From dc0cc4b4440dcfaa155eb1a41e3d3009a1f89847f40fb8ed45c0eefc67482ac2 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 18 Mar 2010 15:35:06 +0000 Subject: [PATCH 1/6] Updating link to change in openSUSE:Factory/wpa_supplicant revision 30.0 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=2208316f956ffb1d0369e96662684661 --- ready | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 ready diff --git a/ready b/ready deleted file mode 100644 index 473a0f4..0000000 From c94753c30b9594c824c209f876464fc65cee03df0acd09da1244561b15c0c6d5 Mon Sep 17 00:00:00 2001 From: Vladimir Botka Date: Fri, 28 May 2010 11:45:31 +0000 Subject: [PATCH 2/6] Accepting request 40792 from home:vbotka:branches:hardware Copy from home:vbotka:branches:hardware/wpa_supplicant via accept of submit request 40792 revision 2. Request was accepted with message: tested OK OBS-URL: https://build.opensuse.org/request/show/40792 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=9 --- ...back_From_Failed_PMKSA_Into_Full_EAP.patch | 52 +++++++++++++++++++ wpa_supplicant.changes | 6 +++ wpa_supplicant.spec | 2 + 3 files changed, 60 insertions(+) create mode 100644 Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch diff --git a/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch b/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch new file mode 100644 index 0000000..b1a7024 --- /dev/null +++ b/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch @@ -0,0 +1,52 @@ +commit b4a1256d3660a2b5239062a9b42de79b8a34286a +Author: Jouni Malinen +Date: Sat May 1 17:35:28 2010 +0300 + + Fix fallback from failed PMKSA caching into full EAP authentication + + Commit 83935317a78fb4157eb6e5134527b9311dbf7b8c added forced + disconnection in case of 4-way handshake failures. However, it should + not have changed the case where the supplicant is requesting fallback + to full EAP authentication if the PMKID in EAPOL-Key message 1/4 is + not know. This case needs to send an EAPOL-Start frame instead of + EAPOL-Key message 2/4. + + This works around a problem with APs that try to force PMKSA caching + even when the client does not include PMKID in (re)association request + frame to request it. [Bug 355] + +diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c +index 885d173..9439f97 100644 +--- src/rsn_supp/wpa.c ++++ src/rsn_supp/wpa.c +@@ -231,6 +231,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, + wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, + buf, buflen); + os_free(buf); ++ return -2; + } + + return -1; +@@ -361,6 +362,7 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, + struct wpa_eapol_ie_parse ie; + struct wpa_ptk *ptk; + u8 buf[8]; ++ int res; + + if (wpa_sm_get_network_ctx(sm) == NULL) { + wpa_printf(MSG_WARNING, "WPA: No SSID info found (msg 1 of " +@@ -388,7 +390,13 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, + } + #endif /* CONFIG_NO_WPA2 */ + +- if (wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid)) ++ res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); ++ if (res == -2) { ++ wpa_printf(MSG_DEBUG, "RSN: Do not reply to msg 1/4 - " ++ "requesting full EAP authentication"); ++ return; ++ } ++ if (res) + goto failed; + + if (sm->renew_snonce) { diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index a34ed91..8b353ff 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri May 28 12:49:53 CEST 2010 - vbotka@suse.de + +- Fix fallback from failed PMKSA caching into full EAP authentication + (bnc 601501) + ------------------------------------------------------------------- Sun Jan 31 13:13:46 UTC 2010 - aj@suse.de diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 61d9d12..8d069db 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -45,6 +45,7 @@ Patch6: wpa_supplicant-fix_dbus_config.patch # roaming is implemented in a clean way this patch should be removed Patch8: wpa_supplicant-roaming.patch Patch9: wpa_supplicant-pkcs11-init-args.patch +Patch10: Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: logrotate @@ -91,6 +92,7 @@ cp %{SOURCE1} wpa_supplicant/.config #%patch8 -p2 # Patch does not apply anymore #%patch9 -p2 +%patch10 -p0 %build cd wpa_supplicant From 3cd545f35f2a9fdd1ab57be12cddc2664da62f3d5a5414e18e29f0d0721e52de Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Mon, 31 May 2010 16:17:30 +0000 Subject: [PATCH 3/6] Accepting request 40920 from hardware checked in (request 40920) OBS-URL: https://build.opensuse.org/request/show/40920 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=10 --- ...back_From_Failed_PMKSA_Into_Full_EAP.patch | 52 ------------------- wpa_supplicant.changes | 6 --- wpa_supplicant.spec | 2 - 3 files changed, 60 deletions(-) delete mode 100644 Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch diff --git a/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch b/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch deleted file mode 100644 index b1a7024..0000000 --- a/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch +++ /dev/null @@ -1,52 +0,0 @@ -commit b4a1256d3660a2b5239062a9b42de79b8a34286a -Author: Jouni Malinen -Date: Sat May 1 17:35:28 2010 +0300 - - Fix fallback from failed PMKSA caching into full EAP authentication - - Commit 83935317a78fb4157eb6e5134527b9311dbf7b8c added forced - disconnection in case of 4-way handshake failures. However, it should - not have changed the case where the supplicant is requesting fallback - to full EAP authentication if the PMKID in EAPOL-Key message 1/4 is - not know. This case needs to send an EAPOL-Start frame instead of - EAPOL-Key message 2/4. - - This works around a problem with APs that try to force PMKSA caching - even when the client does not include PMKID in (re)association request - frame to request it. [Bug 355] - -diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c -index 885d173..9439f97 100644 ---- src/rsn_supp/wpa.c -+++ src/rsn_supp/wpa.c -@@ -231,6 +231,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, - wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, - buf, buflen); - os_free(buf); -+ return -2; - } - - return -1; -@@ -361,6 +362,7 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, - struct wpa_eapol_ie_parse ie; - struct wpa_ptk *ptk; - u8 buf[8]; -+ int res; - - if (wpa_sm_get_network_ctx(sm) == NULL) { - wpa_printf(MSG_WARNING, "WPA: No SSID info found (msg 1 of " -@@ -388,7 +390,13 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, - } - #endif /* CONFIG_NO_WPA2 */ - -- if (wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid)) -+ res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); -+ if (res == -2) { -+ wpa_printf(MSG_DEBUG, "RSN: Do not reply to msg 1/4 - " -+ "requesting full EAP authentication"); -+ return; -+ } -+ if (res) - goto failed; - - if (sm->renew_snonce) { diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index 8b353ff..a34ed91 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,9 +1,3 @@ -------------------------------------------------------------------- -Fri May 28 12:49:53 CEST 2010 - vbotka@suse.de - -- Fix fallback from failed PMKSA caching into full EAP authentication - (bnc 601501) - ------------------------------------------------------------------- Sun Jan 31 13:13:46 UTC 2010 - aj@suse.de diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 8d069db..61d9d12 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -45,7 +45,6 @@ Patch6: wpa_supplicant-fix_dbus_config.patch # roaming is implemented in a clean way this patch should be removed Patch8: wpa_supplicant-roaming.patch Patch9: wpa_supplicant-pkcs11-init-args.patch -Patch10: Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: logrotate @@ -92,7 +91,6 @@ cp %{SOURCE1} wpa_supplicant/.config #%patch8 -p2 # Patch does not apply anymore #%patch9 -p2 -%patch10 -p0 %build cd wpa_supplicant From f241a8ef225430e26dbc612cb3931e06a0cdc44937b2d5000bae81ee8198d830 Mon Sep 17 00:00:00 2001 From: Vladimir Botka Date: Wed, 8 Sep 2010 09:51:12 +0000 Subject: [PATCH 4/6] Accepting request 47476 from home:vbotka:branches:hardware update to 0.7.3, tested OK OBS-URL: https://build.opensuse.org/request/show/47476 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=11 --- wpa_supplicant-0.7.1.tar.bz2 | 3 - wpa_supplicant-0.7.3.tar.bz2 | 3 + wpa_supplicant-fix_dbus_config.patch | 23 -- wpa_supplicant-pkcs11-init-args.patch | 247 --------------------- wpa_supplicant-roaming.patch | 307 -------------------------- wpa_supplicant.changes | 71 ++++++ wpa_supplicant.spec | 17 +- 7 files changed, 75 insertions(+), 596 deletions(-) delete mode 100644 wpa_supplicant-0.7.1.tar.bz2 create mode 100644 wpa_supplicant-0.7.3.tar.bz2 delete mode 100644 wpa_supplicant-fix_dbus_config.patch delete mode 100644 wpa_supplicant-pkcs11-init-args.patch delete mode 100644 wpa_supplicant-roaming.patch diff --git a/wpa_supplicant-0.7.1.tar.bz2 b/wpa_supplicant-0.7.1.tar.bz2 deleted file mode 100644 index 77e3438..0000000 --- a/wpa_supplicant-0.7.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dc7258286d2eb87c470abca13e19135b3e0a9bc84d7be8a8500e73a560cc9b65 -size 1263708 diff --git a/wpa_supplicant-0.7.3.tar.bz2 b/wpa_supplicant-0.7.3.tar.bz2 new file mode 100644 index 0000000..ff0768a --- /dev/null +++ b/wpa_supplicant-0.7.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:495bb18e0fd682f143ec46715f6b2d6ce57ddc6f6dbd0d40603f0d2cef458b3a +size 1290000 diff --git a/wpa_supplicant-fix_dbus_config.patch b/wpa_supplicant-fix_dbus_config.patch deleted file mode 100644 index 7db1cde..0000000 --- a/wpa_supplicant-fix_dbus_config.patch +++ /dev/null @@ -1,23 +0,0 @@ -Index: wpa_supplicant-0.6.9/wpa_supplicant/dbus-wpa_supplicant.conf -=================================================================== ---- wpa_supplicant-0.6.9.orig/wpa_supplicant/dbus-wpa_supplicant.conf -+++ wpa_supplicant-0.6.9/wpa_supplicant/dbus-wpa_supplicant.conf -@@ -4,13 +4,10 @@ - - - -- - -- -- -- -- -- -- -- -+ -+ -+ -+ - diff --git a/wpa_supplicant-pkcs11-init-args.patch b/wpa_supplicant-pkcs11-init-args.patch deleted file mode 100644 index d10ba23..0000000 --- a/wpa_supplicant-pkcs11-init-args.patch +++ /dev/null @@ -1,247 +0,0 @@ -diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h ---- BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-05-05 11:47:15.000000000 +0200 -@@ -32,6 +32,7 @@ - const char *opensc_engine_path; - const char *pkcs11_engine_path; - const char *pkcs11_module_path; -+ const char *pkcs11_module_init_args; - }; - - /** -diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c ---- BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-05-05 11:47:15.000000000 +0200 -@@ -667,9 +667,11 @@ - * tls_engine_load_dynamic_pkcs11 - load the pkcs11 engine provided by opensc - * @pkcs11_so_path: pksc11_so_path from the configuration - * @pcks11_module_path: pkcs11_module_path from the configuration -+ * @pkcs11_module_init_args: pkcs11_module_init_args from the configuration - */ - static int tls_engine_load_dynamic_pkcs11(const char *pkcs11_so_path, -- const char *pkcs11_module_path) -+ const char *pkcs11_module_path, -+ const char *pkcs11_module_init_args) - { - char *engine_id = "pkcs11"; - const char *pre_cmd[] = { -@@ -682,6 +684,7 @@ - }; - const char *post_cmd[] = { - "MODULE_PATH", NULL /* pkcs11_module_path */, -+ "INIT_ARGS", NULL /* pkcs11_module_init_args */, - NULL, NULL - }; - -@@ -692,6 +695,9 @@ - pre_cmd[3] = engine_id; - post_cmd[1] = pkcs11_module_path; - -+ if (pkcs11_module_init_args) -+ post_cmd[3] = pkcs11_module_init_args; -+ - wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s", - pkcs11_so_path); - -@@ -761,7 +767,8 @@ - - if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) || - tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path, -- conf->pkcs11_module_path)) { -+ conf->pkcs11_module_path, -+ conf->pkcs11_module_init_args)) { - tls_deinit(ssl); - return NULL; - } -diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c ---- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-05-05 11:47:15.000000000 +0200 -@@ -1834,6 +1834,7 @@ - conf.opensc_engine_path = ctx->opensc_engine_path; - conf.pkcs11_engine_path = ctx->pkcs11_engine_path; - conf.pkcs11_module_path = ctx->pkcs11_module_path; -+ conf.pkcs11_module_init_args = ctx->pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - conf.wps = ctx->wps; - -diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h ---- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-05-05 11:47:15.000000000 +0200 -@@ -198,6 +198,15 @@ - * module is not loaded. - */ - const char *pkcs11_module_path; -+ -+ /** -+ * pkcs11_module_init_args - The initialization arguments to the OpenSSL -+ * OpenSC/PKCS#11 module. -+ * -+ * This is an OpenSSL specific configuration option for configuring -+ * the initialization arguments of the PKCS#11 module. -+ */ -+ const char *pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - /** -diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c ---- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-05-05 11:47:15.000000000 +0200 -@@ -1188,6 +1188,7 @@ - tlsconf.opensc_engine_path = conf->opensc_engine_path; - tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path; - tlsconf.pkcs11_module_path = conf->pkcs11_module_path; -+ tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args; - sm->ssl_ctx = tls_init(&tlsconf); - if (sm->ssl_ctx == NULL) { - wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS " -diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h ---- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-05-05 11:48:04.000000000 +0200 -@@ -246,6 +246,13 @@ - */ - const char *pkcs11_module_path; - /** -+ * pkcs11_module_init_args - OpenSC PKCS#11 module initialization -+ * arguments for OpenSSL engine. -+ * -+ * Usually, NULL. -+ */ -+ const char *pkcs11_module_init_args; -+ /** - * wps - WPS context data - * - * This is only used by EAP-WSC and can be left %NULL if not available. -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:47:15.000000000 +0200 -@@ -1580,6 +1580,7 @@ - os_free(config->opensc_engine_path); - os_free(config->pkcs11_engine_path); - os_free(config->pkcs11_module_path); -+ os_free(config->pkcs11_module_init_args); - #endif /* EAP_TLS_OPENSSL */ - os_free(config->driver_param); - os_free(config->device_name); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:24.000000000 +0200 -@@ -444,6 +444,7 @@ - { STR(opensc_engine_path) }, - { STR(pkcs11_engine_path) }, - { STR(pkcs11_module_path) }, -+ { STR(pkcs11_module_init_args) }, - #endif /* EAP_TLS_OPENSSL */ - { STR(driver_param) }, - { INT(dot11RSNAConfigPMKLifetime) }, -@@ -854,6 +855,9 @@ - if (config->pkcs11_module_path) - fprintf(f, "pkcs11_module_path=%s\n", - config->pkcs11_module_path); -+ if (config->pkcs11_module_init_args) -+ fprintf(f, "pkcs11_module_init_args=%s\n", -+ config->pkcs11_module_init_args); - #endif /* EAP_TLS_OPENSSL */ - if (config->driver_param) - fprintf(f, "driver_param=%s\n", config->driver_param); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:47:15.000000000 +0200 -@@ -195,6 +195,15 @@ - * module is not loaded. - */ - char *pkcs11_module_path; -+ -+ /** -+ * pkcs11_module_init_args - The initialization arguments to the OpenSSL -+ * OpenSC/PKCS#11 module. -+ * -+ * This is an OpenSSL specific configuration option for configuring -+ * the initialization arguments of the PKCS#11 module. -+ */ -+ char *pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - /** -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:47:15.000000000 +0200 -@@ -866,7 +866,7 @@ - static const char *dont_quote[] = { - "key_mgmt", "proto", "pairwise", "auth_alg", "group", "eap", - "opensc_engine_path", "pkcs11_engine_path", "pkcs11_module_path", -- "bssid", NULL -+ "pkcs11_module_init_args", "bssid", NULL - }; - - static dbus_bool_t should_quote_opt(const char *key) -@@ -1204,6 +1204,7 @@ - char *opensc_engine_path = NULL; - char *pkcs11_engine_path = NULL; - char *pkcs11_module_path = NULL; -+ char *pkcs11_module_init_args = NULL; - struct wpa_dbus_dict_entry entry; - - if (!dbus_message_iter_init(message, &iter)) -@@ -1230,6 +1231,11 @@ - pkcs11_module_path = os_strdup(entry.str_value); - if (pkcs11_module_path == NULL) - goto error; -+ } else if (!strcmp(entry.key, "pkcs11_module_init_args") && -+ (entry.type == DBUS_TYPE_STRING)) { -+ pkcs11_module_init_args = os_strdup(entry.str_value); -+ if (pkcs11_module_init_args == NULL) -+ goto error; - } else { - wpa_dbus_dict_entry_clear(&entry); - goto error; -@@ -1244,6 +1250,8 @@ - wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path; - os_free(wpa_s->conf->pkcs11_module_path); - wpa_s->conf->pkcs11_module_path = pkcs11_module_path; -+ os_free(wpa_s->conf->pkcs11_module_init_args); -+ wpa_s->conf->pkcs11_module_init_args = pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - eapol_sm_deinit(wpa_s->eapol); -@@ -1257,6 +1265,7 @@ - os_free(opensc_engine_path); - os_free(pkcs11_engine_path); - os_free(pkcs11_module_path); -+ os_free(pkcs11_module_init_args); - return wpas_dbus_new_invalid_opts_error(message, NULL); - } - -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-05-05 11:47:15.000000000 +0200 -@@ -408,6 +408,7 @@ - ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; - ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; - ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; -+ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - wpa_s->eapol = eapol_sm_init(ctx); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-05-05 11:47:15.000000000 +0200 -@@ -557,6 +557,7 @@ - ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; - ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; - ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; -+ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - ctx->wps = wpa_s->wps; - ctx->eap_param_needed = wpa_supplicant_eap_param_needed; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:47:15.000000000 +0200 -@@ -577,7 +577,7 @@ - wpa_s->current_ssid = NULL; - /* - * TODO: should notify EAPOL SM about changes in opensc_engine_path, -- * pkcs11_engine_path, pkcs11_module_path. -+ * pkcs11_engine_path, pkcs11_module_path, pkcs11_module_init_args. - */ - if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { - /* diff --git a/wpa_supplicant-roaming.patch b/wpa_supplicant-roaming.patch deleted file mode 100644 index 7c8a4bc..0000000 --- a/wpa_supplicant-roaming.patch +++ /dev/null @@ -1,307 +0,0 @@ -diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h ---- BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-05-04 14:26:47.000000000 +0200 -@@ -963,6 +963,8 @@ - */ - int (*set_mode)(void *priv, int mode); - -+ int (*get_default_roaming)(void *priv); -+ - /** - * set_country - Set country - * @priv: Private driver interface data -@@ -1147,7 +1149,13 @@ - * FT authentication sequence from the AP. The FT IEs are included in - * the extra information in union wpa_event_data::ft_ies. - */ -- EVENT_FT_RESPONSE -+ EVENT_FT_RESPONSE, -+ -+ /** -+ * EVENT_ROAMING_THRESHOLD - Roaming threshold exceeded -+ */ -+ EVENT_ROAMING_THRESHOLD -+ - } wpa_event_type; - - -diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c ---- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:32:17.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:28:20.000000000 +0200 -@@ -524,10 +524,18 @@ - drv->assoc_req_ies = NULL; - os_free(drv->assoc_resp_ies); - drv->assoc_resp_ies = NULL; -+ -+ /* stop monitoring the signal quality */ -+ eloop_cancel_timeout(wpa_driver_wext_monitor_quality, drv, drv->ctx); -+ - wpa_supplicant_event(ctx, EVENT_DISASSOC, - NULL); - - } else { -+ /* start monitoring the signal quality */ -+ eloop_register_timeout(5, 0, wpa_driver_wext_monitor_quality, drv, -+ drv->ctx); -+ - wpa_driver_wext_event_assoc_ies(drv); - wpa_supplicant_event(ctx, EVENT_ASSOC, NULL); - } -@@ -891,6 +899,30 @@ - return wpa_driver_wext_set_ifflags_ifname(drv, drv->ifname, flags); - } - -+void wpa_driver_wext_set_default_roaming(struct wpa_driver_wext_data *drv) -+{ -+ /* ugly hack to enable roaming only for the iwlwifi driver */ -+ char buf[256]; -+ char line[256]; -+ FILE* f; -+ -+ /* the driver we want roaming enabled for */ -+ char* driver = "DRIVER=iwlagn"; -+ -+ /* lookup this interface in sysfs */ -+ snprintf(buf, sizeof(buf),"/sys/class/net/%s/device/uevent", drv->ifname); -+ if ( (f = fopen(buf, "r")) ) { -+ while (fgets(line, sizeof(line), f)) { -+ if (strstr (line, driver)) { -+ /* iwlwifi found -> enable roaming */ -+ drv->default_roaming = 1; -+ break; -+ } -+ } -+ fclose(f); -+ f = NULL; -+ } -+} - - /** - * wpa_driver_wext_init - Initialize WE driver interface -@@ -942,6 +974,9 @@ - - drv->mlme_sock = -1; - -+ drv->default_roaming = 0; -+ wpa_driver_wext_set_default_roaming(drv); -+ - wpa_driver_wext_finish_drv_init(drv); - - return drv; -@@ -1017,6 +1052,7 @@ - int flags; - - eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx); -+ eloop_cancel_timeout(wpa_driver_wext_monitor_quality, drv, drv->ctx); - - /* - * Clear possibly configured driver parameters in order to make it -@@ -1058,6 +1094,69 @@ - wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL); - } - -+/** -+ * wpa_driver_wext_monitor_quality - Monitor the signal quality -+ * @eloop_ctx: Unused -+ * @timeout_ctx: ctx argument given to wpa_driver_wext_init() -+ */ -+void wpa_driver_wext_monitor_quality(void *eloop_ctx, void *timeout_ctx) -+{ -+ struct iwreq iwr; -+ struct iw_statistics stats; -+ struct wpa_driver_wext_data *drv = (struct wpa_driver_wext_data *) eloop_ctx; -+ int timeout_sec; -+ -+ os_memset(&iwr, 0, sizeof(iwr)); -+ os_memset(&stats, 0, sizeof(stats)); -+ -+ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); -+ -+ iwr.u.data.pointer = (caddr_t) &stats; -+ iwr.u.data.length = sizeof(stats); -+ iwr.u.data.flags = 1; -+ -+ if (ioctl(drv->ioctl_sock, SIOCGIWSTATS, &iwr) < 0) { -+ perror("ioctl[SIOCGIWSTATS]"); -+ return; -+ } -+ -+ if (stats.qual.qual < (int) (0.4f * (float)drv->max_qual)) -+ { -+ if (++drv->low_signal_count >= 3) -+ { -+ wpa_printf(MSG_DEBUG, "Signal quality low (%i/%i)", stats.qual.qual, drv->max_qual); -+ drv->low_signal_count = 0; -+ wpa_supplicant_event(drv->ctx, EVENT_ROAMING_THRESHOLD, NULL); -+ /* next measurement in 5 seconds */ -+ eloop_register_timeout(5, 0, wpa_driver_wext_monitor_quality, drv, drv->ctx); -+ } -+ else -+ { -+ /* next measurment in 100ms */ -+ eloop_register_timeout(0, 100000, wpa_driver_wext_monitor_quality, drv, drv->ctx); -+ } -+ return; -+ } -+ drv->low_signal_count = 0; -+ -+ if (stats.qual.qual < (int) (0.6f * (float)drv->max_qual)) -+ timeout_sec = 2; -+ else if (stats.qual.qual < (int) (0.8f * (float)drv->max_qual)) -+ timeout_sec = 5; -+ else -+ timeout_sec = 10; -+ -+ eloop_register_timeout(timeout_sec, 0, wpa_driver_wext_monitor_quality, drv, drv->ctx); -+} -+ -+/** -+ * wpa_driver_get_default_roaming - Enable/Disable roaming per default -+ */ -+int wpa_driver_get_default_roaming(void *priv) -+{ -+ struct wpa_driver_wext_data *drv = priv; -+ return drv->default_roaming; -+} - - /** - * wpa_driver_wext_scan - Request the driver to initiate scan -@@ -1610,6 +1709,7 @@ - if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE) - drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; - -+ drv->max_qual = range->max_qual.qual; - wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x " - "flags 0x%x", - drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags); -@@ -2388,4 +2488,5 @@ - .flush_pmkid = wpa_driver_wext_flush_pmkid, - .get_capa = wpa_driver_wext_get_capa, - .set_operstate = wpa_driver_wext_set_operstate, -+ .get_default_roaming = wpa_driver_get_default_roaming, - }; -diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h ---- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-05-04 14:26:04.000000000 +0200 -@@ -43,6 +43,9 @@ - char mlmedev[IFNAMSIZ + 1]; - - int scan_complete_events; -+ int low_signal_count; -+ int max_qual; -+ int default_roaming; - }; - - int wpa_driver_wext_get_ifflags(struct wpa_driver_wext_data *drv, int *flags); -@@ -61,6 +64,7 @@ - struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv); - - void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx); -+void wpa_driver_wext_monitor_quality(void *eloop_ctx, void *timeout_ctx); - - int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv, - const char *ifname); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-04 14:26:04.000000000 +0200 -@@ -1943,6 +1943,7 @@ - config->eapol_version = DEFAULT_EAPOL_VERSION; - config->ap_scan = DEFAULT_AP_SCAN; - config->fast_reauth = DEFAULT_FAST_REAUTH; -+ config->roaming = DEFAULT_ROAMING; - - if (ctrl_interface) - config->ctrl_interface = os_strdup(ctrl_interface); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-04 14:31:03.000000000 +0200 -@@ -306,6 +306,12 @@ - return 0; - } - -+static int wpa_config_process_roaming(struct wpa_config *config, char *pos) -+{ -+ config->roaming = atoi(pos); -+ wpa_printf(MSG_DEBUG, "roaming=%d", config->roaming); -+ return 0; -+} - - static int wpa_config_parse_str(const struct global_parse_data *data, - struct wpa_config *config, int line, -@@ -457,6 +463,7 @@ - { STR(device_type) }, - { FUNC(os_version) }, - { INT_RANGE(wps_cred_processing, 0, 2) }, -+ { FUNC(roaming) }, - #endif /* CONFIG_WPS */ - { FUNC(country) } - }; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-04 14:26:04.000000000 +0200 -@@ -22,6 +22,7 @@ - #define DEFAULT_AP_SCAN 1 - #endif /* CONFIG_NO_SCAN_PROCESSING */ - #define DEFAULT_FAST_REAUTH 1 -+#define DEFAULT_ROAMING -1 - - #include "config_ssid.h" - -@@ -244,6 +245,11 @@ - int update_config; - - /** -+ * roaming -+ */ -+ int roaming; -+ -+ /** - * blobs - Configuration blobs - */ - struct wpa_config_blob *blobs; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-05-04 14:26:04.000000000 +0200 -@@ -706,6 +706,21 @@ - } - #endif /* CONFIG_NO_SCAN_PROCESSING */ - -+static void wpa_supplicant_event_roaming_threshold(struct wpa_supplicant *wpa_s) -+{ -+ struct os_time t1, t2; -+ os_get_time(&t1); -+ os_time_sub(&t1, &(wpa_s->last_roaming_attempt), &t2); -+ if (wpa_s->conf->roaming > 0 -+ || (wpa_s->conf->roaming == -1 -+ && wpa_s->driver->get_default_roaming -+ && wpa_s->driver->get_default_roaming(wpa_s->drv_priv))) -+ /* limit the scan triggering to one every 20 seconds */ -+ if (t2.sec > 20) { -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ os_get_time(&(wpa_s->last_roaming_attempt)); -+ } -+} - - static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, - union wpa_event_data *data) -@@ -1114,6 +1129,9 @@ - wpa_supplicant_event_ft_response(wpa_s, data); - break; - #endif /* CONFIG_IEEE80211R */ -+ case EVENT_ROAMING_THRESHOLD: -+ wpa_supplicant_event_roaming_threshold(wpa_s); -+ break; - default: - wpa_printf(MSG_INFO, "Unknown event %d", event); - break; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-05-04 14:32:01.000000000 +0200 -@@ -350,6 +350,7 @@ - struct wpa_client_mlme mlme; - int use_client_mlme; - int driver_4way_handshake; -+ struct os_time last_roaming_attempt; - - int pending_mic_error_report; - int pending_mic_error_pairwise; diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index a34ed91..8fc3914 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,3 +1,74 @@ +------------------------------------------------------------------- +Tue Sep 7 23:08:14 CEST 2010 - vbotka@suse.de + +- update to 0.7.3 + * fixed fallback from failed PMKSA caching into full EAP authentication + [Bug 355] + * fixed issue with early D-Bus signals during initialization + * fixed X.509 name handling in internal TLS + * fixed WPS ER to use corrent Enrollee MAC Address in Credential + * fixed scanning routines ot improve AP selection for WPS + * added WPS workaround for open networks + * fixed WPS Diffie-Hellman derivation to use correct public key length + * fixed wpa_supplicant AP mode operations to ignore Supplicant and + scan result events + * improved SME operations with nl80211 + * fixed WPS ER event_id handling in some cases + * fixed some issues with bgscan simple to avoid unnecessary scans + * fixed issue with l2_packet_ndis overlapped writes corrupting stack + [Bug 328] + * updated WinPcap to the latest stable version 4.1.2 in Windows + installer + + update to 0.7.2 + * nl80211: fixed number of issues with roaming + * avoid unnecessary roaming if multiple APs with similar signal + strength are present in scan results + * add TLS client events and server probing to ease design of + automatic detection of EAP parameters + * add option for server certificate matching (SHA256 hash of the + certificate) instead of trusted CA certificate configuration + * bsd: Cleaned up driver wrapper and added various low-level + configuration options + * wpa_gui-qt4: do not show too frequent WPS AP available events as + tray messages + * TNC: fixed issues with fragmentation + * EAP-TNC: add Flags field into fragment acknowledgement (needed to + interoperate with other implementations; may potentially breaks + compatibility with older wpa_supplicant/hostapd versions) + * wpa_cli: added option for using a separate process to receive event + messages to reduce latency in showing these + (CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this) + * maximum BSS table size can now be configured (bss_max_count) + * BSSes to be included in the BSS table can be filtered based on + configured SSIDs to save memory (filter_ssids) + * fix number of issues with IEEE 802.11r/FT; this version is not + backwards compatible with old versions + * nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air + and over-the-DS) + * add freq_list network configuration parameter to allow the AP + selection to filter out entries based on the operating channel + * add signal strength change events for bgscan; this allows more + dynamic changes to background scanning interval based on changes in + the signal strength with the current AP; this improves roaming within + ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network + configuration block to request background scans less frequently when + signal strength remains good and to automatically trigger background + scans whenever signal strength drops noticeably + (this is currently only available with nl80211) + * add BSSID and reason code (if available) to disconnect event messages + * wpa_gui-qt4: more complete support for translating the GUI with + linguist and add German translation + * fix DH padding with internal crypto code (mainly, for WPS) + * do not trigger initial scan automatically anymore if there are no + enabled networks + +------------------------------------------------------------------- +Fri May 28 12:49:53 CEST 2010 - vbotka@suse.de + +- Fix fallback from failed PMKSA caching into full EAP authentication + (bnc 601501) + ------------------------------------------------------------------- Sun Jan 31 13:13:46 UTC 2010 - aj@suse.de diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 61d9d12..94be712 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -21,7 +21,7 @@ Name: wpa_supplicant BuildRequires: dbus-1-devel libnl-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel Url: http://hostap.epitest.fi/wpa_supplicant/ -Version: 0.7.1 +Version: 0.7.3 Release: 1 License: BSD3c(or similar) ; GPLv2+ Group: Productivity/Networking/Other @@ -39,12 +39,6 @@ Patch1: wpa_supplicant-flush-debug-output.patch # is not portable Patch2: wpa_supplicant-sigusr1-changes-debuglevel.patch Patch4: wpa_supplicant-errormsg.patch -Patch6: wpa_supplicant-fix_dbus_config.patch -#Patch7: wpa_supplicant-fix_dbus_config2.patch -# wpa_supplicant-roaming.patch won't go upstream as it is an ugly hack, once -# roaming is implemented in a clean way this patch should be removed -Patch8: wpa_supplicant-roaming.patch -Patch9: wpa_supplicant-pkcs11-init-args.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: logrotate @@ -55,7 +49,6 @@ negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. - Authors: -------- Jouni Malinen @@ -71,7 +64,6 @@ This package contains a graphical front-end to wpa_supplicant, an implementation of the WPA Supplicant component. - Authors: -------- Jouni Malinen @@ -84,13 +76,6 @@ cp %{SOURCE1} wpa_supplicant/.config %patch1 -p0 %patch2 -p0 %patch4 -p0 -# Patch does not apply anymore -#%patch6 -p1 -#patch7 -p1 -# Patch does not apply anymore -#%patch8 -p2 -# Patch does not apply anymore -#%patch9 -p2 %build cd wpa_supplicant From 4bf035f20531e8147853ab4897a5d785882044d3daf33fbc8ce69aa46a1342e9 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Tue, 21 Sep 2010 16:13:17 +0000 Subject: [PATCH 5/6] Accepting request 48679 from hardware checked in (request 48679) OBS-URL: https://build.opensuse.org/request/show/48679 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=12 --- ...back_From_Failed_PMKSA_Into_Full_EAP.patch | 52 +++ wpa_supplicant-0.7.1.tar.bz2 | 3 + wpa_supplicant-0.7.3.tar.bz2 | 3 - wpa_supplicant-fix_dbus_config.patch | 23 ++ wpa_supplicant-pkcs11-init-args.patch | 247 ++++++++++++++ wpa_supplicant-roaming.patch | 307 ++++++++++++++++++ wpa_supplicant.changes | 65 ---- wpa_supplicant.spec | 21 +- 8 files changed, 651 insertions(+), 70 deletions(-) create mode 100644 Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch create mode 100644 wpa_supplicant-0.7.1.tar.bz2 delete mode 100644 wpa_supplicant-0.7.3.tar.bz2 create mode 100644 wpa_supplicant-fix_dbus_config.patch create mode 100644 wpa_supplicant-pkcs11-init-args.patch create mode 100644 wpa_supplicant-roaming.patch diff --git a/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch b/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch new file mode 100644 index 0000000..b1a7024 --- /dev/null +++ b/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch @@ -0,0 +1,52 @@ +commit b4a1256d3660a2b5239062a9b42de79b8a34286a +Author: Jouni Malinen +Date: Sat May 1 17:35:28 2010 +0300 + + Fix fallback from failed PMKSA caching into full EAP authentication + + Commit 83935317a78fb4157eb6e5134527b9311dbf7b8c added forced + disconnection in case of 4-way handshake failures. However, it should + not have changed the case where the supplicant is requesting fallback + to full EAP authentication if the PMKID in EAPOL-Key message 1/4 is + not know. This case needs to send an EAPOL-Start frame instead of + EAPOL-Key message 2/4. + + This works around a problem with APs that try to force PMKSA caching + even when the client does not include PMKID in (re)association request + frame to request it. [Bug 355] + +diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c +index 885d173..9439f97 100644 +--- src/rsn_supp/wpa.c ++++ src/rsn_supp/wpa.c +@@ -231,6 +231,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, + wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, + buf, buflen); + os_free(buf); ++ return -2; + } + + return -1; +@@ -361,6 +362,7 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, + struct wpa_eapol_ie_parse ie; + struct wpa_ptk *ptk; + u8 buf[8]; ++ int res; + + if (wpa_sm_get_network_ctx(sm) == NULL) { + wpa_printf(MSG_WARNING, "WPA: No SSID info found (msg 1 of " +@@ -388,7 +390,13 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, + } + #endif /* CONFIG_NO_WPA2 */ + +- if (wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid)) ++ res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); ++ if (res == -2) { ++ wpa_printf(MSG_DEBUG, "RSN: Do not reply to msg 1/4 - " ++ "requesting full EAP authentication"); ++ return; ++ } ++ if (res) + goto failed; + + if (sm->renew_snonce) { diff --git a/wpa_supplicant-0.7.1.tar.bz2 b/wpa_supplicant-0.7.1.tar.bz2 new file mode 100644 index 0000000..77e3438 --- /dev/null +++ b/wpa_supplicant-0.7.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:dc7258286d2eb87c470abca13e19135b3e0a9bc84d7be8a8500e73a560cc9b65 +size 1263708 diff --git a/wpa_supplicant-0.7.3.tar.bz2 b/wpa_supplicant-0.7.3.tar.bz2 deleted file mode 100644 index ff0768a..0000000 --- a/wpa_supplicant-0.7.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:495bb18e0fd682f143ec46715f6b2d6ce57ddc6f6dbd0d40603f0d2cef458b3a -size 1290000 diff --git a/wpa_supplicant-fix_dbus_config.patch b/wpa_supplicant-fix_dbus_config.patch new file mode 100644 index 0000000..7db1cde --- /dev/null +++ b/wpa_supplicant-fix_dbus_config.patch @@ -0,0 +1,23 @@ +Index: wpa_supplicant-0.6.9/wpa_supplicant/dbus-wpa_supplicant.conf +=================================================================== +--- wpa_supplicant-0.6.9.orig/wpa_supplicant/dbus-wpa_supplicant.conf ++++ wpa_supplicant-0.6.9/wpa_supplicant/dbus-wpa_supplicant.conf +@@ -4,13 +4,10 @@ + + + +- + +- +- +- +- +- +- +- ++ ++ ++ ++ + diff --git a/wpa_supplicant-pkcs11-init-args.patch b/wpa_supplicant-pkcs11-init-args.patch new file mode 100644 index 0000000..d10ba23 --- /dev/null +++ b/wpa_supplicant-pkcs11-init-args.patch @@ -0,0 +1,247 @@ +diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h +--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-05-05 11:47:15.000000000 +0200 +@@ -32,6 +32,7 @@ + const char *opensc_engine_path; + const char *pkcs11_engine_path; + const char *pkcs11_module_path; ++ const char *pkcs11_module_init_args; + }; + + /** +diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c +--- BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-05-05 11:47:15.000000000 +0200 +@@ -667,9 +667,11 @@ + * tls_engine_load_dynamic_pkcs11 - load the pkcs11 engine provided by opensc + * @pkcs11_so_path: pksc11_so_path from the configuration + * @pcks11_module_path: pkcs11_module_path from the configuration ++ * @pkcs11_module_init_args: pkcs11_module_init_args from the configuration + */ + static int tls_engine_load_dynamic_pkcs11(const char *pkcs11_so_path, +- const char *pkcs11_module_path) ++ const char *pkcs11_module_path, ++ const char *pkcs11_module_init_args) + { + char *engine_id = "pkcs11"; + const char *pre_cmd[] = { +@@ -682,6 +684,7 @@ + }; + const char *post_cmd[] = { + "MODULE_PATH", NULL /* pkcs11_module_path */, ++ "INIT_ARGS", NULL /* pkcs11_module_init_args */, + NULL, NULL + }; + +@@ -692,6 +695,9 @@ + pre_cmd[3] = engine_id; + post_cmd[1] = pkcs11_module_path; + ++ if (pkcs11_module_init_args) ++ post_cmd[3] = pkcs11_module_init_args; ++ + wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s", + pkcs11_so_path); + +@@ -761,7 +767,8 @@ + + if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) || + tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path, +- conf->pkcs11_module_path)) { ++ conf->pkcs11_module_path, ++ conf->pkcs11_module_init_args)) { + tls_deinit(ssl); + return NULL; + } +diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c +--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-05-05 11:47:15.000000000 +0200 +@@ -1834,6 +1834,7 @@ + conf.opensc_engine_path = ctx->opensc_engine_path; + conf.pkcs11_engine_path = ctx->pkcs11_engine_path; + conf.pkcs11_module_path = ctx->pkcs11_module_path; ++ conf.pkcs11_module_init_args = ctx->pkcs11_module_init_args; + #endif /* EAP_TLS_OPENSSL */ + conf.wps = ctx->wps; + +diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h +--- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-05-05 11:47:15.000000000 +0200 +@@ -198,6 +198,15 @@ + * module is not loaded. + */ + const char *pkcs11_module_path; ++ ++ /** ++ * pkcs11_module_init_args - The initialization arguments to the OpenSSL ++ * OpenSC/PKCS#11 module. ++ * ++ * This is an OpenSSL specific configuration option for configuring ++ * the initialization arguments of the PKCS#11 module. ++ */ ++ const char *pkcs11_module_init_args; + #endif /* EAP_TLS_OPENSSL */ + + /** +diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c +--- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-05-05 11:47:15.000000000 +0200 +@@ -1188,6 +1188,7 @@ + tlsconf.opensc_engine_path = conf->opensc_engine_path; + tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path; + tlsconf.pkcs11_module_path = conf->pkcs11_module_path; ++ tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args; + sm->ssl_ctx = tls_init(&tlsconf); + if (sm->ssl_ctx == NULL) { + wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS " +diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h +--- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-05-05 11:48:04.000000000 +0200 +@@ -246,6 +246,13 @@ + */ + const char *pkcs11_module_path; + /** ++ * pkcs11_module_init_args - OpenSC PKCS#11 module initialization ++ * arguments for OpenSSL engine. ++ * ++ * Usually, NULL. ++ */ ++ const char *pkcs11_module_init_args; ++ /** + * wps - WPS context data + * + * This is only used by EAP-WSC and can be left %NULL if not available. +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:49:45.000000000 +0200 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:47:15.000000000 +0200 +@@ -1580,6 +1580,7 @@ + os_free(config->opensc_engine_path); + os_free(config->pkcs11_engine_path); + os_free(config->pkcs11_module_path); ++ os_free(config->pkcs11_module_init_args); + #endif /* EAP_TLS_OPENSSL */ + os_free(config->driver_param); + os_free(config->device_name); +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:45.000000000 +0200 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:24.000000000 +0200 +@@ -444,6 +444,7 @@ + { STR(opensc_engine_path) }, + { STR(pkcs11_engine_path) }, + { STR(pkcs11_module_path) }, ++ { STR(pkcs11_module_init_args) }, + #endif /* EAP_TLS_OPENSSL */ + { STR(driver_param) }, + { INT(dot11RSNAConfigPMKLifetime) }, +@@ -854,6 +855,9 @@ + if (config->pkcs11_module_path) + fprintf(f, "pkcs11_module_path=%s\n", + config->pkcs11_module_path); ++ if (config->pkcs11_module_init_args) ++ fprintf(f, "pkcs11_module_init_args=%s\n", ++ config->pkcs11_module_init_args); + #endif /* EAP_TLS_OPENSSL */ + if (config->driver_param) + fprintf(f, "driver_param=%s\n", config->driver_param); +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:49:45.000000000 +0200 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:47:15.000000000 +0200 +@@ -195,6 +195,15 @@ + * module is not loaded. + */ + char *pkcs11_module_path; ++ ++ /** ++ * pkcs11_module_init_args - The initialization arguments to the OpenSSL ++ * OpenSC/PKCS#11 module. ++ * ++ * This is an OpenSSL specific configuration option for configuring ++ * the initialization arguments of the PKCS#11 module. ++ */ ++ char *pkcs11_module_init_args; + #endif /* EAP_TLS_OPENSSL */ + + /** +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:49:45.000000000 +0200 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:47:15.000000000 +0200 +@@ -866,7 +866,7 @@ + static const char *dont_quote[] = { + "key_mgmt", "proto", "pairwise", "auth_alg", "group", "eap", + "opensc_engine_path", "pkcs11_engine_path", "pkcs11_module_path", +- "bssid", NULL ++ "pkcs11_module_init_args", "bssid", NULL + }; + + static dbus_bool_t should_quote_opt(const char *key) +@@ -1204,6 +1204,7 @@ + char *opensc_engine_path = NULL; + char *pkcs11_engine_path = NULL; + char *pkcs11_module_path = NULL; ++ char *pkcs11_module_init_args = NULL; + struct wpa_dbus_dict_entry entry; + + if (!dbus_message_iter_init(message, &iter)) +@@ -1230,6 +1231,11 @@ + pkcs11_module_path = os_strdup(entry.str_value); + if (pkcs11_module_path == NULL) + goto error; ++ } else if (!strcmp(entry.key, "pkcs11_module_init_args") && ++ (entry.type == DBUS_TYPE_STRING)) { ++ pkcs11_module_init_args = os_strdup(entry.str_value); ++ if (pkcs11_module_init_args == NULL) ++ goto error; + } else { + wpa_dbus_dict_entry_clear(&entry); + goto error; +@@ -1244,6 +1250,8 @@ + wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path; + os_free(wpa_s->conf->pkcs11_module_path); + wpa_s->conf->pkcs11_module_path = pkcs11_module_path; ++ os_free(wpa_s->conf->pkcs11_module_init_args); ++ wpa_s->conf->pkcs11_module_init_args = pkcs11_module_init_args; + #endif /* EAP_TLS_OPENSSL */ + + eapol_sm_deinit(wpa_s->eapol); +@@ -1257,6 +1265,7 @@ + os_free(opensc_engine_path); + os_free(pkcs11_engine_path); + os_free(pkcs11_module_path); ++ os_free(pkcs11_module_init_args); + return wpas_dbus_new_invalid_opts_error(message, NULL); + } + +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-05-05 11:47:15.000000000 +0200 +@@ -408,6 +408,7 @@ + ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; + ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; + ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; ++ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args; + #endif /* EAP_TLS_OPENSSL */ + + wpa_s->eapol = eapol_sm_init(ctx); +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-05-05 11:47:15.000000000 +0200 +@@ -557,6 +557,7 @@ + ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; + ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; + ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; ++ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args; + #endif /* EAP_TLS_OPENSSL */ + ctx->wps = wpa_s->wps; + ctx->eap_param_needed = wpa_supplicant_eap_param_needed; +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:49:45.000000000 +0200 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:47:15.000000000 +0200 +@@ -577,7 +577,7 @@ + wpa_s->current_ssid = NULL; + /* + * TODO: should notify EAPOL SM about changes in opensc_engine_path, +- * pkcs11_engine_path, pkcs11_module_path. ++ * pkcs11_engine_path, pkcs11_module_path, pkcs11_module_init_args. + */ + if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { + /* diff --git a/wpa_supplicant-roaming.patch b/wpa_supplicant-roaming.patch new file mode 100644 index 0000000..7c8a4bc --- /dev/null +++ b/wpa_supplicant-roaming.patch @@ -0,0 +1,307 @@ +diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h +--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-05-04 14:26:47.000000000 +0200 +@@ -963,6 +963,8 @@ + */ + int (*set_mode)(void *priv, int mode); + ++ int (*get_default_roaming)(void *priv); ++ + /** + * set_country - Set country + * @priv: Private driver interface data +@@ -1147,7 +1149,13 @@ + * FT authentication sequence from the AP. The FT IEs are included in + * the extra information in union wpa_event_data::ft_ies. + */ +- EVENT_FT_RESPONSE ++ EVENT_FT_RESPONSE, ++ ++ /** ++ * EVENT_ROAMING_THRESHOLD - Roaming threshold exceeded ++ */ ++ EVENT_ROAMING_THRESHOLD ++ + } wpa_event_type; + + +diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c +--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:32:17.000000000 +0200 ++++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:28:20.000000000 +0200 +@@ -524,10 +524,18 @@ + drv->assoc_req_ies = NULL; + os_free(drv->assoc_resp_ies); + drv->assoc_resp_ies = NULL; ++ ++ /* stop monitoring the signal quality */ ++ eloop_cancel_timeout(wpa_driver_wext_monitor_quality, drv, drv->ctx); ++ + wpa_supplicant_event(ctx, EVENT_DISASSOC, + NULL); + + } else { ++ /* start monitoring the signal quality */ ++ eloop_register_timeout(5, 0, wpa_driver_wext_monitor_quality, drv, ++ drv->ctx); ++ + wpa_driver_wext_event_assoc_ies(drv); + wpa_supplicant_event(ctx, EVENT_ASSOC, NULL); + } +@@ -891,6 +899,30 @@ + return wpa_driver_wext_set_ifflags_ifname(drv, drv->ifname, flags); + } + ++void wpa_driver_wext_set_default_roaming(struct wpa_driver_wext_data *drv) ++{ ++ /* ugly hack to enable roaming only for the iwlwifi driver */ ++ char buf[256]; ++ char line[256]; ++ FILE* f; ++ ++ /* the driver we want roaming enabled for */ ++ char* driver = "DRIVER=iwlagn"; ++ ++ /* lookup this interface in sysfs */ ++ snprintf(buf, sizeof(buf),"/sys/class/net/%s/device/uevent", drv->ifname); ++ if ( (f = fopen(buf, "r")) ) { ++ while (fgets(line, sizeof(line), f)) { ++ if (strstr (line, driver)) { ++ /* iwlwifi found -> enable roaming */ ++ drv->default_roaming = 1; ++ break; ++ } ++ } ++ fclose(f); ++ f = NULL; ++ } ++} + + /** + * wpa_driver_wext_init - Initialize WE driver interface +@@ -942,6 +974,9 @@ + + drv->mlme_sock = -1; + ++ drv->default_roaming = 0; ++ wpa_driver_wext_set_default_roaming(drv); ++ + wpa_driver_wext_finish_drv_init(drv); + + return drv; +@@ -1017,6 +1052,7 @@ + int flags; + + eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx); ++ eloop_cancel_timeout(wpa_driver_wext_monitor_quality, drv, drv->ctx); + + /* + * Clear possibly configured driver parameters in order to make it +@@ -1058,6 +1094,69 @@ + wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL); + } + ++/** ++ * wpa_driver_wext_monitor_quality - Monitor the signal quality ++ * @eloop_ctx: Unused ++ * @timeout_ctx: ctx argument given to wpa_driver_wext_init() ++ */ ++void wpa_driver_wext_monitor_quality(void *eloop_ctx, void *timeout_ctx) ++{ ++ struct iwreq iwr; ++ struct iw_statistics stats; ++ struct wpa_driver_wext_data *drv = (struct wpa_driver_wext_data *) eloop_ctx; ++ int timeout_sec; ++ ++ os_memset(&iwr, 0, sizeof(iwr)); ++ os_memset(&stats, 0, sizeof(stats)); ++ ++ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); ++ ++ iwr.u.data.pointer = (caddr_t) &stats; ++ iwr.u.data.length = sizeof(stats); ++ iwr.u.data.flags = 1; ++ ++ if (ioctl(drv->ioctl_sock, SIOCGIWSTATS, &iwr) < 0) { ++ perror("ioctl[SIOCGIWSTATS]"); ++ return; ++ } ++ ++ if (stats.qual.qual < (int) (0.4f * (float)drv->max_qual)) ++ { ++ if (++drv->low_signal_count >= 3) ++ { ++ wpa_printf(MSG_DEBUG, "Signal quality low (%i/%i)", stats.qual.qual, drv->max_qual); ++ drv->low_signal_count = 0; ++ wpa_supplicant_event(drv->ctx, EVENT_ROAMING_THRESHOLD, NULL); ++ /* next measurement in 5 seconds */ ++ eloop_register_timeout(5, 0, wpa_driver_wext_monitor_quality, drv, drv->ctx); ++ } ++ else ++ { ++ /* next measurment in 100ms */ ++ eloop_register_timeout(0, 100000, wpa_driver_wext_monitor_quality, drv, drv->ctx); ++ } ++ return; ++ } ++ drv->low_signal_count = 0; ++ ++ if (stats.qual.qual < (int) (0.6f * (float)drv->max_qual)) ++ timeout_sec = 2; ++ else if (stats.qual.qual < (int) (0.8f * (float)drv->max_qual)) ++ timeout_sec = 5; ++ else ++ timeout_sec = 10; ++ ++ eloop_register_timeout(timeout_sec, 0, wpa_driver_wext_monitor_quality, drv, drv->ctx); ++} ++ ++/** ++ * wpa_driver_get_default_roaming - Enable/Disable roaming per default ++ */ ++int wpa_driver_get_default_roaming(void *priv) ++{ ++ struct wpa_driver_wext_data *drv = priv; ++ return drv->default_roaming; ++} + + /** + * wpa_driver_wext_scan - Request the driver to initiate scan +@@ -1610,6 +1709,7 @@ + if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE) + drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; + ++ drv->max_qual = range->max_qual.qual; + wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x " + "flags 0x%x", + drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags); +@@ -2388,4 +2488,5 @@ + .flush_pmkid = wpa_driver_wext_flush_pmkid, + .get_capa = wpa_driver_wext_get_capa, + .set_operstate = wpa_driver_wext_set_operstate, ++ .get_default_roaming = wpa_driver_get_default_roaming, + }; +diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h +--- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-05-04 14:26:04.000000000 +0200 +@@ -43,6 +43,9 @@ + char mlmedev[IFNAMSIZ + 1]; + + int scan_complete_events; ++ int low_signal_count; ++ int max_qual; ++ int default_roaming; + }; + + int wpa_driver_wext_get_ifflags(struct wpa_driver_wext_data *drv, int *flags); +@@ -61,6 +64,7 @@ + struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv); + + void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx); ++void wpa_driver_wext_monitor_quality(void *eloop_ctx, void *timeout_ctx); + + int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv, + const char *ifname); +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-04 14:26:04.000000000 +0200 +@@ -1943,6 +1943,7 @@ + config->eapol_version = DEFAULT_EAPOL_VERSION; + config->ap_scan = DEFAULT_AP_SCAN; + config->fast_reauth = DEFAULT_FAST_REAUTH; ++ config->roaming = DEFAULT_ROAMING; + + if (ctrl_interface) + config->ctrl_interface = os_strdup(ctrl_interface); +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-04 14:31:03.000000000 +0200 +@@ -306,6 +306,12 @@ + return 0; + } + ++static int wpa_config_process_roaming(struct wpa_config *config, char *pos) ++{ ++ config->roaming = atoi(pos); ++ wpa_printf(MSG_DEBUG, "roaming=%d", config->roaming); ++ return 0; ++} + + static int wpa_config_parse_str(const struct global_parse_data *data, + struct wpa_config *config, int line, +@@ -457,6 +463,7 @@ + { STR(device_type) }, + { FUNC(os_version) }, + { INT_RANGE(wps_cred_processing, 0, 2) }, ++ { FUNC(roaming) }, + #endif /* CONFIG_WPS */ + { FUNC(country) } + }; +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-04 14:26:04.000000000 +0200 +@@ -22,6 +22,7 @@ + #define DEFAULT_AP_SCAN 1 + #endif /* CONFIG_NO_SCAN_PROCESSING */ + #define DEFAULT_FAST_REAUTH 1 ++#define DEFAULT_ROAMING -1 + + #include "config_ssid.h" + +@@ -244,6 +245,11 @@ + int update_config; + + /** ++ * roaming ++ */ ++ int roaming; ++ ++ /** + * blobs - Configuration blobs + */ + struct wpa_config_blob *blobs; +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-05-04 14:26:04.000000000 +0200 +@@ -706,6 +706,21 @@ + } + #endif /* CONFIG_NO_SCAN_PROCESSING */ + ++static void wpa_supplicant_event_roaming_threshold(struct wpa_supplicant *wpa_s) ++{ ++ struct os_time t1, t2; ++ os_get_time(&t1); ++ os_time_sub(&t1, &(wpa_s->last_roaming_attempt), &t2); ++ if (wpa_s->conf->roaming > 0 ++ || (wpa_s->conf->roaming == -1 ++ && wpa_s->driver->get_default_roaming ++ && wpa_s->driver->get_default_roaming(wpa_s->drv_priv))) ++ /* limit the scan triggering to one every 20 seconds */ ++ if (t2.sec > 20) { ++ wpa_supplicant_req_scan(wpa_s, 0, 0); ++ os_get_time(&(wpa_s->last_roaming_attempt)); ++ } ++} + + static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, + union wpa_event_data *data) +@@ -1114,6 +1129,9 @@ + wpa_supplicant_event_ft_response(wpa_s, data); + break; + #endif /* CONFIG_IEEE80211R */ ++ case EVENT_ROAMING_THRESHOLD: ++ wpa_supplicant_event_roaming_threshold(wpa_s); ++ break; + default: + wpa_printf(MSG_INFO, "Unknown event %d", event); + break; +diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h +--- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-03-23 15:06:28.000000000 +0100 ++++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-05-04 14:32:01.000000000 +0200 +@@ -350,6 +350,7 @@ + struct wpa_client_mlme mlme; + int use_client_mlme; + int driver_4way_handshake; ++ struct os_time last_roaming_attempt; + + int pending_mic_error_report; + int pending_mic_error_pairwise; diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index 8fc3914..8b353ff 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,68 +1,3 @@ -------------------------------------------------------------------- -Tue Sep 7 23:08:14 CEST 2010 - vbotka@suse.de - -- update to 0.7.3 - * fixed fallback from failed PMKSA caching into full EAP authentication - [Bug 355] - * fixed issue with early D-Bus signals during initialization - * fixed X.509 name handling in internal TLS - * fixed WPS ER to use corrent Enrollee MAC Address in Credential - * fixed scanning routines ot improve AP selection for WPS - * added WPS workaround for open networks - * fixed WPS Diffie-Hellman derivation to use correct public key length - * fixed wpa_supplicant AP mode operations to ignore Supplicant and - scan result events - * improved SME operations with nl80211 - * fixed WPS ER event_id handling in some cases - * fixed some issues with bgscan simple to avoid unnecessary scans - * fixed issue with l2_packet_ndis overlapped writes corrupting stack - [Bug 328] - * updated WinPcap to the latest stable version 4.1.2 in Windows - installer - - update to 0.7.2 - * nl80211: fixed number of issues with roaming - * avoid unnecessary roaming if multiple APs with similar signal - strength are present in scan results - * add TLS client events and server probing to ease design of - automatic detection of EAP parameters - * add option for server certificate matching (SHA256 hash of the - certificate) instead of trusted CA certificate configuration - * bsd: Cleaned up driver wrapper and added various low-level - configuration options - * wpa_gui-qt4: do not show too frequent WPS AP available events as - tray messages - * TNC: fixed issues with fragmentation - * EAP-TNC: add Flags field into fragment acknowledgement (needed to - interoperate with other implementations; may potentially breaks - compatibility with older wpa_supplicant/hostapd versions) - * wpa_cli: added option for using a separate process to receive event - messages to reduce latency in showing these - (CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this) - * maximum BSS table size can now be configured (bss_max_count) - * BSSes to be included in the BSS table can be filtered based on - configured SSIDs to save memory (filter_ssids) - * fix number of issues with IEEE 802.11r/FT; this version is not - backwards compatible with old versions - * nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air - and over-the-DS) - * add freq_list network configuration parameter to allow the AP - selection to filter out entries based on the operating channel - * add signal strength change events for bgscan; this allows more - dynamic changes to background scanning interval based on changes in - the signal strength with the current AP; this improves roaming within - ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network - configuration block to request background scans less frequently when - signal strength remains good and to automatically trigger background - scans whenever signal strength drops noticeably - (this is currently only available with nl80211) - * add BSSID and reason code (if available) to disconnect event messages - * wpa_gui-qt4: more complete support for translating the GUI with - linguist and add German translation - * fix DH padding with internal crypto code (mainly, for WPS) - * do not trigger initial scan automatically anymore if there are no - enabled networks - ------------------------------------------------------------------- Fri May 28 12:49:53 CEST 2010 - vbotka@suse.de diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 94be712..0060988 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -21,8 +21,8 @@ Name: wpa_supplicant BuildRequires: dbus-1-devel libnl-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel Url: http://hostap.epitest.fi/wpa_supplicant/ -Version: 0.7.3 -Release: 1 +Version: 0.7.1 +Release: 2 License: BSD3c(or similar) ; GPLv2+ Group: Productivity/Networking/Other Summary: WPA supplicant implementation @@ -39,6 +39,13 @@ Patch1: wpa_supplicant-flush-debug-output.patch # is not portable Patch2: wpa_supplicant-sigusr1-changes-debuglevel.patch Patch4: wpa_supplicant-errormsg.patch +Patch6: wpa_supplicant-fix_dbus_config.patch +#Patch7: wpa_supplicant-fix_dbus_config2.patch +# wpa_supplicant-roaming.patch won't go upstream as it is an ugly hack, once +# roaming is implemented in a clean way this patch should be removed +Patch8: wpa_supplicant-roaming.patch +Patch9: wpa_supplicant-pkcs11-init-args.patch +Patch10: Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: logrotate @@ -49,6 +56,7 @@ negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. + Authors: -------- Jouni Malinen @@ -64,6 +72,7 @@ This package contains a graphical front-end to wpa_supplicant, an implementation of the WPA Supplicant component. + Authors: -------- Jouni Malinen @@ -76,6 +85,14 @@ cp %{SOURCE1} wpa_supplicant/.config %patch1 -p0 %patch2 -p0 %patch4 -p0 +# Patch does not apply anymore +#%patch6 -p1 +#patch7 -p1 +# Patch does not apply anymore +#%patch8 -p2 +# Patch does not apply anymore +#%patch9 -p2 +%patch10 -p0 %build cd wpa_supplicant From 700e23ec90dbe744abea6834790adacd56615534b3c45ede428b2f2cb6da9642 Mon Sep 17 00:00:00 2001 From: Andreas Jaeger Date: Tue, 19 Apr 2011 15:15:05 +0000 Subject: [PATCH 6/6] Accepting request 64557 from home:dimstar:branches:GNOME:Factory approved, see also bnc#681116 OBS-URL: https://build.opensuse.org/request/show/64557 OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=13 --- ...back_From_Failed_PMKSA_Into_Full_EAP.patch | 52 --- fi.w1.wpa_supplicant1.service | 4 + wpa_supplicant-0.7.1.tar.bz2 | 3 - wpa_supplicant-0.7.3.tar.bz2 | 3 + wpa_supplicant-dbus-events.patch | 62 ++++ wpa_supplicant-fix_dbus_config.patch | 23 -- wpa_supplicant-pkcs11-init-args.patch | 247 -------------- wpa_supplicant-roaming.patch | 307 ------------------ wpa_supplicant.changes | 75 +++++ wpa_supplicant.spec | 28 +- 10 files changed, 152 insertions(+), 652 deletions(-) delete mode 100644 Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch create mode 100644 fi.w1.wpa_supplicant1.service delete mode 100644 wpa_supplicant-0.7.1.tar.bz2 create mode 100644 wpa_supplicant-0.7.3.tar.bz2 create mode 100644 wpa_supplicant-dbus-events.patch delete mode 100644 wpa_supplicant-fix_dbus_config.patch delete mode 100644 wpa_supplicant-pkcs11-init-args.patch delete mode 100644 wpa_supplicant-roaming.patch diff --git a/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch b/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch deleted file mode 100644 index b1a7024..0000000 --- a/Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch +++ /dev/null @@ -1,52 +0,0 @@ -commit b4a1256d3660a2b5239062a9b42de79b8a34286a -Author: Jouni Malinen -Date: Sat May 1 17:35:28 2010 +0300 - - Fix fallback from failed PMKSA caching into full EAP authentication - - Commit 83935317a78fb4157eb6e5134527b9311dbf7b8c added forced - disconnection in case of 4-way handshake failures. However, it should - not have changed the case where the supplicant is requesting fallback - to full EAP authentication if the PMKID in EAPOL-Key message 1/4 is - not know. This case needs to send an EAPOL-Start frame instead of - EAPOL-Key message 2/4. - - This works around a problem with APs that try to force PMKSA caching - even when the client does not include PMKID in (re)association request - frame to request it. [Bug 355] - -diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c -index 885d173..9439f97 100644 ---- src/rsn_supp/wpa.c -+++ src/rsn_supp/wpa.c -@@ -231,6 +231,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, - wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, - buf, buflen); - os_free(buf); -+ return -2; - } - - return -1; -@@ -361,6 +362,7 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, - struct wpa_eapol_ie_parse ie; - struct wpa_ptk *ptk; - u8 buf[8]; -+ int res; - - if (wpa_sm_get_network_ctx(sm) == NULL) { - wpa_printf(MSG_WARNING, "WPA: No SSID info found (msg 1 of " -@@ -388,7 +390,13 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, - } - #endif /* CONFIG_NO_WPA2 */ - -- if (wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid)) -+ res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); -+ if (res == -2) { -+ wpa_printf(MSG_DEBUG, "RSN: Do not reply to msg 1/4 - " -+ "requesting full EAP authentication"); -+ return; -+ } -+ if (res) - goto failed; - - if (sm->renew_snonce) { diff --git a/fi.w1.wpa_supplicant1.service b/fi.w1.wpa_supplicant1.service new file mode 100644 index 0000000..b308ec2 --- /dev/null +++ b/fi.w1.wpa_supplicant1.service @@ -0,0 +1,4 @@ +[D-BUS Service] +Name=fi.w1.wpa_supplicant1 +Exec=/usr/sbin/wpa_supplicant -u +User=root diff --git a/wpa_supplicant-0.7.1.tar.bz2 b/wpa_supplicant-0.7.1.tar.bz2 deleted file mode 100644 index 77e3438..0000000 --- a/wpa_supplicant-0.7.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dc7258286d2eb87c470abca13e19135b3e0a9bc84d7be8a8500e73a560cc9b65 -size 1263708 diff --git a/wpa_supplicant-0.7.3.tar.bz2 b/wpa_supplicant-0.7.3.tar.bz2 new file mode 100644 index 0000000..ff0768a --- /dev/null +++ b/wpa_supplicant-0.7.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:495bb18e0fd682f143ec46715f6b2d6ce57ddc6f6dbd0d40603f0d2cef458b3a +size 1290000 diff --git a/wpa_supplicant-dbus-events.patch b/wpa_supplicant-dbus-events.patch new file mode 100644 index 0000000..f819e74 --- /dev/null +++ b/wpa_supplicant-dbus-events.patch @@ -0,0 +1,62 @@ +From b80b5639935d37b95d00f86b57f2844a9c775f57 Mon Sep 17 00:00:00 2001 +From: Dan Williams +Date: Fri, 17 Dec 2010 15:56:01 +0200 +Subject: [PATCH 1/1] dbus: Emit property changed events when adding/removing BSSes + +The supplicant was not emitting property changed events when the BSSs +property changed. + +Signed-off-by: Dan Williams +(cherry picked from commit 1e6288df6b07a353a9246b77e0de2a840b5f2c72) +--- + wpa_supplicant/dbus/dbus_new.c | 6 ++++++ + wpa_supplicant/dbus/dbus_new.h | 1 + + 2 files changed, 7 insertions(+), 0 deletions(-) + +diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c +index bdfbbac..c66640a 100644 +--- a/wpa_supplicant/dbus/dbus_new.c ++++ b/wpa_supplicant/dbus/dbus_new.c +@@ -691,6 +691,10 @@ void wpas_dbus_signal_prop_changed(struct wpa_supplicant *wpa_s, + wpas_dbus_getter_current_network; + prop = "CurrentNetwork"; + break; ++ case WPAS_DBUS_PROP_BSSS: ++ getter = (WPADBusPropertyAccessor) wpas_dbus_getter_bsss; ++ prop = "BSSs"; ++ break; + default: + wpa_printf(MSG_ERROR, "dbus: %s: Unknown Property value %d", + __func__, property); +@@ -1199,6 +1203,7 @@ int wpas_dbus_unregister_bss(struct wpa_supplicant *wpa_s, + } + + wpas_dbus_signal_bss_removed(wpa_s, bss_obj_path); ++ wpas_dbus_signal_prop_changed(wpa_s, WPAS_DBUS_PROP_BSSS); + + return 0; + } +@@ -1263,6 +1268,7 @@ int wpas_dbus_register_bss(struct wpa_supplicant *wpa_s, + } + + wpas_dbus_signal_bss_added(wpa_s, bss_obj_path); ++ wpas_dbus_signal_prop_changed(wpa_s, WPAS_DBUS_PROP_BSSS); + + return 0; + +diff --git a/wpa_supplicant/dbus/dbus_new.h b/wpa_supplicant/dbus/dbus_new.h +index 80ea98c..9cdefcb 100644 +--- a/wpa_supplicant/dbus/dbus_new.h ++++ b/wpa_supplicant/dbus/dbus_new.h +@@ -30,6 +30,7 @@ enum wpas_dbus_prop { + WPAS_DBUS_PROP_STATE, + WPAS_DBUS_PROP_CURRENT_BSS, + WPAS_DBUS_PROP_CURRENT_NETWORK, ++ WPAS_DBUS_PROP_BSSS, + }; + + enum wpas_dbus_bss_prop { +-- +1.7.4-rc1 + + diff --git a/wpa_supplicant-fix_dbus_config.patch b/wpa_supplicant-fix_dbus_config.patch deleted file mode 100644 index 7db1cde..0000000 --- a/wpa_supplicant-fix_dbus_config.patch +++ /dev/null @@ -1,23 +0,0 @@ -Index: wpa_supplicant-0.6.9/wpa_supplicant/dbus-wpa_supplicant.conf -=================================================================== ---- wpa_supplicant-0.6.9.orig/wpa_supplicant/dbus-wpa_supplicant.conf -+++ wpa_supplicant-0.6.9/wpa_supplicant/dbus-wpa_supplicant.conf -@@ -4,13 +4,10 @@ - - - -- - -- -- -- -- -- -- -- -+ -+ -+ -+ - diff --git a/wpa_supplicant-pkcs11-init-args.patch b/wpa_supplicant-pkcs11-init-args.patch deleted file mode 100644 index d10ba23..0000000 --- a/wpa_supplicant-pkcs11-init-args.patch +++ /dev/null @@ -1,247 +0,0 @@ -diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h ---- BUILD/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls.h 2009-05-05 11:47:15.000000000 +0200 -@@ -32,6 +32,7 @@ - const char *opensc_engine_path; - const char *pkcs11_engine_path; - const char *pkcs11_module_path; -+ const char *pkcs11_module_init_args; - }; - - /** -diff -ur BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c ---- BUILD/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/crypto/tls_openssl.c 2009-05-05 11:47:15.000000000 +0200 -@@ -667,9 +667,11 @@ - * tls_engine_load_dynamic_pkcs11 - load the pkcs11 engine provided by opensc - * @pkcs11_so_path: pksc11_so_path from the configuration - * @pcks11_module_path: pkcs11_module_path from the configuration -+ * @pkcs11_module_init_args: pkcs11_module_init_args from the configuration - */ - static int tls_engine_load_dynamic_pkcs11(const char *pkcs11_so_path, -- const char *pkcs11_module_path) -+ const char *pkcs11_module_path, -+ const char *pkcs11_module_init_args) - { - char *engine_id = "pkcs11"; - const char *pre_cmd[] = { -@@ -682,6 +684,7 @@ - }; - const char *post_cmd[] = { - "MODULE_PATH", NULL /* pkcs11_module_path */, -+ "INIT_ARGS", NULL /* pkcs11_module_init_args */, - NULL, NULL - }; - -@@ -692,6 +695,9 @@ - pre_cmd[3] = engine_id; - post_cmd[1] = pkcs11_module_path; - -+ if (pkcs11_module_init_args) -+ post_cmd[3] = pkcs11_module_init_args; -+ - wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s", - pkcs11_so_path); - -@@ -761,7 +767,8 @@ - - if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) || - tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path, -- conf->pkcs11_module_path)) { -+ conf->pkcs11_module_path, -+ conf->pkcs11_module_init_args)) { - tls_deinit(ssl); - return NULL; - } -diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c ---- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.c 2009-05-05 11:47:15.000000000 +0200 -@@ -1834,6 +1834,7 @@ - conf.opensc_engine_path = ctx->opensc_engine_path; - conf.pkcs11_engine_path = ctx->pkcs11_engine_path; - conf.pkcs11_module_path = ctx->pkcs11_module_path; -+ conf.pkcs11_module_init_args = ctx->pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - conf.wps = ctx->wps; - -diff -ur BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h ---- BUILD/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eapol_supp/eapol_supp_sm.h 2009-05-05 11:47:15.000000000 +0200 -@@ -198,6 +198,15 @@ - * module is not loaded. - */ - const char *pkcs11_module_path; -+ -+ /** -+ * pkcs11_module_init_args - The initialization arguments to the OpenSSL -+ * OpenSC/PKCS#11 module. -+ * -+ * This is an OpenSSL specific configuration option for configuring -+ * the initialization arguments of the PKCS#11 module. -+ */ -+ const char *pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - /** -diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c ---- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.c 2009-05-05 11:47:15.000000000 +0200 -@@ -1188,6 +1188,7 @@ - tlsconf.opensc_engine_path = conf->opensc_engine_path; - tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path; - tlsconf.pkcs11_module_path = conf->pkcs11_module_path; -+ tlsconf.pkcs11_module_init_args = conf->pkcs11_module_init_args; - sm->ssl_ctx = tls_init(&tlsconf); - if (sm->ssl_ctx == NULL) { - wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS " -diff -ur BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h ---- BUILD/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/eap_peer/eap.h 2009-05-05 11:48:04.000000000 +0200 -@@ -246,6 +246,13 @@ - */ - const char *pkcs11_module_path; - /** -+ * pkcs11_module_init_args - OpenSC PKCS#11 module initialization -+ * arguments for OpenSSL engine. -+ * -+ * Usually, NULL. -+ */ -+ const char *pkcs11_module_init_args; -+ /** - * wps - WPS context data - * - * This is only used by EAP-WSC and can be left %NULL if not available. -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-05 11:47:15.000000000 +0200 -@@ -1580,6 +1580,7 @@ - os_free(config->opensc_engine_path); - os_free(config->pkcs11_engine_path); - os_free(config->pkcs11_module_path); -+ os_free(config->pkcs11_module_init_args); - #endif /* EAP_TLS_OPENSSL */ - os_free(config->driver_param); - os_free(config->device_name); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-05 11:49:24.000000000 +0200 -@@ -444,6 +444,7 @@ - { STR(opensc_engine_path) }, - { STR(pkcs11_engine_path) }, - { STR(pkcs11_module_path) }, -+ { STR(pkcs11_module_init_args) }, - #endif /* EAP_TLS_OPENSSL */ - { STR(driver_param) }, - { INT(dot11RSNAConfigPMKLifetime) }, -@@ -854,6 +855,9 @@ - if (config->pkcs11_module_path) - fprintf(f, "pkcs11_module_path=%s\n", - config->pkcs11_module_path); -+ if (config->pkcs11_module_init_args) -+ fprintf(f, "pkcs11_module_init_args=%s\n", -+ config->pkcs11_module_init_args); - #endif /* EAP_TLS_OPENSSL */ - if (config->driver_param) - fprintf(f, "driver_param=%s\n", config->driver_param); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-05 11:47:15.000000000 +0200 -@@ -195,6 +195,15 @@ - * module is not loaded. - */ - char *pkcs11_module_path; -+ -+ /** -+ * pkcs11_module_init_args - The initialization arguments to the OpenSSL -+ * OpenSC/PKCS#11 module. -+ * -+ * This is an OpenSSL specific configuration option for configuring -+ * the initialization arguments of the PKCS#11 module. -+ */ -+ char *pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - /** -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/ctrl_iface_dbus_handlers.c 2009-05-05 11:47:15.000000000 +0200 -@@ -866,7 +866,7 @@ - static const char *dont_quote[] = { - "key_mgmt", "proto", "pairwise", "auth_alg", "group", "eap", - "opensc_engine_path", "pkcs11_engine_path", "pkcs11_module_path", -- "bssid", NULL -+ "pkcs11_module_init_args", "bssid", NULL - }; - - static dbus_bool_t should_quote_opt(const char *key) -@@ -1204,6 +1204,7 @@ - char *opensc_engine_path = NULL; - char *pkcs11_engine_path = NULL; - char *pkcs11_module_path = NULL; -+ char *pkcs11_module_init_args = NULL; - struct wpa_dbus_dict_entry entry; - - if (!dbus_message_iter_init(message, &iter)) -@@ -1230,6 +1231,11 @@ - pkcs11_module_path = os_strdup(entry.str_value); - if (pkcs11_module_path == NULL) - goto error; -+ } else if (!strcmp(entry.key, "pkcs11_module_init_args") && -+ (entry.type == DBUS_TYPE_STRING)) { -+ pkcs11_module_init_args = os_strdup(entry.str_value); -+ if (pkcs11_module_init_args == NULL) -+ goto error; - } else { - wpa_dbus_dict_entry_clear(&entry); - goto error; -@@ -1244,6 +1250,8 @@ - wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path; - os_free(wpa_s->conf->pkcs11_module_path); - wpa_s->conf->pkcs11_module_path = pkcs11_module_path; -+ os_free(wpa_s->conf->pkcs11_module_init_args); -+ wpa_s->conf->pkcs11_module_init_args = pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - eapol_sm_deinit(wpa_s->eapol); -@@ -1257,6 +1265,7 @@ - os_free(opensc_engine_path); - os_free(pkcs11_engine_path); - os_free(pkcs11_module_path); -+ os_free(pkcs11_module_init_args); - return wpas_dbus_new_invalid_opts_error(message, NULL); - } - -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/eapol_test.c 2009-05-05 11:47:15.000000000 +0200 -@@ -408,6 +408,7 @@ - ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; - ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; - ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; -+ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - - wpa_s->eapol = eapol_sm_init(ctx); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpas_glue.c 2009-05-05 11:47:15.000000000 +0200 -@@ -557,6 +557,7 @@ - ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; - ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; - ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; -+ ctx->pkcs11_module_init_args = wpa_s->conf->pkcs11_module_init_args; - #endif /* EAP_TLS_OPENSSL */ - ctx->wps = wpa_s->wps; - ctx->eap_param_needed = wpa_supplicant_eap_param_needed; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:49:45.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant.c 2009-05-05 11:47:15.000000000 +0200 -@@ -577,7 +577,7 @@ - wpa_s->current_ssid = NULL; - /* - * TODO: should notify EAPOL SM about changes in opensc_engine_path, -- * pkcs11_engine_path, pkcs11_module_path. -+ * pkcs11_engine_path, pkcs11_module_path, pkcs11_module_init_args. - */ - if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { - /* diff --git a/wpa_supplicant-roaming.patch b/wpa_supplicant-roaming.patch deleted file mode 100644 index 7c8a4bc..0000000 --- a/wpa_supplicant-roaming.patch +++ /dev/null @@ -1,307 +0,0 @@ -diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h ---- BUILD/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver.h 2009-05-04 14:26:47.000000000 +0200 -@@ -963,6 +963,8 @@ - */ - int (*set_mode)(void *priv, int mode); - -+ int (*get_default_roaming)(void *priv); -+ - /** - * set_country - Set country - * @priv: Private driver interface data -@@ -1147,7 +1149,13 @@ - * FT authentication sequence from the AP. The FT IEs are included in - * the extra information in union wpa_event_data::ft_ies. - */ -- EVENT_FT_RESPONSE -+ EVENT_FT_RESPONSE, -+ -+ /** -+ * EVENT_ROAMING_THRESHOLD - Roaming threshold exceeded -+ */ -+ EVENT_ROAMING_THRESHOLD -+ - } wpa_event_type; - - -diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c ---- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:32:17.000000000 +0200 -+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.c 2009-05-04 14:28:20.000000000 +0200 -@@ -524,10 +524,18 @@ - drv->assoc_req_ies = NULL; - os_free(drv->assoc_resp_ies); - drv->assoc_resp_ies = NULL; -+ -+ /* stop monitoring the signal quality */ -+ eloop_cancel_timeout(wpa_driver_wext_monitor_quality, drv, drv->ctx); -+ - wpa_supplicant_event(ctx, EVENT_DISASSOC, - NULL); - - } else { -+ /* start monitoring the signal quality */ -+ eloop_register_timeout(5, 0, wpa_driver_wext_monitor_quality, drv, -+ drv->ctx); -+ - wpa_driver_wext_event_assoc_ies(drv); - wpa_supplicant_event(ctx, EVENT_ASSOC, NULL); - } -@@ -891,6 +899,30 @@ - return wpa_driver_wext_set_ifflags_ifname(drv, drv->ifname, flags); - } - -+void wpa_driver_wext_set_default_roaming(struct wpa_driver_wext_data *drv) -+{ -+ /* ugly hack to enable roaming only for the iwlwifi driver */ -+ char buf[256]; -+ char line[256]; -+ FILE* f; -+ -+ /* the driver we want roaming enabled for */ -+ char* driver = "DRIVER=iwlagn"; -+ -+ /* lookup this interface in sysfs */ -+ snprintf(buf, sizeof(buf),"/sys/class/net/%s/device/uevent", drv->ifname); -+ if ( (f = fopen(buf, "r")) ) { -+ while (fgets(line, sizeof(line), f)) { -+ if (strstr (line, driver)) { -+ /* iwlwifi found -> enable roaming */ -+ drv->default_roaming = 1; -+ break; -+ } -+ } -+ fclose(f); -+ f = NULL; -+ } -+} - - /** - * wpa_driver_wext_init - Initialize WE driver interface -@@ -942,6 +974,9 @@ - - drv->mlme_sock = -1; - -+ drv->default_roaming = 0; -+ wpa_driver_wext_set_default_roaming(drv); -+ - wpa_driver_wext_finish_drv_init(drv); - - return drv; -@@ -1017,6 +1052,7 @@ - int flags; - - eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx); -+ eloop_cancel_timeout(wpa_driver_wext_monitor_quality, drv, drv->ctx); - - /* - * Clear possibly configured driver parameters in order to make it -@@ -1058,6 +1094,69 @@ - wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL); - } - -+/** -+ * wpa_driver_wext_monitor_quality - Monitor the signal quality -+ * @eloop_ctx: Unused -+ * @timeout_ctx: ctx argument given to wpa_driver_wext_init() -+ */ -+void wpa_driver_wext_monitor_quality(void *eloop_ctx, void *timeout_ctx) -+{ -+ struct iwreq iwr; -+ struct iw_statistics stats; -+ struct wpa_driver_wext_data *drv = (struct wpa_driver_wext_data *) eloop_ctx; -+ int timeout_sec; -+ -+ os_memset(&iwr, 0, sizeof(iwr)); -+ os_memset(&stats, 0, sizeof(stats)); -+ -+ os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); -+ -+ iwr.u.data.pointer = (caddr_t) &stats; -+ iwr.u.data.length = sizeof(stats); -+ iwr.u.data.flags = 1; -+ -+ if (ioctl(drv->ioctl_sock, SIOCGIWSTATS, &iwr) < 0) { -+ perror("ioctl[SIOCGIWSTATS]"); -+ return; -+ } -+ -+ if (stats.qual.qual < (int) (0.4f * (float)drv->max_qual)) -+ { -+ if (++drv->low_signal_count >= 3) -+ { -+ wpa_printf(MSG_DEBUG, "Signal quality low (%i/%i)", stats.qual.qual, drv->max_qual); -+ drv->low_signal_count = 0; -+ wpa_supplicant_event(drv->ctx, EVENT_ROAMING_THRESHOLD, NULL); -+ /* next measurement in 5 seconds */ -+ eloop_register_timeout(5, 0, wpa_driver_wext_monitor_quality, drv, drv->ctx); -+ } -+ else -+ { -+ /* next measurment in 100ms */ -+ eloop_register_timeout(0, 100000, wpa_driver_wext_monitor_quality, drv, drv->ctx); -+ } -+ return; -+ } -+ drv->low_signal_count = 0; -+ -+ if (stats.qual.qual < (int) (0.6f * (float)drv->max_qual)) -+ timeout_sec = 2; -+ else if (stats.qual.qual < (int) (0.8f * (float)drv->max_qual)) -+ timeout_sec = 5; -+ else -+ timeout_sec = 10; -+ -+ eloop_register_timeout(timeout_sec, 0, wpa_driver_wext_monitor_quality, drv, drv->ctx); -+} -+ -+/** -+ * wpa_driver_get_default_roaming - Enable/Disable roaming per default -+ */ -+int wpa_driver_get_default_roaming(void *priv) -+{ -+ struct wpa_driver_wext_data *drv = priv; -+ return drv->default_roaming; -+} - - /** - * wpa_driver_wext_scan - Request the driver to initiate scan -@@ -1610,6 +1709,7 @@ - if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE) - drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE; - -+ drv->max_qual = range->max_qual.qual; - wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x " - "flags 0x%x", - drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags); -@@ -2388,4 +2488,5 @@ - .flush_pmkid = wpa_driver_wext_flush_pmkid, - .get_capa = wpa_driver_wext_get_capa, - .set_operstate = wpa_driver_wext_set_operstate, -+ .get_default_roaming = wpa_driver_get_default_roaming, - }; -diff -ur BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h ---- BUILD/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/src/drivers/driver_wext.h 2009-05-04 14:26:04.000000000 +0200 -@@ -43,6 +43,9 @@ - char mlmedev[IFNAMSIZ + 1]; - - int scan_complete_events; -+ int low_signal_count; -+ int max_qual; -+ int default_roaming; - }; - - int wpa_driver_wext_get_ifflags(struct wpa_driver_wext_data *drv, int *flags); -@@ -61,6 +64,7 @@ - struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv); - - void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx); -+void wpa_driver_wext_monitor_quality(void *eloop_ctx, void *timeout_ctx); - - int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv, - const char *ifname); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.c 2009-05-04 14:26:04.000000000 +0200 -@@ -1943,6 +1943,7 @@ - config->eapol_version = DEFAULT_EAPOL_VERSION; - config->ap_scan = DEFAULT_AP_SCAN; - config->fast_reauth = DEFAULT_FAST_REAUTH; -+ config->roaming = DEFAULT_ROAMING; - - if (ctrl_interface) - config->ctrl_interface = os_strdup(ctrl_interface); -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config_file.c 2009-05-04 14:31:03.000000000 +0200 -@@ -306,6 +306,12 @@ - return 0; - } - -+static int wpa_config_process_roaming(struct wpa_config *config, char *pos) -+{ -+ config->roaming = atoi(pos); -+ wpa_printf(MSG_DEBUG, "roaming=%d", config->roaming); -+ return 0; -+} - - static int wpa_config_parse_str(const struct global_parse_data *data, - struct wpa_config *config, int line, -@@ -457,6 +463,7 @@ - { STR(device_type) }, - { FUNC(os_version) }, - { INT_RANGE(wps_cred_processing, 0, 2) }, -+ { FUNC(roaming) }, - #endif /* CONFIG_WPS */ - { FUNC(country) } - }; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/config.h 2009-05-04 14:26:04.000000000 +0200 -@@ -22,6 +22,7 @@ - #define DEFAULT_AP_SCAN 1 - #endif /* CONFIG_NO_SCAN_PROCESSING */ - #define DEFAULT_FAST_REAUTH 1 -+#define DEFAULT_ROAMING -1 - - #include "config_ssid.h" - -@@ -244,6 +245,11 @@ - int update_config; - - /** -+ * roaming -+ */ -+ int roaming; -+ -+ /** - * blobs - Configuration blobs - */ - struct wpa_config_blob *blobs; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/events.c 2009-05-04 14:26:04.000000000 +0200 -@@ -706,6 +706,21 @@ - } - #endif /* CONFIG_NO_SCAN_PROCESSING */ - -+static void wpa_supplicant_event_roaming_threshold(struct wpa_supplicant *wpa_s) -+{ -+ struct os_time t1, t2; -+ os_get_time(&t1); -+ os_time_sub(&t1, &(wpa_s->last_roaming_attempt), &t2); -+ if (wpa_s->conf->roaming > 0 -+ || (wpa_s->conf->roaming == -1 -+ && wpa_s->driver->get_default_roaming -+ && wpa_s->driver->get_default_roaming(wpa_s->drv_priv))) -+ /* limit the scan triggering to one every 20 seconds */ -+ if (t2.sec > 20) { -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ os_get_time(&(wpa_s->last_roaming_attempt)); -+ } -+} - - static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, - union wpa_event_data *data) -@@ -1114,6 +1129,9 @@ - wpa_supplicant_event_ft_response(wpa_s, data); - break; - #endif /* CONFIG_IEEE80211R */ -+ case EVENT_ROAMING_THRESHOLD: -+ wpa_supplicant_event_roaming_threshold(wpa_s); -+ break; - default: - wpa_printf(MSG_INFO, "Unknown event %d", event); - break; -diff -ur BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h ---- BUILD/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-03-23 15:06:28.000000000 +0100 -+++ BUILD2/wpa_supplicant-0.6.9/wpa_supplicant/wpa_supplicant_i.h 2009-05-04 14:32:01.000000000 +0200 -@@ -350,6 +350,7 @@ - struct wpa_client_mlme mlme; - int use_client_mlme; - int driver_4way_handshake; -+ struct os_time last_roaming_attempt; - - int pending_mic_error_report; - int pending_mic_error_pairwise; diff --git a/wpa_supplicant.changes b/wpa_supplicant.changes index 8b353ff..a41f6a6 100644 --- a/wpa_supplicant.changes +++ b/wpa_supplicant.changes @@ -1,3 +1,78 @@ +------------------------------------------------------------------- +Wed Mar 16 21:22:58 UTC 2011 - dimstar@opensuse.org + +- Add wpa_supplicant-dbus-events.patch: Emit property changed + events when adding/removing BSSes. Required by NetworkManager + 0.9 beta1 and later. +- Also install fi.w1.wpa_supplicant1.service, which was added as + source5, sourced from the wpa_supplicant source code, with + modified exec line pointing to /usr/sbin instead of /sbin. + +------------------------------------------------------------------- +Tue Sep 7 23:08:14 CEST 2010 - vbotka@suse.de + +- update to 0.7.3 + * fixed fallback from failed PMKSA caching into full EAP authentication + [Bug 355] + * fixed issue with early D-Bus signals during initialization + * fixed X.509 name handling in internal TLS + * fixed WPS ER to use corrent Enrollee MAC Address in Credential + * fixed scanning routines ot improve AP selection for WPS + * added WPS workaround for open networks + * fixed WPS Diffie-Hellman derivation to use correct public key length + * fixed wpa_supplicant AP mode operations to ignore Supplicant and + scan result events + * improved SME operations with nl80211 + * fixed WPS ER event_id handling in some cases + * fixed some issues with bgscan simple to avoid unnecessary scans + * fixed issue with l2_packet_ndis overlapped writes corrupting stack + [Bug 328] + * updated WinPcap to the latest stable version 4.1.2 in Windows + installer + + update to 0.7.2 + * nl80211: fixed number of issues with roaming + * avoid unnecessary roaming if multiple APs with similar signal + strength are present in scan results + * add TLS client events and server probing to ease design of + automatic detection of EAP parameters + * add option for server certificate matching (SHA256 hash of the + certificate) instead of trusted CA certificate configuration + * bsd: Cleaned up driver wrapper and added various low-level + configuration options + * wpa_gui-qt4: do not show too frequent WPS AP available events as + tray messages + * TNC: fixed issues with fragmentation + * EAP-TNC: add Flags field into fragment acknowledgement (needed to + interoperate with other implementations; may potentially breaks + compatibility with older wpa_supplicant/hostapd versions) + * wpa_cli: added option for using a separate process to receive event + messages to reduce latency in showing these + (CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this) + * maximum BSS table size can now be configured (bss_max_count) + * BSSes to be included in the BSS table can be filtered based on + configured SSIDs to save memory (filter_ssids) + * fix number of issues with IEEE 802.11r/FT; this version is not + backwards compatible with old versions + * nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air + and over-the-DS) + * add freq_list network configuration parameter to allow the AP + selection to filter out entries based on the operating channel + * add signal strength change events for bgscan; this allows more + dynamic changes to background scanning interval based on changes in + the signal strength with the current AP; this improves roaming within + ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network + configuration block to request background scans less frequently when + signal strength remains good and to automatically trigger background + scans whenever signal strength drops noticeably + (this is currently only available with nl80211) + * add BSSID and reason code (if available) to disconnect event messages + * wpa_gui-qt4: more complete support for translating the GUI with + linguist and add German translation + * fix DH padding with internal crypto code (mainly, for WPS) + * do not trigger initial scan automatically anymore if there are no + enabled networks + ------------------------------------------------------------------- Fri May 28 12:49:53 CEST 2010 - vbotka@suse.de diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index 0060988..99d556c 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -1,5 +1,5 @@ # -# spec file for package wpa_supplicant (Version 0.7.1) +# spec file for package wpa_supplicant (Version 0.7.3) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -21,8 +21,8 @@ Name: wpa_supplicant BuildRequires: dbus-1-devel libnl-devel libqt4 libqt4-devel openssl-devel pkg-config readline-devel Url: http://hostap.epitest.fi/wpa_supplicant/ -Version: 0.7.1 -Release: 2 +Version: 0.7.3 +Release: 1 License: BSD3c(or similar) ; GPLv2+ Group: Productivity/Networking/Other Summary: WPA supplicant implementation @@ -31,6 +31,7 @@ Source1: config Source2: %{name}.conf Source3: fi.epitest.hostap.WPASupplicant.service Source4: logrotate.wpa_supplicant +Source5: fi.w1.wpa_supplicant1.service Patch0: wpa_supplicant-driver-wext-debug.patch # wpa_supplicant-flush-debug-output.patch won't go upstream as it might # change timings @@ -39,13 +40,8 @@ Patch1: wpa_supplicant-flush-debug-output.patch # is not portable Patch2: wpa_supplicant-sigusr1-changes-debuglevel.patch Patch4: wpa_supplicant-errormsg.patch -Patch6: wpa_supplicant-fix_dbus_config.patch -#Patch7: wpa_supplicant-fix_dbus_config2.patch -# wpa_supplicant-roaming.patch won't go upstream as it is an ugly hack, once -# roaming is implemented in a clean way this patch should be removed -Patch8: wpa_supplicant-roaming.patch -Patch9: wpa_supplicant-pkcs11-init-args.patch -Patch10: Fix_Fallback_From_Failed_PMKSA_Into_Full_EAP.patch +# PATCH-FIX-UPSTREAM wpa_supplicant-dbus-events.patch dimstar@opensuse.org -- dbus: Emit property changed events when adding/removing BSSes, taken from git. +Patch5: wpa_supplicant-dbus-events.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: logrotate @@ -56,7 +52,6 @@ negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. - Authors: -------- Jouni Malinen @@ -72,7 +67,6 @@ This package contains a graphical front-end to wpa_supplicant, an implementation of the WPA Supplicant component. - Authors: -------- Jouni Malinen @@ -85,14 +79,7 @@ cp %{SOURCE1} wpa_supplicant/.config %patch1 -p0 %patch2 -p0 %patch4 -p0 -# Patch does not apply anymore -#%patch6 -p1 -#patch7 -p1 -# Patch does not apply anymore -#%patch8 -p2 -# Patch does not apply anymore -#%patch9 -p2 -%patch10 -p0 +%patch5 -p1 %build cd wpa_supplicant @@ -112,6 +99,7 @@ install -d %{buildroot}/%{_sysconfdir}/%{name} install -m 0600 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name} install -d %{buildroot}/%{_datadir}/dbus-1/system-services install -m 0644 %{SOURCE3} %{buildroot}/%{_datadir}/dbus-1/system-services +install -m 0644 %{SOURCE5} %{buildroot}/%{_datadir}/dbus-1/system-services install -d %{buildroot}/%{_sysconfdir}/logrotate.d/ install -m 644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/logrotate.d/wpa_supplicant install -d %{buildroot}/%{_localstatedir}/run/%{name}