Hello community, here is the log from the commit of package wpa_supplicant.3066 for openSUSE:12.3:Update checked in at 2014-10-22 14:30:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/wpa_supplicant.3066 (Old) and /work/SRC/openSUSE:12.3:Update/.wpa_supplicant.3066.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "wpa_supplicant.3066" Changes: -------- New Changes file: --- /dev/null 2014-09-26 12:09:11.568032006 +0200 +++ /work/SRC/openSUSE:12.3:Update/.wpa_supplicant.3066.new/wpa_supplicant.changes 2014-10-22 14:30:06.000000000 +0200 @@ -0,0 +1,1077 @@ +------------------------------------------------------------------- +Mon Oct 13 17:48:02 CEST 2014 - ro@suse.de + +- add 0001-Add-os_exec-helper-to-run-external-programs.patch +- add 0002-wpa_cli-Use-os_exec-for-action-script-execution.patch +- fixing CVE-2014-3686 (bnc#900611) trying to abuse the action + scripts in wpa_cli + +------------------------------------------------------------------- +Tue Dec 11 10:16:40 UTC 2012 - glin@suse.com + +- Update to 1.1 + * Fix EAPOL supplicant port authorization with PMKSA caching. + * Fix EAPOL processing when STA switches between multi-BSSes. + * Fix EAP-FAST with OpenSSL 1.0.1. + * EAP-pwd: Increase maximum number of hunting-and-pecking + iterations, which results in less authentication attempts + failing. + * Set state to DISCONNECTED on AP creation errors. Previously the + supplicant would stay in SCANNING state forever. + * Fix REMOVE_NETWORK to not run operations with invalid + current_ssid. + * EAP-SIM peer: Fix AT_COUNTER_TOO_SMALL use. + * Interworking: Fix PLMN matching with multiple entries to compare + all entries, not just the first one. + * Handle long configuration file lines more gracefully. + * Fix adding extra IEs in sched scan. + * PMKSA: Set cur_pmksa pointer during initial association. + * PMKSA: Do not evict the active cache entry when adding new ones. + * Set state consistently to DISCONNECTED on auth/assoc failures. + * Fix BSSID enforcement with driver-based BSS selection. Set BSSID + and channel when the network block has an explicit bssid + parameter to select which BSS is to be used. + * wpa_gui: Fix compilation with gcc/g++ 4.7. + * EAP-AKA' + - Update to RFC 5448 in the leading characters used in the + username. This will make EAP-AKA' not interoperate between the + earlier draft version and the new version. + - Fix SIM/USIM determination to support EAP-AKA'. + * dbus: + - Add global capabilities property. + - Fix bss_expire_count getter, which was returning the wrong + value. + - P2P: Remove network_object dictionary entry from signal + GroupStarted. + - Fix D-Bus build without ctrl_iface. + * WPS: + - Fix nonce comparisons to compare all bytes, not just the first + byte. + - Fix NFC password token building with WPS 2.0 to avoid wpabuf + overflow and application abort if NFC out-of-band mechanism is + used with WPS 2.0 enabled. + - Fix cleanup of WPS operations (by clearing them) in + WPA_SCANNING and WPA_DISCONNECTED states. + - Fix issue with BSSID filter handling that could cause only a + single one of the available BSSes to be available or could + cause issues connecting. + - Fix overlapping memcpy on WPS interface addition. + * P2P: + - Remove channel 14 from supported P2P channels. + - Fix Provision Discovery retries on delay in off channel + transmission, to avoid unnecessary retries. + - Limit maximum number of stored P2P clients (the + p2p_client_list parameter) to 100. + - Improve p2p_client_list updates in configuration file, + reording entries so that the most recently added values are + maintained in the list if the list gets truncated due to + size. + - Fix Provision Discovery retries during p2p_find by making the + p2p_find case behave consistently with the limited retry + behavior used with Provision Discovery retries in the IDLE + state. + - Fix P2P Client Discoverability bit updates so that the bit is + only updated based on P2P Group Info attribute from a GO. + - Fix GO Negotiation race condition where both devices may + believe they are the GO. (Ignore unexpected GO Neg Response + if we have already sent GO Neg Response.) + - Deinitialize global P2P context on P2P management interface + removal. + - Wait 100 ms if driver fails to start listen operation. This + is a workaround for some drivers that may accept the + remain-on-channel command, but instead of indicating start + event for remain-on-channel, just indicate that the operation + has been cancelled immediately. + - Clone max_sta_num parameter for group interfaces, allowing + this parameter set in the main config file to apply to + dynamically created P2P group interfaces. + - Fix Device ID matching for Probe Request frames, which was + checking only the first octet of the P2P Device Address. + - Do not update peer Listen channel based on PD Request + Invitation Request frames (just on Probe Response frames). + - Fix p2p_listen to disallow scheduling a new after scan + operation in the case where a p2p_connect operation is + pending. +- Remove upstreamed wpa_supplicant-gcc47.patch +- Enable background scan to improve roaming +- Build driver with libnl3 (wpa_supplicant-libnl3.patch) + +------------------------------------------------------------------- +Tue May 15 04:35:01 UTC 2012 - glin@suse.com + +- Update to 1.0 + * Delay STA entry removal until Deauth/Disassoc TX status + in AP mode. This allows the driver to use PS buffering of + Deauthentication and Disassociation frames when the STA + is in power save sleep. Only available with drivers that + provide TX status events for Deauth/Disassoc frames + (nl80211). + * Drop oldest unknown BSS table entries first. This makes + it less likely to hit connection issues in environments + with huge number of visible APs. + * Add systemd support. + * Add support for setting the syslog facility from the + config file at build time. + * atheros: Add support for IEEE 802.11w configuration. + * AP mode: Allow enable HT20 if driver supports it, by + setting the config parameter ieee80211n. + * Allow AP mode to disconnect STAs based on low ACK + condition (when the data connection is not working + properly, e.g., due to the STA going outside the range + of the AP). + * nl80211: + - Support GTK rekey offload. + - Support PMKSA candidate events. This adds support for + RSN pre-authentication with nl80211 interface and + drivers that handle roaming internally. + * Improved dbus interface + * New wpa_cli commands to setup the scan interval and + to support P2P and WPS/WPS ER + * AP mode: Add max_num_sta config option, which can be used + to limit the number of stations allowed to connect to the + AP. + * wext: Increase scan timeout from 5 to 10 seconds. + * Allow an external program to manage the BSS blacklist + and display its current contents. + * WPS: + - Add wpa_cli wps_pin get command for generating random + PINs. This can be used in a UI to generate a PIN + without starting WPS (or P2P) operation. + - Set RF bands based on driver capabilities, instead of + hardcoding them. + - Add mechanism for indicating non-standard WPS errors. + - Add wps_ap_pin cli command for wpa_supplicant AP mode. + - Add wps_check_pin cli command for processing PIN from + user input. UIs can use this command to process a PIN + entered by a user and to validate the checksum digit + (if present). + - Cancel WPS operation on PBC session overlap detection. + - New wps_cancel command in wpa_cli will cancel a + pending WPS operation. + - wpa_cli action: Add WPS_EVENT_SUCCESS and + WPS_EVENT_FAIL handlers. + - Trigger WPS config update on Manufacturer, Model Name, + Model Number, and Serial Number changes. + - Fragment size is now configurable for EAP-WSC peer. + Use wpa_cli set wps_fragment_size <val>. + - Disable AP PIN after 10 consecutive failures. Slow down + attacks on failures up to 10. + - Allow AP to start in Enrollee mode without AP PIN for + probing, to be compatible with Windows 7. + - Add Config Error into WPS-FAIL events to provide more + info to the user on how to resolve the issue. + - Label and Display config methods are not allowed to be + enabled at the same time, since it is unclear which + PIN to use if both methods are advertised. + - When controlling multiple interfaces: + - apply WPS commands to all interfaces configured to + use WPS + - apply WPS config changes to all interfaces that use + WPS + - when an attack is detected on any interface, disable + AP PIN on all interfaces + * WPS ER: + - Add special AP Setup Locked mode to allow read only ER. + - Show SetSelectedRegistrar events as ctrl_iface events + - Add wps_er_set_config to enroll a network based on a + local network configuration block instead of having to + (re-)learn the current AP settings with wps_er_learn. + - Allow AP filtering based on IP address, add ctrl_iface + event for learned AP settings, add wps_er_config + command to configure an AP. + * Add support for WPS 2.0 + * TDLS: + - Propogate TDLS related nl80211 capability flags from + kernel and add them as driver capability flags. If the + driver doesn't support capabilities, assume TDLS is + supported internally. When TDLS is explicitly not + supported, disable all user facing TDLS operations. + - Allow TDLS to be disabled at runtime. + - Honor AP TDLS settings that prohibit/allow TDLS. + - Add a special testing feature for changing TDLS + behavior. + - Add support for TDLS 802.11z. + * wlantest: Add a tool wlantest for IEEE802.11 protocol + testing. wlantest can be used to capture frames from a + monitor interface for realtime capturing or from pcap + files for offline analysis. ++++ 880 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.3:Update/.wpa_supplicant.3066.new/wpa_supplicant.changes New: ---- 0001-Add-os_exec-helper-to-run-external-programs.patch 0002-wpa_cli-Use-os_exec-for-action-script-execution.patch config fi.epitest.hostap.WPASupplicant.service fi.w1.wpa_supplicant1.service logrotate.wpa_supplicant wpa_supplicant-1.1.tar.bz2 wpa_supplicant-driver-wext-debug.patch wpa_supplicant-errormsg.patch wpa_supplicant-flush-debug-output.patch wpa_supplicant-libnl3.patch wpa_supplicant-sigusr1-changes-debuglevel.patch wpa_supplicant.changes wpa_supplicant.conf wpa_supplicant.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ wpa_supplicant.spec ++++++ # # spec file for package wpa_supplicant # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: wpa_supplicant BuildRequires: dbus-1-devel BuildRequires: libqt4 BuildRequires: libqt4-devel BuildRequires: openssl-devel BuildRequires: pkg-config BuildRequires: readline-devel %if 0%{?suse_version} > 1140 BuildRequires: libnl-1_1-devel BuildRequires: libnl3-devel %else BuildRequires: libnl-devel %endif Url: http://hostap.epitest.fi/wpa_supplicant/ Version: 1.1 Release: 0 Summary: WPA supplicant implementation License: BSD-3-Clause and GPL-2.0+ Group: Productivity/Networking/Other Source: http://hostap.epitest.fi/releases/wpa_supplicant-%{version}.tar.bz2 Source1: config Source2: %{name}.conf Source3: fi.epitest.hostap.WPASupplicant.service Source4: logrotate.wpa_supplicant Source5: fi.w1.wpa_supplicant1.service Patch0: wpa_supplicant-driver-wext-debug.patch # wpa_supplicant-flush-debug-output.patch won't go upstream as it might # change timings Patch1: wpa_supplicant-flush-debug-output.patch # wpa_supplicant-sigusr1-changes-debuglevel.patch won't go upstream as it # is not portable Patch2: wpa_supplicant-sigusr1-changes-debuglevel.patch Patch3: wpa_supplicant-errormsg.patch Patch4: wpa_supplicant-libnl3.patch # CVE-2014-3686 Patch5: 0001-Add-os_exec-helper-to-run-external-programs.patch Patch6: 0002-wpa_cli-Use-os_exec-for-action-script-execution.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: logrotate %description wpa_supplicant is an implementation of the WPA Supplicant component, i.e., the part that runs in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. Authors: -------- Jouni Malinen <jkmaline@cc.hut.fi> %package gui Summary: WPA supplicant graphical front-end Group: System/Monitoring Requires: wpa_supplicant %description gui This package contains a graphical front-end to wpa_supplicant, an implementation of the WPA Supplicant component. Authors: -------- Jouni Malinen <jkmaline@cc.hut.fi> %prep %setup -q -n wpa_supplicant-%{version} rm -rf wpa_supplicant-%{version}/patches cp %{SOURCE1} wpa_supplicant/.config %if 0%{?suse_version} > 1140 echo "CONFIG_LIBNL32=y" >> wpa_supplicant/.config %endif %patch0 -p0 %patch1 -p0 %patch2 -p0 %patch3 -p0 %patch4 -p1 %patch5 -p1 %patch6 -p1 %build cd wpa_supplicant CFLAGS="$RPM_OPT_FLAGS" make V=1 %{?_smp_mflags} cd wpa_gui-qt4 qmake QMAKE_CXXFLAGS="$RPM_OPT_FLAGS" QMAKE_CFLAGS="$RPM_OPT_FLAGS" make %{?_smp_mflags} %install install -d %{buildroot}/%{_sbindir} install -m 0755 wpa_supplicant/wpa_cli %{buildroot}%{_sbindir} install -m 0755 wpa_supplicant/wpa_passphrase %{buildroot}%{_sbindir} install -m 0755 wpa_supplicant/wpa_supplicant %{buildroot}%{_sbindir} install -d %{buildroot}%{_sysconfdir}/dbus-1/system.d install -m 0644 wpa_supplicant/dbus/dbus-wpa_supplicant.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/wpa_supplicant.conf install -d %{buildroot}/%{_sysconfdir}/%{name} install -m 0600 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name} install -d %{buildroot}/%{_datadir}/dbus-1/system-services install -m 0644 %{SOURCE3} %{buildroot}/%{_datadir}/dbus-1/system-services install -m 0644 %{SOURCE5} %{buildroot}/%{_datadir}/dbus-1/system-services install -d %{buildroot}/%{_sysconfdir}/logrotate.d/ install -m 644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/logrotate.d/wpa_supplicant install -d %{buildroot}/%{_localstatedir}/run/%{name} install -d %{buildroot}%{_mandir}/man{5,8} install -m 0644 wpa_supplicant/doc/docbook/*.8 %{buildroot}%{_mandir}/man8 install -m 0644 wpa_supplicant/doc/docbook/*.5 %{buildroot}%{_mandir}/man5 install -m 755 wpa_supplicant/wpa_gui-qt4/wpa_gui %{buildroot}%{_sbindir} %files %defattr(-,root,root) %doc wpa_supplicant/ChangeLog COPYING README wpa_supplicant/todo.txt wpa_supplicant/examples wpa_supplicant/wpa_supplicant.conf %{_sbindir}/wpa_cli %{_sbindir}/wpa_passphrase %{_sbindir}/wpa_supplicant %config %{_sysconfdir}/dbus-1/system.d/%{name}.conf %{_datadir}/dbus-1/system-services %config %{_sysconfdir}/%{name}/%{name}.conf %config(noreplace) %{_sysconfdir}/logrotate.d/wpa_supplicant %dir %{_localstatedir}/run/%{name} %if 0%{?suse_version} > 1140 %ghost %{_localstatedir}/run/%{name} %endif %dir %{_sysconfdir}/%{name} %doc %{_mandir}/man8/* %doc %{_mandir}/man5/* %files gui %defattr(-,root,root) /usr/sbin/wpa_gui %changelog ++++++ 0001-Add-os_exec-helper-to-run-external-programs.patch ++++++
From 89de07a9442072f88d49869d8ecd8d42bae050a0 Mon Sep 17 00:00:00 2001 From: Jouni Malinen <jouni@qca.qualcomm.com> Date: Mon, 6 Oct 2014 16:27:44 +0300 Subject: [PATCH 1/3] Add os_exec() helper to run external programs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> ================================================================================ --- wpa_supplicant-2.0/src/utils/os.h +++ wpa_supplicant-2.0/src/utils/os.h @@ -506,6 +506,14 @@ */ size_t os_strlcpy(char *dest, const char *src, size_t siz); +/** + * os_exec - Execute an external program + * @program: Path to the program + * @arg: Command line argument string + * @wait_completion: Whether to wait until the program execution completes + * Returns: 0 on success, -1 on error + */ +int os_exec(const char *program, const char *arg, int wait_completion); #ifdef OS_REJECT_C_LIB_FUNCTIONS #define malloc OS_DO_NOT_USE_malloc --- wpa_supplicant-2.0/src/utils/os_unix.c +++ wpa_supplicant-2.0/src/utils/os_unix.c @@ -9,6 +9,7 @@ #include "includes.h" #include <time.h> +#include <sys/wait.h> #ifdef ANDROID #include <linux/capability.h> @@ -486,3 +487,57 @@ } #endif /* WPA_TRACE */ + + +int os_exec(const char *program, const char *arg, int wait_completion) +{ + pid_t pid; + int pid_status; + + pid = fork(); + if (pid < 0) { + perror("fork"); + return -1; + } + + if (pid == 0) { + /* run the external command in the child process */ + const int MAX_ARG = 30; + char *_program, *_arg, *pos; + char *argv[MAX_ARG + 1]; + int i; + + _program = os_strdup(program); + _arg = os_strdup(arg); + + argv[0] = _program; + + i = 1; + pos = _arg; + while (i < MAX_ARG && pos && *pos) { + while (*pos == ' ') + pos++; + if (*pos == '\0') + break; + argv[i++] = pos; + pos = os_strchr(pos, ' '); + if (pos) + *pos++ = '\0'; + } + argv[i] = NULL; + + execv(program, argv); + perror("execv"); + os_free(_program); + os_free(_arg); + exit(0); + return -1; + } + + if (wait_completion) { + /* wait for the child process to complete in the parent */ + waitpid(pid, &pid_status, 0); + } + + return 0; +} --- wpa_supplicant-2.0/src/utils/os_win32.c +++ wpa_supplicant-2.0/src/utils/os_win32.c @@ -233,3 +233,9 @@ return s - src - 1; } + +int os_exec(const char *program, const char *arg, int wait_completion) +{ + return -1; +} + ++++++ 0002-wpa_cli-Use-os_exec-for-action-script-execution.patch ++++++
From c5f258de76dbb67fb64beab39a99e5c5711f41fe Mon Sep 17 00:00:00 2001 From: Jouni Malinen <jouni@qca.qualcomm.com> Date: Mon, 6 Oct 2014 17:25:52 +0300 Subject: [PATCH 2/3] wpa_cli: Use os_exec() for action script execution
Use os_exec() to run the action script operations to avoid undesired command line processing for control interface event strings. Previously, it could have been possible for some of the event strings to include unsanitized data which is not suitable for system() use. (CVE-2014-3686) Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> --- wpa_supplicant/wpa_cli.c | 25 ++++++++----------------- 1 file changed, 8 insertions(+), 17 deletions(-) diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c index 18b9b77..fe30b41 100644 --- a/wpa_supplicant/wpa_cli.c +++ b/wpa_supplicant/wpa_cli.c @@ -3159,28 +3159,19 @@ static int str_match(const char *a, const char *b) static int wpa_cli_exec(const char *program, const char *arg1, const char *arg2) { - char *cmd; + char *arg; size_t len; int res; - int ret = 0; - len = os_strlen(program) + os_strlen(arg1) + os_strlen(arg2) + 3; - cmd = os_malloc(len); - if (cmd == NULL) - return -1; - res = os_snprintf(cmd, len, "%s %s %s", program, arg1, arg2); - if (res < 0 || (size_t) res >= len) { - os_free(cmd); + len = os_strlen(arg1) + os_strlen(arg2) + 2; + arg = os_malloc(len); + if (arg == NULL) return -1; - } - cmd[len - 1] = '\0'; -#ifndef _WIN32_WCE - if (system(cmd) < 0) - ret = -1; -#endif /* _WIN32_WCE */ - os_free(cmd); + os_snprintf(arg, len, "%s %s", arg1, arg2); + res = os_exec(program, arg, 1); + os_free(arg); - return ret; + return res; } -- 1.9.1 ++++++ config ++++++ # Example wpa_supplicant build time configuration # # This file lists the configuration options that are used when building the # hostapd binary. All lines starting with # are ignored. Configuration option # lines must be commented out complete, if they are not to be included, i.e., # just setting VARIABLE=n is not disabling that variable. # # This file is included in Makefile, so variables like CFLAGS and LIBS can also # be modified from here. In most cases, these lines should use += in order not # to override previous values of the variables. # Uncomment following two lines and fix the paths if you have installed OpenSSL # or GnuTLS in non-default location #CFLAGS += -I/usr/local/openssl/include #LIBS += -L/usr/local/openssl/lib # Some Red Hat versions seem to include kerberos header files from OpenSSL, but # the kerberos files are not in the default include path. Following line can be # used to fix build issues on such systems (krb5.h not found). #CFLAGS += -I/usr/include/kerberos # Example configuration for various cross-compilation platforms #### sveasoft (e.g., for Linksys WRT54G) ###################################### #CC=mipsel-uclibc-gcc #CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc #CFLAGS += -Os #CPPFLAGS += -I../src/include -I../../src/router/openssl/include #LIBS += -L/opt/brcm/hndtools-mipsel-uclibc-0.9.19/lib -lssl ############################################################################### #### openwrt (e.g., for Linksys WRT54G) ####################################### #CC=mipsel-uclibc-gcc #CC=/opt/brcm/hndtools-mipsel-uclibc/bin/mipsel-uclibc-gcc #CFLAGS += -Os #CPPFLAGS=-I../src/include -I../openssl-0.9.7d/include \ # -I../WRT54GS/release/src/include #LIBS = -lssl ############################################################################### # Driver interface for Host AP driver CONFIG_DRIVER_HOSTAP=y # Driver interface for Agere driver #CONFIG_DRIVER_HERMES=y # Change include directories to match with the local setup #CFLAGS += -I../../hcf -I../../include -I../../include/hcf #CFLAGS += -I../../include/wireless # Driver interface for madwifi driver # Deprecated; use CONFIG_DRIVER_WEXT=y instead. #CONFIG_DRIVER_MADWIFI=y # Set include directory to the madwifi source tree #CFLAGS += -I../../madwifi # Driver interface for ndiswrapper # Deprecated; use CONFIG_DRIVER_WEXT=y instead. CONFIG_DRIVER_NDISWRAPPER=y # Driver interface for Atmel driver CONFIG_DRIVER_ATMEL=y # Driver interface for old Broadcom driver # Please note that the newer Broadcom driver ("hybrid Linux driver") supports # Linux wireless extensions and does not need (or even work) with the old # driver wrapper. Use CONFIG_DRIVER_WEXT=y with that driver. #CONFIG_DRIVER_BROADCOM=y # Example path for wlioctl.h; change to match your configuration #CFLAGS += -I/opt/WRT54GS/release/src/include # Driver interface for Intel ipw2100/2200 driver # Deprecated; use CONFIG_DRIVER_WEXT=y instead. #CONFIG_DRIVER_IPW=y # Driver interface for Ralink driver CONFIG_DRIVER_RALINK=y # Driver interface for generic Linux wireless extensions # Note: WEXT is deprecated in the current Linux kernel version and no new # functionality is added to it. nl80211-based interface is the new # replacement for WEXT and its use allows wpa_supplicant to properly control # the driver to improve existing functionality like roaming and to support new # functionality. CONFIG_DRIVER_WEXT=y # Driver interface for Linux drivers using the nl80211 kernel interface CONFIG_DRIVER_NL80211=y # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) #CONFIG_DRIVER_BSD=y #CFLAGS += -I/usr/local/include #LIBS += -L/usr/local/lib #LIBS_p += -L/usr/local/lib #LIBS_c += -L/usr/local/lib # Driver interface for Windows NDIS #CONFIG_DRIVER_NDIS=y #CFLAGS += -I/usr/include/w32api/ddk #LIBS += -L/usr/local/lib # For native build using mingw #CONFIG_NATIVE_WINDOWS=y # Additional directories for cross-compilation on Linux host for mingw target #CFLAGS += -I/opt/mingw/mingw32/include/ddk #LIBS += -L/opt/mingw/mingw32/lib #CC=mingw32-gcc # By default, driver_ndis uses WinPcap for low-level operations. This can be # replaced with the following option which replaces WinPcap calls with NDISUIO. # However, this requires that WZC is disabled (net stop wzcsvc) before starting # wpa_supplicant. # CONFIG_USE_NDISUIO=y # Driver interface for development testing #CONFIG_DRIVER_TEST=y # Driver interface for wired Ethernet drivers CONFIG_DRIVER_WIRED=y # Driver interface for the Broadcom RoboSwitch family #CONFIG_DRIVER_ROBOSWITCH=y # Driver interface for no driver (e.g., WPS ER only) #CONFIG_DRIVER_NONE=y # Solaris libraries #LIBS += -lsocket -ldlpi -lnsl #LIBS_c += -lsocket # Enable IEEE 802.1X Supplicant (automatically included if any EAP method is # included) CONFIG_IEEE8021X_EAPOL=y # EAP-MD5 CONFIG_EAP_MD5=y # EAP-MSCHAPv2 CONFIG_EAP_MSCHAPV2=y # EAP-TLS CONFIG_EAP_TLS=y # EAL-PEAP CONFIG_EAP_PEAP=y # EAP-TTLS CONFIG_EAP_TTLS=y # EAP-FAST # Note: Default OpenSSL package does not include support for all the # functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL, # the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch) # to add the needed functions. #CONFIG_EAP_FAST=y # EAP-GTC CONFIG_EAP_GTC=y # EAP-OTP CONFIG_EAP_OTP=y # EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) #CONFIG_EAP_SIM=y # EAP-PSK (experimental; this is _not_ needed for WPA-PSK) CONFIG_EAP_PSK=y # EAP-pwd (secure authentication using only a password) #CONFIG_EAP_PWD=y # EAP-PAX CONFIG_EAP_PAX=y # LEAP CONFIG_EAP_LEAP=y # EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) #CONFIG_EAP_AKA=y # EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used). # This requires CONFIG_EAP_AKA to be enabled, too. #CONFIG_EAP_AKA_PRIME=y # Enable USIM simulator (Milenage) for EAP-AKA #CONFIG_USIM_SIMULATOR=y # EAP-SAKE CONFIG_EAP_SAKE=y # EAP-GPSK CONFIG_EAP_GPSK=y # Include support for optional SHA256 cipher suite in EAP-GPSK CONFIG_EAP_GPSK_SHA256=y # EAP-TNC and related Trusted Network Connect support (experimental) CONFIG_EAP_TNC=y # Wi-Fi Protected Setup (WPS) CONFIG_WPS=y # Enable WSC 2.0 support CONFIG_WPS2=y # Enable WPS external registrar functionality CONFIG_WPS_ER=y # Disable credentials for an open network by default when acting as a WPS # registrar. #CONFIG_WPS_REG_DISABLE_OPEN=y # EAP-IKEv2 CONFIG_EAP_IKEV2=y # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) CONFIG_PKCS12=y # Smartcard support (i.e., private key on a smartcard), e.g., with openssl # engine. CONFIG_SMARTCARD=y # PC/SC interface for smartcards (USIM, GSM SIM) # Enable this if EAP-SIM or EAP-AKA is included #CONFIG_PCSC=y # Development testing #CONFIG_EAPOL_TEST=y # Select control interface backend for external programs, e.g, wpa_cli: # unix = UNIX domain sockets (default for Linux/*BSD) # udp = UDP sockets using localhost (127.0.0.1) # named_pipe = Windows Named Pipe (default for Windows) # y = use default (backwards compatibility) # If this option is commented out, control interface is not included in the # build. CONFIG_CTRL_IFACE=y # Include support for GNU Readline and History Libraries in wpa_cli. # When building a wpa_cli binary for distribution, please note that these # libraries are licensed under GPL and as such, BSD license may not apply for # the resulting binary. #CONFIG_READLINE=y # Include internal line edit mode in wpa_cli. This can be used as a replacement # for GNU Readline to provide limited command line editing and history support. #CONFIG_WPA_CLI_EDIT=y # Remove debugging code that is printing out debug message to stdout. # This can be used to reduce the size of the wpa_supplicant considerably # if debugging code is not needed. The size reduction can be around 35% # (e.g., 90 kB). #CONFIG_NO_STDOUT_DEBUG=y # Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save # 35-50 kB in code size. #CONFIG_NO_WPA=y # Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to # save about 1 kB in code size when building only WPA-Personal (no EAP support) # or 6 kB if building for WPA-Enterprise. #CONFIG_NO_WPA2=y # Remove IEEE 802.11i/WPA-Personal ASCII passphrase support # This option can be used to reduce code size by removing support for # converting ASCII passphrases into PSK. If this functionality is removed, the # PSK can only be configured as the 64-octet hexstring (e.g., from # wpa_passphrase). This saves about 0.5 kB in code size. #CONFIG_NO_WPA_PASSPHRASE=y # Disable scan result processing (ap_mode=1) to save code size by about 1 kB. # This can be used if ap_scan=1 mode is never enabled. #CONFIG_NO_SCAN_PROCESSING=y # Select configuration backend: # file = text file (e.g., wpa_supplicant.conf; note: the configuration file # path is given on command line, not here; this option is just used to # select the backend that allows configuration files to be used) # winreg = Windows registry (see win_example.reg for an example) CONFIG_BACKEND=file # Remove configuration write functionality (i.e., to allow the configuration # file to be updated based on runtime configuration changes). The runtime # configuration can still be changed, the changes are just not going to be # persistent over restarts. This option can be used to reduce code size by # about 3.5 kB. #CONFIG_NO_CONFIG_WRITE=y # Remove support for configuration blobs to reduce code size by about 1.5 kB. #CONFIG_NO_CONFIG_BLOBS=y # Select program entry point implementation: # main = UNIX/POSIX like main() function (default) # main_winsvc = Windows service (read parameters from registry) # main_none = Very basic example (development use only) #CONFIG_MAIN=main # Select wrapper for operatins system and C library specific functions # unix = UNIX/POSIX like systems (default) # win32 = Windows systems # none = Empty template #CONFIG_OS=unix # Select event loop implementation # eloop = select() loop (default) # eloop_win = Windows events and WaitForMultipleObject() loop # eloop_none = Empty template #CONFIG_ELOOP=eloop # Select layer 2 packet implementation # linux = Linux packet socket (default) # pcap = libpcap/libdnet/WinPcap # freebsd = FreeBSD libpcap # winpcap = WinPcap with receive thread # ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) # none = Empty template #CONFIG_L2_PACKET=linux # PeerKey handshake for Station to Station Link (IEEE 802.11e DLS) CONFIG_PEERKEY=y # IEEE 802.11w (management frame protection) # This version is an experimental implementation based on IEEE 802.11w/D1.0 # draft and is subject to change since the standard has not yet been finalized. # Driver support is also needed for IEEE 802.11w. CONFIG_IEEE80211W=y # Select TLS implementation # openssl = OpenSSL (default) # gnutls = GnuTLS # internal = Internal TLSv1 implementation (experimental) # none = Empty template #CONFIG_TLS=openssl # TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) # can be enabled to get a stronger construction of messages when block ciphers # are used. It should be noted that some existing TLS v1.0 -based # implementation may not be compatible with TLS v1.1 message (ClientHello is # sent prior to negotiating which version will be used) #CONFIG_TLSV11=y # If CONFIG_TLS=internal is used, additional library and include paths are # needed for LibTomMath. Alternatively, an integrated, minimal version of # LibTomMath can be used. See beginning of libtommath.c for details on benefits # and drawbacks of this option. #CONFIG_INTERNAL_LIBTOMMATH=y #ifndef CONFIG_INTERNAL_LIBTOMMATH #LTM_PATH=/usr/src/libtommath-0.39 #CFLAGS += -I$(LTM_PATH) #LIBS += -L$(LTM_PATH) #LIBS_p += -L$(LTM_PATH) #endif # At the cost of about 4 kB of additional binary size, the internal LibTomMath # can be configured to include faster routines for exptmod, sqr, and div to # speed up DH and RSA calculation considerably #CONFIG_INTERNAL_LIBTOMMATH_FAST=y # Include NDIS event processing through WMI into wpa_supplicant/wpasvc. # This is only for Windows builds and requires WMI-related header files and # WbemUuid.Lib from Platform SDK even when building with MinGW. #CONFIG_NDIS_EVENTS_INTEGRATED=y #PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" # Add support for old DBus control interface # (fi.epitest.hostap.WPASupplicant) CONFIG_CTRL_IFACE_DBUS=y # Add support for new DBus control interface # (fi.w1.hostap.wpa_supplicant1) CONFIG_CTRL_IFACE_DBUS_NEW=y # Add introspection support for new DBus control interface CONFIG_CTRL_IFACE_DBUS_INTRO=y # Add support for loading EAP methods dynamically as shared libraries. # When this option is enabled, each EAP method can be either included # statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn). # Dynamic EAP methods are build as shared objects (eap_*.so) and they need to # be loaded in the beginning of the wpa_supplicant configuration file # (see load_dynamic_eap parameter in the example file) before being used in # the network blocks. # # Note that some shared parts of EAP methods are included in the main program # and in order to be able to use dynamic EAP methods using these parts, the # main program must have been build with the EAP method enabled (=y or =dyn). # This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries # unless at least one of them was included in the main build to force inclusion # of the shared code. Similarly, at least one of EAP-SIM/AKA must be included # in the main build to be able to load these methods dynamically. # # Please also note that using dynamic libraries will increase the total binary # size. Thus, it may not be the best option for targets that have limited # amount of memory/flash. #CONFIG_DYNAMIC_EAP_METHODS=y # IEEE Std 802.11r-2008 (Fast BSS Transition) #CONFIG_IEEE80211R=y # Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) CONFIG_DEBUG_FILE=y # Send debug messages to syslog instead of stdout #CONFIG_DEBUG_SYSLOG=y # Set syslog facility for debug messages #CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON # Enable privilege separation (see README 'Privilege separation' for details) #CONFIG_PRIVSEP=y # Enable mitigation against certain attacks against TKIP by delaying Michael # MIC error reports by a random amount of time between 0 and 60 seconds #CONFIG_DELAYED_MIC_ERROR_REPORT=y # Enable tracing code for developer debugging # This tracks use of memory allocations and other registrations and reports # incorrect use with a backtrace of call (or allocation) location. #CONFIG_WPA_TRACE=y # For BSD, uncomment these. #LIBS += -lexecinfo #LIBS_p += -lexecinfo #LIBS_c += -lexecinfo # Use libbfd to get more details for developer debugging # This enables use of libbfd to get more detailed symbols for the backtraces # generated by CONFIG_WPA_TRACE=y. #CONFIG_WPA_TRACE_BFD=y # For BSD, uncomment these. #LIBS += -lbfd -liberty -lz #LIBS_p += -lbfd -liberty -lz #LIBS_c += -lbfd -liberty -lz # wpa_supplicant depends on strong random number generation being available # from the operating system. os_get_random() function is used to fetch random # data when needed, e.g., for key generation. On Linux and BSD systems, this # works by reading /dev/urandom. It should be noted that the OS entropy pool # needs to be properly initialized before wpa_supplicant is started. This is # important especially on embedded devices that do not have a hardware random # number generator and may by default start up with minimal entropy available # for random number generation. # # As a safety net, wpa_supplicant is by default trying to internally collect # additional entropy for generating random data to mix in with the data fetched # from the OS. This by itself is not considered to be very strong, but it may # help in cases where the system pool is not initialized properly. However, it # is very strongly recommended that the system pool is initialized with enough # entropy either by using hardware assisted random number generator or by # storing state over device reboots. # # wpa_supplicant can be configured to maintain its own entropy store over # restarts to enhance random number generation. This is not perfect, but it is # much more secure than using the same sequence of random numbers after every # reboot. This can be enabled with -e<entropy file> command line option. The # specified file needs to be readable and writable by wpa_supplicant. # # If the os_get_random() is known to provide strong random data (e.g., on # Linux/BSD, the board in question is known to have reliable source of random # data from /dev/urandom), the internal wpa_supplicant random pool can be # disabled. This will save some in binary size and CPU use. However, this # should only be considered for builds that are known to be used on devices # that meet the requirements described above. #CONFIG_NO_RANDOM_POOL=y # IEEE 802.11n (High Throughput) support (mainly for AP mode) #CONFIG_IEEE80211N=y # Interworking (IEEE 802.11u) # This can be used to enable functionality to improve interworking with # external networks (GAS/ANQP to learn more about the networks and network # selection based on available credentials). #CONFIG_INTERWORKING=y # Enable background scan to improve roaming CONFIG_BGSCAN_SIMPLE=y ++++++ fi.epitest.hostap.WPASupplicant.service ++++++ [D-BUS Service] Name=fi.epitest.hostap.WPASupplicant Exec=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -f /var/log/wpa_supplicant.log User=root ++++++ fi.w1.wpa_supplicant1.service ++++++ [D-BUS Service] Name=fi.w1.wpa_supplicant1 Exec=/usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -f /var/log/wpa_supplicant.log User=root ++++++ logrotate.wpa_supplicant ++++++ /var/log/wpa_supplicant.log { compress dateext maxage 365 rotate 99 missingok notifempty size +4096k copytruncate } ++++++ wpa_supplicant-driver-wext-debug.patch ++++++ Index: src/drivers/driver_wext.c =================================================================== --- src/drivers/driver_wext.c.orig +++ src/drivers/driver_wext.c @@ -1901,19 +1901,26 @@ int wpa_driver_wext_associate(void *priv * SIOCSIWENCODE here. */ if (drv->auth_alg_fallback && - wpa_driver_wext_auth_alg_fallback(drv, params) < 0) + wpa_driver_wext_auth_alg_fallback(drv, params) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because auth_alg_fallback failed", __FUNCTION__); ret = -1; + } if (!params->bssid && - wpa_driver_wext_set_bssid(drv, NULL) < 0) + wpa_driver_wext_set_bssid(drv, NULL) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__); ret = -1; + } /* TODO: should consider getting wpa version and cipher/key_mgmt suites * from configuration, not from here, where only the selected suite is * available */ if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len) - < 0) + < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_gen_ie failed", __FUNCTION__); ret = -1; + } + if (params->wpa_ie == NULL || params->wpa_ie_len == 0) value = IW_AUTH_WPA_VERSION_DISABLED; else if (params->wpa_ie[0] == WLAN_EID_RSN) @@ -1921,27 +1928,41 @@ int wpa_driver_wext_associate(void *priv else value = IW_AUTH_WPA_VERSION_WPA; if (wpa_driver_wext_set_auth_param(drv, - IW_AUTH_WPA_VERSION, value) < 0) + IW_AUTH_WPA_VERSION, value) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(WPA_VERSION) failed", __FUNCTION__); ret = -1; + } + value = wpa_driver_wext_cipher2wext(params->pairwise_suite); if (wpa_driver_wext_set_auth_param(drv, - IW_AUTH_CIPHER_PAIRWISE, value) < 0) + IW_AUTH_CIPHER_PAIRWISE, value) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_PAIRWISE) failed", __FUNCTION__); ret = -1; + } + value = wpa_driver_wext_cipher2wext(params->group_suite); if (wpa_driver_wext_set_auth_param(drv, - IW_AUTH_CIPHER_GROUP, value) < 0) + IW_AUTH_CIPHER_GROUP, value) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(CIPHER_GROUP) failed", __FUNCTION__); ret = -1; + } + value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite); if (wpa_driver_wext_set_auth_param(drv, - IW_AUTH_KEY_MGMT, value) < 0) + IW_AUTH_KEY_MGMT, value) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(KEY_MGMT) failed", __FUNCTION__); ret = -1; + } + value = params->key_mgmt_suite != KEY_MGMT_NONE || params->pairwise_suite != CIPHER_NONE || params->group_suite != CIPHER_NONE || params->wpa_ie_len; if (wpa_driver_wext_set_auth_param(drv, - IW_AUTH_PRIVACY_INVOKED, value) < 0) + IW_AUTH_PRIVACY_INVOKED, value) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(PRIVACY_INVOKED) failed", __FUNCTION__); ret = -1; + } /* Allow unencrypted EAPOL messages even if pairwise keys are set when * not using WPA. IEEE 802.1X specifies that these frames are not @@ -1952,12 +1973,18 @@ int wpa_driver_wext_associate(void *priv else allow_unencrypted_eapol = 1; - if (wpa_driver_wext_set_psk(drv, params->psk) < 0) + if (wpa_driver_wext_set_psk(drv, params->psk) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_psk failed", __FUNCTION__); ret = -1; + } + if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_RX_UNENCRYPTED_EAPOL, - allow_unencrypted_eapol) < 0) + allow_unencrypted_eapol) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(RX_UNENCRYPTED_EAPOL) failed", __FUNCTION__); ret = -1; + } + #ifdef CONFIG_IEEE80211W switch (params->mgmt_frame_protection) { case NO_MGMT_FRAME_PROTECTION: @@ -1970,17 +1997,25 @@ int wpa_driver_wext_associate(void *priv value = IW_AUTH_MFP_REQUIRED; break; }; - if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) + if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_auth_param(IW_AUTH_MFP) failed", __FUNCTION__); ret = -1; + } #endif /* CONFIG_IEEE80211W */ - if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0) + if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_freq failed", __FUNCTION__); ret = -1; + } if (!drv->cfg80211 && - wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) + wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_ssid failed", __FUNCTION__); ret = -1; + } if (params->bssid && - wpa_driver_wext_set_bssid(drv, params->bssid) < 0) + wpa_driver_wext_set_bssid(drv, params->bssid) < 0) { + wpa_printf(MSG_DEBUG, "%s: assoc failed because set_bssid failed", __FUNCTION__); ret = -1; + } if (drv->cfg80211 && wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) ret = -1; @@ -2008,6 +2043,10 @@ static int wpa_driver_wext_set_auth_alg( res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG, algs); drv->auth_alg_fallback = res == -2; + + if (res == -2) + wpa_printf(MSG_DEBUG, "%s: falling back to ENCODE for AUTH", __FUNCTION__); + return res; } ++++++ wpa_supplicant-errormsg.patch ++++++ Index: src/drivers/driver_wext.c =================================================================== --- src/drivers/driver_wext.c.orig +++ src/drivers/driver_wext.c @@ -54,12 +54,13 @@ int wpa_driver_wext_set_auth_param(struc iwr.u.param.value = value; if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) { + int saved_errno = errno; if (errno != EOPNOTSUPP) { wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d " "value 0x%x) failed: %s)", idx, value, strerror(errno)); } - ret = errno == EOPNOTSUPP ? -2 : -1; + ret = saved_errno == EOPNOTSUPP ? -2 : -1; } return ret; ++++++ wpa_supplicant-flush-debug-output.patch ++++++ Index: src/utils/wpa_debug.c =================================================================== --- src/utils/wpa_debug.c.orig +++ src/utils/wpa_debug.c @@ -45,6 +45,7 @@ void wpa_debug_print_timestamp(void) if (out_file) { fprintf(out_file, "%ld.%06u: ", (long) tv.sec, (unsigned int) tv.usec); + fflush(out_file); } else #endif /* CONFIG_DEBUG_FILE */ printf("%ld.%06u: ", (long) tv.sec, (unsigned int) tv.usec); @@ -111,6 +112,7 @@ void wpa_printf(int level, const char *f if (out_file) { vfprintf(out_file, fmt, ap); fprintf(out_file, "\n"); + fflush(out_file); } else { #endif /* CONFIG_DEBUG_FILE */ vprintf(fmt, ap); @@ -146,6 +148,7 @@ static void _wpa_hexdump(int level, cons fprintf(out_file, " [REMOVED]"); } fprintf(out_file, "\n"); + fflush(out_file); } else { #endif /* CONFIG_DEBUG_FILE */ printf("%s - hexdump(len=%lu):", title, (unsigned long) len); @@ -191,12 +194,14 @@ static void _wpa_hexdump_ascii(int level fprintf(out_file, "%s - hexdump_ascii(len=%lu): [REMOVED]\n", title, (unsigned long) len); + fflush(out_file); return; } if (buf == NULL) { fprintf(out_file, "%s - hexdump_ascii(len=%lu): [NULL]\n", title, (unsigned long) len); + fflush(out_file); return; } fprintf(out_file, "%s - hexdump_ascii(len=%lu):\n", @@ -221,6 +226,7 @@ static void _wpa_hexdump_ascii(int level pos += llen; len -= llen; } + fflush(out_file); } else { #endif /* CONFIG_DEBUG_FILE */ if (!show) { ++++++ wpa_supplicant-libnl3.patch ++++++ diff -up wpa_supplicant-1.0-rc2/src/drivers/drivers.mak.foo wpa_supplicant-1.0-rc2/src/drivers/drivers.mak --- wpa_supplicant-1.0-rc2/src/drivers/drivers.mak.foo 2012-03-02 16:11:43.176448714 -0600 +++ wpa_supplicant-1.0-rc2/src/drivers/drivers.mak 2012-03-02 16:12:29.759866341 -0600 @@ -48,7 +48,7 @@ NEED_RFKILL=y ifdef CONFIG_LIBNL32 DRV_LIBS += -lnl-3 DRV_LIBS += -lnl-genl-3 - DRV_CFLAGS += -DCONFIG_LIBNL20 + DRV_CFLAGS += -DCONFIG_LIBNL20 `pkg-config --cflags libnl-3.0` else ifdef CONFIG_LIBNL_TINY DRV_LIBS += -lnl-tiny ++++++ wpa_supplicant-sigusr1-changes-debuglevel.patch ++++++ Index: wpa_supplicant/wpa_supplicant.c =================================================================== --- wpa_supplicant/wpa_supplicant.c.orig +++ wpa_supplicant/wpa_supplicant.c @@ -139,6 +139,22 @@ int wpa_set_wep_keys(struct wpa_supplica return set; } +static void wpa_supplicant_handle_sigusr1(int sig, void *eloop_ctx, + void *signal_ctx) +{ + /* Increase verbosity (by decreasing the debug level) and wrap back + * to MSG_INFO when needed. + */ + if (wpa_debug_level) + wpa_debug_level--; + else + wpa_debug_level = MSG_INFO; + + wpa_printf(MSG_INFO, "Signal %d received - changing debug level to %s", sig, + (wpa_debug_level == MSG_INFO) ? "INFO" : + ((wpa_debug_level == MSG_DEBUG) ? "DEBUG" : + ((wpa_debug_level == MSG_MSGDUMP) ? "MSGDUMP" : "UNKNOWN"))); +} static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) @@ -2342,6 +2358,8 @@ int wpa_supplicant_run(struct wpa_global eloop_register_signal_terminate(wpa_supplicant_terminate, global); eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); + eloop_register_signal(SIGUSR1, wpa_supplicant_handle_sigusr1, NULL); + eloop_run(); return 0; ++++++ wpa_supplicant.conf ++++++ ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org