WPS support can be enabled by adding CONFIG_WPS=y
into .config and setting the runtime configuration variables in
wpa_supplicant.conf (see WPS section in the example configuration
file); new wpa_cli commands wps_pin, wps_pbc, and wps_reg are used to
manage WPS negotiation; see README-WPS for more details
* added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
* added support for using driver_test over UDP socket
* fixed PEAPv0 Cryptobinding interoperability issue with Windows Server
2008 NPS; optional cryptobinding is now enabled (again) by default
* fixed PSK editing in wpa_gui
* changed EAP-GPSK to use the IANA assigned EAP method type 51
* added a Windows installer that includes WinPcap and all the needed
DLLs; in addition, it set up the registry automatically so that user
will only need start wpa_gui to get prompted to start the wpasvc
servide and add a new interface if needed through wpa_gui dialog
* updated management frame protection to use IEEE 802.11w/D7.0
* added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
(can be used to simulate test SIM/USIM card with a known private key;
enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
* added a new network configuration option, wpa_ptk_rekey, that can be
used to enforce frequent PTK rekeying, e.g., to mitigate some attacks
against TKIP deficiencies
* added an optional mitigation mechanism for certain attacks against
TKIP by delaying Michael MIC error reports by a random amount of time
between 0 and 60 seconds; this can be enabled with a build option
CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
* fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
not bytes
* updated OpenSSL code for EAP-FAST to use an updated version of the
session ticket overriding API that was included into the upstream
OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
needed with that version anymore)
* updated userspace MLME instructions to match with the current Linux
mac80211 implementation; please also note that this can only be used
with driver_nl80211.c (the old code from driver_wext.c was removed)
* added support (Linux only) for RoboSwitch chipsets (often found in
consumer grade routers); driver interface 'roboswitch'
* fixed canceling of PMKSA caching when using drivers that generate
RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
about
* added support for SHA-256 as X.509 certificate digest when using the
internal X.509/TLSv1 implementation
* updated management frame protection to use IEEE 802.11w/D6.0
* added support for using SHA256-based stronger key derivation for WPA2
(IEEE 802.11w)
* fixed FT (IEEE 802.11r) authentication after a failed association to
use correct FTIE
* added support for configuring Phase 2 (inner/tunneled) authentication
method with wpa_gui-qt4
* added support for EAP Sequences in EAP-FAST Phase 2
* added support for using TNC with EAP-FAST
* added driver_ps3 for the PS3 Linux wireless driver
* added support for optional cryptobinding with PEAPv0
* fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
allow fallback to full handshake if server rejects PAC-Opaque
* added fragmentation support for EAP-TNC
* added support for parsing PKCS #8 formatted private keys into the
internal TLS implementation (both PKCS #1 RSA key and PKCS #8
encapsulated RSA key can now be used)
* added option of using faster, but larger, routines in the internal
LibTomMath (for internal TLS implementation) to speed up DH and RSA
calculations (CONFIG_INTERNAL_LIBTOMMATH_FAST=y)
* fixed race condition between disassociation event and group key
handshake to avoid getting stuck in incorrect state [Bug 261]
* fixed opportunistic key caching (proactive_key_caching)
-------------------------------------------------------------------
Sun Mar 1 17:03:04 CET 2009 - coolo@suse.de

132
wpa_supplicant.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package wpa_supplicant (Version 0.6.4)
# spec file for package wpa_supplicant (Version 0.6.9)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@ -19,10 +19,10 @@
Name: wpa_supplicant
BuildRequires: dbus-1-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel
BuildRequires: dbus-1-devel libnl-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel
Url: http://hostap.epitest.fi/wpa_supplicant/
Version: 0.6.4
Release: 25
Version: 0.6.9
Release: 1
License: BSD 3-Clause; GPL v2 or later
Group: Productivity/Networking/Other
Summary: WPA supplicant implementation
@ -31,22 +31,21 @@ Source1: config
Source2: %{name}.conf
Source3: fi.epitest.hostap.WPASupplicant.service
Patch0: wpa_supplicant-driver-wext-debug.patch
# wpa_supplicant-flush-debug-output.patch won't go upstream as it might
# change timings
Patch1: wpa_supplicant-flush-debug-output.patch
# wpa_supplicant-sigusr1-changes-debuglevel.patch won't go upstream as it
# is not portable
Patch2: wpa_supplicant-sigusr1-changes-debuglevel.patch
Patch3: wpa_supplicant-dbus-iface-segfault-fix.patch
Patch4: wpa_supplicant-errormsg.patch
Patch5: wpa_supplicant-roaming.patch
Patch6: wpa_supplicant-restore_scan_request_setting.patch
Patch7: wpa_supplicant-dont_report_empty_initial_scan.patch
Patch8: wpa_supplicant-fix_set_mode.patch
Patch5: wpa_supplicant-dbus-reset-eapol.patch
Patch6: wpa_supplicant-fix_dbus_config.patch
Patch7: wpa_supplicant-fix_dbus_config2.patch
# wpa_supplicant-roaming.patch won't go upstream as it is an ugly hack, once
# roaming is implemented in a clean way this patch should be removed
Patch8: wpa_supplicant-roaming.patch
Patch9: wpa_supplicant-pkcs11-init-args.patch
Patch10: wpa_supplicant-dbus-reset-eapol.patch
Patch11: wpa_supplicant-hide_secrets-2.patch
Patch12: wpa_supplicant-fix_dbus_config.patch
Patch13: wpa_supplicant-fix_dbus_config2.patch
Patch14: wpa_supplicant-fix_ap_ordering.patch
Patch15: wpa_supplicant-respect_no_reply.patch
Patch16: wpa_supplicant-gcc44.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@ -85,18 +84,11 @@ cp %{SOURCE1} wpa_supplicant/.config
%patch2 -p2
%patch3 -p2
%patch4 -p2
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch5 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p2
%patch12 -p1
%patch13 -p2
%patch14 -p2
%patch15 -p2
%patch16 -p1
%patch6 -p1
%patch7 -p2
%patch8 -p2
%patch9 -p2
%build
cd wpa_supplicant
@ -141,6 +133,90 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
/usr/sbin/wpa_gui
%changelog
* Tue Apr 07 2009 hschaa@suse.de
- Enable ralink driver (bnc#481380)
- Enable nl80211 driver (bnc#485453)
- Rebase all SUSE patches to 0.6.9
- Remove upstreamed patches
- Update to 0.6.9
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* added support for Wi-Fi Protected Setup (WPS)
(wpa_supplicant can now be configured to act as a WPS Enrollee to
enroll credentials for a network using PIN and PBC methods; in
addition, wpa_supplicant can act as a wireless WPS Registrar to
configure an AP); WPS support can be enabled by adding CONFIG_WPS=y
into .config and setting the runtime configuration variables in
wpa_supplicant.conf (see WPS section in the example configuration
file); new wpa_cli commands wps_pin, wps_pbc, and wps_reg are used to
manage WPS negotiation; see README-WPS for more details
* added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
* added support for using driver_test over UDP socket
* fixed PEAPv0 Cryptobinding interoperability issue with Windows Server
2008 NPS; optional cryptobinding is now enabled (again) by default
* fixed PSK editing in wpa_gui
* changed EAP-GPSK to use the IANA assigned EAP method type 51
* added a Windows installer that includes WinPcap and all the needed
DLLs; in addition, it set up the registry automatically so that user
will only need start wpa_gui to get prompted to start the wpasvc
servide and add a new interface if needed through wpa_gui dialog
* updated management frame protection to use IEEE 802.11w/D7.0
* added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
(can be used to simulate test SIM/USIM card with a known private key;
enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
* added a new network configuration option, wpa_ptk_rekey, that can be
used to enforce frequent PTK rekeying, e.g., to mitigate some attacks
against TKIP deficiencies
* added an optional mitigation mechanism for certain attacks against
TKIP by delaying Michael MIC error reports by a random amount of time
between 0 and 60 seconds; this can be enabled with a build option
CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
* fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
not bytes
* updated OpenSSL code for EAP-FAST to use an updated version of the
session ticket overriding API that was included into the upstream
OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
needed with that version anymore)
* updated userspace MLME instructions to match with the current Linux
mac80211 implementation; please also note that this can only be used
with driver_nl80211.c (the old code from driver_wext.c was removed)
* added support (Linux only) for RoboSwitch chipsets (often found in
consumer grade routers); driver interface 'roboswitch'
* fixed canceling of PMKSA caching when using drivers that generate
RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know
about
* added support for SHA-256 as X.509 certificate digest when using the
internal X.509/TLSv1 implementation
* updated management frame protection to use IEEE 802.11w/D6.0
* added support for using SHA256-based stronger key derivation for WPA2
(IEEE 802.11w)
* fixed FT (IEEE 802.11r) authentication after a failed association to
use correct FTIE
* added support for configuring Phase 2 (inner/tunneled) authentication
method with wpa_gui-qt4
* added support for EAP Sequences in EAP-FAST Phase 2
* added support for using TNC with EAP-FAST
* added driver_ps3 for the PS3 Linux wireless driver
* added support for optional cryptobinding with PEAPv0
* fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
allow fallback to full handshake if server rejects PAC-Opaque
* added fragmentation support for EAP-TNC
* added support for parsing PKCS #8 formatted private keys into the
internal TLS implementation (both PKCS #1 RSA key and PKCS #8
encapsulated RSA key can now be used)
* added option of using faster, but larger, routines in the internal
LibTomMath (for internal TLS implementation) to speed up DH and RSA
calculations (CONFIG_INTERNAL_LIBTOMMATH_FAST=y)
* fixed race condition between disassociation event and group key
handshake to avoid getting stuck in incorrect state [Bug 261]
* fixed opportunistic key caching (proactive_key_caching)
* Sun Mar 01 2009 coolo@suse.de
- fix compilation with gcc 4.4
* Mon Feb 09 2009 hschaa@suse.de
@ -174,7 +250,7 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
mode
* Mon Sep 29 2008 hschaa@suse.de
- add roaming capability (FATE 303806)
* Tue Sep 23 2008 ro@suse.de
* Wed Sep 24 2008 ro@suse.de
- drop buildreq for madwifi (dropped package)
* Tue Sep 02 2008 ro@suse.de
- update to 0.6.4
@ -601,7 +677,7 @@ install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}
* fixed couple of unaligned reads in scan result parsing to fix WPA
connection on some platforms (e.g., ARM)
- disabled madwifi support on ppc
* Tue Sep 28 2004 jg@suse.de
* Wed Sep 29 2004 jg@suse.de
- added support for ipw2100 driver
* Tue Aug 31 2004 jg@suse.de
- added support for writing pid-file