--- /dev/null
+wpasupplicant (0.6.2-2) unstable; urgency=low
+
+ The -w (wait for network interface to exist) command line option no longer
+ exists. If you have scripts that require this option, it is time to change
+ them, or use one of the two supported modes of operation explained at
+ /usr/share/doc/wpasupplicant/README.modes.gz.
+
+ ifupdown supports hot-plugged network devices via the "allow-hotplug" class
+ of operation. An example /etc/network/interfaces configuration stanza would
+ look like:
+
+ allow-hotplug ath0
+ iface ath0 inet dhcp
+ wpa-ssid myssid
+ wpa-psk mysecretpassphrase
+
+ network-manager is also able to handle hot-plugged network devices.
+
+ -- Kel Modderman <kel@otaku42.de> Mon, 14 Jan 2008 18:02:17 +1000
--- /dev/null
+Modes of Operation in wpasupplicant for Debian
+==============================================
+
+The Debian wpasupplicant package provides two (2) convenient modes of operation
+that are closely integrated to the core networking infrastructure; ifupdown.
+
+Table of Contents
+=================
+
+1. Specifying the wpa_supplicant driver backend
+ - Table of supported drivers
+ - Choosing driver backend
+
+2. Mode #1: Managed Mode
+ - Examples
+ - Table of Common Options
+ - Important Notes About Managed Mode
+ - How It Works
+
+3. Mode #2: Roaming Mode
+ - wpa_supplicant.conf
+ - /etc/network/interfaces
+ - Interacting with wpa_supplicant with wpa_cli and wpa_gui
+ - Controlling the Roaming Daemon with wpa_action
+ - Fine Tuning the Roaming Setup
+ - The Logfile
+ - Using External Mapping Scripts (e.g. guessnet)
+ - /etc/network/interfaces with external mapping
+
+4. Troubleshooting
+ - Hidden ssids
+
+5. Security Considerations
+ - Configuration File Permissions
+
+
+1. Specifying the wpa_supplicant driver backend
+===============================================
+
+The wext driver backend will be used for all interfaces that do not explicitly
+set 'wpa-driver' to the driver type required for that device. Users of linux
+2.4 kernels, or 2.6 kernels less than 2.6.14 will be required to specify a
+wpa-driver type.
+
+Table of supported drivers
+==========================
+
+A summary of supported drivers follows:
+
+Driver Description
+====== ===========
+atmel ATMEL AT76C5XXx (USB, PCMCIA)
+wext Linux wireless extensions (generic)
+wired wired Ethernet driver
+
+Choosing driver backend
+=======================
+
+Set the driver type in the interfaces(5) stanza for your device with the
+'wpa-driver' option. For example:
+
+iface eth0 inet dhcp
+ wpa-driver wext
+ . . . . . more options
+
+If no wpa-driver configuration is supplied, the wext backend is used.
+
+2. Mode #1: Managed Mode
+========================
+
+This mode provides the ability to establish a connection via wpa_supplicant to
+one known network. It is similar to how the wireless-tools package works. Each
+element required to establish the connection via wpa_supplicant is prefixed
+with 'wpa-' and followed by the value that will be used for that element.
+
+Examples
+========
+
+NOTE: the 'wpa-psk' value is only valid if:
+ 1) It is a plaintext (ascii) string between 8 and 63 characters in
+ length
+ 2) It is a hexadecimal string of 64 characters
+
+# Connect to access point of ssid 'NETBEER' with an encryption type of
+# WPA-PSK/WPA2-PSK. It assumes the driver will use the 'wext' driver backend
+# of wpa_supplicant because no wpa-driver option has been specified.
+# The passphrase is given as a ASCII (plaintext) string. DHCP is used to
+# obtain a network address.
+#
+iface wlan0 inet dhcp
+ wpa-ssid MyNetWork
+ # plaintext passphrase
+ wpa-psk plaintextsecret
+
+# Connect to access point of ssid 'homezone' with an encryption type of
+# WPA-PSK/WPA2-PSK, using the 'wext' driver backend of wpa_supplicant.
+# The psk is given as an encoded hexadecimal string. DHCP is used to obtain
+# a network address.
+#
+iface wlan0 inet dhcp
+ wpa-driver wext
+ wpa-ssid homezone
+ # hexadecimal psk is encoded from a plaintext passphrase
+ wpa-psk 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
+
+# Connect to access point of ssid 'HotSpot1' and bssid of '00:1a:2b:3c:4d:5e'
+# with an encryption type of WPA-PSK/WPA2-PSK, using the the 'madwifi' driver
+# backend of wpa_supplicant. The passphrase is given as a plaintext string.
+# A static network address assignment is used.
+#
+iface ath0 inet static
+ wpa-driver wext
+ wpa-ssid HotSpot1
+ wpa-bssid 00:1a:2b:3c:4d:5e
+ # plaintext passphrase
+ wpa-psk madhotspot
+ wpa-key-mgmt WPA-PSK
+ wpa-pairwise TKIP CCMP
+ wpa-group TKIP CCMP
+ wpa-proto WPA RSN
+ # static ip settings
+ address 192.168.0.100
+ netmask 255.255.255.0
+ network 192.168.0.0
+ broadcast 192.168.0.255
+ gateway 192.168.0.1
+
+# User supplied wpa_supplicant.conf is used for eth1. All network information
+# is contained within the user supplied wpa_supplicant.conf. No wpa-driver type
+# is specified, so wext is used. DHCP is used to obtain a network address.
+#
+iface eth1 inet dhcp
+ wpa-conf /path/to/wpa_supplicant.conf
+
+Table of Common Options
+=======================
+
+A brief summary of common 'wpa-' options that may be used in the
+/etc/network/interfaces stanza for a wireless device. See the
+'Important Notes About Managed Mode' section for information about
+valid and invalid 'wpa-' values.
+
+NOTE: ALL values are CASE SeNsItVe
+
+Element Example Value Description
+======= ============= ===========
+wpa-ssid plaintextstring sets the ssid of your network
+
+wpa-bssid 00:1a:2b:3c:4d:5e the bssid of your AP
+
+wpa-psk 0123456789...... your preshared wpa key. Use
+ wpa_passphrase(8) to generate your psk
+ from a passphrase and ssid pair
+
+wpa-key-mgmt NONE, WPA-PSK, WPA-EAP, list of accepted authenticated key
+ IEEE8021X management protocols
+
+wpa-group CCMP, TKIP, WEP104, list of accepted group ciphers for WPA
+ WEP40
+
+wpa-pairwise CCMP, TKIP, NONE list of accepted pairwise ciphers for
+ WPA
+
+wpa-auth-alg OPEN, SHARED, LEAP list of allowed IEEE 802.11
+ authentication algorithms
+
+wpa-proto WPA, RSN list of accepted protocols
+
+wpa-identity myplaintextname administrator provided username
+ (EAP authentication)
+
+wpa-password myplaintextpassword your password (EAP authentication)
+
+wpa-scan-ssid 0 or 1 toggles scanning of ssid with specific
+ Probe Request frames
+
+wpa-ap-scan 0 or 1 or 2 adjusts the scanning logic of
+ wpa_supplicant
+
+The complete functionality of wpa_cli(8) should be implemented. Anything
+missing is considered a bug and should be reported as such. Patches are always
+welcome.
+
+Important Notes About Managed Mode
+==================================
+
+Almost all 'wpa-' options require there is at least a ssid specified. Only a
+handful of options have a global effect. These are: 'wpa-ap-scan' and
+'wpa-preauthenticate'.
+
+Any 'wpa-' option given for a device in the interfaces(5) file is sufficient to
+trigger the wpa_supplicant daemon into action.
+
+The wpasupplicant ifupdown script makes assumptions about the 'type' of input
+that is valid for each option. For example, it assumes that some input is
+plaintext and wraps quotation marks around the input before passing it on
+to wpa_cli, which then adds the input to the network block being formed via
+the wpa_supplicant ctrl_interface socket. Running ifup manually with the
+'--verbose' option will reveal all of the commands used to form the network
+block via wpa_cli. If the value you used for any wpa-* option in
+/etc/network/interfaces is surrounded by double quotes, than it has been
+assumed to be of "plaintext" or "ascii" type input.
+
+Some input is assumed to be a hexadecimal string (eg. wpa-wep-key*). The value
+'type' of the wpa-psk option however, is determined via a simple check for more
+than one non hexadecimal character.
+
+
+How It Works
+============
+
+As mentioned earlier, each wpa_supplicant specific element is prefixed with
+'wpa-'. Each element correlates to a property of wpa_supplicant described in
+the wpa_supplicant.conf(5), wpa_supplicant(8) and wpa_cli(8) manpages. The
+supplicant is launched without any pre-configuration whatsoever, and wpa_cli
+forms a network configuration from the input provided by the 'wpa-*' lines.
+Initially, wpa_supplicant/wpa_cli does not directly set the properties of the
+device (like setting an essid with iwconfig, for example), rather it informs
+the device of what access point is suitable to associate with. Once the device
+has scanned the area, and found that the suitable access point is available for
+use, these properties are set.
+
+The scripts that do all the work are located at:
+
+ /etc/wpa_supplicant/ifupdown.sh
+ /etc/wpa_supplicant/functions.sh
+
+ifupdown.sh is executed by run-parts, which in turn is invoked by ifupdown
+during the 'pre-up', 'pre-down' and 'post-down' phases.
+
+In the 'pre-up' phase, a wpa_supplicant daemon is launched followed by a series
+of wpa_cli commands that set up a network configuration according to what
+'wpa-' options were used in /etc/network/interfaces for the physical device.
+
+If wpa-roam is used, a wpa_cli daemon is launched in the 'post-up' phase.
+
+In the 'pre-down' phase, the wpa_cli daemon is terminated.
+
+In the 'post-down' phase, the wpa_supplicant daemon is terminated.
+
+
+3. Mode #2: Roaming Mode
+========================
+
+A self contained, simplistic roaming mechanism is provided by this package. It
+is in the form of a wpa_cli action script, /sbin/wpa_action, and it assumes
+control of ifupdown once activated. The wpa_action(8) manpage describes its
+technical details in great depth.
+
+To activate a roaming interface, adapt the following example interfaces(5)
+stanza:
+
+iface eth1 inet manual
+ wpa-driver wext
+ wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
+
+Two daemons are spawned from the above example; wpa_supplicant and wpa_cli. It
+is required to provide a wpa_supplicant.conf containing a minimal amount of
+global options, and any known network blocks that should be connected to
+without interaction. A good starting point is provided by an example
+configuration file:
+
+ # copy the template to /etc/wpa_supplicant/
+ cp /usr/share/doc/wpasupplicant/examples/wpa-roam.conf \
+ /etc/wpa_supplicant/wpa_supplicant.conf
+ # allow only root to read and write to file
+ chmod 0600 /etc/wpa_supplicant/wpa_supplicant.conf
+
+NOTE: it is critical that the used wpa_supplicant.conf defines the location of
+ the 'ctrl_interface' so that a communication socket is created for the
+ wpa_cli (wpa-roam daemon) to attach. The mentioned example configuration,
+ /usr/share/doc/wpasupplicant/examples/wpa-roam.conf, has been set to a
+ sane default.
+
+It is required to edit this configuration file, and add the network blocks for
+all known networks. If you do not understand what this means, start reading the
+wpa_supplicant.conf(5) manpage now.
+
+For each network, you may specify a special option 'id_str'. It should be set to
+a simple text string. This text string forms the basis for network profiling; it
+correlates to a logical interface defined in the interfaces(5) file. When no
+'id_str' is given for a network, wpa_action assumes it will use the 'default'
+logical interface as fallback. The fallback interface can be chosen via the
+'wpa-roam-default-iface' option.
+
+So what does all this mean? Lets illustrate it with a small example taken from
+the wpa_action(8) manpage.
+
+wpa_supplicant.conf
+===================
+network={
+ ssid="foo"
+ key_mgmt=NONE
+ # this id_str will notify /sbin/wpa_action to 'ifup uni'
+ id_str="uni"
+}
+
+network={
+ ssid="bar"
+ psk=123456789...
+ # this id_str will notify /sbin/wpa_action to 'ifup home_static'
+ id_str="home_static"
+}
+
+network={
+ ssid=""
+ key_mgmt=NONE
+ # no 'id_str' parameter is given, /sbin/wpa_action will 'ifup default'
+}
+
+/etc/network/interfaces
+=======================
+# the roaming interface MUST use the manual inet method
+# 'allow-hotplug' or 'auto' ensures the daemon starts automatically
+allow-hotplug eth1
+iface eth1 inet manual
+ wpa-driver wext
+ wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
+
+# no id_str, 'default' is used as the fallback mapping target
+iface default inet dhcp
+
+# id_str="uni"
+iface uni inet dhcp
+
+# id_str="home_static"
+iface home_static inet static
+ address 192.168.0.20
+ netmask 255.255.255.0
+ network 192.168.0.0
+ broadcast 192.168.0.255
+ gateway 192.168.0.1
+
+A logical interface is brought up via ifup, and taken down via ifdown, as
+wpa_supplicant associates and de-associates with the network associated
+to it by the 'id_str' option used in the wpa_supplicant.conf configuration file.
+
+A log of /sbin/wpa_action's actions is created at
+/var/log/wpa_action.$IFACE.log, please attach the log when reporting problems.
+
+Interacting with wpa_supplicant with wpa_cli and wpa_gui
+========================================================
+
+The wpa_supplicant process can be interacted with by members of the "netdev"
+group if the example roaming configuration was used as is (or by whatever
+group or gid specified by the GROUP= crtl_interface parameter).
+
+ # the default ctrl_interface option used in the example file
+ # /usr/share/doc/wpasupplicant/examples/wpa-roam.conf
+ ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
+
+To interact with the supplicant, the wpa_cli (command line) and wpa_gui (QT)
+have been provided. With these you may connect, disconnect, add/delete new
+network blocks, provide required interactive security information and so on.
+
+Controlling the Roaming Daemon with wpa_action
+==============================================
+
+Once the roaming daemon is started, it assumes control of ifupdown. That is;
+wpa_cli calls ifup when wpa_supplicant has successfully associated with an
+access point, and calls ifdown when the connection is lost or terminated.
+While the roaming daemon is active, ifupdown should not be controlled directly
+by manually issued commands, rather /sbin/wpa_action is supplied to stop and
+reload the roaming daemon. For example, to stop the
+romaing daemon on the device 'eth1':
+
+ wpa_action eth1 stop
+
+When it is required to update the roaming daemon with a new networks details,
+it can be done without stopping it. Edit the wpa_supplicant.conf file that is
+being used by the daemon with the new networks details, add optional network
+settings to /etc/network/interfaces that are specific to the new network
+(linked by the 'id_str') and then 'reload' the daemon like so:
+
+ wpa_action eth1 reload
+
+For the complete technical details of what wpa_action can do, read the
+wpa_action(8) manpage.
+
+Fine Tuning the Roaming Setup
+=============================
+
+You may face situations where multiple known access points are in close
+proximity. You can choose which one is preferred manually, with wpa_cli or
+wpa_gui, or you can give each network its own priority. This is provided by the
+'priority' option of wpa_supplicant.conf.
+
+The Logfile
+===========
+
+All activity of the roaming dameon is logged to /var/log/wpa_action.log. The
+following information is logged:
+
+ * time and date
+ * interface name and action event
+ * values of enviromental variables (WPA_ID, WPA_ID_STR, WPA_CTRL_DIR)
+ * ifupdown command executed
+ * wpa_cli status (based on WPA-PSK network, may display different info)
+ - bssid
+ - ssid
+ - id
+ - id_str
+ - pairwise_cipher
+ - group_cipher
+ - key_mgmt
+ - wpa_state
+ - ip_address
+
+Using External Mapping Scripts (e.g. guessnet)
+==============================================
+
+In addition to the internal mapping of logical interfaces via 'id_str',
+wpa_action can call external mapping scripts. A mapping script should return
+the name of the logical interface which should be brought up. Any mapping
+script that works from ifupdowns mapping mechanism (see man interfaces) should
+also work when called from wpa_action.
+
+To call a mapping script add a line 'wpa-mapping-script name-of-the-script' to
+the interfaces stanza of the physical roaming device. (You may have to specify
+the absolute path to the mapping script.)
+
+The contents of lines starting with wpa-map are passed to stdin of the mapping
+script. Since ifupdown allows only one wpa-map line you can append any number
+to wpa-map for additional lines. For example:
+
+iface wlan0 inet manual
+ wpa-driver wext
+ wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
+ wpa-mapping-script guessnet-ifupdown
+ wpa-map0 home
+ wpa-map1 work
+ wpa-map2 school
+ # ... additional wpa-mapX lines as required
+
+
+By default the mapping script will only be used when no 'id_str' is available
+for the current network. If you want to completely disable 'id_str' matching
+and use only an external mapping script, use the
+'wpa-mapping-script-priority 1' option to override default behaviour.
+
+If the mapping script returns an empty string wpa_action will fallback to using
+the 'default' interface, unless an alternative is defined by the
+'wpa-roam-default-iface' option.
+
+Below is an advanced example, using guessnet-ifupdown as the external mapping
+script.
+
+/etc/network/interfaces with external mapping
+=============================================
+
+allow-hotplug wlan0
+iface wlan0 inet manual
+ wpa-driver wext
+ wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
+ wpa-roam-default-iface default-wparoam
+ wpa-mapping-script guessnet-ifupdown
+ wpa-map default: default-guessnet
+ wpa-map0 home_static
+ wpa-map1 work_static
+
+# school can only be chosen via 'id_str' matching
+iface school inet dhcp
+ # resolvconf
+ dns-nameservers 11.22.33.44 55.66.77.88
+
+iface home_static inet static
+ address 192.168.0.20
+ netmask 255.255.255.0
+ network 192.168.0.0
+ broadcast 192.168.0.255
+ gateway 192.168.0.1
+ test peer address 192.168.0.1 mac 00:01:02:03:04:05
+
+iface work_static inet static
+ address 192.168.3.200
+ netmask 255.255.255.0
+ network 192.168.3.0
+ broadcast 192.168.3.255
+ gateway 192.168.3.1
+ test peer address 192.168.3.1 mac 00:01:02:03:04:05
+
+iface default-guessnet inet dhcp
+
+iface default-wparoam inet dhcp
+
+In this example wpa_action will use guessnet for the selection of a suitable
+logical interface only when no 'id_str' option has been provided for the
+current network in the provided wpa_supplicant.conf.
+
+The 'wpa-map' lines provide guessnet with the logical interfaces that are to be
+tested as well as the default interface to be used when all tests fail. The
+'test' lines of each logical interface are used by guessnet to determine if
+we are actually connected to that network. For instance, guessnet will choose
+the logical interface 'home_static' if there's a device with an IP address of
+192.168.0.1 and MAC of 00:01:02:03:04:05 on the current network. If all tests
+fail, the 'default-guessnet' interface will be configured.
+
+Please, read the guessnet(8) manpage for more information.
+
+
+4. Troubleshooting
+==================
+
+In order to debug connection, association and authentication problems,
+increase the verbosity level of wpa_supplicant to log debug output to
+/var/log/wpa_supplicant.$iface.log.
+
+iface eth1 inet dhcp
+ wpa-debug-level 3
+ ...
+
+Debug level number 3 starts the supplicant with the -ddd command line option,
+level 2 with -dd an level 1 with -d. Values of -1 and -2 will cause
+wpa_supplicant to be started with -q and -qq options respectively (quiet mode).
+Any other wpa-debug-level value will cause the supplicant to be started
+with default debug level.
+
+Another method is to start `wpa_cli -i <interface>` in another shell before
+starting the interface. Use the command 'level 0' first, to get all debug
+messages sent to the control socket by wpa_supplicant.
+
+To debug the ifupdown scripts that start wpa_supplicant and friends, use
+`ifup --verbose <interface>` to get verbose messages, or set
+wpa-maint-debug to any value to see shell code execution (set -x).
+
+Hidden ssids
+============
+
+For reference, see #358137 [1]. In order to be able to associate to hidden
+ssids, please try to set the option 'ap_scan=1' in the global section, and
+'scan_ssid=1' in your network block section of your wpa_supplicant.conf file.
+If you are using the managed mode, you can do so by these stanzas:
+
+iface eth1 inet dhcp
+ wpa-ap-scan 1
+ wpa-scan-ssid 1
+ # ... additional options for your setup
+
+According to #368770 [2], association can take a very long time under certain
+circumstances. In some cases, setting the parameter 'ap_scan=2' in the
+config file, (or using a 'wpa-ap-scan 2' stanza, which is equivalent) can
+greatly help to speed up association. Please note that setting ap_scan to the
+value of 2 also requires that all networks have a precisely defined security
+policy for for key_mgmt, pairwise, group and proto network policy variables.
+
+[1] http://bugs.debian.org/358137
+[2] http://bugs.debian.org/368770
+
+
+5. Security Considerations
+==========================
+
+Configuration File Permissions
+==============================
+It is important to keep PSK's and other sensitive information concerning your
+network settings private, therefore ensure that important configuration files
+containing such data are only readable by their owner. For example:
+
+ chmod 0600 /etc/network/interfaces
+ chmod 0600 /etc/wpa_supplicant/wpa_supplicant.conf
+
+By default, /etc/network/interfaces is world readable, and thus unsuitable for
+containing secret keys and passwords.
--- /dev/null
+Patch System
+============
+The quilt patch system is used. `debian/rules patch` is necessary to replicate
+the source tree that is used to produce resulting binary packages.
+
+Manual Page Handling
+====================
+In order to have the manual pages recreated at build time, they must be removed
+from our package tree. We do this simply by omitting the prebuilt manual pages
+from our SVN. When using svn-upgrade, this must be done manually post-upgrade
+to avoid confusing subversion, or else if the debian/rules clean target is used
+in the package svn working copy (default svn-buildpackage behaviour) the
+prebuilt manual pages would be removed without subversion knowing about it.
+
+svn revert wpa_supplicant/doc/docbook/*.5 wpa_supplicant/doc/docbook/*.8
+svn delete wpa_supplicant/doc/docbook/*.5 wpa_supplicant/doc/docbook/*.8
+
+
+Prebuilt manual pages are supplied upstream releases, but are not present in
+git snapshots. Rebuilding the manual pages at build time yields two advantages:
+
+1. No need to modify build rules when packaging git snapshots
+
+2. Allows opportunity to patch in debian specific documentation to enhance user
+ experience
+
+
+It is expected that dpkg-source will warn about their removal:
+
+dpkg-source: building wpasupplicant using existing wpasupplicant_0.6.2.orig.tar.gz
+dpkg-source: building wpasupplicant in wpasupplicant_0.6.2-1.diff.gz
+dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_supplicant.8
+dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_supplicant.conf.5
+dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_priv.8
+dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_passphrase.8
+dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_gui.8
+dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_cli.8
+dpkg-source: warning: ignoring deletion of file wpa_supplicant/doc/docbook/wpa_background.8
+dpkg-source: building wpasupplicant in wpasupplicant_0.6.2-1.dsc
--- /dev/null
+wpasupplicant (0.6.7-maemo1) experimental; urgency=low
+
+ * maemo build
+
+ -- Jukka Rissanen <jukka.rissanen@nokia.com> Wed, 8 Jul 2009 10:29:00 +0300
+
+wpasupplicant (0.6.6-2) experimental; urgency=low
+
+ [ Martin Pitt ]
+ * debian/ifupdown/action_wpa.sh: pm-utils now supplies a second
+ argument to the hooks, thus telling ifplugd and pm-utils apart by
+ the number of arguments does not work any more. Fix up the script
+ to just evaluate the arguments themselves, to work with current
+ and older pm-utils. This unbreaks suspend. (LP: #307312)
+ (Closes: #508526, #509484)
+
+ [ Kel Modderman ]
+ * It has been reported by Alexander E. Patrakov <patrakov@gmail.com> that
+ WEP keys are set in quick time in newer wpa_supplicant releases and no
+ longer cause problems attempting to connect to specific access point
+ during boot sequence. (Closes: #489948)
+ * Do not start wpa_gui in system tray per default when executed from menu
+ system (discussion with upstream resulted in desire to have app opened in
+ foreground, no need to diverge from that).
+
+ -- Kel Modderman <kel@otaku42.de> Sun, 28 Dec 2008 23:53:53 +1000
+
+wpasupplicant (0.6.6-1) experimental; urgency=low
+
+ * New upstream release.
+ * Update debian/copyright to include copyright holders of new source files
+ (src/drivers/driver_roboswitch.*).
+ * Drop patches applied upstream:
+ - debian/patches/10_ftbfs_gcc_4.4.patch
+ - debian/patches/20_delay_mic_error_report.patch
+ * Add libqt4-svg to Dependencies of wpagui for tray icon support.
+ (Closes: #505492)
+
+ -- Kel Modderman <kel@otaku42.de> Mon, 08 Dec 2008 00:47:32 +1000
+
+wpasupplicant (0.6.5-2) experimental; urgency=low
+
+ * Bugfix: "Missing -d in testing for a directory in init script".
+ Thanks to Braun Gábor <braung@renyi.hu> for reporting and the patch.
+ (Closes: #506328)
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 02 Dec 2008 20:52:16 +0100
+
+wpasupplicant (0.6.5-1) experimental; urgency=low
+
+ * New upstream release.
+ * Purge patches applied upstream.
+ * Modify 20_wpa_gui_menu_exec_path.patch to use the new -t command line
+ option and start wpa_gui in the system tray and avoid desktop startup
+ notifications.
+ * When using wpa-roam and connecting to an interface for which an id_str
+ is defined but no matching /e/n/i logical interfaces has been configured,
+ try to configure the default logical interface.
+ * Adjust debian/ifupdown/functions.sh to use not depend on /sbin/ip to use
+ ip.
+ * Rename 20_wpa_gui_menu_exec_path.patch to
+ 06_wpa_gui_menu_exec_path.patch, it will possibly be a long term
+ patch.
+ * Update debian/copyright for new files, as well as better conformance with
+ proposed copyright format.
+ * Cleanup wording of README.Debian paragraph which explains how to debug
+ wpa_supplicant via logging.
+ * Reduce difference with wpa_supplicant/defconfig, adding sections for
+ new options, updating option description, and removal of
+ CONFIG_EAP_WSC which had previously been removed from
+ wpa_supplicant.
+ * Refresh debian/patches/01_use_pkg-config_for_pcsc-lite_module.patch and
+ debian/patches/05_qmake_version_makefile.patch to apply without offset.
+ * Add 10_ftbfs_gcc_4.4.patch to include header files required for
+ compilation with GCC 4.4, thanks to Martin Michlmayr. (Closes: #505041)
+ * Add 20_delay_mic_error_report.patch, an upstream commit which adds a
+ mitigation mechanism for certain attacks against TKIP by delaying Michael
+ MIC error reports by a random amount of time between 0 and 60 seconds.
+ * Enable CONFIG_DELAYED_MIC_ERROR_REPORT in debian/config/linux.
+
+ -- Kel Modderman <kel@otaku42.de> Sun, 09 Nov 2008 21:19:13 +1000
+
+wpasupplicant (0.6.4-3) experimental; urgency=low
+
+ * Target at experimental due to current archive conditions with respect to
+ stable release freeze.
+ * Install /etc/wpa_supplicant/action_wpa.sh to enhance wpa-roam integration
+ with pm-utils and ifplugd. (Closes: #488538)
+ * wpa_gui need not depend stricly upon the same binary version of
+ wpa_supplicant, it just requires a version of wpa_supplicant which support
+ the set of ctrl_interface commands that are used, which to the best of my
+ knowledge is (>= 0.6.2-1). [debian/control]
+ * Cleanup short description of wpasupplicant, and improve short description
+ of wpagui. [debian/control]
+ * Add a series of patches to enhance wpa_gui-qt4:
+ - 10_wpa_gui_icons.patch
+ - 11_desktop_entry.patch
+ - 12_wpa_gui_icons_resource.patch
+ - 13_remove_qPixmapFromMimeSource_ref.patch
+ - 14_qsystemtray_icon.patch
+ - 15_tray_status_state.patch
+ - 16_wpa_gui_icon_touchup.patch
+ * Install icon and menu entry for wpa_gui. [debian/rules] (Closes: #498923)
+ * Add a shell script wrapper, debian/wpa_gui/netdev_wrapper, which will be
+ used by the menu entry to try and exec /usr/sbin/wpa_gui with best
+ estimated privilege level. Install it to /usr/share/wpagui/netdev_wrapper.
+ [debian/rules]
+ * Add 20_wpa_gui_menu_exec_path.patch to modify exec path of wpa_gui.desktop
+ to point at our new wrapper, /usr/share/wpagui/netdev_wrapper.
+ * Add debian menu file for wpa_gui, it also uses the netdev_wrapper.
+ * Create xpm icons from new upstream icon build system, and store them in
+ debian/wpa_gui/*.xpm to avoid creating them during package build because
+ inkscape and imagemagick would be required which are quite large and
+ uneccessary build dependencies. Leave a note in debian/rules to remind
+ us about their origin and the reasoning behind this decision.
+ * wpagui package Recommends: menu, as menu provides su-to-root, which we
+ may need. [debian/control]
+ * Add two upstream patches to improve the retrieval of scan results from
+ userspace:
+ - 07_restore_scanreq_if_initassoc_failed.patch
+ - 08_only_use_cached_scan_results_if_nonempty.patch
+ * Refresh patch series to apply without offset.
+
+ -- Kel Modderman <kel@otaku42.de> Thu, 25 Sep 2008 07:52:06 +1000
+
+wpasupplicant (0.6.4-2) unstable; urgency=low
+
+ * Bugfix: wpasupplicant crashes (closes: #485769). Patch taken from
+ upstream git.
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 27 Aug 2008 10:10:20 +0200
+
+wpasupplicant (0.6.4-1) unstable; urgency=low
+
+ [ Kel Modderman ]
+ * New upstream release
+ * Retroactively cleanse past changelog entries of information indicating
+ that they were not released, as they were.
+ * Use short option for grep (-q) and sed (-n) instead of the busybox
+ incompatible --quiet as per advice of Charles-Henri Gros.
+ * wpa_action: on connected action, call wpa_hysteresis_event before
+ ifup, so that a disconnected action may still be effective should
+ the ifup take a long time (eg. dhcp request takes a long time and
+ eventually fails).
+
+ [ Alessio Treglia <quadrispro@ubuntu.com> ]
+ * Added build-depends on libdbus-glib-1-dev, fixes FTBFS (LP: #256274).
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 16 Aug 2008 10:09:01 +0200
+
+wpasupplicant (0.6.4~git20080716.93ef879-1) unstable; urgency=low
+
+ [ Kel Modderman ]
+ * New upstream git snapshot.
+ * Drop patches applied upstream:
+ - 10_silence_siocsiwauth_icotl_failure.patch
+ - 11_avoid_dbus_version_namespace.patch
+ - 12_fix_potential_use_after_free.patch
+ - 13_defined_IEEE8021X_EAPOL.patch
+ - 14_fix_compile_without_eap.patch
+ - 15_silence_out_of_bounds_warnings.patch
+ - 41_manpage_format_fixes.patch
+ - 42_manpage_explain_available_drivers.patch
+ - 43_remove_w_from_help.patch
+ - 50_wext_dont_overwrite_bss_freq.patch
+ - 51_dont_reschedule_specific_scans_for_hidden_ssids.patch
+ - 52_handle_mac80211_mode_switch.patch
+ - 53_give_adhoc_assoc_more_time.patch
+ * Drop -20_wpa_gui_qt4_disable_link_prl.patch, the qt4 linking problem has
+ been fixed by our qt4 maintainers.
+ * Refresh remaining patch series.
+ * Increase Standards_version to 3.8.0. Explain in debian/README.Debian-source
+ that the `debian/rules patch` command is required to prepare the source
+ tree for building.
+ * Cleanup debian/wpasupplicant.links, removing trailing whitespace and
+ leading / from target symlink pathname.
+ * Remove debian/README.Debian, the information therin was irrelevant for the
+ current release cycle, and is better explained by the README.modes
+ document.
+ * Move debian/README.modes to debian/README.Debian, and create a backwards
+ compat symlink (/usr/share/doc/wpasupplicant/README.modes.gz ->
+ README.Debian.gz) to avoid breaking current online documentation.
+ * Fix spelling error in new debian/README.Debian found by lintian.
+ * Don't install the wpa_supplicant/eap_testing.txt document, it contains
+ information about development features and testing that is not possible
+ with what is provided by the wpasupplicant package.
+ * Remove the QMAKE variable from debian/rules, it is no longer used with
+ upstream build system.
+ * Remove debian/wpagui.install and instead invoke dh_install explicitly in
+ debian/rules, making use of the WPAGUI variable, to have the correct
+ version of wpa_gui installed (assist in switch to-fro different QT ports).
+ * Remove possible bashisms (local(x, y)) from debian/ifupdown/functions.sh.
+ * Add rudimentary locking system when wpa_action(8) calls ifup/ifdown, so
+ that /etc/network/if-*.d/wpasupplicant can differentiate between admin
+ calling ifup/ifdown or wpa_action. (Closes: #488078, #373180)
+ * When wpa_action calls ifup/ifdown, use verbose command line option for
+ more detailed log of what hook scripts are executed.
+ * wpa-ifupdown.init should always stop wpa_action daemon, ifupdown is only
+ guaranteed to stop it if interface is currently configured.
+ * Move debian/README.Debian-source to debian/README.source, as policy seem
+ to prefer this filename now as of version 3.8.0.
+
+ [ Reinhard Tartler ]
+ * lower debhelper compat level to 6 to ease backporting
+
+ -- Kel Modderman <kel@otaku42.de> Wed, 16 Jul 2008 22:59:25 +1000
+
+wpasupplicant (0.6.3-2) unstable; urgency=low
+
+ * Add patch to remove -w option from help output, it has been removed in
+ previous versions. (Closes: #472853)
+ * Correctly refer to wpa-debug-level (not wpa-verbosity-level) ifupdown
+ parameter to control logging output. (Closes: #474440)
+ * Apply patch to permit package build on GNU/kFreeBSD.
+ - add debian/config.kfreebsd build configuration file
+ - adapt debian/rules to use debian/config/kfreebsd when building for
+ kfreebsd DEB_HOST_ARCH_OS
+ * Fix arch specific build dependency declarations introduced by GNU/kFreeBSD
+ compat patch.
+ * Build depend on debhelper >= 7, adjust debian/compat to suit.
+ * Simplify debian/rules, cleaning up the sanitization of
+ README.wpa_supplicant.conf, clean , build and install targets.
+ * Span the Build-Depends field of debian/control over multiple lines.
+ * Add debian/patches/13_defined_IEEE8021X_EAPOL.patch to allow compilation
+ when CONFIG_IEEE8021X_EAPOL is not defined and allow people attempting to
+ progress on wpasuplicant udeb (and netcfg integration) to move on.
+ * Add 14_fix_compile_without_eap.patch to fix another FTBFS when
+ IEEE8021X_EAPOL is not defined.
+ * Rename debian/extra-examples/ to debian/examples/.
+ * Slightly modify the way get-git-snapshot is invoked by debian/rules.
+ * Create debian/config/ directory to contain various build configuration
+ files for different targets (eg. udeb, kfreebsd, linux).
+ * Disable building of test driver backend, no development can sanely be done
+ with this binary package.
+ * Disable building of hostap driver backend, the version of hostap driver in
+ existence since Linux 2.6.14 (or before) uses the wext driver backend.
+ * Provide code in ./debian/ifupdown/functions.sh that warns about invalid
+ wpa-driver choice, and falls back to the usage of a default backend.
+ * Modify debian/README.modes to not contain blurb about which driver_backend
+ to use, wext should almost _always_ be used.
+ * Refresh debian/patches/14_fix_compile_without_eap.patch with what was
+ applied upstream.
+ * Add 50_wext_dont_overwrite_bss_freq.patch to fix handling of channel and
+ frequency information returned by mac80211 using drivers in ad-hoc mode.
+ * 51_dont_reschedule_specific_scans_for_hidden_ssids.patch to optimize scan
+ rescheduling in order to better detect hidden SSIDs.
+ * Simplify debian/rules handling of wpa_supplicant/.config, just cp it in as
+ needed in build target. Move dh_install into install target. These will
+ make integration of possible future udeb cleaner.
+ * Add 52_handle_mac80211_mode_switch.patch to enhance handling of mode
+ switching for mac80211 using interfaces.
+ * Add 53_give_adhoc_assoc_more_time.patch to give adhoc associations a bit
+ more time.
+ * Add 15_silence_out_of_bounds_warnings.patch to silence gcc-4.3 warnings
+ about accessing out of bounds array index.
+ * Purge debian/madwifi-headers/* and no longer activate the driver_madwifi
+ backend of wpa_supplicant. Remove reference to it in support
+ documentation. If "wpa-driver madwifi" is used in an /e/n/i stanza print a
+ warning and use "wext" instead.
+
+ -- Kel Modderman <kel@otaku42.de> Mon, 09 Jun 2008 09:30:23 +1000
+
+wpasupplicant (0.6.3-1) unstable; urgency=low
+
+ * New upstream release.
+ * Drop patches applied upstream:
+ - debian/patches/30_wpa_gui_qt4_eventhistoryui_rework.patch
+ - debian/patches/31_wpa_gui_qt4_eventhistory_always_scrollbar.patch
+ - debian/patches/32_wpa_gui_qt4_eventhistory_scroll_with_events.patch
+ - debian/patches/40_dbus_ssid_data.patch
+ * Tidy up the clean target of debian/rules. Now that the madwifi headers are
+ handled differently we no longer need to do any cleanup.
+ * Fix formatting error in debian/ifupdown/wpa_action.8 to make lintian
+ quieter.
+ * Add patch to fix formatting errors in manpages build from sgml source. Use
+ <emphasis> tags to hightlight keywords instead of surrounding them in
+ strong quotes.
+ - debian/patches/41_manpage_format_fixes.patch
+ * wpasupplicant binary package no longer suggests pcscd, guessnet, iproute
+ or wireless-tools, nor does it recommend dhcp3-client. These are not
+ needed.
+ * Add debian/patches/10_silence_siocsiwauth_icotl_failure.patch to disable
+ ioctl failure messages that occur under normal conditions.
+ * Cherry pick two upstream git commits concerning the dbus interface:
+ - debian/patches/11_avoid_dbus_version_namespace.patch
+ - debian/patches/12_fix_potential_use_after_free.patch
+ * Add debian/patches/42_manpage_explain_available_drivers.patch to explain
+ that not all of the driver backends are available in the provided
+ wpa_supplicant binary, and that the canonical list of supported driver
+ backends can be retrieved from the wpa_supplicant -h (help) output.
+ (Closes: #466910)
+ * Add debian/patches/20_wpa_gui_qt4_disable_link_prl.patch to remove
+ link_prl CONFIG compile flag added by qmake-qt4 >= 4.3.4-2 to avoid excess
+ linking.
+
+ -- Kel Modderman <kel@otaku42.de> Wed, 12 Mar 2008 20:03:04 +1000
+
+wpasupplicant (0.6.2+git20080206.g8c0dad4-1) unstable; urgency=low
+
+ [ Kel Modderman ]
+ * New Upstream git snapshot.
+ - fixes infinite loop in EAPOL state machine when dynamic wep keys are
+ used (Closes: #464514)
+ * install-stamp was not properly implimented, fix it up. [debian/rules]
+ * Drop patches to ctrl interface bss scan results iterator that will not be
+ applied upstream. The iterator will be redesigned to not suffer from the
+ identified problem of one bssid being encountered in more than one cell
+ of the scan results.
+ - debian/patches/84_ctrl_iface_scan_bss_count.patch
+ - debian/patches/85_ctrl_iface_scan_bss_count_warning.patch
+ - debian/patches/94_wpa_gui_qt4_scanres_bss_count.patch
+ * Drop patches applied upstream.
+ - debian/patches/30_src_clean_existing_dirs.patch
+ - debian/patches/31_ctrl_iface_x86_64_compile_warning.patch
+ - debian/patches/93_wpa_gui_qt4_scanres_really_remove_qtimer.patch
+ * wpa_gui should depend on the wpa_supplicant binary from the same build,
+ therefore set versioned dependency of wpasupplicant (= ${binary:Version})
+ for the wpagui package. [debian/control]
+ * Reimpliment 70_wpa_gui_qt4_wpagui_scroll_follow_eventhistory.patch in the
+ form of three patch series for resubmission to upstream.
+ - debian/patches/30_wpa_gui_qt4_eventhistoryui_rework.patch
+ - debian/patches/31_wpa_gui_qt4_eventhistory_always_scrollbar.patch
+ - debian/patches/32_wpa_gui_qt4_eventhistory_scroll_with_events.patch
+
+ [ Reinhard Tartler ]
+ * move debian/patches/01_debian_wpa_roam_example.patch to
+ debian/extra-examples/wpa-roam.conf to have the example as proper file
+ instead of a diff.
+ * Add documentation headers to the files in debian/patches/*
+ * Don't manage wpasupplicant/.config as patch system, but have it as
+ debian/config instead. therefore remove 00_defconfig.patch and
+ 21_config_driver_madwifi.patch
+ * move madwifi headers from debian/patches/20_madwifi_headers to
+ debian/madwifi-headers. also update debian/copyright.
+ * remove ${misc:Depends}. Nothing does use it and generates an unnecessary
+ warning.
+ * use -Wl,--as-needed to avoid unnecessary linking to ncurses,
+ libpthread and libdl.
+ * use pkg-config for detecting how to link against pcsc-lite
+ - debian/patches/01_use_pkg-config_for_pcsc-lite_module
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 09 Feb 2008 23:21:37 +0100
+
+wpasupplicant (0.6.2+git20080202.gde6ccd7-1) unstable; urgency=low
+
+ * New Upstream git snapshot.
+ - the -w (wait for interface) option has been removed (Closes: #350963)
+ - wpa_gui has been massively enhanced
+ * Drop all patches applied to upstream git.
+ * Add debian/patches/30_src_clean_existing_dirs.patch to adjust upstream
+ build system for removal of src/wps (as done in upstream build_release
+ script).
+ * Make sure wpa_supplicant process is checked for and killed by wpa_action
+ on stop or down actions.
+ * Update debian/NEWS to alert users about the removal of the -w command line
+ option.
+ * Truncate debian/NEWS, none of the items are relevant for current upgrade
+ paths, nor do they hold any historical relevance.
+ * Clarify the license of the debian packaging. No license was initially
+ given until now, so we could assume the original packager contributed the
+ packaging under the same terms as the upstream license (BSD | GPL-2).
+ * /etc/init.d/wpa-ifupdown must stop before sendsigs does when using
+ dependency based init system. Add $remote_fs to Required-Stop keyword of
+ LSB header in debian/wpasupplicant.wpa-ifupdown.init.
+ * Add debian/patches/38_dbus_blob_support.patch to allow support for loading
+ of blobs via the D-Bus interface. Patch cherry picked from upstream git.
+ * Move README.wpa_supplicant.conf from examples to docs. Generate the file
+ in the wpa_supplicant/ directory.
+ * Add ${misc:depends} to Depends field of our packages to ensure we do not
+ miss out on any substvars that debhelper may provide us with.
+ * Add debian/patches/39_wpa_gui_qt4_closeevent.patch to improve handling of
+ wpa_gui-qt4 exit, both from File->exit and the X button on the titlebar.
+ * Start daemon in quiet mode by default, the scan event is being written to
+ logfile far too often. [debian/ifupdown/functions.sh]
+ * When starting daemon with debug option, include timestamps in logfile.
+ [debian/ifupdown/functions.sh]
+ * Simplfy return check in init_wpa_supplicant(), init_wpa_cli()
+ kill_wpa_supplicant() and kill_wpa_cli() reduce one level of indentation
+ for each function. [debian/ifupdown/functions.sh]
+ * Add patch to invoke versioned qmake binary when preparing the Makefile for
+ wpa_gui/wpa_gui-qt4 or else a failure to build from source can be possible
+ when more than one QT version is installed. (Closes: #463547)
+ - debian/patches/05_qmake_version_makefile.patch
+
+ -- Kel Modderman <kel@otaku42.de> Mon, 04 Feb 2008 16:00:38 +1000
+
+wpasupplicant (0.6.2-1) experimental; urgency=low
+
+ * New upstream release.
+ * Allow "wpa-key-mgmt NONE" to form a network block via the wpa_cli calls in
+ wpa_conf() of functions.sh.
+ * Overhaul wpa_key_check_and_set() function of functions.sh to better handle
+ wep keys. Function now does similar checking of wep keys that it does for
+ wpa keys. Valid wep keys can be hex of length 10|26|32|58 or ascii with
+ length of at least 5.
+ * Check wpa_cli return value in wpa_cli() function of functions.sh.
+ * Adjust Standards-Version to 3.7.3, no extra changes required.
+ * Switch to quilt patch management from dpatch:
+ - build-depend on quilt, adjust debian/rules accordingly
+ - debian/madwifi/mk-madwifi-header-patch becomes obsolete, removed
+ * Remove debian/defconfig.sh, and re-impliment it in patch form again, but
+ this time with a patch management system that can be used more naturally.
+ This also allows an oppurtunity to go over our default build
+ configuration.
+ * Add svn:ignore property for .pc quilt by-product.
+ * Ensure src/drivers/driver_madwifi/ directory is purged from source tree in
+ clean target of debian/rules.
+ * /var/lock/wpa_action.*.lock was not used in a version of wpasupplicant
+ package in a stable release, no longer need to handle its removal in
+ postrm anymore.
+ * Activate support for PC/SC interface for smartcards along with SIM and AKA
+ EAP methods. Build-depend on libpcsclite-dev. Suggest pcscd.
+ * Update email address in debian/ifupdown/wpa_action.8 manpage.
+ * Sanitize whitepsace in debian/README.modes, swapping tabs for 8 spaces,
+ improving layout of basic tables. Fix a couple of typo's too.
+ * Clarify in debian/README.modes the URI to BTS discussions. Also add a note
+ that using ap_scan=2 requires explicit security policies to be set for
+ each network.
+ * dbus-wpa_supplicant.service now provided by upstream.
+ * Impliment debian/examples/wpa_supplicant.conf.template in patch form. It
+ is planned to expand this small template into a more usable and
+ documented beginning point for the wpa-roam schema.
+ * Add useful comments to the new wpa-roam.conf example configuration file.
+ * README.modes now gives sound advice to setup the roaming daemon to be used
+ with the netdev group, and offers advice on howto set various data
+ sensitive conffiles to be readable only by owner. (Closes: #428620)
+ * wpa_gui manpage exists in upstream, remove debian/wpa_gui.8.
+ * If the path to ctrl_interface directory can be determined from the
+ supplied configuration, do not append the -C option to wpa_supplicant
+ start-stop-daemon command in ifupdown.sh. This breaks the new DIR= GROUP=
+ ctrl_interface syntax.
+ * Add initial subsection to README.modes about "Interacting with
+ wpa_supplicant with wpa_cli and wpa_gui".
+ * Activate CONFIG_IEEE80211R, CONFIG_IEEE80211W and CONFIG_EAP_WSC in the
+ default build configuration.
+ * Log wpa_supplicant output to /var/log/wpa_supplicant.$IFACE.log per
+ default when using ifupdown to manage wpa_supplicant. wpa_supplicant
+ supports logging somewhere via -f cli option. (Closes: #317180)
+ * Add support for managing debug level of wpa_supplicant via the ifupdown
+ scripts.
+ * Enhance README.modes with new supplicant debugging methods.
+ * Build the wpa_gui-qt4 variant now that it doesn't require qt3 support
+ code. It also closes all child windows on File->Exit. (Closes: #426924)
+ * wpasupplicant now Suggests wpagui.
+ * wpa_action now logs to an interface specific logfile, and the logrotate
+ rule was updated to take care of both the old and new locations.
+ * Update copyright headers of ifupdown scripts, also add a few more code
+ comments, a statement of purpose and package ownership as well as some
+ other trivial cleanups.
+ * Remove upgrade removal of conffiles from wpasupplicant versions that exist
+ in oldstable and before. The preinst part of the upgrade handling was
+ removed in pkg-wpa commit r852.
+ * Create sendsigs omission pidfile in /lib/init/rw/sendsigs.omit.d/ for
+ wpa_supplicant and wpa_cli processes managed by ifupdown. Determine
+ runlevel when wpa_cli roaming daemon is active, and allow ot to be killed
+ in runlevels 0 and 6. This allows wpa_supplicant process to survive until
+ networking is stopped. (Closes: #401645)
+ * Add debian/patches/03_dbus_service_activation_customise.patch to start
+ wpa_supplicant with "-f /var/log/wpa_supplicant.log" per default.
+ * Add debian/patches/30_scan_even_when_disconnected.patch to allow scan
+ request to succeed even when interface is in disconnected state.
+ * Modify debian/copyright to be machine-interpretable. Annotate all
+ copyright holders in new format.
+ * State clearly in debian/copyright that the BSD license has been chosen by
+ us, the maintainers, as there is no exception to link against OpenSSL in
+ the text of the given GPL-2 license.
+ * No license had been chosen for the debian packaging information, so GPL-2+
+ has been chosen and recorded in debian/copyright.
+ * Add debian/README.Debian-source to document handling of upstream manual
+ pages.
+ * Build upstream manual pages from sgml source. Build-Depend on docbook and
+ docbook-utils.
+ * Add debian/patches/31_wpa_gui_qt4_select_any.patch to allow selection of
+ any network already defined in network combobox when more than 1 network
+ is defined.
+ * Modify debian/wpasupplicant.wpa-ifupdown.init to be no-op when sendsigs
+ omission interface is supported.
+ * Add debian/patches/32_append_mmd_to_default_cflags.patch to assist in
+ allowing CFLAGS to be overriden without possible bad effects on upstream
+ build system.
+
+ -- Kel Modderman <kel@otaku42.de> Tue, 08 Jan 2008 22:51:36 +1000
+
+wpasupplicant (0.6.1~git20071119-1) unstable; urgency=low
+
+ * New upstream git snapshot.
+ - support for dbus >= 1.1.1 dbus_watch_get_unix_fd() api
+ * Convert to non-cdbs traditional debhelper-centric debian/rules and remove
+ build dependency on cdbs. This converges with style of hostapd package.
+ * Correct poorly formatted debian/NEWS entry that was causing lintian to
+ complain.
+ * Cleanup files in ./debian/*
+ - move debian/wpa_supplicant.conf.template to debian/examples/
+ - move debian/mk-madwifi-header-patch to debian/madwifi/
+ - move debian/dbus-wpa_supplicant.service to debian/dbus/
+ - rename debian/dot.config.mk to debian/defconfig.mk
+ * Remove MADWIFI variable from debian/defconfig.mk.
+ * No longer build "ndiswrapper" or "ipw" backends. Etch shipped with a
+ kernel in which neither of these backends could work (> Linux 2.6.14) so
+ it is about time we no longer pretended to support for them.
+ * Activate D-Bus system activation support. Install the service file into
+ /usr/share/dbus-1/system-service/. The filename reflects the service bus
+ name of "fi.epitest.hostap.WPASupplicant". In addition, the service must
+ be started by root user. Thanks to Michael Biebl. (Closes: #412179)
+ * Build depend on docbook and docbook-utils to generate upstream manpages
+ from sgml source.
+ * Upstream wpa_cli(8) is no longer incorrect with regard to CONNECTED and
+ DISCONNECTED signal events. (Closes: #432904)
+ * Drop debian/patches/10_fix_non_wpa_zero_len_ssid.dpatch and
+ debian/patches/50_fix_wext_tsf_stack_overflow.dpatch, applied upstream.
+ * debian/patches/40_debian_doc_examples.dpatch does not apply to git
+ snapshot, remove it and rethink how we can best integrate our debian
+ specific bits.
+ * wpa_action: check status with respect to ifupdown after CONNECTED event
+ has ensued. If the interface is not recorded in ifupdown's state file
+ attempt reassociation. (Closes: #428304).
+ * Adjust logic when using sed to determine ctrl_interface socket directory
+ from the configfile to handle ctrl_interface=DIR= GROUP= syntax.
+
+ -- Kel Modderman <kel@otaku42.de> Thu, 22 Nov 2007 17:10:29 +1000
+
+wpasupplicant (0.6.0-4) unstable; urgency=low
+
+ * Fix stack overflow condition that could exist if driver reported bad tsf
+ data in iwevent and scan results. (Closes: #442387)
+ * Update Vcs fields of debian/control to format of current consensus.
+ * Add Homepage field to debian/control.
+
+ -- Kel Modderman <kel@otaku42.de> Tue, 16 Oct 2007 18:12:03 +1000
+
+wpasupplicant (0.6.0-3) unstable; urgency=low
+
+ * Add debian/mk-madwifi-header-patch, a quick and dirty bash script for
+ generating the madwifi header patch.
+ * Fix typo in README.modes, wpa-default-iface is really
+ wpa-roam-default-iface. (Closes: #435718)
+ * Simplify debian/dot.config.mk.
+ * Confirm that the ifupdown scripts do set ssid when wpa-ssid is used with a
+ value in /etc/network/interfaces. (Closes: #367655)
+ * Truncate default build .config. Make madwifi config option conditional on
+ MADWIFI variable.
+ * Add 10_fix_non_wpa_zero_len_ssid.dpatch to fix regression inhibiting
+ selection of non-WPA zero length ssid. (Closes: #431102)
+ * Fix debian-rules-ignores-make-clean-error lintian error.
+
+ -- Kel Modderman <kel@otaku42.de> Sat, 25 Aug 2007 00:23:50 +1000
+
+wpasupplicant (0.6.0-2) unstable; urgency=low
+
+ * Really allow 'wpa-conf managed' to pass through.
+
+ -- Kel Modderman <kel@otaku42.de> Wed, 04 Jul 2007 17:18:45 +1000
+
+wpasupplicant (0.6.0-1) unstable; urgency=low
+
+ [Kel Modderman]
+ * New upstream release.
+ - restructured source layout
+ * Adjust debian/wpasupplicant.examples, debian/wpagui.install,
+ debian/wpasupplicant.install, debian/wpasupplicant.manpages, and
+ debian/wpasupplicant.docs for new layout.
+ * Redjust debian/patches/30_dbus_policy.dpatch and
+ debian/patches/40_debian_doc_examples.dpatch to apply against new layout.
+ * Drop debian/patches/10_config.dpatch and
+ debian/patches/21_madwifi_includes.dpatch.
+ * Introduce makefile fragment for wpa_supplicant .config creation. Call it
+ from debian/rules. It is named debian/dot.config.mk.
+ * Add WPADIR variable to debian/rules, adjust build and install targets to
+ use WPADIR.
+ * Update madwifi_headers patch with code from current madwifi SVN trunk.
+ * Damage control: allow 'wpa-conf managed' to pass through without failure
+ for those people who followed the poor example outlined in the hidden
+ ssid's section of README.modes. Also remove the offending line from the
+ documentaion. (Closes: #428137)
+
+ [Reinhard Tartler]
+ * Fix building wpagui.
+ * remove debian/wpasupplicant.preinst, since we don't support upgrades
+ from oldstable. This way we don't need to look at /var/lib/dpkg/status
+ anymore, which is unreliable anyway. Makes lintian happy.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 17 Jun 2007 10:33:31 +0100
+
+wpasupplicant (0.6.0~cvs20070224-3) unstable; urgency=low
+
+ * Add netdev group if it does not exist, since we provide a dbus
+ configuration file that insists on using that group. (Closes: #418641)
+
+ -- Kel Modderman <kel@otaku42.de> Sun, 22 Apr 2007 19:19:07 +1000
+
+wpasupplicant (0.6.0~cvs20070224-2) unstable; urgency=low
+
+ [Kel Modderman]
+ * Update XS-Vcs fields of debian/control to reflect pkg-wpa archive change.
+ * Update debian/copyright with new upstream URL's and Jouni's new email
+ address.
+ * Rename madwifi related dpatches to match that of hostapd source package.
+ * Update debian/watch with new upstream release URL.
+
+ [Reinhard Tartler]
+ * Remove the prerm script as discussed on pkg-wpa-devel@
+ * upload to unstable
+
+ -- Kel Modderman <kel@otaku42.de> Mon, 09 Apr 2007 18:09:08 +1000
+
+wpasupplicant (0.6.0~cvs20070224-1) experimental; urgency=low
+
+ * New upstream development release. (Closes: #401809)
+ * wpa_supplicant no longer segfaults on failure to initialize a network
+ interface. (Closes: #403301, #403313)
+ * Fixes EAP-PEAP/TTLS/FAST to use the correct EAP identifier in tunnelled
+ identity request. (Closes: #402619)
+ * Drop deprecated init script example. debian/wpa_supplicant.init-daemon.
+ * Drop debian/patches/10_orinoco_wep_key_fix.dpatch as the appropriate
+ driver fix has been included in mainline linux since 2.6.19-rc.
+ * Drop debian/patches/21_madwifiold_20060207_includes.dpatch,
+ madwifi-old is deprecated upstream.
+ * Remove false instructions from NEWS file regarding madwifi-old support
+ that has since been discarded from the source package.
+ * Drop debian/patches/11_erroneous_manpage_ref.dpatch,
+ applied upstream.
+ * Remove wpa-stakey code from conf_wpasupplicant() in functions.sh since it
+ is removed from upstream.
+ * Allow 'wpa-essid' to do the same thing as 'wpa-ssid'. (Closes: #403316)
+ * Update Uploader: email address.
+ * Update private madwifi includes to r2156 of madwifi.org SVN trunk.
+ * Make a large note in README.modes wpa-roam documentation that a
+ ctrl_interface MUST be defined for the roaming setup to function.
+ (Closes: #407936).
+ * Activate wpa_supplicant's dbus interface by installing
+ dbus-wpa_supplicant.conf to the appropriate location. (Closes: #412179)
+ * Add debian/patches/30_dbus_policy.dpatch to allow access control to
+ wpa_supplicant's dbus interface via the netdev group. (Michael Biebl).
+ * Install a service file to /usr/share/dbus-1/services/ for dbus aware
+ applications that may take advantage of that in the future (Michael
+ Biebl).
+ * Add support to ifupdown.sh for `wpa-mode' and `wpa-frequency' options used
+ in IBSS mode. Note that ifupdown.sh does not do any sanity checking for
+ the other many requirements for using wpa_supplicant in IBSS mode.
+ * Update XS-Vcs-* fields in control file, add Vcs-Browser token.
+ * Move debian spcific ifupdown sh glue into debian/ifupdown/.
+ * Have prerm gracefully bring down interfaces under the influence of
+ wpa_supplicant via wpa-ifupdown init script.
+ * Remove unrequired `unset' usage in wpa-ifupdown.init, discard stderr of
+ find invocations.
+ * Don't stop dbus wpasupplicant daemon via wpa-ifupdown.
+ * Suggest wireless-tools. (Closes: #413689)
+
+ -- Kel Modderman <kel@otaku42.de> Thu, 8 Mar 2007 03:23:51 +1000
+
+wpasupplicant (0.5.5-4) unstable; urgency=low
+
+ * Settings for wired networks are no longer ignored by functions.sh.
+ (Closes: #401413)
+
+ -- Kel Modderman <kelmo@kanotixguide.org> Sun, 10 Dec 2006 01:25:11 +1000
+
+wpasupplicant (0.5.5-3) unstable; urgency=low
+
+ * Make needlessly global shell function variables local. Use local
+ consistently. [debian/functions.sh]
+ * Enhance error message when wpa-conf or wpa-roam mode is requested, but the
+ supplied configuration file is not readable or incorrect.
+ [debian/ifupdown.sh]
+ * Exchange bogus copyright holder information of functions.sh, ifupdown.sh
+ and wpa_action.sh for information reflecting the _group_ behind them.
+ * Force ap_scan=0 for "wired" IEEE8021X type authentication.
+ [debian/functions.sh]
+ * Add debian specific location for example wpa_supplicant.conf files to
+ wpa_supplicant.conf(8). (Closes: #396005)
+ * Fix typo in wpa_supplicant(8) that referred to non-existant manpage.
+ (Closes: #389948)
+ * Update madwifi private includes to latest (r1794).
+ * Add XS-X-Vcs-Svn field to debian/control file.
+ * Shunt env var IFACE to WPA_IFACE in the ifupdown.sh, wpa_action.sh and
+ function.sh scripts. This allows further flexibility, such as the ability
+ to start wpa_supplicant on an arbitary interface specified by a
+ 'wpa-iface' line in /etc/network/interfaces.
+
+ -- Kel Modderman <kelmo@kanotixguide.org> Fri, 10 Nov 2006 11:12:56 +1000
+
+wpasupplicant (0.5.5-2) unstable; urgency=low
+
+ * Update madwifi headers to latest SVN. (Closes: #388316)
+ * Remove failed attempt at action locking. [debian/functions.sh,
+ debian/wpa_action.sh]
+ * Add hysteresis checking functions, to avoid "event loops" while
+ using wpa-roam. [debian/functions.sh, debian/wpa_action.sh]
+ * Change of co-maintainer email address.
+ * Add ishex() function to functions.sh to determine wpa-psk value type in
+ plaintext or hex. This effectively eliminates the need for the bogus and
+ somewhat confusing wpa-passphrase contruct specific to our scripts and
+ allows wpa-psk to work with either a 8 to 63 character long plaintext
+ string or 64 character long hex string.
+ * Adjust README.modes to not refer to the redundant wpa-passphrase stuff.
+ * Add big fat NOTE about acceptable wpa-psk's to top of example gallery.
+ * Strip surrounding quotes from wpa-ssid if present, instead of just whining
+ about them.
+ * Update email address in copyright blurb of functions.sh, ifupdown.sh and
+ wpa_action.sh.
+
+ -- Kel Modderman <kelmo@kanotixguide.org> Thu, 5 Oct 2006 08:04:01 +1000
+
+wpasupplicant (0.5.5-1) unstable; urgency=low
+
+ * wpa_supplicant(8) now describes the -P (PID file) line option in the
+ manpage. (Closes: #381721)
+ * wpa_passphrase(8) is clearer about describing its purpose.
+ * Start a paragraph in README.modes containing information about best
+ security practises while using and configuring wpa_supplicant. For now
+ it briefly covers the topic of file permissions. (Closes: #382241)
+ * Implement PSK and ASCII passphrase key sanity checking, and warn user
+ about suspicious key lengths (managed mode only).
+ * Add leading example network conf, using wpa-passphrase, to README.modes.
+ * README.Debian documentation changes as sugested by Eduard Bloch
+ (Closes: #382314)
+ - reordered sections by importance for a new user, this ensures wext info
+ for ipw drivers is obvious (Closes: #384299)
+ - rewrote the first chapter to give a fluent introduction, refered to
+ wireless-tools doc
+ - add missing .gz to README.notes path (Closes: #386603)
+ * Reshuffle of README.modes, moving How It Works section toward the latter
+ end to avoid stopping people from missing out on important info.
+ * Rename 'Notes About Managed Mode' to 'Important Notes About Managed Mode'.
+ * Clarify the status of madwifi and 'wext' in README.modes.
+ (Closes: #382651)
+ * Return exit status of daemon start commands.
+ * Further cleanup of ifupdown.sh, move functions to head of script.
+ * wpa-ifupdown no longer checks interface state.
+ * Touch logfile before redirecting output to it via exec, to make sure it is
+ writeable.
+ * Split common code into /etc/wpa_supplicant/ifupdown_common.sh, so that
+ ifupdown.sh and wpa_action.sh may share it.
+ * Add 'wpa_action iface check' option, to test if interface is under
+ influence of wpa_cli or not..
+ * Start wpa_cli daemon from post-up to avoid a race condition with the
+ roaming daemon where association occurred before the master interface
+ state was recorded. This would cause the mapped logical interface to fail
+ on ifup, as wpa_action would fail to detect the state of the master
+ interface, thus not supply the --force option. This is where a stateless
+ ifupdown would really help.
+ * Make conf_wpa_supplicant no-act for roaming daemon. This is important, so
+ that we do not attach wpa_cli to the ctrl_interface socket and initiate
+ roaming before state is tracked.
+ * Add hints about 'auto' and 'allow-hotplug' options with respect to the
+ roaming interface in README.modes. (Closes: #384501)
+ * Drop patchset for commenting out large wpa_supplicant.conf, use sed
+ instead.
+ * Active dbus interface via CONFIG_CTRL_IFACE_DBUS, add build-dep of
+ libdbus-1-dev to debian/control.
+ * Upstream now provides a connect-to-open-ssid example in the large
+ wpa_supplicant.conf file, therefore there is no need to maintain such an
+ example. Rename wpa_connect_open_ap.conf to wpa_supplicant.conf.template
+ and adjust docs to use this as a starting point for the wpa-roam daemon.
+ * Install wpa_passphrase to /usr/bin, there is no need for it in early boot.
+ * Build qt4 wpa_gui from wpa_gui dir rather than pure qt4 variant
+ (wpa_gui-qt4) as per Jouni's advice.
+ * Add versioned dependency on lsb-base >= 3.0-6 for use of log_action_* in
+ wpa-ifupdown.init. (Closes: #386164)
+ * Use correct terminology when describing wpa-roam in wpa_action(8).
+ (Closes: #386813)
+
+ -- Kel Modderman <kelrin@tpg.com.au> Mon, 11 Sep 2006 19:23:05 +1000
+
+wpasupplicant (0.5.4-5) unstable; urgency=low
+
+ * STDIN was not given to external mapping script correctly. Use the power of
+ eval to fix the issue. [wpa_action.sh]
+ * Fix stupid debian/control error: duplicate Suggests fields.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Thu, 10 Aug 2006 01:03:38 +1000
+
+wpasupplicant (0.5.4-4) unstable; urgency=low
+
+ * Add support to wpa_action.sh and ifupdown.sh for allowing external mapping
+ logic to be used as opposed to the id_str logic. Thanks to Felix Homman
+ for the great insight while implementing this feature.
+ * Add a timeout loop of max 60s when waiting for an action to finish.
+ [wpa_action.sh]
+ * Minor cleanups wrt code comments and function placement in ifupdown.sh.
+ * Suggest guessnet, now that it can directly "plug in" to wpa_action. Also
+ demote iproute from Recommends to Suggests, it is not important by any
+ means and was only added to honour a wishlist request.
+ * Prepare for ctrl_interface socket changes in 0.5.5. It can be provided by
+ 'DIR=foo GID=bar' or 'ctrl_interface=foo' in wpa_supplicant.conf. Our sed
+ check for this path in ifupdown.sh should now support both alternatives.
+ * Move LOCKFILE and LOGFILE into WPA_ namespace. [wpa_action.sh]
+ * Use semi-colon instead of comma for verbose output as that seems to be a
+ standard among many different applications.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Tue, 8 Aug 2006 20:04:11 +1000
+
+wpasupplicant (0.5.4-3) unstable; urgency=low
+
+ * UNRELEASED
+ * Further optimisation of ifupdown.sh, use return values in
+ init_wpa_supplicant() to dictate if further commands should follow, rather
+ than exiting immediately.
+ * Standardize echo'ing in ifupdown.sh. Add a wpa_msg() function to take care
+ of "verbose|action|stdout|stderr" messages.
+ * Add a 5 second timeout loop to init_wpa_supplicant() that waits for the
+ ctrl_interface socket to be established before allowing wpa_cli to launch,
+ and avoid a race condition. This means other functions no longer need to
+ test for existance of the ctrl_interface socket. [ifupdown.sh]
+ * Rename WPA_DRIVER to WPA_SUP_DRIVER to conform with name scheme of other
+ similar variables. [ifupdown.sh]
+ * Add (untested) wpa-bridge support to ifupdown.sh. This is an experimental
+ upstream feature.
+ * Major refactoring of wpa_action.sh, with all related commands put into
+ independent shell functions.
+ * Improve feedback from wpa_action.sh when used interactively. Give usage
+ statement instead of simply returning "insufficient parameters".
+ * 'wpa_action reload' is logged after the action. It is called interactively,
+ and should also give interactive feedback. Same for 'wpa_action stop'.
+ * Remove superfluous check for /var/log, and put logging initialisation into
+ its own function, log_init(). [wpa_action.sh]
+ * Shut `ip addr flush dev "$IFACE" up', it almost always has nothing to flush.
+ * wpa-ifupdown init script now takes care of all interfaces while displaying
+ only one line.
+ * Don't set -e in wpa_action.sh. wpa-ifupdown script no longer takes exit
+ status into account, and I'd prefer to account for all possible avenues of
+ exit possible and log all encountered problems.
+ * Really fix #375599, by containing the CTRL_IFACE_DIR path in WPA_SUP_CONF
+ always, customised or not. The WPA_CTRL_IFACE socket was not being created
+ when ommitted from the wpa_supplicant.conf file.
+ * Add 'wpa-maint-debug' to enable set -x in ifupdown.sh, so that we can easy
+ track down vague problems.
+ * Slightly modify the way in which madwifi is activated. The default config
+ we apply does not activate madwifi by default any longer, it is done via
+ seperate patches; 20_include_madwifi modifies the .config file to activate
+ the driver_madwifi backend, and adds the required CFLAGS to find the
+ includes that are later added via one of the 21_madwifi*_includes patches.
+ * Update madwifi includes to that of the current offering in the debian
+ archive, r1680.
+ * Implement basic locking for wpa_action action's for when the user callable
+ "stop" action is executed while wpa_action is busy configuring the device.
+ The wpa_cli daemon is killed, then wpa_action waits for the current action
+ to finish gracefully before killing wpa_suppliant. This helps avoid
+ inconsistencies with ifupdown when volatile conditions are experienced as
+ part of the roaming setup (for example, driver problems causing connection
+ loops).
+ * Rename WPA_CLI_ACTFILE to WPA_CLI_LOCKFILE in ifupdown.sh.
+ * Condemn the use of wpa-action scripts:
+ - add NEWS item describing the superior alternative: wpa-roam
+ - remove example action scripts
+ - remove conf_wpa_cli() from ifupdown.sh
+ * Condense README.Debian and NEWS, so that they contain only relevant items,
+ and do not repeat the same information.
+ * Massive enhancement of README.modes, in an attempt to relay the
+ information about how this package, and wpa_supplicant work in debian with
+ the greatest of clarity.
+ * Harden tests for daemon pidfiles. No longer be satisfied that a pidfile
+ exists, but use start-stop-daemon to test its validity by sending a signal
+ 0. Remove pidfiles that do not pass the test.
+ * Fix stupid $DAEMON_VEROSITY typo that was used consistently throughout
+ script. [ifupdown.sh]
+ * Assoctiate "down" with the stop action of wpa_action.
+ * Thanks Marc Haber for reading over docs and notifying of some of the
+ follwoing issues.
+ - Fix typo "automattically" in README.modes.
+ - Remove bogus pre-up example from wpa_action(8) and README.modes
+ - Explain in more detail how /etc/wpa_supplicant/ifupdown.sh works in
+ README.modes.
+ * Add "The Logfile" section to README.modes.
+ * Add patch from upstream to fix writing of stakey, peerkey, and id_str
+ network configuration variables into the configuration file when
+ update_config=1 is set. Thanks to Felix for reporting.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Thu, 3 Aug 2006 15:58:24 +1000
+
+wpasupplicant (0.5.4-2) unstable; urgency=low
+
+ [ Kel Modderman ]
+ * End testing period. The 0.5 branch of wpa_supplicant upstream has proven
+ to be non disruptive to users' configurations over the past few weeks,
+ lets now allow this to propogate to testing. (Closes: #374342)
+ * Clean up the LSB Init header block. Provide all fields as per LSB Init
+ Script Comment Convention specification.
+ * Do not use /usr/bin/env to interrogate the environment for IF_WPA
+ variables, /usr may not be mounted at time of invocation. Use `set'
+ (shell built-in) instead. (Closes: #376243)
+ * Exit if IFSTATE_FILE or INTERFACES_FILE do not exist. Also, look for
+ ifstate file in /var/run/network to remain compatible with Ubuntu's
+ ifupdown divergence. (lp#51351)
+ * Add a similar IFSTATE_FILE test to wpa-ifupdown.init, to remain compatible
+ with Ubuntu. (lp#51351)
+ * Update wpa_action.8 with the behaviour of wpa_action when IFSTATE_FILE or
+ INTERFACES_FILE cannot be found, and the pathnames searched for their
+ existance.
+ * Mention wpa_cli(8) in Custom Action Script section of README.Debian, as it
+ contains information about environment variables available to the script
+ at runtime.
+ * Also clarify dhclient wpacli-action script usage, to avoid people
+ mistakenly cp'ing the skeleton script.
+ * Add some info about howto revert installation of deprecated init script to
+ NEWS file.
+ * Add 'wpa-verbosity' switch, so that setting 'wpa-verbosity 1' in an
+ interfaces stanza will cause wpa_supplicant's ifupdown hook to be loud.
+ This was overlooked when #361586 was closed some time ago.
+ * Remove return value hack in wpa_action, use set -e to exit on error
+ instead. (Closes: #376553)
+ * Not only flush IFACE when iproute is installed, but also use /sbin/ip to
+ set 'up' operstate as well.
+ * Default to wext without exception. Remove the check for wireless extensions
+ via /proc/net/wireless, and prevent driver type of "wired" from being
+ selected in the case that the iface may not be "prepared" yet.
+ (Closes: #376651)
+ * Remove duplicating pidfile shell var's in wpa_action.sh by simply making
+ them global.
+
+ [ Reinhard Tartler ]
+ * Note that ap_scap=2 can help speeding up associations (Closes: #368770)
+ * wpa_action: flush the ip addr, if the package iproute is installed
+ * wpa_action: add action 'reload' to reload the wpa_supplicant configuration
+ * debian/control: add iproute to Recommends
+
+ -- Kel Modderman <kelrin@tpg.com.au> Wed, 5 Jul 2006 18:42:06 +1000
+
+wpasupplicant (0.5.4-1) unstable; urgency=low
+
+ * New upstream release.
+ * WPA_CRTL_DIR environment variable is now exported to action scripts, we
+ will use it to print a status report after a CONNECTED event.
+ * Make logfile contents easier to read by adding a break between each ACTION
+ event.
+ * Recommend dhcp3-client, it handles consecutive wpa_action events with more
+ grace than dhcp-client by not starting multiple dhclient processes on the
+ same interface.
+ * Don't remove wpa_action logfile on 'stop'.
+ * Enhance wpa_action(8) to better explain the concept of a LOGICAL
+ interface.
+ * Install wpa_passphrase to /bin. (Closes: #373948)
+ * Manpages have been slightly enhanced, and now briefly explain wpa_cli
+ action environment variables and wpa_supplicant -C and -g options.
+ (Closes: #372615)
+ * Rename wpa_cli daemon pidfile to wpa_action.IFACE.pid for wpa-roam.
+ * Further env variable testing cleanups to ifupdown.sh.
+ * Global rename of WPA_COMMON_CTRL_IFACE to WPA_CTRL_DIR, as this is used
+ for the same purposes upstream.
+ * No longer penalise users for not having ctrl_interface explicitly
+ contained within their wpa_supplicant.conf. (Closes: #375599)
+ * Move WPA_ACTION_SCRIPT sanity checking into init_wpa_supplicant() to avoid
+ ifupdown.sh exiting when bringing down an interface when ifup previously
+ failed due to a missing or non-executable action script.
+ * Add numerous code comments to ifupdown.sh.
+ * Move WPA_CLI_OPTIONS and WPA_SUP_OPTIONS into their respective init()
+ functions.
+ * wpa_action now logs 'stop' events to file, updated manpage.
+ * Split wpa_action logging into two parts, event and environment. Only
+ wpa_cli events will echo env var's.
+ * wpa_action exits with retval of ifdown command on 'stop' event.
+ * Add workaround for sendsigs (initscripts) terminating wpa_supplicant
+ processes before networking is shutdown gracefully. An init script
+ wpa-ifupdown is called at sequence number 15 in runlevels 0 and 6 to bring
+ down all interfaces that were started via ifupdown.sh.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Tue, 27 Jun 2006 20:29:33 +1000
+
+wpasupplicant (0.5.3+20060522-3) unstable; urgency=low
+
+ [Reinhard Tartler]
+ * review and make the warnings in debian/NEWS even more obvious.
+ * advertise the manpage wpa_action(8) and the implemented roaming solution
+ better.
+
+ [Kel Modderman]
+ * Bugfix: /etc/network/ifstate is not guarenteed to exist, we should grep
+ /etc/network/run/ifstate in wpa_action. (Closes: #373179)
+ * Include madwifi old development headers and provide a series of steps to
+ enable support for users of the madwifi-old driver in debian/NEWS.
+ * Restore init script example and information about its usage.
+ * Use INTERFACES_FILE and IFSTATE_FILE in wpa_action.sh. Thanks for idea
+ from Modestas Vainius.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Wed, 14 Jun 2006 01:13:08 +1000
+
+wpasupplicant (0.5.3+20060522-2) experimental; urgency=low
+
+ * Warn user and exit when wpa-roam is not started with manual inet METHOD.
+ * Remove awk line to "guess" a network_id, instead create the new block and
+ store output of wpa_cli in WPA_ID. (make sure that -i IFACE is used)
+ * Rename wpa_cli_wrapper() to wpa_cli() and make it absoluetly generic,
+ including only the IFACE and path to ctrl_iface socket.
+ * Introduce wpa_cli_do() and rewrite conf_wpa_supplicant() to enhance
+ readability and maintainability.
+ * Make WPA_ID variable local to conf_wpa_supplicant()
+ * Exit with status 1 when wpa-action fails.
+ * Move test's into init/conf/kill function header and clean up phase
+ specific case constructs at the tail of ifupdown.sh.
+ * Ensure lang barrier does not interfere with wpa_cli, use LC_ALL=C.
+ * Add patch from Dan Williams that works around a problem specific to wep
+ keys and orinoco chipsets.
+ * Update madwifing_includes dpatch to latest madwifi.org svn.
+ * Add WPAGUI to debian/rules, so that only one change has to be made to use
+ a different wpa_gui target. Remove $(WPAGUI)/Makefile in clean target.
+ * Purge and forget about the old init example script.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Sat, 10 Jun 2006 22:25:58 +1000
+
+wpasupplicant (0.5.3+20060522-1) experimental; urgency=low
+
+ * New upstream development snapshot.
+ * Oops: Disable CONFIG_EAP_SAKE. (Closes: #366937)
+ * Rename debian/wpasupplicant.ifupdown to debian/ifupdown.sh. There is no
+ need for that script to be named that way, as it may falsely seem to be
+ handled by a debhelper target.
+ * Don't attempt to send terminate signal via wpa_cli when start-stop-daemon
+ can be used.
+ * Use debhelper 5 compat level.
+ * Use wpa_gui-qt4, and build-depend on libqt4-dev.
+ * Use WPA_ID instead of NW_ID to make variable similar with what upstream
+ uses for a similar purpose (unique identifier).
+ * Add ifupdown environment var's to verbose output to assist in debugging.
+ * Fix some typo's (engine_id, key_id) in ifupdown.sh.
+ * ifupdown.sh no longer busy-loops when using an action script with
+ wpa-action-timeout 0. Thanks to Elmar Hoffmann!
+ * Allow wpa_cli action daemon to engage before configuring wpa_supplicant
+ via wpa_cli set_network commands to avoid a possibly racy condition.
+ * Move VERBOSITY variable to the beginning of ifupdown.sh, with the others.
+ * Indent shell code in wpacli-action-* scripts.
+ * Bumb Standards-Version to 3.7.2.
+ * Allow for future PHASE specific stuff in start MODE of ifupdown.sh.
+ * Move the action script sanity checks out of init_wpa_supplicant into
+ common section of ifupdown.sh.
+ * Create wpa_cli_wrapper to assist in major code clean up and future
+ maintenance of ifupdown.sh.
+ * Support madwifi-ng private ioctl's with the inclusion of the headers from
+ madwifi.org svn trunk. (At the expense of not supporting the madwifi-old
+ driver, which is deprecated by upstream madwifi)
+ * Add wpa_action.sh to provide /sbin/wpa_action and facilitate roaming via
+ ifupdown and network settings defined in /etc/network/interfaces (refer to
+ wpa_action(8) for more details).
+
+ -- Kel Modderman <kelrin@tpg.com.au> Sun, 28 May 2006 20:33:38 +1000
+
+wpasupplicant (0.5.3-1) experimental; urgency=low
+
+ * New upstream development release.
+ * Orphaned daemons that are spawned during an ifup process that is
+ manually terminated are now checked for and killed.
+ * Don't make noise when we are not using the manual inet method and
+ wpa-action is used.
+ * Warn about non-executable action script.
+ * Ensure wpa_cli actfile is destroyed.
+ * Make start-stop-daemon verbose when VERBOSITY is set.
+ * Renumber dpatches for sanity.
+ * Make ifupdown script modular; split into shell functions.
+ * Fix typo in README.Debian, referring to a non-existant location.
+ * Disconnect and terminate existing ctrl_interface sockets.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Sat, 29 Apr 2006 14:53:51 +1000
+
+wpasupplicant (0.5.2-3) experimental; urgency=low
+
+ [ Kel Modderman ]
+ * Remove bad information about wpa-driver-file in docs.
+ * Actually fall back to wext as DRIVER type in example init script.
+ * Fix typo in debian/control, remove suggests of dhcp*-client alltogether.
+ * Remove bogus commands to set eapol_version and fast_reauth. They cannot be
+ set via wpa_cli.
+ * Make preauthenticate a global wpa_cli setting, rather than a per-ssid one.
+ * Kill dhclient process after a DISCONNECT signal in dhclient action script
+ example.
+ * Document that the action script must must be executable.
+ * Fix check for wireless extensions for when there is not whitespace after
+ $IFACE:.
+ * grep for $IFACE in /proc/net/dev to verify it is a valid network interface.
+ * Improve documentation about wpa-driver, and further clarify that all
+ wpa_cli commands should be supported in e/n/i by prefixing them with
+ "wpa-".
+ * Add a note about wpa-action-timeout.
+
+ [ Reinhard Tartler ]
+ * remove last reference to /etc/default/wpasupplicant. It is gone, don't
+ revive zombies!
+ * small cleanups in debian/rules
+ * further clarifications in README.Debian
+
+ -- Kel Modderman <kelrin@tpg.com.au> Tue, 11 Apr 2006 22:05:06 +1000
+
+wpasupplicant (0.5.2-2) experimental; urgency=low
+
+ [ Kel Modderman ]
+ * Bump debian revision to upgrade over the previously version uploaded to
+ experimental, which has sufficiently changed since that time to warrant
+ rebasing the package upon the 0.4.8-1 release to unstable.
+ * Make ifupdown script exit silently when binaries are not found or
+ executable.
+ * When ifupdown exits with an error status, do not hide the echo'd problem
+ description behind the VERBOSITY environment variable.
+ * Remove check for wpa_cli pidfile when executing an action script. This
+ check was racy, and not always successful. Sometimes, the device was
+ marked as up without allowing the action script a chance to finish.
+ * Improve feedback for wpa_cli action script daemon.
+ * Ensure WPA_CLI_ACTFILE is removed when wpa_cli is terminated.
+ * Fix typo in ifupdown script that later propogated into some example
+ information in README.debian (wpa-apscan should have been wpa-ap-scan).
+ Provide backwards compatibility for this change for those who already
+ followed the example.
+ * Check for existing pidfiles before executing daemons via ifupdown.
+
+ [ Reinhard Tartler ]
+ * enable driver test
+ * add eap_testing.txt to documentation
+ * enhance Readme.txt
+
+ -- Kel Modderman <kelrin@tpg.com.au> Tue, 4 Apr 2006 06:40:35 +1000
+
+wpasupplicant (0.4.8-1) unstable; urgency=low
+
+ [ Reinhard Tartler ]
+ * Finally bringing in the new Upstream version with the ap scan patch for
+ wpa-cli, required by network-manager (Closes: #356072)
+ * Dropping Mode 3 (start by init script) (Closes: #356842, #357760)
+ * add hint for associating to hidden ssids (Closes: #358137)
+ * add a note for faciliating debugging connection problems
+ * add this note to README.modes as well.
+ * remove or backup obsolete conffiles
+ /etc/network/if-p{re-up,ost-down}.d/wpasupplicant
+ * install the wpasupplicant.conf(5) manpage (Closes: #358138)
+ * don't start wpa_supplicant for loopback interface (Closes: #359814)
+ * add explanation about action scripts, mentioning that we expect now
+ the action script to create a file indicating that the interface is ready
+ for use.
+ * add warning in NEWS.Debian that upgrading to this package requires
+ manual intervention by the local admin.
+ * move old 'default configuration' to /usr/share/doc/wpasupplicant/examples
+ as example for connecting to open APs.
+ * remove version restriction from preinst. This means that obsoleted
+ conffiles are always removed!
+ * moved the ifupdown script to /etc/wpa_supplicant/ifupdown.sh
+ * added note about binaries beeing moved to /sbin
+
+ [ Scott James Remnant ]
+ * Undo 0.4.8-0ubuntu2's replacement of the preinst/postinst/postrm triad,
+ which replaced the upgrade-failure proof and policy compliant code with
+ "something else".
+ * Restore change to ifupdown script that makes "wpa-conf" unnecessary.
+ * Move /etc/wpa_supplicant.conf to /etc/wpa_supplicant/wpa_supplicant.conf
+ if the user has modified it, otherwise remove it and install the new file.
+ * Remove 0_ from if-*.d symlink names as we don't force an order or
+ even serialisation.
+
+ [ Kel Modderman ]
+ * Remove check for /proc/net/packet. (Closes: M#37121)
+ * Add timeout loop when launching a wpa_cli action script in conjunction
+ with the manual inet METHOD, to allow other ifupdown hooks to
+ post-configure the interface just as they would have if using a standard
+ method such as dhcp or static. Introduce WPA_CLI_ACTFILE to allow a
+ wpa_cli action script to signal connected state to ifupdown.
+ * Add skeleton wpa_cli action script to examples.
+ * Simplify wpasupplicant.examples.
+ * Don't install wpa_supplcant.defconf as the default wpa_supplicant conffile,
+ our users don't want that file interrogated by anyone, even dpkg.
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 31 Mar 2006 10:58:16 +0200
+
+wpasupplicant (0.4.8-0ubuntu3) dapper; urgency=low
+
+ * Add 40_ctrl_iface_hide_keys.dpatch to hide passwords and PINs from
+ our logfiles, preventing an information disclosure vulnerability.
+
+ -- Adam Conrad <adconrad@ubuntu.com> Wed, 29 Mar 2006 23:49:26 +1100
+
+wpasupplicant (0.4.8-0ubuntu2) dapper; urgency=low
+
+ [ Kel Modderman ] - done in debian experimental for version 0.5.2-1
+ * New upstream release.
+ * Add myself to Uploaders.
+ * Convert to cdbs.
+ - rewrite debian/rules to take advantage of cdbs
+ - update control file build-deps
+ * Update README.modes.
+ - clarify that wext is used by default, when no driver is specified
+ - fix exmaple of wpa-psk using a plaintext string
+ - fix typo's
+ * Fold pre-up scripts into one, and symlink from
+ /etc/network/if-{pre-up,down}.d/wpasupplicant
+ * Use VERBOSITY of ifupdown to assist debugging of wpa stanza's in
+ /etc/network/interfaces.
+ * Add support for wpa_cli action scripts.
+ * Use start-stop-daemon to initiate wpa_supplicant and wpa_cli background
+ processes.
+ * Daemons now create pidfiles.
+ * Quote tested var's in wpasupplicant.init.
+ * Quote all var's in wpsupplicant.default for uniformity.
+ * Move wpa_* to /sbin.
+ * Conffile for wpa_supplicant now installed to
+ /etc/wpa_supplicant/wpa_supplicant.conf. That directory will hold any
+ other files that we may require to use wpa_supplicant.
+ * Don't start wpasupplicant pre-up if the current kernel lacks support for
+ "Packet Socket" (CONFIG_PACKET=y).
+ * Fix blunders in the init script.
+ - typo, $PIFFILE should have been $PIDFILE
+ - init script exited when a configuration file WAS found
+ * Force init daemon's pidfile to be the same as wpasupplicant.ifupdown uses,
+ to avoid duplicate wpa_supplicant processes binding to the same interface.
+ * Remove the margin for error from the init daemon, by forcing the default
+ variables to be set. Helpful and informative comments were placed in the
+ default file. The init script will exit if these variables are not set
+ correctly. (Closes: #357957)
+ * Add comment to defconf about ctrl_interface and wpa_cli.
+ * Add comments to previously uncommented dpatch's.
+ * Include proof-of-concept dhlcient wpa-action script. Suggest
+ dhcp(3)-client.
+ * Thanks to Henrik Brix Andersen from gentoo for the ideas and inspriration
+ for some of the above changes.
+
+ [ Reinhard Tartler ]
+ * compile wpa_gui with qt3 rather than qt4. (in order to faciliate
+ backporting to sarge)
+ * revert to debhelper 4
+ * take the complete packaging from our experimental branch. The last upload
+ did not document all changes properly (see the list above), and had still
+ a lot of issues.
+ * fixing typo in the preinst
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 27 Mar 2006 15:28:22 +0200
+
+wpasupplicant (0.5.1-1) experimental; urgency=low
+
+ [ Reinhard Tartler ]
+ * New Upstream Release. This is the current development branch of
+ wpasupplicant.
+ * revised the init script for supporting roaming mode
+ * introduce README.modes explaining the differnet modes of operation
+ * install manpage wpa_supplicant.conf(5) (Closes: #358138)
+ * make wpasupplicant create a PID file (Closes: #355052)
+ * Revise wpasupplicant.postinst (Closes: #322176)
+
+ [ Kel Modderman ]
+ * New experimental ifupdown scripts. (Closes: #322176, #356205, #356144)
+ * Drop wpasupplicant.{postrm,postinst,override,docs}.
+ * Use dh_installchangelogs to handle upstream changelog.
+ * Enforce permissions on installed files.
+ * Clean up handling of madwifi includes
+ - dpatch contains description of origin
+ - dpatch does not modify upstream, use CFLAGS to include madwifi headers
+ * Add wpa_background manpage provided by upstream.
+
+ -- Kel Modderman <kelrin@tpg.com.au> Tue, 14 Mar 2006 23:00:47 +1000
+
+wpasupplicant (0.4.8-0ubuntu1) dapper; urgency=low
+
+ * New upstream release:
+ - Various bug fixes
+ - Support for EAP-FAST key derivation using other ciphers than
+ RC4-128-SHA for authentication and AES128-SHA for provisioning.
+ - UVF exception granted by Kamion.
+
+ * Packaging and configuration is based on Debian Experimental however,
+ making this package something of a bastard love child of what's in
+ Debian.
+ * Deliberately dropped support for wpasupplicant being run at startup to
+ make it easier for Ubuntu to support. It's now run on a per-interface
+ basis when the interface is brought up.
+ Consult /usr/share/doc/wpasupplicant/README.Debian for documentation
+ if upgrading from universe.
+ * Unlike Debian the wpa-conf /etc/network/interfaces is only needed for
+ explicitly giving a configuration file; simply include any setting
+ for wpa to be used.
+ * Binaries moved to /sbin for seb128.
+
+ -- Scott James Remnant <scott@ubuntu.com> Thu, 23 Mar 2006 23:29:57 +0000
+
+wpasupplicant (0.4.7-4) unstable; urgency=low
+
+ [Daniel T Chen]
+
+ * Convert rcS.d script to use /etc/network/if-p{ost-down,re-up}.d
+ instead. Remove the rcS.d script installed in 0.4.7-0ubuntu{1,2}.
+ If you manually modified /etc/network/interfaces to use the pre-up
+ and post-down directives with wpasupplicant, please remove them.
+ Thanks to Scott James Remnant for the guidance. (Closes: #304032)
+
+ [Kel Modderman - submitted via bug #353530] (Closes: #353530)
+
+ * Use upstream manpages.
+ * added watch file
+ * cleanups in debian/rules
+ * Install wpagui manpage to man8
+ * Use qmake-qt4 directly, to avoid ftbfs on systems with other qt
+ versions installed.
+
+ [Reinhard Tartler]
+
+ * Merged with ubuntu package
+ * added myself to Uploaders
+ * use debhelper 5
+ * remove debian/wpasupplicant.conffiles, debhelper handles this on its own
+ * renamed ChangeLog.gz to changelog.gz, (Policy 12.7)
+ * installed lintian override for possible multiple calling of update-rc.d.
+ This is necessary to support different upgrade paths.
+ * revised postinst, so that updating initskript links happens in when
+ configuring the package only
+ * introduce debian/NEWS, documenting importants bits of debian/changelogs,
+ and a bit about future development of wpasupplicant
+ * verified working WPA EAP-TLS on ipw2200. (Closes: #317548)
+ * /etc/init.d/wpasupplicant is now a initscript which is not started on
+ startup by default. (see changes by Daniel T Chen). lintian is not happy
+ about this, so another lintian override was added
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 24 Feb 2006 18:27:52 +0100
+
+wpasupplicant (0.4.7-3) unstable; urgency=low
+
+ * Another brown paper bag release.
+ * Fix mistype of $CONFIG_FILE variable name in default script. Also make
+ this the same variable checked for existance in the init script, as that
+ was another bug I missed. (closes: #350900)
+
+ -- Kyle McMartin <kyle@debian.org> Wed, 01 Feb 2006 09:21:41 -0500
+
+wpasupplicant (0.4.7-2) unstable; urgency=low
+
+ * Brown paper bag release.
+ * Add description for wpagui binary package...
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 28 Jan 2006 16:51:56 -0500
+
+wpasupplicant (0.4.7-1) unstable; urgency=low
+
+ * New upstream version. (closes: #347347)
+ * New binary package, wpa_gui; build-deps on Qt4. (closes: #332654)
+ * Move wpasupplicant to run in rcS, before networking. This will likely
+ upset a few people, but as wpasupplicant can wait for the interface to
+ exist before doing anything, it shouldn't cause any real problems.
+ (closes: #310136)
+ * Document in default config file that EAP-FAST will not work
+ without a patch to OpenSSL. (closes: #322174)
+ * Comment out most of the default config file, some people kept the
+ whole file verbatim, causing OpenSSL to try and load some uncommon
+ libraries people likely didn't have installed, resulting in
+ wpasupplicant segfaulting (closes: #330138, #336423)
+ * Also for #336423, Suggest: libengine-pkcs11-openssl, and document why.
+ * Make more noise when the daemon fails to run. (closes: #346265)
+ * Don't advertise that -i may not be required in default/wpasupplicant,
+ this option was removed as it did not scale to handle multiple
+ interfaces. (closes: #322175)
+ * Document typical location of config file in manpage. Note,
+ wpasupplicant no longer implicitly finds a config file. (closes: #315963)
+ * Add simple WPA-PSK example to default config file. (closes: #331533)
+ * Split up $OPTIONS in default/wpasupplicant. (closes: #331533)
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 28 Jan 2006 02:30:27 -0500
+
+wpasupplicant (0.4.6-0.2) unstable; urgency=low
+
+ * New upstream version (closes: #335487).
+ * This version is designed for Wireless Extensions 19 and so will work
+ with Linux kernel 2.6.14. Closes: #338131.
+ * Note that WPA support was added in Wireless Extensions 18 and should
+ therefore exist in new (2.6.14-compliant) drivers, including
+ ipw2200 v1.0.8. In order to take advantage of this new support you need to
+ invoke wpasupplicant with the wext driver ("-D wext" in
+ /etc/default/wpasupplicant for instance, instead of "-D ipw" say).
+ Probably closes also #304087 and #317548, but I'm not going to confirm
+ that just for an NMU.
+ * Added comments to README.Debian amounting to the above.
+ * Borrowed some of Norbert Preining's improvements:
+ - add debhelper token to postrm script
+ - fix address of FSF in copyright file
+ - bump standards version to 3.6.2
+ (Kyle, when you get back to this package, find Norbert's other changes
+ upgrading to debhelper 4 in bug #338131).
+ * Set NMU version to 0.2 for Norbert's convenience.
+ * Marked /etc/init.d/wpasupplicant as a conffile (should really use
+ debhelper4 to take care of this, but I'm not going to make the other
+ changes needed for this).
+
+ -- Drew Parsons <dparsons@debian.org> Thu, 10 Nov 2005 20:34:35 +1100
+
+wpasupplicant (0.4.4-1) unstable; urgency=low
+
+ * New upstream version.
+ * Ship a default /etc/wpa_supplicant.conf which associates with any
+ open access point. (closes: #287220, #322171, #315964)
+ * /etc/default/wpasupplicant is no longer mode 755 (closes: #315031)
+ * Add a postrm script, oops, overlooked this initially... (closes: #327522)
+ * Fix hyphen/minus in man pages. (closes: #296310)
+ * patches/
+ - 01_config
+ + update
+ + Enable wired driver. (closes: #325296)
+ + Add EAP_FAST to config, but comment it out. EAP_FAST requires a patch
+ to openssl before it is compileable.
+ - 10_madwifi_includes
+ + update from madwifi CVS. (closes: #326226)
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 24 Sep 2005 12:35:02 -0400
+
+wpasupplicant (0.4.2-1) unstable; urgency=low
+
+ * New upstream release.
+ * Add debhelper flag to postinst.
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 18 Jun 2005 19:04:02 -0400
+
+wpasupplicant (0.4.1-0) unstable; urgency=low
+
+ * New upstream release.
+ * This release was not uploaded.
+
+ -- Kyle McMartin <kyle@debian.org> Sun, 29 May 2005 17:40:11 -0400
+
+wpasupplicant (0.4.0-1) unstable; urgency=low
+
+ * New upstream release.
+ * patches/
+ - 12_ipw_open_aps
+ + remove patch: It seems to cause problems with associating with
+ open access points.
+ - 11_madwifi_open_aps
+ + remove patch, fixed upstream
+ driver_madwifi: fixed association in plaintext mode
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 30 Apr 2005 11:28:01 -0400
+
+wpasupplicant (0.3.8-1) unstable; urgency=low
+
+ * New upstream release.
+ * This release fixes a crash due to a buffer overflow, caused by
+ a missing validation step on EAPOL-Key frames. Receiving malformed
+ frames trigger the crash. More information available in the notes:
+ http://lists.shmoo.com/pipermail/hostap/2005-February/009465.html
+ * Fix some badness with the init script. Missed the -B option
+ to daemonize wpa_supplicant... pidfile is not currently being used
+ as it requires modifying wpa_supplicant.
+ * patches/
+ - 12_ipw_open_aps (closes: #295143)
+ + merge patch against driver_ipw to fix association with
+ open access points.
+
+ -- Kyle McMartin <kyle@debian.org> Tue, 15 Feb 2005 00:51:28 -0500
+
+wpasupplicant (0.3.7-1) unstable; urgency=low
+
+ * New upstream stable release.
+ * Add preliminary init script for wpasupplicant. Currently it will
+ start after pcmcia, for obvious reasons. (closes: #287219)
+ * patches/
+ - 11_madwifi_open_aps (closes: #294909)
+ + merge patch against driver_madwifi to fix association with
+ open access points.
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 12 Feb 2005 22:56:11 -0500
+
+wpasupplicant (0.3.2-2) unstable; urgency=low
+
+ * patches/
+ - 06_default_ifname
+ + support a default interface specified in wpa_supplicant.conf
+
+ -- Kyle McMartin <kyle@debian.org> Sun, 23 Jan 2005 03:26:01 -0500
+
+wpasupplicant (0.3.2-1) unstable; urgency=low
+
+ * New upstream release.
+ * From upstream changelog, and verified: (closes: #286443)
+ + fixed private key loading for cases where passphrase is not set
+
+ -- Kyle McMartin <kyle@debian.org> Mon, 20 Dec 2004 10:22:11 -0500
+
+wpasupplicant (0.3.1-2) unstable; urgency=low
+
+ * Add CONFIG_CTRL_IFACE=y option to maintain old configuration file
+ compatibility.
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 18 Dec 2004 14:03:19 -0500
+
+wpasupplicant (0.3.1-1) unstable; urgency=low
+
+ * The "Kyle is a lazy, lazy, lazy hacker" release.
+ * Removed patch for ipw2100, as it's been integrated
+ upstream. (closes: #281979)
+ * Remove default wpa_supplicant.conf from /etc, since we aren't
+ installing a configuration file that will work by default. Instead,
+ it has been moved to /usr/share/doc/wpasupplicant/examples.
+ * Enable a few more options. Unfortunately support for Broadcom's wl.o
+ must be disabled, since it requires a header file with an
+ "All Rights Reserved" copyright. LinuxAnt DriverLoader is similarly
+ disabled, though NDISWrapper is supported.
+
+ -- Kyle McMartin <kyle@debian.org> Thu, 16 Dec 2004 12:39:01 -0500
+
+wpasupplicant (0.2.5-2) unstable; urgency=low
+
+ * Merged patch from Lorenzo Martignoni, to enable support for
+ WPA on the Intel IPW2100 wireless chipset (aka: Centrino).
+
+ -- Kyle McMartin <kyle@debian.org> Sat, 23 Oct 2004 15:21:11 -0400
+
+wpasupplicant (0.2.5-1) unstable; urgency=low
+
+ * New upstream version. (closes: #276368)
+
+ -- Kyle McMartin <kyle@debian.org> Tue, 12 Oct 2004 09:10:19 -0400
+
+wpasupplicant (0.2.4-2) unstable; urgency=low
+
+ * patches/
+ - 01_config
+ + enable TLS support (and various other non-default configurations)
+ - 05_default_conf
+ + patch to use "/etc/wpa_supplicant.conf" by default, instead of
+ prompting for the configuration on the command line.
+ * Add Build-Depends on libssl-dev, used by various EAPs.
+
+ -- Kyle McMartin <kyle@debian.org> Sun, 12 Sep 2004 11:16:19 -0400
+
+wpasupplicant (0.2.4-1) unstable; urgency=low
+
+ * Initial release.
+ * patches/
+ - 01_config
+ + default configuration
+ - 10_madwifi
+ + support for wireless cards using the madwifi driver
+
+ -- Kyle McMartin <kyle@debian.org> Sun, 5 Sep 2004 13:19:27 -0400
--- /dev/null
+# Debian's wpa_supplicant build time configuration
+
+# Driver interface for Host AP driver
+#CONFIG_DRIVER_HOSTAP=y
+
+# Driver interface for Agere driver
+# XXX: Non-GPL header required
+#CONFIG_DRIVER_HERMES=y
+# Change include directories to match with the local setup
+#CFLAGS += -I../../hcf -I../../include -I../../include/hcf
+#CFLAGS += -I../../include/wireless
+
+# Driver interface for madwifi driver
+#CONFIG_DRIVER_MADWIFI=y
+# Change include directories to match with the local setup
+#CFLAGS += -I../debian/madwifi-headers
+
+# Driver interface for Prism54 driver
+# (Note: Prism54 is not yet supported, i.e., this will not work as-is and is
+# for developers only)
+#CONFIG_DRIVER_PRISM54=y
+
+# Driver interface for ndiswrapper
+# XXX: Deprecated since Linux 2.6.14
+#CONFIG_DRIVER_NDISWRAPPER=y
+
+# Driver interface for Atmel driver
+#CONFIG_DRIVER_ATMEL=y
+
+# Driver interface for Broadcom driver
+# XXX: Non-GPL header required
+#CONFIG_DRIVER_BROADCOM=y
+# Example path for wlioctl.h; change to match your configuration
+#CFLAGS += -I/opt/WRT54GS/release/src/include
+
+# Driver interface for Intel ipw2100/2200 driver
+# XXX: Deprecated since Linux 2.6.14
+#CONFIG_DRIVER_IPW=y
+
+# Driver interface for Ralink driver
+# XXX: rt2x00 supports DRIVER_WEXT, the legacy drivers hardly work at all
+#CONFIG_DRIVER_RALINK=y
+
+# Driver interface for generic Linux wireless extensions
+#CONFIG_DRIVER_WEXT=y
+
+# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
+CONFIG_DRIVER_BSD=y
+#CFLAGS += -I/usr/local/include
+LIBS += -lbsd
+
+# Driver interface for Windows NDIS
+# XXX: we don't cater for the win32 arch
+#CONFIG_DRIVER_NDIS=y
+#CFLAGS += -I/usr/include/w32api/ddk
+#LIBS += -L/usr/local/lib
+# For native build using mingw
+#CONFIG_NATIVE_WINDOWS=y
+# Additional directories for cross-compilation on Linux host for mingw target
+#CFLAGS += -I/opt/mingw/mingw32/include/ddk
+#LIBS += -L/opt/mingw/mingw32/lib
+#CC=mingw32-gcc
+# By default, driver_ndis uses WinPcap for low-level operations. This can be
+# replaced with the following option which replaces WinPcap calls with NDISUIO.
+# However, this requires that WZC is disabled (net stop wzcsvc) before starting
+# wpa_supplicant.
+# CONFIG_USE_NDISUIO=y
+
+# Driver interface for development testing
+#CONFIG_DRIVER_TEST=y
+
+# Driver interface for wired Ethernet drivers
+#CONFIG_DRIVER_WIRED=y
+
+# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
+# included)
+CONFIG_IEEE8021X_EAPOL=y
+
+# EAP-MD5
+CONFIG_EAP_MD5=y
+
+# EAP-MSCHAPv2
+CONFIG_EAP_MSCHAPV2=y
+
+# EAP-TLS
+CONFIG_EAP_TLS=y
+
+# EAL-PEAP
+CONFIG_EAP_PEAP=y
+
+# EAP-TTLS
+CONFIG_EAP_TTLS=y
+
+# EAP-FAST
+# Note: Default OpenSSL package does not include support for all the
+# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL,
+# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch)
+# to add the needed functions.
+#CONFIG_EAP_FAST=y
+
+# EAP-GTC
+CONFIG_EAP_GTC=y
+
+# EAP-OTP
+CONFIG_EAP_OTP=y
+
+# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
+CONFIG_EAP_SIM=y
+
+# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
+CONFIG_EAP_PSK=y
+
+# EAP-PAX
+CONFIG_EAP_PAX=y
+
+# LEAP
+CONFIG_EAP_LEAP=y
+
+# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
+CONFIG_EAP_AKA=y
+
+# EAP-SAKE
+#CONFIG_EAP_SAKE=y
+
+# EAP-GPSK
+#CONFIG_EAP_GPSK=y
+# Include support for optional SHA256 cipher suite in EAP-GPSK
+#CONFIG_EAP_GPSK_SHA256=y
+
+# EAP-TNC and related Trusted Network Connect support (experimental)
+#CONFIG_EAP_TNC=y
+
+# EAP-WSC for Wi-Fi Protected Setup
+CONFIG_EAP_WSC=y
+
+# EAP-IKEv2
+#CONFIG_EAP_IKEV2=y
+
+# PKCS#12 (PFX) support (used to read private key and certificate file from
+# a file that usually has extension .p12 or .pfx)
+CONFIG_PKCS12=y
+
+# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
+# engine.
+CONFIG_SMARTCARD=y
+
+# PC/SC interface for smartcards (USIM, GSM SIM)
+# Enable this if EAP-SIM or EAP-AKA is included
+CONFIG_PCSC=y
+
+# Development testing
+#CONFIG_EAPOL_TEST=y
+
+# Select control interface backend for external programs, e.g, wpa_cli:
+# unix = UNIX domain sockets (default for Linux/*BSD)
+# udp = UDP sockets using localhost (127.0.0.1)
+# named_pipe = Windows Named Pipe (default for Windows)
+# y = use default (backwards compatibility)
+# If this option is commented out, control interface is not included in the
+# build.
+CONFIG_CTRL_IFACE=y
+
+# Include support for GNU Readline and History Libraries in wpa_cli.
+# When building a wpa_cli binary for distribution, please note that these
+# libraries are licensed under GPL and as such, BSD license may not apply for
+# the resulting binary.
+CONFIG_READLINE=y
+
+# Remove debugging code that is printing out debug message to stdout.
+# This can be used to reduce the size of the wpa_supplicant considerably
+# if debugging code is not needed. The size reduction can be around 35%
+# (e.g., 90 kB).
+#CONFIG_NO_STDOUT_DEBUG=y
+
+# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
+# 35-50 kB in code size.
+#CONFIG_NO_WPA=y
+
+# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to
+# save about 1 kB in code size when building only WPA-Personal (no EAP support)
+# or 6 kB if building for WPA-Enterprise.
+#CONFIG_NO_WPA2=y
+
+# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
+# This option can be used to reduce code size by removing support for
+# converting ASCII passphrases into PSK. If this functionality is removed, the
+# PSK can only be configured as the 64-octet hexstring (e.g., from
+# wpa_passphrase). This saves about 0.5 kB in code size.
+#CONFIG_NO_WPA_PASSPHRASE=y
+
+# Remove AES extra functions. This can be used to reduce code size by about
+# 1.5 kB by removing extra AES modes that are not needed for commonly used
+# client configurations (they are needed for some EAP types).
+#CONFIG_NO_AES_EXTRAS=y
+
+# Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
+# This can be used if ap_scan=1 mode is never enabled.
+#CONFIG_NO_SCAN_PROCESSING=y
+
+# Select configuration backend:
+# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
+# path is given on command line, not here; this option is just used to
+# select the backend that allows configuration files to be used)
+# winreg = Windows registry (see win_example.reg for an example)
+CONFIG_BACKEND=file
+
+# Remove configuration write functionality (i.e., to allow the configuration
+# file to be updated based on runtime configuration changes). The runtime
+# configuration can still be changed, the changes are just not going to be
+# persistent over restarts. This option can be used to reduce code size by
+# about 3.5 kB.
+#CONFIG_NO_CONFIG_WRITE=y
+
+# Remove support for configuration blobs to reduce code size by about 1.5 kB.
+#CONFIG_NO_CONFIG_BLOBS=y
+
+# Select program entry point implementation:
+# main = UNIX/POSIX like main() function (default)
+# main_winsvc = Windows service (read parameters from registry)
+# main_none = Very basic example (development use only)
+CONFIG_MAIN=main
+
+# Select wrapper for operatins system and C library specific functions
+# unix = UNIX/POSIX like systems (default)
+# win32 = Windows systems
+# none = Empty template
+CONFIG_OS=unix
+
+# Select event loop implementation
+# eloop = select() loop (default)
+# eloop_win = Windows events and WaitForMultipleObject() loop
+# eloop_none = Empty template
+CONFIG_ELOOP=eloop
+
+# Select layer 2 packet implementation
+# linux = Linux packet socket (default)
+# pcap = libpcap/libdnet/WinPcap
+# freebsd = FreeBSD libpcap
+# winpcap = WinPcap with receive thread
+# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
+# none = Empty template
+CONFIG_L2_PACKET=freebsd
+
+# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
+CONFIG_PEERKEY=y
+
+# IEEE 802.11w (management frame protection)
+# This version is an experimental implementation based on IEEE 802.11w/D1.0
+# draft and is subject to change since the standard has not yet been finalized.
+# Driver support is also needed for IEEE 802.11w.
+CONFIG_IEEE80211W=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA)
+# internal = Internal TLSv1 implementation (experimental)
+# none = Empty template
+CONFIG_TLS=openssl
+
+# Whether to enable TLS/IA support, which is required for EAP-TTLSv1.
+# You need CONFIG_TLS=gnutls for this to have any effect. Please note that
+# even though the core GnuTLS library is released under LGPL, this extra
+# library uses GPL and as such, the terms of GPL apply to the combination
+# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not
+# apply for distribution of the resulting binary.
+#CONFIG_GNUTLS_EXTRA=y
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+
+# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
+# This is only for Windows builds and requires WMI-related header files and
+# WbemUuid.Lib from Platform SDK even when building with MinGW.
+#CONFIG_NDIS_EVENTS_INTEGRATED=y
+#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
+
+# Add support for DBus control interface
+CONFIG_CTRL_IFACE_DBUS=y
+
+# Add support for loading EAP methods dynamically as shared libraries.
+# When this option is enabled, each EAP method can be either included
+# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
+# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
+# be loaded in the beginning of the wpa_supplicant configuration file
+# (see load_dynamic_eap parameter in the example file) before being used in
+# the network blocks.
+#
+# Note that some shared parts of EAP methods are included in the main program
+# and in order to be able to use dynamic EAP methods using these parts, the
+# main program must have been build with the EAP method enabled (=y or =dyn).
+# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
+# unless at least one of them was included in the main build to force inclusion
+# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
+# in the main build to be able to load these methods dynamically.
+#
+# Please also note that using dynamic libraries will increase the total binary
+# size. Thus, it may not be the best option for targets that have limited
+# amount of memory/flash.
+#CONFIG_DYNAMIC_EAP_METHODS=y
+
+# Include client MLME (management frame processing).
+# This can be used to move MLME processing of Devicescape IEEE 802.11 stack
+# into user space.
+#CONFIG_CLIENT_MLME=y
+# Currently, driver_devicescape.c build requires some additional parameters
+# to be able to include some of the kernel header files. Following lines can
+# be used to set these (WIRELESS_DEV must point to the root directory of the
+# wireless-dev.git tree).
+#WIRELESS_DEV=/usr/src/wireless-dev
+#CFLAGS += -I$(WIRELESS_DEV)/net/mac80211
+
+# IEEE 802.11r/D4.1 (Fast BSS Transition)
+# This enables an experimental implementation of a draft version of
+# IEEE 802.11r. This draft is still subject to change, so it should be noted
+# that this version may not comply with the final standard.
+CONFIG_IEEE80211R=y
+
+# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
+CONFIG_DEBUG_FILE=y
+
+# Enable privilege separation (see README 'Privilege separation' for details)
+#CONFIG_PRIVSEP=y
--- /dev/null
+# Debian's wpa_supplicant build time configuration
+
+# Driver interface for Host AP driver
+# XXX: Linux mainline hostap driver supports wext since Linux 2.6.14 (or earlier)
+#CONFIG_DRIVER_HOSTAP=y
+
+# Driver interface for Agere driver
+# XXX: Non-GPL header required
+#CONFIG_DRIVER_HERMES=y
+# Change include directories to match with the local setup
+#CFLAGS += -I../../hcf -I../../include -I../../include/hcf
+#CFLAGS += -I../../include/wireless
+
+# Driver interface for madwifi driver
+# XXX: madwifi driver supports wext in all Debian releases so far
+#CONFIG_DRIVER_MADWIFI=y
+# Change include directories to match with the local setup
+#CFLAGS += -I../debian/madwifi-headers
+
+# Driver interface for Prism54 driver
+# (Note: Prism54 is not yet supported, i.e., this will not work as-is and is
+# for developers only)
+#CONFIG_DRIVER_PRISM54=y
+
+# Driver interface for ndiswrapper
+# XXX: Deprecated since Linux 2.6.14
+#CONFIG_DRIVER_NDISWRAPPER=y
+
+# Driver interface for Atmel driver
+#CONFIG_DRIVER_ATMEL=y
+
+# Driver interface for Broadcom driver
+# XXX: Non-GPL header required
+#CONFIG_DRIVER_BROADCOM=y
+# Example path for wlioctl.h; change to match your configuration
+#CFLAGS += -I/opt/WRT54GS/release/src/include
+
+# Driver interface for Intel ipw2100/2200 driver
+# XXX: Deprecated since Linux 2.6.14
+#CONFIG_DRIVER_IPW=y
+
+# Driver interface for Ralink driver
+# XXX: rt2x00 supports DRIVER_WEXT, the legacy drivers hardly work at all
+#CONFIG_DRIVER_RALINK=y
+
+# Driver interface for generic Linux wireless extensions
+CONFIG_DRIVER_WEXT=y
+
+# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
+# XXX: we are not FreeBSD
+#CONFIG_DRIVER_BSD=y
+#CFLAGS += -I/usr/local/include
+#LIBS += -L/usr/local/lib
+
+# Driver interface for Windows NDIS
+# XXX: we don't cater for the win32 arch
+#CONFIG_DRIVER_NDIS=y
+#CFLAGS += -I/usr/include/w32api/ddk
+#LIBS += -L/usr/local/lib
+# For native build using mingw
+#CONFIG_NATIVE_WINDOWS=y
+# Additional directories for cross-compilation on Linux host for mingw target
+#CFLAGS += -I/opt/mingw/mingw32/include/ddk
+#LIBS += -L/opt/mingw/mingw32/lib
+#CC=mingw32-gcc
+# By default, driver_ndis uses WinPcap for low-level operations. This can be
+# replaced with the following option which replaces WinPcap calls with NDISUIO.
+# However, this requires that WZC is disabled (net stop wzcsvc) before starting
+# wpa_supplicant.
+# CONFIG_USE_NDISUIO=y
+
+# Driver interface for development testing
+#CONFIG_DRIVER_TEST=y
+
+# Driver interface for wired Ethernet drivers
+CONFIG_DRIVER_WIRED=y
+
+# Enable IEEE 802.1X Supplicant (automatically included if any EAP method is
+# included)
+CONFIG_IEEE8021X_EAPOL=y
+
+# EAP-MD5
+CONFIG_EAP_MD5=y
+
+# EAP-MSCHAPv2
+CONFIG_EAP_MSCHAPV2=y
+
+# EAP-TLS
+CONFIG_EAP_TLS=y
+
+# EAL-PEAP
+CONFIG_EAP_PEAP=y
+
+# EAP-TTLS
+CONFIG_EAP_TTLS=y
+
+# EAP-FAST
+# Note: Default OpenSSL package does not include support for all the
+# functionality needed for EAP-FAST. If EAP-FAST is enabled with OpenSSL,
+# the OpenSSL library must be patched (openssl-0.9.8d-tls-extensions.patch)
+# to add the needed functions.
+#CONFIG_EAP_FAST=y
+
+# EAP-GTC
+CONFIG_EAP_GTC=y
+
+# EAP-OTP
+CONFIG_EAP_OTP=y
+
+# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
+#CONFIG_EAP_SIM=y
+
+# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
+CONFIG_EAP_PSK=y
+
+# EAP-PAX
+CONFIG_EAP_PAX=y
+
+# LEAP
+CONFIG_EAP_LEAP=y
+
+# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
+CONFIG_EAP_AKA=y
+
+# EAP-SAKE
+#CONFIG_EAP_SAKE=y
+
+# EAP-GPSK
+#CONFIG_EAP_GPSK=y
+# Include support for optional SHA256 cipher suite in EAP-GPSK
+#CONFIG_EAP_GPSK_SHA256=y
+
+# EAP-TNC and related Trusted Network Connect support (experimental)
+#CONFIG_EAP_TNC=y
+
+# EAP-IKEv2
+#CONFIG_EAP_IKEV2=y
+
+# PKCS#12 (PFX) support (used to read private key and certificate file from
+# a file that usually has extension .p12 or .pfx)
+CONFIG_PKCS12=y
+
+# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
+# engine.
+#CONFIG_SMARTCARD=y
+
+# PC/SC interface for smartcards (USIM, GSM SIM)
+# Enable this if EAP-SIM or EAP-AKA is included
+#CONFIG_PCSC=y
+
+# Development testing
+#CONFIG_EAPOL_TEST=y
+
+# Select control interface backend for external programs, e.g, wpa_cli:
+# unix = UNIX domain sockets (default for Linux/*BSD)
+# udp = UDP sockets using localhost (127.0.0.1)
+# named_pipe = Windows Named Pipe (default for Windows)
+# y = use default (backwards compatibility)
+# If this option is commented out, control interface is not included in the
+# build.
+CONFIG_CTRL_IFACE=y
+
+# Include support for GNU Readline and History Libraries in wpa_cli.
+# When building a wpa_cli binary for distribution, please note that these
+# libraries are licensed under GPL and as such, BSD license may not apply for
+# the resulting binary.
+#CONFIG_READLINE=y
+
+# Remove debugging code that is printing out debug message to stdout.
+# This can be used to reduce the size of the wpa_supplicant considerably
+# if debugging code is not needed. The size reduction can be around 35%
+# (e.g., 90 kB).
+#CONFIG_NO_STDOUT_DEBUG=y
+
+# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
+# 35-50 kB in code size.
+#CONFIG_NO_WPA=y
+
+# Remove WPA2 support. This allows WPA to be used, but removes WPA2 code to
+# save about 1 kB in code size when building only WPA-Personal (no EAP support)
+# or 6 kB if building for WPA-Enterprise.
+#CONFIG_NO_WPA2=y
+
+# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
+# This option can be used to reduce code size by removing support for
+# converting ASCII passphrases into PSK. If this functionality is removed, the
+# PSK can only be configured as the 64-octet hexstring (e.g., from
+# wpa_passphrase). This saves about 0.5 kB in code size.
+#CONFIG_NO_WPA_PASSPHRASE=y
+
+# Remove AES extra functions. This can be used to reduce code size by about
+# 1.5 kB by removing extra AES modes that are not needed for commonly used
+# client configurations (they are needed for some EAP types).
+#CONFIG_NO_AES_EXTRAS=y
+
+# Disable scan result processing (ap_mode=1) to save code size by about 1 kB.
+# This can be used if ap_scan=1 mode is never enabled.
+#CONFIG_NO_SCAN_PROCESSING=y
+
+# Select configuration backend:
+# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
+# path is given on command line, not here; this option is just used to
+# select the backend that allows configuration files to be used)
+# winreg = Windows registry (see win_example.reg for an example)
+CONFIG_BACKEND=file
+
+# Remove configuration write functionality (i.e., to allow the configuration
+# file to be updated based on runtime configuration changes). The runtime
+# configuration can still be changed, the changes are just not going to be
+# persistent over restarts. This option can be used to reduce code size by
+# about 3.5 kB.
+#CONFIG_NO_CONFIG_WRITE=y
+
+# Remove support for configuration blobs to reduce code size by about 1.5 kB.
+#CONFIG_NO_CONFIG_BLOBS=y
+
+# Select program entry point implementation:
+# main = UNIX/POSIX like main() function (default)
+# main_winsvc = Windows service (read parameters from registry)
+# main_none = Very basic example (development use only)
+CONFIG_MAIN=main
+
+# Select wrapper for operatins system and C library specific functions
+# unix = UNIX/POSIX like systems (default)
+# win32 = Windows systems
+# none = Empty template
+CONFIG_OS=unix
+
+# Select event loop implementation
+# eloop = select() loop (default)
+# eloop_win = Windows events and WaitForMultipleObject() loop
+# eloop_none = Empty template
+CONFIG_ELOOP=eloop
+
+# Select layer 2 packet implementation
+# linux = Linux packet socket (default)
+# pcap = libpcap/libdnet/WinPcap
+# freebsd = FreeBSD libpcap
+# winpcap = WinPcap with receive thread
+# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
+# none = Empty template
+CONFIG_L2_PACKET=linux
+
+# PeerKey handshake for Station to Station Link (IEEE 802.11e DLS)
+CONFIG_PEERKEY=y
+
+# IEEE 802.11w (management frame protection)
+# This version is an experimental implementation based on IEEE 802.11w/D1.0
+# draft and is subject to change since the standard has not yet been finalized.
+# Driver support is also needed for IEEE 802.11w.
+CONFIG_IEEE80211W=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS (needed for TLS/IA, see also CONFIG_GNUTLS_EXTRA)
+# internal = Internal TLSv1 implementation (experimental)
+# none = Empty template
+CONFIG_TLS=openssl
+
+# Whether to enable TLS/IA support, which is required for EAP-TTLSv1.
+# You need CONFIG_TLS=gnutls for this to have any effect. Please note that
+# even though the core GnuTLS library is released under LGPL, this extra
+# library uses GPL and as such, the terms of GPL apply to the combination
+# of wpa_supplicant and GnuTLS if this option is enabled. BSD license may not
+# apply for distribution of the resulting binary.
+#CONFIG_GNUTLS_EXTRA=y
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
+# This is only for Windows builds and requires WMI-related header files and
+# WbemUuid.Lib from Platform SDK even when building with MinGW.
+#CONFIG_NDIS_EVENTS_INTEGRATED=y
+#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
+
+# Add support for DBus control interface
+CONFIG_CTRL_IFACE_DBUS=y
+
+# Add support for loading EAP methods dynamically as shared libraries.
+# When this option is enabled, each EAP method can be either included
+# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
+# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
+# be loaded in the beginning of the wpa_supplicant configuration file
+# (see load_dynamic_eap parameter in the example file) before being used in
+# the network blocks.
+#
+# Note that some shared parts of EAP methods are included in the main program
+# and in order to be able to use dynamic EAP methods using these parts, the
+# main program must have been build with the EAP method enabled (=y or =dyn).
+# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
+# unless at least one of them was included in the main build to force inclusion
+# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
+# in the main build to be able to load these methods dynamically.
+#
+# Please also note that using dynamic libraries will increase the total binary
+# size. Thus, it may not be the best option for targets that have limited
+# amount of memory/flash.
+#CONFIG_DYNAMIC_EAP_METHODS=y
+
+# Include client MLME (management frame processing).
+# This can be used to move MLME processing of Devicescape IEEE 802.11 stack
+# into user space.
+#CONFIG_CLIENT_MLME=y
+# Currently, driver_devicescape.c build requires some additional parameters
+# to be able to include some of the kernel header files. Following lines can
+# be used to set these (WIRELESS_DEV must point to the root directory of the
+# wireless-dev.git tree).
+WIRELESS_DEV=~/core/compat-wireless-2009-01-26
+CFLAGS += -I$(WIRELESS_DEV)/net/mac80211
+
+# IEEE Std 802.11r-2008 (Fast BSS Transition)
+CONFIG_IEEE80211R=y
+
+# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
+CONFIG_DEBUG_FILE=y
+
+# Enable privilege separation (see README 'Privilege separation' for details)
+#CONFIG_PRIVSEP=y
+
+# Enable mitigation against certain attacks against TKIP by delaying Michael
+# MIC error reports by a random amount of time between 0 and 60 seconds
+CONFIG_DELAYED_MIC_ERROR_REPORT=y
--- /dev/null
+Source: wpasupplicant
+Section: net
+Priority: optional
+Maintainer: Jukka Rissanen <jukka.rissanen@nokia.com>
+Build-Depends: debhelper (>= 5),
+ libdbus-glib-1-dev,
+ libssl-dev,
+ libdbus-1-dev,
+ pkg-config
+Standards-Version: 3.8.0
+Vcs-Git: https://git.maemo.org/projects/wpasupplicant
+Homepage: http://w1.fi/wpa_supplicant/
+
+Package: wpasupplicant
+Architecture: any
+Depends: ${shlibs:Depends}, lsb-base (>= 3.0-6)
+Suggests: wpagui, libengine-pkcs11-openssl
+Description: client support for WPA and WPA2 (IEEE 802.11i)
+ WPA and WPA2 are methods for securing wireless networks, the former
+ using IEEE 802.1X, and the latter using IEEE 802.11i. This software
+ provides key negotiation with the WPA Authenticator, and controls
+ association with IEEE 802.11i networks.
+
--- /dev/null
+Upstream-Name: wpa_supplicant
+Upstream-Maintainer: Jouni Malinen <j@w1.fi>
+Upstream-Source: http://w1.fi/wpa_supplicant/
+
+Files: debian/*
+Copyright: Copyright (c) 2004-2006, Kyle McMartin <kyle@debian.org>
+Copyright: Copyright (c) 2006-2008, Reinhard Tartler <siretart@tauware.de>
+Copyright: Copyright (c) 2006-2008, Kel Modderman <kel@otaku42.de>
+License: BSD | GPL-2
+
+Files: *
+Copyright: Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi> and contributors
+License: BSD | GPL-2
+
+Files: src/common/wireless_copy.h
+Copyright: Copyright (c) 1997-2005, Jean Tourrilhes <jt@hpl.hp.com>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_atmel.c
+Copyright: Copyright (c) 2000-2005, ATMEL Corporation
+Copyright: Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_broadcom.c
+Copyright: Copyright (c) 2004, Nikki Chumkov <nikki@gattaca.ru>
+Copyright: Copyright (c) 2004, Jouni Malinen <j@w1.fi>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_bsd.c
+Copyright: Copyright (c) 2004, Sam Leffler <sam@errno.com>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_ipw.c
+Copyright: Copyright (c) 2005, Zhu Yi <yi.zhu@intel.com>
+Copyright: Copyright (c) 2004, Lubomir Gelo <lgelo@cnc.sk>
+Copyright: Copyright (c) 2003-2004, Jouni Malinen <j@w1.fi>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_madwifi.c
+Copyright: Copyright (c) 2004, Sam Leffler <sam@errno.com>
+Copyright: Copyright (c) 2004-2005, Jouni Malinen <j@w1.fi>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_ndiswrapper.c
+Copyright: Copyright (c) 2004-2006, Giridhar Pemmasani <giri@lmc.cs.sunysb.edu>
+Copyright: Copyright (c) 2004-2006, Jouni Malinen <j@w1.fi>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_prism54.c
+Copyright: Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
+Copyright: Copyright (c) 2004, Luis R. Rodriguez <mcgrof@ruslug.rutgers.edu>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_ralink.*
+Copyright: Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi>
+Copyright: Copyright (c) 2007, Snowpin Lee <snowpin_lee@ralinktech.com.tw>
+License: BSD | GPL-2
+
+Files: src/drivers/driver_roboswitch.*
+Copyright: Copyright (c) 2008 Jouke Witteveen
+License: BSD | GPL-2
+
+Files: src/l2_packet/l2_packet_freebsd.c
+Copyright: Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
+Copyright: Copyright (c) 2005, Sam Leffler <sam@errno.com>
+License: BSD | GPL-2
+
+Files: src/drivers/radiotap.c
+Copyright: Copyright (c) 2007, Andy Green <andy@warmcat.com>
+License: BSD | GPL-2
+
+Files: src/drivers/radiotap.h
+Copyright: Copyright (c) 2003-2004, David Young
+License: BSD
+
+Files: wpa_supplicant/ctrl_iface_dbus*, wpa_supplicant/dbus_dict_helpers.*
+Copyright: Copyright (c) 2006, Dan Williams <dcbw@redhat.com> and Red Hat, Inc.
+License: BSD | GPL-2
+
+Files: wpa_supplicant/doc/kerneldoc2doxygen.pl
+Copyright: Copyright (c) 2003, Jonathan Foster <jon@jon-foster.co.uk>
+Copyright: Copyright (c) 2005, Jouni Malinen <j@w1.fi>
+License: GPL-2
+
+Files: wpa_supplicant/mlme.*
+Copyright: Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
+Copyright: Copyright (c) 2004, Instant802 Networks, Inc.
+ (c) 2005-2006, Devicescape Software, Inc.
+License: BSD | GPL-2
+
+License: GPL-2
+ On Debian GNU/Linux systems, the complete text of the GNU General Public
+ License version 2 can be found in `/usr/share/common-licenses/GPL-2'.
+
+License: BSD
+ On Debian GNU/Linux systems, the complete text of the BSD License can be
+ found in `/usr/share/common-licenses/BSD'.
--- /dev/null
+######################## Debian wpa-roam Template #############################
+#
+# Template configuration for wpa-roam mode of Debian's wpasupplicant package.
+# wpa-roam mode is described in detail in the wpa_action(8) manpage, and also
+# at /usr/share/doc/wpasupplicant/README.modes.gz. Please read these documents
+# to get an overview of how to setup this mode.
+#
+# For a detailed set of configuration examples for different networks, refer to
+# /usr/share/doc/wpasupplicant/README.wpa_supplicant.conf.gz
+#
+# Also see the other files in /usr/share/doc/wpasupplicant/examples/ for
+# specific network configuration examples.
+#
+# Empty lines and lines starting with # are ignored
+#
+# NOTE! This file may contain password information and should be made readable
+# only by root user or netdev group on multiuser systems.
+#
+######################## Global Configuration Options #########################
+#
+# The update_config option can be used to allow wpa_supplicant to overwrite
+# configuration file whenever configuration is changed (e.g., new network block
+# is added with wpa_cli or wpa_gui, or a password is changed). This is required
+# for wpa_cli/wpa_gui to be able to store the configuration changes
+# permanently.
+#
+# NOTE! Any comments will be removed from the configuration file when the
+# update_config option is used.
+#
+#update_config=1
+
+# The ctrl_interface specifies the path to a unix socket through which the
+# supplicant may be controlled and interacted with.
+#
+# DIR= Path to UNIX socket control interface, mandatory for wpa-roam mode
+# GROUP= Users in this group to control wpa_supplicant via wpa_cli/wpa_gui
+#
+ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
+#
+######################## Network Block Configurations #########################
+#
+# Each network is configured as a separate block in this configuration file.
+# The network blocks are listed in preference of order, the top most network
+# to be found in scan results is used.
+#
+# By default, all networks will get same priority (0). If some of the networks
+# are more desirable, the "priority=" network parameter can be used to change
+# the order in which wpa_supplicant goes through the network blocks when
+# selecting what network will be used. The priority groups will be iterated
+# in decreasing priority, the network with the highest priority value will be
+# considered for selection first and the network with the lowest priority value
+# will be considered last.
+#
+# NOTE! The scan_ssid=1 and ap_scan=2 modes ignore the priority field. Instead,
+# the networks will be considered in the order specified in this configuration
+# file.
+#
+# The "id_str=" network identifier string parameter is given to wpa_action when
+# a network has been selected, and contains this field in its configuration
+# block. The given id_str string will be used to select a logical interfaces
+# from ifupdown's /etc/network/interfaces file.
+#
+###############################################################################
+
+#network={
+# ssid="Example WEP Network"
+# key_mgmt=NONE
+# wep_key0=6162636465
+# wep_tx_keyidx=0
+# id_str="johns_house"
+#}
+
+#network={
+# ssid="Example WPA Network"
+# psk="mysecretpassphrase"
+# id_str="home"
+#}
+
+###############################################################################
+# Default behaviour is to associate with any open access point, further
+# networks can be configured with wpa_cli/wpa_gui.
+#
+network={
+ key_mgmt=NONE
+}
--- /dev/null
+#!/bin/bash -e
+
+DATE=$(date -u +%Y%m%d)
+
+TMP=$(mktemp -d -p /tmp wpasupplicant.XXXXX)
+trap "{ [[ -d ${TMP} ]] && find ${TMP} -delete; }" exit
+
+pushd ${TMP} >/dev/null
+ git clone 'git://w1.fi/srv/git/hostap.git' hostap
+
+ pushd hostap >/dev/null
+ UPSVER=$(head -n 3 wpa_supplicant/ChangeLog | tail -n 1 | sed 's/^.* - v//')
+ GITVER=$(git describe --always | sed 's/^.*-//');
+ VER=${UPSVER}~git.${DATE}.${GITVER}
+
+ git-archive --format=tar --prefix=wpa_supplicant-${VER}/ HEAD \
+ README COPYING patches src wpa_supplicant |
+ tar --directory=.. -xf -
+ popd >/dev/null
+
+ tar czf wpasupplicant-${VER}.tar.gz wpa_supplicant-${VER}/
+popd >/dev/null
+
+cp -v ${TMP}/wpasupplicant-${VER}.tar.gz ${1:-.}
--- /dev/null
+#!/bin/sh
+
+# Action script to enable/disable wpa-roam interfaces in reaction to
+# pm-action or ifplugd events.
+#
+# Copyright: Copyright (c) 2008, Kel Modderman <kel@otaku42.de>
+# License: GPL-2
+#
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+if [ ! -x /sbin/wpa_action ]; then
+ exit 0
+fi
+
+SELF=action_wpa
+COMMAND=
+IFPLUGD_IFACE=
+
+# pm-action(8) - <action> <suspend method>
+#
+# On suspend|hibernate, disconnect any wpa-roam managed interfaces,
+# reconnect it on resume.
+
+case "${1}" in
+ suspend|hibernate)
+ COMMAND=disconnect
+ ;;
+ resume|thaw)
+ COMMAND=reconnect
+ ;;
+esac
+
+if [ -z "$COMMAND" ]; then
+ # ifplugd(8) - <iface> <action>
+ #
+ # If an ifplugd managed interface is brought up, disconnect any
+ # wpa-roam managed interfaces so that only one "roaming" interface
+ # remains active on the system.
+
+ IFPLUGD_IFACE="${1}"
+
+ case "${2}" in
+ up)
+ COMMAND=disconnect
+ ;;
+ down)
+ COMMAND=reconnect
+ ;;
+ *)
+ echo "${SELF}: unknown $0 arguments: ${@}" >&2
+ exit 1
+ ;;
+ esac
+fi
+
+if [ -z "$COMMAND" ]; then
+ echo "${SELF}: unknown arguments: ${@}" >&2
+ exit 1
+fi
+
+for CTRL in /var/run/wpa_supplicant/*; do
+ [ -S "${CTRL}" ] || continue
+
+ IFACE="${CTRL#/var/run/wpa_supplicant/}"
+
+ wpa_action "${IFACE}" check || continue
+
+ if [ "${IFPLUGD_IFACE}" ] && [ "${IFPLUGD_IFACE}" = "${IFACE}" ]; then
+ # if ifplugd is managing this interface (not likely but..)
+ # do nothing
+ continue
+ fi
+
+ wpa_cli -i "${IFACE}" "${COMMAND}"
+done
--- /dev/null
+#!/bin/sh
+
+#####################################################################
+## Purpose
+# This file contains common shell functions used by scripts of the
+# wpasupplicant package to allow ifupdown to manage wpa_supplicant.
+# It also contains some functions used by wpa_action(8) that allow
+# ifupdown to be managed by wpa_cli(8) action events.
+#
+# This file is provided by the wpasupplicant package.
+
+#####################################################################
+# Copyright (C) 2006 - 2008 Debian/Ubuntu wpasupplicant Maintainers
+# <pkg-wpa-devel@lists.alioth.debian.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# On Debian GNU/Linux systems, the text of the GPL license can be
+# found in /usr/share/common-licenses/GPL.
+
+#####################################################################
+## global variables
+# wpa_supplicant variables
+WPA_SUP_BIN="/sbin/wpa_supplicant"
+WPA_SUP_PNAME="wpa_supplicant"
+WPA_SUP_PIDFILE="/var/run/wpa_supplicant.${WPA_IFACE}.pid"
+WPA_SUP_LOGFILE="/var/log/wpa_supplicant.${WPA_IFACE}.log"
+
+# wpa_cli variables
+WPA_CLI_BIN="/sbin/wpa_cli"
+WPA_CLI_PNAME="wpa_cli"
+WPA_CLI_PIDFILE="/var/run/wpa_action.${WPA_IFACE}.pid"
+WPA_CLI_LOGFILE="/var/log/wpa_action.${WPA_IFACE}.log"
+WPA_CLI_TIMESTAMP="/var/run/wpa_action.${WPA_IFACE}.timestamp"
+WPA_CLI_IFUPDOWN="/var/run/wpa_action.${WPA_IFACE}.ifupdown"
+
+# sendsigs omission interface, present in initscripts (>= 2.86.ds1-48)
+if [ -d /lib/init/rw/sendsigs.omit.d/ ]; then
+ # Debian
+ WPA_SUP_OMIT_PIDFILE="/lib/init/rw/sendsigs.omit.d/wpasupplicant.wpa_supplicant.${WPA_IFACE}.pid"
+ WPA_CLI_OMIT_PIDFILE="/lib/init/rw/sendsigs.omit.d/wpasupplicant.wpa_action.${WPA_IFACE}.pid"
+elif [ -d /var/run/sendsigs.omit.d/ ]; then
+ # Ubuntu, see https://launchpad.net/bugs/181541 for status
+ WPA_SUP_OMIT_PIDFILE="/var/run/sendsigs.omit.d/wpasupplicant.wpa_supplicant.${WPA_IFACE}.pid"
+ WPA_CLI_OMIT_PIDFILE="/var/run/sendsigs.omit.d/wpasupplicant.wpa_action.${WPA_IFACE}.pid"
+else
+ WPA_SUP_OMIT_PIDFILE=
+ WPA_CLI_OMIT_PIDFILE=
+fi
+
+# default ctrl_interface socket directory
+if [ -z "$WPA_CTRL_DIR" ]; then
+ WPA_CTRL_DIR="/var/run/wpa_supplicant"
+fi
+
+# verbosity variables
+if [ -n "$IF_WPA_VERBOSITY" ] || [ "$VERBOSITY" = "1" ]; then
+ TO_NULL="/dev/stdout"
+ DAEMON_VERBOSITY="--verbose"
+else
+ TO_NULL="/dev/null"
+ DAEMON_VERBOSITY="--quiet"
+fi
+
+#####################################################################
+## wpa_cli wrapper
+# Path to common ctrl_interface socket and iface supplied.
+# NB: WPA_CTRL_DIR cannot be used for interactive commands, it is
+# set only in the environment that wpa_cli provides when processing
+# action events.
+#
+wpa_cli () {
+ "$WPA_CLI_BIN" -p "$WPA_CTRL_DIR" -i "$WPA_IFACE" "$@"
+
+ return "$?"
+}
+
+#####################################################################
+## verbose and stderr message wrapper
+# Ensures a standard and easily identifiable message is printed by
+# scripts using this function library.
+#
+# verbose To stdout when IF_WPA_VERBOSITY or VERBOSITY is true
+#
+# action Same as verbose but without newline
+# Useful for allowing wpa_cli commands to echo result
+# value of 'OK' or 'FAILED'
+#
+# stderr Echo warning or error messages to stderr
+#
+# NB: when called by wpa_action, there is no redirection (verbose)
+#
+wpa_msg () {
+ if [ -n "$WPA_ACTION" ]; then
+ shift
+ echo "wpa_action: $@"
+ return
+ fi
+
+ case "$1" in
+ "verbose")
+ shift
+ echo "$WPA_SUP_PNAME: $@" >$TO_NULL
+ ;;
+ "action")
+ shift
+ echo -n "$WPA_SUP_PNAME: $@ -- " >$TO_NULL
+ ;;
+ "stderr")
+ shift
+ echo "$WPA_SUP_PNAME: $@" >/dev/stderr
+ ;;
+ *)
+ ;;
+ esac
+}
+
+#####################################################################
+## validate daemon pid files
+# Test daemon process ID files via start-stop-daemon with a signal 0
+# given the exec binary and pidfile location.
+#
+# $1 daemon
+# $2 pidfile
+#
+# Returns true when pidfile exists, the process ID exists _and_ was
+# created by the exec binary.
+#
+# If the test fails, but the pidfile exists, it is stale
+#
+test_daemon_pidfile () {
+ local DAEMON
+ local PIDFILE
+
+ if [ -n "$1" ]; then
+ DAEMON="$1"
+ fi
+
+ if [ -f "$2" ]; then
+ PIDFILE="$2"
+ fi
+
+ if [ -n "$DAEMON" ] && [ -f "$PIDFILE" ]; then
+ if start-stop-daemon --stop --quiet --signal 0 \
+ --exec "$DAEMON" --pidfile "$PIDFILE"; then
+ return 0
+ else
+ rm -f "$PIDFILE"
+ return 1
+ fi
+ else
+ return 1
+ fi
+}
+
+# validate wpa_supplicant pidfile
+test_wpa_supplicant () {
+ test_daemon_pidfile "$WPA_SUP_BIN" "$WPA_SUP_PIDFILE"
+}
+
+# validate wpa_cli pidfile
+test_wpa_cli () {
+ test_daemon_pidfile "$WPA_CLI_BIN" "$WPA_CLI_PIDFILE"
+}
+
+#####################################################################
+## daemonize wpa_supplicant
+# Start wpa_supplicant via start-stop-dameon with all required
+# options. Will start if environment variable WPA_SUP_CONF is present
+#
+# Required options:
+# -B dameonize/background process
+# -D driver backend ('wext' if none given)
+# -P process ID file
+# -C path to ctrl_interface socket directory
+#
+# Optional options:
+# -c configuration file
+# -W wait for wpa_cli to attach to ctrl_interface socket
+# -b bridge interface name
+# -f path to log file
+#
+init_wpa_supplicant () {
+ [ -n "$WPA_SUP_CONF" ] || return 0
+
+ local WPA_SUP_OPTIONS
+
+ if [ -n "$WPA_ACTION_SCRIPT" ]; then
+ if [ -x "$WPA_ACTION_SCRIPT" ]; then
+ WPA_SUP_OPTIONS="-W -B -P $WPA_SUP_PIDFILE -i $WPA_IFACE"
+ wpa_msg verbose "wait for wpa_cli to attach"
+ else
+ wpa_msg stderr "action script \"$WPA_ACTION_SCRIPT\" not executable"
+ return 1
+ fi
+ else
+ WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $WPA_IFACE"
+ fi
+
+ if [ -n "$IF_WPA_BRIDGE" ]; then
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -b $IF_WPA_BRIDGE"
+ wpa_msg verbose "wpa-bridge $IF_WPA_BRIDGE"
+ fi
+
+ if [ -n "$IF_WPA_DRIVER" ]; then
+ wpa_msg verbose "wpa-driver $IF_WPA_DRIVER"
+ case "$IF_WPA_DRIVER" in
+ hostap|ipw|madwifi|ndiswrapper)
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D wext"
+ wpa_msg stderr "\"$IF_WPA_DRIVER\" wpa-driver is unsupported"
+ wpa_msg stderr "using \"wext\" wpa-driver instead ..."
+ ;;
+ *)
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D $IF_WPA_DRIVER"
+ ;;
+ esac
+ else
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D wext"
+ wpa_msg verbose "using default driver type: wpa-driver wext"
+ fi
+
+ if [ -n "$IF_WPA_DEBUG_LEVEL" ]; then
+ case "$IF_WPA_DEBUG_LEVEL" in
+ 3)
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -ddd"
+ ;;
+ 2)
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -dd"
+ ;;
+ 1)
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -d"
+ ;;
+ 0)
+ # wpa_supplicant default verbosity
+ ;;
+ -1)
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -q"
+ ;;
+ -2)
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -qq"
+ ;;
+ esac
+ wpa_msg verbose "using debug level: $IF_WPA_DEBUG_LEVEL"
+ else
+ # log warnings only by default
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -q"
+ fi
+
+ if [ -n "$IF_WPA_LOGFILE" ]; then
+ # custom log file
+ WPA_SUP_LOGFILE="$IF_WPA_LOGFILE"
+ wpa_msg verbose "logging to $IF_WPA_LOGFILE"
+ fi
+
+ if [ -d "${WPA_SUP_LOGFILE%/*}" ]; then
+ WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -f $WPA_SUP_LOGFILE"
+ else
+ wpa_msg stderr "unable to log output to $WPA_SUP_LOGFILE"
+ fi
+
+ wpa_msg verbose "$WPA_SUP_BIN $WPA_SUP_OPTIONS $WPA_SUP_CONF"
+
+ start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
+ --name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE \
+ -- $WPA_SUP_OPTIONS $WPA_SUP_CONF
+
+ if [ "$?" -ne 0 ]; then
+ wpa_msg stderr "$WPA_SUP_BIN daemon failed to start"
+ return 1
+ fi
+
+ if [ -n "$WPA_SUP_OMIT_PIDFILE" ]; then
+ local WPA_PIDFILE_WAIT
+ local MAX_WPA_PIDFILE_WAIT
+ WPA_PIDFILE_WAIT="0"
+ MAX_WPA_PIDFILE_WAIT="5"
+ until [ -s "$WPA_SUP_PIDFILE" ]; do
+ if [ "$WPA_PIDFILE_WAIT" -ge "$MAX_WPA_PIDFILE_WAIT" ]; then
+ wpa_msg stderr "timed out waiting for creation of $WPA_SUP_PIDFILE"
+ return 1
+ else
+ wpa_msg verbose "waiting for \"$WPA_SUP_PIDFILE\": " \
+ "$WPA_PIDFILE_WAIT (max. $MAX_WPA_PIDFILE_WAIT)"
+ fi
+
+ WPA_PIDFILE_WAIT=$(($WPA_PIDFILE_WAIT + 1))
+ sleep 1
+ done
+ wpa_msg verbose "creating sendsigs omission pidfile: $WPA_SUP_OMIT_PIDFILE"
+ cat "$WPA_SUP_PIDFILE" > "$WPA_SUP_OMIT_PIDFILE"
+ else
+ wpa_msg verbose "sendsigs omission pidfile not created"
+ fi
+
+ local WPA_SOCKET_WAIT
+ local MAX_WPA_SOCKET_WAIT
+ WPA_SOCKET_WAIT="0"
+ MAX_WPA_SOCKET_WAIT="5"
+ until [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; do
+ if [ "$WPA_SOCKET_WAIT" -ge "$MAX_WPA_SOCKET_WAIT" ]; then
+ wpa_msg stderr "ctrl_interface socket not found at $WPA_CTRL_DIR/$WPA_IFACE"
+ return 1
+ else
+ wpa_msg verbose "waiting for \"$WPA_CTRL_DIR/$WPA_IFACE\": " \
+ "$WPA_SOCKET_WAIT (max. $MAX_WPA_SOCKET_WAIT)"
+ fi
+
+ WPA_SOCKET_WAIT=$(($WPA_SOCKET_WAIT + 1))
+ sleep 1
+ done
+
+ wpa_msg verbose "ctrl_interface socket located at $WPA_CTRL_DIR/$WPA_IFACE"
+}
+
+#####################################################################
+## stop wpa_supplicant process
+# Kill wpa_supplicant via start-stop-daemon, given the location of
+# the pidfile or ctrl_interface socket path and interface name
+#
+kill_wpa_supplicant () {
+ test_wpa_supplicant || return 0
+
+ wpa_msg verbose "terminating $WPA_SUP_PNAME daemon via pidfile $WPA_SUP_PIDFILE"
+
+ start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
+ --exec $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE
+
+ if [ -f "$WPA_SUP_PIDFILE" ]; then
+ rm -f "$WPA_SUP_PIDFILE"
+ fi
+
+ if [ -f "$WPA_SUP_OMIT_PIDFILE" ]; then
+ wpa_msg verbose "removing $WPA_SUP_OMIT_PIDFILE"
+ rm -f "$WPA_SUP_OMIT_PIDFILE"
+ fi
+}
+
+#####################################################################
+## reload wpa_supplicant process
+# Sending a HUP signal causes wpa_supplicant to reparse its
+# configuration file
+#
+reload_wpa_supplicant () {
+ if test_wpa_supplicant; then
+ wpa_msg verbose "reloading wpa_supplicant configuration file via HUP signal"
+ start-stop-daemon --stop --signal HUP \
+ --name "$WPA_SUP_PNAME" --pidfile "$WPA_SUP_PIDFILE"
+ else
+ wpa_msg verbose "cannot $WPA_ACTION, $WPA_SUP_PIDFILE does not exist"
+ fi
+}
+
+#####################################################################
+## daemonize wpa_cli and action script
+# If environment variable WPA_ACTION_SCRIPT is present, wpa_cli will
+# be spawned via start-stop-daemon
+#
+# Required options:
+# -a action script => wpa_action
+# -P process ID file
+# -B background process
+#
+init_wpa_cli () {
+ [ -n "$WPA_ACTION_SCRIPT" ] || return 0
+
+ local WPA_CLI_OPTIONS
+ WPA_CLI_OPTIONS="-B -P $WPA_CLI_PIDFILE -i $WPA_IFACE"
+
+ wpa_msg verbose "$WPA_CLI_BIN $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT"
+
+ start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
+ --name $WPA_CLI_PNAME --startas $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE \
+ -- $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT
+
+ if [ "$?" -ne 0 ]; then
+ wpa_msg stderr "$WPA_CLI_BIN daemon failed to start"
+ return 1
+ fi
+
+ if [ -n "$WPA_CLI_OMIT_PIDFILE" ]; then
+ local WPA_PIDFILE_WAIT
+ local MAX_WPA_PIDFILE_WAIT
+ WPA_PIDFILE_WAIT="0"
+ MAX_WPA_PIDFILE_WAIT="5"
+ until [ -s "$WPA_CLI_PIDFILE" ]; do
+ if [ "$WPA_PIDFILE_WAIT" -ge "$MAX_WPA_PIDFILE_WAIT" ]; then
+ wpa_msg stderr "timed out waiting for creation of $WPA_CLI_PIDFILE"
+ return 1
+ else
+ wpa_msg verbose "waiting for \"$WPA_CLI_PIDFILE\": " \
+ "$WPA_PIDFILE_WAIT (max. $MAX_WPA_PIDFILE_WAIT)"
+ fi
+
+ WPA_PIDFILE_WAIT=$(($WPA_PIDFILE_WAIT + 1))
+ sleep 1
+ done
+ wpa_msg verbose "creating sendsigs omission pidfile: $WPA_CLI_OMIT_PIDFILE"
+ cat "$WPA_CLI_PIDFILE" > "$WPA_CLI_OMIT_PIDFILE"
+ else
+ wpa_msg verbose "sendsigs omission pidfile not created"
+ fi
+}
+
+#####################################################################
+## stop wpa_cli process
+# Kill wpa_cli via start-stop-daemon, given the location of the
+# pidfile
+#
+kill_wpa_cli () {
+ test_wpa_cli || return 0
+
+ wpa_msg verbose "terminating $WPA_CLI_PNAME daemon via pidfile $WPA_CLI_PIDFILE"
+
+ start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
+ --exec $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE
+
+ if [ -f "$WPA_CLI_PIDFILE" ]; then
+ rm -f "$WPA_CLI_PIDFILE"
+ fi
+
+ if [ -f "$WPA_CLI_OMIT_PIDFILE" ]; then
+ rm -f "$WPA_CLI_OMIT_PIDFILE"
+ fi
+
+ if [ -f "$WPA_CLI_TIMESTAMP" ]; then
+ rm -f "$WPA_CLI_TIMESTAMP"
+ fi
+
+ if [ -L "$WPA_CLI_IFUPDOWN" ]; then
+ rm -f "$WPA_CLI_IFUPDOWN"
+ fi
+}
+
+#####################################################################
+## higher level wpa_cli wrapper for variable and set_network commands
+# wpa_cli_do <value> <type> <variable> [set_network variable] <desc>
+#
+# $1 envorinment variable
+# $2 data type of variable {raw|ascii}
+# $3 wpa_cli variable, if $3 is set_network, shift and take
+# set_network subvariable
+# $4 wpa-* string as it would appear in interfaces file, enhances
+# verbose messages
+#
+wpa_cli_do () {
+ if [ -z "$1" ]; then
+ return 0
+ fi
+
+ local WPACLISET_VALUE
+ local WPACLISET_VARIABLE
+ local WPACLISET_DESC
+
+ case "$2" in
+ ascii)
+ # Double quote
+ WPACLISET_VALUE="\"$1\""
+ ;;
+ raw|*)
+ # Provide raw value
+ WPACLISET_VALUE="$1"
+ ;;
+ esac
+
+ case "$3" in
+ set_network)
+ if [ -z "$WPA_ID" ]; then
+ return 1
+ fi
+ shift
+ WPACLISET_VARIABLE="set_network $WPA_ID $3"
+ ;;
+ *)
+ WPACLISET_VARIABLE="$3"
+ ;;
+ esac
+
+ case "$4" in
+ *-psk|*-passphrase|*-passwd*|*-wep-key*)
+ WPACLISET_DESC="$4 *****"
+ ;;
+ *)
+ WPACLISET_DESC="$4 $WPACLISET_VALUE"
+ ;;
+ esac
+
+ wpa_msg action "$WPACLISET_DESC"
+
+ wpa_cli $WPACLISET_VARIABLE "$WPACLISET_VALUE" >$TO_NULL
+
+ if [ "$?" -ne 0 ]; then
+ wpa_msg stderr "$WPACLISET_DESC failed!"
+ fi
+}
+
+#####################################################################
+## check value data type in plaintext or hex
+# returns 0 if input consists of hexadecimal digits only, 1 otherwise
+#
+ishex () {
+ if [ -z "$1" ]; then
+ return 0
+ fi
+
+ case "$1" in
+ *[!0-9a-fA-F]*)
+ # plaintext
+ return 1
+ ;;
+ *)
+ # hexadecimal
+ return 0
+ ;;
+ esac
+}
+
+#####################################################################
+## sanity check and set psk|passphrase
+# Warn about strange psk|passphrase values
+#
+# $1 psk or passphrase value
+#
+# If psk is surrounded by quotes strip them.
+#
+# If psk contains all hexadecimal characters and string length is 64:
+# is 256bit hexadecimal
+# else:
+# is plaintext
+#
+# plaintext passphrases must be 8 - 63 characters in length
+# 256-bit hexadecimal key must be 64 characters in length
+#
+wpa_key_check_and_set () {
+ if [ "$#" -ne 3 ]; then
+ return 0
+ fi
+
+ local KEY
+ local KEY_LEN
+ local KEY_TYPE
+ local ENC_TYPE
+
+ case "$1" in
+ '"'*'"')
+ # Strip surrounding quotation marks
+ KEY=$(echo -n "$1" | sed 's/^"//;s/"$//')
+ ;;
+ *)
+ KEY="$1"
+ ;;
+ esac
+
+ KEY_LEN="${#KEY}"
+
+ case "$2" in
+ wep_key*)
+ ENC_TYPE="WEP"
+ ;;
+ psk)
+ ENC_TYPE="WPA"
+ ;;
+ *)
+ return 0
+ ;;
+ esac
+
+ if [ "$ENC_TYPE" = "WEP" ]; then
+ if ishex "$KEY"; then
+ case "$KEY_LEN" in
+ 10|26|32|58)
+ # 64/128/152/256-bit WEP
+ KEY_TYPE="raw"
+ ;;
+ *)
+ KEY_TYPE="ascii"
+ ;;
+ esac
+ else
+ KEY_TYPE="ascii"
+ fi
+
+ if [ "$KEY_TYPE" = "ascii" ]; then
+ if [ "$KEY_LEN" -lt "5" ]; then
+ wpa_msg stderr "WARNING: plaintext or ascii WEP key has $KEY_LEN characters,"
+ wpa_msg stderr "it must have at least 5 to be valid."
+ fi
+ fi
+ elif [ "$ENC_TYPE" = "WPA" ]; then
+ if ishex "$KEY"; then
+ case "$KEY_LEN" in
+ 64)
+ # 256-bit WPA
+ KEY_TYPE="raw"
+ ;;
+ *)
+ KEY_TYPE="ascii"
+ ;;
+ esac
+ else
+ KEY_TYPE="ascii"
+ fi
+
+ if [ "$KEY_TYPE" = "ascii" ]; then
+ if [ "$KEY_LEN" -lt "8" ] || [ "$KEY_LEN" -gt "63" ]; then
+ wpa_msg stderr "WARNING: plaintext or ascii WPA key has $KEY_LEN characters,"
+ wpa_msg stderr "it must have between 8 and 63 to be valid."
+ wpa_msg stderr "If the WPA key is a 256-bit hexadecimal key, it must have"
+ wpa_msg stderr "exactly 64 characters."
+ fi
+ fi
+ fi
+
+ wpa_cli_do "$KEY" "$KEY_TYPE" set_network "$2" "$3"
+}
+
+#####################################################################
+## formulate a usable configuration from interfaces(5) wpa- lines
+# A series of wpa_cli commands corresponding to environment variables
+# created as a result of wpa- lines in an interfaces stanza.
+#
+# NB: no-act when roaming daemon is used (to avoid prematurely
+# attaching to ctrl_interface socket)
+#
+conf_wpa_supplicant () {
+ if [ -n "$WPA_ACTION_SCRIPT" ]; then
+ return 0
+ fi
+
+ if [ "$IF_WPA_DRIVER" = "wired" ]; then
+ IF_WPA_AP_SCAN="0"
+ wpa_msg verbose "forcing ap_scan=0 (required for wired IEEE8021X auth)"
+ fi
+
+ if [ -n "$IF_WPA_ESSID" ]; then
+ # #403316, be similar to wireless tools
+ IF_WPA_SSID="$IF_WPA_ESSID"
+ fi
+
+ wpa_cli_do "$IF_WPA_AP_SCAN" raw \
+ ap_scan wpa-ap-scan
+
+ wpa_cli_do "$IF_WPA_PREAUTHENTICATE" raw \
+ preauthenticate wpa-preauthenticate
+
+ if [ -n "$IF_WPA_SSID" ] || [ "$IF_WPA_DRIVER" = "wired" ] || \
+ [ -n "$IF_WPA_KEY_MGMT" ]; then
+
+ case "$IF_WPA_SSID" in
+ '"'*'"')
+ IF_WPA_SSID=$(echo -n "$IF_WPA_SSID" | sed 's/^"//;s/"$//')
+ ;;
+ *)
+ ;;
+ esac
+
+ WPA_ID=$(wpa_cli add_network)
+
+ wpa_msg verbose "configuring network block -- $WPA_ID"
+
+ wpa_cli_do "$IF_WPA_SSID" ascii \
+ set_network ssid wpa-ssid
+
+ wpa_cli_do "$IF_WPA_PRIORITY" raw \
+ set_network priority wpa-priority
+
+ wpa_cli_do "$IF_WPA_BSSID" raw \
+ set_network bssid wpa-bssid
+
+ if [ -s "$IF_WPA_PSK_FILE" ]; then
+ IF_WPA_PSK=$(cat "$IF_WPA_PSK_FILE")
+ fi
+
+ # remain compat with wpa-passphrase-file
+ if [ -s "$IF_WPA_PASSPHRASE_FILE" ]; then
+ IF_WPA_PSK=$(cat "$IF_WPA_PASSPHRASE_FILE")
+ fi
+
+ # remain compat with wpa-passphrase
+ if [ -n "$IF_WPA_PASSPHRASE" ]; then
+ IF_WPA_PSK="$IF_WPA_PASSPHRASE"
+ fi
+
+ if [ -n "$IF_WPA_PSK" ]; then
+ wpa_key_check_and_set "$IF_WPA_PSK" \
+ psk wpa-psk
+ fi
+
+ wpa_cli_do "$IF_WPA_PAIRWISE" raw \
+ set_network pairwise wpa-pairwise
+
+ wpa_cli_do "$IF_WPA_GROUP" raw \
+ set_network group wpa-group
+
+ wpa_cli_do "$IF_WPA_MODE" raw \
+ set_network mode wpa-mode
+
+ wpa_cli_do "$IF_WPA_FREQUENCY" raw \
+ set_network frequency wpa-frequency
+
+ wpa_cli_do "$IF_WPA_KEY_MGMT" raw \
+ set_network key_mgmt wpa-key-mgmt
+
+ wpa_cli_do "$IF_WPA_PROTO" raw \
+ set_network proto wpa-proto
+
+ wpa_cli_do "$IF_WPA_AUTH_ALG" raw \
+ set_network auth_alg wpa-auth-alg
+
+ wpa_cli_do "$IF_WPA_SCAN_SSID" raw \
+ set_network scan_ssid wpa-scan-ssid
+
+ wpa_cli_do "$IF_WPA_IDENTITY" ascii \
+ set_network identity wpa-identity
+
+ wpa_cli_do "$IF_WPA_ANONYMOUS_IDENTITY" ascii \
+ set_network anonymous_identity wpa-anonymous-identity
+
+ wpa_cli_do "$IF_WPA_EAP" raw \
+ set_network eap wpa-eap
+
+ wpa_cli_do "$IF_WPA_EAPPSK" raw \
+ set_network eappsk wpa-eappsk
+
+ wpa_cli_do "$IF_WPA_NAI" ascii \
+ set_network nai wpa-nai
+
+ wpa_cli_do "$IF_WPA_PASSWORD" ascii \
+ set_network password wpa-password
+
+ wpa_cli_do "$IF_WPA_CA_CERT" ascii \
+ set_network ca_cert wpa-ca-cert
+
+ wpa_cli_do "$IF_WPA_CA_PATH" ascii \
+ set_network ca_path wpa-ca-path
+
+ wpa_cli_do "$IF_WPA_CLIENT_CERT" ascii \
+ set_network client_cert wpa-client-cert
+
+ wpa_cli_do "$IF_WPA_PRIVATE_KEY" ascii \
+ set_network private_key wpa-private-key
+
+ wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD" ascii \
+ set_network private_key_passwd wpa-private-key-passwd
+
+ wpa_cli_do "$IF_WPA_DH_FILE" ascii \
+ set_network dh_file wpa-dh-file
+
+ wpa_cli_do "$IF_WPA_SUBJECT_MATCH" ascii \
+ set_network subject_match wpa-subject-match
+
+ wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH" ascii \
+ set_network altsubject_match wpa-altsubject-match
+
+ wpa_cli_do "$IF_WPA_CA_CERT2" ascii \
+ set_network ca_cert2 wpa-ca-cert2
+
+ wpa_cli_do "$IF_WPA_CA_PATH2" ascii \
+ set_network ca_path2 wpa-ca-path2
+
+ wpa_cli_do "$IF_WPA_CLIENT_CERT2" ascii \
+ set_network client_cert2 wpa-client-cert2
+
+ wpa_cli_do "$IF_WPA_PRIVATE_KEY2" ascii \
+ set_network private_key2 wpa-private-key2
+
+ wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD2" ascii \
+ set_network private_key_passwd2 wpa-private-key-passwd2
+
+ wpa_cli_do "$IF_WPA_DH_FILE2" ascii \
+ set_network dh_file2 wpa-dh-file2
+
+ wpa_cli_do "$IF_WPA_SUBJECT_MATCH2" ascii \
+ set_network subject_match2 wpa-subject-match2
+
+ wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH2" ascii \
+ set_network altsubject_match2 wpa-altsubject-match2
+
+ wpa_cli_do "$IF_WPA_EAP_METHODS" raw \
+ set_network eap_methods wpa-eap-methods
+
+ wpa_cli_do "$IF_WPA_PHASE1" ascii \
+ set_network phase1 wpa-phase1
+
+ wpa_cli_do "$IF_WPA_PHASE2" ascii \
+ set_network phase2 wpa-phase2
+
+ wpa_cli_do "$IF_WPA_PCSC" raw \
+ set_network pcsc wpa-pcsc
+
+ wpa_cli_do "$IF_WPA_PIN" ascii \
+ set_network pin wpa-pin
+
+ wpa_cli_do "$IF_WPA_ENGINE" raw \
+ set_network engine wpa-engine
+
+ wpa_cli_do "$IF_WPA_ENGINE_ID" ascii \
+ set_network engine_id wpa-engine-id
+
+ wpa_cli_do "$IF_WPA_KEY_ID" ascii \
+ set_network key_id wpa-key-id
+
+ wpa_cli_do "$IF_WPA_EAPOL_FLAGS" raw \
+ set_network eapol_flags wpa-eapol-flags
+
+ if [ -n "$IF_WPA_WEP_KEY0" ]; then
+ wpa_key_check_and_set "$IF_WPA_WEP_KEY0" \
+ wep_key0 wpa-wep-key0
+ fi
+
+ if [ -n "$IF_WPA_WEP_KEY1" ]; then
+ wpa_key_check_and_set "$IF_WPA_WEP_KEY1" \
+ wep_key1 wpa-wep-key1
+ fi
+
+ if [ -n "$IF_WPA_WEP_KEY2" ]; then
+ wpa_key_check_and_set "$IF_WPA_WEP_KEY2" \
+ wep_key2 wpa-wep-key2
+ fi
+
+ if [ -n "$IF_WPA_WEP_KEY3" ]; then
+ wpa_key_check_and_set "$IF_WPA_WEP_KEY3" \
+ wep_key3 wpa-wep-key3
+ fi
+
+ wpa_cli_do "$IF_WPA_WEP_TX_KEYIDX" raw \
+ set_network wep_tx_keyidx wpa-wep-tx-keyidx
+
+ wpa_cli_do "$IF_WPA_PROACTIVE_KEY_CACHING" raw \
+ set_network proactive_key_caching wpa-proactive-key-caching
+
+ wpa_cli_do "$IF_WPA_PAC_FILE" ascii \
+ set_network pac_file wpa-pac-file
+
+ wpa_cli_do "$IF_WPA_MODE" raw \
+ set_network mode wpa-mode
+
+ wpa_cli_do "$IF_WPA_PEERKEY" raw \
+ set_network peerkey wpa-peerkey
+
+ wpa_cli_do "$IF_FRAGMENT_SIZE" raw \
+ set_network fragment_size wpa-fragment-size
+
+ wpa_cli_do "$IF_WPA_ID_STR" ascii \
+ set_network id_str wpa-id-str
+
+ wpa_cli_do "$WPA_ID" raw \
+ enable_network "enabling network block"
+ fi
+}
+
+#####################################################################
+## wpa_action basic logging
+# Log actions to file
+#
+wpa_log_init () {
+ exec >> "$WPA_CLI_LOGFILE" 2>&1
+}
+
+# log timestamp and wpa_action arguments
+wpa_log_action () {
+ local DATE
+
+ DATE=$(date +"%H:%M:%S %Y-%m-%d")
+ echo "########## $DATE ##########"
+ echo "IFACE=$WPA_IFACE ACTION=$WPA_ACTION"
+}
+
+# log wpa_cli environment variables
+wpa_log_environment () {
+ echo "WPA_ID=$WPA_ID WPA_ID_STR=$WPA_ID_STR"
+ echo "WPA_CTRL_DIR=$WPA_CTRL_DIR"
+}
+
+#####################################################################
+## hysteresis checking
+# Networking tools such as dhcp clients used with ifupdown can
+# synthesize artificial ACTION events, particuarly just after a
+# DISCONNECTED/CONNECTED events are experienced in quick succession.
+# This can lead to infinite event loops, and in extreme cases has the
+# potential to cause system instability.
+#
+wpa_hysteresis_event () {
+ local TIME
+
+ TIME=$(date +%s)
+ echo "$TIME" > "$WPA_CLI_TIMESTAMP"
+}
+
+wpa_hysteresis_check () {
+ if [ -f "$WPA_CLI_TIMESTAMP" ]; then
+ local TIME
+ local TIMESTAMP
+ local TIMEWAIT
+ TIME=$(date +%s)
+ # current time minus 4 second event buffer
+ TIMEWAIT=$(($TIME-4))
+ # get time of last event
+ TIMESTAMP=$(cat $WPA_CLI_TIMESTAMP)
+ # compare values, allowing new action to be processed
+ # only if last action was more than 4 seconds ago
+ if [ "$TIMEWAIT" -le "$TIMESTAMP" ]; then
+ echo "Ignoring $WPA_ACTION event, too soon after previous event"
+ return 1
+ fi
+ fi
+
+ return 0
+}
+
+#####################################################################
+## identify ifupdown files
+# Identify ifupdown core files, so that state of the interface can be
+# checked. This is the weakest part of the wpa_action roaming scheme,
+# it would be _much_ better if stateless ifupdown capabilities were
+# a reality.
+#
+ifupdown_check () {
+ if [ -e /etc/network/interfaces ]; then
+ INTERFACES_FILE="/etc/network/interfaces"
+ else
+ echo "Cannot locate ifupdown's \"interfaces\" file, $WPA_IFACE will not be configured"
+ return 1
+ fi
+
+ if [ -e /etc/network/run/ifstate ]; then
+ # debian's ifupdown
+ IFSTATE_FILE="/etc/network/run/ifstate"
+ elif [ -e /var/run/network/ifstate ]; then
+ # ubuntu's
+ IFSTATE_FILE="/var/run/network/ifstate"
+ else
+ echo "Cannot locate ifupdown's \"ifstate\" file, $WPA_IFACE will not be configured"
+ return 1
+ fi
+
+ return 0
+}
+
+ifupdown_status () {
+ if grep -s -q "^${WPA_IFACE}=${WPA_LOGICAL_IFACE}" "$IFSTATE_FILE"; then
+ return 0
+ fi
+
+ echo "Interface \"$WPA_IFACE\" failed to establish a connection."
+ echo "Attempting reassociation..."
+ return 1
+}
+
+ifupdown_lock () {
+ ln -s lock "$WPA_CLI_IFUPDOWN"
+}
+
+ifupdown_locked () {
+ [ -L "$WPA_CLI_IFUPDOWN" ] && return 0
+
+ return 1
+}
+
+ifupdown_unlock () {
+ rm -f "$WPA_CLI_IFUPDOWN"
+}
+
+#####################################################################
+## apply mapping logic and ifup logical interface
+# Apply mapping logic via id_str or external mapping script, check
+# state of IFACE with respect to ifupdown and ifup logical interaface
+#
+ifup () {
+ local WPA_LOGICAL_IFACE
+
+ if [ -z "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -n "$WPA_ID_STR" ]; then
+ WPA_LOGICAL_IFACE="$WPA_ID_STR"
+ echo "Mapping logical interface via id_str: $WPA_LOGICAL_IFACE"
+ fi
+
+ if [ -z "$WPA_LOGICAL_IFACE" ] && [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then
+ echo "Mapping logical interface via wpa-mapping-script: $IF_WPA_MAPPING_SCRIPT"
+
+ local WPA_MAP_STDIN
+
+ WPA_MAP_STDIN=$(set | sed -n 's/^\(IF_WPA_MAP[0-9]*\)=.*/echo \$\1/p')
+
+ if [ -n "$WPA_MAP_STDIN" ]; then
+ WPA_LOGICAL_IFACE=$(eval "$WPA_MAP_STDIN" | "$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
+ else
+ WPA_LOGICAL_IFACE=$("$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
+ fi
+
+ if [ -n "$WPA_LOGICAL_IFACE" ]; then
+ echo "Mapping script result: $WPA_LOGICAL_IFACE"
+ else
+ echo "Mapping script failed."
+ fi
+ fi
+
+ if [ -z "$WPA_LOGICAL_IFACE" ]; then
+ if [ -n "$IF_WPA_ROAM_DEFAULT_IFACE" ]; then
+ WPA_LOGICAL_IFACE="$IF_WPA_ROAM_DEFAULT_IFACE"
+ echo "Using wpa-roam-default-iface: $WPA_LOGICAL_IFACE"
+ else
+ WPA_LOGICAL_IFACE="default"
+ echo "Using fallback logical interface: $WPA_LOGICAL_IFACE"
+ fi
+ fi
+
+ if [ -n "$WPA_LOGICAL_IFACE" ]; then
+ if egrep -q "^iface[[:space:]]+${WPA_LOGICAL_IFACE}[[:space:]]+inet" "$INTERFACES_FILE"; then
+ : # logical network is defined
+ else
+ echo "No network defined for \"$WPA_LOGICAL_IFACE\" in \"$INTERFACES_FILE\""
+ echo "Trying to configure the \"default\" network instead ..."
+ WPA_LOGICAL_IFACE="default"
+ fi
+
+ echo "ifup $WPA_IFACE=$WPA_LOGICAL_IFACE"
+
+ ifupdown_lock
+
+ if grep -q "^$WPA_IFACE=$WPA_IFACE" "$IFSTATE_FILE"; then
+ # Force settings over the unconfigured "master" IFACE
+ /sbin/ifup -v --force "$WPA_IFACE=$WPA_LOGICAL_IFACE"
+ else
+ /sbin/ifup -v "$WPA_IFACE=$WPA_LOGICAL_IFACE"
+ fi
+
+ ifupdown_unlock
+ else
+ echo "No suitable logical interface mapping for ifupdown to configure"
+ fi
+}
+
+#####################################################################
+## ifdown IFACE
+# Check IFACE state and ifdown as requested.
+#
+ifdown () {
+ if grep -q "^$WPA_IFACE" "$IFSTATE_FILE"; then
+ ifupdown_lock
+
+ echo "ifdown $WPA_IFACE"
+ /sbin/ifdown -v "$WPA_IFACE"
+
+ ifupdown_unlock
+ else
+ echo "Ignoring request to take \"$WPA_IFACE\" down, it is not up"
+ fi
+}
+
+#####################################################################
+## keep IFACE scanning
+# After ifdown, the IFACE may be left "down", and inhibits
+# wpa_supplicant's ability to continue roaming.
+#
+# NB: use iproute if present, flushing the IFACE first
+#
+if_post_down_up () {
+ if type ip >/dev/null; then
+ ip addr flush dev "$WPA_IFACE" 2>/dev/null
+ ip link set "$WPA_IFACE" up
+ else
+ ifconfig "$WPA_IFACE" up
+ fi
+}
--- /dev/null
+#!/bin/sh
+
+#####################################################################
+## Purpose
+# This file is executed by ifupdown in pre-up, post-up, pre-down and
+# post-down phases of network interface configuration. It allows
+# ifup(8), and ifdown(8) to manage wpa_supplicant(8) and wpa_cli(8)
+# processes running in daemon mode.
+#
+# /etc/wpa_supplicant/functions.sh is sourced by this file.
+#
+# This file is provided by the wpasupplicant package.
+
+#####################################################################
+# Copyright (C) 2006 - 2008 Debian/Ubuntu wpasupplicant Maintainers
+# <pkg-wpa-devel@lists.alioth.debian.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# On Debian GNU/Linux systems, the text of the GPL license can be
+# found in /usr/share/common-licenses/GPL.
+
+if [ -n "$IF_WPA_MAINT_DEBUG" ]; then
+ set -x
+fi
+
+# quit if we're called for the loopback
+if [ "$IFACE" = lo ]; then
+ exit 0
+fi
+
+# allow wpa_supplicant interface to be specified via wpa-iface
+# useful for starting wpa_supplicant on one interface of a bridge
+if [ -n "$IF_WPA_IFACE" ]; then
+ WPA_IFACE="$IF_WPA_IFACE"
+else
+ WPA_IFACE="$IFACE"
+fi
+
+# source functions
+if [ -f /etc/wpa_supplicant/functions.sh ]; then
+ . /etc/wpa_supplicant/functions.sh
+else
+ exit 0
+fi
+
+# quit if executables are not installed
+if [ ! -x "$WPA_SUP_BIN" ] || [ ! -x "$WPA_CLI_BIN" ]; then
+ exit 0
+fi
+
+do_start () {
+ if test_wpa_cli; then
+ # if wpa_action is active for this IFACE, do nothing
+ ifupdown_locked && exit 0
+
+ # if the administrator is calling ifup, say something useful
+ if [ "$PHASE" = "pre-up" ]; then
+ wpa_msg stderr "wpa_action is managing ifup/ifdown state of $WPA_IFACE"
+ wpa_msg stderr "execute \`ifdown --force $WPA_IFACE' to stop wpa_action"
+ fi
+ exit 1
+ elif ! set | grep -q "^IF_WPA"; then
+ # no wpa- option defined for IFACE, do nothing
+ exit 0
+ fi
+
+ # ensure stale ifupdown_lock marker is purged
+ ifupdown_unlock
+
+ # preliminary sanity checks for roaming daemon
+ if [ -n "$IF_WPA_ROAM" ]; then
+ if [ "$METHOD" != "manual" ]; then
+ wpa_msg stderr "wpa-roam can only be used with the \"manual\" inet METHOD"
+ exit 1
+ fi
+ if [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then
+ if ! type "$IF_WPA_MAPPING_SCRIPT" >/dev/null; then
+ wpa_msg stderr "wpa-mapping-script \"$IF_WPA_MAPPING_SCRIPT\" is not valid"
+ exit 1
+ fi
+ fi
+ if [ -n "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -z "$IF_WPA_MAPPING_SCRIPT" ]; then
+ wpa_msg stderr "\"wpa-mapping-script-priority 1\" is invalid without a wpa-mapping-script"
+ exit 1
+ fi
+ IF_WPA_CONF="$IF_WPA_ROAM"
+ WPA_ACTION_SCRIPT="/sbin/wpa_action"
+ fi
+
+ # master function; determines if ifupdown.sh should do something or not
+ if [ -n "$IF_WPA_CONF" ] && [ "$IF_WPA_CONF" != "managed" ]; then
+ if [ ! -s "$IF_WPA_CONF" ]; then
+ wpa_msg stderr "cannot read contents of $IF_WPA_CONF"
+ exit 1
+ fi
+ WPA_SUP_CONF_CTRL_DIR=$(sed -n -e 's/[[:space:]]*#.*//g' -e 's/[[:space:]]\+.*$//g' \
+ -e 's/^ctrl_interface=\(DIR=\)\?\(.*\)/\2/p' "$IF_WPA_CONF")
+ if [ -n "$WPA_SUP_CONF_CTRL_DIR" ]; then
+ WPA_CTRL_DIR="$WPA_SUP_CONF_CTRL_DIR"
+ WPA_SUP_CONF="-c $IF_WPA_CONF"
+ else
+ # specify the default ctrl_interface since none was defined in
+ # the given IF_WPA_CONF
+ WPA_SUP_CONF="-c $IF_WPA_CONF -C $WPA_CTRL_DIR"
+ fi
+ else
+ # specify the default ctrl_interface
+ WPA_SUP_CONF="-C $WPA_CTRL_DIR"
+ fi
+}
+
+do_stop () {
+ if test_wpa_cli; then
+ # if wpa_action is active for this IFACE and calling ifdown,
+ # do nothing
+ ifupdown_locked && exit 0
+ elif test_wpa_supplicant; then
+ # wpa_supplicant process exists for this IFACE, but wpa_cli
+ # process does not. Allow stop mode to kill this process.
+ :
+ else
+ exit 0
+ fi
+}
+
+case "$MODE" in
+ start)
+ do_start
+ case "$PHASE" in
+ pre-up)
+ kill_wpa_supplicant
+ init_wpa_supplicant || exit 1
+ conf_wpa_supplicant || { kill_wpa_supplicant; exit 1; }
+ ;;
+ post-up)
+ init_wpa_cli || { kill_wpa_supplicant; exit 1; }
+ ;;
+ esac
+ ;;
+
+ stop)
+ do_stop
+ case "$PHASE" in
+ pre-down)
+ kill_wpa_cli
+ ;;
+ post-down)
+ kill_wpa_supplicant
+ ;;
+ *)
+ wpa_msg stderr "unknown phase: \"$PHASE\""
+ exit 1
+ ;;
+ esac
+ ;;
+
+ *)
+ wpa_msg stderr "unknown mode: \"$MODE\""
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+.TH WPA_ACTION "8" "26 May 2006" "" ""
+.SH NAME
+wpa_action \- wpa_cli action script
+.SH SYNOPSIS
+\fBwpa_action\fR \fIIFACE ACTION\fR
+.SH "DESCRIPTION"
+\fBwpa_action\fR is a shell script designed to control the \fBifupdown\fR
+framework according to \fIACTION\fR events received from \fBwpa_supplicant\fR.
+\fBwpa_cli\fR receives \fICONNECTED\fR and \fIDISCONNECTED\fR events from
+\fBwpa_supplicant\fR via the crtl_iface socket and gives the \fIACTION\fR event
+to the \fBwpa_action\fR script as an argument, along with the \fIIFACE\fR to be
+acted upon.
+.PP
+\fBwpa_action\fR also receives an environment variable from \fBwpa_cli\fR,
+\fIWPA_ID_STR\fR, containing an alphanumeric identification string for the
+\fICURRENT\fR network block. \fIWPA_ID_STR\fR is provided by the 'id_str'
+network block option of \fBwpa_supplicant.conf\fR, and provides a means to map
+the \fIACTION\fR to a \fILOGICAL\fR interface configured in the \fBinterfaces\fR
+file.
+.PP
+If either the ifupdown \fBinterfaces\fR or \fIifstate\fR file cannot be found,
+\fBwpa_action\fR will exit silently (status 0). \fBwpa_action\fR will search
+the following locations for their existance:
+.nf
+ /etc/network/run/ifstate
+ /var/run/network/ifstate
+ /etc/network/interfaces
+.fi
+.PP
+.SH IFACE
+Network interface to be acted upon, for example 'eth1' or 'wlan0'.
+.SH ACTION
+An \fIACTION\fR to be performed on the \fIIFACE\fR.
+.TP
+\fBCONNECTED\fR
+\fBwpa_supplicant\fR has completed authentication.
+\fBifup\fR \fIIFACE=WPA_ID_STR\fR is invoked and the action is logged to
+\fI/var/log/wpa_action.IFACE.log\fR. Network settings for the \fILOGICAL\fR
+interface \fIWPA_ID_STR\fR are applied.
+.TP
+\fBDISCONNECTED\fR
+\fBwpa_supplicant\fR has detected disconnection.
+\fBifdown\fR \fIIFACE=WPA_ID_STR\fR is invoked and the action is logged to
+\fI/var/log/wpa_action.log\fR. Network settings for the \fILOGICAL\fR
+interface \fIWPA_ID_STR\fR are undone.
+.TP
+\fBstop\fR
+The 'stop' \fIACTION\fR is a called manually by the user, to stop the
+\fBwpa_cli\fR daemon, invoke \fBifdown\fR \fIIFACE\fR (if the \fIIFACE\fR is
+present in the \fIifstate\fR file) and stop the \fBwpa_supplicant\fR daemon.
+The action is logged to \fI/var/log/wpa_action.log\fR. 'down' is a
+synonym for 'stop' and can be used equally.
+.TP
+\fBreload\fR
+The 'reload' \fIACTION\fR can be used to reload the \fBwpa_supplicant\fR
+configuration file specified by \fIwpa-roam\fR . 'restart' is a synonym
+for 'reload' and can be used equally. The action is logged to
+\fI/var/log/wpa_action.log\fR.
+.SH ENVIRONMENT
+An alphanumeric identification string provided by the 'id_str' network block
+option of \fBwpa_supplicant.conf\fR is exported to \fBwpa_action\fR as an
+environment variable, \fIWPA_ID_STR\fR. When 'id_str' is not configured for the
+\fICURRENT\fR network block, 'default' is substituted for the absent
+\fIWPA_ID_STR\fR environment variable.
+.PP
+A unique network identifier, \fIWPA_ID\fR, is exported to \fBwpa_action\fR. It
+is the number assigned to the \fICURRENT\fR \fBwpa_supplicant\fR network block
+(network_id).
+.SH USAGE
+The only reasons for \fBwpa_action\fR to be explicitly executed by the user is
+to stop \fBwpa_cli\fR from controlling \fBifupdown\fR or reload the
+\fIwpa_supplicant.conf\fR file after editing.
+.PP
+.RS
+\fBwpa_action\fR \fIeth1 stop\fR
+.RE
+.PP
+Otherwise, \fBwpa_action\fR is given as an argument to a \fBwpa_cli\fR
+daemon.
+.PP
+.RS
+\fBwpa_cli\fR \fI-i eth1 -a /sbin/wpa_action -B\fR
+.RE
+.PP
+This can be done by using the \fIwpa-roam\fR option in the \fBinterfaces\fR
+file. \fIwpa-roam\fR takes one argument, a user provided
+\fBwpa_supplicant.conf\fR file.
+.PP
+The inet \fIMETHOD\fR must be 'manual' for this interface, as it will
+be configured according to \fBwpa_cli\fR action events. Also supply a 'default'
+\fBinterfaces\fR stanza using the dhcp inet \fIMETHOD\fR so that networks
+without an 'id_str' option can fallback to attempting to receive an ip via
+dhcp. If one or more networks requires additional network configuration,
+provide an unique 'id_str' for each network, and an \fBinterfaces\fR stanza
+using the 'id_str' value as a \fILOGICAL\fR interface. The following interfaces
+file is configured to use dhcp for any network without an 'id_str', a static ip
+for the network with an 'id_str' of 'home_static' and dhcp plus an additional
+post-up command for the network with an 'id_str' of 'uni'.
+.PP
+An example wpa_supplicant.conf configured to roam between 3 different networks:
+.PP
+.RS
+.nf
+network={
+ ssid="foo"
+ id_str="uni"
+ key_mgmt=NONE
+}
+
+network={
+ ssid="bar"
+ id_str="home_static"
+ psk=123456789...
+}
+
+network={
+ ssid=""
+ key_mgmt=NONE
+}
+.fi
+.RE
+.PP
+The corresponding \fBinterfaces\fR file would contain \fILOGICAL\fR interfaces,
+that correlate to each unique 'id_str' provided by the configuration file:
+.PP
+.RS
+.nf
+iface eth1 inet manual
+ wpa-driver wext
+ wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
+
+iface default inet dhcp
+
+iface uni inet dhcp
+
+iface home_static inet static
+ address 192.168.0.20
+ netmask 255.255.255.0
+ network 192.168.0.0
+ broadcast 192.168.0.255
+ gateway 192.168.0.1
+.fi
+.RE
+.PP
+.SH SEE ALSO
+\fBwpa_cli(8)\fR, \fBwpa_supplicant(8)\fR, \fBwpa_supplicant.conf(5)\fR,
+\fBifup(8)\fR, \fBinterfaces(5)\fR
+.SH AUTHOR
+This manual page was written by Kel Modderman <kel@otaku42.de> for
+the Debian GNU system (but may be used by others).
--- /dev/null
+#!/bin/sh
+
+# Copyright (C) 2006 - 2008 Debian/Ubuntu wpasupplicant Maintainers
+# <pkg-wpa-devel@lists.alioth.debian.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# On Debian GNU/Linux systems, the text of the GPL license can be
+# found in /usr/share/common-licenses/GPL.
+
+if [ -n "$IF_WPA_ROAM_MAINT_DEBUG" ]; then
+ set -x
+fi
+
+if [ -z "$1" ] || [ -z "$2" ]; then
+ echo "Usage: $0 IFACE ACTION"
+ exit 1
+fi
+
+# network interface
+WPA_IFACE="$1"
+# [CONNECTED|DISCONNECTED|stop|reload|check]
+WPA_ACTION="$2"
+
+if [ -f /etc/wpa_supplicant/functions.sh ]; then
+ . /etc/wpa_supplicant/functions.sh
+else
+ exit 0
+fi
+
+case "$WPA_ACTION" in
+ "CONNECTED")
+ wpa_log_init
+ wpa_hysteresis_check || exit 1
+ wpa_log_action
+ wpa_log_environment
+ ifupdown_check || exit 1
+ wpa_hysteresis_event
+ ifup
+ wpa_cli status
+ ifupdown_status || wpa_cli reassociate
+ ;;
+
+ "DISCONNECTED")
+ wpa_log_init
+ wpa_hysteresis_check || exit 1
+ wpa_log_action
+ wpa_log_environment
+ ifupdown_check || exit 1
+ ifdown
+ if_post_down_up
+ ;;
+
+ "stop"|"down")
+ test_wpa_cli && kill_wpa_cli
+ ifupdown_check || exit 1
+ ifdown
+ test_wpa_supplicant && kill_wpa_supplicant
+ wpa_log_init
+ wpa_log_action
+ ;;
+
+ "restart"|"reload")
+ test_wpa_supplicant || exit 1
+ reload_wpa_supplicant
+ wpa_log_init
+ wpa_log_action
+ ;;
+
+ "check")
+ test_wpa_supplicant || exit 1
+ test_wpa_cli || exit 1
+ ;;
+
+ *)
+ echo "Unknown action: \"$WPA_ACTION\""
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+From: Reinhard Tartler <siretart@tauware.de>
+References: none
+Description: Use pkg-config for libpcsclite linkage flags
+ At least in debian, we can rely on pkg-config being available and
+ returning more accurate ldflags.
+
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -579,7 +579,7 @@ ifdef CONFIG_NATIVE_WINDOWS
+ #dynamic symbol loading that is now used in pcsc_funcs.c
+ #LIBS += -lwinscard
+ else
+-LIBS += -lpcsclite -lpthread
++LIBS += $(shell pkg-config --libs libpcsclite)
+ endif
+ endif
+
--- /dev/null
+From: Michael Biebl <biebl@debian.org>
+Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;bug=412179
+Description: Debian does not use pam_console but uses group membership
+ to control access to D-Bus. Activating both options in the conf file
+ makes it work on Debian and Ubuntu.
+
+--- a/wpa_supplicant/dbus-wpa_supplicant.conf
++++ b/wpa_supplicant/dbus-wpa_supplicant.conf
+@@ -8,6 +8,10 @@
+ <allow send_destination="fi.epitest.hostap.WPASupplicant"/>
+ <allow send_interface="fi.epitest.hostap.WPASupplicant"/>
+ </policy>
++ <policy group="netdev">
++ <allow send_destination="fi.epitest.hostap.WPASupplicant"/>
++ <allow send_interface="fi.epitest.hostap.WPASupplicant"/>
++ </policy>
+ <policy context="default">
+ <deny own="fi.epitest.hostap.WPASupplicant"/>
+ <deny send_destination="fi.epitest.hostap.WPASupplicant"/>
--- /dev/null
+From: Kel Modderman <kel@otaku42.de>
+Reference: none
+Description: Make diagnostics of wpa_supplicant as dbus service easier
+ When the supplicant is running as dbus service, make it write to
+ the /var/log/wpa_supplicant.log file.
+
+--- a/wpa_supplicant/dbus-wpa_supplicant.service
++++ b/wpa_supplicant/dbus-wpa_supplicant.service
+@@ -1,4 +1,4 @@
+ [D-BUS Service]
+ Name=fi.epitest.hostap.WPASupplicant
+-Exec=/sbin/wpa_supplicant -u
++Exec=/sbin/wpa_supplicant -u -f /var/log/wpa_supplicant.log
+ User=root
--- /dev/null
+From: Kel Modderman <kel@otaku42.de>
+Reference: http://thread.gmane.org/gmane.linux.drivers.hostap/17265
+Description: Cleanup in the build system.
+ Upstream makes overriding the CFLAGs variable unnecessary hard. This
+ patch make this more straightforward by moving the flag for dependency
+ generation out of the initial definition of the CFLAGS variable. It is
+ appended later then.
+
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -3,9 +3,10 @@ CC=gcc
+ endif
+
+ ifndef CFLAGS
+-CFLAGS = -MMD -O2 -Wall -g
++CFLAGS = -O2 -Wall -g
+ endif
+
++CFLAGS += -MMD
+ CFLAGS += -I../src
+ CFLAGS += -I../src/crypto
+ CFLAGS += -I../src/utils
--- /dev/null
+From: Kel Modderman <kel@otaku42.de>
+Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463547
+Description: fix FTBFS if both qt3 and qt4 are installed
+ invoke versioned qmake binary when preparing the Makefile for
+ wpa_gui/wpa_gui-qt4 or else a failure to build from source can be possible
+ when more than one QT version is installed.
+
+--- a/wpa_supplicant/Makefile
++++ b/wpa_supplicant/Makefile
+@@ -1107,13 +1107,13 @@ windows-bin: $(WINALL)
+ $(STRIP) $(WINALL)
+
+ wpa_gui/Makefile:
+- qmake -o wpa_gui/Makefile wpa_gui/wpa_gui.pro
++ qmake-qt3 -o wpa_gui/Makefile wpa_gui/wpa_gui.pro
+
+ wpa_gui: wpa_gui/Makefile
+ $(MAKE) -C wpa_gui
+
+ wpa_gui-qt4/Makefile:
+- qmake -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro
++ qmake-qt4 -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro
+
+ wpa_gui-qt4: wpa_gui-qt4/Makefile
+ $(MAKE) -C wpa_gui-qt4
--- /dev/null
+Debian specific patch to desktop meny entry, so that we may exec wpa_gui
+with best estimated privilege level via /usr/share/netdev_wrapper.
+---
+--- a/wpa_supplicant/wpa_gui-qt4/wpa_gui.desktop
++++ b/wpa_supplicant/wpa_gui-qt4/wpa_gui.desktop
+@@ -2,7 +2,7 @@
+ Version=1.0
+ Name=wpa_gui
+ Comment=Graphical user interface for wpa_supplicant
+-Exec=wpa_gui
++Exec=/usr/share/wpagui/netdev_wrapper
+ Icon=wpa_gui
+ GenericName=wpa_supplicant user interface
+ Terminal=false
--- /dev/null
+01_use_pkg-config_for_pcsc-lite_module.patch
+02_dbus_group_policy.patch
+03_dbus_service_activation_logfile.patch
+04_append_mmd_to_default_cflags.patch
+05_qmake_version_makefile.patch
+06_wpa_gui_menu_exec_path.patch
--- /dev/null
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+#include /usr/share/quilt/quilt.make
+
+WPAGUI = wpa_gui-qt4
+
+CFLAGS = -Wall -g
+LDFLAGS = -Wl,--as-needed
+
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+ CFLAGS += -O0
+else
+ CFLAGS += -O2
+endif
+
+DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
+
+ifeq ($(DEB_HOST_ARCH_OS),kfreebsd)
+ CONFIG := debian/config/kfreebsd
+else
+ CONFIG := debian/config/linux
+endif
+
+
+build: build-stamp
+build-stamp:
+ dh_testdir
+
+ # wpa_supplicant
+ cp -v $(CONFIG) wpa_supplicant/.config
+ CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" $(MAKE) -C wpa_supplicant all
+
+ # wpa_gui
+ $(MAKE) -C wpa_supplicant
+
+ # manpages
+ #$(MAKE) -C wpa_supplicant/doc/docbook man
+
+ touch $@
+
+clean:
+ dh_testdir
+
+ $(MAKE) -C wpa_supplicant clean
+
+ if [ -f wpa_supplicant/$(WPAGUI)/Makefile ]; then \
+ $(MAKE) -C wpa_supplicant/$(WPAGUI) distclean ; \
+ fi
+
+ #$(MAKE) -C wpa_supplicant/doc/docbook clean
+
+ dh_clean wpa_supplicant/.config build-stamp install-stamp
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+ dh_install
+
+ # wpa_gui
+ #dh_install --package=wpagui wpa_supplicant/$(WPAGUI)/wpa_gui usr/sbin/
+ #dh_install --package=wpagui wpa_supplicant/$(WPAGUI)/wpa_gui.desktop \
+ # usr/share/applications/
+ #dh_install --package=wpagui wpa_supplicant/$(WPAGUI)/icons/wpa_gui.svg \
+ # usr/share/icons/hicolor/scalable/apps/
+ #dh_desktop --package=wpagui
+ # wpa_gui pixmaps were created with:
+ # `make -C wpa_supplicant/$(WPAGUI)/icons/'
+ # Not built as part of package build process due to excess build
+ # dependencies of inkscape + imagemagick.
+ #dh_install --package=wpagui debian/wpa_gui/wpa_gui.xpm \
+ # usr/share/pixmaps/
+ #dh_install --package=wpagui debian/wpa_gui/wpa_gui-16.xpm \
+ # usr/share/pixmaps/
+ #dh_installmenu --package=wpagui
+ # wpa_gui menu exec wrapper
+ #install --mode=755 -D debian/wpa_gui/netdev_wrapper \
+ # debian/wpagui/usr/share/wpagui/netdev_wrapper
+
+ # ifupdown
+ install --mode=755 -D debian/ifupdown/ifupdown.sh \
+ debian/wpasupplicant/etc/wpa_supplicant/ifupdown.sh
+ install --mode=755 -D debian/ifupdown/functions.sh \
+ debian/wpasupplicant/etc/wpa_supplicant/functions.sh
+ install --mode=755 -D debian/ifupdown/action_wpa.sh \
+ debian/wpasupplicant/etc/wpa_supplicant/action_wpa.sh
+
+ # wpa_action
+ install --mode=755 -D debian/ifupdown/wpa_action.sh \
+ debian/wpasupplicant/sbin/wpa_action
+
+ # D-Bus
+ install --mode=644 -D wpa_supplicant/dbus-wpa_supplicant.conf \
+ debian/wpasupplicant/etc/dbus-1/system.d/wpa_supplicant.conf
+ install --mode=644 -D wpa_supplicant/dbus-wpa_supplicant.service \
+ debian/wpasupplicant/usr/share/dbus-1/system-services/fi.epitest.hostap.WPASupplicant.service
+
+ # sanitise the example configuration
+ mkdir -p debian/wpasupplicant/usr/share/doc/wpasupplicant
+ sed 's/^\([^#]\+=.*\|}\)/#\1/' < wpa_supplicant/wpa_supplicant.conf \
+ > debian/wpasupplicant/usr/share/doc/wpasupplicant/README.wpa_supplicant.conf
+
+# Build architecture-independent files here.
+binary-indep: install
+
+# Build architecture-dependent files here.
+binary-arch: install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs wpa_supplicant/ChangeLog
+ dh_installdocs
+ dh_installexamples
+ dh_installlogrotate --package=wpasupplicant --name=wpa_action
+ dh_installlogrotate --package=wpasupplicant --name=wpa_supplicant
+ dh_installinit --package=wpasupplicant --name=wpa-ifupdown --no-start -- start 15 0 6 .
+ #dh_installman
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+ dh_installdeb
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean install binary-indep binary-arch binary install
+
+get-git-snapshot:
+ chmod a+rx debian/$@
+ debian/$@ ..
--- /dev/null
+version=3
+http://w1.fi/releases/wpa_supplicant-(.*)\.tar\.gz debian uupdate
--- /dev/null
+#!/bin/sh -e
+
+# Wrapper script to determine if user is a member of the netdev group or not
+# and exec wpa_gui with or without root privileges.
+#
+# Copyright: Copyright (c) 2008, Kel Modderman <kel@otaku42.de>
+# License: GPL-2
+
+WPAGUI=/usr/sbin/wpa_gui
+
+if id -Gn | grep -q -w netdev; then
+ # caller is a member of the netdev group, if instructions in
+ # README.Debian were followed to setup wpa-roam they will find
+ # wpa_gui quite useful
+ exec $WPAGUI "$@"
+elif which su-to-root >/dev/null; then
+ # caller is not a member of netdev group, and thus most
+ # likely requires root for wpa_gui to be useful
+ exec su-to-root -X -c $WPAGUI "$@"
+else
+ # not a member of netdev group and not able to su-to-root, just
+ # exec it and hope for the best ...
+ exec $WPAGUI "$@"
+fi
--- /dev/null
+/* XPM */
+static char *__x__[] = {
+/* columns rows colors chars-per-pixel */
+"16 16 127 2",
+" c black",
+". c gray5",
+"X c gray8",
+"o c #151515",
+"O c gray10",
+"+ c #1B1B1B",
+"@ c #1D1D1D",
+"# c #1E1E1E",
+"$ c #202020",
+"% c gray13",
+"& c #222222",
+"* c #232323",
+"= c gray14",
+"- c #252525",
+"; c gray15",
+": c #272727",
+"> c #282828",
+", c gray16",
+"< c #2A2A2A",
+"1 c gray17",
+"2 c #2C2C2C",
+"3 c #2F2F2F",
+"4 c gray19",
+"5 c #323232",
+"6 c gray20",
+"7 c #343434",
+"8 c #353535",
+"9 c #373737",
+"0 c gray22",
+"q c gray23",
+"w c #3C3C3C",
+"e c gray24",
+"r c #3E3E3E",
+"t c #414141",
+"y c gray26",
+"u c #434343",
+"i c #444444",
+"p c gray27",
+"a c #464646",
+"s c gray28",
+"d c #484848",
+"f c #494949",
+"g c #4B4B4B",
+"h c #4C4C4C",
+"j c gray30",
+"k c #4E4E4E",
+"l c gray31",
+"z c #505050",
+"x c #515151",
+"c c gray32",
+"v c gray33",
+"b c #555555",
+"n c gray34",
+"m c #585858",
+"M c #5A5A5A",
+"N c #5B5B5B",
+"B c gray36",
+"V c gray37",
+"C c #5F5F5F",
+"Z c #606060",
+"A c #626262",
+"S c gray39",
+"D c gray40",
+"F c #676767",
+"G c DimGray",
+"H c #6C6C6C",
+"J c #6D6D6D",
+"K c gray43",
+"L c #6F6F6F",
+"P c #717171",
+"I c #747474",
+"U c #777777",
+"Y c #7B7B7B",
+"T c #7C7C7C",
+"R c #818181",
+"E c gray51",
+"W c gray52",
+"Q c #898989",
+"! c gray55",
+"~ c #8D8D8D",
+"^ c #9B9B9B",
+"/ c gray61",
+"( c gray62",
+") c gray63",
+"_ c #A2A2A2",
+"` c gray64",
+"' c #A4A4A4",
+"] c #A5A5A5",
+"[ c gray65",
+"{ c #A7A7A7",
+"} c #ACACAC",
+"| c gray68",
+" . c gray69",
+".. c #B2B2B2",
+"X. c gray70",
+"o. c gray71",
+"O. c gray72",
+"+. c #BBBBBB",
+"@. c #BCBCBC",
+"#. c gray75",
+"$. c #C0C0C0",
+"%. c #C3C3C3",
+"&. c #C8C8C8",
+"*. c gray79",
+"=. c gray82",
+"-. c #D2D2D2",
+";. c LightGray",
+":. c gray83",
+">. c #E1E1E1",
+",. c #E2E2E2",
+"<. c #E4E4E4",
+"1. c #E6E6E6",
+"2. c #EAEAEA",
+"3. c #ECECEC",
+"4. c gray93",
+"5. c #EEEEEE",
+"6. c gray95",
+"7. c gray96",
+"8. c #F6F6F6",
+"9. c gray97",
+"0. c gray98",
+"q. c #FBFBFB",
+"w. c gray99",
+"e. c #FDFDFD",
+"r. c #FEFEFE",
+"t. c gray100",
+"y. c None",
+/* pixels */
+"y.y.e s x z f a f h n S G F y.y.",
+"y.9 k n g N ! } | ! C c s l M y.",
+"4 e S Z ( 4.t.t.t.t.5.' J M d w ",
+"< i v ( r.<.) Q ~ { 1.r.` C - 7 ",
+"> 5 G e.=.G ) -.:._ K ;.e.K 1 > ",
+"> < O.7.B [ t.3.2.t.{ A 9.@.2 & ",
+"; - ,.+.c w.%.m n $.q.m #.<.; # ",
+"- & q./ j t.W ^ ^ E t.v ( 0.% + ",
+"- % >...6 7.&.< : *.8.7 o.>.% + ",
+": % .6.7 I t.S H t.U 8 6. .& + ",
+"1 % a w.+.2 l m Y L y #.w.s * + ",
+"3 % & E t.] i C K V X.r.R = & O ",
+"$ 4 % * G D t v B v T P - * & o ",
+"y.r % & * , 0 s h i 8 > * * @ y.",
+"y.X 0 q t p d h z c b k u : . y.",
+"y.y.y. y.y.y."
+};
--- /dev/null
+/* XPM */
+static char *__x__[] = {
+/* columns rows colors chars-per-pixel */
+"32 32 183 2",
+" c black",
+". c #060606",
+"X c gray3",
+"o c #191919",
+"O c #1B1B1B",
+"+ c #1E1E1E",
+"@ c gray12",
+"# c #202020",
+"$ c gray13",
+"% c #222222",
+"& c #232323",
+"* c gray14",
+"= c #252525",
+"- c gray15",
+"; c #272727",
+": c #282828",
+"> c gray16",
+", c #2A2A2A",
+"< c gray17",
+"1 c #2C2C2C",
+"2 c #2D2D2D",
+"3 c gray18",
+"4 c #2F2F2F",
+"5 c gray19",
+"6 c #313131",
+"7 c #323232",
+"8 c gray20",
+"9 c #343434",
+"0 c #353535",
+"q c gray21",
+"w c #373737",
+"e c gray22",
+"r c #393939",
+"t c #3A3A3A",
+"y c gray23",
+"u c #3C3C3C",
+"i c gray24",
+"p c #3E3E3E",
+"a c #3F3F3F",
+"s c gray25",
+"d c #414141",
+"f c gray26",
+"g c #434343",
+"h c #444444",
+"j c gray27",
+"k c #464646",
+"l c gray28",
+"z c #484848",
+"x c #494949",
+"c c gray29",
+"v c #4B4B4B",
+"b c #4C4C4C",
+"n c gray30",
+"m c #4E4E4E",
+"M c gray31",
+"N c #505050",
+"B c #515151",
+"V c gray32",
+"C c #535353",
+"Z c gray33",
+"A c #555555",
+"S c #565656",
+"D c #585858",
+"F c gray35",
+"G c #5A5A5A",
+"H c #5B5B5B",
+"J c gray36",
+"K c #5D5D5D",
+"L c gray37",
+"P c #5F5F5F",
+"I c #606060",
+"U c gray38",
+"Y c #626262",
+"T c #646464",
+"R c #656565",
+"E c gray40",
+"W c #676767",
+"Q c #686868",
+"! c DimGray",
+"~ c #6A6A6A",
+"^ c gray42",
+"/ c #6C6C6C",
+"( c #6D6D6D",
+") c gray43",
+"_ c #6F6F6F",
+"` c #717171",
+"' c #727272",
+"] c gray45",
+"[ c #747474",
+"{ c gray46",
+"} c #767676",
+"| c #777777",
+" . c gray47",
+".. c #797979",
+"X. c gray48",
+"o. c #7B7B7B",
+"O. c #7C7C7C",
+"+. c gray49",
+"@. c #7E7E7E",
+"#. c #7F7F7F",
+"$. c #808080",
+"%. c #818181",
+"&. c gray51",
+"*. c #838383",
+"=. c gray52",
+"-. c gray53",
+";. c #888888",
+":. c #898989",
+">. c gray54",
+",. c gray55",
+"<. c #8D8D8D",
+"1. c #8E8E8E",
+"2. c #909090",
+"3. c #939393",
+"4. c gray58",
+"5. c #959595",
+"6. c gray59",
+"7. c #989898",
+"8. c #9A9A9A",
+"9. c #9D9D9D",
+"0. c gray62",
+"q. c #A0A0A0",
+"w. c gray63",
+"e. c #A2A2A2",
+"r. c gray64",
+"t. c #A4A4A4",
+"y. c #A5A5A5",
+"u. c gray66",
+"i. c #AAAAAA",
+"p. c gray67",
+"a. c #ACACAC",
+"s. c gray68",
+"d. c gray69",
+"f. c #B1B1B1",
+"g. c #B2B2B2",
+"h. c gray71",
+"j. c #B6B6B6",
+"k. c #B7B7B7",
+"l. c #B9B9B9",
+"z. c #BBBBBB",
+"x. c gray74",
+"c. c gray",
+"v. c gray75",
+"b. c #C0C0C0",
+"n. c #C1C1C1",
+"m. c #C3C3C3",
+"M. c #C6C6C6",
+"N. c gray81",
+"B. c #D0D0D0",
+"V. c gray82",
+"C. c #D2D2D2",
+"Z. c gray83",
+"A. c gray84",
+"S. c #D7D7D7",
+"D. c #DADADA",
+"F. c gray86",
+"G. c #DDDDDD",
+"H. c gray87",
+"J. c #DFDFDF",
+"K. c gray88",
+"L. c #E1E1E1",
+"P. c #E2E2E2",
+"I. c gray89",
+"U. c #E4E4E4",
+"Y. c #E7E7E7",
+"T. c gray91",
+"R. c #E9E9E9",
+"E. c gray92",
+"W. c gray93",
+"Q. c #EEEEEE",
+"!. c gray94",
+"~. c #F3F3F3",
+"^. c #F4F4F4",
+"/. c gray96",
+"(. c #F6F6F6",
+"). c gray97",
+"_. c #F8F8F8",
+"`. c #F9F9F9",
+"'. c #FBFBFB",
+"]. c gray99",
+"[. c #FDFDFD",
+"{. c gray100",
+"}. c None",
+/* pixels */
+"}.}.}.}.t i d k b V A D J P Y R ! / _ ' } ..O.#.*.@.' U }.}.}.}.",
+"}.}.}.0 e x M B z t 1 : > , , , , , , , > : 1 t z F Y ] E }.}.}.",
+"}.}.5 t v k d q 3 8 u g z N F T T F N l s u 0 2 > q h n R J }.}.",
+"}.4 3 j j F T T ^ ] | -.k.B.U.(.`.Y.V.z.,.o.} ' ^ U B f l P g }.",
+"}.2 y s D U I Q ) O.x._.{.{.{.{.{.{.{.{.`.c.@.` ( Q I m u M l }.",
+"}., i p J J Y E 7.).{.{.{.{.{.{.{.{.{.{.{.{./.9.^ E U F 2 d l }.",
+"}.= s w Z H P 3.'.{.{.{.T.j.q.<.<.r.l.R.{.{.{.].5.T P G ; 6 h }.",
+"}.= w 2 C S <.'.{.{.Q.e.' ] [ { | { [ [ r.W.{.{.'.,.H S 4 # d }.",
+"}.- , 6 m K /.{.{.R.{ W ! #.i.n.m.p.$.^ ! } R.{.{._.Y V 8 $ i }.",
+"}.; # 9 z u.{.{.E./ K R v.[.{.{.{.{.[.b.Q P _ E.{.{.s.b q $ t }.",
+"}.: $ 0 B (.{.{.<.Z H C.{.{.{.{.{.{.{.{.C.K A >.{.{.(.B w $ q }.",
+"}.> $ 9 6.{.{.K.c b a.{.{.{.S.t.r.S.{.{.{.p.m n H.{.{.8.w # 8 }.",
+"}.< $ 6 h.{.{.2.f C ).{.{.y.n n n n t.{.{./.C j 1.{.{.z.0 # 5 }.",
+"}.1 $ = V.{.{.~ u ..{.{.K.j x 0.0.x h J.{.{.+.p ^ {.{.Z.- $ 1 }.",
+"}.2 $ $ !.{.{.j 9 4.{.{.p.u $.{.{.$.y i.{.{.5.w x {.{.Q.$ $ > }.",
+"}.3 $ % `.{.{.0 2 ,.{.{.g.8 H '.'.H 6 f.{.{.:.5 0 {.{.].& $ = }.",
+"}.4 $ $ A.{.{.D * K {.{.Q.7 : u t ; 7 W.{.{.J = D {.{.F.$ $ % }.",
+"}.5 $ $ d.{.{.%.= > P.{.{.M.4 > , 7 M.{.{.I.< = *.{.{.f.% $ @ }.",
+"}.6 $ $ >.{.{.C.- - ] {.{.{.6.a d 5.{.{.{.] ; - N.{.{.;.% $ + }.",
+"}.8 $ % y `.{.{.( - ; 1.{.{.2.S J r.{.{.5.> ; ! {.{.'.a % % + }.",
+"}.9 $ % & 0.{.{.L.e ; 5 L #.D ! o.) ,.X.i 5 0 H.{.{.w.& & % + }.",
+"}.0 $ % & 9 ^.{.{.D.i 0 d N P ) | _ I N f k S.{.{.~.q & & % + }.",
+"}.q $ $ % & } [.{.{.G.h h B P ! ) ! L B B L.{.{.[.{ * & % $ + }.",
+"}.w # $ % & * ] ].{.{.#.h m F Y R Y H M 7.{.{.'._ * * & % $ + }.",
+"}.e 2 $ $ & & * _ Q.T.A d v Z G J G Z b ~ [.).E = * & & $ $ @ }.",
+"}.9 t # $ % % * * : 0 0 p l n B C B n l p a p = * * % % $ @ # }.",
+"}.% d 7 # $ % & & * , 7 t s l c b c l s t 7 , * & & % $ # $ o }.",
+"}. r j 2 $ $ % & * ; 3 q y s g j g s y 0 < = * & % $ % : % }.",
+"}.}.X p m r : $ % % * * = : , 2 2 < > = * * * % % , 4 9 * . }.}.",
+"}.}.}. = j B H L Y R Q ^ _ ' { .O.#.&.=.&.o.[ ( V r O }.}.}.",
+"}.}.}.}. }.}.}.}.",
+"}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}.}."
+};
--- /dev/null
+wpa_supplicant/doc/docbook/wpa_gui.8
--- /dev/null
+?package(wpagui): \
+ needs="X11" \
+ section="Applications/Network/Monitoring" \
+ title="wpa_supplicant user interface" \
+ icon32x32="/usr/share/pixmaps/wpa_gui.xpm" \
+ icon16x16="/usr/share/pixmaps/wpa_gui-16.xpm" \
+ command="/usr/share/wpagui/netdev_wrapper"
--- /dev/null
+wpa_supplicant/README
--- /dev/null
+wpa_supplicant/examples/*.conf
+debian/examples/*.conf
--- /dev/null
+wpa_supplicant/wpa_cli sbin/
+wpa_supplicant/wpa_passphrase usr/bin/
+wpa_supplicant/wpa_supplicant sbin/
--- /dev/null
+etc/wpa_supplicant/ifupdown.sh etc/network/if-pre-up.d/wpasupplicant
+etc/wpa_supplicant/ifupdown.sh etc/network/if-up.d/wpasupplicant
+etc/wpa_supplicant/ifupdown.sh etc/network/if-down.d/wpasupplicant
+etc/wpa_supplicant/ifupdown.sh etc/network/if-post-down.d/wpasupplicant
+etc/wpa_supplicant/action_wpa.sh etc/pm/sleep.d/action_wpa
+etc/wpa_supplicant/action_wpa.sh etc/ifplugd/action.d/action_wpa
+usr/share/doc/wpasupplicant/README.Debian usr/share/doc/wpasupplicant/README.modes
--- /dev/null
+debian/ifupdown/wpa_action.8
+wpa_supplicant/doc/docbook/wpa_background.8
+wpa_supplicant/doc/docbook/wpa_cli.8
+wpa_supplicant/doc/docbook/wpa_passphrase.8
+wpa_supplicant/doc/docbook/wpa_supplicant.8
+wpa_supplicant/doc/docbook/wpa_supplicant.conf.5
--- /dev/null
+#!/bin/sh -e
+# This script can be called in the following ways:
+#
+# After the package was installed:
+# <postinst> configure <old-version>
+#
+#
+# If prerm fails during upgrade or fails on failed upgrade:
+# <old-postinst> abort-upgrade <new-version>
+#
+# If prerm fails during deconfiguration of a package:
+# <postinst> abort-deconfigure in-favour <new-package> <version>
+# removing <old-package> <version>
+#
+# If prerm fails during replacement due to conflict:
+# <postinst> abort-remove in-favour <new-package> <version>
+
+case "$1" in
+ configure)
+ ;;
+ abort-upgrade|abort-deconfigure|abort-remove)
+ ;;
+ *)
+ echo "$0 called with unknown argument \`$1'" 1>&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+exit 0
--- /dev/null
+#!/bin/sh -e
+# This script can be called in the following ways:
+#
+# After the package was removed:
+# <postrm> remove
+#
+# After the package was purged:
+# <postrm> purge
+#
+# After the package was upgraded:
+# <old-postrm> upgrade <new-version>
+# if that fails:
+# <new-postrm> failed-upgrade <old-version>
+#
+#
+# After all of the packages files have been replaced:
+# <postrm> disappear <overwriting-package> <version>
+#
+#
+# If preinst fails during install:
+# <new-postrm> abort-install
+#
+# If preinst fails during upgrade of removed package:
+# <new-postrm> abort-install <old-version>
+#
+# If preinst fails during upgrade:
+# <new-postrm> abort-upgrade <old-version>
+
+case "$1" in
+ remove)
+ ;;
+ purge)
+ # Remove logfiles
+ rm -f /var/log/wpa_action.log* /var/log/wpa_action.*.log*
+ rm -f /var/log/wpa_supplicant.log* /var/log/wpa_supplicant.*.log*
+ ;;
+ upgrade|failed-upgrade|disappear)
+ ;;
+ abort-install|abort-upgrade)
+ ;;
+ *)
+ echo "$0 called with unknown argument \`$1'" 1>&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+exit 0
--- /dev/null
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides: wpa-ifupdown
+# Required-Start: $network
+# Required-Stop: $network $remote_fs
+# Should-Start:
+# Should-Stop:
+# Default-Start:
+# Default-Stop: 0 6
+# Short-Description: Stop wpa_supplicant processes started via ifupdown
+# Description: Run ifdown on interfaces authenticated via
+# wpa_supplicant. Sendsigs terminates wpa_supplicant
+# processes before networking is stopped causing each
+# network interface authenticated via a wpa_supplicant
+# daemon to be terminated abrubtly.
+# Since initscripts package version 2.86.ds1-48 an
+# interface exists to omit process id's from sendsigs. If
+# this interface is present this script is a no-op.
+### END INIT INFO
+
+PATH=/usr/sbin:/usr/bin:/sbin:/bin
+
+test -d /var/run || exit 0
+
+test -x /sbin/ifdown || exit 0
+
+. /lib/lsb/init-functions
+
+stop_wpa_action () {
+ test -x /sbin/wpa_action || return 0
+ IFACES=$(find /var/run -maxdepth 1 -type f -name 'wpa_action.*.pid' -printf '%P\n' | \
+ cut -d'.' -f2 2>/dev/null)
+ if test -n "$IFACES"; then
+ log_daemon_msg "Stopping wpa_action roaming interfaces"
+ for iface in $IFACES; do
+ log_progress_msg "$iface"
+ # wpa_action executes /sbin/ifdown
+ wpa_action "$iface" stop >/dev/null 2>&1
+ done
+ log_end_msg 0
+ fi
+}
+
+stop_wpa_supplicant () {
+ IFACES=$(find /var/run -maxdepth 1 -type f -name 'wpa_supplicant.*.pid' -printf '%P\n' | \
+ grep -v wpa_supplicant.dbus.pid | cut -d'.' -f2 2>/dev/null)
+ if test -n "$IFACES"; then
+ log_daemon_msg "Stopping wpa_supplicant interfaces"
+ for iface in $IFACES; do
+ log_progress_msg "$iface"
+ ifdown "$iface" >/dev/null 2>&1
+ done
+ log_end_msg 0
+ fi
+}
+
+sendsigs_omission_support () {
+ if [ -d /lib/init/rw/sendsigs.omit.d/ ]; then
+ # Debian
+ return 0
+ elif [ -d /var/run/sendsigs.omit.d/ ]; then
+ # Ubuntu, cf. https://bugs.launchpad.net/bugs/181541
+ return 0
+ fi
+
+ return 1
+}
+
+case "$1" in
+ start|restart|force-reload)
+ # No-op
+ ;;
+ stop)
+ if sendsigs_omission_support; then
+ stop_wpa_action
+ else
+ stop_wpa_action
+ stop_wpa_supplicant
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
--- /dev/null
+/var/log/wpa_action.log /var/log/wpa_action.*.log {
+ rotate 5
+ daily
+ compress
+ copytruncate
+ missingok
+}
--- /dev/null
+/var/log/wpa_supplicant.log /var/log/wpa_supplicant.*.log {
+ rotate 5
+ daily
+ compress
+ copytruncate
+ missingok
+}