wpa_supplicant/wpa_supplicant.spec

#
# spec file for package wpa_supplicant (Version 0.6.4)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

# norootforbuild


Name:           wpa_supplicant
BuildRequires:  dbus-1-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel
Url:            http://hostap.epitest.fi/wpa_supplicant/
Version:        0.6.4
Release:        14
License:        BSD 3-Clause; GPL v2 or later
Group:          Productivity/Networking/Other
Summary:        WPA supplicant implementation
Source:         http://hostap.epitest.fi/releases/wpa_supplicant-%{version}.tar.bz2
Source1:        config
Source2:        %{name}.conf
Source3:        fi.epitest.hostap.WPASupplicant.service
Patch0:         wpa_supplicant-driver-wext-debug.patch
Patch1:         wpa_supplicant-flush-debug-output.patch
Patch2:         wpa_supplicant-sigusr1-changes-debuglevel.patch
Patch3:         wpa_supplicant-dbus-iface-segfault-fix.patch
Patch4:         wpa_supplicant-errormsg.patch
Patch5:         wpa_supplicant-roaming.patch
Patch6:         wpa_supplicant-restore_scan_request_setting.patch
Patch7:         wpa_supplicant-dont_report_empty_initial_scan.patch
Patch8:         wpa_supplicant-fix_set_mode.patch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

%description
wpa_supplicant is an implementation of the WPA Supplicant component,
i.e., the part that runs in the client stations. It implements key
negotiation with a WPA Authenticator and it controls the roaming and
IEEE 802.11 authentication/association of the wlan driver.



Authors:
--------
    Jouni Malinen <jkmaline@cc.hut.fi>

%package gui
License:        BSD 3-Clause; GPL v2 or later
Summary:        WPA supplicant graphical front-end
Requires:       wpa_supplicant
Group:          System/Monitoring

%description gui
This package contains a graphical front-end to wpa_supplicant, an
implementation of the WPA Supplicant component.



Authors:
--------
    Jouni Malinen <jkmaline@cc.hut.fi>

%prep
%setup -n wpa_supplicant-%{version}
cp %{SOURCE1} wpa_supplicant/.config
%patch0 -p2
%patch1 -p2
%patch2 -p2
%patch3 -p2
%patch4 -p2
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch5 -p1

%build
cd wpa_supplicant
CFLAGS="$RPM_OPT_FLAGS" make %{?jobs:-j%jobs} 
cd wpa_gui-qt4
qmake QMAKE_CXXFLAGS="$RPM_OPT_FLAGS"
make %{?jobs:-j%jobs}

%install
install -d %{buildroot}/%{_sbindir}
install -m 0755 wpa_supplicant/wpa_cli %{buildroot}%{_sbindir}
install -m 0755 wpa_supplicant/wpa_passphrase %{buildroot}%{_sbindir}
install -m 0755 wpa_supplicant/wpa_supplicant %{buildroot}%{_sbindir}
install -d %{buildroot}%{_sysconfdir}/dbus-1/system.d
install -m 0644 wpa_supplicant/dbus-wpa_supplicant.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/wpa_supplicant.conf
install -d %{buildroot}/%{_sysconfdir}/%{name}
install -m 0600 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name}
install -d %{buildroot}/%{_datadir}/dbus-1/system-services
install -m 0644 %{SOURCE3} %{buildroot}/%{_datadir}/dbus-1/system-services
install -d %{buildroot}/%{_localstatedir}/run/%{name}
install -d %{buildroot}%{_mandir}/man{5,8}
install -m 0644 wpa_supplicant/doc/docbook/*.8 %{buildroot}%{_mandir}/man8
install -m 0644 wpa_supplicant/doc/docbook/*.5 %{buildroot}%{_mandir}/man5
install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir}

%files
%defattr(-,root,root)
%doc wpa_supplicant/ChangeLog COPYING README wpa_supplicant/todo.txt wpa_supplicant/doc/wpa_supplicant.fig wpa_supplicant/examples wpa_supplicant/wpa_supplicant.conf
%{_sbindir}/wpa_cli
%{_sbindir}/wpa_passphrase
%{_sbindir}/wpa_supplicant
%config %{_sysconfdir}/dbus-1/system.d/%{name}.conf
%{_datadir}/dbus-1/system-services
%config %{_sysconfdir}/%{name}/%{name}.conf
%dir %{_localstatedir}/run/%{name}
%dir %{_sysconfdir}/%{name}
%doc %{_mandir}/man8/*
%doc %{_mandir}/man5/*

%files gui
%defattr(-,root,root)
/usr/sbin/wpa_gui

%changelog
* Mon Oct 13 2008 hschaa@gmail.com
- update wpa_supplicant-roaming.patch which enables roaming by
  default for some cards
* Thu Oct 09 2008 hschaa@suse.de
- add patches wpa_supplicant-dont_report_empty_initial_scan.patch
  and wpa_supplicant-restore_scan_request_setting.patch which
  speed up the initial association with a network when NM is used
- Add patch wpa_supplicant-fix_set_mode.patch which fixes an
  association bug that was triggered when changing the interface
  mode
* Mon Sep 29 2008 hschaa@suse.de
- add roaming capability (FATE 303806)
* Wed Sep 24 2008 ro@suse.de
- drop buildreq for madwifi (dropped package)
* Tue Sep 02 2008 ro@suse.de
- update to 0.6.4
  * added support for EAP Sequences in EAP-FAST Phase 2
  * added support for using TNC with EAP-FAST
  * added driver_ps3 for the PS3 Linux wireless driver
  * added support for optional cryptobinding with PEAPv0
  * fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
  allow fallback to full handshake if server rejects PAC-Opaque
  * added fragmentation support for EAP-TNC
  * added support for parsing PKCS #8 formatted private keys into the
  internal TLS implementation (both PKCS #1 RSA key and PKCS #8
  encapsulated RSA key can now be used)
  * added option of using faster, but larger, routines in the internal
  LibTomMath (for internal TLS implementation) to speed up DH and RSA
  calculations (CONFIG_INTERNAL_LIBTOMMATH_FAST=y)
  * fixed race condition between disassociation event and group key
  handshake to avoid getting stuck in incorrect state [Bug 261]
  * fixed opportunistic key caching (proactive_key_caching)
* Mon Aug 04 2008 hschaa@suse.de
- Remove patches that are already upstream
- Rebase patches to new version
- Update to 0.6.3
* Mon May 05 2008 schwab@suse.de
- Fix mangled error message.
* Mon Mar 17 2008 hschaa@suse.de
- Fix system bus activation (bnc#371500)
* Tue Mar 11 2008 hschaa@suse.de
- Remove patches that are upstream already
- Update to version 0.5.10, changes:
  * added support for Makefile builds to include debug-log-to-a-file
  functionality (CONFIG_DEBUG_FILE=y and -f<path> on command line)
  * added network configuration parameter 'frequency' for setting
  initial channel for IBSS (adhoc) networks
  * fixed EAP-SIM and EAP-AKA message parser to validate attribute
  lengths properly to avoid potential crash caused by invalid messages
  * added driver_wext workaround for race condition between scanning and
  association with drivers that take very long time to scan all
  channels (e.g., madwifi with dual-band cards); wpa_supplicant is now
  using a longer hardcoded timeout for the scan if the driver supports
  notifications for scan completion (SIOCGIWSCAN event); this helps,
  e.g., in cases where wpa_supplicant and madwifi driver ended up in
  loop where the driver did not even try to associate
  * fixed EAP-SIM not to include AT_NONCE_MT and AT_SELECTED_VERSION
  attributes in EAP-SIM Start/Response when using fast reauthentication
  * fixed problems in getting NDIS events from WMI on Windows 2000
- Changes in 0.5.9:
  * fixed an integer overflow issue in the ASN.1 parser used by the
  (experimental) internal TLS implementation to avoid a potential
  buffer read overflow
  * fixed a race condition with -W option (wait for a control interface
  monitor before starting) that could have caused the first messages to
  be lost
  * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
  draft (draft-ietf-emu-eap-gpsk-07.txt)
  * added ctrl_iface RECONNECT (wpa_cli reconnect) command
  (like reassociate, but only takes effect if already associated)
  * fixed a possible race condition between wpa_cli reassociate and
  wpa_cli disconnect
  * return a non-zero exit code from non-interactive wpa_cli if the
  command is not recognized or fails
  * fixed 0.5.8 regressions in BSS selection that prevented wildcard SSID
  from being used with non-WPA networks and disabled workaround for
  ignoring bogus WPA/RSN IE in non-WPA configuration
  * fixed OpenSSL TLS wrapper to clear trusted CA list to allow
  network blocks to use different trusted CA configurations
  * fixed a potential EAP state machine loop when mloving from PSK to EAP
  configuration without restarting wpa_supplicant
* Thu Jan 31 2008 hschaa@suse.de
- Fix madwifi support (b.n.c #342670)
* Tue Dec 18 2007 jg@suse.de
- Fix two leaks when signalling state and scan results (rh #408141)
* Wed Nov 14 2007 jg@suse.de
- enable dbus interface
- apply fixes from Dan Williams
- build Qt4 version of wpa_gui
- dropped gcc 4.3 patch for Qt3 wpa_gui
* Mon Nov 12 2007 ssommer@suse.de
- fix build with gcc 4.3
* Tue Jul 24 2007 jg@suse.de
- update to version 0.5.8, changes:
  * updated driver_wext.c to build with the current wireless-dev.git
  tree and net/d80211 changes
  * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
  draft (draft-ietf-emu-eap-gpsk-03.txt)
  * fixed 'make install'
  * fixed EAP-TTLS implementation not to crash on use of freed memory
  if TLS library initialization fails
  * fixed EAP-AKA Notification processing to allow Notification to be
  processed after AKA Challenge response has been sent
* Mon Mar 19 2007 jg@suse.de
- adjusted include path for madwifi
* Sat Mar 10 2007 dmueller@suse.de
- update to 0.5.7 (#253396):
  * ChangeLog is under /usr/share/doc/packages/wpa_supplicant/ChangeLog
* Mon Nov 06 2006 jg@suse.de
- set IW_ENCODE_TEMP flag (needed to use dynamic WEP with airo
  driver, bug 185528)
* Fri Oct 06 2006 jg@suse.de
- update to 0.4.9:
  * fixed EAPOL re-authentication for sessions that used PMKSA
  caching
  * reject WPA/WPA2 message 3/4 if it does not include any valid
  WPA/RSN IE
  * driver_wext: added support for WE-21 change to SSID configuration
  * driver_wext: fixed privacy configuration for static WEP keys mode
  [Bug 140]
  * driver_wext: added fallback to use SIOCSIWENCODE for setting
  auth_alg if the driver does not support SIOCSIWAUTH
* Fri Mar 24 2006 jg@suse.de
- fixed static WEP key usage (bug 144268)
* Thu Feb 16 2006 jg@suse.de
- update to 0.4.8 (bug 151151)
  * added support for EAP-FAST key derivation using other ciphers than
  RC4-128-SHA for authentication and AES128-SHA for provisioning
  * fixed EAP-SIM and EAP-AKA pseudonym and fast re-authentication to
  decrypt AT_ENCR_DATA attributes correctly
  * added support for configuring CA certificate as DER file and as a
  configuration blob
  * fixed private key configuration as configuration blob and added
  support for using PKCS#12 as a blob
  * added support for loading trusted CA certificates from Windows
  certificate store: ca_cert="cert_store://<name>", where <name> is
  likely CA (Intermediate CA certificates) or ROOT (root certificates)
  * fixed TLS library deinitialization after RSN pre-authentication not
  to disable TLS library for normal authentication
  * fixed PMKSA cache processing not to trigger deauthentication if the
  current PMKSA cache entry is replaced with a valid new entry
  * fixed PC/SC initialization for ap_scan != 1 modes (this fixes
  EAP-SIM and EAP-AKA with real SIM/USIM card when using ap_scan=0 or
  ap_scan=2)
  * do not try to use USIM APDUs when initializing PC/SC for SIM card
  access for a network that has not enabled EAP-AKA
* Sun Feb 05 2006 ro@suse.de
- removed km_wlan from BuildRequires
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Tue Jan 17 2006 rml@suse.de
- Add patch (from upstream) fixing bad drivers that NULL out
  the SSID and send the wrong length.
* Tue Jan 10 2006 jg@suse.de
- added AP scan mode selection via control interface (patch
  from rml@novell.com)
* Mon Nov 21 2005 jg@suse.de
- update to 0.4.7, changes (shortened):
  * l2_packet_pcap: fixed wired IEEE 802.1X authentication with
  libpcap and WinPcap to receive frames sent to PAE group address
  * disable EAP state machine when IEEE 802.1X authentication is
  not used in order to get rid of bogus "EAP failed" messages
  * fixed OpenSSL error reporting to go through all pending errors
  to avoid confusing reports of old errors being reported at
  later point during handshake
  * fixed configuration file updating to not write empty variables
  (e.g., proto or key_mgmt) that the file parser would not accept
  * fixed ADD_NETWORK ctrl_iface command to use the same default
  values for variables as empty network definitions read from
  config file would get
  * fixed EAP state machine to not discard EAP-Failure messages in
  many cases (e.g., during TLS handshake)
  * fixed a infinite loop in private key reading if the configured
  file cannot be parsed successfully
  * driver_madwifi: added support for madwifi-ng
  * wpa_gui: do not display password/PSK field contents
  * wpa_gui: added CA certificate configuration
  * use longer timeout for IEEE 802.11 association to avoid problems
  with drivers that may take more than five second to associate
- dropped obsolete madwifi patch
- dropped obsolete copy of wireless.h
- updated config file
- use $RPM_OPT_FLAGS and %%jobs
- created subpackage wpa_supplicant-gui containing wpa_gui
* Tue Nov 08 2005 jg@suse.de
- do not build as root
* Fri Nov 04 2005 jg@suse.de
- added support for madwifi-ng
- compiling against Wireless Extensions v19
- removed obsolete config option CONFIG_XSUPPLICANT_IFACE
* Fri Oct 28 2005 jg@suse.de
- update to 0.4.6, changes (shortened):
  * allow fallback to WPA, if mixed WPA+WPA2 networks have mismatch
  in RSN IE, but WPA IE would match with wpa_supplicant
  configuration
  * added support for named configuration blobs in order to avoid
  having to use file system for external files (e.g., certificates)
  * fixed RSN pre-authentication
  * driver_madwifi: set IEEE80211_KEY_GROUP flag for group keys to
  make sure the driver configures broadcast decryption correctly
  * added ca_path (and ca_path2) configuration variables that can be
  used to configure OpenSSL CA path, e.g., /etc/ssl/certs, for
  using the system-wide trusted CA list
  * added support for starting wpa_supplicant without a configuration
  file
  * added global control interface that can be optionally used for
  adding and removing network interfaces dynamically
  * wpa_gui:
    - try to save configuration whenever something is modified
    - added WEP key configuration
    - added possibility to edit the current network configuration
  * driver_ndis: fixed driver polling not to increase frequency on
  each received EAPOL frame due to incorrectly cancelled timeout
  * fixed driver_wext.c to filter wireless events based on ifindex
  to avoid interfaces receiving events from other interfaces
  * delay sending initial EAPOL-Start couple of seconds to speed
  up authentication for the most common case of Authenticator
  starting EAP authentication immediately after association
* Thu Oct 13 2005 jg@suse.de
- update to 0.4.5, changes (shortened):
  * added a workaround for clearing keys with ndiswrapper to allow
  roaming from WPA enabled AP to plaintext one
  * l2_packet_linux: use socket type SOCK_DGRAM instead of SOCK_RAW
  for PF_PACKET in order to prepare for network devices that do
  not use Ethernet headers (e.g., network stack with native IEEE
  802.11 frames)
  * use receipt of EAPOL-Key frame as a lower layer success indication
  for EAP state machine to allow recovery from dropped EAP-Success
  frame
  * driver_wext: add support for WE-19
  * added support for multiple configuration backends (CONFIG_BACKEND
  option); currently, only 'file' is supported (i.e., the format used
  in wpa_supplicant.conf)
  * added support for updating configuration ('wpa_cli save_config')
  * added GET_NETWORK ctrl_iface command
* Mon Aug 29 2005 jg@suse.de
- update to 0.4.4 (bug 112977), changes (shortened):
  * replaced OpenSSL patch for EAP-FAST support
  (openssl-tls-extensions.patch) with a more generic and correct
  patch
  * allow non-WPA modes (e.g., IEEE 802.1X with dynamic WEP) to be
  used with drivers that do not support WPA
  * added support for enabling/disabling networks from the list of
  all configured networks
  * added support for adding and removing network from the current
  configuration
  * added support for setting network configuration parameters
  through the control interface
  * fixed parsing of strings that include both " and # within double
  quoted area (e.g., "start"#end")
  * removed interface for external EAPOL/EAP supplicant
  * fixed build with CONFIG_DNET_PCAP=y on Linux
  * l2_packet: moved different implementations into separate files
  * added support for using ap_scan=2 mode with multiple network
  blocks
  * fixed a potential issue in RSN pre-authentication ending up using
  freed memory if pre-authentication times out
  * added support for querying private key password (EAP-TLS) through
  the control interface (wpa_cli/wpa_gui) if one is not included in
  the configuration file
  * driver_broadcom: fixed couple of memory leaks in scan result
  processing
  * EAP-PAX is now registered as EAP type 46
  * fixed EAP-PAX MAC calculation
  * fixed EAP-PAX CK and ICK key derivation
  * added support for using password with EAP-PAX
  * added support for arbitrary driver interface parameters through the
  configuration file with a new driver_param field
  * added possibility to override l2_packet module with driver
  interface API (new send_eapol handler)
  * fixed ctrl_interface_group processing for the case where gid is
  entered as a number, not group name
  * driver_test: added support for testing hostapd with wpa_supplicant
  by using test driver interface without any kernel drivers or
  network cards
  * added support for EAP-MSCHAPv2 password retries within the same
  EAP authentication session
  * added support for password changes with EAP-MSCHAPv2
  * added support for reading additional certificates from PKCS#12
  files and adding them to the certificate chain
  * fixed association with IEEE 802.1X (no WPA) when dynamic WEP keys
  were used
  * display EAP Notification messages to user through control
  interface with "CTRL-EVENT-EAP-NOTIFICATION" prefix
  * added 'disconnect' command to control interface for setting
  wpa_supplicant in state where it will not associate before
  'reassociate' command has been used
  * added support for getting scan results through control interface
  * added support for wired authentication (IEEE 802.1X on wired
  Ethernet); driver interface 'wired'
  * added support for sending TLS alerts
  * added support for 'any' SSID wildcard; if ssid is not configured or
  is set to an empty string, any SSID will be accepted for non-WPA AP
  * added support for asking PIN (for SIM) from frontends (e.g.,
  wpa_cli);
  * added support for using external devices (e.g., a smartcard) for
  private key operations in EAP-TLS (CONFIG_SMARTCARD=y in .config);
  * added experimental support for EAP-PAX
  * added monitor mode for wpa_cli
* Mon Jul 11 2005 jg@suse.de
- update to 0.3.9, changes:
  * modified the EAP workaround that accepts EAP-Success with
  incorrect Identifier to be even less strict about verification
  in order to interoperate with some authentication servers
  * fixed RSN IE in 4-Way Handshake message 2/4 for the case where
  Authenticator rejects PMKSA caching attempt and the driver is
  not using assoc_info events
  * fixed a possible double free in EAP-TTLS fast-reauthentication
  when identity or password is entered through control interface
  * added -P<pid file> argument for wpa_supplicant to write the
  current process id into a file
  * driver_madwifi: fixed association in plaintext mode
  * driver_madwifi: added preliminary support for compiling against
  'BSD' branch of madwifi CVS tree
  * added EAP workaround for PEAPv1 session resumption: allow outer,
  i.e., not tunneled, EAP-Success to terminate session since; this
  can be disabled with eap_workaround=0
  * driver_ipw: updated driver structures to match with ipw2200-1.0.4
  (note: ipw2100-1.1.0 is likely to require an update to work with
  this)
  * driver_broadcom: fixed couple of memory leaks in scan result
  processing
- removed pidfile patch in favour of the new upstream
  implementation
* Mon Mar 21 2005 jg@suse.de
- creating directory /var/run/wpa_supplicant when needed (bug 74023)
* Mon Feb 14 2005 jg@suse.de
- update to 0.3.8, changes:
  * fixed EAPOL-Key validation to drop packets with invalid Key
  Data Length; such frames could have crashed wpa_supplicant due
  to buffer overflow
* Mon Feb 07 2005 jg@suse.de
- update to 0.3.7-pre, changes:
  * fixed WPA/RSN IE verification in message 3 of 4-Way Handshake
  when using drivers that take care of AP selection (e.g., when
  using ap_scan=2)
  * fixed reprocessing of pending request after ctrl_iface requests
  for identity/password/otp
  * fixed ctrl_iface requests for identity/password/otp in Phase 2
  of EAP-PEAP and EAP-TTLS
  * all drivers using driver_wext: set interface up and select
  Managed mode when starting wpa_supplicant; set interface down
  when exiting
  * renamed driver_ipw2100.c to driver_ipw.c since it now supports
  both ipw2100 and ipw2200
  * fixed a busy loop introduced in v0.3.5 for scan result
  processing when no matching AP is found
  * added a workaround for an interoperability issue with a Cisco AP
  when using WPA2-PSK
  * fixed non-WPA IEEE 802.1X to use the same authentication timeout
  as WPA with IEEE 802.1X
  * fixed issues with 64-bit CPUs and SHA1 cleanup in previous
  version (e.g., segfault when processing EAPOL-Key frames)
  * fixed EAP workaround and fast reauthentication configuration for
  RSN pre-authentication
  * added support for blacklisting APs that fail or timeout
  authentication in ap_scan=1 mode so that all APs are tried in
  cases where the ones with strongest signal level are failing
  authentication
  * fixed CA certificate loading after a failed EAP-TLS/PEAP/TTLS
  authentication attempt
  * added preliminary support for IBSS (ad-hoc) mode configuration
  * added optional support for GNU Readline and History Libraries
  for wpa_cli (CONFIG_READLINE)
  * added couple of workarounds for interoperability issues with a
  Cisco AP when using WPA2
  * fixed private key loading for cases where passphrase is not set
  * improved recovery from PMKID mismatches by requesting full EAP
  authentication in case of failed PMKSA caching attempt
  * driver_ndis: added support for NDIS NdisMIncidateStatus() events
  * driver_ndis: use ADD_WEP/REMOVE_WEP when configuring WEP keys
  * added support for driver interfaces to replace the interface
  name based on driver/OS specific mapping, e.g., in case of
  driver_ndis, this allows the beginning of the adapter
  description to be used as the interface name
  * driver_ndis: enable radio before starting scanning, disable
  radio when exiting
  * added KEY_MGMT_802_1X_NO_WPA as a new key_mgmt type so that
  driver interface can distinguish plaintext and IEEE 802.1X
  (no WPA) authentication
  * fixed static WEP key configuration to use broadcast/default type
  for all keys
  * driver_ndis: added legacy WPA capability detection for non-WPA2
  drivers
  * added support for setting static WEP keys for IEEE 802.1X
  without dynamic WEP keying (eapol_flags=0)
  * added support for reading PKCS#12 (PFX) files (as a replacement
  for PEM/DER) to get certificate and private key (CONFIG_PKCS12)
  * added new ap_scan mode, ap_scan=2, for drivers that take care of
  association, but need to be configured with security policy and
  SSID, e.g., ndiswrapper and NDIS driver
* Thu Jan 13 2005 jg@suse.de
- update to 0.2.6, changes:
  * added driver interface for Intel ipw2100 driver
  * fixed a bug in PMKSA cache processing: skip sending of
  EAPOL-Start only if there is a PMKSA cache entry for the
  current AP
  * fixed error handling for case where reading of scan results
  fails: must schedule a new scan or wpa_supplicant will remain
  waiting forever
  * set pairwise/group cipher suite for non-WPA IEEE 802.1X to
  WEP-104 if keys are not configured to be used; this fixes
  IEEE 802.1X mode with drivers that use this information to
  configure whether Privacy bit can be in Beacon frames
  (e.g., ndiswrapper)
  * improved downgrade attack detection in IE verification of
  msg 3/4: verify both WPA and RSN IEs, if present, not only the
  selected one; reject the AP if an RSN IE is found in msg 3/4,
  but not in Beacon or Probe Response frame, and RSN is enabled in
  wpa_supplicant configuration
  * fixed WPA msg 3/4 processing to allow Key Data field contain
  other IEs than just one WPA IE
  * modified association event handler to set portEnabled = FALSE
  before clearing port Valid in order to reset EAP state machine
  and avoid problems with new authentication getting ignored because
  of state machines ending up in AUTHENTICATED/SUCCESS state based
  on old information
- removed obsolete ipw2100 patch
- added wpa_supplicant.fig to filelist
* Fri Oct 22 2004 jg@suse.de
- update to 0.2.5, changes:
  * wpa_cli: fixed parsing of -p <path> command line argument
  * fixed parsing of wep_tx_keyidx
  * fixed couple of errors in PCSC handling that could have caused
  random-looking errors for EAP-SIM
  * PEAPv1: fixed tunneled EAP-Success reply handling to reply with
  TLS ACK, not tunneled EAP-Success
  * PEAPv1: added support for terminating PEAP authentication on
  tunneled EAP-Success message
  * PEAPv1: changed phase1 option peaplabel to use default to 0, i.e.,
  to the old label for key derivation; previously, the default was 1,
  but it looks like most existing PEAPv1 implementations use the old
  label which is thus more suitable default option
  * changed SSID configuration in driver_wext.c (used by many driver
  interfaces) to use ssid_len+1 as the length for SSID since some
  Linux drivers expect this
  * fixed couple of unaligned reads in scan result parsing to fix WPA
  connection on some platforms (e.g., ARM)
- disabled madwifi support on ppc
* Wed Sep 29 2004 jg@suse.de
- added support for ipw2100 driver
* Tue Aug 31 2004 jg@suse.de
- added support for writing pid-file
* Mon Aug 02 2004 jg@suse.de
- fixed build on non-x86 platforms
* Mon Aug 02 2004 jg@suse.de
- update to version 0.2.4, important changes:
  - support for new EAP authentication methods:
  EAP-TTLS/EAP-MD5-Challenge
  EAP-TTLS/EAP-GTC
  EAP-TTLS/EAP-MSCHAPv2
  EAP-TTLS/EAP-TLS
  EAP-TTLS/MSCHAPv2
  EAP-TTLS/MSCHAP
  EAP-TTLS/PAP
  EAP-TTLS/CHAP
  EAP-PEAP/TLS
  EAP-PEAP/GTC
  EAP-PEAP/MD5-Challenge
  EAP-GTC
  EAP-TTLS/EAP-OTP, EAP-PEAPv0/OTP, EAP-PEAPv1/OTP, EAP-OTP
  - support for ATMEL AT76C5XXX driver
  - support for madwifi driver
  - lots of minor changes, see ChangeLog
- added km_wlan to needforbuild (driver source of madwifi is
  needed)
* Thu Jun 17 2004 jg@suse.de
- Initial package