Accepting request 237461 from home:gary_lin:branches:hardware

- Update to 2.2
- Drop wpa_supplicant-driver-wext-debug.patch and wpa_supplicant-errormsg.patch: wext is deprecated
- Enable AP mode, P2P, RSN IBSS, EAP FAST, EAP AKA, and WPS NFC

OBS-URL: https://build.opensuse.org/request/show/237461
OBS-URL: https://build.opensuse.org/package/show/hardware/wpa_supplicant?expand=0&rev=38

config

@@ -151,7 +151,7 @@ CONFIG_EAP_TTLS=y
 # functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL,
 # the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch)
 # to add the needed functions.
-#CONFIG_EAP_FAST=y
+CONFIG_EAP_FAST=y
 
 # EAP-GTC
 CONFIG_EAP_GTC=y
@@ -163,7 +163,7 @@ CONFIG_EAP_OTP=y
 #CONFIG_EAP_SIM=y
 
 # EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
-CONFIG_EAP_PSK=y
+#CONFIG_EAP_PSK=y
 
 # EAP-pwd (secure authentication using only a password)
 #CONFIG_EAP_PWD=y
@@ -175,7 +175,7 @@ CONFIG_EAP_PAX=y
 CONFIG_EAP_LEAP=y
 
 # EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
-#CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA=y
 
 # EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
 # This requires CONFIG_EAP_AKA to be enabled, too.
@@ -205,7 +205,7 @@ CONFIG_WPS_ER=y
 # registrar.
 #CONFIG_WPS_REG_DISABLE_OPEN=y
 # Enable WPS support with NFC config method
-#CONFIG_WPS_NFC=y
+CONFIG_WPS_NFC=y
 
 # EAP-IKEv2
 CONFIG_EAP_IKEV2=y
@@ -477,7 +477,7 @@ CONFIG_DEBUG_FILE=y
 #CONFIG_NO_RANDOM_POOL=y
 
 # IEEE 802.11n (High Throughput) support (mainly for AP mode)
-#CONFIG_IEEE80211N=y
+CONFIG_IEEE80211N=y
 
 # Wireless Network Management (IEEE Std 802.11v-2011)
 # Note: This is experimental and not complete implementation.
@@ -497,12 +497,12 @@ CONFIG_DEBUG_FILE=y
 # should be noted that this is mainly aimed at simple cases like
 # WPA2-Personal while more complex configurations like WPA2-Enterprise with an
 # external RADIUS server can be supported with hostapd.
-#CONFIG_AP=y
+CONFIG_AP=y
 
 # P2P (Wi-Fi Direct)
 # This can be used to enable P2P support in wpa_supplicant. See README-P2P for
 # more information on P2P operations.
-#CONFIG_P2P=y
+CONFIG_P2P=y
 
 # Autoscan
 # This can be used to enable automatic scan support in wpa_supplicant.
@@ -524,3 +524,6 @@ CONFIG_DEBUG_FILE=y
 
 # Enable background scan to improve roaming
 CONFIG_BGSCAN_SIMPLE=y
+
+# Enable RSN IBSS/AdHoc
+CONFIG_IBSS_RSN=y

wpa_supplicant-2.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2c115609fbb5223d51381084a5c944455a8afcda81d584173ff55ba233379e09
-size 2044281

wpa_supplicant-2.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e0d8b8fd68a659636eaba246bb2caacbf53d22d53b2b6b90eb4b4fef0993c8ed
+size 2382570

wpa_supplicant-driver-wext-debug.patch

@@ -1,143 +0,0 @@
-Index: src/drivers/driver_wext.c
-===================================================================
---- src/drivers/driver_wext.c.orig
-+++ src/drivers/driver_wext.c
-@@ -1901,19 +1901,26 @@ int wpa_driver_wext_associate(void *priv
- 	 * SIOCSIWENCODE here.
- 	 */
- 	if (drv->auth_alg_fallback &&
--	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
-+	    wpa_driver_wext_auth_alg_fallback(drv, params) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because auth_alg_fallback failed", __FUNCTION__);
- 		ret = -1;
-+	}
- 
- 	if (!params->bssid &&
--	    wpa_driver_wext_set_bssid(drv, NULL) < 0)
-+	    wpa_driver_wext_set_bssid(drv, NULL) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
- 		ret = -1;
-+	}
- 
- 	/* TODO: should consider getting wpa version and cipher/key_mgmt suites
- 	 * from configuration, not from here, where only the selected suite is
- 	 * available */
- 	if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
--	    < 0)
-+	    < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_gen_ie failed", __FUNCTION__);
- 		ret = -1;
-+	}
-+
- 	if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
- 		value = IW_AUTH_WPA_VERSION_DISABLED;
- 	else if (params->wpa_ie[0] == WLAN_EID_RSN)
-@@ -1921,27 +1928,41 @@ int wpa_driver_wext_associate(void *priv
- 	else
- 		value = IW_AUTH_WPA_VERSION_WPA;
- 	if (wpa_driver_wext_set_auth_param(drv,
--					   IW_AUTH_WPA_VERSION, value) < 0)
-+					   IW_AUTH_WPA_VERSION, value) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(WPA_VERSION) failed", __FUNCTION__);
- 		ret = -1;
-+	}
-+
- 	value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
- 	if (wpa_driver_wext_set_auth_param(drv,
--					   IW_AUTH_CIPHER_PAIRWISE, value) < 0)
-+					   IW_AUTH_CIPHER_PAIRWISE, value) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_PAIRWISE) failed", __FUNCTION__);
- 		ret = -1;
-+	}
-+
- 	value = wpa_driver_wext_cipher2wext(params->group_suite);
- 	if (wpa_driver_wext_set_auth_param(drv,
--					   IW_AUTH_CIPHER_GROUP, value) < 0)
-+					   IW_AUTH_CIPHER_GROUP, value) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_GROUP) failed", __FUNCTION__);
- 		ret = -1;
-+	}
-+
- 	value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
- 	if (wpa_driver_wext_set_auth_param(drv,
--					   IW_AUTH_KEY_MGMT, value) < 0)
-+					   IW_AUTH_KEY_MGMT, value) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(KEY_MGMT) failed", __FUNCTION__);
- 		ret = -1;
-+	}
-+
- 	value = params->key_mgmt_suite != KEY_MGMT_NONE ||
- 		params->pairwise_suite != CIPHER_NONE ||
- 		params->group_suite != CIPHER_NONE ||
- 		params->wpa_ie_len;
- 	if (wpa_driver_wext_set_auth_param(drv,
--					   IW_AUTH_PRIVACY_INVOKED, value) < 0)
-+					   IW_AUTH_PRIVACY_INVOKED, value) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(PRIVACY_INVOKED) failed", __FUNCTION__);
- 		ret = -1;
-+	}
- 
- 	/* Allow unencrypted EAPOL messages even if pairwise keys are set when
- 	 * not using WPA. IEEE 802.1X specifies that these frames are not
-@@ -1952,12 +1973,18 @@ int wpa_driver_wext_associate(void *priv
- 	else
- 		allow_unencrypted_eapol = 1;
- 
--	if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
-+	if (wpa_driver_wext_set_psk(drv, params->psk) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_psk failed", __FUNCTION__);
- 		ret = -1;
-+	}
-+
- 	if (wpa_driver_wext_set_auth_param(drv,
- 					   IW_AUTH_RX_UNENCRYPTED_EAPOL,
--					   allow_unencrypted_eapol) < 0)
-+					   allow_unencrypted_eapol) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__);
- 		ret = -1;
-+	}
-+
- #ifdef CONFIG_IEEE80211W
- 	switch (params->mgmt_frame_protection) {
- 	case NO_MGMT_FRAME_PROTECTION:
-@@ -1970,17 +1997,25 @@ int wpa_driver_wext_associate(void *priv
- 		value = IW_AUTH_MFP_REQUIRED;
- 		break;
- 	};
--	if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
-+	if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) {
-+	        wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(IW_AUTH_MFP) failed", __FUNCTION__);
- 		ret = -1;
-+	}
- #endif /* CONFIG_IEEE80211W */
--	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
-+	if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__);
- 		ret = -1;
-+	}
- 	if (!drv->cfg80211 &&
--	    wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
-+	    wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_ssid failed", __FUNCTION__);
- 		ret = -1;
-+	}
- 	if (params->bssid &&
--	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
-+	    wpa_driver_wext_set_bssid(drv, params->bssid) < 0) {
-+		wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__);
- 		ret = -1;
-+	}
- 	if (drv->cfg80211 &&
- 	    wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
- 		ret = -1;
-@@ -2008,6 +2043,10 @@ static int wpa_driver_wext_set_auth_alg(
- 	res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
- 					     algs);
- 	drv->auth_alg_fallback = res == -2;
-+
-+	if (res == -2)
-+		wpa_printf(MSG_DEBUG, "%s: falling back to ENCODE for AUTH", __FUNCTION__);
-+
- 	return res;
- }
- 

wpa_supplicant-errormsg.patch

@@ -1,19 +0,0 @@
-Index: src/drivers/driver_wext.c
-===================================================================
---- src/drivers/driver_wext.c.orig
-+++ src/drivers/driver_wext.c
-@@ -54,12 +54,13 @@ int wpa_driver_wext_set_auth_param(struc
- 	iwr.u.param.value = value;
- 
- 	if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
-+		int saved_errno = errno;
- 		if (errno != EOPNOTSUPP) {
- 			wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
- 				   "value 0x%x) failed: %s)",
- 				   idx, value, strerror(errno));
- 		}
--		ret = errno == EOPNOTSUPP ? -2 : -1;
-+		ret = saved_errno == EOPNOTSUPP ? -2 : -1;
- 	}
- 
- 	return ret;

wpa_supplicant-sigusr1-changes-debuglevel.patch

@@ -1,8 +1,10 @@
-Index: wpa_supplicant/wpa_supplicant.c
-===================================================================
---- wpa_supplicant/wpa_supplicant.c.orig
-+++ wpa_supplicant/wpa_supplicant.c
-@@ -139,6 +139,22 @@ int wpa_set_wep_keys(struct wpa_supplica
+---
+ wpa_supplicant/wpa_supplicant.c |   18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+--- a/wpa_supplicant/wpa_supplicant.c
++++ b/wpa_supplicant/wpa_supplicant.c
+@@ -123,6 +123,22 @@ int wpa_set_wep_keys(struct wpa_supplica
  	return set;
  }
  
@@ -23,9 +25,9 @@ Index: wpa_supplicant/wpa_supplicant.c
 +	                   ((wpa_debug_level == MSG_MSGDUMP) ? "MSGDUMP" : "UNKNOWN")));
 +}
  
- static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
- 					   struct wpa_ssid *ssid)
-@@ -2342,6 +2358,8 @@ int wpa_supplicant_run(struct wpa_global
+ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
+ 				    struct wpa_ssid *ssid)
+@@ -4124,6 +4140,8 @@ int wpa_supplicant_run(struct wpa_global
  	eloop_register_signal_terminate(wpa_supplicant_terminate, global);
  	eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
  

wpa_supplicant.changes

@@ -1,3 +1,60 @@
+-------------------------------------------------------------------
+Mon Jun 16 04:28:45 UTC 2014 - glin@suse.com
+
+- Update to 2.2
+  * added DFS indicator to get_capability freq
+  * added/fixed nl80211 functionality
+  * removed unused NFC_RX_HANDOVER_REQ and NFC_RX_HANDOVER_SEL
+    control interface commands (the more generic
+    NFC_REPORT_HANDOVER is now used)
+  * fixed MSCHAP UTF-8 to UCS-2 conversion for three-byte encoding
+  * P2P enhancements/fixes
+  * added phase1 network parameter options for disabling TLS v1.1
+    and v1.2 to allow workarounds with misbehaving AAA servers
+  * Interworking/Hotspot 2.0 enhancements
+  * fixed TDLS interoperability issues with supported operating
+    class in
+  * some deployed stations
+  * internal TLS implementation enhancements/fixes
+  * fixed PTK derivation for CCMP-256 and GCMP-256
+  * added "reattach" command for fast reassociate-back-to-same-BSS
+  * added "get_capability tdls" command
+  * D-Bus interface extensions/fixes
+  * fixed potential segmentation fault and memory leaks in WNM
+    neighbor report processing
+  * EAP-pwd fixes
+  * added MACsec/IEEE Std 802.1X-2010 PAE implementation
+  * fixed a memory leak in SAE random number generation
+  * fixed EAPOL-Key exchange when GCMP is used with SHA256-based
+    AKM
+  * added support for simultaneous authentication of equals (SAE)
+    for stronger password-based authentication with WPA2-Personal
+  * improved P2P negotiation and group formation robustness
+  * improved P2P channel selection
+  * added nl80211 functionality
+    - VHT configuration for nl80211
+    - MFP (IEEE 802.11w) information for nl80211 command API
+    - support split wiphy dump
+    - FT (IEEE 802.11r) with driver-based SME
+    - use advertised number of supported concurrent channels
+    - QoS Mapping configuration
+  * improved TDLS negotiation robustness
+  * added 'SCAN TYPE=ONLY' ctrl_iface command to request manual
+    scan without executing roaming/network re-selection on scan
+    results
+  * added Session-Id derivation for EAP peer methods
+  * allow AP/Enrollee to be specified with BSSID instead of UUID
+    for WPS ER operations
+  * changed the default driver interface from wext to nl80211 if
+    both are included in the build
+  * added domain_suffix_match (and domain_suffix_match2 for Phase 2
+    EAP-TLS) to specify additional constraint for the server
+    certificate domain name
+  * added support for WPS+NFC updates and P2P+NFC
+- Drop wpa_supplicant-driver-wext-debug.patch and
+  wpa_supplicant-errormsg.patch: wext is deprecated
+- Enable AP mode, P2P, RSN IBSS, EAP FAST, EAP AKA, and WPS NFC
+
 -------------------------------------------------------------------
 Thu May  8 11:18:08 CEST 2014 - ro@suse.de
 

wpa_supplicant.spec

@@ -34,7 +34,7 @@ BuildRequires:  libnl3-devel
 BuildRequires:  libnl-devel
 %endif
 Url:            http://hostap.epitest.fi/wpa_supplicant/
-Version:        2.0
+Version:        2.2
 Release:        0
 Summary:        WPA supplicant implementation
 License:        BSD-3-Clause and GPL-2.0+
@@ -46,14 +46,12 @@ Source3:        fi.epitest.hostap.WPASupplicant.service
 Source4:        logrotate.wpa_supplicant
 Source5:        fi.w1.wpa_supplicant1.service
 Source6:        wpa_supplicant.service
-Patch0:         wpa_supplicant-driver-wext-debug.patch
 # wpa_supplicant-flush-debug-output.patch won't go upstream as it might
 # change timings
 Patch1:         wpa_supplicant-flush-debug-output.patch
 # wpa_supplicant-sigusr1-changes-debuglevel.patch won't go upstream as it
 # is not portable
 Patch2:         wpa_supplicant-sigusr1-changes-debuglevel.patch
-Patch3:         wpa_supplicant-errormsg.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Requires:       logrotate
 %if ! %{defined _rundir}
@@ -92,10 +90,8 @@ cp %{SOURCE1} wpa_supplicant/.config
 %if 0%{?suse_version} > 1140
 echo "CONFIG_LIBNL32=y" >> wpa_supplicant/.config
 %endif
-%patch0 -p0
 %patch1 -p0
-%patch2 -p0
-%patch3 -p0
+%patch2 -p1
 
 %build
 cd wpa_supplicant